aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Migrated kernel_netlink_ipsec to METHOD/INIT macrosMartin Willi2010-02-261-93/+59
|
* Migrated kernel_interface wrapper to METHOD/INIT macrosMartin Willi2010-02-261-163/+109
|
* Added left-/rightikeport ipsec.conf options to use custom IKE portsMartin Willi2010-02-2611-3/+23
|
* Use src/dst ports as configured in ike_cfgMartin Willi2010-02-264-16/+41
|
* Store custom IKE src/dst ports on ike_cfgMartin Willi2010-02-269-14/+64
|
* Migrated ike_cfg_t to METHOD/INIT macrosMartin Willi2010-02-261-73/+53
|
* Migrated packet_t to METHOD/INIT macrosMartin Willi2010-02-261-62/+41
|
* Moved socket and socket-raw implementations to pluginsMartin Willi2010-02-2616-177/+729
|
* Link all plugins to libstrongswan.Tobias Brunner2010-02-2556-15/+56
|
* Avoid a race condition that could lead to a segmentation fault.Tobias Brunner2010-02-251-3/+7
| | | | | | | | | | | | Let's assume the callback function of a callback job returns JOB_REQUEUE_FAIR in one call and JOB_REQUEUE_NONE in the next. Before this fix, the thread executing the callback job would requeue the job before unregistering itself. If there was a context switch right after the job got requeued, and if the thread that requeued the job never got resumed until a second thread executed the job and, due to the return value of JOB_REQUEUE_NONE, destroyed it, then when the first thread eventually got resumed and tried to lock the mutex to unregister itself the pointer wouldn't be valid anymore, thus resulting in a segmentation fault.
* Use side-channel secured mpz_powm_sec of libgmp 5, if availableMartin Willi2010-02-183-0/+14
|
* Updated debian package for NetworkManager-strongswan-1.1.2Martin Willi2010-02-181-0/+7
|
* Version bump and NEWS for NetworkManager-strongswan-1.1.2 releaseMartin Willi2010-02-182-1/+8
|
* Updated german translationMartin Willi2010-02-181-57/+104
|
* Tooltips are translatableMartin Willi2010-02-181-9/+9
|
* Newer glade requires explicit vertical vboxesMartin Willi2010-02-181-0/+5
|
* Fixed lost renaimings in android pluginMartin Willi2010-02-181-13/+14
|
* Added Android plugin, currently provides DNS handling on AndroidMartin Willi2010-02-176-0/+405
|
* Invoke missing message() hook for incoming responsesMartin Willi2010-02-171-0/+1
|
* Detect windows hosts to add specific workarounds.Tobias Brunner2010-02-122-0/+7
|
* Adding support for AES GMAC (RFC4543).Tobias Brunner2010-02-1214-103/+124
|
* Do not build own authentication data before we've verified others, we need ↵4.3.6Martin Willi2010-02-091-28/+33
| | | | the other identity in EAP
* Increased the buffer for netlink responses.Tobias Brunner2010-02-051-0/+1
| | | | | | | | If an error occurs while manipulating policies in the kernel, the original netlink request gets attached to the response. Prior to Linux 2.6.32 the size in the netlink header of the response was wrong.
* initialize variables to avoid compiler warningAndreas Steffen2010-02-051-2/+2
|
* Use destination address of ppp interfaces as nexthop in starters default ↵Martin Willi2010-02-051-6/+25
| | | | route lookup
* init_fetch() changed to fetch_initialize()Andreas Steffen2010-02-051-1/+1
|
* Use child_updown hook in updown plugin, fixes doubled invocation of down scriptMartin Willi2010-02-031-47/+17
|
* renamed init_fetch() to fetch_initialize()Andreas Steffen2010-02-022-2/+2
|
* Some whitespace and code cleanups concerning the mediation extension.Tobias Brunner2010-02-023-12/+10
|
* Join pluto's fetching thread instead of detaching it in order to avoid that ↵Tobias Brunner2010-02-023-6/+26
| | | | the leak-detective reports a memleak.
* corrected captionsAndreas Steffen2010-02-011-2/+2
|
* warn if loaded local certificate is invalidAndreas Steffen2010-02-011-3/+5
|
* Added a ipsec.conf "inactivity" option to configure inactivity timeout for ↵Martin Willi2010-01-279-27/+39
| | | | CHILD_SAs
* Made inactivity_timeout a per CHILD_SA config optionMartin Willi2010-01-279-16/+41
|
* Refactored EAP payload, avoid unaligned word accessMartin Willi2010-01-211-103/+68
|
* Added a METHOD2() macro that implements a method for two different interfacesMartin Willi2010-01-211-1/+11
|
* Support RADIUS messages up to 4096 bytes, RADIUS EAP-Message fragmentationMartin Willi2010-01-193-9/+22
|
* Support TLS client authentication Extended Key Usage in x509 generationMartin Willi2010-01-146-21/+38
|
* Block the signals before the call to sigwait.Tobias Brunner2010-01-121-0/+1
|
* Support for closing CHILD/IKE_SA if a CHILD_SA is inactive.Martin Willi2010-01-124-0/+229
|
* Added strongswan.conf options to configure retransmission timeoutsMartin Willi2010-01-112-5/+28
|
* Added a "double" getter to libstrongswan settingsMartin Willi2010-01-112-0/+35
|
* Cast unaligned memcpy() args to char*, avoids over-optimization on ARMMartin Willi2010-01-111-4/+10
| | | | See http://infocenter.arm.com/help/index.jsp?topic=/com.arm.doc.faqs/ka3934.html
* log EAP-only authentication proposalAndreas Steffen2010-01-111-3/+5
|
* pluto and charon are using the same strongSwan Vendor IDAndreas Steffen2010-01-111-1/+1
|
* EAP-MSCHAPv2 is indeed mutual, but is prone to MITM dictionary attacksMartin Willi2010-01-071-1/+1
|
* Support EAP-only authentication for mutual and key deriving EAP methodsMartin Willi2010-01-075-31/+96
|
* Indicate and dected support for EAP-only authenticationMartin Willi2010-01-072-7/+28
|
* Match to private use algorithms only if we know we are talking to strongSwanMartin Willi2010-01-078-22/+41
|
* Interpret private use BEET mode notify only if we know we are talking to ↵Martin Willi2010-01-071-1/+9
| | | | strongSwan
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 19:30:11 +0000