Andreas Steffen
3f6392bc14
fixed a memory leak in imc|imv_agent
2012-07-12 00:03:24 +02:00
Andreas Steffen
246c9ad831
imc/imv->send_message() uses attr_list
2012-07-11 23:34:51 +02:00
Andreas Steffen
c9c3da66a8
removed unused variables
2012-07-11 23:15:44 +02:00
Andreas Steffen
d4cf9cdf28
fixed libstrongswan/Makefile.am
2012-07-11 23:13:55 +02:00
Martin Willi
a24f83e97a
Use "-include config.h" when building ruby dumm extension
2012-07-11 18:07:19 +02:00
Andreas Steffen
c56667f1db
fixed logging of unsupported TNCCS version
2012-07-11 17:09:05 +02:00
Andreas Steffen
1de4af66d5
PB-TNC Client sends empty CLOSE batch only in DECIDED state
2012-07-11 17:09:05 +02:00
Andreas Steffen
a287a3cdcd
have_recommendation() accepts NULL arguments
2012-07-11 17:09:05 +02:00
Andreas Steffen
b8b678a567
send empty SDATA batch if no recommendation is available yet, but in order to avoid loops only if no empty CDATA batch was received
2012-07-11 17:09:05 +02:00
Andreas Steffen
a5c79d0175
moved batch size calculation into pb_tnc_batch_t
2012-07-11 17:09:05 +02:00
Andreas Steffen
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
Andreas Steffen
3a16bec8f9
limit the size of a PB-TNC batch to the maximum EAP-TNC packet size
2012-07-11 17:09:05 +02:00
Andreas Steffen
6245edf37e
eliminate message length field in EAP-TNC
2012-07-11 17:09:05 +02:00
Andreas Steffen
a04c51aea9
due to single fragment, total length does not have to be included
2012-07-11 17:09:04 +02:00
Andreas Steffen
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
Andreas Steffen
c36680962c
allow to transmit 64k TLS Handshake and Application messages via EAP-[T]TLS
2012-07-11 17:09:04 +02:00
Andreas Steffen
dfe82160e4
some tls_eap optimizations
2012-07-11 17:09:04 +02:00
Andreas Steffen
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
Andreas Steffen
22f9174609
defined ITA Dummy PA-TNC attribute for test purposes
2012-07-11 17:09:04 +02:00
Andreas Steffen
ee200bab61
use TSS_PCRS_STRUCT_DEFAULT
2012-07-11 17:09:04 +02:00
Andreas Steffen
da67c37d65
log invalid TLS packet length
2012-07-11 17:09:04 +02:00
Andreas Steffen
5b35214a87
check boot_aggregate value
2012-07-11 17:09:04 +02:00
Andreas Steffen
ddafcda4d8
refactored PTS functional component measurements
2012-07-11 17:09:04 +02:00
Martin Willi
b188f23199
Install dev headers only if --with-dev-headers= option is set
2012-07-11 11:16:31 +02:00
Martin Willi
2a6bcbbdee
Install libtls development headers
2012-07-11 10:51:01 +02:00
Martin Willi
f1292d9d24
Install libfast development headers
2012-07-11 10:43:33 +02:00
Martin Willi
4c311ffb1f
Check if config.h passed correctly via gcc -include
2012-07-11 09:57:07 +02:00
Martin Willi
7115448529
Install libstrongswan development headers
2012-07-11 09:57:07 +02:00
Martin Willi
7300eb29d1
Use and install a config.h AC_CONFIG_HEADER that contains all AC_DEFINE results
2012-07-11 09:57:07 +02:00
Martin Willi
7c8b9fcbf6
Add safe_strerror() to leak detective whitelist
...
While the thread specific strerror buffer gets cleaned up for
worker threads during their termination, the main thread itself,
and so its strerror buffer, is still alive during leak reports.
2012-07-11 08:45:15 +02:00
Martin Willi
07836f559d
Send cert request based on peers configured authentication class
2012-07-10 17:15:59 +02:00
Martin Willi
dfd34c5a77
Add an option to disable libstrongswan certificate caching
2012-07-09 19:03:10 +02:00
Tobias Brunner
ee7b7de18f
getpwnam_r and getgrnam_r are not supported by the Android NDK
2012-07-09 17:52:01 +02:00
Tobias Brunner
7399119e58
Android.mk of libstrongswan updated
2012-07-09 17:52:01 +02:00
Martin Willi
3128e7fa7c
Don't send CERTREQs when initiating aggressive mode PSK
2012-07-09 12:05:23 +02:00
Martin Willi
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
Tobias Brunner
644c6c968d
Use spin locks to update IKE_SAs in controller_t
...
This ensures the listeners don't miss any events after the SAs have been
checked out in the asynchronously executed jobs. This is a matter of
memory visibility and not primary a matter of exclusive access.
2012-07-04 10:13:50 +02:00
Tobias Brunner
12fa85c664
Added wrapper for POSIX spin locks
2012-07-04 10:13:49 +02:00
Tobias Brunner
c9355ea4a0
Fixed job handling in controller_t
...
Also IKE_SAs are now checked out in the jobs and not before.
2012-07-04 10:13:49 +02:00
Martin Willi
ce938e5cfa
Add charon-nm to .gitignore
2012-07-03 17:41:14 +02:00
Martin Willi
3e0fe9f13e
Default to register_printf_specifier() if no printf hooking #defined
...
This allows us to build (non-./configured) external tools against
libstrongswan without explicitly specifiying the most commonly used
printf hooking function.
2012-07-03 13:09:14 +02:00
Tobias Brunner
901dbc1077
openssl: Ensure the thread ID is never zero
...
This might otherwise cause problems because OpenSSL tries to lock
mutexes recursively if it assumes the lock is held by a different
thread e.g. during FIPS initialization.
2012-07-03 12:02:57 +02:00
Martin Willi
997fdd1f02
Accept non-"/0" subnet sizes for traffic selectors starting at 0.0.0.0
2012-07-02 17:25:26 +02:00
Tobias Brunner
a60e92a2c8
Added GPL header to AndroidConfigLocal.h
2012-06-29 16:51:29 +02:00
Tobias Brunner
e516068965
Removed superfluous remove_hasher() call in md5 plugin
2012-06-29 16:23:20 +02:00
Martin Willi
d12635c77d
Pass "lo" as faked tundev to NM, as it now needs a valid interface since 0.9
2012-06-29 15:21:57 +02:00
Martin Willi
9d2968e272
As a responder, don't start a TRANSACTION request if we expect one from the initiator
2012-06-29 13:40:31 +02:00
Andreas Steffen
36df6113fa
added Ubuntu 12.04 LTS i686 measurements
2012-06-28 22:20:44 +02:00
Andreas Steffen
5f451f2d6a
IMCs and IMVs might depend on X.509 certificates or trusted public keys
2012-06-28 17:55:02 +02:00
Tobias Brunner
bbbffac3ab
Defined a macro to replace strerror(3) with calls to thread-safe wrapper
2012-06-28 13:14:52 +02:00