aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * Added possibility to register custom kernel algorithms to kernel interfaceTobias Brunner2012-09-132-1/+172
| |
| * Added possibility to register custom proposal keywordsTobias Brunner2012-09-139-20/+186
| | | | | | | | Keyword lookup and registration are handled via the new lib->proposal object.
| * Removed len argument from proposal_get_token()Tobias Brunner2012-09-136-32/+30
| | | | | | | | Also use enumerators instead of lexparser.h to parse proposal strings.
| * Make arguments for enumerator_create_token|directory constTobias Brunner2012-09-132-7/+10
| |
| * Moved proposal_keywords to proposal_keywords_staticFrancois ten Krooden2012-09-137-34/+131
|/ | | | Added new proposal keywords with function to reference the static keywords.
* Option added to enforce a configured destination address for DHCP packetsTobias Brunner2012-09-132-1/+17
|
* version bump to 5.0.1rc1Andreas Steffen2012-09-121-1/+1
|
* Allow calls to set_address() for any host-sized TS, not only dynamic onesTobias Brunner2012-09-121-1/+1
| | | | | This fixes CHILD_SA updates (e.g. due to MOBIKE), which were broken since 4cb0783.
* Ensure traffic selectors are dynamic before calling set_address() when ↵Tobias Brunner2012-09-121-2/+2
| | | | deriving them
* Consistently log XFRM mark masks with 0 prefix in kernel-netlink pluginTobias Brunner2012-09-121-13/+13
|
* starter: Added --nolog option to suppress logging in starter itselfTobias Brunner2012-09-121-2/+6
| | | | Fixes #224.
* Updates to strongswan.conf(5) man page (added several missing options)Tobias Brunner2012-09-121-39/+82
|
* Some updates to ipsec.conf(5) man pageTobias Brunner2012-09-121-49/+70
|
* starter: Allow %any also for protocol in left|rightprotoportTobias Brunner2012-09-121-9/+15
|
* Don't allow NULL encryption with PEAPMartin Willi2012-09-121-1/+3
|
* Use memmove on overlapping regions, and operate with correct sizeof()Martin Willi2012-09-121-2/+2
|
* Whitespace cleanups in tls_eapMartin Willi2012-09-121-6/+6
|
* Use uintptr_t in mem pool to avoid compiler warning if sizeof(void*) != ↵Martin Willi2012-09-121-3/+2
| | | | sizeof(int)
* ikev1 hybrid authentication does not need client certificatesAndreas Steffen2012-09-124-6/+0
|
* corrected topology in ikev2/rw-radius-accounting scenarioAndreas Steffen2012-09-121-3/+2
|
* added ikev2/rw-eap-dynamic scenarioAndreas Steffen2012-09-1216-3/+172
|
* Always send a configuration payload in IKEv1 TRANSACTIONs, even if it is emptyMartin Willi2012-09-111-29/+14
|
* Don't use host address for dynamic TS in IKEv1 if a virtual IP was expectedMartin Willi2012-09-111-40/+57
|
* Don't use host address for dynamic TS in IKEv2 if a virtual IP was expectedMartin Willi2012-09-111-1/+33
|
* Don't return a subset for a dynamic TS unless set_address has been calledMartin Willi2012-09-111-1/+5
|
* Send FAILED_CP_REQUIRED if a configuration payload was expected, but not ↵Martin Willi2012-09-111-0/+9
| | | | received
* Check for an existing lease in all stroke pools before creating a new oneMartin Willi2012-09-113-83/+180
|
* Pass full pool list to release_addressMartin Willi2012-09-119-47/+95
|
* Pass the full list of pools to acquire_address, enumerate in providersMartin Willi2012-09-1110-73/+109
| | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools.
* Add a linked list constructor initializing from an enumeratorMartin Willi2012-09-112-0/+27
|
* Add a responder narrow() hook to change TS in the kernel, but not on the wireMartin Willi2012-09-113-3/+48
|
* Support RADIUS accounting when using IKEv1 with xauth-eap and eap-radiusMartin Willi2012-09-111-2/+10
|
* Fix leak while enumerating RADIUS Framed-IPs from IKE_SAMartin Willi2012-09-111-0/+1
|
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-106-14/+28
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Add random plugin options to strongswan.conf.5Martin Willi2012-09-102-0/+8
|
* Add strongswan.conf runtime options for /dev/[u]random filesMartin Willi2012-09-101-2/+7
| | | | Fixes #221.
* this is the correct evaltestAndreas Steffen2012-09-101-4/+3
|
* recovered ikev2/ip-two-pools-mixed evaltestAndreas Steffen2012-09-101-4/+5
|
* adapted ip-pool evaltestsAndreas Steffen2012-09-105-15/+15
|
* Use the proper types for comma separated attributes read from strongswan.confTobias Brunner2012-09-101-27/+25
| | | | | | Attributes of different address families previously were mapped to the same attribute type (the one derived from the address family of the first address).
* Print the name of mem pools instead of the confusing <base>/<size>Tobias Brunner2012-09-101-2/+4
|
* Properly remove broadcast address from mem poolsTobias Brunner2012-09-101-1/+1
|
* use base IMC ID if src IMC ID is not supportedAndreas Steffen2012-09-103-5/+11
|
* added libimcv.assessment_result to strongswan.conf man pageAndreas Steffen2012-09-091-0/+3
|
* make sending of IETF Assessment Result attributes configurableAndreas Steffen2012-09-093-11/+15
|
* introduced sending of standard IETF Assessment Result PA-TNC attribute by IMVsAndreas Steffen2012-09-0921-83/+638
|
* Only initiate an exchange from send_dpd() if a task was actually queuedTobias Brunner2012-09-071-2/+8
| | | | | Otherwise, the initiator would prematurely initiate Quick Mode if it has DPD enabled and XAuth is used.
* android: New release after adding certificate authentication and reauth fixTobias Brunner2012-09-061-2/+2
|
* Trigger ike_updown event caused by retransmits only after reestablish() has ↵Tobias Brunner2012-09-063-10/+5
| | | | | | | | been called This allows listeners to migrate to the new IKE_SA with the ike_reestablish event without having to worry about an ike_updown event for the old IKE_SA.
* android: Properly handle reauthentication initiated by the clientTobias Brunner2012-09-061-7/+42
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-25 23:00:43 +0000