aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Randomly allocate chunk_hash() key during first useTobias Brunner2013-06-111-1/+46
| | | | | | | | This avoids hash flooding attacks.
| * Replace chunk_hash() with output from chunk_mac()Tobias Brunner2013-06-112-75/+31
| | | | | | | | | | | | | | The quality is way better, the calculation is a bit slower though. The key is statically initialized to zero, which will be changed later to prevent hash flooding.
| * Adding chunk_mac() which calculates a 64-bit MAC using SipHash-2-4Tobias Brunner2013-06-113-3/+246
| |
| * Converted tests for chunk_tTobias Brunner2013-06-116-24/+30
| |
| * Converted and added tests for hashtable_tTobias Brunner2013-06-117-115/+299
| |
| * Converted tests for identification_tTobias Brunner2013-06-117-255/+215
| |
| * Remove obsolete enumerator/linked_list tests in unit_tester pluginTobias Brunner2013-06-113-312/+0
| |
| * Add tests combining linked_list_t and enumeratorsTobias Brunner2013-06-114-1/+308
| |
| * Some minor Doxygen fixes for linked_list_tTobias Brunner2013-06-111-2/+5
| |
| * Add basic tests for linked_list_tTobias Brunner2013-06-114-1/+288
| |
| * Redirect test runner output to stderrTobias Brunner2013-06-111-0/+4
| | | | | | | | This allows redirecting stdout of 'make check' to /dev/null.
| * Add tests for enumerator_tTobias Brunner2013-06-114-1/+196
| |
| * Add test runner for unit tests in libstrongswanTobias Brunner2013-06-116-0/+84
|/
* testing: Increase base image size so there is space for test results on winnetouTobias Brunner2013-06-111-1/+1
|
* testing: Ignore errors when searching for imcv log entries in daemon.logTobias Brunner2013-06-101-1/+1
|
* Added missing string for full-length HMAC-SHA512 signerTobias Brunner2013-06-101-0/+1
|
* attr: Fix handling of invalid IPs listed after valid onesTobias Brunner2013-06-051-1/+1
| | | | | Invalid IPs listed after a valid one resulted in an attribute of the same type but with invalid data.
* attr: fix a compiler warning that family is used uninitialized (seen with -Os)Martin Willi2013-06-051-2/+13
|
* Strictly memwipe_check() for magic only in the affected bufferMartin Willi2013-06-051-25/+8
| | | | | | | Passing back the buffer address we memwipe() is not ideal, as it could, in theory, change the behavior of the compiler and not-optimize memwipe(). But as checking a larger stack is very difficult for different architectures and compilers, we do it nonetheless for now.
* Allow memwipe() to be called with NULL argumentTobias Brunner2013-05-271-0/+4
|
* kernel-netlink: add outer addresses to policy when using BEET modeMichael Rossberg2013-05-241-1/+1
|
* openssl: add support for IP addr blocks in X.509 certificatesMichael Rossberg2013-05-241-1/+115
|
* Make plugins in standalone libimcv configurableAndreas Steffen2013-05-241-1/+2
|
* host-resolver: don't try to resolve a plain v4 address to an IPv6 addressVolker Rümelin2013-05-161-3/+17
| | | | | Suppress 'Address family for hostname not supported' errors if a IPv6 client connects in a mixed IPv4/IPv6 environment.
* traffic-selector: inet_pton is successful only if it returns 1Martin Willi2013-05-161-23/+17
|
* updown: pass IKE_SA unique ID in PLUTO_UNIQUEIDEmanuil Hristov2013-05-162-1/+5
|
* capabilities: leak-detective using dlsym() does not need CAP_SYS_NICE anymoreMartin Willi2013-05-151-6/+0
|
* capabilities: initialize supplementary groups only when doing a setuid()Martin Willi2013-05-151-1/+1
|
* af-alg: fix number of signers after adding untruncated HMAC-SHA-512 (1f2a34d6)Martin Willi2013-05-151-1/+1
|
* Raise LOCAL_AUTH_FAILED alert after receiving AUTHENTICATION_FAILUREMartin Willi2013-05-152-1/+2
|
* testing: Set terminal title when logging in via SSHTobias Brunner2013-05-151-0/+11
| | | | | Since we always log in as root use a simpler command prompt. And don't store duplicate commands in the bash command history.
* openssl: Only warn about unavailable FIPS mode if the user requested itTobias Brunner2013-05-081-1/+1
|
* Merge branch 'charon-cmd-pkcs12'Tobias Brunner2013-05-0855-556/+3465
|\ | | | | | | | | | | Adds support for PKCS#12 files in charon-cmd and ipsec.secrets. Also fixes the cleanup of the OpenSSL library in the openssl plugin.
| * stroke: Add second password if providedTobias Brunner2013-05-081-0/+13
| |
| * Load pkcs7 plugin in charon (and while we are at it in nm)Tobias Brunner2013-05-081-1/+1
| |
| * stroke: Fail silently if another builder calls PW callback after giving upTobias Brunner2013-05-081-9/+14
| | | | | | | | Also reduced the number of tries to 3.
| * stroke: Cache passwords so the user is not prompted multiple times for the ↵Tobias Brunner2013-05-081-1/+13
| | | | | | | | | | | | | | | | | | | | same password To verify/decrypt a PKCS#12 container a password might be needed multiple times. If it was entered correctly we don't want to bother the user again with another password prompt. The passwords for MAC creation and encryption could be different so the user might be prompted multiple times after all.
| * stroke: Fix prompt and error messages in passphrase callbackTobias Brunner2013-05-081-11/+13
| |
| * stroke: Load credentials from PKCS#12 files (P12 token)Tobias Brunner2013-05-082-19/+109
| |
| * openssl: Cleanup thread specific error bufferTobias Brunner2013-05-081-5/+38
| |
| * openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0Tobias Brunner2013-05-081-17/+29
| |
| * openssl: Add PKCS#12 parsing via OpenSSLTobias Brunner2013-05-084-0/+307
| |
| * openssl: Properly cleanup OpenSSL libraryTobias Brunner2013-05-082-9/+7
| |
| * charon-cmd: Add support for PKCS#12 filesTobias Brunner2013-05-085-3/+54
| |
| * PEM plugin loads PKCS#12 containers from (DER-encoded) filesTobias Brunner2013-05-083-0/+24
| | | | | | | | | | It is not actually able to handle PEM encoded PKCS#12 files produced by OpenSSL.
| * Remove pluto specific certificate typesTobias Brunner2013-05-083-14/+1
| |
| * charon-cmd: match_me/match_other are optional in callback credentialsTobias Brunner2013-05-081-1/+8
| |
| * charon-cmd: Request password for private keysTobias Brunner2013-05-081-0/+3
| |
| * Add support for untruncated HMAC-SHA-512Tobias Brunner2013-05-085-1/+13
| |
| * Also support 128-bit RC2Tobias Brunner2013-05-081-1/+2
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 15:03:45 +0000