Tobias Brunner
28649f6d91
libhydra: Remove empty unused library
2016-03-03 17:36:11 +01:00
Tobias Brunner
6fe8fe0cfd
whitelist: Use hash() method so DNs with different string types match
...
strongSwan uses PrintableString when encoding DNs from strings (if the
character set permits it, otherwise T61String is currently used) but
certificates might be encoded with UTF8String even for simple ASCII strings.
By ignoring this string type when hashing RDNs we make sure the same hash
results in this case as long as the actual string values are the same.
Fixes #991 .
2015-08-06 17:24:04 +02:00
Martin Willi
4163421f91
plugins: Don't link with -rdynamic on Windows
2014-06-04 15:53:02 +02:00
Tobias Brunner
d223fe807a
libcharon: Use lib->ns instead of charon->name
2014-02-12 14:34:32 +01:00
Martin Willi
d402e87d16
whitelist: Read multiple commands until client closes connection
...
This restores the same behavior we had before e11c02c8
, and fixes the whitelist
add/remove-from command.
2013-10-29 14:22:52 +01:00
Tobias Brunner
d12fc14616
whitelist: Fix compilation on FreeBSD
2013-07-31 22:16:58 +02:00
Martin Willi
b4b3959b22
stream-service: move CAP_CHOWN check from plugins to service constructor
...
A plugin service can be a TCP socket now, so it does not make much sense
to strictly check for CAP_CHOWN.
2013-07-18 16:00:31 +02:00
Martin Willi
0a35ae781d
whitelist: use a read-copy when listing entries
...
While this requires a little more overhead, we can free the lock should the
stream block, allowing other threads to add/remove entries.
2013-07-18 16:00:30 +02:00
Martin Willi
0ccc5bb216
whitelist: fix error handling when creating the socket fails
2013-07-18 16:00:30 +02:00
Martin Willi
e11c02c8f1
whitelist: use a stream service to accept client connections
...
Use SOCK_STREAM, as we don't have SOCK_SEQPACKET on TCP. To have network
transparency, the message now uses network byte order.
2013-07-18 16:00:29 +02:00
Tobias Brunner
dfc9902013
capabilities: Some plugins don't actually require capabilities at runtime
2013-07-18 15:25:35 +02:00
Martin Willi
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
Tobias Brunner
1091edede8
capabilities: CAP_CHOWN might be required by many plugins opening UNIX sockets
...
But as the sockets will be created with the user/group of the running
process this might not be required as no change may be needed.
2013-06-25 17:16:33 +02:00
Tobias Brunner
a2eb581781
capabilities: Move global capabilities_t instance to libstrongswan
2013-06-25 17:16:32 +02:00
Tobias Brunner
d0ccae4dd2
whitelist: Use plugin features to register listener
2013-06-11 11:18:19 +02:00
Tobias Brunner
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
Martin Willi
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
Tobias Brunner
26d77eb3e6
Centralized thread cancellation in processor_t
...
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.
callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t. The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
2012-06-25 17:38:59 +02:00
Tobias Brunner
7684ca2e8c
whitelist: Make sure listed IDs are null-terminated.
2012-05-18 09:57:01 +02:00
Tobias Brunner
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
Martin Willi
14bf2f689d
Use CRITICAL job priority class for long running dispatcher jobs
2011-05-16 15:24:15 +02:00
Andreas Steffen
19ae24f0ea
fixed whitelist enabling
2011-05-14 17:09:45 +02:00
Martin Willi
6fd23444ea
Disable whitelist plugin by default
2011-05-12 09:07:14 +02:00
Martin Willi
c55818ebb0
Added a (not yet implemented) plugin_t method to reload plugin configuration
2011-04-15 10:07:13 +02:00
Martin Willi
787b5884aa
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
2011-04-15 10:07:12 +02:00
Martin Willi
952fb7b5a1
Increase whitelist message identity buffer to 128 bytes
2011-03-23 14:18:15 +01:00
Martin Willi
c236b214f2
Added strongswan.conf and runtime option to enable/disable whitelist plugin
2011-03-17 17:15:16 +01:00
Martin Willi
c893bf7e5c
Added a whitelist command line utility to control whitelist plugin
2011-02-28 15:00:46 +01:00
Martin Willi
53f2a7c712
Added a UNIX socket based control backend to whitelist plugin
2011-02-28 15:00:46 +01:00
Martin Willi
5e603aba4e
Implemented a in-memory peer identity whitelist plugin
2011-02-28 15:00:46 +01:00