| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | leak-detective: align allocations on both 32 and 64-bit systems to 32 bytes | Martin Willi | 2013-05-06 | 1 | -0/+5 | |
| | | ||||||
| * | leak-detective: call tzset() explicitly before enabling leak detective | Martin Willi | 2013-05-06 | 1 | -6/+11 | |
| | | | | | | tzset() is hard to whitelist on some systems, as there is no symbol involved. Call tzset() explicitly before initialization to avoid false positives. | |||||
| * | leak-detective: override malloc functions instead of using deprecated hooks | Martin Willi | 2013-05-06 | 1 | -128/+206 | |
| | | | | | | | | malloc hooks have become deprecated, and their use has always been problematic, especially in multi-threaded applications. Replace the functionality by overriding all malloc functions and query the system allocator functions using dlsym() with RTLD_NEXT. | |||||
| * | Use the GEN silent rule when generating files with sed | Martin Willi | 2013-05-06 | 4 | -1/+5 | |
| | | ||||||
| * | Use the GEN silent rule when generating oid database with perl | Martin Willi | 2013-05-06 | 2 | -2/+2 | |
| | | ||||||
| * | Use the GEN silent rule when generating gperf files | Martin Willi | 2013-05-06 | 3 | -1/+3 | |
| | | ||||||
| * | Introduce an optional logger_t.vlog() method with format string and arguments | Martin Willi | 2013-05-06 | 2 | -16/+85 | |
| | | | | | | | | To have more flexibility in the logging backend, receiving the original format string and do printf() substitution in the logger may be preferable. An additional but optional logger method does not touch the behavior of existing loggers. | |||||
| * | Raise an ALERT_PROPOSAL_MISMATCH_CHILD also when receiving NO_PROPOSAL_CHOSEN | Martin Willi | 2013-05-06 | 1 | -0/+20 | |
| | | ||||||
| * | Raise an ALERT_PROPOSAL_MISMATCH_IKE also when receiving NO_PROPOSAL_CHOSEN | Martin Willi | 2013-05-06 | 1 | -0/+20 | |
| | | ||||||
| * | eap-radius: add an option to disable accounting for tunnels without virtual IP | Martin Willi | 2013-05-06 | 1 | -0/+30 | |
| | | ||||||
| * | eap-radius: use IKE_SA unique id instead of peer identity to manage virtual IPs | Martin Willi | 2013-05-06 | 3 | -34/+100 | |
| | | | | | Fixes some corner cases if multiple tunnels use the same peer identity. | |||||
| * | Don't unset IKE_SA on bus before we released virtual IPs and attributes | Martin Willi | 2013-05-06 | 1 | -10/+8 | |
| | | ||||||
| * | New Android release after adding AES-GCM, IPv6-in-IPv4 and using kernel-netlink | Tobias Brunner | 2013-05-03 | 1 | -2/+2 | |
| | | | | | | | | | libipsec now supports AES-GCM, IPv6 tunnels over IPv4 are supported, native x86 libraries are built (requires a new Vstr build script). Also, the existing kernel-netlink plugin now provides the kernel-net implementation, which should be more stable in case multiple interfaces are up and have IP addresses installed on them. | |||||
| * | libipsec: Fix memory leak in event relay | Tobias Brunner | 2013-05-03 | 1 | -0/+1 | |
| | | ||||||
| * | android: Use stronger ESP proposal including AES-GCM | Tobias Brunner | 2013-05-03 | 1 | -0/+6 | |
| | | ||||||
| * | libipsec: Add support for AES-GCM | Tobias Brunner | 2013-05-03 | 1 | -3/+45 | |
| | | ||||||
| * | libipsec: Wrap traditional algorithms in AEAD wrapper | Tobias Brunner | 2013-05-03 | 3 | -110/+91 | |
| | | ||||||
| * | android: Remove unused methods on NetworkManager/network_manager_t | Tobias Brunner | 2013-05-03 | 3 | -177/+1 | |
| | | ||||||
| * | android: Ignore interface 'lo' | Tobias Brunner | 2013-05-03 | 1 | -2/+4 | |
| | | | | | | Android adds a default route via 'lo' if no connectivity is available causing charon to send packets via lo and triggering DPD. | |||||
| * | android: Repurpose android-net to simply handle connectivity events | Tobias Brunner | 2013-05-03 | 3 | -59/+34 | |
| | | | | | | | Using the events by NetworkManager/ConnectivityManager to trigger roam events instead of the events generated by the kernel-netlink plugin the noise level is much lower. | |||||
| * | kernel-netlink: Add an option to disable roam events | Tobias Brunner | 2013-05-03 | 1 | -1/+13 | |
| | | ||||||
| * | android: Replace android-net plugin with kernel-netlink | Tobias Brunner | 2013-05-03 | 2 | -3/+8 | |
| | | | | | | Virtual IPs are not handled by the kernel-netlink plugin and tun devices are ignored. | |||||
| * | android: Set strongswan.conf options before initializing other libraries | Tobias Brunner | 2013-05-03 | 1 | -36/+44 | |
| | | ||||||
| * | kernel-netlink: Define defaults for routing table and prio | Tobias Brunner | 2013-05-03 | 1 | -0/+8 | |
| | | ||||||
| * | openssl: Define a default for FIPS_MODE | Tobias Brunner | 2013-05-03 | 1 | -0/+4 | |
| | | ||||||
| * | In memwipe_check(), don't put magic on stack when calling do_magic() | Martin Willi | 2013-05-03 | 1 | -3/+3 | |
| | | | | | Otherwise the magic might be on the stack while checking it. | |||||
| * | Dump stack if memwipe() check fails | Martin Willi | 2013-05-03 | 1 | -3/+19 | |
| | | ||||||
| * | fixed a 64bit time_t issue | Andreas Steffen | 2013-04-21 | 1 | -3/+4 | |
| | | ||||||
| * | destroy SQL query | Andreas Steffen | 2013-04-21 | 1 | -0/+1 | |
| | | ||||||
| * | Keep last AR ID | Andreas Steffen | 2013-04-21 | 1 | -0/+2 | |
| | | ||||||
| * | fixed typo | Andreas Steffen | 2013-04-19 | 1 | -1/+1 | |
| | | ||||||
| * | During libstrongswan initialization, check if memwipe() works as expected | Martin Willi | 2013-04-18 | 1 | -1/+51 | |
| | | ||||||
| * | support of OpenSSL FIPS-140-2 library | Andreas Steffen | 2013-04-16 | 2 | -1/+20 | |
| | | ||||||
| * | Fix checksum calculation with DESTDIR installations | Tobias Brunner | 2013-04-15 | 1 | -1/+1 | |
| | | ||||||
| * | Added charon.initiator_only option which causes charon to ignore IKE ↵ | Andreas Steffen | 2013-04-14 | 1 | -2/+10 | |
| | | | | | initiation requests by peers | |||||
| * | Allow SHA1_Init()/SHA1_Update() to fail if OpenSSL version >= 1.0 | Martin Willi | 2013-04-10 | 1 | -0/+14 | |
| | | ||||||
| * | Check RSA_public_decrypt() length before constructing and comparing a chunk | Martin Willi | 2013-04-10 | 1 | -7/+10 | |
| | | | | | | If decryption fails, it returns -1. chunk_equals() should catch that error, but be more explicit in error checking. | |||||
| * | RSA_check_key() may return -1 if it fails | Martin Willi | 2013-04-10 | 1 | -2/+2 | |
| | | ||||||
| * | RAND_bytes/RAND_pseudo_bytes returns -1 if it is not supported by RAND method | Martin Willi | 2013-04-10 | 1 | -1/+1 | |
| | | ||||||
| * | Check return value of ECDSA_Verify() correctly | Martin Willi | 2013-04-10 | 1 | -1/+1 | |
| | | ||||||
| * | eap-radius: Add an option to exclude ports from Called/Calling-Station-Id | Martin Willi | 2013-04-10 | 2 | -9/+37 | |
| | | ||||||
| * | emit a single assig_vips bus message for all VIPs | Andreas Steffen | 2013-04-06 | 8 | -62/+57 | |
| | | ||||||
| * | ifmap plugin subscribes to assing_vip bus signal | Andreas Steffen | 2013-04-06 | 7 | -2/+135 | |
| | | ||||||
| * | Added missing sasl Doxygen group | Tobias Brunner | 2013-04-05 | 1 | -0/+3 | |
| | | ||||||
| * | unity: Check IKE_SA in only after enumerating virtual IPs | Tobias Brunner | 2013-04-05 | 1 | -2/+1 | |
| | | ||||||
| * | cleaned up XML code in tnccs-11 plugin | Andreas Steffen | 2013-04-04 | 8 | -80/+82 | |
| | | ||||||
| * | duplicheck: track multiple IKE_SAs in checking state to avoid any races | Martin Willi | 2013-04-04 | 1 | -63/+123 | |
| | | | | | | | When two consequent duplicates have been detected, track state of each checking IKE_SA separately, avoiding potential race conditions between the active SA and the different SAs in checking state. | |||||
| * | fixed memory leak | Andreas Steffen | 2013-04-03 | 1 | -1/+1 | |
| | | ||||||
| * | properly handle orphaned renewSession jobs | Andreas Steffen | 2013-04-03 | 5 | -24/+102 | |
| | | ||||||
| * | support chunked HTTP responses | Andreas Steffen | 2013-04-03 | 4 | -140/+370 | |
| | | ||||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |