| Commit message (Collapse) | Author | Age | Files | Lines | ||
|---|---|---|---|---|---|---|
| ... | ||||||
| * | Copy ESN enabled replay state during update_sa, if supported | Martin Willi | 2011-04-20 | 1 | -48/+77 | |
| | | ||||||
| * | Add ESN support to kernel netlink plugin, including custom replay windows | Martin Willi | 2011-04-20 | 1 | -3/+47 | |
| | | ||||||
| * | Added an esn parameter to the kernel interface add_sa functions | Martin Willi | 2011-04-20 | 6 | -9/+11 | |
| | | ||||||
| * | pool: Proper cleanup in error cases when adding addresses from a file. | Tobias Brunner | 2011-04-19 | 1 | -0/+6 | |
| | | ||||||
| * | pool: Proper handling of address family when adding addresses. | Tobias Brunner | 2011-04-19 | 1 | -2/+6 | |
| | | ||||||
| * | Added missing break statement. | Tobias Brunner | 2011-04-19 | 1 | -0/+1 | |
| | | ||||||
| * | Properly copy interface name if unknown. | Tobias Brunner | 2011-04-19 | 1 | -1/+1 | |
| | | | | | | We use a static string if the interface name is unknown, so using memcpy with IFNAMSIZ is incorrect as that would overrun the static string. | |||||
| * | Add reload support to attr plugin | Martin Willi | 2011-04-15 | 3 | -19/+64 | |
| | | ||||||
| * | Migrated attr plugin to INIT/METHOD macros | Martin Willi | 2011-04-15 | 1 | -17/+16 | |
| | | ||||||
| * | Added a (not yet implemented) plugin_t method to reload plugin configuration | Martin Willi | 2011-04-15 | 7 | -0/+7 | |
| | | ||||||
| * | Added a get_name() function to plugin_t, create_plugin_enumerator enumerates ↵ | Martin Willi | 2011-04-15 | 7 | -1/+49 | |
| | | | | | over plugin_t | |||||
| * | Removed superfluous parameter to printf. | Tobias Brunner | 2011-04-14 | 1 | -1/+1 | |
| | | ||||||
| * | Fixed potential memory leak when processing routes from the kernel. | Tobias Brunner | 2011-04-14 | 1 | -0/+1 | |
| | | ||||||
| * | Removed unused variables. | Tobias Brunner | 2011-04-12 | 1 | -2/+2 | |
| | | ||||||
| * | Align netlink attributes properly if rta_len not a multiple of RTA_ALIGNTO | Martin Willi | 2011-03-02 | 1 | -16/+16 | |
| | | ||||||
| * | Migrated kernel_pfroute_net to INIT/METHOD macros | Martin Willi | 2011-02-17 | 1 | -69/+52 | |
| | | ||||||
| * | Migrated kernel_netlink_net to INIT/METHOD macros | Martin Willi | 2011-02-17 | 1 | -77/+64 | |
| | | ||||||
| * | Kernel interface updated for KLIPS plugin (TFC padding). | Tobias Brunner | 2011-02-10 | 1 | -1/+1 | |
| | | ||||||
| * | added missing tfc argument to kernel_pfkey_ipsec interface | Andreas Steffen | 2010-12-27 | 1 | -1/+1 | |
| | | ||||||
| * | Implemented Traffic Flow Confidentiality padding in kernel_interface | Martin Willi | 2010-12-20 | 4 | -8/+28 | |
| | | ||||||
| * | Install selectors on transport mode IPsec SAs. | Jiri Bohac | 2010-12-13 | 1 | -0/+1 | |
| | | | | | | | | | | | | | | | | | This fixes several test cases in IKEv2_Self_Test (part of the IPv6 Ready Logo Program) which is required for USGv6 certification, namely: - IKEv2.EN.I.1.1.7.1, IKEv2.EN.I.1.1.7.1: Narrowing the range of members of the set of traffic selectors - IKEv2.EN.R.1.1.7.3: Narrowing multiple traffic selector When traffic selectors of a triggered SA are narrowed by the responder, the installed policy and the broader trap policy share the same reqid. Without selectors on the IPsec SA packets matching the trap policy, but not the narrowed policy, would incorrectly be handled by that IPsec SA. Since only one selector can be specified per IPsec SA, there is currently no solution for tunnel mode SAs. | |||||
| * | Include the destination net in the policy priority calculation. | Tobias Brunner | 2010-12-07 | 2 | -12/+20 | |
| | | | | | | | | | | | | | | The resulting priorities are as follows: IPv6 IPv4 routed normal routed normal max 4096(+3) 2048(+3) 4096(+3) 2048(+3) min 3072 1024 3840 1792 Where min is for a policy between two single hosts and max is for /0 on both ends (lower priorities are preferred by the kernel). (+3) applies for cases where no protocol and no ports are defined. | |||||
| * | commas, commas, .. | Andreas Steffen | 2010-11-25 | 4 | -6/+6 | |
| | | ||||||
| * | Migrated resolve_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -7/+11 | |
| | | ||||||
| * | Migrated kernel_pfroute_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -8/+11 | |
| | | ||||||
| * | Migrated kernel_pfkey_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -8/+11 | |
| | | ||||||
| * | Migrated kernel_netlink_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -7/+10 | |
| | | ||||||
| * | INIT allocates memory | Andreas Steffen | 2010-11-25 | 1 | -1/+1 | |
| | | ||||||
| * | INIT allocates memory | Andreas Steffen | 2010-11-25 | 1 | -1/+1 | |
| | | ||||||
| * | Migrated kernel_klips_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -6/+9 | |
| | | ||||||
| * | Migrated attr_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -7/+10 | |
| | | ||||||
| * | Migrated attr_sql_plugin_t to INIT/METHOD macros | Andreas Steffen | 2010-11-25 | 1 | -10/+13 | |
| | | ||||||
| * | Print full source route on DBG2 that gets installed | Martin Willi | 2010-11-11 | 1 | -0/+2 | |
| | | ||||||
| * | Do not fire roam events based on local route changes. | Tobias Brunner | 2010-10-12 | 1 | -2/+3 | |
| | | | | | | These kernel events are triggered on address changes, which is problematic when deleting virtual IP addresses. | |||||
| * | If a changed route has no src, try to find it via interface. | Tobias Brunner | 2010-10-12 | 1 | -37/+48 | |
| | | ||||||
| * | Get source address from interface if the route does not provide one. | Tobias Brunner | 2010-10-12 | 1 | -2/+49 | |
| | | ||||||
| * | added non-standard SERPENT and TWOFISH support to kernel_netlink plugin | Andreas Steffen | 2010-09-08 | 1 | -0/+2 | |
| | | ||||||
| * | Do not install routes for pluto. | Tobias Brunner | 2010-09-02 | 2 | -0/+10 | |
| | | | | | | There are some incompatibilities with e.g. passthrough policies. Pluto installs required source routes via updown script. | |||||
| * | Charon specific strongswan.conf options generalized. | Tobias Brunner | 2010-09-02 | 5 | -14/+18 | |
| | | ||||||
| * | Fixing installation of trap policies (SPI=0) in kernel interface. | Tobias Brunner | 2010-09-02 | 6 | -48/+57 | |
| | | ||||||
| * | Do not overwrite the original mode when installing policies. | Tobias Brunner | 2010-09-02 | 1 | -4/+5 | |
| | | | | | The mode is later used to decide if a route has to be installed. | |||||
| * | Added support for different policy types in kernel_netlink plugin. | Tobias Brunner | 2010-09-02 | 1 | -41/+45 | |
| | | ||||||
| * | Added an option to specify the type of a policy to kernel_ipsec.add_policy. | Tobias Brunner | 2010-09-02 | 6 | -9/+25 | |
| | | | | | | This will later allow us to support pluto's passthrough and drop policies in charon. | |||||
| * | Added support for combined IPComp/ESP/AH policies in kernel_netlink plugin. | Tobias Brunner | 2010-09-02 | 1 | -31/+32 | |
| | | ||||||
| * | Replaced the protocol argument in add_policy with an optional SPI for an AH SA. | Tobias Brunner | 2010-09-02 | 6 | -15/+15 | |
| | | ||||||
| * | Refer to scheduler and processor via lib and not hydra. | Tobias Brunner | 2010-09-02 | 5 | -8/+8 | |
| | | ||||||
| * | Moved scheduler and thread pool to libstrongswan. | Tobias Brunner | 2010-09-02 | 11 | -1332/+2 | |
| | | ||||||
| * | Moved all kernel plugins to libhydra. | Tobias Brunner | 2010-09-02 | 27 | -0/+10724 | |
| | | ||||||
| * | Moved ipsec_transform_t to kernel_ipsec.h in libhydra. | Tobias Brunner | 2010-09-02 | 2 | -1/+26 | |
| | | | | | | Because of this libfreeswan, pluto, starter etc. now depend on that file (and libhydra). This resolved some duplicate declarations. | |||||
| * | Moved kernel interface to libhydra. | Tobias Brunner | 2010-09-02 | 10 | -0/+1613 | |
| | | ||||||
 |
index : tteras/strongswan | |
| tteras' strongSwan tree | gitolite |
| aboutsummaryrefslogtreecommitdiffstats |