| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | counters: Move IKE event counter collection from stroke to a separate plugin | Tobias Brunner | 2017-11-08 | 1 | -0/+7 |
| | | |||||
| * | eap-aka-3gpp: Add plugin that implements 3GPP MILENAGE algorithm in software | Tobias Brunner | 2017-07-05 | 1 | -0/+7 |
| | | | | | | | | | | | This is similar to the eap-aka-3gpp2 plugin. K (optionally concatenated with OPc) may be configured as binary EAP secret in ipsec.secrets or swanctl.conf. Based on a patch by Thomas Strangert. Fixes #2326. | ||||
| * | Add plugin constructor registration for all libraries that provide plugins | Tobias Brunner | 2017-05-23 | 1 | -0/+9 |
| | | | | | | | | | | | | | | | Unfortunately, we can't just add the generated C file to the sources in Makefile.am as the linker would remove that object file when it notices that no symbol in it is ever referenced. So we include it in the file that contains the library initialization, which will definitely be referenced by the executable. This allows building an almost stand-alone static version of e.g. charon when building with `--enable-monolithic --enable-static --disable-shared` (without `--disable-shared` libtool will only build a version that links the libraries dynamically). External libraries (e.g. gmp or openssl) are not linked statically this way, though. | ||||
| * | ikev2: Add task to handle IKEV2_MESSAGE_ID_SYNC notifies as responder | Tobias Brunner | 2017-02-08 | 1 | -0/+1 |
| | | |||||
| * | bypass-lan: Add plugin that installs bypass policies for locally attached ↵ | Tobias Brunner | 2017-02-08 | 1 | -0/+7 |
| | | | | | subnets | ||||
| * | ikev1: Factor out IV and QM management | Tobias Brunner | 2017-02-08 | 1 | -0/+1 |
| | | | | | This simplifies implementing a custom keymat_v1_t. | ||||
| * | maemo: Remove unused plugin | Tobias Brunner | 2016-09-15 | 1 | -7/+0 |
| | | |||||
| * | Report test coverage of libcharon and starter | Tobias Brunner | 2016-06-17 | 1 | -0/+3 |
| | | |||||
| * | configure: Check for and explicitly link against -latomic | Martin Willi | 2016-06-14 | 1 | -1/+1 |
| | | | | | | Some C libraries, such as uClibc, require an explicit link for some atomic functions. Check for any libatomic, and explcily link it. | ||||
| * | p-cscf: Add plugin stub | Tobias Brunner | 2016-03-10 | 1 | -0/+7 |
| | | |||||
| * | ikev2: Add task that verifies a peer's certificate | Tobias Brunner | 2016-03-10 | 1 | -1/+2 |
| | | | | | | | On failure the SA is deleted and reestablished as configured. The task is activated after the REAUTH_COMPLETE task so a make-before-break reauth is completed before the new SA might get torn down. | ||||
| * | redirect-job: Add job to redirect an active IKE_SA | Tobias Brunner | 2016-03-04 | 1 | -0/+1 |
| | | |||||
| * | ike-redirect: Add task to redirect active IKE_SAs | Tobias Brunner | 2016-03-04 | 1 | -0/+1 |
| | | |||||
| * | redirect-manager: Add manager for redirect providers | Tobias Brunner | 2016-03-04 | 1 | -1/+1 |
| | | |||||
| * | redirect-provider: Add interface to redirect clients during initial messages | Tobias Brunner | 2016-03-04 | 1 | -0/+1 |
| | | | | | | This will allow e.g. plugins to decide whether a connecting client is redirected to a different gateway using RFC 5685. | ||||
| * | libhydra: Remove empty unused library | Tobias Brunner | 2016-03-03 | 1 | -2/+0 |
| | | |||||
| * | libhydra: Move kernel interface to libcharon | Tobias Brunner | 2016-03-03 | 1 | -1/+4 |
| | | | | | This moves hydra->kernel_interface to charon->kernel. | ||||
| * | libhydra: Move all kernel plugins to libcharon | Tobias Brunner | 2016-03-03 | 1 | -0/+21 |
| | | |||||
| * | charon: Add custom logger to daemon | Thomas Egerer | 2016-03-01 | 1 | -0/+1 |
| | | | | | | | | | | | | This logger can be used to easily register custom logging instances using __attribute__((constructor)) benefiting from the global reload mechanism (with reset of log levels). Note that this is not intended to be used from plugins, which are loaded after loggers have already been initialized. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> | ||||
| * | ikev2: Immediately initiate queued tasks after establishing rekeyed IKE_SA | Martin Willi | 2015-03-18 | 1 | -0/+1 |
| | | | | | | | If additional tasks get queued before/while rekeying an IKE_SA, these get migrated to the new IKE_SA. We previously did not trigger initiation of these tasks, though, leaving the task unexecuted until a new task gets queued. | ||||
| * | forecast: Add the broadcast/multicast forwarding plugin called forecast | Martin Willi | 2015-02-20 | 1 | -0/+7 |
| | | |||||
| * | connmark: Add a plugin stub | Martin Willi | 2015-02-20 | 1 | -0/+7 |
| | | |||||
| * | ikev2: Schedule a make-before-break completion task to delete old IKE_SA | Martin Willi | 2015-02-20 | 1 | -0/+1 |
| | | |||||
| * | unit-tester: Drop the old unit-tester libcharon plugin | Martin Willi | 2015-02-20 | 1 | -7/+0 |
| | | | | | | | While it has some tests that we don't directly cover with the new unit tests, most of them require special infrastructure and therefore have not been used for a long time. | ||||
| * | attributes: Move the configuration attributes framework to libcharon | Martin Willi | 2015-02-20 | 1 | -0/+4 |
| | | |||||
| * | libcharon: Add a test runner | Martin Willi | 2015-02-20 | 1 | -0/+5 |
| | | |||||
| * | attr-sql: Move plugin to libcharon | Martin Willi | 2015-02-20 | 1 | -0/+7 |
| | | |||||
| * | attr: Move plugin to libcharon | Martin Willi | 2015-02-20 | 1 | -0/+7 |
| | | |||||
| * | resolve: Move plugin back to libcharon | Martin Willi | 2015-02-20 | 1 | -0/+7 |
| | | | | | Since pluto is gone, all existing users build upon libcharon. | ||||
| * | child-sa-manager: Add a global manager storing CHILD_SA relations | Martin Willi | 2015-02-20 | 1 | -0/+1 |
| | | | | | | | To quickly check out IKE_SAs and find associated CHILD_SAs, the child_sa_manager stores relations between CHILD_SAs and IKE_SAs. It provides CHILD_SA specific IKE_SA checkout functions wrapping the ike_sa_manager. | ||||
| * | ikev2: Add encrypted fragment payload | Tobias Brunner | 2014-10-10 | 1 | -0/+1 |
| | | |||||
| * | ike: Rename encryption_payload to encrypted_payload | Tobias Brunner | 2014-10-10 | 1 | -1/+1 |
| | | |||||
| * | ext-auth: Add an ext-auth plugin invoking an external authorization script | Martin Willi | 2014-10-06 | 1 | -0/+7 |
| | | | | | Original patch courtesy of Vyronas Tsingaras. | ||||
| * | kernel-iph: Add a stub for a Windows IP Helper based networking backend | Martin Willi | 2014-06-04 | 1 | -0/+7 |
| | | |||||
| * | kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backend | Martin Willi | 2014-06-04 | 1 | -0/+7 |
| | | |||||
| * | socket-win: Implement a Windows socket plugin using Winsock2 | Martin Willi | 2014-06-04 | 1 | -0/+7 |
| | | |||||
| * | bus: Build syslog logger depending on syslog() availability | Martin Willi | 2014-06-04 | 1 | -3/+4 |
| | | |||||
| * | libcharon: Link against Winsock2 on Windows | Martin Willi | 2014-06-04 | 1 | -0/+1 |
| | | |||||
| * | charon: Don't use syslog() if not supported | Martin Willi | 2014-06-04 | 1 | -1/+6 |
| | | |||||
| * | vici: Add a plugin stub for the "Versatile IKE Control Interface" plugin | Martin Willi | 2014-05-07 | 1 | -0/+7 |
| | | |||||
| * | dnscert: Add DNS CERT support for pubkey authentication | Ruslan N. Marchenko | 2013-10-11 | 1 | -0/+7 |
| | | | | | | | | | | | | Add DNSSEC protected CERT RR delivered certificate authentication. The new dnscert plugin is based on the ipseckey plugin and relies on the existing PEM decoder as well as x509 and PGP parsers. As such the plugin expects PEM encoded PKIX(x509) or PGP(GPG) certificate payloads. The plugin is targeted to improve interoperability with Racoon, which supports this type of authentication, ignoring in-stream certificates and using only DNS provided certificates for FQDN IDs. | ||||
| * | Build all shared libraries with -no-undefined and link them properly | Tobias Brunner | 2013-09-12 | 1 | -1/+7 |
| | | | | | | | | | | | The flag is required to convince libtool on Cygwin to build DLLs. But on Windows these shared libraries can not have undefined symbols, so we have to link them explicitly to the libraries they reference. For plugins this is currently not done, so only the monolithic build is supported. The plugin loader wouldn't be able to load DLLs anyway, as it tries to load files that don't exist on Cygwin. | ||||
| * | moved tnc_imv plugin to libtnccs thanks to recommendation callback function | Andreas Steffen | 2013-08-15 | 1 | -7/+0 |
| | | |||||
| * | Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon ↵ | Andreas Steffen | 2013-08-15 | 1 | -35/+0 |
| | | | | | plugins to libtnccs | ||||
| * | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -4/+2 |
| | | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | ||||
| * | osx-attr: add plugin installing config attributes using SystemConfiguration | Martin Willi | 2013-06-21 | 1 | -0/+7 |
| | | | | | | Currently installs DNS servers only, by prepending IP addresses to the DNS configuration of the primary networking service. | ||||
| * | kernel-libipsec: Add plugin that implements kernel_ipsec_t using libipsec | Tobias Brunner | 2013-06-21 | 1 | -0/+7 |
| | | |||||
| * | renamed tnc_ifmap2 plugin to tnc_ifmap | Andreas Steffen | 2013-03-31 | 1 | -3/+3 |
| | | |||||
| * | removed obsoleted tnc_ifmap plugin | Andreas Steffen | 2013-03-31 | 1 | -7/+0 |
| | | |||||
| * | set up a new IF-MAP session | Andreas Steffen | 2013-03-29 | 1 | -0/+7 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |