aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* android: Use configured local identity in auth-cfgsTobias Brunner2016-05-021-9/+30
| | | | | | We still default to the username or subject DN if none is configured. But we don't check if the local ID is contained in the configured certificate.
* android: Use configured remote ID in auth-cfgTobias Brunner2016-05-021-4/+15
| | | | | | | | If one is explicitly set we don't use loose identity matching and send it as IDr to the server. Closes #strongswan/strongswan#29. Fixes #1268.
* android: Pass local and remote identities as settings of a connectionTobias Brunner2016-05-021-2/+4
|
* android: Add fields for local and remote identities to data modelTobias Brunner2016-05-022-6/+44
|
* android: Avoid races between FragmentManager and state savingTobias Brunner2016-05-021-5/+4
| | | | | | | | | onSaveInstanceState is apparently called after pausing the fragment and after that committing any FragmentTransactions causes an IllegalStateException. We could use commitAllowingStateLoss() but that's not really necessary as we don't need to update when we are not active anyway. We also don't update the view directly after registration as this happens asynchronously, i.e. we might be paused when it finishes.
* android: Increase the NAT-T keepalive interval to potentially save battery lifeTobias Brunner2016-05-021-0/+4
| | | | | | In case this doesn't work out we could probably make it configurable. References #1326.
* android: Show confirmation dialog also when connectingTobias Brunner2016-05-021-1/+1
|
* android: Avoid ProgressDialogs in VPN state fragmentTobias Brunner2016-05-027-84/+32
| | | | | Instead we use a ProgressBar directly in the fragment and use the existing button to cancel the process.
* android: Fix display of remediation instructions with support libraryTobias Brunner2016-05-022-8/+15
| | | | | | Because the support library creates its own layout manually and uses different IDs than the list_content layout we can't use the method we used previously (and which is actually recommended in the docs).
* android: Use Fragment class from the support library to avoid deprecation ↵Tobias Brunner2016-05-028-51/+51
| | | | | | | | | warnings For instance, onAttach() with an Activitiy as first argument was deprecated with API level 23. However, the overload with a Context as first argument does obviously not get called on older API levels. Luckily, the classes provided by the support library handle that for us.
* android: Update README.ndkTobias Brunner2016-05-021-8/+9
|
* android: Use relative path for strongSwan sourcesTobias Brunner2016-05-021-8/+10
| | | | | This avoids issues with recursion, which could have happened if the strongswan directory was a symlink.
* android: Fix handling of redirects during IKE_AUTHTobias Brunner2016-05-021-69/+84
|
* android: Fix color of lists and buttons on older platformsTobias Brunner2016-04-273-0/+34
| | | | | This adds a workaround for an issue on older platforms where the list is not properly styled with colorAccent. Similarly applies to borderless buttons.
* android: Use Activity as context for VpnProfileAdapter to fix themeTobias Brunner2016-04-271-3/+1
| | | | | When using the application context theme customizations wouldn't get applied for some reason.
* android: Use "server" instead of "gateway" in profile editorTobias Brunner2016-04-275-44/+44
| | | | | | The term "gateway" is unfamiliar for most new users (or they confuse it with the default gateway of their network) but they usually know that they want to connect to a "server".
* android: Define a new color schemeTobias Brunner2016-04-272-3/+16
| | | | | | | This mainly changes the color of the appbar (colorPrimary), the color of the status bar (colorPrimaryDark) is black like the default. The accent color (colorAccent) used for controls like buttons and check boxes is a slightly toned down version of the default.
* android: Get a warning on use of deprecated featuresTobias Brunner2016-04-271-0/+1
|
* android: Replace use of deprecate getColor() method overloadTobias Brunner2016-04-272-22/+39
|
* android: Make font in log view monospace again on Android 5+Tobias Brunner2016-04-271-1/+2
|
* android: Avoid deprecated tabs in the ActionBar in TrustedCertificatesActivityTobias Brunner2016-04-272-88/+89
| | | | Instead we use TabLayout and ViewPager from the support libraries.
* android: Automatically reload certificates if manager is resetTobias Brunner2016-04-272-36/+46
| | | | No need to manually reset the fragments anymore.
* android: Make TrustedCertificateManager an ObservableTobias Brunner2016-04-271-8/+28
| | | | | Observers are notified when the manager is reset (and initially when the certificates are first loaded).
* android: Switch to AppCompat/Material theme for dialogsTobias Brunner2016-04-2710-61/+117
| | | | | | | There is no AppCompatProgressDialog class as the use of ProgressDialog is discouraged (instead progress bars should be placed in the layout directly). To display the current ProgressDialog instances correctly on systems < 21 we modify the window background color.
* android: Switch to AppCompat/Material theme and use custom Toolbar as AppBarTobias Brunner2016-04-2716-157/+184
| | | | | Also includes some whitespace/formatting changes due to the switch to Android Studio.
* android: Ignore build/ in project directoryTobias Brunner2016-04-271-0/+1
|
* android: Update platform tools and pull in support libsTobias Brunner2016-04-271-2/+4
| | | | | | | We'll have to change some stuff that Google deprecated (e.g. the tabs in the ActionBar) and that requires changing the theme at least in activities. Since that would look a bit inconsistent we'll change it globally and use parts of the support library.
* android: Update Android Gradle plugin and wrapperTobias Brunner2016-04-272-3/+3
|
* Updated products in IMV databaseAndreas Steffen2016-04-261-1/+146
|
* swanctl: list EAP type in --list-connsAndreas Steffen2016-04-261-3/+10
|
* identification: Add support for dmdName RDN (2.5.4.54)Yannick Cann2016-04-253-0/+5
| | | | | | | It's listed in RFC 2256 but was later removed with RFC 4519, but there are still some certs that use it. Closes strongswan/strongswan#43.
* leak-detective: added _IO_file_doallocate to whitelistAndreas Steffen2016-04-241-0/+1
|
* swanctl: log errors to stderrAndreas Steffen2016-04-243-3/+3
|
* pool: Use correct name to remove index for CHILD_SA TS in SQLite scriptTobias Brunner2016-04-181-1/+1
| | | | Fixes #1415.
* kernel-pfkey: Add support for manual prioritiesTobias Brunner2016-04-151-7/+24
| | | | Also orders policies with equals priorities by their automatic priority.
* kernel-pfkey: Update priority calculation formula to the new one in ↵Tobias Brunner2016-04-151-14/+25
| | | | | | | kernel-netlink Since the selectors are not exactly the same (no port masks, no interface) some small tweaks have been applied.
* kernel-netlink: Order policies with equal priorities by their automatic priorityTobias Brunner2016-04-151-11/+24
| | | | | | | | | | | | This allows using manual priorities for traps, which have a lower base priority than the resulting IPsec policies. This could otherwise be problematic if, for example, swanctl --install/uninstall is used while an SA is established combined with e.g. IPComp, where the trap policy does not look the same as the IPsec policy (which is now otherwise often the case as the reqids stay the same). It also orders policies by selector size if manual priorities are configured and narrowing occurs.
* curl: Add TLS support if libcurl is built against BoringSSLTobias Brunner2016-04-151-1/+2
| | | | | We don't have to rely on the openssl plugin and its threading initialization as BoringSSL is thread-safe out of the box.
* openssl: BoringSSL does not support configurationTobias Brunner2016-04-151-0/+4
| | | | | The other initialization functions are still defined but many are apparently no-ops (this is also true for the threading initialization).
* openssl: The member storing the DH exponent length has been renamed in BoringSSLTobias Brunner2016-04-151-0/+4
|
* openssl: Use proper EVP macro to determine size of a hashTobias Brunner2016-04-152-2/+2
|
* android: OPENSSL_NO_ENGINE is now properly defined in the headersTobias Brunner2016-04-151-1/+0
|
* curl: Handle LibreSSL like OpenSSL in regards to multi-threadingTobias Brunner2016-04-151-1/+1
| | | | | LibreSSL is API compatible so our openssl plugin does not need any changes and it works fine with the curl plugin.
* thread: Don't hold mutex when calling cleanup handlers while terminatingTobias Brunner2016-04-131-12/+14
| | | | | | | | | | This could interfere with cleanup handlers that try to acquire mutexes while other threads holding these try to e.g. cancel the threads. As cleanup handlers are only queued by the threads themselves we don't need any synchronization to access the list. Fixes #1401.
* Extended IPsec kernel policy schemeAndreas Steffen2016-04-091-18/+53
| | | | | | | | The kernel policy now considers src and dst port masks as well as restictions to a given network interface. The base priority is 100'000 for passthrough shunts, 200'000 for IPsec policies, 300'000 for IPsec policy traps and 400'000 for fallback drop shunts. The values 1..30'000 can be used for manually set priorities.
* Include manual policy priorities and restriction to interfaces in vici ↵Andreas Steffen2016-04-092-1/+27
| | | | list-conn command
* Implemented IPsec policies restricted to given network interfaceAndreas Steffen2016-04-098-14/+66
|
* Support manually-set IPsec policy prioritiesAndreas Steffen2016-04-098-22/+84
|
* peer-cfg: Use struct to pass data to constructorTobias Brunner2016-04-0916-200/+266
|
* child-cfg: Use struct to pass data to constructorTobias Brunner2016-04-0916-366/+362
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 21:38:39 +0000