Andreas Steffen
c56667f1db
fixed logging of unsupported TNCCS version
2012-07-11 17:09:05 +02:00
Andreas Steffen
1de4af66d5
PB-TNC Client sends empty CLOSE batch only in DECIDED state
2012-07-11 17:09:05 +02:00
Andreas Steffen
a287a3cdcd
have_recommendation() accepts NULL arguments
2012-07-11 17:09:05 +02:00
Andreas Steffen
b8b678a567
send empty SDATA batch if no recommendation is available yet, but in order to avoid loops only if no empty CDATA batch was received
2012-07-11 17:09:05 +02:00
Andreas Steffen
a5c79d0175
moved batch size calculation into pb_tnc_batch_t
2012-07-11 17:09:05 +02:00
Andreas Steffen
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
Andreas Steffen
3a16bec8f9
limit the size of a PB-TNC batch to the maximum EAP-TNC packet size
2012-07-11 17:09:05 +02:00
Andreas Steffen
6067233193
remove pluto logging
2012-07-11 17:09:05 +02:00
Andreas Steffen
6245edf37e
eliminate message length field in EAP-TNC
2012-07-11 17:09:05 +02:00
Andreas Steffen
c8aabefd08
added charon.plugins.eap-tnc.protocol option
2012-07-11 17:09:05 +02:00
Andreas Steffen
a04c51aea9
due to single fragment, total length does not have to be included
2012-07-11 17:09:04 +02:00
Andreas Steffen
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
Andreas Steffen
c36680962c
allow to transmit 64k TLS Handshake and Application messages via EAP-[T]TLS
2012-07-11 17:09:04 +02:00
Andreas Steffen
dfe82160e4
some tls_eap optimizations
2012-07-11 17:09:04 +02:00
Andreas Steffen
87efdef35b
configure size of ITA Dummy PA-TNC attribute
2012-07-11 17:09:04 +02:00
Andreas Steffen
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
Andreas Steffen
22f9174609
defined ITA Dummy PA-TNC attribute for test purposes
2012-07-11 17:09:04 +02:00
Andreas Steffen
ee200bab61
use TSS_PCRS_STRUCT_DEFAULT
2012-07-11 17:09:04 +02:00
Andreas Steffen
da67c37d65
log invalid TLS packet length
2012-07-11 17:09:04 +02:00
Andreas Steffen
5b35214a87
check boot_aggregate value
2012-07-11 17:09:04 +02:00
Andreas Steffen
ddafcda4d8
refactored PTS functional component measurements
2012-07-11 17:09:04 +02:00
Martin Willi
b188f23199
Install dev headers only if --with-dev-headers= option is set
2012-07-11 11:16:31 +02:00
Martin Willi
2a6bcbbdee
Install libtls development headers
2012-07-11 10:51:01 +02:00
Martin Willi
f1292d9d24
Install libfast development headers
2012-07-11 10:43:33 +02:00
Martin Willi
980ca1f773
Define CONFIG_H_INCLUDED in Android build
2012-07-11 10:00:27 +02:00
Martin Willi
4c311ffb1f
Check if config.h passed correctly via gcc -include
2012-07-11 09:57:07 +02:00
Martin Willi
7115448529
Install libstrongswan development headers
2012-07-11 09:57:07 +02:00
Martin Willi
7300eb29d1
Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
2012-07-11 09:57:07 +02:00
Martin Willi
a4037686c7
Added a description to all AC_DEFINE macros, as required by autoheader
2012-07-11 09:57:07 +02:00
Martin Willi
7c8b9fcbf6
Add safe_strerror() to leak detective whitelist
...
While the thread specific strerror buffer gets cleaned up for
worker threads during their termination, the main thread itself,
and so its strerror buffer, is still alive during leak reports.
2012-07-11 08:45:15 +02:00
Martin Willi
07836f559d
Send cert request based on peers configured authentication class
2012-07-10 17:15:59 +02:00
Martin Willi
dfd34c5a77
Add an option to disable libstrongswan certificate caching
2012-07-09 19:03:10 +02:00
Tobias Brunner
ee7b7de18f
getpwnam_r and getgrnam_r are not supported by the Android NDK
2012-07-09 17:52:01 +02:00
Tobias Brunner
7399119e58
Android.mk of libstrongswan updated
2012-07-09 17:52:01 +02:00
Martin Willi
3128e7fa7c
Don't send CERTREQs when initiating aggressive mode PSK
2012-07-09 12:05:23 +02:00
Tobias Brunner
4f07a19d10
Fixed help text for --disable-xauth-generic plugin
2012-07-05 09:46:59 +02:00
Martin Willi
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
Tobias Brunner
644c6c968d
Use spin locks to update IKE_SAs in controller_t
...
This ensures the listeners don't miss any events after the SAs have been
checked out in the asynchronously executed jobs. This is a matter of
memory visibility and not primary a matter of exclusive access.
2012-07-04 10:13:50 +02:00
Tobias Brunner
12fa85c664
Added wrapper for POSIX spin locks
2012-07-04 10:13:49 +02:00
Tobias Brunner
c9355ea4a0
Fixed job handling in controller_t
...
Also IKE_SAs are now checked out in the jobs and not before.
2012-07-04 10:13:49 +02:00
Martin Willi
ce938e5cfa
Add charon-nm to .gitignore
2012-07-03 17:41:14 +02:00
Martin Willi
3e0fe9f13e
Default to register_printf_specifier() if no printf hooking #defined
...
This allows us to build (non-./configured) external tools against
libstrongswan without explicitly specifiying the most commonly used
printf hooking function.
2012-07-03 13:09:14 +02:00
Tobias Brunner
901dbc1077
openssl: Ensure the thread ID is never zero
...
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
2012-07-03 12:02:57 +02:00
Martin Willi
997fdd1f02
Accept non-"/0" subnet sizes for traffic selectors starting at 0.0.0.0
2012-07-02 17:25:26 +02:00
Martin Willi
b8d4cd294b
Update our network-manager-strongswan/debian to what is actually used downstream
2012-07-02 10:20:03 +02:00
Andreas Steffen
1e5634c9b3
remove virtual IP for moon's inner interface
2012-06-29 23:20:32 +02:00
Tobias Brunner
a60e92a2c8
Added GPL header to AndroidConfigLocal.h
2012-06-29 16:51:29 +02:00
Tobias Brunner
f3af4969a7
Added GPL header to scripts
2012-06-29 16:51:29 +02:00
Tobias Brunner
1a06ba1849
Added LICENSE file to the distribution
2012-06-29 16:51:29 +02:00
Tobias Brunner
f59240e9ae
Added OpenSSL/GPL exception to LICENSE file
...
Also updated other parts of the license.
2012-06-29 16:51:29 +02:00