ba8b28b67f
Raise an alert if IKE SA is kept
...
This alert is raised when the establishment of a child SA fails but the
IKE SA is kept.
2012-12-20 09:15:07 +01:00
578f72ceb0
Raise an alert if half-open timeout limit reached
2012-12-19 10:40:33 +01:00
c57fe7ac6f
Raise an alert if an authorize() hook fails
2012-12-19 10:40:33 +01:00
45d6134218
Raise an alert if allocating virtual IPs fails
2012-12-19 10:40:33 +01:00
f285b9efc8
Raise an alert if kernel policy installation fails
2012-12-19 10:40:33 +01:00
bcf3147e0a
Raise an alert if kernel SA installation fails
2012-12-19 10:40:33 +01:00
24f30ec92f
Raise an alert on traffic selector mismatch
2012-12-19 10:40:32 +01:00
c794455666
Raise alerts when enforcing IKE_SA unique policy
2012-12-19 10:40:32 +01:00
5dd9c3087f
Raise an alert if CHILD_SA proposals mismatch
2012-12-19 10:40:32 +01:00
bab949bb26
Raise an alert if IKE proposals mismatch
2012-12-19 10:40:32 +01:00
3f7f5388a5
Raise an alert of generating local authentication data fails
2012-12-19 10:40:32 +01:00
3c79b7b7db
Add alerts for sent/received message retransmissions and timeout
2012-11-29 10:22:51 +01:00
bf0bcee9ec
Fixed output of longer debug messages
...
(v)snprintf(3) returns the length without terminating null byte but the
length given as parameter must include it.
2012-11-07 12:44:58 +01:00
f05b427265
Moved debug.[ch] to utils folder
2012-10-24 16:00:51 +02:00
418f4bc7a5
Raise a bus alert when IKE message body parsing fails
2012-10-24 11:34:30 +02:00
2b95ab7620
Raise a bus alert when IKE message header parsing fails
2012-10-24 11:34:30 +02:00
f6f16131d0
Raise a bus alert when a received message contains unknown SPIs
2012-10-24 11:34:30 +02:00
d35d669180
Make syslog and file loggers configurable at runtime
2012-10-18 14:42:10 +02:00
1d6dc62727
Added a new alert that is raised if peer does not respond to initial IKE message
2012-10-16 14:16:17 +02:00
f942588f95
Add a responder narrow() hook to change TS in the kernel, but not on the wire
2012-09-11 16:14:39 +02:00
4dbb193190
Add ike_reestablish() event that is triggered when an IKE_SA is reestablished
...
This is particularly useful during reauthentication to get the new
IKE_SA.
2012-09-06 11:25:14 +02:00
d19f0ae3e0
Don't modify the message string passed to logger, as it gets reused
2012-07-13 15:43:04 +02:00
c6343cf0ad
Log to a malloc()ed buffer if the on-stack buffer is not large enough
2012-07-13 13:23:29 +02:00
7959a3faec
Removed superfluous @param in bus.h.
2012-05-18 09:57:01 +02:00
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
d724fcd624
Ensure that multi-line log messages are not torn apart.
2012-05-02 14:45:38 +02:00
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
f9f867899a
Use a separate list and mutex for loggers.
...
This avoids deadlocks caused by extensive listener_t implementations
which might want to acquire a lock which is currently held by another
thread wanting to log messages. Since the latter requires that thread
to acquire the same lock the initial thread currently holds this
previously resulted in a deadlock.
With this change logging messages does not require threads to acquire
the main lock in bus_t and thus avoids the deadlock.
2012-05-02 14:45:38 +02:00
aac20ec784
Removed remaining parts of controller_t.listen() implementation.
2012-05-02 14:45:38 +02:00
a629513961
Remove obsolete bus_t.listen() method.
2012-05-02 14:45:38 +02:00
47b8f6ef4b
Invoke bus_t.message hook twice, once plain and parsed, once encoded and encrypted
2012-03-20 17:31:37 +01:00
23f9e7a18d
Pass IKEv1 specific keymat to ike_keys hook
2012-03-20 17:31:37 +01:00
d0e1b237be
Properly remove listener when listen() times out
2011-08-31 16:50:06 +02:00
8e3f14baab
bus->listen() and the controller wrappers accept a timeout to wait for callbacks
2011-08-26 10:44:25 +02:00
ccbe380377
Throw an alert if authentication of the peer fails (not only for initiator).
2011-08-12 10:04:02 +02:00
7ab19d571d
Throw an alert when the peer address cannot be resolved during initiation.
2011-08-12 09:59:27 +02:00
ff4b25f9b7
Throw an alert via bus_t when remote authentication fails.
2011-08-12 09:59:27 +02:00
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
4bbce1ef37
Replaced ike_sa_t.create_child_sa_iterator with enumerator.
...
This required two new methods on ike_sa_t. One returns the number of
CHILD_SAs and one allows to remove a CHILD_SA.
2011-07-06 09:43:45 +02:00
b4c9ab9c79
Cache group name in sys_logger_t to avoid problems with Vstr.
...
Because syslog(3) is not replaced when using the Vstr wrapper, %N can
not be resolved properly.
2011-05-03 10:50:28 +02:00
b7cb8100c4
Migrated sys_logger_t to INIT/METHOD macros.
2011-05-03 10:21:58 +02:00
5bbe0ee18c
Migrated file_logger_t to INIT/METHOD macros.
2011-05-03 10:21:03 +02:00
f2e2a40550
Fix potential use after free
2011-01-19 09:59:01 +01:00
bb381e26c6
Refer to scheduler and processor via lib and not hydra.
2010-09-02 19:04:18 +02:00
c5f7146b17
Refer to processor via hydra and not charon.
2010-09-02 19:01:22 +02:00
8427c78611
Added a ike_name logger option to prefix the IKE_SA name on each line
2010-08-25 09:55:37 +02:00
b2e447e24a
Pass the CREATE_CHILD_SA initiator flag to the child_keys parameter
2010-07-26 13:53:53 +02:00
be715344c2
Added a hook to narrow traffic selectors for CHILD_SAs
2010-07-13 10:26:07 +02:00
88fa56b1ad
Moved bus_t to METHOD/INIT macros
2010-07-13 10:26:07 +02:00
6f07f5e3d4
The file logger supports a time prefix using a strftime() format specifier
2010-07-08 17:44:19 +02:00
Adrian-Ken Rueegsegger