aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Implemented libstrongswan.plugins.random.strong_equals_true optionAndreas Steffen2013-11-163-0/+22
|
* plugin-loader: Convenience function added to add plugin dirs in build treeTobias Brunner2013-11-062-0/+28
|
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-232-61/+12
| | | | This allows more than one builder to try parsing the data read from STDIN.
* openssl: Add workaround if ECC Brainpool curves are not definedTobias Brunner2013-10-171-11/+247
|
* openssl: Add support for ECC Brainpool curves for DH, if defined by OpenSSLTobias Brunner2013-10-172-6/+51
| | | | OpenSSL does not include them in releases before 1.0.2.
* ccm: Add missing comma in get_iv_gen method signatureTobias Brunner2013-10-111-1/+1
|
* iv_gen: aead_t implementations provide an IV generatorTobias Brunner2013-10-113-0/+46
|
* unbound: Add support for DLV (DNSSEC Lookaside Validation)Tobias Brunner2013-10-111-12/+23
| | | | Fixes #392.
* database: Add support for serializable transactionsTobias Brunner2013-10-112-3/+16
|
* sqlite: Implement transaction handlingTobias Brunner2013-10-111-6/+83
|
* mysql: Implement transaction handlingTobias Brunner2013-10-111-7/+119
|
* database: Add interface to handle transactionsTobias Brunner2013-10-112-0/+44
|
* mysql: Ensure connections are properly released in multi-threaded environmentsTobias Brunner2013-10-111-14/+23
|
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-113-6/+6
| | | | for IKEv2 anyway
* openssl: Properly log FIPS mode when enabled via openssl.confTobias Brunner2013-09-271-5/+13
| | | | | | | | | Enabling FIPS mode twice will fail, so if it is enabled in openssl.conf it should be disabled in strongswan.conf (or the other way around). Either way, we should log whether FIPS mode is enabled or not. References #412.
* sshkey: Add support for parsing keys from filesTobias Brunner2013-09-131-1/+92
|
* sshkey: Add encoding for ECDSA keysTobias Brunner2013-09-131-0/+72
|
* openssl: Add support for generic encoding of EC public keysTobias Brunner2013-09-131-23/+13
|
* sshkey: Add encoder for RSA keysTobias Brunner2013-09-135-2/+91
|
* openssl: Add generic RSA public key encodingTobias Brunner2013-09-131-3/+17
|
* openssl: Add helper function to convert BIGNUMs to chunksTobias Brunner2013-09-132-0/+27
|
* keychain: be less verbose when loading certificatesMartin Willi2013-07-311-2/+5
|
* keychain: Use AM_CPPFLAGS instead of INCLUDESTobias Brunner2013-07-191-1/+1
|
* credmgr: introduce a hook function to catch trust chain validation errorsMartin Willi2013-07-182-0/+14
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-1844-138/+183
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* soup: omit deprecated g_type_init() when using >= GLIB 2.36Martin Willi2013-07-181-0/+2
|
* keychain: flush certificate cache after reloading System keychainMartin Willi2013-07-181-0/+2
|
* keychain: monitor changes in the system keychain, reload when necessaryMartin Willi2013-07-181-0/+65
|
* keychain: use SearchCopyNext keychain enumeration for System certs as wellMartin Willi2013-07-181-71/+12
| | | | | | | SecItemCopyMatching seems to be problematic regarding memory management. And as there does not seem to be a good alternative to enumerate the System Roots keychain using the SecItemCopyMatching API, we stick to the deprecated enumeration functions for now.
* keychain: load certificates from System Roots KeychainMartin Willi2013-07-181-0/+65
|
* keychain: load certificates only once during startup, improving performanceMartin Willi2013-07-183-111/+78
|
* keychain: support on-the-fly enumeration of trusted/untrusted certificatesMartin Willi2013-07-182-1/+118
|
* keychain: add a stub for a credential plugin using OS X Keychain ServicesMartin Willi2013-07-185-0/+247
|
* openssl: parse X.509 extended key usage from extension parsing loopMartin Willi2013-07-181-33/+38
| | | | | Otherwise parsing gets aborted if unknown critical extensions are handled as error.
* openssl: show which critical X.509 extension is not supportedMartin Willi2013-07-181-1/+6
|
* pkcs12: Add plugin dependencies with soft dependencies on the most common ↵Tobias Brunner2013-07-151-0/+6
| | | | algorithms
* Recognize critical IssuingDistributionPoint CRL extensionAndreas Steffen2013-07-122-0/+7
|
* Use strpfx() helper where appropriateTobias Brunner2013-07-084-4/+4
|
* openssl: RAND_pseudo_bytes() returns 0 if bytes are not cryptographically strongMartin Willi2013-07-041-9/+6
| | | | For our purposes with RNG_WEAK this is fine, so accept a zero return value.
* plugin-loader: Removed unused path argument of load() methodTobias Brunner2013-06-282-12/+8
| | | | | Multiple additional search paths can be added with the add_path() method.
* plugin-loader: Method added to provide additional search paths for pluginsTobias Brunner2013-06-272-10/+66
|
* plugin-loader: Move logging of failed features to status()Tobias Brunner2013-06-211-7/+11
| | | | | | | | | Still log an error message if critical features fail, as loaded plugins/features are not logged in that case. This way loaded plugins are printed before failed features and the relation is easier to make for users. It also allows programs to log this message on a different level.
* plugin-loader: Add method to print loaded plugins on a given log levelTobias Brunner2013-06-212-0/+18
|
* plugin-loader: Collect statistics while loading features, print them in case ↵Tobias Brunner2013-06-211-69/+40
| | | | | | | features failed to load There is no need to explicitly search for failed features in critical plugins as this is now detected while loading the features.
* plugin-loader: Use different log level if failed feature is in critical pluginTobias Brunner2013-06-211-2/+16
|
* plugin-loader: Log message when failing to load pluginTobias Brunner2013-06-211-0/+8
|
* plugin-loader: Reduce verbosity while loading pluginsTobias Brunner2013-06-211-4/+4
|
* Move test-runners has_feature() function to plugin loaderMartin Willi2013-06-212-0/+38
|
* pubkey: Improve comparison of raw public key certificate objectsTobias Brunner2013-06-211-1/+11
|
* curl: add an option to fetch bound to a local source addressMartin Willi2013-06-111-0/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 08:16:05 +0000