aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra/attributes
Commit message (Collapse)AuthorAgeFilesLines
* attributes: Move the configuration attributes framework to libcharonMartin Willi2015-02-208-1690/+0
|
* mem-pool: Fix potential memory leak and lost leases when reassigning leasesTobias Brunner2014-11-111-2/+6
| | | | | | | | | | | | | | | | If no offline leases are available for the current client and assigning online leases is disabled, and if all IPs of the pool have already been assigned to clients we look for offline leases that previously were assigned to other clients. In case the current client has online leases the previous code would replace the existing mapping entry and besides resulting in a memory leak the online leases would be lost forever (even if the client later releases the addresses). If this happens repeatedly the number of available addresses would decrease even though the total number of online and offline leases seen in `ipsec leases` would indicate that there are free addresses available. Fixes #764.
* mem-pool: Correctly ignore first and last addresses of subnets and adjust sizeTobias Brunner2014-10-301-7/+49
| | | | | | | Previously one more than the first and last address was ignored. And if the base address is not the network ID of the subnet we should not skip it. But we should adjust the size as it does not represent the actual number of IP addresses assignable.
* enum: Don't directly include enum.hMartin Willi2014-05-161-1/+1
| | | | | To allow enum.h to depend on utils.h definitions, avoid its direct inclusion. Instead include utils.h, which includes enum.h as well.
* libhydra: Use lib->ns instead of hydra->daemonTobias Brunner2014-02-121-1/+1
|
* attributes: shorten some Unity and XAuth attribute short namesMartin Willi2013-09-031-15/+15
|
* mem-pool: add option for reusing online leases, and disable it by defaultMartin Willi2013-07-291-1/+13
| | | | | | | | | | | Mainly for reauthentication with third party implementations, we allowed to reuse an online lease, but only for the same peer identity and when it explicitly requested the same address. This has always been problematic, because it changes the reqid of the CHILD_SA with the same traffic selectors, breaking the old tunnel. As we now reject such policy overwrites, this usually lets the installation of the new policies fail. We therefore disable reassignment of online leases by default.
* mem-pool: replace per-identity online/offline lists by more efficient arraysMartin Willi2013-07-291-48/+52
| | | | This saves two lists per connected peer identity, up to 0.4KB.
* mem-pool: refcount online lease when reassigning it to another tunnelMartin Willi2013-07-261-5/+28
| | | | | | | When we reassign an online lease for the same peer, we have to refcount it. Otherwise we would set it offline if one of the tunnels goes down, but it is actually still in use by a the second tunnel. This can finally lead in assigning the same virtual IP to different peers.
* Add a constructor to create in-memory pools from an address rangeMartin Willi2013-03-112-3/+58
|
* Fix maximum size of a mem_pool_tTobias Brunner2013-03-071-2/+2
|
* Fix some apidoc in mem_pool.hMartin Willi2013-03-061-3/+3
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-242-2/+2
|
* Moved enum_name_t to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved chunk_t to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-244-5/+5
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-242-2/+2
|
* In mem_pool, check for an existing ID entry before creating a new oneMartin Willi2012-09-201-7/+10
|
* Use uintptr_t in mem pool to avoid compiler warning if sizeof(void*) != ↵Martin Willi2012-09-121-3/+2
| | | | sizeof(int)
* Check for an existing lease in all stroke pools before creating a new oneMartin Willi2012-09-112-76/+149
|
* Pass full pool list to release_addressMartin Willi2012-09-113-6/+8
|
* Pass the full list of pools to acquire_address, enumerate in providersMartin Willi2012-09-113-7/+7
| | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools.
* Properly remove broadcast address from mem poolsTobias Brunner2012-09-101-1/+1
|
* Be less verbose if IP allocation for a single pool failsMartin Willi2012-08-301-4/+0
|
* Strictly enforce address family match while acquiring mem_pool IPsMartin Willi2012-08-301-3/+1
|
* Pass all configured pool names to attribute provider enumeratorMartin Willi2012-08-303-10/+12
|
* Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-304-30/+35
|
* Support multiple address pools configured on a peer_cfgMartin Willi2012-08-302-6/+4
|
* Add a getter for the mem_pool_t base addressMartin Willi2012-08-242-0/+14
|
* Validate netmask in mem_pool_createTobias Brunner2012-08-131-0/+1
|
* Migrated attribute_manager to INIT/METHOD macrosAndreas Steffen2011-10-021-76/+48
|
* shortened XAUTH and UNITY attribute short namesAndreas Steffen2011-08-161-21/+21
|
* added HOME_AGENT_ADDRESS CP attribute typeAndreas Steffen2011-07-142-7/+10
|
* Reimplemented mem pool to support multiple leases for a single identityMartin Willi2010-08-041-129/+172
|
* Mem pool does not support multiple leases for an identityMartin Willi2010-07-271-2/+11
|
* Added support for named attribute groupsHeiko Hund2010-07-093-5/+12
| | | | | | Add the possibility to group attributes by a name and assign these groups to connections. This allows a more granular configuration of which client will receive what atrributes.
* Show contents of the CP payload in message_t stringificationMartin Willi2010-06-242-0/+51
|
* refactoring of Mode Config functionality allows transport and handling of ↵Andreas Steffen2010-05-142-21/+67
| | | | any attribute
* Replaced some DBG_LIB with more specific groups.Tobias Brunner2010-04-062-11/+11
|
* Adding DBG_LIB to all calls of libstrongswan's version of DBG*.Tobias Brunner2010-04-062-12/+13
|
* Make in-memory pool thread-safe.Tobias Brunner2010-04-062-17/+36
|
* Extracted in-memory IP address pool from stroke plugin to libhydra.Tobias Brunner2010-04-062-0/+541
|
* Attributes moved from libstrongswan to libhydra.Tobias Brunner2010-03-246-0/+767
The attribute_manager_t instance is now located on the new hydra object instead of the lib object.