]>
Commit | Line | Data |
---|---|---|
17b29683 | 1 | strongSwan-4.0.0 / Revision: 967 |
8ba04040 MW |
2 | ================================== |
3 | ||
8ba04040 MW |
4 | - removed IKEV2 ifdefs |
5 | - applied patch from andreas | |
6 | - added charonstart option to config | |
7 | - new ikev2 tests for UML | |
8 | - applied patch from andreas | |
9 | - pem loading | |
10 | - secrets file parsing | |
11 | - ikev2 testcase | |
12 | - some other additions here and there | |
13 | - connection termination is handled cleanly by name now | |
14 | - fixed bad bug, certs load now cleanly again | |
15 | - fixed make install (subdir order) | |
16 | - fixed include path | |
17 | - added missing script | |
18 | - finished initial import of strongswan file tree | |
19 | - removed a lot of old and unused stuff | |
20 | - moved RFCs from ikev2 into doc dir | |
21 | - added missing files for starter | |
22 | - applied patch for charon (this time really) | |
23 | - import of strongswan-2.7.0 | |
24 | - applied patch for charon | |
25 | - renamed get_block_size of hasher | |
26 | - reworked usage of IDs in various states | |
27 | - using ID_ANY for any, not NULL as before | |
28 | - initiator sends IDr payload in IKE_AUTH when ID unique | |
29 | - fixed charon checks | |
30 | - using status & statusall | |
31 | - patch for 2.7.0 | |
32 | - add connection names to connections | |
33 | - stroke status / ipsec status shows them | |
34 | - added statusall for stroke | |
35 | - added status by connection name | |
36 | - some tests repaired, more to come | |
37 | - fixed spi conversion | |
38 | - improved "stroke status" output | |
39 | - setup PID file after daemon initilization, to correctly inform | |
40 | starter about daemon startup | |
41 | - added separate implementation for connection_store, credential_store, policy_store | |
42 | - added folder structure to config | |
43 | - credentials are fetched solely on IDs now | |
44 | - identification_t supports now almost all id types | |
45 | - x509 certificates work with identification_t now | |
46 | - fixes here, fixes there | |
47 | - fixed doxygen build | |
48 | - seperates now in lib and charon | |
49 | - library initialization done at a central point (library.c) | |
50 | - some leak_detective fixes | |
51 | - updated Todos | |
52 | - fixed log-to-syslog behavior | |
53 | - added patch against strongswan-2.6.4 | |
54 | - x509 certificate loading with pluto asn1 code | |
55 | - x509 needs a lot more attention! | |
56 | - renamed some files | |
57 | - using asn1 pluto stuff now | |
58 | - removed, since we use pluto asn1 stuff | |
59 | - leak detective is usable, but does not show static function names | |
60 | - a script which gets address via ldd and resolves address via addr2line would be nice | |
61 | - fixed a leak in child_sa with new detective ;-) | |
62 | - some improvements to new asn1 stuff | |
63 | - to be continued | |
64 | - fixed bad bugs in kernel interface | |
65 | - added some logging info | |
66 | - works now much more stable | |
67 | - startet importing pluto ASN1 stuff | |
68 | - der PKCS#1 key loading works (as it did with der_decoder) | |
69 | - split up in libstrong, charon, stroke, testing done | |
70 | - new leak detective with malloc hook in library | |
71 | - useable, but needs improvements | |
72 | - logger_manager has now a single instance per library | |
73 | - allows use of loggers from any linking prog | |
74 | - a LOT of other things | |
75 | ../svn-commit.tmp | |
76 | - added misssing stroke.h | |
77 | - improved strokeing | |
78 | - down connection | |
79 | - status | |
80 | - some other tweaks | |
81 | - rewrote a lot of RSA stuff | |
82 | - done major work for ASN1/decoder | |
83 | - allow loading of ASN1 der encoded private keys, public keys and certificates | |
84 | - extracting public key from certificates | |
85 | - passing certificates from stroke to charon | |
86 | => basic authentication with RSA certificates works! | |
87 | - starter work on asn1 with der de/encoder | |
88 | - RSA private and public key can load read key from ASN1 DER | |
89 | - some other fixes here and there | |
90 | - rewrite of logger_manager, uses now one instance per context | |
91 | - cleanups for logger here and there | |
92 | - removed critical flag check in payload verification (conformance to IKEv2) | |
93 | - so thats and theres everywere... ;-) | |
94 | - patch for strongswan-2.6.3 | |
95 | - added charon support for strongswan build process | |
96 | - ipsec starter supports charon startup and control | |
97 | - removed old diploma thesis scripts | |
98 | - some cleanups | |
99 | - compatibility to strongswan, Makefile can be called by "make programs" | |
100 | and "make install" (ikev2 patch must be applied to strongswan) | |
101 | - first version of stroke control utility | |
102 | - moved output to doc/api, since doc is used for other docs now | |
103 | - some first documentation in english | |
104 | - removed old eclipse project files | |
105 | - works quite well now with ipsec.conf & ipsec starter | |
106 | - belongs to previous commit ;-) | |
107 | - reworked configuration framework completly | |
108 | - configuration is now split up in: connections, policies, credentials and daemon config | |
109 | - further alloc/free fixes needed! | |
110 | - first attempt for connection loading and starting via "stroke" | |
111 | - some improvements here and there | |
112 | - configuration_manager replaced by configuration_t interface | |
113 | - current configuration_manager is now static_configuration (testing) | |
114 | - first draft of starter_configuration, which should once interact with ipsec starter (via whack?) | |
115 | - some cleanups | |
116 | - socket_t uses RAW socket, which allows parallel service of pluto/charon | |
117 | - comments and cleanups | |
118 | - working policy installation and removal | |
119 | - fixed policy setup bug | |
120 | - proposal setup implementation begun | |
121 | - fixed socket code, so we know on which address we receive traffic | |
122 | - AH/ESP setup in kernel is working now!!! :-))) | |
123 | - installing of child sa works | |
124 | - need correct IP adresses to actually use IPsec | |
125 | - new RFCs of IKEv2, IKEv2 algs and IPSec arch added | |
126 | - update of IKEv2 clarification document | |
127 | - refactored ike proposal | |
128 | - uses now proposal_t, wich is also used by child proposals | |
129 | - ike key derivation refactored | |
130 | - crypter_t api has get_key_size now | |
131 | - some other improvements here and there | |
132 | - config uses uml hosts alice and bob | |
133 | - key derivation for child_sa works | |
134 | - some fixes here and there | |
135 | - fixed memleaks | |
136 | - works with new proposal code | |
137 | - still some(!) memleaks | |
138 | - fixed alot of bugs in child_proposal | |
139 | - near to working state ;-) | |
140 | - dead end implementation | |
141 | ||
142 | - ... there is a lot more of it, but | |
143 | nothing of interest |