aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon
Commit message (Collapse)AuthorAgeFilesLines
...
* changed inheritable capability set to the permitted one to execute firewall ↵Martin Willi2007-09-281-2/+1
| | | | script with CAP_NET_ADMIN
* reduced debbugging levelMartin Willi2007-09-271-1/+1
|
* made add_ip()/del_ip() calls synchron (waiting until kernel event received)Martin Willi2007-09-271-21/+90
| | | | this should fix MOBIKE route migration with virtual IPs
* typosTobias Brunner2007-09-273-4/+4
|
* refactored strongswan managerMartin Willi2007-09-264-30/+93
| | | | | | | | removed buggy request parsing code, use ClearSilvers CGI kit instead fixed CHILD_SA listing in manager (needs better design) using secure XML communication through unix sockets removed images with questionable (non-GPL) license
* improved MOBIKE roaming between interfacesMartin Willi2007-09-245-20/+31
|
* removed some empty linesAndreas Steffen2007-09-181-2/+0
|
* return argument has type size_tAndreas Steffen2007-09-181-1/+1
|
* prototype implemementation of an sqlite configuration backendMartin Willi2007-09-189-84/+454
|
* connection name to IKE_SA initiatingAndreas Steffen2007-09-152-2/+3
|
* put IKE_SA and CHILD_SA names in single quotesAndreas Steffen2007-09-153-6/+6
|
* log name of IKE_SA in state changesAndreas Steffen2007-09-151-1/+2
|
* log name of established IKE_SAAndreas Steffen2007-09-151-4/+8
|
* log name of established CHILD_SAAndreas Steffen2007-09-151-2/+4
|
* adapted format of IKE SPIs to strongSwan Manager's styleAndreas Steffen2007-09-151-2/+2
|
* added subnets of CHILD_SAs to xml interfaceMartin Willi2007-09-141-1/+36
| | | | a first design of Managers IKE_SA list page
* peer_cfg now knows about group membershipsAndreas Steffen2007-09-134-12/+70
|
* added missing 'break' in checkout_by_peerTobias Brunner2007-09-131-0/+1
|
* fixed 64bit issue with file descriptorMartin Willi2007-09-131-1/+9
|
* manager can query and list IKE_SA status (no layout yet)Martin Willi2007-09-131-2/+3
|
* only switch to port 4500 if we are on 500: fixed reauthentication in NAT Martin Willi2007-09-121-2/+9
| | | | scenarios
* removed unused chunk variableAndreas Steffen2007-09-121-3/+1
|
* moving virtual IP when interface changes due mobikeMartin Willi2007-09-121-0/+11
|
* fixed NAT detection with mobikeMartin Willi2007-09-122-7/+7
|
* fixed shutdown order to prevent crash when kernel interface schedules eventsMartin Willi2007-09-121-1/+1
|
* overwrite shared_key with random bytes before freeing itAndreas Steffen2007-09-111-2/+2
|
* check hash algorithms used in signaturesAndreas Steffen2007-09-111-1/+1
|
* removed rsa_private_key clone() functionAndreas Steffen2007-09-111-1/+1
|
* replaced get_rsa_private_key() by rsa_signature() in order restrict the ↵Andreas Steffen2007-09-112-46/+49
| | | | distribution of private key material
* overwrite storage used for shared secrets with pseudo-random bytes before ↵Andreas Steffen2007-09-101-27/+26
| | | | releasing it
* implemented routeability checks for mobike (experimental)Martin Willi2007-09-035-54/+194
|
* correct debug4.1.6Andreas Steffen2007-09-021-3/+3
|
* added mobike=yes|no connection optionMartin Willi2007-08-295-22/+62
| | | | | | | yes: include mobike support notifies as initiator no: only enable mobike as responder when initiator supports it default: yes
* renamed integrity check to integrity testAndreas Steffen2007-08-291-3/+3
|
* fips_verify_hmac_signature() now returns a boolean statusAndreas Steffen2007-08-291-1/+1
|
* changed interface of fips_verify_hmac_signatureAndreas Steffen2007-08-291-1/+1
|
* started implementation of libstrongswan code integrity checkAndreas Steffen2007-08-291-4/+28
|
* rerouting CHILD_SA if its IKE_SA gets deletedMartin Willi2007-08-271-99/+149
|
* append new attribute certs at the endAndreas Steffen2007-08-141-1/+7
|
* adding attribute certficates to a chained listAndreas Steffen2007-08-141-3/+25
|
* has_rsa_private_key() must also be protected by keys_mutexAndreas Steffen2007-08-101-1/+4
|
* corrected debug outputAndreas Steffen2007-08-101-1/+1
|
* ipsec stroke rereadaacerts|rereadacerts supportedAndreas Steffen2007-08-101-0/+8
|
* support of ipsec rereadsecrets for strokeAndreas Steffen2007-08-103-10/+59
|
* made linked lists invoke() method consistent to clone_*() and destroy_*() ↵Martin Willi2007-08-091-1/+1
| | | | methods
* bug fix in linked_list deletion - instead of acerts destroyed certs twice4.1.5Andreas Steffen2007-08-081-1/+1
|
* implemented listing of attribute certificatesAndreas Steffen2007-08-072-3/+49
|
* fixed segfault when sourceip in stroke message is NULLMartin Willi2007-08-061-2/+2
|
* allow starter to initiate connections simultaneously (on auto=start)Martin Willi2007-08-062-4/+19
|
* backports from the p2p-nat-t branch:Tobias Brunner2007-07-197-14/+11
| | | | | | * double assignment of function ''destroy'' in some jobs * typos
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 17:36:01 +0000