aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
...
* Revert "child-sa: Remove the obsolete update logic"Martin Willi2015-03-091-1/+6
* ikev2: Move code in pubkey authenticator's build() method into separate funct...Tobias Brunner2015-03-091-85/+123
* ikev2: Try all eligible signature schemesTobias Brunner2015-03-091-34/+71
* ikev1: Set protocol ID and SPIs in INITIAL-CONTACT notification payloadsTobias Brunner2015-03-061-2/+13
* ikev2: Try all RSA signature schemes if none is configuredTobias Brunner2015-03-041-4/+19
* ikev2: Consider signature schemes in rightauth when sending hash algorithmsTobias Brunner2015-03-041-14/+54
* keymat: Use hash algorithm setTobias Brunner2015-03-041-29/+7
* ikev2: Add an option to disable constraints against signature schemesTobias Brunner2015-03-041-1/+11
* ikev2: Fall back to SHA-1 signatures for RSATobias Brunner2015-03-041-0/+7
* ikev2: Select a signature scheme appropriate for the given keyTobias Brunner2015-03-041-18/+13
* ikev2: Log the actual signature scheme used for RFC 7427 authenticationTobias Brunner2015-03-041-4/+6
* ikev2: Store signature scheme used to verify peer in auth_cfgTobias Brunner2015-03-041-0/+1
* ikev2: Add a global option to disable RFC 7427 signature authenticationTobias Brunner2015-03-041-2/+12
* ikev2: Remove private AUTH_BLISS methodTobias Brunner2015-03-043-18/+1
* ikev2: Handle RFC 7427 signature authentication in pubkey authenticatorTobias Brunner2015-03-042-49/+179
* ikev2: Enable signature authentication by transmitting supported hash algorithmsTobias Brunner2015-03-042-4/+88
* keymat: Add facility to store supported hash algorithmsTobias Brunner2015-03-042-1/+70
* ikev2: Add new authentication method defined by RFC 7427Tobias Brunner2015-03-042-3/+9
* ikev2: Only accept initial messages in specific statesTobias Brunner2015-03-041-10/+9
* ike-sa-manager: Make sure the message ID of initial messages is 0Tobias Brunner2015-03-041-1/+2
* ikev2: Don't destroy the SA if an IKE_SA_INIT with unexpected MID is receivedTobias Brunner2015-03-041-4/+0
* ikev2: Don't adopt any CHILD_SA during make-before-break reauthenticationMartin Willi2015-03-041-1/+2
* ikev2: Merge EAP client authentication details if EAP methods provides themMartin Willi2015-03-031-0/+7
* eap: Add an optional authentication details getter to the EAP method interfaceMartin Willi2015-03-031-0/+12
* ikev2: Schedule a timeout for the delete message following passive IKE rekeyingMartin Willi2015-03-031-0/+6
* bus: Add an ike_update() hook invoked when peer endpoints changeMartin Willi2015-02-201-0/+2
* ikev2: Schedule a make-before-break completion task to delete old IKE_SAMartin Willi2015-02-206-1/+172
* ikev2: Allow task to skip exchange by setting undefined exchange typeMartin Willi2015-02-201-0/+5
* ikev2: Trigger make-before-break reauthentication instead of reauth taskMartin Willi2015-02-202-2/+79
* ike-sa-manager: Use IKEv1 uniqueness reauthentication detection for IKEv2, tooMartin Willi2015-02-201-12/+8
* attribute-manager: Pass full IKE_SA to handler methodsMartin Willi2015-02-203-9/+5
* attribute-manager: Pass the full IKE_SA to provider methodsMartin Willi2015-02-203-10/+8
* attributes: Move the configuration attributes framework to libcharonMartin Willi2015-02-203-25/+24
* ike: Consistently log CHILD_SAs with their unique_id instead of their reqidMartin Willi2015-02-205-8/+10
* ike-sa-manager: Remove IKE_SA checkout by CHILD_SA reqidMartin Willi2015-02-202-36/+13
* inactivity-job: Schedule job by CHILD_SA unique ID instead of reqidMartin Willi2015-02-202-13/+7
* kernel-interface: Raise expires with a proto/SPI/dst tuple instead of reqidMartin Willi2015-02-201-2/+2
* ike: Maintain per-IKE_SA CHILD_SAs in the global CHILD_SA managerMartin Willi2015-02-202-15/+77
* child-sa-manager: Add a global manager storing CHILD_SA relationsMartin Willi2015-02-202-0/+422
* child-sa: Replace reqid based marks by "unique" marksMartin Willi2015-02-209-10/+108
* child-sa: Introduce a unique CHILD_SA identifierMartin Willi2015-02-202-0/+24
* child-sa: Delegate reqid allocation to the kernel interfaceMartin Willi2015-02-201-15/+46
* child-sa: Sort traffic selectors after adding CHILD_SA policiesMartin Willi2015-02-201-0/+3
* child-sa: Remove the obsolete update logicMartin Willi2015-02-201-6/+1
* kernel-interface: Pass full list of traffic selectors to add_sa()Martin Willi2015-02-201-8/+6
* kernel-interface: Remove reqid parameter from get_spi/get_cpi() methodsMartin Willi2015-02-201-2/+2
* ikev2: Only touch the DH object if we have a matching proposalTobias Brunner2014-12-231-11/+17
* apple: Redefine some additional clashing Mach typesMartin Willi2014-12-161-0/+2
* ike: Make check for known payloads depend on IKE versionTobias Brunner2014-12-051-1/+1
* ikev2: Fix handling of more than one hash-and-URL certificate payloadsTobias Brunner2014-12-041-2/+2
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 23:37:27 +0000