ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
3,878 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

99 Commits

Author SHA1 Message Date
Andreas Steffen ab13376877 fips_verify_hmac_signature() now returns a boolean status 2007-08-29 09:43:02 +00:00
Andreas Steffen 2fb15ac606 changed interface of fips_verify_hmac_signature 2007-08-29 05:43:45 +00:00
Andreas Steffen 55434a1ba5 started implementation of libstrongswan code integrity check 2007-08-29 00:37:10 +00:00
Andreas Steffen 84db83336b support of ipsec rereadsecrets for stroke 2007-08-10 07:16:32 +00:00
Martin Willi 4cb9d7a758 further fixed for mobike roaming 2007-06-25 13:26:02 +00:00
Martin Willi 02b3ec0a10 implemented address change notification (for MOBIKE) 
implemented up to date address list cache to list interfaces
 2007-06-14 15:16:15 +00:00
Martin Willi 9fe1a1ca76 introduced callback_job: 
simple asynchronous method invocation
  use daemons thread pool for all threads
  proper cancellation and cleanups
  cancellation mechanism to dynamically unload multithreaded code
unified event_queue and scheduler => scheduler
unified job_queue and thread_pool => processor
removed job_type_t, not really needed
fixes here, there and everywhere
 2007-06-11 10:57:19 +00:00
Martin Willi a6a039aa10 simplified capability dropping 2007-05-09 13:12:06 +00:00
Martin Willi 3cd3f48428 properly implemented interface_managers initiate, terminte_[ike|child] 
proper thread release when stroke is CTRL+C'ed
fixed some permission issues
 2007-05-09 12:33:08 +00:00
Martin Willi 6874bf698c changing UID/GID after startup of pluto/charon 
added --with-uid/--with-gid configure option
 2007-05-07 12:38:46 +00:00
Martin Willi 66560f4267 reducing capabilities of the threads to a minimum 
proper flush of pending packets on daemon shutdown
adding local address as gateway address in dynamic route
 2007-05-03 14:21:22 +00:00
Martin Willi a84fb01b96 restructuring of configuration backends 
added propotypes of new control interfaces (xml & dbus)
introduced loadable:
  configuration backends
  control interfaces
using pluggable modules as in EAP
 2007-04-27 14:25:08 +00:00
Andreas Steffen 4841189b72 implementation of strictcrlpolicy=ifuri 2007-04-20 11:12:08 +00:00
Martin Willi 217e985b41 moved initiate() code to the generic controller_t class 2007-04-16 12:52:49 +00:00
Andreas Steffen f880eb2dca started support of X.509 attribute certificates 2007-04-12 17:49:33 +00:00
Martin Willi 3b138b8422 cleaned up apidoc 
added some comments
removed configuration.[ch], as it does not make sense like it is
 2007-04-11 07:20:39 +00:00
Martin Willi e0fe765152 restructured file layout 
new configuration structure:
  peer_cfg: configuration related to a peer (authenitcation, ...=
  ike_cfg: config to use for IKE setup (proposals)
  child_Cfg: config for CHILD_SA (proposals, traffic selectors)
  a peer_cfg has one ike_cfg and multiple child_cfg's
stroke now uses fixed count of threads
 2007-04-10 06:01:03 +00:00
Andreas Steffen 8883eef7b8 support cachecrls=yes 2007-04-05 17:07:14 +00:00
Andreas Steffen e58afb1a0a support of crlcheckinterval=0 to disable IKEv2 CRL fetching 2007-04-04 07:49:05 +00:00
Martin Willi 4deb89485c removed send_queue, handled internally in sender_t know 
do header parsing in receiver, ready for cookie integration
 2007-03-28 13:34:02 +00:00
Andreas Steffen 54645fb275 added fetcher_finalize() to clean up libcurl 2007-03-08 17:00:32 +00:00
Andreas Steffen 9149635ffa support if ocsp signing certificates 2007-03-08 16:47:18 +00:00
Andreas Steffen 78703918aa http post fetching using libcurl implemented 2007-03-07 19:28:03 +00:00
Martin Willi 373b8a607f fixed netlink socket receiver code 
implemented interface enumeration code with netlink: no getifaddrs reqired anymore
 2007-03-03 14:56:24 +00:00
Martin Willi f27f6296e6 merged EAP framework from branch into trunk 
includes a lot of other modifications
 2007-02-12 15:56:47 +00:00
Martin Willi 5347a84f81 fixed HAVE_BACKTRACE checks 
starter Makefile now uses proper $(COMPILE) to build pluto objects
 2006-12-11 09:29:34 +00:00
Martin Willi e696757c47 made backtrace() calls optional to support uClibc 2006-12-06 13:59:13 +00:00
Martin Willi db7ef62494 better split up of library files "types.h" & "definitions.h" 
centralized all printf specifier character definitions
reuse of arginfo handlers
more cleanups
fixed more AMD64 issues
added DEBUG_LEVEL compile flag to exclude DBGn() statements
 2006-10-31 12:27:59 +00:00
Martin Willi b83806d83d improved signal handling and emitting 2006-10-26 09:46:56 +00:00
Martin Willi 60356f3375 introduced new logging subsystem using bus: 
passive listeners can register on the bus
  active listeners wait for signals actively
  multiplexing allows multiple listeners to receive debug signals
  a lot more...
 2006-10-18 11:46:13 +00:00
Martin Willi 47f5027807 introduced printf() specifiers for: 
host_t (%H)
  identification_t (%D)
  chunk pointers (%B)
  memory pointer/length (%b)
added a signaling bus:
  receives event and debug messages, sends them to its listeners
  stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there
 2006-09-27 14:14:44 +00:00
Andreas Steffen e2de376c74 added PSK support 2006-09-18 07:42:57 +00:00
Martin Willi 48d9883a3e initial support for IPv6 (more testing needed) 
socket works (without v6 filter)
  traffic selector handle IPv4/v4 cleanly
    improvements in traffic selector code
  kernel interface accepts v6 traffic selectors and hosts
  host_t class has full IPv6 support
 2006-08-30 17:12:56 +00:00
Martin Willi 4c23a8c9ec moved interface enumeration code to socket, where it belongs 
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"
 2006-08-28 08:45:22 +00:00
Martin Willi f698448ea3 implemented proper refcounting using atomic operations 2006-07-28 09:45:18 +00:00
Martin Willi fe04e93a8b implemented IKE_SA rekeying 
uses ikelifetime, rekeymargin and rekeyfuzz config settings
	no handling of simultaneus exchanges yet!
 2006-07-27 12:18:40 +00:00
Martin Willi c71d53ba4e updated copyright information 2006-07-07 08:49:06 +00:00
Martin Willi 3dd3c5f39e redesigned IKE_SA using a transaction mechanism: 
removed old state machine
  reimplemented IKE_SA setup and delete
  implemented dead peer detection
  implemented keep-alives
  a lot of fixes
  no rekeying yet
 2006-07-05 10:53:20 +00:00
Martin Willi 1396815afb first merge of NATT code 2006-06-22 06:36:28 +00:00
Martin Willi 986d23bd6e reworked function ignore mechanism to not-report whitelist 
rather than overriding functions
 2006-06-20 10:05:56 +00:00
Martin Willi aed58dcc93 readded local_credential_store 
added sendcert policy to connection
some other cleanups
 2006-06-20 08:43:57 +00:00
Andreas Steffen 21b433c641 implemented rereadcrls rereadcacerts 2006-06-20 06:05:01 +00:00
Martin Willi f7eb60dd5e 2006-06-16 14:10:49 +00:00
Martin Willi c859ec9592 fixed compilation error 2006-06-15 13:41:06 +00:00
Andreas Steffen 03442041a9 added option parsing 2006-06-14 12:42:36 +00:00
Andreas Steffen 90ed2e8278 charon outputs strongSwan version 2006-05-31 05:48:32 +00:00
Andreas Steffen 92d30836fd load all ca certificates 2006-05-30 07:37:48 +00:00
Martin Willi db66c624bf - fixed daemon destruction order to prevent 
crashes on termination
 2006-05-30 06:14:23 +00:00
Martin Willi b8577029d1 2006-05-10 08:02:49 +00:00