ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
13,221 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

13221 Commits

Author SHA1 Message Date
Martin Willi 9c974c329d kernel-wfp: Depend on used RNG plugin features 2014-06-04 16:32:09 +02:00
Martin Willi 5a5b9925f8 kernel-wfp: Implement update_sa() 2014-06-04 16:32:09 +02:00
Martin Willi 1987b70989 kernel-wfp: Configure ports for SAs using UDP encapsulation 2014-06-04 16:32:09 +02:00
Martin Willi 9b5c95648f kernel-wfp: Refactor SA context construction, and use IPsecSaContextCreate1() 2014-06-04 16:32:08 +02:00
Martin Willi 3551fdbbdf kernel-iph: Fire roam events for detected address changes 2014-06-04 16:32:08 +02:00
Martin Willi bbe42a1fa5 kernel-wfp: Allocate SPIs pseudo-randomly using a 0xc prefix 2014-06-04 16:32:08 +02:00
Martin Willi b714746ef0 kernel-wfp: Install appropriate routes for tunnel mode policies 2014-06-04 16:32:08 +02:00
Martin Willi 0ef0493b4a kernel-iph: Implement add/del_route() 2014-06-04 16:32:08 +02:00
Martin Willi 13e18cb2fc kernel-iph: Implement get_nexthop() 2014-06-04 16:32:08 +02:00
Martin Willi 0cefd94007 kernel-iph: Implement get_source_addr() 2014-06-04 16:32:08 +02:00
Martin Willi f9e6200d06 kernel-iph: Implement address enumeration 2014-06-04 16:32:08 +02:00
Martin Willi 322c341f90 kernel-iph: Implement get_interface() method 2014-06-04 16:32:07 +02:00
Martin Willi 96f1978d0e kernel-iph: Create and maintain a cache of interfaces and associated addresses 2014-06-04 16:32:07 +02:00
Martin Willi 00780f0238 kernel-iph: Add a stub for a Windows IP Helper based networking backend 2014-06-04 16:32:07 +02:00
Martin Willi b934929804 kernel-wfp: Disable IPsec policy updates 
It seems that WFP requires an update of the SA context only, but not for the
filters. This allows us to omit support for (fallback) drop policies.
 2014-06-04 16:32:07 +02:00
Martin Willi 7452adfad3 kernel-interface: Add a flag to indicate no policy updates required 2014-06-04 16:32:07 +02:00
Martin Willi cd88f818fa kernel-wfp: Increment SPIs properly, that is while in host order 2014-06-04 16:32:07 +02:00
Martin Willi af098b5008 kernel-wfp: Triggering expire events for SAs to rekey/delete 2014-06-04 16:32:07 +02:00
Martin Willi b3f90915f9 kernel-wfp: Enforce hard lifetimes of SAs 2014-06-04 16:32:07 +02:00
Martin Willi b50d486e78 kernel-wfp: Add some notes about query_sa/policy() support 2014-06-04 16:32:06 +02:00
Martin Willi f351d9ef7d kernel-wfp: Reference SA/SP sets by SPI and destination, not reqid 
This allows us to have multiple CHILD_SAs for the same reqid, and brings
rekeying support.
 2014-06-04 16:32:06 +02:00
Martin Willi 4a8b85684f kernel-wfp: Add support for tunnel mode connections 2014-06-04 16:32:06 +02:00
Martin Willi f5ddda7f57 kernel-wfp: Register a WFP provider to manage IPsec tunnels 2014-06-04 16:32:06 +02:00
Martin Willi 149fc48e03 kernel-wfp: Preliminary support for transport mode connections 2014-06-04 16:32:06 +02:00
Martin Willi b1ba0a666c kernel-wfp: Fix/Complete some fwpuclnt functionality in MinGW 
While MinGW declares all the required symbols, some of them are missing in the
library files. We provide missing variables locally, functions get a stub
that call the GetProcAddress()ed function from the DLL.

Also some MinGW headers define some enum values incorrectly, we overload these
using defines.
 2014-06-04 16:32:06 +02:00
Martin Willi ebb9362d85 kernel-wfp: Open and close a WFP engine 2014-06-04 16:32:06 +02:00
Martin Willi 96ab7a8022 kernel-wfp: Create userland state for SAs/policies to install in kernel 2014-06-04 16:32:06 +02:00
Martin Willi 8d91eee3fc kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backend 2014-06-04 16:32:05 +02:00
Martin Willi 893e8ceee3 Merge branch 'win-socket' 
Adds a socket-win plugin providing an IKE socket implementation for Windows
based on the native Winsock2 API.
 2014-06-04 16:31:18 +02:00
Martin Willi 9b7a2188d9 travis: Include socket backend in Windows build test 2014-06-04 16:31:09 +02:00
Martin Willi d62b2444bc travis: Build "all" tests without Windows socket backend 2014-06-04 16:31:09 +02:00
Martin Willi fb0b539084 socket-win: Implement a Windows socket plugin using Winsock2 2014-06-04 16:31:09 +02:00
Martin Willi 8c55f8ef42 Merge branch 'win' 
Ports the strongSwan core libraries and some plugins to the Windows platform
using a MinGW based toolchain. Beside generic platform abstraction and
the windows.[ch] compatibility layer, this merge introduces a Windows native
threading backend and a charon-svc Windows IKE service.

Travis adds a MinGW cross-compile build to Windows, and further enables -Werror
to let builds fail for all compiler warnings with gcc and Clang.
 2014-06-04 16:26:58 +02:00
Martin Willi d930d18417 travis: Define a Windows build test using MinGW 2014-06-04 16:22:43 +02:00
Martin Willi 95e67e8d19 travis: Perform build tests with -Werror 2014-06-04 15:53:13 +02:00
Martin Willi 3b7b806d27 windows: Compile with -mno-ms-bitfields if option not set explicitly 
-mms-bitfields is the default in newer MinGWs, but it breaks
__attribute__((packed)).
 2014-06-04 15:53:13 +02:00
Martin Willi 0ca8541564 configure: Fix attribute((packed)) test when using -Werror 2014-06-04 15:53:13 +02:00
Martin Willi 3ab6082a0f configure: Mark conftest variable as unused to pass test with -Werror 
When using -Werror, the warning for the unused variable would let the test fail,
even if in6addr_any is available.
 2014-06-04 15:53:13 +02:00
Martin Willi 2d42dce4a4 configure: Don't use -rdynamic with the LLVM toolchain 2014-06-04 15:53:13 +02:00
Martin Willi 4ce8b0cae6 charon-svc: Register for stop events not before reaching STATUS_RUNNING 
MSDN SetServiceStatus(): "Do not register to accept controls while the status
is SERVICE_START_PENDING or the service can crash."
 2014-06-04 15:53:12 +02:00
Martin Willi ef7bfadabb charon-svc: Check if daemon has been initialized before invoking shutdown alert 2014-06-04 15:53:12 +02:00
Martin Willi f59e2b7bb3 swanctl: Stop logging with Ctrl+C on Windows as well 2014-06-04 15:53:12 +02:00
Martin Willi dfb23fa159 vici: Add Windows support 2014-06-04 15:53:12 +02:00
Martin Willi 7659f67af3 windows: Provide POSIX supplement errno values missing in MinGW 
MinGW headers do not define these values, but Windows system headers do.
Windows defines them for POSIX compatibility, we do the same locally.
 2014-06-04 15:53:12 +02:00
Martin Willi 2162e50004 windows: Provide shutdown(2) operation aliases mapping to those on Windows 2014-06-04 15:53:12 +02:00
Martin Willi c079c098c4 x509: Check return value when signing attribute certificates 
In addition that this lets AC generation fail properly if private key signing
fails, it also fixes an issue when compiling on Windows with MinGW 4.8.1, where
for some reason the attributeCertificateInfo got encoded incorrectly.
 2014-06-04 15:53:12 +02:00
Martin Willi 0c34c1b3af unit-tests: Support testable functions on Windows, avoid weak GCC symbols 
Instead of using weak symbols, we use dlsym() on Windows to find an arbitrary
symbol in libtest to detect its linkage. Instead of creating the associated
hashtable in the test runner, we maintain it in libstrongswan, making it
significantly simpler.
 2014-06-04 15:53:12 +02:00
Martin Willi 460adb5d09 unit-tests: Seed chunk_hash() only once, but before creating any hashtables 
Due to the removal of pthread_once, we manually create the seed for
chunk_hash(). With the new testable functions interface, this won't work for
the hashtable initiated using __attribute__((constructor)). Enforce seeding
before creating that hashtable.
 2014-06-04 15:53:11 +02:00
Martin Willi 5cd28cd25a pki: Provide a fallback if strptime() not supported 
For simplicity, we support the default pki datetime format only, but optionally
accept four digit years for longer lifetimes.
 2014-06-04 15:53:11 +02:00
Martin Willi d34d800c6c openssl: Don't re-enter FIPS mode if we are already using it 
If FIPS mode has been enabled by other means, under some environments it can't
be entered again. It fails with "FIPS mode already set". To avoid it, we first
check the mode before changing it.
 2014-06-04 15:53:11 +02:00