aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
* fixed a potential memory leak when reusing mobike taskMartin Willi2008-12-191-0/+4
|
* updated documentationMartin Willi2008-12-172-137/+131
| | | | | some minor cleanups calloc does not need an additional memset(0)
* improved IKE_SA uniqueness checkTobias Brunner2008-12-164-89/+83
|
* purge certificates after IKE_AUTH response has been builtMartin Willi2008-12-161-6/+8
|
* signal each entry condvar after enumeration, required if wait_for_entry is ↵Martin Willi2008-12-151-3/+19
| | | | called
* fixed possible deadlock in checkin_and_destroyMartin Willi2008-12-121-2/+2
|
* avoid DNS lookup if possibleMartin Willi2008-12-121-13/+10
|
* wait until all IKE_SAs are in-house before destroying themMartin Willi2008-12-121-1/+1
|
* fixing checkout of IKE SAs with only the initiator SPITobias Brunner2008-12-101-1/+2
|
* increasing the performance of checkout_duplicate by using a hash table.Tobias Brunner2008-12-101-66/+244
|
* purge auth_info when IKE_SA is established, releases cert memoryMartin Willi2008-12-091-0/+6
|
* limit number of ADDITIONAL_IPV*_ADDR notifiesMartin Willi2008-12-091-4/+9
|
* pass identity to release_address(), allows providers to do a lookup by idMartin Willi2008-12-051-1/+1
|
* reset pointer for a clean destructionMartin Willi2008-12-041-0/+1
|
* some task queueing improvements:Martin Willi2008-12-018-63/+186
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* schedule rekeying when activating passive IKE_SAsMartin Willi2008-11-281-1/+2
|
* added a PASSIVE IKE_SA state to manage it externallyMartin Willi2008-11-282-4/+25
|
* pass SKd to derive_ike_keys() to have a more interoperable APIMartin Willi2008-11-283-38/+93
|
* checkin of non-existing IKE_SAsMartin Willi2008-11-262-58/+44
| | | | removed unneeded checkin() return values
* performance optimization for the DOS protection.Tobias Brunner2008-11-252-24/+211
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* fixed crash due to missing function call parameterAndreas Steffen2008-11-251-1/+13
|
* fixed set_message_id() on IKE_SAMartin Willi2008-11-242-129/+132
| | | | | added missing bus->message() hook invocation whitespace cleanups
* set message IDs on IKE_SAsMartin Willi2008-11-244-9/+47
|
* optimized ike_sa_manager for concurrent access (default behavior is still as ↵Tobias Brunner2008-11-201-217/+493
| | | | before, needs configuration in strongswan.conf).
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-195-443/+389
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* setting default port of own address to have a proper fallback if src addr ↵Martin Willi2008-11-181-0/+1
| | | | lookup fails
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-161-31/+40
|
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* reset IKE_SA on bus during child_sa destructionMartin Willi2008-11-141-0/+2
|
* BEET mode might want forwarding policiesMartin Willi2008-11-121-11/+11
|
* removed some obsolete includesMartin Willi2008-11-121-11/+0
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-123-30/+12
|
* ported some hard-to-merge cherries back to trunk :-/Martin Willi2008-11-121-11/+9
| | | | | shame, svn, shame: this was ways to complicated we should consider a switch to git...
* fixing keylength bug at the right place:Martin Willi2008-11-121-1/+1
| | | | we usually don't touch output parameters if operations fails
* fixed compiler warnings issued by:Martin Willi2008-11-111-2/+2
| | | | | | gcc 4.3 curl.h gcc type-checking glibc with enabled FORTIFY_SOURCE checking
* fixing mediation extensionTobias Brunner2008-11-111-4/+8
|
* some typosTobias Brunner2008-11-111-3/+3
|
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-116-84/+106
|
* deleted obsolete parameter descriptionsAndreas Steffen2008-11-111-2/+0
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-115-105/+248
|
* replaced most pthread_mutex/cond_t by wrapped mutex/condvar_t variantMartin Willi2008-11-054-102/+103
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-053-0/+4
|
* %any is IP family neutralAndreas Steffen2008-11-051-2/+2
|
* corrected typo2Andreas Steffen2008-11-051-2/+2
|
* replace tab by spacesAndreas Steffen2008-11-031-2/+3
|
* corrected captionsAndreas Steffen2008-11-021-1/+1
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-306-37/+61
|
* store plain skd, not the prfMartin Willi2008-10-302-23/+19
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 15:46:37 +0000