aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* Implement bus_t.listen() directly in controller_t (the only user).Tobias Brunner2012-05-021-12/+110
| | | | This will hopefully allow us to later simplify bus_t.
* Add plugin features support to stroke pluginMartin Willi2012-05-021-7/+34
|
* Certificate decoding soft-depends on public key decoding of specific typesMartin Willi2012-05-022-0/+6
|
* PEM loading plugin features depend on the same feature, they are helpers onlyMartin Willi2012-05-021-0/+17
|
* Don't depend on a feature that has a dependency to the same feauture during ↵Martin Willi2012-05-021-1/+2
| | | | unload
* Merge branch 'ikev1'Martin Willi2012-05-02295-5119/+21909
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Fixed Android null terminated password fixup in xauth-eapMartin Willi2012-04-261-2/+2
| |
| * Fix iteration through half-open IKE_SA tableMartin Willi2012-04-161-0/+1
| |
| * Added another bunch of commonly used IKEv1 NATT vendor IDsMartin Willi2012-04-041-1/+19
| |
| * Use single DBG2 statements in kernel_netlink plugin (i.e. ignore mark.value).Tobias Brunner2012-03-271-86/+26
| |
| * Fix null-terminated XAuth passwords, as sent by Android 4Martin Willi2012-03-222-0/+8
| |
| * Store authentication info of a XAUTH round on IKE_SAMartin Willi2012-03-221-0/+16
| |
| * Added a getter for CHILD_SA marksMartin Willi2012-03-222-0/+19
| |
| * Define a special XFRM mark_t.value that dynamically uses the CHILD_SA reqidMartin Willi2012-03-222-0/+14
| |
| * Reply with received configuration payload identifier in Mode ConfigMartin Willi2012-03-201-0/+8
| |
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-20293-5024/+21793
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Properly handle retransmitted initial IKE messages.Tobias Brunner2012-03-201-58/+74
| | | | | | | | | | | | | | | | | | This change allows to properly handle retransmits of initial IKE messages when we've already processed them (i.e. our response is now resent immediately).
| | * Implemented table of init hashes without linked_list_t.Tobias Brunner2012-03-201-30/+30
| | |
| | * Implemented table of connected peers without linked_list_t.Tobias Brunner2012-03-201-63/+75
| | |
| | * Implemented table of half open IKE_SAs without linked_list_t.Tobias Brunner2012-03-201-52/+47
| | |
| | * Don't use linked_list_t for buckets in main IKE_SA hash table.Tobias Brunner2012-03-201-57/+82
| | |
| | * Fixed deadlock if checkin_and_destroy is called during shutdown.Tobias Brunner2012-03-201-0/+10
| | |
| | * Do not clone hashes of initial IKE messages when storing them in the hash table.Tobias Brunner2012-03-201-7/+6
| | |
| | * Store IKEv2 IKE_SAs by local SPI in the IKE_SA manager hash table.Tobias Brunner2012-03-201-2/+13
| | | | | | | | | | | | | | | For IKEv1 the previous behavior of always using the initiator's SPI as key is maintained.
| | * Added separate hashtable for hashes of initial IKE messages.Tobias Brunner2012-03-201-64/+139
| | | | | | | | | | | | This does not require us to do a lookup for an SA by SPI first.
| | * chunk_equals_ptr added to compare chunks given as pointers.Tobias Brunner2012-03-201-0/+9
| | |
| | * Store the major IKE version on ike_sa_id_t.Tobias Brunner2012-03-207-32/+60
| | |
| | * Implemented handling of UNITY_LOAD_BALANCE as reauthentication.Tobias Brunner2012-03-202-3/+28
| | |
| | * Check if we actually have a packet before retransmitting itMartin Willi2012-03-201-1/+1
| | |
| | * Use a single set of FDs for all random plugin RNG instancesMartin Willi2012-03-203-36/+89
| | |
| | * Parse IKEv1 Cisco Load Balancing notify (can't act on it yet).Tobias Brunner2012-03-203-4/+27
| | |
| | * Fixed transform numbering in IKEv1 proposal.Tobias Brunner2012-03-201-0/+1
| | |
| | * Compiler warning fixed.Tobias Brunner2012-03-201-2/+6
| | |
| | * Use correct enum values to detect three message tasks for retransmissionMartin Willi2012-03-201-2/+2
| | |
| | * Trigger DPD not before IKE_SA state gets updatedMartin Willi2012-03-201-13/+15
| | |
| | * Fix mapping of IKEv1 encapsulation modeMartin Willi2012-03-201-1/+1
| | |
| | * Use UDP encapsulation even in non-NAT situation if initiator requests itMartin Willi2012-03-201-13/+14
| | |
| | * Support inactivity timeout in IKEv1 CHILD_SAsMartin Willi2012-03-201-1/+24
| | |
| | * Use a dedicated PRF for HASH/SIG payloads using ECDSA specific hasherMartin Willi2012-03-201-14/+37
| | |
| | * Select public key auth method by checking what key we haveMartin Willi2012-03-202-4/+99
| | |
| | * Support ECDSA signatures in IKEv1 pubkey authenticatorMartin Willi2012-03-203-18/+32
| | |
| | * Exchange certificates when using IKEv1 ECDSA authenticationMartin Willi2012-03-202-0/+6
| | |
| | * Accept NULL auth_cfg_t passed to credential_manager_t.get_private()Martin Willi2012-03-203-34/+34
| | |
| | * Support encoding of IKEv1 ECDSA proposalsMartin Willi2012-03-201-6/+16
| | |
| | * Dropped support of deprecated authby=eap and eap= optionsMartin Willi2012-03-207-43/+1
| | |
| | * Added support for authby/xauth_server legacy optionsMartin Willi2012-03-202-62/+40
| | |
| | * Renamed CONFIGURATION_ATTRIBUTE_LENGTH to streamline it with other ATTRIBUTE ↵Martin Willi2012-03-205-10/+10
| | | | | | | | | | | | rules
| | * Use ATTRIBUTE_VALUE rule in configuration attribute to parse it with correct ↵Martin Willi2012-03-201-1/+1
| | | | | | | | | | | | length
| | * Don't re-resolve addresses during initiate if they have already been setMartin Willi2012-03-201-1/+5
| | |
| | * Adopt children after syncing a rekeyed IKEv1 SAMartin Willi2012-03-203-2/+10
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-23 11:37:51 +0000