Andreas Steffen
6c5873d448
updated testing.conf for 5.0.0
2012-05-02 22:53:11 +02:00
Andreas Steffen
9fc69a0c81
two new options for 5.0.0 UML testing
2012-05-02 21:13:14 +02:00
Tobias Brunner
ed7186cbe1
NEWS about route reinstallation added.
2012-05-02 15:24:48 +02:00
Tobias Brunner
bc798c9ce8
Route reinstallation in kernel_ipsec_t implementations is not needed anymore.
2012-05-02 15:24:47 +02:00
Tobias Brunner
f834249c59
Reinstall routes in kernel-netlink plugin, if interfaces get reactivated or IPs reappear.
2012-05-02 15:24:47 +02:00
Tobias Brunner
74ba22c992
Keep track of installed source routes in kernel-netlink plugin.
2012-05-02 14:56:08 +02:00
Tobias Brunner
d55c240474
NEWS about bus_t refactorings added.
2012-05-02 14:45:38 +02:00
Tobias Brunner
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
Tobias Brunner
d724fcd624
Ensure that multi-line log messages are not torn apart.
2012-05-02 14:45:38 +02:00
Tobias Brunner
4d21000cf7
Added recursive read_lock support to our own implementation of rwlock_t.
2012-05-02 14:45:38 +02:00
Tobias Brunner
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
Tobias Brunner
f9f867899a
Use a separate list and mutex for loggers.
...
This avoids deadlocks caused by extensive listener_t implementations
which might want to acquire a lock which is currently held by another
thread wanting to log messages. Since the latter requires that thread
to acquire the same lock the initial thread currently holds this
previously resulted in a deadlock.
With this change logging messages does not require threads to acquire
the main lock in bus_t and thus avoids the deadlock.
2012-05-02 14:45:38 +02:00
Tobias Brunner
ecb5abd7fa
Fixed return value of controller_t functions if callback returns FALSE.
2012-05-02 14:45:38 +02:00
Tobias Brunner
052e0a17b8
Use wrapped semaphore in callback_job_t.
2012-05-02 14:45:38 +02:00
Tobias Brunner
aac20ec784
Removed remaining parts of controller_t.listen() implementation.
2012-05-02 14:45:38 +02:00
Tobias Brunner
a629513961
Remove obsolete bus_t.listen() method.
2012-05-02 14:45:38 +02:00
Tobias Brunner
5a073784e2
Implement wait_for_listener in controller_t with semaphores.
...
This eliminates even the slightest chance of a deadlock.
2012-05-02 14:45:37 +02:00
Tobias Brunner
8f6c13271c
Added a wrapper class around POSIX semaphores.
2012-05-02 14:45:37 +02:00
Tobias Brunner
b6e9c41861
Implement bus_t.listen() directly in controller_t (the only user).
...
This will hopefully allow us to later simplify bus_t.
2012-05-02 14:45:37 +02:00
Martin Willi
daab152afa
Add plugin features support to stroke plugin
2012-05-02 14:05:52 +02:00
Martin Willi
0c7af2ce27
Certificate decoding soft-depends on public key decoding of specific types
2012-05-02 14:05:52 +02:00
Martin Willi
4b5e637472
PEM loading plugin features depend on the same feature, they are helpers only
2012-05-02 14:05:52 +02:00
Martin Willi
f14bf6345f
Don't depend on a feature that has a dependency to the same feauture during unload
2012-05-02 14:05:52 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Martin Willi
f99d8b10c9
Added a dedicated sender flush method, delay sender destruction until users gone
2012-05-02 10:22:59 +02:00
Tobias Brunner
13de38e354
Documented strongswan.conf options for radattr plugin.
2012-05-01 13:32:43 +02:00
Andreas Steffen
552557a65d
add AUTH_RULE_SUBJECT_CERT for raw public keys
2012-04-30 13:40:48 +02:00
Andreas Steffen
6704d69f91
added missing whitespace
2012-04-30 11:42:09 +02:00
Tobias Brunner
88206458ce
Properly initialize optional subject in PEM builder.
2012-04-30 10:48:57 +02:00
Tobias Brunner
00d79edc20
Typo fixed.
2012-04-30 10:47:42 +02:00
Andreas Steffen
501c163859
version bump to 4.6.3
2012-04-30 09:48:21 +02:00
Andreas Steffen
3577ec76a5
output validity of raw public key if available
2012-04-30 09:47:34 +02:00
Andreas Steffen
fe23d9aaa4
ikev2/net2net-pubkey scenario does not need dnskey plugin
2012-04-30 07:02:08 +02:00
Andreas Steffen
86b79a5f6d
added ikev2/net2net-pubkey scenario
2012-04-30 00:33:18 +02:00
Andreas Steffen
7ea31a17ea
added ikev2/net2net-rsa scenario
2012-04-30 00:32:58 +02:00
Andreas Steffen
5f1931ada1
added support for raw RSA public keys to stroke
2012-04-30 00:31:42 +02:00
Andreas Steffen
2338b9f019
added ikev2/rw-eap-md5-id-prompt scenario
2012-04-29 19:10:25 +02:00
Martin Willi
8c35f5d460
Fixed Android null terminated password fixup in xauth-eap
2012-04-26 14:35:27 +02:00
Tobias Brunner
23cb8ba72b
Fixed null-pointer dereference in smp plugin.
2012-04-26 08:54:04 +02:00
Andreas Steffen
d2976167af
CERT_TRUSTED_PUBKEY stores notBefore, notAfter and subject information
2012-04-25 20:53:08 +02:00
Tobias Brunner
7d85bebc49
pluto: Fix for null-terminated XAuth secrets (as sent by Android 4).
2012-04-24 09:25:38 +02:00
Andreas Steffen
5ff8fe5d48
activated cmac plugin in UML test suites
2012-04-22 22:22:25 +02:00
Andreas Steffen
86e50bd614
isolate a TNC client if an error occurs
2012-04-22 20:24:59 +02:00
Andreas Steffen
6c97b16333
version bump to 4.6.3rc2
2012-04-22 17:41:20 +02:00
Andreas Steffen
3092bf1090
exit if TBOOT dummy measurements are not defined
2012-04-22 17:40:59 +02:00
Tobias Brunner
5895c2e948
Option added to set identifier for syslog(3) logging.
...
This identifier is added to each log message by syslog.
2012-04-20 09:26:12 +02:00
Tobias Brunner
7e84c4275c
Removed auth_cfg_t.replace_value() and replaced usages with add().
...
replace_value() was used to replace identities. Since for these the latest is
now returned by get(), adding the new identity with add() is sufficient.
2012-04-18 18:50:14 +02:00
Tobias Brunner
ebc1ffe451
Changed the order and semantics of rules we expect only once in auth_cfg_t.
...
These rules are now inserted at the front of the internal list, this
allows to retrieve the rule added last with get(). For other rules the
order in which they are added is maintained (this allows to properly
enumerate them).
2012-04-18 18:50:14 +02:00
Tobias Brunner
80067cf9e6
Store password with remote ID to tie it stronger to a specific connection.
2012-04-18 13:32:49 +02:00
Tobias Brunner
9f1b303afc
Added stroke user-creds command, to set username/password for a connection.
2012-04-17 14:20:58 +02:00