aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* utils: Fix check for fmemopen() fallback implementationMartin Willi2013-10-242-2/+3
|
* unit-tests: Set sa_len in sockaddr template data, if requiredMartin Willi2013-10-241-0/+6
|
* printf-hook-builtin: Don't rely on isinf() return value signednessMartin Willi2013-10-241-8/+9
| | | | | Many systems don't return a negative value for negative infinities; so do a separate check.
* watcher: Rebuild fdset when select() failsMartin Willi2013-10-241-1/+12
| | | | | | This should make sure we refresh the fdset if a user closes an FD it just removed. Some selects() seem to complain about the bad FD before signaling the notification pipe.
* rwlock: Disable thread cancelability while waiting in (fallback) rwlockMartin Willi2013-10-241-0/+7
| | | | | | An rwlock wait is not a thread cancellation point. As a canceled thread would not have released the mutex, the rwlock would have been left in unusable state.
* rwlock: Don't use buggy pthread_rwlock on OS XMartin Willi2013-10-241-0/+7
| | | | Recursive read locks don't seem to work properly, at least on 10.9.
* utils: Provide a fmemopen(3) fallback using BSD funopen()Martin Willi2013-10-242-0/+61
|
* Added some example Debian SWID tagsAndreas Steffen2013-10-238-1/+211
|
* pki: Replace BUILD_FROM_FD with passing a chunk via BUILD_BLOBTobias Brunner2013-10-2311-74/+54
| | | | This allows more than one builder to try parsing the data read from STDIN.
* chunk: Add helper function to create a chunk from data read from a file ↵Tobias Brunner2013-10-232-0/+40
| | | | descriptor
* semaphore: Support cancellation in wait functions of semaphore fallbackMartin Willi2013-10-231-4/+6
| | | | | Semaphore wait functions should be a thread cancellation point, but did not properly release the mutex in the fallback implementation.
* rwlock: Re-acquire rwlock even if condvar wait times outMartin Willi2013-10-231-1/+1
| | | | | A caller expects that the associated rwlock is held, whether the condvar gets signaled or the wait times out.
* Updated and split data.sqlAndreas Steffen2013-10-231-37/+97
|
* Support Ubuntu 13.10 measurementsAndreas Steffen2013-10-212-1/+46
|
* check it specified IF-TNCCS protocol is enabledAndreas Steffen2013-10-211-0/+6
|
* kernel-netlink: Check existence of linux/fib_rules.h, don't include it in ↵Tobias Brunner2013-10-183-76/+11
| | | | | | distribution This reverts commit b0761f1f0a5abd225edc291c8285f99a538e6a66.
* updown: Properly configure ICMP[v6] message type and code in firewall rulesTobias Brunner2013-10-171-4/+29
|
* updown: Pass ICMP[v6] message type and code to updown scriptTobias Brunner2013-10-172-4/+27
| | | | The type is passed in $PLUTO_MY_PORT and the code in $PLUTO_PEER_PORT.
* kernel-pfkey: Install ICMP[v6] type/code as expected by the Linux kernelTobias Brunner2013-10-171-19/+52
|
* kernel-netlink: Convert ports in acquires to ICMP[v6] type and codeTobias Brunner2013-10-171-3/+8
|
* kernel-netlink: Properly install policies with ICMP[v6] types and codesTobias Brunner2013-10-171-1/+12
|
* traffic-selector: Print ICMP[v6] message type and code in a more readable wayTobias Brunner2013-10-171-4/+35
|
* traffic-selector: Store ICMP[v6] message type and code properlyTobias Brunner2013-10-172-8/+70
| | | | We now store them as defined in RFC 4301, section 4.4.1.1.
* traffic-selector: Move class to its own Doxygen groupTobias Brunner2013-10-172-1/+4
|
* proposal: Add ECC Brainpool DH groups to the default proposalTobias Brunner2013-10-171-0/+4
|
* openssl: Add workaround if ECC Brainpool curves are not definedTobias Brunner2013-10-171-11/+247
|
* openssl: Add support for ECC Brainpool curves for DH, if defined by OpenSSLTobias Brunner2013-10-172-6/+51
| | | | OpenSSL does not include them in releases before 1.0.2.
* ecc: Added ECC Brainpool ECDH groups as registered with IANAAndreas Steffen2013-10-173-3/+20
|
* unit-tests: Make test for bio_writer_t more portableTobias Brunner2013-10-171-2/+8
|
* libipsec: Don't print ciphertext with ICV in log messageTobias Brunner2013-10-171-1/+2
|
* libipsec: Properly calculate padding length especially for AES-GCMTobias Brunner2013-10-171-1/+3
|
* utils: Add utility function to calculate padding lengthTobias Brunner2013-10-172-13/+24
|
* stroke: Reuse reqids of established CHILD_SAs when routing connectionsTobias Brunner2013-10-171-1/+45
|
* trap-manager: Make sure a config is not trapped twiceTobias Brunner2013-10-171-4/+16
|
* Doxygen fixesTobias Brunner2013-10-157-11/+8
|
* Set recommendation in the case of PCR measurement failuresAndreas Steffen2013-10-133-6/+27
|
* Add linux/fip_rules.h to include filesAndreas Steffen2013-10-132-3/+75
|
* Revert refactoring which broke CentOS buildAndreas Steffen2013-10-131-1/+1
|
* checksum: The pool utility was moved to its own directoryTobias Brunner2013-10-111-1/+1
|
* ccm: Add missing comma in get_iv_gen method signatureTobias Brunner2013-10-111-1/+1
|
* iv-gen: Add missing header files to Makefile.amTobias Brunner2013-10-111-0/+1
|
* iv_gen: Mask sequential IVs with a random saltTobias Brunner2013-10-111-0/+24
| | | | | This makes it harder to attack a HA setup, even if the sequence numbers were not fully in sync.
* iv_gen: Provide external sequence number (IKE, ESP)Tobias Brunner2013-10-117-23/+18
| | | | This prevents duplicate sequential IVs in case of a HA failover.
* ipsec: Use IV generator to encrypt ESP messagesTobias Brunner2013-10-112-9/+7
|
* ikev2: Use IV generator to encrypt encrypted payloadTobias Brunner2013-10-111-1/+9
|
* iv_gen: aead_t implementations provide an IV generatorTobias Brunner2013-10-116-1/+84
|
* iv_gen: Add IV generator that allocates IVs sequentiallyTobias Brunner2013-10-114-2/+121
|
* iv_gen: Add IV generator that allocates IVs randomlyTobias Brunner2013-10-114-0/+113
| | | | Uses RNG_WEAK as the code currently does elsewhere to allocate IVs.
* crypto: Add generic interface for IV generatorsTobias Brunner2013-10-112-1/+60
|
* apidoc: Move mac_prf to prf Doxygen groupTobias Brunner2013-10-111-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 02:19:25 +0000