ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
11,403 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

56 Commits

Author SHA1 Message Date
Tobias Brunner a2eb581781 capabilities: Move global capabilities_t instance to libstrongswan 2013-06-25 17:16:32 +02:00
Martin Willi bc1c92c9e9 Strictly memwipe_check() for magic only in the affected buffer 
Passing back the buffer address we memwipe() is not ideal, as it could, in
theory, change the behavior of the compiler and not-optimize memwipe(). But
as checking a larger stack is very difficult for different architectures
and compilers, we do it nonetheless for now.
 2013-06-05 15:02:18 +02:00
Martin Willi 9312fbc73d In memwipe_check(), don't put magic on stack when calling do_magic() 
Otherwise the magic might be on the stack while checking it.
 2013-05-03 14:17:37 +02:00
Martin Willi 1657b4ef26 Dump stack if memwipe() check fails 2013-05-03 11:41:51 +02:00
Martin Willi e6ba688a35 During libstrongswan initialization, check if memwipe() works as expected 2013-04-18 13:05:37 +02:00
Reto Guadagnini b1505b345b Added manager for DNS resolvers 2013-02-19 11:57:21 +01:00
Martin Willi 1e5e1fb685 libstrongswan can be initialized more than once 2012-11-14 10:14:31 +01:00
Tobias Brunner f05b427265 Moved debug.[ch] to utils folder 2012-10-24 16:00:51 +02:00
Tobias Brunner 12642a6831 Moved data structures to new collections subfolder 2012-10-24 16:00:49 +02:00
Tobias Brunner 2e7cc07ecd Moved host_t and host_resolver_t to a new networking subfolder 2012-10-24 15:06:18 +02:00
Tobias Brunner b4f6c39e55 Terminate unused resolver threads after a timeout 2012-10-18 12:26:00 +02:00
Tobias Brunner 292d8f41c3 Resolve hosts by DNS name in separate threads so we can cancel them 
getaddrinfo(3) may block a long time so proper termination of the daemon may
block if DNS servers are not reachable.

getaddrinfo(3) is an optional cancellation point in posix threads so it
might still block a shutdown but at least on Android (with the signal based
pthread_cancel implementation) it works, on Linux starter will kill charon
anyway after a while.
 2012-10-18 10:57:55 +02:00
Tobias Brunner 4c57c63062 Added possibility to register custom proposal keywords 
Keyword lookup and registration are handled via the new lib->proposal object.
 2012-09-13 15:44:46 +02:00
Martin Willi 4c6c934635 With --enable-bfd-backtraces, use binutils libbfd to resolve backtraces 
The invocation of addr2line to resolve backtrace source locations
is slow and cumbersome. When using libbfd directly, we can eliminate
the overhead of the process invocation. Even better, we can cache
library symbol names, bringing wicked fast lookups. As a neat bonus,
we can resolve static function names.
 2012-07-13 13:23:29 +02:00
Tobias Brunner a5951a2861 Make sure the certificate cache is flushed when plugins are unloaded. 
This avoids segmentation faults when plugins implementing cert_t are
already unloaded when the cache is flushed during destruction.
 2011-12-15 12:20:09 +01:00
Tobias Brunner 8fde0b669b Destroy objects hashtable after plugin_manager. 
If plugins are not explicitly unloaded before library_deinit is called
there could have been a segfault because some plugins might unregister
objects during unloading/destruction.
 2011-10-26 17:39:12 +02:00
Martin Willi 2ce569cc35 Provide generic object registration by name on libstrongswan 2011-08-08 13:19:02 +02:00
Tobias Brunner 60d62b9e5c Don't install the libraries directly in lib/. 
Instead use a subdirectory (prefix/lib/ipsec by default). Also moved the
plugins from libexec to a subdirectory of that dir.
 2011-07-05 14:42:14 +02:00
Martin Willi f37e8252a3 Make leak detective public 2011-05-16 15:22:21 +02:00
Tobias Brunner e18556e9e9 Moved scheduler and thread pool to libstrongswan. 2010-09-02 19:04:18 +02:00
Martin Willi da9724e6d0 Renamed key_encod{ing,der}_t and constants, prepare for generic credential encoding 2010-07-13 11:29:35 +02:00
Martin Willi 2ccc02a4fd Moved credential manager to libstrongswan 2010-07-13 10:26:07 +02:00
Martin Willi 5493ffde0b traffic_selector_t is gone into libstrongswan, migrate printf hook registration, too. 2010-06-07 15:06:09 +02:00
Martin Willi 091d178060 Option to skip slow addr2line resolution in leak-detective 2010-05-20 17:37:18 +02:00
Tobias Brunner 8b0e09103b Adding DBG_LIB to all calls of libstrongswan's version of DBG*. 2010-04-06 12:47:40 +02:00
Tobias Brunner 567d3f1463 Attributes moved from libstrongswan to libhydra. 
The attribute_manager_t instance is now located on the new hydra object
instead of the lib object.
 2010-03-24 18:53:10 +01:00
Tobias Brunner fac3bfa5cd Fixing some includes by replacing <> with "". 
I changed only the includes needed to fix the build on Android, which has an utils.h system header file, but we should probably change all the local includes in libstrongswan to "" and relative paths.
 2010-03-02 10:38:58 +01:00
Tobias Brunner 4a5a5dd290 Using the thread wrapper in charon, libstrongswan and their plugins. 2009-12-23 17:03:41 +01:00
Andreas Steffen 930443afff moved attribute_manager to libstrongswan 2009-10-13 13:46:27 +02:00
Martin Willi 7daf5226b7 removed trailing spaces ([[:space:]]+$) 2009-09-04 13:46:09 +02:00
Martin Willi d9b24887a4 added a facility to hand out fingerprinting/key encoding to the pkcs1/pgp/... plugins 2009-08-26 11:23:51 +02:00
Martin Willi acd4afc997 announce integrity testing only once 2009-07-21 14:58:14 +02:00
Martin Willi cfe508d911 indicate use if integrity testing at startup 2009-06-22 15:47:18 +02:00
Martin Willi bef508755b build integrity_checker.c only if --enable-integrity-test set 2009-06-22 15:47:17 +02:00
Martin Willi 6a8c8815fe check on-disk and loaded segment integrity of libstrongswan 2009-06-22 15:47:17 +02:00
Martin Willi a0fc89798a library initialization fails if libstrongswan checksum is invalid 2009-06-22 15:47:17 +02:00
Martin Willi 0179d4684a integrity checker accepts an option checksum library on construction 2009-06-22 15:47:17 +02:00
Martin Willi 059c479a2f check integrity of libstrongswan 2009-06-22 15:47:17 +02:00
Martin Willi 960e0c1040 check integrity of plugins before loading 2009-06-22 15:47:17 +02:00
Martin Willi 28a0728b67 make use of the crypto_tester in the crypto_factory 
libstrongswan.crypto.test.on_add to test algorithms during initialization
libstrongswan.crypto.test.on_create to test algorithms on each instantiation
 2009-06-11 15:55:48 +02:00
Tobias Brunner 8c5d72cd0b removing svn keyword $Id$ from all files 2009-04-30 13:19:35 +00:00
Tobias Brunner d24a74c5b4 merging changes from portability branch back to trunk 
important change for developers: %Y replaces %D to print identities!
 2009-04-30 11:37:54 +00:00
Tobias Brunner d25ce3701e printf hooks refactored to increase portability (i.e. support for platforms without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms). 2009-03-12 18:07:32 +00:00
Martin Willi e609b1cda2 capability API to allow plugin-controlled capability set 2008-08-28 16:27:48 +00:00
Martin Willi a9184df36b do not build leak_detective.o if not enabled 2008-04-04 11:38:16 +00:00
Martin Willi 552cc11b1f merged the modularization branch (credentials) back to trunk 2008-03-13 14:14:44 +00:00
Martin Willi ee61471113 implemented RFC4478 (repeated authentication) 
changed %V printf handler to take a time delta, %#V now takes two arguments
 2007-11-20 12:06:40 +00:00
Andreas Steffen 203e15fe03 fixed delta time format: 2 seconds, 1 second, 0 seconds 2007-03-28 05:37:20 +00:00
Martin Willi f27f6296e6 merged EAP framework from branch into trunk 
includes a lot of other modifications
 2007-02-12 15:56:47 +00:00
Martin Willi 7006a51efc removed my time_t printf handler patch, applied the one of andreas (64bit save) 2007-02-08 15:22:21 +00:00