aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Expand)AuthorAgeFilesLines
* quick-mode: Correctly prepare NAT-OA payloads as responderTobias Brunner2017-03-061-8/+13
* controller: Don't listen for CHILD_SA state changes when terminating IKE_SAsTobias Brunner2017-03-021-1/+0
* kernel: Make range of SPIs for IPsec SAs configurableTobias Brunner2017-03-023-6/+26
* addrblock: Use dynamic TS narrowing instead of rejecting the whole CHILD_SAMartin Willi2017-03-021-43/+28
* addrblock: Support an optional non-strict mode accepting certs without addrblockMartin Willi2017-03-021-3/+11
* child-cfg: Always apply hosts to traffic selectors if proposing transport modeTobias Brunner2017-02-271-14/+19
* ikev1: Respond to DPDs for rekeyed IKE_SAsTobias Brunner2017-02-172-0/+10
* ike-sa: Optionally try to migrate to the best path on routing priority changesMartin Willi2017-02-171-1/+23
* ikev2: Ignore roam events without MOBIKE but static local addressTobias Brunner2017-02-171-0/+10
* ike-cfg: Add helper function to determine if a given IP address was configuredTobias Brunner2017-02-172-2/+46
* vici: Only log messages if there actually is a listenerTobias Brunner2017-02-161-0/+7
* vici: Let has_event_listeners() actually check if clients are registeredTobias Brunner2017-02-161-2/+4
* vici: Add support for mediation extensionTobias Brunner2017-02-161-1/+85
* peer-cfg: Store mediated_by as name and not peer-cfg referenceTobias Brunner2017-02-166-68/+95
* vici: Include uniqueness policy in list-connsTobias Brunner2017-02-161-0/+2
* vici: Add command to initiate SA rekeyingTobias Brunner2017-02-162-2/+118
* vici: Use unique names for CHILD_SAs in the list-sas commandTobias Brunner2017-02-162-2/+7
* vici: Add support to load CA certificates from tokens and paths in authority ...Tobias Brunner2017-02-161-10/+97
* vici: Add support to load certificates from file pathsTobias Brunner2017-02-161-13/+32
* vici: Add support to load certificates from tokensTobias Brunner2017-02-161-12/+115
* vici: Add command to load a private key from a tokenTobias Brunner2017-02-162-3/+117
* vici: List namespace/peer-cfg name with policies and allow filteringTobias Brunner2017-02-162-13/+33
* vici: Explicitly use peer name when uninstalling trap and shunt policiesTobias Brunner2017-02-163-10/+40
* stroke: Use peer name as namespace for shunt policiesTobias Brunner2017-02-162-3/+20
* shunt-manager: Add an optional namespace for each shuntTobias Brunner2017-02-1610-41/+90
* vici: Add support for NT Hash secretsTobias Brunner2017-02-161-0/+4
* vici: Add support for IPv6 Transport Proxy ModeTobias Brunner2017-02-162-14/+39
* vici: Add support for certificate policiesTobias Brunner2017-02-161-0/+17
* vici: Add missing dscp setting for IKE_SAsTobias Brunner2017-02-161-5/+39
* vici: Add possibility to remove shared keys by a unique identifierTobias Brunner2017-02-162-5/+76
* vici: Add commands to enumerate and remove private keysTobias Brunner2017-02-162-2/+75
* vici: Update get_pools() in Python and Ruby bindingsTobias Brunner2017-02-162-4/+6
* vici: Add option to query a specific poolTobias Brunner2017-02-162-3/+10
* bypass-lan: Don't use interfaces in policiesTobias Brunner2017-02-161-7/+6
* child-sa: Do not install mark on inbound kernel SAEyal Birger2017-02-141-4/+1
* kernel-netlink: Use RTA_SRC to specify route source in kernel-based lookupsMartin Willi2017-02-131-1/+8
* kernel-netlink: Use kernel-based route lookup if we do not install routesMartin Willi2017-02-131-1/+11
* vici: Include the Netfilter marks in listed CHILD_SAsMartin Willi2017-02-132-0/+19
* vici: Explicitly set the Python encoding typeMartin Willi2017-02-131-4/+4
* unit-tests: Add test cases for MID sync exchangesTobias Brunner2017-02-083-0/+537
* ikev2: Ignore IKEV2_MESSAGE_ID_SYNC notifies if extension is disabledTobias Brunner2017-02-082-10/+37
* ikev2: Don't increase expected MID after handling MID sync messageTobias Brunner2017-02-082-3/+4
* ikev2: Don't cache response to MID sync requestTobias Brunner2017-02-081-1/+11
* ikev2: Accept INFORMATIONAL messages with MID 0 if used to sync MIDsTobias Brunner2017-02-081-3/+42
* ikev2: Negotiate support for IKE message ID synchronisation during IKE_AUTHTobias Brunner2017-02-082-0/+12
* ikev2: Add task to handle IKEV2_MESSAGE_ID_SYNC notifies as responderTobias Brunner2017-02-087-0/+343
* ike: Publish getter for the current message ID on IKE_SATobias Brunner2017-02-082-1/+19
* ike: Add getter for the current message ID to task managerTobias Brunner2017-02-083-1/+23
* kernel-pfroute: Implement enumeration of local subnetsTobias Brunner2017-02-081-0/+194
* bypass-lan: Allow ignoring or only considering subnets of specific interfacesTobias Brunner2017-02-083-6/+93
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-23 13:29:50 +0000