aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/threads
Commit message (Collapse)AuthorAgeFilesLines
* added policy cache to kernel interfaceMartin Willi2006-07-122-411/+502
| | | | | | allows refcounting of multiple installed policies finally brings us stable simultaneous rekeying
* further work done for simultaneous rekeying/deleteMartin Willi2006-07-105-62/+36
| | | | | still some cases which cause trouble
* updated copyright informationMartin Willi2006-07-0710-10/+20
|
* reimplemented CHILD_SA rekeying & deleteMartin Willi2006-07-071-14/+13
| | | | | no simultanous transaction with CHILD_SAs yet!
* added support for leftprotoport and rightprotoportMartin Willi2006-07-051-4/+6
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-051-2/+0
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* made thread ids unsigned again, to avoid negative thread ids on some systemsMartin Willi2006-07-044-4/+4
|
* fixed memleak when initiating a connection already upMartin Willi2006-07-041-0/+1
|
* applied latest NATT patch with some fixes and cleanupsMartin Willi2006-07-041-8/+15
|
* support of cert payloadsAndreas Steffen2006-07-031-48/+33
|
* added X.509 trust chain verificationAndreas Steffen2006-06-271-2/+17
|
* applied new changes from NATT teamMartin Willi2006-06-232-0/+94
| | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there
* first merge of NATT codeMartin Willi2006-06-224-272/+437
|
* readded local_credential_storeMartin Willi2006-06-201-2/+3
| | | | | | added sendcert policy to connection some other cleanups
* implemented rereadcrls rereadcacertsAndreas Steffen2006-06-201-3/+24
|
* added listcrlsAndreas Steffen2006-06-161-1/+7
|
* added support for "ike" and "esp" keywordsMartin Willi2006-06-152-30/+89
| | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes
* support for stroke listcerts|listcacerts|listall and left|rightca=Andreas Steffen2006-06-121-55/+91
|
* workaround for peers rekeying at the same timeMartin Willi2006-06-121-1/+4
| | | | | loading lifetime policies from ipsec.conf
* improved kernel interface loggingMartin Willi2006-06-092-50/+40
|
* specifying keysize in bits, as it is required in IKEv2Martin Willi2006-06-093-62/+129
| | | | | | added generic kernel SA algorithm handling, which brings us: aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
* added support for leftsendcert= and left|rightca= parametersAndreas Steffen2006-06-091-8/+25
|
* fixed compile warnings when using -WallMartin Willi2006-06-082-5/+4
| | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing
* further work for rekeying:Martin Willi2006-06-072-20/+21
| | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals
* job management:Martin Willi2006-05-313-447/+97
| | | | | | | | | | | | | moved job code from thread_pool to job, jobs have an "execute" method now added two new jobs: delete_child_sa & rekey_child_sa kernel interface: listens now for ACQUIRE & EXPIRE supports hard and soft lifetimes fires jobs for delete and rekey child sa ike sa manager: can checkout IKE SAs by requid of owned CHILD SAs we have now the infrastructure to do the rekeying... :-)
* minimized prefixed on stroke logger outputAndreas Steffen2006-05-311-1/+1
|
* list ca certificatesAndreas Steffen2006-05-301-2/+3
|
* - fixed memleak when deleting a connectionMartin Willi2006-05-291-1/+5
|
* - policies contain a connections name nowMartin Willi2006-05-291-6/+44
| | | | | | | | - used for initiate and delete - connections won't get initiated twice anymore - deleting of connections is now possible, which allows us to use ipsec update and ipsec reload
* stroke now uses constant size string bufferAndreas Steffen2006-05-291-28/+44
|
* - handle IKE_SA setup without a piggy-packed CHILD_SAMartin Willi2006-05-241-0/+2
| | | | | more IKEv2 conform
* - show connection templates in status & statusallMartin Willi2006-05-231-15/+47
| | | | | - don't complain on termination of IKEv1 connections
* - changed config load strategy:Martin Willi2006-05-231-7/+8
| | | | | | | starter loads both connections in charon & pluto, charon ignores anything with keyexchange!=ikev2. pluto needs the same behavior.
* load_end_certificate() now loads certificatesAndreas Steffen2006-05-231-27/+46
|
* - reimplemented proper IKE SA deletion using a seperate state,Martin Willi2006-05-231-74/+42
| | | | | should conform now to IKEv2
* - applied patch from the NAT-T team fixing several typosMartin Willi2006-05-191-3/+3
|
* - applied patch from andreas, which allows certificate listing via strokeMartin Willi2006-05-191-31/+27
|
* - applied andreas's patchMartin Willi2006-05-185-12/+13
| | | | | | | - logger output improvements - testin gupdates - and a lot more
* - introduced autotoolsMartin Willi2006-05-161-39/+0
| | | | | | | | | | - first working version - make dist should work - things to do: - UML testing! - more cleanups
* (no commit message)Martin Willi2006-05-1013-0/+2951
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 17:13:02 +0000