aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Generate result string for port scan workitemsAndreas Steffen2013-06-211-2/+29
|
* Ignore non-matching protocolsAndreas Steffen2013-06-211-2/+2
|
* Introduced workitems to Scanner IMVAndreas Steffen2013-06-217-194/+318
|
* Removed obsoleted strongswan.conf optionsAndreas Steffen2013-06-211-15/+0
|
* Added ITA components to databaseAndreas Steffen2013-06-211-0/+26
|
* Added soft dependency on database pluginAndreas Steffen2013-06-211-0/+1
|
* fixed SQL queryAndreas Steffen2013-06-211-1/+1
|
* Shortened names of default policy groupsAndreas Steffen2013-06-212-10/+10
|
* Store device with product IDAndreas Steffen2013-06-215-24/+32
|
* Database changes needed to integrate Cygnet backendAndreas Steffen2013-06-213-84/+107
|
* Implemented get|set_action_flag() methodsAndreas Steffen2013-06-213-37/+20
|
* Implemented hierarchical policy groupsAndreas Steffen2013-06-213-144/+81
|
* Introduced workitems to Attestation IMVAndreas Steffen2013-06-2120-469/+775
|
* pts_meas_algo_probe() and pts_dh_group_probe() got lostAndreas Steffen2013-06-211-1/+3
|
* Converted all IMVs to use generic IF-IMV APIAndreas Steffen2013-06-2116-1409/+1485
|
* Remove the constructor from the IMV agent interfaceAndreas Steffen2013-06-211-10/+0
|
* Defined a generic IMV agent interfaceAndreas Steffen2013-06-215-99/+134
|
* Moved all functionality into imv_os_agent_t class turning imv_os_t into an ↵Andreas Steffen2013-06-217-780/+946
| | | | IF-IMV skeleton
* Moved batch_ending into separate source fileAndreas Steffen2013-06-216-295/+373
|
* do not process workitems with NULL resultAndreas Steffen2013-06-212-2/+3
|
* fixed enumeration of workitems for a given sessionAndreas Steffen2013-06-211-1/+1
|
* generate workitems based on group policyAndreas Steffen2013-06-214-64/+533
|
* Added file and directory reference measurements to workitemsAndreas Steffen2013-06-212-4/+8
|
* add overall recommendation to session database entryAndreas Steffen2013-06-216-38/+75
|
* don't define a default database URIAndreas Steffen2013-06-213-6/+4
|
* created a simple IMV Policy ManagerAndreas Steffen2013-06-215-0/+232
|
* register received scanner attributesAndreas Steffen2013-06-214-6/+103
|
* used tnc_policy_update functions for default policyAndreas Steffen2013-06-211-47/+5
|
* refactored IMV policy managementAndreas Steffen2013-06-2123-596/+885
|
* implemented policy rules for OS IMVAndreas Steffen2013-06-2120-101/+3220
|
* check for zero-length device IDAndreas Steffen2013-06-211-0/+6
|
* ITA-HSR/Device ID attribute & IMV OS state machineAndreas Steffen2013-06-2110-169/+519
|
* execute an _imv_policy scriptAndreas Steffen2013-06-216-10/+127
|
* implemented IMV session controlAndreas Steffen2013-06-2121-429/+953
|
* Manage files and directoriesAndreas Steffen2013-06-214-122/+208
|
* Merge branch 'kernel-libipsec'Tobias Brunner2013-06-2123-42/+2039
|\ | | | | | | | | | | | | | | | | | | | | | | | | Adds a new kernel interface plugin that uses TUN devices and libipsec to provide IPsec process in userland. It works on Linux, FreeBSD and Mac OS X. In particular the latter two platforms may gain from this approach as their respective kernels don't provide support for AES-GCM. kernel-pfroute has been improved (source address lookup) and a second plugin (osx-attr) installs configuration attributes (currently DNS servers only) via SystemConfiguration on Mac OS X.
| * osx-attr: add plugin installing config attributes using SystemConfigurationMartin Willi2013-06-217-0/+468
| | | | | | | | | | Currently installs DNS servers only, by prepending IP addresses to the DNS configuration of the primary networking service.
| * kernel-pfroute: Simplify route lookup after fixing sockaddr parsingTobias Brunner2013-06-211-90/+19
| |
| * kernel-pfroute: Alignment of sockaddrs is not always the sameTobias Brunner2013-06-211-1/+8
| |
| * kernel-pfroute: struct sockaddr arguments are 4 byte alignedTobias Brunner2013-06-211-4/+8
| | | | | | | | | | | | | | | | | | This was noticed on Mac OS X where, if the default route is returned, RTA_NETMASK has sa_len set to 0, but skipping zero bytes to read the next address makes no sense, of course. Using 0 for sa_len seems a bit strange, in particular, because struct sockaddr has by definition a minimum length of 16 bytes. But it seems FreeBSD actually does the same.
| * kernel-libipsec: Ignore failures when installing routes for multicast or ↵Tobias Brunner2013-06-211-1/+23
| | | | | | | | broadcast policies
| * kernel-pfroute: Improve route lookup depending on information we get backTobias Brunner2013-06-211-12/+96
| | | | | | | | Kernels don't provide the same information for all routes.
| * kernel-pfroute: Try to ensure we get a source address or interface nameTobias Brunner2013-06-211-0/+6
| |
| * ike: Force NAT-T/UDP encapsulation if kernel interface requires itTobias Brunner2013-06-212-5/+32
| |
| * kernel-libipsec: Add a feature to request UDP encapsulation of ESP packetsTobias Brunner2013-06-212-0/+9
| |
| * tun-device: Packets sent over utun devices on Mac OS X have the protocol ↵Tobias Brunner2013-06-211-0/+11
| | | | | | | | family prepended
| * kernel-pfroute: Use DST as nexthop for host routesTobias Brunner2013-06-211-0/+6
| | | | | | | | These are created as cache/clone on Mac OS X.
| * kernel-pfroute: Implement get_source_addr()Tobias Brunner2013-06-211-12/+27
| |
| * kernel-pfroute: Properly install routes with interface and gatewayTobias Brunner2013-06-211-5/+6
| |
| * kernel-libipsec: Install a gateway for routes on platforms other than LinuxTobias Brunner2013-06-211-9/+26
| | | | | | | | This seems required e.g. on FreeBSD but doesn't work on Linux.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 09:56:59 +0000