aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
| | * Message rules for IKEv1 ID_PROT exchange added.Tobias Brunner2012-03-201-0/+77
| | | | | | | | | | | | | | | These rules are quite broad and cover main mode with at least PSK and signature based authentication.
| | * Typo fixed.Tobias Brunner2012-03-201-1/+1
| | |
| | * Use vendor id payload for IKEv1 payloads, tooMartin Willi2012-03-204-10/+22
| | |
| | * Added IKEv1 payload identifiers to "known" payload listMartin Willi2012-03-201-2/+9
| | |
| | * Handle IKEv1 messages in managers checkout_by_messageMartin Willi2012-03-201-9/+30
| | |
| | * Added IKEv1 payload identifiersMartin Willi2012-03-202-4/+97
| | |
| | * Accept and process IKEv1 messages in receiverMartin Willi2012-03-201-7/+18
| | |
| | * Extended IKE header for IKEv1 supportMartin Willi2012-03-204-58/+236
| | |
* | | Added a dedicated sender flush method, delay sender destruction until users goneMartin Willi2012-05-023-3/+20
| | |
* | | add AUTH_RULE_SUBJECT_CERT for raw public keys4.6.3Andreas Steffen2012-04-301-0/+4
| | |
* | | Typo fixed.Tobias Brunner2012-04-301-1/+1
| | |
* | | output validity of raw public key if availableAndreas Steffen2012-04-301-2/+34
| | |
* | | added support for raw RSA public keys to strokeAndreas Steffen2012-04-305-1/+100
| | |
* | | Fixed null-pointer dereference in smp plugin.Tobias Brunner2012-04-261-3/+7
| | |
* | | Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-183-17/+4
| | | | | | | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* | | Store password with remote ID to tie it stronger to a specific connection.Tobias Brunner2012-04-181-12/+50
| | |
* | | Added stroke user-creds command, to set username/password for a connection.Tobias Brunner2012-04-173-1/+166
| | |
* | | Added method to add additional shared secrets to stroke_cred_t.Tobias Brunner2012-04-172-2/+20
| | |
* | | Typo fixed.Tobias Brunner2012-04-171-1/+1
| | |
* | | Keep COOKIEs enabled once threshold is hit, until we see no COOKIEs for a ↵Martin Willi2012-04-171-5/+43
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | few secs Toggling COOKIEs on/off is problematic: After doing a COOKIE exchange as initiator, we can't know if the completing IKE_SA_INIT message is to our first request or the one with the COOKIE. If the responder just enabled/disabled COOKIEs and packets get retransmitted, both might be true. Avoiding COOKIE behavior toggling improves the situation, but does not solve the problem during the initial COOKIE activation.
* | | Added a note about DH/keymat lifecycle for custom implementationsMartin Willi2012-04-171-1/+6
| | |
* | | Reuse existing DH value when retrying IKE_SA_INIT with a COOKIEMartin Willi2012-04-171-2/+5
| | |
* | | Use IP address as ID as responder if not configured or no IDr received.Tobias Brunner2012-04-161-3/+11
| | |
* | | Fall back on IP address as IDi if none is configured at all.Tobias Brunner2012-04-161-7/+7
| | |
* | | Use auth_cfg_t.replace_value where appropriate.Tobias Brunner2012-04-162-26/+5
| | |
* | | Fixed IDi in case neither left nor leftid is configured.Tobias Brunner2012-04-161-0/+21
| | |
* | | Don't invoke child_updown hook twice as responderMartin Willi2012-04-111-3/+8
| | |
* | | Accept zero-length certificate request payloadsMartin Willi2012-04-111-2/+1
| | |
* | | Properly initialize src in ike_sa_t.is_any_path_valid().Tobias Brunner2012-04-061-1/+1
| | |
* | | remove leading zero in ASN.1 encoded serial numbersAndreas Steffen2012-04-051-2/+2
| | |
* | | Make AES-CMAC actually usable for IKEv2.Tobias Brunner2012-04-041-0/+5
| | |
* | | moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-2/+3
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-3/+10
| | |
* | | added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-6/+17
| | |
* | | added GSPM IKEv2 payloadAndreas Steffen2012-04-032-8/+20
| | |
* | | Doxygen fixes.Tobias Brunner2012-04-032-2/+2
| | |
* | | Don't cast second argument of mem_printf_hook (%b) to size_t.Tobias Brunner2012-03-275-12/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Also treat the given number as unsigned int. Due to the printf hook registration the second argument of mem_printf_hook (if called via printf etc.) is always of type int*. Casting this to a size_t pointer and then dereferencing that as int does not work on big endian machines if int is smaller than size_t (e.g. on ppc64). In order to make this change work if the argument is of a type larger than int, size_t for instance, the second argument for %b has to be casted to (u_)int.
* | | smp: Use proper signed type to get return value of read(2).Tobias Brunner2012-03-271-1/+1
| | |
* | | Don't include individual glib headers in nm plugin.Tobias Brunner2012-03-261-1/+1
| | | | | | | | | | | | | | | Expections are glib/gi18n.h, glib/gi18n-lib.h, glib/gprintf.h and glib/gstdio.h.
* | | fixed parsing of IF-MAP SOAP responsesAndreas Steffen2012-03-211-35/+30
|/ /
* | added the strongswan.conf options of the tnc-pdp pluginAndreas Steffen2012-03-161-1/+1
| |
* | eliminate unneeded private variableAndreas Steffen2012-03-141-3/+3
| |
* | use MAX_RADIUS_ATTRIBUTE_SIZE constant from radius_message header fileAndreas Steffen2012-03-142-4/+3
| |
* | make the mppe salt uniqueAndreas Steffen2012-03-141-8/+18
| |
* | implemented MS_MPPE encryptionAndreas Steffen2012-03-131-14/+93
| |
* | use RADIUS_TUNNEL_TYPE_ESP defined in header fileAndreas Steffen2012-03-131-3/+1
| |
* | implemented RADIUS Filter-ID attributeAndreas Steffen2012-03-133-24/+87
| |
* | removed double library entryAndreas Steffen2012-03-131-2/+0
| |
* | adapted debug outputAndreas Steffen2012-03-131-1/+1
| |
* | keep a list of RADIUS connections with EAP method statesAndreas Steffen2012-03-134-12/+320
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-17 11:00:46 +0000