aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
* Version bump to 5.5.2dr65.5.2dr6Andreas Steffen2017-03-033-3/+5
* Add keyid of smartcard or TPM private key as an argument to pki --reqAndreas Steffen2017-03-021-2/+15
* testing: load-testconfig script loads config from source dirTobias Brunner2017-03-022-67/+109
* libipsec: Enforce a minimum of 256 for SPIsTobias Brunner2017-03-021-3/+4
* libipsec: Fix min/max SPITobias Brunner2017-03-021-2/+2
* controller: Don't listen for CHILD_SA state changes when terminating IKE_SAsTobias Brunner2017-03-021-1/+0
* kernel: Make range of SPIs for IPsec SAs configurableTobias Brunner2017-03-025-8/+46
* settings: Add support for hex integers (0x prefix) via get_int()Tobias Brunner2017-03-021-1/+6
* libipsec: Log a packet's ports and protocol in case of a policy mismatchTobias Brunner2017-03-021-5/+7
* host: Don't log port if it is zeroTobias Brunner2017-03-022-6/+6
* libipsec: Match IPsec policies against ports of processed packetsTobias Brunner2017-03-021-1/+21
* NEWS: Mention the new addrblock featuresMartin Willi2017-03-021-0/+6
* addrblock: Use dynamic TS narrowing instead of rejecting the whole CHILD_SAMartin Willi2017-03-021-43/+28
* addrblock: Support an optional non-strict mode accepting certs without addrblockMartin Willi2017-03-023-3/+20
* child-cfg: Always apply hosts to traffic selectors if proposing transport modeTobias Brunner2017-02-271-14/+19
* traffic-selector: Allow calling set_address() for any traffic selectorTobias Brunner2017-02-273-48/+63
* Merge branch 'pki-addrblock'Martin Willi2017-02-279-4/+218
|\
| * pki: Add a note about constructing RFC 3779 compliant certificates to manpageMartin Willi2017-02-272-0/+6
| * pki: Support an --addrblock option for issued certificatesMartin Willi2017-02-272-1/+22
| * pki: Support an --addrblock option for self-signed certificatesMartin Willi2017-02-272-0/+23
| * pki: Add a helper function parse traffic selectors from CIDR subnets or rangesMartin Willi2017-02-272-0/+31
| * x509: Do not mark generated addrblock extension as criticalMartin Willi2017-02-271-2/+1
| * x509: Support encoding the RFC 3779 addrblock extensionMartin Willi2017-02-271-3/+134
| * builder: Define a builder part for X.509 RFC 3779 address blocksMartin Willi2017-02-272-0/+3
|/
* plugin-loader: Fix hashing of registered plugin featuresTobias Brunner2017-02-241-1/+1
* Version bump to 5.5.2dr55.5.2dr5Andreas Steffen2017-02-233-4/+2528
* Use of TPM 2.0 private keys for signatures via tpm pluginAndreas Steffen2017-02-2210-9/+468
* Implement signatures with private keys bound to TPM 2.0Andreas Steffen2017-02-213-8/+215
* android: New release after fixing potential ANR issueTobias Brunner2017-02-201-2/+2
* android: Send network change events from a separate thread via JNITobias Brunner2017-02-172-4/+68
* ikev1: Respond to DPDs for rekeyed IKE_SAsTobias Brunner2017-02-172-0/+10
* ike-sa: Optionally try to migrate to the best path on routing priority changesMartin Willi2017-02-172-1/+33
* ikev2: Ignore roam events without MOBIKE but static local addressTobias Brunner2017-02-171-0/+10
* ike-cfg: Add helper function to determine if a given IP address was configuredTobias Brunner2017-02-172-2/+46
* Merge branch 'vici-updates'Tobias Brunner2017-02-1639-327/+1968
|\
| * NEWS: VICI updatesTobias Brunner2017-02-161-1/+15
| * vici: Only log messages if there actually is a listenerTobias Brunner2017-02-161-0/+7
| * vici: Let has_event_listeners() actually check if clients are registeredTobias Brunner2017-02-161-2/+4
| * vici: Add support for mediation extensionTobias Brunner2017-02-162-1/+109
| * peer-cfg: Store mediated_by as name and not peer-cfg referenceTobias Brunner2017-02-166-68/+95
| * vici: Include uniqueness policy in list-connsTobias Brunner2017-02-161-0/+2
| * swanctl: Add --rekey commandTobias Brunner2017-02-164-1/+130
| * vici: Add command to initiate SA rekeyingTobias Brunner2017-02-162-2/+118
| * vici: Use unique names for CHILD_SAs in the list-sas commandTobias Brunner2017-02-163-4/+10
| * swanctl: Allow specifying pubkeys directly via 0x/0s prefixTobias Brunner2017-02-161-28/+38
| * vici: Add support to load CA certificates from tokens and paths in authority ...Tobias Brunner2017-02-163-21/+130
| * vici: Add support to load certificates from file pathsTobias Brunner2017-02-162-13/+68
| * vici: Add support to load certificates from tokensTobias Brunner2017-02-162-12/+163
| * swanctl: Add `token` secrets for keys on tokens/smartcardsTobias Brunner2017-02-162-0/+106
| * vici: Add command to load a private key from a tokenTobias Brunner2017-02-162-3/+117
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 06:39:35 +0000