aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/Makefile.am
Commit message (Collapse)AuthorAgeFilesLines
* vici: Add a plugin stub for the "Versatile IKE Control Interface" pluginMartin Willi2014-05-071-0/+7
|
* dnscert: Add DNS CERT support for pubkey authenticationRuslan N. Marchenko2013-10-111-0/+7
| | | | | | | | | | | Add DNSSEC protected CERT RR delivered certificate authentication. The new dnscert plugin is based on the ipseckey plugin and relies on the existing PEM decoder as well as x509 and PGP parsers. As such the plugin expects PEM encoded PKIX(x509) or PGP(GPG) certificate payloads. The plugin is targeted to improve interoperability with Racoon, which supports this type of authentication, ignoring in-stream certificates and using only DNS provided certificates for FQDN IDs.
* Build all shared libraries with -no-undefined and link them properlyTobias Brunner2013-09-121-1/+7
| | | | | | | | | | The flag is required to convince libtool on Cygwin to build DLLs. But on Windows these shared libraries can not have undefined symbols, so we have to link them explicitly to the libraries they reference. For plugins this is currently not done, so only the monolithic build is supported. The plugin loader wouldn't be able to load DLLs anyway, as it tries to load files that don't exist on Cygwin.
* moved tnc_imv plugin to libtnccs thanks to recommendation callback functionAndreas Steffen2013-08-151-7/+0
|
* Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon ↵Andreas Steffen2013-08-151-35/+0
| | | | plugins to libtnccs
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-4/+2
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* osx-attr: add plugin installing config attributes using SystemConfigurationMartin Willi2013-06-211-0/+7
| | | | | Currently installs DNS servers only, by prepending IP addresses to the DNS configuration of the primary networking service.
* kernel-libipsec: Add plugin that implements kernel_ipsec_t using libipsecTobias Brunner2013-06-211-0/+7
|
* renamed tnc_ifmap2 plugin to tnc_ifmapAndreas Steffen2013-03-311-3/+3
|
* removed obsoleted tnc_ifmap pluginAndreas Steffen2013-03-311-7/+0
|
* set up a new IF-MAP sessionAndreas Steffen2013-03-291-0/+7
|
* Added xauth-noauth pluginTobias Brunner2013-03-191-0/+7
| | | | | | | | This XAuth backend does not do any authentication of client credentials but simply sends a successful XAuth status to the client, thereby concluding the XAuth exchange. This can be useful to fallback to basic RSA authentication with clients that can not be configured without XAuth authentication.
* Removed backend for old Android frontend patchTobias Brunner2013-03-021-3/+3
| | | | Moved the remaining DNS handler to a new plugin.
* Merge branch 'systime'Martin Willi2013-03-011-0/+7
|\ | | | | | | | | | | Add a systime-fix plugin allowing an embedded system to validate certificates if the system time has not been synchronized after boot. Certificates of established tunnels can be re-validated after the system time gets valid.
| * Add a stub for systime-fix, a plugin handling certificate lifetimes gracefullyMartin Willi2013-02-191-0/+7
| |
* | Added ipseckey plugin, which provides support for public keys in IPSECKEY RRsReto Guadagnini2013-02-191-0/+7
| |
* | make TNC client authentication type available to IMVsAndreas Steffen2013-02-121-1/+1
|/
* Payload added to handle IKE fragmentsTobias Brunner2012-12-241-0/+1
|
* Add an error-notify plugin to send catched alerts to listening applicationsMartin Willi2012-12-191-0/+7
|
* Add a lookip plugin stub to lookup connections by virtual IPMartin Willi2012-10-241-0/+7
|
* Add Cisco Unity client support for Split-Include and Local-LANMartin Willi2012-09-181-0/+7
|
* Removed the unneeded socket-raw pluginTobias Brunner2012-09-141-7/+0
|
* Added eap-dynamic plugin which can proxy any other EAP methodTobias Brunner2012-08-311-0/+7
|
* Merge branch 'android-app'Tobias Brunner2012-08-131-1/+1
|\ | | | | | | | | | | | | | | This branch introduces a userland IPsec implementation (libipsec) and an Android App which targets the VpnService API that is provided by Android 4+. The implementation is based on the bachelor thesis 'Userland IPsec for Android 4' by Giuliano Grassi and Ralf Sager.
| * Moved packet_t to libstrongswanTobias Brunner2012-08-081-1/+1
| |
* | Merge branch 'android-ndk'Tobias Brunner2012-08-131-0/+7
|\| | | | | | | | | | | | | | | | | | | | | | | This branch comes with some preliminary changes for the user-land IPsec implementation and the Android App. One important change is that the UDP ports used by the socket-default plugin were made configurable (either via ./configure or strongswan.conf). Also, the plugin does randomly allocate a port if it is configured to 0, which is useful for client implementations. A consequence of these changes is that the local UDP port used when creating ike_cfg_t objects has to be fetched from the socket.
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-081-0/+7
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
* | Add xauth-pam, an XAuth backend verifying credentials with PAMMartin Willi2012-08-101-0/+7
|/
* Fix linking of addrblock plugin when building monolithicMartin Willi2012-08-031-1/+1
| | | | Fixes #212.
* Refactored heavily #ifdefd capability code to its own libstrongswan classMartin Willi2012-07-041-4/+0
|
* Job added to re-initiate an IKE_SA.Tobias Brunner2012-05-301-0/+1
|
* Remove executable flag from source files.Tobias Brunner2012-05-181-0/+0
|
* Schedule a DPD timeout job that enforces the IKE message timeout policyMartin Willi2012-05-151-0/+1
|
* Integrate nm plugin directly in charon-nm.Tobias Brunner2012-05-031-7/+0
|
* Provide plugin list from charon, not internally in libcharon.Tobias Brunner2012-05-031-2/+1
|
* Use a separate interface for loggers.Tobias Brunner2012-05-021-0/+1
| | | | | | | | The new interface does not allow loggers to unregister themselves from the bus. This allows us to use a rwlock_t for them. The latter also means that loggers can now be called concurrently by multiple threads.
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-28/+75
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Isakmp_dpd task added.Clavister OpenSource2012-03-201-0/+1
| |
| * Implemented aggressive mode using Phase 1 helper classMartin Willi2012-03-201-0/+1
| |
| * Implemented a common Phase 1 helper class to use by main and aggressive modesMartin Willi2012-03-201-0/+1
| |
| * Try to detect reauthentication as responder and adopt children to new SAMartin Willi2012-03-201-1/+2
| |
| * Added an XAuth plugin that forwards authentication to EAP methodsMartin Willi2012-03-201-0/+6
| |
| * Don't include ikev1/ikev2 subfolders in build when using --disable-ikev1/ikev2Martin Willi2012-03-201-2/+10
| |
| * Moved eap/xauth classes out of protocol specific subdirectoriesMartin Willi2012-03-201-4/+4
| |
| * Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-201-46/+48
| |
| * Renamed ike_vendor_v1 to isakmp_vendorMartin Willi2012-03-201-1/+1
| |
| * Renamed ike_natd_v1 to isakmp_natdMartin Willi2012-03-201-1/+1
| |
| * Renamed ike_cert_pre_v1 to isakmp_cert_preMartin Willi2012-03-201-1/+1
| |
| * Renamed ike_cert_post_v1 to isakmp_cert_postMartin Willi2012-03-201-1/+1
| |
| * Added a dedicated IKEv1 task to delete CHILD_SAsMartin Willi2012-03-201-0/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-26 10:53:34 +0000