aboutsummaryrefslogtreecommitdiffstats
path: root/src/libhydra
Commit message (Collapse)AuthorAgeFilesLines
...
* attr: Use plugin features to register attribute providerTobias Brunner2013-06-111-2/+31
|
* attr-sql: Use plugin features with dependency to database backendTobias Brunner2013-06-111-24/+53
|
* attr: Fix handling of invalid IPs listed after valid onesTobias Brunner2013-06-051-1/+1
| | | | | Invalid IPs listed after a valid one resulted in an attribute of the same type but with invalid data.
* attr: fix a compiler warning that family is used uninitialized (seen with -Os)Martin Willi2013-06-051-2/+13
|
* kernel-netlink: add outer addresses to policy when using BEET modeMichael Rossberg2013-05-241-1/+1
|
* kernel-pfroute: allow only one thread to do a route look up simultaneouslyMartin Willi2013-05-061-1/+8
| | | | Otherwise we mess up the sequence number another thread is waiting for.
* kernel-interface: query SAD for last use time if SPD query didn't yield oneMartin Willi2013-05-066-8/+28
|
* kernel-pfkey: be less verbose about unexpected sequence numbersMartin Willi2013-05-061-1/+1
|
* kernel-pfkey: install exclude routes if kernel-net requires themMartin Willi2013-05-061-0/+152
|
* kernel-pfroute: add a feature flag requesting "exclude" routesMartin Willi2013-05-062-0/+9
| | | | | | | | If routes installed along with policies covering the peer address affect local IKE/ESP packets, they won't get routed correctly. To work around this issue, the kernel interface can install "exclude" routes for the IKE peer. Not all networking backends require this workaround, hence we export a flag for it if it is required.
* kernel-pfroute: remove unused interface address refcountingMartin Willi2013-05-061-11/+0
|
* kernel-pfroute: mark IPs installed on tun device as virtualMartin Willi2013-05-061-1/+24
|
* kernel-pfroute: install virtual IPs using dedicated tun devicesMartin Willi2013-05-061-5/+91
|
* kernel-pfkey: when installing a route for a virtual IP, use its interfaceMartin Willi2013-05-061-1/+10
| | | | | When installing a route over a tun device for a virtual IP, the route must be set over the tun, not the IKE interface.
* kernel-interface: get_address_by_ts() can tell if a returned IP is virtualMartin Willi2013-05-065-6/+31
|
* kernel-interface: support enumeration of virtual-only IPsMartin Willi2013-05-063-9/+20
|
* kernel-pfkey: refactor route installation to a dedicate functionMartin Willi2013-05-061-74/+81
|
* kernel-pfroute: split /0 routes to avoid conflict with default routeMartin Willi2013-05-061-0/+15
|
* kernel-pfkey: check if we have a gateway before comparing themMartin Willi2013-05-061-0/+1
|
* kernel-pfkey: install route along with input, not forward policiesMartin Willi2013-05-061-20/+20
| | | | | | As forwarding policies are not available on all systems (OS X), using the forward policy to attach the route is a bad pick. Using input policies allows OS X to install routes.
* kernel-pfroute: rescan address list for an interface if its state changesMartin Willi2013-05-061-0/+43
| | | | | It seems that we don't get address notifications if the interface is down on OS X.
* kernel-pfroute: add newly appearing interfaces to the interface cacheMartin Willi2013-05-061-1/+22
|
* kernel-pfroute: implement get_nexthop()Martin Willi2013-05-061-6/+73
|
* kernel-pfroute: install and uninstall routesMartin Willi2013-05-061-2/+129
|
* kernel-pfroute: collect replies received for our own queriesMartin Willi2013-05-061-4/+40
|
* kernel-pfroute: refactor PF_ROUTE message processing, use an enumeratorMartin Willi2013-05-061-35/+117
|
* kernel-pfkey: use an int to set esp_port with a sysctl on OS XMartin Willi2013-05-061-2/+4
|
* kernel-pfroute: use INIT() macro for allocationsMartin Willi2013-05-061-17/+21
|
* kernel-pfroute: use only a single PF_ROUTE socket for both events and queriesMartin Willi2013-05-061-27/+11
|
* kernel-pfroute: fix length check when receiving PF_ROUTE messagesMartin Willi2013-05-061-1/+1
|
* kernel-pfkey: remove obsolete pluto specific behaviorMartin Willi2013-05-061-5/+1
|
* kernel-netlink: remove obsolete pluto specific behaviorMartin Willi2013-05-061-7/+1
|
* kernel-netlink: Add an option to disable roam eventsTobias Brunner2013-05-031-1/+13
|
* kernel-netlink: Define defaults for routing table and prioTobias Brunner2013-05-031-0/+8
|
* android: Remove/filter header files from LOCAL_SRC_FILESTobias Brunner2013-03-201-1/+3
| | | | This avoids huge warnings when building the native code.
* Use proper address family when adding multiple addresses to SQL poolTobias Brunner2013-03-191-0/+15
|
* Ignore SQL-based IP address pools if their address family does not matchTobias Brunner2013-03-191-10/+21
|
* Load arbitrary (non-host) attributes from strongswan.confTobias Brunner2013-03-191-21/+32
| | | | This allows to e.g. load Cisco-specific attributes that contain FQDNs.
* Merge branch 'radius-ext'Martin Willi2013-03-186-11/+32
|\ | | | | | | | | | | Bring some extensions to eap-radius, namely a virtual IP address provider based on received Framed-IPs, forwarding of Cisco Unity banners, Interim Accounting updates and the reporting of sent/received packets.
| * Pass correclty sized pointer to lookup_algorithm() in PF_KEYMartin Willi2013-03-141-1/+1
| |
| * kernel_ipsec_t.query_sa() additionally returns the number of processed packetsMartin Willi2013-03-146-10/+31
| |
* | Merge branch 'netlink-align'Martin Willi2013-03-183-268/+151
|\ \ | |/ |/| | | | | Fixes some Netlink alignment issues, and then refactors Netlink XFRM message attribute handling.
| * Use netlink_add_attribute() to copy over attributes during update_sa()Martin Willi2013-03-151-9/+6
| |
| * Use a helper function to add XFRM_MARK attributeMartin Willi2013-03-151-81/+37
| |
| * Use netlink_reserve() helper function in XFRM to simplify message constructionMartin Willi2013-03-151-175/+72
| |
| * Add a Netlink utility function to add a RTA header and reserve space for dataMartin Willi2013-03-152-0/+32
| |
| * Correctly check buffer length in netlink_add_attribute()Martin Willi2013-03-152-7/+9
| |
| * Avoid unneeded termination of netlink algorithm name arrays with END_OF_LISTMartin Willi2013-03-151-13/+14
| |
| * When adding Netlink attributes, increase header length with potential alignmentMartin Willi2013-03-111-32/+30
| | | | | | | | | | If the payload is unaligned, we must make sure the total netlink message length includes the added alignment for the first attribute.
* | strdup() iface passed to queue_route_reinstall(), fixing double-freeMartin Willi2013-03-111-1/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 21:26:41 +0000