| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Add a ikedscp ipsec.conf option to set DSCP value on outgoing IKE packets | Martin Willi | 2013-02-06 | 1 | -1/+1 |
| | | |||||
| * | Add a DSCP configuration value to IKE configs | Martin Willi | 2013-02-06 | 1 | -1/+2 |
| | | |||||
| * | Don't handle right=%any6 as "loose" identity, but as %any | Martin Willi | 2013-01-14 | 1 | -2/+1 |
| | | |||||
| * | Merge branch 'ikev1-fragmentation' | Tobias Brunner | 2013-01-12 | 1 | -1/+2 |
| |\ | | | | | | | | | | | | | This adds support for the proprietary IKEv1 fragmentation extension. Conflicts: NEWS | ||||
| | * | Use a connection specific option to en-/disable IKEv1 fragmentation | Tobias Brunner | 2012-12-24 | 1 | -1/+2 |
| | | | |||||
| * | | Fixed some typos in comments | Volker Rümelin | 2013-01-11 | 1 | -1/+1 |
| |/ | |||||
| * | Make use of new CIDR string ts constructor where appropriate | Martin Willi | 2012-10-24 | 1 | -26/+11 |
| | | |||||
| * | Remove version argument on peer_cfg constructor, use ike_cfg version instead | Martin Willi | 2012-10-24 | 1 | -2/+1 |
| | | |||||
| * | Add IKE version information to ike_cfg_t | Martin Willi | 2012-10-24 | 1 | -1/+2 |
| | | |||||
| * | Make it easy to check if an address is locally usable via changed ↵ | Tobias Brunner | 2012-09-21 | 1 | -15/+7 |
| | | | | | get_interface() method | ||||
| * | Make stroke user-creds work with XAuth configs | Tobias Brunner | 2012-09-18 | 1 | -9/+18 |
| | | |||||
| * | Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity> | Tobias Brunner | 2012-09-18 | 1 | -0/+10 |
| | | |||||
| * | Add uniqueids=never to ignore INITIAL_CONTACT notifies | Tobias Brunner | 2012-09-10 | 1 | -0/+3 |
| | | | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies. | ||||
| * | Merge branch 'multi-vip' | Martin Willi | 2012-08-31 | 1 | -47/+126 |
| |\ | | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers. | ||||
| | * | Support multiple addresses/pools in left/rightsourceip | Martin Willi | 2012-08-30 | 1 | -53/+122 |
| | | | |||||
| | * | Support multiple address pools configured on a peer_cfg | Martin Willi | 2012-08-30 | 1 | -2/+8 |
| | | | |||||
| | * | Support multiple virtual IPs on peer_cfg and ike_sa classes | Martin Willi | 2012-08-30 | 1 | -1/+5 |
| | | | |||||
| * | | Use eap_vendor_type_from_string() in stroke | Tobias Brunner | 2012-08-31 | 1 | -38/+7 |
| |/ | |||||
| * | Replaced usages of CHARON_*_PORT with calls to get_port(). | Tobias Brunner | 2012-08-08 | 1 | -1/+2 |
| | | |||||
| * | Make the UDP ports charon listens for packets on (and uses as source ports) ↵ | Tobias Brunner | 2012-08-08 | 1 | -1/+4 |
| | | | | | configurable. | ||||
| * | Don't add ANY identity constraint to auth config, as XAuth rounds don't use one | Martin Willi | 2012-07-26 | 1 | -1/+8 |
| | | |||||
| * | Add an ipsec.conf leftgroups2 parameter for the second authentication round | Martin Willi | 2012-07-26 | 1 | -3/+4 |
| | | |||||
| * | Select requested virtual IP family based on remote TS, if no local TS available | Martin Willi | 2012-06-20 | 1 | -1/+12 |
| | | |||||
| * | Added signature scheme options left/rightauth | Martin Willi | 2012-06-12 | 1 | -11/+99 |
| | | |||||
| * | implemented the right|leftallowany feature | Andreas Steffen | 2012-06-08 | 1 | -4/+8 |
| | | |||||
| * | make IKEv1 DPD timeout configurable in charon | Andreas Steffen | 2012-05-17 | 1 | -1/+2 |
| | | |||||
| * | Merge branch 'ikev1' | Martin Willi | 2012-05-02 | 1 | -44/+19 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c | ||||
| | * | Added support for authby/xauth_server legacy options | Martin Willi | 2012-03-20 | 1 | -42/+1 |
| | | | |||||
| | * | Added a "aggressive" ipsec.conf connection option | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | |||||
| | * | Added an aggressive mode peer_cfg option | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | |||||
| | * | Support an "any" IKE version for both IKEv1 or IKEv2 | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | |||||
| | * | Pass ipsec.conf xauth_identity option via stroke to charon configurations | Martin Willi | 2012-03-20 | 1 | -0/+5 |
| | | | |||||
| | * | Accept a xauth backend name appended to left/rightauth | Martin Willi | 2012-03-20 | 1 | -1/+8 |
| | | | |||||
| | * | Use a second authentication config to configure XAUTH authentication | Martin Willi | 2012-03-20 | 1 | -6/+2 |
| | | | |||||
| | * | Map auth_class to auth method and IKEv1 proposal attribute | Martin Willi | 2012-03-20 | 1 | -0/+4 |
| | | | |||||
| | * | IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle ↵ | Clavister OpenSource | 2012-03-20 | 1 | -0/+4 |
| | | | | | | | | | XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response. | ||||
| | * | Use enum to define IKE version on peer_cfg_t. | Tobias Brunner | 2012-03-20 | 1 | -1/+1 |
| | | | | | | | | | Replaced all those magic numbers. | ||||
| * | | add AUTH_RULE_SUBJECT_CERT for raw public keys4.6.3 | Andreas Steffen | 2012-04-30 | 1 | -0/+4 |
| | | | |||||
| * | | added support for raw RSA public keys to stroke | Andreas Steffen | 2012-04-30 | 1 | -1/+9 |
| | | | |||||
| * | | Removed auth_cfg_t.replace_value() and replaced usages with add(). | Tobias Brunner | 2012-04-18 | 1 | -5/+1 |
| | | | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient. | ||||
| * | | Store password with remote ID to tie it stronger to a specific connection. | Tobias Brunner | 2012-04-18 | 1 | -12/+50 |
| | | | |||||
| * | | Added stroke user-creds command, to set username/password for a connection. | Tobias Brunner | 2012-04-17 | 1 | -0/+137 |
| |/ | |||||
| * | implemented PASS and DROP shunt policies | Andreas Steffen | 2011-06-28 | 1 | -0/+3 |
| | | |||||
| * | Add a closeaction ipsec.conf keyword to configure close action | Martin Willi | 2011-06-07 | 1 | -17/+20 |
| | | |||||
| * | put DN in double quotes | Andreas Steffen | 2011-03-01 | 1 | -1/+1 |
| | | |||||
| * | Added support for trustchain key strength checking to rightauth option | Martin Willi | 2011-01-07 | 1 | -2/+13 |
| | | |||||
| * | Added a left/rightcertpolicy keyword to specify certificatePolicy requirements | Martin Willi | 2011-01-07 | 1 | -0/+14 |
| | | |||||
| * | Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality | Martin Willi | 2010-12-20 | 1 | -1/+1 |
| | | |||||
| * | Added a TFC padding option to child_cfg | Martin Willi | 2010-12-20 | 1 | -1/+1 |
| | | |||||
| * | Migrated stroke_config_t to INIT/METHOD macros | Andreas Steffen | 2010-11-27 | 1 | -41/+31 |
| | | |||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |