Tobias Brunner
5be3ceba7e
maemo: Package dependencies and descriptions changed.
2011-02-04 18:02:48 +01:00
Tobias Brunner
a6b7437b1f
maemo: Touch icon dir to trigger update event.
2011-02-04 18:02:48 +01:00
Tobias Brunner
56f57e5814
maemo: Listen for IKE_SA state changes insted of CHILD_SA state changes.
...
If the IKE_SA_INIT request fails, there is not yet a CHILD_SA that could
trigger state changes.
2011-02-04 18:02:48 +01:00
Tobias Brunner
a90891e6e3
maemo: Reload icons on icon theme change.
...
This is also needed during the installation because the applet might be
loaded before the icons are installed (or the icon cache is refreshed).
2011-02-04 18:02:48 +01:00
Tobias Brunner
25d7f059e2
maemo: Adding some missing files (required by automake).
2011-02-04 18:02:48 +01:00
Martin Willi
7e0eae4985
Replace hashtable key if a put operation replaces value
...
Fixes a crash if lifetime of key is bound to value (i.e. key == value)
2011-02-03 17:09:09 +01:00
Martin Willi
bf3e482141
Fix check to increase hashtable size properly
2011-02-03 17:08:53 +01:00
Martin Willi
b49d047bfc
Invoke the per-round authorize() hook before purging current auth info on IKE_SA
2011-02-03 17:08:39 +01:00
Martin Willi
4536e669a8
Filter out non-matching ike_cfg in backend manager, so backends don't have to
2011-02-03 10:12:16 +01:00
Andreas Steffen
3891b75628
disable INITIAL_CONTACT message by setting unigueids=no
2011-02-02 15:58:40 +01:00
Martin Willi
2b7686b5d8
Migrated ike_auth to INIT/METHOD macros, fixes missing initial_contact initialization
2011-02-02 15:13:39 +01:00
Martin Willi
fe79cd4257
Accept non-encrypted INFORMATIONALs for ME connectivity checks
2011-02-01 09:47:36 +01:00
Martin Willi
1d34612f07
Do not use destroyed rng/hasher if IKE_SA has been flush()ed
2011-02-01 09:25:55 +01:00
Martin Willi
a846bf06e8
Add missing AUTH_RULE for trusted self-signed peer certificates
2011-02-01 09:25:10 +01:00
Andreas Steffen
f808aa2c44
load constraints plugin in ikev2/multi-level-ca-pathlen scenario
2011-01-31 14:46:16 +01:00
Andreas Steffen
8b42864884
fixed checking of unknown critical extensions in openssl_x509
2011-01-31 14:37:48 +01:00
Andreas Steffen
ec9f8440f3
adapted some UML timings
2011-01-31 09:38:22 +01:00
Andreas Steffen
35c58deb67
move sleep into host start if statement
2011-01-31 08:18:34 +01:00
Andreas Steffen
36580b1614
fixed typo
2011-01-31 08:07:28 +01:00
Andreas Steffen
3ba7616d8f
added ikev2/rw-eap-tnc-dynamic scenario
2011-01-31 07:30:41 +01:00
Andreas Steffen
3ba4d12139
updated testing.conf UML configuration file
2011-01-31 05:47:39 +01:00
Andreas Steffen
b6a8cfab4b
additional UML configuration options
2011-01-31 05:47:05 +01:00
Andreas Steffen
ad061503b8
version bump to strongswan-4.5.1rc1
2011-01-31 05:39:17 +01:00
Andreas Steffen
5cdaafefc1
added tnccs_dynamic plugin and tnccs_11 refactoring to NEWS
2011-01-31 05:37:41 +01:00
Andreas Steffen
88e15afc8c
added comment to determine_tnccs_protocol() function
2011-01-31 05:31:22 +01:00
Andreas Steffen
f652995b21
implemented dynamic detection of TNCCS protocol
2011-01-31 00:59:17 +01:00
Martin Willi
5c89a00f05
Do not log potentially hundreds of cert requests for unknown CAs at level 1
2011-01-28 08:29:23 +01:00
Martin Willi
60b71def1a
Use wrapped threading functions in ha plugin
2011-01-20 15:52:29 +01:00
Martin Willi
44b6b8f9d5
Load load-tester plugin before kernel interfaces, fixes fake_kernel option
2011-01-19 16:43:00 +01:00
Martin Willi
8118707845
Increase tls_writer buffer by at least 4 bytes
2011-01-19 14:41:59 +01:00
Thomas Egerer
f2e2a40550
Fix potential use after free
2011-01-19 09:59:01 +01:00
Martin Willi
7cfa84f540
Whitelist gnutls init function
2011-01-17 18:20:12 +01:00
Martin Willi
2ca52c8048
Implemented an alternative HTTP fetcher based on libsoup
2011-01-17 18:20:06 +01:00
Martin Willi
a8a7a31700
Added simple fetcher tool to test fetcher implementations
2011-01-17 18:19:59 +01:00
Martin Willi
b94feb4b05
backtrace->contains_function takes multiple names, speeding up whitelist check drastically
2011-01-17 18:19:44 +01:00
Martin Willi
ec8426a349
Add some common glib non-leaks to whitelist
2011-01-17 18:19:36 +01:00
Martin Willi
c4048cd61f
Add missing va_end to va_start in curl_fetcher
2011-01-17 18:19:17 +01:00
Martin Willi
d27a8e5011
Do not pass an enum type to va_arg
2011-01-17 18:18:58 +01:00
Martin Willi
ff5538e5c0
Use newer Linux capability native API, if available
2011-01-17 18:18:21 +01:00
Martin Willi
2b52d5cb41
Do not install config files with user/group, as it might not exist on build machine
2011-01-17 18:08:17 +01:00
Martin Willi
64e06d4f8f
Compare ending address in ts->equals, fixes redundant traffic selector elimination
2011-01-14 13:24:08 +01:00
Martin Willi
983a5e88d3
Revert "Send INITIAL_CONTACT even if we have a unique policy"
...
It makes sense to omit INITIAL_CONTACT if don't have a unique policy,
as a client might want to connect from different devices to the same
account.
This reverts commit 719c33b41a
.
2011-01-13 10:50:46 +01:00
Martin Willi
9bac426bf3
Fixed memory cleanup if no DHCP transaction found for an OFFER
2011-01-13 10:36:16 +01:00
Martin Willi
2082417df3
Force port update as responder when initiator switches to 4500 in IKE_AUTH
2011-01-12 14:37:15 +01:00
Martin Willi
8ba805f4db
Avoid variable name overloading
2011-01-12 14:37:09 +01:00
Andreas Steffen
213281de04
terminate TNCCS 1.1 connection after sending recommendation
2011-01-11 01:17:40 +01:00
Andreas Steffen
4c8e9708ca
fixed XML syntax for TNCCS-Recommendation messages
2011-01-11 01:17:40 +01:00
Andreas Steffen
59d1b15aea
implemented check_and_build_recommendation()
2011-01-11 01:17:40 +01:00
Andreas Steffen
21d96f44f7
correct numbering of batches
2011-01-11 01:17:40 +01:00
Andreas Steffen
8d0d0f0fe9
initialize the reference count correctly
2011-01-11 01:17:40 +01:00