aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/tasks
Commit message (Collapse)AuthorAgeFilesLines
...
* Use the AAA Identity for EAP authentication, if givenMartin Willi2010-08-311-0/+5
|
* Port floating patch partially reversed.Tobias Brunner2010-08-302-12/+8
| | | | | | If MOBIKE is enabled, we do have to switch to port 4500 with the IKE_AUTH request, that is, before we know whether the other peer actually supports MOBIKE or not.
* Slightly refactored port floating.Tobias Brunner2010-08-303-35/+16
| | | | In case of MOBIKE, only float to port 4500 if the other peer actually supports MOBIKE.
* Migrated delete_payload to INIT/METHOD macros, replaced iteratorMartin Willi2010-08-251-9/+8
|
* Check if colliding rekey actually created an IKE_INITThomas Egerer2010-08-251-37/+42
| | | | | | In some cases (especially if a child is half-open) the colliding rekey-job might not have created the ike_init member. If so, the nonce check fails with SIGSEGV.
* Use a seperate section for each nested struct member in INIT macroMartin Willi2010-08-181-6/+8
|
* fix error-type range in parsing of NOTIFY payloadsJiri Bohac2010-08-061-1/+1
|
* Accept EAP_ONLY_AUTHENTICATION notifies from any client, now that IANA ↵Tobias Brunner2010-08-041-3/+2
| | | | allocated an ID.
* Do not touch child from collision if peer deleted itThomas Egerer2010-08-031-3/+24
|
* Pass the CREATE_CHILD_SA initiator flag to the child_keys parameterMartin Willi2010-07-261-2/+2
|
* Added log statement if peer requests EAP, but current config does not allow itMartin Willi2010-07-211-0/+1
|
* Support different encoding types in certificate.get_encoding()Martin Willi2010-07-131-1/+6
|
* Renamed key_encod{ing,der}_t and constants, prepare for generic credential ↵Martin Willi2010-07-131-1/+1
| | | | encoding
* Moved X509 ipAddrBlock checking to the addrblock pluginMartin Willi2010-07-131-60/+0
|
* Added a hook to narrow traffic selectors for CHILD_SAsMartin Willi2010-07-131-5/+38
|
* Moved credential manager to libstrongswanMartin Willi2010-07-132-8/+7
|
* Added support for named attribute groupsHeiko Hund2010-07-091-1/+1
| | | | | | Add the possibility to group attributes by a name and assign these groups to connections. This allows a more granular configuration of which client will receive what atrributes.
* Print identity to a lease address on the same line for simpler grepingMartin Willi2010-07-081-1/+1
|
* Copy EAP specific attributes to auth config onlyMartin Willi2010-07-051-1/+10
|
* Correct check of traffic selectors before destructionThomas Egerer2010-06-291-2/+2
|
* Reacquire keymat from new IKE_SA during task migrationMartin Willi2010-06-071-0/+1
|
* Disable close action for a redundant CHILD_SA resulting from a rekey collisionMartin Willi2010-06-021-0/+5
| | | | | | | | If a rekey collision is detected, the winning peer of the nonce compare will delete the redundant CHILD_SA. The other peer should not enforce the close action on this CHILD, as it would reestablish the redundat CHILD_SA. Thanks to Thomas Egerer from secunet for pointing this out and the initial patchset.
* Use wrapped getters for close/dpd actionMartin Willi2010-06-021-1/+3
|
* Handle collisions between rekey and the following delete properlyMartin Willi2010-05-181-27/+63
|
* Ignore DH exchange in CHILD_SA rekeying if the selected proposal contains no ↵Martin Willi2010-04-211-5/+5
| | | | DH group
* Release virtual IPs with the same identity as we acquired itMartin Willi2010-03-251-33/+1
|
* Changed all usages of lib->attributes to hydra->attributes.Tobias Brunner2010-03-241-5/+6
|
* Moving charon to libcharon.Tobias Brunner2010-03-1936-0/+9579
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 03:10:30 +0000