aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
...
* support for transport in create_child_saMartin Willi2007-01-082-6/+11
| | | | include TRANSPORT/TUNNEL information in statusall
* fixed typoAndreas Steffen2007-01-041-1/+1
|
* fixed reuathentication when connections other host is %anyMartin Willi2007-01-032-10/+18
|
* added support for transport mode and (experimental!) BEET modeMartin Willi2006-12-215-77/+347
| | | | | support for the type=transport/tunnel parameter in charon
* implemented reauthentication using the new reauth=yes|no parameter Martin Willi2006-12-196-44/+118
|
* log IKE SPIs on a separate lineAndreas Steffen2006-11-011-3/+3
|
* redesigned formatting of ipsec status|statusallAndreas Steffen2006-11-013-19/+28
|
* some fixes for doxygenMartin Willi2006-10-313-8/+8
|
* better split up of library files "types.h" & "definitions.h"Martin Willi2006-10-3113-89/+40
| | | | | | | | | centralized all printf specifier character definitions reuse of arginfo handlers more cleanups fixed more AMD64 issues added DEBUG_LEVEL compile flag to exclude DBGn() statements
* preparations to include certreqs in policy decisionsAndreas Steffen2006-10-313-10/+28
|
* moved (myself) in log outputAndreas Steffen2006-10-311-1/+1
|
* moved typedefs to beginning of files to solve some include problemsMartin Willi2006-10-3026-617/+828
| | | | | | | splitted authenticator to have a separate implementation for each auth_method_t using va_copy to clone va_lists, should fix proplems on AMD64 some other cleanups
* fixed SIGSEGV when setup of an additional CHILD_SA failsMartin Willi2006-10-301-2/+8
|
* changed debug level of certreq log outputAndreas Steffen2006-10-291-13/+9
|
* support of certreq payload in IKE_AUTH messagesAndreas Steffen2006-10-281-12/+53
|
* send a certreq as initiator if other_ca is setAndreas Steffen2006-10-281-2/+19
|
* some improvements in signaling codeMartin Willi2006-10-273-8/+52
|
* include only source NATD payloads really neededMartin Willi2006-10-271-7/+17
|
* improved signal handling and emittingMartin Willi2006-10-2610-292/+384
|
* removed deprecated iterator methods (has_next & current)Martin Willi2006-10-2411-138/+122
| | | | added iterator hook to manipulate iterator the clean way
* linked list cleanupsMartin Willi2006-10-246-193/+73
| | | | | added list methods invoke(), destroy_offset(), destroy_function() simplified list destruction when destroying its items
* code cleanups in printf handlersMartin Willi2006-10-201-30/+27
|
* introduced new logging subsystem using bus:Martin Willi2006-10-1817-1092/+677
| | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more...
* fixed DPD to survive IKE_SA rekeyingMartin Willi2006-09-281-1/+1
|
* introduced printf() specifiers for:Martin Willi2006-09-276-70/+66
| | | | | | | | | | | host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
* fixed retransmission policy for responderMartin Willi2006-09-253-9/+9
|
* fixed dpd for responderMartin Willi2006-09-253-0/+19
|
* added hostaccess supportAndreas Steffen2006-09-251-0/+2
|
* moved auth_method to policyAndreas Steffen2006-09-251-5/+7
|
* added hostaccess supportAndreas Steffen2006-09-251-3/+5
|
* added hostaccess supportAndreas Steffen2006-09-251-1/+2
|
* more consistent authentication loggingAndreas Steffen2006-09-251-44/+33
|
* added hostaccess supportAndreas Steffen2006-09-251-4/+11
|
* added HOST_ACCESS for firewall script as defaultMartin Willi2006-09-181-0/+1
|
* more debugging output for PSK authenticationMartin Willi2006-09-181-3/+11
|
* added PSK supportAndreas Steffen2006-09-183-140/+156
|
* handle certificate parsing error more generousMartin Willi2006-09-141-9/+16
|
* fixed memleak when receiving invalid certificateMartin Willi2006-09-141-0/+1
|
* implemented updown script to handle firewallingMartin Willi2006-09-125-19/+191
|
* add priority management for kernel policyMartin Willi2006-09-086-165/+231
| | | | | | | let ROUTED policies installed, until manuall removed introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs ike_sa_manager cleanups
* implemented handling of dpdaction and dpddelay ipsec.conf parametersMartin Willi2006-09-084-15/+96
|
* reuse reqid when a ROUTED child_sa gets INSTALLEDMartin Willi2006-09-059-54/+183
| | | | | | | | | fixed a bug in retransmission code added support for the "keyingtries" ipsec.conf parameter added support for the "dpddelay" ipsec.conf parameter done some work for "dpdaction" behavior some other cleanups and fixes
* fixed a at-least-one-year-old bug which caused crashed in the schedulerMartin Willi2006-08-311-1/+1
|
* implemented NAT detection for IPv6Martin Willi2006-08-311-36/+19
|
* initial support for IPv6 (more testing needed)Martin Willi2006-08-302-3/+5
| | | | | | | | | socket works (without v6 filter) traffic selector handle IPv4/v4 cleanly improvements in traffic selector code kernel interface accepts v6 traffic selectors and hosts host_t class has full IPv6 support
* moved interface enumeration code to socket, where it belongsMartin Willi2006-08-282-4/+7
| | | | | query interfaces every time we need it to respect changes in network config added address listing on startup and "ipsec statusall"
* added name property in CHILD_SA, allows proper status outputMartin Willi2006-08-255-14/+75
|
* (no commit message)Martin Willi2006-08-251-5/+0
|
* fixed bug which prevented port float when nat is detectedMartin Willi2006-08-251-0/+8
|
* fixed rekeying behavior when proposing an inacceptable DH group ↵4.0.3Martin Willi2006-08-232-35/+26
| | | | (INVALID_KE_PAYLOAD)
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-10 22:36:25 +0000