ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
15,632 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

30 Commits

Author SHA1 Message Date
Tobias Brunner 28649f6d91 libhydra: Remove empty unused library 2016-03-03 17:36:11 +01:00
Tobias Brunner 6fe8fe0cfd whitelist: Use hash() method so DNs with different string types match 
strongSwan uses PrintableString when encoding DNs from strings (if the
character set permits it, otherwise T61String is currently used) but
certificates might be encoded with UTF8String even for simple ASCII strings.
By ignoring this string type when hashing RDNs we make sure the same hash
results in this case as long as the actual string values are the same.

Fixes #991.
 2015-08-06 17:24:04 +02:00
Martin Willi 4163421f91 plugins: Don't link with -rdynamic on Windows 2014-06-04 15:53:02 +02:00
Tobias Brunner d223fe807a libcharon: Use lib->ns instead of charon->name 2014-02-12 14:34:32 +01:00
Martin Willi d402e87d16 whitelist: Read multiple commands until client closes connection 
This restores the same behavior we had before e11c02c8, and fixes the whitelist
add/remove-from command.
 2013-10-29 14:22:52 +01:00
Tobias Brunner d12fc14616 whitelist: Fix compilation on FreeBSD 2013-07-31 22:16:58 +02:00
Martin Willi b4b3959b22 stream-service: move CAP_CHOWN check from plugins to service constructor 
A plugin service can be a TCP socket now, so it does not make much sense
to strictly check for CAP_CHOWN.
 2013-07-18 16:00:31 +02:00
Martin Willi 0a35ae781d whitelist: use a read-copy when listing entries 
While this requires a little more overhead, we can free the lock should the
stream block, allowing other threads to add/remove entries.
 2013-07-18 16:00:30 +02:00
Martin Willi 0ccc5bb216 whitelist: fix error handling when creating the socket fails 2013-07-18 16:00:30 +02:00
Martin Willi e11c02c8f1 whitelist: use a stream service to accept client connections 
Use SOCK_STREAM, as we don't have SOCK_SEQPACKET on TCP. To have network
transparency, the message now uses network byte order.
 2013-07-18 16:00:29 +02:00
Tobias Brunner dfc9902013 capabilities: Some plugins don't actually require capabilities at runtime 2013-07-18 15:25:35 +02:00
Martin Willi 19cb07b890 automake: replace INCLUDES by AM_CPPFLAGS 
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
 2013-07-18 14:59:19 +02:00
Tobias Brunner 1091edede8 capabilities: CAP_CHOWN might be required by many plugins opening UNIX sockets 
But as the sockets will be created with the user/group of the running
process this might not be required as no change may be needed.
 2013-06-25 17:16:33 +02:00
Tobias Brunner a2eb581781 capabilities: Move global capabilities_t instance to libstrongswan 2013-06-25 17:16:32 +02:00
Tobias Brunner d0ccae4dd2 whitelist: Use plugin features to register listener 2013-06-11 11:18:19 +02:00
Tobias Brunner 12642a6831 Moved data structures to new collections subfolder 2012-10-24 16:00:49 +02:00
Martin Willi 0619ddfaa4 Refactored heavily #ifdefd capability code to its own libstrongswan class 2012-07-04 11:01:40 +02:00
Tobias Brunner 26d77eb3e6 Centralized thread cancellation in processor_t 
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.

callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t.  The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
 2012-06-25 17:38:59 +02:00
Tobias Brunner 7684ca2e8c whitelist: Make sure listed IDs are null-terminated. 2012-05-18 09:57:01 +02:00
Tobias Brunner 42500c274a Use name from initialization to access settings in libcharon. 
Also fixes several whitespace errors.
 2012-05-03 13:57:04 +02:00
Martin Willi 14bf2f689d Use CRITICAL job priority class for long running dispatcher jobs 2011-05-16 15:24:15 +02:00
Andreas Steffen 19ae24f0ea fixed whitelist enabling 2011-05-14 17:09:45 +02:00
Martin Willi 6fd23444ea Disable whitelist plugin by default 2011-05-12 09:07:14 +02:00
Martin Willi c55818ebb0 Added a (not yet implemented) plugin_t method to reload plugin configuration 2011-04-15 10:07:13 +02:00
Martin Willi 787b5884aa Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t 2011-04-15 10:07:12 +02:00
Martin Willi 952fb7b5a1 Increase whitelist message identity buffer to 128 bytes 2011-03-23 14:18:15 +01:00
Martin Willi c236b214f2 Added strongswan.conf and runtime option to enable/disable whitelist plugin 2011-03-17 17:15:16 +01:00
Martin Willi c893bf7e5c Added a whitelist command line utility to control whitelist plugin 2011-02-28 15:00:46 +01:00
Martin Willi 53f2a7c712 Added a UNIX socket based control backend to whitelist plugin 2011-02-28 15:00:46 +01:00
Martin Willi 5e603aba4e Implemented a in-memory peer identity whitelist plugin 2011-02-28 15:00:46 +01:00