aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
* Added a dedicated sender flush method, delay sender destruction until users goneMartin Willi2012-05-023-3/+20
|
* add AUTH_RULE_SUBJECT_CERT for raw public keys4.6.3Andreas Steffen2012-04-301-0/+4
|
* Typo fixed.Tobias Brunner2012-04-301-1/+1
|
* output validity of raw public key if availableAndreas Steffen2012-04-301-2/+34
|
* added support for raw RSA public keys to strokeAndreas Steffen2012-04-305-1/+100
|
* Fixed null-pointer dereference in smp plugin.Tobias Brunner2012-04-261-3/+7
|
* Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-183-17/+4
| | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* Store password with remote ID to tie it stronger to a specific connection.Tobias Brunner2012-04-181-12/+50
|
* Added stroke user-creds command, to set username/password for a connection.Tobias Brunner2012-04-173-1/+166
|
* Added method to add additional shared secrets to stroke_cred_t.Tobias Brunner2012-04-172-2/+20
|
* Typo fixed.Tobias Brunner2012-04-171-1/+1
|
* Keep COOKIEs enabled once threshold is hit, until we see no COOKIEs for a ↵Martin Willi2012-04-171-5/+43
| | | | | | | | | | | few secs Toggling COOKIEs on/off is problematic: After doing a COOKIE exchange as initiator, we can't know if the completing IKE_SA_INIT message is to our first request or the one with the COOKIE. If the responder just enabled/disabled COOKIEs and packets get retransmitted, both might be true. Avoiding COOKIE behavior toggling improves the situation, but does not solve the problem during the initial COOKIE activation.
* Added a note about DH/keymat lifecycle for custom implementationsMartin Willi2012-04-171-1/+6
|
* Reuse existing DH value when retrying IKE_SA_INIT with a COOKIEMartin Willi2012-04-171-2/+5
|
* Use IP address as ID as responder if not configured or no IDr received.Tobias Brunner2012-04-161-3/+11
|
* Fall back on IP address as IDi if none is configured at all.Tobias Brunner2012-04-161-7/+7
|
* Use auth_cfg_t.replace_value where appropriate.Tobias Brunner2012-04-162-26/+5
|
* Fixed IDi in case neither left nor leftid is configured.Tobias Brunner2012-04-161-0/+21
|
* Don't invoke child_updown hook twice as responderMartin Willi2012-04-111-3/+8
|
* Accept zero-length certificate request payloadsMartin Willi2012-04-111-2/+1
|
* Properly initialize src in ike_sa_t.is_any_path_valid().Tobias Brunner2012-04-061-1/+1
|
* remove leading zero in ASN.1 encoded serial numbersAndreas Steffen2012-04-051-2/+2
|
* Make AES-CMAC actually usable for IKEv2.Tobias Brunner2012-04-041-0/+5
|
* moved chunk_skip_zero to chunk.hAndreas Steffen2012-04-031-2/+3
|
* added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-3/+10
|
* added IKEv2 Generic Secure Password Authentication MethodAndreas Steffen2012-04-032-6/+17
|
* added GSPM IKEv2 payloadAndreas Steffen2012-04-032-8/+20
|
* Doxygen fixes.Tobias Brunner2012-04-032-2/+2
|
* Don't cast second argument of mem_printf_hook (%b) to size_t.Tobias Brunner2012-03-275-12/+17
| | | | | | | | | | | | | Also treat the given number as unsigned int. Due to the printf hook registration the second argument of mem_printf_hook (if called via printf etc.) is always of type int*. Casting this to a size_t pointer and then dereferencing that as int does not work on big endian machines if int is smaller than size_t (e.g. on ppc64). In order to make this change work if the argument is of a type larger than int, size_t for instance, the second argument for %b has to be casted to (u_)int.
* smp: Use proper signed type to get return value of read(2).Tobias Brunner2012-03-271-1/+1
|
* Don't include individual glib headers in nm plugin.Tobias Brunner2012-03-261-1/+1
| | | | | Expections are glib/gi18n.h, glib/gi18n-lib.h, glib/gprintf.h and glib/gstdio.h.
* fixed parsing of IF-MAP SOAP responsesAndreas Steffen2012-03-211-35/+30
|
* added the strongswan.conf options of the tnc-pdp pluginAndreas Steffen2012-03-161-1/+1
|
* eliminate unneeded private variableAndreas Steffen2012-03-141-3/+3
|
* use MAX_RADIUS_ATTRIBUTE_SIZE constant from radius_message header fileAndreas Steffen2012-03-142-4/+3
|
* make the mppe salt uniqueAndreas Steffen2012-03-141-8/+18
|
* implemented MS_MPPE encryptionAndreas Steffen2012-03-131-14/+93
|
* use RADIUS_TUNNEL_TYPE_ESP defined in header fileAndreas Steffen2012-03-131-3/+1
|
* implemented RADIUS Filter-ID attributeAndreas Steffen2012-03-133-24/+87
|
* removed double library entryAndreas Steffen2012-03-131-2/+0
|
* adapted debug outputAndreas Steffen2012-03-131-1/+1
|
* keep a list of RADIUS connections with EAP method statesAndreas Steffen2012-03-134-12/+320
|
* apply maximum RADIUS attribute size to outbound EAP messagesAndreas Steffen2012-03-131-0/+9
|
* read PDP server name from strongswan.confAndreas Steffen2012-03-131-7/+29
|
* define MAX_RADIUS_ATTRIBUTE_SIZEAndreas Steffen2012-03-131-4/+5
|
* define peer and server identitiesAndreas Steffen2012-03-131-2/+9
|
* added EAP_SUCCESS/FAILURE message to RADIUS Accept/RejectAndreas Steffen2012-03-131-2/+7
|
* added msg_auth flag in radius_message_t sign() methodAndreas Steffen2012-03-132-2/+2
|
* simple RADIUS server example worksAndreas Steffen2012-03-131-14/+187
|
* first use of libradiusAndreas Steffen2012-03-131-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 00:47:23 +0000