| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | charon-tkm: Return current refcount when releasing ID | Adrian-Ken Rueegsegger | 2017-09-15 | 1 | -15/+14 |
| | | |||||
| * | charon-tkm: Add acquire_ref method to ID manager | Adrian-Ken Rueegsegger | 2017-09-15 | 1 | -0/+68 |
| | | | | | | The function acquires a reference to the given context reference id for a specific context kind. | ||||
| * | charon-tkm: Build fix for kernel SAD tests | Adrian-Ken Rueegsegger | 2017-08-14 | 1 | -2/+2 |
| | | | | | | Commit 7729577... added a flag to the get_esa_id function but the unit tests were not adjusted. | ||||
| * | charon-tkm: Call esa_reset() when the inbound SA is deleted | Tobias Brunner | 2017-08-07 | 1 | -2/+16 |
| | | | | | | | | | | After a rekeying the outbound SA and policy is deleted immediately, however, the inbound SA is not removed until a few seconds later, so delayed packets can still be processed. This adds a flag to get_esa_id() that specifies the location of the given SPI. | ||||
| * | charon-tkm: Remove unused get_other_esa_id() method | Tobias Brunner | 2017-08-07 | 1 | -36/+0 |
| | | |||||
| * | daemon: Use separate method to set default loggers | Tobias Brunner | 2017-01-25 | 1 | -1/+1 |
| | | | | | | This way it is not necessary to pass the same values to reload the loggers. | ||||
| * | Use standard unsigned integer types | Andreas Steffen | 2016-03-24 | 1 | -3/+3 |
| | | |||||
| * | libhydra: Remove empty unused library | Tobias Brunner | 2016-03-03 | 1 | -5/+0 |
| | | |||||
| * | libhydra: Move kernel interface to libcharon | Tobias Brunner | 2016-03-03 | 1 | -1/+0 |
| | | | | | This moves hydra->kernel_interface to charon->kernel. | ||||
| * | unit-tests: Forward variable argument list in TEST_SUITE_DEPEND | Martin Willi | 2015-07-12 | 1 | -2/+2 |
| | | | | | | For some plugin features, such as crypters or AEADs, we have some additional feature arguments, such as the key size. | ||||
| * | charon-tkm: Also store local SPI in SAD | Adrian-Ken Rueegsegger | 2015-05-04 | 1 | -9/+9 |
| | | |||||
| * | charon-tkm: Reset stale nonce contexts | Reto Buerki | 2015-05-04 | 1 | -1/+1 |
| | | | | | | | | | | | | If the nonce generator detects a stale nonce upon destroy(), it resets the context in the TKM and releases associated resources in the ID manager and chunk map. Also, do not acquire the nonce context ID in tkm_nonceg_create function but rather when the nonce is actually created by get_nonce(). The nonces created with get_nonce must also be registered in the chunk map. | ||||
| * | charon-tkm: Drop unneeded nonceg get_id function | Reto Buerki | 2015-05-04 | 1 | -1/+0 |
| | | |||||
| * | charon-tkm: Add get_other_esa_id function to TKM kernel SAD | Adrian-Ken Rueegsegger | 2015-05-04 | 1 | -0/+36 |
| | | | | | | The function gets the ESA id for another entry associated with the same security policy as the specified ESA. | ||||
| * | diffie-hellman: Add a bool return value to set_other_public_value() | Martin Willi | 2015-03-23 | 1 | -1/+1 |
| | | |||||
| * | diffie-hellman: Add a bool return value to get_my_public_value() | Martin Willi | 2015-03-23 | 2 | -2/+2 |
| | | |||||
| * | charon-tkm: Add get_dst_host getter to SAD | Reto Buerki | 2015-02-20 | 1 | -0/+28 |
| | | | | | | This function returns the destination host of an SAD entry for given reqid, spi and protocol arguments or NULL if not found. | ||||
| * | charon-tkm: Store reqid in SAD | Reto Buerki | 2015-02-20 | 1 | -6/+6 |
| | | |||||
| * | charon-tkm: Fix logger entity name in tests.c | Reto Buerki | 2015-02-20 | 1 | -2/+2 |
| | | | | | Change 'test_runner' to 'test-runner'. | ||||
| * | plugin-loader: Support a reload() callback for static features | Martin Willi | 2014-09-22 | 1 | -1/+1 |
| | | |||||
| * | libcharon: Remove unused charon->name | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | | |||||
| * | charon-tkm: Use lib->ns instead of charon->name | Tobias Brunner | 2014-02-12 | 1 | -2/+2 |
| | | |||||
| * | libhydra: Remove unused hydra->daemon | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | | |||||
| * | unit-tests: Pass a test suite collection name to print during test execution | Martin Willi | 2014-01-22 | 1 | -1/+1 |
| | | | | | | As we except to get more and more test runners for the different components, we add a name to easily identify them on the test output. | ||||
| * | charon-tkm: Implement IANA DH Id to TKM Id mapping | Adrian-Ken Rueegsegger | 2013-12-03 | 2 | -3/+8 |
| | | | | | | | | | | | | | | | | The TKM Diffie-Hellman plugin now maps IANA DH identifiers to TKM DH algorithm identifiers. The mapping is specified in the daemon's 'dh_mapping' section in the strongswan.conf file: dh_mapping { iana_id1 = tkm_id1 iana_id2 = tkm_id2 iana_id3 = tkm_id3 ... } Only the mapped IANA IDs are registered as supported DH groups. | ||||
| * | charon-tkm: Migrate tests to our own test runner | Tobias Brunner | 2013-11-27 | 10 | -126/+220 |
| | | | | | | | Due to problems with the external libraries tkm_init/deinit can't be called for each test case. Because of this leak detective has to be disabled for these tests. | ||||
| * | Don't manually register kernel_netlink_net | Reto Buerki | 2013-03-19 | 1 | -4/+0 |
| | | | | | | | | | | Load complete kernel_netlink plugin instead. Registering the TKM specific plugins first still ensures that the correct ipsec plugin is used. Lazy initialize the RNG_WEAK plugin to avoid the unsatisfiable soft dependency on startup. | ||||
| * | Initialize libstrongswan in test_runner main() | Reto Buerki | 2013-03-19 | 2 | -54/+41 |
| | | |||||
| * | Add TKM_CTX_CC (Certificate chain context id) | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -1/+1 |
| | | |||||
| * | Add typelen parameter to chunk_to_sequence function | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -1/+1 |
| | | | | | The parameter is used to initialize the given sequence to zero. | ||||
| * | Let tkm_keymat_t extend keymat_v2_t | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -7/+10 |
| | | |||||
| * | Add test for keymat derive_child_keys operation | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -0/+89 |
| | | |||||
| * | Implement TKM kernel SA database (SAD) | Adrian-Ken Rueegsegger | 2013-03-19 | 3 | -0/+124 |
| | | | | | | The TKM kernel SAD (security association database) stores information about CHILD SAs. | ||||
| * | Add TKM_CTX_ESA (ESP SA context id) | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -1/+1 |
| | | |||||
| * | Use rng to generate local ESP SPIs | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -0/+1 |
| | | |||||
| * | charon-tkm: Register kernel_netlink_net | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -0/+6 |
| | | | | | | | Explicitly register kernel netlink net implementation and avoid loading the whole kernel-netlink plugin since the kernel netlink ipsec part is unwanted. | ||||
| * | Add ISA context id getter to TKM keymat | Reto Buerki | 2013-03-19 | 1 | -0/+1 |
| | | |||||
| * | Add TKM_CTX_AE (Authenticated Endpoint context) | Reto Buerki | 2013-03-19 | 1 | -1/+1 |
| | | |||||
| * | Add TKM_CTX_ISA (IKE SA context) | Reto Buerki | 2013-03-19 | 1 | -1/+1 |
| | | |||||
| * | Add keymat IKE key derivation test case | Reto Buerki | 2013-03-19 | 3 | -0/+105 |
| | | |||||
| * | Implement chunk_to_sequence function | Reto Buerki | 2013-03-19 | 1 | -0/+18 |
| | | | | | This function converts a given chunk to a variable-length byte sequence. | ||||
| * | Implement sequence_to_chunk function | Reto Buerki | 2013-03-19 | 3 | -0/+47 |
| | | | | | | This function converts a given TKM variable-length byte sequence to chunk. | ||||
| * | Add context id getter to TKM DH implementation | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -0/+1 |
| | | |||||
| * | Add chunk map | Adrian-Ken Rueegsegger | 2013-03-19 | 3 | -0/+60 |
| | | | | | | This data structure allows to store mappings of chunks to ids. This will be used to map nonces to their corresponding nonce context ids. | ||||
| * | Add context id getter to TKM nonce generator | Adrian-Ken Rueegsegger | 2013-03-19 | 1 | -0/+1 |
| | | |||||
| * | Pass context limits on to id manager | Reto Buerki | 2013-03-19 | 1 | -8/+9 |
| | | |||||
| * | id_manager: Use array of bool instead of list | Reto Buerki | 2013-03-19 | 1 | -0/+18 |
| | | | | | | | Instead of storing the acquired context ids in a linked list, use an array of booleans for the job. A boolean value of true in the array designates an available context id. | ||||
| * | Add initial TKM Diffie-Hellman implementation | Reto Buerki | 2013-03-19 | 3 | -0/+60 |
| | | | | | | | | | | | The tkm_diffie_hellman_t plugin acquires a DH context from the Trusted Key Manager and uses it to get a DH public value and the calculated shared secret. Proper context handling is still missing though, the plugin currently uses context ID 1. The get_shared_secret function will be removed as soon as the TKM specific keymat is ready. | ||||
| * | Initialize TKM client library in tkm.c | Reto Buerki | 2013-03-19 | 1 | -2/+8 |
| | | |||||
| * | Introduce TKM specific charon daemon (charon-tkm) | Reto Buerki | 2013-03-19 | 5 | -0/+285 |
| Analogous to charon-nm the charon-tkm daemon is a specialized charon instance used in combination with the trusted key manager (TKM) written in Ada. The charon-tkm is basically a copy of the charon-nm code which will register it's own TKM specific plugins. The daemon binary is built using the gprbuild utility. This is needed because it uses the tkm-rpc Ada library and consequently the Ada runtime. gprbuild takes care of the complete binding and linker steps required to properly initialize the Ada runtime. | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |