aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* add relative PB-TNC message offsetAndreas Steffen2011-07-131-1/+1
|
* return offset valueAndreas Steffen2011-07-131-0/+1
|
* add PID/Program Name to netstat outputAndreas Steffen2011-07-071-1/+1
|
* adapted tnc scenarios to new imcvs library pathAndreas Steffen2011-07-0633-43/+99
|
* install IMC and IMV dynamic libraries in imcvs directoryAndreas Steffen2011-07-065-20/+17
|
* Added news about policy history.Tobias Brunner2011-07-061-0/+3
|
* Record usage history of policies in PF_KEY kernel interface.Tobias Brunner2011-07-061-169/+457
| | | | The implementation is nearly the same as in the Netlink kernel interface.
* Simplified destruction of policy_sa_t objects in Netlink interface.Tobias Brunner2011-07-061-12/+7
|
* Adapted shunt manager to changed kernel interface (reqid in del_policy).Tobias Brunner2011-07-061-3/+6
|
* Some code cleanup in Netlink kernel interface.Tobias Brunner2011-07-061-108/+119
|
* Some code cleanup in PF_KEY kernel interface.Tobias Brunner2011-07-061-118/+142
|
* Reduce memory usage of policy history caching.Tobias Brunner2011-07-061-131/+270
| | | | | Only cache data as needed (e.g. traffic selectors only for forward policies) and at most once for each IPsec SA.
* Use has_more in decrypt_payloads instead of calling enumerate twice.Tobias Brunner2011-07-061-1/+1
|
* Added linked_list_t.has_more which checks if any elements follow an ↵Tobias Brunner2011-07-062-0/+19
| | | | enumerator's current position.
* Make sure the enumerator stops after all items have been enumerated.Tobias Brunner2011-07-062-4/+23
| | | | | This also changes how insert_before behaves, before enumeration items are inserted first, after enumeration last.
* Keep the mutex locked as long as possible when deleting policies.Tobias Brunner2011-07-061-61/+57
| | | | | | | | | This change tries to prevent a race condition where a thread tries to install the same policy another thread is currently deleting. If the second thread releases the mutex in del_policy too early the first thread could assume the policy does not exist (as it is not cached anymore) but would not be able to actually install it if the second thread was not yet able to delete it.
* Properly unlock the policy if no change in the kernel is required.Tobias Brunner2011-07-061-0/+1
|
* Make sure access to policy is thread-safe during installation of route.Tobias Brunner2011-07-061-2/+17
|
* Linked list style cleanupsMartin Willi2011-07-061-47/+46
|
* Finally removed deprecated iterator_t.Tobias Brunner2011-07-067-357/+22
|
* Removed unneeded and confusing insert_after method from linked_list_t.Tobias Brunner2011-07-062-25/+6
|
* Replaced more complex iterator usages.Tobias Brunner2011-07-064-72/+46
|
* Added a function to reset the enumerator of a linked list.Tobias Brunner2011-07-062-0/+14
|
* Replaced ike_sa_t.create_additional_address_iterator with enumerator.Tobias Brunner2011-07-064-35/+37
|
* Replaced ike_sa_t.create_child_sa_iterator with enumerator.Tobias Brunner2011-07-0616-119/+140
| | | | | This required two new methods on ike_sa_t. One returns the number of CHILD_SAs and one allows to remove a CHILD_SA.
* Replaced pkcs7_t.create_certificate_iterator with enumerator.Tobias Brunner2011-07-062-8/+8
| | | | The method is currently not used.
* Replaced simple iterator usages.Tobias Brunner2011-07-0617-196/+196
|
* "this" removed from comments.Tobias Brunner2011-07-069-20/+4
|
* Record the history of a policy installed in the kernel.Tobias Brunner2011-07-061-141/+317
| | | | | | | This allows to properly delete a policy e.g. if reauth=yes and auto=route, because reqids are increased during reauthentication. It also avoids overriding an installed policy with a trap policy.
* Add the reqid to kernel_ipsec_t.del_policy.Tobias Brunner2011-07-069-26/+34
|
* Added a replace function to linked_list_t.Tobias Brunner2011-07-062-0/+24
|
* Added an insert_after and insert_before function to linked_list_t.Tobias Brunner2011-07-062-43/+91
|
* Migrated linked_list_t to INIT/METHOD macros.Tobias Brunner2011-07-061-174/+119
|
* Cache the most recent reqid in the PF_KEY kernel interface.Tobias Brunner2011-07-061-1/+2
| | | | | This makes the PF_KEY kernel interface behave the same as the Netlink kernel interface.
* corrected description of shunt-policies scenarioAndreas Steffen2011-07-0511-2/+226
|
* install PASS and DROP shunt policies via PFKEYv2 interfaceAndreas Steffen2011-07-051-1/+12
|
* Added news about library dir change.Tobias Brunner2011-07-051-0/+5
|
* Don't install the libraries directly in lib/.Tobias Brunner2011-07-058-8/+10
| | | | | Instead use a subdirectory (prefix/lib/ipsec by default). Also moved the plugins from libexec to a subdirectory of that dir.
* ignore ports of IPv4 and IPv6 loopback interfacesAndreas Steffen2011-07-051-0/+12
|
* fixed UTF-8 representation of polish reason stringAndreas Steffen2011-07-051-1/+1
|
* version bump to 4.5.3dr8Andreas Steffen2011-07-051-1/+1
|
* delete orphan fileAndreas Steffen2011-07-041-266/+0
|
* start and stop apache server on daveAndreas Steffen2011-07-042-0/+2
|
* added ITA Scanner IMC/IMV pair to tnccs-11-radius-block scenarioAndreas Steffen2011-07-044-4/+15
|
* fixed debug statementAndreas Steffen2011-07-041-1/+1
|
* added ITA Scanner IMC/IMV pair to tnccs-20 and tnccs-20-block scenariosAndreas Steffen2011-07-0411-4/+30
|
* added ITA Scanner IMC/IMV pair which detects open server ports on TNC clientsAndreas Steffen2011-07-0415-4/+1474
|
* added support if the IETF port filter attributeAndreas Steffen2011-07-014-1/+345
|
* again a bitwise or is requiredAndreas Steffen2011-06-302-2/+2
|
* version bump to 4.5.3dr7Andreas Steffen2011-06-291-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-31 22:27:07 +0000