]>
git.ipfire.org Git - thirdparty/strongswan.git/log
Martin Willi [Thu, 26 Jul 2012 10:39:53 +0000 (12:39 +0200)] 
Show which group would be required when failing in constraint check
Martin Willi [Thu, 26 Jul 2012 10:38:34 +0000 (12:38 +0200)]
Don't add ANY identity constraint to auth config, as XAuth rounds don't use one
Martin Willi [Thu, 26 Jul 2012 10:07:48 +0000 (12:07 +0200)]
Merge auth config items added from XAuth backends to IKE_SA
Martin Willi [Thu, 26 Jul 2012 09:49:46 +0000 (11:49 +0200)]
Add an ipsec.conf leftgroups2 parameter for the second authentication round
Andreas Steffen [Mon, 23 Jul 2012 20:19:20 +0000 (22:19 +0200)] 
IMA SHA1 file measurement is not needed any more
Andreas Steffen [Mon, 23 Jul 2012 20:17:53 +0000 (22:17 +0200)]
fixed typo
Martin Willi [Mon, 23 Jul 2012 15:13:20 +0000 (17:13 +0200)]
Release leaking child config after uninstalling shunt policy
Andreas Steffen [Mon, 23 Jul 2012 11:04:28 +0000 (13:04 +0200)]
moved PA-TNC message logging to level 1
Andreas Steffen [Mon, 23 Jul 2012 10:51:37 +0000 (12:51 +0200)]
transport IMA file info via PTS Component Evidence Policy URI
Andreas Steffen [Sun, 22 Jul 2012 07:29:39 +0000 (09:29 +0200)]
ipsec attest now deletes file hashes
Andreas Steffen [Sat, 21 Jul 2012 14:43:24 +0000 (16:43 +0200)]
buffer PA-TNC attributes until Generate Attestation Evidence attribute is received
Andreas Steffen [Sat, 21 Jul 2012 13:58:08 +0000 (15:58 +0200)]
allow --rel as an abbreviation for --relative
Andreas Steffen [Sat, 21 Jul 2012 13:56:39 +0000 (15:56 +0200)]
moved all shadow PCR stuff to the pts_pcr class
Martin Willi [Fri, 20 Jul 2012 14:14:29 +0000 (16:14 +0200)]
Support Unity split-include/exclude options in attr plugin
Martin Willi [Thu, 19 Jul 2012 12:48:37 +0000 (14:48 +0200)]
Don't print hexdumps on loglevel 1 if hash verification fails
Andreas Steffen [Fri, 20 Jul 2012 12:57:28 +0000 (14:57 +0200)]
created a pts_pcr class for PCR computations
Andreas Steffen [Fri, 20 Jul 2012 12:04:16 +0000 (14:04 +0200)]
renamed build_database.sh to build-database.sh
Andreas Steffen [Thu, 19 Jul 2012 16:27:08 +0000 (18:27 +0200)]
why the hell do firefox, thunderbird and acroread their own Linux libraries?
Martin Willi [Thu, 19 Jul 2012 06:28:07 +0000 (08:28 +0200)]
Add a libstrongswan-dev debian package with development headers
Martin Willi [Thu, 19 Jul 2012 06:44:55 +0000 (08:44 +0200)]
Pass CC/CFLAGS to ./configure, not to make, adding -include config.h
Martin Willi [Tue, 3 Jul 2012 08:59:05 +0000 (10:59 +0200)]
Upgraded our Debian package to 5.0
Andreas Steffen [Thu, 19 Jul 2012 11:49:20 +0000 (13:49 +0200)]
added some multiply defined libraries
Andreas Steffen [Thu, 19 Jul 2012 11:48:32 +0000 (13:48 +0200)]
queries with relative filenames might return multiple results
Andreas Steffen [Wed, 18 Jul 2012 20:00:58 +0000 (22:00 +0200)]
updated build_database.sh
Andreas Steffen [Wed, 18 Jul 2012 20:00:35 +0000 (22:00 +0200)]
added index to files table
Andreas Steffen [Wed, 18 Jul 2012 11:55:08 +0000 (13:55 +0200)]
updated build_database.sh
Martin Willi [Wed, 18 Jul 2012 14:46:05 +0000 (16:46 +0200)]
Fix EAP-MSCHAPv2 master key derivation, broken with
87dd205b
Martin Willi [Wed, 18 Jul 2012 13:35:40 +0000 (15:35 +0200)]
Remove debugging leftovers
Martin Willi [Wed, 18 Jul 2012 10:28:16 +0000 (12:28 +0200)]
Add a SHA1 test vector forcing padding over block boundary
Andreas Steffen [Wed, 18 Jul 2012 09:33:39 +0000 (11:33 +0200)]
builds an Ubuntu 12.04 LTS measurement database
Andreas Steffen [Wed, 18 Jul 2012 09:32:24 +0000 (11:32 +0200)]
minor fixes in attest
Martin Willi [Tue, 17 Jul 2012 15:11:01 +0000 (17:11 +0200)]
Add a tool to burn hashers
Martin Willi [Tue, 17 Jul 2012 15:31:02 +0000 (17:31 +0200)]
Use centralized hasher names in pki utility
Martin Willi [Tue, 17 Jul 2012 15:30:47 +0000 (17:30 +0200)]
Use centralized hasher names in coupling plugin
Martin Willi [Tue, 17 Jul 2012 15:30:23 +0000 (17:30 +0200)]
Use centralized hasher names in openssl plugin
Martin Willi [Tue, 17 Jul 2012 13:35:02 +0000 (15:35 +0200)]
Add short names for hasher algorithms
Andreas Steffen [Tue, 17 Jul 2012 14:38:55 +0000 (16:38 +0200)]
various PTS fixes
Andreas Steffen [Tue, 17 Jul 2012 11:44:02 +0000 (13:44 +0200)]
parcel IMA file measurements into batches
Andreas Steffen [Tue, 17 Jul 2012 11:42:58 +0000 (13:42 +0200)]
register _check_file_measurement() method
Martin Willi [Tue, 17 Jul 2012 09:32:13 +0000 (11:32 +0200)]
Fix tls_prf bug introduced with
bc474883
Andreas Steffen [Tue, 17 Jul 2012 09:16:11 +0000 (11:16 +0200)]
check IMA file measurements against database reference
Martin Willi [Tue, 17 Jul 2012 08:58:53 +0000 (10:58 +0200)]
Support void return values in OpenSSL 0.9.8 HMAC functions
Andreas Steffen [Mon, 16 Jul 2012 20:54:38 +0000 (22:54 +0200)]
handled return values in tnc-pdp
Andreas Steffen [Mon, 16 Jul 2012 20:44:45 +0000 (22:44 +0200)]
fixed potential hasher problem in IMA template hash
Andreas Steffen [Mon, 16 Jul 2012 20:39:34 +0000 (22:39 +0200)]
fixed potential hasher problems
Andreas Steffen [Mon, 16 Jul 2012 16:08:49 +0000 (18:08 +0200)]
use a nonce for a PA-TNC message identifier
Andreas Steffen [Mon, 16 Jul 2012 15:14:27 +0000 (17:14 +0200)]
ipsec attest supports ima template hashes
Martin Willi [Tue, 10 Jul 2012 13:11:25 +0000 (15:11 +0200)]
Handle PRF failures in eap-aka-3gpp2
Martin Willi [Tue, 10 Jul 2012 12:51:17 +0000 (14:51 +0200)]
Refactored error handling in keymat_v1_t
Martin Willi [Tue, 10 Jul 2012 12:28:08 +0000 (14:28 +0200)]
Clean up error handling in keymat_v2_t
Martin Willi [Tue, 10 Jul 2012 12:24:46 +0000 (14:24 +0200)]
Cleaned up memory management and return values for encryption payload
Martin Willi [Tue, 10 Jul 2012 11:37:59 +0000 (13:37 +0200)]
Fix memory management in SIM/AKA crypto functions
Martin Willi [Tue, 10 Jul 2012 11:19:36 +0000 (13:19 +0200)]
Test reset() of hasher in crypto tester
Martin Willi [Tue, 10 Jul 2012 07:49:38 +0000 (09:49 +0200)]
Refactored error handling in crypto tester
Martin Willi [Tue, 10 Jul 2012 07:07:13 +0000 (09:07 +0200)]
Set a key before benching PRFs
Martin Willi [Tue, 10 Jul 2012 07:06:15 +0000 (09:06 +0200)]
Resetting OpenSSL HMAC with NULL key reuses existing key
Martin Willi [Tue, 10 Jul 2012 07:03:38 +0000 (09:03 +0200)]
Make sure HMAC_Init is called before HMAC_Update, fixes crash
Martin Willi [Mon, 9 Jul 2012 15:55:52 +0000 (17:55 +0200)]
Check and forward syscall errors in AF_ALG
Martin Willi [Mon, 9 Jul 2012 15:26:14 +0000 (17:26 +0200)]
Add a return value to hasher_t.reset()
Martin Willi [Mon, 9 Jul 2012 15:15:52 +0000 (17:15 +0200)]
Add a return value to hasher_t.allocate_hash()
Martin Willi [Mon, 9 Jul 2012 14:27:09 +0000 (16:27 +0200)]
Add a return value to keymat_v1_t.{get,update,confirm}_iv
Martin Willi [Mon, 9 Jul 2012 13:33:41 +0000 (15:33 +0200)]
Add a return value to hasher_t.get_hash()
Martin Willi [Fri, 6 Jul 2012 14:57:17 +0000 (16:57 +0200)]
Add a return value to crypter_t.set_key()
Martin Willi [Fri, 6 Jul 2012 14:11:15 +0000 (16:11 +0200)]
Add a return value to crypter_t.decrypt()
Martin Willi [Fri, 6 Jul 2012 13:54:03 +0000 (15:54 +0200)]
Add a return value to crypter_t.encrypt
Martin Willi [Fri, 6 Jul 2012 12:45:17 +0000 (14:45 +0200)]
Identation fixes, warn about unused nonce_gen return values
Martin Willi [Fri, 6 Jul 2012 12:40:04 +0000 (14:40 +0200)]
Add a return value to mac_t.set_key()
Martin Willi [Fri, 6 Jul 2012 12:34:11 +0000 (14:34 +0200)]
Add a return value to mac_t.get_bytes()
Martin Willi [Fri, 6 Jul 2012 12:17:01 +0000 (14:17 +0200)]
Check rng return value when generating libfast session COOKIEs
Martin Willi [Fri, 6 Jul 2012 12:05:49 +0000 (14:05 +0200)]
Initialize conftest with the same plugins as charon
Martin Willi [Fri, 6 Jul 2012 12:05:14 +0000 (14:05 +0200)]
Remove unused replay variable in conftests seq number reset hook
Martin Willi [Fri, 6 Jul 2012 12:00:01 +0000 (14:00 +0200)]
Update conftest to use splitted listener/logger interfaces
Martin Willi [Fri, 6 Jul 2012 11:55:42 +0000 (13:55 +0200)]
Check rng return value when generating TLS session identifiers
Martin Willi [Fri, 6 Jul 2012 11:52:57 +0000 (13:52 +0200)]
Check rng return value when generating SIM/AKA message IVs
Martin Willi [Fri, 6 Jul 2012 11:52:30 +0000 (13:52 +0200)]
Check rng return value when generating radius message authenticator
Tobias Brunner [Mon, 25 Jun 2012 14:04:40 +0000 (16:04 +0200)] 
Check rng return value when generating secrets and IVs in libtls
Tobias Brunner [Fri, 6 Jul 2012 08:18:00 +0000 (10:18 +0200)]
Check rng return value when generating identity in eap-simaka-reauth plugin
Tobias Brunner [Fri, 6 Jul 2012 08:11:21 +0000 (10:11 +0200)]
Check rng return value when generating pseudonym in eap-simaka-pseudonym plugin
Tobias Brunner [Fri, 6 Jul 2012 08:09:25 +0000 (10:09 +0200)]
Check rng return value when generating nonces in eap-aka plugin
Tobias Brunner [Fri, 6 Jul 2012 08:02:41 +0000 (10:02 +0200)]
Check rng return value when generating nonces in eap-sim plugin
Tobias Brunner [Mon, 25 Jun 2012 14:08:11 +0000 (16:08 +0200)]
Check rng return value when generating nonces in libpts
Tobias Brunner [Mon, 25 Jun 2012 13:58:50 +0000 (15:58 +0200)]
Check rng return value when generating RAND in eap-aka-3gpp2 plugin
Tobias Brunner [Mon, 25 Jun 2012 13:57:13 +0000 (15:57 +0200)]
Check rng return value when generating challenges in eap-md5 and mschapv2 plugins
Tobias Brunner [Mon, 25 Jun 2012 13:56:31 +0000 (15:56 +0200)]
Check rng return value when generating Transaction IDs in DHCP plugin
Tobias Brunner [Mon, 25 Jun 2012 14:02:13 +0000 (16:02 +0200)]
Check rng return value when generating SPIs in kernel-klips plugin
Tobias Brunner [Mon, 25 Jun 2012 14:07:12 +0000 (16:07 +0200)]
Check rng return value when seeding OpenSSL RNG
Tobias Brunner [Mon, 25 Jun 2012 14:10:46 +0000 (16:10 +0200)]
Check rng return value when generating DH secret in gcrypt plugin
Tobias Brunner [Mon, 25 Jun 2012 14:09:00 +0000 (16:09 +0200)]
Check rng return value when generating DH secrets and primes in gmp plugin
Tobias Brunner [Mon, 25 Jun 2012 14:03:53 +0000 (16:03 +0200)]
Check rng return value when generating serial numbers in pki utility
Tobias Brunner [Mon, 25 Jun 2012 12:34:14 +0000 (14:34 +0200)]
Wrapper functions added to generate non-zero random bytes
Tobias Brunner [Fri, 6 Jul 2012 08:49:46 +0000 (10:49 +0200)]
Check rng return value when generating SCEP sender nonce
Tobias Brunner [Mon, 25 Jun 2012 14:06:59 +0000 (16:06 +0200)]
Check rng return value when generating OCSP nonces
Tobias Brunner [Mon, 25 Jun 2012 14:13:49 +0000 (16:13 +0200)]
Check rng return value when generating key and IV in PKCS#7 wrapper
Tobias Brunner [Mon, 25 Jun 2012 14:01:51 +0000 (16:01 +0200)]
Check rng return value when generating ME CONNECT_ID and KEY
Tobias Brunner [Mon, 25 Jun 2012 13:59:48 +0000 (15:59 +0200)]
Check rng return value when generating IKEv1 message IDs
Tobias Brunner [Fri, 6 Jul 2012 08:54:06 +0000 (10:54 +0200)]
Check rng return value when generating COOKIE2 during MOBIKE
Tobias Brunner [Mon, 25 Jun 2012 13:55:44 +0000 (15:55 +0200)]
Check rng return value when generating COOKIE secret in receiver
Tobias Brunner [Mon, 25 Jun 2012 14:00:48 +0000 (16:00 +0200)]
Check rng return value when generating fake NAT detection payloads
Tobias Brunner [Mon, 25 Jun 2012 13:54:57 +0000 (15:54 +0200)]
Check rng return value when encrypting encryption payload
Tobias Brunner [Fri, 6 Jul 2012 08:46:34 +0000 (10:46 +0200)]
Check rng return value when generating SPIs in ike_sa_manager_t
projects / thirdparty / strongswan.git / log
