aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/ike_sa.c
Commit message (Collapse)AuthorAgeFilesLines
* time values in strongswan.conf can be optionally specified in days (d), ↵Andreas Steffen2008-09-041-1/+1
| | | | hours (h), minutes (m), or seconds (s)
* charon.keep_alive = 0 disables the sending of NAT keep alivesAndreas Steffen2008-09-031-1/+1
|
* configure NAT keep alive interval using the charon.keep_alive keyAndreas Steffen2008-09-031-2/+9
|
* ported parts of two-sim branchMartin Willi2008-08-221-0/+26
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* corrected typoAndreas Steffen2008-08-111-1/+1
|
* demoted IKE state change output to debug level 2Andreas Steffen2008-07-281-1/+1
|
* ignore AUTH_LIFETIME value if reauthentication has already been scheduled ↵Andreas Steffen2008-07-281-8/+13
| | | | earlier
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-221-3/+3
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-211-3/+3
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-181-21/+21
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* fixed potential segfault in resolve_hostsMartin Willi2008-07-171-1/+4
|
* fixed acquire-delay bug by:Martin Willi2008-07-161-1/+1
| | | | | installing policies before states updating policies if protocol has changed
* do a route lookup to allow routing of left=%any connections Martin Willi2008-07-091-5/+15
|
* flushing task_manager on shutdown while IKE_SA is usableMartin Willi2008-06-251-1/+2
|
* resolving hosts before routeMartin Willi2008-06-231-0/+2
|
* display selected IKE proposal in ipsec statusallAndreas Steffen2008-06-221-0/+26
|
* DNS resolving of ike_cfg hosts dynamically on demandMartin Willi2008-06-061-14/+26
|
* do not roam IKE_SA in created or deleting stateMartin Willi2008-06-041-0/+8
|
* using fixed size keys in key derivation for AES-XCBC PRFMartin Willi2008-05-211-7/+24
|
* IPComp for IKEv2Tobias Brunner2008-05-081-1/+1
|
* added close_action as a seperate config option to dpd_actionMartin Willi2008-04-141-6/+23
|
* fixed jumping IKE_SA unique idsMartin Willi2008-04-141-28/+53
|
* using dpd actions to enforce connection stateMartin Willi2008-04-111-147/+135
| | | | dpd actions a per child-, not peer ike-sa
* enabling acquire for mediated connectionsTobias Brunner2008-04-101-53/+33
|
* enabling reauthentication on mediation connectionsTobias Brunner2008-04-101-1/+6
|
* fixing a problem if the mediation server initiates the rekeyingTobias Brunner2008-04-101-0/+10
|
* mediation connections should now properly rekeyTobias Brunner2008-04-091-3/+30
|
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-091-1/+10
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* fixed two other memory leaksTobias Brunner2008-04-031-2/+3
|
* fixing some memory leaksTobias Brunner2008-04-021-0/+1
|
* stopping connectivity checks on the responders side after receiving an ↵Tobias Brunner2008-04-011-3/+20
| | | | IKE_SA_INIT request with the proper ME_CONNECTID
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-261-29/+29
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-261-17/+14
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-51/+71
|
* NAT-T conditions were not inherited during IKE_SA rekeyingAndreas Steffen2008-01-291-1/+8
|
* removed c++ style comments4.1.9Martin Willi2007-12-041-6/+7
| | | | | fixed compiler warnings
* moved AUTH_LIFETIME handling in its own task (cleaner separation, proper ↵Martin Willi2007-12-031-1/+17
| | | | payload order)
* implemented RFC4478 (repeated authentication)Martin Willi2007-11-201-38/+134
| | | | | changed %V printf handler to take a time delta, %#V now takes two arguments
* fixed NO_PROPOSAL_CHOSEN response on IKE_SA_INITMartin Willi2007-11-141-0/+2
|
* adding new virtual ip before deleting old one to keep IP on reauthenticationMartin Willi2007-10-251-7/+7
|
* experimental P2P-NAT-T for IKEv2 merged back from branchTobias Brunner2007-10-031-8/+155
|
* moved force_encap to ike_config, enables responder to enforce udp encapsulationMartin Willi2007-10-011-1/+1
| | | | fixed bugs in force_encap code
* implemented IKEv2 force_encap connection parameterMartin Willi2007-10-011-1/+7
| | | | | enforces UDP encapsulation by faking NAT detection payloads to hurdle restrictive firewalls
* improved MOBIKE roaming between interfacesMartin Willi2007-09-241-2/+2
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-151-1/+1
|
* log name of IKE_SA in state changesAndreas Steffen2007-09-151-1/+2
|
* implemented routeability checks for mobike (experimental)Martin Willi2007-09-031-22/+8
|
* added mobike=yes|no connection optionMartin Willi2007-08-291-6/+15
| | | | | | | yes: include mobike support notifies as initiator no: only enable mobike as responder when initiator supports it default: yes
* rerouting CHILD_SA if its IKE_SA gets deletedMartin Willi2007-08-271-99/+149
|
* changed mobike behavior to NOT use additional responder addresses until we ↵Martin Willi2007-07-041-95/+3
| | | | have path discovery
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 08:25:05 +0000