2013-03-01 |
Martin Willi | Merge branch 'multi-cert'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'systime'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'ikev1-rekeying'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'vip-shunts'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'opaque-ports'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | When running with an unprivileged user, initialize...
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Without MOBIKE, update remote host only if it is behind NAT
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'ikev1-mm-retransmits'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Merge branch 'tfc-notify'
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Send ESP_TFC_PADDING_NOT_SUPPORTED if the used kernel...
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Indicate support for processing ESPv3 TFC padding in...
|
commit | commitdiff | tree |
2013-03-01 |
Martin Willi | Introduce "features" for the kernel backends returning...
|
commit | commitdiff | tree |
2013-02-25 |
Martin Willi | For IKEv1 Main Mode, use message hash to detect early...
|
commit | commitdiff | tree |
2013-02-25 |
Martin Willi | Move initial message dropping to task manager
|
commit | commitdiff | tree |
2013-02-25 |
Martin Willi | Use INIT macro to initialize IKE_SA manager entries
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Don't reject OPAQUE ports while verifying traffic selector...
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Document ipsec.conf leftprotoport extensions in manpage
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Optionally support port ranges in leftprotoport
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Support %opaque keyword in leftprotoport for "opaque...
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Pass complete port range over stroke interface for...
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Use a complete port range in traffic_selector_create_from_...
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Print OPAQUE traffic selectors as what they are, not...
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Support "opaque" ports in traffic selector subset calculation
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Slightly refactor traffic_selector_t.get_subset()
|
commit | commitdiff | tree |
2013-02-21 |
Martin Willi | Migrate remaining traffic selector methods to METHOD...
|
commit | commitdiff | tree |
2013-02-20 |
Martin Willi | Install a route for shunt policies
|
commit | commitdiff | tree |
2013-02-20 |
Martin Willi | Include local address for Unity Split-Exclude shunt...
|
commit | commitdiff | tree |
2013-02-20 |
Martin Willi | After IKEv1 reauthentication, reinstall VIP routes...
|
commit | commitdiff | tree |
2013-02-20 |
Martin Willi | When detecting a duplicate IKEv1 SA, adopt children...
|
commit | commitdiff | tree |
2013-02-19 |
Martin Willi | systime-fix disables certificate lifetime validation...
|
commit | commitdiff | tree |
2013-02-19 |
Martin Willi | Add a stub for systime-fix, a plugin handling certificate...
|
commit | commitdiff | tree |
2013-02-19 |
Martin Willi | Add a cert_validator hook allowing plugins to provide...
|
commit | commitdiff | tree |
2013-02-19 |
Martin Willi | Make cert_validator_t.validate optional to implement
|
commit | commitdiff | tree |
2013-02-19 |
Martin Willi | Fix encoding of issuerAndSubject while handling SCEP...
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add a timeout to clean up PDP RADIUS connections
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Keep the PDP connections lock while accessing its objects
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add locking to TNC-PDP connections
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add IF-M message subtype getter to IMC/IMV messages
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Use a generic constructor to create PA-TNC error attributes
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add a global return_success() method implementation
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add a convenience method to check pen_type_t for vendor...
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Add a comparison function for pen_type_t
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Whitespace and comment cleanups in pen.[ch]
|
commit | commitdiff | tree |
2013-02-14 |
Andreas Steffen | resolve dependency on libtls
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Merge branch 'ike-dscp'
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Check if recommendations is set before applying language...
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | PT-TLS dispatcher TNCCS constructor takes peer identities...
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Merge branch 'pt-tls'
|
commit | commitdiff | tree |
2013-02-14 |
Martin Willi | Remove leading zeros in SCEP certificate serialNumbers
|
commit | commitdiff | tree |
2013-02-08 |
Martin Willi | Add a --httptimeout option to scepclient
|
commit | commitdiff | tree |
2013-02-08 |
Martin Willi | Use CURL_TIMEOUT and not CURL_CONNECTTIMEOUT for FETCHER_TIM...
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Add ikedscp documentation to ipsec.conf.5
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Add a ikedscp ipsec.conf option to set DSCP value on...
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Set configured DSCP value while generating IKE packets
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Add a DSCP configuration value to IKE configs
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Set DSCP values when sending IP packets in socket-default
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Don't send a packet in default socket if family is...
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Add a DSCP value with getter/setter on packet_t
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Avoid extensive casting of sockaddr types in socket...
|
commit | commitdiff | tree |
2013-02-06 |
Martin Willi | Set sockaddr family on ifreq instead of casted familiy...
|
commit | commitdiff | tree |
2013-01-22 |
Martin Willi | Encode IETF Numeric Version Service Pack Version with...
|
commit | commitdiff | tree |
2013-01-21 |
Martin Willi | Filter TS list for Split-Includes before printing them...
|
commit | commitdiff | tree |
2013-01-18 |
Martin Willi | After merging the used trustchain with config, move...
|
commit | commitdiff | tree |
2013-01-18 |
Martin Willi | Add ipsec.conf.5 updates regarding multiple certificates...
|
commit | commitdiff | tree |
2013-01-18 |
Martin Willi | Try to build a trustchain for all configured certificates...
|
commit | commitdiff | tree |
2013-01-18 |
Martin Willi | Load multiple comma seperarated certificates in the...
|
commit | commitdiff | tree |
2013-01-18 |
Martin Willi | Make AUTH_RULE_SUBJECT cert multi-valued
|
commit | commitdiff | tree |
2013-01-17 |
Martin Willi | Pass a constructor callback to create TNCCS server...
|
commit | commitdiff | tree |
2013-01-16 |
Martin Willi | Create pt_tls_client with separate server address and...
|
commit | commitdiff | tree |
2013-01-16 |
Martin Willi | Create pt_tls_dispatcher with separate server address...
|
commit | commitdiff | tree |
2013-01-16 |
Martin Willi | Add a libpttls providing NEA PT-TLS / TNC IF-T for...
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Send TLS close notify during tls_socket_t destruction
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Send TLS close notify if application returns SUCCESS
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Block TLS read when sending data, but have to wait...
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | TNCCS plugins don't depend on EAP-TNC, but can be used...
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Add a bio_reader_t constructor variant freeing passed...
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Use a more POSIXy tls_socket interface with more flexibility.
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Add a chunk_from_str() initializer that does not include...
|
commit | commitdiff | tree |
2013-01-15 |
Martin Willi | Reseed rdrand after every 128bit sample only
|
commit | commitdiff | tree |
2013-01-14 |
Martin Willi | Don't handle right=%any6 as "loose" identity, but as...
|
commit | commitdiff | tree |
2013-01-14 |
Martin Willi | Respect given address family when resolving "%any"
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Don't use bio_writer_t.skip() to write length field...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Add rdrand NEWS
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Use raw opcodes for rdrand to build with older binutils
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Provide RNG_TRUE quality in rdrand by mixing reseeded...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Provide RNG_STRONG quality in rdrand by forcing PRNG...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Provide RNG_WEAK quality random generator in rdrand
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Add a rdrand plugin stub detecting availability of...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Add NEWS about improved Windows IKEv1 compatibility
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Streamline debug output when receiving intermediate...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Refactored IKEv2 cert/certreq payload processing to...
|
commit | commitdiff | tree |
2013-01-11 |
Martin Willi | Refactored IKEv1 cert payload processing to multiple...
|
commit | commitdiff | tree |
2013-01-11 |
Volker Rümelin | IKEv1 support for PKCS#7 wrapped certificates
|
commit | commitdiff | tree |
2013-01-11 |
Volker Rümelin | Fixed some typos in comments
|
commit | commitdiff | tree |
2013-01-08 |
Thomas Klute | conftest: Add support for time_format and ike_name...
|
commit | commitdiff | tree |
2013-01-08 |
Thomas Klute | conftest: Fix log level settings for stdout
|
commit | commitdiff | tree |
2013-01-08 |
Thomas Klute | conftest: Make outgoing sequence number set by reset_seq...
|
commit | commitdiff | tree |
2013-01-03 |
Martin Willi | Include opensslconf.h before checking its defines
|
commit | commitdiff | tree |
2013-01-03 |
Martin Willi | Don't build OpenSSL PKCS#7 code if OPENSSL_NO_CMS defined
|
commit | commitdiff | tree |
2012-12-24 |
Martin Willi | Add parantheses to avoid compiler warning
|
commit | commitdiff | tree |
next |