aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
* Fixed log message when no shared secret is found during IKEv1 Main ModeTobias Brunner2012-10-291-1/+1
|
* issue warning if sqlite finalize is missingAndreas Steffen2012-10-261-1/+4
|
* Fix RSA encryption padding terminator in gmp plugin, broken with 5025135fMartin Willi2012-10-241-0/+2
|
* Added missing noskip_flag setter/getter to some pa_tnc_attr_t constructorsTobias Brunner2012-10-2414-6/+34
|
* Add a scepclient option to specify a CA identifier to fetch certs forMartin Willi2012-10-243-10/+31
|
* Remove all ESP proposals with non-matching DH group during Quick ModeTobias Brunner2012-10-241-10/+22
| | | | | | According to RFC 2409, section 5.5, if PFS is used all proposals MUST include the selected DH group, so we remove proposals without the proposed group and remove other DH groups from the remaining proposals.
* proposal_t.strip_dh() takes a DH group to keep, using MODP_NONE will remove allTobias Brunner2012-10-243-6/+15
|
* Remove MODP groups from default ESP proposalTobias Brunner2012-10-241-1/+1
| | | | | This now actually makes pfs=no the default and it equals the default listed in ipsec.conf.5. efc69e9f preserved the default of pfs=yes.
* Moved utils.[ch] to utils folderTobias Brunner2012-10-2410-13/+13
|
* Moved settings_t to utils folderTobias Brunner2012-10-246-9/+10
|
* Moved debug.[ch] to utils folderTobias Brunner2012-10-24300-437/+439
|
* Moved enum_name_t to utils folderTobias Brunner2012-10-2412-16/+15
|
* Moved chunk_t to utils folderTobias Brunner2012-10-2412-16/+16
|
* Moved printf hooks to utils folderTobias Brunner2012-10-246-9/+10
|
* Moved integrity_checker_t to utils folderTobias Brunner2012-10-245-6/+6
|
* Moved data structures to new collections subfolderTobias Brunner2012-10-24229-332/+338
|
* Moved packet_t and tun_device_t to networking folderTobias Brunner2012-10-2415-20/+23
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-2447-53/+59
|
* Send certificate requests in load-testerMartin Willi2012-10-241-2/+2
|
* Add load-tester traffic selector configuration optionsMartin Willi2012-10-241-5/+67
|
* Make use of new CIDR string ts constructor where appropriateMartin Willi2012-10-244-74/+23
|
* Add a traffic selector constructor creating a TS directly from a CIDR stringMartin Willi2012-10-242-0/+30
|
* PKCS#11 library search using keyid uses a fallback to look for certificatesMartin Willi2012-10-241-4/+8
|
* Increase the limit of acceptable IKEv1 CERTREQ payloads to 20Martin Willi2012-10-241-1/+1
|
* Use explicit, larger buffer sizes for smartcard keyids and modulesMartin Willi2012-10-241-8/+8
|
* Add a strongswan.conf option to disable loading of all certificates from a ↵Martin Willi2012-10-241-6/+11
| | | | pkcs11 module
* Support loading cacert certificates in ipsec.conf ca sections from smartcardMartin Willi2012-10-241-19/+37
|
* Refactored stroke smartcard token parsing, support module and slot in ↵Martin Willi2012-10-241-62/+101
| | | | leftcert option
* Explicit pkcs11 certificate loading can enforce a module and a slotMartin Willi2012-10-242-4/+21
|
* Be less verbose if loading PKCS#11 certificate failsMartin Willi2012-10-241-6/+1
|
* Load ipsec.conf %smartcard leftcerts with pkcs11 builderMartin Willi2012-10-241-8/+20
|
* Add a builder to load specific pkcs11 certificates by keyidMartin Willi2012-10-243-0/+115
|
* If no pkcs11 public key for a private key found, search for a certificateMartin Willi2012-10-241-4/+53
|
* Move pkcs11 public key lookup function declaration to header fileMartin Willi2012-10-243-20/+18
|
* Only add an implicit PRF based on the MAC alg if no PRF given in proposalMartin Willi2012-10-241-38/+38
|
* Add proposal keywords to explicitly specify PRF algorithmsMartin Willi2012-10-241-0/+8
|
* Add an interactive mode in lookip tool, demonstrate lasting connectionsMartin Willi2012-10-241-9/+57
|
* Send a lookip NOT_FOUND reply if a lookup yields no resultsMartin Willi2012-10-243-11/+32
|
* lookup function of lookip listener returns the number of matchesMartin Willi2012-10-242-3/+9
|
* Handle multiple lookip connections using a single FDSETMartin Willi2012-10-241-49/+162
|
* Renamed list to store listening lookip clientsMartin Willi2012-10-241-5/+5
|
* Handle client subscriptions in lookip pluginMartin Willi2012-10-241-12/+89
|
* Add a lookip server side UNIX socket processing LOOKUP and DUMP requestsMartin Willi2012-10-244-1/+309
|
* Add a simple command line utility to query the lookip pluginMartin Willi2012-10-243-0/+213
|
* Defined on-the-wire format used on lookip socketMartin Willi2012-10-242-1/+94
|
* Add a lookip function to register virtual IP notification listenersMartin Willi2012-10-242-4/+87
|
* Add a lookup method to lookip plugin, using a callback to invokeMartin Willi2012-10-242-0/+53
|
* Add a lookip listener that collects the information we are interested inMartin Willi2012-10-244-1/+267
|
* Add a lookip plugin stub to lookup connections by virtual IPMartin Willi2012-10-244-0/+125
|
* Add "listcounters" command to ipsec.8 manpageMartin Willi2012-10-241-0/+4
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-24 00:05:04 +0000