aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * android: Set CHILD_STATE_DOWN whenever the CHILD_SA goes downTobias Brunner2014-07-221-6/+0
| | | | | | | | | | | | No matter what triggers it. We also don't close the TUN device, but we might handle that differently in the future to allow reestablishing the IKE_SA if host names have to be re-resolved via DNS.
| * android: Change to CONNECTING state if CHILD_SA goes downTobias Brunner2014-07-221-1/+4
|/ | | | | | Unless we are disconnecting. This currently triggers the connecting dialog, perhaps just updating the status text would do too (when switching from CONNECTED to CONNECTING, not from DISCONNECTED to CONNECTING).
* Merge branch 'android-cert-import'Tobias Brunner2014-07-2228-186/+1243
|\ | | | | | | | | | | | | | | | | Adds support to import CA and server certificate directly in the app. On Android 4.4 and newer the SAF allows users to easily browse for such files, on older systems they have to open them from file manager or the download app (only works if the MIME type is correctly detected). Also adds support for ECDSA keys on recent Android systems.
| * android: Do not use deprecated TwoLineListItemTobias Brunner2014-07-223-27/+28
| |
| * android: Add support for ECDSA private keysTobias Brunner2014-07-221-24/+99
| | | | | | | | With 4.4.4 these work fine now.
| * android: Show a confirmation dialog before importing certificatesTobias Brunner2014-07-222-14/+123
| | | | | | | | | | | | | | | | | | | | | | | | Since the import activity can be triggered by any other app on the system we shouldn't just import every certificate we get. Also, in some situations (e.g. if no passphrase has been set yet for the system-wide certificate store) we are the only application that can open certificate files. So if a user clicked on a certificate file she would just get a confirmation Toast about a successful import, with no indication whatsoever where the certificate was actually imported. The new dialog shows the app icon to indicate that strongSwan is involved.
| * android: Use Storage Access Framework to import certificatesTobias Brunner2014-07-223-17/+106
| | | | | | | | | | | | | | Thanks to the SAF, introduced with Android 4.4, browsing and opening files on the system is very easy to implement. On older systems the menu option is removed.
| * android: Add activity to import certificate filesTobias Brunner2014-07-227-0/+89
| | | | | | | | | | Such files can e.g. be opened from the Download view, if they are associated with one of the supported mime-types.
| * android: Imported certificates may be clicked to delete themTobias Brunner2014-07-227-1/+124
| |
| * android: Reload CA certificates without AsyncTaskTobias Brunner2014-07-222-26/+39
| | | | | | | | We already use loaders in the GUI that can handle this asynchronously.
| * android: Change how CA certificate reloads are initiatedTobias Brunner2014-07-222-9/+9
| |
| * android: Add option to reload CA certificates to TrustedCertificatesActivityTobias Brunner2014-07-227-5/+65
| |
| * android: Replace option to reload CA certificates with CA certificate viewTobias Brunner2014-07-222-13/+10
| | | | | | | | The reload option will be added there.
| * android: Only close TrustedCertificatesActivity on click when selecting a ↵Tobias Brunner2014-07-221-6/+11
| | | | | | | | certificate
| * android: Set action when using TrustedCertificatesActivity to select a ↵Tobias Brunner2014-07-222-0/+3
| | | | | | | | certificate
| * android: Allow selection of local certificatesTobias Brunner2014-07-227-19/+31
| |
| * android: Change how CA certificates from different sources are accessedTobias Brunner2014-07-222-32/+25
| |
| * android: Cache certificates from multiple KeyStoresTobias Brunner2014-07-221-40/+60
| | | | | | | | Including the new local one.
| * android: Register local certificate store provider when the app is initializedTobias Brunner2014-07-221-0/+8
| |
| * android: Add Provider for the local certificate storeTobias Brunner2014-07-221-0/+29
| |
| * android: Add KeyStoreSpi implementation that uses LocalCertificateStoreTobias Brunner2014-07-221-0/+139
| |
| * android: Add local certificate storeTobias Brunner2014-07-221-0/+230
| | | | | | | | | | The class manages certificates stored in files within the app's private data directory.
| * android: Move TrustedCertificateEntry to a new packageTobias Brunner2014-07-225-5/+5
| |
| * android: Subclass Application to provide static access to the application ↵Tobias Brunner2014-07-222-0/+41
| | | | | | | | context
| * android: Target latest SDK versionTobias Brunner2014-07-222-2/+2
| |
| * android: Add utility method to convert a byte array to a hex stringTobias Brunner2014-07-221-0/+40
| |
| * android: Remove unused hash argument from getTrustedCertificates()Tobias Brunner2014-07-222-25/+6
| |
| * android: Use correct tag to define category for CREATE_SHORTCUT intent-filterTobias Brunner2014-07-221-1/+1
|/
* starter: Fix memory leaks and warn if conn/ca sections are ignored due to ↵Tobias Brunner2014-07-181-2/+8
| | | | parse errors
* receiver: Send a single INVALID_MAJOR_VERSION notify for IKE version > 2Martin Willi2014-07-171-3/+1
| | | | | | | | | We sent both a notify using IKEv1 and IKEv2. This is a little more aggressive than required, RFC 5996 says we "SHOULD send an unauthenticated Notify message of type INVALID_MAJOR_VERSION containing the highest (closest) version number it supports". Fixes #657.
* Version bump to 5.2.1dr1Andreas Steffen2014-07-161-1/+1
|
* Determine type of unsupported PA-TNC attribute in error messageAndreas Steffen2014-07-163-47/+84
|
* Replaced Tag File Path by Instance ID fieldAndreas Steffen2014-07-167-49/+49
| | | | | This update reflects the latest changes in the TCG TNC SWID Messages and Attributes for IF-M specification
* man: Document where left|rightsigkey searches for public key filesTobias Brunner2014-07-141-2/+3
|
* swanctl: Fix the swanctl.conf cacerts option name in the manpage and templateMartin Willi2014-07-141-1/+1
|
* Updated URL to swidGenerator in recipe5.2.0Andreas Steffen2014-07-091-1/+1
|
* dumm: Undefine _GNU_SOURCE before including <ruby.h>, as it usually redefines itMartin Willi2014-07-091-0/+2
|
* Version bump to 5.2.0Andreas Steffen2014-07-081-1/+1
|
* NEWS: Updated URL to swidGeneratorTobias Brunner2014-07-071-3/+4
|
* settings: Allow spaces in time settings before the optional unitMartin Willi2014-07-072-2/+7
|
* settings: Be more strict in converting settings to specific data typesMartin Willi2014-07-072-25/+30
| | | | | | | As the behavior was inconsistent for empty strings or strings with characters appended to a number, testing the code failed on some platforms. The new rules are more strict, returning the default if additional characters or an empty string was found for a setting.
* utils: Undefine mem{cpy,move,set} if set before defining themMartin Willi2014-07-071-0/+9
| | | | | Some platforms, such as OS X, use macros for these functions. Undefine them to avoid compiler warnings.
* enumerator: Enumerate glob(3) matches using gl_pathcMartin Willi2014-07-071-9/+6
| | | | | | | While glob should return a NULL terminated gl_pathv when having no matches, at least on OS X this is not true when using GLOB_DOOFFS. Rely on the number of matches returned in gl_pathc, which seems to be more reliable in error cases.
* xauth-pam: Add workaround for null-terminated passwordsTobias Brunner2014-07-071-1/+6
| | | | Fixes #631.
* kernel-netlink: Rename algorithm identifier from cast128 to cast5Martin Willi2014-07-041-1/+1
| | | | | | | | | | | Even if the XFRM identifier was named cast128 in the kernel before 2.6.31, it actually never worked, because there is no such crypto algorithm. The identifier has been changed to cast5 in https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=245acb87 to make it work, so we should use that. Fixes #633.
* winhttp: Do not use countof() on pointer argumentTobias Brunner2014-07-021-1/+1
|
* optionsfrom: Properly handle errors when determining file sizeTobias Brunner2014-07-021-2/+7
|
* windows: Fix off-by-one error in strerror_s_extended()Tobias Brunner2014-07-021-1/+1
|
* windows: accept() socket handle could theoretically be 0Tobias Brunner2014-07-021-1/+1
|
* windows: Close correct socket when opening second socket fails in socketpair()Tobias Brunner2014-07-021-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 03:29:40 +0000