af2db7a651
autoconf: replace autogen.sh custom script with a call to autoreconf -i
2013-07-18 14:59:19 +02:00
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
c577b5eb44
autoconf: rename configure.in to configure.ac
...
configure.ac has been the recommended name for autoconf input for several
years now. Newer autotools start to complain about the configure.in, so we
finally change it.
2013-07-18 14:59:19 +02:00
2e9e2fa848
eap-sim-pcsc: fix compiler warning
2013-07-18 14:59:19 +02:00
896abbefc5
nm: omit deprecated g_type_init() when using >= GLIB 2.36
2013-07-18 14:21:17 +02:00
2d5a20061a
soup: omit deprecated g_type_init() when using >= GLIB 2.36
2013-07-18 14:20:57 +02:00
b146ecbc4e
libfast: cancel thread if it fails to accept fcgi sessions
2013-07-18 12:24:38 +02:00
890f20989f
libfast: add a fast_ prefix to all classes, avoiding namespace clashes
2013-07-18 12:24:38 +02:00
569d114de8
Merge branch 'charon-xpc'
...
Implement a charon daemon controlled by the Apple specific XPC mechanism,
acting as a backend for a yet to build unprivileged GUI. The keychain plugin
coming with this merge provides certificates from the OS X keychain service.
2013-07-18 12:18:32 +02:00
b9c47eae06
xpc: allow easy copy & pase of ./configure instructions
2013-07-18 12:17:56 +02:00
7f1adbe94e
xpc: use -idirafter to build against openssl headers from /usr/include
2013-07-18 12:17:56 +02:00
06e8712cb3
xpc: forward some risen alerts over XPC to App
2013-07-18 12:17:56 +02:00
e7ee45ef38
xpc: enable close_ike_on_child_failure
2013-07-18 12:17:56 +02:00
e37c5d46d3
xpc: send a "connecting" event when establishing a connection starts
2013-07-18 12:17:56 +02:00
3ffa310c44
xpc: use osx-attr plugin to install configuration attributes
2013-07-18 12:17:56 +02:00
c7ac7f92e9
xpc: update README with new events, markdown style fixes
2013-07-18 12:17:55 +02:00
4edcc86149
xpc: send child_updown events over XPC channel
2013-07-18 12:17:55 +02:00
d60c8d2c74
xpc: support termination of IKE_SAs using XPC RPC on connection channel
2013-07-18 12:17:55 +02:00
790ad9e677
xpc: move XPC RPC reply creation to command dispatching
2013-07-18 12:17:55 +02:00
a0c125eacb
xpc: terminate daemon when last XPC connection to App gone
2013-07-18 12:17:55 +02:00
6aae6268d7
xpc: fix some refcounting issues related to XPC connections
2013-07-18 12:17:55 +02:00
22bffc647d
xpc: no need to clear channel table, they are bound to IKE_SA lifetime
2013-07-18 12:17:55 +02:00
1a3f71d97a
xpc: add support for logging over XPC channels
2013-07-18 12:17:55 +02:00
fbc89786b5
xpc: don't warn about pointer signedness mismatch (-Wno-pointer-sign)
2013-07-18 12:17:55 +02:00
dcf8a3c78b
xpc: add a description of the basic XPC protocol to README
2013-07-18 12:17:55 +02:00
d5966e71e9
xpc: use the same XPC message "type" mechanism on Mach service as on channels
2013-07-18 12:17:55 +02:00
39d15dde67
xpc: ask App for passwords using connection specific channel
2013-07-18 12:17:55 +02:00
8279ce99c4
xpc: use IKE_SA specific XPC return channels for further communication
2013-07-18 12:17:55 +02:00
bc74e18223
xpc: don't send certificate requests, there are too many when using keychain
2013-07-18 12:17:55 +02:00
5016370390
xpc: build with support for the keychain plugin
2013-07-18 12:17:55 +02:00
e73a653451
xpc: add support for initiate simple IKEv2 EAP connections
2013-07-18 12:17:54 +02:00
3dcc9d7aa7
xpc: move dispatching to dedicated class, using dedicated thread
2013-07-18 12:17:54 +02:00
4204d1d71a
xpc: use non-inlining variant of vstr, compiler does not like it
2013-07-18 12:17:54 +02:00
6f8c626b81
xpc: add Xcode project for a charon controlled through XPC
2013-07-18 12:17:54 +02:00
61177388bd
syslog: setlogmask() to include LOG_INFO
...
LOG_INFO seems to be excluded by default on some systems (OS X).
2013-07-18 12:17:54 +02:00
55dacbfac2
keychain: flush certificate cache after reloading System keychain
2013-07-18 12:17:54 +02:00
57dce77ba6
keychain: monitor changes in the system keychain, reload when necessary
2013-07-18 12:17:54 +02:00
dcd8bdde4f
keychain: use SearchCopyNext keychain enumeration for System certs as well
...
SecItemCopyMatching seems to be problematic regarding memory management. And
as there does not seem to be a good alternative to enumerate the System Roots
keychain using the SecItemCopyMatching API, we stick to the deprecated
enumeration functions for now.
2013-07-18 12:17:54 +02:00
0bdd453392
keychain: load certificates from System Roots Keychain
2013-07-18 12:17:54 +02:00
bc6c7bf39e
keychain: load certificates only once during startup, improving performance
2013-07-18 12:17:54 +02:00
6f00ddb90c
keychain: support on-the-fly enumeration of trusted/untrusted certificates
2013-07-18 12:17:54 +02:00
7b8edabd8a
keychain: add a stub for a credential plugin using OS X Keychain Services
2013-07-18 12:17:54 +02:00
5d36f04ee2
credmgr: stop querying for secrets once we get a perfect match
2013-07-18 12:17:54 +02:00
69039e83f8
credmgr: don't use pointers for id_match_t enum values
2013-07-18 12:17:54 +02:00
c3e7b3de0b
openssl: parse X.509 extended key usage from extension parsing loop
...
Otherwise parsing gets aborted if unknown critical extensions are handled as
error.
2013-07-18 12:17:53 +02:00
3f55f203ee
openssl: show which critical X.509 extension is not supported
2013-07-18 12:17:53 +02:00
437a6feb07
hashtable: add common hashtable hash/equals functions for pointer/string keys
2013-07-18 12:17:53 +02:00
01c0267778
thread: implicitly create thread_t if an external thread calls thread_current()
2013-07-18 12:17:53 +02:00
07a9d5c91a
ike: Fix reestablishing SAs if no child-creating tasks are queued
2013-07-18 10:40:08 +02:00
2b0c8ee37d
ike-sa: uninstall CHILD_SAs before removing virtual IPs
...
a3854d83
2013-07-18 10:35:38 +02:00
Martin Willi