81736d7d24
added memstr and extract_token_str helper functions
2008-12-03 09:45:58 +00:00
0948edbbff
adding general purpose hash table
2008-12-03 09:32:16 +00:00
70691c31b2
fixed double free of host in selector2ts
2008-12-03 09:15:29 +00:00
efd0fe21e4
ref_get()/ref_put() use atomic gcc operations if supported, thanks to Thomas Jarosch for the patch
2008-12-02 12:14:32 +00:00
6905f794bb
added a --disable-threads ./configure option for pluto
2008-12-02 09:01:57 +00:00
2671a8fcee
use DBG_ANY to set all loglevels
2008-12-02 08:52:46 +00:00
f464d75070
added time.h include for struct tm
2008-12-02 08:46:15 +00:00
394eb35b0c
some task queueing improvements:
...
- do not pass CHILD_SAs to task constructor, might not
be valid anymore during execution (late lookup)
- use sub-tasks to delete CHILD/IKE_SA after rekeying,
as we want to execute the delete before additional
queued tasks
2008-12-01 18:38:28 +00:00
9a96ccd485
re-established lost default auth sys_logger
2008-12-01 01:24:55 +00:00
405cc1d924
schedule rekeying when activating passive IKE_SAs
2008-11-28 16:19:19 +00:00
dd6b7af3f7
do not delete passive IKE_SAs
2008-11-28 15:44:25 +00:00
c610f42430
added a PASSIVE IKE_SA state to manage it externally
2008-11-28 10:49:14 +00:00
ddef455219
pass SKd to derive_ike_keys() to have a more interoperable API
2008-11-28 09:51:44 +00:00
9a1263c3c1
fixed a double-unlock bug, showed up when using rwlocks in backend manager
2008-11-28 08:22:55 +00:00
ced41695dc
use rwlocks in backend manager to allow simultaneous access
2008-11-27 15:34:17 +00:00
96eb7b44a0
use a rwlock in attribute manager to allow simultaneous access
2008-11-27 15:22:41 +00:00
c50ad6f613
remove attribute provider in SQL plugin destruction
2008-11-27 14:33:41 +00:00
ac812491aa
added an include hack to build starter without gmp.h
2008-11-27 10:20:25 +00:00
140d0081bf
fixed pluto out-of-tree builds
2008-11-27 10:18:38 +00:00
9413628b87
token enumerator missed the last token if it contains only a single char
2008-11-27 09:21:52 +00:00
d2de674b9a
checkin of non-existing IKE_SAs
...
removed unneeded checkin() return values
2008-11-26 14:32:55 +00:00
09f407a14f
removed private parser function pointers, allows compiler to inline
2008-11-26 10:54:08 +00:00
98bcdfe2c9
removed private generator function pointers, allows compiler to inline
2008-11-26 10:42:54 +00:00
e2cb07d713
inlined some short chunk functions, showed up in the profiler
2008-11-26 10:08:36 +00:00
4fd233a73e
memxor() tweaks, as it is heavily used in xcbc
2008-11-26 10:06:59 +00:00
69e9698b17
allow to globally disable DOS protection by setting charon.dos_protection to no.
2008-11-26 09:22:19 +00:00
999072ea02
optimized the scheduler for performance by replacing the linked list with a heap.
2008-11-25 19:56:05 +00:00
6df2731e78
replacing the pthread_mutex in scheduler_t with the wrapped implementation.
...
added a method to condvar_t which allows to wait for an absolute timeout.
2008-11-25 19:30:02 +00:00
ed6146ffbe
performance optimization for the DOS protection.
...
* half-open SAs per peer are tracked in a hash table
* charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold
* chunk_hash function added
2008-11-25 13:16:05 +00:00
28dd27be64
fixed crash due to missing function call parameter
2008-11-25 08:11:57 +00:00
895a1156d5
use static IPsec policy iptables rule for alice in mobike scenario
2008-11-25 08:11:14 +00:00
f1f09810fb
fixed set_message_id() on IKE_SA
...
added missing bus->message() hook invocation
whitespace cleanups
2008-11-24 13:59:30 +00:00
b09ca74720
set message IDs on IKE_SAs
2008-11-24 12:46:06 +00:00
addfea95df
moved the IPV6_IPSEC_POLICY definition to the ipsec plugins, fixes uClibc build
2008-11-24 08:22:05 +00:00
18e2788fbe
added a "load_tester.auth" option: "pubkey" (default) or "psk"
2008-11-23 11:58:41 +00:00
88d4acd4de
proper cancellation of load-testing initiators
2008-11-23 11:17:30 +00:00
a20abb81e9
added a MODP_NULL Diffie Hellman group to avoid calculation overhead in load-testing
2008-11-22 16:14:55 +00:00
8f45ece098
expecting int sized length arguments to chunk_split, as vararg functions use integers
2008-11-21 08:11:24 +00:00
cdee592e38
fixing Makefile of the nm plugin (avoids including a .svn directory in the distribution)
2008-11-20 14:46:03 +00:00
ba2ecf6831
optimized ike_sa_manager for concurrent access (default behavior is still as before, needs configuration in strongswan.conf).
2008-11-20 13:30:23 +00:00
fc3ef71fa7
fixed lock-profiler help message
2008-11-19 15:37:46 +00:00
3aaf7908d1
refactored and cleaned up child_sa interface
...
replaced add/update calls by a install() call
allocating SPIs always externally
support installation of non-allocated CHILD_SAs
some other cleanups
2008-11-19 15:31:27 +00:00
9dd1229407
fixing compilation on systems lacking linux/xfrm.h
2008-11-18 14:28:05 +00:00
0d1a57e496
setting default port of own address to have a proper fallback if src addr lookup fails
2008-11-18 10:10:36 +00:00
32f59c56f1
consider interfaces we do not monitor as up (e.g. lo)
...
fixes load-testing against 127.0.0.1
2008-11-18 09:52:28 +00:00
50ae86017c
version bump to 4.2.10
2008-11-18 00:02:59 +00:00
49653b6bc3
separated updown listener to its own class
...
caching interface names to properly remove rules if interface has changed
2008-11-17 09:29:27 +00:00
08c6ed9f14
fixed virtual IP re-installation failure in MOBIKE scenarios introduced with changeset 4662
2008-11-17 00:01:34 +00:00
9a095db5e8
set release number back to 4.2.9
2008-11-16 22:25:16 +00:00
4dc0dce886
added migration to NEWS
2008-11-16 21:23:56 +00:00
Tobias Brunner