aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/networking
Commit message (Collapse)AuthorAgeFilesLines
* packet: Define a global default maximum size for IKE packetsTobias Brunner2014-10-101-0/+5
|
* stream-service: Prevent race conditions due to blocking call to destroy()Tobias Brunner2014-09-091-5/+62
| | | | | | | | In the previous implementation queued jobs could prevent a service from getting destroyed. This could have lead to a deadlock when the processor is cancelled. Now destroy() still blocks, but waits only for actually running tasks. The service instance is reference counted so that queued jobs can safely be destroyed.
* stream-service: Do not accept or re-register when service is terminatedTobias Brunner2014-09-091-2/+10
|
* stream-service: Restart accepting without blockingTobias Brunner2014-09-091-2/+7
| | | | | | | | | | | | Calling on_accept() sometimes lead to deadlocks when service->destroy() was called concurrently. That is, two threads waiting in on_accept() but the last worker would only wake one due to the call to signal(). Calling broadcast() wouldn't help either as that could lead to crashes if the thread that called destroy() is woken first. This is also more efficient as a constant pool of concurrent workers can be maintained, otherwise peaks at the limit were followed by only a single worker being active.
* stream: Separate TCP/Unix stream helpers from stream/service implementationsMartin Willi2014-06-0413-300/+503
| | | | | | This allows us to disable Unix sockets cleanly on Windows. Replaces some read/write calls with recv/send counterparts, as Winsock does not like read/writes.
* tun-device: Rearrange headers to build properly when tun devices not supportedMartin Willi2014-06-031-19/+13
|
* windows: Add a common Windows header for platform specific wrappersMartin Willi2014-06-032-5/+1
| | | | | Include some more basic system headers in utils.h, so we can use that common header on the different platforms.
* tun-device: Use SIOCAIFADDR to set IP address on FreeBSD 10Tobias Brunner2014-04-251-2/+90
| | | | | | | | FreeBSD 10 deprecated the SIOCSIFADDR etc. commands, so we use this newer command to set the address and netmask. A destination address is now also required. Fixes #566.
* lookip: Disconnect asynchronously to avoid dead-locking watcher unregistrationMartin Willi2014-02-171-3/+2
| | | | | | | | | While it really would be desirable to allow stream destruction during on_read() callbacks, this does not work anymore since e49b2998. Until we have a proper solution for this issue, use asynchronous disconnects for the only user doing so. Fixes #518.
* lib: All settings use configured namespaceTobias Brunner2014-02-121-4/+4
|
* stream: Make sure no watcher callback is active while changing stream callbacksMartin Willi2014-01-221-14/+3
| | | | | | | | | | | When changing async callbacks on streams, we have to make sure the watcher callback is not currently active and has temporarily disabled callbacks. This could have been the case, as we didn't explicitly removed any pending watcher registration if both callbacks are NULL. By enforcing the watcher unregistration, we are sure the watcher callback is not active and currently is not mangling the callback hooks. This should make sure we avoid any races for the callback variables.
* tun-device: Include system headers before our ownTobias Brunner2013-12-202-3/+5
| | | | | | | | | | | | | On CentOS 6.5 the sys/capability.h header file defines _LINUX_TYPES_H without actually including that header, preventing its later inclusion here. As library.h (via which the capabilities headers are included) is not actually required in tun_device.[ch], moving the inclusion of tun_device.h would not strictly be necessary. But it's probably a good idea to include our own headers after system headers anyway, for if one of the recursively included files at a later point includes library.h we'd have the same problem again.
* tun-device: Include <linux/types.h> before <linux/if_tun.h>Martin Willi2013-11-221-0/+1
| | | | Fixes a build error on CentOS 6.4.
* Use exact mask when calling umask(2)Tobias Brunner2013-10-291-1/+1
| | | | | | Due to the previous negation the high bits of the mask were set, which at least some versions of the Android build system prevent with a compile-time check.
* tun_device: Add warning if TUN devices are not supported by platformTobias Brunner2013-09-121-2/+16
|
* host: Properly initialize struct sockaddr_in[6] when parsing stringsTobias Brunner2013-07-311-0/+2
| | | | | Otherwise struct members like sin6_flowinfo or sin6_scope_id might be set to bogus values.
* stream: Ensure UNIX socket path is null terminatedTobias Brunner2013-07-241-0/+1
|
* host: Prevent overflow in host_create_netmask() if mask is 0 or 32/128Tobias Brunner2013-07-241-5/+7
|
* Fix various API doc issues and typosTobias Brunner2013-07-181-2/+3
| | | | Partially based on an old patch by Adrian-Ken Rueegsegger.
* stream-service: move CAP_CHOWN check from plugins to service constructorMartin Willi2013-07-181-0/+5
| | | | | A plugin service can be a TCP socket now, so it does not make much sense to strictly check for CAP_CHOWN.
* stream: allow async read/write callback to destroy the stream explicitlyMartin Willi2013-07-182-10/+15
|
* stream: don't close underlying socket when creating a stream from itMartin Willi2013-07-181-1/+6
|
* stream: support keeping the service alive outside of service callbackMartin Willi2013-07-182-4/+5
|
* stream: add read/write_all() methods to streamMartin Willi2013-07-182-2/+73
|
* stream: support cancellation of stream service callbackMartin Willi2013-07-181-2/+3
|
* stream: use a service constructor to create servicesMartin Willi2013-07-182-77/+8
| | | | | | It does not make much sense to reference running services in the manager, especially as unregistration would need the URI (which a user would have to store instead of the service reference).
* stream: replace print/vprint() convenience functions by a FILE* getterMartin Willi2013-07-182-51/+20
| | | | | While this will complicate the implementation of streams not based on a fd, it allows us to unleash the full power of FILE based convenience functions.
* stream: add a concurrency option to services, limiting parallel callbacksMartin Willi2013-07-184-7/+71
|
* stream: add a job priority option to stream servicesMartin Willi2013-07-184-7/+24
|
* stream: add backlog option to stream services, forward to listen()Martin Willi2013-07-184-11/+15
|
* stream: add support for TCP stream servicesMartin Willi2013-07-183-0/+53
|
* stream: add support for TCP streamsMartin Willi2013-07-183-2/+108
|
* stream: add support for UNIX stream servicesMartin Willi2013-07-183-0/+61
|
* stream: add support for UNIX streamsMartin Willi2013-07-183-0/+77
|
* stream: support async operation using watcherMartin Willi2013-07-182-0/+142
|
* stream: add printf()-style covenience functionsMartin Willi2013-07-182-1/+60
|
* stream: create library instance of stream-managerMartin Willi2013-07-183-5/+2
|
* stream: add a manager to dynamically register streams and servicesMartin Willi2013-07-182-0/+386
|
* stream: add a stream service class abstracting services using BSD socketsMartin Willi2013-07-182-0/+235
|
* stream: add a stream class abstracting BSD socketsMartin Willi2013-07-182-0/+202
| | | | | Currently only synchronous operation is supported, but this will be extended with asynchronous methods using the new watcher.
* tun-device: Packets sent over utun devices on Mac OS X have the protocol ↵Tobias Brunner2013-06-211-0/+11
| | | | family prepended
* tun-device: Avoid opening /dev/tunX multiple times (e.g. on FreeBSD)Tobias Brunner2013-06-211-2/+6
|
* host-resolver: don't try to resolve a plain v4 address to an IPv6 addressVolker Rümelin2013-05-161-3/+17
| | | | | Suppress 'Address family for hostname not supported' errors if a IPv6 client connects in a mixed IPv4/IPv6 environment.
* tun_device: add a getter for the address previously passed to set_address()Martin Willi2013-05-062-0/+32
|
* tun_device: add a getter for the underlying file descriptorMartin Willi2013-05-062-0/+14
|
* tun-device: use host_create_netmask() to calculate interface netmaskMartin Willi2013-05-061-49/+12
|
* host: add a netmask constructor taking the number of network bitsMartin Willi2013-05-062-0/+57
|
* host: remove unused host_t.get_differences() methodMartin Willi2013-05-062-39/+0
|
* host: print %#H format specifiers not as %any, but with the portMartin Willi2013-05-061-1/+1
|
* host: initialize sockaddr->sa_len if it is availableMartin Willi2013-05-061-0/+14
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-01 21:56:57 +0000