c56667f1db
fixed logging of unsupported TNCCS version
2012-07-11 17:09:05 +02:00
1de4af66d5
PB-TNC Client sends empty CLOSE batch only in DECIDED state
2012-07-11 17:09:05 +02:00
a287a3cdcd
have_recommendation() accepts NULL arguments
2012-07-11 17:09:05 +02:00
b8b678a567
send empty SDATA batch if no recommendation is available yet, but in order to avoid loops only if no empty CDATA batch was received
2012-07-11 17:09:05 +02:00
a5c79d0175
moved batch size calculation into pb_tnc_batch_t
2012-07-11 17:09:05 +02:00
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
3a16bec8f9
limit the size of a PB-TNC batch to the maximum EAP-TNC packet size
2012-07-11 17:09:05 +02:00
6067233193
remove pluto logging
2012-07-11 17:09:05 +02:00
6245edf37e
eliminate message length field in EAP-TNC
2012-07-11 17:09:05 +02:00
c8aabefd08
added charon.plugins.eap-tnc.protocol option
2012-07-11 17:09:05 +02:00
a04c51aea9
due to single fragment, total length does not have to be included
2012-07-11 17:09:04 +02:00
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
c36680962c
allow to transmit 64k TLS Handshake and Application messages via EAP-[T]TLS
2012-07-11 17:09:04 +02:00
dfe82160e4
some tls_eap optimizations
2012-07-11 17:09:04 +02:00
87efdef35b
configure size of ITA Dummy PA-TNC attribute
2012-07-11 17:09:04 +02:00
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
22f9174609
defined ITA Dummy PA-TNC attribute for test purposes
2012-07-11 17:09:04 +02:00
ee200bab61
use TSS_PCRS_STRUCT_DEFAULT
2012-07-11 17:09:04 +02:00
da67c37d65
log invalid TLS packet length
2012-07-11 17:09:04 +02:00
5b35214a87
check boot_aggregate value
2012-07-11 17:09:04 +02:00
ddafcda4d8
refactored PTS functional component measurements
2012-07-11 17:09:04 +02:00
b188f23199
Install dev headers only if --with-dev-headers= option is set
2012-07-11 11:16:31 +02:00
2a6bcbbdee
Install libtls development headers
2012-07-11 10:51:01 +02:00
f1292d9d24
Install libfast development headers
2012-07-11 10:43:33 +02:00
980ca1f773
Define CONFIG_H_INCLUDED in Android build
2012-07-11 10:00:27 +02:00
4c311ffb1f
Check if config.h passed correctly via gcc -include
2012-07-11 09:57:07 +02:00
7115448529
Install libstrongswan development headers
2012-07-11 09:57:07 +02:00
7300eb29d1
Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
2012-07-11 09:57:07 +02:00
a4037686c7
Added a description to all AC_DEFINE macros, as required by autoheader
2012-07-11 09:57:07 +02:00
7c8b9fcbf6
Add safe_strerror() to leak detective whitelist
...
While the thread specific strerror buffer gets cleaned up for
worker threads during their termination, the main thread itself,
and so its strerror buffer, is still alive during leak reports.
2012-07-11 08:45:15 +02:00
07836f559d
Send cert request based on peers configured authentication class
2012-07-10 17:15:59 +02:00
dfd34c5a77
Add an option to disable libstrongswan certificate caching
2012-07-09 19:03:10 +02:00
ee7b7de18f
getpwnam_r and getgrnam_r are not supported by the Android NDK
2012-07-09 17:52:01 +02:00
7399119e58
Android.mk of libstrongswan updated
2012-07-09 17:52:01 +02:00
3128e7fa7c
Don't send CERTREQs when initiating aggressive mode PSK
2012-07-09 12:05:23 +02:00
4f07a19d10
Fixed help text for --disable-xauth-generic plugin
2012-07-05 09:46:59 +02:00
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
644c6c968d
Use spin locks to update IKE_SAs in controller_t
...
This ensures the listeners don't miss any events after the SAs have been
checked out in the asynchronously executed jobs. This is a matter of
memory visibility and not primary a matter of exclusive access.
2012-07-04 10:13:50 +02:00
12fa85c664
Added wrapper for POSIX spin locks
2012-07-04 10:13:49 +02:00
c9355ea4a0
Fixed job handling in controller_t
...
Also IKE_SAs are now checked out in the jobs and not before.
2012-07-04 10:13:49 +02:00
ce938e5cfa
Add charon-nm to .gitignore
2012-07-03 17:41:14 +02:00
3e0fe9f13e
Default to register_printf_specifier() if no printf hooking #defined
...
This allows us to build (non-./configured) external tools against
libstrongswan without explicitly specifiying the most commonly used
printf hooking function.
2012-07-03 13:09:14 +02:00
901dbc1077
openssl: Ensure the thread ID is never zero
...
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
2012-07-03 12:02:57 +02:00
997fdd1f02
Accept non-"/0" subnet sizes for traffic selectors starting at 0.0.0.0
2012-07-02 17:25:26 +02:00
b8d4cd294b
Update our network-manager-strongswan/debian to what is actually used downstream
2012-07-02 10:20:03 +02:00
1e5634c9b3
remove virtual IP for moon's inner interface
2012-06-29 23:20:32 +02:00
a60e92a2c8
Added GPL header to AndroidConfigLocal.h
2012-06-29 16:51:29 +02:00
f3af4969a7
Added GPL header to scripts
2012-06-29 16:51:29 +02:00
1a06ba1849
Added LICENSE file to the distribution
2012-06-29 16:51:29 +02:00
f59240e9ae
Added OpenSSL/GPL exception to LICENSE file
...
Also updated other parts of the license.
2012-06-29 16:51:29 +02:00
Andreas Steffen