18bce26ea6
Use key(and password-)less SSH authentication
2013-01-17 15:22:09 +01:00
beff82dd98
Adjust strongSwan version handling in HTML output
2013-01-17 15:22:08 +01:00
ffe710ae71
Patch AVP parsing in EAP-TTLS module in FreeRADIUS
2013-01-17 15:22:08 +01:00
d47b751850
Add recipes for libtnc and TNC@FHH
2013-01-17 15:22:08 +01:00
669fc9f9ec
Copy and display host specific tcpdump.log files
2013-01-17 15:22:08 +01:00
b460fb1dd2
Drop SHAREDTREE in favor of mounting the compile dir
2013-01-17 15:22:08 +01:00
633bee03fc
Patch EAP-SIM module in FreeRADIUS
2013-01-17 15:22:08 +01:00
d94f6a2ff6
Don't generate do-tests
2013-01-17 15:22:08 +01:00
533177003c
Adapt test configurations
...
Adapt test configurations to the new Debian-based system.
2013-01-17 15:22:07 +01:00
766466b8d1
Adapt host configuration
...
Adapt the configuration of the test hosts to the new Debian-based
system.
2012-12-18 16:00:21 +01:00
108040800d
Add recipe for iptables
2012-12-18 16:00:21 +01:00
adbb5cbd43
Add freeradius recipe
2012-12-18 16:00:21 +01:00
e61ce6ee02
Factor out building of strongswan into own Makefile
...
Small Makefiles (recipes) are used to install software from source into
the root UML image.
2012-12-18 16:00:21 +01:00
aa5803e0e3
testing: Switch to Debian based guest images
...
Instead of extracting a downloaded Gentoo filesystem tree into a file
containing a reiserfs filesystem, create an ext3 filesystem inside a
sparse file, mount it and debootstrap an up-to-date Debian system. Use
this image as base for all UML guest images.
Also, drop support for the various consoles and use xterm
unconditionally.
2012-12-18 16:00:21 +01:00
0080daa787
Fix deadlock in IMC/IMV managers
...
Since reserve_id() might be called from e.g. notify_connection_change()
using a write lock will not work as this can't be acquired while holding
the read lock.
Also, with the previous code it was possible that two IMCs/IMVs added by
two threads at the same time would get the same ID assigned.
2012-12-18 15:59:29 +01:00
6a8eeba540
Properly select IMC/IMV according to given primary ID in reserve_id()
2012-12-18 15:59:29 +01:00
4185c64464
Use a ./configure check to detect pthread spinlock availability
...
_POSIX_SPIN_LOCKS does not seem to be defined correctly on all
systems (Debian libc 2.3.6). Fixes #262 .
2012-12-18 09:51:33 +01:00
544c2e3d7b
kernel-netlinks get_interface() considers virtual IPs, too
...
When using load-tester, we can install tunnel outer addresses on
demand. As these are installed as "virtual", we have to consider
virtual IPs in the get_interface() lookup to install "real" virtual
IPs to these dynamic external addresses.
2012-12-17 14:23:44 +01:00
d9d0f12222
If load-tester requests a virtual IP, use a dynamic local traffic selector
2012-12-17 14:22:25 +01:00
fe3060f5d0
Add missing CHILD_SA specific proposal keyword in conftest README
2012-12-17 10:58:47 +01:00
283898d6e0
Fix traffic selectors also as initiator in case of transport mode over NAT
2012-12-13 15:27:29 +01:00
2990671748
Fix debug output if responder selected invalid traffic selectors during QM
2012-12-13 15:27:28 +01:00
45b5203f5d
fixed memory leak in TPM Version Info
2012-12-13 11:10:38 +01:00
5cb00b3afb
Fixed reading of configs in conftest utility
2012-12-13 11:08:32 +01:00
df75cc5c5f
Migrate RADIUS accounting state while IKE_SA unique id changes during rekey
2012-12-11 10:40:59 +01:00
251b740712
Migrate cache and fire lookip events for unique_id change during IKE_SA rekey
2012-12-10 17:04:26 +01:00
43b4c2ea75
Inherit virtual IP and attributes from old to new, not from new to old
2012-12-10 17:01:00 +01:00
caccc0e8cc
Avoid that ruby 1.9 redefines snprintf(3) etc.
...
Otherwise our custom printf specifiers won't work.
2012-12-10 11:41:37 +01:00
12e70a7efc
Properly initialize linked list when enumerating interface addresses
2012-12-10 09:47:46 +01:00
6a25122bfc
rb_cvar_set() takes three arguments in Ruby 1.9
2012-12-10 09:47:46 +01:00
d972975d87
Use rb_errinfo() instead of ruby_errinfo for Ruby 1.9
2012-12-10 09:47:46 +01:00
afabe7b0ef
Use proper Ruby library depending on the available version
2012-12-10 09:47:46 +01:00
5057df5b73
Fixed search for ruby.h in ./configure for newer Ruby releases
2012-12-10 09:47:46 +01:00
133fb74841
add dlcose strongswan.conf option to tnc-imc/tnc-imv plugins
2012-12-09 19:40:13 +01:00
92e75e4535
optionally skip dlclose() of IMCs/IMVs in order to track memory leaks
2012-12-09 19:35:23 +01:00
7d17eeb7ef
fixed memory leak in error case
2012-12-09 17:07:51 +01:00
965fce31c3
newer releases of dpkg-query does not have PackageSpec
2012-12-09 13:55:22 +01:00
4037bb5288
ignore ports of the 127.0.1.1 internal system address
2012-12-09 13:26:34 +01:00
137ea41f45
Properly trigger ike_updown() event if IKEv1 DPD times out
...
Fixes missing RADIUS Accounting Stop, #257 .
2012-12-04 11:11:50 +01:00
b091d80aff
Replace optionsfrom LGPLv2 header by a GPLv2
2012-11-30 18:00:39 +01:00
01bc9bf428
Fix GPL license header to properly "sed" it
2012-11-30 18:00:33 +01:00
c543616315
Add locking to IMC/IMV managers to add/remove IMC/IMVs on the fly
2012-11-30 15:49:23 +01:00
7e45257f7d
Reuse generic constructor in IMV/IMC message
2012-11-30 15:49:12 +01:00
a6722e5653
Add getters for the raw encoding in IMV/IMC messages
2012-11-30 15:49:07 +01:00
2a433075e2
Clean up whitespaces in IMC/IMV messages
2012-11-30 15:49:03 +01:00
fdce28c49c
Don't remove IETF standard errors while parsing IMC/IMV messages
2012-11-30 15:48:55 +01:00
18bb1a1540
Remove unused get_vendor_id() method in IETF error IF-M attributes
2012-11-30 15:48:44 +01:00
55b323c224
Check os_version when reading release file, os_name is not set for Debian
2012-11-30 15:48:39 +01:00
dd685d55e5
Don't unload IMC/IMV managers if no IMC/IMVs loaded from tnc_config
2012-11-30 15:48:26 +01:00
016d343a50
Add wrappers to IMC/IMV managers loading IMC/IMVs from function pointers
2012-11-30 15:48:20 +01:00
Tobias Brunner