ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
9,049 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

640 Commits

Author SHA1 Message Date
Andreas Steffen 2ee11fd42d display (soft) same as (not loaded) 2012-05-03 11:54:56 +02:00
Martin Willi b24be29646 Merge branch 'ikev1' 
Conflicts:
	configure.in
	man/ipsec.conf.5.in
	src/libcharon/encoding/generator.c
	src/libcharon/encoding/payloads/notify_payload.c
	src/libcharon/encoding/payloads/notify_payload.h
	src/libcharon/encoding/payloads/payload.c
	src/libcharon/network/receiver.c
	src/libcharon/sa/authenticator.c
	src/libcharon/sa/authenticator.h
	src/libcharon/sa/ikev2/tasks/ike_init.c
	src/libcharon/sa/task_manager.c
	src/libstrongswan/credentials/auth_cfg.c
 2012-05-02 11:12:31 +02:00
Tobias Brunner 7d85bebc49 pluto: Fix for null-terminated XAuth secrets (as sent by Android 4). 2012-04-24 09:25:38 +02:00
Andreas Steffen 4626e49ad9 remove leading zero in ASN.1 encoded serial numbers 2012-04-05 09:04:11 +02:00
Tobias Brunner 008e2df477 pluto: Use time_monotonic() instead of a custom implementation. 2012-03-27 09:10:33 +02:00
Martin Willi b1f2f05c92 Merge branch 'ikev1-clean' into ikev1-master 
Conflicts:
	configure.in
	man/ipsec.conf.5.in
	src/libcharon/daemon.c
	src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
	src/libcharon/plugins/eap_radius/eap_radius_accounting.c
	src/libcharon/plugins/eap_radius/eap_radius_forward.c
	src/libcharon/plugins/farp/farp_listener.c
	src/libcharon/sa/ike_sa.c
	src/libcharon/sa/keymat.c
	src/libcharon/sa/task_manager.c
	src/libcharon/sa/trap_manager.c
	src/libstrongswan/plugins/x509/x509_cert.c
	src/libstrongswan/utils.h

Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
 2012-03-20 17:57:53 +01:00
Martin Willi 747f837cce Added a flag to register local credential sets exclusively, disabling all others 2012-03-20 17:31:28 +01:00
Andreas Steffen e4f554404e handle case where subject = NULL but keyid is set 2012-02-20 12:12:31 +01:00
Tobias Brunner 0f7d381cfe pluto: Print expiry time more properly. 2012-02-14 09:38:00 +01:00
Tobias Brunner 7efde9011e pluto: Drop support for legacy PSK format. 
Any line in ipsec.secrets starting with " or ' was treated as PSK
without ID selectors by pluto.  This prevented it from supporting DNs
like "C=CH, O=Linux strongSwan, OU=Sales, CN=alice@strongswan.org" as
ID selectors.

PSKs defined in this legacy format can easily be updated by changing

"thisIsASecret"

into

: PSK "thisIsASecret"
 2012-02-08 13:36:32 +01:00
Tobias Brunner f1ba06c1c6 Cache list of plugin names to further simplify its usage. 
Also helpful for ipsec statusall to avoid having to enumerate plugins.
 2012-01-19 12:37:42 +01:00
Tobias Brunner 576298a3ef Simplified logging of list of loaded plugins. 2012-01-19 11:56:03 +01:00
Tobias Brunner 2e0b478a01 Android 4 requires LOCAL_MODULE_TAGS to be set for all modules. 
Because all packages are now marked as optional executables that are to
be installed on the final system have to be added to PRODUCT_PACKAGES in
build/target/product/core.mk.  Dependencies (such as libraries) are
installed automatically.
 2012-01-12 19:18:35 +01:00
Tobias Brunner 190cd8a475 pluto: Use srand() to initialize the C library PRNG. 
Otherwise rekey and DPD times would always be the same after a restart.
 2012-01-04 13:19:29 +01:00
Tobias Brunner 70a4737690 pluto: Fixed expiration date test. 2011-12-23 15:32:06 +01:00
Tobias Brunner a5951a2861 Make sure the certificate cache is flushed when plugins are unloaded. 
This avoids segmentation faults when plugins implementing cert_t are
already unloaded when the cache is flushed during destruction.
 2011-12-15 12:20:09 +01:00
Tobias Brunner 4f775afda9 Added missing Android.mk files to distribution. 2011-11-22 18:31:12 +01:00
Tobias Brunner 54ce738920 pluto: Compile warning fixed. 2011-10-27 15:42:44 +02:00
Tobias Brunner 3b8ed73708 pluto: plugin_list.* added to Android.mk. 2011-10-27 15:42:10 +02:00
Andreas Steffen 473c477978 added listplugins support to pluto and whack 2011-10-26 10:31:48 +02:00
Tobias Brunner 21cb6cffb1 pluto: Log to logcat on Android. 2011-10-18 15:03:19 +02:00
Tobias Brunner a8256f0bda pluto: CAP_NET_RAW seems to be required on Android even to open regular sockets. 2011-10-18 11:52:43 +02:00
Tobias Brunner bdbbab35b1 pluto: Switch to user 'vpn' on Android. 2011-10-18 11:36:52 +02:00
Tobias Brunner b9307badfe pluto: Removed last usage of KERNEL26_SUPPORT (and some KLIPS stuff). 
Because linux is not defined on Android this caused trouble.
 2011-10-18 10:30:26 +02:00
Tobias Brunner 89294d8731 pluto: Missing flushline call added when reading ipsec.secrets. 2011-10-14 18:38:18 +02:00
Tobias Brunner e45fb76b60 pluto: Fixed usage of prctl. 2011-10-14 17:36:20 +02:00
Tobias Brunner 926ed7d647 pluto: Fixed include for control socket. 2011-10-14 17:36:20 +02:00
Tobias Brunner 345e5330b5 pluto: Added fallback to ipsec.secrets parser if glob(3) is not available. 2011-10-14 17:36:20 +02:00
Tobias Brunner 5108d9507d pluto: Include fixed. 2011-10-14 17:36:20 +02:00
Tobias Brunner d52c37790e pluto: Option added to disable adns. 
This basically disables opportunistic encryption.
 2011-10-14 17:36:20 +02:00
Tobias Brunner 2b9c3642e4 pluto: lwdnsq is not supported. 2011-10-14 17:36:20 +02:00
Martin Willi fa7c8338ca Plugin enumerator enumerates over loaded features, too 2011-10-14 10:05:44 +02:00
Tobias Brunner c27c9529b7 Enable XAUTH plugin on Android. 2011-10-13 18:39:01 +02:00
Tobias Brunner 9227a3b3fa Use separate plugin lists for pluto and charon on Android. 2011-10-13 18:34:43 +02:00
Tobias Brunner 4490804f13 Build pluto on Android. 
Does not fully compile.
 2011-10-13 18:29:36 +02:00
Tobias Brunner 21ee300d5c pluto: Handle SIGINT to terminate properly when run with --nofork in a console. 2011-09-28 13:57:59 +02:00
Tobias Brunner 192f714076 pluto: Check for processes with the PID stored in pluto.pid. 2011-09-28 13:57:59 +02:00
Tobias Brunner 19e12db79c pluto: Some whitespace cleanup. 2011-08-15 15:53:26 +02:00
Tobias Brunner fbedc6a45b Remove policies in kernel interfaces based on their priority. 
This allows to unroute a connection while the same connection is
currently established.  In this case both CHILD_SAs share the same
reqid but the installed policies have different priorities.
 2011-07-27 13:41:35 +02:00
Tobias Brunner f3bb1bd039 Fixed common misspellings. 
Mostly found by 'codespell'.
 2011-07-20 16:14:10 +02:00
Tobias Brunner 328f22e1d3 Add the reqid to kernel_ipsec_t.del_policy. 2011-07-06 09:43:45 +02:00
Tobias Brunner c74ece334d pluto: Made helper functions in event_queue static. 2011-05-24 19:23:45 +02:00
Thomas Egerer 59965aaf96 pluto: Securely wipe quick mode keys from memory. 
Keying material is derived in two separate steps for local and remote
endpoint. This allows us to securely wipe local/remote secrets
separately, too -- a precondition to wipe quick mode keys from memory in
a secure fashion.
 2011-05-10 15:39:00 +02:00
Thomas Egerer 9e6bb93ab9 pluto: Securely wipe sensitive data from memory. 2011-05-10 15:19:46 +02:00
Andreas Steffen 8af1e3606b fixed loop error in parsing of OCSP basic responses 2011-04-26 12:32:19 +02:00
Martin Willi 4778655726 Cast size_t len arguments to %.*s to int 2011-04-20 13:08:32 +02:00
Martin Willi 4876d4f3b3 Added an esn parameter to the kernel interface add_sa functions 2011-04-20 12:26:57 +02:00
Tobias Brunner 6e0c82141f pluto: Replaced some strcpy usages with strncpy. 2011-04-19 17:35:57 +02:00
Tobias Brunner 2653c08513 pluto: Make sure connection name is null-terminated during DPD restart. 2011-04-19 13:48:51 +02:00
Tobias Brunner 75cf0cc012 pluto: Clarified parsing of long durations. 2011-04-19 13:48:50 +02:00