acf27437cd
Add keymat_t constructor registration function
...
Using the register_constructor function enables custom keymat_t
implementations per IKE version. If no constructor is registered the
default behavior is preserved.
2012-08-20 13:02:47 +02:00
0810286269
fixed caption
2012-08-20 12:56:13 +02:00
c60310e62c
implemented IETF Attribute Request attribute
2012-08-20 12:27:14 +02:00
5ff8309889
version bump to 5.0.1dr3
2012-08-20 12:25:53 +02:00
3570c43968
openssl: Fix registration of the PUBKEY builder
...
libtls drops support for RSA suites if it does not find an RSA backend
(final builder for RSA public keys).
2012-08-18 17:49:57 +02:00
ef73bb52b1
Without the ties to PAM we can build eap-gtc on Android
2012-08-17 14:24:48 +02:00
ba27bf2af0
CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc plugin
2012-08-17 14:24:48 +02:00
113d2a6b99
Removed manual EAP method registration in eap-gtc plugin
2012-08-17 14:24:37 +02:00
91c0e0e3d9
Enable build of eap-tls, eap-ttls and eap-peap on Android
2012-08-17 13:55:44 +02:00
7ab348370c
Add a wrapper around vstr_add_fmt() to avoid having to link libcharon against libvstr
...
At least on Android the latter would be required.
2012-08-17 11:47:52 +02:00
21d8392041
starter: Restore original config in case also= is used (which reads the same values)
2012-08-16 16:45:11 +02:00
31a0e24b0f
Increased log level when listing interfaces and IP addresses during startup
...
This avoids confusing log messages in starter and ipsec statusall
already lists the available addresses anyway.
2012-08-16 16:14:15 +02:00
71b89d6722
Only load kernel plugins in starter when flushing SAD/SPD entries
...
This avoids keeping the kernel sockets open when they are not actually
needed, which could lead to resource problems (in particular with PF_KEY
where all open sockets receive all messages).
Fixes #217 .
2012-08-16 16:14:15 +02:00
aaefeafb49
Enable UDP decapsulation for both address families
...
Since the 3.5 Linux kernel both UDP implementations have a separate static
flag to indicate whether ANY sockets enabled UDP decapsulation.
As we only ever enabled it for one address family (in earlier versions IPv4
only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation
wouldn't work anymore (at least for one address family).
2012-08-16 15:26:37 +02:00
11b514bff6
Correctly transmit EAP-MSCHAPv2 user name if it contains a domain part
2012-08-16 10:03:49 +02:00
b8a4135dcb
fall through to evidence measurements if no file measurements must be done
2012-08-16 09:15:36 +02:00
81fbbc5381
upgraded to Ubuntu 12.04.1 LTS
2012-08-16 09:14:46 +02:00
52c0f181d4
added deletion of product/file entries to usage
2012-08-16 09:14:13 +02:00
f0b8d8c2c4
New Android release after adding error dialog
...
Skipped one version due to a rebasing mishap.
2012-08-15 11:23:06 +02:00
8df118f733
Show an error message if VPN is not supported
...
Some devices have Android 4 installed but the system images still seem to
lack the components that are required for VPN support. One such
component is the dialog used to grant permission to create .
2012-08-15 11:19:43 +02:00
c8d0c3b03d
Enable search for certificate lists (via SearchView in ActionBar)
2012-08-14 12:01:41 +02:00
4db2d6336e
Added new UI to select a specific CA certificate
...
With this change there is no need to wait for all certificates being loaded
anymore (this happens only when the user opens the selection activity).
2012-08-14 12:01:41 +02:00
cb431e12da
Don't try to save profile ID if there is none
2012-08-14 12:01:41 +02:00
7546735fec
List fragment for trusted certificates can notify listeners about clicks
2012-08-14 12:01:41 +02:00
b0b0eac6eb
Added an activity that shows lists of CA certificates in two tabs
2012-08-14 12:01:41 +02:00
caf85c872f
Added a ListFragment that lists trusted certificates (loaded via a custom Loader)
2012-08-14 12:01:41 +02:00
db8bea8311
Changed TrustedCertificateAdapter for use with ListViews and TrustedCertificateEntry
2012-08-14 12:01:41 +02:00
af46e950b1
Remove certificate spinner from edit view
2012-08-14 12:01:41 +02:00
f075536ebe
Function to get only system-wide CA certificates added to TrustedCertificateManager
2012-08-14 12:01:40 +02:00
2dc8998419
Added class to store trusted certificate entries for lists
2012-08-14 12:01:40 +02:00
17f806d8d0
fixed Makefile for libstrongswan dev headers
2012-08-14 10:21:28 +02:00
81d7e9bbaf
version bump to 5.0.1dr2
2012-08-14 10:05:57 +02:00
8b865d3b7a
skip boot aggregate check against database
2012-08-14 10:05:57 +02:00
3a917ac77f
Validate netmask in mem_pool_create
2012-08-13 13:54:28 +02:00
305d98b780
Validate netmask in traffic_selector_create_from_subnet
...
Fixes #216 .
2012-08-13 13:46:19 +02:00
36a3981d47
Comment fixed
2012-08-13 13:17:53 +02:00
09ae3d79ca
Merge branch 'android-app'
...
This branch introduces a userland IPsec implementation (libipsec) and an
Android App which targets the VpnService API that is provided by Android 4+.
The implementation is based on the bachelor thesis 'Userland IPsec for
Android 4' by Giuliano Grassi and Ralf Sager.
2012-08-13 12:07:52 +02:00
efbb5e8c57
Ensure thread IDs always start with 1 even if the library is reused
...
Within the Android App the library stays loaded in memory and is just
initialized/deinitialized with each connection, the static thread
counter would continuously increase without this patch.
2012-08-13 11:28:08 +02:00
1fcaa71291
Added a button to the error dialog that allows to view the log file
2012-08-13 11:28:08 +02:00
fbacc6506c
Use major.minor.revision version numbers for Android application
2012-08-13 11:28:08 +02:00
064f4f75c0
Only allow access to log file via explicitly created URIs
...
Since ContentProviders are public and permissions don't seem to work any
other application could access the log file. With this token system
only URIs we explicitly created can be accessed.
2012-08-13 11:27:55 +02:00
6c54c10838
Menu option added that allows users to send the log file
2012-08-13 11:22:21 +02:00
c3afe9d35b
Add ContentProvider to access log file from other applications
2012-08-13 11:22:21 +02:00
ae10e8c458
Watch for changes to the log file so we can reopen it
...
If the log fragment is shown while the daemon starts (which is not the
case at the moment, but maybe later on tablets) the file reader would not
notice that the file got truncated. The same applies if the file is deleted
directly on the file system e.g. with adb shell.
2012-08-13 11:22:21 +02:00
bad119c55a
Add an Activity that shows the log fragment
2012-08-13 11:22:20 +02:00
f9a162a235
Add a fragment that can display charon's log file
...
It continuously reads from the log file in a separate thread while displayed.
2012-08-13 11:22:20 +02:00
658ed96fce
Added special ScrollView with auto-scrolling feature
...
The ability to auto-scroll is disabled as soon as the user manually
scrolls around and re-enable when the user scrolls to the bottom.
2012-08-13 11:22:20 +02:00
fe05f1f05c
Charon logs to a file in the App's data directory
2012-08-13 11:22:20 +02:00
4308ce1cf7
Moved Java to C string conversion function to android_jni header file
2012-08-13 11:22:20 +02:00
6db742e7e5
Log charon version and uname() output, split libcharon and charon initialization
2012-08-13 11:22:20 +02:00
Adrian-Ken Rueegsegger