Noel Kuntze
09f4bccfea
kernel-netlink: Implement passthrough type routes and use them on Linux
...
Enables us to ignore any future kernel features for routes unless
we actually need to consider them for the source IP routes.
Also enables us to actually really skip IPsec processing for those networks
(because even the routes don't touch those packets). It's more what
users expect.
Co-authored-by: Tobias Brunner <tobias@strongswan.org>
2020-03-10 10:20:58 +01:00
Josh Soref
b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
Tobias Brunner
f99bd2a5a6
kernel-interface: Consider interface ID when allocating reqids
2019-04-03 12:00:08 +02:00
Tobias Brunner
a46d233c0e
kernel-interface: Not all kernel interfaces support SPIs on policies
2017-08-07 10:44:05 +02:00
Tobias Brunner
6d86d0f516
kernel: Make range of SPIs for IPsec SAs configurable
2017-03-02 08:52:56 +01:00
Tobias Brunner
46c21e3cc3
kernel-interface: Add interface name to local subnet enumerator
2017-02-08 10:38:28 +01:00
Tobias Brunner
324fc2cb52
kernel-interface: Add method to enumerate locally attached subnets
2017-02-08 10:38:28 +01:00
Tobias Brunner
99a57aa5ee
kernel-net: Let get_nexthop() return an optional interface name
...
The returned name should be the interface over which the destination
address/net is reachable.
2016-06-10 13:54:18 +02:00
Tobias Brunner
89da06ace9
kernel: Use structs to pass information to the kernel-ipsec interface
2016-04-09 16:50:59 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
8394ea2a42
libhydra: Move kernel interface to libcharon
...
This moves hydra->kernel_interface to charon->kernel.
2016-03-03 17:36:11 +01:00
Tobias Brunner
6f449d2efd
Moved kernel interface to libhydra.
2010-09-02 19:01:25 +02:00
Tobias Brunner
9f166d9ac2
Removed references to protocol_id_t from kernel interface.
...
Instead we use the actual IP protocol identifier (the conversion now happens in
child_sa_t and kernel_handler_t).
2010-09-02 19:01:25 +02:00
Tobias Brunner
c560ddeb25
Added listener handling to kernel interface.
2010-09-02 19:01:23 +02:00
Tobias Brunner
211943be23
Some whitespace and code style fixes.
2010-09-02 19:01:23 +02:00
Andreas Steffen
ee26c537d7
support of xfrm marks for IKEv2
2010-07-02 23:46:09 +02:00
Tobias Brunner
08c5572602
Moving charon to libcharon.
2010-03-19 13:34:52 +01:00