| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | stroke: Don't log unspecified options of conn and ca sections | Tobias Brunner | 2014-06-30 | 1 | -37/+50 |
| | | |||||
| * | enum: Return boolean result for enum_from_name() lookup | Martin Willi | 2014-05-16 | 1 | -2/+1 |
| | | | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned. | ||||
| * | stroke: Use proper modifiers to print size_t arguments | Tobias Brunner | 2014-02-18 | 1 | -1/+1 |
| | | |||||
| * | libcharon: Use lib->ns instead of charon->name | Tobias Brunner | 2014-02-12 | 1 | -4/+4 |
| | | |||||
| * | stroke: Ensure the buffer of strings in a stroke_msg_t is null-terminated | Tobias Brunner | 2014-01-23 | 1 | -2/+5 |
| | | | | | | Otherwise a malicious user could send an unterminated string to cause unterminated reads. | ||||
| * | stroke: Add an option to prevent log level changes via stroke socket | Tobias Brunner | 2014-01-23 | 1 | -2/+15 |
| | | |||||
| * | leak-detective: Use callback functions to report leaks and usage information | Martin Willi | 2013-11-06 | 1 | -1/+22 |
| | | | | | This is more flexible than printing reports to a FILE. | ||||
| * | stroke: Configure proposal with AH protocol if 'ah' option set | Martin Willi | 2013-10-11 | 1 | -0/+2 |
| | | |||||
| * | stroke: use a stream service to handle stroke requests | Martin Willi | 2013-07-18 | 1 | -227/+48 |
| | | |||||
| * | capabilities: Move global capabilities_t instance to libstrongswan | Tobias Brunner | 2013-06-25 | 1 | -2/+2 |
| | | |||||
| * | stroke: add exportconn{cert,chain} commands in addition to exportx509 | Martin Willi | 2013-06-19 | 1 | -6/+65 |
| | | | | | | The new commands either export a single end entity certificate or the full trust chain for a specific connection name. | ||||
| * | Merge branch 'stroke-counters' | Martin Willi | 2013-03-18 | 1 | -6/+23 |
| |\ | | | | | | | | | Extend stroke counters functionality by connection specific counters, and a resetcounters command to reset the global or connection counters. | ||||
| | * | Add a "resetcounters" command to ipsec, clearing global or connection counters | Martin Willi | 2013-03-15 | 1 | -1/+9 |
| | | | |||||
| | * | Add connection name specific stroke counters | Martin Willi | 2013-03-15 | 1 | -6/+15 |
| | | | |||||
| * | | Fix 'stroke loglevel any' | Tobias Brunner | 2013-02-13 | 1 | -4/+11 |
| |/ | | | | | | | Before b46a5cd4 this worked if debug_t was unsigned. In that case -1, as returned by enum_from_name(), would result in a large positive number. So any unknown debug group (including 'any') had the same effect that was only intended for 'any'. | ||||
| * | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | Add a "ipsec listcounters" command to stroke | Martin Willi | 2012-10-24 | 1 | -0/+4 |
| | | |||||
| * | Add a stub for IKE event counters in stroke | Martin Willi | 2012-10-24 | 1 | -0/+10 |
| | | |||||
| * | Reload logger configuration on SIGHUP | Tobias Brunner | 2012-10-18 | 1 | -18/+1 |
| | | | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t. | ||||
| * | Support multiple addresses/pools in left/rightsourceip | Martin Willi | 2012-08-30 | 1 | -3/+3 |
| | | |||||
| * | Add a stroke attribute_handler requesting DNS servers given with leftdns | Martin Willi | 2012-08-21 | 1 | -0/+12 |
| | | |||||
| * | Add a left/rightdns keyword to configure connection specific DNS attributes | Martin Willi | 2012-08-21 | 1 | -0/+2 |
| | | |||||
| * | Add an ipsec.conf leftgroups2 parameter for the second authentication round | Martin Willi | 2012-07-26 | 1 | -0/+2 |
| | | |||||
| * | Refactored heavily #ifdefd capability code to its own libstrongswan class | Martin Willi | 2012-07-04 | 1 | -1/+2 |
| | | |||||
| * | Centralized thread cancellation in processor_t | Tobias Brunner | 2012-06-25 | 1 | -19/+7 |
| | | | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation. | ||||
| * | make IKEv1 DPD timeout configurable in charon | Andreas Steffen | 2012-05-17 | 1 | -0/+1 |
| | | |||||
| * | Use name from initialization to access settings in libcharon. | Tobias Brunner | 2012-05-03 | 1 | -1/+2 |
| | | | | | Also fixes several whitespace errors. | ||||
| * | Loggers specify what log messages they want to receive during registration. | Tobias Brunner | 2012-05-02 | 1 | -0/+2 |
| | | | | | | | | This also allows us to generate the log message only once for all loggers that need it (avoids calls to custom printf specifier callbacks). To update the log levels loggers can simply be registered again. | ||||
| * | Merge branch 'ikev1' | Martin Willi | 2012-05-02 | 1 | -0/+3 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c | ||||
| | * | Merge branch 'ikev1-clean' into ikev1-master | Martin Willi | 2012-03-20 | 1 | -0/+3 |
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins. | ||||
| | | * | Support an "any" IKE version for both IKEv1 or IKEv2 | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | | |||||
| | | * | Pass ipsec.conf xauth_identity option via stroke to charon configurations | Martin Willi | 2012-03-20 | 1 | -0/+2 |
| | | | | |||||
| | | * | Log configured IKE version in stroke plugin. | Tobias Brunner | 2012-03-20 | 1 | -0/+1 |
| | | | | |||||
| * | | | added support for raw RSA public keys to stroke | Andreas Steffen | 2012-04-30 | 1 | -0/+2 |
| | | | | |||||
| * | | | Added stroke user-creds command, to set username/password for a connection. | Tobias Brunner | 2012-04-17 | 1 | -1/+19 |
| | | | | |||||
| * | | | Typo fixed. | Tobias Brunner | 2012-04-17 | 1 | -1/+1 |
| |/ / | |||||
| * | | Make number of concurrently handled stroke messages configurable. | Tobias Brunner | 2011-12-29 | 1 | -2/+9 |
| | | | |||||
| * | | Limit the number of concurrently handled stroke messages. | Tobias Brunner | 2011-12-29 | 1 | -18/+104 |
| | | | | | | | | | This avoids clogging the thread pool with potentially blocking jobs. | ||||
| * | | Fixed check for log groups when debug_t is unsigned. | Tobias Brunner | 2011-11-25 | 1 | -1/+1 |
| |/ | | | | The range and signedness of enum types is up to the compiler. | ||||
| * | Removed unneeded include. | Tobias Brunner | 2011-10-11 | 1 | -1/+0 |
| | | | | | This is not available on Android and redirects to <fcntl.h> on Ubuntu. | ||||
| * | Migrated stroke_socket_t to INIT/METHOD macros. | Tobias Brunner | 2011-10-03 | 1 | -6/+8 |
| | | |||||
| * | Add a closeaction ipsec.conf keyword to configure close action | Martin Willi | 2011-06-07 | 1 | -0/+3 |
| | | |||||
| * | Use CRITICAL job priority class for long running dispatcher jobs | Martin Willi | 2011-05-16 | 1 | -4/+4 |
| | | |||||
| * | Added a statusallnb stroke command to show status non-blocking | Martin Willi | 2011-05-16 | 1 | -4/+7 |
| | | |||||
| * | Added a stroke memusage command to show memory usage | Martin Willi | 2011-05-16 | 1 | -0/+15 |
| | | |||||
| * | Cast size_t len arguments to %.*s to int | Martin Willi | 2011-04-20 | 1 | -1/+1 |
| | | |||||
| * | Fixed check for member of stroke_msg_t in pop_string. | Tobias Brunner | 2011-04-13 | 1 | -1/+1 |
| | | | | | | | Because of the cast to char** the length of the message was multiplied by sizeof(char*), i.e. 4 or 8 bytes (depending on the architecture) instead of by 1 (sizeof(char)). | ||||
| * | Added a left/rightcertpolicy keyword to specify certificatePolicy requirements | Martin Willi | 2011-01-07 | 1 | -0/+1 |
| | | |||||
| * | Renamed purgex509/crl to purgecerts/crls to be consistent with list commands | Martin Willi | 2010-12-10 | 1 | -2/+2 |
| | | |||||
| * | Added options to flush CRLs/X509 certs from the cert cache | Martin Willi | 2010-12-10 | 1 | -0/+8 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |