aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* vici: Extract CHILD_SA config lookup methodMartin Willi2014-05-071-14/+26
|
* vici: Refactor socket to clean up lockingMartin Willi2014-05-071-87/+233
| | | | | | | Uses separate locks for socket read and write operations. While holding the socket reader lock, a different thread can still claim the socket write lock. This allows to asynchronously send event messages while holding the read lock.
* vici: Fix dispatcher leak when handling unknown requestMartin Willi2014-05-071-10/+11
|
* vici: Add a test case raising events during request, checks in-order deliveryMartin Willi2014-05-071-0/+76
|
* vici: Avoid recursive control log invocationsMartin Willi2014-05-071-18/+24
|
* vici: Add a callback based recursive parser functionMartin Willi2014-05-072-0/+136
|
* vici: Add a version command to print daemon and OS version infoMartin Willi2014-05-071-0/+23
|
* vici: Implement a terminate command to close IKE or CHILD_SAsMartin Willi2014-05-071-0/+118
|
* vici: Add a control backend, currently to initiate connections by nameMartin Willi2014-05-074-0/+275
|
* vici: Support thread cancellation in command callbacksMartin Willi2014-05-072-19/+53
|
* vici: Move dumping to core message class, use it in libviciMartin Willi2014-05-074-56/+81
|
* vici: Add convenience value/string/integer getter to libviciMartin Willi2014-05-072-0/+76
|
* vici: Add some convenience getters on messageMartin Willi2014-05-073-1/+337
|
* vici: Raise events with an optional identifier for specific connectionsMartin Willi2014-05-074-9/+14
|
* vici: Invoke dispatcher outside of connection log, allowing events from commandsMartin Willi2014-05-071-4/+13
|
* vici: Add a query class, currently implementing a list-sas commandMartin Willi2014-05-074-1/+440
|
* vici: Add a libvici low-level client libraryMartin Willi2014-05-076-0/+1413
|
* vici: Provide a command dispatcher handling request and event registrationMartin Willi2014-05-079-128/+1105
|
* vici: Add a fully asynchronous IPC socket segmenting messages on/from streamMartin Willi2014-05-078-0/+1538
|
* vici: Add a test runner for pluginMartin Willi2014-05-074-0/+87
|
* vici: Add a plugin stub for the "Versatile IKE Control Interface" pluginMartin Willi2014-05-073-0/+145
|
* load-tester: Fix race condition issuing same SPIChristophe Gouault2014-04-241-2/+2
| | | | | | | | | | Due to an unprotected incrementation, two load-tester initiators occasionally use the same SPI under high load, and hence generate 2 IPsec SAs with the same identifier. The responder IPsec stack will refuse to configure the second SA. Use an atomic incrementation to avoid this race condition. Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
* load-tester: Fix race condition issuing same identityChristophe Gouault2014-04-241-2/+2
| | | | | | | | | | Due to an unprotected incrementation, two load-tester initiators occasionally use the same identifier under high load. The responder typically drops one of the connections. Use an atomic incrementation to avoid this race condition. Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
* ikev2: Add inherit_pre() to apply config and hosts before IKE_SA rekeyingMartin Willi2014-04-171-8/+2
|
* eap-mschapv2: Fix potential leaks in case of invalid messages from serversTobias Brunner2014-04-091-0/+4
|
* stroke: Fix memory leak when printing unknown AC group OIDsTobias Brunner2014-04-091-0/+1
|
* tls: Support a maximum TLS version to negotiate using TLS socket abstractionMartin Willi2014-04-011-1/+1
|
* tls: Support a null encryption flag on TLS socket abstractionMartin Willi2014-04-011-2/+2
|
* Properly hash pointers for hash tables where appropriateTobias Brunner2014-03-313-54/+5
| | | | | Simply using the pointer is not optimal for our hash table implementation, which simply masks the key to determine the bucket.
* eap-radius: Add option to not close IKE_SAs on timeouts during interim ↵Tobias Brunner2014-03-311-1/+6
| | | | | | accouting updates Fixes #528.
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-16/+68
|
* tnc-pdp: Fix monolithic buildTobias Brunner2014-03-201-1/+2
|
* tnc-ifmap: Get a reference to the client cert as it is also used in an auth ↵Tobias Brunner2014-03-101-1/+1
| | | | config
* stroke: Use thread-safe dirname(3)Tobias Brunner2014-02-241-6/+4
|
* stroke: Use dirname(3) correctlyTobias Brunner2014-02-241-5/+5
|
* stroke: Use proper modifiers to print size_t argumentsTobias Brunner2014-02-181-1/+1
|
* lookip: Properly return from disconnect callback jobTobias Brunner2014-02-181-1/+3
| | | | References #518.
* lookip: Disconnect asynchronously to avoid dead-locking watcher unregistrationMartin Willi2014-02-171-3/+30
| | | | | | | | | While it really would be desirable to allow stream destruction during on_read() callbacks, this does not work anymore since e49b2998. Until we have a proper solution for this issue, use asynchronous disconnects for the only user doing so. Fixes #518.
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-1258-205/+201
|
* libhydra: Use lib->ns instead of hydra->daemonTobias Brunner2014-02-121-1/+1
|
* pool: Install SQL schemas from src/poolTobias Brunner2014-02-123-567/+0
| | | | | This allows us to install the schemas if either the attr-sql or sql plugin is enabled, since both use the same schema (at least in parts).
* sql: Set default values for some fields in addresses tableTobias Brunner2014-02-122-6/+6
|
* sql: Install SQL schemas in /usr/share/strongswan/templates/databaseTobias Brunner2014-02-121-0/+3
|
* sql: Remove unused cred.sql snippetTobias Brunner2014-02-121-24/+0
|
* updown: Return an empty DNS server enumerator if no IKE_SA availableMartin Willi2014-02-061-1/+1
| | | | | The one existing caller does not handle a NULL return and always expects an enumerator; and returning FALSE does not make sense anyway.
* xauth-pam: Open/close a PAM session for each connected clientAndrea Bonomi2014-01-234-9/+265
| | | | Signed-off-by: Andrea Bonomi <a.bonomi@endian.com>
* xauth-pam: Sanitize XAuth attributes before passing them to PAMMartin Willi2014-01-231-1/+5
|
* stroke: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-231-30/+6
|
* radattr: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-231-40/+8
|
* chunk: Externalize error reporting in chunk_write()Martin Willi2014-01-231-1/+10
| | | | | This avoids passing that arbitrary label just for error messages, and gives greater flexibility in handling errors.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-12 08:44:00 +0000