aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks/child_create.c
Commit message (Collapse)AuthorAgeFilesLines
* some task queueing improvements:Martin Willi2008-12-011-0/+2
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-191-71/+141
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-111-8/+10
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-111-2/+4
|
* corrected typo2Andreas Steffen2008-11-051-2/+2
|
* corrected captionsAndreas Steffen2008-11-021-1/+1
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-301-11/+13
|
* store plain skd, not the prfMartin Willi2008-10-301-1/+0
|
* moved CHILD_SA key derivation to keymat_tMartin Willi2008-10-291-42/+39
| | | | passing key chunks to CHILD_SA, not the PRF
* moved key derivation and management into keymat objectMartin Willi2008-10-281-2/+4
| | | | | | allows secured implementation of key management (e.g. in kernel or HW) only IKE keys for now
* re-established all previous AUD level messagesAndreas Steffen2008-10-171-2/+2
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-161-15/+4
|
* reintegrated bus-refactoring branchMartin Willi2008-10-141-48/+44
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-251-1/+1
|
* cosmeticsAndreas Steffen2008-07-231-1/+1
|
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-221-6/+18
|
* ipsec status lists IPCOMP CPIsAndreas Steffen2008-07-221-1/+1
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-211-5/+14
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-181-26/+30
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* fixed acquire-delay bug by:Martin Willi2008-07-161-10/+9
| | | | | installing policies before states updating policies if protocol has changed
* strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if ↵Martin Willi2008-07-011-2/+36
| | | | CHILD_SA setup in IKE_AUTH fails
* sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none foundMartin Willi2008-07-011-13/+42
|
* IPComp for IKEv2Tobias Brunner2008-05-081-0/+112
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-151-7/+6
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-091-2/+1
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-261-3/+3
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-9/+4
|
* connection name to IKE_SA initiatingAndreas Steffen2007-09-151-1/+1
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-151-1/+1
|
* log name of established CHILD_SAAndreas Steffen2007-09-151-2/+4
|
* fixed responder initiated CHILD_SA rekeying when using virtual IPsMartin Willi2007-07-041-11/+45
|
* further MOBIKE stuff:Martin Willi2007-06-211-12/+11
| | | | | | | | | kernel properly reports network reconfiguration and informs all IKE_SAs MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange reestablishment of IKE_SAs on network reconfiguration kinda works not stable yet!
* support for virtual IP definition on client side:Martin Willi2007-05-221-1/+3
| | | | | | | if leftsourceip is defined, it is requested. server may define rightsourceip=%config to accept any, or it may overwrite it using rightsourceip. if server does not return an IP, client enforces its configured leftsourceip.
* added PDF support for CHILD_SAsMartin Willi2007-04-191-17/+141
| | | | support for INVALID_KE_PAYLOAD negotiation for rekeying
* restructured file layoutMartin Willi2007-04-101-54/+53
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* added CHILD_SA compare check for rekeying collisions Martin Willi2007-03-221-5/+1
|
* fixed child rekey collisionMartin Willi2007-03-211-0/+17
| | | | | implemented ike rekey collision
* handling of CHILD_SA rekeying collisionsMartin Willi2007-03-211-7/+29
|
* fixed some exchange collisions (except IKE/CHILD rekeying)Martin Willi2007-03-201-0/+7
|
* handling "No policy found" properlyMartin Willi2007-03-081-4/+4
|
* fixed CHILD_SA creation within existing IKE_SAMartin Willi2007-03-081-0/+1
|
* ported changes from EAP branch, renabling EAP frameworkMartin Willi2007-03-081-0/+24
|
* fixed notify handling in IKE_AUTHMartin Willi2007-03-061-12/+24
| | | | moved nonce payload before TS in CHILD_SA setup
* some cleanupsMartin Willi2007-03-051-8/+6
| | | | | | not assigning %any virtual IPs to peer anymore
* fixed double free bugMartin Willi2007-03-051-3/+10
|
* added firewalling support when using virtual IPsMartin Willi2007-03-011-1/+3
|
* merged tasking branch into trunkMartin Willi2007-02-281-0/+718
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 13:27:36 +0000