Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Migrated kernel_klips_ipsec to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -98/+60 |
| | |||||
* | Migrated kernel_pfkey_ipsec to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -97/+60 |
| | |||||
* | Migrated kernel_netlink_ipsec to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -93/+59 |
| | |||||
* | Migrated kernel_interface wrapper to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -163/+109 |
| | |||||
* | Added left-/rightikeport ipsec.conf options to use custom IKE ports | Martin Willi | 2010-02-26 | 11 | -3/+23 |
| | |||||
* | Use src/dst ports as configured in ike_cfg | Martin Willi | 2010-02-26 | 4 | -16/+41 |
| | |||||
* | Store custom IKE src/dst ports on ike_cfg | Martin Willi | 2010-02-26 | 9 | -14/+64 |
| | |||||
* | Migrated ike_cfg_t to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -73/+53 |
| | |||||
* | Migrated packet_t to METHOD/INIT macros | Martin Willi | 2010-02-26 | 1 | -62/+41 |
| | |||||
* | Moved socket and socket-raw implementations to plugins | Martin Willi | 2010-02-26 | 17 | -177/+743 |
| | |||||
* | Force libdl if the android plugin is enabled. AC_SEARCH_LIBS thinks it's not ↵ | Tobias Brunner | 2010-02-25 | 1 | -0/+4 |
| | | | | required, but on Android 2.0 it is. | ||||
* | Link all plugins to libstrongswan. | Tobias Brunner | 2010-02-25 | 56 | -15/+56 |
| | |||||
* | Avoid a race condition that could lead to a segmentation fault. | Tobias Brunner | 2010-02-25 | 1 | -3/+7 |
| | | | | | | | | | | | | Let's assume the callback function of a callback job returns JOB_REQUEUE_FAIR in one call and JOB_REQUEUE_NONE in the next. Before this fix, the thread executing the callback job would requeue the job before unregistering itself. If there was a context switch right after the job got requeued, and if the thread that requeued the job never got resumed until a second thread executed the job and, due to the return value of JOB_REQUEUE_NONE, destroyed it, then when the first thread eventually got resumed and tried to lock the mutex to unregister itself the pointer wouldn't be valid anymore, thus resulting in a segmentation fault. | ||||
* | Use side-channel secured mpz_powm_sec of libgmp 5, if available | Martin Willi | 2010-02-18 | 4 | -1/+30 |
| | |||||
* | Updated debian package for NetworkManager-strongswan-1.1.2 | Martin Willi | 2010-02-18 | 1 | -0/+7 |
| | |||||
* | Version bump and NEWS for NetworkManager-strongswan-1.1.2 release | Martin Willi | 2010-02-18 | 2 | -1/+8 |
| | |||||
* | Updated german translation | Martin Willi | 2010-02-18 | 1 | -57/+104 |
| | |||||
* | Tooltips are translatable | Martin Willi | 2010-02-18 | 1 | -9/+9 |
| | |||||
* | Newer glade requires explicit vertical vboxes | Martin Willi | 2010-02-18 | 1 | -0/+5 |
| | |||||
* | Fixed lost renaimings in android plugin | Martin Willi | 2010-02-18 | 1 | -13/+14 |
| | |||||
* | Added Android plugin, currently provides DNS handling on Android | Martin Willi | 2010-02-17 | 7 | -0/+413 |
| | |||||
* | Invoke missing message() hook for incoming responses | Martin Willi | 2010-02-17 | 1 | -0/+1 |
| | |||||
* | version bump to 4.4.0 | Andreas Steffen | 2010-02-15 | 2 | -4/+4 |
| | |||||
* | Detect windows hosts to add specific workarounds. | Tobias Brunner | 2010-02-12 | 2 | -0/+7 |
| | |||||
* | Adding support for AES GMAC (RFC4543). | Tobias Brunner | 2010-02-12 | 15 | -103/+911 |
| | |||||
* | Do not build own authentication data before we've verified others, we need ↵4.3.6 | Martin Willi | 2010-02-09 | 1 | -28/+33 |
| | | | | the other identity in EAP | ||||
* | hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6 | Andreas Steffen | 2010-02-06 | 26 | -48/+82 |
| | |||||
* | generated hash-and-url files for rfc3779 certs | Andreas Steffen | 2010-02-06 | 4 | -0/+0 |
| | |||||
* | hash-and-url avoids IP fragementation, cert and crl fetch based on IPv6 | Andreas Steffen | 2010-02-06 | 6 | -12/+20 |
| | |||||
* | hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6 | Andreas Steffen | 2010-02-05 | 6 | -12/+20 |
| | |||||
* | IPv6 fragment and http access are not needed in PSK scenario | Andreas Steffen | 2010-02-05 | 4 | -21/+1 |
| | |||||
* | hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6 | Andreas Steffen | 2010-02-05 | 7 | -12/+21 |
| | |||||
* | Increased the buffer for netlink responses. | Tobias Brunner | 2010-02-05 | 1 | -0/+1 |
| | | | | | | | | If an error occurs while manipulating policies in the kernel, the original netlink request gets attached to the response. Prior to Linux 2.6.32 the size in the netlink header of the response was wrong. | ||||
* | IPv6 frag netfilter rule not needed anymore | Andreas Steffen | 2010-02-05 | 2 | -6/+0 |
| | |||||
* | hash-and-url avoids IP fragmentation, cert and crl fetch based on IPv6 | Andreas Steffen | 2010-02-05 | 7 | -6/+21 |
| | |||||
* | initialize variables to avoid compiler warning | Andreas Steffen | 2010-02-05 | 1 | -2/+2 |
| | |||||
* | Use destination address of ppp interfaces as nexthop in starters default ↵ | Martin Willi | 2010-02-05 | 1 | -6/+25 |
| | | | | route lookup | ||||
* | init_fetch() changed to fetch_initialize() | Andreas Steffen | 2010-02-05 | 1 | -1/+1 |
| | |||||
* | use static IPsec policy netfilter rules in MOBIKE scenarios | Andreas Steffen | 2010-02-04 | 17 | -12/+273 |
| | |||||
* | remove any charon.pid files remaining at the end of each scenario | Andreas Steffen | 2010-02-04 | 1 | -0/+11 |
| | |||||
* | IPSEC_ROUTING_TABLE is now called routing_table | Andreas Steffen | 2010-02-03 | 1 | -1/+1 |
| | |||||
* | differentiate between executed and displayed iptables commands | Andreas Steffen | 2010-02-03 | 1 | -5/+13 |
| | |||||
* | Use child_updown hook in updown plugin, fixes doubled invocation of down script | Martin Willi | 2010-02-03 | 1 | -47/+17 |
| | |||||
* | added ikev2/inactivity-timeout scenario | Andreas Steffen | 2010-02-03 | 9 | -0/+99 |
| | |||||
* | renamed init_fetch() to fetch_initialize() | Andreas Steffen | 2010-02-02 | 2 | -2/+2 |
| | |||||
* | Some whitespace and code cleanups concerning the mediation extension. | Tobias Brunner | 2010-02-02 | 3 | -12/+10 |
| | |||||
* | Join pluto's fetching thread instead of detaching it in order to avoid that ↵ | Tobias Brunner | 2010-02-02 | 3 | -6/+26 |
| | | | | the leak-detective reports a memleak. | ||||
* | corrected captions | Andreas Steffen | 2010-02-01 | 1 | -2/+2 |
| | |||||
* | warn if loaded local certificate is invalid | Andreas Steffen | 2010-02-01 | 1 | -3/+5 |
| | |||||
* | Updated NEWS about per-connection inactivity timeout | Martin Willi | 2010-01-27 | 1 | -3/+3 |
| |