Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | fixed compiler warnings on 64bit | Martin Willi | 2009-04-22 | 1 | -1/+1 |
| | |||||
* | merged multi-auth branch back into trunk | Martin Willi | 2009-04-14 | 1 | -201/+39 |
| | |||||
* | printf hooks refactored to increase portability (i.e. support for platforms ↵ | Tobias Brunner | 2009-03-12 | 1 | -42/+20 |
| | | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms). | ||||
* | added a MODP_NULL Diffie Hellman group to avoid calculation overhead in ↵ | Martin Willi | 2008-11-22 | 1 | -0/+7 |
| | | | | load-testing | ||||
* | fixing keylength bug at the right place: | Martin Willi | 2008-11-12 | 1 | -9/+1 |
| | | | | we usually don't touch output parameters if operations fails | ||||
* | improved fix | Andreas Steffen | 2008-11-12 | 1 | -5/+9 |
| | |||||
* | fixed AES-CCM/GCM authenticated encryption by eliminating generation of ↵ | Andreas Steffen | 2008-11-12 | 1 | -0/+4 |
| | | | | superfluous generation of integrity keying material | ||||
* | added proposal parsing of uncommon DH groups 3072/6144 | Martin Willi | 2008-10-08 | 1 | -0/+8 |
| | |||||
* | creating default IKE proposals dynamically using algorithm enumeration API | Martin Willi | 2008-08-28 | 1 | -22/+107 |
| | |||||
* | added %P printf handler for poposal_t | Martin Willi | 2008-06-12 | 1 | -65/+145 |
| | | | | added some proposal selection debugging code | ||||
* | log received DH groups and PRFs if no common proposal is found | Andreas Steffen | 2008-05-22 | 1 | -3/+23 |
| | |||||
* | added the ECP groups from RFC 5114 | Tobias Brunner | 2008-05-22 | 1 | -0/+8 |
| | |||||
* | added ECDH with OpenSSL (see RFC 4753) | Tobias Brunner | 2008-05-22 | 1 | -0/+12 |
| | |||||
* | list proposed ESP ENCRYPTION and INTEGRITY algorithms if no proposal is chosen | Andreas Steffen | 2008-05-20 | 1 | -2/+23 |
| | |||||
* | fixed a bug introduced in [3973] | Tobias Brunner | 2008-05-19 | 1 | -2/+4 |
| | |||||
* | ccm and gcm icv_sizes are accepted both in bits and octets | Andreas Steffen | 2008-05-17 | 1 | -7/+13 |
| | |||||
* | Added support for AES-CCM and AES-GCM (authenticated encryption algorithms) ↵ | Tobias Brunner | 2008-05-16 | 1 | -9/+114 |
| | | | | in charon. | ||||
* | renamed PRF_AES128_CBC to PRF_AES128_XCBC | Martin Willi | 2008-05-08 | 1 | -2/+2 |
| | |||||
* | implemented XCBC algorithms (signer, prf) for IKE on top of a crypter | Martin Willi | 2008-04-30 | 1 | -1/+3 |
| | | | | | | supporting ike=...-aesxcbc-... in ipsec.conf added AUTH_AES_XCBC_96 and PRF_AES128_CBC to default IKE proposal AES XCBC testcase | ||||
* | added equals() method to peer_cfg, ike_cfg, proposals, auth_info | Martin Willi | 2008-03-26 | 1 | -46/+161 |
| | | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator | ||||
* | merged the modularization branch (credentials) back to trunk | Martin Willi | 2008-03-13 | 1 | -7/+2 |
| | |||||
* | added compatibility names (pluto) for sha2 algorithms (sha2_256, ...) | Martin Willi | 2007-05-25 | 1 | -4/+11 |
| | |||||
* | added support for AES-XCBC in kernel using e.g. esp=aes128-aesxcbc ↵ | Martin Willi | 2007-04-23 | 1 | -0/+10 |
| | | | | (>=linux-2.6.20) | ||||
* | added PDF support for CHILD_SAs | Martin Willi | 2007-04-19 | 1 | -33/+45 |
| | | | | support for INVALID_KE_PAYLOAD negotiation for rekeying | ||||
* | added AES-192/256 proposals to IKE | Martin Willi | 2007-03-13 | 1 | -0/+2 |
| | |||||
* | removed SHA2 kernel proposals from default, the kernel doesn't support them yet | Martin Willi | 2007-03-08 | 1 | -6/+0 |
| | |||||
* | added SHA2 MAC and PRF to default proposal | Martin Willi | 2007-03-08 | 1 | -23/+58 |
| | |||||
* | some cleanups | Martin Willi | 2007-03-05 | 1 | -5/+1 |
| | | | | | | not assigning %any virtual IPs to peer anymore | ||||
* | fixed double free bug | Martin Willi | 2007-03-05 | 1 | -0/+18 |
| | |||||
* | added support for NULL encryption in ESP | Martin Willi | 2007-02-08 | 1 | -1/+5 |
| | |||||
* | include NO_EXT_SEQUENCE_NUMBER in default proposal | Martin Willi | 2007-02-08 | 1 | -0/+6 |
| | |||||
* | removed deprecated iterator methods (has_next & current) | Martin Willi | 2006-10-24 | 1 | -6/+3 |
| | | | | added iterator hook to manipulate iterator the clean way | ||||
* | linked list cleanups | Martin Willi | 2006-10-24 | 1 | -20/+5 |
| | | | | | added list methods invoke(), destroy_offset(), destroy_function() simplified list destruction when destroying its items | ||||
* | introduced new logging subsystem using bus: | Martin Willi | 2006-10-18 | 1 | -33/+21 |
| | | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more... | ||||
* | added copyright notice to sha2_hasher | Martin Willi | 2006-09-19 | 1 | -1/+1 |
| | | | | included SHA2 in build process | ||||
* | added support for 3DES encryption algorithm in IKE | Martin Willi | 2006-09-19 | 1 | -0/+1 |
| | |||||
* | redesigned IKE_SA using a transaction mechanism: | Martin Willi | 2006-07-05 | 1 | -0/+2 |
| | | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet | ||||
* | added support for "ike" and "esp" keywords | Martin Willi | 2006-06-15 | 1 | -1/+157 |
| | | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes | ||||
* | improved kernel interface logging | Martin Willi | 2006-06-09 | 1 | -3/+3 |
| | |||||
* | fixed compile warnings when using -Wall | Martin Willi | 2006-06-08 | 1 | -1/+0 |
| | | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing | ||||
* | further work for rekeying: | Martin Willi | 2006-06-07 | 1 | -306/+122 |
| | | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals | ||||
* | (no commit message) | Martin Willi | 2006-05-10 | 1 | -0/+642 |