aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* rwlock: Don't use buggy pthread_rwlock on OS XMartin Willi2013-10-241-0/+7
| | | | Recursive read locks don't seem to work properly, at least on 10.9.
* utils: Provide a fmemopen(3) fallback using BSD funopen()Martin Willi2013-10-242-0/+61
|
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-234-64/+12
| | | | This allows more than one builder to try parsing the data read from STDIN.
* chunk: Add helper function to create a chunk from data read from a file ↵Tobias Brunner2013-10-232-0/+40
| | | | descriptor
* semaphore: Support cancellation in wait functions of semaphore fallbackMartin Willi2013-10-231-4/+6
| | | | | Semaphore wait functions should be a thread cancellation point, but did not properly release the mutex in the fallback implementation.
* rwlock: Re-acquire rwlock even if condvar wait times outMartin Willi2013-10-231-1/+1
| | | | | A caller expects that the associated rwlock is held, whether the condvar gets signaled or the wait times out.
* traffic-selector: Print ICMP[v6] message type and code in a more readable wayTobias Brunner2013-10-171-4/+35
|
* traffic-selector: Store ICMP[v6] message type and code properlyTobias Brunner2013-10-172-8/+70
| | | | We now store them as defined in RFC 4301, section 4.4.1.1.
* traffic-selector: Move class to its own Doxygen groupTobias Brunner2013-10-172-1/+4
|
* openssl: Add workaround if ECC Brainpool curves are not definedTobias Brunner2013-10-171-11/+247
|
* openssl: Add support for ECC Brainpool curves for DH, if defined by OpenSSLTobias Brunner2013-10-172-6/+51
| | | | OpenSSL does not include them in releases before 1.0.2.
* ecc: Added ECC Brainpool ECDH groups as registered with IANAAndreas Steffen2013-10-173-3/+20
|
* unit-tests: Make test for bio_writer_t more portableTobias Brunner2013-10-171-2/+8
|
* utils: Add utility function to calculate padding lengthTobias Brunner2013-10-172-13/+24
|
* Doxygen fixesTobias Brunner2013-10-151-1/+1
|
* Revert refactoring which broke CentOS buildAndreas Steffen2013-10-131-1/+1
|
* ccm: Add missing comma in get_iv_gen method signatureTobias Brunner2013-10-111-1/+1
|
* iv-gen: Add missing header files to Makefile.amTobias Brunner2013-10-111-0/+1
|
* iv_gen: Mask sequential IVs with a random saltTobias Brunner2013-10-111-0/+24
| | | | | This makes it harder to attack a HA setup, even if the sequence numbers were not fully in sync.
* iv_gen: Provide external sequence number (IKE, ESP)Tobias Brunner2013-10-113-17/+10
| | | | This prevents duplicate sequential IVs in case of a HA failover.
* iv_gen: aead_t implementations provide an IV generatorTobias Brunner2013-10-115-1/+76
|
* iv_gen: Add IV generator that allocates IVs sequentiallyTobias Brunner2013-10-114-2/+121
|
* iv_gen: Add IV generator that allocates IVs randomlyTobias Brunner2013-10-114-0/+113
| | | | Uses RNG_WEAK as the code currently does elsewhere to allocate IVs.
* crypto: Add generic interface for IV generatorsTobias Brunner2013-10-112-1/+60
|
* apidoc: Move mac_prf to prf Doxygen groupTobias Brunner2013-10-111-1/+1
|
* unbound: Add support for DLV (DNSSEC Lookaside Validation)Tobias Brunner2013-10-111-12/+23
| | | | Fixes #392.
* ipsec_types: Add utility function to parse mark_t from stringsTobias Brunner2013-10-113-2/+95
|
* database: Add support for serializable transactionsTobias Brunner2013-10-113-5/+23
|
* sqlite: Implement transaction handlingTobias Brunner2013-10-111-6/+83
|
* mysql: Implement transaction handlingTobias Brunner2013-10-111-7/+119
|
* database: Add interface to handle transactionsTobias Brunner2013-10-113-1/+76
|
* mysql: Ensure connections are properly released in multi-threaded environmentsTobias Brunner2013-10-111-14/+23
|
* crypto-factory: Try next available RNG implementation if constructor failsTobias Brunner2013-10-111-13/+6
|
* crypto-factory: Order entries by algorithm identifier and (optionally) speedTobias Brunner2013-10-111-22/+18
|
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-117-24/+16
| | | | for IKEv2 anyway
* vstr: Forward actual field widthTobias Brunner2013-10-111-1/+1
| | | | | fmt_field_width is a flag that indicates if a field width is defined in obj_field_width.
* unit-tests: support testing when leak-detective has not been enabledMartin Willi2013-10-111-5/+14
|
* printf-hook-builtin: Print NaN/Infinity floating point values as suchMartin Willi2013-10-112-2/+36
|
* printf-hook-builtin: Correctly round up floating point valuesMartin Willi2013-10-112-9/+43
|
* printf-hook-builtin: Add some preliminary floating point supportMartin Willi2013-10-112-2/+223
| | | | | This minimalistic implementation has no aspiration for completeness or accuracy, and just provides what we need.
* printf-hook-builtin: Support GNU %m specifierMartin Willi2013-10-112-0/+21
|
* printf-hook-builtin: Add a new "builtin" backend using its own printf() routinesMartin Willi2013-10-114-1/+1025
| | | | | | Overloads printf C library functions by a self-contained implementation, based on klibc. Does not yet feature all the required default formatters, including those for floating point values.
* printf-hook: Add some basic printf() string/integer test functionsMartin Willi2013-10-114-1/+112
|
* printf-hook: Move glibc/vstr printf hook backends to separate filesMartin Willi2013-10-119-383/+586
|
* openssl: Properly log FIPS mode when enabled via openssl.confTobias Brunner2013-09-271-5/+13
| | | | | | | | | Enabling FIPS mode twice will fail, so if it is enabled in openssl.conf it should be disabled in strongswan.conf (or the other way around). Either way, we should log whether FIPS mode is enabled or not. References #412.
* printf-hook: Write to output stream instead of the FD directly when using VstrTobias Brunner2013-09-241-12/+12
| | | | | This avoids problems when other stdio functions are used (fputs, fwrite) as writes via Vstr/FD were always unbuffered.
* sshkey: Add support for parsing keys from filesTobias Brunner2013-09-131-1/+92
|
* sshkey: Add encoding for ECDSA keysTobias Brunner2013-09-131-0/+72
|
* openssl: Add support for generic encoding of EC public keysTobias Brunner2013-09-131-23/+13
|
* sshkey: Add encoder for RSA keysTobias Brunner2013-09-136-2/+93
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 09:25:55 +0000