aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* | Fall back to local address as IKEv1 identity if nothing else is configuredTobias Brunner2012-08-241-2/+14
| |
* | Removed deprecated options from ipsec.conf templateTobias Brunner2012-08-241-9/+1
| |
* | Apply send delay before adding non-ESP markerTobias Brunner2012-08-241-16/+16
| | | | | | | | | | Otherwise the packet header could not be parsed correctly when NAT-T is used.
* | use pen_type_t for PA Message SubtypeAndreas Steffen2012-08-233-32/+29
|/
* Remove unused src/dst variables in send_no_marker()Martin Willi2012-08-211-5/+0
|
* use pen_type_t for attribute request entriesAndreas Steffen2012-08-211-25/+4
|
* define pen_type_t as a vendor-specific typeAndreas Steffen2012-08-2035-624/+301
|
* Don't use POSIX semaphores if a MONOTONIC clock is availableMartin Willi2012-08-201-0/+8
| | | | | | POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction expects CLOCK_MONOTONIC based times. Use the mutex/condvar based fallback if time_monotonic() actuall returns monotonic times.
* Remove the unused second IKE_SA entry match function argumentMartin Willi2012-08-201-4/+4
| | | | LLVMs clang complains about this parameter, so remove it.
* Add a mutex/condvar based semaphore implementation if sem_timedwait is ↵Martin Willi2012-08-202-2/+69
| | | | | | unavailable Fixes #214.
* added IBM and OpenPTS Private Enterprise NumbersAndreas Steffen2012-08-202-2/+8
|
* Add keymat_t constructor registration functionAdrian-Ken Rueegsegger2012-08-202-3/+45
| | | | | | Using the register_constructor function enables custom keymat_t implementations per IKE version. If no constructor is registered the default behavior is preserved.
* fixed captionAndreas Steffen2012-08-201-1/+1
|
* implemented IETF Attribute Request attributeAndreas Steffen2012-08-204-3/+383
|
* version bump to 5.0.1dr3Andreas Steffen2012-08-201-1/+1
|
* openssl: Fix registration of the PUBKEY builderTobias Brunner2012-08-181-1/+1
| | | | | libtls drops support for RSA suites if it does not find an RSA backend (final builder for RSA public keys).
* Without the ties to PAM we can build eap-gtc on AndroidTobias Brunner2012-08-172-2/+2
|
* CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc pluginTobias Brunner2012-08-172-7/+7
|
* Removed manual EAP method registration in eap-gtc pluginTobias Brunner2012-08-171-5/+0
|
* Enable build of eap-tls, eap-ttls and eap-peap on AndroidTobias Brunner2012-08-171-0/+20
|
* Add a wrapper around vstr_add_fmt() to avoid having to link libcharon ↵Tobias Brunner2012-08-172-2/+31
| | | | | | against libvstr At least on Android the latter would be required.
* starter: Restore original config in case also= is used (which reads the same ↵Tobias Brunner2012-08-161-20/+30
| | | | values)
* Increased log level when listing interfaces and IP addresses during startupTobias Brunner2012-08-162-6/+6
| | | | | This avoids confusing log messages in starter and ipsec statusall already lists the available addresses anyway.
* Only load kernel plugins in starter when flushing SAD/SPD entriesTobias Brunner2012-08-162-9/+8
| | | | | | | | This avoids keeping the kernel sockets open when they are not actually needed, which could lead to resource problems (in particular with PF_KEY where all open sockets receive all messages). Fixes #217.
* Enable UDP decapsulation for both address familiesTobias Brunner2012-08-162-9/+11
| | | | | | | | Since the 3.5 Linux kernel both UDP implementations have a separate static flag to indicate whether ANY sockets enabled UDP decapsulation. As we only ever enabled it for one address family (in earlier versions IPv4 only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation wouldn't work anymore (at least for one address family).
* Correctly transmit EAP-MSCHAPv2 user name if it contains a domain partTobias Brunner2012-08-161-11/+12
|
* fall through to evidence measurements if no file measurements must be doneAndreas Steffen2012-08-161-1/+7
|
* upgraded to Ubuntu 12.04.1 LTSAndreas Steffen2012-08-162-1/+37
|
* added deletion of product/file entries to usageAndreas Steffen2012-08-161-0/+3
|
* New Android release after adding error dialogTobias Brunner2012-08-151-2/+2
| | | | Skipped one version due to a rebasing mishap.
* Show an error message if VPN is not supportedTobias Brunner2012-08-153-1/+61
| | | | | | Some devices have Android 4 installed but the system images still seem to lack the components that are required for VPN support. One such component is the dialog used to grant permission to create .
* Enable search for certificate lists (via SearchView in ActionBar)Tobias Brunner2012-08-144-1/+50
|
* Added new UI to select a specific CA certificateTobias Brunner2012-08-145-32/+140
| | | | | With this change there is no need to wait for all certificates being loaded anymore (this happens only when the user opens the selection activity).
* Don't try to save profile ID if there is noneTobias Brunner2012-08-141-1/+4
|
* List fragment for trusted certificates can notify listeners about clicksTobias Brunner2012-08-141-0/+31
|
* Added an activity that shows lists of CA certificates in two tabsTobias Brunner2012-08-145-0/+159
|
* Added a ListFragment that lists trusted certificates (loaded via a custom ↵Tobias Brunner2012-08-143-0/+159
| | | | Loader)
* Changed TrustedCertificateAdapter for use with ListViews and ↵Tobias Brunner2012-08-142-116/+45
| | | | TrustedCertificateEntry
* Remove certificate spinner from edit viewTobias Brunner2012-08-144-115/+1
|
* Function to get only system-wide CA certificates added to ↵Tobias Brunner2012-08-141-0/+19
| | | | TrustedCertificateManager
* Added class to store trusted certificate entries for listsTobias Brunner2012-08-141-0/+119
|
* fixed Makefile for libstrongswan dev headersAndreas Steffen2012-08-141-2/+2
|
* version bump to 5.0.1dr2Andreas Steffen2012-08-141-1/+1
|
* skip boot aggregate check against databaseAndreas Steffen2012-08-141-0/+1
|
* Validate netmask in mem_pool_createTobias Brunner2012-08-131-0/+1
|
* Validate netmask in traffic_selector_create_from_subnetTobias Brunner2012-08-131-0/+1
| | | | Fixes #216.
* Comment fixedTobias Brunner2012-08-131-1/+1
|
* Merge branch 'android-app'Tobias Brunner2012-08-13116-419/+12088
|\ | | | | | | | | | | | | | | This branch introduces a userland IPsec implementation (libipsec) and an Android App which targets the VpnService API that is provided by Android 4+. The implementation is based on the bachelor thesis 'Userland IPsec for Android 4' by Giuliano Grassi and Ralf Sager.
| * Ensure thread IDs always start with 1 even if the library is reusedTobias Brunner2012-08-131-2/+2
| | | | | | | | | | | | Within the Android App the library stays loaded in memory and is just initialized/deinitialized with each connection, the static thread counter would continuously increase without this patch.
| * Added a button to the error dialog that allows to view the log fileTobias Brunner2012-08-131-4/+19
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 14:54:31 +0000