Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | attributes: Move the configuration attributes framework to libcharon | Martin Willi | 2015-02-20 | 8 | -1690/+0 |
| | |||||
* | mem-pool: Fix potential memory leak and lost leases when reassigning leases | Tobias Brunner | 2014-11-11 | 1 | -2/+6 |
| | | | | | | | | | | | | | | | | If no offline leases are available for the current client and assigning online leases is disabled, and if all IPs of the pool have already been assigned to clients we look for offline leases that previously were assigned to other clients. In case the current client has online leases the previous code would replace the existing mapping entry and besides resulting in a memory leak the online leases would be lost forever (even if the client later releases the addresses). If this happens repeatedly the number of available addresses would decrease even though the total number of online and offline leases seen in `ipsec leases` would indicate that there are free addresses available. Fixes #764. | ||||
* | mem-pool: Correctly ignore first and last addresses of subnets and adjust size | Tobias Brunner | 2014-10-30 | 1 | -7/+49 |
| | | | | | | | Previously one more than the first and last address was ignored. And if the base address is not the network ID of the subnet we should not skip it. But we should adjust the size as it does not represent the actual number of IP addresses assignable. | ||||
* | enum: Don't directly include enum.h | Martin Willi | 2014-05-16 | 1 | -1/+1 |
| | | | | | To allow enum.h to depend on utils.h definitions, avoid its direct inclusion. Instead include utils.h, which includes enum.h as well. | ||||
* | libhydra: Use lib->ns instead of hydra->daemon | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | |||||
* | attributes: shorten some Unity and XAuth attribute short names | Martin Willi | 2013-09-03 | 1 | -15/+15 |
| | |||||
* | mem-pool: add option for reusing online leases, and disable it by default | Martin Willi | 2013-07-29 | 1 | -1/+13 |
| | | | | | | | | | | | Mainly for reauthentication with third party implementations, we allowed to reuse an online lease, but only for the same peer identity and when it explicitly requested the same address. This has always been problematic, because it changes the reqid of the CHILD_SA with the same traffic selectors, breaking the old tunnel. As we now reject such policy overwrites, this usually lets the installation of the new policies fail. We therefore disable reassignment of online leases by default. | ||||
* | mem-pool: replace per-identity online/offline lists by more efficient arrays | Martin Willi | 2013-07-29 | 1 | -48/+52 |
| | | | | This saves two lists per connected peer identity, up to 0.4KB. | ||||
* | mem-pool: refcount online lease when reassigning it to another tunnel | Martin Willi | 2013-07-26 | 1 | -5/+28 |
| | | | | | | | When we reassign an online lease for the same peer, we have to refcount it. Otherwise we would set it offline if one of the tunnels goes down, but it is actually still in use by a the second tunnel. This can finally lead in assigning the same virtual IP to different peers. | ||||
* | Add a constructor to create in-memory pools from an address range | Martin Willi | 2013-03-11 | 2 | -3/+58 |
| | |||||
* | Fix maximum size of a mem_pool_t | Tobias Brunner | 2013-03-07 | 1 | -2/+2 |
| | |||||
* | Fix some apidoc in mem_pool.h | Martin Willi | 2013-03-06 | 1 | -3/+3 |
| | |||||
* | Moved debug.[ch] to utils folder | Tobias Brunner | 2012-10-24 | 2 | -2/+2 |
| | |||||
* | Moved enum_name_t to utils folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | |||||
* | Moved chunk_t to utils folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | |||||
* | Moved data structures to new collections subfolder | Tobias Brunner | 2012-10-24 | 4 | -5/+5 |
| | |||||
* | Moved host_t and host_resolver_t to a new networking subfolder | Tobias Brunner | 2012-10-24 | 2 | -2/+2 |
| | |||||
* | In mem_pool, check for an existing ID entry before creating a new one | Martin Willi | 2012-09-20 | 1 | -7/+10 |
| | |||||
* | Use uintptr_t in mem pool to avoid compiler warning if sizeof(void*) != ↵ | Martin Willi | 2012-09-12 | 1 | -3/+2 |
| | | | | sizeof(int) | ||||
* | Check for an existing lease in all stroke pools before creating a new one | Martin Willi | 2012-09-11 | 2 | -76/+149 |
| | |||||
* | Pass full pool list to release_address | Martin Willi | 2012-09-11 | 3 | -6/+8 |
| | |||||
* | Pass the full list of pools to acquire_address, enumerate in providers | Martin Willi | 2012-09-11 | 3 | -7/+7 |
| | | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools. | ||||
* | Properly remove broadcast address from mem pools | Tobias Brunner | 2012-09-10 | 1 | -1/+1 |
| | |||||
* | Be less verbose if IP allocation for a single pool fails | Martin Willi | 2012-08-30 | 1 | -4/+0 |
| | |||||
* | Strictly enforce address family match while acquiring mem_pool IPs | Martin Willi | 2012-08-30 | 1 | -3/+1 |
| | |||||
* | Pass all configured pool names to attribute provider enumerator | Martin Willi | 2012-08-30 | 3 | -10/+12 |
| | |||||
* | Pass a list instead of a single virtual IP to attribute enumerators | Martin Willi | 2012-08-30 | 4 | -30/+35 |
| | |||||
* | Support multiple address pools configured on a peer_cfg | Martin Willi | 2012-08-30 | 2 | -6/+4 |
| | |||||
* | Add a getter for the mem_pool_t base address | Martin Willi | 2012-08-24 | 2 | -0/+14 |
| | |||||
* | Validate netmask in mem_pool_create | Tobias Brunner | 2012-08-13 | 1 | -0/+1 |
| | |||||
* | Migrated attribute_manager to INIT/METHOD macros | Andreas Steffen | 2011-10-02 | 1 | -76/+48 |
| | |||||
* | shortened XAUTH and UNITY attribute short names | Andreas Steffen | 2011-08-16 | 1 | -21/+21 |
| | |||||
* | added HOME_AGENT_ADDRESS CP attribute type | Andreas Steffen | 2011-07-14 | 2 | -7/+10 |
| | |||||
* | Reimplemented mem pool to support multiple leases for a single identity | Martin Willi | 2010-08-04 | 1 | -129/+172 |
| | |||||
* | Mem pool does not support multiple leases for an identity | Martin Willi | 2010-07-27 | 1 | -2/+11 |
| | |||||
* | Added support for named attribute groups | Heiko Hund | 2010-07-09 | 3 | -5/+12 |
| | | | | | | Add the possibility to group attributes by a name and assign these groups to connections. This allows a more granular configuration of which client will receive what atrributes. | ||||
* | Show contents of the CP payload in message_t stringification | Martin Willi | 2010-06-24 | 2 | -0/+51 |
| | |||||
* | refactoring of Mode Config functionality allows transport and handling of ↵ | Andreas Steffen | 2010-05-14 | 2 | -21/+67 |
| | | | | any attribute | ||||
* | Replaced some DBG_LIB with more specific groups. | Tobias Brunner | 2010-04-06 | 2 | -11/+11 |
| | |||||
* | Adding DBG_LIB to all calls of libstrongswan's version of DBG*. | Tobias Brunner | 2010-04-06 | 2 | -12/+13 |
| | |||||
* | Make in-memory pool thread-safe. | Tobias Brunner | 2010-04-06 | 2 | -17/+36 |
| | |||||
* | Extracted in-memory IP address pool from stroke plugin to libhydra. | Tobias Brunner | 2010-04-06 | 2 | -0/+541 |
| | |||||
* | Attributes moved from libstrongswan to libhydra. | Tobias Brunner | 2010-03-24 | 6 | -0/+767 |
The attribute_manager_t instance is now located on the new hydra object instead of the lib object. |