aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/child_sa.c
Commit message (Collapse)AuthorAgeFilesLines
* added CHILD_SA states, which allows us to detect further simultaneous ↵Martin Willi2006-07-131-2/+42
| | | | | | | transactions reimplemented the buggy message id handling
* added policy cache to kernel interfaceMartin Willi2006-07-121-125/+34
| | | | | | allows refcounting of multiple installed policies finally brings us stable simultaneous rekeying
* further work done for simultaneous rekeying/deleteMartin Willi2006-07-101-23/+50
| | | | | still some cases which cause trouble
* updated copyright informationMartin Willi2006-07-071-1/+2
|
* reimplemented CHILD_SA rekeying & deleteMartin Willi2006-07-071-2/+2
| | | | | no simultanous transaction with CHILD_SAs yet!
* improved CHILD_SA output for "ipsec statusall"Martin Willi2006-07-051-61/+106
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-051-0/+1
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* applied latest NATT patch with some fixes and cleanupsMartin Willi2006-07-041-1/+1
|
* lowercase log entriesAndreas Steffen2006-07-031-1/+1
|
* applied new changes from NATT teamMartin Willi2006-06-231-1/+89
| | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there
* first merge of NATT codeMartin Willi2006-06-221-54/+235
|
* fixed SPI when rekeying and deleting CHILD_SAsMartin Willi2006-06-191-6/+6
|
* change key derivation order to fullfill RFCMartin Willi2006-06-191-11/+26
|
* implemented clean spi allocation behavior when using multiple proposalsMartin Willi2006-06-151-35/+104
|
* using same reqid if a child sa rekeys an existing oneMartin Willi2006-06-121-2/+4
|
* workaround for peers rekeying at the same timeMartin Willi2006-06-121-2/+10
| | | | | loading lifetime policies from ipsec.conf
* old child_sa gets deleted after rekeyingMartin Willi2006-06-091-28/+48
| | | | | | rekeying almost complete, but: IKE_SA get in an invalid state when both initiate rekeying at the same time,
* improved kernel interface loggingMartin Willi2006-06-091-7/+4
|
* specifying keysize in bits, as it is required in IKEv2Martin Willi2006-06-091-58/+23
| | | | | | added generic kernel SA algorithm handling, which brings us: aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
* fixed compile warnings when using -WallMartin Willi2006-06-081-9/+8
| | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing
* further work for rekeying:Martin Willi2006-06-071-250/+193
| | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals
* job management:Martin Willi2006-05-311-4/+12
| | | | | | | | | | | | | moved job code from thread_pool to job, jobs have an "execute" method now added two new jobs: delete_child_sa & rekey_child_sa kernel interface: listens now for ACQUIRE & EXPIRE supports hard and soft lifetimes fires jobs for delete and rekey child sa ike sa manager: can checkout IKE SAs by requid of owned CHILD SAs we have now the infrastructure to do the rekeying... :-)
* - show connection templates in status & statusallMartin Willi2006-05-231-2/+2
| | | | | - don't complain on termination of IKEv1 connections
* - applied patch from the NAT-T team fixing several typosMartin Willi2006-05-191-1/+1
|
* (no commit message)Martin Willi2006-05-101-0/+590
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 06:14:51 +0000