aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* ike-sa-manager: Add method to change the initiator SPI of an IKE_SATobias Brunner2017-09-042-4/+99
|
* ike-init: Fail if DH group in KE payload does not match proposed groupTobias Brunner2017-09-041-1/+5
|
* Merge branch 'android-updates'Tobias Brunner2017-09-0420-73/+457
|\ | | | | | | | | | | | | Caches CRLs in the app directory, adds support for OCSP, adds a button to reconnect to the "already connected" dialog, only apply/configure app selection on Android >= 5 (older versions don't support the API), and catches some random exceptions.
| * android: Add disconnect button to dialog if already connected to profileTobias Brunner2017-09-041-31/+54
| |
| * android: Load x509 plugin to generate OCSP requests and parse responsesTobias Brunner2017-09-041-1/+1
| | | | | | | | BoringSSL does not support OpenSSL's OCSP API.
| * android: Add support to POST data via SimpleFetcherTobias Brunner2017-09-042-6/+62
| | | | | | | | That's required for OCSP verification.
| * android: Add option to clear cached CRLsTobias Brunner2017-09-049-1/+146
| |
| * android: Cache CRLs in app directoryTobias Brunner2017-09-043-10/+132
| | | | | | | | Fixes #2405.
| * android: Pass absolute path to the app's data directory via JNITobias Brunner2017-09-042-6/+11
| |
| * android: Hide app selection in profile editor on Android < 5Tobias Brunner2017-09-042-0/+9
| |
| * android: Only apply app filter on Android 5 and newerTobias Brunner2017-09-041-1/+2
| |
| * android: Catch OutOfMemoryError when importing profilesTobias Brunner2017-09-041-1/+9
| | | | | | | | | | Not sure if this is actually caused because e.g. the file is too large or due to some encoding issue.
| * android: Catch NullPointerException when parsing invalid certificatesTobias Brunner2017-09-041-16/+25
| |
| * android: Catch NullPointerException when calling VpnService.prepare()Tobias Brunner2017-09-041-0/+6
|/ | | | According to the Play Console this occurs occasionally.
* Version bump to 5.6.1dr15.6.1dr1Andreas Steffen2017-09-013-2/+15
|
* imv-os: Updated security update evaluationAndreas Steffen2017-09-017-38/+39
|
* libimcv: Updated database schemeAndreas Steffen2017-09-011-5/+11
|
* sec-updater: Checks for security updatesAndreas Steffen2017-09-0110-362/+269
| | | | | | sec-updater checks for security updates and backports in Debian/ Ubuntu repositories and sets the security flags in the strongTNC policy database accordingly.
* imv-attestation: Fixed file hash measurementsAndreas Steffen2017-09-019-49/+131
| | | | | | The introduction of file versions broke file hash measurements. This has been fixed by using a generic product versions having an empty package name.
* ike-cfg: Fix memory leak when checking for configured addressTobias Brunner2017-08-291-0/+1
|
* sw-collector.8: Some cleanupsAndreas Steffen2017-08-251-9/+9
|
* kernel-netlink: Set usable state whenever an interface appearsTobias Brunner2017-08-231-2/+2
| | | | | | | | If an interface is renamed we already have an entry (based on the ifindex) allocated but previously only set the usable state once based on the original name. Fixes #2403.
* libimcv: Updated Android.mk after move of swid-gen(-info)Tobias Brunner2017-08-211-0/+2
|
* coverage: Use absolute path when removing paths with lcovTobias Brunner2017-08-211-1/+1
| | | | | | There is a bug in some versions of lcov that causes it to fail writing to files via relative paths after it issued warnings (e.g. due to negative counts in the tracefile).
* traffic-selector: Use single buffer for both address familiesTobias Brunner2017-08-172-159/+102
| | | | | | | | The generic field of size 0 in the union that was used previously triggered index-out-of-bounds errors with the UBSAN sanitizer that's used on OSS-Fuzz. Since the two family specific union members don't really provide any advantage, we can just use a single buffer for both families to avoid the errors.
* testing: Make removal of SWID tags work with different releasesTobias Brunner2017-08-161-2/+1
| | | | The regid.2004-03.org.strongswan directory might not exist in new images.
* fuzzing: Also run input that previously caused crashesTobias Brunner2017-08-151-0/+2
|
* configure: Detect mpz_powm_sec() when built with -WerrorTobias Brunner2017-08-151-2/+2
|
* travis: Use the same ASAN_OPTIONS as used by OSS-FuzzTobias Brunner2017-08-151-0/+8
|
* plugin-loader: Move indent variables into !USE_FUZZING blockTobias Brunner2017-08-151-2/+2
| | | | This avoids compile errors on Travis.
* travis: Run fuzz targetsTobias Brunner2017-08-152-0/+15
|
* fuzzing: Run local fuzz targets on given corpora during `make check`Tobias Brunner2017-08-151-0/+7
| | | | The base directory of the corpora must be set in FUZZING_CORPORA.
* fuzzing: Add driver to run fuzz targets on a given list of filesTobias Brunner2017-08-153-5/+80
| | | | | This is enabled if the path to libFuzzer.a is not specified when running the configure script.
* charon-tkm: Build fix for kernel SAD testsAdrian-Ken Rueegsegger2017-08-141-2/+2
| | | | | Commit 7729577... added a flag to the get_esa_id function but the unit tests were not adjusted.
* Version bump to 5.6.05.6.0Andreas Steffen2017-08-142-2/+2
|
* NEWS: Add info about CVE-2017-11185Tobias Brunner2017-08-141-0/+9
|
* gmp: Fix RSA signature verification for m >= nTobias Brunner2017-08-141-3/+9
| | | | | | | | By definition, m must be <= n-1, we didn't enforce that and because mpz_export() returns NULL if the passed value is zero a crash could have been triggered with m == n. Fixes CVE-2017-11185.
* Version bump to 5.6.0rc25.6.0rc2Andreas Steffen2017-08-092-2/+2
|
* sw-collector: Moved info class to libimcvAndreas Steffen2017-08-098-77/+72
|
* NEWS: Added some newsTobias Brunner2017-08-081-1/+13
|
* conf: Descriptions of several settings updatedTobias Brunner2017-08-083-12/+25
|
* libimcv: Cast chunk length to int when printing as stringTobias Brunner2017-08-082-2/+4
|
* sw-collector: Cast chunk length to int when printing as stringTobias Brunner2017-08-081-7/+7
|
* sw-collector: Fix memory leak after failing to open DBTobias Brunner2017-08-081-0/+1
|
* sw-collector: Use correct variable to report failure to open history fileTobias Brunner2017-08-081-4/+5
|
* Revert "apidoc: Update Doxyfile"Tobias Brunner2017-08-071-276/+149
| | | | | | | This reverts commit 8ec979fd64bca07e73f6f255a7cf26e587bb55d8. Mainly because Travis is still on Trusty and this generates lots of warnings.
* Version bump to 5.6.0rc15.6.0rc1Andreas Steffen2017-08-072-2/+2
|
* imv-database: Improve performance by creating file_hashes indexAndreas Steffen2017-08-071-0/+2
|
* sw-collector: Add missing Doxygen groupTobias Brunner2017-08-073-3/+5
| | | | Fix location of two classes.
* libimcv: Add missing Doxgen group for SWIMA-related classesTobias Brunner2017-08-072-1/+4
| | | | Fix location of swima_error_t.
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 13:02:24 +0000