aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* fixed cleanup of traffic selector listsMartin Willi2009-05-121-2/+2
|
* properly end CERT_PRE task after detecting the final authentication roundMartin Willi2009-05-121-27/+41
|
* fixed configuration payload type as responderMartin Willi2009-05-111-1/+1
|
* never send a CERT payload in EAPMartin Willi2009-05-111-13/+13
|
* Fixed EAP authentication regressionMartin Willi2009-05-111-12/+16
| | | | | Use correct nonce/init message again for EAP AUTH payload sent from responder to initiator.
* fixed memleakMartin Willi2009-05-111-0/+1
|
* initiate trapped CHILD_SAs with same reqidMartin Willi2009-05-082-3/+3
|
* make use of the new trap-managerMartin Willi2009-05-081-2/+3
|
* removing svn keyword $Id$ from all filesTobias Brunner2009-04-3034-68/+0
|
* merging changes from portability branch back to trunkTobias Brunner2009-04-306-16/+16
| | | | | important change for developers: %Y replaces %D to print identities!
* attribute_manager supports attribute_handler's to handle configuration ↵Martin Willi2009-04-241-211/+66
| | | | | | | | attributes via plugins moved resolv.conf editing to a separate plugin (resolv_conf) extended attribute_provider interface to hand out arbitrary attributes moved strongswan.conf based dns/nbns configuration to a plugin (attr)
* schedule_job uses seconds to support time values larger than 49 daysMartin Willi2009-04-213-4/+4
| | | | added schedule_job_ms for ms resolution events
* fixed IKE_SA rekeying collisionsMartin Willi2009-04-201-6/+19
|
* merged multi-auth branch back into trunkMartin Willi2009-04-1413-783/+963
|
* set port for NATD hash calculation in the "include-all" caseMartin Willi2009-03-261-0/+4
|
* updated DoxyfileMartin Willi2009-03-2417-17/+17
| | | | | | properly close all doxygen groups fixed remaining doxygen warnings
* configuration of NBNS server assignment via strongswan.confAndreas Steffen2009-02-131-3/+68
|
* configuration of DNS server assignment via strongswan.confAndreas Steffen2009-02-121-6/+29
|
* changed [4856] to dynamically choose traffic selector familyMartin Willi2009-02-111-14/+8
|
* send proper AUTHENTICATION_FAILED if EAP method is successful, but AUTH ↵Martin Willi2009-02-101-0/+6
| | | | mismatches
* proper initialization and disposal of keying materialAndreas Steffen2009-01-151-1/+3
|
* fixed a potential memory leak when reusing mobike taskMartin Willi2008-12-191-0/+4
|
* improved IKE_SA uniqueness checkTobias Brunner2008-12-161-65/+3
|
* limit number of ADDITIONAL_IPV*_ADDR notifiesMartin Willi2008-12-091-4/+9
|
* some task queueing improvements:Martin Willi2008-12-016-40/+164
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* pass SKd to derive_ike_keys() to have a more interoperable APIMartin Willi2008-11-281-29/+38
|
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-192-72/+142
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-121-1/+1
|
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-113-16/+40
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-111-2/+4
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-051-0/+2
|
* corrected typo2Andreas Steffen2008-11-051-2/+2
|
* corrected captionsAndreas Steffen2008-11-021-1/+1
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-302-11/+21
|
* store plain skd, not the prfMartin Willi2008-10-301-1/+0
|
* moved CHILD_SA key derivation to keymat_tMartin Willi2008-10-292-44/+41
| | | | passing key chunks to CHILD_SA, not the PRF
* do not store DH redundant in keymatMartin Willi2008-10-291-12/+11
|
* moved key derivation and management into keymat objectMartin Willi2008-10-284-65/+41
| | | | | | allows secured implementation of key management (e.g. in kernel or HW) only IKE keys for now
* store IKE proposal implicitly during derive_keysMartin Willi2008-10-281-17/+1
|
* use more generic stats getter, introducing new statsMartin Willi2008-10-271-1/+2
|
* reset threads IKE_SA after checking other IKE_SAsMartin Willi2008-10-203-0/+14
| | | | invoke updown script only if we have valid IKE_SA
* re-established all previous AUD level messagesAndreas Steffen2008-10-173-6/+7
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-162-15/+5
|
* reintegrated bus-refactoring branchMartin Willi2008-10-148-167/+158
|
* fixed MOBIKE roaming if clients address changesMartin Willi2008-10-091-0/+18
|
* mobike: try to keep existing source address before switching to anotherMartin Willi2008-10-082-5/+4
|
* use MOBIKE enabled DPD if we are NATedMartin Willi2008-10-064-2/+64
| | | | update SAs if we detect changes in NAT mappings
* do not run CHILD_SA delete action if rekeyingMartin Willi2008-10-031-1/+13
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 22:58:46 +0000