aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Use a single thread-specific value for our custom rwlock_t implementationTobias Brunner2012-08-031-50/+67
| | | | | | The pthread implementation on Android currently only supports 64 different thread-specific values per process, which we hit easily when every rwlock_t requires one.
* Fix linking of addrblock plugin when building monolithicMartin Willi2012-08-031-1/+1
| | | | Fixes #212.
* Reject initial exchange messages early once IKE_SA is establishedMartin Willi2012-08-021-0/+18
|
* Move MODP_CUSTOM va_arg fetching out of loopMartin Willi2012-08-021-15/+11
| | | | It seems problematic at least on PPC with gcc 4.3, fixes #208.
* libimcv requires nonce pluginAndreas Steffen2012-07-311-1/+1
|
* Lookup IKEv1 PSK even if the peer identity is not knownMartin Willi2012-07-311-1/+1
|
* update state before handling statusAndreas Steffen2012-07-301-16/+20
|
* implemented support if functional sub-componentsAndreas Steffen2012-07-3019-285/+630
|
* extended and documented ipsec attestAndreas Steffen2012-07-304-46/+107
|
* Proper fallback if capability dropping is not availableTobias Brunner2012-07-274-2/+9
|
* The use of $< in Makefiles is not portableTobias Brunner2012-07-273-5/+5
| | | | | | It requires GNU make which is not what most people use on e.g. FreeBSD. Fixes #205.
* Include stdint.h for UINTxx_MAX definesTobias Brunner2012-07-271-2/+3
| | | | Fixes #205.
* measure all kernel modules and optimize firefox and thunderbird measurementsAndreas Steffen2012-07-271-34/+14
|
* with --relative --file do not insert absolute filenames into databaseAndreas Steffen2012-07-271-3/+5
|
* Don't include acquiring packet traffic selectors in IKEv1Martin Willi2012-07-261-0/+5
| | | | | | | | As we only can negotiate a single TS in IKEv1, don't prepend the triggering packet TS, as we do in IKEv2. Otherwise we don't establish the TS of the configuration, but only that of the triggering packet. Fixes #207.
* Implement late peer config switching after XAuth authenticationMartin Willi2012-07-261-15/+80
| | | | | | | If additional authentication constraints, such as group membership, is not fulfilled by an XAuth backend, we search for another peer configuration that fulfills all constraints, including those from phase1.
* Check if XAuth round complies to configured authentication roundMartin Willi2012-07-261-7/+18
|
* Show which group would be required when failing in constraint checkMartin Willi2012-07-261-8/+10
|
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-262-3/+15
|
* Merge auth config items added from XAuth backends to IKE_SAMartin Willi2012-07-261-0/+1
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-268-3/+15
|
* IMA SHA1 file measurement is not needed any moreAndreas Steffen2012-07-231-9/+1
|
* fixed typoAndreas Steffen2012-07-231-1/+1
|
* Release leaking child config after uninstalling shunt policyMartin Willi2012-07-231-0/+1
|
* moved PA-TNC message logging to level 1Andreas Steffen2012-07-231-2/+2
|
* transport IMA file info via PTS Component Evidence Policy URIAndreas Steffen2012-07-2311-119/+156
|
* ipsec attest now deletes file hashesAndreas Steffen2012-07-222-2/+25
|
* buffer PA-TNC attributes until Generate Attestation Evidence attribute is ↵Andreas Steffen2012-07-213-21/+20
| | | | received
* allow --rel as an abbreviation for --relativeAndreas Steffen2012-07-211-0/+1
|
* moved all shadow PCR stuff to the pts_pcr classAndreas Steffen2012-07-218-292/+335
|
* Support Unity split-include/exclude options in attr pluginMartin Willi2012-07-201-7/+9
|
* Don't print hexdumps on loglevel 1 if hash verification failsMartin Willi2012-07-201-3/+3
|
* created a pts_pcr class for PCR computationsAndreas Steffen2012-07-204-53/+285
|
* renamed build_database.sh to build-database.shAndreas Steffen2012-07-202-1/+2
|
* why the hell do firefox, thunderbird and acroread their own Linux libraries?Andreas Steffen2012-07-191-1/+40
|
* added some multiply defined librariesAndreas Steffen2012-07-191-0/+4
|
* queries with relative filenames might return multiple resultsAndreas Steffen2012-07-191-9/+13
|
* updated build_database.shAndreas Steffen2012-07-191-123/+190
|
* added index to files tableAndreas Steffen2012-07-191-0/+4
|
* updated build_database.shAndreas Steffen2012-07-191-4/+52
|
* Fix EAP-MSCHAPv2 master key derivation, broken with 87dd205bMartin Willi2012-07-181-4/+12
|
* Remove debugging leftoversMartin Willi2012-07-181-10/+2
|
* Add a SHA1 test vector forcing padding over block boundaryMartin Willi2012-07-182-0/+7
|
* builds an Ubuntu 12.04 LTS measurement databaseAndreas Steffen2012-07-182-0/+79
|
* minor fixes in attestAndreas Steffen2012-07-182-2/+2
|
* Use centralized hasher names in pki utilityMartin Willi2012-07-176-45/+8
|
* Use centralized hasher names in coupling pluginMartin Willi2012-07-171-20/+2
|
* Use centralized hasher names in openssl pluginMartin Willi2012-07-172-73/+10
|
* Add short names for hasher algorithmsMartin Willi2012-07-172-0/+18
|
* various PTS fixesAndreas Steffen2012-07-174-6/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 18:03:33 +0000