aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* also respect the mobike=no setting as responderMartin Willi2008-09-301-2/+13
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-251-1/+1
|
* merging modularized kernel interface back to trunkTobias Brunner2008-09-253-15/+15
|
* completed support of AUTHZ_CA_CERT and AUTHZ_CA_CERT_NAME attributesAndreas Steffen2008-08-261-7/+24
|
* ported parts of two-sim branchMartin Willi2008-08-222-14/+57
| | | | | | eap_identity parameter to exchange in eap_identity some auth_info/peer_cfg refactorings fixed some bugs, introduced new ones
* initiator sends contents of rightca= if present as a certificate request ↵Andreas Steffen2008-08-051-9/+15
| | | | without searching for further CA certificates
* completed IKE_SA logging at the AUDIT levelAndreas Steffen2008-07-233-8/+43
|
* IKE_SA rekeying inherits other_host from old IKE_SAAndreas Steffen2008-07-231-0/+3
|
* cosmeticsAndreas Steffen2008-07-231-1/+1
|
* some more changes to IKE_SA and CHILD_SA loggingAndreas Steffen2008-07-225-19/+43
|
* ipsec status lists IPCOMP CPIsAndreas Steffen2008-07-221-1/+1
|
* consistent logging of SPIs and CPIsAndreas Steffen2008-07-221-2/+2
|
* consistent logging of IKE and CHILD SAsAndreas Steffen2008-07-213-20/+36
|
* introduced an additional bus->signal parameter for signal specific dataMartin Willi2008-07-185-66/+72
| | | | added SIG_IKE/SIG_CHD macros for signal emitting
* fixed acquire-delay bug by:Martin Willi2008-07-161-10/+9
| | | | | installing policies before states updating policies if protocol has changed
* peer_cfg lookup takes peer addresses into accountMartin Willi2008-07-011-1/+2
|
* strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if ↵Martin Willi2008-07-011-2/+36
| | | | CHILD_SA setup in IKE_AUTH fails
* sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none foundMartin Willi2008-07-012-14/+46
|
* log received vendor id as a hex valueAndreas Steffen2008-06-271-0/+9
|
* display selected IKE proposal in ipsec statusallAndreas Steffen2008-06-221-4/+20
|
* ECDSA with OpenSSLTobias Brunner2008-06-102-6/+6
|
* DNS resolving of ike_cfg hosts dynamically on demandMartin Willi2008-06-061-1/+1
|
* filtering out non matching path probing pairs explicitlyMartin Willi2008-05-231-0/+5
|
* replying to COOKIE2 mobike notify properly4.2.2Martin Willi2008-05-211-1/+49
| | | | including COOKIE2 ourself after path probing
* IPComp for IKEv2Tobias Brunner2008-05-081-0/+112
|
* Hash and URL cosmeticsAndreas Steffen2008-04-182-11/+11
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-182-51/+230
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-154-45/+35
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implemented IKE_SA uniqueness using ipsec.conf uniqueids paramaterMartin Willi2008-04-141-0/+68
| | | | additionally supports a "keep" value to keep the old IKE_SA
* added close_action as a seperate config option to dpd_actionMartin Willi2008-04-142-7/+6
|
* fixed rightsourceip=%config scenariosMartin Willi2008-04-141-2/+5
|
* fixed disabling the sending of cert requestsAndreas Steffen2008-04-131-1/+1
|
* using dpd actions to enforce connection stateMartin Willi2008-04-113-10/+34
| | | | dpd actions a per child-, not peer ike-sa
* enabling reauthentication on mediation connectionsTobias Brunner2008-04-101-2/+24
|
* fixing a problem if the mediation server initiates the rekeyingTobias Brunner2008-04-101-2/+1
|
* mediation connections should now properly rekeyTobias Brunner2008-04-091-8/+10
|
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-092-21/+17
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* demoted more notify debug messages to level 24.2.0Andreas Steffen2008-04-022-3/+3
|
* fixing some memory leaksTobias Brunner2008-04-021-2/+17
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-1/+1
| | | | for a given certificate
* demoted received notify debug message to level 2Andreas Steffen2008-04-011-1/+1
|
* stopping connectivity checks on the responders side after receiving an ↵Tobias Brunner2008-04-011-1/+61
| | | | IKE_SA_INIT request with the proper ME_CONNECTID
* signal fixedTobias Brunner2008-03-311-2/+2
|
* changed error messageAndreas Steffen2008-03-291-1/+1
|
* checking the size of ME_* notify payloadsTobias Brunner2008-03-271-8/+1
|
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-266-154/+154
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-262-6/+6
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* added support for certificate requests for not yet known CAsMartin Willi2008-03-201-5/+6
|
* attempt to achieve consistent debugging outputAndreas Steffen2008-03-193-27/+27
|
* two small fixesTobias Brunner2008-03-131-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 07:49:04 +0000