Activity
From 13.10.2009 to 11.11.2009
11.11.2009
- 11:17 Revision 6ae43b93: mixed fingerprint / userid
- mixed fingerprint / userid
- 11:06 Revision 209f52cb: fixed 4.3.6 ocsp regression
- fixed 4.3.6 ocsp regression
10.11.2009
- 23:55 Revision ee8486af: adapted log message
- adapted log message
- 23:54 Revision a618e33e: merged pluto's PGP certificate parsing with charon's
- merged pluto's PGP certificate parsing with charon's
- 23:54 Revision f565d0c5: merged pluto's PGP certificate parsing with charon's
- merged pluto's PGP certificate parsing with charon's
- 21:50 Revision cc543182: added separating line
- added separating line
- 10:04 Revision bb7ae382: added some debugging to pgp certificate parsing
- added some debugging to pgp certificate parsing
09.11.2009
- 23:15 Revision 262af161: accept PGP v3 or v4 fingerprint as alternative to PGP user_id
- accept PGP v3 or v4 fingerprint as alternative to PGP user_id
- 15:07 Revision 5269150e: If cross-compiling, test for the existence of pthread_condattr_setclock only
- If cross-compiling, test for the existence of pthread_condattr_setclock only
- 15:07 Revision 67c3875c: Install bypass policies after creating XFRM netlink socket, loading xfrm_user ...
- Install bypass policies after creating XFRM netlink socket, loading xfrm_user module
08.11.2009
- 23:58 Revision 8a650a2b: put PGP userid in single quotes
- put PGP userid in single quotes
- 23:49 Revision b25311fb: added ikev2/net2net-pgp-v3 scenario
- added ikev2/net2net-pgp-v3 scenario
- 23:48 Revision bc662125: removed nocrsend=yes statement
- removed nocrsend=yes statement
- 23:23 Revision 2846e51a: added ikev2/net2net-pgp-v4 scenario
- added ikev2/net2net-pgp-v4 scenario
- 23:21 Revision ab5762e3: list v3 or v4 fingerprint
- list v3 or v4 fingerprint
- 21:01 Revision 9a127590: stroke_list supports listing of PGP certificates
- stroke_list supports listing of PGP certificates
- 18:55 Revision 9f0327e6: define TIME_32_BITS_SIGNED_MAX in utils.h
- define TIME_32_BITS_SIGNED_MAX in utils.h
05.11.2009
- 08:38 Revision e92e19c1: pluto ignores proprietary Juniper SRX notification 40001
- pluto ignores proprietary Juniper SRX notification 40001
04.11.2009
- 23:43 Revision 16dca5c2: moved multi-level-ca-pathlen scenario
- moved multi-level-ca-pathlen scenario
- 23:37 Revision 4c68a85a: implemented path length constraint checkinf for IKEv2
- implemented path length constraint checkinf for IKEv2
- 20:17 Revision fef3b0b7: display printable characters in dntoa()
- display printable characters in dntoa()
- 19:36 Revision 8fac84bc: check if acerts linked_list has been initialized before destroying it
- check if acerts linked_list has been initialized before destroying it
- 18:18 Revision 32c8b184: renamed multi-level-pathlen scenario to multi-level-ca-pathlen
- renamed multi-level-pathlen scenario to multi-level-ca-pathlen
- 18:15 Revision cd36095e: added ikev1/multi-level-pathlen scenario
- added ikev1/multi-level-pathlen scenario
- 18:13 Revision 28c55408: added a subsidiary Duck Research CA
- added a subsidiary Duck Research CA
- 18:10 Revision c95671ce: implemented path length constraint checking for IKEv1
- implemented path length constraint checking for IKEv1
- 14:34 Revision bed19335: put directory path into single quotes
- put directory path into single quotes
- 14:28 Revision efab9f55: removed redundant and buggy debug statement
- removed redundant and buggy debug statement
- 07:30 Revision fae32221: output optional pathLenConstraint in ipsec listcacerts
- output optional pathLenConstraint in ipsec listcacerts
- 00:16 Revision 5d1d7e82: refreshened and fortified strongSwan Root CA certificate
- refreshened and fortified strongSwan Root CA certificate
- 00:03 Revision 00aa0275: implemented parsing of pathLenConstraint
- implemented parsing of pathLenConstraint
02.11.2009
- 22:47 Revision a58b1722: version bump to 4.3.6
- version bump to 4.3.6
30.10.2009
- 11:19 Revision 4a38687a: Use XFRM instead of PF_KEY IKE bypass policies in netlink based kernel interface
- Use XFRM instead of PF_KEY IKE bypass policies in netlink based kernel interface
29.10.2009
- 10:00 Revision f893bce3: fixed a memory leak in OCSP fetching
- fixed a memory leak in OCSP fetching
26.10.2009
- 08:47 Revision 140816b0: Query secrets in EAP-MD5 with me/other identities, fixing lookup in NetworkMan...
- Query secrets in EAP-MD5 with me/other identities, fixing lookup in NetworkManager
23.10.2009
- 08:12 Revision 3dc40325: Show the number of times a lock was acquired in lock profiler
- Show the number of times a lock was acquired in lock profiler
22.10.2009
- 16:44 Revision c5f36782: Hand out shared secret of load tester for all identities
- Hand out shared secret of load tester for all identities
- 14:34 Revision 4952dc11: Fixed all doxygen warnings
- Fixed all doxygen warnings
- 13:13 Revision 80252c8a: Store return value of getc() in an int to correctly test it against EOF
- Store return value of getc() in an int to correctly test it against EOF
20.10.2009
- 15:54 Revision 0d73fe88: Load-testers PSK is used for all purposes, including EAP authentication
- Load-testers PSK is used for all purposes, including EAP authentication
19.10.2009
- 23:55 Bug #97 (Closed): Decapsulation failure using 3DES and HMAC-SHA2-256
- Due to historical reasons the Linux 2.6 kernel implements HMAC_SHA2_256_96 not HMAC_SHA2_256_128 as required by RFC 4...
- 21:53 Bug #97 (Closed): Decapsulation failure using 3DES and HMAC-SHA2-256
- The decapsulation failure is occurring because the size of the encrypted data in the received packet is not a multipl...
17.10.2009
- 09:47 Bug #55: Implement SHA512/384/256 HMAC with proper truncation in kernel
- Assigned to 4.3.6 release
- 09:23 Revision c51b78eb: hyphenate eap-radius
- hyphenate eap-radius
16.10.2009
- 17:57 Revision cea4bd8f: added IKEv1 mixed tunnel fix to NEWS
- added IKEv1 mixed tunnel fix to NEWS
- 15:04 Revision 601e2a69: added ipv6/net2net-ip4-in-ip6-ikev1 and ipv6/net2net-ip4-in-ip6-ikev1 scenarios
- added ipv6/net2net-ip4-in-ip6-ikev1 and ipv6/net2net-ip4-in-ip6-ikev1 scenarios
- 14:50 Revision 158e9386: setting the IP family enables mixed tunnels
- setting the IP family enables mixed tunnels
- 11:38 Bug #96 (Closed): Invalid character (null 0x00) in certificate URL
- RFC4306 is not really clear about NULL-terminating URLs in Hash-and-URL payloads. But as the length of the URL is obv...
- 09:21 Revision 1eab115a: Do not null-terminate url in hash-and-url payloads
- Do not null-terminate url in hash-and-url payloads
- 06:07 Feature #77 (Closed): Virtual IP address pool in IKEv1 pluto daemon
- SQL-based pool successfully ported.
15.10.2009
- 22:12 Bug #96 (Closed): Invalid character (null 0x00) in certificate URL
- Using HASH_AND_URL of X509 certificate. Per ABNF description in RFC3986, 0x00 is not an acceptable character in the p...
- 18:01 Revision 215b0402: use directory enumerator to load authcerts
- use directory enumerator to load authcerts
- 17:30 Revision ff1ca9a8: cleaned out some bugs in refactoring of ac.c
- cleaned out some bugs in refactoring of ac.c
- 15:25 Revision 50a82b41: corrected description of ikev1/ip-pool-db scenario
- corrected description of ikev1/ip-pool-db scenario
- 15:22 Revision bc3162d8: build eap-aka-3gpp2 plugin in UML scenarios
- build eap-aka-3gpp2 plugin in UML scenarios
- 14:58 Revision 38031878: moved .gitignore for pool
- moved .gitignore for pool
- 14:58 Revision 1310fbd3: moved .gitignore for pool
- moved .gitignore for pool
- 11:12 Revision b42bfc79: Added NEWS about streamlined plugin names
- Added NEWS about streamlined plugin names
- 10:36 Revision f48ceeb1: Renamed plugin configuration sections to the actual plugin name
- Renamed plugin configuration sections to the actual plugin name
- 10:36 Revision b76b867c: Renamed --enable-load-tests to --enable-load-tester, like the plugin itself
- Renamed --enable-load-tests to --enable-load-tester, like the plugin itself
- 10:36 Revision c4d53fe0: Streamlined EAP plugins to use a dash between eap-method, as used in all other...
- Streamlined EAP plugins to use a dash between eap-method, as used in all other places
- 10:14 Revision 406f3359: Updated configuration directive of resolve plugin, renamed from resolv_conf
- Updated configuration directive of resolve plugin, renamed from resolv_conf
- 10:14 Revision d38eb335: Migrated the lease_history option to the new libstrongswan plugin namespace
- Migrated the lease_history option to the new libstrongswan plugin namespace
14.10.2009
- 21:35 Revision ffe6f832: added ikev1/ip-pool-db-push scenario
- added ikev1/ip-pool-db-push scenario
- 18:02 Revision 628f023d: NEWS for the 4.3.5dr3 release
- NEWS for the 4.3.5dr3 release
- 14:51 Revision f4c4e782: added ikev1/ip-pool-db scenario
- added ikev1/ip-pool-db scenario
- 14:37 Revision 668870be: pool should be in th gitignore list
- pool should be in th gitignore list
- 14:30 Revision 270bb348: pluto now supports SQL-based virtual IP pools
- pluto now supports SQL-based virtual IP pools
- 12:43 Revision 601bc1df: pluto can now make use of the mysql and sqlite plugins
- pluto can now make use of the mysql and sqlite plugins
- 11:08 Revision 32bc4305: fixed inconsistent triplets.dat files
- fixed inconsistent triplets.dat files
- 09:55 Revision bb56e3f9: Improved debugging log in SIM triplet lookup
- Improved debugging log in SIM triplet lookup
13.10.2009
- 17:02 Revision 24779482: move SQL-based pool functionality to new attr-sql libstrongswan plugin
- move SQL-based pool functionality to new attr-sql libstrongswan plugin
- 13:58 Revision 4c8bb47a: check provenance of nameserver entry
- check provenance of nameserver entry
- 13:55 Revision 27f4dd33: use definitions from libstrongswan/attributes/attributes.h
- use definitions from libstrongswan/attributes/attributes.h
- 13:46 Revision 930443af: moved attribute_manager to libstrongswan
- moved attribute_manager to libstrongswan
- 11:05 Revision a2b50c5d: Fixed assignment of get_triplet() dummy implementation
- Fixed assignment of get_triplet() dummy implementation
Also available in: Atom