3f6392bc14
fixed a memory leak in imc|imv_agent
2012-07-12 00:03:24 +02:00
246c9ad831
imc/imv->send_message() uses attr_list
2012-07-11 23:34:51 +02:00
c9c3da66a8
removed unused variables
2012-07-11 23:15:44 +02:00
d4cf9cdf28
fixed libstrongswan/Makefile.am
2012-07-11 23:13:55 +02:00
a24f83e97a
Use "-include config.h" when building ruby dumm extension
2012-07-11 18:07:19 +02:00
c56667f1db
fixed logging of unsupported TNCCS version
2012-07-11 17:09:05 +02:00
1de4af66d5
PB-TNC Client sends empty CLOSE batch only in DECIDED state
2012-07-11 17:09:05 +02:00
a287a3cdcd
have_recommendation() accepts NULL arguments
2012-07-11 17:09:05 +02:00
b8b678a567
send empty SDATA batch if no recommendation is available yet, but in order to avoid loops only if no empty CDATA batch was received
2012-07-11 17:09:05 +02:00
a5c79d0175
moved batch size calculation into pb_tnc_batch_t
2012-07-11 17:09:05 +02:00
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
3a16bec8f9
limit the size of a PB-TNC batch to the maximum EAP-TNC packet size
2012-07-11 17:09:05 +02:00
6245edf37e
eliminate message length field in EAP-TNC
2012-07-11 17:09:05 +02:00
a04c51aea9
due to single fragment, total length does not have to be included
2012-07-11 17:09:04 +02:00
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
c36680962c
allow to transmit 64k TLS Handshake and Application messages via EAP-[T]TLS
2012-07-11 17:09:04 +02:00
dfe82160e4
some tls_eap optimizations
2012-07-11 17:09:04 +02:00
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
22f9174609
defined ITA Dummy PA-TNC attribute for test purposes
2012-07-11 17:09:04 +02:00
ee200bab61
use TSS_PCRS_STRUCT_DEFAULT
2012-07-11 17:09:04 +02:00
da67c37d65
log invalid TLS packet length
2012-07-11 17:09:04 +02:00
5b35214a87
check boot_aggregate value
2012-07-11 17:09:04 +02:00
ddafcda4d8
refactored PTS functional component measurements
2012-07-11 17:09:04 +02:00
b188f23199
Install dev headers only if --with-dev-headers= option is set
2012-07-11 11:16:31 +02:00
2a6bcbbdee
Install libtls development headers
2012-07-11 10:51:01 +02:00
f1292d9d24
Install libfast development headers
2012-07-11 10:43:33 +02:00
4c311ffb1f
Check if config.h passed correctly via gcc -include
2012-07-11 09:57:07 +02:00
7115448529
Install libstrongswan development headers
2012-07-11 09:57:07 +02:00
7300eb29d1
Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
2012-07-11 09:57:07 +02:00
7c8b9fcbf6
Add safe_strerror() to leak detective whitelist
...
While the thread specific strerror buffer gets cleaned up for
worker threads during their termination, the main thread itself,
and so its strerror buffer, is still alive during leak reports.
2012-07-11 08:45:15 +02:00
07836f559d
Send cert request based on peers configured authentication class
2012-07-10 17:15:59 +02:00
dfd34c5a77
Add an option to disable libstrongswan certificate caching
2012-07-09 19:03:10 +02:00
ee7b7de18f
getpwnam_r and getgrnam_r are not supported by the Android NDK
2012-07-09 17:52:01 +02:00
7399119e58
Android.mk of libstrongswan updated
2012-07-09 17:52:01 +02:00
3128e7fa7c
Don't send CERTREQs when initiating aggressive mode PSK
2012-07-09 12:05:23 +02:00
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
644c6c968d
Use spin locks to update IKE_SAs in controller_t
...
This ensures the listeners don't miss any events after the SAs have been
checked out in the asynchronously executed jobs. This is a matter of
memory visibility and not primary a matter of exclusive access.
2012-07-04 10:13:50 +02:00
12fa85c664
Added wrapper for POSIX spin locks
2012-07-04 10:13:49 +02:00
c9355ea4a0
Fixed job handling in controller_t
...
Also IKE_SAs are now checked out in the jobs and not before.
2012-07-04 10:13:49 +02:00
ce938e5cfa
Add charon-nm to .gitignore
2012-07-03 17:41:14 +02:00
3e0fe9f13e
Default to register_printf_specifier() if no printf hooking #defined
...
This allows us to build (non-./configured) external tools against
libstrongswan without explicitly specifiying the most commonly used
printf hooking function.
2012-07-03 13:09:14 +02:00
901dbc1077
openssl: Ensure the thread ID is never zero
...
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
2012-07-03 12:02:57 +02:00
997fdd1f02
Accept non-"/0" subnet sizes for traffic selectors starting at 0.0.0.0
2012-07-02 17:25:26 +02:00
a60e92a2c8
Added GPL header to AndroidConfigLocal.h
2012-06-29 16:51:29 +02:00
e516068965
Removed superfluous remove_hasher() call in md5 plugin
2012-06-29 16:23:20 +02:00
d12635c77d
Pass "lo" as faked tundev to NM, as it now needs a valid interface since 0.9
2012-06-29 15:21:57 +02:00
9d2968e272
As a responder, don't start a TRANSACTION request if we expect one from the initiator
2012-06-29 13:40:31 +02:00
36df6113fa
added Ubuntu 12.04 LTS i686 measurements
2012-06-28 22:20:44 +02:00
5f451f2d6a
IMCs and IMVs might depend on X.509 certificates or trusted public keys
2012-06-28 17:55:02 +02:00
bbbffac3ab
Defined a macro to replace strerror(3) with calls to thread-safe wrapper
2012-06-28 13:14:52 +02:00
Andreas Steffen