aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon
Commit message (Collapse)AuthorAgeFilesLines
...
* reset pointer for a clean destructionMartin Willi2008-12-041-0/+1
|
* handling peer_match with higher priority tan ike_match to select correct ↵Martin Willi2008-12-041-1/+1
| | | | config if IPs are equal
* fixed double free of host in sadb_address2tsAndreas Steffen2008-12-041-1/+0
|
* add support for smartcards in charon by using the ENGINE API provided by ↵Tobias Brunner2008-12-031-7/+83
| | | | OpenSSL, based on patches by Michael Roßberg.
* enable quoted tokens in the token enumeratorTobias Brunner2008-12-031-0/+2
|
* fixed compiler warningTobias Brunner2008-12-031-1/+1
|
* fixed double free of host in selector2tsMartin Willi2008-12-031-27/+24
|
* use DBG_ANY to set all loglevelsMartin Willi2008-12-021-5/+2
|
* some task queueing improvements:Martin Willi2008-12-018-63/+186
| | | | | | | | - do not pass CHILD_SAs to task constructor, might not be valid anymore during execution (late lookup) - use sub-tasks to delete CHILD/IKE_SA after rekeying, as we want to execute the delete before additional queued tasks
* re-established lost default auth sys_loggerAndreas Steffen2008-12-011-3/+15
|
* schedule rekeying when activating passive IKE_SAsMartin Willi2008-11-281-1/+2
|
* do not delete passive IKE_SAsMartin Willi2008-11-281-0/+5
|
* added a PASSIVE IKE_SA state to manage it externallyMartin Willi2008-11-282-4/+25
|
* pass SKd to derive_ike_keys() to have a more interoperable APIMartin Willi2008-11-283-38/+93
|
* fixed a double-unlock bug, showed up when using rwlocks in backend managerMartin Willi2008-11-281-22/+4
|
* use rwlocks in backend manager to allow simultaneous accessMartin Willi2008-11-271-19/+19
|
* use a rwlock in attribute manager to allow simultaneous accessMartin Willi2008-11-271-12/+12
|
* remove attribute provider in SQL plugin destructionMartin Willi2008-11-271-0/+1
|
* token enumerator missed the last token if it contains only a single charMartin Willi2008-11-271-5/+45
|
* checkin of non-existing IKE_SAsMartin Willi2008-11-263-78/+71
| | | | removed unneeded checkin() return values
* removed private parser function pointers, allows compiler to inlineMartin Willi2008-11-261-200/+48
|
* removed private generator function pointers, allows compiler to inlineMartin Willi2008-11-262-276/+154
|
* allow to globally disable DOS protection by setting charon.dos_protection to no.Tobias Brunner2008-11-261-0/+5
|
* optimized the scheduler for performance by replacing the linked list with a ↵Tobias Brunner2008-11-251-47/+109
| | | | heap.
* replacing the pthread_mutex in scheduler_t with the wrapped implementation.Tobias Brunner2008-11-251-22/+18
| | | | added a method to condvar_t which allows to wait for an absolute timeout.
* performance optimization for the DOS protection.Tobias Brunner2008-11-253-40/+234
| | | | | | * half-open SAs per peer are tracked in a hash table * charon.dos_protection setting replaced with charon.cookie_threshold and charon.block_threshold * chunk_hash function added
* fixed crash due to missing function call parameterAndreas Steffen2008-11-251-1/+13
|
* fixed set_message_id() on IKE_SAMartin Willi2008-11-242-129/+132
| | | | | added missing bus->message() hook invocation whitespace cleanups
* set message IDs on IKE_SAsMartin Willi2008-11-244-9/+47
|
* moved the IPV6_IPSEC_POLICY definition to the ipsec plugins, fixes uClibc buildMartin Willi2008-11-243-5/+10
|
* added a "load_tester.auth" option: "pubkey" (default) or "psk"Martin Willi2008-11-232-4/+57
|
* proper cancellation of load-testing initiatorsMartin Willi2008-11-231-1/+39
|
* added a MODP_NULL Diffie Hellman group to avoid calculation overhead in ↵Martin Willi2008-11-225-1/+134
| | | | load-testing
* fixing Makefile of the nm plugin (avoids including a .svn directory in the ↵Tobias Brunner2008-11-201-1/+1
| | | | distribution)
* optimized ike_sa_manager for concurrent access (default behavior is still as ↵Tobias Brunner2008-11-201-217/+493
| | | | before, needs configuration in strongswan.conf).
* refactored and cleaned up child_sa interfaceMartin Willi2008-11-196-444/+390
| | | | | | | replaced add/update calls by a install() call allocating SPIs always externally support installation of non-allocated CHILD_SAs some other cleanups
* setting default port of own address to have a proper fallback if src addr ↵Martin Willi2008-11-181-0/+1
| | | | lookup fails
* consider interfaces we do not monitor as up (e.g. lo)Martin Willi2008-11-181-1/+2
| | | | fixes load-testing against 127.0.0.1
* separated updown listener to its own class4.2.9Martin Willi2008-11-174-201/+380
| | | | caching interface names to properly remove rules if interface has changed
* fixed virtual IP re-installation failure in MOBIKE scenarios introduced with ↵Andreas Steffen2008-11-171-13/+19
| | | | changeset 4662
* completed migration of MIPv6 connectionsAndreas Steffen2008-11-165-36/+75
|
* show TRANSPORT_PROXY mode in ipsec statusAndreas Steffen2008-11-161-3/+5
|
* using aligned buffers for netlinkMartin Willi2008-11-143-14/+23
|
* fallback to reauthentication if peer does not support CHILD_SA rekeyingMartin Willi2008-11-142-2/+27
|
* fall back to reauthentication if IKE rekeying fails with NO_ADDITIONAL_SASMartin Willi2008-11-141-1/+27
|
* also use correct encap parameter in PF_KEYMartin Willi2008-11-141-1/+1
|
* fixed encap enabling in xfrm (using new encap state, not the old one)Martin Willi2008-11-141-3/+3
|
* do not use a route if outgoing interface is downMartin Willi2008-11-142-55/+82
| | | | other cleanups
* rta->rta_len is NOT the payload data length, use RTA_PAYLOAD(rta) instead!Martin Willi2008-11-141-2/+3
|
* do not use public interface for functions which are local anywayMartin Willi2008-11-141-57/+54
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 08:06:29 +0000