aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* kernel-wfp: Preliminary support for transport mode connectionsMartin Willi2014-06-042-3/+698
|
* kernel-wfp: Fix/Complete some fwpuclnt functionality in MinGWMartin Willi2014-06-044-3/+133
| | | | | | | | | While MinGW declares all the required symbols, some of them are missing in the library files. We provide missing variables locally, functions get a stub that call the GetProcAddress()ed function from the DLL. Also some MinGW headers define some enum values incorrectly, we overload these using defines.
* kernel-wfp: Open and close a WFP engineMartin Willi2014-06-041-1/+33
|
* kernel-wfp: Create userland state for SAs/policies to install in kernelMartin Willi2014-06-041-5/+364
|
* kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backendMartin Willi2014-06-045-0/+354
|
* socket-win: Implement a Windows socket plugin using Winsock2Martin Willi2014-06-045-0/+690
|
* vici: Add Windows supportMartin Willi2014-06-047-13/+54
|
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-047-24/+24
| | | | | The old identifiers did not use a proper namespace and often clashed with other defines.
* plugins: Don't link with -rdynamic on WindowsMartin Willi2014-06-0456-56/+56
|
* Detect RADIUS packet retransmissionsAndreas Steffen2014-05-311-2/+89
|
* ike: Add an additional but separate AEAD proposal to CHILD configMartin Willi2014-05-166-2/+16
| | | | | | | This currently has no effect: We don't include AEAD algorithms in the default ESP proposal, as we don't know if it is supported by the backend. But as we hopefully get an algorithm query mechanism on kernel interfaces some day, we add the appropriate functionality nonetheless.
* ike: Add an additional but separate AEAD proposal to IKE config, if supportedMartin Willi2014-05-167-10/+32
|
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-165-11/+12
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* xauth-pam: Fix header include guardMartin Willi2014-05-161-1/+1
|
* eap-peap: Remove dead SoH code from PEAPMartin Willi2014-05-161-15/+0
| | | | clang complains about the unused variables.
* vici: Support the close_action keyword, as we have it documentedMartin Willi2014-05-141-1/+6
|
* Implemented PT-EAP protocol (RFC 7171)Andreas Steffen2014-05-124-29/+91
|
* vici: Check if header has been received before processing an empty messageMartin Willi2014-05-071-1/+2
| | | | | | If do_read() returns with EWOULDBLOCK, we must ensure that we actually have processed the full length header before checking the zero-initialized buffer length.
* vici: Properly filter by CHILD_SA name while undoing start actionsMartin Willi2014-05-071-2/+5
|
* vici: Fallback to socket listening port if no explicit local port specifiedMartin Willi2014-05-071-1/+4
|
* vici: Support a "mtu" value for the tfc_padding optionMartin Willi2014-05-071-2/+16
|
* vici: Handle the "trap" action as an alias for "route"Martin Willi2014-05-071-0/+1
|
* vici: Document errno values to expect from libvici APIMartin Willi2014-05-072-9/+24
|
* vici: Log owners of a just loaded shared-secretMartin Willi2014-05-071-2/+18
|
* vici: Handle "xauth" as an alias for "eap" secretsMartin Willi2014-05-071-1/+1
|
* vici: Return number of matching and closed SAs in terminate commandMartin Willi2014-05-071-9/+12
|
* vici: Complete libvici doxygen commentsMartin Willi2014-05-071-2/+17
|
* vici: Ensure we have no active users before mangling event client registrationsMartin Willi2014-05-071-13/+35
|
* vici: Properly skip raise_event() for unknown event namesMartin Willi2014-05-071-13/+13
|
* vici: Increase vici message length header from 16 to 32 bitsMartin Willi2014-05-075-24/+43
| | | | | | | | | While we currently have no need for messages larger than 65KB, we should design the protocol to be future-proof, as we plan to keep at least to lowest protocol layer stable. To avoid any allocation issues, we currently keep the message size limit at 512KB.
* vici: Have an explicit "relaxed" keyword for the default revocation policyMartin Willi2014-05-071-1/+5
|
* vici: Use a default child rekey time of 1 hourMartin Willi2014-05-071-0/+6
|
* vici: Use a default IKE rekey time of 4 hoursMartin Willi2014-05-071-0/+6
|
* vici: Add low-level IPC protocol descriptionMartin Willi2014-05-072-0/+179
|
* vici: Fix descending into non-matching sections during key findMartin Willi2014-05-071-1/+1
|
* vici: Add an IKE virtual IP and attribute backendMartin Willi2014-05-074-0/+781
|
* vici: Support referencing external named pools for peer configsMartin Willi2014-05-071-0/+14
|
* vici: Actually add configured virtual IPs to peer configMartin Willi2014-05-071-0/+5
|
* vici: Use a default rand_time of the difference between hard and soft lifetimesMartin Willi2014-05-071-0/+26
|
* vici: Use a default hard lifetime of 110% of the soft lifetimeMartin Willi2014-05-071-0/+37
|
* vici: Make unit-tests independent from libcharon and libhydraMartin Willi2014-05-073-11/+1
| | | | Fixes monolithic build, as we can't depend on the not yet built libcharon.
* vici: Don't compare unsigned certificate_type_t to -1Martin Willi2014-05-071-1/+1
|
* vici: Use non-blocking first read when receiving message during client on_read()Martin Willi2014-05-071-1/+15
| | | | | | As select() and finally the watcher may signal an FD even if it does not actually have data, we must make a non-block read to avoid hanging in the read callback.
* vici: Perform specified start_action on connection load, undo it on unloadMartin Willi2014-05-071-2/+185
|
* vici: Add a generic log event to raise events for log messagesMartin Willi2014-05-074-0/+195
|
* vici: Be less verbose about client connectionsMartin Willi2014-05-072-5/+31
| | | | Instead, log the explicit commands at a higher level.
* vici: Add a list-certs command to query different certificate typesMartin Willi2014-05-071-0/+102
|
* vici: Support pinning end entity and CA certificates to connectionsMartin Willi2014-05-072-0/+62
|
* vici: Support missing groups option in auth configMartin Willi2014-05-072-1/+36
|
* vici: Add a load-shared command to load shared IKE and EAP secretsMartin Willi2014-05-071-0/+68
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 09:20:12 +0000