aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Expand)AuthorAgeFilesLines
* ikev2: keep the CHILD_SA we delete as initiator in the list to destroyMartin Willi2013-06-251-6/+5
* ike: Force NAT-T/UDP encapsulation if kernel interface requires itTobias Brunner2013-06-211-3/+16
* ikev2: use protocol of selected proposal to delete a failed CHILD_SAMartin Willi2013-06-201-2/+2
* ikev2: properly fall back to tunnel mode if transport/BEET mode not configuredMartin Willi2013-06-191-2/+8
* ikev2: support transport mode over NATMartin Willi2013-06-191-36/+150
* kernel-interface: add an exchange initiator parameter to add_sa()Martin Willi2013-06-111-8/+8
* ikev2: if installing a CHILD_SA as initiator fails, notify the responderMartin Willi2013-06-111-2/+36
* ikev2: raise LOCAL_AUTH_FAILED when receiving INFORMATIONAL with AUTH_FAILEDMartin Willi2013-06-111-0/+8
* ikev2: close an established IKE_SA when receiving AUTHENTICATION_FAILEDMartin Willi2013-06-111-0/+6
* ikev2: if responder authentication fails, send AUTHENTICATION_FAILEDMartin Willi2013-06-111-0/+29
* Allow IPComp on NATed connections, both for IKEv1 and IKEv2Martin Willi2013-06-111-7/+0
* Properly compare CHILD_SAs during rekey collisionTobias Brunner2013-06-111-5/+12
* Raise LOCAL_AUTH_FAILED alert after receiving AUTHENTICATION_FAILUREMartin Willi2013-05-151-0/+1
* Raise an ALERT_PROPOSAL_MISMATCH_CHILD also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
* Raise an ALERT_PROPOSAL_MISMATCH_IKE also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
* emit a single assig_vips bus message for all VIPsAndreas Steffen2013-04-061-0/+2
* Defer CHILD_SA rekeying if allocating an SPI failsMartin Willi2013-04-032-12/+26
* child_sa_t.get_usestats() can additionally return the number of processed pac...Martin Willi2013-03-141-2/+2
* Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0Martin Willi2013-03-111-0/+4
* Merge branch 'multi-eap'Martin Willi2013-03-012-28/+50
|\
| * Apply a mutual EAP auth_cfg not before the EAP method completesMartin Willi2013-02-262-1/+18
| * Be a little more verbose why a peer_cfg is inacceptableMartin Willi2013-02-261-8/+16
| * Refactor auth_cfg applying to a common functionMartin Willi2013-02-261-20/+17
* | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-011-0/+12
|\ \
| * | Move initial message dropping to task managerMartin Willi2013-02-251-0/+12
| |/
* | Merge branch 'tfc-notify'Martin Willi2013-03-011-0/+9
|\ \ | |/ |/|
| * Send ESP_TFC_PADDING_NOT_SUPPORTED if the used kernel doesn't support itMartin Willi2013-03-011-0/+9
* | Add a global return_success() method implementationMartin Willi2013-02-141-8/+2
|/
* Fix check-in of IKE_SA when IKE_SA_INIT fails and hash table is enabledTobias Brunner2013-01-241-2/+13
* Refactored IKEv2 cert/certreq payload processing to multiple functionsMartin Willi2013-01-111-112/+141
* Fixed some typos, courtesy of codespellTobias Brunner2012-12-202-2/+2
* Raise an alert if IKE SA is keptAdrian-Ken Rueegsegger2012-12-201-0/+1
* Raise an alert if allocating virtual IPs failsMartin Willi2012-12-191-0/+2
* Raise an alert if kernel policy installation failsMartin Willi2012-12-191-0/+2
* Raise an alert if kernel SA installation failsMartin Willi2012-12-191-0/+2
* Raise an alert on traffic selector mismatchMartin Willi2012-12-191-0/+2
* Raise alerts when enforcing IKE_SA unique policyMartin Willi2012-12-191-0/+1
* Raise an alert if CHILD_SA proposals mismatchMartin Willi2012-12-191-0/+2
* Raise an alert if IKE proposals mismatchMartin Willi2012-12-191-0/+5
* Raise an alert of generating local authentication data failsMartin Willi2012-12-191-6/+10
* Fix GPL license header to properly "sed" itMartin Willi2012-11-301-1/+1
* Add alerts for sent/received message retransmissions and timeoutMartin Willi2012-11-291-0/+5
* Moved data structures to new collections subfolderTobias Brunner2012-10-242-2/+2
* Moved packet_t and tun_device_t to networking folderTobias Brunner2012-10-241-1/+1
* Raise a bus alert when IKE message body parsing failsMartin Willi2012-10-241-0/+2
* Respect IKE version while selecting an ike_cfg as responderMartin Willi2012-10-241-1/+2
* Ensure UNSUPPORTED_CRITICAL_PAYLOAD notify contains correct payload typeTobias Brunner2012-09-281-0/+1
* Made IP address enumeration more flexibleTobias Brunner2012-09-213-3/+3
* Don't ignore loopback devices and allow addresses on them being enumeratedTobias Brunner2012-09-213-3/+3
* Derive a dynamic TS to multiple virtual IPsMartin Willi2012-09-181-39/+61
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-25 21:43:42 +0000