Tobias Brunner
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
Tobias Brunner
22bf44c8b9
Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, tasks etc.).
2012-05-18 10:04:08 +02:00
Tobias Brunner
7959a3faec
Removed superfluous @param in bus.h.
2012-05-18 09:57:01 +02:00
Tobias Brunner
7684ca2e8c
whitelist: Make sure listed IDs are null-terminated.
2012-05-18 09:57:01 +02:00
Tobias Brunner
5c162dd944
List registered nonce generators in statusall output.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
afaf1bdf5e
Use nonce_gen instead of rng to generate nonces
...
Replace usage of rng plugin with nonce generator to create nonces in
IKE_INIT, CHILD_CREATE and QUICK_MODE tasks and the IKEv1 phase 1 helper.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
5338fe5e79
Add create_nonce_gen function to keymat interface
...
This function returns a nonce generator object.
2012-05-18 08:15:41 +02:00
Andreas Steffen
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
Martin Willi
24742c0f83
Moved IKEv1 DPD processing to task manager, fix sequence issues
2012-05-15 17:00:12 +02:00
Martin Willi
b7dafb3f5b
Consider inbound ESP as a sign of liveness for DPD timeout
2012-05-15 14:58:28 +02:00
Martin Willi
4b38c22c00
Schedule a DPD timeout job that enforces the IKE message timeout policy
2012-05-15 14:46:02 +02:00
Martin Willi
ebf829f2eb
Send unanswered follow up R_U_THERE messages with the same DPD seq
2012-05-15 14:46:02 +02:00
Martin Willi
57a8418c88
Do not send IKEv1 DPD retransmit, but create a new INFORMATIONAL
2012-05-15 14:46:02 +02:00
Tobias Brunner
b3089ab74c
Free name of application using libcharon.
2012-05-15 11:37:07 +02:00
Martin Willi
29b56078ea
Register load-tester faked kernel interface before other kernel interfaces
2012-05-14 13:21:35 +02:00
Martin Willi
d4078ca796
Load tester can enforce a local IP to use
2012-05-14 10:03:05 +02:00
Martin Willi
d684242510
Add plugin features support to load-tester plugin
2012-05-14 09:52:53 +02:00
Tobias Brunner
5de5b04ce4
Fixed #include in tnc-ifmap plugin.
2012-05-07 11:22:51 +02:00
Andreas Steffen
44bd9b48c8
allow private algorithms
2012-05-05 23:25:51 +02:00
Andreas Steffen
4b797f464e
fixed mapping of IKEv1 algorithms
2012-05-05 23:25:34 +02:00
Andreas Steffen
f7cd1cde70
vendor ID cosmetics
2012-05-05 18:13:05 +02:00
Andreas Steffen
f66a14818e
inserted space
2012-05-05 15:51:24 +02:00
Andreas Steffen
5f540fd39c
missing references to daemon.h
2012-05-05 11:36:38 +02:00
Andreas Steffen
1e26235a0d
fixed feature dependencies for CERT_TRUSTED_PUBKEY
2012-05-05 08:54:36 +02:00
Tobias Brunner
983c667481
Use proper getter for settings in sender and receiver.
2012-05-03 13:57:04 +02:00
Tobias Brunner
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
Tobias Brunner
18758e3d2e
Store the name of the binary using libcharon to enable specific settings.
2012-05-03 13:57:04 +02:00
Tobias Brunner
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
Tobias Brunner
94b48e071a
Provide plugin list from charon, not internally in libcharon.
2012-05-03 13:14:07 +02:00
Andreas Steffen
2ee11fd42d
display (soft) same as (not loaded)
2012-05-03 11:54:56 +02:00
Andreas Steffen
493c468d4d
charon is now an IKE daemon
2012-05-03 11:49:30 +02:00
Martin Willi
c9931135d1
stroke plugin sdepends on building CERT_ANY certificates
2012-05-03 11:07:21 +02:00
Tobias Brunner
088020fbac
Updated Android.mk for 5.0 (no IKEv1 support yet).
2012-05-03 09:37:35 +02:00
Andreas Steffen
e4ae891983
updated tnc-pdp plugin for 5.0.0
2012-05-02 22:53:45 +02:00
Tobias Brunner
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
Tobias Brunner
d724fcd624
Ensure that multi-line log messages are not torn apart.
2012-05-02 14:45:38 +02:00
Tobias Brunner
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
Tobias Brunner
f9f867899a
Use a separate list and mutex for loggers.
...
This avoids deadlocks caused by extensive listener_t implementations
which might want to acquire a lock which is currently held by another
thread wanting to log messages. Since the latter requires that thread
to acquire the same lock the initial thread currently holds this
previously resulted in a deadlock.
With this change logging messages does not require threads to acquire
the main lock in bus_t and thus avoids the deadlock.
2012-05-02 14:45:38 +02:00
Tobias Brunner
ecb5abd7fa
Fixed return value of controller_t functions if callback returns FALSE.
2012-05-02 14:45:38 +02:00
Tobias Brunner
aac20ec784
Removed remaining parts of controller_t.listen() implementation.
2012-05-02 14:45:38 +02:00
Tobias Brunner
a629513961
Remove obsolete bus_t.listen() method.
2012-05-02 14:45:38 +02:00
Tobias Brunner
5a073784e2
Implement wait_for_listener in controller_t with semaphores.
...
This eliminates even the slightest chance of a deadlock.
2012-05-02 14:45:37 +02:00
Tobias Brunner
b6e9c41861
Implement bus_t.listen() directly in controller_t (the only user).
...
This will hopefully allow us to later simplify bus_t.
2012-05-02 14:45:37 +02:00
Martin Willi
daab152afa
Add plugin features support to stroke plugin
2012-05-02 14:05:52 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Martin Willi
f99d8b10c9
Added a dedicated sender flush method, delay sender destruction until users gone
2012-05-02 10:22:59 +02:00
Andreas Steffen
552557a65d
add AUTH_RULE_SUBJECT_CERT for raw public keys
2012-04-30 13:40:48 +02:00
Tobias Brunner
00d79edc20
Typo fixed.
2012-04-30 10:47:42 +02:00
Andreas Steffen
3577ec76a5
output validity of raw public key if available
2012-04-30 09:47:34 +02:00
Andreas Steffen
5f1931ada1
added support for raw RSA public keys to stroke
2012-04-30 00:31:42 +02:00