aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/eap_radius
Commit message (Collapse)AuthorAgeFilesLines
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-126-33/+33
|
* eap-radius: Forward RAT_FRAMED_IP_NETMASK as INTERNAL_IP4_NETMASKTobias Brunner2013-10-111-0/+5
|
* eap-radius: Forward UNITY_SPLIT_INCLUDE or UNITY_LOCAL_LAN attributesTobias Brunner2013-10-111-0/+93
| | | | | | | | | | | | | | | Depending on the value of the CVPN3000-IPSec-Split-Tunneling-Policy(55) radius attribute, the subnets in the CVPN3000-IPSec-Split-Tunnel-List(27) attribute are sent in either a UNITY_SPLIT_INCLUDE (if the value is 1) or a UNITY_LOCAL_LAN (if the value is 2). So if the following attributes would be configured for a RADIUS user CVPN3000-IPSec-Split-Tunnel-List := "10.0.1.0/255.255.255.0,10.0.2.0/255.255.255.0" CVPN3000-IPSec-Split-Tunneling-Policy := 1 A UNITY_SPLIT_INCLUDE configuration payload containing these two subnets would be sent to the client during the ModeCfg exchange.
* eap-radius: Forward UNITY_DEF_DOMAIN and UNITY_SPLITDNS_NAME attributesTobias Brunner2013-10-111-3/+25
| | | | | | The contents of the CVPN3000-IPSec-Default-Domain(28) and CVPN3000-IPSec-Split-DNS-Names(29) radius attributes are forwarded in the corresponding Unity configuration attributes.
* eap-radius: Increase buffer for attributes sent in RADIUS accounting messagesTobias Brunner2013-09-271-1/+1
| | | | 64 bytes might be too short for user names/identities.
* eap-radius: support XAuth configuration profiles, defining multiple XAuth roundsMartin Willi2013-09-031-22/+157
|
* xauth: add a configuration string option to be passed to XAuth instancesMartin Willi2013-09-032-2/+5
| | | | | | The configuration string is appended to the XAuth backend name, separated by a colon. The configuration string is passed untouched to the backend, where it can change the behavior of the XAuth module.
* eap-radius: do RADIUS/IKE attribute forwarding in XAuth backendMartin Willi2013-07-292-1/+5
|
* eap-radius: support plain XAuth RADIUS authentication using User-PasswordMartin Willi2013-07-294-0/+253
|
* eap-radius: export function to build common attributes of Access-RequestMartin Willi2013-07-292-24/+39
|
* eap-radius: export function to process common attributes of Access-AcceptMartin Willi2013-07-292-31/+36
|
* eap-radius: use watcher instead of receiver thread on DAE socketMartin Willi2013-07-181-11/+7
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-4/+7
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* eap-radius: fix add_attribute/framed_ip method signaturesMartin Willi2013-07-011-2/+2
|
* eap-radius: Do initialization in a plugin feature callbackTobias Brunner2013-06-111-28/+47
|
* eap-radius: add an option to disable accounting for tunnels without virtual IPMartin Willi2013-05-061-0/+30
|
* eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPsMartin Willi2013-05-063-34/+100
| | | | Fixes some corner cases if multiple tunnels use the same peer identity.
* fixed typoAndreas Steffen2013-04-191-1/+1
|
* eap-radius: Add an option to exclude ports from Called/Calling-Station-IdMartin Willi2013-04-102-9/+37
|
* Fixed Doxygen comment in eap_radius pluginTobias Brunner2013-03-271-2/+3
|
* Fixed some typos, courtesy of codespellTobias Brunner2013-03-251-2/+2
|
* Removed unused variable 'id'Tobias Brunner2013-03-191-2/+1
|
* Don't create interim update entries if RADIUS accounting is disabledMartin Willi2013-03-142-7/+7
|
* Add support for RADIUS Interim accounting updatesMartin Willi2013-03-143-39/+269
|
* Add an option to delete any established IKE_SA if RADIUS server is not ↵Martin Willi2013-03-144-7/+67
| | | | responding
* Send Acct-Terminate-Cause based on some alerts catched on the busMartin Willi2013-03-141-0/+62
| | | | | Currently supported are user disconnects, session timeouts and if the peer does not respond on IKE packets or DPDs.
* Send NAS-Port, NAS-IP and Calling/Called-Station-ID in Accounting-RequestsMartin Willi2013-03-141-4/+33
|
* Support RADIUS accounting of sent/received packetsMartin Willi2013-03-141-13/+23
|
* child_sa_t.get_usestats() can additionally return the number of processed ↵Martin Willi2013-03-141-2/+2
| | | | packets
* Send NAS-Port, NAS-IP and Calling/Called-Station-ID in Access-RequestMartin Willi2013-03-131-7/+56
|
* Forward Cisco Banner received from RADIUS to Unity capable clientsMartin Willi2013-03-123-5/+176
|
* In eap-radius, hand out received Framed-IP-Address attributes as virtual IPMartin Willi2013-03-125-2/+460
|
* Migrate RADIUS accounting state while IKE_SA unique id changes during rekeyMartin Willi2012-12-111-0/+23
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-242-3/+3
|
* Handle type of first EAP-RADIUS response more sophisticatedTobias Brunner2012-10-181-3/+18
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Avoid memory leak when sending RADIUS accounting start message failedTobias Brunner2012-09-281-1/+1
|
* Support RADIUS accounting when using IKEv1 with xauth-eap and eap-radiusMartin Willi2012-09-111-2/+10
|
* Fix leak while enumerating RADIUS Framed-IPs from IKE_SAMartin Willi2012-09-111-0/+1
|
* Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-10/+19
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-3/+2
|
* Add a return value to radius_message_t.sign()Martin Willi2012-07-161-5/+10
|
* Centralized thread cancellation in processor_tTobias Brunner2012-06-251-12/+3
| | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation.
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-034-29/+43
| | | | Also fixes several whitespace errors.
* Merge branch 'ikev1'Martin Willi2012-05-023-5/+5
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-203-5/+5
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Moved eap/xauth classes out of protocol specific subdirectoriesMartin Willi2012-03-201-1/+1
| | |
| | * Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-201-1/+1
| | |
* | | Typo fixed.Tobias Brunner2012-04-301-1/+1
|/ /
* | use RADIUS_TUNNEL_TYPE_ESP defined in header fileAndreas Steffen2012-03-131-3/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 18:05:55 +0000