aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Collapse)AuthorAgeFilesLines
...
| | * Don't clone chunk in message.get_packet_dataMartin Willi2012-03-201-4/+3
| | |
| | * Verify IKEv1 nonce size, send 32 byte noncesMartin Willi2012-03-201-6/+2
| | |
| | * Partially implemented third main mode exchange (identities)Martin Willi2012-03-201-2/+184
| | |
| | * Implemented first two exchanges of Main Mode as initiatorMartin Willi2012-03-203-40/+376
| | |
| | * Added enum name for MAIN_MODE taskMartin Willi2012-03-201-2/+4
| | |
| | * Added missing task manager factory declarationMartin Willi2012-03-201-0/+8
| | |
| | * Added IKEv1 support to delete payloadMartin Willi2012-03-202-3/+3
| | |
| | * Added IKEv1 support to notify payloadMartin Willi2012-03-202-4/+4
| | |
| | * Memory leak fixed.Tobias Brunner2012-03-201-0/+1
| | |
| | * Added factory function to create task_manager_t implementations.Tobias Brunner2012-03-202-2/+34
| | |
| | * Added factory function to create keymat_t implementations.Tobias Brunner2012-03-203-5/+49
| | |
| | * Store IKE version of an SA on ike_sa_t.Tobias Brunner2012-03-206-16/+47
| | |
| | * Added stub for IKEv1 keymat_t implementation.Tobias Brunner2012-03-202-0/+177
| | |
| | * Use keymat_t as common interface, renamed current implementation to _v2.Tobias Brunner2012-03-204-36/+77
| | |
| | * Implement second exchange in IKEv1 main modeMartin Willi2012-03-201-25/+143
| | |
| | * Extended KE payload for IKEv1 supportMartin Willi2012-03-202-2/+3
| | |
| | * Extended nonce payload for IKEv1 supportMartin Willi2012-03-202-2/+2
| | |
| | * Handle first exchange in IKEv1 main mode as responderMartin Willi2012-03-201-4/+33
| | |
| | * Added an IKEv1 main mode task stubMartin Willi2012-03-204-24/+190
| | |
| | * Added a stub for a IKEv1 task managerMartin Willi2012-03-202-0/+516
| | |
| | * Use task manager as generic interface, renamed implementation to _v2.Martin Willi2012-03-204-23/+63
| | |
| | * Fix init message arrival check.Tobias Brunner2012-03-201-21/+14
| | |
| | * Allow creation of message_t objects for IKEv1 packets.Tobias Brunner2012-03-203-4/+4
| | |
| | * Extend sa_payload for IKEv1 supportMartin Willi2012-03-202-4/+8
| | |
| | * Use vendor id payload for IKEv1 payloads, tooMartin Willi2012-03-201-1/+2
| | |
| | * Handle IKEv1 messages in managers checkout_by_messageMartin Willi2012-03-201-9/+30
| | |
* | | Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-182-12/+3
| | | | | | | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* | | Added a note about DH/keymat lifecycle for custom implementationsMartin Willi2012-04-171-1/+6
| | |
* | | Reuse existing DH value when retrying IKE_SA_INIT with a COOKIEMartin Willi2012-04-171-2/+5
| | |
* | | Use IP address as ID as responder if not configured or no IDr received.Tobias Brunner2012-04-161-3/+11
| | |
* | | Fall back on IP address as IDi if none is configured at all.Tobias Brunner2012-04-161-7/+7
| | |
* | | Use auth_cfg_t.replace_value where appropriate.Tobias Brunner2012-04-162-26/+5
| | |
* | | Fixed IDi in case neither left nor leftid is configured.Tobias Brunner2012-04-161-0/+21
| | |
* | | Don't invoke child_updown hook twice as responderMartin Willi2012-04-111-3/+8
| | |
* | | Properly initialize src in ike_sa_t.is_any_path_valid().Tobias Brunner2012-04-061-1/+1
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-3/+10
|/ /
* | Simplified some route lookups now that we store all peer addresses in a list.Tobias Brunner2012-03-092-25/+9
| |
* | Renamed list of additional peer addresses as it now stores all known addresses.Tobias Brunner2012-03-093-34/+34
| |
* | Store the peer's current address as additional known address on the IKE_SA.Tobias Brunner2012-03-091-0/+8
| | | | | | | | | | This allows to switch back to the original address after switching to any of the additional addresses.
* | Re-resolve hosts on additional keyingtriesMartin Willi2012-03-061-0/+1
| |
* | Invoke ike_updown hook on authentication failure not before response sentMartin Willi2012-03-051-3/+2
| |
* | Be a little more verbose before starting IKE_SA reauthenticationMartin Willi2012-03-051-2/+9
| |
* | Send an AUTH_LIFETIME update after updating the lifetime, but can not reauth ↵Martin Willi2012-03-053-9/+43
| | | | | | | | actively
* | Set hard timeouts when setting a lifetimeMartin Willi2012-03-051-7/+14
| |
* | Fix IKE_SA timeout debug output on 64bit platformsMartin Willi2012-03-051-3/+4
| |
* | Added support for untruncated MD5 and SHA1 HMACs in ESP as used in RFC 4595.Tobias Brunner2012-02-271-0/+2
| | | | | | | | This requires a Linux kernel >= 2.6.33.
* | Trigger DPD not before IKE_SA state gets updatedMartin Willi2012-02-021-6/+8
| |
* | Don't retransmit, rekey, reauth or DPD check SAs when in PASSIVE stateMartin Willi2012-02-021-0/+26
| |
* | Destroy active task list before queued tasksThomas Egerer2012-01-181-3/+3
| | | | | | | | | | | | | | Since active task's destruction might result in adopting tasks from a rekeyed ike sa it seems better to first destroy the active task list and then destroy all queued tasks. This way adoption is possible at all, while otherwise the queued task list would be empty.
* | Fixed additional typos in comments and log messages.Tobias Brunner2012-01-121-1/+1
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-24 17:21:24 +0000