aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Reuse reqid of an existing Quick Mode, even if it has been rekeyedMartin Willi2013-04-031-1/+2
| | | | | | If two peers rekey Quick Modes at the same time, the original Quick Mode is in REKEYING state and hence the requid is not reused. This is required though, as two identical policies won't work if they have different requids.
* List all stroke counters when "all" is given, and report if connection not knownMartin Willi2013-04-031-30/+88
|
* Defer CHILD_SA rekeying if allocating an SPI failsMartin Willi2013-04-032-12/+26
|
* allow retrieval of private keys from other credential setsAndreas Steffen2013-04-022-9/+26
|
* improve checking of sent and received http messagesAndreas Steffen2013-04-021-3/+7
|
* Load raw keys before possibly destroying the identityTobias Brunner2013-04-011-12/+11
| | | | | | | | If no identity (or %any) is configured the identification_t object is destroyed and an invalid object was associated with the created pubkey certificate. Actually using %any does not work as the certificate would not match when the client later provides an identity.
* ipseckey: Use proper daemon name for enable optionTobias Brunner2013-04-011-1/+1
|
* Properly handle situation if no resolver plugins are loadedTobias Brunner2013-04-012-4/+7
|
* fixed capability metadataAndreas Steffen2013-03-311-1/+2
|
* renamed tnc_ifmap2 plugin to tnc_ifmapAndreas Steffen2013-03-3111-180/+180
|
* removed obsoleted tnc_ifmap pluginAndreas Steffen2013-03-318-1344/+0
|
* implemented http basic authenticationAndreas Steffen2013-03-313-46/+80
|
* parse IF-MAP server URIAndreas Steffen2013-03-313-41/+105
|
* implemented publish_enforcement_report and endSession methodsAndreas Steffen2013-03-301-6/+58
|
* implemented publish_ike_sa methodAndreas Steffen2013-03-301-6/+252
|
* ifmap message type is knownAndreas Steffen2013-03-303-12/+7
|
* implemented publish_device_ip methodAndreas Steffen2013-03-301-13/+132
|
* added IF-MAP SOAP error handlingAndreas Steffen2013-03-301-9/+32
|
* created tnc_ifmap2_soap_msg classAndreas Steffen2013-03-294-220/+343
|
* implement NewSession and PurgePublisher messages using the libxml2 libraryAndreas Steffen2013-03-293-79/+265
|
* set up a new IF-MAP sessionAndreas Steffen2013-03-299-0/+884
|
* fixed typoAndreas Steffen2013-03-271-1/+1
|
* Fixed Doxygen comment in eap_radius pluginTobias Brunner2013-03-271-2/+3
|
* Fix detection and use of netinet/ip6.h on FreeBSDTobias Brunner2013-03-271-0/+1
|
* Make some private functions in plugins staticTobias Brunner2013-03-272-5/+5
| | | | Fixes monolithic build.
* libpts: Cast first argument for %.*s to intTobias Brunner2013-03-251-1/+1
|
* error-notify: Close file descriptors in case clients are still connectedTobias Brunner2013-03-251-0/+6
|
* libpttls: Destroy reader when handling errors during SASLTobias Brunner2013-03-251-0/+2
|
* pacman: Define gen_time out of the loopTobias Brunner2013-03-251-1/+2
| | | | It gets assigned if count==3 but only used later when count >= 7.
* ipseckey: NULL pointer dereference fixed in error caseTobias Brunner2013-03-251-0/+1
|
* Fixed some typos, courtesy of codespellTobias Brunner2013-03-254-5/+5
|
* enforce singular of packetsAndreas Steffen2013-03-221-4/+6
|
* asprintf(3) requires _GNU_SOURCE to be defined5.0.3rc1Tobias Brunner2013-03-221-0/+2
|
* Use proper integer types when handling TLS exchangesTobias Brunner2013-03-221-5/+6
| | | | tls_t.build takes a size_t argument not a ssize_t.
* Check return value of asprintf(3) when converting AR identityTobias Brunner2013-03-221-2/+4
| | | | | Using chunk_t.ptr as target was also not optimal as it resulted in a compiler warning.
* Switch encoding of AR Identity Value from binary to UTF-8Andreas Steffen2013-03-2214-118/+123
|
* activate logging before loading pluginsAndreas Steffen2013-03-211-7/+7
|
* Add a load-tester option to keep allocated external address until shutdownMartin Willi2013-03-212-1/+50
|
* android: No need to disable CMS explicitlyTobias Brunner2013-03-201-1/+0
| | | | The version check introduced with 0d237763 should take care of it.
* Allow up to 10 NAT-D payloads in IKEv1 messagesTobias Brunner2013-03-201-1/+1
|
* Avoid a race condition when reloading secrets from ipsec.secretsTobias Brunner2013-03-201-18/+25
| | | | | | | With the previous implementation that cleared the secrets in the active credential set and then loaded the secrets, IKE SA establishment would fail (as initiator or responder) if secrets are concurrently reloaded and the required secret was not yet loaded.
* Add a method to replace all secrets in a mem_cred_t objectTobias Brunner2013-03-202-5/+68
|
* android: Build native libraries also for x86Tobias Brunner2013-03-203-2/+5
| | | | Requires an updated build script for Vstr.
* android: libtnccs requires headers from libtlsTobias Brunner2013-03-201-0/+1
|
* android: Fix Android.mk for ipsec scriptTobias Brunner2013-03-201-1/+2
|
* android: Remove/filter header files from LOCAL_SRC_FILESTobias Brunner2013-03-209-20/+36
| | | | This avoids huge warnings when building the native code.
* android: Request and install an IPv6 DNS serverTobias Brunner2013-03-202-9/+17
|
* android: Also request a virtual IPv6 address and propose IPv6 TSTobias Brunner2013-03-203-23/+25
| | | | | This allows IPv6 over IPv4 but falls back nicely if we don't get a virtual IPv6 (or IPv4) address.
* ipsec: Increased log level for message in case no outbound policy is foundTobias Brunner2013-03-201-1/+1
| | | | | | | This might happen on Android if sockets are bound to the physical IP address but packets are still routed via TUN device. Since it seems to happen quite often (or for stuff that requires regular traffic) this hides these messages from the default log.
* Add an option to autobalance a HA cluster automaticallyMartin Willi2013-03-191-0/+59
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-24 13:17:42 +0000