Martin Willi
b934929804
kernel-wfp: Disable IPsec policy updates
...
It seems that WFP requires an update of the SA context only, but not for the
filters. This allows us to omit support for (fallback) drop policies.
2014-06-04 16:32:07 +02:00
Martin Willi
7452adfad3
kernel-interface: Add a flag to indicate no policy updates required
2014-06-04 16:32:07 +02:00
Martin Willi
cd88f818fa
kernel-wfp: Increment SPIs properly, that is while in host order
2014-06-04 16:32:07 +02:00
Martin Willi
af098b5008
kernel-wfp: Triggering expire events for SAs to rekey/delete
2014-06-04 16:32:07 +02:00
Martin Willi
b3f90915f9
kernel-wfp: Enforce hard lifetimes of SAs
2014-06-04 16:32:07 +02:00
Martin Willi
b50d486e78
kernel-wfp: Add some notes about query_sa/policy() support
2014-06-04 16:32:06 +02:00
Martin Willi
f351d9ef7d
kernel-wfp: Reference SA/SP sets by SPI and destination, not reqid
...
This allows us to have multiple CHILD_SAs for the same reqid, and brings
rekeying support.
2014-06-04 16:32:06 +02:00
Martin Willi
4a8b85684f
kernel-wfp: Add support for tunnel mode connections
2014-06-04 16:32:06 +02:00
Martin Willi
f5ddda7f57
kernel-wfp: Register a WFP provider to manage IPsec tunnels
2014-06-04 16:32:06 +02:00
Martin Willi
149fc48e03
kernel-wfp: Preliminary support for transport mode connections
2014-06-04 16:32:06 +02:00
Martin Willi
b1ba0a666c
kernel-wfp: Fix/Complete some fwpuclnt functionality in MinGW
...
While MinGW declares all the required symbols, some of them are missing in the
library files. We provide missing variables locally, functions get a stub
that call the GetProcAddress()ed function from the DLL.
Also some MinGW headers define some enum values incorrectly, we overload these
using defines.
2014-06-04 16:32:06 +02:00
Martin Willi
ebb9362d85
kernel-wfp: Open and close a WFP engine
2014-06-04 16:32:06 +02:00
Martin Willi
96ab7a8022
kernel-wfp: Create userland state for SAs/policies to install in kernel
2014-06-04 16:32:06 +02:00
Martin Willi
8d91eee3fc
kernel-wfp: Add a stub for a Windows Filtering Platform based IPsec backend
2014-06-04 16:32:05 +02:00
Martin Willi
893e8ceee3
Merge branch 'win-socket'
...
Adds a socket-win plugin providing an IKE socket implementation for Windows
based on the native Winsock2 API.
2014-06-04 16:31:18 +02:00
Martin Willi
9b7a2188d9
travis: Include socket backend in Windows build test
2014-06-04 16:31:09 +02:00
Martin Willi
d62b2444bc
travis: Build "all" tests without Windows socket backend
2014-06-04 16:31:09 +02:00
Martin Willi
fb0b539084
socket-win: Implement a Windows socket plugin using Winsock2
2014-06-04 16:31:09 +02:00
Martin Willi
8c55f8ef42
Merge branch 'win'
...
Ports the strongSwan core libraries and some plugins to the Windows platform
using a MinGW based toolchain. Beside generic platform abstraction and
the windows.[ch] compatibility layer, this merge introduces a Windows native
threading backend and a charon-svc Windows IKE service.
Travis adds a MinGW cross-compile build to Windows, and further enables -Werror
to let builds fail for all compiler warnings with gcc and Clang.
2014-06-04 16:26:58 +02:00
Martin Willi
d930d18417
travis: Define a Windows build test using MinGW
2014-06-04 16:22:43 +02:00
Martin Willi
95e67e8d19
travis: Perform build tests with -Werror
2014-06-04 15:53:13 +02:00
Martin Willi
3b7b806d27
windows: Compile with -mno-ms-bitfields if option not set explicitly
...
-mms-bitfields is the default in newer MinGWs, but it breaks
__attribute__((packed)).
2014-06-04 15:53:13 +02:00
Martin Willi
0ca8541564
configure: Fix attribute((packed)) test when using -Werror
2014-06-04 15:53:13 +02:00
Martin Willi
3ab6082a0f
configure: Mark conftest variable as unused to pass test with -Werror
...
When using -Werror, the warning for the unused variable would let the test fail,
even if in6addr_any is available.
2014-06-04 15:53:13 +02:00
Martin Willi
2d42dce4a4
configure: Don't use -rdynamic with the LLVM toolchain
2014-06-04 15:53:13 +02:00
Martin Willi
4ce8b0cae6
charon-svc: Register for stop events not before reaching STATUS_RUNNING
...
MSDN SetServiceStatus(): "Do not register to accept controls while the status
is SERVICE_START_PENDING or the service can crash."
2014-06-04 15:53:12 +02:00
Martin Willi
ef7bfadabb
charon-svc: Check if daemon has been initialized before invoking shutdown alert
2014-06-04 15:53:12 +02:00
Martin Willi
f59e2b7bb3
swanctl: Stop logging with Ctrl+C on Windows as well
2014-06-04 15:53:12 +02:00
Martin Willi
dfb23fa159
vici: Add Windows support
2014-06-04 15:53:12 +02:00
Martin Willi
7659f67af3
windows: Provide POSIX supplement errno values missing in MinGW
...
MinGW headers do not define these values, but Windows system headers do.
Windows defines them for POSIX compatibility, we do the same locally.
2014-06-04 15:53:12 +02:00
Martin Willi
2162e50004
windows: Provide shutdown(2) operation aliases mapping to those on Windows
2014-06-04 15:53:12 +02:00
Martin Willi
c079c098c4
x509: Check return value when signing attribute certificates
...
In addition that this lets AC generation fail properly if private key signing
fails, it also fixes an issue when compiling on Windows with MinGW 4.8.1, where
for some reason the attributeCertificateInfo got encoded incorrectly.
2014-06-04 15:53:12 +02:00
Martin Willi
0c34c1b3af
unit-tests: Support testable functions on Windows, avoid weak GCC symbols
...
Instead of using weak symbols, we use dlsym() on Windows to find an arbitrary
symbol in libtest to detect its linkage. Instead of creating the associated
hashtable in the test runner, we maintain it in libstrongswan, making it
significantly simpler.
2014-06-04 15:53:12 +02:00
Martin Willi
460adb5d09
unit-tests: Seed chunk_hash() only once, but before creating any hashtables
...
Due to the removal of pthread_once, we manually create the seed for
chunk_hash(). With the new testable functions interface, this won't work for
the hashtable initiated using __attribute__((constructor)). Enforce seeding
before creating that hashtable.
2014-06-04 15:53:11 +02:00
Martin Willi
5cd28cd25a
pki: Provide a fallback if strptime() not supported
...
For simplicity, we support the default pki datetime format only, but optionally
accept four digit years for longer lifetimes.
2014-06-04 15:53:11 +02:00
Martin Willi
d34d800c6c
openssl: Don't re-enter FIPS mode if we are already using it
...
If FIPS mode has been enabled by other means, under some environments it can't
be entered again. It fails with "FIPS mode already set". To avoid it, we first
check the mode before changing it.
2014-06-04 15:53:11 +02:00
Martin Willi
549502bcb2
unit-tests: Force a CET/CEST timezone Windows understands
...
As it is currently unclear what the "three-letter-timezone" for CEST is, we
use the German timezone, which actually is CET/CEST. SetEnvironmentVariable()
"TZ" does not seem to affect localtime(), so we use _putenv() instead.
2014-06-04 15:53:11 +02:00
Martin Willi
c2c2c639af
travis: Build "all" test without Windows specific charon-svc or dbghelp
2014-06-04 15:53:11 +02:00
Martin Willi
66c0801dc7
utils: Add a wait_sigint() function to wait for SIGINT or equivalent
2014-06-04 15:53:11 +02:00
Martin Willi
13298719e3
pki: Switch to binary mode on Windows when reading/writing DER to FDs
2014-06-04 15:53:11 +02:00
Martin Willi
f1e7b9b0d7
pki: Stop prompting for password when entering empty string
2014-06-04 15:53:11 +02:00
Martin Willi
1309cb7b1a
chunk: On Windows, use binary mode in chunk_write()
2014-06-04 15:53:10 +02:00
Martin Willi
fc50731376
imv: Provide database table scheme for MySQL
2014-06-04 15:53:10 +02:00
Martin Willi
0b78661042
libpts: Respect path separators when concatenating database filenames
...
As we can't use the system native directory separator on cross-platform
measurements, we determine the path separator from the base directory format.
2014-06-04 15:53:10 +02:00
Martin Willi
0731d41ca9
attest: Properly separate and build absolute path names on Windows
2014-06-04 15:53:10 +02:00
Martin Willi
ecc6c2e8a4
libimcv: Pass TNC_SESSION_ID as argument instead as a environment variable
...
Doing so works on Windows as well.
2014-06-04 15:53:10 +02:00
Martin Willi
9b7d1a3b33
libimcv: Be a little more verbose about the Windows system reported
2014-06-04 15:53:10 +02:00
Martin Willi
ede10dd974
imv: Return an empty enumerator instead of null, as expected by callers
2014-06-04 15:53:10 +02:00
Martin Willi
5388389bef
imc-os: Add missing TNC_IMC_API definitions, fixes warnings on Windows
2014-06-04 15:53:10 +02:00
Martin Willi
0c512610cc
imv-os: Don't build pacman on Windows
2014-06-04 15:53:09 +02:00