aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
...
* ike: Disable NAT keepalives in state PASSIVEThomas Egerer2015-08-041-3/+12
* ike: Fix memory leak if remote address is keptTobias Brunner2015-07-271-0/+4
* ike-rekey: Fix cleanup() callTobias Brunner2015-07-271-2/+2
* ike-rekey: Reset IKE_SA on bus before sending CREATE_CHILD_SA responseTobias Brunner2015-07-271-1/+2
* ike-rekey: Reset IKE_SA on the bus after destroying new IKE_SATobias Brunner2015-07-271-16/+15
* shunt-manager: Add flush() method to properly uninstall shuntsTobias Brunner2015-07-272-4/+46
* shunt-manager: Remove stored entries if installation failsTobias Brunner2015-07-271-2/+11
* shunt-manager: Add a lock to safely access the list of shunt policiesTobias Brunner2015-07-271-3/+17
* trap-manager: Resolve race conditions between flush() and install()Tobias Brunner2015-07-271-0/+31
* trap-manager: Changed how acquires we acted on are trackedTobias Brunner2015-07-271-36/+86
* trap-manager: Properly check-in IKE_SA if initiating failsTobias Brunner2015-07-271-2/+2
* ike: Fall back to the current remote IP if it resolves to %anyTobias Brunner2015-07-271-1/+6
* ike: Use address family of local address when resolving remote hostTobias Brunner2015-07-271-1/+14
* ike-sa-manager: Safely access the RNG instance with an rwlockTobias Brunner2015-07-141-5/+16
* ikev2: Derive additional 4 byte CHILD_SA nonce keymat for ChaCha20-Poly1305Martin Willi2015-06-291-0/+1
* ikev2: Use four byte salt for ChaCha20-Poly1305 AEADMartin Willi2015-06-291-0/+1
* ikev2: Enforce remote authentication config before proceeding with own authen...Martin Willi2015-06-051-0/+44
* child-sa: Use any fixed reqid configured on the CHILD_SA configMartin Willi2015-06-051-2/+2
* unknown-payload: Use a new private payload type and make original type availableTobias Brunner2015-06-011-8/+10
* ikev1: Trigger children_migrate event if CHILD_SAs are adoptedTobias Brunner2015-05-212-1/+8
* child-create: Destroy nonceg in migrate()Tobias Brunner2015-05-051-1/+2
* child-create: Fix error handling if nonceg can't be createdTobias Brunner2015-05-051-14/+12
* ike-init: Fix error handling if nonceg can't be createdTobias Brunner2015-05-051-13/+21
* ike-init: Fix compiler warningTobias Brunner2015-05-051-2/+0
* ike-init: Make nonceg a member of ike_init structReto Buerki2015-05-041-20/+17
* child-create: Make nonceg a member of child_create structReto Buerki2015-05-041-12/+16
* Add bool param to ALERT_KEEP_ON_CHILD_SA_FAILURE alertAdrian-Ken Rueegsegger2015-05-041-2/+6
* ike-vendor: Add some Microsoft vendor IDsTobias Brunner2015-04-211-0/+10
* utils: Use chunk_equals_const() for all cryptographic purposesMartin Willi2015-04-144-4/+4
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-131-4/+11
* Fixed some typos, courtesy of codespellTobias Brunner2015-03-251-1/+1
* child-sa: Add a new state to track rekeyed IKEv1 CHILD_SAsTobias Brunner2015-03-254-2/+9
* ikev1: Inverse check when applying received KE value during Quick Mode5.3.0rc1Martin Willi2015-03-241-1/+1
* diffie-hellman: Add a bool return value to set_other_public_value()Martin Willi2015-03-234-6/+53
* diffie-hellman: Add a bool return value to get_my_public_value()Martin Willi2015-03-234-5/+22
* encoding: Allow ke_payload_create_from_diffie_hellman() to failMartin Willi2015-03-234-12/+58
* diffie-hellman: Use bool instead of status_t as get_shared_secret() return valueMartin Willi2015-03-232-4/+4
* ikev1: Make sure SPIs in an IKEv1 DELETE payload match the current SATobias Brunner2015-03-231-0/+39
* trap-manager: Add option to ignore traffic selectors from acquire eventsTobias Brunner2015-03-231-1/+8
* ikev1: Adopt virtual IPs on new IKE_SA during re-authenticationTobias Brunner2015-03-192-32/+111
* ikev1: Mark rekeyed CHILD_SAs as INSTALLEDTobias Brunner2015-03-191-0/+2
* child-sa: Remove policies before states to avoid acquire events for untrapped...Tobias Brunner2015-03-191-16/+16
* ikev2: Migrate MOBIKE additional peer addresses to new SA after IKE_SA rekeyingMartin Willi2015-03-181-0/+6
* ikev2: Immediately initiate queued tasks after establishing rekeyed IKE_SAMartin Willi2015-03-181-0/+29
* ikev2: Don't set old IKE_SA to REKEYING state during make-before-break reauthMartin Willi2015-03-111-1/+0
* kernel-interface: Add a separate "update" flag to add_sa()Martin Willi2015-03-091-1/+1
* Revert "child-sa: Remove the obsolete update logic"Martin Willi2015-03-091-1/+6
* ikev2: Move code in pubkey authenticator's build() method into separate funct...Tobias Brunner2015-03-091-85/+123
* ikev2: Try all eligible signature schemesTobias Brunner2015-03-091-34/+71
* ikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloadsTobias Brunner2015-03-061-2/+13
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-18 23:19:29 +0000