aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Expand)AuthorAgeFilesLines
...
* ikev2: Fix size of key material for CAMELLIA-CTRTobias Brunner2015-10-301-0/+1
* ike-mobike: Send retransmits to the current local and remote addressesTobias Brunner2015-10-301-1/+5
* child-rekey: Don't add a REKEY_SA notify if the child-create task is deleting...Tobias Brunner2015-08-211-6/+9
* child-create: Cache proposed IPsec protocolTobias Brunner2015-08-211-10/+13
* child-create: Don't attempt to delete the SA if we don't have all the informa...Tobias Brunner2015-08-211-8/+10
* child-rekey: Remove redundant migrate() call for child-create sub-taskTobias Brunner2015-08-211-2/+1
* child-create: Fix crash when retrying CHILD_SA rekeying due to a DH group mis...Tobias Brunner2015-08-211-0/+1
* ikev2: Store outer EAP method used to authenticate remote peer in auth-cfgTobias Brunner2015-08-191-0/+9
* Initialize variables that some compilers seem to warn aboutTobias Brunner2015-08-131-1/+1
* ike-rekey: Fix cleanup() callTobias Brunner2015-07-271-2/+2
* ike-rekey: Reset IKE_SA on bus before sending CREATE_CHILD_SA responseTobias Brunner2015-07-271-1/+2
* ike-rekey: Reset IKE_SA on the bus after destroying new IKE_SATobias Brunner2015-07-271-16/+15
* ikev2: Derive additional 4 byte CHILD_SA nonce keymat for ChaCha20-Poly1305Martin Willi2015-06-291-0/+1
* ikev2: Use four byte salt for ChaCha20-Poly1305 AEADMartin Willi2015-06-291-0/+1
* ikev2: Enforce remote authentication config before proceeding with own authen...Martin Willi2015-06-051-0/+44
* unknown-payload: Use a new private payload type and make original type availableTobias Brunner2015-06-011-8/+10
* child-create: Destroy nonceg in migrate()Tobias Brunner2015-05-051-1/+2
* child-create: Fix error handling if nonceg can't be createdTobias Brunner2015-05-051-14/+12
* ike-init: Fix error handling if nonceg can't be createdTobias Brunner2015-05-051-13/+21
* ike-init: Fix compiler warningTobias Brunner2015-05-051-2/+0
* ike-init: Make nonceg a member of ike_init structReto Buerki2015-05-041-20/+17
* child-create: Make nonceg a member of child_create structReto Buerki2015-05-041-12/+16
* Add bool param to ALERT_KEEP_ON_CHILD_SA_FAILURE alertAdrian-Ken Rueegsegger2015-05-041-2/+6
* ike-vendor: Add some Microsoft vendor IDsTobias Brunner2015-04-211-0/+10
* utils: Use chunk_equals_const() for all cryptographic purposesMartin Willi2015-04-143-3/+3
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-131-4/+11
* diffie-hellman: Add a bool return value to set_other_public_value()Martin Willi2015-03-232-3/+42
* diffie-hellman: Add a bool return value to get_my_public_value()Martin Willi2015-03-231-0/+1
* encoding: Allow ke_payload_create_from_diffie_hellman() to failMartin Willi2015-03-232-7/+34
* diffie-hellman: Use bool instead of status_t as get_shared_secret() return valueMartin Willi2015-03-231-2/+2
* ikev2: Immediately initiate queued tasks after establishing rekeyed IKE_SAMartin Willi2015-03-181-0/+29
* ikev2: Don't set old IKE_SA to REKEYING state during make-before-break reauthMartin Willi2015-03-111-1/+0
* ikev2: Move code in pubkey authenticator's build() method into separate funct...Tobias Brunner2015-03-091-85/+123
* ikev2: Try all eligible signature schemesTobias Brunner2015-03-091-34/+71
* ikev2: Try all RSA signature schemes if none is configuredTobias Brunner2015-03-041-4/+19
* ikev2: Consider signature schemes in rightauth when sending hash algorithmsTobias Brunner2015-03-041-14/+54
* keymat: Use hash algorithm setTobias Brunner2015-03-041-29/+7
* ikev2: Add an option to disable constraints against signature schemesTobias Brunner2015-03-041-1/+11
* ikev2: Fall back to SHA-1 signatures for RSATobias Brunner2015-03-041-0/+7
* ikev2: Select a signature scheme appropriate for the given keyTobias Brunner2015-03-041-18/+13
* ikev2: Log the actual signature scheme used for RFC 7427 authenticationTobias Brunner2015-03-041-4/+6
* ikev2: Store signature scheme used to verify peer in auth_cfgTobias Brunner2015-03-041-0/+1
* ikev2: Add a global option to disable RFC 7427 signature authenticationTobias Brunner2015-03-041-2/+12
* ikev2: Remove private AUTH_BLISS methodTobias Brunner2015-03-041-9/+0
* ikev2: Handle RFC 7427 signature authentication in pubkey authenticatorTobias Brunner2015-03-041-49/+178
* ikev2: Enable signature authentication by transmitting supported hash algorithmsTobias Brunner2015-03-041-4/+83
* keymat: Add facility to store supported hash algorithmsTobias Brunner2015-03-042-1/+70
* ikev2: Only accept initial messages in specific statesTobias Brunner2015-03-041-10/+9
* ikev2: Don't destroy the SA if an IKE_SA_INIT with unexpected MID is receivedTobias Brunner2015-03-041-4/+0
* ikev2: Merge EAP client authentication details if EAP methods provides themMartin Willi2015-03-031-0/+7
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-27 05:33:30 +0000