aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
...
* Add basic support for XAuth responder authenticationMartin Willi2012-06-272-8/+10
* Ignore a received %any virtual IP for installationMartin Willi2012-06-261-1/+2
* Centralized thread cancellation in processor_tTobias Brunner2012-06-251-8/+19
* support Cisco Unity VIDAndreas Steffen2012-06-252-3/+11
* Enforce uniqueids=keep based on XAuth identityMartin Willi2012-06-251-0/+6
* Don't send XAUTH_OK if a hook prevents SA to establishMartin Willi2012-06-251-4/+14
* Enforce uniqueids=keep only for non-XAuth Main/Agressive ModesMartin Willi2012-06-252-28/+28
* Use XAuth/EAP remote identity for uniqueness checkMartin Willi2012-06-252-2/+4
* Add missing XAuth name variable when complaining about missing XAuth backendMartin Willi2012-06-251-1/+1
* Fix SIGSEGV if kernel install fails during Quick Mode as responder.Tobias Brunner2012-06-221-4/+8
* Adopt children as XAuth initiator (which is IKE responder)Martin Willi2012-06-141-2/+2
* Require a scary option to respond to Aggressive Mode PSK requestsMartin Willi2012-06-141-0/+17
* implemented the right|leftallowany featureAndreas Steffen2012-06-082-10/+15
* Enforce uniqueness policy in IKEv1 main and aggressive modesMartin Willi2012-06-082-0/+29
* Try to rekey without KE exchange if peer returns INVALID_KE_PAYLOAD(NONE)Martin Willi2012-06-081-1/+8
* While checking for redundant quick modes, compare traffic selectorsMartin Willi2012-06-081-0/+22
* Store shorter soft lifetime of in- and outbound SAs onlyMartin Willi2012-06-081-1/+8
* Initiate quick mode rekeying with narrowed traffic selectorsMartin Willi2012-06-081-1/+18
* Use traffic selectors passed to quick mode constructor as initiatorMartin Willi2012-06-081-2/+10
* Instead of rekeying, delete a quick mode if we have a fresher instanceMartin Willi2012-06-081-6/+42
* As responder, enforce the same configuration while rekeying CHILD_SAsMartin Willi2012-06-063-1/+19
* Mark CHILD_SAs used for trap policies to uninstall them properly.Tobias Brunner2012-06-041-6/+13
* Avoid queueing more than one retry initiate job.Tobias Brunner2012-05-302-3/+34
* Retry IKE_SA initiation if DNS resolution failed.Tobias Brunner2012-05-301-4/+39
* Fix MOBIKE address update if responder address changed.Tobias Brunner2012-05-251-2/+2
* Resolve hosts before reauthenticating due to address change.Tobias Brunner2012-05-251-0/+2
* Don't queue delete_ike_sa job when setting IKE_DELETING.Tobias Brunner2012-05-252-9/+1
* During reauthentication reestablish IKE_SA even if deleting the old one fails.Tobias Brunner2012-05-251-0/+6
* Integrated main parts of IKE_REAUTH task into ike_sa_t.reestablish.Tobias Brunner2012-05-252-115/+77
* Fixed route lookup in case MOBIKE is not enabled.Tobias Brunner2012-05-251-3/+9
* Added log message if peer does not accept/provide IPComp proposal.Tobias Brunner2012-05-241-2/+12
* Added support to negotiate IPComp during Quick Mode.Tobias Brunner2012-05-241-11/+91
* Added support for IKEv1 IPComp proposals in SA payload.Tobias Brunner2012-05-243-6/+6
* Fix memleak during Quick Mode in case no SPI can be allocated from kernel.Tobias Brunner2012-05-241-8/+8
* Apply IDir before deriving keys as aggressive initiatorMartin Willi2012-05-231-4/+4
* Use received identity to look up PSK as aggressive responderMartin Willi2012-05-231-2/+9
* Check if we actually have an initiating packet to free while processing respo...Martin Willi2012-05-231-1/+1
* Switch to alternative peer config in IKEv1 Main and Aggressive Mode.Tobias Brunner2012-05-214-24/+85
* Cancel pending retransmits when flushing active task queueMartin Willi2012-05-211-0/+4
* Cancel active quick mode task when receiving INFORMATIONAL errorMartin Willi2012-05-211-0/+30
* Flush task queues explicitly, not implicitly if task returns ALREADY_DONEMartin Willi2012-05-216-12/+20
* Wrap task managers flush_queue() in IKE_SAMartin Willi2012-05-212-0/+14
* Make task managers flush_queue() method publicMartin Willi2012-05-213-20/+62
* Remove executable flag from source files.Tobias Brunner2012-05-1812-0/+0
* Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, tas...Tobias Brunner2012-05-1844-46/+46
* Use nonce_gen instead of rng to generate noncesAdrian-Ken Rueegsegger2012-05-184-34/+34
* Add create_nonce_gen function to keymat interfaceAdrian-Ken Rueegsegger2012-05-183-0/+24
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-6/+14
* Moved IKEv1 DPD processing to task manager, fix sequence issuesMartin Willi2012-05-153-73/+72
* Schedule a DPD timeout job that enforces the IKE message timeout policyMartin Willi2012-05-151-0/+13
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-14 11:19:45 +0000