Tobias Brunner
a07c7ba2f6
maemo: Move debian/ directory for applet to packages/.
2011-02-04 18:02:49 +01:00
Tobias Brunner
420fcfe5fa
maemo: Added Maemo specific fields (including icons) to packages.
2011-02-04 18:02:49 +01:00
Tobias Brunner
54e8114127
maemo: Don't include debian files in distribution.
2011-02-04 18:02:49 +01:00
Tobias Brunner
5be3ceba7e
maemo: Package dependencies and descriptions changed.
2011-02-04 18:02:48 +01:00
Tobias Brunner
a6b7437b1f
maemo: Touch icon dir to trigger update event.
2011-02-04 18:02:48 +01:00
Tobias Brunner
56f57e5814
maemo: Listen for IKE_SA state changes insted of CHILD_SA state changes.
...
If the IKE_SA_INIT request fails, there is not yet a CHILD_SA that could
trigger state changes.
2011-02-04 18:02:48 +01:00
Tobias Brunner
a90891e6e3
maemo: Reload icons on icon theme change.
...
This is also needed during the installation because the applet might be
loaded before the icons are installed (or the icon cache is refreshed).
2011-02-04 18:02:48 +01:00
Tobias Brunner
25d7f059e2
maemo: Adding some missing files (required by automake).
2011-02-04 18:02:48 +01:00
Martin Willi
7e0eae4985
Replace hashtable key if a put operation replaces value
...
Fixes a crash if lifetime of key is bound to value (i.e. key == value)
2011-02-03 17:09:09 +01:00
Martin Willi
bf3e482141
Fix check to increase hashtable size properly
2011-02-03 17:08:53 +01:00
Martin Willi
b49d047bfc
Invoke the per-round authorize() hook before purging current auth info on IKE_SA
2011-02-03 17:08:39 +01:00
Martin Willi
4536e669a8
Filter out non-matching ike_cfg in backend manager, so backends don't have to
2011-02-03 10:12:16 +01:00
Martin Willi
2b7686b5d8
Migrated ike_auth to INIT/METHOD macros, fixes missing initial_contact initialization
2011-02-02 15:13:39 +01:00
Martin Willi
fe79cd4257
Accept non-encrypted INFORMATIONALs for ME connectivity checks
2011-02-01 09:47:36 +01:00
Martin Willi
1d34612f07
Do not use destroyed rng/hasher if IKE_SA has been flush()ed
2011-02-01 09:25:55 +01:00
Martin Willi
a846bf06e8
Add missing AUTH_RULE for trusted self-signed peer certificates
2011-02-01 09:25:10 +01:00
Andreas Steffen
8b42864884
fixed checking of unknown critical extensions in openssl_x509
2011-01-31 14:37:48 +01:00
Andreas Steffen
88e15afc8c
added comment to determine_tnccs_protocol() function
2011-01-31 05:31:22 +01:00
Andreas Steffen
f652995b21
implemented dynamic detection of TNCCS protocol
2011-01-31 00:59:17 +01:00
Martin Willi
5c89a00f05
Do not log potentially hundreds of cert requests for unknown CAs at level 1
2011-01-28 08:29:23 +01:00
Martin Willi
60b71def1a
Use wrapped threading functions in ha plugin
2011-01-20 15:52:29 +01:00
Martin Willi
8118707845
Increase tls_writer buffer by at least 4 bytes
2011-01-19 14:41:59 +01:00
Thomas Egerer
f2e2a40550
Fix potential use after free
2011-01-19 09:59:01 +01:00
Martin Willi
7cfa84f540
Whitelist gnutls init function
2011-01-17 18:20:12 +01:00
Martin Willi
2ca52c8048
Implemented an alternative HTTP fetcher based on libsoup
2011-01-17 18:20:06 +01:00
Martin Willi
b94feb4b05
backtrace->contains_function takes multiple names, speeding up whitelist check drastically
2011-01-17 18:19:44 +01:00
Martin Willi
ec8426a349
Add some common glib non-leaks to whitelist
2011-01-17 18:19:36 +01:00
Martin Willi
c4048cd61f
Add missing va_end to va_start in curl_fetcher
2011-01-17 18:19:17 +01:00
Martin Willi
d27a8e5011
Do not pass an enum type to va_arg
2011-01-17 18:18:58 +01:00
Martin Willi
ff5538e5c0
Use newer Linux capability native API, if available
2011-01-17 18:18:21 +01:00
Martin Willi
2b52d5cb41
Do not install config files with user/group, as it might not exist on build machine
2011-01-17 18:08:17 +01:00
Martin Willi
64e06d4f8f
Compare ending address in ts->equals, fixes redundant traffic selector elimination
2011-01-14 13:24:08 +01:00
Martin Willi
983a5e88d3
Revert "Send INITIAL_CONTACT even if we have a unique policy"
...
It makes sense to omit INITIAL_CONTACT if don't have a unique policy,
as a client might want to connect from different devices to the same
account.
This reverts commit 719c33b41a
.
2011-01-13 10:50:46 +01:00
Martin Willi
9bac426bf3
Fixed memory cleanup if no DHCP transaction found for an OFFER
2011-01-13 10:36:16 +01:00
Martin Willi
2082417df3
Force port update as responder when initiator switches to 4500 in IKE_AUTH
2011-01-12 14:37:15 +01:00
Martin Willi
8ba805f4db
Avoid variable name overloading
2011-01-12 14:37:09 +01:00
Andreas Steffen
213281de04
terminate TNCCS 1.1 connection after sending recommendation
2011-01-11 01:17:40 +01:00
Andreas Steffen
4c8e9708ca
fixed XML syntax for TNCCS-Recommendation messages
2011-01-11 01:17:40 +01:00
Andreas Steffen
59d1b15aea
implemented check_and_build_recommendation()
2011-01-11 01:17:40 +01:00
Andreas Steffen
21d96f44f7
correct numbering of batches
2011-01-11 01:17:40 +01:00
Andreas Steffen
8d0d0f0fe9
initialize the reference count correctly
2011-01-11 01:17:40 +01:00
Andreas Steffen
f33966fe8f
handle zero size Base64 conversions
2011-01-11 01:17:40 +01:00
Andreas Steffen
8a284e0454
communicate DELETE state to IMCs and IMVs
2011-01-11 01:17:40 +01:00
Martin Willi
719c33b41a
Send INITIAL_CONTACT even if we have a unique policy
2011-01-10 11:54:10 +01:00
Andreas Steffen
5fee822a93
implemented parsing of TNCCS 1.1 messages
2011-01-09 10:00:54 +01:00
Andreas Steffen
33749b879c
send notifyConnectionChange() to IMCs
2011-01-09 10:00:13 +01:00
Andreas Steffen
a226307f13
suiteb directory hasn't been moved to Master yet
2011-01-08 02:17:42 +01:00
Andreas Steffen
8235528840
generate TNCCS-Error messages
2011-01-08 02:17:42 +01:00
Andreas Steffen
1c4b4f76ad
created process() method for TNCCS messages
2011-01-08 02:17:42 +01:00
Martin Willi
44e513a320
Added support for trustchain key strength checking to rightauth option
2011-01-07 15:51:35 +01:00