aboutsummaryrefslogtreecommitdiffstats
Commit message (Expand)AuthorAgeFilesLines
* child-delete: Delay the removal of the inbound SA of rekeyed CHILD_SAsTobias Brunner2017-05-234-128/+422
* delete-child-sa-job: Add new constructor that takes the unique ID of a CHILD_SATobias Brunner2017-05-232-13/+69
* child-sa: Remove state to track installation of half the SA againTobias Brunner2017-05-236-62/+47
* unit-tests: Overload helper macro to check for outbound SA stateTobias Brunner2017-05-231-2/+30
* child-sa: Expose state of the outbound SATobias Brunner2017-05-232-17/+61
* child-sa: Add method to remove the outbound SA and policiesTobias Brunner2017-05-232-5/+78
* child-sa: Keep track whether the outbound SA has been installed or notTobias Brunner2017-05-231-8/+13
* child-delete: Track flags per individual CHILD_SATobias Brunner2017-05-231-47/+78
* ikev2: Delay installation of outbound SAs during rekeying on the responderTobias Brunner2017-05-234-30/+124
* child-sa: Add log message for CHILD_SA state changesTobias Brunner2017-05-231-0/+4
* child-sa: Add method to associate rekeyed CHILD_SAs with their replacementTobias Brunner2017-05-232-0/+35
* child-sa: Add methods that allow partial installation of CHILD_SATobias Brunner2017-05-232-5/+144
* child-sa: Add new state to track installation of only the inbound SATobias Brunner2017-05-232-1/+7
* child-sa: Change API used to set/install policiesTobias Brunner2017-05-236-79/+119
* child-sa: Split in- and outbound policy de-/installationTobias Brunner2017-05-231-62/+127
* child-create: Trigger NARROW_RESPONDER_POST hook before installing SAsTobias Brunner2017-05-231-25/+21
* Merge branch 'fuzzing'Tobias Brunner2017-05-2326-41/+380
|\
| * tnc-ifmap: Null-terminate buffer to make sscanf()-calls safeTobias Brunner2017-05-231-4/+5
| * libimcv: Make sure the first argument to sscanf() is null-terminatedTobias Brunner2017-05-232-2/+6
| * asn1: Make sure the first argument to sscanf() is null-terminatedTobias Brunner2017-05-231-7/+9
| * x509: Fix leak when parsing CDPs if an invalid one follows valid onesTobias Brunner2017-05-231-2/+2
| * pem: Ensure a value before checking Proc-Type in PEM headerTobias Brunner2017-05-231-1/+1
| * chunk: Correctly parse Base64 text where four = follow in a rowTobias Brunner2017-05-231-1/+1
| * configure: Don't modify CFLAGs if fuzzing is enabledTobias Brunner2017-05-231-5/+0
| * plugin-loader: Disable some logging output when building fuzz targetsTobias Brunner2017-05-231-4/+19
| * x509: Manually print CRL/OCSP URIs when fuzzingTobias Brunner2017-05-232-8/+28
| * processor: Move priority threads assignment to set_threads()Tobias Brunner2017-05-231-4/+9
| * fuzz: Change how fuzz_certs is builtTobias Brunner2017-05-231-5/+11
| * Add plugin constructor registration for all libraries that provide pluginsTobias Brunner2017-05-239-0/+65
| * plugin-constructors: Add script to generate constructor registrationTobias Brunner2017-05-232-0/+61
| * plugin-loader: Add facility to register plugin constructorsTobias Brunner2017-05-233-4/+87
| * configure: Don't build static libraries by defaultTobias Brunner2017-05-231-0/+1
| * library: Add compile option to disable memwipe() checkTobias Brunner2017-05-231-0/+6
| * fuzz: Make path to libFuzzer.a configurableTobias Brunner2017-05-232-1/+2
| * pem: Don't read beyond line endsTobias Brunner2017-05-231-2/+2
| * x509: Fix leak if there is an empty CDPTobias Brunner2017-05-231-1/+7
| * x509: Fix leak if a certificate contains multiple authorityKeyIdentifiersTobias Brunner2017-05-231-0/+1
| * fuzz: Add fuzzing boilerplateTobias Brunner2017-05-236-8/+75
|/
* testing: Avoid expiration of allocated SPIs due to low retransmission settingsTobias Brunner2017-05-231-1/+6
* kernel-netlink: Use total retransmit timeout as acquire timeoutTobias Brunner2017-05-233-16/+26
* task-manager: Add helper function to calculate the total retransmit timeoutTobias Brunner2017-05-232-1/+42
* ike: Use optional jitter to calculate retransmission timeoutsTobias Brunner2017-05-235-6/+75
* kernel-netlink: Try to add new inbound SA if update failsThomas Egerer2017-05-231-3/+12
* kernel-pfkey: Update SA addresses if supported by the kernelTobias Brunner2017-05-231-21/+16
* kernel-pfkey: Use new encap flag on Mac OS X when updating SAsTobias Brunner2017-05-231-1/+1
* receiver: Restrict init limit to half-open SAs as responderThomas Egerer2017-05-231-4/+2
* Merge branch 'hw-offload'Tobias Brunner2017-05-2316-172/+229
|\
| * kernel-netlink: Update hardware offload attribute when SAs are updatedTobias Brunner2017-05-231-11/+37
| * kernel-netlink: Base SA update on correct message in multi-message responseTobias Brunner2017-05-231-7/+7
| * vici: Make hardware offload configurableTobias Brunner2017-05-232-0/+15
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-01 15:49:03 +0000