Martin Willi
|
2d87903db9
|
recreating FIFO if it exists
|
2008-07-31 09:04:54 +00:00 |
Martin Willi
|
eb04645c10
|
fixed usage typo
|
2008-07-31 09:01:56 +00:00 |
Martin Willi
|
19ad10b5d3
|
increased stroke socket backlog to 10
|
2008-07-30 14:17:05 +00:00 |
Martin Willi
|
f0a8fa25ba
|
using a entry cache for duplicate checks, avoids deadlocks
|
2008-07-30 14:15:08 +00:00 |
Martin Willi
|
7a4ad866b0
|
use condvar broadcasts to signal threads waiting for an IP, there might be more than one
|
2008-07-30 13:19:12 +00:00 |
Martin Willi
|
38a8e39739
|
using shared read locks in credential set enumerators to avoid deadlocks
|
2008-07-30 11:38:44 +00:00 |
Martin Willi
|
21632b76e0
|
added strongswan.conf option "charon.dos_protection" to disable cookies/aggressiveness check
|
2008-07-30 08:27:08 +00:00 |
Andreas Steffen
|
98ba96f185
|
demoted IKE state change output to debug level 2
|
2008-07-28 14:01:45 +00:00 |
Andreas Steffen
|
3fd9c75717
|
ignore AUTH_LIFETIME value if reauthentication has already been scheduled earlier
|
2008-07-28 13:53:04 +00:00 |
Martin Willi
|
7c04589335
|
use XFRM_MSG_UPDPOLICY for existing policies only
|
2008-07-28 08:29:04 +00:00 |
Martin Willi
|
6ef70d2109
|
added tests.h to distribution
|
2008-07-24 12:48:36 +00:00 |
Martin Willi
|
b6bf863459
|
fixed UCI thread cancellation on ARM
|
2008-07-24 08:52:12 +00:00 |
Martin Willi
|
3bc5a137cb
|
added option charon.plugins.sql.lease_history to disable lease history logging
|
2008-07-24 08:28:45 +00:00 |
Martin Willi
|
875a8326b3
|
fixed statistic calcuation for static leases
|
2008-07-24 08:21:55 +00:00 |
Andreas Steffen
|
f6facbe75c
|
completed IKE_SA logging at the AUDIT level
|
2008-07-23 18:46:34 +00:00 |
Martin Willi
|
a01ad99341
|
fixed pool statistics
|
2008-07-23 13:56:07 +00:00 |
Andreas Steffen
|
6410231335
|
IKE_SA rekeying inherits other_host from old IKE_SA
|
2008-07-23 07:44:26 +00:00 |
Andreas Steffen
|
0eede4a31f
|
cosmetics
|
2008-07-23 06:38:24 +00:00 |
Andreas Steffen
|
51c8f8261f
|
some more changes to IKE_SA and CHILD_SA logging
|
2008-07-22 17:10:10 +00:00 |
Martin Willi
|
f7198e7e8c
|
experimental and untested reimplementation of sql based IP pool
uses address preallocation and separate address/lease tables for linear lookup time
|
2008-07-22 14:56:15 +00:00 |
Andreas Steffen
|
32f5ee159e
|
cosmetics
|
2008-07-22 12:13:48 +00:00 |
Andreas Steffen
|
66da78b4bb
|
ipsec status lists IPCOMP CPIs
|
2008-07-22 12:03:58 +00:00 |
Andreas Steffen
|
c3967e779e
|
own CPI was not deleted due to copy-and-paste error
|
2008-07-22 10:53:56 +00:00 |
Andreas Steffen
|
eba7470b76
|
consistent logging of SPIs and CPIs
|
2008-07-22 10:16:45 +00:00 |
Andreas Steffen
|
7db7d06e28
|
missing FETCH_END caused SEGFAULT in ikev2/rw-hash-and-url scenario
|
2008-07-22 06:24:00 +00:00 |
Andreas Steffen
|
af18c84ffb
|
display protoport in dynamic/32 traffic selectors
|
2008-07-21 19:08:03 +00:00 |
Martin Willi
|
ee93541783
|
fixed bus args copy on non i386 archs
|
2008-07-21 14:23:43 +00:00 |
Andreas Steffen
|
fb34475b5c
|
consistent logging of IKE and CHILD SAs
|
2008-07-21 12:47:59 +00:00 |
Martin Willi
|
0a625fde3e
|
pool performance testing
|
2008-07-21 11:17:20 +00:00 |
Martin Willi
|
6b64fe2684
|
loading unit-tester plugin as the last one
|
2008-07-21 11:16:07 +00:00 |
Martin Willi
|
c7314e68ab
|
reverted bus to non-recursive mutex due instability
|
2008-07-21 11:15:16 +00:00 |
Martin Willi
|
a4a3e0c7dc
|
introduced an additional bus->signal parameter for signal specific data
added SIG_IKE/SIG_CHD macros for signal emitting
|
2008-07-18 15:51:40 +00:00 |
Martin Willi
|
a98793adfe
|
allow but filter recursive listener invocation
|
2008-07-18 11:05:01 +00:00 |
Martin Willi
|
12b1c1a1bc
|
extended UCI plugin by a simple control interface using a fifo
|
2008-07-18 10:34:44 +00:00 |
Martin Willi
|
bd07b59079
|
avoid heap allocation in bus->signal for performance reasons
|
2008-07-17 11:45:58 +00:00 |
Martin Willi
|
5353f22ed7
|
fixed potential segfault in resolve_hosts
|
2008-07-17 11:06:31 +00:00 |
Martin Willi
|
d61d1913e1
|
ignore IPCOMP acquires, fixes additional CHILD_SA setup with acquired SAs using compression
|
2008-07-17 08:25:34 +00:00 |
Martin Willi
|
7ca49551c8
|
do not distinguish different policy protocols in userland cache
|
2008-07-16 12:33:19 +00:00 |
Martin Willi
|
7b9e1ff0fd
|
do not complain about existing routes
|
2008-07-16 12:30:47 +00:00 |
Martin Willi
|
7beea2e99f
|
fixed acquire-delay bug by:
installing policies before states
updating policies if protocol has changed
|
2008-07-16 11:51:37 +00:00 |
Andreas Steffen
|
326bfd0450
|
set XFRM_STATE_AF_UNSPEC flag only in IPsec tunnel mode
|
2008-07-15 21:35:55 +00:00 |
Andreas Steffen
|
eb0cc33886
|
The XFRM_STATE_AF_UNSPEC flag added to xfrm.h allows IPv4-over-IPv6 and IPv6-over-IPv6 tunnels with the 2.6.26 and later Linux kernels
|
2008-07-15 15:28:00 +00:00 |
Martin Willi
|
ef3f717bfe
|
reverted [4125],[4166], reimplemented the proper way
|
2008-07-11 08:54:56 +00:00 |
Martin Willi
|
6b5d95919c
|
setting ike_sa on bus in checkout_new
|
2008-07-11 08:47:18 +00:00 |
Andreas Steffen
|
858a9fd584
|
update_peerid() does not accept %any as a certificate's subjectAltName
|
2008-07-09 22:13:39 +00:00 |
Martin Willi
|
e7991a2eef
|
do a route lookup to allow routing of left=%any connections
|
2008-07-09 14:16:19 +00:00 |
Andreas Steffen
|
2c258d7373
|
ipsec statusall displays dpd options
|
2008-07-02 10:48:57 +00:00 |
Martin Willi
|
4a231f1a2e
|
changed medcli settings keys
|
2008-07-02 09:02:38 +00:00 |
Martin Willi
|
d932435e18
|
sql plugin supports a list of pools to fall back, specified by e.g. rightsourceip=%pool1,pool2
|
2008-07-02 08:31:48 +00:00 |
Martin Willi
|
fca4d3ee03
|
implementation of a simple "token enumerator"
|
2008-07-02 08:09:07 +00:00 |