Martin Willi
80b7162531
improved log output for checkout_by_message()
2007-04-04 07:11:12 +00:00
Martin Willi
b9e363f86f
added IKE_SA_INIT retransmission detection
...
fixed thread exhaustion when IKE_SA is blocked for a longer time
2007-03-29 14:20:10 +00:00
Martin Willi
361e6df8c1
fixed task manager message id bug for cookies
2007-03-29 11:08:30 +00:00
Martin Willi
a6bdc731b1
added retry limit for IKE_SA_INIT (give up after 5 cookie failures)
2007-03-29 11:07:49 +00:00
Martin Willi
4deb89485c
removed send_queue, handled internally in sender_t know
...
do header parsing in receiver, ready for cookie integration
2007-03-28 13:34:02 +00:00
Martin Willi
9179ac9667
merged changes from eap-aka trunk
2007-03-28 07:32:54 +00:00
Martin Willi
c00840478e
fixed state and logging of IKE_SA when using EAP authentication
2007-03-27 16:11:29 +00:00
Martin Willi
e23a59f635
fixed deferred CHILD_SA rekeying while IKE_SA rekeying in progress
2007-03-27 13:32:12 +00:00
Martin Willi
b34f86f545
giving up EAP-SIM authentication after 3 failed challenges
2007-03-27 06:24:17 +00:00
Martin Willi
92275b0981
added CHILD_SA compare check for rekeying collisions
2007-03-22 07:34:42 +00:00
Martin Willi
4315f5c88b
fixed some rekey collision issues
...
added retry with jitter when rekeying fails
2007-03-21 16:11:14 +00:00
Martin Willi
eef0859043
fixed child rekey collision
...
implemented ike rekey collision
2007-03-21 14:42:49 +00:00
Martin Willi
195ada0b4b
handling of CHILD_SA rekeying collisions
2007-03-21 09:25:36 +00:00
Martin Willi
403f8fd300
fixed inproper delete of CHILD_SA
2007-03-21 07:01:14 +00:00
Martin Willi
128ca073d2
prevent from initiating to %any
2007-03-21 07:00:04 +00:00
Martin Willi
0f33e8264a
fixed some exchange collisions (except IKE/CHILD rekeying)
2007-03-20 16:13:21 +00:00
Martin Willi
e70d5576fa
fixed statusall rekey time jitter bug (again)
2007-03-20 14:56:41 +00:00
Martin Willi
39a268b867
fixed CHILD_SA rekeying time in statusall
2007-03-20 12:29:42 +00:00
Martin Willi
37c6ebb78b
fixed nat detection bug
2007-03-20 12:25:08 +00:00
Martin Willi
fdb9b2bdde
respecting "keyingtries" parameter on IKE_SA setup
2007-03-20 08:16:16 +00:00
Martin Willi
1edf116cfd
cleanups
...
fixed reset()
2007-03-20 08:15:53 +00:00
Martin Willi
755bdcc274
adjusted loglevels
2007-03-20 08:13:54 +00:00
Martin Willi
ccf96c7e43
EAP-SIM cleanups
2007-03-19 09:59:17 +00:00
Martin Willi
e05a0b765a
fixed CHILD_SA rekeying/delete bug on 64bit machines
...
removed obsolete methods in delete_payload
2007-03-19 08:04:37 +00:00
Martin Willi
d560c849e3
added --with-sim-reader option to configure script
...
some cleanups in eap_sim
2007-03-14 15:39:45 +00:00
Martin Willi
c105696d1c
removed dublicated code in eap_authenticator
2007-03-14 15:25:00 +00:00
Martin Willi
1e93d77153
version number selection fix
...
some cleanups
2007-03-14 11:20:34 +00:00
Martin Willi
edfabed069
cleaned up and fixed DPD handling code
2007-03-14 11:07:12 +00:00
Martin Willi
b857118bd7
removed cfg-payload dns test code
2007-03-14 11:04:31 +00:00
Martin Willi
b0f24449dd
added EAP-SIM authentication
...
client side only
uses an external SIM reader library specified with SIM_READER_LIB
untested
2007-03-13 15:01:02 +00:00
Martin Willi
d2940fd78c
not detaching from bus when IKE_SA_INIT is retried
2007-03-13 14:55:53 +00:00
Martin Willi
3bc0b1a88d
added generic EAP_IDENTITY client implementation using peers IKEv2 ID
2007-03-13 14:54:24 +00:00
Martin Willi
f5fbad4a62
fixed memleaks when using EAP authentication
...
fixed configuration payloads when using EAP
2007-03-08 22:56:14 +00:00
Martin Willi
5744d3e777
fixed payload order (again)
2007-03-08 20:21:17 +00:00
Martin Willi
1216db7e8b
including peers certificate when his certreq is empty
2007-03-08 20:19:24 +00:00
Martin Willi
e5a7f1cd08
implemented cookies as initiator
...
proper logging of notifies in IKE_SA setup
2007-03-08 20:18:39 +00:00
Martin Willi
8b8dd69dee
some cleanups
...
not installing %any DNS servers
2007-03-08 16:58:59 +00:00
Martin Willi
f007a70055
allocation fixes, not complete
2007-03-08 14:41:30 +00:00
Martin Willi
2c7fe7f530
handling "No policy found" properly
2007-03-08 14:41:09 +00:00
Martin Willi
9b8b3e5f5c
fixed CHILD_SA creation within existing IKE_SA
2007-03-08 12:28:10 +00:00
Martin Willi
49e8ac052d
ported changes from EAP branch, renabling EAP framework
2007-03-08 00:27:43 +00:00
Martin Willi
ea235d388e
added more debug output
2007-03-08 00:15:15 +00:00
Andreas Steffen
4eacb268a0
added parsing level to x509_create_from_chunk()
2007-03-07 22:58:25 +00:00
Martin Willi
2540992a06
prevent from initiating multiple exchanges the same time
2007-03-06 22:17:53 +00:00
Martin Willi
c676f2e2a6
fixed notify handling in IKE_AUTH
...
moved nonce payload before TS in CHILD_SA setup
2007-03-06 20:58:39 +00:00
Martin Willi
f2d4ec5639
moved REKEY_SA notify to the beginning of the message
2007-03-06 20:56:58 +00:00
Martin Willi
ddae0f9673
sending an SPI of 0 as responder when IKE_SA_INIT fails
2007-03-06 13:06:47 +00:00
Martin Willi
6e1be42744
some cleanups
...
not assigning %any virtual IPs to peer anymore
2007-03-05 22:07:36 +00:00
Martin Willi
02b3101b67
fixed double free bug
2007-03-05 22:02:14 +00:00
Martin Willi
5bf1be3c9f
fixed ID selection bug when peer doesn't include IDr payload
...
allowing vendor ID in any messag
2007-03-05 15:22:50 +00:00
Martin Willi
373b8a607f
fixed netlink socket receiver code
...
implemented interface enumeration code with netlink: no getifaddrs reqired anymore
2007-03-03 14:56:24 +00:00
Martin Willi
1d51abb71b
implemented get_iface() using RTM_GETADDR
...
added support for multi-header netlink messages
really ugly now, need a lot of refactoring
2007-03-02 17:08:38 +00:00
Martin Willi
8f03147376
added firewalling support when using virtual IPs
2007-03-01 12:31:58 +00:00
Andreas Steffen
9b1f4540c6
preparations for PLUTO_MY_SOURCEIP
2007-03-01 07:45:43 +00:00
Andreas Steffen
7493cd0b6b
corrected typo
2007-03-01 00:00:35 +00:00
Martin Willi
9362e063b9
fixed reauthentication when connections other is %any
2007-02-28 14:17:31 +00:00
Martin Willi
c60c7694d2
merged tasking branch into trunk
2007-02-28 14:04:36 +00:00
Martin Willi
cda642a152
removed eap aka module due nda
2007-02-13 15:19:30 +00:00
Martin Willi
f27f6296e6
merged EAP framework from branch into trunk
...
includes a lot of other modifications
2007-02-12 15:56:47 +00:00
Martin Willi
d3032a9a82
renamed all static clone() functions to avoid naming conflicts with uclibc
2007-02-01 15:24:10 +00:00
Martin Willi
42dcd01ffe
sending proper signal to the bus when detecting a dead peer
2007-02-01 15:23:31 +00:00
Andreas Steffen
883c1e3084
name the created CHILD_SA
2007-01-11 20:03:38 +00:00
Andreas Steffen
31e5d441d8
show rekeying|reauthentication time
2007-01-10 08:18:52 +00:00
Andreas Steffen
af53aa9ec0
show name of created CHILD_SA
2007-01-10 08:18:20 +00:00
Andreas Steffen
a40926c7eb
combined use_in and use_fwd
2007-01-10 08:17:48 +00:00
Martin Willi
a622c99240
fixed crash when CA for certrequest not found
2007-01-08 13:40:36 +00:00
Martin Willi
6a4be80d37
removed unused debugging code
2007-01-08 08:03:40 +00:00
Martin Willi
2dc9d7551b
fixed reauthentication when using %any hosts
2007-01-08 07:32:39 +00:00
Martin Willi
21f42524e0
support for transport in create_child_sa
...
include TRANSPORT/TUNNEL information in statusall
2007-01-08 06:55:50 +00:00
Andreas Steffen
42687ff5d1
fixed typo
2007-01-04 14:29:50 +00:00
Martin Willi
f73d4c9eb0
fixed reuathentication when connections other host is %any
2007-01-03 09:26:44 +00:00
Martin Willi
7652be891c
added support for transport mode and (experimental!) BEET mode
...
support for the type=transport/tunnel parameter in charon
2006-12-21 14:35:17 +00:00
Martin Willi
6fe03b0af0
implemented reauthentication using the new reauth=yes|no parameter
2006-12-19 07:30:07 +00:00
Andreas Steffen
730e2c0542
log IKE SPIs on a separate line
2006-11-01 20:29:04 +00:00
Andreas Steffen
efa0ed68cf
redesigned formatting of ipsec status|statusall
2006-11-01 17:28:47 +00:00
Martin Willi
e691a5c493
some fixes for doxygen
2006-10-31 15:24:08 +00:00
Martin Willi
db7ef62494
better split up of library files "types.h" & "definitions.h"
...
centralized all printf specifier character definitions
reuse of arginfo handlers
more cleanups
fixed more AMD64 issues
added DEBUG_LEVEL compile flag to exclude DBGn() statements
2006-10-31 12:27:59 +00:00
Andreas Steffen
29137c0cef
preparations to include certreqs in policy decisions
2006-10-31 07:04:15 +00:00
Andreas Steffen
914eea92d7
moved (myself) in log output
2006-10-31 06:31:21 +00:00
Martin Willi
382b481795
moved typedefs to beginning of files to solve some include problems
...
splitted authenticator to have a separate implementation for each auth_method_t
using va_copy to clone va_lists, should fix proplems on AMD64
some other cleanups
2006-10-30 14:07:05 +00:00
Martin Willi
5923be21b4
fixed SIGSEGV when setup of an additional CHILD_SA fails
2006-10-30 09:53:54 +00:00
Andreas Steffen
bcba0f0367
changed debug level of certreq log output
2006-10-29 09:11:50 +00:00
Andreas Steffen
a702b731cb
support of certreq payload in IKE_AUTH messages
2006-10-28 20:02:26 +00:00
Andreas Steffen
e44f4d7eef
send a certreq as initiator if other_ca is set
2006-10-28 15:37:23 +00:00
Martin Willi
ebdddb74d4
some improvements in signaling code
2006-10-27 10:46:56 +00:00
Martin Willi
ec92107923
include only source NATD payloads really needed
2006-10-27 10:46:35 +00:00
Martin Willi
b83806d83d
improved signal handling and emitting
2006-10-26 09:46:56 +00:00
Martin Willi
191a26a6a7
removed deprecated iterator methods (has_next & current)
...
added iterator hook to manipulate iterator the clean way
2006-10-24 14:20:45 +00:00
Martin Willi
55bbff11ec
linked list cleanups
...
added list methods invoke(), destroy_offset(), destroy_function()
simplified list destruction when destroying its items
2006-10-24 08:46:17 +00:00
Martin Willi
e706c7f10b
code cleanups in printf handlers
2006-10-20 05:57:25 +00:00
Martin Willi
60356f3375
introduced new logging subsystem using bus:
...
passive listeners can register on the bus
active listeners wait for signals actively
multiplexing allows multiple listeners to receive debug signals
a lot more...
2006-10-18 11:46:13 +00:00
Martin Willi
9e22095ef3
fixed DPD to survive IKE_SA rekeying
2006-09-28 06:57:46 +00:00
Martin Willi
47f5027807
introduced printf() specifiers for:
...
host_t (%H)
identification_t (%D)
chunk pointers (%B)
memory pointer/length (%b)
added a signaling bus:
receives event and debug messages, sends them to its listeners
stream_logger, sys_logger, file_logger added, listen to bus
some other tweaks here and there
2006-09-27 14:14:44 +00:00
Martin Willi
1ce2ad09c3
fixed retransmission policy for responder
2006-09-25 07:24:08 +00:00
Martin Willi
397f344879
fixed dpd for responder
2006-09-25 06:38:58 +00:00
Andreas Steffen
7bd23b7ed5
added hostaccess support
2006-09-25 06:11:36 +00:00
Andreas Steffen
b826069dbb
moved auth_method to policy
2006-09-25 06:11:09 +00:00
Andreas Steffen
d756cd1bd6
added hostaccess support
2006-09-25 06:10:28 +00:00
Andreas Steffen
7968c6a5ff
added hostaccess support
2006-09-25 06:10:02 +00:00
Andreas Steffen
a8960f997a
more consistent authentication logging
2006-09-25 05:59:38 +00:00
Andreas Steffen
fff4ee8a85
added hostaccess support
2006-09-25 05:58:45 +00:00
Martin Willi
6e9bbf18b8
added HOST_ACCESS for firewall script as default
2006-09-18 11:38:37 +00:00
Martin Willi
5fded5139e
more debugging output for PSK authentication
2006-09-18 11:38:11 +00:00
Andreas Steffen
e2de376c74
added PSK support
2006-09-18 07:42:57 +00:00
Martin Willi
b9024ee058
handle certificate parsing error more generous
2006-09-14 13:14:58 +00:00
Martin Willi
567e2a7822
fixed memleak when receiving invalid certificate
2006-09-14 12:15:41 +00:00
Martin Willi
d7934d0cfc
implemented updown script to handle firewalling
2006-09-12 13:50:14 +00:00
Martin Willi
a095243f60
add priority management for kernel policy
...
let ROUTED policies installed, until manuall removed
introduced new naming scheme to allow proper shutdown of IKE/CHILD_SAs
ike_sa_manager cleanups
2006-09-08 13:10:52 +00:00
Martin Willi
1239c6f40b
implemented handling of dpdaction and dpddelay ipsec.conf parameters
2006-09-08 06:12:02 +00:00
Martin Willi
a655f5c09c
reuse reqid when a ROUTED child_sa gets INSTALLED
...
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes
2006-09-05 14:07:25 +00:00
Martin Willi
da8ab11e91
fixed a at-least-one-year-old bug which caused crashed in the scheduler
2006-08-31 06:48:10 +00:00
Martin Willi
053842f4e7
implemented NAT detection for IPv6
2006-08-31 06:17:41 +00:00
Martin Willi
48d9883a3e
initial support for IPv6 (more testing needed)
...
socket works (without v6 filter)
traffic selector handle IPv4/v4 cleanly
improvements in traffic selector code
kernel interface accepts v6 traffic selectors and hosts
host_t class has full IPv6 support
2006-08-30 17:12:56 +00:00
Martin Willi
4c23a8c9ec
moved interface enumeration code to socket, where it belongs
...
query interfaces every time we need it to respect changes in network config
added address listing on startup and "ipsec statusall"
2006-08-28 08:45:22 +00:00
Martin Willi
9be547c0ed
added name property in CHILD_SA, allows proper status output
2006-08-25 09:07:37 +00:00
Martin Willi
7106403bd8
2006-08-25 07:42:48 +00:00
Martin Willi
c3e7aeb102
fixed bug which prevented port float when nat is detected
2006-08-25 07:37:22 +00:00
Martin Willi
d03ab568a6
fixed rekeying behavior when proposing an inacceptable DH group (INVALID_KE_PAYLOAD)
2006-08-23 09:25:41 +00:00
Martin Willi
3183006de2
implement proper handling of most simultaneous IKE_SA rekeying cases
2006-08-23 07:30:43 +00:00
Martin Willi
fe04e93a8b
implemented IKE_SA rekeying
...
uses ikelifetime, rekeymargin and rekeyfuzz config settings
no handling of simultaneus exchanges yet!
2006-07-27 12:18:40 +00:00
Martin Willi
45f76a7ddd
added possibility to route CHILD_SAs, without to set them up
...
support for auto=route parameter
support for ipsec route and ipsec unroute
initiating of CHILD and/or IKE_SAs based on kernel acquires
2006-07-21 13:31:53 +00:00
Martin Willi
c0593835f4
reuse an existing IKE_SA to set up additional CHILD_SAs
2006-07-20 14:57:49 +00:00
Martin Willi
8dfbe71b34
introduced refcounting on policy and connections
...
aren't stored in the IKE_SA anymore, they are queried on the fly
are immutable now, allows it to share them
policy selection based on traffic selectors, leads to valid lookup results
rekeying queries the policy based on its traffic selectors
2006-07-20 10:09:32 +00:00
Martin Willi
92ee45a0ee
cleanups in kernel interface code
...
added proper traffic selector to string conversion
some cleanups here & there
2006-07-18 12:53:54 +00:00
Martin Willi
b34be51cef
fixed bug which erroneously detected KE payload when rekeying
2006-07-14 08:18:48 +00:00
Martin Willi
325e497798
improved logging on verify errors for some payloads
...
enforcing IKE_SA shutdown, even when transactions are outstanding
proper reject of CREATE_CHILD_SA message with KE payload
2006-07-13 12:49:35 +00:00
Martin Willi
4c04f30a51
fixed CREATE_CHILD_SA transaction dispatching
2006-07-13 08:51:24 +00:00
Martin Willi
bcb95ced3d
added CHILD_SA states, which allows us to detect further simultaneous transactions
...
reimplemented the buggy message id handling
2006-07-13 08:26:54 +00:00
Martin Willi
cb5c41cde9
updated some inline docs
2006-07-12 14:08:52 +00:00
Martin Willi
0d379627de
fixed crypter/signer in/out to conform with standard
2006-07-12 14:08:13 +00:00
Martin Willi
b68afb7bd8
fixed payload order
2006-07-12 14:07:30 +00:00
Martin Willi
aeeb4f4f97
added policy cache to kernel interface
...
allows refcounting of multiple installed policies
finally brings us stable simultaneous rekeying
2006-07-12 11:42:36 +00:00
Martin Willi
269f7f448b
leak detective blanks memory on free & alloc, allows further membug detection
2006-07-12 11:15:31 +00:00
Andreas Steffen
c361cc8c51
identification_t.matches() supports multiple wildcard counts
2006-07-11 06:12:45 +00:00
Martin Willi
abba7ecb9d
further work done for simultaneous rekeying/delete
...
still some cases which cause trouble
2006-07-10 14:24:04 +00:00
Martin Willi
c71d53ba4e
updated copyright information
2006-07-07 08:49:06 +00:00
Martin Willi
698d774918
reimplemented CHILD_SA rekeying & delete
...
no simultanous transaction with CHILD_SAs yet!
2006-07-07 07:04:07 +00:00
Martin Willi
5f0eb96fc4
improved CHILD_SA output for "ipsec statusall"
2006-07-05 13:11:55 +00:00
Martin Willi
3dd3c5f39e
redesigned IKE_SA using a transaction mechanism:
...
removed old state machine
reimplemented IKE_SA setup and delete
implemented dead peer detection
implemented keep-alives
a lot of fixes
no rekeying yet
2006-07-05 10:53:20 +00:00
Martin Willi
f141214e64
applied latest NATT patch with some fixes and cleanups
2006-07-04 13:25:00 +00:00
Andreas Steffen
a642cbe3ae
log entries start with lowcercase character
2006-07-04 06:11:35 +00:00
Andreas Steffen
427088f004
fixed natd_hash memory leak
2006-07-03 08:34:34 +00:00
Andreas Steffen
971218c3ae
support of cert payloads
2006-07-03 06:27:45 +00:00
Andreas Steffen
1d390631d7
lowercase log entries
2006-07-03 06:26:06 +00:00
Martin Willi
2f89902d07
applied new changes from NATT team
...
DPD only done when no IPsec and IKE traffic processed
minor changes here and there
2006-06-23 14:02:30 +00:00
Martin Willi
1396815afb
first merge of NATT code
2006-06-22 06:36:28 +00:00
Martin Willi
5c6b5bf599
fixed bug: usage of already freed mem
2006-06-20 09:53:25 +00:00
Martin Willi
b965b8456b
fixed SPI when acting as initiator of rekeying
2006-06-19 09:27:14 +00:00
Martin Willi
c65a4fff3f
fixed SPI when rekeying and deleting CHILD_SAs
2006-06-19 08:54:19 +00:00
Martin Willi
891dfaf983
change key derivation order to fullfill RFC
2006-06-19 08:11:42 +00:00
Martin Willi
f7eb60dd5e
2006-06-16 14:10:49 +00:00
Martin Willi
147fe5095d
fixed aes code, we support now aes128, aes192, aes256 in IKE
2006-06-15 13:14:09 +00:00
Martin Willi
c095388f7f
added support for "ike" and "esp" keywords
...
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes
2006-06-15 11:09:11 +00:00
Martin Willi
3efbf98312
implemented clean spi allocation behavior when using multiple proposals
2006-06-15 11:06:22 +00:00
Martin Willi
fa32cd3c47
debug and logging improvements
2006-06-13 10:01:04 +00:00
Martin Willi
50f98119dd
using same reqid if a child sa rekeys an existing one
2006-06-12 08:36:41 +00:00
Andreas Steffen
c4a7413e72
cosmetics
2006-06-12 07:55:37 +00:00
Martin Willi
a2a3fb3e25
workaround for peers rekeying at the same time
...
loading lifetime policies from ipsec.conf
2006-06-12 07:33:20 +00:00
Martin Willi
695723d4e8
old child_sa gets deleted after rekeying
...
rekeying almost complete, but:
IKE_SA get in an invalid state when both initiate rekeying at the same time,
2006-06-09 15:12:43 +00:00
Martin Willi
b543bef50c
improved kernel interface logging
2006-06-09 08:41:41 +00:00
Martin Willi
5c131a016b
specifying keysize in bits, as it is required in IKEv2
...
added generic kernel SA algorithm handling, which brings us:
aes-128, aes-256, blowfish, des, 3des and null encryption for CHILD_SAs
2006-06-09 07:31:30 +00:00
Martin Willi
5238c9afef
fixed compile warnings when using -Wall
...
further CHILD_SA rekeying work done:
creation of a new CHILD_SA on a expire from a kernel works
delete of old CHILD_SA still missing
some issues when both initiate rekeing
2006-06-08 14:20:05 +00:00
Martin Willi
8d77eddec2
further work for rekeying:
...
get liftimes from policy
added new state
initiation of rekeying done
proposal redone:
removed support for AH+ESP proposals
2006-06-07 13:26:23 +00:00
Martin Willi
6a030ba9ea
fixed a memleak
2006-06-07 05:54:09 +00:00
Martin Willi
32b6500fbf
job management:
...
moved job code from thread_pool to job, jobs have an "execute" method now
added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
listens now for ACQUIRE & EXPIRE
supports hard and soft lifetimes
fires jobs for delete and rekey child sa
ike sa manager:
can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
2006-05-31 14:23:15 +00:00
Martin Willi
6f2aba1322
- fixed some memleaks/freebugs
...
- leak detective works almost usable now (?!)
2006-05-31 14:13:26 +00:00
Martin Willi
bd72398729
- fixed host-host tunnel traffic selection, host-host works now
2006-05-31 06:52:27 +00:00
Andreas Steffen
9db4f61476
cosmetics in log_status output
2006-05-30 11:07:14 +00:00
Andreas Steffen
c11c43d2c3
use of streq
2006-05-30 11:03:55 +00:00
Andreas Steffen
510d54eb59
lookup of private key based on keyid of public key
2006-05-30 07:53:13 +00:00
Martin Willi
9fe14f4b8a
- policies contain a connections name now
...
- used for initiate and delete
- connections won't get initiated twice anymore
- deleting of connections is now possible, which allows us to use
ipsec update and ipsec reload
2006-05-29 11:09:45 +00:00
Andreas Steffen
f8be15f53b
changed to standard connection log output
2006-05-29 07:11:50 +00:00
Martin Willi
65996a534d
- some logging improvements and cosmetics
2006-05-24 11:59:58 +00:00
Martin Willi
3a13a78084
- handle IKE_SA setup without a piggy-packed CHILD_SA
...
more IKEv2 conform
2006-05-24 09:05:21 +00:00
Martin Willi
b82908b8b5
- initiate IKE_SA deletion befor manager destruction
2006-05-24 09:02:39 +00:00
Martin Willi
8b5be79d83
- show connection templates in status & statusall
...
- don't complain on termination of IKEv1 connections
2006-05-23 13:25:57 +00:00
Martin Willi
4a5bba25e2
- reimplemented proper IKE SA deletion using a seperate state,
...
should conform now to IKEv2
2006-05-23 08:01:49 +00:00
Martin Willi
7881ac141e
- applied patch from the NAT-T team fixing several typos
2006-05-19 06:46:22 +00:00
Martin Willi
b5e1560659
- applied andreas's patch
...
- logger output improvements
- testin gupdates
- and a lot more
2006-05-18 06:02:28 +00:00
Martin Willi
f2c2d395ff
- introduced autotools
...
- first working version
- make dist should work
- things to do:
- UML testing!
- more cleanups
2006-05-16 14:24:03 +00:00
Martin Willi
b8577029d1
2006-05-10 08:02:49 +00:00