aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Expand)AuthorAgeFilesLines
* ikev2: Add hash algorithm used for RSASSA-PSS signature to log messageTobias Brunner2017-11-171-11/+41
* Fixed some typos, courtesy of codespellTobias Brunner2017-11-151-1/+1
* ikev2: Use helpers to build signature auth dataTobias Brunner2017-11-081-40/+4
* ikev2: Enumerate RSA/PSS schemes and use them if enabledTobias Brunner2017-11-081-7/+11
* ikev2: Support signing with RSASSA-PSS via RFC 7427 signature authTobias Brunner2017-11-081-6/+21
* ikev2: Verify RSASSA-PSS signatures via RFC 7427 signature authTobias Brunner2017-11-081-19/+34
* keymat_v2: Pass/receive signature schemes as signature_param_t objectsTobias Brunner2017-11-082-28/+58
* auth-cfg: Store signature schemes as signature_params_t objectsTobias Brunner2017-11-082-18/+23
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-081-2/+2
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-081-1/+1
* ikev2: Don't use SHA-1 for RFC 7427 signature authenticationTobias Brunner2017-11-081-3/+1
* ike: Do not send initial contact only for UNIQUE_NEVERThomas Egerer2017-11-021-1/+0
* ikev2: Abort make-before-break reauth if we don't find children to recreateTobias Brunner2017-11-021-1/+19
* libcharon: Added Cisco FlexVPN Supported VIDAndreas Steffen2017-10-271-0/+2
* child-create: Don't consider a DH group mismatch as failure as responderTobias Brunner2017-09-181-1/+0
* child-delete: Only let SAs expire naturally if they not already didTobias Brunner2017-09-151-1/+1
* ike: Reset local SPI if retrying to connect in state IKE_CONNECTINGTobias Brunner2017-09-041-2/+2
* ike-init: Fail if DH group in KE payload does not match proposed groupTobias Brunner2017-09-041-1/+5
* child-create: Don't log CHILD_SA initiation until we know the unique IDTobias Brunner2017-08-071-11/+13
* child-rekey: Add CHILD_SA name and unique ID to collision log messagesTobias Brunner2017-08-071-8/+13
* child-rekey: Don't install outbound SA in case of lost collisionsTobias Brunner2017-08-073-21/+66
* child-sa: Install outbound SA immediately if kernel supports SPIs on policiesTobias Brunner2017-08-071-3/+3
* ikev2: AES-CMAC-PRF-128 only uses the first 64 bits of each nonceTobias Brunner2017-07-271-2/+5
* ike: Trigger CHILD_INSTALLED state change after corresponding log messageTobias Brunner2017-07-271-6/+6
* ike: Apply retransmission_limit before applying the jitterTobias Brunner2017-05-261-4/+4
* linked-list: Change return value of find_first() and signature of its callbackTobias Brunner2017-05-262-84/+93
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-7/+14
* child-delete: Delay the removal of the inbound SA of rekeyed CHILD_SAsTobias Brunner2017-05-232-6/+50
* child-sa: Remove state to track installation of half the SA againTobias Brunner2017-05-233-11/+2
* child-delete: Track flags per individual CHILD_SATobias Brunner2017-05-231-47/+78
* ikev2: Delay installation of outbound SAs during rekeying on the responderTobias Brunner2017-05-233-10/+92
* child-sa: Change API used to set/install policiesTobias Brunner2017-05-231-12/+14
* child-create: Trigger NARROW_RESPONDER_POST hook before installing SAsTobias Brunner2017-05-231-25/+21
* ike: Use optional jitter to calculate retransmission timeoutsTobias Brunner2017-05-231-1/+25
* child-cfg: Use flags for boolean optionsTobias Brunner2017-05-231-3/+3
* ikev2: Ignore IKEV2_MESSAGE_ID_SYNC notifies if extension is disabledTobias Brunner2017-02-082-10/+37
* ikev2: Don't increase expected MID after handling MID sync messageTobias Brunner2017-02-082-3/+4
* ikev2: Don't cache response to MID sync requestTobias Brunner2017-02-081-1/+11
* ikev2: Accept INFORMATIONAL messages with MID 0 if used to sync MIDsTobias Brunner2017-02-081-3/+42
* ikev2: Negotiate support for IKE message ID synchronisation during IKE_AUTHTobias Brunner2017-02-081-0/+7
* ikev2: Add task to handle IKEV2_MESSAGE_ID_SYNC notifies as responderTobias Brunner2017-02-083-0/+338
* ike: Add getter for the current message ID to task managerTobias Brunner2017-02-081-0/+7
* keymat: Allow keymat to modify signature scheme(s)Thomas Egerer2017-02-083-12/+39
* ike-auth: Don't send INITIAL_CONTACT if remote ID contains wildcardsTobias Brunner2017-02-061-1/+2
* Implemented EdDSA for IKEv2 using a pro forma Identity hash functionAndreas Steffen2016-12-141-0/+32
* task-manager: Only trigger retransmit cleared alert if there was at least one...Tobias Brunner2016-10-051-1/+1
* ikev2: Respond with NO_PROPOSAL_CHOSEN if proposal without DH group was selectedTobias Brunner2016-10-051-0/+1
* ikev2: Only add NAT-D notifies to DPDs as initiatorTobias Brunner2016-10-041-8/+15
* ikev2: Send derived CHILD_SA keys to the busTobias Brunner2016-10-041-26/+43
* ikev2: Send derived IKE_SA keys to busTobias Brunner2016-10-041-26/+30
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 17:12:00 +0000