aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Fix boolean return value if an empty RSA signature is detected in gmp pluginMartin Willi2012-05-311-1/+1
| | | | Fixes CVE-2012-2388.
* Avoid queueing more than one retry initiate job.Tobias Brunner2012-05-303-4/+35
|
* Retry IKE_SA initiation if DNS resolution failed.Tobias Brunner2012-05-301-4/+39
| | | | | This is disabled by default and can be enabled with the charon.retry_initiate_interval option in strongswan.conf.
* Job added to re-initiate an IKE_SA.Tobias Brunner2012-05-303-0/+144
|
* Fix MOBIKE address update if responder address changed.Tobias Brunner2012-05-251-2/+2
| | | | | Use the source address of the current MOBIKE message as peer address instead of assuming the address cached on the IKE_SA is still valid.
* Resolve hosts before reauthenticating due to address change.Tobias Brunner2012-05-251-0/+2
|
* Don't queue delete_ike_sa job when setting IKE_DELETING.Tobias Brunner2012-05-252-9/+1
| | | | | This avoids deleting IKE_SAs during reauthentication (without trying to reestablish them).
* During reauthentication reestablish IKE_SA even if deleting the old one fails.Tobias Brunner2012-05-251-0/+6
|
* Integrated main parts of IKE_REAUTH task into ike_sa_t.reestablish.Tobias Brunner2012-05-252-115/+77
|
* Fixed route lookup in case MOBIKE is not enabled.Tobias Brunner2012-05-251-3/+9
|
* Added encapsulation mode transform attribute to IPComp proposal.Tobias Brunner2012-05-253-5/+10
|
* Add an additional proposal without IPComp to SA payload.Tobias Brunner2012-05-241-17/+15
|
* Added log message if peer does not accept/provide IPComp proposal.Tobias Brunner2012-05-241-2/+12
|
* Added support to negotiate IPComp during Quick Mode.Tobias Brunner2012-05-241-11/+91
|
* Added support for IKEv1 IPComp proposals in SA payload.Tobias Brunner2012-05-245-14/+98
|
* Added support for IKEv1 IPComp proposals in proposal substructure.Tobias Brunner2012-05-244-10/+129
|
* Fix memleak during Quick Mode in case no SPI can be allocated from kernel.Tobias Brunner2012-05-241-8/+8
|
* Properly filter IKEv1 proposals consisting of multiple proposal payloads.Tobias Brunner2012-05-241-9/+15
| | | | | | | Since a proposal_t object is created for each transform contained in the proposal payload, it does not work to simply remove the last proposal_t object added to the list (there may be several other extracted from the previous proposal payload).
* Fixed check for loaded plugins with feature types that are not compared exactly.Tobias Brunner2012-05-241-25/+13
| | | | | Previously e.g. RNGs with weaker strength would have overwritten stronger ones.
* get_match() method added to hashtable_t.Tobias Brunner2012-05-242-5/+34
|
* Use a hashtable to check for already loaded plugin features.Tobias Brunner2012-05-231-20/+37
|
* Hash function for plugin features added.Tobias Brunner2012-05-232-0/+68
|
* Apply IDir before deriving keys as aggressive initiatorMartin Willi2012-05-231-4/+4
|
* Use received identity to look up PSK as aggressive responderMartin Willi2012-05-231-2/+9
|
* Check if we actually have an initiating packet to free while processing ↵Martin Willi2012-05-231-1/+1
| | | | responses
* list IKEv1 Aggressive Mode in ipsec statusallAndreas Steffen2012-05-231-2/+9
|
* Switch to alternative peer config in IKEv1 Main and Aggressive Mode.Tobias Brunner2012-05-214-24/+85
|
* Cancel pending retransmits when flushing active task queueMartin Willi2012-05-211-0/+4
|
* Cancel active quick mode task when receiving INFORMATIONAL errorMartin Willi2012-05-211-0/+30
|
* Flush task queues explicitly, not implicitly if task returns ALREADY_DONEMartin Willi2012-05-216-12/+20
|
* Wrap task managers flush_queue() in IKE_SAMartin Willi2012-05-212-0/+14
|
* Make task managers flush_queue() method publicMartin Willi2012-05-213-20/+62
|
* Destroy Netlink socket only after deleting remaining source routes.Tobias Brunner2012-05-211-2/+1
|
* Enumerate correct list while removing nonce_gens, fix deregistrationMartin Willi2012-05-211-1/+1
|
* Added a convenience function to dump backtraces for gdb-less debuggingMartin Willi2012-05-212-0/+26
|
* Fix IKEv1 DPD clear, destroying IKE_SA even if reestablish not neededMartin Willi2012-05-211-9/+3
|
* Properly munmap/close file if loading IMC/IMV fails.Tobias Brunner2012-05-181-7/+7
|
* Remove executable flag from source files.Tobias Brunner2012-05-1832-0/+0
|
* Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, ↵Tobias Brunner2012-05-1846-51/+66
| | | | tasks etc.).
* Removed superfluous @param in bus.h.Tobias Brunner2012-05-181-1/+0
|
* whitelist: Make sure listed IDs are null-terminated.Tobias Brunner2012-05-181-0/+1
|
* pkcs8: Initialize salt and IV properly.Tobias Brunner2012-05-181-1/+1
|
* List registered nonce generators in statusall output.Tobias Brunner2012-05-181-2/+18
|
* Add enumerator for registered nonce generators.Tobias Brunner2012-05-182-9/+33
|
* Use nonce_gen instead of rng to generate noncesAdrian-Ken Rueegsegger2012-05-184-34/+34
| | | | | Replace usage of rng plugin with nonce generator to create nonces in IKE_INIT, CHILD_CREATE and QUICK_MODE tasks and the IKEv1 phase 1 helper.
* Add create_nonce_gen function to keymat interfaceAdrian-Ken Rueegsegger2012-05-183-0/+24
| | | | This function returns a nonce generator object.
* Add nonce plugin implementationAdrian-Ken Rueegsegger2012-05-186-0/+271
| | | | | | | This nonce generator uses an RNG to generate nonces. The RNG quality is currently set to RNG_WEAK which is the same value used in IKE init. The plugin is enabled and thus built by default.
* Add nonce generator interfaceAdrian-Ken Rueegsegger2012-05-186-0/+163
| | | | | | | Nonce generators (nonce_gen_t) can be used to get or allocate nonces. Users can request nonce generators from the crypto factory while nonce plugins register/remove themselves to/from the crypto factory.
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-1719-25/+76
|
* Moved IKEv1 DPD processing to task manager, fix sequence issuesMartin Willi2012-05-153-73/+72
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 19:25:40 +0000