aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-285-10/+12
|
* Initialize g and p in create_dh factory methodTobias Brunner2012-09-281-1/+1
|
* Properly initialize chunk for extension OID when parsing CRLsTobias Brunner2012-09-281-1/+1
|
* Properly cleanup varargs in LDAP fetcher's set_option()Tobias Brunner2012-09-281-3/+4
|
* Properly cleanup varargs in enumerators of both SQL backendsTobias Brunner2012-09-282-0/+2
|
* Documentation about some time values clarifiedTobias Brunner2012-09-241-1/+1
|
* Properly handle thread cancelation in rwlock_condvar_tTobias Brunner2012-09-211-15/+20
|
* Added a condvar implementation that works with rwlock_tTobias Brunner2012-09-213-4/+220
|
* Avoid calculating the hash if hashtable is emptyTobias Brunner2012-09-211-0/+5
|
* Avoid memset in is_anyaddr()Tobias Brunner2012-09-211-6/+2
|
* Make streq() and strcaseeq() static inline functions so they can be used as ↵Tobias Brunner2012-09-211-25/+31
| | | | callbacks
* Add a linked list constructor taking items from a vararg listMartin Willi2012-09-182-2/+33
|
* Fix Doxygen comment for proposal_keywords_tTobias Brunner2012-09-181-1/+1
| | | | Two dots seem to mark the end of a list.
* Fix equality comparison of auth_cfg_tTobias Brunner2012-09-181-2/+16
| | | | | | | We previously only confirmed that rules contained in the first config are also contained in the second, but since the number of rules does not have to be equal, it might be that the second config contains rules that the first one doesn't.
* Add AUTH_RULE_IDENTITY_LOOSE which allows to use IDr loosely as initiatorTobias Brunner2012-09-182-0/+26
| | | | | | If it is set on an auth config IDr will not be sent, and later the configured identity will not only be checked against the returned IDr, but also against other identities contained in the responder's certificate.
* Added algorithm lookup via kernel_interface_t to the various kernel interfacesTobias Brunner2012-09-132-3/+5
|
* Added possibility to register custom proposal keywordsTobias Brunner2012-09-135-12/+180
| | | | Keyword lookup and registration are handled via the new lib->proposal object.
* Removed len argument from proposal_get_token()Tobias Brunner2012-09-132-4/+3
| | | | Also use enumerators instead of lexparser.h to parse proposal strings.
* Make arguments for enumerator_create_token|directory constTobias Brunner2012-09-132-7/+10
|
* Moved proposal_keywords to proposal_keywords_staticFrancois ten Krooden2012-09-137-34/+131
| | | | Added new proposal keywords with function to reference the static keywords.
* Allow calls to set_address() for any host-sized TS, not only dynamic onesTobias Brunner2012-09-121-1/+1
| | | | | This fixes CHILD_SA updates (e.g. due to MOBIKE), which were broken since 4cb0783.
* Don't return a subset for a dynamic TS unless set_address has been calledMartin Willi2012-09-111-1/+5
|
* Add a linked list constructor initializing from an enumeratorMartin Willi2012-09-112-0/+27
|
* Add strongswan.conf runtime options for /dev/[u]random filesMartin Willi2012-09-101-2/+7
| | | | Fixes #221.
* Merge branch 'android-client-cert'Tobias Brunner2012-09-041-0/+2
|\ | | | | | | Introduces IKEv2 client certificate authentication for the Android App.
| * android: Enable pkcs8 pluginTobias Brunner2012-08-311-0/+2
| |
* | Merge branch 'eap-client-select'Tobias Brunner2012-08-312-14/+101
|\ \ | | | | | | | | | | | | | | | This brings support for EAP-Nak payloads on the client (to select a specific or supported method), and the server (via the eap-dynamic plugin which selects a method supported/requested by the client).
| * | Added eap-dynamic plugin which can proxy any other EAP methodTobias Brunner2012-08-312-1/+2
| | |
| * | Function added that parses EAP method strings ([eap-]type[-vendor])Tobias Brunner2012-08-312-0/+86
| | |
| * | Move our pseudo EAP types out of the range of valid EAP methodsTobias Brunner2012-08-312-14/+14
| |/
* | Ported tun_device de-/initialization to FreeBSDTobias Brunner2012-08-291-5/+47
| |
* | Ported tun_device initialization to OS X utunMartin Willi2012-08-281-19/+85
|/
* define pen_type_t as a vendor-specific typeAndreas Steffen2012-08-201-1/+19
|
* Don't use POSIX semaphores if a MONOTONIC clock is availableMartin Willi2012-08-201-0/+8
| | | | | | POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction expects CLOCK_MONOTONIC based times. Use the mutex/condvar based fallback if time_monotonic() actuall returns monotonic times.
* Add a mutex/condvar based semaphore implementation if sem_timedwait is ↵Martin Willi2012-08-201-2/+67
| | | | | | unavailable Fixes #214.
* added IBM and OpenPTS Private Enterprise NumbersAndreas Steffen2012-08-202-2/+8
|
* openssl: Fix registration of the PUBKEY builderTobias Brunner2012-08-181-1/+1
| | | | | libtls drops support for RSA suites if it does not find an RSA backend (final builder for RSA public keys).
* Add a wrapper around vstr_add_fmt() to avoid having to link libcharon ↵Tobias Brunner2012-08-172-2/+31
| | | | | | against libvstr At least on Android the latter would be required.
* fixed Makefile for libstrongswan dev headersAndreas Steffen2012-08-141-2/+2
|
* Validate netmask in traffic_selector_create_from_subnetTobias Brunner2012-08-131-0/+1
| | | | Fixes #216.
* Comment fixedTobias Brunner2012-08-131-1/+1
|
* Merge branch 'android-app'Tobias Brunner2012-08-1320-45/+1478
|\ | | | | | | | | | | | | | | This branch introduces a userland IPsec implementation (libipsec) and an Android App which targets the VpnService API that is provided by Android 4+. The implementation is based on the bachelor thesis 'Userland IPsec for Android 4' by Giuliano Grassi and Ralf Sager.
| * Ensure thread IDs always start with 1 even if the library is reusedTobias Brunner2012-08-131-2/+2
| | | | | | | | | | | | Within the Android App the library stays loaded in memory and is just initialized/deinitialized with each connection, the static thread counter would continuously increase without this patch.
| * Don't print hosts as %any if %+H is usedTobias Brunner2012-08-132-7/+8
| | | | | | | | | | | | That is, the plus sign can be used in the format string to force a numeric string representation of all host_t objects even 0.0.0.0 and :: which would otherwise be printed as %any and %any6.
| * Add support for '+' in custom format specifiersTobias Brunner2012-08-132-0/+7
| |
| * Added utility class to create TUN devicesTobias Brunner2012-08-084-3/+468
| | | | | | | | Currently works only on Linux.
| * Moved types used by kernel_ipsec_t interface (and libipsec) to libstrongswanTobias Brunner2012-08-085-4/+220
| | | | | | | | This avoids a dependency of libipsec to libhydra.
| * Added a simple blocking queue around linked_list_tTobias Brunner2012-08-084-6/+232
| |
| * Extended constructor for packet_t added (takes src, dst and data)Tobias Brunner2012-08-082-3/+24
| |
| * Moved packet_t to libstrongswanTobias Brunner2012-08-084-4/+268
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 03:41:54 +0000