ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,934 Commits 7 Branches 233 Tags 88 MiB
Commit Graph

34 Commits

Author SHA1 Message Date
Dan James 95a0d800c9 farp: Add support for macOS and FreeBSD 
Co-authored-by: Tobias Brunner <tobias@strongswan.org>

Closes strongswan/strongswan#189.
References #3498.
 2021-01-22 10:44:05 +01:00
Tobias Brunner 7035340b21 farp: Ignore SAs with 0.0.0.0/0 remote traffic selector 
This is mostly to avoid hijacking the local LAN if the farp plugin is
inadvertently active on a roadwarrior.

Fixes #3116.
 2019-12-06 10:06:16 +01:00
Tobias Brunner 202c204785 farp: Only cache IPv4 traffic selectors 
Since ARP is IPv4 only there is no point caching IPv6 traffic
selectors/CHILD_SAs.
 2019-12-06 09:58:29 +01:00
Tobias Brunner 6138b8d629 farp: Only remove one tracked entry 
Multiple CHILD_SAs sharing the same traffic selectors (e.g. during
make-before-break reauthentication) also have the same reqid assigned.
If all matching entries are removed we could end up without entry even
though an SA exists that still uses these traffic selectors.

Fixes #2373.
 2017-07-27 13:07:23 +02:00
Volker Rümelin d17b780eaa farp: Fix BPF jump false offset 
Jump to BPF_STMT(BPF_RET+BPF_K, 0) if protocol_size != 4
 2016-10-31 14:46:14 +01:00
Andreas Steffen b12c53ce77 Use standard unsigned integer types 2016-03-24 18:52:48 +01:00
Tobias Brunner 28649f6d91 libhydra: Remove empty unused library 2016-03-03 17:36:11 +01:00
Martin Willi 4163421f91 plugins: Don't link with -rdynamic on Windows 2014-06-04 15:53:02 +02:00
Martin Willi 17028e29c2 farp: use watcher instead of dedicated receiver thread 2013-07-18 16:00:29 +02:00
Tobias Brunner dfc9902013 capabilities: Some plugins don't actually require capabilities at runtime 2013-07-18 15:25:35 +02:00
Martin Willi 19cb07b890 automake: replace INCLUDES by AM_CPPFLAGS 
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
 2013-07-18 14:59:19 +02:00
Martin Willi 553bb78730 child-sa: replace get_traffic_selectors() with create_ts_enumerator() 
Not directly returning a linked list allows us to change the internals of
the CHILD_SA transparently.
 2013-07-17 17:20:18 +02:00
Tobias Brunner 405f5ab9e9 farp: Require CAP_NET_RAW capability to open AF_PACKET socket 2013-06-25 17:16:32 +02:00
Tobias Brunner e5f4b3ca5b farp: Use plugin features to register listener 2013-06-11 11:18:17 +02:00
Tobias Brunner 12642a6831 Moved data structures to new collections subfolder 2012-10-24 16:00:49 +02:00
Tobias Brunner 2e7cc07ecd Moved host_t and host_resolver_t to a new networking subfolder 2012-10-24 15:06:18 +02:00
Tobias Brunner 26d77eb3e6 Centralized thread cancellation in processor_t 
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.

callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t.  The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
 2012-06-25 17:38:59 +02:00
Martin Willi 45f20f8a79 farp plugin sends ARP responses for any tunneled address, not only virtual IPs 2012-03-06 16:06:33 +01:00
Martin Willi 14bf2f689d Use CRITICAL job priority class for long running dispatcher jobs 2011-05-16 15:24:15 +02:00
Martin Willi c55818ebb0 Added a (not yet implemented) plugin_t method to reload plugin configuration 2011-04-15 10:07:13 +02:00
Martin Willi 787b5884aa Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t 2011-04-15 10:07:12 +02:00
Tobias Brunner bb381e26c6 Refer to scheduler and processor via lib and not hydra. 2010-09-02 19:04:18 +02:00
Tobias Brunner c5f7146b17 Refer to processor via hydra and not charon. 2010-09-02 19:01:22 +02:00
Martin Willi ba31fe1fd6 Use a seperate section for each nested struct member in INIT macro 2010-08-18 12:15:03 +02:00
Martin Willi d43775ae58 Accept ARP requests with an ethernet trailer, but trim it 2010-06-03 08:39:33 +02:00
Martin Willi 360ef1606f Fixed handling of IKE_SAs without a virtual IP in farp plugin 2010-03-30 10:24:47 +02:00
Tobias Brunner 18c68f22c7 Revert "Use the same formatting as in the Makefiles of the other plugins. Makes refactorings easier." 
This reverts commit e91b116a62. Missed to
notice commit 89bf11d204.
 2010-03-26 10:47:09 +01:00
Tobias Brunner e91b116a62 Use the same formatting as in the Makefiles of the other plugins. Makes refactorings easier. 2010-03-26 10:40:14 +01:00
Martin Willi e40a629d4c Added libhydra include to farp plugin 2010-03-25 14:41:51 +01:00
Martin Willi f8e99e012a Implemented ARP sniffing and spoofing functionality 2010-03-25 14:39:32 +01:00
Martin Willi dc70a5bb0b Use message hook to catch virtual IP, as it is not yet set in ike_updown 2010-03-25 14:39:32 +01:00
Martin Willi 479a7b7d17 Added locking to farp listener 2010-03-25 14:39:32 +01:00
Martin Willi 660e16f5b2 Added a listener to the farp plugin that keeps track of active virtual IPs 2010-03-25 14:39:32 +01:00
Martin Willi 0d7b48a388 Added a farp plugin stop to spoof ARP requests 2010-03-25 14:39:32 +01:00