aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/sa
Commit message (Collapse)AuthorAgeFilesLines
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-161-31/+40
|
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* reset IKE_SA on bus during child_sa destructionMartin Willi2008-11-141-0/+2
|
* BEET mode might want forwarding policiesMartin Willi2008-11-121-11/+11
|
* removed some obsolete includesMartin Willi2008-11-121-11/+0
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-123-30/+12
|
* ported some hard-to-merge cherries back to trunk :-/Martin Willi2008-11-121-11/+9
| | | | | shame, svn, shame: this was ways to complicated we should consider a switch to git...
* fixing keylength bug at the right place:Martin Willi2008-11-121-1/+1
| | | | we usually don't touch output parameters if operations fails
* fixed compiler warnings issued by:Martin Willi2008-11-111-2/+2
| | | | | | gcc 4.3 curl.h gcc type-checking glibc with enabled FORTIFY_SOURCE checking
* fixing mediation extensionTobias Brunner2008-11-111-4/+8
|
* some typosTobias Brunner2008-11-111-3/+3
|
* merging kernel_klips plugin back into trunkTobias Brunner2008-11-116-84/+106
|
* deleted obsolete parameter descriptionsAndreas Steffen2008-11-111-2/+0
|
* preliminary support of Mobile IPv6Andreas Steffen2008-11-115-105/+248
|
* replaced most pthread_mutex/cond_t by wrapped mutex/condvar_t variantMartin Willi2008-11-054-102/+103
|
* got rid of deprecated create_iterator_locked()Martin Willi2008-11-053-0/+4
|
* %any is IP family neutralAndreas Steffen2008-11-051-2/+2
|
* corrected typo2Andreas Steffen2008-11-051-2/+2
|
* replace tab by spacesAndreas Steffen2008-11-031-2/+3
|
* corrected captionsAndreas Steffen2008-11-021-1/+1
|
* added hooks for IKE and CHILD keymatMartin Willi2008-10-306-37/+61
|
* store plain skd, not the prfMartin Willi2008-10-302-23/+19
|
* moved CHILD_SA key derivation to keymat_tMartin Willi2008-10-296-403/+411
| | | | passing key chunks to CHILD_SA, not the PRF
* do not store DH redundant in keymatMartin Willi2008-10-293-52/+30
|
* moved key derivation and management into keymat objectMartin Willi2008-10-2811-579/+737
| | | | | | allows secured implementation of key management (e.g. in kernel or HW) only IKE keys for now
* store IKE proposal implicitly during derive_keysMartin Willi2008-10-283-44/+13
|
* use more generic stats getter, introducing new statsMartin Willi2008-10-273-77/+54
|
* fixed some compiler warningsMartin Willi2008-10-271-2/+0
|
* additional getters for ipcomp and UDP encapMartin Willi2008-10-242-0/+32
|
* more CHILD_SA refactoringsMartin Willi2008-10-243-123/+127
|
* fixed enumeration of CHILD_SA traffic selectorsMartin Willi2008-10-211-24/+25
|
* reset threads IKE_SA after checking other IKE_SAsMartin Willi2008-10-203-0/+14
| | | | invoke updown script only if we have valid IKE_SA
* re-established all previous AUD level messagesAndreas Steffen2008-10-173-6/+7
|
* moved updown script invocation to an optional pluginMartin Willi2008-10-166-243/+43
|
* cache keys for in and outbound ESP SAsMartin Willi2008-10-152-191/+236
| | | | | removed redundant storing of traffic selectors in CHILD_SA (sa_policy_t) creating TS pairs dynamically using create_policy_enumerator()
* store ESP keys in CHILD_SAMartin Willi2008-10-152-36/+47
|
* passing chunks, not prf+, to kernel interfaceMartin Willi2008-10-142-28/+117
| | | | gives us better control of keymat in CHILD_SA
* typosTobias Brunner2008-10-141-6/+6
|
* reintegrated bus-refactoring branchMartin Willi2008-10-1414-236/+210
|
* reintegrated two-sim branch providing SIM card plugin APIMartin Willi2008-10-102-0/+261
|
* fixed MOBIKE roaming if clients address changesMartin Willi2008-10-092-5/+20
|
* mobike: try to keep existing source address before switching to anotherMartin Willi2008-10-083-18/+17
|
* userland support to process notifies for new NAT mappings detected in UDP ↵Martin Willi2008-10-071-6/+4
| | | | encapsulation
* use MOBIKE enabled DPD if we are NATedMartin Willi2008-10-066-4/+113
| | | | update SAs if we detect changes in NAT mappings
* do not run CHILD_SA delete action if rekeyingMartin Willi2008-10-031-1/+13
|
* also respect the mobike=no setting as responderMartin Willi2008-09-301-2/+13
|
* merging renaming of mode_t to ipsec_mode_t back to trunkTobias Brunner2008-09-253-15/+15
|
* merging modularized kernel interface back to trunkTobias Brunner2008-09-253-15/+15
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 01:58:36 +0000