aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* charon-nm: No additional secrets are required once a password has been enteredTobias Brunner2014-03-181-0/+4
| | | | | | | Recent versions of NM will call need_secrets() as long as it returns TRUE, but then fail as the number of calls is limited by an assert. Fixes #547.
* array: Fix removal of elements in the second half of an arrayTobias Brunner2014-03-181-1/+1
| | | | | | | Memory beyond the end of the array was moved when array elements in the second half of an array were removed. Fixes #548.
* plugin-loader: Properly initialize modular plugin list if no plugins are enabledTobias Brunner2014-03-181-0/+1
|
* Implemented ntru_private_key classAndreas Steffen2014-03-1815-1381/+1429
|
* 11 bits are needed to encode a maximum index of 1086Andreas Steffen2014-03-151-1/+1
|
* tnc-ifmap: Get a reference to the client cert as it is also used in an auth ↵Tobias Brunner2014-03-101-1/+1
| | | | config
* Disable mandatory ECP support for attestionAndreas Steffen2014-03-074-8/+28
|
* Refactored NTRU parameter set selectionAndreas Steffen2014-03-073-40/+47
|
* Refactored ntru_param_setsAndreas Steffen2014-03-079-246/+175
|
* thread: Properly clean up meta data of main threadTobias Brunner2014-03-071-0/+2
|
* settings: Log all errors on level 1Tobias Brunner2014-03-041-4/+3
| | | | Closes #539.
* settings: Avoid conf file parsing beyond allocated bufferThomas Egerer2014-03-031-2/+2
| | | | | | | | | | | | | | | A valgrind analysis of libstrongswan revealed an invalid read of 1 in the function starts_with(). A more thorough analysis proved this to be true and showed that with a specially crafted config file (e.g. a single '#'-character not followed by a newline), the parser might even interpret the random memory contents following the allocated buffer as part of the configuration file. The way the parser is designed, it must be able to skip an inserted '\0' and continue parsing. Since it is not able to skip two '\0' characters, the 'fix' of allocating two more bytes than the size of the parsed file and setting them to '\0' seems to be a safe bet. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* Optimize ntru_poly constructors some more5.1.2Andreas Steffen2014-02-271-26/+24
|
* Optimized initialisation of indicesAndreas Steffen2014-02-271-50/+39
|
* Added get_array() method to ntru_poly_t classAndreas Steffen2014-02-276-157/+90
|
* Defined ntru_poly_create_from_seed() and ntru_poly_create_from_data() ↵Andreas Steffen2014-02-276-138/+220
| | | | constructors and built some unit tests for the latter)
* Optimized use of temporary arrays in polynomial multiplicationAndreas Steffen2014-02-272-24/+24
|
* Implement ring multiplication methodAndreas Steffen2014-02-274-113/+245
|
* utils: Add memrchr(3) replacement for platforms that don't support itTobias Brunner2014-02-263-1/+81
| | | | For instance, on Mac OS X memrchr(3) is not provided by the C library.
* libpts: Use path_base|dirname()Tobias Brunner2014-02-244-14/+18
|
* conftest: Use path_dirname()Tobias Brunner2014-02-241-1/+1
|
* stroke: Use thread-safe dirname(3)Tobias Brunner2014-02-241-6/+4
|
* settings: Use thread-safe dirname(3)Tobias Brunner2014-02-241-5/+3
|
* utils: Add thread-safe variants of dirname(3) and basename(3)Tobias Brunner2014-02-243-4/+144
|
* utils: Move thread-safe strerror replacement to a separate fileTobias Brunner2014-02-247-99/+145
| | | | | For some utils _GNU_SOURCE might be needed but that conflicts with the signature of strerror_r(3).
* stroke: Use dirname(3) correctlyTobias Brunner2014-02-241-5/+5
|
* settings: Use dirname(3) correctlyTobias Brunner2014-02-241-4/+4
| | | | | | | | dirname(3) may return a pointer to a statically allocated buffer. So freeing the returned value can result to undefined behavior. This was noticed on FreeBSD where it caused very strange crashes. It is also not thread-safe, which will be addressed later.
* Use logical AND functionAndreas Steffen2014-02-231-1/+1
|
* pki: Make cmds array static, ensuring that it is zero-initializedMartin Willi2014-02-201-2/+1
| | | | | As pki --help relies on a zero-terminated array, make the actually non-public cmds array static to ensure initialization.
* index limit can be easily computedAndreas Steffen2014-02-196-54/+28
|
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-1913-25/+43
| | | | References #516.
* sshkey: uclibc only defines fmemopen(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-0/+1
| | | | Fixes #516.
* pki: Fix minor resource leak on failure to read the private key in --req5.1.2rc2Tobias Brunner2014-02-181-1/+2
|
* stroke: Use proper modifiers to print size_t argumentsTobias Brunner2014-02-181-1/+1
|
* Created ntru_poly class for sparse trinary polynomialsAndreas Steffen2014-02-189-440/+575
|
* android: Don't limit number to packets during EAP-TTLSTobias Brunner2014-02-181-0/+2
|
* lookip: Properly return from disconnect callback jobTobias Brunner2014-02-181-1/+3
| | | | References #518.
* Fixed some typosTobias Brunner2014-02-184-7/+7
|
* plugin-loader: Escape <ns> in comment as Doxygen sees this as XML tagTobias Brunner2014-02-181-2/+2
|
* unit-tests: Ignore tests not test_runnerTobias Brunner2014-02-181-1/+1
|
* lookip: Disconnect asynchronously to avoid dead-locking watcher unregistrationMartin Willi2014-02-172-6/+32
| | | | | | | | | While it really would be desirable to allow stream destruction during on_read() callbacks, this does not work anymore since e49b2998. Until we have a proper solution for this issue, use asynchronous disconnects for the only user doing so. Fixes #518.
* Fixed a minor vulnerability in which a malformed ASN.1 length field could ↵5.1.2rc1Andreas Steffen2014-02-141-0/+1
| | | | cause a crash of the charon daemon if the verbose debug level 3 (raw hex dump) for the asn subsystem is enabled.
* pacman.sh creates /etc/pts/dists directory if it doesn't exist yetAndreas Steffen2014-02-131-0/+1
|
* printf-hook-glibc: printf.h on FreeBSD 10 does not include stdargs.hTobias Brunner2014-02-131-1/+1
|
* array: Fix compilation on FreeBSDTobias Brunner2014-02-131-2/+2
|
* libpts: Move settings to <ns>.plugins with fallback to libimcvTobias Brunner2014-02-128-24/+25
|
* libimcv: Move settings to <ns>.imcv and <ns>.plugins with fallbackTobias Brunner2014-02-1210-22/+32
|
* libtnccs: Move settings to <ns>.tnc and <ns>.plugins with fallbackTobias Brunner2014-02-127-9/+12
|
* attr: Silently skip over load optionTobias Brunner2014-02-121-0/+4
|
* conf: Install strongswan.conf template from a separate directoryTobias Brunner2014-02-122-40/+0
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-12 12:04:59 +0000