aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon
Commit message (Collapse)AuthorAgeFilesLines
...
* use rwlocks in backend manager to allow simultaneous accessMartin Willi2008-11-271-19/+19
|
* use a rwlock in attribute manager to allow simultaneous accessMartin Willi2008-11-271-12/+12
|
* remove attribute provider in SQL plugin destructionMartin Willi2008-11-271-0/+1
|
* token enumerator missed the last token if it contains only a single charMartin Willi2008-11-271-5/+45
|
* checkin of non-existing IKE_SAsMartin Willi2008-11-263-78/+71
| | | | removed unneeded checkin() return values
* removed private parser function pointers, allows compiler to inlineMartin Willi2008-11-261-200/+48
|
* removed private generator function pointers, allows compiler to inlineMartin Willi2008-11-262-276/+154
|
* allow to globally disable DOS protection by setting charon.dos_protection to no.Tobias Brunner2008-11-261-0/+5
|
* optimized the scheduler for performance by replacing the linked list with a ↵Tobias Brunner2008-11-251-47/+109
| | | | heap.
* replacing the pthread_mutex in scheduler_t with the wrapped implementation.Tobias Brunner2008-11-251-22/+18
| | | | added a method to condvar_t which allows to wait for an absolute timeout.
* performance optimization for the DOS protection.Tobias Brunner2008-11-253-40/+234
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* fixed crash due to missing function call parameterAndreas Steffen2008-11-251-1/+13
|
* fixed set_message_id() on IKE_SAMartin Willi2008-11-242-129/+132
| | | | | added missing bus->message() hook invocation whitespace cleanups
* set message IDs on IKE_SAsMartin Willi2008-11-244-9/+47
|
* moved the IPV6_IPSEC_POLICY definition to the ipsec plugins, fixes uClibc buildMartin Willi2008-11-243-5/+10
|
* added a "load_tester.auth" option: "pubkey" (default) or "psk"Martin Willi2008-11-232-4/+57
|
* proper cancellation of load-testing initiatorsMartin Willi2008-11-231-1/+39
|
* added a MODP_NULL Diffie Hellman group to avoid calculation overhead in ↵Martin Willi2008-11-225-1/+134
| | | | load-testing
* fixing Makefile of the nm plugin (avoids including a .svn directory in the ↵Tobias Brunner2008-11-201-1/+1
| | | | distribution)
* optimized ike_sa_manager for concurrent access (default behavior is still as ↵Tobias Brunner2008-11-201-217/+493
| | | | before, needs configuration in strongswan.conf).
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-196-444/+390
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* setting default port of own address to have a proper fallback if src addr ↵Martin Willi2008-11-181-0/+1
| | | | lookup fails
* consider interfaces we do not monitor as up (e.g. lo)Martin Willi2008-11-181-1/+2
| | | | fixes load-testing against 127.0.0.1
* separated updown listener to its own class4.2.9Martin Willi2008-11-174-201/+380
| | | | caching interface names to properly remove rules if interface has changed
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-165-36/+75
|
* show TRANSPORT_PROXY mode in ipsec statusAndreas Steffen2008-11-161-3/+5
|
* using aligned buffers for netlinkMartin Willi2008-11-143-14/+23
|
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* also use correct encap parameter in PF_KEYMartin Willi2008-11-141-1/+1
|
* fixed encap enabling in xfrm (using new encap state, not the old one)Martin Willi2008-11-141-3/+3
|
* do not use a route if outgoing interface is downMartin Willi2008-11-142-55/+82
| | | | other cleanups
* rta->rta_len is NOT the payload data length, use RTA_PAYLOAD(rta) instead!Martin Willi2008-11-141-2/+3
|
* do not use public interface for functions which are local anywayMartin Willi2008-11-141-57/+54
|
* reset IKE_SA on bus during child_sa destructionMartin Willi2008-11-141-0/+2
|
* updated API doc for socket.hMartin Willi2008-11-131-10/+7
|
* ported socket enumerator to raw-socket.cMartin Willi2008-11-132-85/+78
| | | | some cleanups in socket.c
* corrected unwanted deletion in commentAndreas Steffen2008-11-121-2/+2
|
* BEET mode might want forwarding policiesMartin Willi2008-11-121-11/+11
|
* removed some obsolete includesMartin Willi2008-11-121-11/+0
|
* moved ike_initiator flag to IKE_SAs condition bitfieldMartin Willi2008-11-123-30/+12
|
* ported some hard-to-merge cherries back to trunk :-/Martin Willi2008-11-126-74/+42
| | | | | shame, svn, shame: this was ways to complicated we should consider a switch to git...
* fixing keylength bug at the right place:Martin Willi2008-11-122-10/+2
| | | | we usually don't touch output parameters if operations fails
* improved fixAndreas Steffen2008-11-121-5/+9
|
* fixed AES-CCM/GCM authenticated encryption by eliminating generation of ↵Andreas Steffen2008-11-121-0/+4
| | | | superfluous generation of integrity keying material
* fixed compiler warnings issued by:Martin Willi2008-11-114-7/+21
| | | | | | gcc 4.3 curl.h gcc type-checking glibc with enabled FORTIFY_SOURCE checking
* #defing out compress algs to avoid compiler warningMartin Willi2008-11-112-2/+6
|
* updated method signature of add_policyMartin Willi2008-11-111-5/+6
|
* fixed compilation of medcli pluginMartin Willi2008-11-112-28/+50
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 06:57:01 +0000