ff4b25f9b7
Throw an alert via bus_t when remote authentication fails.
2011-08-12 09:59:27 +02:00
b49d047bfc
Invoke the per-round authorize() hook before purging current auth info on IKE_SA
2011-02-03 17:08:39 +01:00
2b7686b5d8
Migrated ike_auth to INIT/METHOD macros, fixes missing initial_contact initialization
2011-02-02 15:13:39 +01:00
983a5e88d3
Revert "Send INITIAL_CONTACT even if we have a unique policy"
...
It makes sense to omit INITIAL_CONTACT if don't have a unique policy,
as a client might want to connect from different devices to the same
account.
This reverts commit 719c33b41a
2011-01-13 10:50:46 +01:00
719c33b41a
Send INITIAL_CONTACT even if we have a unique policy
2011-01-10 11:54:10 +01:00
6f5892f5c7
Destroy existing IKE_SAs with same identities when receiving INITIAL_CONTACT
2011-01-05 16:46:08 +01:00
a4a1e24d37
Send INITIAL_CONTACT for the first IKE_SA if it has a unique policy
2011-01-05 16:46:08 +01:00
5f15faebc8
Include the used reserved bytes from ID payloads in AUTH calculation
2011-01-05 16:45:53 +01:00
3c354b6d11
NOTIFY error message types include 16383
2010-09-29 19:01:36 +02:00
36eafea232
Use the AAA Identity for EAP authentication, if given
2010-08-31 18:10:23 +02:00
83628fd600
Accept EAP_ONLY_AUTHENTICATION notifies from any client, now that IANA allocated an ID.
2010-08-04 12:58:53 +02:00
5b6c220d13
Added log statement if peer requests EAP, but current config does not allow it
2010-07-21 17:09:15 +02:00
ec6caa1367
Copy EAP specific attributes to auth config only
2010-07-05 09:41:04 +02:00
08c5572602
Moving charon to libcharon.
2010-03-19 13:34:52 +01:00
Tobias Brunner