7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
22bf44c8b9
Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, tasks etc.).
2012-05-18 10:04:08 +02:00
7959a3faec
Removed superfluous @param in bus.h.
2012-05-18 09:57:01 +02:00
7684ca2e8c
whitelist: Make sure listed IDs are null-terminated.
2012-05-18 09:57:01 +02:00
5c162dd944
List registered nonce generators in statusall output.
2012-05-18 08:15:41 +02:00
afaf1bdf5e
Use nonce_gen instead of rng to generate nonces
...
Replace usage of rng plugin with nonce generator to create nonces in
IKE_INIT, CHILD_CREATE and QUICK_MODE tasks and the IKEv1 phase 1 helper.
2012-05-18 08:15:41 +02:00
5338fe5e79
Add create_nonce_gen function to keymat interface
...
This function returns a nonce generator object.
2012-05-18 08:15:41 +02:00
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
24742c0f83
Moved IKEv1 DPD processing to task manager, fix sequence issues
2012-05-15 17:00:12 +02:00
b7dafb3f5b
Consider inbound ESP as a sign of liveness for DPD timeout
2012-05-15 14:58:28 +02:00
4b38c22c00
Schedule a DPD timeout job that enforces the IKE message timeout policy
2012-05-15 14:46:02 +02:00
ebf829f2eb
Send unanswered follow up R_U_THERE messages with the same DPD seq
2012-05-15 14:46:02 +02:00
57a8418c88
Do not send IKEv1 DPD retransmit, but create a new INFORMATIONAL
2012-05-15 14:46:02 +02:00
b3089ab74c
Free name of application using libcharon.
2012-05-15 11:37:07 +02:00
29b56078ea
Register load-tester faked kernel interface before other kernel interfaces
2012-05-14 13:21:35 +02:00
d4078ca796
Load tester can enforce a local IP to use
2012-05-14 10:03:05 +02:00
d684242510
Add plugin features support to load-tester plugin
2012-05-14 09:52:53 +02:00
5de5b04ce4
Fixed #include in tnc-ifmap plugin.
2012-05-07 11:22:51 +02:00
44bd9b48c8
allow private algorithms
2012-05-05 23:25:51 +02:00
4b797f464e
fixed mapping of IKEv1 algorithms
2012-05-05 23:25:34 +02:00
f7cd1cde70
vendor ID cosmetics
2012-05-05 18:13:05 +02:00
f66a14818e
inserted space
2012-05-05 15:51:24 +02:00
5f540fd39c
missing references to daemon.h
2012-05-05 11:36:38 +02:00
1e26235a0d
fixed feature dependencies for CERT_TRUSTED_PUBKEY
2012-05-05 08:54:36 +02:00
983c667481
Use proper getter for settings in sender and receiver.
2012-05-03 13:57:04 +02:00
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
18758e3d2e
Store the name of the binary using libcharon to enable specific settings.
2012-05-03 13:57:04 +02:00
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
94b48e071a
Provide plugin list from charon, not internally in libcharon.
2012-05-03 13:14:07 +02:00
2ee11fd42d
display (soft) same as (not loaded)
2012-05-03 11:54:56 +02:00
493c468d4d
charon is now an IKE daemon
2012-05-03 11:49:30 +02:00
c9931135d1
stroke plugin sdepends on building CERT_ANY certificates
2012-05-03 11:07:21 +02:00
088020fbac
Updated Android.mk for 5.0 (no IKEv1 support yet).
2012-05-03 09:37:35 +02:00
e4ae891983
updated tnc-pdp plugin for 5.0.0
2012-05-02 22:53:45 +02:00
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
d724fcd624
Ensure that multi-line log messages are not torn apart.
2012-05-02 14:45:38 +02:00
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
f9f867899a
Use a separate list and mutex for loggers.
...
This avoids deadlocks caused by extensive listener_t implementations
which might want to acquire a lock which is currently held by another
thread wanting to log messages. Since the latter requires that thread
to acquire the same lock the initial thread currently holds this
previously resulted in a deadlock.
With this change logging messages does not require threads to acquire
the main lock in bus_t and thus avoids the deadlock.
2012-05-02 14:45:38 +02:00
ecb5abd7fa
Fixed return value of controller_t functions if callback returns FALSE.
2012-05-02 14:45:38 +02:00
aac20ec784
Removed remaining parts of controller_t.listen() implementation.
2012-05-02 14:45:38 +02:00
a629513961
Remove obsolete bus_t.listen() method.
2012-05-02 14:45:38 +02:00
5a073784e2
Implement wait_for_listener in controller_t with semaphores.
...
This eliminates even the slightest chance of a deadlock.
2012-05-02 14:45:37 +02:00
b6e9c41861
Implement bus_t.listen() directly in controller_t (the only user).
...
This will hopefully allow us to later simplify bus_t.
2012-05-02 14:45:37 +02:00
daab152afa
Add plugin features support to stroke plugin
2012-05-02 14:05:52 +02:00
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
f99d8b10c9
Added a dedicated sender flush method, delay sender destruction until users gone
2012-05-02 10:22:59 +02:00
552557a65d
add AUTH_RULE_SUBJECT_CERT for raw public keys
2012-04-30 13:40:48 +02:00
00d79edc20
Typo fixed.
2012-04-30 10:47:42 +02:00
3577ec76a5
output validity of raw public key if available
2012-04-30 09:47:34 +02:00
5f1931ada1
added support for raw RSA public keys to stroke
2012-04-30 00:31:42 +02:00
Tobias Brunner