Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | renamed STROKE_DOWNSRCIP to STROKE_DOWN_SRCIP | Andreas Steffen | 2008-07-01 | 3 | -4/+4 |
| | |||||
* | added a "ipsec down-srcip <start> [<end>]" command to terminate IKE_SAs by ↵ | Martin Willi | 2008-07-01 | 4 | -0/+31 |
| | | | | remote virtual ip | ||||
* | IPComp for IKEv2 | Tobias Brunner | 2008-05-08 | 1 | -0/+1 |
| | |||||
* | supporting multiple comma seperated subnets in left/rightsubnet definition | Martin Willi | 2008-04-25 | 2 | -12/+6 |
| | | | | | e.g. leftsubnet=10.2.0.0/16,10.4.0.0/16 | ||||
* | support for hash and URL encoded certificate payloads in charon | Tobias Brunner | 2008-04-18 | 1 | -0/+1 |
| | |||||
* | respecting ipsec.conf cachecrls= option | Martin Willi | 2008-04-17 | 1 | -0/+7 |
| | |||||
* | implemented IKE_SA uniqueness using ipsec.conf uniqueids paramater | Martin Willi | 2008-04-14 | 1 | -0/+1 |
| | | | | additionally supports a "keep" value to keep the old IKE_SA | ||||
* | implementation of an CFG attribute framework, currently supporting virtual IPs | Martin Willi | 2008-04-09 | 2 | -35/+2 |
| | | | | | | updated ipsec.conf sourceip parameter to support CIDR notatation to serve from a pool %poolname to query a separate (database?) pool | ||||
* | mediation extension adapted to the naming convention of the current version ↵ | Tobias Brunner | 2008-03-26 | 2 | -4/+4 |
| | | | | of the draft. note: the external interface (config, autotools) has not yet been changed | ||||
* | merged the modularization branch (credentials) back to trunk | Martin Willi | 2008-03-13 | 3 | -7/+19 |
| | |||||
* | implemented Expanded EAP types to support vendor specific methods | Martin Willi | 2007-12-13 | 1 | -1/+2 |
| | |||||
* | added RCSID | Andreas Steffen | 2007-10-08 | 4 | -2/+6 |
| | |||||
* | experimental P2P-NAT-T for IKEv2 merged back from branch | Tobias Brunner | 2007-10-03 | 2 | -1/+12 |
| | |||||
* | implemented IKEv2 force_encap connection parameter | Martin Willi | 2007-10-01 | 2 | -0/+2 |
| | | | | | enforces UDP encapsulation by faking NAT detection payloads to hurdle restrictive firewalls | ||||
* | added mobike=yes|no connection option | Martin Willi | 2007-08-29 | 2 | -0/+2 |
| | | | | | | | yes: include mobike support notifies as initiator no: only enable mobike as responder when initiator supports it default: yes | ||||
* | added ↵ | Andreas Steffen | 2007-08-10 | 1 | -0/+6 |
| | | | | listaacerts,listacerts,rereadsecerts,rereadocspcerts,rereadaacerts,rereadacerts to stroke | ||||
* | fixed typo stroke keyword list | Andreas Steffen | 2007-08-10 | 1 | -1/+1 |
| | |||||
* | set STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS | Andreas Steffen | 2007-08-10 | 1 | -4/+9 |
| | |||||
* | set STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS | Andreas Steffen | 2007-08-10 | 1 | -1/+1 |
| | |||||
* | added rereadsecrets keyword to stroke | Andreas Steffen | 2007-08-10 | 2 | -0/+2 |
| | |||||
* | support of ipsec rereadsecrets for stroke | Andreas Steffen | 2007-08-10 | 1 | -6/+8 |
| | |||||
* | support of left|rightgroups parameter | Andreas Steffen | 2007-05-20 | 1 | -0/+1 |
| | |||||
* | added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts ↵ | Andreas Steffen | 2007-04-14 | 4 | -6/+31 |
| | | | | keywords | ||||
* | added support for 0.0.0.0/0 traffic selectors | Martin Willi | 2007-03-01 | 2 | -0/+3 |
| | | | | fixed routing to make correct 0.0.0.0/0 routes | ||||
* | merged tasking branch into trunk | Martin Willi | 2007-02-28 | 2 | -0/+6 |
| | |||||
* | support of ca info records | Andreas Steffen | 2007-02-23 | 1 | -0/+1 |
| | |||||
* | added support of ca information records and ocsp keywords | Andreas Steffen | 2007-02-14 | 4 | -30/+107 |
| | |||||
* | merged EAP framework from branch into trunk | Martin Willi | 2007-02-12 | 2 | -0/+3 |
| | | | | | includes a lot of other modifications | ||||
* | added support for transport mode and (experimental!) BEET mode | Martin Willi | 2006-12-21 | 2 | -0/+2 |
| | | | | | support for the type=transport/tunnel parameter in charon | ||||
* | implemented reauthentication using the new reauth=yes|no parameter | Martin Willi | 2006-12-19 | 2 | -0/+2 |
| | |||||
* | fixed stddef.h include | Martin Willi | 2006-12-14 | 1 | -1/+1 |
| | |||||
* | solved 64 bit issue in push/pop stroke interface | Andreas Steffen | 2006-10-31 | 1 | -1/+1 |
| | |||||
* | better split up of library files "types.h" & "definitions.h" | Martin Willi | 2006-10-31 | 2 | -9/+7 |
| | | | | | | | | | centralized all printf specifier character definitions reuse of arginfo handlers more cleanups fixed more AMD64 issues added DEBUG_LEVEL compile flag to exclude DBGn() statements | ||||
* | added verbosity level to stroke | Martin Willi | 2006-10-24 | 2 | -0/+5 |
| | |||||
* | updated stroke to allow run-time manipulation of debug levels | Martin Willi | 2006-10-18 | 4 | -45/+8 |
| | |||||
* | added hostaccess support | Andreas Steffen | 2006-09-25 | 2 | -0/+3 |
| | |||||
* | added auth_method field | Andreas Steffen | 2006-09-18 | 1 | -0/+1 |
| | |||||
* | implemented handling of dpdaction and dpddelay ipsec.conf parameters | Martin Willi | 2006-09-08 | 2 | -2/+2 |
| | |||||
* | reuse reqid when a ROUTED child_sa gets INSTALLED | Martin Willi | 2006-09-05 | 2 | -0/+7 |
| | | | | | | | | | fixed a bug in retransmission code added support for the "keyingtries" ipsec.conf parameter added support for the "dpddelay" ipsec.conf parameter done some work for "dpdaction" behavior some other cleanups and fixes | ||||
* | added possibility to route CHILD_SAs, without to set them up | Martin Willi | 2006-07-21 | 4 | -4/+42 |
| | | | | | | | support for auto=route parameter support for ipsec route and ipsec unroute initiating of CHILD and/or IKE_SAs based on kernel acquires | ||||
* | added support for leftprotoport and rightprotoport | Martin Willi | 2006-07-05 | 2 | -0/+6 |
| | |||||
* | added support of updown parameter | Andreas Steffen | 2006-07-03 | 1 | -0/+1 |
| | |||||
* | applied new changes from NATT team | Martin Willi | 2006-06-23 | 1 | -157/+0 |
| | | | | | DPD only done when no IPsec and IKE traffic processed minor changes here and there | ||||
* | readded local_credential_store | Martin Willi | 2006-06-20 | 2 | -19/+43 |
| | | | | | | added sendcert policy to connection some other cleanups | ||||
* | implemented rereadcrls rereadcacerts | Andreas Steffen | 2006-06-20 | 5 | -65/+114 |
| | |||||
* | added support for "ike" and "esp" keywords | Martin Willi | 2006-06-15 | 2 | -0/+7 |
| | | | | | | | fixed bugs in proposal code algorithm selection for charon works now with ipsec.conf a lot of other fixes | ||||
* | fixed logleve(l) keyword typo | Martin Willi | 2006-06-15 | 2 | -47/+34 |
| | |||||
* | fixed down keyword | Martin Willi | 2006-06-13 | 3 | -4/+5 |
| | |||||
* | support for stroke listcerts|listcacerts|listall and left|rightca= | Andreas Steffen | 2006-06-12 | 3 | -74/+108 |
| | |||||
* | gperf creates optimum hash table for stroke keywords | Andreas Steffen | 2006-06-12 | 3 | -0/+254 |
| |