aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
* Allow IPComp on NATed connections, both for IKEv1 and IKEv2Martin Willi2013-06-112-33/+10
* Properly compare CHILD_SAs during rekey collisionTobias Brunner2013-06-111-5/+12
* Raise LOCAL_AUTH_FAILED alert after receiving AUTHENTICATION_FAILUREMartin Willi2013-05-151-0/+1
* kernel-interface: query SAD for last use time if SPD query didn't yield oneMartin Willi2013-05-061-5/+19
* child-sa: query SAD/SPD just for what we actually need to update statisticsMartin Willi2013-05-061-2/+5
* child-sa: pass traffic selector to add_sa() regardless of IPsec modeMartin Willi2013-05-061-14/+11
* Raise an ALERT_PROPOSAL_MISMATCH_CHILD also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
* Raise an ALERT_PROPOSAL_MISMATCH_IKE also when receiving NO_PROPOSAL_CHOSENMartin Willi2013-05-061-0/+20
* Don't unset IKE_SA on bus before we released virtual IPs and attributesMartin Willi2013-05-061-10/+8
* emit a single assig_vips bus message for all VIPsAndreas Steffen2013-04-062-6/+10
* ifmap plugin subscribes to assing_vip bus signalAndreas Steffen2013-04-061-0/+6
* Refactor check_for_rekeyed_child() in quick_mode taskMartin Willi2013-04-031-18/+24
* Reuse reqid of an existing Quick Mode, even if it has been rekeyedMartin Willi2013-04-031-1/+2
* Defer CHILD_SA rekeying if allocating an SPI failsMartin Willi2013-04-032-12/+26
* Fixed some typos, courtesy of codespellTobias Brunner2013-03-251-1/+1
* Delete IKE_SAs if responder does not initiate XAuth exchange within a certain...Tobias Brunner2013-03-192-2/+16
* Make sure that xauth-noauth is not used accidentallyTobias Brunner2013-03-191-2/+5
* Added xauth-noauth pluginTobias Brunner2013-03-191-29/+37
* Make check whether to use IKEv1 fragmentation more readableMartin Willi2013-03-141-5/+14
* Raise an alert if an IKE_SA could not have been reauthenticated and expiresMartin Willi2013-03-141-0/+4
* child_sa_t.get_usestats() can additionally return the number of processed pac...Martin Willi2013-03-145-7/+13
* kernel_ipsec_t.query_sa() additionally returns the number of processed packetsMartin Willi2013-03-141-3/+15
* Add missing XAuthRespPSK switch case to IKEv1 key derivationMartin Willi2013-03-121-0/+1
* Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0Martin Willi2013-03-111-0/+4
* Ignore fourth Qick Mode message sent by Windows servers.Martin Willi2013-03-111-0/+9
* As Quick Mode initiator, select a subset of the proposed and the returned TSMartin Willi2013-03-071-4/+11
* Merge branch 'multi-eap'Martin Willi2013-03-012-28/+50
|\
| * Apply a mutual EAP auth_cfg not before the EAP method completesMartin Willi2013-02-262-1/+18
| * Be a little more verbose why a peer_cfg is inacceptableMartin Willi2013-02-261-8/+16
| * Refactor auth_cfg applying to a common functionMartin Willi2013-02-261-20/+17
* | Merge branch 'ikev1-rekeying'Martin Willi2013-03-011-0/+21
|\ \
| * | When detecting a duplicate IKEv1 SA, adopt children, as it might be a rekeyingMartin Willi2013-02-201-0/+21
| |/
* | Merge branch 'opaque-ports'Martin Willi2013-03-011-2/+2
|\ \
| * | Use a complete port range in traffic_selector_create_from_{subnet,cidr}Martin Willi2013-02-211-2/+2
* | | Without MOBIKE, update remote host only if it is behind NATMartin Willi2013-03-011-2/+3
* | | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-014-45/+55
|\ \ \
| * | | For IKEv1 Main Mode, use message hash to detect early retransmissionsMartin Willi2013-02-251-10/+23
| * | | Move initial message dropping to task managerMartin Willi2013-02-253-19/+27
| * | | Use INIT macro to initialize IKE_SA manager entriesMartin Willi2013-02-251-17/+6
| | |/ | |/|
* | | Merge branch 'tfc-notify'Martin Willi2013-03-011-0/+9
|\ \ \
| * | | Send ESP_TFC_PADDING_NOT_SUPPORTED if the used kernel doesn't support itMartin Willi2013-03-011-0/+9
| | |/ | |/|
* | | Trigger an updown event when destroying an IKE_SA based on INITIAL_CONTACTTobias Brunner2013-02-281-0/+1
| |/ |/|
* | Add a global return_success() method implementationMartin Willi2013-02-141-8/+2
* | Merge branch 'ike-dscp'Martin Willi2013-02-141-1/+26
|\ \
| * | Set configured DSCP value while generating IKE packetsMartin Willi2013-02-061-1/+26
| |/
* / make TNC client authentication type available to IMVsAndreas Steffen2013-02-121-0/+57
|/
* Fix check-in of IKE_SA when IKE_SA_INIT fails and hash table is enabledTobias Brunner2013-01-241-2/+13
* Avoid a deadlock when installing a trap policy failedTobias Brunner2013-01-231-1/+5
* Fix IKE SA inherit API docAdrian-Ken Rueegsegger2013-01-221-2/+1
* Properly send IKEv1 packets if no ike_cfg is known yetTobias Brunner2013-01-141-2/+5
generated by cgit v1.2.3 (git 2.25.1) at 2025-02-27 13:13:13 +0000