aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/network
Commit message (Collapse)AuthorAgeFilesLines
* allow to globally disable DOS protection by setting charon.dos_protection to no.Tobias Brunner2008-11-261-0/+5
|
* performance optimization for the DOS protection.Tobias Brunner2008-11-251-16/+23
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* moved the IPV6_IPSEC_POLICY definition to the ipsec plugins, fixes uClibc buildMartin Willi2008-11-241-5/+0
|
* updated API doc for socket.hMartin Willi2008-11-131-10/+7
|
* ported socket enumerator to raw-socket.cMartin Willi2008-11-132-85/+78
| | | | some cleanups in socket.c
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-112-45/+72
|
* fixed sender destruction orderMartin Willi2008-11-051-2/+2
|
* replaced most pthread_mutex/cond_t by wrapped mutex/condvar_t variantMartin Willi2008-11-051-22/+25
|
* merging modularized kernel interface back to trunkTobias Brunner2008-09-251-2/+2
|
* added strongswan.conf option "charon.dos_protection" to disable ↵Martin Willi2008-07-301-1/+9
| | | | cookies/aggressiveness check
* fixed typoAndreas Steffen2008-05-211-1/+1
|
* added _GNU_SOURCE and limits.h to build against glibc-2.8Martin Willi2008-04-242-0/+6
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-151-8/+13
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* thread locking for sender and processor optimizedTobias Brunner2008-04-031-6/+16
|
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-139-161/+96
|
* socket_t implementation withouth raw socketsMartin Willi2007-11-263-321/+909
| | | | | | --disable-raw-socket configure option prevents charon/pluto to run in parallel
* typoTobias Brunner2007-10-021-1/+1
|
* introduced callback_job:Martin Willi2007-06-112-125/+108
| | | | | | | | | | | | simple asynchronous method invocation use daemons thread pool for all threads proper cancellation and cleanups cancellation mechanism to dynamically unload multithreaded code unified event_queue and scheduler => scheduler unified job_queue and thread_pool => processor removed job_type_t, not really needed fixes here, there and everywhere
* proper thread cancellation when using the charon->interfacesMartin Willi2007-05-231-0/+1
|
* cosmeticsAndreas Steffen2007-05-151-1/+1
|
* simplified capability droppingMartin Willi2007-05-092-4/+2
|
* changing UID/GID after startup of pluto/charonMartin Willi2007-05-072-3/+5
| | | | added --with-uid/--with-gid configure option
* reducing capabilities of the threads to a minimumMartin Willi2007-05-032-2/+12
| | | | | | proper flush of pending packets on daemon shutdown adding local address as gateway address in dynamic route
* forcing proper autoload of af_key kernel module in charonMartin Willi2007-04-271-0/+10
|
* not using %m printf handler, as late errno interpration over bus may be ↵Martin Willi2007-04-121-13/+21
| | | | problematic
* cleaned up apidocMartin Willi2007-04-112-4/+4
| | | | | | added some comments removed configuration.[ch], as it does not make sense like it is
* restructured file layoutMartin Willi2007-04-104-0/+676
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* removed unneded includesMartin Willi2007-03-301-1/+0
|
* fixed netlink socket receiver codeMartin Willi2007-03-032-206/+0
| | | | implemented interface enumeration code with netlink: no getifaddrs reqired anymore
* merged tasking branch into trunkMartin Willi2007-02-281-8/+2
|
* respecting source address when sending packetsMartin Willi2007-02-151-2/+51
|
* added address listing without getifaddrs for uclibc (only IPv4 yet)Martin Willi2007-02-021-1/+75
|
* renamed all static clone() functions to avoid naming conflicts with uclibcMartin Willi2007-02-011-2/+2
|
* fixed more uClibc issuesMartin Willi2006-12-151-6/+7
| | | | | should compile against a uClibc > 0.9.28 (untested)
* better split up of library files "types.h" & "definitions.h"Martin Willi2006-10-313-3/+3
| | | | | | | | | centralized all printf specifier character definitions reuse of arginfo handlers more cleanups fixed more AMD64 issues added DEBUG_LEVEL compile flag to exclude DBGn() statements
* moved typedefs to beginning of files to solve some include problemsMartin Willi2006-10-302-12/+7
| | | | | | | splitted authenticator to have a separate implementation for each auth_method_t using va_copy to clone va_lists, should fix proplems on AMD64 some other cleanups
* improved signal handling and emittingMartin Willi2006-10-261-32/+32
|
* introduced new logging subsystem using bus:Martin Willi2006-10-181-71/+36
| | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more...
* fixed auxillary message data parsing for IPV6 socketMartin Willi2006-10-091-14/+12
| | | | using SOL_* constants for socket level
* fixed IPV6_PKTINFO setsockopt() to work with most kernel headersMartin Willi2006-10-091-28/+22
| | | | | replaced strerror(errno) with %m printf specifier
* introduced printf() specifiers for:Martin Willi2006-09-271-9/+6
| | | | | | | | | | | host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
* proper error handling for socket creationMartin Willi2006-09-181-12/+23
|
* implemented updown script to handle firewallingMartin Willi2006-09-122-3/+12
|
* added raw socket filter for IPv6Martin Willi2006-08-312-23/+16
|
* initial support for IPv6 (more testing needed)Martin Willi2006-08-302-141/+452
| | | | | | | | | socket works (without v6 filter) traffic selector handle IPv4/v4 cleanly improvements in traffic selector code kernel interface accepts v6 traffic selectors and hosts host_t class has full IPv6 support
* moved interface enumeration code to socket, where it belongsMartin Willi2006-08-284-268/+135
| | | | | query interfaces every time we need it to respect changes in network config added address listing on startup and "ipsec statusall"
* cleanups in kernel interface codeMartin Willi2006-07-182-6/+6
| | | | | | added proper traffic selector to string conversion some cleanups here & there
* fixed UDP decapsulation by adding inbound bypass policy for send socketMartin Willi2006-07-141-10/+17
|
* added IPsec bypass policy to receiving socket, allows incoming IKE traffic ↵Martin Willi2006-07-141-26/+29
| | | | on host2host tunnels when using NAT
* further work done for simultaneous rekeying/deleteMartin Willi2006-07-101-17/+1
| | | | | still some cases which cause trouble
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 11:33:44 +0000