aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* message: print type of configuration payloadMartin Willi2013-09-031-1/+21
|
* message: print attributes for IKEv1 configuration payloads as wellMartin Willi2013-09-031-1/+2
|
* eap-radius: support XAuth configuration profiles, defining multiple XAuth roundsMartin Willi2013-09-031-22/+157
|
* xauth: add a configuration string option to be passed to XAuth instancesMartin Willi2013-09-0315-17/+52
| | | | | | The configuration string is appended to the XAuth backend name, separated by a colon. The configuration string is passed untouched to the backend, where it can change the behavior of the XAuth module.
* Use ipsec_DATA destination5.1.1dr2Andreas Steffen2013-09-021-7/+1
|
* Install SWID tag also in /share/Andreas Steffen2013-09-021-2/+3
|
* Generate strongSwan SWID tagAndreas Steffen2013-09-023-0/+55
|
* Added regids table and some sample reqid dataAndreas Steffen2013-09-022-0/+62
|
* Corrected debug class to DBG_IMCAndreas Steffen2013-09-021-9/+9
|
* conftest: Fix hook constructor resolution via dlsym()Tobias Brunner2013-08-301-1/+3
| | | | | | | | AM_CPPFLAGS only takes preprocessor flags like -I or -D, so it did not forward -rdynamic to the linker (--export-dynamic), which meant that the symbols defined in the executable itself were not resolvable via dlsym(). Fixes #394.
* SWID IMC implements recursive tag collection in /usr/shareAndreas Steffen2013-08-309-123/+385
|
* kernel-pfroute: Fix mixed up memset() call in get_route()Mathias Krause2013-08-291-1/+1
| | | | | | | | | | The retry code introduced in dc8b083 got the memset() arguments wrong. Fix this to ensure the buffer gets zeroed, for real. It probably doesn't matter as we do reset the message length on retry, so the stale data shouldn't be seen by anyone. Found-by: git grep 'memset\s*\([^,]*,\s*[^,]*,\s*0\s*\)'
* charon-xpc: add a note how to build the source tarballMartin Willi2013-08-291-0/+7
|
* charon-xpc: include and prefer AES-GCM algorithms in ESP proposalMartin Willi2013-08-291-0/+3
|
* Added TCG-SWID error handlingAndreas Steffen2013-08-286-2/+180
|
* Added tzset memory leak to whitelistAndreas Steffen2013-08-281-0/+1
|
* Selectively enable PT-TLS and/or RADIUS sockets in tnc-pdp pluginAndreas Steffen2013-08-261-76/+95
|
* chunk: Print chunks without separator if + modifier is usedTobias Brunner2013-08-243-6/+20
|
* utils: Add case-insensitive version of strpfx()Tobias Brunner2013-08-242-0/+44
|
* stroke: stop enumerating IKE_SAs in statusall if output stream gets closedMartin Willi2013-08-231-1/+1
| | | | | | | If the output stream is not interested in more information, it can close the the stream. Checking for stream errors avoids useless enumeration of IKE_SAs, saving resources. This allows to use "ipsec statusall | head" to monitor the daemon, or stop enumerating IKE_SAs after a specific entry has been found.
* kernel: Restore enumeration of all addresses when searching for address in TSTobias Brunner2013-08-211-3/+6
| | | | | | | | | Since f52cf07532 addresses on ignored, down or loopback interfaces were not considered as valid addresses anymore when searching for an address contained in the local traffic selector. This meant that route installation failed, for instance, if charon.install_virtual_ip_on was set to 'lo', or, on gateways, if internal interfaces were ignored with the charon.interfaces_* options.
* conftest: Disable reset_seq hook on systems other than LinuxTobias Brunner2013-08-211-0/+6
| | | | Fixes #386.
* kernel-netlink: Fix calculation of ESN bitmap lengthTobias Brunner2013-08-211-4/+12
| | | | | While bmp_len stores the number of u_int32_t the allocated bitmap actually consists of those integers.
* Version bump to 5.1.1dr1Andreas Steffen2013-08-191-5/+5
|
* Process PB-TNC batches received via PT-TLS asynchronouslyAndreas Steffen2013-08-192-64/+57
|
* Optimize TLS socket buffer for TLS_MAX_FRAGMENT_LENAndreas Steffen2013-08-191-2/+2
|
* Output handler of a given workitemAndreas Steffen2013-08-161-0/+3
|
* Implemented SWID Tag Inventory attributeAndreas Steffen2013-08-169-42/+692
|
* deleted moved filesAndreas Steffen2013-08-1534-5996/+0
|
* Implemented SWID prototype IMC/IMV pairAndreas Steffen2013-08-1560-76/+8562
|
* Updated the SWID attributesAndreas Steffen2013-08-152-11/+15
|
* Optimized PT-TLS data transferAndreas Steffen2013-08-154-127/+107
|
* Show host address of peer connecting to PT-TLS socketAndreas Steffen2013-08-151-1/+7
|
* Set client identity with TLS certificate authenticationAndreas Steffen2013-08-151-7/+18
|
* Fixed memory leak in SASL PLAINAndreas Steffen2013-08-151-0/+3
|
* added --optionsfrom capabilityAndreas Steffen2013-08-151-3/+20
|
* Use client identities from successful authentications, onlyAndreas Steffen2013-08-151-18/+12
|
* Add pt-tls-client to .gitignoreAndreas Steffen2013-08-152-228/+1
|
* Extract client identity and authentication type from SASL authenticationAndreas Steffen2013-08-157-9/+76
|
* Added some debug statementsAndreas Steffen2013-08-154-4/+47
|
* enabled SASL PLAIN authenticationAndreas Steffen2013-08-151-2/+2
|
* PT-TLS connection is properly terminatedAndreas Steffen2013-08-151-3/+2
|
* moved tnc_imv plugin to libtnccs thanks to recommendation callback functionAndreas Steffen2013-08-1526-120/+154
|
* Moved tnc-tnccs, tnc-imc, tnccs-11, tnccs-20 and tnccs-dynamic libcharon ↵Andreas Steffen2013-08-1572-52/+78
| | | | plugins to libtnccs
* rapid PT-TLS AR/PDP prototypeAndreas Steffen2013-08-1513-65/+768
|
* Add PT-TLS interface to strongSwan PDPAndreas Steffen2013-08-154-39/+68
|
* ikev1: Fix calculation of the number of fragmentsTobias Brunner2013-08-151-1/+1
| | | | The old code resulted in too few fragments in some cases.
* ikev1: When sending fragments, use ports to decide if a non-ESP marker is addedTobias Brunner2013-08-151-6/+8
| | | | | This is same same logic used by sender and might apply in some cases (e.g. when initiating to port 4500).
* ikev2: Fix segfault when reestablishing CHILD_SAs due to ↵Tobias Brunner2013-08-131-3/+4
| | | | | | closeaction=restart|hold This regression was introduced with c949a4d5.
* libipsec: Don't limit traditional algorithms to AES and SHA1/2Tobias Brunner2013-08-121-25/+7
| | | | Closes #377.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 22:29:18 +0000