aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * child-sa: Pass the number of total policies tied to an SA to the kernelMartin Willi2014-06-042-0/+10
| | | | | | | | | | This will be useful if the kernel backend has to know how many policies follow an SA install, for example if it must install all policies concurrently.
| * kernel-iph: Implicitly enable IP forwarding when installing routesMartin Willi2014-06-041-0/+26
| |
| * kernel-wfp: Show a warning for packets the kernel drops in its IPsec layersMartin Willi2014-06-041-0/+6
| |
| * kernel-wfp: Set flag to get UDP encapsulation with tunnel mode workingMartin Willi2014-06-042-0/+22
| | | | | | | | | | | | Having this flag set fixes connections initiated by the Windows host, but unfortunately does not yet fix incoming connections. Connection state issue? We still see 0xc00000e2 error events, translating to INTERNAL_ERROR.
| * kernel-wfp: Install tunnel and trap forward policiesMartin Willi2014-06-043-136/+275
| |
| * kernel-wfp: Manually create a ProviderContext to attach individual filtersMartin Willi2014-06-044-79/+73
| | | | | | | | | | | | This gives us more flexibility than using the intransparent FwpmIPsecTunnelAdd, and fixes the issues we have seen with trap policies. Forward filters are still missing, but required for site-to-site tunnels.
| * kernel-wfp: Print filter weight in "ipsecdump filters"Martin Willi2014-06-041-0/+4
| |
| * kernel-wfp: Add support for trap policies and acquiresMartin Willi2014-06-042-1/+304
| |
| * socket-win: Install IKE bypass policies using bypass_socket()Martin Willi2014-06-042-0/+12
| |
| * kernel-wfp: Implement bypass_socket() using dedicated filter rulesMartin Willi2014-06-041-2/+117
| |
| * kernel-wfp: Register for WFP Net eventsMartin Willi2014-06-042-0/+48
| |
| * kernel-wfp: Add some missing IPv6 GUIDs, fix IPv6 host conversionMartin Willi2014-06-042-2/+29
| |
| * kernel-wfp: Add an ipsecdump "filters" command to print IPsec related filtersMartin Willi2014-06-041-1/+282
| |
| * kernel-wfp: Add an ipsecdump utility to show installed SAs/SPs on WindowsMartin Willi2014-06-043-0/+432
| |
| * kernel-wfp: Depend on used RNG plugin featuresMartin Willi2014-06-041-0/+2
| |
| * kernel-wfp: Implement update_sa()Martin Willi2014-06-043-1/+114
| |
| * kernel-wfp: Configure ports for SAs using UDP encapsulationMartin Willi2014-06-041-0/+31
| |
| * kernel-wfp: Refactor SA context construction, and use IPsecSaContextCreate1()Martin Willi2014-06-041-19/+32
| |
| * kernel-iph: Fire roam events for detected address changesMartin Willi2014-06-041-0/+60
| |
| * kernel-wfp: Allocate SPIs pseudo-randomly using a 0xc prefixMartin Willi2014-06-041-2/+59
| |
| * kernel-wfp: Install appropriate routes for tunnel mode policiesMartin Willi2014-06-041-1/+208
| |
| * kernel-iph: Implement add/del_route()Martin Willi2014-06-041-6/+80
| |
| * kernel-iph: Implement get_nexthop()Martin Willi2014-06-041-0/+32
| |
| * kernel-iph: Implement get_source_addr()Martin Willi2014-06-041-1/+23
| |
| * kernel-iph: Implement address enumerationMartin Willi2014-06-041-1/+79
| |
| * kernel-iph: Implement get_interface() methodMartin Willi2014-06-041-1/+38
| |
| * kernel-iph: Create and maintain a cache of interfaces and associated addressesMartin Willi2014-06-041-0/+328
| |
| * kernel-iph: Add a stub for a Windows IP Helper based networking backendMartin Willi2014-06-047-0/+310
| |
| * kernel-wfp: Disable IPsec policy updatesMartin Willi2014-06-041-4/+11
| | | | | | | | | | It seems that WFP requires an update of the SA context only, but not for the filters. This allows us to omit support for (fallback) drop policies.
| * kernel-interface: Add a flag to indicate no policy updates requiredMartin Willi2014-06-042-3/+16
| |
| * kernel-wfp: Increment SPIs properly, that is while in host orderMartin Willi2014-06-041-2/+2
| |
| * kernel-wfp: Triggering expire events for SAs to rekey/deleteMartin Willi2014-06-041-0/+108
| |
| * kernel-wfp: Enforce hard lifetimes of SAsMartin Willi2014-06-041-0/+8
| |
| * kernel-wfp: Add some notes about query_sa/policy() supportMartin Willi2014-06-041-0/+5
| |
| * kernel-wfp: Reference SA/SP sets by SPI and destination, not reqidMartin Willi2014-06-041-255/+149
| | | | | | | | | | This allows us to have multiple CHILD_SAs for the same reqid, and brings rekeying support.
| * kernel-wfp: Add support for tunnel mode connectionsMartin Willi2014-06-042-25/+215
| |
| * kernel-wfp: Register a WFP provider to manage IPsec tunnelsMartin Willi2014-06-041-0/+22
| |
| * kernel-wfp: Preliminary support for transport mode connectionsMartin Willi2014-06-042-3/+698
| |
| * kernel-wfp: Fix/Complete some fwpuclnt functionality in MinGWMartin Willi2014-06-044-3/+133
| | | | | | | | | | | | | | | | | | While MinGW declares all the required symbols, some of them are missing in the library files. We provide missing variables locally, functions get a stub that call the GetProcAddress()ed function from the DLL. Also some MinGW headers define some enum values incorrectly, we overload these using defines.
| * kernel-wfp: Open and close a WFP engineMartin Willi2014-06-041-1/+33
| |
| * kernel-wfp: Create userland state for SAs/policies to install in kernelMartin Willi2014-06-041-5/+364
| |
| * kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backendMartin Willi2014-06-047-0/+365
|/
* Merge branch 'win-socket'Martin Willi2014-06-048-2/+703
|\ | | | | | | | | Adds a socket-win plugin providing an IKE socket implementation for Windows based on the native Winsock2 API.
| * travis: Include socket backend in Windows build testMartin Willi2014-06-041-1/+1
| |
| * travis: Build "all" tests without Windows socket backendMartin Willi2014-06-041-1/+1
| |
| * socket-win: Implement a Windows socket plugin using Winsock2Martin Willi2014-06-047-0/+701
|/
* Merge branch 'win'Martin Willi2014-06-04373-1974/+6730
|\ | | | | | | | | | | | | | | | | | | Ports the strongSwan core libraries and some plugins to the Windows platform using a MinGW based toolchain. Beside generic platform abstraction and the windows.[ch] compatibility layer, this merge introduces a Windows native threading backend and a charon-svc Windows IKE service. Travis adds a MinGW cross-compile build to Windows, and further enables -Werror to let builds fail for all compiler warnings with gcc and Clang.
| * travis: Define a Windows build test using MinGWMartin Willi2014-06-042-2/+20
| |
| * travis: Perform build tests with -WerrorMartin Willi2014-06-041-1/+3
| |
| * windows: Compile with -mno-ms-bitfields if option not set explicitlyMartin Willi2014-06-041-0/+5
| | | | | | | | | | -mms-bitfields is the default in newer MinGWs, but it breaks __attribute__((packed)).
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-08 14:24:21 +0000