aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* message: Split generate() in multiple functionsTobias Brunner2014-10-101-67/+122
|
* ikev2: Negotiate support for IKEv2 fragmentationTobias Brunner2014-10-102-1/+24
|
* ikev2: Add notify for IKEv2 fragmentationTobias Brunner2014-10-102-7/+15
|
* ikev1: Move defragmentation to message_tTobias Brunner2014-10-103-169/+240
|
* ike: Move fragmentation to ike_sa_tTobias Brunner2014-10-103-62/+94
| | | | | | | | | The message() hook on bus_t is now called exactly once before (plain) and once after fragmenting (!plain), not twice for the complete message and again for each individual fragment, as was the case in earlier iterations. For inbound messages the hook is called once for each fragment (!plain) and twice for the reassembled message.
* message: fragment() generates message and fragments and caches themTobias Brunner2014-10-103-58/+109
|
* message: Make packet argument optional in generate()Tobias Brunner2014-10-101-1/+4
|
* ikev1: Move fragment generation to message_tTobias Brunner2014-10-104-136/+247
|
* ike: Rename encryption_payload to encrypted_payloadTobias Brunner2014-10-1010-102/+98
|
* ipsec: Remove unsupported listcards and rereadgroups commandsTobias Brunner2014-10-081-10/+0
|
* ipsec: Document missing commandsTobias Brunner2014-10-081-1/+11
|
* ipsec: Update usage outputTobias Brunner2014-10-081-18/+17
|
* ipsec: Remove duplicate check for internal commandsTobias Brunner2014-10-081-4/+0
|
* ipsec: Only set PATH if it is not already setTobias Brunner2014-10-081-1/+1
| | | | | | | | | | The comment indicated this but it was always set anyway. All internal commands are called via their absolute paths, so the script only uses PATH for the uname command, but if that is not located in one of the configured directories the script will fail. Also, since the internal commands are called via their absolute paths there is no need to add the directories to PATH.
* ikev1: Fix handling of UNITY_LOAD_BALANCETobias Brunner2014-10-071-3/+3
| | | | | The re-authentication is now handled within the original IKE_SA if it has not yet been established, so we don't want to destroy it.
* ikev1: Don't queue more than one mode config or XAuth taskTobias Brunner2014-10-071-7/+22
| | | | | | | | At the time we reset an IKE_SA (e.g. when re-authenticating a not yet established SA due to a roaming event) such tasks might already be queued by one of the phase 1 tasks. If the SA is initiated again another task will get queued by the phase 1 task. This results in e.g. multiple mode config requests, which most gateways will have problems with.
* ext-auth: Add an ext-auth plugin invoking an external authorization scriptMartin Willi2014-10-066-0/+492
| | | | Original patch courtesy of Vyronas Tsingaras.
* updown: Use process abstraction to invoke updown scriptMartin Willi2014-10-061-246/+215
|
* process: Add a wrapper to invoke a command under the system default shellMartin Willi2014-10-063-0/+110
|
* process: Port child process spawning to the Windows platformMartin Willi2014-10-062-1/+315
|
* process: Provide an abstraction to spawn child processes with redirected I/OMartin Willi2014-10-067-3/+490
|
* Incremental parsing fixesAndreas Steffen2014-10-052-14/+9
|
* Added add_segment() method to TCG/PTS attributesAndreas Steffen2014-10-0518-26/+157
|
* Added add_segment() method to TCG/SEG attributesAndreas Steffen2014-10-053-25/+49
|
* OS IMV proposes IF-M segmentation contractAndreas Steffen2014-10-056-108/+153
| | | | | | | The OS IMV sends a TCG IF-M Segmentation contract request. All IETF standard attributes support segmentation. Additionally the IETF Installed Packages standard attributes supports incremental processing while segments are received.
* SWID IMC proposes IF-M segmentation contractsAndreas Steffen2014-10-053-24/+42
|
* unit-tests: Updated libimcv test suiteAndreas Steffen2014-10-051-22/+125
|
* Added add_segment() method to IETF attributesAndreas Steffen2014-10-0512-0/+95
|
* Added add_segment() method to ITA attributesAndreas Steffen2014-10-056-0/+47
|
* Implemented incremental processing of SWID tag [ID] inventory attributeAndreas Steffen2014-10-058-199/+253
|
* Implemented add_segment method for PA-TNC attributesAndreas Steffen2014-10-0511-90/+208
|
* Added total length parameter in PA-TNC attribute constructorAndreas Steffen2014-10-0591-319/+957
|
* Assignment of flags starts with bit 0Andreas Steffen2014-10-052-5/+5
|
* Register the reception of the AIK attributeAndreas Steffen2014-10-053-2/+9
|
* Unit tests for libimcvAndreas Steffen2014-10-055-0/+649
|
* Compacted chunk creation in ita_attr_command constructorAndreas Steffen2014-10-051-2/+1
|
* Merged libpts into libimcvAndreas Steffen2014-10-05158-430/+229
|
* Added out message queue for imv_msg receive methodAndreas Steffen2014-10-058-86/+81
|
* Implemented IF-M segmentationAndreas Steffen2014-10-0524-320/+1660
|
* Added request variable to get_info_string methodAndreas Steffen2014-10-035-11/+12
|
* Implemented IF-M segmentation contractsAndreas Steffen2014-10-0332-63/+1354
|
* Allow to treat specified Attribute-Type-Not-Supported errors as non-fatalAndreas Steffen2014-10-0310-16/+110
|
* starter: Allow specifying the ipsec.conf location in strongswan.confShea Levy2014-10-021-1/+2
|
* stroke: Allow specifying the ipsec.secrets location in strongswan.confShea Levy2014-10-022-5/+17
|
* library: Allow specifying the path to strongswan.conf in the STRONGSWAN_CONF ↵Shea Levy2014-10-021-1/+1
| | | | env var
* Don't fail to install if sysconfdir isn't writableShea Levy2014-09-261-1/+1
|
* ikev1: Be more verbose if a peer config would match, but is unusable for ModeMartin Willi2014-09-251-0/+12
|
* ikev2: Reorder task activation for established IKE SAsTobias Brunner2014-09-251-11/+11
| | | | We now prefer MOBIKE tasks over delete tasks then the rest.
* Revert "ikev2: Insert MOBIKE tasks at the front of the queue"Tobias Brunner2014-09-251-6/+1
| | | | | | | | This reverts commit 3293d146289d7c05e6c6089ae1f7cdbcea378e63. The position of tasks in the queue does not actually determine the order in which they are activated. Instead this is determined by the statements in task_manager_v2_t.initiate().
* curl: For SSL features, depend on thread-safety provided by our crypto pluginsMartin Willi2014-09-243-7/+57
| | | | | | | | | To use SSL in curl, we need to initialize the SSL library in a thread-safe manner and provide the appropriate callbacks. As we already do that in our crypto plugins using these libraries, we depend on these features. This implies that we need the same plugin enabled (openssl, gcrypt) as the curl backend is configured to use to fetch from HTTPS URIs.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-18 21:51:59 +0000