aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* Added missing string for full-length HMAC-SHA512 signerTobias Brunner2013-06-101-0/+1
|
* Strictly memwipe_check() for magic only in the affected bufferMartin Willi2013-06-051-25/+8
| | | | | | | Passing back the buffer address we memwipe() is not ideal, as it could, in theory, change the behavior of the compiler and not-optimize memwipe(). But as checking a larger stack is very difficult for different architectures and compilers, we do it nonetheless for now.
* Allow memwipe() to be called with NULL argumentTobias Brunner2013-05-271-0/+4
|
* openssl: add support for IP addr blocks in X.509 certificatesMichael Rossberg2013-05-241-1/+115
|
* host-resolver: don't try to resolve a plain v4 address to an IPv6 addressVolker RĂ¼melin2013-05-161-3/+17
| | | | | Suppress 'Address family for hostname not supported' errors if a IPv6 client connects in a mixed IPv4/IPv6 environment.
* traffic-selector: inet_pton is successful only if it returns 1Martin Willi2013-05-161-23/+17
|
* capabilities: leak-detective using dlsym() does not need CAP_SYS_NICE anymoreMartin Willi2013-05-151-6/+0
|
* capabilities: initialize supplementary groups only when doing a setuid()Martin Willi2013-05-151-1/+1
|
* af-alg: fix number of signers after adding untruncated HMAC-SHA-512 (1f2a34d6)Martin Willi2013-05-151-1/+1
|
* openssl: Only warn about unavailable FIPS mode if the user requested itTobias Brunner2013-05-081-1/+1
|
* openssl: Cleanup thread specific error bufferTobias Brunner2013-05-081-5/+38
|
* openssl: Don't use deprecated CRYPTO_set_id_callback() with OpenSSL >= 1.0.0Tobias Brunner2013-05-081-17/+29
|
* openssl: Add PKCS#12 parsing via OpenSSLTobias Brunner2013-05-084-0/+307
|
* openssl: Properly cleanup OpenSSL libraryTobias Brunner2013-05-082-9/+7
|
* PEM plugin loads PKCS#12 containers from (DER-encoded) filesTobias Brunner2013-05-083-0/+24
| | | | | It is not actually able to handle PEM encoded PKCS#12 files produced by OpenSSL.
* Remove pluto specific certificate typesTobias Brunner2013-05-083-14/+1
|
* Add support for untruncated HMAC-SHA-512Tobias Brunner2013-05-085-1/+13
|
* Also support 128-bit RC2Tobias Brunner2013-05-081-1/+2
|
* Add pkcs12 plugin which adds support for decoding PKCS#12 containersTobias Brunner2013-05-0810-1/+803
|
* Function added to convert a hash algorithm to an HMAC integrity algorithmTobias Brunner2013-05-082-0/+77
|
* Support the PKCS#5/PKCS#12 encryption scheme used by OpenSSL for private keysTobias Brunner2013-05-081-0/+6
|
* Register PKCS#8 builder for KEY_ANYTobias Brunner2013-05-081-0/+1
|
* Add support for PKCS#7/CMS encrypted-dataTobias Brunner2013-05-086-5/+267
|
* Move PKCS#12 key derivation to a separate fileTobias Brunner2013-05-085-147/+238
|
* PKCS#5 wrapper can decrypt PKCS#12-like schemesTobias Brunner2013-05-082-4/+180
|
* Add test vectors for RC2Tobias Brunner2013-05-083-0/+118
|
* Fix cleanup in crypto_tester if a crypter failsTobias Brunner2013-05-081-1/+4
|
* Add implementation of the RC2 block cipher (RFC 2268)Tobias Brunner2013-05-088-4/+555
|
* Extract function to convert ASN.1 INTEGER object to u_int64_tTobias Brunner2013-05-083-23/+28
|
* Extract PKCS#5 handling from pkcs8 plugin to separate helper classTobias Brunner2013-05-085-458/+710
|
* agent: Use sshkey plugin to parse keys, adds support for ECDSATobias Brunner2013-05-072-56/+66
|
* sshkey: Add support for ECDSA keysTobias Brunner2013-05-071-0/+70
|
* sshkey: Added builder for SSHKEY RSA keysTobias Brunner2013-05-076-1/+142
|
* Add sshkey plugin stub that will parse RFC 4253 public keysTobias Brunner2013-05-074-0/+136
|
* tun_device: add a getter for the address previously passed to set_address()Martin Willi2013-05-062-0/+32
|
* tun_device: add a getter for the underlying file descriptorMartin Willi2013-05-062-0/+14
|
* tun-device: use host_create_netmask() to calculate interface netmaskMartin Willi2013-05-061-49/+12
|
* host: add a netmask constructor taking the number of network bitsMartin Willi2013-05-062-0/+57
|
* host: remove unused host_t.get_differences() methodMartin Willi2013-05-062-39/+0
|
* host: print %#H format specifiers not as %any, but with the portMartin Willi2013-05-061-1/+1
|
* host: initialize sockaddr->sa_len if it is availableMartin Willi2013-05-061-0/+14
|
* semaphore: similar to thread_create(), semaphore_create() is used by MachMartin Willi2013-05-061-0/+5
| | | | | | The compiler spits no warning, but the wrong symbol is used when calling semaphore_create() from strongSwan. Override the name with a #define to force the use of our semaphore_create().
* settings: Add a set_default_str() to set a different default for a keyMartin Willi2013-05-062-0/+31
| | | | | The value is set only if it is not configured in strongswan.conf or has not been set() otherwise.
* backtrace: use atos instead of addr2line on OS X to resolve source linesMartin Willi2013-05-061-3/+11
|
* backtrace: add an alternative stack unwinding implementation using libunwindMartin Willi2013-05-062-6/+35
|
* leak-detective: add support for OS X by hooking default malloc zoneMartin Willi2013-05-061-5/+160
|
* leak-detective: remove unused malloc call countersMartin Willi2013-05-061-7/+0
|
* leak-detective: align allocations on both 32 and 64-bit systems to 32 bytesMartin Willi2013-05-061-0/+5
|
* leak-detective: call tzset() explicitly before enabling leak detectiveMartin Willi2013-05-061-6/+11
| | | | | tzset() is hard to whitelist on some systems, as there is no symbol involved. Call tzset() explicitly before initialization to avoid false positives.
* leak-detective: override malloc functions instead of using deprecated hooksMartin Willi2013-05-061-128/+206
| | | | | | | malloc hooks have become deprecated, and their use has always been problematic, especially in multi-threaded applications. Replace the functionality by overriding all malloc functions and query the system allocator functions using dlsym() with RTLD_NEXT.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 10:53:39 +0000