aboutsummaryrefslogtreecommitdiffstats
path: root/src/libtnccs
Commit message (Collapse)AuthorAgeFilesLines
* libtnccs: Correctly read dlopen_use_rtld_now optionTobias Brunner2017-09-182-2/+2
| | | | Fixes: 50e4aeb22f49 ("libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()")
* android: Use LOCAL_LDLIBS to link libdlTobias Brunner2017-07-031-1/+1
| | | | Newer NDKs fail otherwise as there is no actual module anymore.
* libtnccs: Fixed memory leak of global variables in libxml2Andreas Steffen2017-05-291-1/+4
|
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-16/+18
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* Add plugin constructor registration for all libraries that provide pluginsTobias Brunner2017-05-232-0/+16
| | | | | | | | | | | | | | Unfortunately, we can't just add the generated C file to the sources in Makefile.am as the linker would remove that object file when it notices that no symbol in it is ever referenced. So we include it in the file that contains the library initialization, which will definitely be referenced by the executable. This allows building an almost stand-alone static version of e.g. charon when building with `--enable-monolithic --enable-static --disable-shared` (without `--disable-shared` libtool will only build a version that links the libraries dynamically). External libraries (e.g. gmp or openssl) are not linked statically this way, though.
* Use standard unsigned integer typesAndreas Steffen2016-03-2427-109/+109
|
* Fix of the mutual TNC measurement use caseAndreas Steffen2016-02-161-19/+19
| | | | | | | | | | | | | | | | | If the IKEv2 initiator acting as a TNC server receives invalid TNC measurements from the IKEv2 responder acting as a TNC clienti, the exchange of PB-TNC batches is continued until the IKEv2 responder acting as a TNC server has also finished its TNC measurements. In the past if these measurements in the other direction were correct the IKEv2 responder acting as EAP server declared the IKEv2 EAP authentication successful and the IPsec connection was established even though the TNC measurement verification on the EAP peer side failed. The fix adds an "allow" group membership on each endpoint if the corresponding TNC measurements of the peer are successful. By requiring a "allow" group membership in the IKEv2 connection definition the IPsec connection succeeds only if the TNC measurements on both sides are valid.
* libtnccs: Optionally use RTLD_NOW to load IMC/IMVs with dlopen()Tobias Brunner2015-11-092-2/+14
|
* Fixed AR identities in mutual TNC measurements caseAndreas Steffen2015-08-151-2/+6
|
* Fixed PB-TNC directionality debug messageAndreas Steffen2015-04-241-1/+1
|
* Fix years in some copyright statementsTobias Brunner2015-04-161-1/+1
|
* Added tnc/tnccs-20-fail-init and tnc/tnccs-20-fail-resp scenariosAndreas Steffen2015-03-278-8/+178
|
* Fixed PB-TNC error handlingAndreas Steffen2015-03-274-35/+32
|
* tnccs-20: Fix error handling in build()Tobias Brunner2015-03-251-9/+5
|
* android: Add messages/ita directory to tnccs-20 pluginTobias Brunner2015-03-251-1/+1
|
* libtnccs: Set apidoc category to libtnccs and move pluginsTobias Brunner2015-03-2510-11/+14
|
* libtnccs: Fix apidoc category for split IF-TNCCS 2.0 header filesTobias Brunner2015-03-253-5/+5
| | | | | Fixes 80322d2cee75 ("Split IF-TNCCS 2.0 protocol processing into separate TNC client and server handlers").
* Fixed some typos, courtesy of codespellTobias Brunner2015-03-251-1/+1
|
* Implemented PB-TNC mutual half-duplex protocolAndreas Steffen2015-03-235-35/+139
|
* Optionally announce PB-TNC mutual protocol capabilityAndreas Steffen2015-03-239-13/+420
|
* Split IF-TNCCS 2.0 protocol processing into separate TNC client and server ↵Andreas Steffen2015-03-239-799/+1746
| | | | handlers
* Make access requestor IP address available to TNC serverAndreas Steffen2015-03-089-82/+229
|
* libnccs: Fix casts between integers and pointersMartin Willi2014-06-041-2/+2
|
* tnc-imc/imv: Don't include <dlfcn.h> on WindowsMartin Willi2014-06-042-0/+4
|
* libtnccs: Use a default tnc_config in the current working dir on WindowsMartin Willi2014-06-041-1/+7
|
* libtnccs: Link against ws_w32 on WindowsMartin Willi2014-06-041-2/+4
|
* plugins: Don't link with -rdynamic on WindowsMartin Willi2014-06-046-6/+6
|
* Increased maximum PT-TLS message size to 2MBAndreas Steffen2014-05-311-2/+2
|
* Automatic determination of maximum PB-TNC batch and PA-TNC message sizeAndreas Steffen2014-05-315-12/+46
|
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-163-12/+12
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-2/+4
| | | | References #516.
* libtnccs: Move settings to <ns>.tnc and <ns>.plugins with fallbackTobias Brunner2014-02-127-9/+12
|
* tnccs: Use chunk_map() instead of non-portable mmap()Martin Willi2014-01-232-27/+6
|
* android: Remove dependency on libvstrTobias Brunner2013-11-131-1/+0
|
* PB-TNC PDP_REFERRAL message doesn't have to be in RESULT batchAndreas Steffen2013-10-311-1/+1
|
* libtnccs: Add dummy entry to pb_tnc_tcg_msg_infosTobias Brunner2013-10-291-1/+2
| | | | | That's required because the first message type in pb_tnc_tcg_msg_type_t is 1 not 0.
* Doxygen fixesTobias Brunner2013-10-151-2/+1
|
* Keep a copy of the tnccs instance for PT-TLS handoverAndreas Steffen2013-10-094-25/+128
|
* android: Several plugins were moved from libcharon to libtnccsTobias Brunner2013-09-231-0/+20
| | | | These were moved in commits e8f65c5cde and 12b3db5006.
* Implemented TCG/PB-PDP_Referral messageAndreas Steffen2013-09-174-13/+141
|
* Allow vendor-specific PB-TNC messagesAndreas Steffen2013-09-1723-138/+583
|
* Build all shared libraries with -no-undefined and link them properlyTobias Brunner2013-09-121-1/+6
| | | | | | | | | | The flag is required to convince libtool on Cygwin to build DLLs. But on Windows these shared libraries can not have undefined symbols, so we have to link them explicitly to the libraries they reference. For plugins this is currently not done, so only the monolithic build is supported. The plugin loader wouldn't be able to load DLLs anyway, as it tries to load files that don't exist on Cygwin.
* Extract client identity and authentication type from SASL authenticationAndreas Steffen2013-08-153-0/+28
|
* moved tnc_imv plugin to libtnccs thanks to recommendation callback functionAndreas Steffen2013-08-1522-41/+1890
|
* Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon ↵Andreas Steffen2013-08-1567-0/+10665
| | | | plugins to libtnccs
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-2/+1
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* libtnccs: Don't try to load IMCs/IMVs from a file if there is no filenameTobias Brunner2013-07-081-0/+5
|
* android: libtnccs requires headers from libtlsTobias Brunner2013-03-201-0/+1
|
* android: Remove/filter header files from LOCAL_SRC_FILESTobias Brunner2013-03-201-1/+3
| | | | This avoids huge warnings when building the native code.
* added parameter descriptionsAndreas Steffen2013-02-191-1/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-14 13:23:05 +0000