aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
| * | | Log the proper type for virtual EAP methodsTobias Brunner2012-08-311-1/+5
| | | |
| * | | Added an option to prefer types sent by peer in eap-dynamic pluginTobias Brunner2012-08-311-14/+42
| | | |
| * | | eap-dynamic plugin handles EAP-Nak messages and selects a method supported ↵Tobias Brunner2012-08-311-1/+72
| | | | | | | | | | | | | | | | by the peer
| * | | Preferred EAP methods for eap-dynamic can be configuredTobias Brunner2012-08-311-1/+59
| | | |
| * | | The eap-dynamic plugin uses the first supported method as defaultTobias Brunner2012-08-311-1/+91
| | | |
| * | | Added eap-dynamic plugin which can proxy any other EAP methodTobias Brunner2012-08-318-1/+328
| | | |
| * | | Use eap_vendor_type_from_string() in strokeTobias Brunner2012-08-311-38/+7
| | | |
| * | | Function added that parses EAP method strings ([eap-]type[-vendor])Tobias Brunner2012-08-312-0/+86
| | | |
| * | | Added method to enumerate EAP types contained in an EAP-NakTobias Brunner2012-08-312-11/+79
| | | |
| * | | Encode EAP-Naks in expanded format if we got an expanded type requestTobias Brunner2012-08-315-6/+19
| | | | | | | | | | | | | | | | | | | | Since methods defined by the IETF (vendor ID 0) could also be encoded in expanded type format the previous check was insufficient.
| * | | Allow clients to request a configured EAP method via EAP-NakTobias Brunner2012-08-315-8/+37
| | | |
| * | | Virtual EAP methods handle EAP-Naks themselvesTobias Brunner2012-08-311-5/+17
| | | |
| * | | Send EAP-Nak with supported types if requested type is unsupportedTobias Brunner2012-08-315-12/+81
| | | |
| * | | Filter invalid EAP authentication types when enumerating themTobias Brunner2012-08-312-1/+10
| | | | | | | | | | | | | | | | Valid authentication types defined by the IETF are 4-253 and 255.
| * | | Move our pseudo EAP types out of the range of valid EAP methodsTobias Brunner2012-08-312-14/+14
| | | |
| * | | Added a method to enumerate registered EAP methodsTobias Brunner2012-08-212-0/+43
| |/ /
* | | Ported tun_device de-/initialization to FreeBSDTobias Brunner2012-08-291-5/+47
| | |
* | | struct iphdr is Linux specific use struct ip insteadTobias Brunner2012-08-291-6/+6
| | |
* | | Include stdint.h for UINT32_MAX on FreeBSDTobias Brunner2012-08-291-0/+1
| | |
* | | Ported tun_device initialization to OS X utunMartin Willi2012-08-281-19/+85
| |/ |/|
* | Ewa did the new Polish translationAndreas Steffen2012-08-241-0/+95
| |
* | Log configured IKE_SA proposals as initiatorTobias Brunner2012-08-241-0/+2
| |
* | Log configured CHILD_SA proposals as initiatorTobias Brunner2012-08-241-0/+2
| |
* | Fall back to local address as IKEv1 identity if nothing else is configuredTobias Brunner2012-08-241-2/+14
| |
* | Removed deprecated options from ipsec.conf templateTobias Brunner2012-08-241-9/+1
| |
* | Apply send delay before adding non-ESP markerTobias Brunner2012-08-241-16/+16
| | | | | | | | | | Otherwise the packet header could not be parsed correctly when NAT-T is used.
* | use pen_type_t for PA Message SubtypeAndreas Steffen2012-08-233-32/+29
|/
* Remove unused src/dst variables in send_no_marker()Martin Willi2012-08-211-5/+0
|
* use pen_type_t for attribute request entriesAndreas Steffen2012-08-211-25/+4
|
* define pen_type_t as a vendor-specific typeAndreas Steffen2012-08-2035-624/+301
|
* Don't use POSIX semaphores if a MONOTONIC clock is availableMartin Willi2012-08-201-0/+8
| | | | | | POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction expects CLOCK_MONOTONIC based times. Use the mutex/condvar based fallback if time_monotonic() actuall returns monotonic times.
* Remove the unused second IKE_SA entry match function argumentMartin Willi2012-08-201-4/+4
| | | | LLVMs clang complains about this parameter, so remove it.
* Add a mutex/condvar based semaphore implementation if sem_timedwait is ↵Martin Willi2012-08-201-2/+67
| | | | | | unavailable Fixes #214.
* added IBM and OpenPTS Private Enterprise NumbersAndreas Steffen2012-08-202-2/+8
|
* Add keymat_t constructor registration functionAdrian-Ken Rueegsegger2012-08-202-3/+45
| | | | | | Using the register_constructor function enables custom keymat_t implementations per IKE version. If no constructor is registered the default behavior is preserved.
* fixed captionAndreas Steffen2012-08-201-1/+1
|
* implemented IETF Attribute Request attributeAndreas Steffen2012-08-204-3/+383
|
* openssl: Fix registration of the PUBKEY builderTobias Brunner2012-08-181-1/+1
| | | | | libtls drops support for RSA suites if it does not find an RSA backend (final builder for RSA public keys).
* Without the ties to PAM we can build eap-gtc on AndroidTobias Brunner2012-08-171-1/+1
|
* CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc pluginTobias Brunner2012-08-172-7/+7
|
* Removed manual EAP method registration in eap-gtc pluginTobias Brunner2012-08-171-5/+0
|
* Enable build of eap-tls, eap-ttls and eap-peap on AndroidTobias Brunner2012-08-171-0/+20
|
* Add a wrapper around vstr_add_fmt() to avoid having to link libcharon ↵Tobias Brunner2012-08-172-2/+31
| | | | | | against libvstr At least on Android the latter would be required.
* starter: Restore original config in case also= is used (which reads the same ↵Tobias Brunner2012-08-161-20/+30
| | | | values)
* Increased log level when listing interfaces and IP addresses during startupTobias Brunner2012-08-162-6/+6
| | | | | This avoids confusing log messages in starter and ipsec statusall already lists the available addresses anyway.
* Only load kernel plugins in starter when flushing SAD/SPD entriesTobias Brunner2012-08-162-9/+8
| | | | | | | | This avoids keeping the kernel sockets open when they are not actually needed, which could lead to resource problems (in particular with PF_KEY where all open sockets receive all messages). Fixes #217.
* Enable UDP decapsulation for both address familiesTobias Brunner2012-08-162-9/+11
| | | | | | | | Since the 3.5 Linux kernel both UDP implementations have a separate static flag to indicate whether ANY sockets enabled UDP decapsulation. As we only ever enabled it for one address family (in earlier versions IPv4 only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation wouldn't work anymore (at least for one address family).
* Correctly transmit EAP-MSCHAPv2 user name if it contains a domain partTobias Brunner2012-08-161-11/+12
|
* fall through to evidence measurements if no file measurements must be doneAndreas Steffen2012-08-161-1/+7
|
* upgraded to Ubuntu 12.04.1 LTSAndreas Steffen2012-08-162-1/+37
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-17 01:48:21 +0000