Adrian-Ken Rueegsegger
acf27437cd
Add keymat_t constructor registration function
...
Using the register_constructor function enables custom keymat_t
implementations per IKE version. If no constructor is registered the
default behavior is preserved.
2012-08-20 13:02:47 +02:00
Andreas Steffen
0810286269
fixed caption
2012-08-20 12:56:13 +02:00
Andreas Steffen
c60310e62c
implemented IETF Attribute Request attribute
2012-08-20 12:27:14 +02:00
Andreas Steffen
5ff8309889
version bump to 5.0.1dr3
2012-08-20 12:25:53 +02:00
Tobias Brunner
3570c43968
openssl: Fix registration of the PUBKEY builder
...
libtls drops support for RSA suites if it does not find an RSA backend
(final builder for RSA public keys).
2012-08-18 17:49:57 +02:00
Tobias Brunner
ef73bb52b1
Without the ties to PAM we can build eap-gtc on Android
2012-08-17 14:24:48 +02:00
Tobias Brunner
ba27bf2af0
CAP_AUDIT_WRITE is now required by xauth-pam not eap-gtc plugin
2012-08-17 14:24:48 +02:00
Tobias Brunner
113d2a6b99
Removed manual EAP method registration in eap-gtc plugin
2012-08-17 14:24:37 +02:00
Tobias Brunner
91c0e0e3d9
Enable build of eap-tls, eap-ttls and eap-peap on Android
2012-08-17 13:55:44 +02:00
Tobias Brunner
7ab348370c
Add a wrapper around vstr_add_fmt() to avoid having to link libcharon against libvstr
...
At least on Android the latter would be required.
2012-08-17 11:47:52 +02:00
Tobias Brunner
21d8392041
starter: Restore original config in case also= is used (which reads the same values)
2012-08-16 16:45:11 +02:00
Tobias Brunner
31a0e24b0f
Increased log level when listing interfaces and IP addresses during startup
...
This avoids confusing log messages in starter and ipsec statusall
already lists the available addresses anyway.
2012-08-16 16:14:15 +02:00
Tobias Brunner
71b89d6722
Only load kernel plugins in starter when flushing SAD/SPD entries
...
This avoids keeping the kernel sockets open when they are not actually
needed, which could lead to resource problems (in particular with PF_KEY
where all open sockets receive all messages).
Fixes #217 .
2012-08-16 16:14:15 +02:00
Tobias Brunner
aaefeafb49
Enable UDP decapsulation for both address families
...
Since the 3.5 Linux kernel both UDP implementations have a separate static
flag to indicate whether ANY sockets enabled UDP decapsulation.
As we only ever enabled it for one address family (in earlier versions IPv4
only, now for IPv6, if supported, and for IPv4 otherwise) UDP decapsulation
wouldn't work anymore (at least for one address family).
2012-08-16 15:26:37 +02:00
Tobias Brunner
11b514bff6
Correctly transmit EAP-MSCHAPv2 user name if it contains a domain part
2012-08-16 10:03:49 +02:00
Andreas Steffen
b8a4135dcb
fall through to evidence measurements if no file measurements must be done
2012-08-16 09:15:36 +02:00
Andreas Steffen
81fbbc5381
upgraded to Ubuntu 12.04.1 LTS
2012-08-16 09:14:46 +02:00
Andreas Steffen
52c0f181d4
added deletion of product/file entries to usage
2012-08-16 09:14:13 +02:00
Tobias Brunner
f0b8d8c2c4
New Android release after adding error dialog
...
Skipped one version due to a rebasing mishap.
2012-08-15 11:23:06 +02:00
Tobias Brunner
8df118f733
Show an error message if VPN is not supported
...
Some devices have Android 4 installed but the system images still seem to
lack the components that are required for VPN support. One such
component is the dialog used to grant permission to create .
2012-08-15 11:19:43 +02:00
Tobias Brunner
c8d0c3b03d
Enable search for certificate lists (via SearchView in ActionBar)
2012-08-14 12:01:41 +02:00
Tobias Brunner
4db2d6336e
Added new UI to select a specific CA certificate
...
With this change there is no need to wait for all certificates being loaded
anymore (this happens only when the user opens the selection activity).
2012-08-14 12:01:41 +02:00
Tobias Brunner
cb431e12da
Don't try to save profile ID if there is none
2012-08-14 12:01:41 +02:00
Tobias Brunner
7546735fec
List fragment for trusted certificates can notify listeners about clicks
2012-08-14 12:01:41 +02:00
Tobias Brunner
b0b0eac6eb
Added an activity that shows lists of CA certificates in two tabs
2012-08-14 12:01:41 +02:00
Tobias Brunner
caf85c872f
Added a ListFragment that lists trusted certificates (loaded via a custom Loader)
2012-08-14 12:01:41 +02:00
Tobias Brunner
db8bea8311
Changed TrustedCertificateAdapter for use with ListViews and TrustedCertificateEntry
2012-08-14 12:01:41 +02:00
Tobias Brunner
af46e950b1
Remove certificate spinner from edit view
2012-08-14 12:01:41 +02:00
Tobias Brunner
f075536ebe
Function to get only system-wide CA certificates added to TrustedCertificateManager
2012-08-14 12:01:40 +02:00
Tobias Brunner
2dc8998419
Added class to store trusted certificate entries for lists
2012-08-14 12:01:40 +02:00
Andreas Steffen
17f806d8d0
fixed Makefile for libstrongswan dev headers
2012-08-14 10:21:28 +02:00
Andreas Steffen
81d7e9bbaf
version bump to 5.0.1dr2
2012-08-14 10:05:57 +02:00
Andreas Steffen
8b865d3b7a
skip boot aggregate check against database
2012-08-14 10:05:57 +02:00
Tobias Brunner
3a917ac77f
Validate netmask in mem_pool_create
2012-08-13 13:54:28 +02:00
Tobias Brunner
305d98b780
Validate netmask in traffic_selector_create_from_subnet
...
Fixes #216 .
2012-08-13 13:46:19 +02:00
Tobias Brunner
36a3981d47
Comment fixed
2012-08-13 13:17:53 +02:00
Tobias Brunner
09ae3d79ca
Merge branch 'android-app'
...
This branch introduces a userland IPsec implementation (libipsec) and an
Android App which targets the VpnService API that is provided by Android 4+.
The implementation is based on the bachelor thesis 'Userland IPsec for
Android 4' by Giuliano Grassi and Ralf Sager.
2012-08-13 12:07:52 +02:00
Tobias Brunner
efbb5e8c57
Ensure thread IDs always start with 1 even if the library is reused
...
Within the Android App the library stays loaded in memory and is just
initialized/deinitialized with each connection, the static thread
counter would continuously increase without this patch.
2012-08-13 11:28:08 +02:00
Tobias Brunner
1fcaa71291
Added a button to the error dialog that allows to view the log file
2012-08-13 11:28:08 +02:00
Tobias Brunner
fbacc6506c
Use major.minor.revision version numbers for Android application
2012-08-13 11:28:08 +02:00
Tobias Brunner
064f4f75c0
Only allow access to log file via explicitly created URIs
...
Since ContentProviders are public and permissions don't seem to work any
other application could access the log file. With this token system
only URIs we explicitly created can be accessed.
2012-08-13 11:27:55 +02:00
Tobias Brunner
6c54c10838
Menu option added that allows users to send the log file
2012-08-13 11:22:21 +02:00
Tobias Brunner
c3afe9d35b
Add ContentProvider to access log file from other applications
2012-08-13 11:22:21 +02:00
Tobias Brunner
ae10e8c458
Watch for changes to the log file so we can reopen it
...
If the log fragment is shown while the daemon starts (which is not the
case at the moment, but maybe later on tablets) the file reader would not
notice that the file got truncated. The same applies if the file is deleted
directly on the file system e.g. with adb shell.
2012-08-13 11:22:21 +02:00
Tobias Brunner
bad119c55a
Add an Activity that shows the log fragment
2012-08-13 11:22:20 +02:00
Tobias Brunner
f9a162a235
Add a fragment that can display charon's log file
...
It continuously reads from the log file in a separate thread while displayed.
2012-08-13 11:22:20 +02:00
Tobias Brunner
658ed96fce
Added special ScrollView with auto-scrolling feature
...
The ability to auto-scroll is disabled as soon as the user manually
scrolls around and re-enable when the user scrolls to the bottom.
2012-08-13 11:22:20 +02:00
Tobias Brunner
fe05f1f05c
Charon logs to a file in the App's data directory
2012-08-13 11:22:20 +02:00
Tobias Brunner
4308ce1cf7
Moved Java to C string conversion function to android_jni header file
2012-08-13 11:22:20 +02:00
Tobias Brunner
6db742e7e5
Log charon version and uname() output, split libcharon and charon initialization
2012-08-13 11:22:20 +02:00