aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/vici
Commit message (Collapse)AuthorAgeFilesLines
* vici: Relicense libvici.h under MITMartin Willi2015-04-141-9/+20
| | | | | | libvici currently relies on libstrongswan, and therefore is bound to the GPLv2. But to allow alternatively licensed reimplementations without copyleft based on the same interface, we liberate the header.
* vici: Defer read/write error reporting after connection entry has been releasedMartin Willi2015-04-131-12/+34
| | | | | | | | | | | | | | | | If a vici client registered for (control-)log events, but a vici read/write operation fails, this may result in a deadlock. The attempt to write to the bus results in a vici log message, which in turn tries to acquire the lock for the entry currently held. While a recursive lock could help as well for a single thread, there is still a risk of inter-thread races if there is more than one thread listening for events and/or having read/write errors. We instead log to a local buffer, and write to the bus not before the connection entry has been released. Additionally, we mark the connection entry as unusable to avoid writing to the failed socket again, potentially triggering an error loop.
* child-sa: Add a new state to track rekeyed IKEv1 CHILD_SAsTobias Brunner2015-03-251-1/+2
| | | | | | This is needed to handle DELETEs properly, which was previously done via CHILD_REKEYING, which we don't use anymore since 5c6a62ceb6 as it prevents reauthentication.
* vici: Add support for python 3Björn Schuberg2015-03-185-8/+29
|
* vici: Execute python tests during "check" if py.test is availableMartin Willi2015-03-181-0/+4
|
* vici: Add test of Packet layer in python libraryBjörn Schuberg2015-03-181-1/+47
|
* vici: Add test of Message (de)serialization in python libraryBjörn Schuberg2015-03-183-0/+100
|
* vici: Evaluate Python streamed command results, and raise CommandExceptionMartin Willi2015-03-181-1/+10
|
* vici: Catch Python GeneratorExit to properly cancel streamed event iterationMartin Willi2015-03-182-1/+12
|
* vici: Fall back to heap buffer when vararg printing on stack failsMartin Willi2015-03-181-21/+44
| | | | This avoids failures when building log event messages including larger hexdumps.
* vici: Return a Python generator instead of a list for streamed responsesMartin Willi2015-03-182-47/+25
| | | | | | | In addition that it may reduce memory usage and improve performance for large responses, it returns immediate results. This is important for longer lasting commands, such as initiate/terminate, where immediate log feedback is preferable when interactively calling such commands.
* vici: Raise a Python CommandException instead of returning a CommandResultMartin Willi2015-03-182-82/+42
|
* vici: Add initial Python egg documentation to READMEMartin Willi2015-03-181-0/+65
|
* vici: Use OrderedDict to handle vici responses in Python libraryMartin Willi2015-03-181-2/+3
| | | | | The default Python dictionaries are unordered, but order is important for some vici trees (for example the order of authentication rounds).
* vici: Return authentication rounds with unique namesMartin Willi2015-03-181-1/+4
| | | | | | To simplify handling of authentication rounds in dictionaries/hashtables on the client side, we assign unique names to each authentication round when listing connection.
* vici: Rebuild ruby gem on source file changesMartin Willi2015-03-181-1/+1
|
* vici: Use default Unix vici socket if none passed to ruby constructorMartin Willi2015-03-182-4/+7
| | | | | While we currently have a static path instead of one generated with Autotools, this at least is congruent to what we have in the Python library.
* vici: Support non-Unix sockets for vici connections using PythonMartin Willi2015-03-182-7/+9
|
* vici: Add python egg setuptools building and installation using easy_installMartin Willi2015-03-181-0/+15
| | | | | | An uninstall target is currently not supported, as there is no trivial way with either plain setuptools or with easy_install. pip would probably be the best choice, but we currently don't depend on it.
* vici: Generate a version specific setup.py for setuptools installationMartin Willi2015-03-183-0/+41
|
* vici: Include python package in distributionMartin Willi2015-03-182-0/+9
|
* vici: Add python package MIT licenseBjörn Schuberg2015-03-182-0/+20
|
* vici: Expose Session as a top-level symbol in python packageBjörn Schuberg2015-03-181-0/+1
|
* vici: Introduce main API Session class in python packageBjörn Schuberg2015-03-181-1/+244
|
* vici: Add a python vici command execution handlerBjörn Schuberg2015-03-182-1/+134
|
* vici: Add vici python protocol handlerBjörn Schuberg2015-03-184-0/+199
|
* vici: Use %u to print stats returned by mallinfo(3)Tobias Brunner2015-03-131-4/+4
| | | | Fixes #886.
* vici: Don't use a default rand_time larger than half of rekey/reauth_timeMartin Willi2015-03-031-3/+11
|
* vici: If a IKE reauth_time is configured, disable the default rekey_timeMartin Willi2015-03-031-1/+16
|
* vici: Support ruby gem out-of-tree buildsMartin Willi2015-02-271-1/+3
| | | | | | | Referencing $(srcdir) in the gemspec is not really an option, as "gem build" includes the full path in the gem, so we need to build in $(srcdir). As there does not seem to be a way to control the output of "gem build", we manually move the gem to $(builddir) in OOT builds.
* mem-pool: Pass the remote IKE address, to re-acquire() an address during reauthMartin Willi2015-02-201-6/+9
| | | | | | | | | | | With make-before-break IKEv2 re-authentication, virtual IP addresses must be assigned overlapping to the same peer. With the remote IKE address, the backend can detect re-authentication attempts by comparing the remote host address and port. This allows proper reassignment of the virtual IP if it is re-requested. This change removes the mem-pool.reassign_online option, as it is obsolete now. IPs get automatically reassigned if a peer re-requests the same address, and additionally connects from the same address and port.
* attribute-provider: Pass full IKE_SA to provider backendsMartin Willi2015-02-201-3/+9
|
* attributes: Move the configuration attributes framework to libcharonMartin Willi2015-02-201-5/+4
|
* controller: Use the CHILD_SA unique_id to terminate CHILD_SAsMartin Willi2015-02-202-12/+12
|
* vici: Include the CHILD_SA unique ID in list-sa eventMartin Willi2015-02-202-0/+2
|
* vici: Fix ruby gem author emailMartin Willi2015-01-221-1/+1
|
* vici: Fix README example encoding element type values, off by oneMartin Willi2015-01-211-10/+10
| | | | | | | While we fixed the wrong values in the description with d39e04b5, the example values are still off by one. Fixes #828.
* vici: Use silent builder destroy function in vici_free_req()Martin Willi2014-12-121-7/+1
|
* vici: Add a destroy method to builder, allowing cancellation without errorMartin Willi2014-12-122-4/+18
| | | | | When cancelling a builder, finalize throws an error which we might prefer to avoid.
* vici: Make sure to send/recv all requested bytes over socketMartin Willi2014-12-041-3/+22
| | | | | | As the underlying C functions, send/recv on ruby sockets are not guaranteed to send/recv all requested bytes. Use wrapper functions to make sure we get all bytes needed.
* vici: Add support for address range definitions of poolsTobias Brunner2014-10-301-5/+35
|
* vici: Return default value for get_int() if message value is empty stringMartin Willi2014-10-142-1/+5
| | | | | This is the behavior of some strtol() implementations, and it makes sense, so force it.
* vici: Add vici.gemspec.in and vici.rb to distributionTobias Brunner2014-10-141-0/+2
|
* vici: Cancel processor before calling library_deinit()Martin Willi2014-10-101-0/+1
| | | | | For non-direct libstrongswan users, the deinitialization segfaults because of the missing worker thread cancellation.
* vici: Reduce debug level during thread spawningMartin Willi2014-10-101-0/+2
| | | | We want to avoid libvici users to get a cluttered stderr for no real error.
* vici: Don't include-depend on libstrongswan for boolean typesMartin Willi2014-10-102-4/+2
| | | | | | | | As we want to avoid the libstrongswan include dependencies for libvici, avoid the use of the bool type. Unfortunately this change may break the ABI for vici_dump(). As this function is mostly for debugging purposes, we do it nonetheless; my apologies if somebody already relies on the ABI stability of that function.
* vici: Document the ruby gem and add some simple examplesMartin Willi2014-10-101-0/+58
|
* vici: Add some simple libvici examples to the READMEMartin Willi2014-10-101-2/+116
|
* vici: Document the available vici command and event messagesMartin Willi2014-10-101-1/+509
|
* vici: Use "gem"-assisted vici ruby gem building and installationMartin Willi2014-10-104-1/+29
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-25 09:22:13 +0000