aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/child_sa.c
Commit message (Collapse)AuthorAgeFilesLines
* simplified SPI allocation after refactoringsMartin Willi2009-05-141-19/+4
|
* do not report a CHILD_SA rekey time if rekeying disabledMartin Willi2009-05-121-2/+10
|
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-301-2/+0
|
* merging changes from portability branch back to trunkTobias Brunner2009-04-301-4/+4
| | | | | important change for developers: %Y replaces %D to print identities!
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-191-263/+146
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-161-31/+40
|
* BEET mode might want forwarding policiesMartin Willi2008-11-121-11/+11
|
* ported some hard-to-merge cherries back to trunk :-/Martin Willi2008-11-121-11/+9
| | | | | shame, svn, shame: this was ways to complicated we should consider a switch to git...
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-111-66/+52
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-111-78/+161
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+1
|
* moved CHILD_SA key derivation to keymat_tMartin Willi2008-10-291-309/+167
| | | | passing key chunks to CHILD_SA, not the PRF
* additional getters for ipcomp and UDP encapMartin Willi2008-10-241-0/+18
|
* more CHILD_SA refactoringsMartin Willi2008-10-241-82/+77
|
* fixed enumeration of CHILD_SA traffic selectorsMartin Willi2008-10-211-24/+25
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-161-210/+19
|
* cache keys for in and outbound ESP SAsMartin Willi2008-10-151-189/+225
| | | | | removed redundant storing of traffic selectors in CHILD_SA (sa_policy_t) creating TS pairs dynamically using create_policy_enumerator()
* store ESP keys in CHILD_SAMartin Willi2008-10-151-32/+43
|
* passing chunks, not prf+, to kernel interfaceMartin Willi2008-10-141-18/+107
| | | | gives us better control of keymat in CHILD_SA
* typosTobias Brunner2008-10-141-6/+6
|
* reintegrated bus-refactoring branchMartin Willi2008-10-141-4/+8
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-251-10/+10
|
* ipsec status lists IPCOMP CPIsAndreas Steffen2008-07-221-3/+16
|
* own CPI was not deleted due to copy-and-paste errorAndreas Steffen2008-07-221-1/+1
|
* fixed acquire-delay bug by:Martin Willi2008-07-161-3/+8
| | | | | installing policies before states updating policies if protocol has changed
* IPComp for IKEv2Tobias Brunner2008-05-081-10/+84
|
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-261-36/+32
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-7/+2
|
* fixed _updown target for ipv6Andreas Steffen2007-11-061-1/+1
|
* removed accidentally checked in debugging codeMartin Willi2007-10-011-4/+0
|
* implemented IKEv2 force_encap connection parameterMartin Willi2007-10-011-0/+4
| | | | | enforces UDP encapsulation by faking NAT detection payloads to hurdle restrictive firewalls
* improved MOBIKE roaming between interfacesMartin Willi2007-09-241-0/+10
|
* fixed firewall script invocation when interface is not available anymoreMartin Willi2007-07-031-17/+28
|
* improved MOBIKE:Martin Willi2007-07-031-4/+6
| | | | | | | | prefer address family already used do not change address implicit when mobike supported handle multiple simultaneous roaming requests more properly proper enabling/disabling of UDP encapsulation
* fixed mobike address update from and to NATMartin Willi2007-07-021-33/+14
|
* proper update of IPsec SA when roaming a host-to-host tunnelMartin Willi2007-07-021-9/+36
| | | | roaming of IPsec SAs using virtual IPs
* further mobike improvements, regarding to NAT-TMartin Willi2007-06-271-20/+8
|
* simple roaming of the client works (not MOBIKE conform yet!)Martin Willi2007-06-261-107/+47
|
* cosmeticsAndreas Steffen2007-05-151-2/+2
|
* removed IKE_SA (%K) and CHILD_SA (%P) printf handlers, 3 more to goMartin Willi2007-04-111-122/+48
|
* restructured file layoutMartin Willi2007-04-101-34/+29
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* fixed statusall rekey time jitter bug (again)Martin Willi2007-03-201-4/+9
|
* fixed CHILD_SA rekeying time in statusallMartin Willi2007-03-201-2/+2
|
* fixed netlink socket receiver codeMartin Willi2007-03-031-2/+3
| | | | implemented interface enumeration code with netlink: no getifaddrs reqired anymore
* added firewalling support when using virtual IPsMartin Willi2007-03-011-15/+26
|
* preparations for PLUTO_MY_SOURCEIPAndreas Steffen2007-03-011-3/+22
|
* merged tasking branch into trunkMartin Willi2007-02-281-98/+49
|
* combined use_in and use_fwdAndreas Steffen2007-01-101-18/+18
|
* support for transport in create_child_saMartin Willi2007-01-081-2/+3
| | | | include TRANSPORT/TUNNEL information in statusall
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-29 08:35:59 +0000