aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* ipseckey: Use plugin features and depend on RESOLVERTobias Brunner2013-06-112-28/+53
| | | | Also fixed a double-free of the resolver instance.
* ha: Use plugin features to register listeners and attribute providerTobias Brunner2013-06-111-9/+37
|
* farp: Use plugin features to register listenerTobias Brunner2013-06-111-5/+29
|
* error-notify: Use plugin features to register listenerTobias Brunner2013-06-111-3/+29
|
* duplicheck: Use plugin features to register listenerTobias Brunner2013-06-111-3/+29
|
* coupling: Use plugin features and soft depend on SHA1Tobias Brunner2013-06-111-12/+40
|
* certexpire: Use plugin features to register listenerTobias Brunner2013-06-111-4/+30
|
* addrblock: Use plugin features with soft dependency on X.509 decodingTobias Brunner2013-06-111-5/+34
|
* dhcp: Use plugin features with dependency to RNG implementationTobias Brunner2013-06-111-17/+45
|
* sql: Use plugin features with dependency to database backendTobias Brunner2013-06-111-33/+62
|
* Socket plugins soft depend on the kernel-ipsec plugin featureTobias Brunner2013-06-112-0/+2
| | | | | On most platforms calls to methods to bypass the IKE sockets and enabling UDP decapsulation are required.
* Converted test for recursive mutex_tTobias Brunner2013-06-113-102/+0
|
* Converted tests for chunk_tTobias Brunner2013-06-113-84/+0
|
* Converted and added tests for hashtable_tTobias Brunner2013-06-113-114/+1
|
* Converted tests for identification_tTobias Brunner2013-06-113-254/+0
|
* Remove obsolete enumerator/linked_list tests in unit_tester pluginTobias Brunner2013-06-113-312/+0
|
* updown: pass IKE_SA unique ID in PLUTO_UNIQUEIDEmanuil Hristov2013-05-161-1/+2
|
* stroke: Add second password if providedTobias Brunner2013-05-081-0/+13
|
* stroke: Fail silently if another builder calls PW callback after giving upTobias Brunner2013-05-081-9/+14
| | | | Also reduced the number of tries to 3.
* stroke: Cache passwords so the user is not prompted multiple times for the ↵Tobias Brunner2013-05-081-1/+13
| | | | | | | | | | same password To verify/decrypt a PKCS#12 container a password might be needed multiple times. If it was entered correctly we don't want to bother the user again with another password prompt. The passwords for MAC creation and encryption could be different so the user might be prompted multiple times after all.
* stroke: Fix prompt and error messages in passphrase callbackTobias Brunner2013-05-081-11/+13
|
* stroke: Load credentials from PKCS#12 files (P12 token)Tobias Brunner2013-05-081-15/+92
|
* Load any type (RSA/ECDSA) of public key via left|rightsigkeyTobias Brunner2013-05-073-17/+17
|
* left|rightrsasigkey accepts SSH keys but the key format has to be specified ↵Tobias Brunner2013-05-071-12/+22
| | | | | | | explicitly The default is now PKCS#1. With the dns: and ssh: prefixes other formats can be selected.
* Try to load raw keys from ipsec.conf as PKCS#1 blob firstTobias Brunner2013-05-071-5/+12
| | | | | The DNSKEY builder is quite eager and parses pretty much anything as RSA key, so this has to be done before.
* kernel-interface: query SAD for last use time if SPD query didn't yield oneMartin Willi2013-05-061-1/+1
|
* socket-default: to bind to one dynamic port on OS X, create v4 socket before v6Martin Willi2013-05-061-1/+7
| | | | | It seems that the order of binding sockets of different address families to the same dynamic port must be v6-before-v4 on Linux, but v4-before-v6 on OS X.
* socket-default: refactor socket pair opening to a functionMartin Willi2013-05-061-27/+23
|
* socket-default: Don't try to send packet if we haven't a socket for given familyMartin Willi2013-05-061-3/+4
|
* socket-default: Use -1 if socket is not available, as 0 is actually a valid fdMartin Willi2013-05-061-20/+23
|
* socket-dynamic: when sending from port zero, allocate a free port dynamicallyMartin Willi2013-05-061-26/+101
|
* Use the GEN silent rule when generating files with sedMartin Willi2013-05-061-1/+1
|
* eap-radius: add an option to disable accounting for tunnels without virtual IPMartin Willi2013-05-061-0/+30
|
* eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPsMartin Willi2013-05-063-34/+100
| | | | Fixes some corner cases if multiple tunnels use the same peer identity.
* fixed typoAndreas Steffen2013-04-191-1/+1
|
* eap-radius: Add an option to exclude ports from Called/Calling-Station-IdMartin Willi2013-04-102-9/+37
|
* emit a single assig_vips bus message for all VIPsAndreas Steffen2013-04-063-43/+38
|
* ifmap plugin subscribes to assing_vip bus signalAndreas Steffen2013-04-063-2/+76
|
* unity: Check IKE_SA in only after enumerating virtual IPsTobias Brunner2013-04-051-2/+1
|
* cleaned up XML code in tnccs-11 pluginAndreas Steffen2013-04-048-80/+82
|
* duplicheck: track multiple IKE_SAs in checking state to avoid any racesMartin Willi2013-04-041-63/+123
| | | | | | When two consequent duplicates have been detected, track state of each checking IKE_SA separately, avoiding potential race conditions between the active SA and the different SAs in checking state.
* fixed memory leakAndreas Steffen2013-04-031-1/+1
|
* properly handle orphaned renewSession jobsAndreas Steffen2013-04-035-24/+102
|
* support chunked HTTP responsesAndreas Steffen2013-04-034-140/+370
|
* implemented periodic IF-MAP RenewSession requestAndreas Steffen2013-04-036-1/+181
|
* List all stroke counters when "all" is given, and report if connection not knownMartin Willi2013-04-031-30/+88
|
* allow retrieval of private keys from other credential setsAndreas Steffen2013-04-022-9/+26
|
* improve checking of sent and received http messagesAndreas Steffen2013-04-021-3/+7
|
* Load raw keys before possibly destroying the identityTobias Brunner2013-04-011-12/+11
| | | | | | | | If no identity (or %any) is configured the identification_t object is destroyed and an invalid object was associated with the created pubkey certificate. Actually using %any does not work as the certificate would not match when the client later provides an identity.
* ipseckey: Use proper daemon name for enable optionTobias Brunner2013-04-011-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 15:24:15 +0000