aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/ike_sa.c
Commit message (Collapse)AuthorAgeFilesLines
* Add an option to send a vendor ID, allows us to properly support private ↵Martin Willi2010-01-071-0/+3
| | | | extensions
* Store completed authentication rounds permanently on IKE_SA, with flush optionMartin Willi2009-12-011-2/+75
|
* Removed obsolete and unused [gs]et_eap_identity() methodsMartin Willi2009-11-301-26/+0
|
* Give plugins more control of which configuration attributes to request, and ↵Martin Willi2009-11-171-13/+7
| | | | pass received attributes back to the requesting handler
* moved attribute_manager to libstrongswanAndreas Steffen2009-10-131-5/+5
|
* Do not create a replacement IKE_SA if we have CHILD_SAs to route onlyMartin Willi2009-09-241-8/+7
|
* Enforce a local address of the same family as remote addressMartin Willi2009-09-211-2/+8
|
* remove spaces within tabs (\t( )+\t)Martin Willi2009-09-041-2/+2
|
* removed trailing spaces ([[:space:]]+$)Martin Willi2009-09-041-113/+113
|
* Fixed some typos; whitespace cleanup.Tobias Brunner2009-09-021-21/+23
|
* use time_monotonic() instead of time() for statistics and time difference ↵Martin Willi2009-08-311-12/+13
| | | | calculations
* use time_monotonic() instead of gettimeofday() for time difference calculationsMartin Willi2009-08-311-1/+0
|
* Fixed a race condition when querying stats of a child_sa in different order.Tobias Brunner2009-08-061-2/+3
|
* Reverted the interface changes introduced in 3f720dc7.Tobias Brunner2009-08-061-5/+1
|
* update usetime only if usebytes increaseAndreas Steffen2009-07-301-1/+5
|
* implemented child_up() bus hookMartin Willi2009-07-091-1/+2
|
* defer MOBIKE update if we have no route to the peerMartin Willi2009-07-021-0/+37
|
* reset IKE_SA on bus after checkout/checkin of replacement SAMartin Willi2009-06-161-2/+4
|
* include TSi/TSr of triggering packet in acquireMartin Willi2009-05-201-5/+6
|
* initiate trapped CHILD_SAs with same reqidMartin Willi2009-05-081-14/+6
|
* removed obsolete route/unroute code from ike_sa/controllerMartin Willi2009-05-081-217/+6
|
* properly delete IKE_SA if IKE_SA_INIT processing failedMartin Willi2009-05-071-0/+5
|
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-301-2/+0
|
* attribute_manager supports attribute_handler's to handle configuration ↵Martin Willi2009-04-241-157/+64
| | | | | | | | attributes via plugins moved resolv.conf editing to a separate plugin (resolv_conf) extended attribute_provider interface to hand out arbitrary attributes moved strongswan.conf based dns/nbns configuration to a plugin (attr)
* schedule_job uses seconds to support time values larger than 49 daysMartin Willi2009-04-211-17/+11
| | | | added schedule_job_ms for ms resolution events
* merged multi-auth branch back into trunkMartin Willi2009-04-141-43/+17
|
* fallback to family specific %any(6) if kernel lookup failsMartin Willi2009-03-161-0/+6
|
* printf hooks refactored to increase portability (i.e. support for platforms ↵Tobias Brunner2009-03-121-2/+1
| | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
* purge certificates after IKE_AUTH response has been builtMartin Willi2008-12-161-6/+8
|
* purge auth_info when IKE_SA is established, releases cert memoryMartin Willi2008-12-091-0/+6
|
* pass identity to release_address(), allows providers to do a lookup by idMartin Willi2008-12-051-1/+1
|
* some task queueing improvements:Martin Willi2008-12-011-20/+10
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* schedule rekeying when activating passive IKE_SAsMartin Willi2008-11-281-1/+2
|
* added a PASSIVE IKE_SA state to manage it externallyMartin Willi2008-11-281-4/+20
|
* performance optimization for the DOS protection.Tobias Brunner2008-11-251-1/+1
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* fixed set_message_id() on IKE_SAMartin Willi2008-11-241-2/+2
| | | | | added missing bus->message() hook invocation whitespace cleanups
* set message IDs on IKE_SAsMartin Willi2008-11-241-1/+17
|
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-191-3/+3
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* setting default port of own address to have a proper fallback if src addr ↵Martin Willi2008-11-181-0/+1
| | | | lookup fails
* reset IKE_SA on bus during child_sa destructionMartin Willi2008-11-141-0/+2
|
* removed some obsolete includesMartin Willi2008-11-121-11/+0
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-121-20/+4
|
* fixed compiler warnings issued by:Martin Willi2008-11-111-2/+2
| | | | | | gcc 4.3 curl.h gcc type-checking glibc with enabled FORTIFY_SOURCE checking
* fixing mediation extensionTobias Brunner2008-11-111-4/+8
|
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-111-2/+9
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-111-17/+62
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+1
|
* %any is IP family neutralAndreas Steffen2008-11-051-2/+2
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-301-0/+26
|
* moved key derivation and management into keymat objectMartin Willi2008-10-281-320/+20
| | | | | | allows secured implementation of key management (e.g. in kernel or HW) only IKE keys for now
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-24 19:50:54 +0000