aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* starter: (De-)Initialize logging when forking.Tobias Brunner2012-06-051-0/+2
|
* starter: Close open file descriptors when forking daemons.Tobias Brunner2012-06-042-0/+2
|
* starter: Changed signal handling now that starter is multi-threaded.Tobias Brunner2012-06-042-15/+57
|
* Mark CHILD_SAs used for trap policies to uninstall them properly.Tobias Brunner2012-06-041-6/+13
| | | | | | | If the installation failed the state is not CHILD_ROUTED which means the wrong priority is used to uninstall the policies. This is a problem for kernel interfaces that keep track of installed policies as now the proper policy is not found (if the priority is considered).
* NEWS for 4.6.4 added.Tobias Brunner2012-05-311-0/+10
|
* Fixed return values of several functions (e.g. return FALSE for pointer types).Tobias Brunner2012-05-318-10/+10
|
* Fix boolean return value if an empty RSA signature is detected in gmp pluginMartin Willi2012-05-311-1/+1
| | | | Fixes CVE-2012-2388.
* Avoid queueing more than one retry initiate job.Tobias Brunner2012-05-303-4/+35
|
* Retry IKE_SA initiation if DNS resolution failed.Tobias Brunner2012-05-302-4/+43
| | | | | This is disabled by default and can be enabled with the charon.retry_initiate_interval option in strongswan.conf.
* Job added to re-initiate an IKE_SA.Tobias Brunner2012-05-303-0/+144
|
* added nonce plugin to gcrypt scenariosAndreas Steffen2012-05-3020-20/+20
|
* upgraded ipv6 scenarios to 5.0.0Andreas Steffen2012-05-29121-282/+737
|
* Fix MOBIKE address update if responder address changed.Tobias Brunner2012-05-251-2/+2
| | | | | Use the source address of the current MOBIKE message as peer address instead of assuming the address cached on the IKE_SA is still valid.
* Resolve hosts before reauthenticating due to address change.Tobias Brunner2012-05-251-0/+2
|
* Don't queue delete_ike_sa job when setting IKE_DELETING.Tobias Brunner2012-05-252-9/+1
| | | | | This avoids deleting IKE_SAs during reauthentication (without trying to reestablish them).
* During reauthentication reestablish IKE_SA even if deleting the old one fails.Tobias Brunner2012-05-251-0/+6
|
* Integrated main parts of IKE_REAUTH task into ike_sa_t.reestablish.Tobias Brunner2012-05-252-115/+77
|
* Fixed route lookup in case MOBIKE is not enabled.Tobias Brunner2012-05-251-3/+9
|
* enable xauth-eap plugin in UML scenariosAndreas Steffen2012-05-252-0/+6
|
* added nonce plugin in default host configurationsAndreas Steffen2012-05-257-7/+7
|
* upgraded ike scenarios to 5.0.0Andreas Steffen2012-05-2513-54/+74
|
* added IKEv1 IPCOMP pluto-charon interoperability scenariosAndreas Steffen2012-05-2523-0/+273
|
* Added encapsulation mode transform attribute to IPComp proposal.Tobias Brunner2012-05-253-5/+10
|
* upgraded ikev1/compress to 5.0.0Andreas Steffen2012-05-249-0/+93
|
* Updated ipsec.conf(5) to reflect changes to IPComp support.Tobias Brunner2012-05-241-4/+2
|
* Add an additional proposal without IPComp to SA payload.Tobias Brunner2012-05-241-17/+15
|
* Added log message if peer does not accept/provide IPComp proposal.Tobias Brunner2012-05-241-2/+12
|
* Added support to negotiate IPComp during Quick Mode.Tobias Brunner2012-05-241-11/+91
|
* Added support for IKEv1 IPComp proposals in SA payload.Tobias Brunner2012-05-245-14/+98
|
* Added support for IKEv1 IPComp proposals in proposal substructure.Tobias Brunner2012-05-244-10/+129
|
* Fix memleak during Quick Mode in case no SPI can be allocated from kernel.Tobias Brunner2012-05-241-8/+8
|
* Properly filter IKEv1 proposals consisting of multiple proposal payloads.Tobias Brunner2012-05-241-9/+15
| | | | | | | Since a proposal_t object is created for each transform contained in the proposal payload, it does not work to simply remove the last proposal_t object added to the list (there may be several other extracted from the previous proposal payload).
* Fixed check for loaded plugins with feature types that are not compared exactly.Tobias Brunner2012-05-241-25/+13
| | | | | Previously e.g. RNGs with weaker strength would have overwritten stronger ones.
* get_match() method added to hashtable_t.Tobias Brunner2012-05-242-5/+34
|
* added ikev1/xauth-rsa-eap-md5-radius scenarioAndreas Steffen2012-05-2418-0/+392
|
* Use a hashtable to check for already loaded plugin features.Tobias Brunner2012-05-231-20/+37
|
* Hash function for plugin features added.Tobias Brunner2012-05-232-0/+68
|
* load nonce pluginAndreas Steffen2012-05-23494-496/+496
|
* added ikev1 pluto-charon interoperability scenariosAndreas Steffen2012-05-23508-0/+6797
|
* upgraded ikev1 scenarios to 5.0.0Andreas Steffen2012-05-23974-13037/+1478
|
* Apply IDir before deriving keys as aggressive initiatorMartin Willi2012-05-231-4/+4
|
* Use received identity to look up PSK as aggressive responderMartin Willi2012-05-231-2/+9
|
* Check if we actually have an initiating packet to free while processing ↵Martin Willi2012-05-231-1/+1
| | | | responses
* list IKEv1 Aggressive Mode in ipsec statusallAndreas Steffen2012-05-231-2/+9
|
* Switch to alternative peer config in IKEv1 Main and Aggressive Mode.Tobias Brunner2012-05-214-24/+85
|
* Cancel pending retransmits when flushing active task queueMartin Willi2012-05-211-0/+4
|
* Cancel active quick mode task when receiving INFORMATIONAL errorMartin Willi2012-05-211-0/+30
|
* Flush task queues explicitly, not implicitly if task returns ALREADY_DONEMartin Willi2012-05-216-12/+20
|
* Wrap task managers flush_queue() in IKE_SAMartin Willi2012-05-212-0/+14
|
* Make task managers flush_queue() method publicMartin Willi2012-05-213-20/+62
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 12:46:03 +0000