aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/daemon.c
Commit message (Collapse)AuthorAgeFilesLines
...
* fixed EAP-GTC secret lookupMartin Willi2008-08-211-2/+9
| | | | | improved error logging PAM authentication needs CAP_AUDIT_WRITE capability
* fixed libstrongswan integrity testAndreas Steffen2008-08-191-14/+14
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-181-1/+1
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* added %P printf handler for poposal_tMartin Willi2008-06-121-0/+3
| | | | added some proposal selection debugging code
* correctly initialize the mediation and connection managerTobias Brunner2008-05-221-0/+4
|
* added a fixup for addresses from shared libraries in segmentation fault handlerTobias Brunner2008-05-191-1/+24
|
* loading default modules depending on configure optionsMartin Willi2008-05-161-2/+1
|
* plugin load configuration in strongswan.confMartin Willi2008-05-151-14/+15
| | | | | | some components accept a "component.load" option with a space separated list of plugins to load libcharon- plugins are now handled the same way as libstrongswan- plugins
* replaced --with-gid/uid by --with-group/user Martin Willi2008-05-081-11/+52
| | | | | using named users, groups fixed capability dropping in pluto
* using capset version 1 if a newer is availableMartin Willi2008-05-071-0/+6
|
* respecting ipsec.conf cachecrls= optionMartin Willi2008-04-171-13/+0
|
* splitted IKE_SA manager destroy to allow plugin interactionMartin Willi2008-04-171-0/+4
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-151-13/+10
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-091-2/+3
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* added ./configure option --with-strongswan-conf=Martin Willi2008-04-071-1/+1
| | | | defaults to /etc/strongswan.conf
* replaced mutex in leak detective with thread schedulingTobias Brunner2008-04-031-1/+1
|
* configure option in strongswan.conf for thread countMartin Willi2008-04-031-1/+3
|
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-261-4/+4
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-47/+50
|
* socket_t implementation withouth raw socketsMartin Willi2007-11-261-1/+1
| | | | | | --disable-raw-socket configure option prevents charon/pluto to run in parallel
* experimental P2P-NAT-T for IKEv2 merged back from branchTobias Brunner2007-10-031-2/+12
|
* fixed stuid()/setgid() and error handlingMartin Willi2007-10-011-2/+12
|
* changed inheritable capability set to the permitted one to execute firewall ↵Martin Willi2007-09-281-2/+1
| | | | script with CAP_NET_ADMIN
* refactored strongswan managerMartin Willi2007-09-261-0/+3
| | | | | | | | removed buggy request parsing code, use ClearSilvers CGI kit instead fixed CHILD_SA listing in manager (needs better design) using secure XML communication through unix sockets removed images with questionable (non-GPL) license
* fixed shutdown order to prevent crash when kernel interface schedules eventsMartin Willi2007-09-121-1/+1
|
* correct debug4.1.6Andreas Steffen2007-09-021-3/+3
|
* renamed integrity check to integrity testAndreas Steffen2007-08-291-3/+3
|
* fips_verify_hmac_signature() now returns a boolean statusAndreas Steffen2007-08-291-1/+1
|
* changed interface of fips_verify_hmac_signatureAndreas Steffen2007-08-291-1/+1
|
* started implementation of libstrongswan code integrity checkAndreas Steffen2007-08-291-4/+28
|
* support of ipsec rereadsecrets for strokeAndreas Steffen2007-08-101-1/+1
|
* further fixed for mobike roamingMartin Willi2007-06-251-0/+3
|
* implemented address change notification (for MOBIKE)Martin Willi2007-06-141-12/+0
| | | | | implemented up to date address list cache to list interfaces
* introduced callback_job:Martin Willi2007-06-111-88/+72
| | | | | | | | | | | | simple asynchronous method invocation use daemons thread pool for all threads proper cancellation and cleanups cancellation mechanism to dynamically unload multithreaded code unified event_queue and scheduler => scheduler unified job_queue and thread_pool => processor removed job_type_t, not really needed fixes here, there and everywhere
* simplified capability droppingMartin Willi2007-05-091-26/+17
|
* properly implemented interface_managers initiate, terminte_[ike|child]Martin Willi2007-05-091-1/+1
| | | | | proper thread release when stroke is CTRL+C'ed fixed some permission issues
* changing UID/GID after startup of pluto/charonMartin Willi2007-05-071-7/+30
| | | | added --with-uid/--with-gid configure option
* reducing capabilities of the threads to a minimumMartin Willi2007-05-031-7/+46
| | | | | | proper flush of pending packets on daemon shutdown adding local address as gateway address in dynamic route
* restructuring of configuration backendsMartin Willi2007-04-271-14/+6
| | | | | | | | | added propotypes of new control interfaces (xml & dbus) introduced loadable: configuration backends control interfaces using pluggable modules as in EAP
* implementation of strictcrlpolicy=ifuriAndreas Steffen2007-04-201-9/+8
|
* moved initiate() code to the generic controller_t classMartin Willi2007-04-161-0/+3
|
* started support of X.509 attribute certificatesAndreas Steffen2007-04-121-0/+2
|
* cleaned up apidocMartin Willi2007-04-111-3/+0
| | | | | | added some comments removed configuration.[ch], as it does not make sense like it is
* restructured file layoutMartin Willi2007-04-101-9/+10
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* support cachecrls=yesAndreas Steffen2007-04-051-2/+8
|
* support of crlcheckinterval=0 to disable IKEv2 CRL fetchingAndreas Steffen2007-04-041-0/+12
|
* removed send_queue, handled internally in sender_t knowMartin Willi2007-03-281-3/+0
| | | | | do header parsing in receiver, ready for cookie integration
* added fetcher_finalize() to clean up libcurlAndreas Steffen2007-03-081-0/+1
|
* support if ocsp signing certificatesAndreas Steffen2007-03-081-0/+1
|
* http post fetching using libcurl implementedAndreas Steffen2007-03-071-0/+4
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 09:15:43 +0000