ims-volte-vowifi/strongswan-epdg
9
0
Fork 0
Code Issues Pull requests Releases Wiki Activity
10808 commits 6 branches 236 tags 88 MiB
Commit graph

10808 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tobias Brunner
9ccfeb8ca1 Use proper buffer sizes for parse_smartcard() 2013-01-24 23:35:42 +01:00
Tobias Brunner
677812dc66 Cast first argument for %.*s to int 2013-01-24 23:35:42 +01:00
Tobias Brunner
bacbf91c5c Removed unused command name when printing usage info for lookip 2013-01-24 23:35:41 +01:00
Tobias Brunner
d7bd0ad7df Removed unused argument 2013-01-24 23:35:34 +01:00
Tobias Brunner
4cd3fb788d Properly read data from stream in pki --pkcs7 2013-01-24 19:13:41 +01:00
Tobias Brunner
27a814b527 Properly destroy mem_cred object on pki --pkcs7 --help 2013-01-24 19:13:41 +01:00
Tobias Brunner
39896d92ed Try to determine OS type if name and version are configured 2013-01-24 19:13:41 +01:00
Tobias Brunner
24cdf5340e Add missing va_end() call 2013-01-24 19:13:41 +01:00
Tobias Brunner
69c6a60176 g_thread_init() is deprecated since Glib 2.23 2013-01-24 19:13:40 +01:00
Tobias Brunner
2ec3552fce Fix check-in of IKE_SA when IKE_SA_INIT fails and hash table is enabled 
Setting the responder SPI to 0 can only be done while generating the
response, otherwise we'd fail to check in the IKE_SA again in case the
hash table is enabled.  That's because we use the responder SPI as hash
value since 5.0.0.
 2013-01-24 19:13:40 +01:00
Adrian-Ken Rueegsegger
a25047e412 Return SS_RC_INITIALIZATION_FAILED if pid file exists 
Let charon return SS_RC_INITIALIZATION_FAILED if an existing pid file is found.
Starter only terminates itself if the result code of the daemon is a valid
SS_RC_* value.
 2013-01-23 15:59:21 +01:00
Tobias Brunner
4eb09d14e2 Avoid a deadlock when installing a trap policy failed 2013-01-23 15:51:47 +01:00
Martin Willi
8d631ebabd Encode IETF Numeric Version Service Pack Version with two byte words 2013-01-22 14:45:56 +01:00
Adrian-Ken Rueegsegger
113ff13322 starter: Add --attach-gdb option to usage text 2013-01-22 11:03:19 +01:00
Adrian-Ken Rueegsegger
cf3c72c480 Fix IKE SA inherit API doc 2013-01-22 11:02:20 +01:00
Martin Willi
325efdaca8 Filter TS list for Split-Includes before printing them to debug log 2013-01-21 12:15:51 +01:00
Tobias Brunner
ae82265a46 Add the ability to use a named pool for conftest configs 2013-01-21 11:46:20 +01:00
Martin Willi
51dbcf6497 After merging the used trustchain with config, move used certificate to front 2013-01-18 11:59:27 +01:00
Martin Willi
11a7abf554 Add ipsec.conf.5 updates regarding multiple certificates in leftcert 2013-01-18 09:33:15 +01:00
Martin Willi
9a06a93ce7 Try to build a trustchain for all configured certificates before enforcing one 
This enables the daemon to select from multiple configured certificates
by building trustchains against the received certificate requests.
 2013-01-18 09:33:15 +01:00
Martin Willi
78af36db50 Load multiple comma seperarated certificates in the leftcert option 2013-01-18 09:33:15 +01:00
Martin Willi
f29783af8c Make AUTH_RULE_SUBJECT cert multi-valued 
Constraints having multiple subject certs defined are fulfilled if
authentication used one of the listed certificates.
 2013-01-18 09:33:15 +01:00
Andreas Steffen
d82372fab8 Removed INSTALL from EXTRA_DIST 2013-01-17 23:20:37 +01:00
Tobias Brunner
0c006341f3 Merge branch 'debian-testing' 
These changes update the integration test system.  It previously was based
on a pretty much unmaintainable Gentoo root image and the dated UML
virtualization technology.  Among many other changes the test environment
is now based on KVM and uses reproducible Debian-based guest images.

Conflicts:
	NEWS
 2013-01-17 17:00:05 +01:00
Tobias Brunner
737912239f NEWS about updated integration tests added 2013-01-17 16:56:02 +01:00
Tobias Brunner
232af2fab5 Updated documentation for the integration tests 2013-01-17 16:56:02 +01:00
Tobias Brunner
812cd9c18a Removed UML from description of ikev2/default-keys test 2013-01-17 16:56:02 +01:00
Tobias Brunner
b1169a880a Updated comments in test.conf of all tests 2013-01-17 16:56:02 +01:00
Tobias Brunner
7699a928f7 Renamed $UMLHOSTS to $VIRTHOSTS 2013-01-17 16:56:02 +01:00
Reto Buerki
88bffacfdc Drop vim swap file 2013-01-17 16:55:04 +01:00
Reto Buerki
f3db566983 Enforce reception of multicast traffic on virbr[1|2] 
This is needed to let the ha/both-active test pass.
 2013-01-17 16:55:04 +01:00
Reto Buerki
41943e9c1b Make core dumps work 
Core dumps are written to the /var/local/dumps directory.
 2013-01-17 16:55:04 +01:00
Reto Buerki
e3a3013323 Append seconds to TESTDATE 
This avoids 'file exists' warnings when running tests multiple times in
one minute.
 2013-01-17 16:55:04 +01:00
Reto Buerki
2c4954ad24 Switch to 'mapped' access mode for hostfs 
Passthrough mode only works as expected when running as root. On
Debian/Ubuntu systems qemu runs as user 'libvirt-qemu' and group 'kvm'
so all shared files must be chowned to grant access from guests.

Symlinks created on the host are still problematic because the Plan 9
filesystem has no direct notion of symbolic links, see [1].

[1] - http://ericvh.github.com/9p-rfc/rfc9p2000.u.html
 2013-01-17 16:55:04 +01:00
Reto Buerki
677795c3e7 Make guest ACPI shutdown work 2013-01-17 16:55:03 +01:00
Reto Buerki
c25f850601 Drop obsolete Gentoo dhcpd init script 2013-01-17 16:55:03 +01:00
Reto Buerki
530f7b8421 No need to enable ip_forward in pretest files 
It is enabled by default now.
 2013-01-17 16:55:03 +01:00
Reto Buerki
49b1655ae1 Auto-create symlink to testing directory in workdir 2013-01-17 16:55:03 +01:00
Andreas Steffen
44e533b88e converted ha/both-active iptables scenario 2013-01-17 16:55:03 +01:00
Andreas Steffen
5c09942d54 converted all ipv6 iptables/ip6tables scenarios 2013-01-17 16:55:03 +01:00
Andreas Steffen
a0ffe67fab converted all p2pnat iptables scenarios 2013-01-17 16:55:02 +01:00
Andreas Steffen
b27836412b Rename UML to KVM tests 2013-01-17 16:55:02 +01:00
Andreas Steffen
472a411aa8 converted all tnc iptables scenarios 2013-01-17 16:55:02 +01:00
Andreas Steffen
4aa32cc3fe List daemon.log on $RADIUSHOSTS 2013-01-17 16:55:02 +01:00
Andreas Steffen
cedc96c2c4 implemented ip6tables.rules 2013-01-17 16:55:02 +01:00
Andreas Steffen
136f74161b converted all sql iptables scenarios 2013-01-17 16:55:02 +01:00
Andreas Steffen
6fff9d9ace converted all pfkey iptables scenarios 2013-01-17 16:55:01 +01:00
Andreas Steffen
8fbb9458d6 converted all openssl-ikev2 iptables scenarios 2013-01-17 16:55:01 +01:00
Andreas Steffen
44047e7adb converted all openssl-ikev1 iptables scenarios 2013-01-17 16:55:01 +01:00
Andreas Steffen
61ab7db386 converted all gcrypt-ikev2 iptables scenarios 2013-01-17 16:55:01 +01:00