aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
| * Send NAS-Port, NAS-IP and Calling/Called-Station-ID in Accounting-RequestsMartin Willi2013-03-141-4/+33
| |
| * Support RADIUS accounting of sent/received packetsMartin Willi2013-03-141-13/+23
| |
| * Report the number of processed packets in "ipsec statusall"Martin Willi2013-03-141-5/+9
| |
| * child_sa_t.get_usestats() can additionally return the number of processed ↵Martin Willi2013-03-149-16/+20
| | | | | | | | packets
| * Pass correclty sized pointer to lookup_algorithm() in PF_KEYMartin Willi2013-03-141-1/+1
| |
| * kernel_ipsec_t.query_sa() additionally returns the number of processed packetsMartin Willi2013-03-149-16/+50
| |
| * Send NAS-Port, NAS-IP and Calling/Called-Station-ID in Access-RequestMartin Willi2013-03-132-10/+56
| |
| * Forward Cisco Banner received from RADIUS to Unity capable clientsMartin Willi2013-03-123-5/+176
| |
| * Add a radius message method to enumerate vendor specific attributesMartin Willi2013-03-122-0/+92
| |
| * Add Altiga Private Enterprise Numbers that Cisco uses in VPN 3000Martin Willi2013-03-122-1/+4
| |
| * In eap-radius, hand out received Framed-IP-Address attributes as virtual IPMartin Willi2013-03-125-2/+460
| |
* | Merge branch 'stroke-counters'Martin Willi2013-03-188-23/+223
|\ \ | | | | | | | | | | | | Extend stroke counters functionality by connection specific counters, and a resetcounters command to reset the global or connection counters.
| * | Add a "resetcounters" command to ipsec, clearing global or connection countersMartin Willi2013-03-158-14/+53
| | |
| * | Add connection name specific stroke countersMartin Willi2013-03-157-20/+181
| | |
| * | Add a chunk_from_str() initializer that does not include 0-terminatorMartin Willi2013-03-151-0/+5
| | |
* | | Merge branch 'stroke-timeout'Martin Willi2013-03-182-22/+94
|\ \ \ | | | | | | | | | | | | Add a strongswan.conf timeout option for stroke control commands.
| * | | If controller operations have a callback, don't succeed before hook gets calledMartin Willi2013-03-071-4/+12
| | | |
| * | | Add a stroke command timeout option, and report status of completed commandMartin Willi2013-03-071-18/+82
| |/ /
* | | Merge branch 'netlink-align'Martin Willi2013-03-183-268/+151
|\ \ \ | |_|/ |/| | | | | | | | Fixes some Netlink alignment issues, and then refactors Netlink XFRM message attribute handling.
| * | Use netlink_add_attribute() to copy over attributes during update_sa()Martin Willi2013-03-151-9/+6
| | |
| * | Use a helper function to add XFRM_MARK attributeMartin Willi2013-03-151-81/+37
| | |
| * | Use netlink_reserve() helper function in XFRM to simplify message constructionMartin Willi2013-03-151-175/+72
| | |
| * | Add a Netlink utility function to add a RTA header and reserve space for dataMartin Willi2013-03-152-0/+32
| | |
| * | Correctly check buffer length in netlink_add_attribute()Martin Willi2013-03-152-7/+9
| | |
| * | Avoid unneeded termination of netlink algorithm name arrays with END_OF_LISTMartin Willi2013-03-151-13/+14
| | |
| * | When adding Netlink attributes, increase header length with potential alignmentMartin Willi2013-03-111-32/+30
| | | | | | | | | | | | | | | If the payload is unaligned, we must make sure the total netlink message length includes the added alignment for the first attribute.
* | | Add missing XAuthRespPSK switch case to IKEv1 key derivationMartin Willi2013-03-121-0/+1
| | |
* | | strdup() iface passed to queue_route_reinstall(), fixing double-freeMartin Willi2013-03-111-1/+1
| | |
* | | Support mutliple subnets and ranges as external load-tester addressesMartin Willi2013-03-111-15/+59
| | |
* | | Add a constructor to create in-memory pools from an address rangeMartin Willi2013-03-112-3/+58
|/ /
* | Clean up IKE_SA state if IKE_SA_INIT request does not have message ID 0Martin Willi2013-03-111-0/+4
| |
* | Ignore fourth Qick Mode message sent by Windows servers.Martin Willi2013-03-111-0/+9
| | | | | | | | Initial patch by Paul Stewart, fixes #289.
* | added ITA Echo PA-TNC Subtype and ITA Echo Attribute typeAndreas Steffen2013-03-114-6/+10
| |
* | moved ar_id from imv_agent to imv_stateAndreas Steffen2013-03-118-31/+112
| |
* | esc() is only used if dladdr(3) is available5.0.3dr3Tobias Brunner2013-03-081-12/+13
| |
* | Fix maximum size of a mem_pool_tTobias Brunner2013-03-071-2/+2
| |
* | New Android release after adding translations and Cert/EAP authenticationTobias Brunner2013-03-071-3/+3
| | | | | | | | | | Also fixed a race condition during reauthentication and a freeze that might happen while disconnecting.
* | android: Add support for combined certificate and EAP authenticationTobias Brunner2013-03-077-34/+63
| | | | | | | | | | | | This uses RFC 4739 multiple authentication rounds to first authenticate the client with a certificate followed by an EAP authentication round with username and password.
* | Merge branch 'pt-tls'Martin Willi2013-03-0721-69/+1077
|\ \
| * | If TLS peer authentication not required, the client does nonetheless, allow ↵Martin Willi2013-03-061-4/+19
| | | | | | | | | | | | it to fail
| * | Support different authentication schemes for PT-TLSMartin Willi2013-02-285-6/+71
| | |
| * | Request a TLS client certificate even if no peer identity is givenMartin Willi2013-02-281-5/+1
| | | | | | | | | | | | | | | This allows a peer to perform client authentication if it wants, but skip it if not.
| * | Wrap tls_t.get_{server,peer}_id methods in tls_socket_tMartin Willi2013-02-282-0/+28
| | |
| * | Delegate tls_t.get_{peer,server}_id to handshake layerMartin Willi2013-02-287-29/+78
| | | | | | | | | | | | | | | This allows to get updated peer identities if the peer can't authenticate, or does when it is optional.
| * | Implement a SASL PLAIN mechanism using shared secretsMartin Willi2013-02-284-0/+224
| | |
| * | Implement SASL authentication in PT-TLS clientMartin Willi2013-02-281-11/+191
| | |
| * | Implement SASL authentication in PT-TLS serverMartin Willi2013-02-281-5/+236
| | |
| * | Define PT-TLS SASL result codesMartin Willi2013-02-281-0/+11
| | |
| * | Define an interface for SASL mechanisms and provide a static factoryMartin Willi2013-02-283-1/+193
| | |
| * | Pass a client identity to pt_tls_client, usable for TLS or SASL authenticationMartin Willi2013-02-282-7/+21
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-08 09:22:27 +0000