Martin Willi
a5c799602f
Make task managers flush_queue() method public
2012-05-21 14:02:35 +02:00
Tobias Brunner
9e19cb912d
Destroy Netlink socket only after deleting remaining source routes.
2012-05-21 13:33:13 +02:00
Martin Willi
75d4e01c4a
Enumerate correct list while removing nonce_gens, fix deregistration
2012-05-21 12:28:01 +02:00
Martin Willi
32400cd91a
Added a convenience function to dump backtraces for gdb-less debugging
2012-05-21 12:18:49 +02:00
Martin Willi
b5341bb07c
Fix IKEv1 DPD clear, destroying IKE_SA even if reestablish not needed
2012-05-21 12:17:32 +02:00
Tobias Brunner
769696450a
Properly munmap/close file if loading IMC/IMV fails.
2012-05-18 12:32:31 +02:00
Tobias Brunner
7a56c35fc9
Remove executable flag from source files.
2012-05-18 10:04:08 +02:00
Tobias Brunner
22bf44c8b9
Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, tasks etc.).
2012-05-18 10:04:08 +02:00
Tobias Brunner
7959a3faec
Removed superfluous @param in bus.h.
2012-05-18 09:57:01 +02:00
Tobias Brunner
7684ca2e8c
whitelist: Make sure listed IDs are null-terminated.
2012-05-18 09:57:01 +02:00
Tobias Brunner
816f7f238f
pkcs8: Initialize salt and IV properly.
2012-05-18 08:36:37 +02:00
Tobias Brunner
5c162dd944
List registered nonce generators in statusall output.
2012-05-18 08:15:41 +02:00
Tobias Brunner
b826b192ba
Add enumerator for registered nonce generators.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
afaf1bdf5e
Use nonce_gen instead of rng to generate nonces
...
Replace usage of rng plugin with nonce generator to create nonces in
IKE_INIT, CHILD_CREATE and QUICK_MODE tasks and the IKEv1 phase 1 helper.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
5338fe5e79
Add create_nonce_gen function to keymat interface
...
This function returns a nonce generator object.
2012-05-18 08:15:41 +02:00
Adrian-Ken Rueegsegger
04024b5de8
Add nonce plugin implementation
...
This nonce generator uses an RNG to generate nonces. The RNG quality is
currently set to RNG_WEAK which is the same value used in IKE init.
The plugin is enabled and thus built by default.
2012-05-18 08:15:40 +02:00
Adrian-Ken Rueegsegger
e2fc09c186
Add nonce generator interface
...
Nonce generators (nonce_gen_t) can be used to get or allocate nonces.
Users can request nonce generators from the crypto factory while nonce
plugins register/remove themselves to/from the crypto factory.
2012-05-18 08:15:40 +02:00
Andreas Steffen
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
Martin Willi
24742c0f83
Moved IKEv1 DPD processing to task manager, fix sequence issues
2012-05-15 17:00:12 +02:00
Martin Willi
b7dafb3f5b
Consider inbound ESP as a sign of liveness for DPD timeout
2012-05-15 14:58:28 +02:00
Martin Willi
4b38c22c00
Schedule a DPD timeout job that enforces the IKE message timeout policy
2012-05-15 14:46:02 +02:00
Martin Willi
ebf829f2eb
Send unanswered follow up R_U_THERE messages with the same DPD seq
2012-05-15 14:46:02 +02:00
Martin Willi
57a8418c88
Do not send IKEv1 DPD retransmit, but create a new INFORMATIONAL
2012-05-15 14:46:02 +02:00
Tobias Brunner
b3089ab74c
Free name of application using libcharon.
2012-05-15 11:37:07 +02:00
Tobias Brunner
d3590016e9
starter: Initialize thread pool so kernel events are consumed.
2012-05-15 08:55:19 +02:00
Martin Willi
9e25007646
Explicitly cast from strict_t to crl_policy_t
2012-05-14 14:11:54 +02:00
Martin Willi
1b82fdb2e5
Use correct integrity_algorithm_t enum type in bench_signer()
2012-05-14 14:11:22 +02:00
Martin Willi
d185b6acee
Make function pointer defined with METHOD() macro non-const
...
clang complains about it being const, and the object code
generated from gcc is the same.
2012-05-14 14:10:00 +02:00
Martin Willi
2e1f4a4631
Remove unused return value of INIT(), making clang happy
2012-05-14 14:07:00 +02:00
Martin Willi
29b56078ea
Register load-tester faked kernel interface before other kernel interfaces
2012-05-14 13:21:35 +02:00
Martin Willi
d4078ca796
Load tester can enforce a local IP to use
2012-05-14 10:03:05 +02:00
Martin Willi
d684242510
Add plugin features support to load-tester plugin
2012-05-14 09:52:53 +02:00
Andreas Steffen
5cc6dc8b39
check for ESP in UDP encapsulation
2012-05-12 12:15:58 +02:00
Andreas Steffen
a56fdff194
upgraded ikev2 scenarios to 5.0.0
2012-05-11 11:00:32 +02:00
Andreas Steffen
0e1c6fa2a9
suppress leak detective output
2012-05-11 05:48:11 +02:00
Tobias Brunner
c732e22019
Fix route reinstallation if preferred source IP is not on outgoing interface.
2012-05-07 19:00:47 +02:00
Tobias Brunner
5de5b04ce4
Fixed #include in tnc-ifmap plugin.
2012-05-07 11:22:51 +02:00
Andreas Steffen
86aab92248
upgraded ha scenario for 5.0.0
2012-05-06 15:03:26 +02:00
Andreas Steffen
922e0d0975
added gcrypt-ikev1 pluto interoperability tests
2012-05-06 09:51:19 +02:00
Andreas Steffen
949d08dfca
upgraded gcrypt-ikev1 scenarios to 5.0.0
2012-05-06 09:25:31 +02:00
Andreas Steffen
04d7b1725d
upgraded gcrypt-ikev2 scenarios to 5.0.0
2012-05-06 09:23:09 +02:00
Andreas Steffen
44bd9b48c8
allow private algorithms
2012-05-05 23:25:51 +02:00
Andreas Steffen
4b797f464e
fixed mapping of IKEv1 algorithms
2012-05-05 23:25:34 +02:00
Andreas Steffen
f7cd1cde70
vendor ID cosmetics
2012-05-05 18:13:05 +02:00
Andreas Steffen
f66a14818e
inserted space
2012-05-05 15:51:24 +02:00
Andreas Steffen
8f834c16ae
upgraded pfkey scenarios to 5.0.0
2012-05-05 11:55:48 +02:00
Andreas Steffen
5f540fd39c
missing references to daemon.h
2012-05-05 11:36:38 +02:00
Andreas Steffen
6624b8be24
removed leftover ipsec.conf parameters
2012-05-05 09:20:42 +02:00
Andreas Steffen
84b291e668
upgraded sql scenarios to 5.0.0
2012-05-05 09:16:15 +02:00
Andreas Steffen
1e26235a0d
fixed feature dependencies for CERT_TRUSTED_PUBKEY
2012-05-05 08:54:36 +02:00