aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Implemented SWID REST APIAndreas Steffen2014-05-316-103/+508
|
* Set entity_name to strongSwan ProjectAndreas Steffen2014-05-311-5/+7
|
* Updated strongSwan SWID Tag from ISO 2009 to 2014 formatAndreas Steffen2014-05-311-29/+19
|
* Make sure getpass() is availableTobias Brunner2014-05-293-3/+9
| | | | It's not on Android for example.
* starter: Fix build on AndroidTobias Brunner2014-05-281-0/+1
| | | | | While the (default) ipsec script does not work on Android starter still passes the script's name to charon if leftfirewall is configured.
* Some more files to measureAndreas Steffen2014-05-211-0/+7
|
* Added all SWID tables and example regidsAndreas Steffen2014-05-212-122/+105
|
* peer-cfg: Add missing UNIQUE_NEVER to unique_policy_namesMartin Willi2014-05-191-1/+2
|
* unit-tests: Sync threads with main thread in test_cleanup_cancel()Tobias Brunner2014-05-191-0/+5
| | | | | Without synchronization threads could get canceled before they could disable their cancelability.
* pfkey: Always include stdint.hTobias Brunner2014-05-191-1/+1
| | | | | | On some systems (e.g. on Debian/kFreeBSD) that header is required when including ipsec.h, on Linux we require it too when including pfkeyv2.h, so to simplify things we just always include it.
* soup: Add support to retrieve the response codeTobias Brunner2014-05-191-2/+14
|
* unit-tests: Allow some HTTP write operations to failTobias Brunner2014-05-191-7/+12
| | | | | | Because CURLOPT_FAILONERROR is enabled in the curl plugin an error code will often (not always) cause the client to close the TCP connection before the server has written the complete response.
* curl: Add support to return the response codeTobias Brunner2014-05-191-1/+27
|
* unit-tests: Add a test case for HTTP response codesTobias Brunner2014-05-191-8/+57
|
* fetcher: Add option to retrieve response code from a fetcherTobias Brunner2014-05-192-0/+10
|
* unit-tests: Defer failures by worker threadsTobias Brunner2014-05-192-5/+36
| | | | | | | | | | | In some cases the main thread is not ready to immediately call siglongjmp(), e.g. if it currently holds a mutex that is later required during shutdown. Therefore, we delay handling errors in worker threads until the main thread performs the next check itself (or the test function ends). The same issue remains with SIGALRM.
* unit-tests: Make sure plugins in the builddir are loadedTobias Brunner2014-05-192-2/+2
| | | | | | When running the tests in GDB the working directory apparently is different. With the relative path used previously the plugins would not be found and those installed on the system would get used.
* unit-tests: Don't assert failures for unreadable settings files as rootTobias Brunner2014-05-161-5/+8
| | | | The file can still be read by root even if nobody has read privileges.
* proposal: Don't return a default IKE proposal without encryption/AEAD algsMartin Willi2014-05-161-3/+23
|
* ike: Add an additional but separate AEAD proposal to CHILD configMartin Willi2014-05-1610-2/+22
| | | | | | | This currently has no effect: We don't include AEAD algorithms in the default ESP proposal, as we don't know if it is supported by the backend. But as we hopefully get an algorithm query mechanism on kernel interfaces some day, we add the appropriate functionality nonetheless.
* ike: Add an additional but separate AEAD proposal to IKE config, if supportedMartin Willi2014-05-1612-10/+37
|
* child-cfg: Allow passing NULL as proposal to add_proposal()Martin Willi2014-05-162-4/+7
| | | | Making the API consistent to the one of ike_cfg.
* ike-cfg: Allow passing NULL to add_proposal()Martin Willi2014-05-162-3/+7
| | | | | This simplifies adding default proposals with constructors potentially returning NULL.
* proposal: Use an additional "default" constructor specific to AEAD algorithmsMartin Willi2014-05-162-0/+31
| | | | | This allows a caller to create a separated proposal for supported AEAD algorithms, as required by RFC 5996.
* proposal: Don't include AEAD algorithms in the default proposalMartin Willi2014-05-161-61/+66
| | | | | | According to RFC 5996 3.3 we should use a separate proposal for AEAD algorithms. This was not clear in RFC 5282, hence we previously included both AEAD and non-AEAD algorithms in a single proposal.
* enum: Return boolean result for enum_from_name() lookupMartin Willi2014-05-1627-83/+101
| | | | | | | | | | | Handling the result for enum_from_name() is difficult, as checking for negative return values requires a cast if the enum type is unsigned. The new signature clearly differentiates lookup result from lookup value. Further, this actually allows to convert real -1 enum values, which could not be distinguished from "not-found" and the -1 return value. This also fixes several clang warnings where enums are unsigned.
* enum: Don't directly include enum.hMartin Willi2014-05-169-11/+10
| | | | | To allow enum.h to depend on utils.h definitions, avoid its direct inclusion. Instead include utils.h, which includes enum.h as well.
* libtps: Silence GCC set-but-unused warning in incomplete codeMartin Willi2014-05-161-2/+2
|
* scepclient: Cast OID_UNKNOWN before comparing it to unsigned hash_algorithm_tMartin Willi2014-05-161-1/+1
| | | | clang uses unsigned enums and complains about the always-false -1 check.
* swanctl: Properly initialize return value of --install commandMartin Willi2014-05-161-1/+1
|
* xauth-pam: Fix header include guardMartin Willi2014-05-161-1/+1
|
* eap-peap: Remove dead SoH code from PEAPMartin Willi2014-05-161-15/+0
| | | | clang complains about the unused variables.
* tls: Move variable sized tls_record_t struct to end of tls_t dataMartin Willi2014-05-161-4/+4
| | | | clang complains about the the non-last variable length member.
* kernel-klips: Pass a pointer to a properly sized integer for algorithm lookupMartin Willi2014-05-161-1/+1
|
* auth-cfg: Cast literal default value to pointer typeMartin Willi2014-05-161-1/+1
| | | | Fixes a clang warning.
* unbound: Explicitly cast from ldns RR type/class to our typesMartin Willi2014-05-161-2/+2
| | | | | | These definitions are directly derived from the RFC, so it should be safe to cast them. clang complains about the different types, so cast them explicitly.
* x509: Remove some unused ASN1 OID constantsMartin Willi2014-05-162-25/+0
|
* aes: Remove unused build variantsMartin Willi2014-05-161-622/+65
| | | | | | The AES code historically has different build options for various size/speed trade-offs. We never made use of them, so just drop the obsolete code. The code now has four hard-coded fixed tables, both inverse and original.
* settings: Properly match } and # in include statementsTobias Brunner2014-05-151-6/+16
| | | | | | Found due to %option nodefault. A match for } was actually missing and # was not properly matched if it was part of an include statement on the last line of a file that did not end with a newline.
* settings: Eliminate performance warningTobias Brunner2014-05-151-2/+0
| | | | | This was useful during development, but we accept that matching \n together with %option yylineno impacts performance.
* parser-helper: Define debug macros depending on DEBUG_LEVELTobias Brunner2014-05-151-3/+20
|
* parser-helper: Make parser_helper_file_t privateTobias Brunner2014-05-153-58/+40
|
* parser-helper: Make parser_helper_log a functionTobias Brunner2014-05-152-9/+28
|
* settings: strongswan.conf must be loaded explicitlyTobias Brunner2014-05-155-9/+20
|
* settings: Replace deprecated YYLEX_PARAM with %lex-paramTobias Brunner2014-05-151-3/+7
| | | | | | | | With Bison 3.x support for YYLEX_PARAM has been removed and %lex-param should be used. Unfortunately, that option does not take expressions. Instead we use a wrapper function that calls the lexer with the proper scanner object, which should also be backward compatible to older Bison versions.
* settings: Include generated header after othersTobias Brunner2014-05-152-4/+4
| | | | | Newer Bison versions declare the parser function in the header, which requires custom types.
* settings: Reduce log verbosity if files can't be openedTobias Brunner2014-05-152-2/+11
| | | | Basically reintroducing 2a38b4556e9fd8102bd6c6c61f2893599a5e8e51.
* settings: Adopt the new order of sections and settings when replacing configsTobias Brunner2014-05-152-7/+119
|
* settings: Only purge sections if necessaryTobias Brunner2014-05-154-55/+115
| | | | | Instead of removing and caching all values of a previous config, we only do this for actually removed sections/settings.
* settings: Maintain order of sections and settings while enumeratingTobias Brunner2014-05-154-66/+59
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 16:03:49 +0000