Activity
From 20.10.2009 to 18.11.2009
18.11.2009
- 18:37 Bug #98: Lower-bound in traffic selector not computed
- Martin Willi wrote:
> Thanks for your patch.
> However, it is not really clear to me what's the benefit of zeroing ... - 12:10 Bug #98 (Feedback): Lower-bound in traffic selector not computed
- Thanks for your patch.
However, it is not really clear to me what's the benefit of zeroing the from address. If I ... - 10:37 Revision 80b44cd7: Message stringification supports more detailed EAP payload information
- Message stringification supports more detailed EAP payload information
17.11.2009
- 20:04 Bug #98 (Closed): Lower-bound in traffic selector not computed
- Charon does not set the host number to zero when computing a traffic selector range resulting in a potentially unexpe...
- 17:51 Revision 1860bfa2: Correctly enumerate attributes to request as initiator with the actually reque...
- Correctly enumerate attributes to request as initiator with the actually requesting handler
- 16:55 Revision 1427c93f: Fixed memleak in attribute handling
- Fixed memleak in attribute handling
- 16:53 Revision d674c2ac: attr plugin supports any custom attribute type having a v4/v6 IP under the cha...
- attr plugin supports any custom attribute type having a v4/v6 IP under the charon.plugins.attr namespace
- 16:52 Revision 3797b8e7: Support enumeration of key/value pairs in a section of strongswan.conf
- Support enumeration of key/value pairs in a section of strongswan.conf
- 16:51 Revision 86813bef: Whitelist register_printf_specifier in leak detective
- Whitelist register_printf_specifier in leak detective
- 14:51 Revision b5a2055f: Give plugins more control of which configuration attributes to request, and pa...
- Give plugins more control of which configuration attributes to request, and pass received attributes back to the requ...
12.11.2009
- 15:52 Revision e6cf0602: Encrypt payloads with missing rule, fix insertion of non-encrypted payloads
- Encrypt payloads with missing rule, fix insertion of non-encrypted payloads
- 14:37 Revision 07444497: Build libsimaka with libtool, as we require a PIC-enabled version
- Build libsimaka with libtool, as we require a PIC-enabled version
- 14:37 Revision 20d144e7: Invoke message hook before generation, allowing plugins to mangle it
- Invoke message hook before generation, allowing plugins to mangle it
- 14:37 Revision 82713dea: Simplified vendor ID payload interface
- Simplified vendor ID payload interface
- 14:37 Revision addfeeff: Do not complain about missing payload order rules for private use payloads
- Do not complain about missing payload order rules for private use payloads
- 14:37 Revision 09846603: Fix word alignement in memxor() on 64-bit architectures
- Fix word alignement in memxor() on 64-bit architectures
- 14:37 Revision 733538a4: Identation/whitespace cleanups
- Identation/whitespace cleanups
- 14:37 Revision 5bfe1b25: Properly initialize attribute encoding/length values
- Properly initialize attribute encoding/length values
- 14:10 Revision ee3d4ef8: Prefer MODP2048/1536 over ECP Diffie-Hellman groups
- Prefer MODP2048/1536 over ECP Diffie-Hellman groups
- 13:16 Revision f6bbcec3: Use register_printf_specifier instead of deprecated register_printf_function, ...
- Use register_printf_specifier instead of deprecated register_printf_function, if available
- 11:17 Revision 0850e335: Fixed compiler warning about missing return value
- Fixed compiler warning about missing return value
- 10:34 Revision 1a86be6e: Support variable RES length in AKA quintuplets
- Support variable RES length in AKA quintuplets
- 10:34 Revision 32452870: Added identification constructor using a chunk of data, guessing id type
- Added identification constructor using a chunk of data, guessing id type
- 10:34 Revision edcb2dd3: Moved reauth/pseudonym functionality from eap-sim-file to separate plugins, us...
- Moved reauth/pseudonym functionality from eap-sim-file to separate plugins, usable by any SIM/AKA backend
- 10:34 Revision 3374cb0f: Passing other as NULL should not always result in a match if me matches
- Passing other as NULL should not always result in a match if me matches
- 10:34 Revision 15b65bf1: Ported pseudonym/reauth functionality to EAP-AKA
- Ported pseudonym/reauth functionality to EAP-AKA
- 10:34 Revision eb7bf91e: Added option to disable identity requests completely (old behavior)
- Added option to disable identity requests completely (old behavior)
- 10:34 Revision 0109846a: Moved card/provider enumeration to SIM manager, providing wrapped functions fo...
- Moved card/provider enumeration to SIM manager, providing wrapped functions for both SIM and AKA plugins
- 10:34 Revision acb56137: eap-sim-file plugin supports volatile in-memory storage of fast reauthenticati...
- eap-sim-file plugin supports volatile in-memory storage of fast reauthentication data
- 10:34 Revision 0107f5b6: Fixed replacing existing reauthentication data
- Fixed replacing existing reauthentication data
- 10:34 Revision 2dbac2ab: Initiate full authentication if reauthentication identity is unknown
- Initiate full authentication if reauthentication identity is unknown
- 10:34 Revision 947b03fd: Use new identity constructor in EAP-SIM
- Use new identity constructor in EAP-SIM
- 10:34 Revision 0e20893d: Pass SIM/AKA crypto helper to constructor of message
- Pass SIM/AKA crypto helper to constructor of message
- 10:34 Revision c5ec0f48: Initial support for fast reauthentication in EAP-SIM
- Initial support for fast reauthentication in EAP-SIM
- 10:34 Revision 454b59c5: EAP-SIM/AKA crypto helper supports key derivation for fast reauthentication
- EAP-SIM/AKA crypto helper supports key derivation for fast reauthentication
- 10:34 Revision e1a8729d: Fallback to permanent identity request if pseudonym mapping failed
- Fallback to permanent identity request if pseudonym mapping failed
- 10:34 Revision c2f8c6a1: Query triplet/quintuplet functions with permanent identity only,
- Query triplet/quintuplet functions with permanent identity only,
extended sim_provider with a is_pseudonym() function. - 10:34 Revision 2d112ca3: eap-sim-file plugin can store pseudonym information volatile in memory
- eap-sim-file plugin can store pseudonym information volatile in memory
- 10:34 Revision 8aad8f6f: Some coding style cleanups
- Some coding style cleanups
- 10:34 Revision 0328fe94: Impemented basic pseudonym support in EAP-SIM
- Impemented basic pseudonym support in EAP-SIM
- 10:34 Revision f81760dc: A SIM/AKA message can be parsed twice, without and with decryption
- A SIM/AKA message can be parsed twice, without and with decryption
- 10:34 Revision 13f418b4: Added a doxygen group for libsimaka, some cleanups
- Added a doxygen group for libsimaka, some cleanups
- 10:33 Revision fad4e5f3: Centralized SIM/AKA notifications and client errors
- Centralized SIM/AKA notifications and client errors
- 10:33 Revision 02f785b0: Use existing triplet length definitions
- Use existing triplet length definitions
- 10:33 Revision aea334ec: Splitted EAP-AKA in peer and server implementations, use libsimaka helper library
- Splitted EAP-AKA in peer and server implementations, use libsimaka helper library
- 10:33 Revision 6d908815: Proper handling of non-skippable attributes and client error codes in EAP-SIM
- Proper handling of non-skippable attributes and client error codes in EAP-SIM
- 10:33 Revision 4735965f: EAP servers check if the received EAP message was expected
- EAP servers check if the received EAP message was expected
- 10:33 Revision bcf8a0ff: Added missing hasher include
- Added missing hasher include
- 10:33 Revision e9c03f52: Use the EAP-SIM/AKA crypto helper in EAP-SIM
- Use the EAP-SIM/AKA crypto helper in EAP-SIM
- 10:33 Revision ac4dd543: Migrated EAP-SIM to libsimaka, separated server/peer implementations
- Migrated EAP-SIM to libsimaka, separated server/peer implementations
- 10:33 Revision f8330d03: Added a libsimaka library with shared message handling code for EAP-SIM/AKA
- Added a libsimaka library with shared message handling code for EAP-SIM/AKA
- 10:33 Revision 44e8eea1: sim_provider_t API gained support for pseudonym/fast reauthentication
- sim_provider_t API gained support for pseudonym/fast reauthentication
- 10:33 Revision 8f364b54: sim_card_t API gained support for pseudonym/fast reauthentication
- sim_card_t API gained support for pseudonym/fast reauthentication
- 10:33 Revision 55916dcc: libsimaka provides cryptographic functionality used in EAP-SIM and EAP-AKA
- libsimaka provides cryptographic functionality used in EAP-SIM and EAP-AKA
11.11.2009
- 11:17 Revision 6ae43b93: mixed fingerprint / userid
- mixed fingerprint / userid
- 11:06 Revision 209f52cb: fixed 4.3.6 ocsp regression
- fixed 4.3.6 ocsp regression
10.11.2009
- 23:55 Revision ee8486af: adapted log message
- adapted log message
- 23:54 Revision a618e33e: merged pluto's PGP certificate parsing with charon's
- merged pluto's PGP certificate parsing with charon's
- 23:54 Revision f565d0c5: merged pluto's PGP certificate parsing with charon's
- merged pluto's PGP certificate parsing with charon's
- 21:50 Revision cc543182: added separating line
- added separating line
- 10:04 Revision bb7ae382: added some debugging to pgp certificate parsing
- added some debugging to pgp certificate parsing
09.11.2009
- 23:15 Revision 262af161: accept PGP v3 or v4 fingerprint as alternative to PGP user_id
- accept PGP v3 or v4 fingerprint as alternative to PGP user_id
- 15:07 Revision 5269150e: If cross-compiling, test for the existence of pthread_condattr_setclock only
- If cross-compiling, test for the existence of pthread_condattr_setclock only
- 15:07 Revision 67c3875c: Install bypass policies after creating XFRM netlink socket, loading xfrm_user ...
- Install bypass policies after creating XFRM netlink socket, loading xfrm_user module
08.11.2009
- 23:58 Revision 8a650a2b: put PGP userid in single quotes
- put PGP userid in single quotes
- 23:49 Revision b25311fb: added ikev2/net2net-pgp-v3 scenario
- added ikev2/net2net-pgp-v3 scenario
- 23:48 Revision bc662125: removed nocrsend=yes statement
- removed nocrsend=yes statement
- 23:23 Revision 2846e51a: added ikev2/net2net-pgp-v4 scenario
- added ikev2/net2net-pgp-v4 scenario
- 23:21 Revision ab5762e3: list v3 or v4 fingerprint
- list v3 or v4 fingerprint
- 21:01 Revision 9a127590: stroke_list supports listing of PGP certificates
- stroke_list supports listing of PGP certificates
- 18:55 Revision 9f0327e6: define TIME_32_BITS_SIGNED_MAX in utils.h
- define TIME_32_BITS_SIGNED_MAX in utils.h
05.11.2009
- 08:38 Revision e92e19c1: pluto ignores proprietary Juniper SRX notification 40001
- pluto ignores proprietary Juniper SRX notification 40001
04.11.2009
- 23:43 Revision 16dca5c2: moved multi-level-ca-pathlen scenario
- moved multi-level-ca-pathlen scenario
- 23:37 Revision 4c68a85a: implemented path length constraint checkinf for IKEv2
- implemented path length constraint checkinf for IKEv2
- 20:17 Revision fef3b0b7: display printable characters in dntoa()
- display printable characters in dntoa()
- 19:36 Revision 8fac84bc: check if acerts linked_list has been initialized before destroying it
- check if acerts linked_list has been initialized before destroying it
- 18:18 Revision 32c8b184: renamed multi-level-pathlen scenario to multi-level-ca-pathlen
- renamed multi-level-pathlen scenario to multi-level-ca-pathlen
- 18:15 Revision cd36095e: added ikev1/multi-level-pathlen scenario
- added ikev1/multi-level-pathlen scenario
- 18:13 Revision 28c55408: added a subsidiary Duck Research CA
- added a subsidiary Duck Research CA
- 18:10 Revision c95671ce: implemented path length constraint checking for IKEv1
- implemented path length constraint checking for IKEv1
- 14:34 Revision bed19335: put directory path into single quotes
- put directory path into single quotes
- 14:28 Revision efab9f55: removed redundant and buggy debug statement
- removed redundant and buggy debug statement
- 07:30 Revision fae32221: output optional pathLenConstraint in ipsec listcacerts
- output optional pathLenConstraint in ipsec listcacerts
- 00:16 Revision 5d1d7e82: refreshened and fortified strongSwan Root CA certificate
- refreshened and fortified strongSwan Root CA certificate
- 00:03 Revision 00aa0275: implemented parsing of pathLenConstraint
- implemented parsing of pathLenConstraint
02.11.2009
- 22:47 Revision a58b1722: version bump to 4.3.6
- version bump to 4.3.6
30.10.2009
- 11:19 Revision 4a38687a: Use XFRM instead of PF_KEY IKE bypass policies in netlink based kernel interface
- Use XFRM instead of PF_KEY IKE bypass policies in netlink based kernel interface
29.10.2009
- 10:00 Revision f893bce3: fixed a memory leak in OCSP fetching
- fixed a memory leak in OCSP fetching
26.10.2009
- 08:47 Revision 140816b0: Query secrets in EAP-MD5 with me/other identities, fixing lookup in NetworkMan...
- Query secrets in EAP-MD5 with me/other identities, fixing lookup in NetworkManager
23.10.2009
- 08:12 Revision 3dc40325: Show the number of times a lock was acquired in lock profiler
- Show the number of times a lock was acquired in lock profiler
22.10.2009
- 16:44 Revision c5f36782: Hand out shared secret of load tester for all identities
- Hand out shared secret of load tester for all identities
- 14:34 Revision 4952dc11: Fixed all doxygen warnings
- Fixed all doxygen warnings
- 13:13 Revision 80252c8a: Store return value of getc() in an int to correctly test it against EOF
- Store return value of getc() in an int to correctly test it against EOF
20.10.2009
- 15:54 Revision 0d73fe88: Load-testers PSK is used for all purposes, including EAP authentication
- Load-testers PSK is used for all purposes, including EAP authentication
Also available in: Atom