aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
...
* added CHILD_SA states, which allows us to detect further simultaneous ↵Martin Willi2006-07-1317-131/+238
| | | | | | | transactions reimplemented the buggy message id handling
* updated some inline docsMartin Willi2006-07-123-2/+36
|
* fixed crypter/signer in/out to conform with standardMartin Willi2006-07-121-9/+9
|
* fixed payload orderMartin Willi2006-07-121-5/+4
|
* added policy cache to kernel interfaceMartin Willi2006-07-124-156/+50
| | | | | | allows refcounting of multiple installed policies finally brings us stable simultaneous rekeying
* leak detective blanks memory on free & alloc, allows further membug detectionMartin Willi2006-07-121-1/+1
|
* identification_t.matches() supports multiple wildcard countsAndreas Steffen2006-07-111-8/+10
|
* further work done for simultaneous rekeying/deleteMartin Willi2006-07-106-49/+236
| | | | | still some cases which cause trouble
* updated copyright informationMartin Willi2006-07-0711-11/+22
|
* reimplemented CHILD_SA rekeying & deleteMartin Willi2006-07-0713-248/+1516
| | | | | no simultanous transaction with CHILD_SAs yet!
* improved CHILD_SA output for "ipsec statusall"Martin Willi2006-07-051-61/+106
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-0537-7598/+4353
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* applied latest NATT patch with some fixes and cleanupsMartin Willi2006-07-041-1/+1
|
* log entries start with lowcercase characterAndreas Steffen2006-07-041-23/+27
|
* fixed natd_hash memory leakAndreas Steffen2006-07-031-2/+7
|
* support of cert payloadsAndreas Steffen2006-07-039-470/+661
|
* lowercase log entriesAndreas Steffen2006-07-031-1/+1
|
* applied new changes from NATT teamMartin Willi2006-06-237-33/+232
| | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there
* first merge of NATT codeMartin Willi2006-06-2211-114/+1175
|
* fixed bug: usage of already freed memMartin Willi2006-06-201-1/+2
|
* fixed SPI when acting as initiator of rekeyingMartin Willi2006-06-191-2/+2
|
* fixed SPI when rekeying and deleting CHILD_SAsMartin Willi2006-06-195-14/+19
|
* change key derivation order to fullfill RFCMartin Willi2006-06-191-11/+26
|
* (no commit message)Martin Willi2006-06-161-5/+5
|
* fixed aes code, we support now aes128, aes192, aes256 in IKEMartin Willi2006-06-151-6/+6
|
* added support for "ike" and "esp" keywordsMartin Willi2006-06-153-16/+16
| | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes
* implemented clean spi allocation behavior when using multiple proposalsMartin Willi2006-06-151-35/+104
|
* debug and logging improvementsMartin Willi2006-06-131-3/+3
|
* using same reqid if a child sa rekeys an existing oneMartin Willi2006-06-126-18/+35
|
* cosmeticsAndreas Steffen2006-06-122-53/+53
|
* workaround for peers rekeying at the same timeMartin Willi2006-06-125-6/+41
| | | | | loading lifetime policies from ipsec.conf
* old child_sa gets deleted after rekeyingMartin Willi2006-06-099-43/+462
| | | | | | rekeying almost complete, but: IKE_SA get in an invalid state when both initiate rekeying at the same time,
* improved kernel interface loggingMartin Willi2006-06-091-7/+4
|
* specifying keysize in bits, as it is required in IKEv2Martin Willi2006-06-092-60/+25
| | | | | | added generic kernel SA algorithm handling, which brings us: aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
* fixed compile warnings when using -WallMartin Willi2006-06-0810-186/+804
| | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing
* further work for rekeying:Martin Willi2006-06-0713-618/+883
| | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals
* fixed a memleakMartin Willi2006-06-071-1/+5
|
* job management:Martin Willi2006-05-316-74/+121
| | | | | | | | | | | | | moved job code from thread_pool to job, jobs have an "execute" method now added two new jobs: delete_child_sa & rekey_child_sa kernel interface: listens now for ACQUIRE & EXPIRE supports hard and soft lifetimes fires jobs for delete and rekey child sa ike sa manager: can checkout IKE SAs by requid of owned CHILD SAs we have now the infrastructure to do the rekeying... :-)
* - fixed some memleaks/freebugsMartin Willi2006-05-311-0/+1
| | | | | - leak detective works almost usable now (?!)
* - fixed host-host tunnel traffic selection, host-host works nowMartin Willi2006-05-313-2/+6
|
* cosmetics in log_status outputAndreas Steffen2006-05-301-1/+1
|
* use of streqAndreas Steffen2006-05-301-1/+1
|
* lookup of private key based on keyid of public keyAndreas Steffen2006-05-301-24/+47
|
* - policies contain a connections name nowMartin Willi2006-05-294-44/+54
| | | | | | | | - used for initiate and delete - connections won't get initiated twice anymore - deleting of connections is now possible, which allows us to use ipsec update and ipsec reload
* changed to standard connection log outputAndreas Steffen2006-05-291-4/+7
|
* - some logging improvements and cosmeticsMartin Willi2006-05-243-5/+15
|
* - handle IKE_SA setup without a piggy-packed CHILD_SAMartin Willi2006-05-242-40/+67
| | | | | more IKEv2 conform
* - initiate IKE_SA deletion befor manager destructionMartin Willi2006-05-241-7/+14
|
* - show connection templates in status & statusallMartin Willi2006-05-233-4/+6
| | | | | - don't complain on termination of IKEv1 connections
* - reimplemented proper IKE SA deletion using a seperate state,Martin Willi2006-05-2315-355/+580
| | | | | should conform now to IKEv2
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 18:27:23 +0000