ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
11,758 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

2452 Commits

Author SHA1 Message Date
Andreas Steffen 7bda0f0c8b Added tzset memory leak to whitelist 2013-08-28 22:51:17 +02:00
Tobias Brunner f0c54e8c15 chunk: Print chunks without separator if + modifier is used 2013-08-24 16:22:51 +02:00
Tobias Brunner 32a145fdbd utils: Add case-insensitive version of strpfx() 2013-08-24 16:22:51 +02:00
Martin Willi a24515c515 backtrace: rename clone() method clashing with system call 
Fixes #376.
 2013-08-09 09:13:39 +02:00
Tobias Brunner ed0efaef4c host: Properly initialize struct sockaddr_in[6] when parsing strings 
Otherwise struct members like sin6_flowinfo or sin6_scope_id might be
set to bogus values.
 2013-07-31 22:16:58 +02:00
Tobias Brunner b3393c88c1 asn1: Fix handling of invalid ASN.1 length in is_asn1() 
Fixes CVE-2013-5018.
 2013-07-31 22:16:58 +02:00
Martin Willi 83a0b74da8 keychain: be less verbose when loading certificates 2013-07-31 11:41:16 +02:00
Martin Willi 84044f9c73 utils: add round_up/down() helper functions 2013-07-29 09:00:48 +02:00
Tobias Brunner 1f2d9c7688 watcher: Made notify array initialization compatible with older GCC versions 2013-07-25 16:57:42 +02:00
Tobias Brunner ebb4ad1baa unit-tests: Add additional tests for host_t 2013-07-25 11:28:26 +02:00
Tobias Brunner 116363e5c6 array: Number of items in get_size() is unsigned 
Otherwise, array->esize is promoted to int and if array->esize * num
results in a value > 0x7fffffff the return value would be incorrect due
the implicit sign extension when getting cast to size_t.
 2013-07-25 11:28:01 +02:00
Tobias Brunner d7dc4fedd1 stream: Ensure UNIX socket path is null terminated 2013-07-24 16:17:23 +02:00
Tobias Brunner cfca183d55 pkcs5: Add missing break statements when checking crypto primitives 2013-07-24 16:17:22 +02:00
Tobias Brunner 5baec6448d unit-tests: Add test for host_create_netmask() 2013-07-24 16:17:21 +02:00
Tobias Brunner 6e2ec33f9d host: Prevent overflow in host_create_netmask() if mask is 0 or 32/128 2013-07-24 16:17:03 +02:00
Tobias Brunner cfdd23b967 capabilities: Proper error handling when reading groups 2013-07-24 10:54:26 +02:00
Martin Willi dcd5129c25 processor: force synchronous execute_job() if set_threads(0) has been called 
During daemon shutdown, some idle threads might be lingering around even if
set_threads(0) already has been called. To avoid any races, we enforce
synchronous execution of the job.
 2013-07-19 15:30:22 +02:00
Tobias Brunner 8f1b44b40c keychain: Use AM_CPPFLAGS instead of INCLUDES 2013-07-19 09:01:39 +02:00
Tobias Brunner 0ceb288815 Fix various API doc issues and typos 
Partially based on an old patch by Adrian-Ken Rueegsegger.
 2013-07-18 18:30:36 +02:00
Martin Willi cb6c4e0430 identification: parse identities having a "@@" prefix as ID_RFC822_ADDR 
Original patch by Gerald Richter.
 2013-07-18 16:45:10 +02:00
Martin Willi b4b3959b22 stream-service: move CAP_CHOWN check from plugins to service constructor 
A plugin service can be a TCP socket now, so it does not make much sense
to strictly check for CAP_CHOWN.
 2013-07-18 16:00:31 +02:00
Martin Willi 1897dd730f processor: remove the now unused get_threads() method again 2013-07-18 16:00:31 +02:00
Martin Willi ea009869e9 watcher: use processors new execute_job() to notify FDs 
Just queueing is problematic, as all threads might be busy waiting for events
that the queued (but never executed) job delivers.
 2013-07-18 16:00:31 +02:00
Martin Willi 6653e6c13e processor: add an execute_job() method to directly execute an important job 
If all worker threads are busy and waiting for an event, we must ensure that
a job delivering that event gets executed. This new method has this property
for CRITICAL jobs, using a worker if we have one, but executing the job directly
if not.
 2013-07-18 16:00:31 +02:00
Martin Willi 55240835b0 watcher: properly support multiple watch callback types for the same FD 2013-07-18 16:00:31 +02:00
Martin Willi d0c25a3f23 watcher: read multiple notifications if available 
Use non-blocking I/O on the read end of the notify pipe. This also makes sure
the read does not block should select() signal data while there is none.
 2013-07-18 16:00:31 +02:00
Martin Willi 4d7a762871 credmgr: introduce a hook function to catch trust chain validation errors 2013-07-18 16:00:30 +02:00
Martin Willi 4701929266 stream: allow async read/write callback to destroy the stream explicitly 2013-07-18 16:00:29 +02:00
Martin Willi c9d1742b5d stream: don't close underlying socket when creating a stream from it 2013-07-18 16:00:29 +02:00
Martin Willi 58d0dadddc watcher: add some debugging statements 2013-07-18 16:00:29 +02:00
Martin Willi 91a2ae644c watcher: if the processor has no threads, execute the job with watcher thread 
This is important during shutdown, where we might need to signal some FDs while
all idle threads are gone already.
 2013-07-18 16:00:29 +02:00
Martin Willi 50720d7ce9 processor: add a getter for the threads passed to set_threads() 2013-07-18 16:00:29 +02:00
Martin Willi a0e3a7363f watcher: unregister a watcher FD if its thread gets cancelled 2013-07-18 16:00:29 +02:00
Martin Willi a558ba16f3 watcher: release threads waiting in remove() when watcher thread gets cancelled 
During daemon shutdown, users might call remove() after processor.set_threads(0)
has been called. This gets problematic, as a watch event might be unable
to signal completion when no threads are available anymore. Work around this
issue by cancelling waiters once processor.cancel() has been called.
 2013-07-18 16:00:29 +02:00
Martin Willi e6e8a2b2e0 stream: support keeping the service alive outside of service callback 2013-07-18 16:00:28 +02:00
Martin Willi d57b9e7c82 stream: add read/write_all() methods to stream 2013-07-18 16:00:28 +02:00
Martin Willi 1d1ef9e7ca stream: support cancellation of stream service callback 2013-07-18 16:00:28 +02:00
Martin Willi 047a190600 stream: use a service constructor to create services 
It does not make much sense to reference running services in the manager,
especially as unregistration would need the URI (which a user would have to
store instead of the service reference).
 2013-07-18 16:00:28 +02:00
Martin Willi fbdc65debb stream: replace print/vprint() convenience functions by a FILE* getter 
While this will complicate the implementation of streams not based on a fd,
it allows us to unleash the full power of FILE based convenience functions.
 2013-07-18 16:00:28 +02:00
Martin Willi 70d1ccec96 stream: add a concurrency option to services, limiting parallel callbacks 2013-07-18 16:00:28 +02:00
Martin Willi db0e160ba2 stream: add a job priority option to stream services 2013-07-18 16:00:28 +02:00
Martin Willi 441bb9e7b7 stream: add backlog option to stream services, forward to listen() 2013-07-18 16:00:28 +02:00
Martin Willi c5597a4b56 stream: add support for TCP stream services 2013-07-18 16:00:28 +02:00
Martin Willi db1c8aa460 stream: add support for TCP streams 2013-07-18 16:00:28 +02:00
Martin Willi f04746d9b4 stream: add support for UNIX stream services 2013-07-18 16:00:28 +02:00
Martin Willi b785cfe05b stream: add support for UNIX streams 2013-07-18 16:00:28 +02:00
Martin Willi c1fd8c22ce stream: support async operation using watcher 2013-07-18 16:00:28 +02:00
Martin Willi 7a23588195 stream: add printf()-style covenience functions 2013-07-18 16:00:28 +02:00
Martin Willi 2ba276017d stream: create library instance of stream-manager 2013-07-18 16:00:28 +02:00
Martin Willi d6ff53940f stream: add a manager to dynamically register streams and services 2013-07-18 16:00:28 +02:00