aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
* Add stroke message type countersMartin Willi2012-10-241-0/+75
|
* Add stroke counters for invalid IKE messagesMartin Willi2012-10-241-0/+27
|
* Add stroke CHILD_SA rekeying counterMartin Willi2012-10-241-0/+12
|
* Add stroke IKE rekey countersMartin Willi2012-10-241-0/+26
|
* Raise a bus alert when IKE message body parsing failsMartin Willi2012-10-243-0/+7
|
* Raise a bus alert when IKE message header parsing failsMartin Willi2012-10-242-0/+3
|
* Raise a bus alert when a received message contains unknown SPIsMartin Willi2012-10-242-0/+6
|
* Define stroke counter types to implementMartin Willi2012-10-242-0/+86
|
* Add a stub for IKE event counters in strokeMartin Willi2012-10-244-0/+112
|
* Add a load-tester option to define the IKE version to use for testingMartin Willi2012-10-241-2/+9
|
* Remove peer_cfg IKE version matching, as it is done in ike_cfg matchingMartin Willi2012-10-241-22/+3
|
* Respect IKE version while selecting an ike_cfg as responderMartin Willi2012-10-244-13/+38
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-2411-23/+15
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-2411-22/+52
|
* Move ike_version_t definition from peer_cfg_t to ike_cfg_tMartin Willi2012-10-244-24/+24
|
* Handle type of first EAP-RADIUS response more sophisticatedTobias Brunner2012-10-181-3/+18
|
* Update routed connections in trap managerTobias Brunner2012-10-181-37/+39
| | | | | | Before this change, modified configs that have been updated with ipsec reload, could properly be started manually, but the old config would get used if triggered via trap policies.
* Reload logger configuration on SIGHUPTobias Brunner2012-10-183-37/+369
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Make syslog and file loggers configurable at runtimeTobias Brunner2012-10-184-21/+157
|
* Resolve hosts by DNS name in separate threads so we can cancel themTobias Brunner2012-10-181-1/+2
| | | | | | | | | | getaddrinfo(3) may block a long time so proper termination of the daemon may block if DNS servers are not reachable. getaddrinfo(3) is an optional cancellation point in posix threads so it might still block a shutdown but at least on Android (with the signal based pthread_cancel implementation) it works, on Linux starter will kill charon anyway after a while.
* Added a new alert that is raised if peer does not respond to initial IKE messageTobias Brunner2012-10-162-0/+4
|
* Remove unused this parameter to load_issuer_cert/key(), as it is uninitializedMartin Willi2012-10-161-4/+4
|
* Generate a load-tester certificate only for DN or subjectAltName identitiesMartin Willi2012-10-161-7/+17
|
* Add a load-tester initiator_match option to match custom initiator_idMartin Willi2012-10-161-2/+15
|
* Encode non-DN load-tester identities as subjectAltNamesMartin Willi2012-10-161-1/+16
|
* Add a load-tester digest option for issuing peer certificatesMartin Willi2012-10-161-1/+16
|
* Load a multiple load-tester CA certificates from a directoryMartin Willi2012-10-161-4/+63
|
* Added load-tester options to read issuing CA certificate and key from filesMartin Willi2012-10-161-7/+45
|
* Fixed compilation of android_handler_tTobias Brunner2012-10-111-0/+1
|
* Fix leak of PINs from ipsec.secretsMartin Willi2012-10-091-1/+2
|
* allow has_noskip_flag to contain TRUE_OR_FALSEAndreas Steffen2012-10-071-1/+1
|
* test first and up in the outer while loopAndreas Steffen2012-10-071-5/+1
|
* Ensure UNSUPPORTED_CRITICAL_PAYLOAD notify contains correct payload typeTobias Brunner2012-09-281-0/+1
|
* Missed one in 6c10ceceTobias Brunner2012-09-281-0/+2
|
* Request is never NULL when responding with an INFORMATIONAL messageTobias Brunner2012-09-281-1/+1
|
* Completed state handling in isakmp_cert_preTobias Brunner2012-09-281-0/+4
| | | | Should not be a problem, but makes static analyzers happy.
* Added missing continue statement in ha socket error handlingTobias Brunner2012-09-281-0/+1
|
* Fixed snprintf check in tnc-ifmap pluginTobias Brunner2012-09-281-1/+1
|
* Use %x to print uint32 as long ints are 64-bit long on x64 LinuxTobias Brunner2012-09-281-1/+1
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-286-21/+22
|
* Avoid memory leak when sending RADIUS accounting start message failedTobias Brunner2012-09-281-1/+1
|
* Correctly initialize payload length of encrypted payloadTobias Brunner2012-09-281-1/+1
|
* The eap argument of send_response is never NULLTobias Brunner2012-09-281-13/+11
|
* Properly initialize sockaddr_in struct in fast and dhcp pluginsTobias Brunner2012-09-281-4/+7
|
* Clarified error message if enabling UDP decapsulation failsTobias Brunner2012-09-272-2/+4
|
* IKE_AUTH_LIFETIME task is not defined if IKEv2 is disabledTobias Brunner2012-09-251-1/+4
| | | | Fixes #229.
* Don't check interface of inbound message if interfaces are not filteredTobias Brunner2012-09-241-2/+3
| | | | | We don't have a proper kernel-net interface on Android yet, so the check for a usable interface does not work there.
* Made IP address enumeration more flexibleTobias Brunner2012-09-215-5/+5
| | | | Also added an option to enumerate addresses on ignored interfaces.
* Drop packets received on ignored interfacesTobias Brunner2012-09-211-2/+12
|
* Make it easy to check if an address is locally usable via changed ↵Tobias Brunner2012-09-212-18/+9
| | | | get_interface() method
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 07:04:25 +0000