Tobias Brunner
20c99edab9
android: Remove dependency on libvstr
2013-11-13 11:40:47 +01:00
Martin Willi
10900ed7e7
charon-xpc: Set AUTH_RULE_IDENTITY_LOOSE on responder config
...
This allows the server to use a different IKE identity as long as the
configured hostname is contained in the certificate.
2013-11-01 12:05:48 +01:00
Martin Willi
1ba47fa565
charon-xpc: Load missing eap-md5 plugin after enabling it
2013-10-28 15:18:11 +01:00
Martin Willi
9f2a4d3315
charon-xpc: Disable warnings about deprecated functions
...
This avoids all the deprecated warnings when using OpenSSL functins.
2013-10-28 14:51:59 +01:00
Martin Willi
f5ea7d781f
charon-xpc: Avoid -all_load linker flag
...
This seems to be not required anymore with the LLVM 5 toolchain.
2013-10-28 14:51:51 +01:00
Martin Willi
a1c2ed8820
charon-xpc: Properly xpc_retain() connections we xpc_release()
2013-10-28 14:51:40 +01:00
Martin Willi
888d8d73ab
charon-xpc: Properly cast SA identifier to uintptr representation
2013-10-28 14:51:28 +01:00
Martin Willi
3e40dbb128
charon-xpc: Don’t build against libvstr anymore
...
We now have our own printf backend and use it instead of Vstr.
2013-10-28 14:51:03 +01:00
Martin Willi
6a3cfbdc0d
charon-xpc: Build with EAP-MD5 support
2013-10-28 14:49:19 +01:00
Martin Willi
d7083b6541
kernel: Use a time_t to report use time in query_policy()
2013-10-11 10:23:17 +02:00
Martin Willi
c99458e94e
kernel: Use a time_t to report use time in query_sa()
2013-10-11 10:23:17 +02:00
Tobias Brunner
e4d63cfae7
android: New release after fixing remediation instructions regression
2013-09-26 13:53:39 +02:00
Tobias Brunner
00f7b29422
android: Change progress dialog handling
...
With the previous code the dialog sometimes was hidden for a short while
before it got reopened.
2013-09-26 13:53:25 +02:00
Tobias Brunner
cfed5679b8
android: Clear remediation instructions when starting a new connection
2013-09-26 13:00:45 +02:00
Tobias Brunner
c17cbfdb72
android: New release after improving recovery after connectivity changes
2013-09-23 14:33:29 +02:00
Tobias Brunner
3817231333
android: Change state handling to display errors occurring while the app is hidden
...
A new connection ID allows listeners to track which errors they have
already shown to the user or were already dismissed by the user.
This was necessary because the state fragment is now unregistered from
state changes when it is not shown.
2013-09-23 12:01:43 +02:00
Tobias Brunner
b4a5b185fc
android: Don't update state fragments when they are not displayed
...
Besides that updates don't make much sense when the fragments are not
displayed this fixes the following exception:
java.lang.IllegalStateException: Can not perform this action after
onSaveInstanceState
2013-09-23 12:01:42 +02:00
Tobias Brunner
c3ee829eee
android: Properly handle failures while initializing charon
2013-09-23 11:49:52 +02:00
Tobias Brunner
c742905f50
android: Fix compilation after PTS header files were moved
2013-09-04 16:18:29 +02:00
Martin Willi
3070697f9f
ike: support multiple addresses, ranges and subnets in IKE address config
...
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
2013-09-04 10:38:37 +02:00
Martin Willi
9aeaa7396e
peer-cfg: add a pull/push mode option to use with mode config
2013-09-04 10:33:37 +02:00
Martin Willi
a0cd955f42
charon-xpc: add a note how to build the source tarball
2013-08-29 12:28:54 +02:00
Martin Willi
74ee1120d7
charon-xpc: include and prefer AES-GCM algorithms in ESP proposal
2013-08-29 11:37:07 +02:00
Martin Willi
8fa7c5c191
charon-xpc: load missing ctr/ccm/gcm plugins
2013-07-31 16:28:11 +02:00
Martin Willi
aafb6fa6c2
charon-xpc: use kernel-libipsec instead of kernel-pfkey
2013-07-31 11:41:37 +02:00
Martin Willi
546235d34c
charon-xpc: fix TS getting after changing CHILD_SA API
2013-07-31 11:41:31 +02:00
Tobias Brunner
146fa8b2d3
charon-xpc: Use correct namespace when setting default settings
2013-07-22 17:44:37 +02:00
Tobias Brunner
0ceb288815
Fix various API doc issues and typos
...
Partially based on an old patch by Adrian-Ken Rueegsegger.
2013-07-18 18:30:36 +02:00
Martin Willi
b9c47eae06
xpc: allow easy copy & pase of ./configure instructions
2013-07-18 12:17:56 +02:00
Martin Willi
7f1adbe94e
xpc: use -idirafter to build against openssl headers from /usr/include
2013-07-18 12:17:56 +02:00
Martin Willi
06e8712cb3
xpc: forward some risen alerts over XPC to App
2013-07-18 12:17:56 +02:00
Martin Willi
e7ee45ef38
xpc: enable close_ike_on_child_failure
2013-07-18 12:17:56 +02:00
Martin Willi
e37c5d46d3
xpc: send a "connecting" event when establishing a connection starts
2013-07-18 12:17:56 +02:00
Martin Willi
3ffa310c44
xpc: use osx-attr plugin to install configuration attributes
2013-07-18 12:17:56 +02:00
Martin Willi
c7ac7f92e9
xpc: update README with new events, markdown style fixes
2013-07-18 12:17:55 +02:00
Martin Willi
4edcc86149
xpc: send child_updown events over XPC channel
2013-07-18 12:17:55 +02:00
Martin Willi
d60c8d2c74
xpc: support termination of IKE_SAs using XPC RPC on connection channel
2013-07-18 12:17:55 +02:00
Martin Willi
790ad9e677
xpc: move XPC RPC reply creation to command dispatching
2013-07-18 12:17:55 +02:00
Martin Willi
a0c125eacb
xpc: terminate daemon when last XPC connection to App gone
2013-07-18 12:17:55 +02:00
Martin Willi
6aae6268d7
xpc: fix some refcounting issues related to XPC connections
2013-07-18 12:17:55 +02:00
Martin Willi
22bffc647d
xpc: no need to clear channel table, they are bound to IKE_SA lifetime
2013-07-18 12:17:55 +02:00
Martin Willi
1a3f71d97a
xpc: add support for logging over XPC channels
2013-07-18 12:17:55 +02:00
Martin Willi
fbc89786b5
xpc: don't warn about pointer signedness mismatch (-Wno-pointer-sign)
2013-07-18 12:17:55 +02:00
Martin Willi
dcf8a3c78b
xpc: add a description of the basic XPC protocol to README
2013-07-18 12:17:55 +02:00
Martin Willi
d5966e71e9
xpc: use the same XPC message "type" mechanism on Mach service as on channels
2013-07-18 12:17:55 +02:00
Martin Willi
39d15dde67
xpc: ask App for passwords using connection specific channel
2013-07-18 12:17:55 +02:00
Martin Willi
8279ce99c4
xpc: use IKE_SA specific XPC return channels for further communication
2013-07-18 12:17:55 +02:00
Martin Willi
bc74e18223
xpc: don't send certificate requests, there are too many when using keychain
2013-07-18 12:17:55 +02:00
Martin Willi
5016370390
xpc: build with support for the keychain plugin
2013-07-18 12:17:55 +02:00
Martin Willi
e73a653451
xpc: add support for initiate simple IKEv2 EAP connections
2013-07-18 12:17:54 +02:00