← Back to branch summary

~ubuntu-branches/ubuntu/maverick/strongswan/maverick

~ubuntu-branches/ubuntu/maverick/strongswan/maverick

« back to all changes in this revision

Viewing changes to src/charon/network/receiver.c

Committer: Bazaar Package Importer
Author(s): Rene Mayrhofer
Date: 2009-04-01 22:17:52 UTC
mfrom: (1.1.8 upstream)
Revision ID: james.westby@ubuntu.com-20090401221752-eozrk0ctabblo94z

http://bugs.debian.org/521950

* New upstream release, which incorporates the fix. Removed dpatch for it.
Closes: #521950: CVE-2009-0790: DoS
* New support for EAP RADIUS authentication, enabled for this package.

files added:
debian/libstrongswan.dirs

debian/libstrongswan.install

debian/strongswan-ikev1.install

debian/strongswan-ikev2.install

debian/strongswan-nm.install

debian/strongswan-starter.config

debian/strongswan-starter.dirs

debian/strongswan-starter.install

debian/strongswan-starter.ipsec.init

debian/strongswan-starter.postinst

debian/strongswan-starter.postrm

debian/strongswan-starter.prerm

debian/strongswan-starter.templates

src/charon/plugins/eap_mschapv2

src/charon/plugins/eap_mschapv2/Makefile.am

src/charon/plugins/eap_mschapv2/Makefile.in

src/charon/plugins/eap_mschapv2/eap_mschapv2.c

src/charon/plugins/eap_mschapv2/eap_mschapv2.h

src/charon/plugins/eap_mschapv2/eap_mschapv2_plugin.c

src/charon/plugins/eap_mschapv2/eap_mschapv2_plugin.h

src/charon/plugins/eap_radius

src/charon/plugins/eap_radius/Makefile.am

src/charon/plugins/eap_radius/Makefile.in

src/charon/plugins/eap_radius/eap_radius.c

src/charon/plugins/eap_radius/eap_radius.h

src/charon/plugins/eap_radius/eap_radius_plugin.c

src/charon/plugins/eap_radius/eap_radius_plugin.h

src/charon/plugins/eap_radius/radius_client.c

src/charon/plugins/eap_radius/radius_client.h

src/charon/plugins/eap_radius/radius_message.c

src/charon/plugins/eap_radius/radius_message.h

src/charon/plugins/load_tester/load_tester_diffie_hellman.c

src/charon/plugins/load_tester/load_tester_diffie_hellman.h

src/charon/plugins/unit_tester/tests/test_cert.c

src/charon/plugins/unit_tester/tests/test_rng.c

src/libstrongswan/plugins/md4

src/libstrongswan/plugins/md4/Makefile.am

src/libstrongswan/plugins/md4/Makefile.in

src/libstrongswan/plugins/md4/md4_hasher.c

src/libstrongswan/plugins/md4/md4_hasher.h

src/libstrongswan/plugins/md4/md4_plugin.c

src/libstrongswan/plugins/md4/md4_plugin.h

src/libstrongswan/plugins/padlock/padlock_rng.c

src/libstrongswan/plugins/padlock/padlock_rng.h

src/libstrongswan/utils/hashtable.c

src/libstrongswan/utils/hashtable.h

testing/hosts/winnetou/etc/openssl/monster

testing/hosts/winnetou/etc/openssl/monster/crlnumber

testing/hosts/winnetou/etc/openssl/monster/index.txt

testing/hosts/winnetou/etc/openssl/monster/index.txt.attr

testing/hosts/winnetou/etc/openssl/monster/index.txt.attr.old

testing/hosts/winnetou/etc/openssl/monster/index.txt.old

testing/hosts/winnetou/etc/openssl/monster/newcerts

testing/hosts/winnetou/etc/openssl/monster/newcerts/01.pem

testing/hosts/winnetou/etc/openssl/monster/newcerts/02.pem

testing/hosts/winnetou/etc/openssl/monster/openssl.cnf

testing/hosts/winnetou/etc/openssl/monster/serial

testing/hosts/winnetou/etc/openssl/monster/serial.old

testing/hosts/winnetou/etc/openssl/monster/strongswanCert-monster.pem

testing/hosts/winnetou/etc/openssl/monster/strongswanKey-monster.pem

testing/tests/ikev1/after-2038-certs

testing/tests/ikev1/after-2038-certs/description.txt

testing/tests/ikev1/after-2038-certs/evaltest.dat

testing/tests/ikev1/after-2038-certs/hosts

testing/tests/ikev1/after-2038-certs/hosts/carol

testing/tests/ikev1/after-2038-certs/hosts/carol/etc

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.conf

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/cacerts

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/certs

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/private

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem

testing/tests/ikev1/after-2038-certs/hosts/carol/etc/strongswan.conf

testing/tests/ikev1/after-2038-certs/hosts/moon

testing/tests/ikev1/after-2038-certs/hosts/moon/etc

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.conf

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/cacerts

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/certs

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/private

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem

testing/tests/ikev1/after-2038-certs/hosts/moon/etc/strongswan.conf

testing/tests/ikev1/after-2038-certs/posttest.dat

testing/tests/ikev1/after-2038-certs/pretest.dat

testing/tests/ikev1/after-2038-certs/test.conf

testing/tests/ikev1/attr-cert/hosts/moon/etc/strongswan.conf

testing/tests/ikev1/dpd-restart

testing/tests/ikev1/dpd-restart/description.txt

testing/tests/ikev1/dpd-restart/evaltest.dat

testing/tests/ikev1/dpd-restart/hosts

testing/tests/ikev1/dpd-restart/hosts/carol

testing/tests/ikev1/dpd-restart/hosts/carol/etc

testing/tests/ikev1/dpd-restart/hosts/carol/etc/ipsec.conf

testing/tests/ikev1/dpd-restart/hosts/moon

testing/tests/ikev1/dpd-restart/hosts/moon/etc

testing/tests/ikev1/dpd-restart/hosts/moon/etc/ipsec.conf

testing/tests/ikev1/dpd-restart/posttest.dat

testing/tests/ikev1/dpd-restart/pretest.dat

testing/tests/ikev1/dpd-restart/test.conf

testing/tests/ikev2/after-2038-certs

testing/tests/ikev2/after-2038-certs/description.txt

testing/tests/ikev2/after-2038-certs/evaltest.dat

testing/tests/ikev2/after-2038-certs/hosts

testing/tests/ikev2/after-2038-certs/hosts/carol

testing/tests/ikev2/after-2038-certs/hosts/carol/etc

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/cacerts

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/cacerts/strongswanCert.pem

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/certs

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/certs/carolCert.pem

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/private

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/ipsec.d/private/carolKey.pem

testing/tests/ikev2/after-2038-certs/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/after-2038-certs/hosts/moon

testing/tests/ikev2/after-2038-certs/hosts/moon/etc

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/cacerts

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/cacerts/strongswanCert.pem

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/certs

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/certs/moonCert.pem

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/private

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/ipsec.d/private/moonKey.pem

testing/tests/ikev2/after-2038-certs/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/after-2038-certs/posttest.dat

testing/tests/ikev2/after-2038-certs/pretest.dat

testing/tests/ikev2/after-2038-certs/test.conf

testing/tests/ikev2/esp-alg-null

testing/tests/ikev2/esp-alg-null/description.txt

testing/tests/ikev2/esp-alg-null/evaltest.dat

testing/tests/ikev2/esp-alg-null/hosts

testing/tests/ikev2/esp-alg-null/hosts/carol

testing/tests/ikev2/esp-alg-null/hosts/carol/etc

testing/tests/ikev2/esp-alg-null/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/esp-alg-null/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/esp-alg-null/hosts/moon

testing/tests/ikev2/esp-alg-null/hosts/moon/etc

testing/tests/ikev2/esp-alg-null/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/esp-alg-null/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/esp-alg-null/posttest.dat

testing/tests/ikev2/esp-alg-null/pretest.dat

testing/tests/ikev2/esp-alg-null/test.conf

testing/tests/ikev2/ip-two-pools-mixed

testing/tests/ikev2/ip-two-pools-mixed/description.txt

testing/tests/ikev2/ip-two-pools-mixed/evaltest.dat

testing/tests/ikev2/ip-two-pools-mixed/hosts

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc/init.d

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc/init.d/iptables

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc/ipsec.conf

testing/tests/ikev2/ip-two-pools-mixed/hosts/alice/etc/strongswan.conf

testing/tests/ikev2/ip-two-pools-mixed/hosts/carol

testing/tests/ikev2/ip-two-pools-mixed/hosts/carol/etc

testing/tests/ikev2/ip-two-pools-mixed/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/ip-two-pools-mixed/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/init.d

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/init.d/iptables

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/ip-two-pools-mixed/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/ip-two-pools-mixed/posttest.dat

testing/tests/ikev2/ip-two-pools-mixed/pretest.dat

testing/tests/ikev2/ip-two-pools-mixed/test.conf

testing/tests/ikev2/rw-eap-aka-id-rsa

testing/tests/ikev2/rw-eap-aka-id-rsa/description.txt

testing/tests/ikev2/rw-eap-aka-id-rsa/evaltest.dat

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol/etc

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-aka-id-rsa/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-aka-id-rsa/posttest.dat

testing/tests/ikev2/rw-eap-aka-id-rsa/pretest.dat

testing/tests/ikev2/rw-eap-aka-id-rsa/test.conf

testing/tests/ikev2/rw-eap-md5-id-radius

testing/tests/ikev2/rw-eap-md5-id-radius/description.txt

testing/tests/ikev2/rw-eap-md5-id-radius/evaltest.dat

testing/tests/ikev2/rw-eap-md5-id-radius/hosts

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/clients.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/eap.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/proxy.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/radiusd.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/sites-available

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/sites-available/default

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/alice/etc/raddb/users

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol/etc

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/init.d

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/init.d/iptables

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-md5-id-radius/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-md5-id-radius/posttest.dat

testing/tests/ikev2/rw-eap-md5-id-radius/pretest.dat

testing/tests/ikev2/rw-eap-md5-id-radius/test.conf

testing/tests/ikev2/rw-eap-md5-radius

testing/tests/ikev2/rw-eap-md5-radius/description.txt

testing/tests/ikev2/rw-eap-md5-radius/evaltest.dat

testing/tests/ikev2/rw-eap-md5-radius/hosts

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/clients.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/eap.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/proxy.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/radiusd.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/sites-available

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/sites-available/default

testing/tests/ikev2/rw-eap-md5-radius/hosts/alice/etc/raddb/users

testing/tests/ikev2/rw-eap-md5-radius/hosts/carol

testing/tests/ikev2/rw-eap-md5-radius/hosts/carol/etc

testing/tests/ikev2/rw-eap-md5-radius/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-md5-radius/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/init.d

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/init.d/iptables

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-md5-radius/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-md5-radius/posttest.dat

testing/tests/ikev2/rw-eap-md5-radius/pretest.dat

testing/tests/ikev2/rw-eap-md5-radius/test.conf

testing/tests/ikev2/rw-eap-mschapv2-id-rsa

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/description.txt

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/evaltest.dat

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol/etc

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon/etc

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/posttest.dat

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/pretest.dat

testing/tests/ikev2/rw-eap-mschapv2-id-rsa/test.conf

testing/tests/ikev2/rw-eap-sim-id-radius

testing/tests/ikev2/rw-eap-sim-id-radius/description.txt

testing/tests/ikev2/rw-eap-sim-id-radius/evaltest.dat

testing/tests/ikev2/rw-eap-sim-id-radius/hosts

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/clients.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/eap.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/proxy.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/radiusd.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/sites-available

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/sites-available/default

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/triplets.dat

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/alice/etc/raddb/users

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/ipsec.d

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/ipsec.d/triplets.dat

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/init.d

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/init.d/iptables

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-sim-id-radius/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-sim-id-radius/posttest.dat

testing/tests/ikev2/rw-eap-sim-id-radius/pretest.dat

testing/tests/ikev2/rw-eap-sim-id-radius/test.conf

testing/tests/ikev2/rw-eap-sim-radius

testing/tests/ikev2/rw-eap-sim-radius/description.txt

testing/tests/ikev2/rw-eap-sim-radius/evaltest.dat

testing/tests/ikev2/rw-eap-sim-radius/hosts

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/clients.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/eap.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/proxy.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/radiusd.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/sites-available

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/sites-available/default

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/triplets.dat

testing/tests/ikev2/rw-eap-sim-radius/hosts/alice/etc/raddb/users

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/ipsec.d

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/ipsec.d/triplets.dat

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-sim-radius/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/ipsec.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/ipsec.d

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/ipsec.d/triplets.dat

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-sim-radius/hosts/dave/etc/strongswan.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/init.d

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/init.d/iptables

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-sim-radius/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-sim-radius/posttest.dat

testing/tests/ikev2/rw-eap-sim-radius/pretest.dat

testing/tests/ikev2/rw-eap-sim-radius/test.conf

testing/tests/pfkey/esp-alg-null

testing/tests/pfkey/esp-alg-null/description.txt

testing/tests/pfkey/esp-alg-null/evaltest.dat

testing/tests/pfkey/esp-alg-null/hosts

testing/tests/pfkey/esp-alg-null/hosts/carol

testing/tests/pfkey/esp-alg-null/hosts/carol/etc

testing/tests/pfkey/esp-alg-null/hosts/carol/etc/ipsec.conf

testing/tests/pfkey/esp-alg-null/hosts/carol/etc/strongswan.conf

testing/tests/pfkey/esp-alg-null/hosts/moon

testing/tests/pfkey/esp-alg-null/hosts/moon/etc

testing/tests/pfkey/esp-alg-null/hosts/moon/etc/ipsec.conf

testing/tests/pfkey/esp-alg-null/hosts/moon/etc/strongswan.conf

testing/tests/pfkey/esp-alg-null/posttest.dat

testing/tests/pfkey/esp-alg-null/pretest.dat

testing/tests/pfkey/esp-alg-null/test.conf

files removed:
debian/strongswan.config

debian/strongswan.dirs

debian/strongswan.ipsec.init

debian/strongswan.postinst

debian/strongswan.postrm

debian/strongswan.prerm

debian/strongswan.templates

src/charon/plugins/nm/gnome

src/charon/plugins/nm/gnome/Makefile.am

src/charon/plugins/nm/gnome/Makefile.in

src/charon/plugins/nm/gnome/aclocal.m4

src/charon/plugins/nm/gnome/auth-dialog

src/charon/plugins/nm/gnome/auth-dialog/Makefile

src/charon/plugins/nm/gnome/auth-dialog/Makefile.am

src/charon/plugins/nm/gnome/auth-dialog/Makefile.in

src/charon/plugins/nm/gnome/auth-dialog/main.c

src/charon/plugins/nm/gnome/autogen.sh

src/charon/plugins/nm/gnome/compile

src/charon/plugins/nm/gnome/config.guess

src/charon/plugins/nm/gnome/config.h.in

src/charon/plugins/nm/gnome/config.sub

src/charon/plugins/nm/gnome/configure

src/charon/plugins/nm/gnome/configure.in

src/charon/plugins/nm/gnome/depcomp

src/charon/plugins/nm/gnome/install-sh

src/charon/plugins/nm/gnome/intltool-extract.in

src/charon/plugins/nm/gnome/intltool-merge.in

src/charon/plugins/nm/gnome/intltool-update.in

src/charon/plugins/nm/gnome/ltmain.sh

src/charon/plugins/nm/gnome/missing

src/charon/plugins/nm/gnome/mkinstalldirs

src/charon/plugins/nm/gnome/nm-strongswan-service.conf

src/charon/plugins/nm/gnome/nm-strongswan-service.name.in

src/charon/plugins/nm/gnome/po

src/charon/plugins/nm/gnome/po/LINGUAS

src/charon/plugins/nm/gnome/po/Makefile.in.in

src/charon/plugins/nm/gnome/po/POTFILES.in

src/charon/plugins/nm/gnome/properties

src/charon/plugins/nm/gnome/properties/Makefile.am

src/charon/plugins/nm/gnome/properties/Makefile.in

src/charon/plugins/nm/gnome/properties/nm-strongswan-dialog.glade

src/charon/plugins/nm/gnome/properties/nm-strongswan.c

src/charon/plugins/nm/gnome/properties/nm-strongswan.h

testing/tests/ikev2/rw-eap-aka-identity

testing/tests/ikev2/rw-eap-aka-identity/description.txt

testing/tests/ikev2/rw-eap-aka-identity/evaltest.dat

testing/tests/ikev2/rw-eap-aka-identity/hosts

testing/tests/ikev2/rw-eap-aka-identity/hosts/carol

testing/tests/ikev2/rw-eap-aka-identity/hosts/carol/etc

testing/tests/ikev2/rw-eap-aka-identity/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/rw-eap-aka-identity/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-aka-identity/hosts/carol/etc/strongswan.conf

testing/tests/ikev2/rw-eap-aka-identity/hosts/moon

testing/tests/ikev2/rw-eap-aka-identity/hosts/moon/etc

testing/tests/ikev2/rw-eap-aka-identity/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-aka-identity/hosts/moon/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-aka-identity/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/rw-eap-aka-identity/posttest.dat

testing/tests/ikev2/rw-eap-aka-identity/pretest.dat

testing/tests/ikev2/rw-eap-aka-identity/test.conf

testing/tests/sql/rw-rsa-keyid/hosts/carol/etc/ipsec.d/data.sql~

testing/tests/sql/rw-rsa-keyid/hosts/dave/etc/ipsec.d/data.sql~

testing/tests/sql/rw-rsa-keyid/hosts/moon/etc/ipsec.d/data.sql~

testing/tests/sql/rw-rsa/hosts/carol/etc/ipsec.d/data.sql~

testing/tests/sql/rw-rsa/hosts/dave/etc/ipsec.d/data.sql~

testing/tests/sql/rw-rsa/hosts/moon/etc/ipsec.d/data.sql~

files modified:
Doxyfile.in

Makefile.am

Makefile.in

NEWS

aclocal.m4

config.guess

config.sub

configure

configure.in

debian/changelog

debian/compat

debian/control

debian/po/POTFILES.in

debian/po/cs.po

debian/po/de.po

debian/po/fr.po

debian/po/ja.po

debian/po/nl.po

debian/po/pt.po

debian/po/pt_BR.po

debian/po/sv.po

debian/po/templates.pot

debian/po/vi.po

debian/rules

ltmain.sh *

scripts/Makefile.in

scripts/thread_analysis.c

src/Makefile.in

src/_copyright/Makefile.in

src/_updown/Makefile.in

src/_updown_espmark/Makefile.in

src/charon/Makefile.am

src/charon/Makefile.in

src/charon/bus/bus.h

src/charon/bus/listeners/file_logger.h

src/charon/bus/listeners/sys_logger.h

src/charon/config/attributes/attribute_manager.c

src/charon/config/attributes/attribute_manager.h

src/charon/config/attributes/attribute_provider.h

src/charon/config/backend.h

src/charon/config/backend_manager.c

src/charon/config/backend_manager.h

src/charon/config/child_cfg.c

src/charon/config/child_cfg.h

src/charon/config/ike_cfg.h

src/charon/config/peer_cfg.h

src/charon/config/proposal.c

src/charon/config/proposal.h

src/charon/config/traffic_selector.c

src/charon/config/traffic_selector.h

src/charon/control/controller.c

src/charon/control/controller.h

src/charon/credentials/auth_info.c

src/charon/credentials/auth_info.h

src/charon/credentials/credential_manager.c

src/charon/credentials/credential_manager.h

src/charon/credentials/credential_set.h

src/charon/credentials/sets/auth_info_wrapper.h

src/charon/credentials/sets/cert_cache.c

src/charon/credentials/sets/cert_cache.h

src/charon/credentials/sets/ocsp_response_wrapper.h

src/charon/daemon.c

src/charon/daemon.h

src/charon/encoding/generator.c

src/charon/encoding/generator.h

src/charon/encoding/message.h

src/charon/encoding/parser.c

src/charon/encoding/parser.h

src/charon/encoding/payloads/auth_payload.h

src/charon/encoding/payloads/cert_payload.h

src/charon/encoding/payloads/certreq_payload.h

src/charon/encoding/payloads/configuration_attribute.c

src/charon/encoding/payloads/configuration_attribute.h

src/charon/encoding/payloads/cp_payload.h

src/charon/encoding/payloads/delete_payload.h

src/charon/encoding/payloads/eap_payload.h

src/charon/encoding/payloads/encodings.h

src/charon/encoding/payloads/encryption_payload.h

src/charon/encoding/payloads/endpoint_notify.h

src/charon/encoding/payloads/id_payload.h

src/charon/encoding/payloads/ike_header.h

src/charon/encoding/payloads/ke_payload.h

src/charon/encoding/payloads/nonce_payload.h

src/charon/encoding/payloads/notify_payload.c

src/charon/encoding/payloads/notify_payload.h

src/charon/encoding/payloads/payload.h

src/charon/encoding/payloads/proposal_substructure.h

src/charon/encoding/payloads/sa_payload.h

src/charon/encoding/payloads/traffic_selector_substructure.h

src/charon/encoding/payloads/transform_attribute.h

src/charon/encoding/payloads/transform_substructure.h

src/charon/encoding/payloads/ts_payload.h

src/charon/encoding/payloads/unknown_payload.h

src/charon/encoding/payloads/vendor_id_payload.h

src/charon/kernel/kernel_interface.c

src/charon/kernel/kernel_interface.h

src/charon/kernel/kernel_ipsec.h

src/charon/kernel/kernel_net.h

src/charon/network/packet.h

src/charon/network/receiver.c

src/charon/network/receiver.h

src/charon/network/sender.h

src/charon/network/socket.c

src/charon/network/socket.h

src/charon/plugins/eap_aka/Makefile.in

src/charon/plugins/eap_aka/eap_aka.h

src/charon/plugins/eap_aka/eap_aka_plugin.h

src/charon/plugins/eap_gtc/Makefile.in

src/charon/plugins/eap_gtc/eap_gtc.h

src/charon/plugins/eap_gtc/eap_gtc_plugin.h

src/charon/plugins/eap_identity/Makefile.in

src/charon/plugins/eap_identity/eap_identity.h

src/charon/plugins/eap_identity/eap_identity_plugin.h

src/charon/plugins/eap_md5/Makefile.in

src/charon/plugins/eap_md5/eap_md5.h

src/charon/plugins/eap_md5/eap_md5_plugin.h

src/charon/plugins/eap_sim/Makefile.in

src/charon/plugins/eap_sim/eap_sim.c

src/charon/plugins/eap_sim/eap_sim.h

src/charon/plugins/eap_sim/eap_sim_plugin.h

src/charon/plugins/eap_sim_file/Makefile.in

src/charon/plugins/eap_sim_file/eap_sim_file_card.h

src/charon/plugins/eap_sim_file/eap_sim_file_plugin.h

src/charon/plugins/eap_sim_file/eap_sim_file_provider.h

src/charon/plugins/eap_sim_file/eap_sim_file_triplets.h

src/charon/plugins/kernel_klips/Makefile.in

src/charon/plugins/kernel_klips/kernel_klips_ipsec.c

src/charon/plugins/kernel_klips/kernel_klips_ipsec.h

src/charon/plugins/kernel_klips/kernel_klips_plugin.h

src/charon/plugins/kernel_netlink/Makefile.in

src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.c

src/charon/plugins/kernel_netlink/kernel_netlink_ipsec.h

src/charon/plugins/kernel_netlink/kernel_netlink_net.c

src/charon/plugins/kernel_netlink/kernel_netlink_net.h

src/charon/plugins/kernel_netlink/kernel_netlink_plugin.h

src/charon/plugins/kernel_netlink/kernel_netlink_shared.c

src/charon/plugins/kernel_pfkey/Makefile.in

src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.c

src/charon/plugins/kernel_pfkey/kernel_pfkey_ipsec.h

src/charon/plugins/kernel_pfkey/kernel_pfkey_plugin.h

src/charon/plugins/load_tester/Makefile.am

src/charon/plugins/load_tester/Makefile.in

src/charon/plugins/load_tester/load_tester_config.c

src/charon/plugins/load_tester/load_tester_config.h

src/charon/plugins/load_tester/load_tester_creds.c

src/charon/plugins/load_tester/load_tester_creds.h

src/charon/plugins/load_tester/load_tester_ipsec.h

src/charon/plugins/load_tester/load_tester_listener.c

src/charon/plugins/load_tester/load_tester_listener.h

src/charon/plugins/load_tester/load_tester_plugin.c

src/charon/plugins/load_tester/load_tester_plugin.h

src/charon/plugins/medcli/Makefile.in

src/charon/plugins/medcli/medcli_config.h

src/charon/plugins/medcli/medcli_creds.h

src/charon/plugins/medcli/medcli_listener.h

src/charon/plugins/medcli/medcli_plugin.h

src/charon/plugins/medsrv/Makefile.in

src/charon/plugins/medsrv/medsrv_config.h

src/charon/plugins/medsrv/medsrv_creds.h

src/charon/plugins/medsrv/medsrv_plugin.h

src/charon/plugins/nm/Makefile.am

src/charon/plugins/nm/Makefile.in

src/charon/plugins/nm/nm_creds.h

src/charon/plugins/nm/nm_plugin.h

src/charon/plugins/nm/nm_service.c

src/charon/plugins/nm/nm_service.h

src/charon/plugins/smp/Makefile.in

src/charon/plugins/smp/smp.h

src/charon/plugins/sql/Makefile.in

src/charon/plugins/sql/pool.c

src/charon/plugins/sql/sql_attribute.c

src/charon/plugins/sql/sql_attribute.h

src/charon/plugins/sql/sql_config.c

src/charon/plugins/sql/sql_config.h

src/charon/plugins/sql/sql_cred.h

src/charon/plugins/sql/sql_logger.h

src/charon/plugins/sql/sql_plugin.c

src/charon/plugins/sql/sql_plugin.h

src/charon/plugins/stroke/Makefile.in

src/charon/plugins/stroke/stroke_attribute.c

src/charon/plugins/stroke/stroke_attribute.h

src/charon/plugins/stroke/stroke_ca.h

src/charon/plugins/stroke/stroke_config.c

src/charon/plugins/stroke/stroke_config.h

src/charon/plugins/stroke/stroke_control.h

src/charon/plugins/stroke/stroke_cred.c

src/charon/plugins/stroke/stroke_cred.h

src/charon/plugins/stroke/stroke_list.c

src/charon/plugins/stroke/stroke_list.h

src/charon/plugins/stroke/stroke_plugin.h

src/charon/plugins/stroke/stroke_shared_key.h

src/charon/plugins/stroke/stroke_socket.c

src/charon/plugins/stroke/stroke_socket.h

src/charon/plugins/uci/Makefile.in

src/charon/plugins/uci/uci_config.h

src/charon/plugins/uci/uci_control.h

src/charon/plugins/uci/uci_creds.h

src/charon/plugins/uci/uci_parser.h

src/charon/plugins/uci/uci_plugin.h

src/charon/plugins/unit_tester/Makefile.am

src/charon/plugins/unit_tester/Makefile.in

src/charon/plugins/unit_tester/tests.h

src/charon/plugins/unit_tester/tests/test_enumerator.c

src/charon/plugins/unit_tester/tests/test_pool.c

src/charon/plugins/unit_tester/unit_tester.h

src/charon/plugins/updown/Makefile.in

src/charon/plugins/updown/updown_listener.h

src/charon/plugins/updown/updown_plugin.h

src/charon/processing/jobs/acquire_job.h

src/charon/processing/jobs/callback_job.h

src/charon/processing/jobs/delete_child_sa_job.h

src/charon/processing/jobs/delete_ike_sa_job.c

src/charon/processing/jobs/delete_ike_sa_job.h

src/charon/processing/jobs/initiate_mediation_job.h

src/charon/processing/jobs/job.h

src/charon/processing/jobs/mediation_job.h

src/charon/processing/jobs/migrate_job.c

src/charon/processing/jobs/migrate_job.h

src/charon/processing/jobs/process_message_job.h

src/charon/processing/jobs/rekey_child_sa_job.h

src/charon/processing/jobs/rekey_ike_sa_job.h

src/charon/processing/jobs/retransmit_job.h

src/charon/processing/jobs/roam_job.h

src/charon/processing/jobs/send_dpd_job.h

src/charon/processing/jobs/send_keepalive_job.h

src/charon/processing/jobs/update_sa_job.h

src/charon/processing/processor.c

src/charon/processing/processor.h

src/charon/processing/scheduler.c

src/charon/processing/scheduler.h

src/charon/sa/authenticators/authenticator.h

src/charon/sa/authenticators/eap/eap_manager.h

src/charon/sa/authenticators/eap/eap_method.c

src/charon/sa/authenticators/eap/eap_method.h

src/charon/sa/authenticators/eap/sim_manager.h

src/charon/sa/authenticators/eap_authenticator.c

src/charon/sa/authenticators/eap_authenticator.h

src/charon/sa/authenticators/psk_authenticator.h

src/charon/sa/authenticators/pubkey_authenticator.h

src/charon/sa/child_sa.c

src/charon/sa/child_sa.h

src/charon/sa/connect_manager.h

src/charon/sa/ike_sa.c

src/charon/sa/ike_sa.h

src/charon/sa/ike_sa_id.h

src/charon/sa/ike_sa_manager.c

src/charon/sa/ike_sa_manager.h

src/charon/sa/keymat.c

src/charon/sa/keymat.h

src/charon/sa/mediation_manager.h

src/charon/sa/task_manager.c

src/charon/sa/task_manager.h

src/charon/sa/tasks/child_create.c

src/charon/sa/tasks/child_create.h

src/charon/sa/tasks/child_delete.c

src/charon/sa/tasks/child_delete.h

src/charon/sa/tasks/child_rekey.c

src/charon/sa/tasks/child_rekey.h

src/charon/sa/tasks/ike_auth.c

src/charon/sa/tasks/ike_auth.h

src/charon/sa/tasks/ike_auth_lifetime.h

src/charon/sa/tasks/ike_cert_post.h

src/charon/sa/tasks/ike_cert_pre.h

src/charon/sa/tasks/ike_config.c

src/charon/sa/tasks/ike_config.h

src/charon/sa/tasks/ike_delete.h

src/charon/sa/tasks/ike_dpd.h

src/charon/sa/tasks/ike_init.c

src/charon/sa/tasks/ike_init.h

src/charon/sa/tasks/ike_me.h

src/charon/sa/tasks/ike_mobike.c

src/charon/sa/tasks/ike_mobike.h

src/charon/sa/tasks/ike_natd.c

src/charon/sa/tasks/ike_natd.h

src/charon/sa/tasks/ike_reauth.h

src/charon/sa/tasks/ike_rekey.c

src/charon/sa/tasks/ike_rekey.h

src/charon/sa/tasks/task.h

src/dumm/Makefile.in

src/include/Makefile.in

src/ipsec/Makefile.in

src/ipsec/ipsec.in

src/libcrypto/Makefile.in

src/libfast/Makefile.in

src/libfast/context.h

src/libfast/controller.h

src/libfast/dispatcher.h

src/libfast/request.h

src/libfast/session.h

src/libfreeswan/Makefile.in

src/libstrongswan/Makefile.am

src/libstrongswan/Makefile.in

src/libstrongswan/asn1/asn1.c

src/libstrongswan/asn1/asn1.h

src/libstrongswan/asn1/asn1_parser.h

src/libstrongswan/chunk.c

src/libstrongswan/chunk.h

src/libstrongswan/credentials/builder.c

src/libstrongswan/credentials/builder.h

src/libstrongswan/credentials/certificates/ac.h

src/libstrongswan/credentials/certificates/certificate.h

src/libstrongswan/credentials/certificates/crl.h

src/libstrongswan/credentials/certificates/ocsp_request.h

src/libstrongswan/credentials/certificates/ocsp_response.h

src/libstrongswan/credentials/certificates/x509.h

src/libstrongswan/credentials/credential_factory.c

src/libstrongswan/credentials/credential_factory.h

src/libstrongswan/credentials/keys/private_key.h

src/libstrongswan/credentials/keys/public_key.h

src/libstrongswan/crypto/crypters/crypter.c

src/libstrongswan/crypto/crypters/crypter.h

src/libstrongswan/crypto/crypto_factory.h

src/libstrongswan/crypto/diffie_hellman.c

src/libstrongswan/crypto/diffie_hellman.h

src/libstrongswan/crypto/hashers/hasher.c

src/libstrongswan/crypto/hashers/hasher.h

src/libstrongswan/crypto/pkcs9.h

src/libstrongswan/crypto/prf_plus.h

src/libstrongswan/crypto/prfs/prf.h

src/libstrongswan/crypto/rngs/rng.h

src/libstrongswan/crypto/signers/signer.h

src/libstrongswan/database/database.h

src/libstrongswan/database/database_factory.h

src/libstrongswan/debug.h

src/libstrongswan/enum.c

src/libstrongswan/enum.h

src/libstrongswan/fetcher/fetcher.h

src/libstrongswan/fetcher/fetcher_manager.h

src/libstrongswan/fips/Makefile.in

src/libstrongswan/fips/fips.h

src/libstrongswan/library.c

src/libstrongswan/library.h

src/libstrongswan/plugins/aes/Makefile.in

src/libstrongswan/plugins/aes/aes_crypter.h

src/libstrongswan/plugins/aes/aes_plugin.h

src/libstrongswan/plugins/agent/Makefile.in

src/libstrongswan/plugins/agent/agent_plugin.h

src/libstrongswan/plugins/agent/agent_private_key.h

src/libstrongswan/plugins/curl/Makefile.in

src/libstrongswan/plugins/curl/curl_fetcher.h

src/libstrongswan/plugins/curl/curl_plugin.h

src/libstrongswan/plugins/des/Makefile.in

src/libstrongswan/plugins/des/des_crypter.c

src/libstrongswan/plugins/des/des_crypter.h

src/libstrongswan/plugins/des/des_plugin.c

src/libstrongswan/plugins/des/des_plugin.h

src/libstrongswan/plugins/fips_prf/Makefile.in

src/libstrongswan/plugins/fips_prf/fips_prf.h

src/libstrongswan/plugins/fips_prf/fips_prf_plugin.h

src/libstrongswan/plugins/gmp/Makefile.in

src/libstrongswan/plugins/gmp/gmp_diffie_hellman.h

src/libstrongswan/plugins/gmp/gmp_plugin.h

src/libstrongswan/plugins/gmp/gmp_rsa_private_key.h

src/libstrongswan/plugins/gmp/gmp_rsa_public_key.h

src/libstrongswan/plugins/hmac/Makefile.in

src/libstrongswan/plugins/hmac/hmac.h

src/libstrongswan/plugins/hmac/hmac_plugin.c

src/libstrongswan/plugins/hmac/hmac_plugin.h

src/libstrongswan/plugins/hmac/hmac_prf.h

src/libstrongswan/plugins/hmac/hmac_signer.c

src/libstrongswan/plugins/hmac/hmac_signer.h

src/libstrongswan/plugins/ldap/Makefile.in

src/libstrongswan/plugins/ldap/ldap_fetcher.h

src/libstrongswan/plugins/ldap/ldap_plugin.h

src/libstrongswan/plugins/md5/Makefile.in

src/libstrongswan/plugins/md5/md5_hasher.h

src/libstrongswan/plugins/md5/md5_plugin.h

src/libstrongswan/plugins/mysql/Makefile.in

src/libstrongswan/plugins/mysql/mysql_database.h

src/libstrongswan/plugins/mysql/mysql_plugin.h

src/libstrongswan/plugins/openssl/Makefile.in

src/libstrongswan/plugins/openssl/openssl_crypter.c

src/libstrongswan/plugins/openssl/openssl_crypter.h

src/libstrongswan/plugins/openssl/openssl_diffie_hellman.h

src/libstrongswan/plugins/openssl/openssl_ec_diffie_hellman.h

src/libstrongswan/plugins/openssl/openssl_ec_private_key.h

src/libstrongswan/plugins/openssl/openssl_ec_public_key.h

src/libstrongswan/plugins/openssl/openssl_hasher.c

src/libstrongswan/plugins/openssl/openssl_hasher.h

src/libstrongswan/plugins/openssl/openssl_plugin.c

src/libstrongswan/plugins/openssl/openssl_plugin.h

src/libstrongswan/plugins/openssl/openssl_rsa_private_key.c

src/libstrongswan/plugins/openssl/openssl_rsa_private_key.h

src/libstrongswan/plugins/openssl/openssl_rsa_public_key.h

src/libstrongswan/plugins/openssl/openssl_util.h

src/libstrongswan/plugins/padlock/Makefile.am

src/libstrongswan/plugins/padlock/Makefile.in

src/libstrongswan/plugins/padlock/padlock_aes_crypter.h

src/libstrongswan/plugins/padlock/padlock_plugin.c

src/libstrongswan/plugins/padlock/padlock_plugin.h

src/libstrongswan/plugins/padlock/padlock_sha1_hasher.h

src/libstrongswan/plugins/plugin.h

src/libstrongswan/plugins/plugin_loader.h

src/libstrongswan/plugins/pubkey/Makefile.in

src/libstrongswan/plugins/pubkey/pubkey_cert.h

src/libstrongswan/plugins/pubkey/pubkey_plugin.h

src/libstrongswan/plugins/pubkey/pubkey_public_key.h

src/libstrongswan/plugins/random/Makefile.in

src/libstrongswan/plugins/random/random_plugin.h

src/libstrongswan/plugins/random/random_rng.h

src/libstrongswan/plugins/sha1/Makefile.in

src/libstrongswan/plugins/sha1/sha1_hasher.h

src/libstrongswan/plugins/sha1/sha1_plugin.h

src/libstrongswan/plugins/sha1/sha1_prf.h

src/libstrongswan/plugins/sha2/Makefile.in

src/libstrongswan/plugins/sha2/sha2_hasher.h

src/libstrongswan/plugins/sha2/sha2_plugin.h

src/libstrongswan/plugins/sqlite/Makefile.in

src/libstrongswan/plugins/sqlite/sqlite_database.h

src/libstrongswan/plugins/sqlite/sqlite_plugin.h

src/libstrongswan/plugins/x509/Makefile.in

src/libstrongswan/plugins/x509/ietf_attr_list.h

src/libstrongswan/plugins/x509/x509_ac.c

src/libstrongswan/plugins/x509/x509_ac.h

src/libstrongswan/plugins/x509/x509_cert.c

src/libstrongswan/plugins/x509/x509_cert.h

src/libstrongswan/plugins/x509/x509_crl.c

src/libstrongswan/plugins/x509/x509_crl.h

src/libstrongswan/plugins/x509/x509_ocsp_request.h

src/libstrongswan/plugins/x509/x509_ocsp_response.c

src/libstrongswan/plugins/x509/x509_ocsp_response.h

src/libstrongswan/plugins/x509/x509_plugin.h

src/libstrongswan/plugins/xcbc/Makefile.in

src/libstrongswan/plugins/xcbc/xcbc.h

src/libstrongswan/plugins/xcbc/xcbc_plugin.h

src/libstrongswan/plugins/xcbc/xcbc_prf.h

src/libstrongswan/plugins/xcbc/xcbc_signer.h

src/libstrongswan/printf_hook.c

src/libstrongswan/printf_hook.h

src/libstrongswan/settings.h

src/libstrongswan/utils.c

src/libstrongswan/utils.h

src/libstrongswan/utils/backtrace.h

src/libstrongswan/utils/enumerator.c

src/libstrongswan/utils/enumerator.h

src/libstrongswan/utils/host.c

src/libstrongswan/utils/host.h

src/libstrongswan/utils/identification.c

src/libstrongswan/utils/identification.h

src/libstrongswan/utils/iterator.h

src/libstrongswan/utils/leak_detective.c

src/libstrongswan/utils/leak_detective.h

src/libstrongswan/utils/lexparser.c

src/libstrongswan/utils/lexparser.h

src/libstrongswan/utils/linked_list.c

src/libstrongswan/utils/linked_list.h

src/libstrongswan/utils/mutex.c

src/libstrongswan/utils/mutex.h

src/libstrongswan/utils/optionsfrom.h

src/manager/Makefile.in

src/manager/controller/auth_controller.h

src/manager/controller/config_controller.h

src/manager/controller/control_controller.h

src/manager/controller/gateway_controller.h

src/manager/controller/ikesa_controller.h

src/manager/gateway.h

src/manager/manager.h

src/manager/storage.h

src/manager/xml.h

src/medsrv/Makefile.in

src/openac/Makefile.in

src/openac/openac.c

src/pluto/Makefile.am

src/pluto/Makefile.in

src/pluto/asn1.c

src/pluto/ca.c

src/pluto/connections.c

src/pluto/ipsec_doi.c

src/pluto/ocsp.c

src/pluto/smartcard.h

src/pluto/state.c

src/pluto/vendor.c

src/pluto/vendor.h

src/scepclient/Makefile.am

src/scepclient/Makefile.in

src/starter/Makefile.am

src/starter/Makefile.in

src/starter/confread.c

src/starter/invokecharon.c

src/starter/invokepluto.c

src/starter/ipsec.conf.5

src/starter/starterstroke.c

src/stroke/Makefile.in

src/stroke/stroke.c

src/stroke/stroke_keywords.c

src/stroke/stroke_keywords.h

src/stroke/stroke_keywords.txt

src/stroke/stroke_msg.h

src/whack/Makefile.in

src/whack/whack.h

testing/INSTALL

testing/Makefile.in

testing/hosts/winnetou/etc/openssl/generate-crl

testing/hosts/winnetou/etc/openssl/research/index.txt

testing/hosts/winnetou/etc/openssl/research/newcerts/04.pem

testing/hosts/winnetou/etc/openssl/sales/index.txt

testing/hosts/winnetou/etc/openssl/sales/newcerts/04.pem

testing/scripts/build-umlrootfs

testing/testing.conf

testing/tests/ikev1/attr-cert/pretest.dat

testing/tests/ikev2/config-payload/evaltest.dat

testing/tests/ikev2/config-payload/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/ip-pool-db/description.txt

testing/tests/ikev2/ip-pool-db/evaltest.dat

testing/tests/ikev2/ip-pool-db/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/ip-pool-db/posttest.dat

testing/tests/ikev2/ip-pool-db/pretest.dat

testing/tests/ikev2/ip-pool-wish/description.txt

testing/tests/ikev2/ip-pool-wish/evaltest.dat

testing/tests/ikev2/ip-pool-wish/hosts/carol/etc/ipsec.conf

testing/tests/ikev2/ip-pool-wish/hosts/dave/etc/ipsec.conf

testing/tests/ikev2/ip-pool-wish/pretest.dat

testing/tests/ikev2/ip-pool/evaltest.dat

testing/tests/ikev2/ip-two-pools-db/description.txt

testing/tests/ikev2/ip-two-pools-db/evaltest.dat

testing/tests/ikev2/ip-two-pools-db/hosts/moon/etc/strongswan.conf

testing/tests/ikev2/ip-two-pools-db/posttest.dat

testing/tests/ikev2/ip-two-pools-db/pretest.dat

testing/tests/ikev2/ip-two-pools/evaltest.dat

testing/tests/ikev2/mobike/hosts/alice/etc/init.d/iptables

testing/tests/ikev2/mobike/hosts/alice/etc/ipsec.conf

testing/tests/ikev2/ocsp-strict-ifuri/hosts/carol/etc/ipsec.d/certs/carolCert-ifuri.pem

testing/tests/ikev2/ocsp-strict-ifuri/hosts/dave/etc/ipsec.d/certs/daveCert-ifuri.pem

testing/tests/ikev2/rw-eap-md5-rsa/evaltest.dat

testing/tests/ikev2/rw-eap-md5-rsa/hosts/carol/etc/ipsec.secrets

testing/tests/ikev2/rw-eap-md5-rsa/hosts/moon/etc/ipsec.conf

testing/tests/ikev2/rw-eap-md5-rsa/hosts/moon/etc/ipsec.secrets

testing/tests/sql/ip-pool-db-expired/evaltest.dat

testing/tests/sql/ip-pool-db-expired/hosts/moon/etc/strongswan.conf

testing/tests/sql/ip-pool-db-expired/pretest.dat

testing/tests/sql/ip-pool-db-restart/evaltest.dat

testing/tests/sql/ip-pool-db-restart/hosts/moon/etc/strongswan.conf

testing/tests/sql/ip-pool-db-restart/pretest.dat

testing/tests/sql/ip-pool-db/evaltest.dat

testing/tests/sql/ip-pool-db/hosts/moon/etc/strongswan.conf

Show diffs side-by-side

added added

removed removed

src/charon/network/receiver.c

1

1

/*

2

* Copyright (C) 2008 Tobias Brunner

2

3

* Copyright (C) 2005-2006 Martin Willi

3

4

* Copyright (C) 2005 Jan Hutter

4

5

* Hochschule fuer Technik Rapperswil

13

14

* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License

14

15

* for more details.

15

16

*

16

* $Id: receiver.c 4228 2008-07-30 08:27:08Z martin $

17

* $Id: receiver.c 4699 2008-11-26 09:22:19Z tobias $

17

18

*/

18

19

19

20

#include <stdlib.h>

34

35

#define COOKIE_LIFETIME 10

35

36

/** how many times to reuse the secret */

36

37

#define COOKIE_REUSE 10000

37

/** require cookies after half open IKE_SAs */

38

#define COOKIE_TRESHOLD 10

39

/** how many half open IKE_SAs per peer before blocking */

40

#define BLOCK_TRESHOLD 5

38

/** default value for private_receiver_t.cookie_threshold */

39

#define COOKIE_THRESHOLD_DEFAULT 10

40

/** default value for private_receiver_t.block_threshold */

41

#define BLOCK_THRESHOLD_DEFAULT 5

41

42

/** length of the secret to use for cookie calculation */

42

43

#define SECRET_LENGTH 16

43

44

98

99

hasher_t *hasher;

99

100

100

101

/**

101

* use denial of service protection mechanisms (cookies)

102

*/

103

bool dos_protection;

102

* require cookies after this many half open IKE_SAs

103

*/

104

u_int32_t cookie_threshold;

105

106

/**

107

* how many half open IKE_SAs per peer before blocking

108

*/

109

u_int32_t block_threshold;

104

110

};

105

111

106

112

/**

204

210

bool failed = FALSE;

205

211

206

212

if (charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,

207

NULL) >= COOKIE_TRESHOLD)

213

NULL) >= this->cookie_threshold)

208

214

{

209

215

/* check for a cookie. We don't use our parser here and do it

210

216

* quick and dirty for performance reasons.

211

* we assume to cookie is the first payload (which is a MUST), and

212

* the cookies SPI length is zero. */

217

* we assume the cookie is the first payload (which is a MUST), and

218

* the cookie's SPI length is zero. */

213

219

packet_t *packet = message->get_packet(message);

214

220

chunk_t data = packet->get_data(packet);

215

221

if (data.len <

242

248

static bool peer_to_aggressive(private_receiver_t *this, message_t *message)

243

249

{

244

250

if (charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,

245

message->get_source(message)) >= BLOCK_TRESHOLD)

251

message->get_source(message)) >= this->block_threshold)

246

252

{

247

253

return TRUE;

248

254

}

287

293

}

288

294

289

295

if (message->get_request(message) &&

290

message->get_exchange_type(message) == IKE_SA_INIT &&

291

this->dos_protection)

296

message->get_exchange_type(message) == IKE_SA_INIT)

292

297

{

293

298

/* check for cookies */

294

if (cookie_required(this, message))

299

if (this->cookie_threshold && cookie_required(this, message))

295

300

{

296

301

u_int32_t now = time(NULL);

297

302

chunk_t cookie = cookie_build(this, message, now - this->secret_offset,

319

324

}

320

325

321

326

/* check if peer has not too many IKE_SAs half open */

322

if (peer_to_aggressive(this, message))

327

if (this->block_threshold && peer_to_aggressive(this, message))

323

328

{

324

329

DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "

325

330

"peer too aggressive", message->get_source(message));

373

378

this->secret_used = 0;

374

379

this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);

375

380

memcpy(this->secret_old, this->secret, SECRET_LENGTH);

376

this->dos_protection = lib->settings->get_bool(lib->settings,

377

"charon.dos_protection", TRUE);

381

this->cookie_threshold = lib->settings->get_int(lib->settings,

382

"charon.cookie_threshold", COOKIE_THRESHOLD_DEFAULT);

383

this->block_threshold = lib->settings->get_int(lib->settings,

384

"charon.block_threshold", BLOCK_THRESHOLD_DEFAULT);

385

if (!lib->settings->get_bool(lib->settings, "charon.dos_protection", TRUE))

386

{

387

this->cookie_threshold = 0;

388

this->block_threshold = 0;

389

}

378

390

379

391

this->job = callback_job_create((callback_job_cb_t)receive_packets,

380

392

this, NULL, NULL);

Older »