aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
| * Function added to send packets without Non-ESP marker.Tobias Brunner2012-08-082-20/+36
| |
| * Avoid unnecessary copy of packet data when removing Non-ESP marker.Tobias Brunner2012-08-081-2/+1
| |
| * Added packet_t.skip_bytes method to skip bytes at the start of a packet.Tobias Brunner2012-08-082-3/+26
| |
| * Improved how NAT-T keepalives are handled in sockets/receiver.Tobias Brunner2012-08-084-24/+16
| |
| * Let kernel interfaces decide how to enable UDP decapsulation of ESP packets.Tobias Brunner2012-08-084-78/+21
| |
| * Callback for ESP packets added to receiver.Tobias Brunner2012-08-082-6/+86
| |
| * Add Non-ESP marker in sender and not individual socket plugins.Tobias Brunner2012-08-085-39/+23
| |
| * Handle Non-ESP marker in receiver and not individual socket plugins.Tobias Brunner2012-08-084-40/+34
| |
| * Moved Android specific logger to separate plugin.Tobias Brunner2012-08-089-33/+168
| | | | | | | | | | | | This is mainly because the other parts of the existing android plugin can not be built in the NDK (access to keystore and system properties are not part of the stable NDK libraries).
| * Link android plugin against liblog in the NDK.Tobias Brunner2012-08-081-0/+1
| | | | | | | | Doesn't seem to hurt the build within the source tree.
| * Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-0816-47/+65
| | | | | | | | configurable.
* | Doxygen fixTobias Brunner2012-08-111-1/+1
| |
* | Use actual daemon name to enable XAuth/PSK with aggressive modeMartin Willi2012-08-101-2/+3
| |
* | EAP-GTC can use any XAuth backend, including xauth-pamMartin Willi2012-08-102-88/+45
| | | | | | | | | | | | | | This makes EAP-GTC a generic plain password authentication method, as it is used with XAuth. Instead of verifying credentials with PAM, any backend can be configured. The default is xauth-pam, providing the same functionality as EAP-GTC in strongSwan 4.x.
* | Add xauth-pam, an XAuth backend verifying credentials with PAMMartin Willi2012-08-106-0/+390
| |
* | make max_message_size parameter consistent with similar optionsAndreas Steffen2012-08-092-2/+2
|/
* Remove queued IKEv1 message before processing itMartin Willi2012-08-081-3/+5
| | | | | Avoids destruction or processing of a queued message in recursive process_message() call.
* Include src address in hash of initial message for Main ModeTobias Brunner2012-08-081-5/+31
| | | | | | | If two initiators use the same SPI and also use the same SA proposal the hash for the initial message would be exactly the same. For IKEv2 and Aggressive Mode that's not a problem as these messages include random data (Ni, KEi payloads).
* Add DH group 15 (MODP-3072) to IKE proposalAdrian-Ken Rueegsegger2012-08-061-0/+1
|
* Block XAuth transaction on established IKE_SAs, but allow Mode ConfigMartin Willi2012-08-032-2/+1
|
* Fix linking of addrblock plugin when building monolithicMartin Willi2012-08-031-1/+1
| | | | Fixes #212.
* Reject initial exchange messages early once IKE_SA is establishedMartin Willi2012-08-021-0/+18
|
* Lookup IKEv1 PSK even if the peer identity is not knownMartin Willi2012-07-311-1/+1
|
* Proper fallback if capability dropping is not availableTobias Brunner2012-07-272-1/+6
|
* Include stdint.h for UINTxx_MAX definesTobias Brunner2012-07-271-2/+3
| | | | Fixes #205.
* Don't include acquiring packet traffic selectors in IKEv1Martin Willi2012-07-261-0/+5
| | | | | | | | As we only can negotiate a single TS in IKEv1, don't prepend the triggering packet TS, as we do in IKEv2. Otherwise we don't establish the TS of the configuration, but only that of the triggering packet. Fixes #207.
* Implement late peer config switching after XAuth authenticationMartin Willi2012-07-261-15/+80
| | | | | | | If additional authentication constraints, such as group membership, is not fulfilled by an XAuth backend, we search for another peer configuration that fulfills all constraints, including those from phase1.
* Check if XAuth round complies to configured authentication roundMartin Willi2012-07-261-7/+18
|
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-262-3/+15
|
* Merge auth config items added from XAuth backends to IKE_SAMartin Willi2012-07-261-0/+1
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-262-3/+6
|
* Release leaking child config after uninstalling shunt policyMartin Willi2012-07-231-0/+1
|
* Don't print hexdumps on loglevel 1 if hash verification failsMartin Willi2012-07-201-3/+3
|
* Fix EAP-MSCHAPv2 master key derivation, broken with 87dd205bMartin Willi2012-07-181-4/+12
|
* Use centralized hasher names in coupling pluginMartin Willi2012-07-171-20/+2
|
* handled return values in tnc-pdpAndreas Steffen2012-07-161-8/+17
|
* Handle PRF failures in eap-aka-3gpp2Martin Willi2012-07-164-57/+124
|
* Refactored error handling in keymat_v1_tMartin Willi2012-07-161-25/+27
|
* Clean up error handling in keymat_v2_tMartin Willi2012-07-161-87/+65
|
* Cleaned up memory management and return values for encryption payloadMartin Willi2012-07-165-35/+35
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-169-44/+125
|
* Add a return value to keymat_v1_t.{get,update,confirm}_ivMartin Willi2012-07-165-31/+80
|
* Add a return value to hasher_t.get_hash()Martin Willi2012-07-163-10/+28
|
* Add a return value to crypter_t.set_key()Martin Willi2012-07-163-7/+24
|
* Add a return value to crypter_t.decrypt()Martin Willi2012-07-161-2/+1
|
* Add a return value to crypter_t.encryptMartin Willi2012-07-162-3/+8
|
* Check rng return value when generating identity in eap-simaka-reauth pluginTobias Brunner2012-07-161-4/+18
|
* Check rng return value when generating pseudonym in eap-simaka-pseudonym pluginTobias Brunner2012-07-161-1/+10
|
* Check rng return value when generating nonces in eap-aka pluginTobias Brunner2012-07-161-1/+4
|
* Check rng return value when generating nonces in eap-sim pluginTobias Brunner2012-07-162-2/+8
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 05:53:21 +0000