aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan/selectors
Commit message (Collapse)AuthorAgeFilesLines
* support gre key in ikev1tterasTimo Teräs2017-11-202-2/+62
| | | | | | | | | | | | | | this implements gre key negotiation in ikev1 similarly to the ipsec-tools patch in alpine. the from/to port pair is internally used as gre key for gre protocol traffic selectors. since from/to pairs 0/0xffff and 0xffff/0 have special meaning, the gre keys 0xffff and 0xffff0000 will not work. this is not standard compliant, and should probably not be upstreamed or used widely, but it is applied for interoperability with alpine racoon for the time being.
* traffic-selector: Use single buffer for both address familiesTobias Brunner2017-08-171-150/+73
| | | | | | | | The generic field of size 0 in the union that was used previously triggered index-out-of-bounds errors with the UBSAN sanitizer that's used on OSS-Fuzz. Since the two family specific union members don't really provide any advantage, we can just use a single buffer for both families to avoid the errors.
* traffic-selector: Allow calling set_address() for any traffic selectorTobias Brunner2017-02-272-46/+53
| | | | | Users may check is_host(), is_dynamic() or includes() before calling this if restrictions are required (most actually already do).
* Use standard unsigned integer typesAndreas Steffen2016-03-242-58/+58
|
* traffic-selector: Don't end printf'ed list of traffic selectors with a spaceTobias Brunner2015-11-101-5/+4
|
* traffic-selector: Use calc_netbits() in RFC 3779 constructorTobias Brunner2015-08-271-2/+1
| | | | This properly detects prefixes encoded as ranges.
* traffic-selector: Add a hash() methodMartin Willi2015-02-202-0/+20
|
* traffic-selector: Add a compare function to sort traffic selectorsMartin Willi2015-02-202-34/+86
|
* windows: Add a common Windows header for platform specific wrappersMartin Willi2014-06-031-4/+3
| | | | | Include some more basic system headers in utils.h, so we can use that common header on the different platforms.
* traffic-selector: Print ICMP[v6] message type and code in a more readable wayTobias Brunner2013-10-171-4/+35
|
* traffic-selector: Store ICMP[v6] message type and code properlyTobias Brunner2013-10-172-8/+70
| | | | We now store them as defined in RFC 4301, section 4.4.1.1.
* traffic-selector: Move class to its own Doxygen groupTobias Brunner2013-10-171-1/+1
|
* traffic-selector: inet_pton is successful only if it returns 1Martin Willi2013-05-161-23/+17
|
* Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-212-16/+17
|
* Print OPAQUE traffic selectors as what they are, not as port rangeMartin Willi2013-02-211-0/+4
|
* Support "opaque" ports in traffic selector subset calculationMartin Willi2013-02-211-6/+32
|
* Slightly refactor traffic_selector_t.get_subset()Martin Willi2013-02-211-61/+68
|
* Migrate remaining traffic selector methods to METHOD macroMartin Willi2013-02-211-19/+18
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-241-1/+1
|
* Add a traffic selector constructor creating a TS directly from a CIDR stringMartin Willi2012-10-242-0/+30
|
* Allow calls to set_address() for any host-sized TS, not only dynamic onesTobias Brunner2012-09-121-1/+1
| | | | | This fixes CHILD_SA updates (e.g. due to MOBIKE), which were broken since 4cb0783.
* Don't return a subset for a dynamic TS unless set_address has been calledMartin Willi2012-09-111-1/+5
|
* Validate netmask in traffic_selector_create_from_subnetTobias Brunner2012-08-131-0/+1
| | | | Fixes #216.
* Pass opaque data to printf hooks and print_in_hook()Martin Willi2012-07-132-17/+17
|
* Accept non-"/0" subnet sizes for traffic selectors starting at 0.0.0.0Martin Willi2012-07-021-40/+9
|
* ts.get_subnet() returns TRUE if the selector actually is a subnetMartin Willi2012-03-202-3/+6
|
* cosmeticsAndreas Steffen2011-10-021-2/+2
|
* Migrated traffic_selector to INIT/METHOD macrosAndreas Steffen2011-10-021-77/+52
|
* Replaced simple iterator usages.Tobias Brunner2011-07-061-10/+10
|
* fixed IP range to subnet conversion in ts_to_subnet()Andreas Steffen2011-06-031-6/+7
|
* Compare ending address in ts->equals, fixes redundant traffic selector ↵Martin Willi2011-01-141-2/+4
| | | | elimination
* Fixed some Doxygen warnings.Tobias Brunner2010-03-241-14/+14
|
* do not recalculate netbits for true subnetsAndreas Steffen2009-12-221-1/+4
|
* cosmeticsAndreas Steffen2009-12-221-2/+4
|
* fixed IPv6 bug in calc_range()Andreas Steffen2009-12-221-25/+16
|
* fixed initialization of netbitsAndreas Steffen2009-12-211-2/+3
|
* traffic_selector supports RFC 3779 address range formatAndreas Steffen2009-12-212-39/+115
|
* this->type is set by traffic_selector_create()Andreas Steffen2009-12-201-2/+0
|
* moved traffic_selectors from charon to libstrongswanAndreas Steffen2009-12-202-0/+1160
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-03 02:51:37 +0000