f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
20a44a5c66
Removed old ikev2bis draft.
2011-07-20 15:57:29 +02:00
355728110a
Added missing load-tester options to man page.
2011-07-18 19:01:18 +02:00
d604e79185
Count running load-tester threads properly.
2011-07-18 18:46:50 +02:00
ebbdc3250b
Fix load-tester.shutdown_when_complete option.
...
It didn't work when used together with delete_after_established=yes.
2011-07-18 18:46:50 +02:00
369c2e1dee
Fix listener registration in load-tester plugin.
...
This fixes the load-tester.shutdown_when_complete option.
2011-07-18 18:46:50 +02:00
cad259e349
removed stray code
2011-07-18 10:22:29 +02:00
e65a50530e
added libimcv.plugins.imv_scanner options to strongswan.conf
2011-07-18 09:34:49 +02:00
456c668d92
added ikev2/net2net-esn scenario
2011-07-16 14:12:23 +02:00
6101ee9b06
added log and status output for ESN
2011-07-16 11:09:38 +02:00
152d7b373d
added IKEv2 exchange type IKE_SESSION_RESUME from RFC 5723
2011-07-15 07:48:36 +02:00
4b30589724
version bump to 4.5.3rc1
2011-07-14 23:27:07 +02:00
0cb5d713ab
alice is now master in the ha/both-active scenario
2011-07-14 17:31:47 +02:00
9de0f9d487
short form changed
2011-07-14 16:49:41 +02:00
b93d77ce67
Fix parentheses in write() to CLUSTERIP control files
2011-07-14 15:56:10 +02:00
4742d6501a
shunt manager installs policies with %any hosts
2011-07-14 13:51:36 +02:00
56bffdc03a
added HOME_AGENT_ADDRESS CP attribute type
2011-07-14 11:05:13 +02:00
895ac29719
fixed typo
2011-07-14 10:53:37 +02:00
9f181e7fd5
updated IANA IKEv2 Notify Message Types
2011-07-14 10:51:24 +02:00
b18a697ae6
NEWS for the 4.5.3dr8 release
2011-07-14 09:25:36 +02:00
0f182737b2
check if violating_ports have been assigned
2011-07-13 23:05:22 +02:00
47f2da4ef9
support of error_offset in PA-TNC INVALID PARAMETER error messages
2011-07-13 22:18:32 +02:00
a96d9abf3e
add relative PB-TNC message offset
2011-07-13 18:59:35 +02:00
0ccdf898bb
return offset value
2011-07-13 18:58:58 +02:00
ba53c2ef0d
add PID/Program Name to netstat output
2011-07-07 09:22:27 +02:00
52ba840d5c
adapted tnc scenarios to new imcvs library path
2011-07-06 21:55:17 +02:00
19db8e9eff
install IMC and IMV dynamic libraries in imcvs directory
2011-07-06 21:53:40 +02:00
93095183dd
Added news about policy history.
2011-07-06 13:03:45 +02:00
17927ca615
Record usage history of policies in PF_KEY kernel interface.
...
The implementation is nearly the same as in the Netlink kernel interface.
2011-07-06 12:56:34 +02:00
4e9e4372f5
Simplified destruction of policy_sa_t objects in Netlink interface.
2011-07-06 12:49:54 +02:00
0c2ce1905a
Adapted shunt manager to changed kernel interface (reqid in del_policy).
2011-07-06 12:48:26 +02:00
674bc34322
Some code cleanup in Netlink kernel interface.
2011-07-06 09:43:46 +02:00
108357b106
Some code cleanup in PF_KEY kernel interface.
2011-07-06 09:43:46 +02:00
9f49464d56
Reduce memory usage of policy history caching.
...
Only cache data as needed (e.g. traffic selectors only for forward
policies) and at most once for each IPsec SA.
2011-07-06 09:43:46 +02:00
a07568cf6a
Use has_more in decrypt_payloads instead of calling enumerate twice.
2011-07-06 09:43:46 +02:00
1142726ba0
Added linked_list_t.has_more which checks if any elements follow an enumerator's current position.
2011-07-06 09:43:46 +02:00
2bf9d39da6
Make sure the enumerator stops after all items have been enumerated.
...
This also changes how insert_before behaves, before enumeration items
are inserted first, after enumeration last.
2011-07-06 09:43:46 +02:00
c225f9b558
Keep the mutex locked as long as possible when deleting policies.
...
This change tries to prevent a race condition where a thread tries to
install the same policy another thread is currently deleting. If the
second thread releases the mutex in del_policy too early the first
thread could assume the policy does not exist (as it is not cached
anymore) but would not be able to actually install it if the second
thread was not yet able to delete it.
2011-07-06 09:43:46 +02:00
bd4f7dab75
Properly unlock the policy if no change in the kernel is required.
2011-07-06 09:43:46 +02:00
32fbad4ec2
Make sure access to policy is thread-safe during installation of route.
2011-07-06 09:43:46 +02:00
75fc9d3136
Linked list style cleanups
2011-07-06 09:43:46 +02:00
629fd2f4f6
Finally removed deprecated iterator_t.
2011-07-06 09:43:46 +02:00
203497d80e
Removed unneeded and confusing insert_after method from linked_list_t.
2011-07-06 09:43:46 +02:00
47daa0e6fe
Replaced more complex iterator usages.
2011-07-06 09:43:45 +02:00
67405ce808
Added a function to reset the enumerator of a linked list.
2011-07-06 09:43:45 +02:00
572abc6cbd
Replaced ike_sa_t.create_additional_address_iterator with enumerator.
2011-07-06 09:43:45 +02:00
4bbce1ef37
Replaced ike_sa_t.create_child_sa_iterator with enumerator.
...
This required two new methods on ike_sa_t. One returns the number of
CHILD_SAs and one allows to remove a CHILD_SA.
2011-07-06 09:43:45 +02:00
4f9c691adb
Replaced pkcs7_t.create_certificate_iterator with enumerator.
...
The method is currently not used.
2011-07-06 09:43:45 +02:00
e26304348c
Replaced simple iterator usages.
2011-07-06 09:43:45 +02:00
28623fc538
"this" removed from comments.
2011-07-06 09:43:45 +02:00
Tobias Brunner