aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Expand)AuthorAgeFilesLines
* quick-mode: Correctly prepare NAT-OA payloads as responderTobias Brunner2017-03-061-8/+13
* ikev1: Respond to DPDs for rekeyed IKE_SAsTobias Brunner2017-02-172-0/+10
* ike-sa: Optionally try to migrate to the best path on routing priority changesMartin Willi2017-02-171-1/+23
* ikev2: Ignore roam events without MOBIKE but static local addressTobias Brunner2017-02-171-0/+10
* shunt-manager: Add an optional namespace for each shuntTobias Brunner2017-02-162-28/+75
* child-sa: Do not install mark on inbound kernel SAEyal Birger2017-02-141-4/+1
* ikev2: Ignore IKEV2_MESSAGE_ID_SYNC notifies if extension is disabledTobias Brunner2017-02-082-10/+37
* ikev2: Don't increase expected MID after handling MID sync messageTobias Brunner2017-02-082-3/+4
* ikev2: Don't cache response to MID sync requestTobias Brunner2017-02-081-1/+11
* ikev2: Accept INFORMATIONAL messages with MID 0 if used to sync MIDsTobias Brunner2017-02-081-3/+42
* ikev2: Negotiate support for IKE message ID synchronisation during IKE_AUTHTobias Brunner2017-02-082-0/+12
* ikev2: Add task to handle IKEV2_MESSAGE_ID_SYNC notifies as responderTobias Brunner2017-02-085-0/+341
* ike: Publish getter for the current message ID on IKE_SATobias Brunner2017-02-082-1/+19
* ike: Add getter for the current message ID to task managerTobias Brunner2017-02-083-1/+23
* ikev1: Factor out IV and QM managementTobias Brunner2017-02-084-261/+498
* keymat: Allow keymat to modify signature scheme(s)Thomas Egerer2017-02-087-18/+49
* ike-auth: Don't send INITIAL_CONTACT if remote ID contains wildcardsTobias Brunner2017-02-061-1/+2
* Implemented EdDSA for IKEv2 using a pro forma Identity hash functionAndreas Steffen2016-12-141-0/+32
* ikev1: Minor code optimization in task managerThomas Egerer2016-12-071-11/+5
* child-sa: Use single return statement in update_usebytes()Thomas Egerer2016-11-181-4/+8
* task-manager: Only trigger retransmit cleared alert if there was at least one...Tobias Brunner2016-10-052-2/+2
* ikev2: Respond with NO_PROPOSAL_CHOSEN if proposal without DH group was selectedTobias Brunner2016-10-051-0/+1
* ikev2: Only add NAT-D notifies to DPDs as initiatorTobias Brunner2016-10-041-8/+15
* ikev1: Activate task to delete the IKE_SA in state IKE_REKEYINGTobias Brunner2016-10-041-0/+8
* ikev1: Delete Quick Mode SAs before the ISAKMP SATobias Brunner2016-10-041-2/+2
* ikev1: Send DELETE for rekeyed IKE_SAsTobias Brunner2016-10-041-9/+5
* ike: Set default IKE fragment size to 1280Tobias Brunner2016-10-041-1/+1
* ikev2: Send derived CHILD_SA keys to the busTobias Brunner2016-10-041-26/+43
* ikev2: Send derived IKE_SA keys to busTobias Brunner2016-10-041-26/+30
* ikev1: Send derived CHILD_SA keys to the busTobias Brunner2016-10-041-14/+26
* ikev1: Send derived IKE_SA keys to busTobias Brunner2016-10-041-14/+11
* child-sa: Only install outbound FWD policies if explicitly configuredTobias Brunner2016-09-281-14/+27
* gmp: Support of SHA-3 RSA signaturesAndreas Steffen2016-09-221-2/+2
* ikev2: (Re-)Queue tasks used to establish an IKE_SA in reset()Tobias Brunner2016-09-061-2/+1
* ikev2: Store proposal on IKE_SA before creating DH objectTobias Brunner2016-09-061-2/+5
* ikev1: Ignore the last two bytes of the Cisco Unity vendor IDTobias Brunner2016-08-241-0/+3
* ike1: Flush active queue when queueing a delete of the IKE_SATobias Brunner2016-07-191-0/+3
* child-rekey: Only rekey installed CHILD_SAsTobias Brunner2016-06-171-7/+14
* child-rekey: Ignore failed colliding CHILD_SA rekeyingsTobias Brunner2016-06-171-1/+10
* child-create: Retry creating the CHILD_SA if TEMPORARY_FAILURE is receivedTobias Brunner2016-06-171-4/+33
* ikev2: Add possibility to delay initiation of a queued taskTobias Brunner2016-06-175-66/+189
* ike: Reduce RETRY_INTERVAL a bitTobias Brunner2016-06-171-2/+2
* ike-rekey: Return TEMPORARY_FAILURE when concurrently creating a CHILD_SATobias Brunner2016-06-171-14/+35
* ike: Add configuration option to switch to preferring supplied proposals over...Tobias Brunner2016-06-175-10/+21
* child-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-172-5/+5
* ike-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-173-5/+5
* ike-rekey: Make sure to ignore task when detecting collisions if ike-init sub...Tobias Brunner2016-06-171-1/+2
* ike-rekey: Handle undetected collisions also if delete is delayedTobias Brunner2016-06-171-16/+26
* ike-rekey: There is no passive reauth task, so it will never collide with oneTobias Brunner2016-06-172-7/+4
* ike-rekey: Ignore colliding rekey tasks that did not create an IKE_SATobias Brunner2016-06-171-56/+64
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 08:17:29 +0000