aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Avoid unnecessary copy of packet data when removing Non-ESP marker.Tobias Brunner2012-08-081-2/+1
| |
| * Added packet_t.skip_bytes method to skip bytes at the start of a packet.Tobias Brunner2012-08-082-3/+26
| |
| * Improved how NAT-T keepalives are handled in sockets/receiver.Tobias Brunner2012-08-084-24/+16
| |
| * Let kernel interfaces decide how to enable UDP decapsulation of ESP packets.Tobias Brunner2012-08-0810-90/+133
| |
| * Callback for ESP packets added to receiver.Tobias Brunner2012-08-082-6/+86
| |
| * Add Non-ESP marker in sender and not individual socket plugins.Tobias Brunner2012-08-085-39/+23
| |
| * Handle Non-ESP marker in receiver and not individual socket plugins.Tobias Brunner2012-08-084-40/+34
| |
| * Java code style fixed (analogous to C code).Tobias Brunner2012-08-082-14/+28
| |
| * Load libipsec in Android app.Tobias Brunner2012-08-084-1/+15
| |
| * Stub library for user space IPsec implementation added.Tobias Brunner2012-08-088-0/+187
| |
| * Some NDK build info updated.Tobias Brunner2012-08-081-4/+7
| |
| * Changed minimal SDK/API level to 14.Tobias Brunner2012-08-083-4/+4
| |
| * Added android.net.VpnService wrapper around charon (loaded via JNI).Tobias Brunner2012-08-086-6/+228
| |
| * Added Android shell app created with Android SDK.Tobias Brunner2012-08-0811-0/+118
| |
| * Android.mk for NDK build added.Tobias Brunner2012-08-084-0/+96
| |
| * Extracted some parts from Android.mk.in which can be used for NDK builds.Tobias Brunner2012-08-084-18/+25
| |
| * Use filter instead of findstring to check for enabled plugins in Android.mk.Tobias Brunner2012-08-081-1/+1
| | | | | | | | | | | | findstring is not prefix-safe (i.e. android matches android-log). On the other hand filter matches words separated by whitespace and if no wildcard (%) is used the full word has to match.
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-0812-36/+175
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
| * Link android plugin against liblog in the NDK.Tobias Brunner2012-08-081-0/+1
| | | | | | | | Doesn't seem to hurt the build within the source tree.
| * Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-0818-48/+89
| | | | | | | | configurable.
| * Make path to Android OpenSSL headers configurable.Tobias Brunner2012-08-082-1/+2
| |
| * Don't require STRONGSWAN_CONF to be defined.Tobias Brunner2012-08-081-2/+9
| |
| * Don't require PLUGINDIR to be defined.Tobias Brunner2012-08-081-6/+15
| | | | | | | | If it is not available, we just load monolithically built plugins.
* | Doxygen fixTobias Brunner2012-08-111-1/+1
| |
* | Avoid problems with Doxygen by adding warn_unused_result attribute at the ↵Tobias Brunner2012-08-119-61/+57
| | | | | | | | end of method signatures
* | Add warn_unused_result attributes to rng_(get|allocate)_bytes_not_zeroTobias Brunner2012-08-111-5/+6
| | | | | | | | Also fixed Doxygen comments.
* | Documentation fixes regarding xauth-pam/eap-gtc pluginsTobias Brunner2012-08-112-4/+6
| |
* | If _POSIX_SPIN_LOCKS is defined as -1, it is not availableMartin Willi2012-08-101-0/+4
| |
* | If vstr printf functions are #defined, undef them before redefinitionMartin Willi2012-08-101-0/+31
| | | | | | | | | | At least Mountain Lion seems to have them #defined to secure _chk variants.
* | Use actual daemon name to enable XAuth/PSK with aggressive modeMartin Willi2012-08-101-2/+3
| |
* | Add xauth-pam/eap-gtc NEWSMartin Willi2012-08-101-0/+5
| |
* | EAP-GTC can use any XAuth backend, including xauth-pamMartin Willi2012-08-102-88/+45
| | | | | | | | | | | | | | This makes EAP-GTC a generic plain password authentication method, as it is used with XAuth. Instead of verifying credentials with PAM, any backend can be configured. The default is xauth-pam, providing the same functionality as EAP-GTC in strongSwan 4.x.
* | Add xauth-pam, an XAuth backend verifying credentials with PAMMartin Willi2012-08-107-1/+395
| |
* | Add getspnam_r() to leak detective whitelistMartin Willi2012-08-101-0/+1
| |
* | make max_message_size parameter consistent with similar optionsAndreas Steffen2012-08-093-4/+4
| |
* | Check if TLS handshake received Finished before processing application dataMartin Willi2012-08-091-0/+6
|/
* Remove queued IKEv1 message before processing itMartin Willi2012-08-081-3/+5
| | | | | Avoids destruction or processing of a queued message in recursive process_message() call.
* Include src address in hash of initial message for Main ModeTobias Brunner2012-08-081-5/+31
| | | | | | | If two initiators use the same SPI and also use the same SA proposal the hash for the initial message would be exactly the same. For IKEv2 and Aggressive Mode that's not a problem as these messages include random data (Ni, KEi payloads).
* implemented deletion of product_file database entriesAndreas Steffen2012-08-071-15/+13
|
* Add DH group 15 (MODP-3072) to IKE proposalAdrian-Ken Rueegsegger2012-08-061-0/+1
|
* PEM loading soft-depends on MD5 only, as unencrypted files don't need MD5Martin Willi2012-08-031-4/+4
| | | | Fixes #211.
* Rebuild charon after running ./configure to reflect plugin changesMartin Willi2012-08-031-0/+2
|
* Block XAuth transaction on established IKE_SAs, but allow Mode ConfigMartin Willi2012-08-032-2/+1
|
* Implemented recursive mutex without thread-specific counterTobias Brunner2012-08-031-23/+17
|
* Use a single thread-specific value for our custom rwlock_t implementationTobias Brunner2012-08-031-50/+67
| | | | | | The pthread implementation on Android currently only supports 64 different thread-specific values per process, which we hit easily when every rwlock_t requires one.
* Fix linking of addrblock plugin when building monolithicMartin Willi2012-08-031-1/+1
| | | | Fixes #212.
* Reject initial exchange messages early once IKE_SA is establishedMartin Willi2012-08-021-0/+18
|
* Add some more NEWS about 5.0.1Martin Willi2012-08-021-0/+10
|
* Move MODP_CUSTOM va_arg fetching out of loopMartin Willi2012-08-021-15/+11
| | | | It seems problematic at least on PPC with gcc 4.3, fixes #208.
* updated NEWSAndreas Steffen2012-07-311-0/+14
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 22:00:02 +0000