Andreas Steffen
8a5a33b52e
upgrade p2pnat scenarios to 5.0.0
2012-05-04 14:56:09 +02:00
Andreas Steffen
e5502cd2b5
updated af-alg scenarios to 5.0.0
2012-05-04 12:15:30 +02:00
Andreas Steffen
680609b972
added openssl-ikev1 pluto interoperability tests
2012-05-04 12:12:39 +02:00
Andreas Steffen
1e9b62ad50
deleted unneeded openssl-ikev1 files
2012-05-04 12:11:57 +02:00
Andreas Steffen
90e941fb97
upgraded openssl-ikev1 scenarios to 5.0.0
2012-05-04 12:06:45 +02:00
Andreas Steffen
3805e569f6
upgraded openssl-ikev2 scenarios to 5.0.0
2012-05-04 12:03:05 +02:00
Andreas Steffen
22bec9d4ae
upgraded tnc scenarios to 5.0.0
2012-05-04 11:57:31 +02:00
Andreas Steffen
a71f0f3bdc
charon is now an IKE daemon
2012-05-03 20:48:01 +02:00
Tobias Brunner
0aa90701f6
It seems charon-nm has to be linked against libnm-util.
...
That's at least the case for NetworkManager 0.9.4 in Ubuntu 12.04.
2012-05-03 15:17:57 +02:00
Tobias Brunner
983c667481
Use proper getter for settings in sender and receiver.
2012-05-03 13:57:04 +02:00
Tobias Brunner
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
Tobias Brunner
18758e3d2e
Store the name of the binary using libcharon to enable specific settings.
2012-05-03 13:57:04 +02:00
Tobias Brunner
37d9334366
Changed default path to charon for NM frontend.
2012-05-03 13:57:04 +02:00
Tobias Brunner
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
Tobias Brunner
1c7a733e36
Added a small libcharon wrapper intended to directly host the nm plugin.
...
For this reason it reclaims the --enable-nm configure option.
2012-05-03 13:38:14 +02:00
Tobias Brunner
94b48e071a
Provide plugin list from charon, not internally in libcharon.
2012-05-03 13:14:07 +02:00
Andreas Steffen
2ee11fd42d
display (soft) same as (not loaded)
2012-05-03 11:54:56 +02:00
Andreas Steffen
493c468d4d
charon is now an IKE daemon
2012-05-03 11:49:30 +02:00
Martin Willi
40ca363a8b
If we load new features from a plugin, restart loading from first plugin
2012-05-03 11:08:09 +02:00
Martin Willi
c9931135d1
stroke plugin sdepends on building CERT_ANY certificates
2012-05-03 11:07:21 +02:00
Martin Willi
7f957b3379
Building CERT_ANY through PEM requires either a CERT_X509 or a CERT_PGP builder
2012-05-03 09:40:25 +02:00
Tobias Brunner
088020fbac
Updated Android.mk for 5.0 (no IKEv1 support yet).
2012-05-03 09:37:35 +02:00
Andreas Steffen
e4ae891983
updated tnc-pdp plugin for 5.0.0
2012-05-02 22:53:45 +02:00
Andreas Steffen
6c5873d448
updated testing.conf for 5.0.0
2012-05-02 22:53:11 +02:00
Andreas Steffen
9fc69a0c81
two new options for 5.0.0 UML testing
2012-05-02 21:13:14 +02:00
Tobias Brunner
ed7186cbe1
NEWS about route reinstallation added.
2012-05-02 15:24:48 +02:00
Tobias Brunner
bc798c9ce8
Route reinstallation in kernel_ipsec_t implementations is not needed anymore.
2012-05-02 15:24:47 +02:00
Tobias Brunner
f834249c59
Reinstall routes in kernel-netlink plugin, if interfaces get reactivated or IPs reappear.
2012-05-02 15:24:47 +02:00
Tobias Brunner
74ba22c992
Keep track of installed source routes in kernel-netlink plugin.
2012-05-02 14:56:08 +02:00
Tobias Brunner
d55c240474
NEWS about bus_t refactorings added.
2012-05-02 14:45:38 +02:00
Tobias Brunner
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
Tobias Brunner
d724fcd624
Ensure that multi-line log messages are not torn apart.
2012-05-02 14:45:38 +02:00
Tobias Brunner
4d21000cf7
Added recursive read_lock support to our own implementation of rwlock_t.
2012-05-02 14:45:38 +02:00
Tobias Brunner
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
Tobias Brunner
f9f867899a
Use a separate list and mutex for loggers.
...
This avoids deadlocks caused by extensive listener_t implementations
which might want to acquire a lock which is currently held by another
thread wanting to log messages. Since the latter requires that thread
to acquire the same lock the initial thread currently holds this
previously resulted in a deadlock.
With this change logging messages does not require threads to acquire
the main lock in bus_t and thus avoids the deadlock.
2012-05-02 14:45:38 +02:00
Tobias Brunner
ecb5abd7fa
Fixed return value of controller_t functions if callback returns FALSE.
2012-05-02 14:45:38 +02:00
Tobias Brunner
052e0a17b8
Use wrapped semaphore in callback_job_t.
2012-05-02 14:45:38 +02:00
Tobias Brunner
aac20ec784
Removed remaining parts of controller_t.listen() implementation.
2012-05-02 14:45:38 +02:00
Tobias Brunner
a629513961
Remove obsolete bus_t.listen() method.
2012-05-02 14:45:38 +02:00
Tobias Brunner
5a073784e2
Implement wait_for_listener in controller_t with semaphores.
...
This eliminates even the slightest chance of a deadlock.
2012-05-02 14:45:37 +02:00
Tobias Brunner
8f6c13271c
Added a wrapper class around POSIX semaphores.
2012-05-02 14:45:37 +02:00
Tobias Brunner
b6e9c41861
Implement bus_t.listen() directly in controller_t (the only user).
...
This will hopefully allow us to later simplify bus_t.
2012-05-02 14:45:37 +02:00
Martin Willi
daab152afa
Add plugin features support to stroke plugin
2012-05-02 14:05:52 +02:00
Martin Willi
0c7af2ce27
Certificate decoding soft-depends on public key decoding of specific types
2012-05-02 14:05:52 +02:00
Martin Willi
4b5e637472
PEM loading plugin features depend on the same feature, they are helpers only
2012-05-02 14:05:52 +02:00
Martin Willi
f14bf6345f
Don't depend on a feature that has a dependency to the same feauture during unload
2012-05-02 14:05:52 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Martin Willi
f99d8b10c9
Added a dedicated sender flush method, delay sender destruction until users gone
2012-05-02 10:22:59 +02:00
Tobias Brunner
13de38e354
Documented strongswan.conf options for radattr plugin.
2012-05-01 13:32:43 +02:00
Andreas Steffen
552557a65d
add AUTH_RULE_SUBJECT_CERT for raw public keys
2012-04-30 13:40:48 +02:00