ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
2,934 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

1749 Commits

Author SHA1 Message Date
Martin Willi 6dbce9c803 reimplemented dbus plugin for NetworkManager 0.7, renamed to nm 2008-07-31 11:16:14 +00:00
Martin Willi 2d87903db9 recreating FIFO if it exists 2008-07-31 09:04:54 +00:00
Martin Willi eb04645c10 fixed usage typo 2008-07-31 09:01:56 +00:00
Martin Willi 19ad10b5d3 increased stroke socket backlog to 10 2008-07-30 14:17:05 +00:00
Martin Willi f0a8fa25ba using a entry cache for duplicate checks, avoids deadlocks 2008-07-30 14:15:08 +00:00
Martin Willi 7a4ad866b0 use condvar broadcasts to signal threads waiting for an IP, there might be more than one 2008-07-30 13:19:12 +00:00
Tobias Brunner eadd460f7c the list of addresses on the interface of a guest is not cached anymore, but queried directly from the interface 2008-07-30 13:15:18 +00:00
Tobias Brunner 9901cdb4cd * Guest#exec uses the new exec_str function 
* tab completion in irdumm enabled
 2008-07-30 13:01:04 +00:00
Tobias Brunner 2e73cd6e87 added an extended exec function to guests that allows to get the output of the command as string or by line. 2008-07-30 12:58:45 +00:00
Martin Willi 38a8e39739 using shared read locks in credential set enumerators to avoid deadlocks 2008-07-30 11:38:44 +00:00
Martin Willi 21632b76e0 added strongswan.conf option "charon.dos_protection" to disable cookies/aggressiveness check 2008-07-30 08:27:08 +00:00
Andreas Steffen ce91f67f60 starter now waits for a maximum of 10s instead of 1s for charon before restarting the daemon 2008-07-29 19:44:54 +00:00
Andreas Steffen 98ba96f185 demoted IKE state change output to debug level 2 2008-07-28 14:01:45 +00:00
Andreas Steffen 3fd9c75717 ignore AUTH_LIFETIME value if reauthentication has already been scheduled earlier 2008-07-28 13:53:04 +00:00
Martin Willi 7fb2693724 switched xterm console title 2008-07-28 13:10:34 +00:00
Martin Willi bc8f868c99 using gnome-terminal in irdumm 2008-07-28 12:37:01 +00:00
Andreas Steffen 5c96dab653 version bump to 4.2.6 2008-07-28 09:14:07 +00:00
Martin Willi 7c04589335 use XFRM_MSG_UPDPOLICY for existing policies only 2008-07-28 08:29:04 +00:00
Martin Willi 6ef70d2109 added tests.h to distribution 2008-07-24 12:48:36 +00:00
Martin Willi b6bf863459 fixed UCI thread cancellation on ARM 2008-07-24 08:52:12 +00:00
Martin Willi 3bc5a137cb added option charon.plugins.sql.lease_history to disable lease history logging 2008-07-24 08:28:45 +00:00
Martin Willi 875a8326b3 fixed statistic calcuation for static leases 2008-07-24 08:21:55 +00:00
Andreas Steffen f6facbe75c completed IKE_SA logging at the AUDIT level 2008-07-23 18:46:34 +00:00
Martin Willi a01ad99341 fixed pool statistics 2008-07-23 13:56:07 +00:00
Andreas Steffen 6410231335 IKE_SA rekeying inherits other_host from old IKE_SA 2008-07-23 07:44:26 +00:00
Andreas Steffen 0eede4a31f cosmetics 2008-07-23 06:38:24 +00:00
Andreas Steffen 295826b9f0 start default strongSwan UML topology 2008-07-22 17:21:01 +00:00
Andreas Steffen 51c8f8261f some more changes to IKE_SA and CHILD_SA logging 2008-07-22 17:10:10 +00:00
Martin Willi f7198e7e8c experimental and untested reimplementation of sql based IP pool 
uses address preallocation and separate address/lease tables for linear lookup time
 2008-07-22 14:56:15 +00:00
Andreas Steffen 32f5ee159e cosmetics 2008-07-22 12:13:48 +00:00
Andreas Steffen 66da78b4bb ipsec status lists IPCOMP CPIs 2008-07-22 12:03:58 +00:00
Andreas Steffen c3967e779e own CPI was not deleted due to copy-and-paste error 2008-07-22 10:53:56 +00:00
Andreas Steffen eba7470b76 consistent logging of SPIs and CPIs 2008-07-22 10:16:45 +00:00
Andreas Steffen 7db7d06e28 missing FETCH_END caused SEGFAULT in ikev2/rw-hash-and-url scenario 2008-07-22 06:24:00 +00:00
Andreas Steffen af18c84ffb display protoport in dynamic/32 traffic selectors 2008-07-21 19:08:03 +00:00
Martin Willi ee93541783 fixed bus args copy on non i386 archs 2008-07-21 14:23:43 +00:00
Andreas Steffen fb34475b5c consistent logging of IKE and CHILD SAs 2008-07-21 12:47:59 +00:00
Martin Willi 0a625fde3e pool performance testing 2008-07-21 11:17:20 +00:00
Martin Willi 6b64fe2684 loading unit-tester plugin as the last one 2008-07-21 11:16:07 +00:00
Martin Willi c7314e68ab reverted bus to non-recursive mutex due instability 2008-07-21 11:15:16 +00:00
Martin Willi fc861b0b7e added a driver type getter for database implementations 2008-07-21 11:13:06 +00:00
Martin Willi a4a3e0c7dc introduced an additional bus->signal parameter for signal specific data 
added SIG_IKE/SIG_CHD macros for signal emitting
 2008-07-18 15:51:40 +00:00
Martin Willi 2f725443e5 removed testing app, this is scriptable with irdumm now 2008-07-18 12:14:43 +00:00
Martin Willi a98793adfe allow but filter recursive listener invocation 2008-07-18 11:05:01 +00:00
Martin Willi 1082b06121 fixed compiler warning 2008-07-18 10:54:49 +00:00
Martin Willi 12b1c1a1bc extended UCI plugin by a simple control interface using a fifo 2008-07-18 10:34:44 +00:00
Andreas Steffen bb7b613b83 eliminated bashisms in _updown scripts 2008-07-18 10:04:40 +00:00
Martin Willi bd07b59079 avoid heap allocation in bus->signal for performance reasons 2008-07-17 11:45:58 +00:00
Martin Willi 5353f22ed7 fixed potential segfault in resolve_hosts 2008-07-17 11:06:31 +00:00
Martin Willi d61d1913e1 ignore IPCOMP acquires, fixes additional CHILD_SA setup with acquired SAs using compression 2008-07-17 08:25:34 +00:00
Martin Willi 7ca49551c8 do not distinguish different policy protocols in userland cache 2008-07-16 12:33:19 +00:00
Martin Willi 7b9e1ff0fd do not complain about existing routes 2008-07-16 12:30:47 +00:00
Andreas Steffen 08ab369b8c included Thomas in copyright statement 2008-07-16 12:28:29 +00:00
Martin Willi 7beea2e99f fixed acquire-delay bug by: 
installing policies before states
  updating policies if protocol has changed
 2008-07-16 11:51:37 +00:00
Andreas Steffen 519e87b078 updated copyright statement 2008-07-16 10:17:04 +00:00
Andreas Steffen 872aa6ea51 fixed bashism in ipsec.in 2008-07-16 06:59:08 +00:00
Andreas Steffen 326bfd0450 set XFRM_STATE_AF_UNSPEC flag only in IPsec tunnel mode 2008-07-15 21:35:55 +00:00
Andreas Steffen eb0cc33886 The XFRM_STATE_AF_UNSPEC flag added to xfrm.h allows IPv4-over-IPv6 and IPv6-over-IPv6 tunnels with the 2.6.26 and later Linux kernels 2008-07-15 15:28:00 +00:00
Martin Willi 66d4745f8e ported patch to final 2.6.26 release, including UML Makefile fixes 2008-07-15 14:41:12 +00:00
Andreas Steffen 6d58c2be9a cosmetics 2008-07-15 13:09:09 +00:00
Andreas Steffen 0ef961b878 added pfsgroup to ipsec.conf.5 man page 2008-07-15 13:07:27 +00:00
Martin Willi ef3f717bfe reverted [4125],[4166], reimplemented the proper way 2008-07-11 08:54:56 +00:00
Martin Willi 6b5d95919c setting ike_sa on bus in checkout_new 2008-07-11 08:47:18 +00:00
Andreas Steffen 858a9fd584 update_peerid() does not accept %any as a certificate's subjectAltName 2008-07-09 22:13:39 +00:00
Martin Willi e7991a2eef do a route lookup to allow routing of left=%any connections 2008-07-09 14:16:19 +00:00
Martin Willi 6c652e6b55 added /usr/local/[s]bin to uml exec path 2008-07-09 12:39:11 +00:00
Martin Willi ddf944be3e loading ruby scripts specified at command line 2008-07-09 12:18:06 +00:00
Martin Willi a9c46ace99 ruby bindings/fixes for template loading 2008-07-09 11:43:48 +00:00
Martin Willi ee70c94835 passing a block to guest.exec() processes output lines 2008-07-09 10:51:10 +00:00
Martin Willi bf44108019 uml "exec" writes stdout/stderr back to mconsole 
guest->exec() accepts a callback for output
sligtly refactored mconsole.c
 2008-07-08 14:58:20 +00:00
Martin Willi 02a6083633 guest interface/address management using hackish mconsole exec patch, ruby bindings 2008-07-07 14:56:04 +00:00
Martin Willi 36beca7cef disconnecting interfaces properly on bridge destruction 2008-07-05 09:32:55 +00:00
Martin Willi c4d72bdb01 throwing proper exeptions on errors, correct return values 
mixin enumerable in classes/objects with .each
 2008-07-04 16:42:54 +00:00
Martin Willi ca275ae2ca prototype of irdumm - interactive ruby shell for dumm 2008-07-04 14:21:41 +00:00
Martin Willi 4302d4f012 some stability improvements 2008-07-04 06:58:04 +00:00
Andreas Steffen 2c258d7373 ipsec statusall displays dpd options 2008-07-02 10:48:57 +00:00
Martin Willi 4a231f1a2e changed medcli settings keys 2008-07-02 09:02:38 +00:00
Martin Willi d932435e18 sql plugin supports a list of pools to fall back, specified by e.g. rightsourceip=%pool1,pool2 2008-07-02 08:31:48 +00:00
Martin Willi 11e855179e using token enumerator to parser plugin list 2008-07-02 08:19:43 +00:00
Martin Willi fca4d3ee03 implementation of a simple "token enumerator" 2008-07-02 08:09:07 +00:00
Andreas Steffen 1dec30625e check if parsing of ipsec update was successful 2008-07-02 05:51:49 +00:00
Martin Willi ab89517218 fixed medsrv database uri key 2008-07-01 13:57:47 +00:00
Andreas Steffen 556e426fd8 renamed STROKE_DOWNSRCIP to STROKE_DOWN_SRCIP 2008-07-01 13:47:26 +00:00
Martin Willi 131064995a added a "ipsec down-srcip <start> [<end>]" command to terminate IKE_SAs by remote virtual ip 2008-07-01 12:48:56 +00:00
Martin Willi d01783dba4 logging peer addresses in peer_cfg lookup 2008-07-01 11:10:37 +00:00
Martin Willi 9eeaa25f5d added host match prio to debugging output 2008-07-01 11:01:27 +00:00
Martin Willi 62bd123952 peer_cfg lookup takes peer addresses into account 2008-07-01 09:05:20 +00:00
Martin Willi 866ba8e0b6 strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if CHILD_SA setup in IKE_AUTH fails 2008-07-01 07:54:09 +00:00
Martin Willi fe5d7c43be whitelisting leaks of ENGINE_load_builtin_engines 2008-07-01 07:53:03 +00:00
Martin Willi d510eaea47 sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none found 2008-07-01 06:36:52 +00:00
Andreas Steffen 5397a7f91d show authentication method in ipsec statusall 2008-06-30 17:08:47 +00:00
Martin Willi b119f89a4e fixed chunk_increment, fixes reuse of already assigned addresses 2008-06-30 12:33:38 +00:00
Martin Willi 7da767f773 sqlite plugin requires libsqlite3 => 3.3.1 to share connections 
use recursive locking if libsqlite3 < 3.5.0
 2008-06-30 11:06:18 +00:00
Martin Willi aafe8ced39 added strongswan.conf option charon.reuse_iksa=no to create each CHILD_SA in a new IKE_SA 2008-06-30 08:45:11 +00:00
Andreas Steffen 125aaf1ab1 log received vendor id as a hex value 2008-06-27 17:11:54 +00:00
Andreas Steffen dc04f16e26 corrected vendor_id_payload diagram 2008-06-27 15:22:27 +00:00
Andreas Steffen 615611afc1 version bump to 4.2.5 2008-06-26 09:59:55 +00:00
Martin Willi c66a1b757f ike/kernel protocol identifier conversion functions 2008-06-26 08:59:39 +00:00
Martin Willi 854a2e1760 fixed ifndef typo for MYSQL_DATA_TRUNCATED check 2008-06-26 07:31:52 +00:00
Martin Willi 236083cb56 fixed plugin loader destruction 2008-06-25 14:53:49 +00:00