Martin Willi
|
e5efb5a03b
|
Added a .gitignore for generated m4 scripts
|
2009-09-07 15:00:44 +02:00 |
Martin Willi
|
e455ae1343
|
use m4/ autoconf subdirectory
|
2009-09-07 15:00:32 +02:00 |
Martin Willi
|
8b3b4a244e
|
Removed trailing whitespaces in configure.in/Makefile.am
|
2009-09-07 11:48:03 +02:00 |
Tobias Brunner
|
0755e98e5c
|
Cleaned up some code of the mediation extension.
|
2009-09-04 15:48:30 +02:00 |
Tobias Brunner
|
f4b975a65d
|
Moved set_state after the DBG0 statement, so that the message gets logged also for mediation connections without CHILD_SA.
|
2009-09-04 15:13:12 +02:00 |
Martin Willi
|
7b3814f75d
|
remove spaces before tabs at the beginning of lines (^( )+\t)
|
2009-09-04 15:02:11 +02:00 |
Martin Willi
|
b9b8a98f47
|
remove spaces within tabs (\t( )+\t)
|
2009-09-04 15:00:19 +02:00 |
Martin Willi
|
323f9f990f
|
replaces four spaces by tabs, where appropriate
|
2009-09-04 14:50:23 +02:00 |
Martin Willi
|
7daf5226b7
|
removed trailing spaces ([[:space:]]+$)
|
2009-09-04 13:46:09 +02:00 |
Marius Tomaschewski
|
7d1b030446
|
fixed open failure debug message in load_secrets
|
2009-09-04 11:52:28 +02:00 |
Martin Willi
|
dd2b6f3073
|
fixed memleak in rekey collissions
|
2009-09-03 18:09:29 +02:00 |
Martin Willi
|
72e2faf291
|
Convert empty CREATE_CHILD_SA exchange to an INFORMATIONAL
|
2009-09-03 17:32:41 +02:00 |
Martin Willi
|
9beb83868f
|
Use get_notify() to look up single notifies
|
2009-09-03 17:32:01 +02:00 |
Martin Willi
|
3e15f99189
|
accept octet strings in is_asn1() check
|
2009-09-03 15:35:05 +02:00 |
Martin Willi
|
d176994235
|
Use recursive source address lookup if we get a gateway only
|
2009-09-03 14:46:39 +02:00 |
Marius Tomaschewski
|
dece3d8efc
|
Fixed load_secrets to acquire/release lock in level 0 only
The write_lock call fails with EDEADLK and unlocks in the
next recursion level.
|
2009-09-03 14:46:36 +02:00 |
Martin Willi
|
12a230ddb4
|
Complain about rw(un)lock errors
|
2009-09-03 14:46:28 +02:00 |
Tobias Brunner
|
a20e98749a
|
Simplified the search for ME_CONNECTID notifies.
|
2009-09-02 17:30:47 +02:00 |
Tobias Brunner
|
484a06bce7
|
Fixed some typos; whitespace cleanup.
|
2009-09-02 17:30:46 +02:00 |
Tobias Brunner
|
5293b02945
|
Missing commas added.
|
2009-09-02 17:29:44 +02:00 |
Martin Willi
|
8fb4edc4ff
|
handle plugin loading failures
|
2009-09-01 16:20:45 +02:00 |
Martin Willi
|
d6a45127dc
|
plugins marked with a '!' are handled as critical: cancel if loading fails
|
2009-09-01 16:08:28 +02:00 |
Martin Willi
|
9412bbfa7c
|
use subjectPublicKeyInfo hash for CA certificate lookup
|
2009-09-01 14:06:44 +02:00 |
Tobias Brunner
|
deddfde91b
|
Description of new lifetime limits added to manpage.
|
2009-09-01 12:54:33 +02:00 |
Tobias Brunner
|
686aba2589
|
Added lifetime/margintime keywords as alias for keylife/rekeymargin.
|
2009-09-01 12:54:33 +02:00 |
Tobias Brunner
|
e75f423753
|
Refactored the lifetime_cfg_t struct to be simpler and more expressive. Initialization is now static.
|
2009-09-01 12:54:33 +02:00 |
Tobias Brunner
|
abff49a7ff
|
Handling of new lifetime limits added to stroke.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
ca41aa0602
|
Added keywords for the new lifetime limits to starter.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
9c7faa8618
|
Added parser for unsigned long long ints to starter.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
f40c115531
|
If no inbound CHILD_SA is found, try to find an outbound SA.
Due to the new lifetime limits in- and outbound SAs may expire
individually.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
1087b9cebb
|
Set the packet and byte limits in the netlink and pfkey kernel interfaces.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
e3c7e72973
|
Terminology and return value of get_lifetime of child_sa_t corrected.
|
2009-09-01 12:53:44 +02:00 |
Tobias Brunner
|
cb123493d1
|
child_sa_t adapted to the new lifetime configuration.
|
2009-09-01 12:53:43 +02:00 |
Tobias Brunner
|
888af96343
|
Adapted the kernel interfaces to the new lifetime configuration.
|
2009-09-01 12:53:13 +02:00 |
Tobias Brunner
|
e0a8a8c3ec
|
Adapted the config backends to the new lifetime configuration.
|
2009-09-01 12:50:50 +02:00 |
Tobias Brunner
|
caf87c7dcb
|
child_cfg_t now takes a lifetime_cfg_t to configure the lifetime limits. Also adjusted the jitter calculation, so it works for values > RAND_MAX.
|
2009-09-01 12:50:50 +02:00 |
Tobias Brunner
|
86e4728550
|
lifetime_cfg_t added to configure lifetime limits of a CHILD_SA.
|
2009-09-01 12:50:50 +02:00 |
Tobias Brunner
|
e822fc576a
|
Added side effect free min and max macros.
|
2009-09-01 12:50:50 +02:00 |
Martin Willi
|
8f68b72424
|
sql/rw-rsa and sql/rw-rsa-keyid scenarios require the pubkey plugin
|
2009-09-01 11:34:09 +02:00 |
Martin Willi
|
ad31f98a74
|
fixed certificate_t enum names
|
2009-09-01 11:28:05 +02:00 |
Andreas Steffen
|
f561d6f2e9
|
changed prefix of crl_reason_t values from CRL_ to CRL_REASON_
|
2009-08-31 23:21:50 +02:00 |
Andreas Steffen
|
dc4aadc3f2
|
use crl_reason_t definition from <credentials/certificates/crl.h>
|
2009-08-31 23:05:45 +02:00 |
Andreas Steffen
|
a63f62c03b
|
use crl_reason_t definition from <credentials/certificates/crl.h>
|
2009-08-31 22:58:34 +02:00 |
Martin Willi
|
6180a55852
|
use time_monotonic() instead of time() for statistics and time difference calculations
|
2009-08-31 18:00:28 +02:00 |
Martin Willi
|
de5784452b
|
use time_monotonic() instead of gettimeofday() for time difference calculations
|
2009-08-31 15:25:03 +02:00 |
Martin Willi
|
3d5818ec38
|
use monotonic time source in convar->timed_wait, and in the scheduler using it
|
2009-08-31 15:13:48 +02:00 |
Martin Willi
|
3f310c0d1f
|
implemented a monotonic timestamping function, unaffected from system time changes
|
2009-08-31 15:03:35 +02:00 |
Martin Willi
|
1d39663f7a
|
do not depend on gcrypt autoconf macros
|
2009-08-31 13:14:54 +02:00 |
Martin Willi
|
8706a151ff
|
added ECGDSA specific OIDs
|
2009-08-31 10:34:00 +02:00 |
Martin Willi
|
8365f7cd81
|
fixed crash in crl listing
|
2009-08-31 10:21:38 +02:00 |