| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | counters: Move IKE event counter collection from stroke to a separate plugin | Tobias Brunner | 2017-11-08 | 1 | -2/+1 |
| | | |||||
| * | stroke: Make 96-bit truncation for SHA-256 configurable | Tobias Brunner | 2017-05-26 | 1 | -0/+1 |
| | | |||||
| * | vici: strongswan.conf cache_crls = yes saves fetched CRLs to disk | Andreas Steffen | 2016-10-11 | 1 | -1/+1 |
| | | |||||
| * | Use standard unsigned integer types | Andreas Steffen | 2016-03-24 | 1 | -1/+1 |
| | | |||||
| * | utils: Add enum name for pseudo log group 'any' | Tobias Brunner | 2016-02-05 | 1 | -10/+3 |
| | | |||||
| * | stroke: Change how CA certificates are stored | Tobias Brunner | 2015-08-20 | 1 | -2/+2 |
| | | | | | | | | | | | | Since 11c14bd2f5 CA certificates referenced in ca sections were enumerated by two credential sets if they were also stored in ipsec.d/cacerts. This caused duplicate certificate requests to get sent. All CA certificates, whether loaded automatically or via a ca section, are now stored in stroke_ca_t. Certificates referenced in ca sections are now also reloaded when `ipsec rereadcacerts` is used. | ||||
| * | attributes: Move the configuration attributes framework to libcharon | Martin Willi | 2015-02-20 | 1 | -5/+8 |
| | | |||||
| * | stroke: Don't log unspecified options of conn and ca sections | Tobias Brunner | 2014-06-30 | 1 | -37/+50 |
| | | |||||
| * | enum: Return boolean result for enum_from_name() lookup | Martin Willi | 2014-05-16 | 1 | -2/+1 |
| | | | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned. | ||||
| * | stroke: Use proper modifiers to print size_t arguments | Tobias Brunner | 2014-02-18 | 1 | -1/+1 |
| | | |||||
| * | libcharon: Use lib->ns instead of charon->name | Tobias Brunner | 2014-02-12 | 1 | -4/+4 |
| | | |||||
| * | stroke: Ensure the buffer of strings in a stroke_msg_t is null-terminated | Tobias Brunner | 2014-01-23 | 1 | -2/+5 |
| | | | | | | Otherwise a malicious user could send an unterminated string to cause unterminated reads. | ||||
| * | stroke: Add an option to prevent log level changes via stroke socket | Tobias Brunner | 2014-01-23 | 1 | -2/+15 |
| | | |||||
| * | leak-detective: Use callback functions to report leaks and usage information | Martin Willi | 2013-11-06 | 1 | -1/+22 |
| | | | | | This is more flexible than printing reports to a FILE. | ||||
| * | stroke: Configure proposal with AH protocol if 'ah' option set | Martin Willi | 2013-10-11 | 1 | -0/+2 |
| | | |||||
| * | stroke: use a stream service to handle stroke requests | Martin Willi | 2013-07-18 | 1 | -227/+48 |
| | | |||||
| * | capabilities: Move global capabilities_t instance to libstrongswan | Tobias Brunner | 2013-06-25 | 1 | -2/+2 |
| | | |||||
| * | stroke: add exportconn{cert,chain} commands in addition to exportx509 | Martin Willi | 2013-06-19 | 1 | -6/+65 |
| | | | | | | The new commands either export a single end entity certificate or the full trust chain for a specific connection name. | ||||
| * | Merge branch 'stroke-counters' | Martin Willi | 2013-03-18 | 1 | -6/+23 |
| |\ | | | | | | | | | Extend stroke counters functionality by connection specific counters, and a resetcounters command to reset the global or connection counters. | ||||
| | * | Add a "resetcounters" command to ipsec, clearing global or connection counters | Martin Willi | 2013-03-15 | 1 | -1/+9 |
| | | | |||||
| | * | Add connection name specific stroke counters | Martin Willi | 2013-03-15 | 1 | -6/+15 |
| | | | |||||
| * | | Fix 'stroke loglevel any' | Tobias Brunner | 2013-02-13 | 1 | -4/+11 |
| |/ | | | | | | | Before b46a5cd4 this worked if debug_t was unsigned. In that case -1, as returned by enum_from_name(), would result in a large positive number. So any unknown debug group (including 'any') had the same effect that was only intended for 'any'. | ||||
| * | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | Add a "ipsec listcounters" command to stroke | Martin Willi | 2012-10-24 | 1 | -0/+4 |
| | | |||||
| * | Add a stub for IKE event counters in stroke | Martin Willi | 2012-10-24 | 1 | -0/+10 |
| | | |||||
| * | Reload logger configuration on SIGHUP | Tobias Brunner | 2012-10-18 | 1 | -18/+1 |
| | | | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t. | ||||
| * | Support multiple addresses/pools in left/rightsourceip | Martin Willi | 2012-08-30 | 1 | -3/+3 |
| | | |||||
| * | Add a stroke attribute_handler requesting DNS servers given with leftdns | Martin Willi | 2012-08-21 | 1 | -0/+12 |
| | | |||||
| * | Add a left/rightdns keyword to configure connection specific DNS attributes | Martin Willi | 2012-08-21 | 1 | -0/+2 |
| | | |||||
| * | Add an ipsec.conf leftgroups2 parameter for the second authentication round | Martin Willi | 2012-07-26 | 1 | -0/+2 |
| | | |||||
| * | Refactored heavily #ifdefd capability code to its own libstrongswan class | Martin Willi | 2012-07-04 | 1 | -1/+2 |
| | | |||||
| * | Centralized thread cancellation in processor_t | Tobias Brunner | 2012-06-25 | 1 | -19/+7 |
| | | | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation. | ||||
| * | make IKEv1 DPD timeout configurable in charon | Andreas Steffen | 2012-05-17 | 1 | -0/+1 |
| | | |||||
| * | Use name from initialization to access settings in libcharon. | Tobias Brunner | 2012-05-03 | 1 | -1/+2 |
| | | | | | Also fixes several whitespace errors. | ||||
| * | Loggers specify what log messages they want to receive during registration. | Tobias Brunner | 2012-05-02 | 1 | -0/+2 |
| | | | | | | | | This also allows us to generate the log message only once for all loggers that need it (avoids calls to custom printf specifier callbacks). To update the log levels loggers can simply be registered again. | ||||
| * | Merge branch 'ikev1' | Martin Willi | 2012-05-02 | 1 | -0/+3 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c | ||||
| | * | Merge branch 'ikev1-clean' into ikev1-master | Martin Willi | 2012-03-20 | 1 | -0/+3 |
| | |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins. | ||||
| | | * | Support an "any" IKE version for both IKEv1 or IKEv2 | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | | |||||
| | | * | Pass ipsec.conf xauth_identity option via stroke to charon configurations | Martin Willi | 2012-03-20 | 1 | -0/+2 |
| | | | | |||||
| | | * | Log configured IKE version in stroke plugin. | Tobias Brunner | 2012-03-20 | 1 | -0/+1 |
| | | | | |||||
| * | | | added support for raw RSA public keys to stroke | Andreas Steffen | 2012-04-30 | 1 | -0/+2 |
| | | | | |||||
| * | | | Added stroke user-creds command, to set username/password for a connection. | Tobias Brunner | 2012-04-17 | 1 | -1/+19 |
| | | | | |||||
| * | | | Typo fixed. | Tobias Brunner | 2012-04-17 | 1 | -1/+1 |
| |/ / | |||||
| * | | Make number of concurrently handled stroke messages configurable. | Tobias Brunner | 2011-12-29 | 1 | -2/+9 |
| | | | |||||
| * | | Limit the number of concurrently handled stroke messages. | Tobias Brunner | 2011-12-29 | 1 | -18/+104 |
| | | | | | | | | | This avoids clogging the thread pool with potentially blocking jobs. | ||||
| * | | Fixed check for log groups when debug_t is unsigned. | Tobias Brunner | 2011-11-25 | 1 | -1/+1 |
| |/ | | | | The range and signedness of enum types is up to the compiler. | ||||
| * | Removed unneeded include. | Tobias Brunner | 2011-10-11 | 1 | -1/+0 |
| | | | | | This is not available on Android and redirects to <fcntl.h> on Ubuntu. | ||||
| * | Migrated stroke_socket_t to INIT/METHOD macros. | Tobias Brunner | 2011-10-03 | 1 | -6/+8 |
| | | |||||
| * | Add a closeaction ipsec.conf keyword to configure close action | Martin Willi | 2011-06-07 | 1 | -0/+3 |
| | | |||||
| * | Use CRITICAL job priority class for long running dispatcher jobs | Martin Willi | 2011-05-16 | 1 | -4/+4 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |