aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
* ikev1: Fix debugging log when remote traffic selector selection failsMartin Willi2014-05-141-1/+1
* child-sa: Reclaim old state if SA updating is not supportedMartin Willi2014-05-091-0/+2
* ike-sa-manager: Improve scalability of half-open IKE_SA checkingTobias Brunner2014-04-241-7/+8
* ikev2: Reject CHILD_SA creation/rekeying while deleting an IKE_SAMartin Willi2014-04-171-0/+6
* ikev2: Apply extensions and conditions before starting rekeyingMartin Willi2014-04-171-0/+6
* ikev2: Add inherit_pre() to apply config and hosts before IKE_SA rekeyingMartin Willi2014-04-173-14/+28
* ikev2: Fix reauthentication if peer assigns a different virtual IPTobias Brunner2014-04-151-1/+1
* ikev2: Reject CREATE_CHILD_SA exchange on unestablished IKE_SAsMartin Willi2014-04-141-0/+9
* aead: Support custom AEAD salt sizesMartin Willi2014-03-311-2/+27
* ikev2: Recreate a CHILD_SA that got a hard lifetime expire without rekeyingMartin Willi2014-03-311-0/+12
* ikev2: Cache all received attribute certificates to auth configMartin Willi2014-03-311-1/+27
* ikev2: Send all known and valid attribute certificates for subject certMartin Willi2014-03-311-0/+46
* ikev2: Slightly refactor certificate payload construction to separate functionsMartin Willi2014-03-311-37/+56
* uclibc only defines strndup(3) if _GNU_SOURCE is definedTobias Brunner2014-02-191-0/+3
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-1211-26/+26
* ikev1: Fix config switching due to failed authentication during Aggressive modeTobias Brunner2014-02-121-3/+1
* child-sa: Add a getter for CHILD_SA install timeMartin Willi2014-01-232-0/+20
* ikev2: Add Cisco FRAGMENTATION vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Add Cisco Copyright vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Add Cisco Delete Reason vendor IDMartin Willi2014-01-231-0/+2
* ikev2: Use a more dynamic vendor ID database, as we use with IKEv1Martin Willi2014-01-231-16/+57
* ike: Simplify error handling if name resolution failedTobias Brunner2014-01-231-16/+3
* ike: Use proper hostname(s) when name resolution failedTobias Brunner2014-01-231-1/+1
* ikev2: Wipe (optional) shared secret during CHILD_SA key derivationTobias Brunner2014-01-231-11/+14
* ike_sa: Defer task manager destruction after child destructionThomas Egerer2014-01-164-9/+16
* ike: Log SK_p consistently on level 4Tobias Brunner2013-11-281-1/+1
* trap-manager: Reset IKE_SA on bus_t if initiating failsTobias Brunner2013-11-211-0/+1
* trap-manager: Prevent deadlock when installing trap policiesTobias Brunner2013-11-211-40/+46
* ikev2: Properly free DH secret in case of errors during IKE key derivationTobias Brunner2013-11-061-0/+3
* ike: Don't immediately DPD after deferred DELETEs following IKE_SA rekeyingMartin Willi2013-11-011-0/+8
* ikev1: Properly initialize list of fragments in case fragment ID is 0Volker RĂ¼melin2013-10-311-1/+1
* Fixed some typosTobias Brunner2013-10-292-2/+2
* trap-manager: Make sure a config is not trapped twiceTobias Brunner2013-10-171-4/+16
* iv_gen: aead_t implementations provide an IV generatorTobias Brunner2013-10-111-0/+8
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ...Tobias Brunner2013-10-111-1/+1
* kernel: Use a time_t to report use time in query_policy()Martin Willi2013-10-111-2/+2
* kernel: Use a time_t to report use time in query_sa()Martin Willi2013-10-111-3/+3
* ike: Define keylength for aescmac algorithmMartin Willi2013-10-111-0/+1
* ikev1: Delete quick modes with the negotiated SA protocolMartin Willi2013-10-111-1/+1
* trap-manager: Install trap with SA protocol of the first configured proposalMartin Willi2013-10-111-4/+12
* child-sa: Save protocol during SPI allocationMartin Willi2013-10-111-6/+3
* ikev1: Negotiate SPI with the first/negotiated proposal protocolMartin Willi2013-10-111-3/+18
* ikev2: Allocate SPI with the protocol of the first/negotiated proposalMartin Willi2013-10-111-2/+16
* ikev1: Accept reauthentication attempts with a keep unique policy from same hostMartin Willi2013-09-301-6/+17
* ikev1: Delay a potential delete for a duplicate IKE_SA having a replace policyMartin Willi2013-09-301-8/+29
* ikev2: Force an update of the host addresses on the first responseTobias Brunner2013-09-231-11/+9
* ike-sa: Resolve hosts before reestablishing an IKE_SATobias Brunner2013-09-231-0/+2
* ikev1: Fix double free when searching for redundant CHILD_SAsTobias Brunner2013-09-131-1/+1
* ikev1: For PFS prefer DH group from IKE_SA over first configuredThomas Egerer2013-09-101-18/+54
* ike-cfg: remove the to be obsoleted allow any parameter in get_my/other_addrMartin Willi2013-09-041-1/+1
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-19 16:50:05 +0000