aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
| * | Allow clients to request a configured EAP method via EAP-NakTobias Brunner2012-08-312-2/+2
| | |
| * | Send EAP-Nak with supported types if requested type is unsupportedTobias Brunner2012-08-312-4/+6
| |/
* / use pen_type_t for PA Message SubtypeAndreas Steffen2012-08-233-32/+29
|/
* CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc pluginTobias Brunner2012-08-172-7/+7
|
* Removed manual EAP method registration in eap-gtc pluginTobias Brunner2012-08-171-5/+0
|
* Enable UDP decapsulation for both address familiesTobias Brunner2012-08-162-9/+11
| | | | | | | | Since the 3.5 Linux kernel both UDP implementations have a separate static flag to indicate whether ANY sockets enabled UDP decapsulation. As we only ever enabled it for one address family (in earlier versions IPv4 only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation wouldn't work anymore (at least for one address family).
* Correctly transmit EAP-MSCHAPv2 user name if it contains a domain partTobias Brunner2012-08-161-11/+12
|
* Merge branch 'android-ndk'Tobias Brunner2012-08-1320-254/+325
|\ | | | | | | | | | | | | | | | | | | | | | | This branch comes with some preliminary changes for the user-land IPsec implementation and the Android App. One important change is that the UDP ports used by the socket-default plugin were made configurable (either via ./configure or strongswan.conf). Also, the plugin does randomly allocate a port if it is configured to 0, which is useful for client implementations. A consequence of these changes is that the local UDP port used when creating ike_cfg_t objects has to be fetched from the socket.
| * Added option to prevent socket-default from setting the source address on ↵Tobias Brunner2012-08-081-1/+9
| | | | | | | | outbound packets
| * socket-default plugin allocates random ports if configured to 0.Tobias Brunner2012-08-081-36/+84
| | | | | | | | Also added strongswan.conf options to change the ports.
| * Replaced usages of CHARON_*_PORT with calls to get_port().Tobias Brunner2012-08-089-11/+15
| |
| * Added get_port() method to socket_t to learn the listening port.Tobias Brunner2012-08-083-2/+26
| |
| * Improved how NAT-T keepalives are handled in sockets/receiver.Tobias Brunner2012-08-083-21/+2
| |
| * Let kernel interfaces decide how to enable UDP decapsulation of ESP packets.Tobias Brunner2012-08-084-78/+21
| |
| * Add Non-ESP marker in sender and not individual socket plugins.Tobias Brunner2012-08-083-38/+3
| |
| * Handle Non-ESP marker in receiver and not individual socket plugins.Tobias Brunner2012-08-083-39/+10
| |
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-087-32/+156
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
| * Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-0811-34/+37
| | | | | | | | configurable.
* | Doxygen fixTobias Brunner2012-08-111-1/+1
| |
* | EAP-GTC can use any XAuth backend, including xauth-pamMartin Willi2012-08-102-88/+45
| | | | | | | | | | | | | | This makes EAP-GTC a generic plain password authentication method, as it is used with XAuth. Instead of verifying credentials with PAM, any backend can be configured. The default is xauth-pam, providing the same functionality as EAP-GTC in strongSwan 4.x.
* | Add xauth-pam, an XAuth backend verifying credentials with PAMMartin Willi2012-08-105-0/+383
| |
* | make max_message_size parameter consistent with similar optionsAndreas Steffen2012-08-092-2/+2
|/
* Proper fallback if capability dropping is not availableTobias Brunner2012-07-271-1/+2
|
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-262-3/+15
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-262-3/+6
|
* Fix EAP-MSCHAPv2 master key derivation, broken with 87dd205bMartin Willi2012-07-181-4/+12
|
* Use centralized hasher names in coupling pluginMartin Willi2012-07-171-20/+2
|
* handled return values in tnc-pdpAndreas Steffen2012-07-161-8/+17
|
* Handle PRF failures in eap-aka-3gpp2Martin Willi2012-07-164-57/+124
|
* Cleaned up memory management and return values for encryption payloadMartin Willi2012-07-161-1/+0
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-163-24/+45
|
* Add a return value to keymat_v1_t.{get,update,confirm}_ivMartin Willi2012-07-162-9/+13
|
* Add a return value to hasher_t.get_hash()Martin Willi2012-07-162-3/+11
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-161-2/+2
|
* Add a return value to crypter_t.encryptMartin Willi2012-07-161-1/+7
|
* Check rng return value when generating identity in eap-simaka-reauth pluginTobias Brunner2012-07-161-4/+18
|
* Check rng return value when generating pseudonym in eap-simaka-pseudonym pluginTobias Brunner2012-07-161-1/+10
|
* Check rng return value when generating nonces in eap-aka pluginTobias Brunner2012-07-161-1/+4
|
* Check rng return value when generating nonces in eap-sim pluginTobias Brunner2012-07-162-2/+8
|
* Check rng return value when generating RAND in eap-aka-3gpp2 pluginTobias Brunner2012-07-161-2/+2
|
* Check rng return value when generating challenges in eap-md5 and mschapv2 ↵Tobias Brunner2012-07-162-12/+12
| | | | plugins
* Check rng return value when generating Transaction IDs in DHCP pluginTobias Brunner2012-07-161-1/+5
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-3/+2
|
* Add a return value to simaka_crypto_t.derive_keys_*()Martin Willi2012-07-164-27/+59
|
* Add a return value to radius_message_t.sign()Martin Willi2012-07-162-11/+17
|
* Add a return value to simaka_message_t.generate()Martin Willi2012-07-164-85/+257
|
* Don't modify the message string passed to logger, as it gets reusedMartin Willi2012-07-132-10/+11
|
* updated Copyright infoAndreas Steffen2012-07-136-6/+6
|
* restrict PA-TNC messages to maximum sizeAndreas Steffen2012-07-124-12/+43
|
* Avoid that any % characters (e.g. in %any) are evaluated when logging via strokeTobias Brunner2012-07-121-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-12 10:19:55 +0000