aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Expand)AuthorAgeFilesLines
...
* ikev2: Insert MOBIKE tasks at the front of the queueTobias Brunner2014-09-121-1/+6
* ikev2: Migrate number of pending MOBIKE updatesTobias Brunner2014-09-121-0/+5
* ikev2: Properly keep track of pending MOBIKE updatesTobias Brunner2014-09-121-8/+27
* bus: Add a handle_vips() hook invoked after handling configuration attributesMartin Willi2014-06-171-0/+2
* ike: Store unhandled attributes on IKE_SA as wellMartin Willi2014-06-161-5/+2
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-0418-79/+79
* ikev2: Reject CHILD_SA creation/rekeying while deleting an IKE_SAMartin Willi2014-04-171-0/+6
* ikev2: Add inherit_pre() to apply config and hosts before IKE_SA rekeyingMartin Willi2014-04-171-11/+3
* ikev2: Fix reauthentication if peer assigns a different virtual IPTobias Brunner2014-04-151-1/+1
* ikev2: Reject CREATE_CHILD_SA exchange on unestablished IKE_SAsMartin Willi2014-04-141-0/+9
* aead: Support custom AEAD salt sizesMartin Willi2014-03-311-2/+27
* ikev2: Recreate a CHILD_SA that got a hard lifetime expire without rekeyingMartin Willi2014-03-311-0/+12
* ikev2: Cache all received attribute certificates to auth configMartin Willi2014-03-311-1/+27
* ikev2: Send all known and valid attribute certificates for subject certMartin Willi2014-03-311-0/+46
* ikev2: Slightly refactor certificate payload construction to separate functionsMartin Willi2014-03-311-37/+56
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-125-9/+9
* ikev2: Add Cisco FRAGMENTATION vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Add Cisco Copyright vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Add Cisco Delete Reason vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Use a more dynamic vendor ID database, as we use with IKEv1Martin Willi2014-01-231-16/+57
* ikev2: Wipe (optional) shared secret during CHILD_SA key derivationTobias Brunner2014-01-231-11/+14
* ike_sa: Defer task manager destruction after child destructionThomas Egerer2014-01-161-4/+3
* ike: Log SK_p consistently on level 4Tobias Brunner2013-11-281-1/+1
* ikev2: Properly free DH secret in case of errors during IKE key derivationTobias Brunner2013-11-061-0/+3
* Fixed some typosTobias Brunner2013-10-291-1/+1
* ikev2: Allocate SPI with the protocol of the first/negotiated proposalMartin Willi2013-10-111-2/+16
* ikev2: Force an update of the host addresses on the first responseTobias Brunner2013-09-231-11/+9
* ikev2: Fix segfault when reestablishing CHILD_SAs due to closeaction=restart|...Tobias Brunner2013-08-131-3/+4
* ikev2: Only schedule half-open-timeout delete job after successfully handling...Tobias Brunner2013-07-291-8/+16
* Fix various API doc issues and typosTobias Brunner2013-07-181-1/+1
* ike: Migrate queued CHILD_SA-creating tasks when reestablishing an IKE_SATobias Brunner2013-07-171-0/+34
* child-sa: replace get_traffic_selectors() with create_ts_enumerator()Martin Willi2013-07-172-23/+25
* ikev2: replace linked lists by arrays in task managerMartin Willi2013-07-171-70/+76
* Reuse reqid when restarting CHILD_SAs for dpd|closeaction=restartTobias Brunner2013-07-011-2/+2
* Reuse reqid for trap policies installed for dpd|closeaction=holdTobias Brunner2013-07-011-1/+2
* ikev2: keep the CHILD_SA we delete as initiator in the list to destroyMartin Willi2013-06-251-6/+5
* ike: Force NAT-T/UDP encapsulation if kernel interface requires itTobias Brunner2013-06-211-3/+16
* ikev2: use protocol of selected proposal to delete a failed CHILD_SAMartin Willi2013-06-201-2/+2
* ikev2: properly fall back to tunnel mode if transport/BEET mode not configuredMartin Willi2013-06-191-2/+8
* ikev2: support transport mode over NATMartin Willi2013-06-191-36/+150
* kernel-interface: add an exchange initiator parameter to add_sa()Martin Willi2013-06-111-8/+8
* ikev2: if installing a CHILD_SA as initiator fails, notify the responderMartin Willi2013-06-111-2/+36
* ikev2: raise LOCAL_AUTH_FAILED when receiving INFORMATIONAL with AUTH_FAILEDMartin Willi2013-06-111-0/+8
* ikev2: close an established IKE_SA when receiving AUTHENTICATION_FAILEDMartin Willi2013-06-111-0/+6
* ikev2: if responder authentication fails, send AUTHENTICATION_FAILEDMartin Willi2013-06-111-0/+29
* Allow IPComp on NATed connections, both for IKEv1 and IKEv2Martin Willi2013-06-111-7/+0
* Properly compare CHILD_SAs during rekey collisionTobias Brunner2013-06-111-5/+12
* Raise LOCAL_AUTH_FAILED alert after receiving AUTHENTICATION_FAILUREMartin Willi2013-05-151-0/+1
* Raise an ALERT_PROPOSAL_MISMATCH_CHILD also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
* Raise an ALERT_PROPOSAL_MISMATCH_IKE also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-27 05:32:11 +0000