aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
| | * Added a "aggressive" ipsec.conf connection optionMartin Willi2012-03-201-1/+1
| | |
| | * Handle aggressive mode task in IKEv1 task managerMartin Willi2012-03-201-6/+36
| | |
| | * Select IKEv1 configurations by main/aggressive mode optionMartin Willi2012-03-204-5/+8
| | |
| | * Added an aggressive mode peer_cfg optionMartin Willi2012-03-2012-18/+40
| | |
| | * Fix sending of CERTREQ/CERT payloads in aggressive modeMartin Willi2012-03-202-2/+12
| | |
| | * Encrypt payloads of third aggressive mode messageMartin Willi2012-03-201-3/+3
| | |
| | * Implemented aggressive mode using Phase 1 helper classMartin Willi2012-03-205-0/+683
| | |
| | * Make use of the new Phase 1 helper class in main modeMartin Willi2012-03-201-579/+73
| | |
| | * Implemented a common Phase 1 helper class to use by main and aggressive modesMartin Willi2012-03-203-0/+754
| | |
| | * Fix error handling if no PSK found for main modeMartin Willi2012-03-201-5/+9
| | |
| | * Install quick mode CHILD_SAs with negotiated encapsulation modeMartin Willi2012-03-201-12/+17
| | |
| | * Support IKEv1 proposal encodings having both lifebytes and a lifetimeMartin Willi2012-03-201-67/+58
| | |
| | * Try to detect reauthentication as responder and adopt children to new SAMartin Willi2012-03-205-1/+233
| | |
| | * Destroy IKE_SA after reauthentication initiatend and lifetime limit reachedMartin Willi2012-03-201-1/+6
| | |
| | * Added an IKE_SA manager method to enumerate IKE_SA IDs filtered by identitiesMartin Willi2012-03-202-34/+59
| | |
| | * Query for XAuth identity in get_other_eap_id(), tooMartin Willi2012-03-201-0/+4
| | |
| | * Set ISAKMP SA state to rekeying after triggering reauthenticationMartin Willi2012-03-201-0/+1
| | |
| | * Include peer config overtime in negotiated ISAKMP SA lifetimeMartin Willi2012-03-201-2/+3
| | |
| | * Initiate IKEv1 reauthentication, take over all childrenMartin Willi2012-03-201-4/+44
| | |
| | * Establish IKE_SA only once as XAuth responderMartin Willi2012-03-201-1/+0
| | |
| | * Support initiation of childless IKEv1 ISAKMP SAsMartin Willi2012-03-201-1/+2
| | |
| | * Don't trigger reauthentication if initiator authenticated using XAuthMartin Willi2012-03-201-0/+1
| | |
| | * Set a condition flag if peer has been authenticated using XAuthMartin Willi2012-03-202-0/+6
| | |
| | * Queue Mode Config tasks after main mode as initiator, not as responderMartin Willi2012-03-201-6/+6
| | |
| | * Setting Mode Cfg identifier for CFG_ACK messages.Clavister OpenSource2012-03-201-0/+7
| | |
| | * Add functions to set mode cfg identifierClavister OpenSource2012-03-202-0/+27
| | |
| | * Try all matching XAuth secrets we find, not only the first oneMartin Willi2012-03-201-11/+23
| | |
| | * As responder, try to reuse the reqid of the CHILD_SA the initiator is rekeyingMartin Willi2012-03-201-0/+38
| | |
| | * Reply quick mode with the same SA lifetime that we receivedMartin Willi2012-03-201-4/+4
| | |
| | * Do not query CHILD_SA during delete if they already expiredMartin Willi2012-03-2018-46/+99
| | |
| | * Implemented CHILD_SA rekeyingMartin Willi2012-03-201-1/+18
| | |
| | * Don't return FAILED if a CHILD_SA to delete could not be foundMartin Willi2012-03-201-1/+1
| | |
| | * Support installing of quick mode SAs with a specific reqidMartin Willi2012-03-203-3/+27
| | |
| | * Double check that we could select a TS as quick mode responderMartin Willi2012-03-201-3/+3
| | |
| | * Implemented responder retransmission, currently enabled for quick mode onlyMartin Willi2012-03-202-57/+117
| | |
| | * Queue IKEv1 INFORMATIONALS with higher priority to process notifies firstMartin Willi2012-03-201-2/+2
| | |
| | * Accept IKEv1 INVALID_KE_INFORMATION notifies without dataMartin Willi2012-03-201-2/+2
| | |
| | * Don't process notifies in quick mode task when we get an INFORMATIONALMartin Willi2012-03-201-1/+2
| | |
| | * Always queue a new passive task when receiving an IKEv1 INFORMATIONALMartin Willi2012-03-201-1/+2
| | |
| | * IKEv1 ATTRIBUTES_NOT_SUPPORTED error notify added.Tobias Brunner2012-03-202-2/+7
| | |
| | * Fixed leak of a hash when checking out by hashMartin Willi2012-03-201-0/+1
| | |
| | * Give a hint that decryption failed if payload length invalidMartin Willi2012-03-201-0/+7
| | |
| | * Cast keymat safely, not based on external inputMartin Willi2012-03-201-36/+44
| | |
| | * Added a keymat_t version to cast it safelyMartin Willi2012-03-203-0/+21
| | |
| | * Handle initiation of not supported IKE versions properlyMartin Willi2012-03-209-47/+111
| | |
| | * Send a delete for every CHILD_SA before deleting IKE_SAMartin Willi2012-03-201-3/+15
| | |
| | * Set used auth_class in PSKv1 authenticator to comply to constraintsMartin Willi2012-03-204-6/+20
| | |
| | * Fixed scheduling of IKEv2 init tasks in a second keyingtryMartin Willi2012-03-201-20/+42
| | |
| | * Don't requeue IKEv1 init tasks if they already exist in a second keyingtryMartin Willi2012-03-201-5/+42
| | |
| | * Use IPSEC DOI also for ISAKMP SA deletes.Tobias Brunner2012-03-201-1/+1
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 23:10:02 +0000