aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Set the ports of all hosts installed via the PF_KEY kernel interface to zero.Tobias Brunner2010-06-151-15/+37
|
* refer to correct PLUTO_XAUTH_ID variableAndreas Steffen2010-06-091-1/+1
|
* rename environment variable to PLUTO_XAUTH_IDAndreas Steffen2010-06-083-10/+11
|
* do not destroy xauth_id if phase2 equals phase1 connectionAndreas Steffen2010-06-081-7/+4
|
* make an optional XAUTH user ID available in the updown scriptAndreas Steffen2010-06-083-1/+19
|
* inherit XAUTH identities in Phase 2Heiko Hund2010-06-081-2/+22
|
* Adding a basic unit test for hashtable_t.Tobias Brunner2010-06-073-1/+114
|
* Adding a remove_at method to the hash table.Tobias Brunner2010-06-072-9/+36
| | | | This allows to remove key-value pairs while enumerating them.
* Migrated hashtable_t to INIT/METHOD macros.Tobias Brunner2010-06-071-59/+45
|
* Add extra information in debug output for IKE_SA check{out, in}Thomas Egerer2010-06-072-10/+27
| | | | | | | This output helps tracing checkout and checkin of IKE_SAs when there is more than one IKE_SAs with the same name. I also added the type of in-air-exchange to the debug output issued by the task_manager in case a task initiation is delayed, came in handy for me.
* traffic_selector_t is gone into libstrongswan, migrate printf hook ↵Martin Willi2010-06-072-10/+8
| | | | registration, too.
* Flush auth configs, create new keymat during SA resetMartin Willi2010-06-071-12/+16
|
* Recreate IKE_INIT/IKE_NATD/IKE_VENDOR tasks if we reset SA during IKE_AUTHMartin Willi2010-06-071-0/+11
|
* Reacquire keymat from new IKE_SA during task migrationMartin Willi2010-06-071-0/+1
|
* Flush certificate cache on CA deleteMartin Willi2010-06-071-1/+2
|
* Log non-empty task queues in statusallMartin Willi2010-06-071-0/+31
|
* Wrap task enumerator in ike_saMartin Willi2010-06-072-1/+16
|
* Migrated ike_sa_t to INIT/METHOD macrosMartin Willi2010-06-071-407/+239
|
* Added support for task enumeration in task_manager_tMartin Willi2010-06-072-0/+38
|
* Migrated task_manager_t to INIT/METHOD macrosMartin Willi2010-06-071-65/+45
|
* Accept ARP requests with an ethernet trailer, but trim itMartin Willi2010-06-031-2/+2
|
* Added a EAP-SIM/AKA backend reading triplets/quintuplets from a SQL databaseMartin Willi2010-06-0211-0/+682
|
* fixed configuration attribute type determinationAndreas Steffen2010-06-021-22/+15
|
* Disable close action for a redundant CHILD_SA resulting from a rekey collisionMartin Willi2010-06-021-0/+5
| | | | | | | | If a rekey collision is detected, the winning peer of the nonce compare will delete the redundant CHILD_SA. The other peer should not enforce the close action on this CHILD, as it would reestablish the redundat CHILD_SA. Thanks to Thomas Egerer from secunet for pointing this out and the initial patchset.
* Use wrapped getters for close/dpd actionMartin Willi2010-06-022-8/+10
|
* Wrap getters for dpd/close action into CHILD_SA, allows us to override themMartin Willi2010-06-022-0/+76
|
* ipsec pool --statusattr [--hexout] outputs attribute values in correct ↵Andreas Steffen2010-06-014-41/+117
| | | | format if known
* added unity_def_domain keyword tip ipsec poolAndreas Steffen2010-05-311-0/+1
|
* Added generated manpages to .gitignoreMartin Willi2010-05-313-0/+3
|
* Changed default lifetime of certificates to 3 yearsMartin Willi2010-05-312-4/+4
|
* Support extendedKeyUsage flags in self-signed certificatesMartin Willi2010-05-311-0/+16
|
* IPSEC_CONFDIR in ipsec script fixed.Tobias Brunner2010-05-301-1/+1
|
* Adding the version number to the most relevant manual pages.Tobias Brunner2010-05-306-6/+23
|
* Updated and corrected the ipsec.secrets(5) manual page.Tobias Brunner2010-05-301-107/+107
|
* Updated and corrected the ipsec.conf(5) manual page.Tobias Brunner2010-05-301-126/+163
|
* Updated and corrected the ipsec(8) manual page.Tobias Brunner2010-05-301-206/+167
|
* added --leases command line option to synopsisAndreas Steffen2010-05-291-1/+1
|
* added --showattr command line option to synopsysAndreas Steffen2010-05-291-1/+1
|
* Do not install trap policy if remote host is %any.Tobias Brunner2010-05-281-1/+1
|
* be lenient towards wrong attribute encodingsAndreas Steffen2010-05-281-6/+0
|
* Send empty SIM/AKA-NOTIFICATION response for non-success codes, tooMartin Willi2010-05-272-2/+0
|
* Added support for reading raw PUT/POST data from HTTP requestMartin Willi2010-05-272-0/+18
|
* Unwrap subjectKeyIdentifier from OCTET_STRINGMartin Willi2010-05-261-4/+12
|
* several subnets can be concatenatedAndreas Steffen2010-05-222-27/+49
|
* added --showattr command to usage()Andreas Steffen2010-05-221-0/+5
|
* Fixed compiler warning in invocation of crl_is_newer()Martin Willi2010-05-211-1/+1
|
* Use CAs subjectKeyIdentifier as CRLs authorityKeyIdentifierMartin Willi2010-05-211-1/+1
|
* Added a --signcrl command to the pki utilityMartin Willi2010-05-213-1/+377
|
* Added support for CRL generation to x509 pluginMartin Willi2010-05-215-3/+202
|
* Removed is_newer() from certificate_t, obsoleting all implementationsMartin Willi2010-05-2110-182/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-25 00:32:25 +0000