aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/config
Commit message (Expand)AuthorAgeFilesLines
* peer-cfg: Set DPD timeout to at least DPD delayTobias Brunner2016-02-011-0/+4
* 128 bit default security strength for IKE and ESP algorithmsAndreas Steffen2015-12-171-40/+140
* traffic-selector: Don't end printf'ed list of traffic selectors with a spaceTobias Brunner2015-11-101-1/+1
* Fix some Doxygen issuesTobias Brunner2015-08-271-3/+3
* ike-cfg: Add helper function to determine address family of IP addressesTobias Brunner2015-07-272-1/+59
* proposal: Add default PRF for HMAC-MD5-128 and HMAC-SHA1-160 integrity algori...Tobias Brunner2014-10-311-0/+2
* ike-cfg: Use host_create_from_range() helperTobias Brunner2014-10-301-16/+1
* child-cfg: Ignore duplicate proposalsTobias Brunner2014-09-121-0/+11
* proposal: Fix equals()Tobias Brunner2014-09-121-5/+5
* child-cfg: Store connection specific replay window on CHILD_SA configMartin Willi2014-06-172-0/+38
* peer-cfg: Add missing UNIQUE_NEVER to unique_policy_namesMartin Willi2014-05-191-1/+2
* proposal: Don't return a default IKE proposal without encryption/AEAD algsMartin Willi2014-05-161-3/+23
* child-cfg: Allow passing NULL as proposal to add_proposal()Martin Willi2014-05-162-4/+7
* ike-cfg: Allow passing NULL to add_proposal()Martin Willi2014-05-162-3/+7
* proposal: Use an additional "default" constructor specific to AEAD algorithmsMartin Willi2014-05-162-0/+31
* proposal: Don't include AEAD algorithms in the default proposalMartin Willi2014-05-161-61/+66
* child-cfg: Fix removal of redundant traffic selectorsTobias Brunner2014-04-251-1/+1
* ike-cfg: Properly compare IKE proposals for equality5.1.3rc1Tobias Brunner2014-04-031-1/+1
* proposal: Don't fail DH proposal matching if peer includes NONETobias Brunner2014-03-311-4/+19
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-3/+3
* Added NTRU key exchange to default IKE proposalAndreas Steffen2013-11-271-0/+4
* proposal: Add ECC Brainpool DH groups to the default proposalTobias Brunner2013-10-171-0/+4
* Doxygen fixesTobias Brunner2013-10-151-1/+1
* proposal: Strip redundant integrity algos for ESP proposals onlyMartin Willi2013-10-111-16/+19
* ike: support multiple addresses, ranges and subnets in IKE address configMartin Willi2013-09-042-46/+211
* ike-cfg: remove the to be obsoleted allow any parameter in get_my/other_addrMartin Willi2013-09-043-25/+12
* backends: use ike_cfg host matching functionsMartin Willi2013-09-041-38/+7
* ike-cfg: add methods to match a host against configured local/remote addressesMartin Willi2013-09-042-0/+62
* ike-cfg: add a method to resolve local/remote hosts with portMartin Willi2013-09-042-0/+30
* peer-cfg: add a pull/push mode option to use with mode configMartin Willi2013-09-042-4/+26
* proposal: correctly enumerate registered AEADs to build default IKE proposalMartin Willi2013-07-191-6/+22
* Fix various API doc issues and typosTobias Brunner2013-07-182-7/+7
* proposal: use array to store proposal listMartin Willi2013-07-171-25/+18
* proposal: use a single list to store all transformsMartin Willi2013-07-171-308/+174
* Raise an alert if the responding peer narrowed traffic selectorsMartin Willi2013-06-191-7/+24
* Use subset matching instead of is_contained_in() to select a child_cfgMartin Willi2013-06-131-4/+8
* Add a DSCP configuration value to IKE configsMartin Willi2013-02-062-2/+23
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-122-5/+19
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-242-3/+27
* Include 'aggressive' when comparing peer_cfg_t objectsTobias Brunner2012-11-071-0/+1
* proposal_t.strip_dh() takes a DH group to keep, using MODP_NONE will remove allTobias Brunner2012-10-243-6/+15
* Moved data structures to new collections subfolderTobias Brunner2012-10-247-7/+7
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-243-3/+3
* Only add an implicit PRF based on the MAC alg if no PRF given in proposalMartin Willi2012-10-241-38/+38
* Remove peer_cfg IKE version matching, as it is done in ike_cfg matchingMartin Willi2012-10-241-22/+3
* Respect IKE version while selecting an ike_cfg as responderMartin Willi2012-10-242-11/+34
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-242-11/+4
* Add IKE version information to ike_cfg_tMartin Willi2012-10-242-2/+24
* Move ike_version_t definition from peer_cfg_t to ike_cfg_tMartin Willi2012-10-244-24/+24
* Make sure we propose a dynamic TS if we don't have hosts to derive a TS fromTobias Brunner2012-09-211-10/+8
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 10:38:22 +0000