Tobias Brunner
7240914955
Use eap_vendor_type_from_string() in stroke
2012-08-31 11:40:28 +02:00
Tobias Brunner
db409006e4
Function added that parses EAP method strings ([eap-]type[-vendor])
2012-08-31 11:40:28 +02:00
Tobias Brunner
576490ab09
Added method to enumerate EAP types contained in an EAP-Nak
2012-08-31 11:40:28 +02:00
Tobias Brunner
cc4eec56f7
Encode EAP-Naks in expanded format if we got an expanded type request
...
Since methods defined by the IETF (vendor ID 0) could also be encoded in
expanded type format the previous check was insufficient.
2012-08-31 11:40:27 +02:00
Tobias Brunner
78e8dca94f
Allow clients to request a configured EAP method via EAP-Nak
2012-08-31 11:40:27 +02:00
Tobias Brunner
34742f1bf8
Virtual EAP methods handle EAP-Naks themselves
2012-08-31 11:40:27 +02:00
Tobias Brunner
af04233e14
Send EAP-Nak with supported types if requested type is unsupported
2012-08-31 11:40:27 +02:00
Tobias Brunner
7cad171da8
Filter invalid EAP authentication types when enumerating them
...
Valid authentication types defined by the IETF are 4-253 and 255.
2012-08-31 11:37:45 +02:00
Tobias Brunner
eae5616ae6
Move our pseudo EAP types out of the range of valid EAP methods
2012-08-31 11:31:48 +02:00
Tobias Brunner
078755d099
Added a method to enumerate registered EAP methods
2012-08-21 16:48:47 +02:00
Martin Willi
f26796deb5
Remove unused src/dst variables in send_no_marker()
2012-08-21 09:34:32 +02:00
Andreas Steffen
ba922f99cb
use pen_type_t for attribute request entries
2012-08-21 00:22:02 +02:00
Andreas Steffen
dbb7859f9f
define pen_type_t as a vendor-specific type
2012-08-20 22:37:08 +02:00
Martin Willi
88a5abf5e2
Don't use POSIX semaphores if a MONOTONIC clock is available
...
POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction
expects CLOCK_MONOTONIC based times. Use the mutex/condvar based
fallback if time_monotonic() actuall returns monotonic times.
2012-08-20 18:01:20 +02:00
Martin Willi
10bdc7a968
Remove the unused second IKE_SA entry match function argument
...
LLVMs clang complains about this parameter, so remove it.
2012-08-20 17:42:14 +02:00
Martin Willi
907d3d0f1d
Add a mutex/condvar based semaphore implementation if sem_timedwait is unavailable
...
Fixes #214 .
2012-08-20 17:20:26 +02:00
Andreas Steffen
f39b3915cd
added IBM and OpenPTS Private Enterprise Numbers
2012-08-20 15:02:25 +02:00
Adrian-Ken Rueegsegger
acf27437cd
Add keymat_t constructor registration function
...
Using the register_constructor function enables custom keymat_t
implementations per IKE version. If no constructor is registered the
default behavior is preserved.
2012-08-20 13:02:47 +02:00
Andreas Steffen
0810286269
fixed caption
2012-08-20 12:56:13 +02:00
Andreas Steffen
c60310e62c
implemented IETF Attribute Request attribute
2012-08-20 12:27:14 +02:00
Andreas Steffen
5ff8309889
version bump to 5.0.1dr3
2012-08-20 12:25:53 +02:00
Tobias Brunner
3570c43968
openssl: Fix registration of the PUBKEY builder
...
libtls drops support for RSA suites if it does not find an RSA backend
(final builder for RSA public keys).
2012-08-18 17:49:57 +02:00
Tobias Brunner
ef73bb52b1
Without the ties to PAM we can build eap-gtc on Android
2012-08-17 14:24:48 +02:00
Tobias Brunner
ba27bf2af0
CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc plugin
2012-08-17 14:24:48 +02:00
Tobias Brunner
113d2a6b99
Removed manual EAP method registration in eap-gtc plugin
2012-08-17 14:24:37 +02:00
Tobias Brunner
91c0e0e3d9
Enable build of eap-tls, eap-ttls and eap-peap on Android
2012-08-17 13:55:44 +02:00
Tobias Brunner
7ab348370c
Add a wrapper around vstr_add_fmt() to avoid having to link libcharon against libvstr
...
At least on Android the latter would be required.
2012-08-17 11:47:52 +02:00
Tobias Brunner
21d8392041
starter: Restore original config in case also= is used (which reads the same values)
2012-08-16 16:45:11 +02:00
Tobias Brunner
31a0e24b0f
Increased log level when listing interfaces and IP addresses during startup
...
This avoids confusing log messages in starter and ipsec statusall
already lists the available addresses anyway.
2012-08-16 16:14:15 +02:00
Tobias Brunner
71b89d6722
Only load kernel plugins in starter when flushing SAD/SPD entries
...
This avoids keeping the kernel sockets open when they are not actually
needed, which could lead to resource problems (in particular with PF_KEY
where all open sockets receive all messages).
Fixes #217 .
2012-08-16 16:14:15 +02:00
Tobias Brunner
aaefeafb49
Enable UDP decapsulation for both address families
...
Since the 3.5 Linux kernel both UDP implementations have a separate static
flag to indicate whether ANY sockets enabled UDP decapsulation.
As we only ever enabled it for one address family (in earlier versions IPv4
only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation
wouldn't work anymore (at least for one address family).
2012-08-16 15:26:37 +02:00
Tobias Brunner
11b514bff6
Correctly transmit EAP-MSCHAPv2 user name if it contains a domain part
2012-08-16 10:03:49 +02:00
Andreas Steffen
b8a4135dcb
fall through to evidence measurements if no file measurements must be done
2012-08-16 09:15:36 +02:00
Andreas Steffen
81fbbc5381
upgraded to Ubuntu 12.04.1 LTS
2012-08-16 09:14:46 +02:00
Andreas Steffen
52c0f181d4
added deletion of product/file entries to usage
2012-08-16 09:14:13 +02:00
Tobias Brunner
f0b8d8c2c4
New Android release after adding error dialog
...
Skipped one version due to a rebasing mishap.
2012-08-15 11:23:06 +02:00
Tobias Brunner
8df118f733
Show an error message if VPN is not supported
...
Some devices have Android 4 installed but the system images still seem to
lack the components that are required for VPN support. One such
component is the dialog used to grant permission to create .
2012-08-15 11:19:43 +02:00
Tobias Brunner
c8d0c3b03d
Enable search for certificate lists (via SearchView in ActionBar)
2012-08-14 12:01:41 +02:00
Tobias Brunner
4db2d6336e
Added new UI to select a specific CA certificate
...
With this change there is no need to wait for all certificates being loaded
anymore (this happens only when the user opens the selection activity).
2012-08-14 12:01:41 +02:00
Tobias Brunner
cb431e12da
Don't try to save profile ID if there is none
2012-08-14 12:01:41 +02:00
Tobias Brunner
7546735fec
List fragment for trusted certificates can notify listeners about clicks
2012-08-14 12:01:41 +02:00
Tobias Brunner
b0b0eac6eb
Added an activity that shows lists of CA certificates in two tabs
2012-08-14 12:01:41 +02:00
Tobias Brunner
caf85c872f
Added a ListFragment that lists trusted certificates (loaded via a custom Loader)
2012-08-14 12:01:41 +02:00
Tobias Brunner
db8bea8311
Changed TrustedCertificateAdapter for use with ListViews and TrustedCertificateEntry
2012-08-14 12:01:41 +02:00
Tobias Brunner
af46e950b1
Remove certificate spinner from edit view
2012-08-14 12:01:41 +02:00
Tobias Brunner
f075536ebe
Function to get only system-wide CA certificates added to TrustedCertificateManager
2012-08-14 12:01:40 +02:00
Tobias Brunner
2dc8998419
Added class to store trusted certificate entries for lists
2012-08-14 12:01:40 +02:00
Andreas Steffen
17f806d8d0
fixed Makefile for libstrongswan dev headers
2012-08-14 10:21:28 +02:00
Andreas Steffen
81d7e9bbaf
version bump to 5.0.1dr2
2012-08-14 10:05:57 +02:00
Andreas Steffen
8b865d3b7a
skip boot aggregate check against database
2012-08-14 10:05:57 +02:00