aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Expand)AuthorAgeFilesLines
...
* charon-nm: Fix typo to actually use random NAT-T portTobias Brunner2017-05-191-1/+1
* af-alg: Fix crypt() definition conflictBaruch Siach2017-05-151-2/+2
* x509: Evaluate return codes of parsing functionsAndreas Steffen2017-05-084-52/+149
* nm: Explicitly prevent the smartcard PIN from being storedRaphael Geissert2017-05-081-0/+2
* nm: IKE/ESP proposal customization supportDefunct2017-05-082-0/+202
* charon-nm: IKE/ESP proposal customization supportDefunct2017-05-081-5/+59
* eap-simaka-sql: Fixed database column from use to usedAndreas Steffen2017-04-261-4/+7
* pki: Reset variable so error handling works properlyTobias Brunner2017-04-191-0/+1
* vici: Fix type error exception in Python bindingsodi792017-04-191-1/+1
* kernel-netlink: Avoid O(n^2) copy operations when concatenating Netlink respo...Jiri Horky2017-03-271-7/+13
* libtls: Replace expired certificates for unit testsTobias Brunner2017-03-241-68/+66
* pki: Actually make the default key type KEY_ANY for --selfTobias Brunner2017-03-241-1/+1
* addrblock: Narrow selectors when rekeying a CHILD_SA as original responderMartin Willi2017-03-241-0/+1
* kernel-wfp: Don't redefine IPPROTO_IP* if already definedTobias Brunner2017-03-231-0/+4
* pki: Cast length derived from pointer arithmetic to intTobias Brunner2017-03-231-1/+1
* vici: Don't fall back to uninstalling traps if a matching shunt was foundTobias Brunner2017-03-231-3/+7
* Fixed some typos, courtesy of codespellTobias Brunner2017-03-237-7/+7
* swanctl: Reformulate IKEv1 selector restriction, describe problems with TS na...Noel Kuntze2017-03-231-3/+10
* swanctl: Mention including files when referring to strongswan.conf(5)Tobias Brunner2017-03-231-1/+2
* Allow x25519 as an alias of the curve25519 KE algorithmAndreas Steffen2017-03-201-0/+1
* Reference Edwards-curve signature RFCsAndreas Steffen2017-03-203-17/+19
* The tpm plugin offers random number generationAndreas Steffen2017-03-207-3/+208
* vici: Document how we pronounce the vici protocol and pluginMartin Willi2017-03-201-3/+3
* swanctl: Describe what happens when a FQDN is specified in local|remote_addrsTobias Brunner2017-03-201-0/+6
* ikev1: First do PSK lookups based on identities then fallback to IPsTobias Brunner2017-03-201-36/+34
* ike-sa-manager: Remove superfluous assignmentThomas Egerer2017-03-161-4/+0
* ike: Log remote IP when deleting half-open IKE_SAsTobias Brunner2017-03-151-1/+2
* aikpub2: Removed aikpub2 toolAndreas Steffen2017-03-064-325/+0
* pki: Add key object handle of smartcard or TPM private key as an argument to ...Andreas Steffen2017-03-062-5/+25
* utils: chunk_from_hex() skips optional 0x prefixAndreas Steffen2017-03-062-11/+18
* pki: Edited keyid parameter use in various pki man pages and usage outputsAndreas Steffen2017-03-0612-19/+34
* quick-mode: Correctly prepare NAT-OA payloads as responderTobias Brunner2017-03-061-8/+13
* Add keyid of smartcard or TPM private key as an argument to pki --reqAndreas Steffen2017-03-021-2/+15
* libipsec: Enforce a minimum of 256 for SPIsTobias Brunner2017-03-021-3/+4
* libipsec: Fix min/max SPITobias Brunner2017-03-021-2/+2
* controller: Don't listen for CHILD_SA state changes when terminating IKE_SAsTobias Brunner2017-03-021-1/+0
* kernel: Make range of SPIs for IPsec SAs configurableTobias Brunner2017-03-024-8/+40
* settings: Add support for hex integers (0x prefix) via get_int()Tobias Brunner2017-03-021-1/+6
* libipsec: Log a packet's ports and protocol in case of a policy mismatchTobias Brunner2017-03-021-5/+7
* host: Don't log port if it is zeroTobias Brunner2017-03-022-6/+6
* libipsec: Match IPsec policies against ports of processed packetsTobias Brunner2017-03-021-1/+21
* addrblock: Use dynamic TS narrowing instead of rejecting the whole CHILD_SAMartin Willi2017-03-021-43/+28
* addrblock: Support an optional non-strict mode accepting certs without addrblockMartin Willi2017-03-021-3/+11
* child-cfg: Always apply hosts to traffic selectors if proposing transport modeTobias Brunner2017-02-271-14/+19
* traffic-selector: Allow calling set_address() for any traffic selectorTobias Brunner2017-02-273-48/+63
* pki: Add a note about constructing RFC 3779 compliant certificates to manpageMartin Willi2017-02-272-0/+6
* pki: Support an --addrblock option for issued certificatesMartin Willi2017-02-272-1/+22
* pki: Support an --addrblock option for self-signed certificatesMartin Willi2017-02-272-0/+23
* pki: Add a helper function parse traffic selectors from CIDR subnets or rangesMartin Willi2017-02-272-0/+31
* x509: Do not mark generated addrblock extension as criticalMartin Willi2017-02-271-2/+1
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 03:16:27 +0000