aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Building CERT_ANY through PEM requires either a CERT_X509 or a CERT_PGP builderMartin Willi2012-05-031-1/+2
|
* Updated Android.mk for 5.0 (no IKEv1 support yet).Tobias Brunner2012-05-032-25/+34
|
* updated tnc-pdp plugin for 5.0.0Andreas Steffen2012-05-023-4/+4
|
* updated testing.conf for 5.0.0Andreas Steffen2012-05-021-3/+5
|
* two new options for 5.0.0 UML testingAndreas Steffen2012-05-021-0/+10
|
* NEWS about route reinstallation added.Tobias Brunner2012-05-021-0/+3
|
* Route reinstallation in kernel_ipsec_t implementations is not needed anymore.Tobias Brunner2012-05-022-12/+2
|
* Reinstall routes in kernel-netlink plugin, if interfaces get reactivated or ↵Tobias Brunner2012-05-021-4/+206
| | | | IPs reappear.
* Keep track of installed source routes in kernel-netlink plugin.Tobias Brunner2012-05-021-8/+141
|
* NEWS about bus_t refactorings added.Tobias Brunner2012-05-021-0/+15
|
* Loggers specify what log messages they want to receive during registration.Tobias Brunner2012-05-0214-167/+332
| | | | | | | This also allows us to generate the log message only once for all loggers that need it (avoids calls to custom printf specifier callbacks). To update the log levels loggers can simply be registered again.
* Ensure that multi-line log messages are not torn apart.Tobias Brunner2012-05-023-1/+30
|
* Added recursive read_lock support to our own implementation of rwlock_t.Tobias Brunner2012-05-021-4/+35
|
* Use a separate interface for loggers.Tobias Brunner2012-05-0217-296/+284
| | | | | | | | The new interface does not allow loggers to unregister themselves from the bus. This allows us to use a rwlock_t for them. The latter also means that loggers can now be called concurrently by multiple threads.
* Use a separate list and mutex for loggers.Tobias Brunner2012-05-023-73/+168
| | | | | | | | | | | This avoids deadlocks caused by extensive listener_t implementations which might want to acquire a lock which is currently held by another thread wanting to log messages. Since the latter requires that thread to acquire the same lock the initial thread currently holds this previously resulted in a deadlock. With this change logging messages does not require threads to acquire the main lock in bus_t and thus avoids the deadlock.
* Fixed return value of controller_t functions if callback returns FALSE.Tobias Brunner2012-05-022-10/+11
|
* Use wrapped semaphore in callback_job_t.Tobias Brunner2012-05-021-12/+9
|
* Removed remaining parts of controller_t.listen() implementation.Tobias Brunner2012-05-021-39/+9
|
* Remove obsolete bus_t.listen() method.Tobias Brunner2012-05-022-82/+7
|
* Implement wait_for_listener in controller_t with semaphores.Tobias Brunner2012-05-021-53/+17
| | | | This eliminates even the slightest chance of a deadlock.
* Added a wrapper class around POSIX semaphores.Tobias Brunner2012-05-024-0/+193
|
* Implement bus_t.listen() directly in controller_t (the only user).Tobias Brunner2012-05-021-12/+110
| | | | This will hopefully allow us to later simplify bus_t.
* Add plugin features support to stroke pluginMartin Willi2012-05-021-7/+34
|
* Certificate decoding soft-depends on public key decoding of specific typesMartin Willi2012-05-022-0/+6
|
* PEM loading plugin features depend on the same feature, they are helpers onlyMartin Willi2012-05-021-0/+17
|
* Don't depend on a feature that has a dependency to the same feauture during ↵Martin Willi2012-05-021-1/+2
| | | | unload
* Merge branch 'ikev1'Martin Willi2012-05-02297-5490/+22009
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Fixed Android null terminated password fixup in xauth-eapMartin Willi2012-04-261-2/+2
| |
| * Fix iteration through half-open IKE_SA tableMartin Willi2012-04-161-0/+1
| |
| * Added another bunch of commonly used IKEv1 NATT vendor IDsMartin Willi2012-04-041-1/+19
| |
| * Use single DBG2 statements in kernel_netlink plugin (i.e. ignore mark.value).Tobias Brunner2012-03-271-86/+26
| |
| * Fix null-terminated XAuth passwords, as sent by Android 4Martin Willi2012-03-222-0/+8
| |
| * Store authentication info of a XAUTH round on IKE_SAMartin Willi2012-03-221-0/+16
| |
| * Added a getter for CHILD_SA marksMartin Willi2012-03-222-0/+19
| |
| * Define a special XFRM mark_t.value that dynamically uses the CHILD_SA reqidMartin Willi2012-03-222-0/+14
| |
| * Reply with received configuration payload identifier in Mode ConfigMartin Willi2012-03-201-0/+8
| |
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-20295-5388/+21892
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Properly handle retransmitted initial IKE messages.Tobias Brunner2012-03-201-58/+74
| | | | | | | | | | | | | | | | | | This change allows to properly handle retransmits of initial IKE messages when we've already processed them (i.e. our response is now resent immediately).
| | * Implemented table of init hashes without linked_list_t.Tobias Brunner2012-03-201-30/+30
| | |
| | * Implemented table of connected peers without linked_list_t.Tobias Brunner2012-03-201-63/+75
| | |
| | * Implemented table of half open IKE_SAs without linked_list_t.Tobias Brunner2012-03-201-52/+47
| | |
| | * Don't use linked_list_t for buckets in main IKE_SA hash table.Tobias Brunner2012-03-201-57/+82
| | |
| | * Fixed deadlock if checkin_and_destroy is called during shutdown.Tobias Brunner2012-03-201-0/+10
| | |
| | * Do not clone hashes of initial IKE messages when storing them in the hash table.Tobias Brunner2012-03-201-7/+6
| | |
| | * Store IKEv2 IKE_SAs by local SPI in the IKE_SA manager hash table.Tobias Brunner2012-03-201-2/+13
| | | | | | | | | | | | | | | For IKEv1 the previous behavior of always using the initiator's SPI as key is maintained.
| | * Added separate hashtable for hashes of initial IKE messages.Tobias Brunner2012-03-201-64/+139
| | | | | | | | | | | | This does not require us to do a lookup for an SA by SPI first.
| | * chunk_equals_ptr added to compare chunks given as pointers.Tobias Brunner2012-03-201-0/+9
| | |
| | * Store the major IKE version on ike_sa_id_t.Tobias Brunner2012-03-207-32/+60
| | |
| | * Implemented handling of UNITY_LOAD_BALANCE as reauthentication.Tobias Brunner2012-03-202-3/+28
| | |
| | * Check if we actually have a packet before retransmitting itMartin Willi2012-03-201-1/+1
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 08:17:59 +0000