aboutsummaryrefslogtreecommitdiffstats
path: root/src/frontends/android
Commit message (Collapse)AuthorAgeFilesLines
...
* android: Enum type for transport protocols addedTobias Brunner2013-07-081-0/+60
|
* android: Add measurement collector for Installed PackagesTobias Brunner2013-07-083-0/+126
|
* android: Add measurement collector for Product InformationTobias Brunner2013-07-084-0/+82
|
* android: Also support writing of 24-bit valuesTobias Brunner2013-07-081-0/+13
|
* android: Add measurement collector for String VersionTobias Brunner2013-07-083-0/+125
|
* android: Interfaces for measurement collectors and attributes addedTobias Brunner2013-07-082-0/+58
|
* android: Add a Java utility class similar to bio_writer_tTobias Brunner2013-07-081-0/+172
|
* android: Add enum types for PENs and attribute typesTobias Brunner2013-07-082-0/+159
|
* android: Add a generic handler for PA-TNC attribute requestsTobias Brunner2013-07-082-62/+103
| | | | | The idea is that the Android IMC will return attributes in their binary encoding. This keeps the JNI interface to the IMC pretty simple.
* android: Added a Java part to the Android IMCTobias Brunner2013-07-083-12/+98
|
* android: Don't attempt loading IMCs from /etc/tnc_configTobias Brunner2013-07-081-0/+2
|
* android: Build libpts and init/deinit libpts in BYOD IMCTobias Brunner2013-07-084-2/+10
|
* android: Added a sample IMC that sends some dummy OS dataTobias Brunner2013-07-087-3/+657
|
* android: Build option added to load BYOD related plugins and libraries in ↵Tobias Brunner2013-07-083-8/+39
| | | | the Android app
* android: Disable listening on IPv6Tobias Brunner2013-07-051-0/+4
| | | | | As we have to use UDP encapsulation and the Linux kernel currently does not support that this avoids issues with dual-stack gateways.
* plugin-loader: Add method to print loaded plugins on a given log levelTobias Brunner2013-06-211-0/+1
|
* android: Forward initiator flag to libipsec when adding IPsec SATobias Brunner2013-06-131-2/+2
|
* kernel-interface: add an exchange initiator parameter to add_sa()Martin Willi2013-06-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This new flag gives the kernel-interface a hint how it should priorize the use of newly installed SAs during rekeying. Consider the following rekey procedure in IKEv2: Initiator --- Responder I1 -------CREATE-------> R1 I2 <------CREATE-------- -------DELETE-------> R2 I3 <------DELETE-------- SAs are always handled as pairs, the following happens at the SA level: * Initiator starts the exchange at I1 * Responder installs new SA pair at R1 * Initiator installs new SA pair at I2 * Responder removes old SA pair at R2 * Initiator removes old SA pair at I3 This makes sure SAs get installed/removed overlapping during rekeying. However, to avoid any packet loss, it is crucial that the new outbound SA gets activated at the correct position: * as exchange initiator, in I2 * as exchange responder, in R2 This should guarantee that we don't use the new outbound SA before the peer could install its corresponding inbound SA. The new parameter allows the kernel backend to install the new SA with appropriate priorities, i.e. it should: * as exchange inititator, have the new outbound SA installed with higher priority than the old SA * as exchange responder, have the new outbound SA installed with lower priority than the old SA While we could split up the SA installation at the responder, this approach has another advantage: it allows the kernel backend to switch SAs based on other criteria, for example when receiving traffic on the new inbound SA.
* kernel-interface: query SAD for last use time if SPD query didn't yield oneMartin Willi2013-05-061-1/+1
|
* New Android release after adding AES-GCM, IPv6-in-IPv4 and using kernel-netlinkTobias Brunner2013-05-031-2/+2
| | | | | | | | libipsec now supports AES-GCM, IPv6 tunnels over IPv4 are supported, native x86 libraries are built (requires a new Vstr build script). Also, the existing kernel-netlink plugin now provides the kernel-net implementation, which should be more stable in case multiple interfaces are up and have IP addresses installed on them.
* android: Use stronger ESP proposal including AES-GCMTobias Brunner2013-05-031-0/+6
|
* android: Remove unused methods on NetworkManager/network_manager_tTobias Brunner2013-05-033-177/+1
|
* android: Ignore interface 'lo'Tobias Brunner2013-05-031-2/+4
| | | | | Android adds a default route via 'lo' if no connectivity is available causing charon to send packets via lo and triggering DPD.
* android: Repurpose android-net to simply handle connectivity eventsTobias Brunner2013-05-033-59/+34
| | | | | | Using the events by NetworkManager/ConnectivityManager to trigger roam events instead of the events generated by the kernel-netlink plugin the noise level is much lower.
* android: Replace android-net plugin with kernel-netlinkTobias Brunner2013-05-032-3/+8
| | | | | Virtual IPs are not handled by the kernel-netlink plugin and tun devices are ignored.
* android: Set strongswan.conf options before initializing other librariesTobias Brunner2013-05-031-36/+44
|
* android: No need to disable CMS explicitlyTobias Brunner2013-03-201-1/+0
| | | | The version check introduced with 0d237763 should take care of it.
* android: Build native libraries also for x86Tobias Brunner2013-03-203-2/+5
| | | | Requires an updated build script for Vstr.
* android: Remove/filter header files from LOCAL_SRC_FILESTobias Brunner2013-03-201-10/+10
| | | | This avoids huge warnings when building the native code.
* android: Request and install an IPv6 DNS serverTobias Brunner2013-03-202-9/+17
|
* android: Also request a virtual IPv6 address and propose IPv6 TSTobias Brunner2013-03-203-23/+25
| | | | | This allows IPv6 over IPv4 but falls back nicely if we don't get a virtual IPv6 (or IPv4) address.
* kernel_ipsec_t.query_sa() additionally returns the number of processed packetsMartin Willi2013-03-141-1/+2
|
* New Android release after adding translations and Cert/EAP authenticationTobias Brunner2013-03-071-3/+3
| | | | | Also fixed a race condition during reauthentication and a freeze that might happen while disconnecting.
* android: Add support for combined certificate and EAP authenticationTobias Brunner2013-03-077-34/+63
| | | | | | This uses RFC 4739 multiple authentication rounds to first authenticate the client with a certificate followed by an EAP authentication round with username and password.
* Fixed Doxygen comments after scanning complete src directoryTobias Brunner2013-03-024-4/+4
|
* android: Mitigate race condition on reauthenticationTobias Brunner2013-03-011-0/+4
| | | | | | | | If the TUN device gets recreated while another thread in handle_plain() has not yet called select(2) but already stored the file descriptor of the old TUN device in its FD set, select() will fail with EBADF. Fixes #301.
* Add a DSCP configuration value to IKE configsMartin Willi2013-02-061-1/+1
|
* android: Properly escape apostrophes in Ukrainian translation5.0.2dr4Tobias Brunner2013-01-141-8/+8
|
* android: Implement kernel_net_t.get_interface via JNITobias Brunner2013-01-144-6/+92
| | | | | | This is now required to properly accept/install a virtual IP address. Fixes #275.
* android: Moved chunk_from_byte_array and byte_array_from_chunk helper functionsTobias Brunner2013-01-142-24/+32
|
* android: Set OPENSSL_NO_CMS in Android.mk as it is not set in opensslconf.h ↵Tobias Brunner2013-01-141-0/+1
| | | | on Android
* Merge branch 'ikev1-fragmentation'Tobias Brunner2013-01-121-1/+2
|\ | | | | | | | | | | | | This adds support for the proprietary IKEv1 fragmentation extension. Conflicts: NEWS
| * Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-1/+2
| |
| * Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-1/+1
| |
* | Fixed some typos in Ukrainian translationPavel Kopchyk2013-01-091-15/+16
| |
* | Added Russian and Ukrainian strings for Android clientDmitry Korzhevin2012-12-244-0/+252
|/
* Install virtual IPs via interface name, and use an interface lookup where ↵Martin Willi2012-11-291-1/+1
| | | | required
* Add an optional kernel-interface parameter to install IPs with a custom prefixMartin Willi2012-11-291-1/+2
|
* New Android release after adding shortcuts and confirmation dialogTobias Brunner2012-11-211-2/+2
| | | | Also fixed some Android 4.2 specific issues.
* android: Don't allow any backup for nowTobias Brunner2012-11-211-1/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 05:18:58 +0000