aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* attr-sql: Use namespace for attr-sql config, with fallbackTobias Brunner2014-02-123-5/+12
|
* lib: All settings use configured namespaceTobias Brunner2014-02-1223-54/+54
|
* lib: Add default config fallback for configured namespaceTobias Brunner2014-02-121-0/+3
| | | | All settings in the configured global namespace fall back to libstrongswan.
* unit-tests: Test how settings_t handles some invalid dataTobias Brunner2014-02-121-0/+72
|
* settings: Add method that allows to define fallback sections for other sectionsTobias Brunner2014-02-123-13/+276
| | | | | The fallbacks are currently only used for single value lookups. Enumerators are not affected by them.
* settings: Make print_key() not rely on null-terminated beginning of key bufferTobias Brunner2014-02-121-10/+5
| | | | | The key to print (e.g. until the next .) still has to be null-terminated.
* unit-tests: Add tests for includes and file loading in settings_tTobias Brunner2014-02-121-0/+149
|
* settings: Allow empty strings in section keyTobias Brunner2014-02-122-23/+33
|
* unit-tests: Add tests for enumerators in settings_tTobias Brunner2014-02-121-0/+148
|
* unit-tests: Add tests for setters in settings_tTobias Brunner2014-02-121-0/+109
|
* unit-tests: Add basic tests for settings_tTobias Brunner2014-02-123-0/+319
|
* lib: Add global config namespaceTobias Brunner2014-02-1227-30/+44
|
* pool: Typo in Makefile fixedTobias Brunner2014-02-121-1/+1
|
* pool: Install SQL schemas from src/poolTobias Brunner2014-02-125-3/+11
| | | | | This allows us to install the schemas if either the attr-sql or sql plugin is enabled, since both use the same schema (at least in parts).
* sql: Set default values for some fields in addresses tableTobias Brunner2014-02-122-6/+6
|
* libimcv: Install SQL files in /usr/share/strongswan/templates/databaseTobias Brunner2014-02-122-2/+3
|
* sql: Install SQL schemas in /usr/share/strongswan/templates/databaseTobias Brunner2014-02-121-0/+3
|
* sql: Remove unused cred.sql snippetTobias Brunner2014-02-121-24/+0
|
* asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)Tobias Brunner2014-02-123-4/+29
| | | | | | On x86 we allow "overflows" around 1969/1970 but not for other dates. Fixes #509.
* asn1: Add additional validation for parsed ASN.1 date/time valuesTobias Brunner2014-02-122-1/+20
|
* ikev1: Fix config switching due to failed authentication during Aggressive modeTobias Brunner2014-02-121-3/+1
| | | | | | | The encoded ID payload gets destroyed by the authenticator, which caused a segmentation fault after the switch. Fixes #501.
* kernel-pfroute: Don't cache route entries if installation failsTobias Brunner2014-02-121-2/+5
|
* kernel-netlink: Don't cache route entries if installation failsTobias Brunner2014-02-121-2/+5
| | | | Fixes #500.
* identification: Fix printing of empty RDNs on FreeBSDTobias Brunner2014-02-121-1/+6
| | | | On FreeBSD (null) is printed for NULL even if the precision is 0.
* tests: Fix test for printing NULL on FreeBSDTobias Brunner2014-02-121-2/+13
|
* unit-tests: added asn1_parser testsAndreas Steffen2014-02-103-0/+293
|
* unit-tests: added some more ASN.1 length testsAndreas Steffen2014-02-101-0/+13
|
* leak_detective: Assign return value of realloc to bufThomas Egerer2014-02-101-1/+1
| | | | | | | If realloc return a pointer value different from the value to be reallocated, a double free can occur in this context. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* rdrand: Provide get_features() regardless of RDRAND availabilityMartin Willi2014-02-101-6/+6
| | | | | As having no get_features() raises a deprecated warning, we return no features instead.
* rdrand: Move RDRAND detection log to level 2Martin Willi2014-02-101-2/+2
| | | | | When having RDRAND support, these log messages might be confusing when using pki or other tools.
* updown: Return an empty DNS server enumerator if no IKE_SA availableMartin Willi2014-02-061-1/+1
| | | | | The one existing caller does not handle a NULL return and always expects an enumerator; and returning FALSE does not make sense anyway.
* charon-cmd: Request an IPv6 virtual IP if an IPv6 remote subnet givenMartin Willi2014-02-061-4/+23
|
* charon-cmd: Document new proposal options in manpageMartin Willi2014-02-061-0/+18
|
* charon-cmd: Add --esp/--ah-proposal options to specify CHILD_SA proposalsMartin Willi2014-02-063-1/+43
|
* charon-cmd: Add an --ike-proposal option to specify non-default IKE proposalsMartin Willi2014-02-063-1/+34
|
* charon-cmd: Block SIGUSR1 on worker threadsMartin Willi2014-02-061-0/+1
| | | | | | To properly shut down charon-cmd with leak reports, only the main thread should catch SIGUSR1 to shut down the application. Work threads should ignore SIGUSR1 to avoid any hard application termination.
* Document ipsec attest --session commandAndreas Steffen2014-02-051-2/+5
|
* Allow output of session time in UTCAndreas Steffen2014-02-051-2/+2
|
* Added missing semicolon in SQL statementsAndreas Steffen2014-02-051-6/+6
|
* Added Android 4.3.1 to products database tableAndreas Steffen2014-02-041-2/+14
|
* Added new Android versions to PTS databaseAndreas Steffen2014-02-041-0/+60
|
* unit-tests: Add some test cases for HTTP GET/POST fetchesMartin Willi2014-01-313-1/+275
|
* unit-tests: Fix test_runner_run() apidocMartin Willi2014-01-291-1/+1
|
* pki: Declare correct section in pki --issue man pageTobias Brunner2014-01-241-1/+1
|
* ike: Restart inactivity counter after doing a CHILD_SA rekeyMartin Willi2014-01-231-2/+3
| | | | | | | | | | | | When doing a rekey for a CHILD_SA, the use counters get reset. An inactivity job is queued for a time unrelated to the rekey time, so it might happen that the inactivity job gets executed just after rekeying. If this happens, inactivity is detected even if we had traffic on the rekeyed CHILD_SA just before rekeying. This change implies that inactivity checks can't handle inactivity timeouts for rekeyed CHILD_SAs, and therefore requires that inactivity timeout is shorter than the rekey time to have any effect.
* child-sa: Add a getter for CHILD_SA install timeMartin Willi2014-01-232-0/+20
|
* xauth-pam: Open/close a PAM session for each connected clientAndrea Bonomi2014-01-234-9/+265
| | | | Signed-off-by: Andrea Bonomi <a.bonomi@endian.com>
* xauth-pam: Sanitize XAuth attributes before passing them to PAMMartin Willi2014-01-231-1/+5
|
* ikev2: Add Cisco FRAGMENTATION vendor IDMartin Willi2014-01-231-0/+2
| | | | Courtesy of C.J. Adams-Collier, ZeroLag Communications, Inc.
* ikev2: Add Cisco Copyright vendor IDMartin Willi2014-01-231-0/+2
| | | | Courtesy of C.J. Adams-Collier, ZeroLag Communications, Inc.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 23:45:02 +0000