aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
* Fixed log message when no shared secret is found during IKEv1 Main ModeTobias Brunner2012-10-291-1/+1
|
* Remove all ESP proposals with non-matching DH group during Quick ModeTobias Brunner2012-10-241-10/+22
| | | | | | According to RFC 2409, section 5.5, if PFS is used all proposals MUST include the selected DH group, so we remove proposals without the proposed group and remove other DH groups from the remaining proposals.
* proposal_t.strip_dh() takes a DH group to keep, using MODP_NONE will remove allTobias Brunner2012-10-243-6/+15
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-2445-51/+51
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-2493-105/+105
|
* Moved packet_t and tun_device_t to networking folderTobias Brunner2012-10-247-7/+7
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-2413-16/+16
|
* Send certificate requests in load-testerMartin Willi2012-10-241-2/+2
|
* Add load-tester traffic selector configuration optionsMartin Willi2012-10-241-5/+67
|
* Make use of new CIDR string ts constructor where appropriateMartin Willi2012-10-243-66/+19
|
* Increase the limit of acceptable IKEv1 CERTREQ payloads to 20Martin Willi2012-10-241-1/+1
|
* Use explicit, larger buffer sizes for smartcard keyids and modulesMartin Willi2012-10-241-8/+8
|
* Support loading cacert certificates in ipsec.conf ca sections from smartcardMartin Willi2012-10-241-19/+37
|
* Refactored stroke smartcard token parsing, support module and slot in ↵Martin Willi2012-10-241-62/+101
| | | | leftcert option
* Load ipsec.conf %smartcard leftcerts with pkcs11 builderMartin Willi2012-10-241-8/+20
|
* Only add an implicit PRF based on the MAC alg if no PRF given in proposalMartin Willi2012-10-241-38/+38
|
* Add an interactive mode in lookip tool, demonstrate lasting connectionsMartin Willi2012-10-241-9/+57
|
* Send a lookip NOT_FOUND reply if a lookup yields no resultsMartin Willi2012-10-243-11/+32
|
* lookup function of lookip listener returns the number of matchesMartin Willi2012-10-242-3/+9
|
* Handle multiple lookip connections using a single FDSETMartin Willi2012-10-241-49/+162
|
* Renamed list to store listening lookip clientsMartin Willi2012-10-241-5/+5
|
* Handle client subscriptions in lookip pluginMartin Willi2012-10-241-12/+89
|
* Add a lookip server side UNIX socket processing LOOKUP and DUMP requestsMartin Willi2012-10-244-1/+309
|
* Add a simple command line utility to query the lookip pluginMartin Willi2012-10-243-0/+213
|
* Defined on-the-wire format used on lookip socketMartin Willi2012-10-242-1/+94
|
* Add a lookip function to register virtual IP notification listenersMartin Willi2012-10-242-4/+87
|
* Add a lookup method to lookip plugin, using a callback to invokeMartin Willi2012-10-242-0/+53
|
* Add a lookip listener that collects the information we are interested inMartin Willi2012-10-244-1/+267
|
* Add a lookip plugin stub to lookup connections by virtual IPMartin Willi2012-10-244-0/+125
|
* Add a "ipsec listcounters" command to strokeMartin Willi2012-10-242-0/+6
|
* Add a print method for stroke countersMartin Willi2012-10-242-0/+29
|
* Add stroke message type countersMartin Willi2012-10-241-0/+75
|
* Add stroke counters for invalid IKE messagesMartin Willi2012-10-241-0/+27
|
* Add stroke CHILD_SA rekeying counterMartin Willi2012-10-241-0/+12
|
* Add stroke IKE rekey countersMartin Willi2012-10-241-0/+26
|
* Raise a bus alert when IKE message body parsing failsMartin Willi2012-10-243-0/+7
|
* Raise a bus alert when IKE message header parsing failsMartin Willi2012-10-242-0/+3
|
* Raise a bus alert when a received message contains unknown SPIsMartin Willi2012-10-242-0/+6
|
* Define stroke counter types to implementMartin Willi2012-10-242-0/+86
|
* Add a stub for IKE event counters in strokeMartin Willi2012-10-244-0/+112
|
* Add a load-tester option to define the IKE version to use for testingMartin Willi2012-10-241-2/+9
|
* Remove peer_cfg IKE version matching, as it is done in ike_cfg matchingMartin Willi2012-10-241-22/+3
|
* Respect IKE version while selecting an ike_cfg as responderMartin Willi2012-10-244-13/+38
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-2411-23/+15
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-2411-22/+52
|
* Move ike_version_t definition from peer_cfg_t to ike_cfg_tMartin Willi2012-10-244-24/+24
|
* Handle type of first EAP-RADIUS response more sophisticatedTobias Brunner2012-10-181-3/+18
|
* Update routed connections in trap managerTobias Brunner2012-10-181-37/+39
| | | | | | Before this change, modified configs that have been updated with ipsec reload, could properly be started manually, but the old config would get used if triggered via trap policies.
* Reload logger configuration on SIGHUPTobias Brunner2012-10-183-37/+369
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Make syslog and file loggers configurable at runtimeTobias Brunner2012-10-184-21/+157
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 20:54:43 +0000