aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* left|rightrsasigkey accepts SSH keys but the key format has to be specified ↵Tobias Brunner2013-05-071-12/+22
| | | | | | | explicitly The default is now PKCS#1. With the dns: and ssh: prefixes other formats can be selected.
* Try to load raw keys from ipsec.conf as PKCS#1 blob firstTobias Brunner2013-05-071-5/+12
| | | | | The DNSKEY builder is quite eager and parses pretty much anything as RSA key, so this has to be done before.
* kernel-interface: query SAD for last use time if SPD query didn't yield oneMartin Willi2013-05-061-1/+1
|
* socket-default: to bind to one dynamic port on OS X, create v4 socket before v6Martin Willi2013-05-061-1/+7
| | | | | It seems that the order of binding sockets of different address families to the same dynamic port must be v6-before-v4 on Linux, but v4-before-v6 on OS X.
* socket-default: refactor socket pair opening to a functionMartin Willi2013-05-061-27/+23
|
* socket-default: Don't try to send packet if we haven't a socket for given familyMartin Willi2013-05-061-3/+4
|
* socket-default: Use -1 if socket is not available, as 0 is actually a valid fdMartin Willi2013-05-061-20/+23
|
* socket-dynamic: when sending from port zero, allocate a free port dynamicallyMartin Willi2013-05-061-26/+101
|
* Use the GEN silent rule when generating files with sedMartin Willi2013-05-061-1/+1
|
* eap-radius: add an option to disable accounting for tunnels without virtual IPMartin Willi2013-05-061-0/+30
|
* eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPsMartin Willi2013-05-063-34/+100
| | | | Fixes some corner cases if multiple tunnels use the same peer identity.
* fixed typoAndreas Steffen2013-04-191-1/+1
|
* eap-radius: Add an option to exclude ports from Called/Calling-Station-IdMartin Willi2013-04-102-9/+37
|
* emit a single assig_vips bus message for all VIPsAndreas Steffen2013-04-063-43/+38
|
* ifmap plugin subscribes to assing_vip bus signalAndreas Steffen2013-04-063-2/+76
|
* unity: Check IKE_SA in only after enumerating virtual IPsTobias Brunner2013-04-051-2/+1
|
* cleaned up XML code in tnccs-11 pluginAndreas Steffen2013-04-048-80/+82
|
* duplicheck: track multiple IKE_SAs in checking state to avoid any racesMartin Willi2013-04-041-63/+123
| | | | | | When two consequent duplicates have been detected, track state of each checking IKE_SA separately, avoiding potential race conditions between the active SA and the different SAs in checking state.
* fixed memory leakAndreas Steffen2013-04-031-1/+1
|
* properly handle orphaned renewSession jobsAndreas Steffen2013-04-035-24/+102
|
* support chunked HTTP responsesAndreas Steffen2013-04-034-140/+370
|
* implemented periodic IF-MAP RenewSession requestAndreas Steffen2013-04-036-1/+181
|
* List all stroke counters when "all" is given, and report if connection not knownMartin Willi2013-04-031-30/+88
|
* allow retrieval of private keys from other credential setsAndreas Steffen2013-04-022-9/+26
|
* improve checking of sent and received http messagesAndreas Steffen2013-04-021-3/+7
|
* Load raw keys before possibly destroying the identityTobias Brunner2013-04-011-12/+11
| | | | | | | | If no identity (or %any) is configured the identification_t object is destroyed and an invalid object was associated with the created pubkey certificate. Actually using %any does not work as the certificate would not match when the client later provides an identity.
* ipseckey: Use proper daemon name for enable optionTobias Brunner2013-04-011-1/+1
|
* Properly handle situation if no resolver plugins are loadedTobias Brunner2013-04-011-3/+2
|
* fixed capability metadataAndreas Steffen2013-03-311-1/+2
|
* renamed tnc_ifmap2 plugin to tnc_ifmapAndreas Steffen2013-03-3110-177/+177
|
* removed obsoleted tnc_ifmap pluginAndreas Steffen2013-03-317-1337/+0
|
* implemented http basic authenticationAndreas Steffen2013-03-313-46/+80
|
* parse IF-MAP server URIAndreas Steffen2013-03-313-41/+105
|
* implemented publish_enforcement_report and endSession methodsAndreas Steffen2013-03-301-6/+58
|
* implemented publish_ike_sa methodAndreas Steffen2013-03-301-6/+252
|
* ifmap message type is knownAndreas Steffen2013-03-303-12/+7
|
* implemented publish_device_ip methodAndreas Steffen2013-03-301-13/+132
|
* added IF-MAP SOAP error handlingAndreas Steffen2013-03-301-9/+32
|
* created tnc_ifmap2_soap_msg classAndreas Steffen2013-03-294-220/+343
|
* implement NewSession and PurgePublisher messages using the libxml2 libraryAndreas Steffen2013-03-293-79/+265
|
* set up a new IF-MAP sessionAndreas Steffen2013-03-298-0/+877
|
* Fixed Doxygen comment in eap_radius pluginTobias Brunner2013-03-271-2/+3
|
* error-notify: Close file descriptors in case clients are still connectedTobias Brunner2013-03-251-0/+6
|
* ipseckey: NULL pointer dereference fixed in error caseTobias Brunner2013-03-251-0/+1
|
* Fixed some typos, courtesy of codespellTobias Brunner2013-03-251-2/+2
|
* enforce singular of packetsAndreas Steffen2013-03-221-4/+6
|
* asprintf(3) requires _GNU_SOURCE to be defined5.0.3rc1Tobias Brunner2013-03-221-0/+2
|
* Check return value of asprintf(3) when converting AR identityTobias Brunner2013-03-221-2/+4
| | | | | Using chunk_t.ptr as target was also not optimal as it resulted in a compiler warning.
* Switch encoding of AR Identity Value from binary to UTF-8Andreas Steffen2013-03-221-8/+7
|
* Add a load-tester option to keep allocated external address until shutdownMartin Willi2013-03-212-1/+50
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 22:30:49 +0000