aboutsummaryrefslogtreecommitdiffstats
path: root/src/libstrongswan
Commit message (Collapse)AuthorAgeFilesLines
...
* unbound: Fix memory leakTobias Brunner2016-09-201-0/+2
|
* leak-detective: Whitelist leak in libldapTobias Brunner2016-09-201-0/+2
|
* leak-detective: Optionally write report to a log fileTobias Brunner2016-09-201-10/+36
|
* auth-cfg-wrapper: Fix memory leak with hash-and-URL certificatesTobias Brunner2016-09-121-1/+1
| | | | | | | We wrap the auth-cfg object and its contents, so there is no need to get an additional reference for the enumerated certificate. Fixes a44bb9345f04 ("merged multi-auth branch back into trunk")
* padlock: Use builtin bswap32() to fix compilation on FreeBSDTobias Brunner2016-08-311-6/+5
| | | | Fixes #591.
* proposal: Use proper list to get function pointer when adding custom parserThomas Egerer2016-08-291-1/+1
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* android: Add missing xof.c fileTobias Brunner2016-08-291-0/+1
| | | | Fixes #2093.
* xof: Add header to dev headersTobias Brunner2016-08-291-1/+2
|
* utils: Fix definition of BYTE_ORDER with MinGWTobias Brunner2016-08-241-1/+5
|
* unit-tests: Removed unused variableAndreas Steffen2016-08-111-2/+0
|
* unit-tests: Created newhope unit-testsAndreas Steffen2016-08-109-7/+1338
|
* Created newhope plugin implementing the New Hope key exchange algorithmAndreas Steffen2016-08-1013-1/+1347
|
* xof: Added ChaCha20 stream as XOFAndreas Steffen2016-08-069-3/+311
|
* utils: Defined uletoh16() and htole16()Andreas Steffen2016-08-061-0/+42
|
* integrity-test: Added ntru_param_sets to read-only segmentAndreas Steffen2016-07-297-36/+96
|
* integrity-test: Added bliss_param_sets to read-only segmentAndreas Steffen2016-07-2914-63/+68
|
* integrity-test: check code and ro segments of libnttfftAndreas Steffen2016-07-297-32/+46
|
* Created libnttfftAndreas Steffen2016-07-2919-121/+258
| | | | | This makes Number Theoretic Transforms (NTT) based on the efficient Fast-Fourier-Transform (FFT) available to multiple plugins.
* Share twiddle factors table between 512 and 1024 point FFTAndreas Steffen2016-07-293-134/+14
|
* Implemented FFT with n = 1024 and q = 11289 using Montgomery arithmeticAndreas Steffen2016-07-293-8/+495
|
* bliss: Implemented FFT with fast Montgomery arithmeticAndreas Steffen2016-07-298-102/+294
|
* xof: Implemented SHAKE128 and SHAKE256 Extended Output FunctionsAndreas Steffen2016-07-2911-415/+1293
|
* xof: Defined Extended Output FunctionsAndreas Steffen2016-07-2912-5/+520
|
* Added SHA-3 signature OIDsAndreas Steffen2016-07-261-1/+10
|
* unit-tests: Decreased loop count of FFT speed test to 10'000Andreas Steffen2016-07-221-1/+1
|
* unit-tests: Added bliss_fft_speed testAndreas Steffen2016-07-221-1/+42
|
* Fixed some typos, courtesy of codespellTobias Brunner2016-07-041-1/+1
|
* plugin-loader: Allow selective modification of the default plugin listTobias Brunner2016-06-291-10/+24
| | | | | | | This change allows selectively modifying the default plugin list by setting the `load` setting of individual plugins (e.g. to disable them or to change their priority) without enabling charon.load_modular and having to configure a section and a load statement for every plugin.
* leak-detective: Try to properly free allocations after deinitializationTobias Brunner2016-06-291-0/+13
| | | | | | | | If a function we whitelist allocates memory while leak detective is enabled but only frees it after LD has already been disabled, free() will get called with invalid pointers (not pointing to the actually allocated memory by LD), which will cause checks in the C library to fail and the program to crash. This tries to detect such cases and calling free with the correct pointer.
* openssl: Whitelist OPENSSL_init_crypto() and others in leak detectiveTobias Brunner2016-06-291-0/+4
| | | | | | | | | Lots of static data is allocated in this function, which isn't freed until the library is unloaded (we can't call OPENSSL_cleanup() as initialization would fail when calling it again later). When enabling the leak detective the test runner eventually crashes as all the data allocated during initialization has an invalid size when freed after leak detective has been unloaded.
* openssl: Update GCM/crypter API to OpenSSL 1.1.0Tobias Brunner2016-06-291-13/+13
|
* openssl: Update HMAC API to OpenSSL 1.1.0Tobias Brunner2016-06-291-9/+25
|
* openssl: Don't use deprecated RAND_pseudo_bytes()Tobias Brunner2016-06-291-7/+0
|
* openssl: Update PKCS#12 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-1/+5
|
* openssl: Update PKCS#7 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-3/+7
|
* openssl: Update CRL API to OpenSSL 1.1.0Tobias Brunner2016-06-291-7/+42
| | | | | | There is currently no way to compare the outer and inner algorithms encoded in a parsed CRL. X509_CRL_verify() does not seem to check that either, though (unlike X509_verify()).
* openssl: Update x509 API to OpenSSL 1.1.0Tobias Brunner2016-06-291-12/+48
|
* openssl: Update ECDSA API to OpenSSL 1.1.0Tobias Brunner2016-06-292-5/+24
|
* openssl: Update RSA API to OpenSSL 1.1.0Tobias Brunner2016-06-292-16/+52
|
* openssl: Make some utilities take const BIGNUM pointersTobias Brunner2016-06-292-4/+6
|
* openssl: Add macro to define fallback functions for non-opaque OpenSSL versionsTobias Brunner2016-06-291-0/+38
|
* openssl: Update DH API to OpenSSL 1.1.0Tobias Brunner2016-06-291-11/+41
|
* openssl: Update crypter API to OpenSSL 1.1.0Tobias Brunner2016-06-291-12/+17
| | | | | EVP_CIPHER and EVP_CIPHER_CTX are now opaque types, the getters already existed before.
* openssl: Fix mapping from ASN1 to chunk_t with OpenSSL 1.1.0Tobias Brunner2016-06-291-1/+7
| | | | ASN1_OBJECT is now opaque.
* openssl: Update initialization and cleanup for OpenSSL 1.1.0Tobias Brunner2016-06-291-7/+17
| | | | | | We can't call OPENSSL_cleanup() as that would prevent us from re-initializing the library again (which we use in the Android app, that loads/unloads plugins).
* openssl: OpenSSL 1.1.0 is thread-safe so we don't have to setup callbacksTobias Brunner2016-06-291-0/+13
|
* proposal: Parse modpnone as MODP_NONE(0)Tobias Brunner2016-06-171-0/+1
|
* crypto-factory: Stop after successfully creating one nonce generatorTobias Brunner2016-06-171-0/+4
| | | | Fixes: e2fc09c186c3 ("Add nonce generator interface")
* unit-tests: Defining TESTS_RUNNERS allows to only run specific test runnersTobias Brunner2016-06-172-1/+33
|
* leak-detective: Make sure to actually call malloc() from calloc() hookTobias Brunner2016-06-151-3/+4
| | | | | | | | Newer versions of GCC are too "smart" and replace a call to malloc(X) followed by a call to memset(0,X) with a call co calloc(), which obviously results in an infinite loop when it does that in our own calloc() implementation. Using `volatile` for the variable storing the total size prevents the optimization and we actually call malloc().
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-14 23:32:18 +0000