]>
Commit | Line | Data |
---|---|---|
d7272314 MW |
1 | strongSwan-4.0.0 / R:967 |
2 | ========================== | |
8ba04040 | 3 | |
22ff6f57 MW |
4 | removed IKEV2 ifdefs |
5 | applied patch from andreas | |
6 | added charonstart option to config | |
7 | new ikev2 tests for UML | |
8 | applied patch from andreas | |
9 | pem loading | |
10 | secrets file parsing | |
11 | ikev2 testcase | |
12 | some other additions here and there | |
13 | connection termination is handled cleanly by name now | |
14 | fixed bad bug, certs load now cleanly again | |
15 | fixed make install (subdir order) | |
16 | fixed include path | |
17 | added missing script | |
18 | finished initial import of strongswan file tree | |
19 | removed a lot of old and unused stuff | |
20 | moved RFCs from ikev2 into doc dir | |
21 | added missing files for starter | |
22 | applied patch for charon (this time really) | |
23 | import of strongswan-2.7.0 | |
24 | applied patch for charon | |
25 | renamed get_block_size of hasher | |
26 | reworked usage of IDs in various states | |
27 | using ID_ANY for any, not NULL as before | |
28 | initiator sends IDr payload in IKE_AUTH when ID unique | |
29 | fixed charon checks | |
30 | using status & statusall | |
31 | patch for 2.7.0 | |
32 | add connection names to connections | |
33 | stroke status / ipsec status shows them | |
34 | added statusall for stroke | |
35 | added status by connection name | |
36 | some tests repaired, more to come | |
37 | fixed spi conversion | |
38 | improved "stroke status" output | |
39 | setup PID file after daemon initilization, to correctly inform | |
8ba04040 | 40 | starter about daemon startup |
22ff6f57 MW |
41 | added separate implementation for connection_store, credential_store, policy_store |
42 | added folder structure to config | |
43 | credentials are fetched solely on IDs now | |
44 | identification_t supports now almost all id types | |
45 | x509 certificates work with identification_t now | |
46 | fixes here, fixes there | |
47 | fixed doxygen build | |
48 | seperates now in lib and charon | |
49 | library initialization done at a central point (library.c) | |
50 | some leak_detective fixes | |
51 | updated Todos | |
52 | fixed log-to-syslog behavior | |
53 | added patch against strongswan-2.6.4 | |
54 | x509 certificate loading with pluto asn1 code | |
55 | x509 needs a lot more attention! | |
56 | renamed some files | |
57 | using asn1 pluto stuff now | |
58 | removed, since we use pluto asn1 stuff | |
59 | leak detective is usable, but does not show static function names | |
60 | a script which gets address via ldd and resolves address via addr2line would be nice | |
61 | fixed a leak in child_sa with new detective ;-) | |
62 | some improvements to new asn1 stuff | |
63 | to be continued | |
64 | fixed bad bugs in kernel interface | |
65 | added some logging info | |
66 | works now much more stable | |
67 | startet importing pluto ASN1 stuff | |
68 | der PKCS#1 key loading works (as it did with der_decoder) | |
69 | split up in libstrong, charon, stroke, testing done | |
70 | new leak detective with malloc hook in library | |
71 | useable, but needs improvements | |
72 | logger_manager has now a single instance per library | |
73 | allows use of loggers from any linking prog | |
74 | a LOT of other things | |
8ba04040 | 75 | ../svn-commit.tmp |
22ff6f57 MW |
76 | added misssing stroke.h |
77 | improved strokeing | |
78 | down connection | |
79 | status | |
80 | some other tweaks | |
81 | rewrote a lot of RSA stuff | |
82 | done major work for ASN1/decoder | |
83 | allow loading of ASN1 der encoded private keys, public keys and certificates | |
84 | extracting public key from certificates | |
85 | passing certificates from stroke to charon | |
8ba04040 | 86 | => basic authentication with RSA certificates works! |
22ff6f57 MW |
87 | starter work on asn1 with der de/encoder |
88 | RSA private and public key can load read key from ASN1 DER | |
89 | some other fixes here and there | |
90 | rewrite of logger_manager, uses now one instance per context | |
91 | cleanups for logger here and there | |
92 | removed critical flag check in payload verification (conformance to IKEv2) | |
93 | so thats and theres everywere... ;-) | |
94 | patch for strongswan-2.6.3 | |
95 | added charon support for strongswan build process | |
96 | ipsec starter supports charon startup and control | |
97 | removed old diploma thesis scripts | |
98 | some cleanups | |
99 | compatibility to strongswan, Makefile can be called by "make programs" | |
8ba04040 | 100 | and "make install" (ikev2 patch must be applied to strongswan) |
22ff6f57 MW |
101 | first version of stroke control utility |
102 | moved output to doc/api, since doc is used for other docs now | |
103 | some first documentation in english | |
104 | removed old eclipse project files | |
105 | works quite well now with ipsec.conf & ipsec starter | |
106 | belongs to previous commit ;-) | |
107 | reworked configuration framework completly | |
108 | configuration is now split up in: connections, policies, credentials and daemon config | |
109 | further alloc/free fixes needed! | |
110 | first attempt for connection loading and starting via "stroke" | |
111 | some improvements here and there | |
112 | configuration_manager replaced by configuration_t interface | |
113 | current configuration_manager is now static_configuration (testing) | |
114 | first draft of starter_configuration, which should once interact with ipsec starter (via whack?) | |
115 | some cleanups | |
116 | socket_t uses RAW socket, which allows parallel service of pluto/charon | |
117 | comments and cleanups | |
118 | working policy installation and removal | |
119 | fixed policy setup bug | |
120 | proposal setup implementation begun | |
121 | fixed socket code, so we know on which address we receive traffic | |
122 | AH/ESP setup in kernel is working now!!! :-))) | |
123 | installing of child sa works | |
124 | need correct IP adresses to actually use IPsec | |
125 | new RFCs of IKEv2, IKEv2 algs and IPSec arch added | |
126 | update of IKEv2 clarification document | |
127 | refactored ike proposal | |
128 | uses now proposal_t, wich is also used by child proposals | |
129 | ike key derivation refactored | |
130 | crypter_t api has get_key_size now | |
131 | some other improvements here and there | |
132 | config uses uml hosts alice and bob | |
133 | key derivation for child_sa works | |
134 | some fixes here and there | |
135 | fixed memleaks | |
136 | works with new proposal code | |
137 | still some(!) memleaks | |
138 | fixed alot of bugs in child_proposal | |
139 | near to working state ;-) | |
140 | dead end implementation | |
8ba04040 | 141 | |
22ff6f57 | 142 | ... there is a lot more of it, but nothing of interest |