aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
* | Simplified logging of list of loaded plugins.Tobias Brunner2012-01-192-23/+9
| |
* | Destroy active task list before queued tasksThomas Egerer2012-01-181-3/+3
| | | | | | | | | | | | | | Since active task's destruction might result in adopting tasks from a rekeyed ike sa it seems better to first destroy the active task list and then destroy all queued tasks. This way adoption is possible at all, while otherwise the queued task list would be empty.
* | Android 4 requires LOCAL_MODULE_TAGS to be set for all modules.Tobias Brunner2012-01-121-0/+2
| | | | | | | | | | | | | | Because all packages are now marked as optional executables that are to be installed on the final system have to be added to PRODUCT_PACKAGES in build/target/product/core.mk. Dependencies (such as libraries) are installed automatically.
* | Fixed additional typos in comments and log messages.Tobias Brunner2012-01-122-3/+3
| |
* | Implemented TLS session resumption both as client and as serverMartin Willi2011-12-313-5/+7
| |
* | Make number of concurrently handled stroke messages configurable.Tobias Brunner2011-12-291-2/+9
| |
* | Limit the number of concurrently handled stroke messages.Tobias Brunner2011-12-291-18/+104
| | | | | | | | This avoids clogging the thread pool with potentially blocking jobs.
* | Fix deadlock in trap_manager_t during acquire.Tobias Brunner2011-12-231-28/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also fixes a TOCTOU issue regarding the use of entry_t.pending. The deadlock was caused because the rwlock was being locked while waiting for an IKE_SA. Triggering the deadlock was a bit tricky, here is the description by Thomas Egerer (the reporter of this issue): " The deadlock occurs when the following happens (in the given order): a) an IKE_SA is built and a thread is processing the IKE_AUTH request, which can take a bit longer when a smartcard is involved. This causes the ike_sa_manager to lock a particular IKE_SA exclusively. b) an acquire is triggered which causes the rwlock in the trap_manager to be read-locked, the subsequent call to ike_sa_manager->checkout_by_config has to wait until a) unlocks it's ike_sa. c) a child_cfg contained in the peer_cfg belonging to the ike_sa a) has locked is routed causes the child_configs contained in the peer config to be locked by c) while the actual routing code within trap_manager tries to writelock it's rwlock. That's about it. As soon as a) finishes authentication of the peer and tries to find a matching child sa it will try to lock the child configs of the peer config which is not possible since it has been locked by c). Thread | Resource locked | Resource desired -------+--------------------------------+-------------------------------- (a) | ike_sa in ike_sa_manager | child_cfgs of peer_cfg | | (b) | rwlock in trap-manager (read) | ike_sa in ike_sa_manager | | (c) | child_cfgs of peer_cfg | rwlock in trap-manager (write) " With this patch thread (b) now does not hold the lock while waiting for the IKE_SA. Thus (c) can get the write lock, and (a) can subsequently lock the mutex in the peer_cfg which then finally allows (b) to checkout the IKE_SA.
* | Fixed flush() method of trap_manager_t.Tobias Brunner2011-12-231-3/+9
| | | | | | | | | | A segmentation fault could have happened during destruction of the trap manager after calling flush().
* | Make sure the certificate cache is flushed when plugins are unloaded.Tobias Brunner2011-12-151-0/+2
| | | | | | | | | | This avoids segmentation faults when plugins implementing cert_t are already unloaded when the cache is flushed during destruction.
* | Added missing libsimaka files to Android.mk.Tobias Brunner2011-12-141-0/+2
| |
* | Destroy mediation managers before unloading plugins.Tobias Brunner2011-12-141-4/+4
| |
* | implemented IMC/IMV ReceiveMessageLong functionsAndreas Steffen2011-12-091-0/+2
| |
* | added IMC/IMV support for send_message_long() and reserve_additional_id() ↵Andreas Steffen2011-12-093-10/+20
| | | | | | | | functions
* | implemented IF-IMC/IMV 1.3 attributesAndreas Steffen2011-12-083-20/+224
| |
* | added TNC_TNCC_GetAttribute() and TNC_TNCC_SetAttribute() functionsAndreas Steffen2011-12-083-8/+59
| |
* | added TNC_IMC_ReceiveMessageLong() and TNC_IMV_ReceiveMessageLong() supportAndreas Steffen2011-12-086-51/+100
| |
* | fixed typo in function nameAndreas Steffen2011-12-081-1/+1
| |
* | added TNC_TNCS_ReserveAdditionalIMVID() functionAndreas Steffen2011-12-073-4/+102
| |
* | return with TNC_RESULT_SUCCESSAndreas Steffen2011-12-071-4/+5
| |
* | added TNC_TNCC_ReserveAdditionalIMCID() functionAndreas Steffen2011-12-073-3/+99
| |
* | added TNC_TNCC_SendMessageLong() and TNC_TNCS_SendMessageLong() functionsAndreas Steffen2011-12-077-45/+102
| |
* | corrected function name in error messageAndreas Steffen2011-12-072-2/+2
| |
* | added TNC_TNCC_ReportMessageTypesLong() and ↵Andreas Steffen2011-12-067-47/+336
| | | | | | | | TNC_TNCS_ReportMessageTypesLong() messages
* | upgraded IF-IMC/IMV inteface definitions to version 1.3Andreas Steffen2011-12-042-4/+0
| |
* | Reversed unintended commitSansar Choinyambuu2011-11-282-2/+2
| |
* | Changed the static function name in openssl_rsa_public_key objectSansar Choinyambuu2011-11-282-2/+2
| | | | | | | | Removed unused chunk variable from PTS verify_quote_signature function
* | Reversed unintended commitSansar Choinyambuu2011-11-282-2/+2
| |
* | Changed the static function name in openssl_rsa_public_key objectSansar Choinyambuu2011-11-282-2/+2
| | | | | | | | Removed unused chunk variable from PTS verify_quote_signature function
* | Fixed check for log groups when debug_t is unsigned.Tobias Brunner2011-11-251-1/+1
| | | | | | | | The range and signedness of enum types is up to the compiler.
* | Fixed proposal numbering check in sa_payloadMartin Willi2011-11-211-10/+0
| |
* | Fix unaligned aliasing warning in raw socketMartin Willi2011-11-171-5/+4
|/
* Fixed monolithic build of libcharon with libtnccs enabled.Tobias Brunner2011-11-081-0/+7
|
* Correctly refer to tnc-tnccs plugin when building monolithically.Tobias Brunner2011-11-081-1/+1
|
* Revert "fixed integrity tests of plugins using libtls or libtnccs"Tobias Brunner2011-11-0810-6/+18
| | | | | This reverts commit b597ac4a4cbcd9197b886d743c75d58293264580 (not completely).
* Revert "fixed integrity tests of plugins using libsimaka"Tobias Brunner2011-11-088-0/+8
| | | | | | | | This reverts commit 8c42f16deeeffa1ae305b18306b0796f49c9922c. Conflicts: src/charon/Makefile.am
* Syntax error in sqlite.sql fixed.Tobias Brunner2011-11-041-1/+1
|
* fixed integrity tests of plugins using libsimakaAndreas Steffen2011-11-048-8/+0
|
* Change order of destroy/get_ref function callsThomas Egerer2011-11-041-1/+1
| | | | | Since DESTROY_IF might destroy the peer_cfg, a get_ref on a freed object is subject to fail.
* fixed integrity tests of plugins using libtls or libtnccsAndreas Steffen2011-11-0211-18/+23
|
* Some Doxygen fixes.Tobias Brunner2011-10-282-3/+2
|
* CosmeticsAndreas Steffen2011-10-261-1/+2
|
* Don't link to tnc libraries on Android as no tnc plugins are currently enabled.Tobias Brunner2011-10-251-1/+1
|
* Build libtnccs on Android.Tobias Brunner2011-10-251-6/+1
|
* share some code between IMC and IMV managersAndreas Steffen2011-10-252-224/+34
|
* removed unneeded includesAndreas Steffen2011-10-252-4/+0
|
* refactored TNC frameworkAndreas Steffen2011-10-2539-901/+663
|
* moved imv_manager to libtnccsAndreas Steffen2011-10-2511-508/+78
|
* moved imc_manager to libtnccsAndreas Steffen2011-10-2517-372/+145
|
* Log if charon failed to establish a CHILD_SA but keeps the IKE_SA up.Tobias Brunner2011-10-211-0/+4
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 20:02:20 +0000