aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ike_sa_manager.c
Commit message (Expand)AuthorAgeFilesLines
* ike-sa-manager: Store a reference to the thread that checked out an IKE_SATobias Brunner2016-02-171-13/+14
* ikev1: Always enable charon.reuse_ikesaTobias Brunner2016-02-011-2/+2
* ike-sa-manager: Don't update entries for init messages after unlocking segmentTobias Brunner2016-02-011-3/+2
* ike-sa-manager: Allow plugins to provide IKE SPIs via a callbackTobias Brunner2015-11-111-10/+34
* ikev1: Also use message hashes for Quick Mode for the early retransmission checkTobias Brunner2015-11-111-4/+8
* ike-sa-manager: Signal entries that we don't actually check outTobias Brunner2015-11-091-1/+8
* ike-sa-manager: Signal waiting threads after check out/in for uniqueness checkTobias Brunner2015-11-091-0/+3
* ikev1: Prevent deadlock when checking for duplicate IKEv1 SAsTobias Brunner2015-10-291-0/+16
* ike: Fix half-open count for initiating SAs when initially checked inTobias Brunner2015-08-271-0/+6
* ike: Only consider number of half-open SAs as responder when deciding whether...Tobias Brunner2015-08-271-7/+30
* ike: Also track initiating IKE_SAs as half-openTobias Brunner2015-08-211-1/+0
* ikev2: Compare initiator flag again, partially reverts 17ec1c74deTobias Brunner2015-08-201-0/+2
* ike-sa-manager: Safely access the RNG instance with an rwlockTobias Brunner2015-07-141-5/+16
* ikev1: Trigger children_migrate event if CHILD_SAs are adoptedTobias Brunner2015-05-211-1/+3
* ikev1: Adopt virtual IPs on new IKE_SA during re-authenticationTobias Brunner2015-03-191-3/+28
* ike-sa-manager: Make sure the message ID of initial messages is 0Tobias Brunner2015-03-041-1/+2
* ikev2: Don't adopt any CHILD_SA during make-before-break reauthenticationMartin Willi2015-03-041-1/+2
* ike-sa-manager: Use IKEv1 uniqueness reauthentication detection for IKEv2, tooMartin Willi2015-02-201-12/+8
* ike-sa-manager: Remove IKE_SA checkout by CHILD_SA reqidMartin Willi2015-02-201-29/+10
* ikev1: Don't inherit children if INITITAL_CONTACT was seenThomas Egerer2014-10-301-1/+4
* ike: Do not cache MID of IKEv2 fragmentsTobias Brunner2014-10-101-2/+3
* ike-sa-manager: Use transient hasher for IKE_SA_INIT hash calculationChristophe Gouault2014-08-251-32/+11
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-041-2/+2
* ike-sa-manager: Improve scalability of half-open IKE_SA checkingTobias Brunner2014-04-241-7/+8
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-121-4/+4
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ...Tobias Brunner2013-10-111-1/+1
* ikev1: Accept reauthentication attempts with a keep unique policy from same hostMartin Willi2013-09-301-6/+17
* ikev1: Delay a potential delete for a duplicate IKE_SA having a replace policyMartin Willi2013-09-301-8/+29
* Merge branch 'ikev1-rekeying'Martin Willi2013-03-011-0/+21
|\
| * When detecting a duplicate IKEv1 SA, adopt children, as it might be a rekeyingMartin Willi2013-02-201-0/+21
* | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-011-26/+28
|\ \
| * | For IKEv1 Main Mode, use message hash to detect early retransmissionsMartin Willi2013-02-251-10/+23
| * | Use INIT macro to initialize IKE_SA manager entriesMartin Willi2013-02-251-17/+6
| |/
* / Trigger an updown event when destroying an IKE_SA based on INITIAL_CONTACTTobias Brunner2013-02-281-0/+1
|/
* Include source port in init hash for fragmented messagesTobias Brunner2012-12-241-1/+8
* Map fragmented initial initial Main or Aggressive Mode messages to the same I...Tobias Brunner2012-12-241-1/+17
* Don't update an IKE_SA-entry's cached message ID when handling fragmentsTobias Brunner2012-12-241-1/+4
* Raise alerts when enforcing IKE_SA unique policyMartin Willi2012-12-191-0/+1
* Add an ikesa_limit option to limit number of IKE_SAs as responderMartin Willi2012-11-161-19/+39
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
* Raise a bus alert when a received message contains unknown SPIsMartin Willi2012-10-241-0/+4
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-1/+1
* Remove the unused second IKE_SA entry match function argumentMartin Willi2012-08-201-4/+4
* Include src address in hash of initial message for Main ModeTobias Brunner2012-08-081-5/+31
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-161-2/+7
* Check rng return value when generating SPIs in ike_sa_manager_tTobias Brunner2012-07-161-35/+67
* Use XAuth/EAP remote identity for uniqueness checkMartin Willi2012-06-251-2/+2
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-031-5/+7
* Fix iteration through half-open IKE_SA tableMartin Willi2012-04-161-0/+1
* Properly handle retransmitted initial IKE messages.Tobias Brunner2012-03-201-58/+74
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-01 02:27:49 +0000