sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-12-07 00:00:13 -05:00
Code Issues Projects Releases Wiki Activity
8,208 Commits 104 Branches 331 Tags
Commit Graph

8208 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Andreas Steffen
e9f32b010a first use of libradius 2012-03-13 16:27:17 +01:00
Andreas Steffen
21b0f216b9 created libradius shared by eap-radius and tnc-pdp plugins 2012-03-13 16:27:17 +01:00
Andreas Steffen
70fd2d1af7 created tnc-pdp policy decision point plugin 2012-03-13 16:27:16 +01:00
Martin Willi
bc403eb1e5 Fixed crash and locking issues while unrouting connections via stroke 2012-03-13 10:56:22 +01:00
Tobias Brunner
cd6b5bf8e9 Clear peer addresses during HA update. 2012-03-09 10:30:37 +01:00
Tobias Brunner
72b2811204 Simplified some route lookups now that we store all peer addresses in a list. 2012-03-09 10:22:21 +01:00
Tobias Brunner
94bbc60256 Renamed list of additional peer addresses as it now stores all known addresses. 2012-03-09 10:17:42 +01:00
Tobias Brunner
2fe624cca9 Store the peer's current address as additional known address on the IKE_SA. 
This allows to switch back to the original address after switching to
any of the additional addresses.
 2012-03-09 10:08:41 +01:00
Martin Willi
4bbd943038 Include radattr RADIUS attribute only if an EAP payload is present 2012-03-06 16:08:32 +01:00
Martin Willi
bb0b203186 By default include radattr RADIUS attribute in any IKE_AUTH exchange 2012-03-06 16:08:29 +01:00
Martin Willi
45f20f8a79 farp plugin sends ARP responses for any tunneled address, not only virtual IPs 2012-03-06 16:06:33 +01:00
Martin Willi
21796bac9a Be less verbose if we don't have a local address for a tunnel 2012-03-06 16:05:58 +01:00
Martin Willi
4d7a2128b6 Re-resolve hosts on additional keyingtries 2012-03-06 16:05:28 +01:00
Martin Willi
d1fbb0a4b3 Renamed radius_server to radius_config, as some real RADIUS server functionality is coming 2012-03-05 18:31:30 +01:00
Martin Willi
2e3615e4ad Prefer EAP-Identity to read radattr RADIUS attribute file 2012-03-05 18:08:04 +01:00
Martin Willi
4cd176d525 Invoke ike_updown hook on authentication failure not before response sent 2012-03-05 18:08:04 +01:00
Martin Willi
0853ff39c5 Build libradius if radattr plugin is enabled 2012-03-05 18:08:04 +01:00
Martin Willi
3ccc8a191c Inject RADIUS attribute in radattr plugin read from an identity specific file 2012-03-05 18:08:04 +01:00
Martin Willi
caf4b88efc Added a radattr plugin that prints any received RADIUS notify to console 2012-03-05 18:08:04 +01:00
Martin Willi
f0f94e2ce6 Moved generic RADIUS protocol support to a dedicated libradius 2012-03-05 18:08:04 +01:00
Martin Willi
990fda9d88 Removed libcharon dependencies from generic RADIUS protocol support 2012-03-05 18:06:15 +01:00
Martin Willi
99cb353968 Forward specifcied RADIUS attributes between AAA backend and client 2012-03-05 18:06:15 +01:00
Martin Willi
007d5b9218 Defined a private status notify to transport arbitrary RADIUS attributes 2012-03-05 18:06:14 +01:00
Martin Willi
c158ccd960 Implemented RADIUS DAE response retransmission 2012-03-05 18:06:14 +01:00
Martin Willi
fbaf5cd213 Be a little more verbose before starting IKE_SA reauthentication 2012-03-05 18:06:14 +01:00
Martin Willi
4d19f7c5bf Process RADIUS DAE CoA updates, updating lifetimes 2012-03-05 18:06:14 +01:00
Martin Willi
a07b69734b Send an AUTH_LIFETIME update after updating the lifetime, but can not reauth actively 2012-03-05 18:06:14 +01:00
Martin Willi
d23c159658 Use faster ike_sa_id and a delete job to handle RADIUS DAE Delete-Request 2012-03-05 18:06:14 +01:00
Martin Willi
245e3c52a2 Refactored RADIUS DAE IKE_SA lookup 2012-03-05 18:06:14 +01:00
Martin Willi
964b0c144e Pass RADIUS DAE client address a host_t instead of sockaddr struct 2012-03-05 18:06:14 +01:00
Martin Willi
9756c143f0 Send RADIUS DAE Disconnect-ACK/NAK on Disconnect-Request 2012-03-05 18:06:14 +01:00
Martin Willi
392618d4ec Support signing of RADIUS response messages 2012-03-05 18:06:13 +01:00
Martin Willi
2bf3858955 Act on RADIUS DAE Disconnect requests 2012-03-05 18:06:13 +01:00
Martin Willi
76b6b19f8d Verify received RADIUS DAE requests 2012-03-05 18:06:13 +01:00
Martin Willi
e8a8179706 Support verification of RADIUS request messages 2012-03-05 18:06:13 +01:00
Martin Willi
3bc1829211 Rename RADIUS message constructors to handle both, requests and responses 2012-03-05 18:06:13 +01:00
Martin Willi
6319ce63cf Enable RADIUS DAE listening if configured 2012-03-05 18:06:13 +01:00
Martin Willi
85932ad24e Added infrastructure to listen to RADIUS Dynamic Authorization Extension requests 2012-03-05 18:06:13 +01:00
Martin Willi
3a42c08904 Added Dynamic Authorization Extension RADIUS message codes 2012-03-05 18:06:13 +01:00
Martin Willi
c61341a58f Set IKE_SA lifetime based on RADIUS Session-Timeout attribute 2012-03-05 18:06:13 +01:00
Martin Willi
bdcf441703 Set hard timeouts when setting a lifetime 2012-03-05 18:06:13 +01:00
Martin Willi
e9fcf1c6cc Fix IKE_SA timeout debug output on 64bit platforms 2012-03-05 18:06:13 +01:00
Tobias Brunner
0808d60ebf maemo: New upstream release. 2012-02-27 18:15:51 +01:00
Tobias Brunner
686cfd4e34 Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595. 
This requires a Linux kernel >= 2.6.33.
 2012-02-27 14:31:19 +01:00
Martin Willi
3a2660f189 Encode IPv6 virtual IPs in a Framed-IPv6-Prefix attribute 2012-02-24 11:20:16 +01:00
Martin Willi
d15ae70c8c Refactored construction of RADIUS accounting messages 2012-02-24 11:12:18 +01:00
Martin Willi
d93f204ca5 Include port numbers in Calling-Station-Id, too 2012-02-24 10:49:29 +01:00
Martin Willi
802ed08dff Use large enough buffers for IPv6 addresses in Calling-Station-Id 2012-02-24 10:13:08 +01:00
Martin Willi
434cdbac09 Send client external address as Calling-Station-Id in RADIUS accounting 2012-02-24 10:05:23 +01:00
Andreas Steffen
f3d6b9c88c added missing x character 2012-02-21 16:29:35 +01:00