2012-06-12 |
Martin Willi | NEWS about specifying trustchain HASH algorithm requirements
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | Add documentation for signature hash algorithm enforcing...
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | Added signature scheme options left/rightauth
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | Support multiple different public key strength types...
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | Add signature schemes to auth_cfg during trustchain...
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | certificate_t->issued_by takes an argument to receive...
|
commit | commitdiff | tree |
2012-06-12 |
Martin Willi | Define auth_cfg rules for signature schemes
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Enforce uniqueness policy in IKEv1 main and aggressive...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Try to rekey without KE exchange if peer returns INVALID_KE_...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | While checking for redundant quick modes, compare traffic...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Store shorter soft lifetime of in- and outbound SAs...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Initiate quick mode rekeying with narrowed traffic...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Use traffic selectors passed to quick mode constructor...
|
commit | commitdiff | tree |
2012-06-08 |
Martin Willi | Instead of rekeying, delete a quick mode if we have...
|
commit | commitdiff | tree |
2012-06-06 |
Martin Willi | As responder, enforce the same configuration while...
|
commit | commitdiff | tree |
2012-06-05 |
Martin Willi | Show expiration time of rekeyed CHILD_SAs in statusall
|
commit | commitdiff | tree |
2012-05-31 |
Martin Willi | Fix boolean return value if an empty RSA signature...
|
commit | commitdiff | tree |
2012-05-23 |
Martin Willi | Apply IDir before deriving keys as aggressive initiator
|
commit | commitdiff | tree |
2012-05-23 |
Martin Willi | Use received identity to look up PSK as aggressive...
|
commit | commitdiff | tree |
2012-05-23 |
Martin Willi | Check if we actually have an initiating packet to free...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Cancel pending retransmits when flushing active task...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Cancel active quick mode task when receiving INFORMATIONAL...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Flush task queues explicitly, not implicitly if task...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Wrap task managers flush_queue() in IKE_SA
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Make task managers flush_queue() method public
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Enumerate correct list while removing nonce_gens, fix...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Added a convenience function to dump backtraces for...
|
commit | commitdiff | tree |
2012-05-21 |
Martin Willi | Fix IKEv1 DPD clear, destroying IKE_SA even if reestablish...
|
commit | commitdiff | tree |
2012-05-15 |
Martin Willi | Moved IKEv1 DPD processing to task manager, fix sequence...
|
commit | commitdiff | tree |
2012-05-15 |
Martin Willi | Consider inbound ESP as a sign of liveness for DPD...
|
commit | commitdiff | tree |
2012-05-15 |
Martin Willi | Schedule a DPD timeout job that enforces the IKE message...
|
commit | commitdiff | tree |
2012-05-15 |
Martin Willi | Send unanswered follow up R_U_THERE messages with the...
|
commit | commitdiff | tree |
2012-05-15 |
Martin Willi | Do not send IKEv1 DPD retransmit, but create a new...
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Explicitly cast from strict_t to crl_policy_t
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Use correct integrity_algorithm_t enum type in bench_signer()
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Make function pointer defined with METHOD() macro non...
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Remove unused return value of INIT(), making clang...
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Register load-tester faked kernel interface before...
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Load tester can enforce a local IP to use
|
commit | commitdiff | tree |
2012-05-14 |
Martin Willi | Add plugin features support to load-tester plugin
|
commit | commitdiff | tree |
2012-05-03 |
Martin Willi | If we load new features from a plugin, restart loading...
|
commit | commitdiff | tree |
2012-05-03 |
Martin Willi | stroke plugin sdepends on building CERT_ANY certificates
|
commit | commitdiff | tree |
2012-05-03 |
Martin Willi | Building CERT_ANY through PEM requires either a CERT_X509...
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | Add plugin features support to stroke plugin
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | Certificate decoding soft-depends on public key decoding...
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | PEM loading plugin features depend on the same feature...
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | Don't depend on a feature that has a dependency to...
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | Merge branch 'ikev1'
|
commit | commitdiff | tree |
2012-05-02 |
Martin Willi | Added a dedicated sender flush method, delay sender...
|
commit | commitdiff | tree |
2012-04-26 |
Martin Willi | Fixed Android null terminated password fixup in xauth-eap
|
commit | commitdiff | tree |
2012-04-17 |
Martin Willi | Keep COOKIEs enabled once threshold is hit, until we...
|
commit | commitdiff | tree |
2012-04-17 |
Martin Willi | Added a note about DH/keymat lifecycle for custom implementa...
|
commit | commitdiff | tree |
2012-04-17 |
Martin Willi | Reuse existing DH value when retrying IKE_SA_INIT with...
|
commit | commitdiff | tree |
2012-04-16 |
Martin Willi | Fix iteration through half-open IKE_SA table
|
commit | commitdiff | tree |
2012-04-11 |
Martin Willi | Don't invoke child_updown hook twice as responder
|
commit | commitdiff | tree |
2012-04-11 |
Martin Willi | Accept zero-length certificate request payloads
|
commit | commitdiff | tree |
2012-04-04 |
Martin Willi | Added another bunch of commonly used IKEv1 NATT vendor IDs
|
commit | commitdiff | tree |
2012-04-02 |
Martin Willi | More detailed NEWS about RADIUS extensions
|
commit | commitdiff | tree |
2012-03-22 |
Martin Willi | Fix null-terminated XAuth passwords, as sent by Android 4
|
commit | commitdiff | tree |
2012-03-22 |
Martin Willi | Store authentication info of a XAUTH round on IKE_SA
|
commit | commitdiff | tree |
2012-03-22 |
Martin Willi | Added a getter for CHILD_SA marks
|
commit | commitdiff | tree |
2012-03-22 |
Martin Willi | Define a special XFRM mark_t.value that dynamically...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Reply with received configuration payload identifier...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Merge branch 'ikev1-clean' into ikev1-master
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Check if we actually have a packet before retransmitting it
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use a single set of FDs for all random plugin RNG instances
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use correct enum values to detect three message tasks...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Trigger DPD not before IKE_SA state gets updated
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Fix mapping of IKEv1 encapsulation mode
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use UDP encapsulation even in non-NAT situation if...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Updated ipsec.conf man page for the use of IKEv1 with...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Support inactivity timeout in IKEv1 CHILD_SAs
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use a dedicated PRF for HASH/SIG payloads using ECDSA...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Select public key auth method by checking what key...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Support ECDSA signatures in IKEv1 pubkey authenticator
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Exchange certificates when using IKEv1 ECDSA authentication
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Accept NULL auth_cfg_t passed to credential_manager_t...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Support encoding of IKEv1 ECDSA proposals
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Dropped support of deprecated authby=eap and eap= options
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Added support for authby/xauth_server legacy options
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Renamed CONFIGURATION_ATTRIBUTE_LENGTH to streamline...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use ATTRIBUTE_VALUE rule in configuration attribute...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Don't re-resolve addresses during initiate if they...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Adopt children after syncing a rekeyed IKEv1 SA
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Synchronize IKEv1 DPD sequence numbers
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Setting message ID on task manager sets DPD sequence...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Update state before triggering DPD, as we cancel it...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Set thread specific SA on bus for each enumerated IKE_SA
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Sync remote virtual IP for IKEv1 SAs
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Sync new IKE_SA condition/extension flags
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Added support for Phase1 IV synchronization to HA plugin
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Invoke bus_t.message hook twice, once plain and parsed...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Create IKEv1 keymat hasher explicitly on sync
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Clear initiator flag when checking out initial IKEv1...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Added support to sync IKEv1 SAs key material in HA...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Pass IKEv1 specific keymat to ike_keys hook
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Use a more complete implementation of a HA specific...
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Show IKE version in ipsec statusall
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Apply proposal to a HA synced IKE_SA
|
commit | commitdiff | tree |
2012-03-20 |
Martin Willi | Set selected proposal on IKEv1 SA, don't pass it separately...
|
commit | commitdiff | tree |
next |