ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
12,766 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

12766 Commits

Author SHA1 Message Date
Tobias Brunner b98551c74a coverage: Make genhtml not fail if sources are not found 
For some reason the .y and .l files of the settings parser are searched in
the wrong directory.
 2014-05-15 11:28:08 +02:00
Tobias Brunner f5dd274ab8 settings: Maintain order of sections and settings while enumerating 2014-05-15 11:28:08 +02:00
Tobias Brunner 2fbbea55c5 settings: Don't overwrite values in-place 
This is not thread safe.  If threads are reading from pointers to existing
values they could get a partially updated invalid value.

Refactored assignment to a separate function.
 2014-05-15 11:28:08 +02:00
Tobias Brunner 725c479f8b settings: Add functions to add sections and key/value pairs to a section 2014-05-15 11:28:07 +02:00
Tobias Brunner 2fe04fb312 unit-tests: Update settings tests to match new parser 
Empty settings are now ignored, strings are supported, newlines are
handled properly (e.g. at the end of files) etc.
 2014-05-15 11:28:07 +02:00
Tobias Brunner 3855dc01ec settings: Don't enumerate key/value pairs with NULL value 2014-05-15 11:28:07 +02:00
Tobias Brunner 47a3ed979b settings: Use generated parser instead of our own 2014-05-15 11:28:07 +02:00
Tobias Brunner 073d72cf49 settings: Optionally keep track of removed/replaced values 2014-05-15 11:28:06 +02:00
Tobias Brunner 1f669078ac settings: Add flex/bison based parser for strongswan.conf 
This parser features several improvements over the existing one.
For instance, quoted strings (with escape sequences), unlimited includes,
relaxed newline handling (e.g. at the end of files or before/after { and }),
and the difference between empty and unset values (key = vs. key = "").

It also complains a lot more about invalid syntax. The current one accepts
pretty odd stuff (like settings or sections without name) without any
errors or warnings.
 2014-05-15 11:28:06 +02:00
Tobias Brunner f99d1f7ba5 settings: Extract section and key/value pair types and helper functions 
This allows us to use them in the upcoming parser.
 2014-05-15 11:28:06 +02:00
Tobias Brunner 3cb8016f0e parser-helper: Add utility class for flex/bison based parsers 2014-05-15 11:28:06 +02:00
Tobias Brunner 3784633fa5 settings: Use glob enumerator to load included files 2014-05-15 11:28:06 +02:00
Tobias Brunner 96de74b879 enumerator: Add enumerator to enumerate files matching a pattern 
This enumerator is a wrapper around glob(3).  If that function is not
supported NULL is returned.  If no files match or an error occurs during
the pattern expansion an error is logged and the enumerator simply returns
no items.

RFC: if GLOB_ERR is not supplied glob returns GLOB_NOMATCH if e.g. the
base directory of the pattern does not exist, which would otherwise
result in an error. This way there is at least a clear error message in
case of a typo.
 2014-05-15 11:28:05 +02:00
Tobias Brunner b9b1114ab1 settings: Move to a separate folder 2014-05-15 11:28:05 +02:00
Tobias Brunner 8069b3b14b array: Allocate initial data properly if esize is 0 2014-05-15 11:28:05 +02:00
Martin Willi e20e0a0586 swanctl: Increase default debug level to 1 
We initially intended to silence debugging only during thread initialization,
not for swanctl in general.
 2014-05-14 16:28:01 +02:00
Martin Willi 80b56fb468 vici: Support the close_action keyword, as we have it documented 2014-05-14 16:26:53 +02:00
Martin Willi cdc42256b0 ikev1: Fix debugging log when remote traffic selector selection fails 2014-05-14 10:01:57 +02:00
Andreas Steffen 6becc59dc8 Version bump to 5.2.0dr4 2014-05-14 09:57:08 +02:00
Andreas Steffen fa34739848 result destructor at the wrong level 2014-05-14 09:43:54 +02:00
Tobias Brunner 35952dc13f conf: Fix sorting of options with Python 3 
__cmp__() is not supported anymore with Python 3 and cmp() is deprecated.
Instead rich comparisons should be used (only __lt__() is required for
sorting).
 2014-05-13 11:14:44 +02:00
Tobias Brunner 5ee4984da5 conf: print is a function in Python 3 2014-05-13 11:14:43 +02:00
Andreas Steffen 60633a995f build-database.sh finds all *.so files in /usr/lib 2014-05-13 10:08:04 +02:00
Andreas Steffen 7207e3a7ea Defined BIOS and EFI event types and log event info 
On debug level 2 log EV_ACTION and EV_EFI_ACTION strings
and on level 3 dump raw event information
 2014-05-13 06:21:28 +02:00
Tobias Brunner f1a272a0d0 libpts: Updated Android.mk 2014-05-12 11:46:08 +02:00
Andreas Steffen 92b5626055 Version bump to 5.2.0dr3 2014-05-12 07:39:33 +02:00
Andreas Steffen 03b5def0fa Added implementation of RFC 7171 to NEWS 2014-05-12 06:59:21 +02:00
Andreas Steffen 8d59090349 Implemented PT-EAP protocol (RFC 7171) 2014-05-12 06:59:21 +02:00
Andreas Steffen ab21875f50 Extended build-database.sh 2014-05-12 06:55:29 +02:00
Andreas Steffen 37a73b9cc7 attest now maintains multiple versions of a file hash 2014-05-10 20:08:20 +02:00
Andreas Steffen 688b5b99ed Changed default value to libimcv.imc-attestation.pcr_info = no 2014-05-10 20:08:20 +02:00
Martin Willi b1b01840b6 child-sa: Reclaim old state if SA updating is not supported 
If the state stays at UPDATING, the fallback using IKEv1 rekeying fails as
the task manager refuses to rekey a CHILD_SA in non-INSTALLED state.
 2014-05-09 08:49:08 +02:00
Martin Willi b30c09eaff NEWS: Add swanctl news 2014-05-08 09:35:59 +02:00
Martin Willi 2df905474a Merge branch 'swanctl' 
Adds a swanctl command line tool to manage the IKE daemon charon using the
VICI interface provided by the vici plugin.
 2014-05-07 16:05:39 +02:00
Martin Willi b1076bc8fd swanctl: By default print local swanctl version with --version 
But add a --daemon option to query the IKE daemon for its version.
 2014-05-07 15:48:17 +02:00
Martin Willi 92884b4683 swanctl: Install empty credential folders with appropriate permissions 2014-05-07 15:48:17 +02:00
Martin Willi 2230f18358 swanctl: Document most swanctl.conf options in manpage 2014-05-07 15:48:17 +02:00
Martin Willi d909e51918 swanctl: Keep swanctl.conf man/template section order as defined 2014-05-07 15:48:17 +02:00
Martin Willi ae98a39e71 conf: Add a format-options --nosort option to keep order of sections as defined 2014-05-07 15:48:17 +02:00
Martin Willi 85d26e0c87 swanctl: Add a swanctl command overview manpage 2014-05-07 15:48:17 +02:00
Tobias Brunner b18191ba0f swanctl: Generate swanctl.conf(5) man page 2014-05-07 15:48:16 +02:00
Tobias Brunner 6a461f0852 swanctl: Generate man page snippet with config options 2014-05-07 15:48:16 +02:00
Tobias Brunner e20deeca77 conf: Properly propagate whether a section is commented or not 2014-05-07 15:48:16 +02:00
Tobias Brunner 5fdba04312 swanctl: Convert swanctl.conf to an options file and generate config 2014-05-07 15:48:16 +02:00
Tobias Brunner 49d8a5f554 swanctl: Install swanctl.conf if it does not exist yet 2014-05-07 15:48:16 +02:00
Martin Willi 1312eab036 swanctl: Change syntax of secrets to accept identities with special chars 
Having identity strings in the settings key is problematic, as the parser can't
handle arbitrary characters in it. Further, the space separation makes it
impossible to define identities with spaces.

The new format uses key prefixes, similar to those used in local/remote auth
sections of connections. The secrets section takes subsections with type
prefixes, and each subsection uses "id" prefixes to define an arbitrary
number of identities.
 2014-05-07 15:48:16 +02:00
Martin Willi a2875525ae swanctl: List local and remote addresses in list-conns 2014-05-07 15:48:16 +02:00
Martin Willi 43306afe8e swanctl: Add a list-pools command to summarize pool status 2014-05-07 15:48:15 +02:00
Martin Willi a77acc183a swanctl: Add a load-pools command to (re-)load pool configurations from file 2014-05-07 15:48:15 +02:00
Martin Willi 4ee33b44df swanctl: Encode connection "pools" as list items 2014-05-07 15:48:15 +02:00