Martin Willi
e3b7be91e1
removed obsolete INTEGRITY_TEST and fips signer code
...
--enable-integrity-test now conditionally builds libchecksum
2009-06-22 15:47:17 +02:00
Martin Willi
a0fc89798a
library initialization fails if libstrongswan checksum is invalid
2009-06-22 15:47:17 +02:00
Martin Willi
4edda6e4a0
load trap_manager before plugins, allowing them to install traps
2009-06-16 17:27:24 +02:00
Martin Willi
140ea1fe5a
instanciate first registered kernel interface immediately
2009-06-16 17:27:24 +02:00
Andreas Steffen
ebde1a7ddd
consistent display of strongSwan version
2009-06-13 16:03:08 +02:00
Martin Willi
4d8ddefb78
remove stale pidfile if no such process found
2009-06-09 14:56:31 +02:00
Martin Willi
8c99451ae1
make use of the new trap-manager
2009-05-08 10:03:58 +02:00
Tobias Brunner
433c0968e4
properly initialize buffer when printing loaded plugins.
2009-05-07 17:40:19 +02:00
Tobias Brunner
d24a74c5b4
merging changes from portability branch back to trunk
...
important change for developers: %Y replaces %D to print identities!
2009-04-30 11:37:54 +00:00
Tobias Brunner
d25ce3701e
printf hooks refactored to increase portability (i.e. support for platforms without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
2009-03-12 18:07:32 +00:00
Andreas Steffen
eca666d600
corrected typo
2009-02-19 09:54:31 +00:00
Martin Willi
30841a0305
daemon exports main_thread_id, sends SIGTERM to the main thread in daemon_kill
2008-12-12 09:13:06 +00:00
Martin Willi
2671a8fcee
use DBG_ANY to set all loglevels
2008-12-02 08:52:46 +00:00
Andreas Steffen
9a96ccd485
re-established lost default auth sys_logger
2008-12-01 01:24:55 +00:00
Martin Willi
479f295049
fixed compiler warnings issued by:
...
gcc 4.3
curl.h gcc type-checking
glibc with enabled FORTIFY_SOURCE checking
2008-11-11 18:37:19 +00:00
Martin Willi
4252938811
dynamic logging configuration through strongswan.conf
...
fallback to existing ipsec.conf/stroke loglevel configuration
2008-11-11 10:52:37 +00:00
Martin Willi
f7237cf37a
separated backtrace functionality from leak_detective, used in
...
leak_detective
mutex profiling
signal handler
2008-11-05 13:58:19 +00:00
Martin Willi
64ff7a5142
log loaded plugins at startup
2008-11-03 09:44:54 +00:00
Martin Willi
a985db3ff3
reintegrated bus-refactoring branch
2008-10-14 08:52:13 +00:00
Martin Willi
79a878466c
reintegrated two-sim branch providing SIM card plugin API
2008-10-10 08:36:01 +00:00
Tobias Brunner
507f26f685
merging modularized kernel interface back to trunk
2008-09-25 07:56:58 +00:00
Martin Willi
eb3e27059b
use libcap for capability dropping
...
optional, must be enabled --with-capabilities=libcap
will be extended to support --with-capabilities=libcap2
2008-08-29 09:24:14 +00:00
Martin Willi
e609b1cda2
capability API to allow plugin-controlled capability set
2008-08-28 16:27:48 +00:00
Martin Willi
b848f0377c
fixed EAP-GTC secret lookup
...
improved error logging
PAM authentication needs CAP_AUDIT_WRITE capability
2008-08-21 14:40:03 +00:00
Andreas Steffen
af165431d2
fixed libstrongswan integrity test
2008-08-19 18:51:30 +00:00
Martin Willi
a4a3e0c7dc
introduced an additional bus->signal parameter for signal specific data
...
added SIG_IKE/SIG_CHD macros for signal emitting
2008-07-18 15:51:40 +00:00
Martin Willi
035930fc4a
added %P printf handler for poposal_t
...
added some proposal selection debugging code
2008-06-12 11:42:19 +00:00
Tobias Brunner
31430acc1b
correctly initialize the mediation and connection manager
2008-05-22 11:33:35 +00:00
Tobias Brunner
6f2ba57a4e
added a fixup for addresses from shared libraries in segmentation fault handler
2008-05-19 12:49:35 +00:00
Martin Willi
1ba62b5562
loading default modules depending on configure options
2008-05-16 08:52:32 +00:00
Martin Willi
a3d92a3745
plugin load configuration in strongswan.conf
...
some components accept a "component.load" option with a space separated list of plugins to load
libcharon- plugins are now handled the same way as libstrongswan- plugins
2008-05-15 14:01:26 +00:00
Martin Willi
25b12c696b
replaced --with-gid/uid by --with-group/user
...
using named users, groups
fixed capability dropping in pluto
2008-05-08 10:58:04 +00:00
Martin Willi
5d892343fa
using capset version 1 if a newer is available
2008-05-07 08:46:37 +00:00
Martin Willi
b360e3933d
respecting ipsec.conf cachecrls= option
2008-04-17 15:01:57 +00:00
Martin Willi
46a5604a04
splitted IKE_SA manager destroy to allow plugin interaction
2008-04-17 10:46:25 +00:00
Martin Willi
6a365f0740
added API for random number generators, served through credential factory
...
ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
2008-04-15 05:56:35 +00:00
Martin Willi
cdcfe777f4
implementation of an CFG attribute framework, currently supporting virtual IPs
...
updated ipsec.conf sourceip parameter to support
CIDR notatation to serve from a pool
%poolname to query a separate (database?) pool
2008-04-09 12:54:47 +00:00
Martin Willi
ff867d062e
added ./configure option --with-strongswan-conf=
...
defaults to /etc/strongswan.conf
2008-04-07 06:56:33 +00:00
Tobias Brunner
84b18d5fc7
replaced mutex in leak detective with thread scheduling
2008-04-03 09:24:35 +00:00
Martin Willi
6af29ccf33
configure option in strongswan.conf for thread count
2008-04-03 08:37:24 +00:00
Tobias Brunner
dc04b7c743
mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed
2008-03-26 18:40:19 +00:00
Martin Willi
552cc11b1f
merged the modularization branch (credentials) back to trunk
2008-03-13 14:14:44 +00:00
Martin Willi
733f336ad3
socket_t implementation withouth raw sockets
...
--disable-raw-socket configure option
prevents charon/pluto to run in parallel
2007-11-26 11:20:00 +00:00
Tobias Brunner
d5cc175833
experimental P2P-NAT-T for IKEv2 merged back from branch
2007-10-03 15:10:41 +00:00
Martin Willi
92232dab33
fixed stuid()/setgid() and error handling
2007-10-01 09:07:10 +00:00
Martin Willi
055d016b49
changed inheritable capability set to the permitted one to execute firewall script with CAP_NET_ADMIN
2007-09-28 07:04:09 +00:00
Martin Willi
c295d0eb4b
refactored strongswan manager
...
removed buggy request parsing code, use ClearSilvers CGI kit instead
fixed CHILD_SA listing in manager (needs better design)
using secure XML communication through unix sockets
removed images with questionable (non-GPL) license
2007-09-26 14:02:21 +00:00
Martin Willi
39cc6d1ad7
fixed shutdown order to prevent crash when kernel interface schedules events
2007-09-12 07:12:25 +00:00
Andreas Steffen
f5da63e937
correct debug
2007-09-02 15:59:59 +00:00
Andreas Steffen
0bc5a23023
renamed integrity check to integrity test
2007-08-29 10:36:08 +00:00