aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra
Commit message (Collapse)AuthorAgeFilesLines
...
* | Add a constructor to create in-memory pools from an address rangeMartin Willi2013-03-112-3/+58
|/
* Fix maximum size of a mem_pool_tTobias Brunner2013-03-071-2/+2
|
* Fix some apidoc in mem_pool.hMartin Willi2013-03-061-3/+3
|
* Merge branch 'ikev1-rekeying'Martin Willi2013-03-011-0/+4
|\ | | | | | | | | Migrates Quick Modes to the new Main Mode if an IKEv1 reauthentication replaces the old Main Mode having a uniqueids=replace policy.
| * After IKEv1 reauthentication, reinstall VIP routes after migrating CHILD_SAsMartin Willi2013-02-201-0/+4
| | | | | | | | | | | | During IKEv1 reauthentication, the virtual IP gets removed, then reinstalled. The CHILD_SAs get migrated, but any associated route gets removed from the kernel. Reinstall routes after adding the virtual IP again.
* | Merge branch 'vip-shunts'Martin Willi2013-03-011-4/+13
|\ \ | | | | | | | | | | | | | | | | | | | | | | | | Installs bypass policies for the physical address if a virtual address is assigned, and installs a proper source route to actually use the physical address for bypassed destinations. Conflicts: src/libcharon/plugins/unity/unity_handler.c
| * | Install a route for shunt policiesMartin Willi2013-02-201-5/+13
| |/ | | | | | | | | | | | | If we install a virtual IP, its source route would render the shunt policy useless, as locally generated traffic wouldn't match. Having a route for each shunt policy with higher priority chooses the correct source address for bypassed destinations.
* | Merge branch 'opaque-ports'Martin Willi2013-03-012-3/+3
|\ \ | | | | | | | | | | | | Adds a %opaque port option and support for port ranges in left/rightprotoport. Currently not supported by any of our kernel backends.
| * | Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-212-4/+3
| |/
* | Indicate support for processing ESPv3 TFC padding in Netlink IPsec backendMartin Willi2013-03-011-1/+7
| |
* | Introduce "features" for the kernel backends returning kernel capabilitiesMartin Willi2013-03-014-1/+52
|/
* kernel-netlinks get_interface() considers virtual IPs, tooMartin Willi2012-12-171-0/+13
| | | | | | | When using load-tester, we can install tunnel outer addresses on demand. As these are installed as "virtual", we have to consider virtual IPs in the get_interface() lookup to install "real" virtual IPs to these dynamic external addresses.
* Don't wait while removing external IPs used for load testingMartin Willi2012-11-295-7/+13
|
* Install virtual IPs via interface name, and use an interface lookup where ↵Martin Willi2012-11-295-18/+10
| | | | required
* Add an optional kernel-interface parameter to install IPs with a custom prefixMartin Willi2012-11-295-16/+23
|
* libhydra can be initialized more than onceMartin Willi2012-11-142-3/+30
|
* Limit recursion when searching for source addressesTobias Brunner2012-11-131-5/+14
| | | | | This could be required if e.g. two default routes list gateways but the corresponding outbound interfaces do not have any IP addresses on them.
* Don't call get_route recursively if a route's gateway matches the destinationTobias Brunner2012-11-131-2/+5
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-2415-15/+15
|
* Moved enum_name_t to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved chunk_t to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-2412-17/+17
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-2410-10/+10
|
* Use a helper function to add milliseconds to timeval structsTobias Brunner2012-10-182-18/+3
|
* Use proper offset when adding mark attribute in kernel-netlink pluginTobias Brunner2012-10-151-1/+1
|
* Also add mark when querying current replay state in kernel-netlink pluginTobias Brunner2012-10-151-2/+21
|
* Fixed update_sa in kernel-netlink plugin if marks are usedTobias Brunner2012-10-111-0/+18
|
* Added missing break statements in NAT-T mapping handling in PF_KEY pluginTobias Brunner2012-09-281-0/+2
|
* Make sure we successfully opened xfrm_acq_expiresTobias Brunner2012-09-281-1/+1
|
* Clarified code when hashing/comparing cached policies in kernel-netlinkTobias Brunner2012-09-281-5/+4
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-3/+3
|
* Ensure that pipe is closed when calling resolvconf(8)Tobias Brunner2012-09-281-2/+4
|
* Use proper argument for sizeof when copying replay stateTobias Brunner2012-09-281-1/+1
|
* Algorithm names are not always static anymore, avoid string overflowsTobias Brunner2012-09-281-5/+10
|
* Allow replay windows smaller than the default of 32Tobias Brunner2012-09-271-4/+6
|
* Properly initialize cached address map in kernel-pfroute pluginTobias Brunner2012-09-271-0/+1
|
* Fixed compilation of kernel-pfroute pluginTobias Brunner2012-09-271-4/+6
|
* Don't check interface of inbound message if interfaces are not filteredTobias Brunner2012-09-242-5/+16
| | | | | We don't have a proper kernel-net interface on Android yet, so the check for a usable interface does not work there.
* Make sure the if_name member of cached route entries is initialized to NULLTobias Brunner2012-09-222-4/+10
|
* Use an rwlock in kernel-pfroute tooTobias Brunner2012-09-211-13/+14
|
* Use rwlock and rwlock_condvar to increase concurrency in kernel-netlink pluginTobias Brunner2012-09-211-58/+55
|
* Use a separate mutex for cached routes in kernel-netlink pluginTobias Brunner2012-09-211-8/+15
|
* Use a lock to safely check and update the time for the next roam eventTobias Brunner2012-09-211-16/+28
|
* Added an option to configure the interface on which virtual IP addresses are ↵Tobias Brunner2012-09-211-19/+29
| | | | installed
* Changed how kernel-netlink handles virtual IP addressesTobias Brunner2012-09-211-248/+308
| | | | Also tried to avoid the use of enumerators.
* Made IP address enumeration more flexibleTobias Brunner2012-09-215-48/+45
| | | | Also added an option to enumerate addresses on ignored interfaces.
* Use a hashtable to quickly check for usable IP addresses/interfacesTobias Brunner2012-09-212-85/+284
|
* Filter ignored interfaces in kernel interfaces (for events, address ↵Tobias Brunner2012-09-214-61/+134
| | | | enumeration, etc.)
* %any is never on a local interfaceTobias Brunner2012-09-212-0/+10
|
* Make it easy to check if an address is locally usable via changed ↵Tobias Brunner2012-09-218-47/+53
| | | | get_interface() method
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 23:39:24 +0000