aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* DNS resolving of ike_cfg hosts dynamically on demandMartin Willi2008-06-061-1/+1
|
* filtering out non matching path probing pairs explicitlyMartin Willi2008-05-231-0/+5
|
* replying to COOKIE2 mobike notify properly4.2.2Martin Willi2008-05-211-1/+49
| | | | including COOKIE2 ourself after path probing
* IPComp for IKEv2Tobias Brunner2008-05-081-0/+112
|
* Hash and URL cosmeticsAndreas Steffen2008-04-182-11/+11
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-182-51/+230
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-154-45/+35
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implemented IKE_SA uniqueness using ipsec.conf uniqueids paramaterMartin Willi2008-04-141-0/+68
| | | | additionally supports a "keep" value to keep the old IKE_SA
* added close_action as a seperate config option to dpd_actionMartin Willi2008-04-142-7/+6
|
* fixed rightsourceip=%config scenariosMartin Willi2008-04-141-2/+5
|
* fixed disabling the sending of cert requestsAndreas Steffen2008-04-131-1/+1
|
* using dpd actions to enforce connection stateMartin Willi2008-04-113-10/+34
| | | | dpd actions a per child-, not peer ike-sa
* enabling reauthentication on mediation connectionsTobias Brunner2008-04-101-2/+24
|
* fixing a problem if the mediation server initiates the rekeyingTobias Brunner2008-04-101-2/+1
|
* mediation connections should now properly rekeyTobias Brunner2008-04-091-8/+10
|
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-092-21/+17
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* demoted more notify debug messages to level 24.2.0Andreas Steffen2008-04-022-3/+3
|
* fixing some memory leaksTobias Brunner2008-04-021-2/+17
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-1/+1
| | | | for a given certificate
* demoted received notify debug message to level 2Andreas Steffen2008-04-011-1/+1
|
* stopping connectivity checks on the responders side after receiving an ↵Tobias Brunner2008-04-011-1/+61
| | | | IKE_SA_INIT request with the proper ME_CONNECTID
* signal fixedTobias Brunner2008-03-311-2/+2
|
* changed error messageAndreas Steffen2008-03-291-1/+1
|
* checking the size of ME_* notify payloadsTobias Brunner2008-03-271-8/+1
|
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-266-154/+154
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-262-6/+6
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* added support for certificate requests for not yet known CAsMartin Willi2008-03-201-5/+6
|
* attempt to achieve consistent debugging outputAndreas Steffen2008-03-193-27/+27
|
* two small fixesTobias Brunner2008-03-131-1/+1
|
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-1335-788/+875
|
* improved P2P_NAT debuggingAndreas Steffen2008-02-271-2/+2
|
* implemented Expanded EAP types to support vendor specific methodsMartin Willi2007-12-131-3/+5
|
* removed c++ style comments4.1.9Martin Willi2007-12-041-51/+42
| | | | | fixed compiler warnings
* fixed mobike/auth_lifetime in conjunction with p2p-nattMartin Willi2007-12-042-6/+6
|
* removed redundant server reflexive endpoint debug messageAndreas Steffen2007-12-041-1/+0
|
* improved P2P_ENDPOINT debuggingAndreas Steffen2007-12-032-1/+5
|
* moved AUTH_LIFETIME handling in its own task (cleaner separation, proper ↵Martin Willi2007-12-035-23/+265
| | | | payload order)
* implemented RFC4478 (repeated authentication)Martin Willi2007-11-201-0/+27
| | | | | changed %V printf handler to take a time delta, %#V now takes two arguments
* experimental P2P-NAT-T for IKEv2 merged back from branchTobias Brunner2007-10-035-2/+987
|
* ID payload with explicit payload typeTobias Brunner2007-10-021-2/+2
|
* moved force_encap to ike_config, enables responder to enforce udp encapsulationMartin Willi2007-10-011-8/+9
| | | | fixed bugs in force_encap code
* implemented IKEv2 force_encap connection parameterMartin Willi2007-10-011-3/+37
| | | | | enforces UDP encapsulation by faking NAT detection payloads to hurdle restrictive firewalls
* implemented more aggressive MOBIKE path probingMartin Willi2007-09-282-0/+17
| | | | | do not queue more than one MOBIKE task
* improved MOBIKE roaming between interfacesMartin Willi2007-09-241-11/+4
|
* connection name to IKE_SA initiatingAndreas Steffen2007-09-152-2/+3
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-152-5/+5
|
* log name of established IKE_SAAndreas Steffen2007-09-151-4/+8
|
* log name of established CHILD_SAAndreas Steffen2007-09-151-2/+4
|
* only switch to port 4500 if we are on 500: fixed reauthentication in NAT Martin Willi2007-09-121-2/+9
| | | | scenarios
* moving virtual IP when interface changes due mobikeMartin Willi2007-09-121-0/+11
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 12:54:31 +0000