Tobias Brunner
f59240e9ae
Added OpenSSL/GPL exception to LICENSE file
...
Also updated other parts of the license.
2012-06-29 16:51:29 +02:00
Tobias Brunner
e516068965
Removed superfluous remove_hasher() call in md5 plugin
2012-06-29 16:23:20 +02:00
Martin Willi
d12635c77d
Pass "lo" as faked tundev to NM, as it now needs a valid interface since 0.9
2012-06-29 15:21:57 +02:00
Martin Willi
9d2968e272
As a responder, don't start a TRANSACTION request if we expect one from the initiator
2012-06-29 13:40:31 +02:00
Andreas Steffen
4271838f9c
an IKE daemon needs these plugins but a PDP doesn't
2012-06-29 06:24:02 +02:00
Andreas Steffen
36df6113fa
added Ubuntu 12.04 LTS i686 measurements
2012-06-28 22:20:44 +02:00
Andreas Steffen
5f451f2d6a
IMCs and IMVs might depend on X.509 certificates or trusted public keys
2012-06-28 17:55:02 +02:00
Andreas Steffen
1c959e4479
added ikev1/virtual-ip scenario
2012-06-28 14:52:07 +02:00
Andreas Steffen
5a86589d0c
corrected description of ikev1/ip-pool-db scenario
2012-06-28 14:44:10 +02:00
Andreas Steffen
5c0d1bccb0
corrected description of ikev1/ip-pool scenario
2012-06-28 14:42:34 +02:00
Andreas Steffen
788e512d58
added ikev1/ip-pool scenario
2012-06-28 14:37:04 +02:00
Andreas Steffen
f39a2f275e
merged xauth-id-rsa and xauth-rsa-config scenarios
2012-06-28 14:23:47 +02:00
Tobias Brunner
bbbffac3ab
Defined a macro to replace strerror(3) with calls to thread-safe wrapper
2012-06-28 13:14:52 +02:00
Tobias Brunner
2a59527659
Thread-safe wrapper around strerror(3)/strerror_r(3) added
2012-06-28 13:14:52 +02:00
Martin Willi
0f018a7324
Show some uname() info in "ipsec statusall"
2012-06-28 11:56:40 +02:00
Martin Willi
b8e17eb36f
Show some uname() info during charon startup
2012-06-28 11:56:15 +02:00
Andreas Steffen
8cad9ed42c
charon automatically removes virtual interfaces
2012-06-28 09:30:24 +02:00
Tobias Brunner
bd858af851
libcharon also requires kernel interfaces and a socket implementation
2012-06-27 12:15:09 +02:00
Martin Willi
271377905d
Defer quick mode initiation if we expect a mode config request
2012-06-27 11:42:56 +02:00
Martin Willi
8ff45cfd99
Queue a mode config task as responder if we need a virtual IP
2012-06-27 11:42:56 +02:00
Martin Willi
c2a391746c
Add basic support for XAuth responder authentication
2012-06-27 11:42:56 +02:00
Martin Willi
a9aa75b90e
Map XAuth responder authentication methods between IKEv1 and IKEv2
2012-06-27 11:42:56 +02:00
Martin Willi
dc6d259635
Show remote EAP/XAuth identity in "statusall" on a separate line
2012-06-27 11:42:00 +02:00
Tobias Brunner
8122ae8cd8
gcrypt: Register SHA1 first as HASH_PREFERRED depends on it
2012-06-27 11:31:16 +02:00
Tobias Brunner
aa54ecef44
Use static plugin features in libcharon to define essential dependencies
2012-06-27 11:31:16 +02:00
Tobias Brunner
ec3b332bf8
Use static plugin features in charon-nm
2012-06-27 11:31:16 +02:00
Martin Willi
5def45b890
Ignore a received %any virtual IP for installation
2012-06-26 18:00:40 +02:00
Tobias Brunner
f102c5f341
Mask the configured mark value to ensure it is in range
2012-06-26 12:50:58 +02:00
Tobias Brunner
66e12b926e
Some updates in ipsec.conf(5) for 5.0.0
2012-06-26 12:39:53 +02:00
Tobias Brunner
92250a48a9
Added MAC wrappers to Android.mk
2012-06-26 07:58:04 +02:00
Tobias Brunner
9866c26c5b
Also build charon's IKEv1 implementation on Android
2012-06-26 07:56:15 +02:00
Tobias Brunner
43d01ab2f6
Build nonce plugin on Android
2012-06-26 07:56:15 +02:00
Tobias Brunner
8497c5d147
Missing source file added to libcharon's Android.mk
2012-06-26 07:56:15 +02:00
Tobias Brunner
67307ad724
scepclient: Added support to build it on Android
2012-06-26 07:56:15 +02:00
Tobias Brunner
197dbf5f72
Added support for the curl plugin on Android
2012-06-26 07:56:14 +02:00
Tobias Brunner
63afd833b9
Avoid SIGSEGV during shutdown if charon is not started as root
2012-06-25 19:00:00 +02:00
Tobias Brunner
f97c269e0c
NEWS about thread pool updates added
2012-06-25 18:18:07 +02:00
Tobias Brunner
e0efd7c121
Make rescheduling a job more predictable
...
This avoids race conditions between calls to cancel() and jobs that like
to be rescheduled. If jobs were able to reschedule themselves it would
theoretically be possible that two worker threads have the same job
assigned (the one currently executing the job and the one executing the
same but rescheduled job if it already is time to execute it), this means
that cancel() could be called twice for that job.
Creating a new job based on the current one and reschedule that is also
OK, but rescheduling itself is more efficient for jobs that need to be
executed often.
2012-06-25 17:49:12 +02:00
Tobias Brunner
26d77eb3e6
Centralized thread cancellation in processor_t
...
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.
callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t. The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
2012-06-25 17:38:59 +02:00
Tobias Brunner
7fec83af28
Give processor_t more control over the lifecycle of a job
...
Jobs are now destroyed by the processor, but they are allowed to
reschedule themselves. That is, parts of the reschedule functionality
already provided by callback_job_t is moved to the processor. Not yet
fully supported is JOB_REQUEUE_DIRECT and canceling jobs.
Note: job_t.destroy() is now called not only for queued jobs but also
after execution or cancellation of jobs. job_t.status can be used to
decide what to do in said method.
2012-06-25 17:10:28 +02:00
Tobias Brunner
18d21a57df
Added a method to plugin_loader_t to add 'static' plugin features
...
This allows daemons and other components to register plugin features
like those provided by plugins (following the same lifecycle).
The added features are internally handled like they were added by a
plugin.
2012-06-25 17:03:07 +02:00
Tobias Brunner
e07122436c
Make sure that all features of critical plugins are loaded
2012-06-25 17:03:07 +02:00
Tobias Brunner
bc6d944705
Added an option to rename the ipsec script during installation
...
Also rename the man page and adjust all references in the script, the
man page and other files.
Closes #194 .
2012-06-25 16:53:38 +02:00
Tobias Brunner
d86cf32b4b
Removed -o argument when creating .../ipsec.d with install
...
This should have been removed with 2b52d5cb41
.
2012-06-25 16:37:34 +02:00
Tobias Brunner
34a80708e2
Updated ipsec script man page after removing pluto
2012-06-25 16:37:34 +02:00
Tobias Brunner
738b9121cb
Use mac_t and PRF and signer wrappers in cmac plugin
2012-06-25 16:35:06 +02:00
Tobias Brunner
83cb52b044
Use mac_t and PRF and signer wrappers in xcbc plugin
2012-06-25 16:35:06 +02:00
Tobias Brunner
c4a3c9672a
Make the hmac_t interface a generic interface for message authentication codes
2012-06-25 16:35:06 +02:00
Tobias Brunner
228d096e42
Simplified creation of PRFs and signers in openssl and hmac plugins
2012-06-25 16:35:06 +02:00
Tobias Brunner
01850f5d55
Function to convert PRFs to hash algorithms added
2012-06-25 16:35:06 +02:00