aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
* replying to COOKIE2 mobike notify properly4.2.2Martin Willi2008-05-211-1/+49
| | | | including COOKIE2 ourself after path probing
* using fixed size keys in key derivation for AES-XCBC PRFMartin Willi2008-05-211-7/+24
|
* IPComp for IKEv2Tobias Brunner2008-05-084-12/+215
|
* Hash and URL cosmeticsAndreas Steffen2008-04-182-11/+11
|
* support for hash and URL encoded certificate payloads in charonTobias Brunner2008-04-183-51/+235
|
* splitted IKE_SA manager destroy to allow plugin interactionMartin Willi2008-04-172-5/+24
|
* slightly optimized IKE_SA checkinMartin Willi2008-04-161-3/+7
|
* optimized half-open IKE_SA lookup (no checkout)Martin Willi2008-04-161-3/+13
|
* added API for random number generators, served through credential factoryMartin Willi2008-04-156-52/+47
| | | | ported randomizer_t to a rng_t on top of /dev/(u)random (plugin random)
* implemented IKE_SA uniqueness using ipsec.conf uniqueids paramaterMartin Willi2008-04-143-0/+115
| | | | additionally supports a "keep" value to keep the old IKE_SA
* ike_sa_manager enumerable, not iterableMartin Willi2008-04-142-71/+78
|
* added close_action as a seperate config option to dpd_actionMartin Willi2008-04-143-13/+29
|
* fixed jumping IKE_SA unique idsMartin Willi2008-04-141-28/+53
|
* fixed rightsourceip=%config scenariosMartin Willi2008-04-141-2/+5
|
* fixed disabling the sending of cert requestsAndreas Steffen2008-04-131-1/+1
|
* using dpd actions to enforce connection stateMartin Willi2008-04-115-159/+180
| | | | dpd actions a per child-, not peer ike-sa
* enabling acquire for mediated connectionsTobias Brunner2008-04-104-128/+46
|
* enabling reauthentication on mediation connectionsTobias Brunner2008-04-102-3/+30
|
* fixing a problem if the mediation server initiates the rekeyingTobias Brunner2008-04-103-2/+18
|
* mediation connections should now properly rekeyTobias Brunner2008-04-093-11/+45
|
* implementation of an CFG attribute framework, currently supporting virtual IPsMartin Willi2008-04-093-22/+27
| | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool
* signature in connectivity checks is now built with the message id in network ↵Tobias Brunner2008-04-081-1/+4
| | | | byte order
* printing the checklist, two bugfixesTobias Brunner2008-04-081-2/+24
|
* connect manager: restart the sender if it is not running anymoreTobias Brunner2008-04-081-6/+19
|
* better logging for chunks in connect managerTobias Brunner2008-04-081-12/+12
|
* refactored callback data in connect managerTobias Brunner2008-04-081-48/+24
|
* fast finishing connectivity checks on the initiators sideTobias Brunner2008-04-071-53/+99
|
* corrected the logging for retransmissions of connectivity checksTobias Brunner2008-04-071-6/+8
|
* changed how retransmissions of connectivity checks are sentTobias Brunner2008-04-071-16/+10
|
* fixing another memory leakTobias Brunner2008-04-071-0/+1
|
* and anotherTobias Brunner2008-04-031-0/+1
|
* fixed two other memory leaksTobias Brunner2008-04-031-2/+3
|
* demoted more notify debug messages to level 24.2.0Andreas Steffen2008-04-022-3/+3
|
* fixing some memory leaksTobias Brunner2008-04-023-3/+28
|
* generate debug output if ocsp response does not contain status information ↵Andreas Steffen2008-04-021-1/+1
| | | | for a given certificate
* demoted received notify debug message to level 2Andreas Steffen2008-04-011-1/+1
|
* stopping connectivity checks on the responders side after receiving an ↵Tobias Brunner2008-04-015-8/+132
| | | | IKE_SA_INIT request with the proper ME_CONNECTID
* timing of connectivity checks adjustedTobias Brunner2008-03-311-28/+39
|
* signal fixedTobias Brunner2008-03-311-2/+2
|
* changed error messageAndreas Steffen2008-03-291-1/+1
|
* replaced get_public() by create_public_enumerator() to try multiple public ↵Martin Willi2008-03-271-9/+12
| | | | keys for signature verification
* checking the size of ME_* notify payloadsTobias Brunner2008-03-271-8/+1
|
* replaced the COOKIE notify payload in connectivity checks with a ↵Tobias Brunner2008-03-271-14/+14
| | | | ME_CONNECTAUTH notify payload
* mediation extension adapted to the naming convention of the current version ↵Tobias Brunner2008-03-2611-286/+286
| | | | of the draft. note: the external interface (config, autotools) has not yet been changed
* added equals() method to peer_cfg, ike_cfg, proposals, auth_infoMartin Willi2008-03-264-59/+52
| | | | | | allows easier merging of ipsec.conf connections replaced some iterators through enumerators made proposals algorithm_t private using enumerator
* added support for certificate requests for not yet known CAsMartin Willi2008-03-201-5/+6
|
* attempt to achieve consistent debugging outputAndreas Steffen2008-03-194-31/+31
|
* correctly unregister IKE_SA at the bus Martin Willi2008-03-151-1/+1
|
* two small fixesTobias Brunner2008-03-132-3/+3
|
* merged the modularization branch (credentials) back to trunkMartin Willi2008-03-1370-5428/+1654
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 02:04:46 +0000