aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-1335-788/+875
|
* improved P2P_NAT debuggingAndreas Steffen2008-02-271-2/+2
|
* implemented Expanded EAP types to support vendor specific methodsMartin Willi2007-12-131-3/+5
|
* removed c++ style comments4.1.9Martin Willi2007-12-041-51/+42
| | | | | fixed compiler warnings
* fixed mobike/auth_lifetime in conjunction with p2p-nattMartin Willi2007-12-042-6/+6
|
* removed redundant server reflexive endpoint debug messageAndreas Steffen2007-12-041-1/+0
|
* improved P2P_ENDPOINT debuggingAndreas Steffen2007-12-032-1/+5
|
* moved AUTH_LIFETIME handling in its own task (cleaner separation, proper ↵Martin Willi2007-12-035-23/+265
| | | | payload order)
* implemented RFC4478 (repeated authentication)Martin Willi2007-11-201-0/+27
| | | | | changed %V printf handler to take a time delta, %#V now takes two arguments
* experimental P2P-NAT-T for IKEv2 merged back from branchTobias Brunner2007-10-035-2/+987
|
* ID payload with explicit payload typeTobias Brunner2007-10-021-2/+2
|
* moved force_encap to ike_config, enables responder to enforce udp encapsulationMartin Willi2007-10-011-8/+9
| | | | fixed bugs in force_encap code
* implemented IKEv2 force_encap connection parameterMartin Willi2007-10-011-3/+37
| | | | | enforces UDP encapsulation by faking NAT detection payloads to hurdle restrictive firewalls
* implemented more aggressive MOBIKE path probingMartin Willi2007-09-282-0/+17
| | | | | do not queue more than one MOBIKE task
* improved MOBIKE roaming between interfacesMartin Willi2007-09-241-11/+4
|
* connection name to IKE_SA initiatingAndreas Steffen2007-09-152-2/+3
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-152-5/+5
|
* log name of established IKE_SAAndreas Steffen2007-09-151-4/+8
|
* log name of established CHILD_SAAndreas Steffen2007-09-151-2/+4
|
* only switch to port 4500 if we are on 500: fixed reauthentication in NAT Martin Willi2007-09-121-2/+9
| | | | scenarios
* moving virtual IP when interface changes due mobikeMartin Willi2007-09-121-0/+11
|
* fixed NAT detection with mobikeMartin Willi2007-09-122-7/+7
|
* implemented routeability checks for mobike (experimental)Martin Willi2007-09-032-14/+110
|
* added mobike=yes|no connection optionMartin Willi2007-08-291-11/+18
| | | | | | | yes: include mobike support notifies as initiator no: only enable mobike as responder when initiator supports it default: yes
* not touching IKE_SA_INIT from ike_mobike_t anymoreMartin Willi2007-07-191-1/+1
|
* fixed payload order (Nonce, KE) for IKE_SA_INITMartin Willi2007-07-161-3/+11
|
* fixed responder initiated CHILD_SA rekeying when using virtual IPsMartin Willi2007-07-041-11/+45
|
* improved MOBIKE:Martin Willi2007-07-032-36/+80
| | | | | | | | prefer address family already used do not change address implicit when mobike supported handle multiple simultaneous roaming requests more properly proper enabling/disabling of UDP encapsulation
* DBG1 level for 'peer supports MOBIKE' debug messageAndreas Steffen2007-07-021-1/+1
|
* further mobike improvements, regarding to NAT-TMartin Willi2007-06-272-18/+49
|
* simple roaming of the client works (not MOBIKE conform yet!)Martin Willi2007-06-261-8/+9
|
* further fixed for mobike roamingMartin Willi2007-06-251-3/+48
|
* further MOBIKE stuff:Martin Willi2007-06-219-21/+412
| | | | | | | | | kernel properly reports network reconfiguration and informs all IKE_SAs MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange reestablishment of IKE_SAs on network reconfiguration kinda works not stable yet!
* added extensions management to IKE_SAMartin Willi2007-06-181-0/+3
| | | | fixed NATD payload (port) when using route lookup
* source address lookup in kernel interfaceMartin Willi2007-06-181-17/+33
| | | | | | use it for NAT detection if no source address known from config support for %any...%any connections
* implemented address change notification (for MOBIKE)Martin Willi2007-06-141-6/+5
| | | | | implemented up to date address list cache to list interfaces
* added missing files to the last commitMartin Willi2007-06-142-0/+232
|
* proper reauthentication:Martin Willi2007-06-142-2/+5
| | | | | IKE_SA is closed completely before the new is initiated, resolves some issues when a dynamic IP is requested from a pool
* introduced callback_job:Martin Willi2007-06-112-3/+3
| | | | | | | | | | | | simple asynchronous method invocation use daemons thread pool for all threads proper cancellation and cleanups cancellation mechanism to dynamically unload multithreaded code unified event_queue and scheduler => scheduler unified job_queue and thread_pool => processor removed job_type_t, not really needed fixes here, there and everywhere
* removed misleading warning when rekeyingMartin Willi2007-05-231-1/+0
|
* support for virtual IP definition on client side:Martin Willi2007-05-222-4/+13
| | | | | | | if leftsourceip is defined, it is requested. server may define rightsourceip=%config to accept any, or it may overwrite it using rightsourceip. if server does not return an IP, client enforces its configured leftsourceip.
* fixed memleakMartin Willi2007-05-221-0/+1
|
* support of CA-based ipsec policiesAndreas Steffen2007-05-181-9/+11
|
* cosmeticsAndreas Steffen2007-05-151-5/+5
|
* adapted authentication failure text to those in the authenticatorsAndreas Steffen2007-05-151-3/+3
|
* cosmeticsAndreas Steffen2007-05-151-9/+7
|
* properly implemented interface_managers initiate, terminte_[ike|child]Martin Willi2007-05-091-0/+22
| | | | | proper thread release when stroke is CTRL+C'ed fixed some permission issues
* restructuring of configuration backendsMartin Willi2007-04-271-1/+1
| | | | | | | | | added propotypes of new control interfaces (xml & dbus) introduced loadable: configuration backends control interfaces using pluggable modules as in EAP
* properly checking received IDr as initiatorMartin Willi2007-04-251-1/+8
|
* added PDF support for CHILD_SAsMartin Willi2007-04-194-106/+227
| | | | support for INVALID_KE_PAYLOAD negotiation for rekeying
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-28 10:11:17 +0000