| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | Fix IKE SA inherit API doc | Adrian-Ken Rueegsegger | 2013-01-22 | 1 | -2/+1 |
| | | |||||
| * | Detect a peer's support for IKE fragmentation | Tobias Brunner | 2012-12-24 | 1 | -0/+5 |
| | | | | | Fragments are accepted even if this vendor ID is not seen. | ||||
| * | Add support for draft-ietf-ipsec-nat-t-ike-03 and earlier | Volker Rümelin | 2012-12-19 | 1 | -0/+7 |
| | | | | | | This adds support for early versions of the draft that eventually resulted in RFC 3947. | ||||
| * | Moved packet_t and tun_device_t to networking folder | Tobias Brunner | 2012-10-24 | 1 | -1/+1 |
| | | |||||
| * | Add a new condition to mark IKE_SAs that are currently being reauthenticated | Tobias Brunner | 2012-09-06 | 1 | -0/+5 |
| | | |||||
| * | Clear virtual IPs before storing assigned ones on the IKE_SA | Tobias Brunner | 2012-09-05 | 1 | -0/+7 |
| | | | | | | Otherwise we'll end up with duplicate or invalid VIPs stored on the IKE_SA. | ||||
| * | Support multiple virtual IPs on peer_cfg and ike_sa classes | Martin Willi | 2012-08-30 | 1 | -5/+5 |
| | | |||||
| * | Moved packet_t to libstrongswan | Tobias Brunner | 2012-08-08 | 1 | -0/+1 |
| | | |||||
| * | support Cisco Unity VID | Andreas Steffen | 2012-06-25 | 1 | -0/+5 |
| | | |||||
| * | Avoid queueing more than one retry initiate job. | Tobias Brunner | 2012-05-30 | 1 | -0/+9 |
| | | |||||
| * | Wrap task managers flush_queue() in IKE_SA | Martin Willi | 2012-05-21 | 1 | -0/+7 |
| | | |||||
| * | Merge branch 'ikev1-clean' into ikev1-master | Martin Willi | 2012-03-20 | 1 | -6/+52 |
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins. | ||||
| | * | Disable DPD checking for peers not supporting it | Martin Willi | 2012-03-20 | 1 | -0/+5 |
| | | | |||||
| | * | Set a condition flag if peer has been authenticated using XAuth | Martin Willi | 2012-03-20 | 1 | -0/+5 |
| | | | |||||
| | * | Do not query CHILD_SA during delete if they already expired | Martin Willi | 2012-03-20 | 1 | -1/+3 |
| | | | |||||
| | * | Separated libcharon/sa directory with ikev1 and ikev2 subfolders | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | | |||||
| | * | Remove executable flag from source code files | Martin Willi | 2012-03-20 | 1 | -0/+0 |
| | | | |||||
| | * | Replace xauth_request task with a new stub where we reimplement it | Martin Willi | 2012-03-20 | 1 | -5/+8 |
| | | | |||||
| | * | Handling of initial contact | Clavister OpenSource | 2012-03-20 | 1 | -0/+5 |
| | | | |||||
| | * | IKEv1 XAuth: Adding "initiate" flag parameter to the initiate_xauth method, ↵ | Clavister OpenSource | 2012-03-20 | 1 | -1/+1 |
| | | | | | | | | | signalling whether or not to call the task_manager->initiate method after queueing the task. | ||||
| | * | Handle IKEv1 NAT-T vendor ID payload (only RFC 3947 for now). | Tobias Brunner | 2012-03-20 | 1 | -1/+1 |
| | | | |||||
| | * | IKEv1 XAuth: Add "initiate xauth" method, which adds the xauth task into the ↵ | Clavister OpenSource | 2012-03-20 | 1 | -0/+5 |
| | | | | | | | | | queue for initiation. | ||||
| | * | Addded ike_sa_t.set_statistic to set timestamps from task manager. | Tobias Brunner | 2012-03-20 | 1 | -0/+8 |
| | | | |||||
| | * | Revert "IKEv1 XAuth: Temporarilty add an "initiate_later" flag to the task ↵ | Clavister OpenSource | 2012-03-20 | 1 | -5/+0 |
| | | | | | | | | | | | | | | | | | | | | | manager. When set to TRUE it will cause "initiate" to be called when the current process_response call is finished. This change should be reverted once we have a better method in place." This reverts commit c6c28f4ac522dd8afb457847bca79eee77f78706. Revert "IKEv1 XAuth: Added temporary "initiate_xauth" public method to ike_sa_t. This allows us to initiate an XAuth password authentication exchange after responding to the final message of Main Mode. This change should be reverted once we have a better method to initiate this exchange." This reverts commit 5529dc50477e25df9dd5f3c442bb1521c0baf225. | ||||
| | * | IKEv1 XAuth: Added temporary "initiate_xauth" public method to ike_sa_t. ↵ | Clavister OpenSource | 2012-03-20 | 1 | -0/+5 |
| | | | | | | | | | This allows us to initiate an XAuth password authentication exchange after responding to the final message of Main Mode. This change should be reverted once we have a better method to initiate this exchange. | ||||
| | * | XAUTH is initiated based on configuration, no need to call externally | Martin Willi | 2012-03-20 | 1 | -5/+0 |
| | | | |||||
| | * | IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle ↵ | Clavister OpenSource | 2012-03-20 | 1 | -0/+10 |
| | | | | | | | | | XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response. | ||||
| | * | Don't compare initiator flag in IKE_SA manager, pass initiator parameter to ↵ | Martin Willi | 2012-03-20 | 1 | -1/+3 |
| | | | | | | | | | IKE_SA constructor | ||||
| | * | Store IKE version of an SA on ike_sa_t. | Tobias Brunner | 2012-03-20 | 1 | -4/+10 |
| | | | |||||
| * | | Renamed list of additional peer addresses as it now stores all known addresses. | Tobias Brunner | 2012-03-09 | 1 | -6/+6 |
| | | | |||||
| * | | Send an AUTH_LIFETIME update after updating the lifetime, but can not reauth ↵ | Martin Willi | 2012-03-05 | 1 | -2/+6 |
| |/ | | | | actively | ||||
| * | Try to detect Windows Clients by looking for INTERNAL_IP4/6_SERVER attribute | Martin Willi | 2011-08-19 | 1 | -0/+5 |
| | | |||||
| * | Fixed common misspellings. | Tobias Brunner | 2011-07-20 | 1 | -1/+1 |
| | | | | | Mostly found by 'codespell'. | ||||
| * | Replaced ike_sa_t.create_additional_address_iterator with enumerator. | Tobias Brunner | 2011-07-06 | 1 | -3/+8 |
| | | |||||
| * | Replaced ike_sa_t.create_child_sa_iterator with enumerator. | Tobias Brunner | 2011-07-06 | 1 | -43/+57 |
| | | | | | | This required two new methods on ike_sa_t. One returns the number of CHILD_SAs and one allows to remove a CHILD_SA. | ||||
| * | Move establish/inherit of rekeyed IKE_SAs to delete messages | Martin Willi | 2011-03-15 | 1 | -2/+1 |
| | | | | | | | | | Having the inherit() function delayed to the IKE_SA establish procedure was problematic. The task destroy function was never a good place and results in locking/cleanup problems. After establishing the SA, it should be really checked in ASAP to avoid any triggered DPD checks to get lost. | ||||
| * | Force port update as responder when initiator switches to 4500 in IKE_AUTH | Martin Willi | 2011-01-12 | 1 | -1/+2 |
| | | |||||
| * | Slightly refactored port floating. | Tobias Brunner | 2010-08-30 | 1 | -0/+8 |
| | | | | | In case of MOBIKE, only float to port 4500 if the other peer actually supports MOBIKE. | ||||
| * | Moved credential manager to libstrongswan | Martin Willi | 2010-07-13 | 1 | -1/+1 |
| | | |||||
| * | Wrap task enumerator in ike_sa | Martin Willi | 2010-06-07 | 1 | -1/+9 |
| | | |||||
| * | Release virtual IPs with the same identity as we acquired it | Martin Willi | 2010-03-25 | 1 | -0/+7 |
| | | |||||
| * | Changed all usages of lib->attributes to hydra->attributes. | Tobias Brunner | 2010-03-24 | 1 | -0/+1 |
| | | |||||
| * | Moving charon to libcharon. | Tobias Brunner | 2010-03-19 | 1 | -0/+913 |
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |