| Commit message (Expand) | Author | Age | Files | Lines |
... | |
* | Limit the number of EAP-TLS packets allowed | Martin Willi | 2010-08-03 | 1 | -0/+13 |
* | Use stricter state handling while processing TLS messages | Martin Willi | 2010-08-03 | 1 | -25/+44 |
* | Cleaned up the public TLS interface | Martin Willi | 2010-08-03 | 4 | -68/+76 |
* | Refactored common used operations into TLS crypto helper | Martin Willi | 2010-08-03 | 3 | -176/+212 |
* | Properly send empty EAP-TLS messages | Martin Willi | 2010-08-03 | 1 | -22/+25 |
* | Derive MSK for EAP-TLS authentication | Martin Willi | 2010-08-03 | 5 | -0/+44 |
* | Verify Server Finished message | Martin Willi | 2010-08-03 | 1 | -1/+59 |
* | Implemented input record decryption and verification | Martin Willi | 2010-08-03 | 7 | -16/+122 |
* | Implemented key derivation, output record signing and encryption | Martin Willi | 2010-08-03 | 7 | -39/+485 |
* | Derive master secret, create Finished message | Martin Willi | 2010-08-03 | 4 | -30/+241 |
* | Implemented the TLS specific PRF in its TLSv1.0 and TLSv1.2 variants | Martin Willi | 2010-08-03 | 3 | -0/+263 |
* | Implemented sending of Certificate, ClientKeyExchange, CertificateVerify and ... | Martin Willi | 2010-08-03 | 11 | -19/+406 |
* | Implemented a tls_writer class to simplify TLS data generation | Martin Willi | 2010-08-03 | 7 | -74/+451 |
* | Implemented a tls_reader class to simplify TLS data parsing | Martin Willi | 2010-08-03 | 7 | -120/+419 |
* | Process ServerHello(Done), Certificate(Request) messages | Martin Willi | 2010-08-03 | 7 | -16/+240 |
* | Send a ClientHello to start TLS negotiation | Martin Willi | 2010-08-03 | 1 | -1/+86 |
* | Added TLS crypto helper, currently supports cipher suite selection | Martin Willi | 2010-08-03 | 8 | -6/+221 |
* | Added stubs for handshake handling, server and peer variants | Martin Willi | 2010-08-03 | 9 | -6/+446 |
* | Accept follow-up fragments with a TLS message length | Martin Willi | 2010-08-03 | 1 | -24/+50 |
* | Added dummy/identity implementations of the different TLS record layers | Martin Willi | 2010-08-03 | 8 | -3/+475 |
* | Pass TLS records to newly introduced TLS stack | Martin Willi | 2010-08-03 | 3 | -11/+158 |
* | Added some TLS constants | Martin Willi | 2010-08-03 | 3 | -1/+173 |
* | (De-)fragment EAP-TLS packets, pass TLS records to upper layer | Martin Willi | 2010-08-03 | 1 | -1/+229 |
* | Added EAP-TLS plugin stub | Martin Willi | 2010-08-03 | 5 | -0/+288 |
* | Fixed compiler warning. | Tobias Brunner | 2010-06-15 | 1 | -1/+1 |
* | Run as vpn user on Android. | Tobias Brunner | 2010-06-15 | 1 | -0/+8 |
* | Truncate the PID file so that even if we fail to unlink it, the daemon can be... | Tobias Brunner | 2010-06-15 | 1 | -11/+33 |
* | Option to skip slow addr2line resolution in leak-detective | Martin Willi | 2010-05-20 | 1 | -1/+1 |
* | Do a proper cleanup when printing usage info. | Tobias Brunner | 2010-05-04 | 1 | -3/+4 |
* | Integrating libhydra into the Android build system. | Tobias Brunner | 2010-04-12 | 1 | -1/+2 |
* | Moved ha plugin to libcharon | Martin Willi | 2010-04-07 | 21 | -4202/+0 |
* | Make resync/monitoring functionality optional | Martin Willi | 2010-04-07 | 3 | -27/+35 |
* | Listen to ike_updown/rekey hook instead of ike_state_change | Martin Willi | 2010-04-07 | 1 | -56/+59 |
* | Request a complete resync after daemon startup | Martin Willi | 2010-04-07 | 3 | -4/+54 |
* | Do not automatically take over segments, as we need to resync first | Martin Willi | 2010-04-07 | 3 | -80/+57 |
* | Drop overlapping segments only if we have no active SAs on it | Martin Willi | 2010-04-07 | 1 | -14/+32 |
* | Do not install iptables rules, they should stay active after shutdown | Martin Willi | 2010-04-07 | 3 | -100/+92 |
* | Take over all segments if heartbeat becomes silent | Martin Willi | 2010-04-07 | 1 | -11/+57 |
* | Renamed ha-sync plugin to ha | Martin Willi | 2010-04-07 | 22 | -720/+709 |
* | Try to send HA sync messages synchronously | Martin Willi | 2010-04-07 | 1 | -17/+27 |
* | Do not sync a delete for a child in a destroying IKE_SA | Martin Willi | 2010-04-07 | 1 | -1/+4 |
* | Include ICMP traffic in sync tunnel | Martin Willi | 2010-04-07 | 1 | -2/+6 |
* | Refactored segment enabling/disabling | Martin Willi | 2010-04-07 | 1 | -71/+74 |
* | Use a connected UDP socket | Martin Willi | 2010-04-07 | 1 | -8/+18 |
* | Removed obsolete socket subclasses | Martin Willi | 2010-04-07 | 2 | -46/+0 |
* | Automatically segment cluster using periodically sent status messages | Martin Willi | 2010-04-07 | 9 | -70/+177 |
* | Do not enable/disable our own sync tunnel | Martin Willi | 2010-04-07 | 3 | -10/+24 |
* | Enable/disable inactive/active segments only | Martin Willi | 2010-04-07 | 1 | -4/+10 |
* | Deactivate all active segments before shutting down | Martin Willi | 2010-04-07 | 3 | -0/+30 |
* | HA kernel interface can mangle netfilter rules, currently with iptables invoc... | Martin Willi | 2010-04-07 | 4 | -29/+183 |