]>
git.ipfire.org Git - thirdparty/strongswan.git/log
Tobias Brunner [Thu, 9 Aug 2012 09:53:55 +0000 (11:53 +0200)]
German translation added
Tobias Brunner [Thu, 9 Aug 2012 09:38:18 +0000 (11:38 +0200)]
Show MainActiviy if the user clicks 'Configure' in Android's VPN dialog
Tobias Brunner [Thu, 9 Aug 2012 09:35:24 +0000 (11:35 +0200)]
Keep reporting the error until the user dismisses it
Even when the Activity is closed and later reopened.
Tobias Brunner [Thu, 9 Aug 2012 09:33:22 +0000 (11:33 +0200)]
Show an error dialog when errors occur while establishing the VPN
Tobias Brunner [Thu, 9 Aug 2012 09:27:34 +0000 (11:27 +0200)]
Show a button to disconnect the VPN once it is established
Tobias Brunner [Thu, 9 Aug 2012 09:22:12 +0000 (11:22 +0200)]
Show current VPN state and profile name
Show modal dialogs while connecting and disconnecting the VPN.
Tobias Brunner [Thu, 9 Aug 2012 09:11:32 +0000 (11:11 +0200)]
Add a fragment to MainActivity which will display the current VPN state
The fragment is bound to the VpnStateService and registered as listener.
Tobias Brunner [Wed, 8 Aug 2012 17:10:33 +0000 (19:10 +0200)]
Use a separate (volatile) variable for certificate alias
If a connection is started while certificates are still loading and the
initiation is then canceled a deadlock could result if the daemon is
trying to enumerate the certificates just then.
Tobias Brunner [Wed, 8 Aug 2012 13:50:36 +0000 (15:50 +0200)]
Don't set the source address on Android
Tobias Brunner [Wed, 8 Aug 2012 13:03:00 +0000 (15:03 +0200)]
Close IKE_SA on Android immediately if setting up CHILD_SA fails
Tobias Brunner [Wed, 8 Aug 2012 13:02:34 +0000 (15:02 +0200)]
Reduce number of retransmits on Android
Tobias Brunner [Wed, 8 Aug 2012 12:54:44 +0000 (14:54 +0200)]
Job added which handles plain text packets read from TUN device
Tobias Brunner [Wed, 8 Aug 2012 12:51:59 +0000 (14:51 +0200)]
Added a handler that writes inbound plain text packets to the TUN device
Tobias Brunner [Wed, 8 Aug 2012 12:49:52 +0000 (14:49 +0200)]
Add simple callbacks to receive/send ESP packets via libipsec/receiver.
Tobias Brunner [Wed, 8 Aug 2012 12:47:47 +0000 (14:47 +0200)]
Add routes based on the installed IPsec policies to the TUN device builder
Tobias Brunner [Wed, 8 Aug 2012 12:46:22 +0000 (14:46 +0200)]
Add virtual IP to the TUN device builder
After the CHILD_SA is established we can easily get this address from
the IKE_SA.
Tobias Brunner [Wed, 8 Aug 2012 12:43:39 +0000 (14:43 +0200)]
Create a TUN device via VpnService.Builder once the CHILD_SA is established
Tobias Brunner [Wed, 8 Aug 2012 12:04:14 +0000 (14:04 +0200)]
An Android specific attribute handler installs DNS servers via Builder
Tobias Brunner [Wed, 8 Aug 2012 11:48:54 +0000 (13:48 +0200)]
Native counterpart of VpnService.Builder added, exposed by charonservice
Tobias Brunner [Wed, 8 Aug 2012 11:45:49 +0000 (13:45 +0200)]
Adapter class added around VpnService.Builder which allows to access it via JNI
Tobias Brunner [Wed, 8 Aug 2012 12:06:59 +0000 (14:06 +0200)]
Don't print hosts as %any if %+H is used
That is, the plus sign can be used in the format string to force a numeric
string representation of all host_t objects even 0.0.0.0 and :: which
would otherwise be printed as %any and %any6.
Tobias Brunner [Wed, 8 Aug 2012 12:05:58 +0000 (14:05 +0200)]
Add support for '+' in custom format specifiers
Tobias Brunner [Wed, 8 Aug 2012 11:23:41 +0000 (13:23 +0200)]
Initiate an SA via native JNI method
Tobias Brunner [Wed, 8 Aug 2012 11:20:34 +0000 (13:20 +0200)]
Helper function added that retrieves a local IP address
Tobias Brunner [Wed, 8 Aug 2012 11:15:53 +0000 (13:15 +0200)]
android_service_t handles initiation of an SA and tracks its progress
Status updates are delivered via charonservice (JNI).
Tobias Brunner [Wed, 8 Aug 2012 10:59:39 +0000 (12:59 +0200)]
Android specific credential set also provides user credentials
Tobias Brunner [Wed, 8 Aug 2012 10:52:05 +0000 (12:52 +0200)]
Added an Android specific credential set that provides CA certificates via JNI
Tobias Brunner [Wed, 8 Aug 2012 10:35:49 +0000 (12:35 +0200)]
CharonVpnService provides a function to get trusted certificates via JNI
Tobias Brunner [Wed, 8 Aug 2012 10:31:58 +0000 (12:31 +0200)]
Function added that allows to update VPN state via JNI
Tobias Brunner [Wed, 8 Aug 2012 10:25:17 +0000 (12:25 +0200)]
Add a function to disconnect any current VPN connection
Tobias Brunner [Wed, 8 Aug 2012 10:20:13 +0000 (12:20 +0200)]
Implement kernel_ipsec_t.bypass_socket() via JNI and VpnService.protect()
Tobias Brunner [Wed, 8 Aug 2012 10:04:38 +0000 (12:04 +0200)]
CharonVpnService binds to VpnStateService and does basic state updates
Tobias Brunner [Wed, 8 Aug 2012 09:54:36 +0000 (11:54 +0200)]
CharonVpnService reacts on Intents and properly inits/deinits charon
Charon is initialized with every new connection attempt and
deinitialized when the service is terminated or it receives an empty
Intent (or before starting a new connection).
A separate thread is used to handle the connection attempts, this thread
acts as main thread for charon.
Tobias Brunner [Wed, 8 Aug 2012 09:32:03 +0000 (11:32 +0200)]
Service added that keeps track of VPN state and notifies listeners about changes
It is ensured that listeners are notified only from the main thread.
Tobias Brunner [Wed, 8 Aug 2012 09:12:55 +0000 (11:12 +0200)]
Add an Android specific kernel_ipsec_t implementation
This is pretty much a proxy class that delegates everything (that is
currently supported) to libipsec.
Tobias Brunner [Wed, 8 Aug 2012 09:05:07 +0000 (11:05 +0200)]
Add an Android specific kernel_net_t implementation
This currently provides only no-ops and is just added because a
kernel-net implementation is required and kernel-netlink can't be used
at the moment.
Tobias Brunner [Tue, 7 Aug 2012 16:45:03 +0000 (18:45 +0200)]
Clone the current VPN profile before updating the password
Storing the password on the original object would be problematic in case
the user mistypes the password (no prompt would be shown the second time).
An alternative would be to just return the ID of the selected profile
and then fetch it from the database.
Tobias Brunner [Tue, 7 Aug 2012 16:44:36 +0000 (18:44 +0200)]
Allow VpnProfile objects to be cloned
Tobias Brunner [Tue, 7 Aug 2012 16:44:06 +0000 (18:44 +0200)]
Prompt the user for a password if none is configured in the VPN profile
Tobias Brunner [Tue, 7 Aug 2012 16:03:51 +0000 (18:03 +0200)]
Allow selection of a CA certificate for a VPN profile
This solution is just temporary as it really is not that user-friendly
to select CA certificates with a Spinner widget.
Tobias Brunner [Tue, 7 Aug 2012 15:52:10 +0000 (17:52 +0200)]
Simplified asynchronous loading of CA certificates in MainActivity
Tobias Brunner [Tue, 7 Aug 2012 15:07:44 +0000 (17:07 +0200)]
Added simple adapter for trusted certificates (to be used with a Spinner widget)
Tobias Brunner [Tue, 7 Aug 2012 13:51:00 +0000 (15:51 +0200)]
Keep a global reference to the CharonVpnService object in charonservice
Tobias Brunner [Tue, 7 Aug 2012 13:30:49 +0000 (15:30 +0200)]
Add signal handler for fatal signals to libandroidbridge
Tobias Brunner [Tue, 7 Aug 2012 13:25:06 +0000 (15:25 +0200)]
Set default log level in libandroidbridge
Tobias Brunner [Tue, 7 Aug 2012 13:17:45 +0000 (15:17 +0200)]
Renamed main Activity (shorter name in Launcher)
Tobias Brunner [Tue, 7 Aug 2012 12:11:27 +0000 (14:11 +0200)]
MainActivity starts CharonVpnService if a VpnProfile is clicked in the list
This is done by implementing the OnVpnProfileSelectedListener interface
provided by VpnProfileListFragment.
Tobias Brunner [Tue, 7 Aug 2012 12:02:38 +0000 (14:02 +0200)]
Menu option added to reload cached CA certificates
This might be required if the user installs a new CA certificate.
Tobias Brunner [Tue, 7 Aug 2012 12:00:16 +0000 (14:00 +0200)]
Show progress bar in ActionBar while loading cached CA certificates
Tobias Brunner [Tue, 7 Aug 2012 11:40:47 +0000 (13:40 +0200)]
Helper function added to handle Java exceptions in native code
Tobias Brunner [Tue, 7 Aug 2012 11:34:44 +0000 (13:34 +0200)]
Don't attach to actual Java threads (or already attached ones)
We check this by trying to retrieve a JNIEnv object from the JVM,
if one is returned the current thread is not native (created from Java)
or the thread is already attached.
Tobias Brunner [Wed, 18 Jul 2012 11:43:34 +0000 (13:43 +0200)]
Initially load CA certificates when the main Activity is created
Tobias Brunner [Wed, 18 Jul 2012 11:40:29 +0000 (13:40 +0200)]
Trusted CA certificates are loaded and cached by a static singleton
Tobias Brunner [Tue, 17 Jul 2012 18:03:40 +0000 (20:03 +0200)]
Remove restriction to portrait orientation
Tobias Brunner [Tue, 17 Jul 2012 18:03:23 +0000 (20:03 +0200)]
Use Holo as theme
Tobias Brunner [Tue, 17 Jul 2012 17:57:51 +0000 (19:57 +0200)]
Make click events on the profile list available to the Activity
If the Activity this fragment is placed in implements the provided interface
it is notified about clicks on any of the profiles.
Tobias Brunner [Tue, 17 Jul 2012 17:49:42 +0000 (19:49 +0200)]
Use a contextual action bar to edit and delete selected VPN profiles
Tobias Brunner [Tue, 17 Jul 2012 17:45:23 +0000 (19:45 +0200)]
Provide a menu with options to save VPN profiles
The ID of the updated/inserted profile is sent back to the activity that
started the detail view.
Tobias Brunner [Tue, 17 Jul 2012 17:40:03 +0000 (19:40 +0200)]
The list fragment uses a menu to provide an option to add new VPN profiles
Tobias Brunner [Tue, 17 Jul 2012 17:23:21 +0000 (19:23 +0200)]
Added an activity to edit basic VPN profile details
Already load existing data based on extra data delivered with the
Intent, no saving and CA certificate handling yet.
Tobias Brunner [Tue, 17 Jul 2012 17:12:56 +0000 (19:12 +0200)]
Show list fragment in main activity
Tobias Brunner [Tue, 17 Jul 2012 17:08:08 +0000 (19:08 +0200)]
Fragment added to list the VPN profiles
Tobias Brunner [Tue, 17 Jul 2012 17:02:50 +0000 (19:02 +0200)]
Added a custom adapter and layout to display VPN profiles in a ListView
Tobias Brunner [Tue, 17 Jul 2012 16:50:23 +0000 (18:50 +0200)]
Added class to simplify access to database of VPN profiles
Tobias Brunner [Tue, 17 Jul 2012 16:40:30 +0000 (18:40 +0200)]
Added class to move around VPN profiles in the Android App
Tobias Brunner [Tue, 17 Jul 2012 16:39:42 +0000 (18:39 +0200)]
Replaced launcher icon with a more appropriate one
Tobias Brunner [Sat, 14 Jul 2012 15:12:07 +0000 (17:12 +0200)]
Moved main Activity to ui sub-package
Also force portrait orientation.
Tobias Brunner [Sat, 14 Jul 2012 15:03:22 +0000 (17:03 +0200)]
Moved CharonVpnService to logic sub-package
Tobias Brunner [Sat, 14 Jul 2012 14:14:34 +0000 (16:14 +0200)]
Global charonservice_t object added to libandroidbridge
This is later used to call Java methods on CharonVpnService via JNI.
Tobias Brunner [Sat, 14 Jul 2012 14:06:12 +0000 (16:06 +0200)]
Added functions to attach/detach native threads to the JVM
Even though native threads are automatically detached from the JVM with
help of a thread-local destructor it is recommended to detach as soon as
possible as local JNI references are not freed until a thread detaches.
Tobias Brunner [Sat, 14 Jul 2012 14:00:01 +0000 (16:00 +0200)]
Moved JNI helper macros to a separate file
Also initialize a reference to the CharonVpnService class during
JNI_OnLoad, which allows us later to call methods from C to Java.
Tobias Brunner [Sat, 14 Jul 2012 13:31:36 +0000 (15:31 +0200)]
Use strongSwan logo as icon
Due to the transparency and black font this is probably not optimal yet.
Tobias Brunner [Sat, 14 Jul 2012 09:47:06 +0000 (11:47 +0200)]
Fixed ip_packet_t if IPv6 is not available
Tobias Brunner [Fri, 13 Jul 2012 14:12:29 +0000 (16:12 +0200)]
Added utility class to create TUN devices
Currently works only on Linux.
Tobias Brunner [Fri, 13 Jul 2012 13:34:51 +0000 (15:34 +0200)]
Added IPsec processor which is responsible for handling in- and outbound packets
Two callbacks can be registered that get called when new inbound plaintext and
outbound ESP packets have been processed. Inbound ESP and outbound plaintext
packets can be queued for processing with two other methods.
Tobias Brunner [Fri, 13 Jul 2012 13:23:00 +0000 (15:23 +0200)]
Represent the payload of an ESP packet as ip_packet_t instead of a chunk_t
Tobias Brunner [Fri, 13 Jul 2012 13:18:07 +0000 (15:18 +0200)]
IPsec policies can be looked up based on an IP packet
Tobias Brunner [Fri, 13 Jul 2012 13:05:27 +0000 (15:05 +0200)]
ip_packet_t parses the header of IP packets
Tobias Brunner [Fri, 13 Jul 2012 12:41:45 +0000 (14:41 +0200)]
Order IPsec policies by a pseudo-priority based on the traffic selectors
This allows a simple lookup, i.e. just use the first policy that matches
a given IP packet.
Tobias Brunner [Fri, 13 Jul 2012 12:32:03 +0000 (14:32 +0200)]
Implemented a checkout/checkin mechanism for IPsec SAs
SAs can only be checked out by a single thread and all other threads
block until the SA is checked in again.
Tobias Brunner [Fri, 13 Jul 2012 12:27:41 +0000 (14:27 +0200)]
IPsec policy manager added
This version only provides the very simplest management functions.
Tobias Brunner [Fri, 13 Jul 2012 12:17:03 +0000 (14:17 +0200)]
Method added to easily compare IPsec policies
Tobias Brunner [Fri, 13 Jul 2012 12:05:52 +0000 (14:05 +0200)]
Class representing an IPsec policy added
Tobias Brunner [Fri, 13 Jul 2012 11:54:29 +0000 (13:54 +0200)]
Schedule and relay expiration events for created IPsec SAs
Tobias Brunner [Fri, 13 Jul 2012 11:32:27 +0000 (13:32 +0200)]
Added class to relay IPsec events (like expiration) to listeners
Currently, only expiration of IPsec SAs is supported. Later other events
for e.g. acquires or changed NAT endpoints could be added.
Tobias Brunner [Fri, 13 Jul 2012 11:21:45 +0000 (13:21 +0200)]
Added IPsec SA manager
Tobias Brunner [Fri, 13 Jul 2012 09:21:25 +0000 (11:21 +0200)]
Add methods to easily compare IPsec SAs
Tobias Brunner [Fri, 13 Jul 2012 09:06:35 +0000 (11:06 +0200)]
Class representing an IPsec SA added
The IPsec SA also manages the respective ESP context.
Tobias Brunner [Fri, 13 Jul 2012 09:02:08 +0000 (11:02 +0200)]
Moved types used by kernel_ipsec_t interface (and libipsec) to libstrongswan
This avoids a dependency of libipsec to libhydra.
Tobias Brunner [Thu, 12 Jul 2012 14:56:35 +0000 (16:56 +0200)]
Use a CALLBACK feature to create charon's sender and receiver
Tobias Brunner [Tue, 10 Jul 2012 08:17:21 +0000 (10:17 +0200)]
Added a simple blocking queue around linked_list_t
Tobias Brunner [Sat, 7 Jul 2012 11:31:07 +0000 (13:31 +0200)]
esp_packet_t implements packet_t interface
This should allow to avoid unnecessary cloning of packet data.
Tobias Brunner [Sat, 7 Jul 2012 10:46:28 +0000 (12:46 +0200)]
Extended constructor for packet_t added (takes src, dst and data)
Tobias Brunner [Fri, 6 Jul 2012 14:40:46 +0000 (16:40 +0200)]
Moved packet_t to libstrongswan
Tobias Brunner [Thu, 5 Jul 2012 13:46:54 +0000 (15:46 +0200)]
Headers from libhydra (kernel interface related) are required in libipsec
Tobias Brunner [Thu, 5 Jul 2012 11:56:24 +0000 (13:56 +0200)]
ESP packet wrapper added, handles encryption/decryption/verification etc.
Tobias Brunner [Thu, 5 Jul 2012 11:44:57 +0000 (13:44 +0200)]
Adding class to manage ESP context (crypto, sequence numbers)
Tobias Brunner [Fri, 29 Jun 2012 08:47:20 +0000 (10:47 +0200)]
Added a method to bio_writer_t that allows to skip a number of bytes
A chunk pointing to the skipped bytes is returned, allowing users of
bio_writer_t to write/copy data to the skipped bytes themselves.
Tobias Brunner [Fri, 29 Jun 2012 08:12:27 +0000 (10:12 +0200)]
Added a method to bio_writer_t that allows to extract the internal buffer
Tobias Brunner [Thu, 28 Jun 2012 16:06:31 +0000 (18:06 +0200)]
Added methods to bio_reader_t to read data from end of buffer