aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks/ike_auth.c
Commit message (Collapse)AuthorAgeFilesLines
* Moving charon to libcharon.Tobias Brunner2010-03-191-1041/+0
|
* Do not build own authentication data before we've verified others, we need ↵4.3.6Martin Willi2010-02-091-28/+33
| | | | the other identity in EAP
* log EAP-only authentication proposalAndreas Steffen2010-01-111-3/+5
|
* Support EAP-only authentication for mutual and key deriving EAP methodsMartin Willi2010-01-071-31/+54
|
* Indicate and dected support for EAP-only authenticationMartin Willi2010-01-071-7/+23
|
* Store completed authentication rounds permanently on IKE_SA, with flush optionMartin Willi2009-12-011-41/+14
|
* Moved set_state after the DBG0 statement, so that the message gets logged ↵Tobias Brunner2009-09-041-2/+2
| | | | also for mediation connections without CHILD_SA.
* removed trailing spaces ([[:space:]]+$)Martin Willi2009-09-041-77/+77
|
* implemented ike_up() bus hookMartin Willi2009-07-091-0/+2
|
* Fixed EAP authentication regressionMartin Willi2009-05-111-12/+16
| | | | | Use correct nonce/init message again for EAP AUTH payload sent from responder to initiator.
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-301-2/+0
|
* merging changes from portability branch back to trunkTobias Brunner2009-04-301-3/+3
| | | | | important change for developers: %Y replaces %D to print identities!
* merged multi-auth branch back into trunkMartin Willi2009-04-141-467/+632
|
* send proper AUTHENTICATION_FAILED if EAP method is successful, but AUTH ↵Martin Willi2009-02-101-0/+6
| | | | mismatches
* improved IKE_SA uniqueness checkTobias Brunner2008-12-161-65/+3
|
* reset threads IKE_SA after checking other IKE_SAsMartin Willi2008-10-201-0/+2
| | | | invoke updown script only if we have valid IKE_SA
* reintegrated bus-refactoring branchMartin Willi2008-10-141-52/+52
|
* ported parts of two-sim branchMartin Willi2008-08-221-13/+51
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-221-4/+4
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-211-12/+16
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-181-22/+22
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* peer_cfg lookup takes peer addresses into accountMartin Willi2008-07-011-1/+2
|
* ECDSA with OpenSSLTobias Brunner2008-06-101-5/+5
|
* implemented IKE_SA uniqueness using ipsec.conf uniqueids paramaterMartin Willi2008-04-141-0/+68
| | | | additionally supports a "keep" value to keep the old IKE_SA
* demoted more notify debug messages to level 24.2.0Andreas Steffen2008-04-021-1/+1
|
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-261-2/+2
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* attempt to achieve consistent debugging outputAndreas Steffen2008-03-191-21/+21
|
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-131-19/+24
|
* implemented Expanded EAP types to support vendor specific methodsMartin Willi2007-12-131-3/+5
|
* improved P2P_ENDPOINT debuggingAndreas Steffen2007-12-031-0/+3
|
* moved AUTH_LIFETIME handling in its own task (cleaner separation, proper ↵Martin Willi2007-12-031-23/+1
| | | | payload order)
* implemented RFC4478 (repeated authentication)Martin Willi2007-11-201-0/+27
| | | | | changed %V printf handler to take a time delta, %#V now takes two arguments
* ID payload with explicit payload typeTobias Brunner2007-10-021-2/+2
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-151-4/+4
|
* log name of established IKE_SAAndreas Steffen2007-09-151-4/+8
|
* further MOBIKE stuff:Martin Willi2007-06-211-1/+6
| | | | | | | | | kernel properly reports network reconfiguration and informs all IKE_SAs MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange reestablishment of IKE_SAs on network reconfiguration kinda works not stable yet!
* support of CA-based ipsec policiesAndreas Steffen2007-05-181-9/+11
|
* adapted authentication failure text to those in the authenticatorsAndreas Steffen2007-05-151-3/+3
|
* restructuring of configuration backendsMartin Willi2007-04-271-1/+1
| | | | | | | | | added propotypes of new control interfaces (xml & dbus) introduced loadable: configuration backends control interfaces using pluggable modules as in EAP
* properly checking received IDr as initiatorMartin Willi2007-04-251-1/+8
|
* edited comment and debug outputAndreas Steffen2007-04-101-3/+3
|
* restructured file layoutMartin Willi2007-04-101-17/+30
| | | | | | | | | new configuration structure: peer_cfg: configuration related to a peer (authenitcation, ...= ike_cfg: config to use for IKE setup (proposals) child_Cfg: config for CHILD_SA (proposals, traffic selectors) a peer_cfg has one ike_cfg and multiple child_cfg's stroke now uses fixed count of threads
* fixed state and logging of IKE_SA when using EAP authenticationMartin Willi2007-03-271-5/+16
|
* fixed memleaks when using EAP authenticationMartin Willi2007-03-081-39/+56
| | | | | fixed configuration payloads when using EAP
* implemented cookies as initiatorMartin Willi2007-03-081-1/+4
| | | | proper logging of notifies in IKE_SA setup
* some cleanupsMartin Willi2007-03-081-10/+6
| | | | | not installing %any DNS servers
* allocation fixes, not completeMartin Willi2007-03-081-8/+16
|
* ported changes from EAP branch, renabling EAP frameworkMartin Willi2007-03-081-126/+347
|
* fixed notify handling in IKE_AUTHMartin Willi2007-03-061-4/+1
| | | | moved nonce payload before TS in CHILD_SA setup
* fixed double free bugMartin Willi2007-03-051-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 21:09:24 +0000