ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
16,026 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

16026 Commits

Author SHA1 Message Date
Tobias Brunner 95ecc11774 unit-tests: Double escape backslashes in Windows paths in settings test 
That's required when these are used as include paths in settings file
strings.
 2017-07-28 11:22:40 +02:00
Tobias Brunner 67ad553a2c unit-tests: Stringify direction in message asserts early 
x86_64-w64-mingw32-gcc on Windows requires this.
 2017-07-28 11:18:59 +02:00
Tobias Brunner 65064cc33b unit-tests: iv_gen_seq has a dependency on RNG_STRONG 
We currently don't have an RNG in Windows builds.
 2017-07-28 11:18:59 +02:00
Tobias Brunner 6eb7dd11ec appveyor: Run tests on AppVeyor Windows containers 
We can't enable leak detective as it is so slow then that we run into a
timeout (60 minutes).
 2017-07-28 11:18:17 +02:00
Tobias Brunner 8d4ebb3ac4 peer-cfg: Use an rwlock instead of a mutex to safely access child-cfgs 
If multiple threads want to enumerate child-cfgs and potentially lock
other locks (e.g. check out IKE_SAs) while doing so a deadlock could
be caused (as was the case with VICI configs with start_action=start).
It should also improve performance for roadwarrior connections and lots
of clients connecting concurrently.

Fixes #2374.
 2017-07-27 13:34:40 +02:00
Tobias Brunner 578d893b4a credential-manager: Log issuer identity if not found 2017-07-27 13:28:13 +02:00
Tobias Brunner 0b756fbe95 auth-cfg: Don't limit subjectAltName check to received certificates 
Otherwise this won't work if the certificate is only locally available.
 2017-07-27 13:27:19 +02:00
Tobias Brunner 4272a3e9d7 swanctl: Read default socket from swanctl.socket option 
Also read from swanctl.plugins.vici.socket so we get
libstrongswan.plugins.vici.socket if it is defined.

Fixes #2372.
 2017-07-27 13:22:57 +02:00
Tobias Brunner ae48325a59 swanctl: Include config snippets from conf.d subdirectory 
Fixes #2371.
 2017-07-27 13:20:24 +02:00
Tobias Brunner fb8c9b3d08 conf: Add support to generate include statements in .conf files 2017-07-27 13:19:38 +02:00
Tobias Brunner 67402ec77b curl: Enable following redirects 
The maximum number of redirects can be limited. The functionality can also
be disabled.

Fixes #2366.
 2017-07-27 13:15:43 +02:00
Tobias Brunner 791cfe82a1 ikev2: AES-CMAC-PRF-128 only uses the first 64 bits of each nonce 
References #2377.
 2017-07-27 13:09:26 +02:00
Tobias Brunner ed926a73df error-notify: Don't stop sending notifies after removing a disconnected listener 
This prevented new listeners from receiving notifies if they joined
after another listener disconnected previously, and if they themselves
disconnected their old connection would prevent them again from getting
notifies.
 2017-07-27 13:07:24 +02:00
Tobias Brunner 6138b8d629 farp: Only remove one tracked entry 
Multiple CHILD_SAs sharing the same traffic selectors (e.g. during
make-before-break reauthentication) also have the same reqid assigned.
If all matching entries are removed we could end up without entry even
though an SA exists that still uses these traffic selectors.

Fixes #2373.
 2017-07-27 13:07:23 +02:00
Tobias Brunner a0cde76958 ike: Trigger CHILD_INSTALLED state change after corresponding log message 
This way we get the log message in stroke and swanctl as last message
when establishing a connection. It's already like this for the IKE_SA
where IKE_ESTABLISHED is set after the corresponding log message.

Fixes #2364.
 2017-07-27 13:07:23 +02:00
Andreas Steffen f35fbb2b5f sw-collector: sw-collector.first_file setting retrieves creation date from file stats 2017-07-26 19:51:21 +02:00
Tobias Brunner 6b69a66379 swima-collector: Fix compile error if SWID_DIRECTORY is not defined 2017-07-24 11:34:39 +02:00
Tobias Brunner bf565b650c libimcv: Add missing files to Android.mk 2017-07-24 11:31:19 +02:00
Andreas Steffen 05f8e64d79 Version bump to 5.6.0dr3 2017-07-18 20:53:35 +02:00
Andreas Steffen a3b3538630 testing: Fixed the path of pt-tls-client 2017-07-18 20:43:03 +02:00
Andreas Steffen a9383c2b46 checksum: Compile sw-collector before checksum 2017-07-18 20:02:21 +02:00
Andreas Steffen 8362378a15 checksum: Added pt-tls-client and sw-collector 2017-07-18 07:25:46 +02:00
Andreas Steffen 964bf73237 sw-collector: Moved to its own directory and added man page 2017-07-18 07:25:45 +02:00
Andreas Steffen 34cade8b84 pt-tls-client: Added man page 2017-07-16 15:37:03 +02:00
Andreas Steffen 693705c74e Version bump to 5.6.0dr2 2017-07-13 14:24:32 +02:00
Andreas Steffen cab4cc3a10 sw-collector: strip arch suffix from package names 2017-07-13 12:03:27 +02:00
Andreas Steffen 5b1dbc3a8d sw-collector: Check for epoch-less Debian package versions 2017-07-12 19:12:22 +02:00
Andreas Steffen eab650d62f libtpmtss: Support of Intel TABRMD interface 2017-07-12 17:07:34 +02:00
Andreas Steffen 991703007a Version bump to 5.6.0dr1 
This major version includes the new SWIMA IMC/IMV pair which
implements the "draft-ietf-sacm-nea-swima-patnc" Internet Draft.
Full compliance to the ISO 19770-2:2015 SWID tag standard has
been achieved.
 2017-07-08 23:21:56 +02:00
Andreas Steffen 803ac56626 Merge branch 'swima' 2017-07-08 23:20:32 +02:00
Andreas Steffen 23e0d6dca3 testing: Added tnc/tnccs-20-nea-pt-tls scenario 2017-07-08 23:19:51 +02:00
Andreas Steffen facf1c76ea testing: Adaptation to ISO 19770-2:2015 SWID standard 2017-07-08 23:19:51 +02:00
Andreas Steffen 3bf8392d36 pt-tls-client: Support for TPM keyids 2017-07-08 23:19:51 +02:00
Andreas Steffen 49d56e1b39 imv-swima: Implemented SW event processing 2017-07-08 23:19:51 +02:00
Andreas Steffen 74aa1626d2 sw-collector: Query central collector database 2017-07-08 23:19:51 +02:00
Andreas Steffen 8ba6bf511e libimcv: Moved REST API from imv_swid and imv_swima to libimcv 2017-07-08 23:19:51 +02:00
Andreas Steffen 7e796bba67 swidtag: strongSwan swidtag file with double underscores 2017-07-08 23:19:51 +02:00
Andreas Steffen 032a5767ad sw-collector: Collects endpoint software events 2017-07-08 23:19:51 +02:00
Andreas Steffen 3a7c594c14 imv-swima: Created SWIMA IMV plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen 2821c0f740 imc-swima: Created SWIMA IMC plugin 2017-07-08 23:19:51 +02:00
Andreas Steffen bf22470623 unit-tests: Added IETF SWIMA PA-TNC attribute tests 2017-07-08 23:19:51 +02:00
Andreas Steffen 84c0366bd3 libimcv: Implemented IETF SW PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen bb87af2a73 libimcv: Fixed memory leak 2017-07-08 23:19:51 +02:00
Andreas Steffen 37205b05e6 libimcv: Corrected order of subscription flags 2017-07-08 23:19:51 +02:00
Andreas Steffen 0cc0b53b2f libimcv: Added IETF Software PA-TNC attributes 2017-07-08 23:19:51 +02:00
Andreas Steffen 8c4c824706 libtncif: Added IETF Software PA-TNC message subtype 2017-07-08 23:19:51 +02:00
Andreas Steffen 6795de0408 libimcv: SWID tag generation and discovery 2017-07-08 23:19:51 +02:00
Andreas Steffen 60da0153ee libimcv: Update database to ISO 19770-2:2015 SWID standard 2017-07-08 23:19:51 +02:00
Andreas Steffen 88b941939f testing: Fixed typo in openssl-ikev2/rw-suite-b-192 scenario 2017-07-08 23:19:18 +02:00
Tobias Brunner 49917f0028 testing: Support running multiple tests with * as wildcard (e.g. ikev2/ocsp-*) 2017-07-07 09:23:14 +02:00