aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Expand)AuthorAgeFilesLines
...
* xauth: Call authorize() hook also when xauth-noauth is usedTobias Brunner2015-11-091-2/+8
* vici: Add NAT information when listing IKE_SAsTobias Brunner2015-11-092-0/+21
* stroke: Make down-nb actually non-blockingTobias Brunner2015-11-091-31/+40
* Explicitly mention SHA2 algorithm in BLISS OIDs and signature schemesAndreas Steffen2015-11-061-3/+3
* ikev2: Fix size of key material for CAMELLIA-CTRTobias Brunner2015-10-301-0/+1
* ike-mobike: Send retransmits to the current local and remote addressesTobias Brunner2015-10-301-1/+5
* ikev1: Handle queued INFORMATIONAL message after receiving the last AM requestTobias Brunner2015-10-301-0/+16
* ikev1: Queue INFORMATIONAL request if AM is not complete yetTobias Brunner2015-10-301-6/+13
* ikev1: Handle queued TRANSACTION messages only after processing repliesTobias Brunner2015-10-301-1/+2
* ikev1: Extract queueing of TRANSACTIONAL requests when MM is not complete yetTobias Brunner2015-10-301-17/+27
* ikev1: Drop TRANSACTION/QUICK_MODE requests until we received the last AM mes...Tobias Brunner2015-10-301-0/+32
* ikev1: Make maximum number of IKEv1 phase 2 exchanges we keep state about con...Tobias Brunner2015-10-301-9/+11
* ikev1: Avoid fourth QM message if third QM messages of multiple exchanges are...Tobias Brunner2015-10-292-2/+14
* ikev1: Prevent deadlock when checking for duplicate IKEv1 SAsTobias Brunner2015-10-291-0/+16
* shunt-manager: Resolve %dynamic to %any4/6 before installing policiesTobias Brunner2015-09-161-7/+22
* shunt-manager: Don't install policies in case of an address family or IP prot...Tobias Brunner2015-09-161-0/+20
* eap-radius: Fix creation of host_t objects based on Framed-IPv6-Address attri...Tobias Brunner2015-08-281-1/+1
* eap-ttls: Limit maximum length of tunneled EAP packet to EAP-TTLS packetTobias Brunner2015-08-271-1/+8
* trap-manager: Cleanup local address in error casesTobias Brunner2015-08-271-0/+2
* ha: Close control FIFO if it is not validTobias Brunner2015-08-271-0/+4
* Fix some Doxygen issuesTobias Brunner2015-08-273-5/+5
* ike: Fix half-open count for initiating SAs when initially checked inTobias Brunner2015-08-271-0/+6
* ike: Only consider number of half-open SAs as responder when deciding whether...Tobias Brunner2015-08-276-19/+45
* vici: Handle closed sockets in the Ruby gemEvan Broder2015-08-241-1/+5
* vici: Optionally check limits when initiating connectionsTobias Brunner2015-08-212-1/+7
* vici: Add get_bool() convenience getter for VICI messagesTobias Brunner2015-08-213-0/+94
* controller: Optionally adhere to init limits also when initiating IKE_SAsTobias Brunner2015-08-2112-17/+68
* ike: Also track initiating IKE_SAs as half-openTobias Brunner2015-08-211-1/+0
* stroke: Allow %any as local addressTobias Brunner2015-08-211-3/+7
* stroke: Add an option to disable side-swapping of configuration optionsTobias Brunner2015-08-211-33/+46
* ikev1: Assign different job priorities for inbound IKEv1 messagesTobias Brunner2015-08-211-2/+12
* child-rekey: Don't add a REKEY_SA notify if the child-create task is deleting...Tobias Brunner2015-08-211-6/+9
* child-create: Cache proposed IPsec protocolTobias Brunner2015-08-211-10/+13
* child-create: Don't attempt to delete the SA if we don't have all the informa...Tobias Brunner2015-08-211-8/+10
* child-rekey: Remove redundant migrate() call for child-create sub-taskTobias Brunner2015-08-211-2/+1
* child-create: Fix crash when retrying CHILD_SA rekeying due to a DH group mis...Tobias Brunner2015-08-211-0/+1
* stroke: Change how CA certificates are storedTobias Brunner2015-08-205-58/+285
* stroke: Combine CA certificate load methodsTobias Brunner2015-08-201-82/+74
* stroke: Atomically replace CA and AA certificates when reloading themTobias Brunner2015-08-201-34/+45
* ikev1: Fix handling of overlapping Quick Mode exchangesTobias Brunner2015-08-203-2/+70
* ikev2: Compare initiator flag again, partially reverts 17ec1c74deTobias Brunner2015-08-202-1/+5
* ikev2: Drop IKE_SA_INIT messages that don't have the initiator flag setTobias Brunner2015-08-201-1/+3
* ikev1: Pass current auth-cfg when looking for key to determine auth methodTobias Brunner2015-08-191-1/+1
* ikev2: Store outer EAP method used to authenticate remote peer in auth-cfgTobias Brunner2015-08-191-0/+9
* ike: Use the original port when remote resolves to %anyTobias Brunner2015-08-191-1/+3
* trap-manager: Enable auto=route with right=%any for transport mode connectionsTobias Brunner2015-08-191-27/+118
* sql: Also do a reversed ID matchTobias Brunner2015-08-171-2/+9
* ha: Recreate the control FIFO if the file exists but is not a FIFOTobias Brunner2015-08-171-13/+68
* ikev1: Assume a default key length of 128-bit for AES-CBCTobias Brunner2015-08-171-0/+11
* vici: Add option to disable policy installation for CHILD_SAsTobias Brunner2015-08-171-1/+6
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-14 03:42:05 +0000