aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* starter: Only handle SIGCHLD asynchronously and the rest in pselect(2).Tobias Brunner2012-06-061-8/+17
|
* Show expiration time of rekeyed CHILD_SAs in statusallMartin Willi2012-06-051-1/+6
|
* starter: (De-)Initialize logging when forking.Tobias Brunner2012-06-051-0/+2
|
* starter: Close open file descriptors when forking daemons.Tobias Brunner2012-06-042-0/+2
|
* starter: Changed signal handling now that starter is multi-threaded.Tobias Brunner2012-06-042-15/+57
|
* Mark CHILD_SAs used for trap policies to uninstall them properly.Tobias Brunner2012-06-041-6/+13
| | | | | | | If the installation failed the state is not CHILD_ROUTED which means the wrong priority is used to uninstall the policies. This is a problem for kernel interfaces that keep track of installed policies as now the proper policy is not found (if the priority is considered).
* Fixed return values of several functions (e.g. return FALSE for pointer types).Tobias Brunner2012-05-317-9/+9
|
* Fix boolean return value if an empty RSA signature is detected in gmp pluginMartin Willi2012-05-311-1/+1
| | | | Fixes CVE-2012-2388.
* Avoid queueing more than one retry initiate job.Tobias Brunner2012-05-303-4/+35
|
* Retry IKE_SA initiation if DNS resolution failed.Tobias Brunner2012-05-301-4/+39
| | | | | This is disabled by default and can be enabled with the charon.retry_initiate_interval option in strongswan.conf.
* Job added to re-initiate an IKE_SA.Tobias Brunner2012-05-303-0/+144
|
* Fix MOBIKE address update if responder address changed.Tobias Brunner2012-05-251-2/+2
| | | | | Use the source address of the current MOBIKE message as peer address instead of assuming the address cached on the IKE_SA is still valid.
* Resolve hosts before reauthenticating due to address change.Tobias Brunner2012-05-251-0/+2
|
* Don't queue delete_ike_sa job when setting IKE_DELETING.Tobias Brunner2012-05-252-9/+1
| | | | | This avoids deleting IKE_SAs during reauthentication (without trying to reestablish them).
* During reauthentication reestablish IKE_SA even if deleting the old one fails.Tobias Brunner2012-05-251-0/+6
|
* Integrated main parts of IKE_REAUTH task into ike_sa_t.reestablish.Tobias Brunner2012-05-252-115/+77
|
* Fixed route lookup in case MOBIKE is not enabled.Tobias Brunner2012-05-251-3/+9
|
* Added encapsulation mode transform attribute to IPComp proposal.Tobias Brunner2012-05-253-5/+10
|
* Add an additional proposal without IPComp to SA payload.Tobias Brunner2012-05-241-17/+15
|
* Added log message if peer does not accept/provide IPComp proposal.Tobias Brunner2012-05-241-2/+12
|
* Added support to negotiate IPComp during Quick Mode.Tobias Brunner2012-05-241-11/+91
|
* Added support for IKEv1 IPComp proposals in SA payload.Tobias Brunner2012-05-245-14/+98
|
* Added support for IKEv1 IPComp proposals in proposal substructure.Tobias Brunner2012-05-244-10/+129
|
* Fix memleak during Quick Mode in case no SPI can be allocated from kernel.Tobias Brunner2012-05-241-8/+8
|
* Properly filter IKEv1 proposals consisting of multiple proposal payloads.Tobias Brunner2012-05-241-9/+15
| | | | | | | Since a proposal_t object is created for each transform contained in the proposal payload, it does not work to simply remove the last proposal_t object added to the list (there may be several other extracted from the previous proposal payload).
* Fixed check for loaded plugins with feature types that are not compared exactly.Tobias Brunner2012-05-241-25/+13
| | | | | Previously e.g. RNGs with weaker strength would have overwritten stronger ones.
* get_match() method added to hashtable_t.Tobias Brunner2012-05-242-5/+34
|
* Use a hashtable to check for already loaded plugin features.Tobias Brunner2012-05-231-20/+37
|
* Hash function for plugin features added.Tobias Brunner2012-05-232-0/+68
|
* Apply IDir before deriving keys as aggressive initiatorMartin Willi2012-05-231-4/+4
|
* Use received identity to look up PSK as aggressive responderMartin Willi2012-05-231-2/+9
|
* Check if we actually have an initiating packet to free while processing ↵Martin Willi2012-05-231-1/+1
| | | | responses
* list IKEv1 Aggressive Mode in ipsec statusallAndreas Steffen2012-05-231-2/+9
|
* Switch to alternative peer config in IKEv1 Main and Aggressive Mode.Tobias Brunner2012-05-214-24/+85
|
* Cancel pending retransmits when flushing active task queueMartin Willi2012-05-211-0/+4
|
* Cancel active quick mode task when receiving INFORMATIONAL errorMartin Willi2012-05-211-0/+30
|
* Flush task queues explicitly, not implicitly if task returns ALREADY_DONEMartin Willi2012-05-216-12/+20
|
* Wrap task managers flush_queue() in IKE_SAMartin Willi2012-05-212-0/+14
|
* Make task managers flush_queue() method publicMartin Willi2012-05-213-20/+62
|
* Destroy Netlink socket only after deleting remaining source routes.Tobias Brunner2012-05-211-2/+1
|
* Enumerate correct list while removing nonce_gens, fix deregistrationMartin Willi2012-05-211-1/+1
|
* Added a convenience function to dump backtraces for gdb-less debuggingMartin Willi2012-05-212-0/+26
|
* Fix IKEv1 DPD clear, destroying IKE_SA even if reestablish not neededMartin Willi2012-05-211-9/+3
|
* Properly munmap/close file if loading IMC/IMV fails.Tobias Brunner2012-05-181-7/+7
|
* Remove executable flag from source files.Tobias Brunner2012-05-1832-0/+0
|
* Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, ↵Tobias Brunner2012-05-1846-51/+66
| | | | tasks etc.).
* Removed superfluous @param in bus.h.Tobias Brunner2012-05-181-1/+0
|
* whitelist: Make sure listed IDs are null-terminated.Tobias Brunner2012-05-181-0/+1
|
* pkcs8: Initialize salt and IV properly.Tobias Brunner2012-05-181-1/+1
|
* List registered nonce generators in statusall output.Tobias Brunner2012-05-181-2/+18
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 18:33:37 +0000