aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-121-1/+1
|
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-113-16/+40
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-111-2/+4
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+2
|
* corrected typo2Andreas Steffen2008-11-051-2/+2
|
* corrected captionsAndreas Steffen2008-11-021-1/+1
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-302-11/+21
|
* store plain skd, not the prfMartin Willi2008-10-301-1/+0
|
* moved CHILD_SA key derivation to keymat_tMartin Willi2008-10-292-44/+41
| | | | passing key chunks to CHILD_SA, not the PRF
* do not store DH redundant in keymatMartin Willi2008-10-291-12/+11
|
* moved key derivation and management into keymat objectMartin Willi2008-10-284-65/+41
| | | | | | allows secured implementation of key management (e.g. in kernel or HW) only IKE keys for now
* store IKE proposal implicitly during derive_keysMartin Willi2008-10-281-17/+1
|
* use more generic stats getter, introducing new statsMartin Willi2008-10-271-1/+2
|
* reset threads IKE_SA after checking other IKE_SAsMartin Willi2008-10-203-0/+14
| | | | invoke updown script only if we have valid IKE_SA
* re-established all previous AUD level messagesAndreas Steffen2008-10-173-6/+7
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-162-15/+5
|
* reintegrated bus-refactoring branchMartin Willi2008-10-148-167/+158
|
* fixed MOBIKE roaming if clients address changesMartin Willi2008-10-091-0/+18
|
* mobike: try to keep existing source address before switching to anotherMartin Willi2008-10-082-5/+4
|
* use MOBIKE enabled DPD if we are NATedMartin Willi2008-10-064-2/+64
| | | | update SAs if we detect changes in NAT mappings
* do not run CHILD_SA delete action if rekeyingMartin Willi2008-10-031-1/+13
|
* also respect the mobike=no setting as responderMartin Willi2008-09-301-2/+13
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-251-1/+1
|
* merging modularized kernel interface back to trunkTobias Brunner2008-09-253-15/+15
|
* completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributesAndreas Steffen2008-08-261-7/+24
|
* ported parts of two-sim branchMartin Willi2008-08-222-14/+57
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* initiator sends contents of rightca= if present as a certificate request ↵Andreas Steffen2008-08-051-9/+15
| | | | without searching for further CA certificates
* completed IKE_SA logging at the AUDIT levelAndreas Steffen2008-07-233-8/+43
|
* IKE_SA rekeying inherits other_host from old IKE_SAAndreas Steffen2008-07-231-0/+3
|
* cosmeticsAndreas Steffen2008-07-231-1/+1
|
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-225-19/+43
|
* ipsec status lists IPCOMP CPIsAndreas Steffen2008-07-221-1/+1
|
* consistent logging of SPIs and CPIsAndreas Steffen2008-07-221-2/+2
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-213-20/+36
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-185-66/+72
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* fixed acquire-delay bug by:Martin Willi2008-07-161-10/+9
| | | | | installing policies before states updating policies if protocol has changed
* peer_cfg lookup takes peer addresses into accountMartin Willi2008-07-011-1/+2
|
* strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if ↵Martin Willi2008-07-011-2/+36
| | | | CHILD_SA setup in IKE_AUTH fails
* sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none foundMartin Willi2008-07-012-14/+46
|
* log received vendor id as a hex valueAndreas Steffen2008-06-271-0/+9
|
* display selected IKE proposal in ipsec statusallAndreas Steffen2008-06-221-4/+20
|
* ECDSA with OpenSSLTobias Brunner2008-06-102-6/+6
|
* DNS resolving of ike_cfg hosts dynamically on demandMartin Willi2008-06-061-1/+1
|
* filtering out non matching path probing pairs explicitlyMartin Willi2008-05-231-0/+5
|
* replying to COOKIE2 mobike notify properly4.2.2Martin Willi2008-05-211-1/+49
| | | | including COOKIE2 ourself after path probing
* IPComp for IKEv2Tobias Brunner2008-05-081-0/+112
|
* Hash and URL cosmeticsAndreas Steffen2008-04-182-11/+11
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-182-51/+230
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 00:59:31 +0000