| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Install ESN SAs if such a proposal has been negotiated | Martin Willi | 2011-04-20 | 1 | -1/+4 |
| | | |||||
| * | Added an esn parameter to the kernel interface add_sa functions | Martin Willi | 2011-04-20 | 1 | -1/+1 |
| | | |||||
| * | Do not use TFC padding if peer does not support ESPv3 | Martin Willi | 2010-12-20 | 1 | -2/+5 |
| | | |||||
| * | Added a TFC padding option to child_cfg | Martin Willi | 2010-12-20 | 1 | -0/+2 |
| | | |||||
| * | Implemented Traffic Flow Confidentiality padding in kernel_interface | Martin Willi | 2010-12-20 | 1 | -1/+2 |
| | | |||||
| * | Install selectors on transport mode IPsec SAs. | Jiri Bohac | 2010-12-13 | 1 | -1/+1 |
| | | | | | | | | | | | | | | | | | This fixes several test cases in IKEv2_Self_Test (part of the IPv6 Ready Logo Program) which is required for USGv6 certification, namely: - IKEv2.EN.I.1.1.7.1, IKEv2.EN.I.1.1.7.1: Narrowing the range of members of the set of traffic selectors - IKEv2.EN.R.1.1.7.3: Narrowing multiple traffic selector When traffic selectors of a triggered SA are narrowed by the responder, the installed policy and the broader trap policy share the same reqid. Without selectors on the IPsec SA packets matching the trap policy, but not the narrowed policy, would incorrectly be handled by that IPsec SA. Since only one selector can be specified per IPsec SA, there is currently no solution for tunnel mode SAs. | ||||
| * | Adapted child_sa_t to changed kernel interface. | Tobias Brunner | 2010-09-02 | 1 | -25/+49 |
| | | |||||
| * | Added an option to specify the type of a policy to kernel_ipsec.add_policy. | Tobias Brunner | 2010-09-02 | 1 | -18/+18 |
| | | | | | | This will later allow us to support pluto's passthrough and drop policies in charon. | ||||
| * | Replaced the protocol argument in add_policy with an optional SPI for an AH SA. | Tobias Brunner | 2010-09-02 | 1 | -18/+37 |
| | | |||||
| * | Refer to kernel interface via hydra and not charon. | Tobias Brunner | 2010-09-02 | 1 | -31/+32 |
| | | |||||
| * | Removed references to protocol_id_t from kernel interface. | Tobias Brunner | 2010-09-02 | 1 | -37/+65 |
| | | | | | | Instead we use the actual IP protocol identifier (the conversion now happens in child_sa_t and kernel_handler_t). | ||||
| * | Migrated child_sa_t to INIT/METHOD macros. | Tobias Brunner | 2010-09-02 | 1 | -202/+132 |
| | | |||||
| * | support of xfrm marks for IKEv2 | Andreas Steffen | 2010-07-02 | 1 | -34/+48 |
| | | |||||
| * | Wrap getters for dpd/close action into CHILD_SA, allows us to override them | Martin Willi | 2010-06-02 | 1 | -0/+48 |
| | | |||||
| * | Use reqid from connection config if present. | Reto Buerki | 2010-05-04 | 1 | -2/+6 |
| | | |||||
| * | Moving charon to libcharon. | Tobias Brunner | 2010-03-19 | 1 | -0/+1015 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |