aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
* Install virtual IPs via interface name, and use an interface lookup where ↵Martin Willi2012-11-293-36/+38
| | | | required
* load-tester can dynamically install a dedicated external IP for each IKE_SAMartin Willi2012-11-295-15/+220
| | | | | | | For consistency, the local/remote parameters have been replaced by the initiator/responder options. As initiator, the initiator option can be overriden by an addrs section taking key/value pairs with address pools to use on a specific interface.
* Add an optional kernel-interface parameter to install IPs with a custom prefixMartin Willi2012-11-292-6/+6
|
* Add a delay option to load-tester socketMartin Willi2012-11-292-7/+11
|
* Indicate message retransmissions while initiating load-test batchesMartin Willi2012-11-291-0/+26
|
* Add alerts for sent/received message retransmissions and timeoutMartin Willi2012-11-293-0/+14
|
* Initiate each load-testing connection with a fresh peer configMartin Willi2012-11-291-19/+23
|
* Initiate IKE_SAs trigger over load-tester socket in parallelMartin Willi2012-11-291-9/+145
|
* Add a simple load-tester utility to initiate over control socketMartin Willi2012-11-293-0/+108
|
* Add a load-tester control socket to manually trigger initiationMartin Willi2012-11-294-1/+271
|
* Lookip plugin additionally reports the IKE_SA unique identifierMartin Willi2012-11-295-10/+21
|
* Do not send 0.0.0.0/0 traffic selectors as Split-Include Unity attributesMartin Willi2012-11-221-2/+6
| | | | It seems that iOS devices don't like them.
* Add an ikesa_limit option to limit number of IKE_SAs as responderMartin Willi2012-11-161-19/+39
|
* Pass PLUTO_XAUTH_ID to updown scriptMartin Willi2012-11-161-1/+21
|
* libcharon can be initialized more than onceMartin Willi2012-11-142-5/+34
|
* centralized processing of assessment informationAndreas Steffen2012-11-121-4/+3
|
* Include 'aggressive' when comparing peer_cfg_t objectsTobias Brunner2012-11-071-0/+1
|
* Fixed output of longer debug messagesTobias Brunner2012-11-071-0/+1
| | | | | (v)snprintf(3) returns the length without terminating null byte but the length given as parameter must include it.
* 'signal' is a keyword in MySQL 5.5Tobias Brunner2012-11-071-1/+2
| | | | Fixes #251.
* Log sent vendor IDs for IKEv1Tobias Brunner2012-11-021-0/+1
|
* Compiler warning fixedTobias Brunner2012-11-021-1/+1
|
* Exclude dynamic TS from Unity Split-Include attributesMartin Willi2012-10-301-0/+1
|
* Fixed log message when no shared secret is found during IKEv1 Main ModeTobias Brunner2012-10-291-1/+1
|
* Remove all ESP proposals with non-matching DH group during Quick ModeTobias Brunner2012-10-241-10/+22
| | | | | | According to RFC 2409, section 5.5, if PFS is used all proposals MUST include the selected DH group, so we remove proposals without the proposed group and remove other DH groups from the remaining proposals.
* proposal_t.strip_dh() takes a DH group to keep, using MODP_NONE will remove allTobias Brunner2012-10-243-6/+15
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-2445-51/+51
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-2493-105/+105
|
* Moved packet_t and tun_device_t to networking folderTobias Brunner2012-10-247-7/+7
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-2413-16/+16
|
* Send certificate requests in load-testerMartin Willi2012-10-241-2/+2
|
* Add load-tester traffic selector configuration optionsMartin Willi2012-10-241-5/+67
|
* Make use of new CIDR string ts constructor where appropriateMartin Willi2012-10-243-66/+19
|
* Increase the limit of acceptable IKEv1 CERTREQ payloads to 20Martin Willi2012-10-241-1/+1
|
* Use explicit, larger buffer sizes for smartcard keyids and modulesMartin Willi2012-10-241-8/+8
|
* Support loading cacert certificates in ipsec.conf ca sections from smartcardMartin Willi2012-10-241-19/+37
|
* Refactored stroke smartcard token parsing, support module and slot in ↵Martin Willi2012-10-241-62/+101
| | | | leftcert option
* Load ipsec.conf %smartcard leftcerts with pkcs11 builderMartin Willi2012-10-241-8/+20
|
* Only add an implicit PRF based on the MAC alg if no PRF given in proposalMartin Willi2012-10-241-38/+38
|
* Add an interactive mode in lookip tool, demonstrate lasting connectionsMartin Willi2012-10-241-9/+57
|
* Send a lookip NOT_FOUND reply if a lookup yields no resultsMartin Willi2012-10-243-11/+32
|
* lookup function of lookip listener returns the number of matchesMartin Willi2012-10-242-3/+9
|
* Handle multiple lookip connections using a single FDSETMartin Willi2012-10-241-49/+162
|
* Renamed list to store listening lookip clientsMartin Willi2012-10-241-5/+5
|
* Handle client subscriptions in lookip pluginMartin Willi2012-10-241-12/+89
|
* Add a lookip server side UNIX socket processing LOOKUP and DUMP requestsMartin Willi2012-10-244-1/+309
|
* Add a simple command line utility to query the lookip pluginMartin Willi2012-10-243-0/+213
|
* Defined on-the-wire format used on lookip socketMartin Willi2012-10-242-1/+94
|
* Add a lookip function to register virtual IP notification listenersMartin Willi2012-10-242-4/+87
|
* Add a lookup method to lookip plugin, using a callback to invokeMartin Willi2012-10-242-0/+53
|
* Add a lookip listener that collects the information we are interested inMartin Willi2012-10-244-1/+267
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 13:50:32 +0000