aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon/threads
Commit message (Collapse)AuthorAgeFilesLines
...
* introduced new logging subsystem using bus:Martin Willi2006-10-188-420/+426
| | | | | | | passive listeners can register on the bus active listeners wait for signals actively multiplexing allows multiple listeners to receive debug signals a lot more...
* introduced printf() specifiers for:Martin Willi2006-09-271-10/+7
| | | | | | | | | | | host_t (%H) identification_t (%D) chunk pointers (%B) memory pointer/length (%b) added a signaling bus: receives event and debug messages, sends them to its listeners stream_logger, sys_logger, file_logger added, listen to bus some other tweaks here and there
* added hostaccess supportAndreas Steffen2006-09-251-5/+6
|
* extended statusall outputMartin Willi2006-09-211-9/+21
| | | | | added job/event-queue statistics added allocation statistics when using LEAK_DETECTIVE
* added PSK supportAndreas Steffen2006-09-181-1/+1
|
* implemented updown script to handle firewallingMartin Willi2006-09-121-2/+2
|
* add priority management for kernel policyMartin Willi2006-09-083-54/+20
| | | | | | | let ROUTED policies installed, until manuall removed introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs ike_sa_manager cleanups
* implemented handling of dpdaction and dpddelay ipsec.conf parametersMartin Willi2006-09-081-1/+1
|
* reuse reqid when a ROUTED child_sa gets INSTALLEDMartin Willi2006-09-052-4/+3
| | | | | | | | | fixed a bug in retransmission code added support for the "keyingtries" ipsec.conf parameter added support for the "dpddelay" ipsec.conf parameter done some work for "dpdaction" behavior some other cleanups and fixes
* fixed a at-least-one-year-old bug which caused crashed in the schedulerMartin Willi2006-08-311-7/+7
|
* initial support for IPv6 (more testing needed)Martin Willi2006-08-303-46/+64
| | | | | | | | | socket works (without v6 filter) traffic selector handle IPv4/v4 cleanly improvements in traffic selector code kernel interface accepts v6 traffic selectors and hosts host_t class has full IPv6 support
* moved interface enumeration code to socket, where it belongsMartin Willi2006-08-281-2/+18
| | | | | query interfaces every time we need it to respect changes in network config added address listing on startup and "ipsec statusall"
* implemented IKE_SA rekeyingMartin Willi2006-07-271-2/+4
| | | | | | uses ikelifetime, rekeymargin and rekeyfuzz config settings no handling of simultaneus exchanges yet!
* added possibility to route CHILD_SAs, without to set them upMartin Willi2006-07-212-20/+97
| | | | | | | support for auto=route parameter support for ipsec route and ipsec unroute initiating of CHILD and/or IKE_SAs based on kernel acquires
* reuse an existing IKE_SA to set up additional CHILD_SAsMartin Willi2006-07-201-41/+19
|
* introduced refcounting on policy and connectionsMartin Willi2006-07-201-16/+41
| | | | | | | | | aren't stored in the IKE_SA anymore, they are queried on the fly are immutable now, allows it to share them policy selection based on traffic selectors, leads to valid lookup results rekeying queries the policy based on its traffic selectors
* cleanups in kernel interface codeMartin Willi2006-07-183-114/+308
| | | | | | added proper traffic selector to string conversion some cleanups here & there
* added policy cache to kernel interfaceMartin Willi2006-07-122-411/+502
| | | | | | allows refcounting of multiple installed policies finally brings us stable simultaneous rekeying
* further work done for simultaneous rekeying/deleteMartin Willi2006-07-105-62/+36
| | | | | still some cases which cause trouble
* updated copyright informationMartin Willi2006-07-0710-10/+20
|
* reimplemented CHILD_SA rekeying & deleteMartin Willi2006-07-071-14/+13
| | | | | no simultanous transaction with CHILD_SAs yet!
* added support for leftprotoport and rightprotoportMartin Willi2006-07-051-4/+6
|
* redesigned IKE_SA using a transaction mechanism:Martin Willi2006-07-051-2/+0
| | | | | | | | | | | | removed old state machine reimplemented IKE_SA setup and delete implemented dead peer detection implemented keep-alives a lot of fixes no rekeying yet
* made thread ids unsigned again, to avoid negative thread ids on some systemsMartin Willi2006-07-044-4/+4
|
* fixed memleak when initiating a connection already upMartin Willi2006-07-041-0/+1
|
* applied latest NATT patch with some fixes and cleanupsMartin Willi2006-07-041-8/+15
|
* support of cert payloadsAndreas Steffen2006-07-031-48/+33
|
* added X.509 trust chain verificationAndreas Steffen2006-06-271-2/+17
|
* applied new changes from NATT teamMartin Willi2006-06-232-0/+94
| | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there
* first merge of NATT codeMartin Willi2006-06-224-272/+437
|
* readded local_credential_storeMartin Willi2006-06-201-2/+3
| | | | | | added sendcert policy to connection some other cleanups
* implemented rereadcrls rereadcacertsAndreas Steffen2006-06-201-3/+24
|
* added listcrlsAndreas Steffen2006-06-161-1/+7
|
* added support for "ike" and "esp" keywordsMartin Willi2006-06-152-30/+89
| | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes
* support for stroke listcerts|listcacerts|listall and left|rightca=Andreas Steffen2006-06-121-55/+91
|
* workaround for peers rekeying at the same timeMartin Willi2006-06-121-1/+4
| | | | | loading lifetime policies from ipsec.conf
* improved kernel interface loggingMartin Willi2006-06-092-50/+40
|
* specifying keysize in bits, as it is required in IKEv2Martin Willi2006-06-093-62/+129
| | | | | | added generic kernel SA algorithm handling, which brings us: aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
* added support for leftsendcert= and left|rightca= parametersAndreas Steffen2006-06-091-8/+25
|
* fixed compile warnings when using -WallMartin Willi2006-06-082-5/+4
| | | | | | | | further CHILD_SA rekeying work done: creation of a new CHILD_SA on a expire from a kernel works delete of old CHILD_SA still missing some issues when both initiate rekeing
* further work for rekeying:Martin Willi2006-06-072-20/+21
| | | | | | | | | get liftimes from policy added new state initiation of rekeying done proposal redone: removed support for AH+ESP proposals
* job management:Martin Willi2006-05-313-447/+97
| | | | | | | | | | | | | moved job code from thread_pool to job, jobs have an "execute" method now added two new jobs: delete_child_sa & rekey_child_sa kernel interface: listens now for ACQUIRE & EXPIRE supports hard and soft lifetimes fires jobs for delete and rekey child sa ike sa manager: can checkout IKE SAs by requid of owned CHILD SAs we have now the infrastructure to do the rekeying... :-)
* minimized prefixed on stroke logger outputAndreas Steffen2006-05-311-1/+1
|
* list ca certificatesAndreas Steffen2006-05-301-2/+3
|
* - fixed memleak when deleting a connectionMartin Willi2006-05-291-1/+5
|
* - policies contain a connections name nowMartin Willi2006-05-291-6/+44
| | | | | | | | - used for initiate and delete - connections won't get initiated twice anymore - deleting of connections is now possible, which allows us to use ipsec update and ipsec reload
* stroke now uses constant size string bufferAndreas Steffen2006-05-291-28/+44
|
* - handle IKE_SA setup without a piggy-packed CHILD_SAMartin Willi2006-05-241-0/+2
| | | | | more IKEv2 conform
* - show connection templates in status & statusallMartin Willi2006-05-231-15/+47
| | | | | - don't complain on termination of IKEv1 connections
* - changed config load strategy:Martin Willi2006-05-231-7/+8
| | | | | | | starter loads both connections in charon & pluto, charon ignores anything with keyexchange!=ikev2. pluto needs the same behavior.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 02:32:31 +0000