aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtnccs/plugins
Commit message (Collapse)AuthorAgeFilesLines
* libtnccs: Correctly read dlopen_use_rtld_now optionTobias Brunner2017-09-182-2/+2
| | | | Fixes: 50e4aeb22f49 ("libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()")
* libtnccs: Fixed memory leak of global variables in libxml2Andreas Steffen2017-05-291-1/+4
|
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-16/+18
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* Use standard unsigned integer typesAndreas Steffen2016-03-2425-105/+105
|
* Fix of the mutual TNC measurement use caseAndreas Steffen2016-02-161-19/+19
| | | | | | | | | | | | | | | | | If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches is continued until the IKEv2 responder acting as a TNC server has also finished its TNC measurements. In the past if these measurements in the other direction were correct the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication successful and the IPsec connection was established even though the TNC measurement verification on the EAP peer side failed. The fix adds an "allow" group membership on each endpoint if the corresponding TNC measurements of the peer are successful. By requiring a "allow" group membership in the IKEv2 connection definition the IPsec connection succeeds only if the TNC measurements on both sides are valid.
* libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()Tobias Brunner2015-11-092-2/+14
|
* Fixed AR identities in mutual TNC measurements caseAndreas Steffen2015-08-151-2/+6
|
* Fixed PB-TNC directionality debug messageAndreas Steffen2015-04-241-1/+1
|
* Fix years in some copyright statementsTobias Brunner2015-04-161-1/+1
|
* Added tnc/tnccs-20-fail-init and tnc/tnccs-20-fail-resp scenariosAndreas Steffen2015-03-278-8/+178
|
* Fixed PB-TNC error handlingAndreas Steffen2015-03-274-35/+32
|
* tnccs-20: Fix error handling in build()Tobias Brunner2015-03-251-9/+5
|
* libtnccs: Set apidoc category to libtnccs and move pluginsTobias Brunner2015-03-256-6/+6
|
* libtnccs: Fix apidoc category for split IF-TNCCS 2.0 header filesTobias Brunner2015-03-253-5/+5
| | | | | Fixes 80322d2cee75 ("Split IF-TNCCS 2.0 protocol processing into separate TNC client and server handlers").
* Fixed some typos, courtesy of codespellTobias Brunner2015-03-251-1/+1
|
* Implemented PB-TNC mutual half-duplex protocolAndreas Steffen2015-03-235-35/+139
|
* Optionally announce PB-TNC mutual protocol capabilityAndreas Steffen2015-03-239-13/+420
|
* Split IF-TNCCS 2.0 protocol processing into separate TNC client and server ↵Andreas Steffen2015-03-239-799/+1746
| | | | handlers
* Make access requestor IP address available to TNC serverAndreas Steffen2015-03-087-71/+197
|
* libnccs: Fix casts between integers and pointersMartin Willi2014-06-041-2/+2
|
* tnc-imc/imv: Don't include <dlfcn.h> on WindowsMartin Willi2014-06-042-0/+4
|
* plugins: Don't link with -rdynamic on WindowsMartin Willi2014-06-046-6/+6
|
* Increased maximum PT-TLS message size to 2MBAndreas Steffen2014-05-311-2/+2
|
* Automatic determination of maximum PB-TNC batch and PA-TNC message sizeAndreas Steffen2014-05-315-12/+46
|
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-163-12/+12
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* libtnccs: Move settings to <ns>.tnc and <ns>.plugins with fallbackTobias Brunner2014-02-126-7/+8
|
* tnccs: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-231-1/+0
|
* PB-TNC PDP_REFERRAL message doesn't have to be in RESULT batchAndreas Steffen2013-10-311-1/+1
|
* libtnccs: Add dummy entry to pb_tnc_tcg_msg_infosTobias Brunner2013-10-291-1/+2
| | | | | That's required because the first message type in pb_tnc_tcg_msg_type_t is 1 not 0.
* Doxygen fixesTobias Brunner2013-10-151-2/+1
|
* Keep a copy of the tnccs instance for PT-TLS handoverAndreas Steffen2013-10-093-25/+113
|
* Implemented TCG/PB-PDP_Referral messageAndreas Steffen2013-09-174-13/+141
|
* Allow vendor-specific PB-TNC messagesAndreas Steffen2013-09-1723-138/+583
|
* Extract client identity and authentication type from SASL authenticationAndreas Steffen2013-08-153-0/+28
|
* moved tnc_imv plugin to libtnccs thanks to recommendation callback functionAndreas Steffen2013-08-1518-26/+1866
|
* Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon ↵Andreas Steffen2013-08-1566-0/+10619
plugins to libtnccs
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-28 21:39:14 +0000