aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Expand)AuthorAgeFilesLines
* child-delete: Delay the removal of the inbound SA of rekeyed CHILD_SAsTobias Brunner2017-05-233-128/+412
* delete-child-sa-job: Add new constructor that takes the unique ID of a CHILD_SATobias Brunner2017-05-232-13/+69
* child-sa: Remove state to track installation of half the SA againTobias Brunner2017-05-236-62/+47
* unit-tests: Overload helper macro to check for outbound SA stateTobias Brunner2017-05-231-2/+30
* child-sa: Expose state of the outbound SATobias Brunner2017-05-232-17/+61
* child-sa: Add method to remove the outbound SA and policiesTobias Brunner2017-05-232-5/+78
* child-sa: Keep track whether the outbound SA has been installed or notTobias Brunner2017-05-231-8/+13
* child-delete: Track flags per individual CHILD_SATobias Brunner2017-05-231-47/+78
* ikev2: Delay installation of outbound SAs during rekeying on the responderTobias Brunner2017-05-234-30/+124
* child-sa: Add log message for CHILD_SA state changesTobias Brunner2017-05-231-0/+4
* child-sa: Add method to associate rekeyed CHILD_SAs with their replacementTobias Brunner2017-05-232-0/+35
* child-sa: Add methods that allow partial installation of CHILD_SATobias Brunner2017-05-232-5/+144
* child-sa: Add new state to track installation of only the inbound SATobias Brunner2017-05-232-1/+7
* child-sa: Change API used to set/install policiesTobias Brunner2017-05-236-79/+119
* child-sa: Split in- and outbound policy de-/installationTobias Brunner2017-05-231-62/+127
* child-create: Trigger NARROW_RESPONDER_POST hook before installing SAsTobias Brunner2017-05-231-25/+21
* tnc-ifmap: Null-terminate buffer to make sscanf()-calls safeTobias Brunner2017-05-231-4/+5
* libimcv: Make sure the first argument to sscanf() is null-terminatedTobias Brunner2017-05-232-2/+6
* asn1: Make sure the first argument to sscanf() is null-terminatedTobias Brunner2017-05-231-7/+9
* x509: Fix leak when parsing CDPs if an invalid one follows valid onesTobias Brunner2017-05-231-2/+2
* pem: Ensure a value before checking Proc-Type in PEM headerTobias Brunner2017-05-231-1/+1
* chunk: Correctly parse Base64 text where four = follow in a rowTobias Brunner2017-05-231-1/+1
* plugin-loader: Disable some logging output when building fuzz targetsTobias Brunner2017-05-231-4/+19
* x509: Manually print CRL/OCSP URIs when fuzzingTobias Brunner2017-05-231-8/+25
* processor: Move priority threads assignment to set_threads()Tobias Brunner2017-05-231-4/+9
* Add plugin constructor registration for all libraries that provide pluginsTobias Brunner2017-05-238-0/+64
* plugin-constructors: Add script to generate constructor registrationTobias Brunner2017-05-232-0/+61
* plugin-loader: Add facility to register plugin constructorsTobias Brunner2017-05-232-3/+69
* library: Add compile option to disable memwipe() checkTobias Brunner2017-05-231-0/+6
* pem: Don't read beyond line endsTobias Brunner2017-05-231-2/+2
* x509: Fix leak if there is an empty CDPTobias Brunner2017-05-231-1/+7
* x509: Fix leak if a certificate contains multiple authorityKeyIdentifiersTobias Brunner2017-05-231-0/+1
* kernel-netlink: Use total retransmit timeout as acquire timeoutTobias Brunner2017-05-232-13/+23
* task-manager: Add helper function to calculate the total retransmit timeoutTobias Brunner2017-05-232-1/+42
* ike: Use optional jitter to calculate retransmission timeoutsTobias Brunner2017-05-233-5/+57
* kernel-netlink: Try to add new inbound SA if update failsThomas Egerer2017-05-231-3/+12
* kernel-pfkey: Update SA addresses if supported by the kernelTobias Brunner2017-05-231-21/+16
* kernel-pfkey: Use new encap flag on Mac OS X when updating SAsTobias Brunner2017-05-231-1/+1
* receiver: Restrict init limit to half-open SAs as responderThomas Egerer2017-05-231-4/+2
* kernel-netlink: Update hardware offload attribute when SAs are updatedTobias Brunner2017-05-231-11/+37
* kernel-netlink: Base SA update on correct message in multi-message responseTobias Brunner2017-05-231-7/+7
* vici: Make hardware offload configurableTobias Brunner2017-05-232-0/+15
* child-sa: Optionally enable hardware offload for CHILD_SAsTobias Brunner2017-05-231-0/+1
* child-cfg: Add flag to enable hardware offloadTobias Brunner2017-05-231-0/+3
* child-cfg: Use flags for boolean optionsTobias Brunner2017-05-2312-153/+129
* kernel-netlink: Enable hardware offloading if configured for an SATobias Brunner2017-05-231-0/+25
* kernel-ipsec: Add flag to enable hardware offloading for an IPsec SATobias Brunner2017-05-231-0/+2
* include: Update xfrm.h to include hardware offloading extensionsTobias Brunner2017-05-231-1/+10
* kernel-netlink: Directly handle Netlink messages if thread pool is emptyTobias Brunner2017-05-231-1/+2
* socket-default: Add an option to force the sending interface via IP_PKTINFOMartin Willi2017-05-231-7/+48
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-19 10:28:21 +0000