Martin Willi
3bc62fe70e
improved MOBIKE:
...
prefer address family already used
do not change address implicit when mobike supported
handle multiple simultaneous roaming requests more properly
proper enabling/disabling of UDP encapsulation
2007-07-03 12:32:38 +00:00
Andreas Steffen
dd0ee786db
support of PKCS#11 init arguments required by NSS softoken, patch contributed by Robert Varga
2007-07-03 09:33:02 +00:00
Andreas Steffen
e0e6137dd3
support of PKCS#11 init arguments required by NSS softoken, patch contributed by Robert Varga
2007-07-03 09:26:44 +00:00
Martin Willi
4979e85871
added message ID to message log
2007-07-03 09:00:16 +00:00
Martin Willi
cba7ba7f9d
show kind of notify contained in messages in log
2007-07-03 08:50:14 +00:00
Andreas Steffen
bcac22f3a6
DBG1 level for 'peer supports MOBIKE' debug message
2007-07-02 20:13:15 +00:00
Andreas Steffen
561f88e306
fixed typo
2007-07-02 20:10:26 +00:00
Andreas Steffen
fdd32ee6e5
fix of the bug fix, courtesy of Robert Varga
2007-07-02 17:48:30 +00:00
Andreas Steffen
2f806bd866
bug fix courtesy of Robert Varga
2007-07-02 17:42:16 +00:00
Martin Willi
3d928c9ffd
fixed mobike address update from and to NAT
2007-07-02 12:55:07 +00:00
Martin Willi
face844a87
proper update of IPsec SA when roaming a host-to-host tunnel
...
roaming of IPsec SAs using virtual IPs
2007-07-02 09:49:22 +00:00
Martin Willi
530dd57c6a
fixed memleak
2007-07-02 08:33:15 +00:00
Martin Willi
0d30da5dfd
updated charons architecture description
2007-06-29 09:21:28 +00:00
Martin Willi
ffbca197c1
fixed dpd=hold when using virtual IPs
2007-06-29 08:03:32 +00:00
Martin Willi
8ba7d34253
removed accidently checked in debbuging code
2007-06-29 07:40:04 +00:00
Martin Willi
c532d6460d
fixed IKE_SA reestablishment after DPD using port 500
2007-06-28 15:24:24 +00:00
Andreas Steffen
c2bc2b2782
alphabetical order
2007-06-27 21:49:09 +00:00
Andreas Steffen
e0e7ef070d
separated pluto, charon, and klips setup config section parameters
2007-06-27 15:42:11 +00:00
Andreas Steffen
487fe29ee3
added lefthostaccess and leftprotoport parameters
2007-06-27 14:03:56 +00:00
Andreas Steffen
7900ab1b7a
update ipsec.conf man page
2007-06-27 13:29:36 +00:00
Andreas Steffen
c4c916f90a
add starter.8 man page to distribution
2007-06-27 13:29:20 +00:00
Martin Willi
fc2d1c420f
further mobike improvements, regarding to NAT-T
2007-06-27 13:10:55 +00:00
Andreas Steffen
6fa8bd61c1
cosmetics
2007-06-27 10:04:02 +00:00
Andreas Steffen
2f153a2263
recognize wildcard keyingtries=%forever
2007-06-27 08:11:22 +00:00
Andreas Steffen
a80521d13e
recognize wildcards right=%group and keyingtries=%forever
2007-06-27 08:11:08 +00:00
Andreas Steffen
cae8f3e9b6
updated copyright statement
2007-06-27 07:36:44 +00:00
Andreas Steffen
31302718ff
fixed distro and copyright information
2007-06-27 07:25:19 +00:00
Martin Willi
2b3100b5d0
simple roaming of the client works (not MOBIKE conform yet!)
2007-06-26 13:04:13 +00:00
Martin Willi
4cb9d7a758
further fixed for mobike roaming
2007-06-25 13:26:02 +00:00
Andreas Steffen
3f946e1c90
support of right=%<FQDN> wildcard
2007-06-25 11:28:39 +00:00
Andreas Steffen
e6a22d8728
discarded unused functions
2007-06-25 09:06:13 +00:00
Andreas Steffen
3345c0a1ed
make starter behave more gracefully in the presence of non-fatal errors
2007-06-25 07:10:23 +00:00
Martin Willi
17d92e9732
further MOBIKE stuff:
...
kernel properly reports network reconfiguration and informs all IKE_SAs
MOBIKE in IKE_AUTH: MOBIKE_SUPPORTED notify and address exchange
reestablishment of IKE_SAs on network reconfiguration kinda works
not stable yet!
2007-06-21 15:25:28 +00:00
Martin Willi
cbbb71c4ac
don't modify des/3des input key anymore
2007-06-19 07:56:28 +00:00
Martin Willi
6835280041
fixed virtua IP: adding virtual IP to interface address list cache directly
...
corrected debug targets
2007-06-19 06:20:33 +00:00
Andreas Steffen
280f6b1ab2
set nexthop to him when instantiating rightallowyes template with leftnexthop == right
2007-06-18 20:07:47 +00:00
Andreas Steffen
d0f55e236d
support of right|leftallowany flag
2007-06-18 17:51:45 +00:00
Martin Willi
3b04350ab2
added extensions management to IKE_SA
...
fixed NATD payload (port) when using route lookup
2007-06-18 10:32:01 +00:00
Martin Willi
7068410b6f
source address lookup in kernel interface
...
use it for NAT detection if no source address known from config
support for %any...%any connections
2007-06-18 07:25:58 +00:00
Martin Willi
209c2e9049
support for left=%any change our address dynamically
2007-06-18 05:57:59 +00:00
Martin Willi
ca68a75eaf
increased receive buffer to handle more interfaces
2007-06-18 05:56:18 +00:00
Andreas Steffen
2dc0366994
fixed typo
2007-06-16 20:22:05 +00:00
Andreas Steffen
0c8e0615aa
recognize strongswan-2.8.5 VID
2007-06-16 20:21:14 +00:00
Martin Willi
08a8f4496f
implemented more flexible iterator hook API
...
kernel interface handles interface changes and updates address list
2007-06-15 13:23:18 +00:00
Martin Willi
02b3ec0a10
implemented address change notification (for MOBIKE)
...
implemented up to date address list cache to list interfaces
2007-06-14 15:16:15 +00:00
Martin Willi
fede28be8b
fixed memleak when initiating to %any
2007-06-14 08:44:19 +00:00
Martin Willi
04f4e82d53
added missing files to the last commit
2007-06-14 08:17:23 +00:00
Martin Willi
26424f03c3
proper reauthentication:
...
IKE_SA is closed completely before the new is initiated,
resolves some issues when a dynamic IP is requested from a pool
2007-06-14 08:13:05 +00:00
Martin Willi
eda454a261
case insensitive identification_t.equals() for FQDN and RFC822ADDR
2007-06-14 07:02:01 +00:00
Martin Willi
424e0c467e
ported interfaces to new threading functions (incomplete)
2007-06-11 14:24:32 +00:00