| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
allows refcounting of multiple installed policies
finally brings us stable simultaneous rekeying
|
| | |
|
| | |
|
| |
|
|
|
| |
no simultanous transaction with CHILD_SAs yet!
|
| |
|
|
|
|
|
|
|
|
|
|
| |
removed old state machine
reimplemented IKE_SA setup and delete
implemented dead peer detection
implemented keep-alives
a lot of fixes
no rekeying yet
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes
|
| | |
|
| |
|
|
|
|
| |
rekeying almost complete, but:
IKE_SA get in an invalid state when both initiate rekeying at the same time,
|
| |
|
|
|
|
| |
added generic kernel SA algorithm handling, which brings us:
aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
|
| |
|
|
|
|
|
|
|
| |
get liftimes from policy
added new state
initiation of rekeying done
proposal redone:
removed support for AH+ESP proposals
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
moved job code from thread_pool to job, jobs have an "execute" method now
added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
listens now for ACQUIRE & EXPIRE
supports hard and soft lifetimes
fires jobs for delete and rekey child sa
ike sa manager:
can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
|
| | |
|
| |
|
|
|
| |
more IKEv2 conform
|
| |
|
|
|
| |
should conform now to IKEv2
|
| |
|
|
|
|
|
|
|
|
| |
- first working version
- make dist should work
- things to do:
- UML testing!
- more cleanups
|
| |
|
