a029281fff6b28b379bd69602f8f5649f0a2740d |
|
01-Oct-2014 |
Adam Langley <agl@google.com> |
ipsec-tools: update for BoringSSL. BoringSSL is Google's version of OpenSSL[1] with lots of things cleaned up and removed. This change makes ipsec-tools work with both BoringSSL and Android's existing version of OpenSSL. Some changes are generally applicable but upstream ipsec-tools appears to be dead. I've followed the existing practice of #ifdef'ing the changes but, if there's no upstream, then I'd be happy to be more aggressive about that. Otherwise, apart from a couple of tweaks, the big changes are to the way that the ENGINE works and to replace the PKCS#7 parsing code. [1] https://www.imperialviolet.org/2014/06/20/boringssl.html Change-Id: I32d7eb4e0e0a90f92cf5e8f9675dac4a8edc7a4a
/external/ipsec-tools/src/racoon/oakley.c
|
c1b51d45a7363d6fa58b59bf6f12182993a7c1d0 |
|
15-Mar-2012 |
Kenny Root <kroot@google.com> |
Add support for OpenSSL ENGINE for keystore keystore now has an OpenSSL ENGINE frontend that can be used to ask for private keys or public keys to be loaded and also signing operations to take place. Use that instead of the crazy byte-array marshalling of the private key material that is used for the "privsep" stuff. Change-Id: I6171ca1fb0e77e338c19f04d8c34ad7744984b63
/external/ipsec-tools/src/racoon/oakley.c
|
c91307af2622f6625525f3c1f9c954376df950ad |
|
26-Mar-2012 |
Chia-chi Yeh <chiachi@android.com> |
ipsec-tools: back-port 0.7.3 to Android. Lots of checks and features were added to ipsec-tools 0.8.0. However, they broke the compatibility with existing VPN servers. I was unable to fix all of them in 0.8.0, so I chose to port 0.7.3 back with the new VPN types we added in ICS release. Bug: 6191668 Change-Id: I86a7218f7f5146d4a9b129d46c89839a82b0008f
/external/ipsec-tools/src/racoon/oakley.c
|
f8a6a7636d53a5730c58ae041e4e09ae12e1657c |
|
05-Jul-2011 |
Chia-chi Yeh <chiachi@android.com> |
ipsec-tools: Update to 0.8.0. This change updates ipsec-tools to 0.8.0. However, a quick test reveals a regression in IPSec PSK sessions. The server rejects the first packet of phase 2 negotiation with INVALID-ID-INFORMATION error. After testing files one by one, it turns out that using the old ipsec_doi.c fixes the problem. Then the next error shows that identity check is failed. This can be fixed by marking few lines in isakmp_quick.c just like 0.7.3. This change adds ipsec_doi-0.7.3.c as a temporary fix. I will come back and see if I can find the real problem. IPSec RSA sessions will be covered in the next change. Change-Id: I48f0026c3be07f506b3901b59202081bf88f41c9
/external/ipsec-tools/src/racoon/oakley.c
|
051f86dfca525c160855397f7b6a4fb5ef8df2b5 |
|
02-Sep-2009 |
Chia-chi Yeh <chiachi@android.com> |
ipsec-tools: updated to 0.7.3.
/external/ipsec-tools/src/racoon/oakley.c
|
837a1c77bab77bd62cccb33a15163a962f8dfb97 |
|
26-Jun-2009 |
Chia-chi Yeh <chiachi@android.com> |
ipsec-tools: Make racoon an easy-to-use command line tool and reduce its size. The original executable is ~350KB and now it is ~160KB. Removing debug messages reduces about 20KB. Others are mainly contributed by removing lex/yacc generated code, which was used to parse configuration files.
/external/ipsec-tools/src/racoon/oakley.c
|
0a1907d434839af6a9cb6329bbde60b237bf53dc |
|
22-Apr-2009 |
Chung-yih Wang <cywang@google.com> |
Migrate from perforce repository.
/external/ipsec-tools/src/racoon/oakley.c
|