aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Update fallback drop policies if required.Tobias Brunner2011-07-291-2/+20
|
* Allow routing table IDs > 255 when filtering them.Tobias Brunner2011-07-292-3/+11
|
* DUMM: Allow addresses to be configured with net prefix.Tobias Brunner2011-07-293-15/+21
|
* Fixed host_create_from_subnet when no prefix is given.Tobias Brunner2011-07-291-1/+1
|
* Install fallback drop policies for all three directions.Tobias Brunner2011-07-281-65/+66
|
* Install fallback drop policies to avoid transmitting unencrypted packets.Tobias Brunner2011-07-274-0/+25
| | | | | | | During the update of a CHILD_SA (e.g. caused by MOBIKE) the old policy is first uninstalled and then the new one is installed. In the short time in between, where no policy is available in the kernel, unencrypted packets could have been transmitted.
* Remove policies in kernel interfaces based on their priority.Tobias Brunner2011-07-2710-80/+140
| | | | | | This allows to unroute a connection while the same connection is currently established. In this case both CHILD_SAs share the same reqid but the installed policies have different priorities.
* Added missing include in mysql plugin.Tobias Brunner2011-07-261-0/+1
| | | | This was previously pulled in via linked_list.h->iterator.h->library.h.
* Inherit authentication information during IKE_SA rekeyingMartin Willi2011-07-251-0/+16
|
* Added a log message when roam jobs get created.Tobias Brunner2011-07-211-0/+2
|
* Readded docs for some arguments to global functions.Tobias Brunner2011-07-214-11/+17
| | | | Those were overzealously removed in 28623fc5389829858c78c759a214aa5c64ea26c6.
* fixed esn typeAndreas Steffen2011-07-201-2/+2
|
* fixed some more misspellingsAndreas Steffen2011-07-202-4/+4
|
* Fixed common misspellings.Tobias Brunner2011-07-2065-97/+97
| | | | Mostly found by 'codespell'.
* Count running load-tester threads properly.Tobias Brunner2011-07-181-6/+2
|
* Fix load-tester.shutdown_when_complete option.Tobias Brunner2011-07-181-4/+8
| | | | It didn't work when used together with delete_after_established=yes.
* Fix listener registration in load-tester plugin.Tobias Brunner2011-07-181-3/+2
| | | | This fixes the load-tester.shutdown_when_complete option.
* removed stray codeAndreas Steffen2011-07-181-2/+1
|
* added log and status output for ESNAndreas Steffen2011-07-162-1/+12
|
* added IKEv2 exchange type IKE_SESSION_RESUME from RFC 5723Andreas Steffen2011-07-152-4/+10
|
* Fix parentheses in write() to CLUSTERIP control filesMartin Willi2011-07-141-1/+1
|
* shunt manager installs policies with %any hostsAndreas Steffen2011-07-141-3/+6
|
* added HOME_AGENT_ADDRESS CP attribute typeAndreas Steffen2011-07-142-7/+10
|
* fixed typoAndreas Steffen2011-07-142-2/+2
|
* updated IANA IKEv2 Notify Message TypesAndreas Steffen2011-07-142-8/+28
|
* check if violating_ports have been assignedAndreas Steffen2011-07-131-0/+5
|
* support of error_offset in PA-TNC INVALID PARAMETER error messagesAndreas Steffen2011-07-1310-17/+161
|
* add relative PB-TNC message offsetAndreas Steffen2011-07-131-1/+1
|
* return offset valueAndreas Steffen2011-07-131-0/+1
|
* add PID/Program Name to netstat outputAndreas Steffen2011-07-071-1/+1
|
* install IMC and IMV dynamic libraries in imcvs directoryAndreas Steffen2011-07-064-20/+16
|
* Record usage history of policies in PF_KEY kernel interface.Tobias Brunner2011-07-061-169/+457
| | | | The implementation is nearly the same as in the Netlink kernel interface.
* Simplified destruction of policy_sa_t objects in Netlink interface.Tobias Brunner2011-07-061-12/+7
|
* Adapted shunt manager to changed kernel interface (reqid in del_policy).Tobias Brunner2011-07-061-3/+6
|
* Some code cleanup in Netlink kernel interface.Tobias Brunner2011-07-061-108/+119
|
* Some code cleanup in PF_KEY kernel interface.Tobias Brunner2011-07-061-118/+142
|
* Reduce memory usage of policy history caching.Tobias Brunner2011-07-061-131/+270
| | | | | Only cache data as needed (e.g. traffic selectors only for forward policies) and at most once for each IPsec SA.
* Use has_more in decrypt_payloads instead of calling enumerate twice.Tobias Brunner2011-07-061-1/+1
|
* Added linked_list_t.has_more which checks if any elements follow an ↵Tobias Brunner2011-07-062-0/+19
| | | | enumerator's current position.
* Make sure the enumerator stops after all items have been enumerated.Tobias Brunner2011-07-062-4/+23
| | | | | This also changes how insert_before behaves, before enumeration items are inserted first, after enumeration last.
* Keep the mutex locked as long as possible when deleting policies.Tobias Brunner2011-07-061-61/+57
| | | | | | | | | This change tries to prevent a race condition where a thread tries to install the same policy another thread is currently deleting. If the second thread releases the mutex in del_policy too early the first thread could assume the policy does not exist (as it is not cached anymore) but would not be able to actually install it if the second thread was not yet able to delete it.
* Properly unlock the policy if no change in the kernel is required.Tobias Brunner2011-07-061-0/+1
|
* Make sure access to policy is thread-safe during installation of route.Tobias Brunner2011-07-061-2/+17
|
* Linked list style cleanupsMartin Willi2011-07-061-47/+46
|
* Finally removed deprecated iterator_t.Tobias Brunner2011-07-066-356/+22
|
* Removed unneeded and confusing insert_after method from linked_list_t.Tobias Brunner2011-07-062-25/+6
|
* Replaced more complex iterator usages.Tobias Brunner2011-07-064-72/+46
|
* Added a function to reset the enumerator of a linked list.Tobias Brunner2011-07-062-0/+14
|
* Replaced ike_sa_t.create_additional_address_iterator with enumerator.Tobias Brunner2011-07-064-35/+37
|
* Replaced ike_sa_t.create_child_sa_iterator with enumerator.Tobias Brunner2011-07-0616-119/+140
| | | | | This required two new methods on ike_sa_t. One returns the number of CHILD_SAs and one allows to remove a CHILD_SA.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-28 18:14:57 +0000