aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
* fixed cleanup of traffic selector listsMartin Willi2009-05-151-2/+2
|
* properly delete IKE_SA if IKE_SA_INIT processing failedMartin Willi2009-05-151-0/+5
|
* cosmeticsAndreas Steffen2009-03-261-1/+1
|
* output peer ID in duplicate deletion log entryAndreas Steffen2009-03-261-2/+2
|
* set port for NATD hash calculation in the "include-all" caseMartin Willi2009-03-261-0/+4
|
* updated DoxyfileMartin Willi2009-03-2432-35/+33
| | | | | | properly close all doxygen groups fixed remaining doxygen warnings
* reintegrated eap-radius branch into trunkMartin Willi2009-03-243-3/+7
|
* fallback to family specific %any(6) if kernel lookup failsMartin Willi2009-03-161-0/+6
|
* printf hooks refactored to increase portability (i.e. support for platforms ↵Tobias Brunner2009-03-121-2/+1
| | | | without glibc-compatible customizable printf - the Vstr string library is currently required on such platforms).
* adding plugin for EAP-MS-CHAPv2Tobias Brunner2009-02-182-1/+4
|
* configuration of NBNS server assignment via strongswan.confAndreas Steffen2009-02-131-3/+68
|
* configuration of DNS server assignment via strongswan.confAndreas Steffen2009-02-121-6/+29
|
* changed [4856] to dynamically choose traffic selector familyMartin Willi2009-02-111-14/+8
|
* send proper AUTHENTICATION_FAILED if EAP method is successful, but AUTH ↵Martin Willi2009-02-101-0/+6
| | | | mismatches
* free unneeded retransmission packet when exchange completesMartin Willi2009-02-091-1/+2
|
* proper initialization and disposal of keying materialAndreas Steffen2009-01-151-1/+3
|
* fixed ESP NULL encryptionAndreas Steffen2009-01-151-3/+3
|
* fixed a potential memory leak when reusing mobike taskMartin Willi2008-12-191-0/+4
|
* updated documentationMartin Willi2008-12-172-137/+131
| | | | | some minor cleanups calloc does not need an additional memset(0)
* improved IKE_SA uniqueness checkTobias Brunner2008-12-164-89/+83
|
* purge certificates after IKE_AUTH response has been builtMartin Willi2008-12-161-6/+8
|
* signal each entry condvar after enumeration, required if wait_for_entry is ↵Martin Willi2008-12-151-3/+19
| | | | called
* fixed possible deadlock in checkin_and_destroyMartin Willi2008-12-121-2/+2
|
* avoid DNS lookup if possibleMartin Willi2008-12-121-13/+10
|
* wait until all IKE_SAs are in-house before destroying themMartin Willi2008-12-121-1/+1
|
* fixing checkout of IKE SAs with only the initiator SPITobias Brunner2008-12-101-1/+2
|
* increasing the performance of checkout_duplicate by using a hash table.Tobias Brunner2008-12-101-66/+244
|
* purge auth_info when IKE_SA is established, releases cert memoryMartin Willi2008-12-091-0/+6
|
* limit number of ADDITIONAL_IPV*_ADDR notifiesMartin Willi2008-12-091-4/+9
|
* pass identity to release_address(), allows providers to do a lookup by idMartin Willi2008-12-051-1/+1
|
* reset pointer for a clean destructionMartin Willi2008-12-041-0/+1
|
* some task queueing improvements:Martin Willi2008-12-018-63/+186
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* schedule rekeying when activating passive IKE_SAsMartin Willi2008-11-281-1/+2
|
* added a PASSIVE IKE_SA state to manage it externallyMartin Willi2008-11-282-4/+25
|
* pass SKd to derive_ike_keys() to have a more interoperable APIMartin Willi2008-11-283-38/+93
|
* checkin of non-existing IKE_SAsMartin Willi2008-11-262-58/+44
| | | | removed unneeded checkin() return values
* performance optimization for the DOS protection.Tobias Brunner2008-11-252-24/+211
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* fixed crash due to missing function call parameterAndreas Steffen2008-11-251-1/+13
|
* fixed set_message_id() on IKE_SAMartin Willi2008-11-242-129/+132
| | | | | added missing bus->message() hook invocation whitespace cleanups
* set message IDs on IKE_SAsMartin Willi2008-11-244-9/+47
|
* optimized ike_sa_manager for concurrent access (default behavior is still as ↵Tobias Brunner2008-11-201-217/+493
| | | | before, needs configuration in strongswan.conf).
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-195-443/+389
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* setting default port of own address to have a proper fallback if src addr ↵Martin Willi2008-11-181-0/+1
| | | | lookup fails
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-161-31/+40
|
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* reset IKE_SA on bus during child_sa destructionMartin Willi2008-11-141-0/+2
|
* BEET mode might want forwarding policiesMartin Willi2008-11-121-11/+11
|
* removed some obsolete includesMartin Willi2008-11-121-11/+0
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 22:44:54 +0000