aboutsummaryrefslogtreecommitdiffstats
path: root/src/frontends/android/jni/libandroidbridge/backend
Commit message (Collapse)AuthorAgeFilesLines
* android: Add new VpnType to enable BYOD featuresTobias Brunner2013-07-081-3/+9
|
* android: Use stronger ESP proposal including AES-GCMTobias Brunner2013-05-031-0/+6
|
* android: Request and install an IPv6 DNS serverTobias Brunner2013-03-201-4/+16
|
* android: Also request a virtual IPv6 address and propose IPv6 TSTobias Brunner2013-03-201-7/+17
| | | | | This allows IPv6 over IPv4 but falls back nicely if we don't get a virtual IPv6 (or IPv4) address.
* android: Add support for combined certificate and EAP authenticationTobias Brunner2013-03-071-27/+50
| | | | | | This uses RFC 4739 multiple authentication rounds to first authenticate the client with a certificate followed by an EAP authentication round with username and password.
* Fixed Doxygen comments after scanning complete src directoryTobias Brunner2013-03-021-1/+1
|
* android: Mitigate race condition on reauthenticationTobias Brunner2013-03-011-0/+4
| | | | | | | | If the TUN device gets recreated while another thread in handle_plain() has not yet called select(2) but already stored the file descriptor of the old TUN device in its FD set, select() will fail with EBADF. Fixes #301.
* Add a DSCP configuration value to IKE configsMartin Willi2013-02-061-1/+1
|
* android: Moved chunk_from_byte_array and byte_array_from_chunk helper functionsTobias Brunner2013-01-141-24/+0
|
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-1/+2
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-1/+1
|
* android: Private key bug has been fixed with Android 4.2Tobias Brunner2012-11-191-1/+1
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-241-1/+1
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-241-1/+1
|
* android: Ignore if peer is unreachable when reestablishing an SATobias Brunner2012-10-181-2/+7
|
* android: Use keyingtries=%forever and dpd|closeaction=restartTobias Brunner2012-10-181-3/+3
| | | | | | | We also ignore the CHILD_SA_DOWN event. This should allow us to keep the connection up as long as the user does not manually disconnect.
* android: Handle unreachable peers via alertTobias Brunner2012-10-161-17/+5
|
* android: Use 0.0.0.0/0 as local traffic selectorTobias Brunner2012-10-161-1/+2
| | | | | This is helpful if the responder also wants to tunnel e.g. multicast packages.
* android: Determine source address dynamicallyTobias Brunner2012-10-162-13/+5
|
* android: Don't use the default ESP proposal as it includes unsupported ↵Tobias Brunner2012-10-161-1/+4
| | | | algorithms
* android: Leak the private key reference on Jelly Bean to avoid a bug in the ↵Tobias Brunner2012-09-241-1/+10
| | | | | | | | | framework A bug in the framework on Android Jelly Bean causes a SIGSEGV when the private key object returned from KeyChain.getPrivateKey is garbage collected. Leaking the global reference to that object prevents the garbage collection and thereby the crash.
* android: Load the private key and certificates separately in android_creds_tTobias Brunner2012-09-241-27/+28
|
* android: Added a JNI backed private key implementationTobias Brunner2012-09-242-0/+323
| | | | | This is required because private keys are provided by an OpenSSL engine in Jelly Bean, which makes them inaccessible directly via getEncoding.
* android: Use AUTH_RULE_IDENTITY_LOOSETobias Brunner2012-09-181-0/+1
|
* android: Properly handle reauthentication initiated by the clientTobias Brunner2012-09-061-7/+42
|
* Merge branch 'android-client-cert'Tobias Brunner2012-09-044-13/+159
|\ | | | | | | Introduces IKEv2 client certificate authentication for the Android App.
| * android: Native parts handle ikev2-cert VPN typeTobias Brunner2012-08-312-10/+69
| |
| * android: android_creds_t can provide a user's private key and certificateTobias Brunner2012-08-312-3/+89
| |
* | Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-301-1/+1
| |
* | Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-1/+1
| |
* | Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-8/+22
|/
* Job added which handles plain text packets read from TUN deviceTobias Brunner2012-08-131-1/+63
|
* Added a handler that writes inbound plain text packets to the TUN deviceTobias Brunner2012-08-131-0/+35
|
* Add simple callbacks to receive/send ESP packets via libipsec/receiver.Tobias Brunner2012-08-131-0/+31
|
* Add routes based on the installed IPsec policies to the TUN device builderTobias Brunner2012-08-131-0/+46
|
* Add virtual IP to the TUN device builderTobias Brunner2012-08-131-1/+9
| | | | | After the CHILD_SA is established we can easily get this address from the IKE_SA.
* Create a TUN device via VpnService.Builder once the CHILD_SA is establishedTobias Brunner2012-08-131-0/+82
|
* An Android specific attribute handler installs DNS servers via BuilderTobias Brunner2012-08-132-0/+172
|
* android_service_t handles initiation of an SA and tracks its progressTobias Brunner2012-08-132-0/+330
| | | | Status updates are delivered via charonservice (JNI).
* Android specific credential set also provides user credentialsTobias Brunner2012-08-132-4/+37
|
* Added an Android specific credential set that provides CA certificates via JNITobias Brunner2012-08-132-0/+210
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 01:32:44 +0000