aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Starter unroutes removed or changed connections before loading and routing ↵Tobias Brunner2012-10-183-0/+19
| | | | new ones
* Update routed connections in trap managerTobias Brunner2012-10-181-37/+39
| | | | | | Before this change, modified configs that have been updated with ipsec reload, could properly be started manually, but the old config would get used if triggered via trap policies.
* Reload logger configuration on SIGHUPTobias Brunner2012-10-186-208/+400
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Make syslog and file loggers configurable at runtimeTobias Brunner2012-10-188-80/+185
|
* Store loggers in conftest separately, not on charonTobias Brunner2012-10-182-6/+19
|
* Added an option to reload certificates from PKCS#11 tokens on SIGHUPTobias Brunner2012-10-181-0/+16
|
* Copy the name of pkcs11_library_t objectsTobias Brunner2012-10-182-2/+3
| | | | | Strings returned by settings_t.create_section_enumerator will be freed when the config is reloaded.
* New Android release after adding MOBIKE supportTobias Brunner2012-10-181-2/+2
|
* Merge branch 'android-mobility'Tobias Brunner2012-10-1833-199/+1218
|\ | | | | | | | | | | | | | | | | This brings support for MOBIKE to the Android app. The app also tries to keep the connection up as long as possible. DNS queries are now handled by a new class that uses independent threads to resolve them, this allows to cancel them e.g. if no network connectivity is available (otherwise the app would block until the DNS query returns).
| * Use a shortcut to resolve numeric IP addresses (no need for separate threads)Tobias Brunner2012-10-181-0/+33
| |
| * Use native threads in host resolver so that it works even if processor has ↵Tobias Brunner2012-10-181-45/+77
| | | | | | | | no threads
| * Terminate unused resolver threads after a timeoutTobias Brunner2012-10-183-9/+35
| |
| * Only create more threads if needed in host_resolver_tTobias Brunner2012-10-181-1/+9
| |
| * Use a helper function to add milliseconds to timeval structsTobias Brunner2012-10-186-37/+22
| |
| * android: Ignore if peer is unreachable when reestablishing an SATobias Brunner2012-10-181-2/+7
| |
| * android: Use a shorter timeout for retransmitsTobias Brunner2012-10-181-1/+1
| |
| * android: Use keyingtries=%forever and dpd|closeaction=restartTobias Brunner2012-10-182-12/+4
| | | | | | | | | | | | | | We also ignore the CHILD_SA_DOWN event. This should allow us to keep the connection up as long as the user does not manually disconnect.
| * Resolve hosts by DNS name in separate threads so we can cancel themTobias Brunner2012-10-188-50/+373
| | | | | | | | | | | | | | | | | | | | getaddrinfo(3) may block a long time so proper termination of the daemon may block if DNS servers are not reachable. getaddrinfo(3) is an optional cancellation point in posix threads so it might still block a shutdown but at least on Android (with the signal based pthread_cancel implementation) it works, on Linux starter will kill charon anyway after a while.
| * android: Handle unreachable peers via alertTobias Brunner2012-10-161-17/+5
| |
| * Added a new alert that is raised if peer does not respond to initial IKE messageTobias Brunner2012-10-162-0/+4
| |
| * android: Use 0.0.0.0/0 as local traffic selectorTobias Brunner2012-10-161-1/+2
| | | | | | | | | | This is helpful if the responder also wants to tunnel e.g. multicast packages.
| * Log IP addresses for discarded inbound IPsec packetsTobias Brunner2012-10-161-1/+3
| |
| * android: Bypass/protect previously bypassed sockets if connectivity changesTobias Brunner2012-10-163-4/+30
| |
| * android: Support for IPsec SA update addedTobias Brunner2012-10-161-1/+2
| |
| * Use pointers for lookups in IPsec SA managerTobias Brunner2012-10-161-16/+16
| |
| * IPsec SA manager implements update_sa()Tobias Brunner2012-10-162-0/+60
| |
| * Setter for src and destination address of ipsec_sa_t addedTobias Brunner2012-10-162-0/+30
| |
| * android: Trigger roam events in case connectivity changesTobias Brunner2012-10-161-0/+63
| |
| * android: Register NetworkManager as BroadcastReceiver and relay events via JNITobias Brunner2012-10-165-8/+184
| |
| * android: Determine source address dynamicallyTobias Brunner2012-10-166-64/+48
| |
| * android: Added NetworkManager class which allows to retrieve a local IP addressTobias Brunner2012-10-164-0/+274
| |
| * android: Increase compile warningsTobias Brunner2012-10-161-0/+3
| |
| * android: Fixed "Configure" button in Android VPN dialogTobias Brunner2012-10-161-1/+1
| |
| * android: Don't use the default ESP proposal as it includes unsupported ↵Tobias Brunner2012-10-161-1/+4
| | | | | | | | algorithms
* | no need to include pa_tnc_msg.hAndreas Steffen2012-10-186-7/+1
| |
* | refactored PA-TNC message handling by IMVsAndreas Steffen2012-10-1714-617/+992
| |
* | refactored PA-TNC message handling by IMCsAndreas Steffen2012-10-1715-607/+899
| |
* | removed unused variableAndreas Steffen2012-10-171-1/+0
|/
* Remove unused this parameter to load_issuer_cert/key(), as it is uninitializedMartin Willi2012-10-161-4/+4
|
* Generate a load-tester certificate only for DN or subjectAltName identitiesMartin Willi2012-10-161-7/+17
|
* Add a load-tester initiator_match option to match custom initiator_idMartin Willi2012-10-161-2/+15
|
* Encode non-DN load-tester identities as subjectAltNamesMartin Willi2012-10-161-1/+16
|
* Add a load-tester digest option for issuing peer certificatesMartin Willi2012-10-161-1/+16
|
* Load a multiple load-tester CA certificates from a directoryMartin Willi2012-10-161-4/+63
|
* Added load-tester options to read issuing CA certificate and key from filesMartin Willi2012-10-161-7/+45
|
* Use proper offset when adding mark attribute in kernel-netlink pluginTobias Brunner2012-10-151-1/+1
|
* Also add mark when querying current replay state in kernel-netlink pluginTobias Brunner2012-10-151-2/+21
|
* allow registration of multiple message typeAndreas Steffen2012-10-1412-138/+175
|
* implemented IETF Operational Status attributeAndreas Steffen2012-10-138-2/+501
|
* corrected class descriptionAndreas Steffen2012-10-133-3/+3
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 23:50:21 +0000