aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Merge branch 'silent-automake'Martin Willi2013-05-0612-5/+20
|\ | | | | | | | | | | Adds support for --enable/disable-silent-rules when building with Automake 1.11 or 1.12. make V=0 or V=1 can be used to build with a different verbosity than ./configured.
| * Add -s to make if --enable-silent-rules is ./configuredMartin Willi2013-05-062-0/+5
| |
| * Use the GEN silent rule when generating files with sedMartin Willi2013-05-067-2/+9
| |
| * Use the GEN silent rule when generating oid database with perlMartin Willi2013-05-062-2/+2
| |
| * Use the GEN silent rule when generating gperf filesMartin Willi2013-05-063-1/+3
| |
| * Provide the --enable-silent-rules ./configure option with automake 1.11 and 1.12Martin Willi2013-05-061-0/+1
|/
* Introduce an optional logger_t.vlog() method with format string and argumentsMartin Willi2013-05-062-16/+85
| | | | | | | To have more flexibility in the logging backend, receiving the original format string and do printf() substitution in the logger may be preferable. An additional but optional logger method does not touch the behavior of existing loggers.
* Raise an ALERT_PROPOSAL_MISMATCH_CHILD also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
|
* Raise an ALERT_PROPOSAL_MISMATCH_IKE also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
|
* eap-radius: add an option to disable accounting for tunnels without virtual IPMartin Willi2013-05-061-0/+30
|
* eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPsMartin Willi2013-05-063-34/+100
| | | | Fixes some corner cases if multiple tunnels use the same peer identity.
* Don't unset IKE_SA on bus before we released virtual IPs and attributesMartin Willi2013-05-061-10/+8
|
* New Android release after adding AES-GCM, IPv6-in-IPv4 and using kernel-netlinkTobias Brunner2013-05-031-2/+2
| | | | | | | | libipsec now supports AES-GCM, IPv6 tunnels over IPv4 are supported, native x86 libraries are built (requires a new Vstr build script). Also, the existing kernel-netlink plugin now provides the kernel-net implementation, which should be more stable in case multiple interfaces are up and have IP addresses installed on them.
* libipsec: Fix memory leak in event relayTobias Brunner2013-05-031-0/+1
|
* android: Use stronger ESP proposal including AES-GCMTobias Brunner2013-05-031-0/+6
|
* libipsec: Add support for AES-GCMTobias Brunner2013-05-031-3/+45
|
* libipsec: Wrap traditional algorithms in AEAD wrapperTobias Brunner2013-05-033-110/+91
|
* android: Remove unused methods on NetworkManager/network_manager_tTobias Brunner2013-05-033-177/+1
|
* android: Ignore interface 'lo'Tobias Brunner2013-05-031-2/+4
| | | | | Android adds a default route via 'lo' if no connectivity is available causing charon to send packets via lo and triggering DPD.
* android: Repurpose android-net to simply handle connectivity eventsTobias Brunner2013-05-033-59/+34
| | | | | | Using the events by NetworkManager/ConnectivityManager to trigger roam events instead of the events generated by the kernel-netlink plugin the noise level is much lower.
* kernel-netlink: Add an option to disable roam eventsTobias Brunner2013-05-032-1/+16
|
* android: Replace android-net plugin with kernel-netlinkTobias Brunner2013-05-032-3/+8
| | | | | Virtual IPs are not handled by the kernel-netlink plugin and tun devices are ignored.
* android: Set strongswan.conf options before initializing other librariesTobias Brunner2013-05-031-36/+44
|
* kernel-netlink: Define defaults for routing table and prioTobias Brunner2013-05-031-0/+8
|
* openssl: Define a default for FIPS_MODETobias Brunner2013-05-031-0/+4
|
* In memwipe_check(), don't put magic on stack when calling do_magic()Martin Willi2013-05-031-3/+3
| | | | Otherwise the magic might be on the stack while checking it.
* Dump stack if memwipe() check failsMartin Willi2013-05-031-3/+19
|
* Use attest database in tnc/tnccs-20-os scenario5.0.4Andreas Steffen2013-04-216-2/+268
|
* fixed a 64bit time_t issueAndreas Steffen2013-04-211-3/+4
|
* destroy SQL queryAndreas Steffen2013-04-211-0/+1
|
* Keep last AR IDAndreas Steffen2013-04-211-0/+2
|
* Added use of openssl-fips library to NEWSAndreas Steffen2013-04-191-0/+2
|
* check for successful activation of FIPS modeAndreas Steffen2013-04-191-1/+4
|
* install FIPS-aware OpenSSL Debian packagesAndreas Steffen2013-04-191-18/+5
|
* Added openssl-ikev2/rw-cpa scenarioAndreas Steffen2013-04-1929-0/+472
|
* build openssl-fips in KVM root-imageAndreas Steffen2013-04-195-0/+49
|
* fixed typoAndreas Steffen2013-04-191-1/+1
|
* During libstrongswan initialization, check if memwipe() works as expectedMartin Willi2013-04-181-1/+51
|
* added libstrongswan.plugins.openssl.fips_mode to man pageAndreas Steffen2013-04-161-0/+3
|
* support of OpenSSL FIPS-140-2 libraryAndreas Steffen2013-04-163-1/+21
|
* build soup plugin in KVM test environmentAndreas Steffen2013-04-152-1/+2
|
* disable reauth, tooAndreas Steffen2013-04-151-1/+2
|
* Fix checksum calculation with DESTDIR installationsTobias Brunner2013-04-151-1/+1
|
* version bump to 5.0.4Andreas Steffen2013-04-142-1/+21
|
* Added charon.initiator_only option which causes charon to ignore IKE ↵Andreas Steffen2013-04-1424-2/+277
| | | | initiation requests by peers
* Allow SHA1_Init()/SHA1_Update() to fail if OpenSSL version >= 1.0Martin Willi2013-04-101-0/+14
|
* Check RSA_public_decrypt() length before constructing and comparing a chunkMartin Willi2013-04-101-7/+10
| | | | | If decryption fails, it returns -1. chunk_equals() should catch that error, but be more explicit in error checking.
* RSA_check_key() may return -1 if it failsMartin Willi2013-04-101-2/+2
|
* RAND_bytes/RAND_pseudo_bytes returns -1 if it is not supported by RAND methodMartin Willi2013-04-101-1/+1
|
* Check return value of ECDSA_Verify() correctlyMartin Willi2013-04-101-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 03:51:30 +0000