| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| ... | |
| | | * | Trigger DPD not before IKE_SA state gets updated | Martin Willi | 2012-03-20 | 1 | -13/+15 |
| | | * | Use UDP encapsulation even in non-NAT situation if initiator requests it | Martin Willi | 2012-03-20 | 1 | -13/+14 |
| | | * | Support inactivity timeout in IKEv1 CHILD_SAs | Martin Willi | 2012-03-20 | 1 | -1/+24 |
| | | * | Use a dedicated PRF for HASH/SIG payloads using ECDSA specific hasher | Martin Willi | 2012-03-20 | 1 | -14/+37 |
| | | * | Select public key auth method by checking what key we have | Martin Willi | 2012-03-20 | 2 | -4/+99 |
| | | * | Support ECDSA signatures in IKEv1 pubkey authenticator | Martin Willi | 2012-03-20 | 3 | -18/+32 |
| | | * | Exchange certificates when using IKEv1 ECDSA authentication | Martin Willi | 2012-03-20 | 2 | -0/+6 |
| | | * | Don't re-resolve addresses during initiate if they have already been set | Martin Willi | 2012-03-20 | 1 | -1/+5 |
| | | * | Adopt children after syncing a rekeyed IKEv1 SA | Martin Willi | 2012-03-20 | 1 | -1/+2 |
| | | * | Setting message ID on task manager sets DPD sequence numbers in IKEv1 | Martin Willi | 2012-03-20 | 2 | -2/+12 |
| | | * | Update state before triggering DPD, as we cancel it if PASSIVE | Martin Willi | 2012-03-20 | 1 | -0/+1 |
| | | * | Set thread specific SA on bus for each enumerated IKE_SA | Martin Willi | 2012-03-20 | 1 | -1/+11 |
| | | * | Invoke bus_t.message hook twice, once plain and parsed, once encoded and encr... | Martin Willi | 2012-03-20 | 3 | -6/+16 |
| | | * | Clear initiator flag when checking out initial IKEv1 SA from message | Martin Willi | 2012-03-20 | 1 | -0/+4 |
| | | * | Pass IKEv1 specific keymat to ike_keys hook | Martin Willi | 2012-03-20 | 2 | -4/+4 |
| | | * | Set selected proposal on IKEv1 SA, don't pass it separately to Phase 1 helper | Martin Willi | 2012-03-20 | 4 | -21/+20 |
| | | * | Get a reference for the child_cfg passed to child_create_create() | Martin Willi | 2012-03-20 | 1 | -2/+2 |
| | | * | Invoke bus_t.narrow hook in quick mode exchange | Martin Willi | 2012-03-20 | 1 | -7/+36 |
| | | * | Invoke authorization hooks for IKEv1 connections | Martin Willi | 2012-03-20 | 3 | -25/+95 |
| | | * | Invoke ike_updown hooks for reauthenticated IKEv1 SAs | Martin Willi | 2012-03-20 | 1 | -0/+1 |
| | | * | Don't invoke a child_updown hook when a quick mode to delete has been rekeyed | Martin Willi | 2012-03-20 | 1 | -1/+6 |
| | | * | Invoke child_rekey hook instead of child_updown when rekeying a quick mode | Martin Willi | 2012-03-20 | 3 | -2/+36 |
| | | * | Don't invoke updown hook when flushing SAs for IKEv1, tasks will do it | Martin Willi | 2012-03-20 | 1 | -10/+12 |
| | | * | Fix "incoming" flag passed to bus_t.message() hook | Martin Willi | 2012-03-20 | 1 | -1/+1 |
| | | * | Continue with next exchange after sending an INFORMATIONAL | Martin Willi | 2012-03-20 | 1 | -1/+2 |
| | | * | Handle retransmission of DPD exchange, both as initiator and responder | Martin Willi | 2012-03-20 | 1 | -22/+37 |
| | | * | Disable DPD checking for peers not supporting it | Martin Willi | 2012-03-20 | 3 | -3/+20 |
| | | * | Added missing DPD task name | Martin Willi | 2012-03-20 | 2 | -3/+3 |
| | | * | Confirm message reception time only if DPD sequence number valid | Martin Willi | 2012-03-20 | 2 | -3/+10 |
| | | * | Simplified DPD handling by using a task for a single message only | Martin Willi | 2012-03-20 | 8 | -272/+114 |
| | | * | Check if we have an RNG for IKEv1 task manager before using it | Martin Willi | 2012-03-20 | 1 | -9/+9 |
| | | * | Remove unused DPD sequence number getter on task manager | Martin Willi | 2012-03-20 | 2 | -13/+2 |
| | | * | Don't retransmit, rekey, reauth or DPD check SAs when in PASSIVE state | Martin Willi | 2012-03-20 | 1 | -0/+24 |
| | | * | Send DPD vendor ID | Clavister OpenSource | 2012-03-20 | 1 | -1/+1 |
| | | * | Isakmp_dpd task added. | Clavister OpenSource | 2012-03-20 | 10 | -9/+445 |
| | | * | Request and handle retransmission of a lost third aggressive mode message | Martin Willi | 2012-03-20 | 1 | -5/+8 |
| | | * | Streamlined debug output when initiating IKEv1 IKE_SAs | Martin Willi | 2012-03-20 | 2 | -2/+2 |
| | | * | Enforce encapsulation mode of configuration, in case initiator proposes both | Martin Willi | 2012-03-20 | 1 | -1/+2 |
| | | * | Handle aggressive mode task in IKEv1 task manager | Martin Willi | 2012-03-20 | 1 | -6/+36 |
| | | * | Select IKEv1 configurations by main/aggressive mode option | Martin Willi | 2012-03-20 | 4 | -5/+8 |
| | | * | Fix sending of CERTREQ/CERT payloads in aggressive mode | Martin Willi | 2012-03-20 | 2 | -2/+12 |
| | | * | Implemented aggressive mode using Phase 1 helper class | Martin Willi | 2012-03-20 | 4 | -0/+682 |
| | | * | Make use of the new Phase 1 helper class in main mode | Martin Willi | 2012-03-20 | 1 | -579/+73 |
| | | * | Implemented a common Phase 1 helper class to use by main and aggressive modes | Martin Willi | 2012-03-20 | 2 | -0/+753 |
| | | * | Fix error handling if no PSK found for main mode | Martin Willi | 2012-03-20 | 1 | -5/+9 |
| | | * | Install quick mode CHILD_SAs with negotiated encapsulation mode | Martin Willi | 2012-03-20 | 1 | -12/+17 |
| | | * | Try to detect reauthentication as responder and adopt children to new SA | Martin Willi | 2012-03-20 | 2 | -0/+7 |
| | | * | Destroy IKE_SA after reauthentication initiatend and lifetime limit reached | Martin Willi | 2012-03-20 | 1 | -1/+6 |
| | | * | Added an IKE_SA manager method to enumerate IKE_SA IDs filtered by identities | Martin Willi | 2012-03-20 | 2 | -34/+59 |
| | | * | Query for XAuth identity in get_other_eap_id(), too | Martin Willi | 2012-03-20 | 1 | -0/+4 |
