aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Check if subset calculation actually yields a TS in Unity narrowingMartin Willi2012-09-181-1/+5
| |
| * Request Unity configuration attributes for IKEv1 onlyMartin Willi2012-09-181-0/+6
| |
| * Add Cisco Unity client support for Split-Include and Local-LANMartin Willi2012-09-189-0/+785
|/
* Add a road-warrior test case requesting both an IPv4 and an IPv6 virtual addressMartin Willi2012-09-189-0/+95
|
* Derive a dynamic TS to multiple virtual IPsMartin Willi2012-09-188-118/+160
|
* Use the vararg list constructor in quick mode taskMartin Willi2012-09-181-16/+8
|
* Add a linked list constructor taking items from a vararg listMartin Willi2012-09-182-2/+33
|
* Make stroke user-creds work with XAuth configsTobias Brunner2012-09-181-9/+18
|
* Fix Doxygen comment for proposal_keywords_tTobias Brunner2012-09-181-1/+1
| | | | Two dots seem to mark the end of a list.
* New Android release after fixing IDr problemsTobias Brunner2012-09-181-2/+2
|
* Use random ports in NetworkManager backendTobias Brunner2012-09-181-0/+4
|
* Fix equality comparison of auth_cfg_tTobias Brunner2012-09-181-2/+16
| | | | | | | We previously only confirmed that rules contained in the first config are also contained in the second, but since the number of rules does not have to be equal, it might be that the second config contains rules that the first one doesn't.
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-182-0/+22
|
* Use AUTH_RULE_IDENTITY_LOOSE in NetworkManager backendTobias Brunner2012-09-181-1/+3
|
* android: Use AUTH_RULE_IDENTITY_LOOSETobias Brunner2012-09-181-0/+1
|
* Add AUTH_RULE_IDENTITY_LOOSE which allows to use IDr loosely as initiatorTobias Brunner2012-09-183-1/+28
| | | | | | If it is set on an auth config IDr will not be sent, and later the configured identity will not only be checked against the returned IDr, but also against other identities contained in the responder's certificate.
* New Android release after fixing Unicode conversion bugTobias Brunner2012-09-171-2/+2
|
* android: Fix conversion of actual Unicode strings (i.e. bytes!=chars)Tobias Brunner2012-09-171-5/+6
|
* Removed the unneeded socket-raw pluginTobias Brunner2012-09-1410-895/+0
|
* Change traffic selectors during Quick Mode in case of a NAT in transport modeTobias Brunner2012-09-141-9/+19
| | | | | | | | | Windows 7 sends its internal address as TSi. While we don't support the NAT-T drafts as used by Windows XP it is interesting to note that the client there omits the TSi payload which then would automatically get set to the public IP address of the client. Fixes #220.
* Merge branch 'custom-crypto'Tobias Brunner2012-09-1322-86/+574
|\ | | | | | | | | | | | | | | This provides plugins with an interface to register keywords for proposals (e.g. when parsing the esp and ike options from ipsec.conf) and the possibility to register identifiers for kernel algorithms. It is based on patches contributed by Nanoteq Pty Ltd.
| * Added algorithm lookup via kernel_interface_t to the various kernel interfacesTobias Brunner2012-09-135-19/+72
| |
| * Added possibility to register custom kernel algorithms to kernel interfaceTobias Brunner2012-09-132-1/+172
| |
| * Added possibility to register custom proposal keywordsTobias Brunner2012-09-139-20/+186
| | | | | | | | Keyword lookup and registration are handled via the new lib->proposal object.
| * Removed len argument from proposal_get_token()Tobias Brunner2012-09-136-32/+30
| | | | | | | | Also use enumerators instead of lexparser.h to parse proposal strings.
| * Make arguments for enumerator_create_token|directory constTobias Brunner2012-09-132-7/+10
| |
| * Moved proposal_keywords to proposal_keywords_staticFrancois ten Krooden2012-09-137-34/+131
|/ | | | Added new proposal keywords with function to reference the static keywords.
* Option added to enforce a configured destination address for DHCP packetsTobias Brunner2012-09-132-1/+17
|
* version bump to 5.0.1rc1Andreas Steffen2012-09-121-1/+1
|
* Allow calls to set_address() for any host-sized TS, not only dynamic onesTobias Brunner2012-09-121-1/+1
| | | | | This fixes CHILD_SA updates (e.g. due to MOBIKE), which were broken since 4cb0783.
* Ensure traffic selectors are dynamic before calling set_address() when ↵Tobias Brunner2012-09-121-2/+2
| | | | deriving them
* Consistently log XFRM mark masks with 0 prefix in kernel-netlink pluginTobias Brunner2012-09-121-13/+13
|
* starter: Added --nolog option to suppress logging in starter itselfTobias Brunner2012-09-121-2/+6
| | | | Fixes #224.
* Updates to strongswan.conf(5) man page (added several missing options)Tobias Brunner2012-09-121-39/+82
|
* Some updates to ipsec.conf(5) man pageTobias Brunner2012-09-121-49/+70
|
* starter: Allow %any also for protocol in left|rightprotoportTobias Brunner2012-09-121-9/+15
|
* Don't allow NULL encryption with PEAPMartin Willi2012-09-121-1/+3
|
* Use memmove on overlapping regions, and operate with correct sizeof()Martin Willi2012-09-121-2/+2
|
* Whitespace cleanups in tls_eapMartin Willi2012-09-121-6/+6
|
* Use uintptr_t in mem pool to avoid compiler warning if sizeof(void*) != ↵Martin Willi2012-09-121-3/+2
| | | | sizeof(int)
* ikev1 hybrid authentication does not need client certificatesAndreas Steffen2012-09-124-6/+0
|
* corrected topology in ikev2/rw-radius-accounting scenarioAndreas Steffen2012-09-121-3/+2
|
* added ikev2/rw-eap-dynamic scenarioAndreas Steffen2012-09-1216-3/+172
|
* Always send a configuration payload in IKEv1 TRANSACTIONs, even if it is emptyMartin Willi2012-09-111-29/+14
|
* Don't use host address for dynamic TS in IKEv1 if a virtual IP was expectedMartin Willi2012-09-111-40/+57
|
* Don't use host address for dynamic TS in IKEv2 if a virtual IP was expectedMartin Willi2012-09-111-1/+33
|
* Don't return a subset for a dynamic TS unless set_address has been calledMartin Willi2012-09-111-1/+5
|
* Send FAILED_CP_REQUIRED if a configuration payload was expected, but not ↵Martin Willi2012-09-111-0/+9
| | | | received
* Check for an existing lease in all stroke pools before creating a new oneMartin Willi2012-09-113-83/+180
|
* Pass full pool list to release_addressMartin Willi2012-09-119-47/+95
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 14:33:13 +0000