aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
...
| * | | | After IKEv1 reauthentication, reinstall VIP routes after migrating CHILD_SAsMartin Willi2013-02-201-0/+4
| * | | | When detecting a duplicate IKEv1 SA, adopt children, as it might be a rekeyingMartin Willi2013-02-201-0/+21
* | | | | Merge branch 'vip-shunts'Martin Willi2013-03-012-15/+19
|\ \ \ \ \
| * | | | | Install a route for shunt policiesMartin Willi2013-02-201-5/+13
| * | | | | Include local address for Unity Split-Exclude shunt policiesMartin Willi2013-02-201-10/+5
| |/ / / /
* | | | | Merge branch 'opaque-ports'Martin Willi2013-03-0119-118/+199
|\ \ \ \ \
| * | | | | Don't reject OPAQUE ports while verifying traffic selector substructureMartin Willi2013-02-211-1/+5
| * | | | | Document ipsec.conf leftprotoport extensions in manpageMartin Willi2013-02-211-0/+8
| * | | | | Optionally support port ranges in leftprotoportMartin Willi2013-02-211-4/+20
| * | | | | Support %opaque keyword in leftprotoport for "opaque" portsMartin Willi2013-02-211-0/+5
| * | | | | Pass complete port range over stroke interface for more flexibilityMartin Willi2013-02-217-24/+21
| * | | | | Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-2111-36/+46
| * | | | | Print OPAQUE traffic selectors as what they are, not as port rangeMartin Willi2013-02-211-0/+4
| * | | | | Support "opaque" ports in traffic selector subset calculationMartin Willi2013-02-211-6/+32
| * | | | | Slightly refactor traffic_selector_t.get_subset()Martin Willi2013-02-211-61/+68
| * | | | | Migrate remaining traffic selector methods to METHOD macroMartin Willi2013-02-211-19/+18
| | |/ / / | |/| | |
* | | | | When running with an unprivileged user, initialize supplementary groupsMartin Willi2013-03-012-2/+38
* | | | | Without MOBIKE, update remote host only if it is behind NATMartin Willi2013-03-011-2/+3
* | | | | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-014-45/+55
|\ \ \ \ \
| * | | | | For IKEv1 Main Mode, use message hash to detect early retransmissionsMartin Willi2013-02-251-10/+23
| * | | | | Move initial message dropping to task managerMartin Willi2013-02-253-19/+27
| * | | | | Use INIT macro to initialize IKE_SA manager entriesMartin Willi2013-02-251-17/+6
* | | | | | Merge branch 'tfc-notify'Martin Willi2013-03-016-2/+68
|\ \ \ \ \ \
| * | | | | | Send ESP_TFC_PADDING_NOT_SUPPORTED if the used kernel doesn't support itMartin Willi2013-03-011-0/+9
| * | | | | | Indicate support for processing ESPv3 TFC padding in Netlink IPsec backendMartin Willi2013-03-011-1/+7
| * | | | | | Introduce "features" for the kernel backends returning kernel capabilitiesMartin Willi2013-03-014-1/+52
| | |/ / / / | |/| | | |
* | | | | | testing: Add a script to easily connect to a host via SSHTobias Brunner2013-02-281-0/+20
* | | | | | openssl: Provide AES-GCM implementationTobias Brunner2013-02-284-1/+312
* | | | | | Fix cleanup in crypto_tester if AEAD implementation failsTobias Brunner2013-02-281-1/+4
* | | | | | Order of arguments in Doxygen comment fixedTobias Brunner2013-02-282-2/+2
* | | | | | Fix auth_cfg_t.clone() for single-valued auth rulesTobias Brunner2013-02-281-10/+11
* | | | | | Trigger an updown event when destroying an IKE_SA based on INITIAL_CONTACTTobias Brunner2013-02-281-0/+1
| |_|_|_|/ |/| | | |
* | | | | Use SIGUSR2 for SIG_CANCEL on AndroidTobias Brunner2013-02-261-0/+4
* | | | | Android.mk updated to latest MakefilesTobias Brunner2013-02-263-1/+3
| |/ / / |/| | |
* | | | Check kvm command existence in start-testingReto Buerki2013-02-221-1/+1
* | | | openssl: Disable PKCS#7/CMS when building against OpenSSL < 0.9.8gTobias Brunner2013-02-202-1/+5
| |/ / |/| |
* | | version bump to 5.0.3dr25.0.3dr2Andreas Steffen2013-02-192-1/+5
* | | treat IF-M and IF-TNCCS remediation instructions/parameters in an equal wayAndreas Steffen2013-02-194-107/+204
* | | Merge branch 'dnssec'Tobias Brunner2013-02-19103-7/+3723
|\ \ \
| * | | NEWS about ipseckey and unbound plugins addedTobias Brunner2013-02-191-0/+9
| * | | Added ikev2/rw-dnssec scenarioAndreas Steffen2013-02-1921-0/+301
| * | | Added ikev2/net2net-dnssec scenarioAndreas Steffen2013-02-1917-0/+220
| * | | Configure winnetou as a DNSSEC enabled nameserver for the strongswan.org, org...Andreas Steffen2013-02-1923-2/+378
| * | | Build unbound and ipseckey plugins on KVM imageAndreas Steffen2013-02-192-2/+4
| * | | Streamlined log messages in ipseckey pluginAndreas Steffen2013-02-192-58/+30
| * | | Encode RSA public keys in RFC 3110 DNSKEY formatAndreas Steffen2013-02-198-3/+155
| * | | Moved configuration from resolver manager to unbound pluginAndreas Steffen2013-02-197-52/+47
| * | | ipseckey: Report IPSECKEYs with invalid DNSSEC security stateReto Guadagnini2013-02-191-2/+12
| * | | ipseckey: Added "enable" option for the IPSECKEY plugin to strongswan.confReto Guadagnini2013-02-192-3/+19
| * | | Added ipseckey plugin, which provides support for public keys in IPSECKEY RRsReto Guadagnini2013-02-199-0/+863
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 06:04:29 +0000