aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
...
* Added xauth-noauth pluginTobias Brunner2013-03-191-29/+37
* Make check whether to use IKEv1 fragmentation more readableMartin Willi2013-03-141-5/+14
* Raise an alert if an IKE_SA could not have been reauthenticated and expiresMartin Willi2013-03-141-0/+4
* child_sa_t.get_usestats() can additionally return the number of processed pac...Martin Willi2013-03-145-7/+13
* kernel_ipsec_t.query_sa() additionally returns the number of processed packetsMartin Willi2013-03-141-3/+15
* Add missing XAuthRespPSK switch case to IKEv1 key derivationMartin Willi2013-03-121-0/+1
* Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0Martin Willi2013-03-111-0/+4
* Ignore fourth Qick Mode message sent by Windows servers.Martin Willi2013-03-111-0/+9
* As Quick Mode initiator, select a subset of the proposed and the returned TSMartin Willi2013-03-071-4/+11
* Merge branch 'multi-eap'Martin Willi2013-03-012-28/+50
|\
| * Apply a mutual EAP auth_cfg not before the EAP method completesMartin Willi2013-02-262-1/+18
| * Be a little more verbose why a peer_cfg is inacceptableMartin Willi2013-02-261-8/+16
| * Refactor auth_cfg applying to a common functionMartin Willi2013-02-261-20/+17
* | Merge branch 'ikev1-rekeying'Martin Willi2013-03-011-0/+21
|\ \
| * | When detecting a duplicate IKEv1 SA, adopt children, as it might be a rekeyingMartin Willi2013-02-201-0/+21
| |/
* | Merge branch 'opaque-ports'Martin Willi2013-03-011-2/+2
|\ \
| * | Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-211-2/+2
* | | Without MOBIKE, update remote host only if it is behind NATMartin Willi2013-03-011-2/+3
* | | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-014-45/+55
|\ \ \
| * | | For IKEv1 Main Mode, use message hash to detect early retransmissionsMartin Willi2013-02-251-10/+23
| * | | Move initial message dropping to task managerMartin Willi2013-02-253-19/+27
| * | | Use INIT macro to initialize IKE_SA manager entriesMartin Willi2013-02-251-17/+6
| | |/ | |/|
* | | Merge branch 'tfc-notify'Martin Willi2013-03-011-0/+9
|\ \ \
| * | | Send ESP_TFC_PADDING_NOT_SUPPORTED if the used kernel doesn't support itMartin Willi2013-03-011-0/+9
| | |/ | |/|
* | | Trigger an updown event when destroying an IKE_SA based on INITIAL_CONTACTTobias Brunner2013-02-281-0/+1
| |/ |/|
* | Add a global return_success() method implementationMartin Willi2013-02-141-8/+2
* | Merge branch 'ike-dscp'Martin Willi2013-02-141-1/+26
|\ \
| * | Set configured DSCP value while generating IKE packetsMartin Willi2013-02-061-1/+26
| |/
* / make TNC client authentication type available to IMVsAndreas Steffen2013-02-121-0/+57
|/
* Fix check-in of IKE_SA when IKE_SA_INIT fails and hash table is enabledTobias Brunner2013-01-241-2/+13
* Avoid a deadlock when installing a trap policy failedTobias Brunner2013-01-231-1/+5
* Fix IKE SA inherit API docAdrian-Ken Rueegsegger2013-01-221-2/+1
* Properly send IKEv1 packets if no ike_cfg is known yetTobias Brunner2013-01-141-2/+5
* Merge branch 'ikev1-fragmentation'Tobias Brunner2013-01-125-25/+406
|\
| * Added an option to configure the maximum size of a fragmentTobias Brunner2013-01-121-3/+10
| * Properly detect fragmentation capabilitiesTobias Brunner2013-01-121-3/+27
| * Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-122-3/+6
| * Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-242-10/+7
| * Include source port in init hash for fragmented messagesTobias Brunner2012-12-241-1/+8
| * Add an option to en-/disable IKE fragmentationTobias Brunner2012-12-242-5/+20
| * Split larger messages into fragments if IKE fragmentation is supported by peerTobias Brunner2012-12-241-14/+114
| * Log added NAT-T vendor IDsTobias Brunner2012-12-241-0/+1
| * Detect a peer's support for IKE fragmentationTobias Brunner2012-12-242-0/+9
| * Map fragmented initial initial Main or Aggressive Mode messages to the same I...Tobias Brunner2012-12-241-1/+17
| * Allow ID_PROT/AGGRESSIVE messages for established IKE_SAs if they contain fra...Tobias Brunner2012-12-241-1/+2
| * Don't handle fragmented messages larger than charon.max_packetTobias Brunner2012-12-241-4/+39
| * Don't update an IKE_SA-entry's cached message ID when handling fragmentsTobias Brunner2012-12-241-1/+4
| * Store inbound IKE fragments and reassemble the message when all fragments are...Tobias Brunner2012-12-241-3/+166
* | Streamline debug output when receiving intermediate CA certificates in IKEv1Martin Willi2013-01-111-1/+1
* | Refactored IKEv2 cert/certreq payload processing to multiple functionsMartin Willi2013-01-111-112/+141
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-16 08:40:09 +0000