aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * sql: Set default values for some fields in addresses tableTobias Brunner2014-02-122-6/+6
| |
| * testing: Use installed PTS SQL schema and data instead of local copyTobias Brunner2014-02-126-1456/+8
| |
| * testing: Use installed SQL schema instead of local copyTobias Brunner2014-02-1225-334/+64
| |
| * libimcv: Install SQL files in /usr/share/strongswan/templates/databaseTobias Brunner2014-02-122-2/+3
| |
| * sql: Install SQL schemas in /usr/share/strongswan/templates/databaseTobias Brunner2014-02-121-0/+3
| |
| * sql: Remove unused cred.sql snippetTobias Brunner2014-02-121-24/+0
|/
* asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)Tobias Brunner2014-02-123-4/+29
| | | | | | On x86 we allow "overflows" around 1969/1970 but not for other dates. Fixes #509.
* asn1: Add additional validation for parsed ASN.1 date/time valuesTobias Brunner2014-02-122-1/+20
|
* ikev1: Fix config switching due to failed authentication during Aggressive modeTobias Brunner2014-02-121-3/+1
| | | | | | | The encoded ID payload gets destroyed by the authenticator, which caused a segmentation fault after the switch. Fixes #501.
* kernel-pfroute: Don't cache route entries if installation failsTobias Brunner2014-02-121-2/+5
|
* kernel-netlink: Don't cache route entries if installation failsTobias Brunner2014-02-121-2/+5
| | | | Fixes #500.
* identification: Fix printing of empty RDNs on FreeBSDTobias Brunner2014-02-121-1/+6
| | | | On FreeBSD (null) is printed for NULL even if the precision is 0.
* tests: Fix test for printing NULL on FreeBSDTobias Brunner2014-02-121-2/+13
|
* Fixed description of ikev1/rw-ntru-psk scenarioAndreas Steffen2014-02-121-1/+1
|
* Updated test kvm tests to Linux 3.13 kernelAndreas Steffen2014-02-122-3/+2050
|
* Added ikev1/net2net-ntru-cert and ikev1/rw-ntru-psk scenariosAndreas Steffen2014-02-1223-0/+302
|
* testing: Add ssh script to distributionTobias Brunner2014-02-121-1/+1
|
* unit-tests: added asn1_parser testsAndreas Steffen2014-02-103-0/+293
|
* unit-tests: added some more ASN.1 length testsAndreas Steffen2014-02-101-0/+13
|
* leak_detective: Assign return value of realloc to bufThomas Egerer2014-02-101-1/+1
| | | | | | | If realloc return a pointer value different from the value to be reallocated, a double free can occur in this context. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* rdrand: Provide get_features() regardless of RDRAND availabilityMartin Willi2014-02-101-6/+6
| | | | | As having no get_features() raises a deprecated warning, we return no features instead.
* rdrand: Move RDRAND detection log to level 2Martin Willi2014-02-101-2/+2
| | | | | When having RDRAND support, these log messages might be confusing when using pki or other tools.
* updown: Return an empty DNS server enumerator if no IKE_SA availableMartin Willi2014-02-061-1/+1
| | | | | The one existing caller does not handle a NULL return and always expects an enumerator; and returning FALSE does not make sense anyway.
* Merge branch 'cmd-proposals'Martin Willi2014-02-065-6/+119
|\ | | | | | | | | | | | | Introduce --ike/esp/ah-proposal options to offer custom proposals, and requests an IPv6 virtual IP if an IPv6 --remote-ts is given. Fixes #508.
| * charon-cmd: Request an IPv6 virtual IP if an IPv6 remote subnet givenMartin Willi2014-02-061-4/+23
| |
| * charon-cmd: Document new proposal options in manpageMartin Willi2014-02-061-0/+18
| |
| * charon-cmd: Add --esp/--ah-proposal options to specify CHILD_SA proposalsMartin Willi2014-02-063-1/+43
| |
| * charon-cmd: Add an --ike-proposal option to specify non-default IKE proposalsMartin Willi2014-02-063-1/+34
| |
| * charon-cmd: Block SIGUSR1 on worker threadsMartin Willi2014-02-061-0/+1
|/ | | | | | To properly shut down charon-cmd with leak reports, only the main thread should catch SIGUSR1 to shut down the application. Work threads should ignore SIGUSR1 to avoid any hard application termination.
* Document ipsec attest --session commandAndreas Steffen2014-02-051-2/+5
|
* Allow output of session time in UTCAndreas Steffen2014-02-051-2/+2
|
* Added missing semicolon in SQL statementsAndreas Steffen2014-02-052-12/+12
|
* Added Android 4.3.1 to products database tableAndreas Steffen2014-02-042-4/+28
|
* Added new Android versions to PTS databaseAndreas Steffen2014-02-042-0/+120
|
* testing: Fetch the FreeRADIUS tarball from the "old" directoryMartin Willi2014-01-311-1/+1
| | | | Fixes #483.
* unit-tests: Add some test cases for HTTP GET/POST fetchesMartin Willi2014-01-313-1/+275
|
* unit-tests: Fix test_runner_run() apidocMartin Willi2014-01-291-1/+1
|
* pki: Declare correct section in pki --issue man pageTobias Brunner2014-01-241-1/+1
|
* NEWS: Add unit testing improvementsMartin Willi2014-01-241-0/+5
|
* ike: Restart inactivity counter after doing a CHILD_SA rekeyMartin Willi2014-01-232-3/+6
| | | | | | | | | | | | When doing a rekey for a CHILD_SA, the use counters get reset. An inactivity job is queued for a time unrelated to the rekey time, so it might happen that the inactivity job gets executed just after rekeying. If this happens, inactivity is detected even if we had traffic on the rekeyed CHILD_SA just before rekeying. This change implies that inactivity checks can't handle inactivity timeouts for rekeyed CHILD_SAs, and therefore requires that inactivity timeout is shorter than the rekey time to have any effect.
* child-sa: Add a getter for CHILD_SA install timeMartin Willi2014-01-232-0/+20
|
* Merge branch 'pam-session'Martin Willi2014-01-237-10/+276
|\ | | | | | | Add support for PAM session management in xauth-pam.
| * NEWS: Introduce PAM session managementMartin Willi2014-01-231-0/+3
| |
| * man: Document xauth-pam session optionMartin Willi2014-01-231-0/+3
| |
| * xauth-pam: Open/close a PAM session for each connected clientAndrea Bonomi2014-01-234-9/+265
| | | | | | | | Signed-off-by: Andrea Bonomi <a.bonomi@endian.com>
| * xauth-pam: Sanitize XAuth attributes before passing them to PAMMartin Willi2014-01-231-1/+5
|/
* Merge branch 'vendor-ids'Martin Willi2014-01-231-16/+63
|\ | | | | | | | | Refactors IKEv2 vendor ID handling, and introduces some IDs seen when talking to Cisco devices.
| * ikev2: Add Cisco FRAGMENTATION vendor IDMartin Willi2014-01-231-0/+2
| | | | | | | | Courtesy of C.J. Adams-Collier, ZeroLag Communications, Inc.
| * ikev2: Add Cisco Copyright vendor IDMartin Willi2014-01-231-0/+2
| | | | | | | | Courtesy of C.J. Adams-Collier, ZeroLag Communications, Inc.
| * ikev2: Add Cisco Delete Reason vendor IDMartin Willi2014-01-231-0/+2
| | | | | | | | Courtesy of C.J. Adams-Collier, ZeroLag Communications, Inc.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 07:47:50 +0000