aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/ha
Commit message (Collapse)AuthorAgeFilesLines
...
* Add a return value to keymat_v1_t.{get,update,confirm}_ivMartin Willi2012-07-162-9/+13
|
* Refactored heavily #ifdefd capability code to its own libstrongswan classMartin Willi2012-07-042-2/+4
|
* Make rescheduling a job more predictableTobias Brunner2012-06-251-6/+1
| | | | | | | | | | | | | This avoids race conditions between calls to cancel() and jobs that like to be rescheduled. If jobs were able to reschedule themselves it would theoretically be possible that two worker threads have the same job assigned (the one currently executing the job and the one executing the same but rescheduled job if it already is time to execute it), this means that cancel() could be called twice for that job. Creating a new job based on the current one and reschedule that is also OK, but rescheduling itself is more efficient for jobs that need to be executed often.
* Centralized thread cancellation in processor_tTobias Brunner2012-06-253-34/+19
| | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation.
* implemented the right|leftallowany featureAndreas Steffen2012-06-081-2/+2
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+1
|
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-033-10/+12
| | | | Also fixes several whitespace errors.
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-206-59/+365
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Store the major IKE version on ike_sa_id_t.Tobias Brunner2012-03-202-3/+6
| |
| * Adopt children after syncing a rekeyed IKEv1 SAMartin Willi2012-03-201-0/+6
| |
| * Synchronize IKEv1 DPD sequence numbersMartin Willi2012-03-201-0/+30
| |
| * Sync remote virtual IP for IKEv1 SAsMartin Willi2012-03-201-0/+13
| |
| * Sync new IKE_SA condition/extension flagsMartin Willi2012-03-202-2/+10
| |
| * Added support for Phase1 IV synchronization to HA pluginMartin Willi2012-03-205-27/+129
| |
| * Invoke bus_t.message hook twice, once plain and parsed, once encoded and ↵Martin Willi2012-03-201-1/+2
| | | | | | | | encrypted
| * Create IKEv1 keymat hasher explicitly on syncMartin Willi2012-03-201-3/+6
| |
| * Added support to sync IKEv1 SAs key material in HA pluginMartin Willi2012-03-204-10/+95
| |
| * Pass IKEv1 specific keymat to ike_keys hookMartin Willi2012-03-201-1/+2
| |
| * Use a more complete implementation of a HA specific diffie_hellman_tMartin Willi2012-03-201-11/+50
| |
| * Apply proposal to a HA synced IKE_SAMartin Willi2012-03-201-0/+1
| |
| * Updated HA plugin to new IKEv2 specific keymat functionsMartin Willi2012-03-202-12/+24
| |
| * Added an aggressive mode peer_cfg optionMartin Willi2012-03-201-1/+1
| |
| * Do not query CHILD_SA during delete if they already expiredMartin Willi2012-03-201-1/+2
| |
| * Don't compare initiator flag in IKE_SA manager, pass initiator parameter to ↵Martin Willi2012-03-201-1/+2
| | | | | | | | IKE_SA constructor
| * Store IKE version of an SA on ike_sa_t.Tobias Brunner2012-03-201-1/+1
| |
| * Use enum to define IKE version on peer_cfg_t.Tobias Brunner2012-03-201-1/+1
| | | | | | | | Replaced all those magic numbers.
* | Clear peer addresses during HA update.Tobias Brunner2012-03-091-1/+6
| |
* | Renamed list of additional peer addresses as it now stores all known addresses.Tobias Brunner2012-03-094-9/+8
| |
* | Check if ClusterIP directory could be opened before enumerating itMartin Willi2012-02-061-17/+26
| |
* | Fixed additional typos in comments and log messages.Tobias Brunner2012-01-121-2/+2
|/
* Fix file descriptor leakThomas Jarosch2011-08-291-0/+1
| | | | | | Credit goes to "cppcheck". Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
* Don't rekey but delete CHILD_SA to resying against NATed Windows clientsMartin Willi2011-08-191-3/+18
|
* Sync newer IKE_SA condition/extension flags in ha pluginMartin Willi2011-08-192-2/+12
|
* ha plugin does not need Linux headers anymoreMartin Willi2011-08-021-1/+1
|
* Check for kernel version and use appropriate jhash version in HA pluginMartin Willi2011-08-021-10/+101
|
* Fix parentheses in write() to CLUSTERIP control filesMartin Willi2011-07-141-1/+1
|
* Replaced ike_sa_t.create_additional_address_iterator with enumerator.Tobias Brunner2011-07-061-4/+4
|
* Replaced ike_sa_t.create_child_sa_iterator with enumerator.Tobias Brunner2011-07-061-4/+4
| | | | | This required two new methods on ike_sa_t. One returns the number of CHILD_SAs and one allows to remove a CHILD_SA.
* Use CRITICAL job priority class for long running dispatcher jobsMartin Willi2011-05-165-10/+10
|
* Added a non-blocking, skipping variant of IKE_SA enumeratorMartin Willi2011-05-162-2/+3
|
* Synchronize ESN support in HA pluginMartin Willi2011-04-204-0/+13
|
* Added a (not yet implemented) plugin_t method to reload plugin configurationMartin Willi2011-04-151-0/+1
|
* Added a get_name() function to plugin_t, create_plugin_enumerator enumerates ↵Martin Willi2011-04-151-0/+7
| | | | over plugin_t
* Use wrapped threading functions in ha pluginMartin Willi2011-01-203-16/+15
|
* set tfcv3 flag TRUE in ha_dispatcherAndreas Steffen2010-12-261-4/+4
|
* Added a TFC padding option to child_cfgMartin Willi2010-12-201-1/+1
|
* start and route connections defined in an SQL database via start_action ↵Andreas Steffen2010-11-281-2/+2
| | | | field and ipsec up %startall command
* Store proposal number in proposal_t to reuse it in the selected proposalMartin Willi2010-10-281-2/+2
| | | | | According to RFC 5996 3.3.1, we MUST reuse the proposal number of the selected proposal in the SA payload reply.
* Set ownership of all HA ClusterIP control filesMartin Willi2010-10-201-0/+5
|
* Set ownership/permissions of HA control socketMartin Willi2010-10-201-1/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 09:02:45 +0000