aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Expand)AuthorAgeFilesLines
* unit-tests: Rename targets for libstrongswan and kernel-netlinkThomas Egerer2017-11-091-5/+5
* ikev2: Use helpers to build signature auth dataTobias Brunner2017-11-081-40/+4
* ikev2: Enumerate RSA/PSS schemes and use them if enabledTobias Brunner2017-11-081-7/+11
* ikev2: Support signing with RSASSA-PSS via RFC 7427 signature authTobias Brunner2017-11-081-6/+21
* ikev2: Verify RSASSA-PSS signatures via RFC 7427 signature authTobias Brunner2017-11-081-19/+34
* keymat_v2: Pass/receive signature schemes as signature_param_t objectsTobias Brunner2017-11-082-28/+58
* auth-cfg: Store signature schemes as signature_params_t objectsTobias Brunner2017-11-082-18/+23
* certificate: Return signature scheme and parameters from issued_by() methodTobias Brunner2017-11-081-0/+1
* private-key: Add optional parameters argument to sign() methodTobias Brunner2017-11-082-3/+3
* public-key: Add optional parameters argument to verify() methodTobias Brunner2017-11-082-2/+2
* ikev2: Don't use SHA-1 for RFC 7427 signature authenticationTobias Brunner2017-11-081-3/+1
* proposal: Remove MODP-1024 from default IKE proposalTobias Brunner2017-11-081-2/+2
* proposal: Remove MD5 from default IKE proposalTobias Brunner2017-11-081-2/+5
* proposal: Remove deprecated algorithms from default ESP and AH proposalsTobias Brunner2017-11-081-4/+0
* kernel-pfkey: Support anti-replay windows > 2kTobias Brunner2017-11-081-1/+14
* kernel-pfkey: Don't include keys in SADB_UPDATE message to update IPs on FreeBSDTobias Brunner2017-11-081-0/+3
* vici: Add 'get|reset-counters' commandsTobias Brunner2017-11-084-1/+191
* counters: Move IKE event counter collection from stroke to a separate pluginTobias Brunner2017-11-0812-387/+856
* systime-fix: Add timeout option to stop waiting for valid system timeTobias Brunner2017-11-081-10/+42
* shunt-mananger: Make outbound FWD shunt policies optionalTobias Brunner2017-11-021-6/+15
* ike: Do not send initial contact only for UNIQUE_NEVERThomas Egerer2017-11-022-3/+1
* vici: Make setting mark on inbound SA configurableTobias Brunner2017-11-021-7/+19
* child-cfg: Optionally set mark on inbound SATobias Brunner2017-11-022-2/+20
* eap-radius: Optionally send Class attributes in RADIUS accounting messagesTobias Brunner2017-11-023-21/+83
* ikev2: Abort make-before-break reauth if we don't find children to recreateTobias Brunner2017-11-021-1/+19
* libcharon: Added Cisco FlexVPN Supported VIDAndreas Steffen2017-10-271-0/+2
* kernel-netlink: Add strings for newer XFRM attribute typesTobias Brunner2017-10-061-1/+6
* kernel-pfroute: Delay call to if_indextoname(3) when handling RTM_IFINFOTobias Brunner2017-09-261-0/+5
* controller: Consider any IKE_SA destruction as success when terminatingTobias Brunner2017-09-251-4/+1
* dhcp: Fix warning regarding unaligned pointer value due to packed structTobias Brunner2017-09-181-1/+1
* dhcp: Don't use signed char for DHCP optionsTobias Brunner2017-09-181-1/+1
* child-create: Don't consider a DH group mismatch as failure as responderTobias Brunner2017-09-181-1/+0
* child-delete: Only let SAs expire naturally if they not already didTobias Brunner2017-09-151-1/+1
* ike: Reset local SPI if retrying to connect in state IKE_CONNECTINGTobias Brunner2017-09-043-11/+19
* ike-sa-manager: Add method to change the initiator SPI of an IKE_SATobias Brunner2017-09-042-4/+99
* ike-init: Fail if DH group in KE payload does not match proposed groupTobias Brunner2017-09-041-1/+5
* ike-cfg: Fix memory leak when checking for configured addressTobias Brunner2017-08-291-0/+1
* kernel-netlink: Set usable state whenever an interface appearsTobias Brunner2017-08-231-2/+2
* Fixed some typos, courtesy of codespellTobias Brunner2017-08-075-8/+8
* kernel-netlink: Wipe buffer used to read Netlink messagesTobias Brunner2017-08-071-2/+12
* child-sa: Allow requesting different unique marks for in/outEyal Birger2017-08-071-6/+23
* trap-manager: Don't require that remote is resolvable during installationTobias Brunner2017-08-071-10/+49
* child-create: Don't log CHILD_SA initiation until we know the unique IDTobias Brunner2017-08-071-11/+13
* child-rekey: Add CHILD_SA name and unique ID to collision log messagesTobias Brunner2017-08-071-8/+13
* child-sa: Suppress CHILD_SA state changes if there is no changeTobias Brunner2017-08-071-6/+9
* child-rekey: Don't install outbound SA in case of lost collisionsTobias Brunner2017-08-074-46/+123
* bus: Don't trigger child_updown() for rekeyed CHILD_SAsTobias Brunner2017-08-071-1/+4
* child-sa: Install outbound SA immediately if kernel supports SPIs on policiesTobias Brunner2017-08-073-26/+47
* child-sa: Use flags to track installation of outbound SA and policies separatelyTobias Brunner2017-08-073-29/+46
* kernel-netlink: Set SPI on outbound policyTobias Brunner2017-08-071-4/+10
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-28 07:15:21 +0000