aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/daemon.c
Commit message (Collapse)AuthorAgeFilesLines
* experimental P2P-NAT-T for IKEv2 merged back from branchTobias Brunner2007-10-031-2/+12
|
* fixed stuid()/setgid() and error handlingMartin Willi2007-10-011-2/+12
|
* changed inheritable capability set to the permitted one to execute firewall ↵Martin Willi2007-09-281-2/+1
| | | | script with CAP_NET_ADMIN
* refactored strongswan managerMartin Willi2007-09-261-0/+3
| | | | | | | | removed buggy request parsing code, use ClearSilvers CGI kit instead fixed CHILD_SA listing in manager (needs better design) using secure XML communication through unix sockets removed images with questionable (non-GPL) license
* fixed shutdown order to prevent crash when kernel interface schedules eventsMartin Willi2007-09-121-1/+1
|
* correct debug4.1.6Andreas Steffen2007-09-021-3/+3
|
* renamed integrity check to integrity testAndreas Steffen2007-08-291-3/+3
|
* fips_verify_hmac_signature() now returns a boolean statusAndreas Steffen2007-08-291-1/+1
|
* changed interface of fips_verify_hmac_signatureAndreas Steffen2007-08-291-1/+1
|
* started implementation of libstrongswan code integrity checkAndreas Steffen2007-08-291-4/+28
|
* support of ipsec rereadsecrets for strokeAndreas Steffen2007-08-101-1/+1
|
* further fixed for mobike roamingMartin Willi2007-06-251-0/+3
|
* implemented address change notification (for MOBIKE)Martin Willi2007-06-141-12/+0
| | | | | implemented up to date address list cache to list interfaces
* introduced callback_job:Martin Willi2007-06-111-88/+72
| | | | | | | | | | | | simple asynchronous method invocation use daemons thread pool for all threads proper cancellation and cleanups cancellation mechanism to dynamically unload multithreaded code unified event_queue and scheduler => scheduler unified job_queue and thread_pool => processor removed job_type_t, not really needed fixes here, there and everywhere
* simplified capability droppingMartin Willi2007-05-091-26/+17
|
* properly implemented interface_managers initiate, terminte_[ike|child]Martin Willi2007-05-091-1/+1
| | | | | proper thread release when stroke is CTRL+C'ed fixed some permission issues
* changing UID/GID after startup of pluto/charonMartin Willi2007-05-071-7/+30
| | | | added --with-uid/--with-gid configure option
* reducing capabilities of the threads to a minimumMartin Willi2007-05-031-7/+46
| | | | | | proper flush of pending packets on daemon shutdown adding local address as gateway address in dynamic route
* restructuring of configuration backendsMartin Willi2007-04-271-14/+6
| | | | | | | | | added propotypes of new control interfaces (xml & dbus) introduced loadable: configuration backends control interfaces using pluggable modules as in EAP
* implementation of strictcrlpolicy=ifuriAndreas Steffen2007-04-201-9/+8
|
* moved initiate() code to the generic controller_t classMartin Willi2007-04-161-0/+3
|
* started support of X.509 attribute certificatesAndreas Steffen2007-04-121-0/+2
|
* cleaned up apidocMartin Willi2007-04-111-3/+0
| | | | | | added some comments removed configuration.[ch], as it does not make sense like it is
* restructured file layoutMartin Willi2007-04-101-9/+10
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* support cachecrls=yesAndreas Steffen2007-04-051-2/+8
|
* support of crlcheckinterval=0 to disable IKEv2 CRL fetchingAndreas Steffen2007-04-041-0/+12
|
* removed send_queue, handled internally in sender_t knowMartin Willi2007-03-281-3/+0
| | | | | do header parsing in receiver, ready for cookie integration
* added fetcher_finalize() to clean up libcurlAndreas Steffen2007-03-081-0/+1
|
* support if ocsp signing certificatesAndreas Steffen2007-03-081-0/+1
|
* http post fetching using libcurl implementedAndreas Steffen2007-03-071-0/+4
|
* fixed netlink socket receiver codeMartin Willi2007-03-031-1/+1
| | | | implemented interface enumeration code with netlink: no getifaddrs reqired anymore
* merged EAP framework from branch into trunkMartin Willi2007-02-121-0/+10
| | | | | includes a lot of other modifications
* fixed HAVE_BACKTRACE checksMartin Willi2006-12-111-2/+4
| | | | starter Makefile now uses proper $(COMPILE) to build pluto objects
* made backtrace() calls optional to support uClibcMartin Willi2006-12-061-1/+6
|
* better split up of library files "types.h" & "definitions.h"Martin Willi2006-10-311-1/+1
| | | | | | | | | centralized all printf specifier character definitions reuse of arginfo handlers more cleanups fixed more AMD64 issues added DEBUG_LEVEL compile flag to exclude DBGn() statements
* improved signal handling and emittingMartin Willi2006-10-261-28/+29
|
* introduced new logging subsystem using bus:Martin Willi2006-10-181-75/+139
| | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more...
* introduced printf() specifiers for:Martin Willi2006-09-271-75/+63
| | | | | | | | | | | host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
* added PSK supportAndreas Steffen2006-09-181-2/+2
|
* initial support for IPv6 (more testing needed)Martin Willi2006-08-301-3/+8
| | | | | | | | | socket works (without v6 filter) traffic selector handle IPv4/v4 cleanly improvements in traffic selector code kernel interface accepts v6 traffic selectors and hosts host_t class has full IPv6 support
* moved interface enumeration code to socket, where it belongsMartin Willi2006-08-281-67/+38
| | | | | query interfaces every time we need it to respect changes in network config added address listing on startup and "ipsec statusall"
* implemented proper refcounting using atomic operationsMartin Willi2006-07-281-0/+1
|
* implemented IKE_SA rekeyingMartin Willi2006-07-271-0/+4
| | | | | | uses ikelifetime, rekeymargin and rekeyfuzz config settings no handling of simultaneus exchanges yet!
* updated copyright informationMartin Willi2006-07-071-1/+2
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-051-1/+1
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* first merge of NATT codeMartin Willi2006-06-221-1/+8
|
* reworked function ignore mechanism to not-report whitelistMartin Willi2006-06-201-2/+2
| | | | rather than overriding functions
* readded local_credential_storeMartin Willi2006-06-201-5/+4
| | | | | | added sendcert policy to connection some other cleanups
* implemented rereadcrls rereadcacertsAndreas Steffen2006-06-201-7/+9
|
* (no commit message)Martin Willi2006-06-161-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 13:39:19 +0000