aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* re-established all previous AUD level messagesAndreas Steffen2008-10-173-6/+7
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-162-15/+5
|
* reintegrated bus-refactoring branchMartin Willi2008-10-148-167/+158
|
* fixed MOBIKE roaming if clients address changesMartin Willi2008-10-091-0/+18
|
* mobike: try to keep existing source address before switching to anotherMartin Willi2008-10-082-5/+4
|
* use MOBIKE enabled DPD if we are NATedMartin Willi2008-10-064-2/+64
| | | | update SAs if we detect changes in NAT mappings
* do not run CHILD_SA delete action if rekeyingMartin Willi2008-10-031-1/+13
|
* also respect the mobike=no setting as responderMartin Willi2008-09-301-2/+13
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-251-1/+1
|
* merging modularized kernel interface back to trunkTobias Brunner2008-09-253-15/+15
|
* completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributesAndreas Steffen2008-08-261-7/+24
|
* ported parts of two-sim branchMartin Willi2008-08-222-14/+57
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* initiator sends contents of rightca= if present as a certificate request ↵Andreas Steffen2008-08-051-9/+15
| | | | without searching for further CA certificates
* completed IKE_SA logging at the AUDIT levelAndreas Steffen2008-07-233-8/+43
|
* IKE_SA rekeying inherits other_host from old IKE_SAAndreas Steffen2008-07-231-0/+3
|
* cosmeticsAndreas Steffen2008-07-231-1/+1
|
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-225-19/+43
|
* ipsec status lists IPCOMP CPIsAndreas Steffen2008-07-221-1/+1
|
* consistent logging of SPIs and CPIsAndreas Steffen2008-07-221-2/+2
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-213-20/+36
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-185-66/+72
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* fixed acquire-delay bug by:Martin Willi2008-07-161-10/+9
| | | | | installing policies before states updating policies if protocol has changed
* peer_cfg lookup takes peer addresses into accountMartin Willi2008-07-011-1/+2
|
* strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if ↵Martin Willi2008-07-011-2/+36
| | | | CHILD_SA setup in IKE_AUTH fails
* sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none foundMartin Willi2008-07-012-14/+46
|
* log received vendor id as a hex valueAndreas Steffen2008-06-271-0/+9
|
* display selected IKE proposal in ipsec statusallAndreas Steffen2008-06-221-4/+20
|
* ECDSA with OpenSSLTobias Brunner2008-06-102-6/+6
|
* DNS resolving of ike_cfg hosts dynamically on demandMartin Willi2008-06-061-1/+1
|
* filtering out non matching path probing pairs explicitlyMartin Willi2008-05-231-0/+5
|
* replying to COOKIE2 mobike notify properly4.2.2Martin Willi2008-05-211-1/+49
| | | | including COOKIE2 ourself after path probing
* IPComp for IKEv2Tobias Brunner2008-05-081-0/+112
|
* Hash and URL cosmeticsAndreas Steffen2008-04-182-11/+11
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-182-51/+230
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-154-45/+35
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implemented IKE_SA uniqueness using ipsec.conf uniqueids paramaterMartin Willi2008-04-141-0/+68
| | | | additionally supports a "keep" value to keep the old IKE_SA
* added close_action as a seperate config option to dpd_actionMartin Willi2008-04-142-7/+6
|
* fixed rightsourceip=%config scenariosMartin Willi2008-04-141-2/+5
|
* fixed disabling the sending of cert requestsAndreas Steffen2008-04-131-1/+1
|
* using dpd actions to enforce connection stateMartin Willi2008-04-113-10/+34
| | | | dpd actions a per child-, not peer ike-sa
* enabling reauthentication on mediation connectionsTobias Brunner2008-04-101-2/+24
|
* fixing a problem if the mediation server initiates the rekeyingTobias Brunner2008-04-101-2/+1
|
* mediation connections should now properly rekeyTobias Brunner2008-04-091-8/+10
|
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-092-21/+17
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* demoted more notify debug messages to level 24.2.0Andreas Steffen2008-04-022-3/+3
|
* fixing some memory leaksTobias Brunner2008-04-021-2/+17
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-1/+1
| | | | for a given certificate
* demoted received notify debug message to level 2Andreas Steffen2008-04-011-1/+1
|
* stopping connectivity checks on the responders side after receiving an ↵Tobias Brunner2008-04-011-1/+61
| | | | IKE_SA_INIT request with the proper ME_CONNECTID
* signal fixedTobias Brunner2008-03-311-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-18 19:56:13 +0000