aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/config
Commit message (Collapse)AuthorAgeFilesLines
* identification_t.matches() supports multiple wildcard countsAndreas Steffen2006-07-111-23/+9
|
* updated copyright informationMartin Willi2006-07-078-14/+21
|
* added support for leftprotoport and rightprotoportMartin Willi2006-07-052-7/+18
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-055-21/+18
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* log entries start with lowcercase characterAndreas Steffen2006-07-041-2/+6
|
* support of cert payloadsAndreas Steffen2006-07-036-64/+205
|
* added X.509 trust chain verificationAndreas Steffen2006-06-272-4/+248
|
* applied new changes from NATT teamMartin Willi2006-06-233-27/+1
| | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there
* first merge of NATT codeMartin Willi2006-06-222-13/+89
|
* readded local_credential_storeMartin Willi2006-06-205-78/+242
| | | | | | added sendcert policy to connection some other cleanups
* implemented rereadcrls rereadcacertsAndreas Steffen2006-06-202-0/+669
|
* removed local_credential_storeAndreas Steffen2006-06-202-689/+0
|
* added crl supportAndreas Steffen2006-06-163-15/+188
|
* fixed aes code, we support now aes128, aes192, aes256 in IKEMartin Willi2006-06-151-2/+0
|
* added support for "ike" and "esp" keywordsMartin Willi2006-06-153-9/+192
| | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes
* debug and logging improvementsMartin Willi2006-06-133-5/+9
|
* add_certificate() now returns pointer to added certAndreas Steffen2006-06-122-8/+8
|
* workaround for peers rekeying at the same timeMartin Willi2006-06-123-9/+42
| | | | | loading lifetime policies from ipsec.conf
* old child_sa gets deleted after rekeyingMartin Willi2006-06-091-3/+3
| | | | | | rekeying almost complete, but: IKE_SA get in an invalid state when both initiate rekeying at the same time,
* improved kernel interface loggingMartin Willi2006-06-091-3/+3
|
* fixed clone/destroy behavior when not using CAsMartin Willi2006-06-091-5/+17
|
* specifying keysize in bits, as it is required in IKEv2Martin Willi2006-06-091-1/+1
| | | | | | added generic kernel SA algorithm handling, which brings us: aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
* added support for leftsendcert= and left|rightca= parametersAndreas Steffen2006-06-092-2/+41
|
* discard cert if CA basic constraints flag is not set and warn if cert is not ↵Andreas Steffen2006-06-091-5/+16
| | | | valide
* fixed compile warnings when using -WallMartin Willi2006-06-085-8/+12
| | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing
* further work for rekeying:Martin Willi2006-06-075-356/+182
| | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals
* - fixed some memleaks/freebugsMartin Willi2006-05-311-1/+0
| | | | | - leak detective works almost usable now (?!)
* - fixed host-host tunnel traffic selection, host-host works nowMartin Willi2006-05-311-6/+24
|
* full support of ikev1 and ikev2 connection flagsAndreas Steffen2006-05-301-6/+7
|
* new functions to add certificates and retrieve private and public keysAndreas Steffen2006-05-303-120/+182
|
* changed log levelAndreas Steffen2006-05-301-2/+2
|
* - policies contain a connections name nowMartin Willi2006-05-298-257/+340
| | | | | | | | - used for initiate and delete - connections won't get initiated twice anymore - deleting of connections is now possible, which allows us to use ipsec update and ipsec reload
* - show connection templates in status & statusallMartin Willi2006-05-232-0/+55
| | | | | - don't complain on termination of IKEv1 connections
* - changed config load strategy:Martin Willi2006-05-232-3/+33
| | | | | | | starter loads both connections in charon & pluto, charon ignores anything with keyexchange!=ikev2. pluto needs the same behavior.
* - applied patch from andreas, which allows certificate listing via strokeMartin Willi2006-05-193-5/+40
|
* - applied andreas's patchMartin Willi2006-05-181-41/+56
| | | | | | | - logger output improvements - testin gupdates - and a lot more
* - introduced autotoolsMartin Willi2006-05-164-100/+0
| | | | | | | | | | - first working version - make dist should work - things to do: - UML testing! - more cleanups
* (no commit message)Martin Willi2006-05-1023-0/+4423
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-14 02:16:59 +0000