aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | Set DSCP values when sending IP packets in socket-defaultMartin Willi2013-02-061-1/+65
| | | |
| * | | Don't send a packet in default socket if family is not IPv4 nor IPv6Martin Willi2013-02-061-12/+18
| | | |
| * | | Add a DSCP value with getter/setter on packet_tMartin Willi2013-02-063-0/+47
| | | |
| * | | Avoid extensive casting of sockaddr types in socket-default by using a unionMartin Willi2013-02-061-24/+16
| | | | | | | | | | | | | | | | Additionally fixes a strict-aliasing rule compiler warning with older gcc.
| * | | Set sockaddr family on ifreq instead of casted familiy specific sockaddrMartin Willi2013-02-061-2/+2
| |/ / | | | | | | | | | Fixes a strict-aliasing rule compiler warning with older gcc.
* | | Check if recommendations is set before applying language preferenceMartin Willi2013-02-141-3/+6
| | |
* | | PT-TLS dispatcher TNCCS constructor takes peer identities to pass to factoryMartin Willi2013-02-142-4/+23
| | |
* | | Merge branch 'pt-tls'Martin Willi2013-02-1419-94/+1411
|\ \ \
| * | | Pass a constructor callback to create TNCCS server instances while dispatchingMartin Willi2013-01-174-15/+31
| | | |
| * | | Create pt_tls_client with separate server address and identityMartin Willi2013-01-162-28/+19
| | | |
| * | | Create pt_tls_dispatcher with separate server address and identityMartin Willi2013-01-162-17/+13
| | | |
| * | | Add a libpttls providing NEA PT-TLS / TNC IF-T for TLS transport layerMartin Willi2013-01-1610-0/+1169
| | | |
| * | | Send TLS close notify during tls_socket_t destructionMartin Willi2013-01-151-2/+25
| | | |
| * | | Send TLS close notify if application returns SUCCESSMartin Willi2013-01-151-2/+6
| | | |
| * | | Block TLS read when sending data, but have to wait for the handshake data firstMartin Willi2013-01-151-4/+11
| | | |
| * | | TNCCS plugins don't depend on EAP-TNC, but can be used by other transports, tooMartin Willi2013-01-153-9/+0
| | | |
| * | | Add a bio_reader_t constructor variant freeing passed data during destructionMartin Willi2013-01-152-1/+32
| | | |
| * | | Use a more POSIXy tls_socket interface with more flexibility.Martin Willi2013-01-152-81/+165
| | | | | | | | | | | | | | | | | | | | If an unsufficient read buffer is provided, application data gets cached for subsequent read() calls.
| * | | Add a chunk_from_str() initializer that does not include 0-terminatorMartin Willi2013-01-151-0/+5
| | |/ | |/|
* | | Remove leading zeros in SCEP certificate serialNumbersMartin Willi2013-02-141-13/+19
| | |
* | | Fix 'stroke loglevel any'Tobias Brunner2013-02-131-4/+11
| | | | | | | | | | | | | | | | | | | | | Before b46a5cd4 this worked if debug_t was unsigned. In that case -1, as returned by enum_from_name(), would result in a large positive number. So any unknown debug group (including 'any') had the same effect that was only intended for 'any'.
* | | treat EAP identities as user IDsAndreas Steffen2013-02-121-3/+3
| | |
* | | make TNC client authentication type available to IMVsAndreas Steffen2013-02-1210-27/+215
| | |
* | | determine underlying IF-T transport protocolAndreas Steffen2013-02-1213-65/+231
| | |
* | | make AR identities available to IMVs via IF-IMV 1.4 draftAndreas Steffen2013-02-1114-0/+645
| | |
* | | Make IKE/EAP IDs available to TNC server/clientAndreas Steffen2013-02-1110-28/+92
| | |
* | | Don't use a time_t variable with fscanf when parsing uptimeTobias Brunner2013-02-081-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | Because "%u" is used as format string in the fscanf call that parses the uptime and because the length of time_t varies on different platforms and architectures the value was not written properly if time_t was longer than an unsigned int and depending on how the target variable was aligned on the stack. Since there is no conversion specifier to properly parse a time_t value we use the appropriate integer type instead.
* | | Allow more than one CERTREQ payload for IKEv2Tobias Brunner2013-02-081-2/+2
| | | | | | | | | | | | | | | | | | There is no reason not to do so (RFC 5996 explicitly mentions multiple CERTREQ payloads) and some implementations seem to use the same behavior as had to be used with IKEv1 (i.e. each CA in its own CERTREQ payload).
* | | Add a --httptimeout option to scepclientMartin Willi2013-02-083-7/+22
| | |
* | | Use CURL_TIMEOUT and not CURL_CONNECTTIMEOUT for FETCHER_TIMEOUT in curlMartin Willi2013-02-081-5/+12
| | | | | | | | | | | | | | | This allows us to use this timeout beyond DNS resolution. For the initial connect, we use a hardcoded timeout of 10s for now.
* | | time is a time_t pointerAndreas Steffen2013-02-041-1/+1
| | |
* | | improved control when an attribute request is sentAndreas Steffen2013-02-033-2/+54
| | |
* | | print PEN value 0xfffffe as UnassignedAndreas Steffen2013-02-032-15/+17
| | |
* | | send an error attribute if vendor ID or type of received attribute is reservedAndreas Steffen2013-02-031-0/+12
| | |
* | | openssl: Properly honor OPENSSL_NO_* definesTobias Brunner2013-01-317-5/+31
| | |
* | | Fix Doxygen comment for rdrand pluginTobias Brunner2013-01-311-1/+1
| |/ |/|
* | Don't use pointer to a union member in host_create_from_string_and_family()Tobias Brunner2013-01-251-5/+4
| |
* | Properly check MSB in openssl plugin's PKCS#7 implementationTobias Brunner2013-01-241-1/+1
| |
* | Use proper buffer sizes for parse_smartcard()Tobias Brunner2013-01-241-7/+10
| |
* | Cast first argument for %.*s to intTobias Brunner2013-01-245-18/+18
| |
* | Removed unused command name when printing usage info for lookipTobias Brunner2013-01-241-1/+1
| |
* | Removed unused argumentTobias Brunner2013-01-241-1/+1
| |
* | Properly read data from stream in pki --pkcs7Tobias Brunner2013-01-241-6/+9
| |
* | Properly destroy mem_cred object on pki --pkcs7 --helpTobias Brunner2013-01-241-0/+1
| |
* | Try to determine OS type if name and version are configuredTobias Brunner2013-01-241-0/+2
| |
* | Add missing va_end() callTobias Brunner2013-01-241-1/+2
| |
* | g_thread_init() is deprecated since Glib 2.23Tobias Brunner2013-01-242-0/+6
| |
* | Fix check-in of IKE_SA when IKE_SA_INIT fails and hash table is enabledTobias Brunner2013-01-241-2/+13
| | | | | | | | | | | | | | Setting the responder SPI to 0 can only be done while generating the response, otherwise we'd fail to check in the IKE_SA again in case the hash table is enabled. That's because we use the responder SPI as hash value since 5.0.0.
* | Return SS_RC_INITIALIZATION_FAILED if pid file existsAdrian-Ken Rueegsegger2013-01-231-1/+0
| | | | | | | | | | | | Let charon return SS_RC_INITIALIZATION_FAILED if an existing pid file is found. Starter only terminates itself if the result code of the daemon is a valid SS_RC_* value.
* | Avoid a deadlock when installing a trap policy failedTobias Brunner2013-01-231-1/+5
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 10:00:59 +0000