aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed some typosTobias Brunner2014-06-301-1/+1
|
* windows: Include <sys/stat.h> explicitly before overloading memset()/memcpy()Martin Willi2014-06-251-0/+1
| | | | | | fstat() in newer MinGWs is defined as non-static inline. With our new static inline memset()/memcpy() overloads, this raises a warning. To avoid it, explicitly include <sys/stat.h> once before defining these overloads.
* android: Define HAVE_DLADDR as plugin loader checks for itTobias Brunner2014-06-241-2/+0
|
* android: Update Android.mk files to match changes due to the Windows portTobias Brunner2014-06-241-6/+16
| | | | Makes them easier to compare to the original Makefile.am.
* charon: Set CLOEXEC flag on daemon PID file and /dev/(u)random source FDsMartin Willi2014-06-241-0/+5
| | | | | | | | | | | | | On Fedora, SELinux complains about these open file descriptors when the updown script invokes iptables. While it seems difficult to set the flag on all file descriptors, this at least fixes those covered by the SELinux policy. As these two cases are in code executed while the daemon is still single threaded, we avoid the use of atomic but not fully portable fdopen("e") or open(O_CLOEXEC) calls. Fixes #519.
* utils: Add wrappers for memcpy(3), memmove(3) and memset(3)Tobias Brunner2014-06-241-1/+33
| | | | | | | | These wrappers guarantee that calls to these functions are noops if the number of bytes is 0, as calling them with NULL pointers is undefined according to the C standard, even if the number of bytes is 0 (most implementations probably ignore the pointers anyway in this case, but lets make sure).
* unit-tests: Add tests for DH factoryTobias Brunner2014-06-201-0/+157
|
* crypto-factory: Only sort RNGs by algorithm identifierTobias Brunner2014-06-201-5/+13
| | | | | Others remain in the order in which they were added, grouped by algorithm identifier and sorted by benchmarking speed, if provided.
* unit-tests: Add test for crypto_factory_t's rng_create methodTobias Brunner2014-06-203-0/+157
|
* ipsec: Add a fourth priority class for bypass policiesTobias Brunner2014-06-191-1/+3
|
* unit-tests: Make fixture functions optionalTobias Brunner2014-06-191-2/+8
|
* collections: Add interface for read-only dictionariesTobias Brunner2014-06-192-1/+56
|
* hashtable: Add destroy_function methodTobias Brunner2014-06-192-11/+37
|
* winhttp: Fix a typo to properly release connection handleMartin Willi2014-06-191-1/+1
| | | | Fixes a rather large memory leak in HTTP fetches.
* identification: Only use either , or / to separate RDNsTobias Brunner2014-06-182-7/+17
| | | | | If a DN starts with a slash (or whitespace and a slash) slashes will be used, otherwise commas.
* sshkey: Fix loading of ECDSA keys from filesTobias Brunner2014-06-182-3/+3
|
* sshkey: Add support to parse SSH public keys from files with left|rightsigkeyTobias Brunner2014-06-183-3/+59
|
* windows: Declare strerror_s()Martin Willi2014-06-171-0/+5
| | | | | Older MinGW versions seem to miss this function declaration. Fixes build on Travis using Ubuntu 12.04.
* windows: Extend strerror_r/s by extended POSIX errno stringsMartin Willi2014-06-172-0/+66
|
* windows: Implement strerror_r using strerror_sMartin Willi2014-06-171-0/+9
|
* windows: Wrap most Winsock2 Posix functions to set errnoMartin Willi2014-06-172-65/+198
| | | | | | While Winsock provides many Posix compatibility functions, they do not set errno, but use WSAGetLastError() for error reporting. The wrapped functions derive an errno from WSAGetLastError() on failure.
* watcher: Prevent race condition spawning multiple watcher threadsMartin Willi2014-06-171-1/+3
| | | | | | | | If file descriptors get added and removed in rapid succession, the active watcher thread might not take notice of it and continues running. However, add() spawns a watcher thread whenever a file descriptor is added to an empty set. This could result in multiple watcher threads, which is fixed by a proper check for running watchers.
* thread-value: Defer cleanup handling to thread termination on WindowsMartin Willi2014-06-173-40/+51
| | | | | | | | | | | Instead of cleaning up all thread-values during destruction, cleanup handler is invoked when a thread detaches. Thread detaching is cough using the Windows DllMain() entry point, and allows us to basically revert 204098a7. Using this mechanism, we make sure that the cleanup handler is invoked by the the correct thread. Further, this mechanism works for externally-spawned threads which run outside of our thread_cb() routine, and works more efficiently with short-running threads.
* windows: Link against psapi32Martin Willi2014-06-061-1/+1
| | | | | On some version GetModuleFileNameEx/GetModuleInformation is in psapi32 instead of kernel32. We link to both libraries to make sure we have it.
* backtrace: Use GetModuleInformation/GetModuleFileNameEx directly on Win32Martin Willi2014-06-061-2/+10
| | | | The K32 variants are actually needed on 64-bit only.
* windows: Use WINAPI call convention for Windows API callbacksMartin Willi2014-06-064-7/+9
| | | | | For x86_64 it does not actually matter, but for i686 builds the call convention is different with WINAPI.
* unit-tests: Zero-initialize chunk to avoid free on non-successful fetchMartin Willi2014-06-041-1/+1
| | | | | If the fetch fails, the fetcher is not required to return an empty chunk. Avoid the resulting invalid free() by initializing data.ptr to NULL.
* winhttp: Support basic authentication for URLs having credentialsMartin Willi2014-06-041-3/+23
|
* winhttp: Support new response code fetcher optionMartin Willi2014-06-041-0/+34
|
* winhttp: Implement a http(s) fetcher based on Microsofts WinHTTP APIMartin Willi2014-06-046-0/+529
|
* child-sa: Pass the number of total policies tied to an SA to the kernelMartin Willi2014-06-041-0/+2
| | | | | This will be useful if the kernel backend has to know how many policies follow an SA install, for example if it must install all policies concurrently.
* windows: Provide POSIX supplement errno values missing in MinGWMartin Willi2014-06-042-23/+147
| | | | | MinGW headers do not define these values, but Windows system headers do. Windows defines them for POSIX compatibility, we do the same locally.
* windows: Provide shutdown(2) operation aliases mapping to those on WindowsMartin Willi2014-06-041-0/+7
|
* x509: Check return value when signing attribute certificatesMartin Willi2014-06-041-9/+16
| | | | | | In addition that this lets AC generation fail properly if private key signing fails, it also fixes an issue when compiling on Windows with MinGW 4.8.1, where for some reason the attributeCertificateInfo got encoded incorrectly.
* unit-tests: Support testable functions on Windows, avoid weak GCC symbolsMartin Willi2014-06-043-61/+61
| | | | | | | Instead of using weak symbols, we use dlsym() on Windows to find an arbitrary symbol in libtest to detect its linkage. Instead of creating the associated hashtable in the test runner, we maintain it in libstrongswan, making it significantly simpler.
* unit-tests: Seed chunk_hash() only once, but before creating any hashtablesMartin Willi2014-06-044-9/+14
| | | | | | | Due to the removal of pthread_once, we manually create the seed for chunk_hash(). With the new testable functions interface, this won't work for the hashtable initiated using __attribute__((constructor)). Enforce seeding before creating that hashtable.
* openssl: Don't re-enter FIPS mode if we are already using itMartin Willi2014-06-041-2/+3
| | | | | | If FIPS mode has been enabled by other means, under some environments it can't be entered again. It fails with "FIPS mode already set". To avoid it, we first check the mode before changing it.
* unit-tests: Force a CET/CEST timezone Windows understandsMartin Willi2014-06-041-0/+4
| | | | | | As it is currently unclear what the "three-letter-timezone" for CEST is, we use the German timezone, which actually is CET/CEST. SetEnvironmentVariable() "TZ" does not seem to affect localtime(), so we use _putenv() instead.
* utils: Add a wait_sigint() function to wait for SIGINT or equivalentMartin Willi2014-06-042-0/+88
|
* chunk: On Windows, use binary mode in chunk_write()Martin Willi2014-06-041-1/+8
|
* openssl: Be less verbose about FIPS mode when not running as daemonMartin Willi2014-06-041-2/+2
| | | | | While this is valuable information, printing it for pki and other tools is annoying.
* unit-tests: Adapt settings tests for WindowsMartin Willi2014-06-041-2/+13
|
* parser-helper: Detect absolute pathnames and concatenate paths on WindowsMartin Willi2014-06-041-2/+3
|
* utils: Provide a path_absolute() function to check path for non-relativenessMartin Willi2014-06-043-38/+88
| | | | The usually used trivial '/' check won't work on Windows platforms.
* utils: Return plain drive letter as base/pathname for drive letters on WindowsMartin Willi2014-06-041-0/+9
|
* utils: Support Windows path separators in path_basename/dirnameMartin Willi2014-06-042-9/+28
|
* utils: Define a platform directory separator character used in pathsMartin Willi2014-06-041-0/+9
|
* windows: Provide a getpass() implementationMartin Willi2014-06-042-0/+65
|
* chunk: On Windows, chunk_map() opens files in binary modeMartin Willi2014-06-041-2/+7
|
* windows: Include for Vista instead of defining CondVar/SRWLock functions ourselfMartin Willi2014-06-045-33/+12
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 13:52:07 +0000