index
:
tteras/strongswan
master
tteras
tteras-release
tteras' strongSwan tree
gitolite
about
summary
refs
log
tree
commit
diff
stats
log msg
author
committer
range
path:
root
/
src
/
libcharon
Commit message (
Expand
)
Author
Age
Files
Lines
*
quick-mode: Correctly prepare NAT-OA payloads as responder
Tobias Brunner
2017-03-06
1
-8
/
+13
*
controller: Don't listen for CHILD_SA state changes when terminating IKE_SAs
Tobias Brunner
2017-03-02
1
-1
/
+0
*
kernel: Make range of SPIs for IPsec SAs configurable
Tobias Brunner
2017-03-02
3
-6
/
+26
*
addrblock: Use dynamic TS narrowing instead of rejecting the whole CHILD_SA
Martin Willi
2017-03-02
1
-43
/
+28
*
addrblock: Support an optional non-strict mode accepting certs without addrblock
Martin Willi
2017-03-02
1
-3
/
+11
*
child-cfg: Always apply hosts to traffic selectors if proposing transport mode
Tobias Brunner
2017-02-27
1
-14
/
+19
*
ikev1: Respond to DPDs for rekeyed IKE_SAs
Tobias Brunner
2017-02-17
2
-0
/
+10
*
ike-sa: Optionally try to migrate to the best path on routing priority changes
Martin Willi
2017-02-17
1
-1
/
+23
*
ikev2: Ignore roam events without MOBIKE but static local address
Tobias Brunner
2017-02-17
1
-0
/
+10
*
ike-cfg: Add helper function to determine if a given IP address was configured
Tobias Brunner
2017-02-17
2
-2
/
+46
*
vici: Only log messages if there actually is a listener
Tobias Brunner
2017-02-16
1
-0
/
+7
*
vici: Let has_event_listeners() actually check if clients are registered
Tobias Brunner
2017-02-16
1
-2
/
+4
*
vici: Add support for mediation extension
Tobias Brunner
2017-02-16
1
-1
/
+85
*
peer-cfg: Store mediated_by as name and not peer-cfg reference
Tobias Brunner
2017-02-16
6
-68
/
+95
*
vici: Include uniqueness policy in list-conns
Tobias Brunner
2017-02-16
1
-0
/
+2
*
vici: Add command to initiate SA rekeying
Tobias Brunner
2017-02-16
2
-2
/
+118
*
vici: Use unique names for CHILD_SAs in the list-sas command
Tobias Brunner
2017-02-16
2
-2
/
+7
*
vici: Add support to load CA certificates from tokens and paths in authority ...
Tobias Brunner
2017-02-16
1
-10
/
+97
*
vici: Add support to load certificates from file paths
Tobias Brunner
2017-02-16
1
-13
/
+32
*
vici: Add support to load certificates from tokens
Tobias Brunner
2017-02-16
1
-12
/
+115
*
vici: Add command to load a private key from a token
Tobias Brunner
2017-02-16
2
-3
/
+117
*
vici: List namespace/peer-cfg name with policies and allow filtering
Tobias Brunner
2017-02-16
2
-13
/
+33
*
vici: Explicitly use peer name when uninstalling trap and shunt policies
Tobias Brunner
2017-02-16
3
-10
/
+40
*
stroke: Use peer name as namespace for shunt policies
Tobias Brunner
2017-02-16
2
-3
/
+20
*
shunt-manager: Add an optional namespace for each shunt
Tobias Brunner
2017-02-16
10
-41
/
+90
*
vici: Add support for NT Hash secrets
Tobias Brunner
2017-02-16
1
-0
/
+4
*
vici: Add support for IPv6 Transport Proxy Mode
Tobias Brunner
2017-02-16
2
-14
/
+39
*
vici: Add support for certificate policies
Tobias Brunner
2017-02-16
1
-0
/
+17
*
vici: Add missing dscp setting for IKE_SAs
Tobias Brunner
2017-02-16
1
-5
/
+39
*
vici: Add possibility to remove shared keys by a unique identifier
Tobias Brunner
2017-02-16
2
-5
/
+76
*
vici: Add commands to enumerate and remove private keys
Tobias Brunner
2017-02-16
2
-2
/
+75
*
vici: Update get_pools() in Python and Ruby bindings
Tobias Brunner
2017-02-16
2
-4
/
+6
*
vici: Add option to query a specific pool
Tobias Brunner
2017-02-16
2
-3
/
+10
*
bypass-lan: Don't use interfaces in policies
Tobias Brunner
2017-02-16
1
-7
/
+6
*
child-sa: Do not install mark on inbound kernel SA
Eyal Birger
2017-02-14
1
-4
/
+1
*
kernel-netlink: Use RTA_SRC to specify route source in kernel-based lookups
Martin Willi
2017-02-13
1
-1
/
+8
*
kernel-netlink: Use kernel-based route lookup if we do not install routes
Martin Willi
2017-02-13
1
-1
/
+11
*
vici: Include the Netfilter marks in listed CHILD_SAs
Martin Willi
2017-02-13
2
-0
/
+19
*
vici: Explicitly set the Python encoding type
Martin Willi
2017-02-13
1
-4
/
+4
*
unit-tests: Add test cases for MID sync exchanges
Tobias Brunner
2017-02-08
3
-0
/
+537
*
ikev2: Ignore IKEV2_MESSAGE_ID_SYNC notifies if extension is disabled
Tobias Brunner
2017-02-08
2
-10
/
+37
*
ikev2: Don't increase expected MID after handling MID sync message
Tobias Brunner
2017-02-08
2
-3
/
+4
*
ikev2: Don't cache response to MID sync request
Tobias Brunner
2017-02-08
1
-1
/
+11
*
ikev2: Accept INFORMATIONAL messages with MID 0 if used to sync MIDs
Tobias Brunner
2017-02-08
1
-3
/
+42
*
ikev2: Negotiate support for IKE message ID synchronisation during IKE_AUTH
Tobias Brunner
2017-02-08
2
-0
/
+12
*
ikev2: Add task to handle IKEV2_MESSAGE_ID_SYNC notifies as responder
Tobias Brunner
2017-02-08
7
-0
/
+343
*
ike: Publish getter for the current message ID on IKE_SA
Tobias Brunner
2017-02-08
2
-1
/
+19
*
ike: Add getter for the current message ID to task manager
Tobias Brunner
2017-02-08
3
-1
/
+23
*
kernel-pfroute: Implement enumeration of local subnets
Tobias Brunner
2017-02-08
1
-0
/
+194
*
bypass-lan: Allow ignoring or only considering subnets of specific interfaces
Tobias Brunner
2017-02-08
3
-6
/
+93
[next]