aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
* ikev1: Move fragment generation to message_tTobias Brunner2014-10-101-132/+118
* ikev1: Fix handling of UNITY_LOAD_BALANCETobias Brunner2014-10-071-3/+3
* ikev1: Don't queue more than one mode config or XAuth taskTobias Brunner2014-10-071-7/+22
* ikev1: Be more verbose if a peer config would match, but is unusable for ModeMartin Willi2014-09-251-0/+12
* ikev2: Reorder task activation for established IKE SAsTobias Brunner2014-09-251-11/+11
* Revert "ikev2: Insert MOBIKE tasks at the front of the queue"Tobias Brunner2014-09-251-6/+1
* ikev2: Don't treat initial messages as MOBIKE exchangesTobias Brunner2014-09-161-6/+9
* ikev2: Reduce timeout if path probing was enabledTobias Brunner2014-09-121-6/+13
* ikev2: Defer MOBIKE updates if no path is availableTobias Brunner2014-09-121-7/+14
* ike-mobike: Allow calling transmit() even when not currently path probingTobias Brunner2014-09-121-5/+17
* ikev2: Defer path probing if no path is currently availableTobias Brunner2014-09-121-1/+20
* ike-mobike: Return FALSE in transmit() if no path was availableTobias Brunner2014-09-122-3/+7
* ikev2: Enable path probing for currently active MOBIKE taskTobias Brunner2014-09-121-0/+18
* ike-mobike: Add method to enable path probingTobias Brunner2014-09-122-0/+12
* ike-mobike: Skip peer addresses we can't send packets to when checking pathsTobias Brunner2014-09-121-5/+18
* ikev2: Skip peer addresses we can't send packets to when looking for valid pathsTobias Brunner2014-09-121-0/+18
* ikev2: Insert MOBIKE tasks at the front of the queueTobias Brunner2014-09-121-1/+6
* ikev2: Migrate number of pending MOBIKE updatesTobias Brunner2014-09-121-0/+5
* ikev2: Properly keep track of pending MOBIKE updatesTobias Brunner2014-09-121-8/+27
* ikev1: Make sure proposed IPsec mode matches our ownTobias Brunner2014-09-091-1/+2
* ike: Reset IKE_SA in state CONNECTING instead of reauthenticatingTobias Brunner2014-09-091-0/+8
* ikev1: Defer Mode Config push after CHILD adoption when using XAuthMartin Willi2014-08-254-6/+40
* ikev1: Defer Mode Config push after CHILD adoption and reauth detectionMartin Willi2014-08-252-10/+35
* ikev1: Accept Quick Mode DELETES while Quick Mode rekeying is activeMartin Willi2014-08-251-2/+21
* ike-sa-manager: Use transient hasher for IKE_SA_INIT hash calculationChristophe Gouault2014-08-251-32/+11
* bus: Add ike_reestablish_pre hook, called before DNS resolutionTobias Brunner2014-07-221-1/+5
* shunt-manager: Install passthrough policies with highest priorityTobias Brunner2014-06-191-9/+34
* child-sa: Set replay window on both inbound and outbound SAMartin Willi2014-06-181-6/+2
* ikev1: Allow late connection switching based on XAuth usernameTobias Brunner2014-06-181-6/+0
* kernel-interface: Add a replay_window parameter to add_sa()Martin Willi2014-06-171-2/+6
* bus: Add a handle_vips() hook invoked after handling configuration attributesMartin Willi2014-06-173-0/+5
* ikev1: Invoke the assign_vips() bus hook for IKEv1 as wellMartin Willi2014-06-161-0/+4
* ike: Create an enumerator for (un-)handled configuration attributes on IKE_SAMartin Willi2014-06-162-0/+32
* ike: Store unhandled attributes on IKE_SA as wellMartin Willi2014-06-164-12/+12
* child-sa: Pass the number of total policies tied to an SA to the kernelMartin Willi2014-06-041-0/+8
* kernel-interface: Add a flag to indicate no policy updates requiredMartin Willi2014-06-041-3/+14
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-0438-166/+166
* ikev1: Fix debugging log when remote traffic selector selection failsMartin Willi2014-05-141-1/+1
* child-sa: Reclaim old state if SA updating is not supportedMartin Willi2014-05-091-0/+2
* ike-sa-manager: Improve scalability of half-open IKE_SA checkingTobias Brunner2014-04-241-7/+8
* ikev2: Reject CHILD_SA creation/rekeying while deleting an IKE_SAMartin Willi2014-04-171-0/+6
* ikev2: Apply extensions and conditions before starting rekeyingMartin Willi2014-04-171-0/+6
* ikev2: Add inherit_pre() to apply config and hosts before IKE_SA rekeyingMartin Willi2014-04-173-14/+28
* ikev2: Fix reauthentication if peer assigns a different virtual IPTobias Brunner2014-04-151-1/+1
* ikev2: Reject CREATE_CHILD_SA exchange on unestablished IKE_SAsMartin Willi2014-04-141-0/+9
* aead: Support custom AEAD salt sizesMartin Willi2014-03-311-2/+27
* ikev2: Recreate a CHILD_SA that got a hard lifetime expire without rekeyingMartin Willi2014-03-311-0/+12
* ikev2: Cache all received attribute certificates to auth configMartin Willi2014-03-311-1/+27
* ikev2: Send all known and valid attribute certificates for subject certMartin Willi2014-03-311-0/+46
* ikev2: Slightly refactor certificate payload construction to separate functionsMartin Willi2014-03-311-37/+56
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-25 05:55:24 +0000