ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
944 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

21 Commits

Author SHA1 Message Date
Martin Willi fe04e93a8b implemented IKE_SA rekeying 
uses ikelifetime, rekeymargin and rekeyfuzz config settings
	no handling of simultaneus exchanges yet!
 2006-07-27 12:18:40 +00:00
Martin Willi 45f76a7ddd added possibility to route CHILD_SAs, without to set them up 
support for auto=route parameter
	support for ipsec route and ipsec unroute
	initiating of CHILD and/or IKE_SAs based on kernel acquires
 2006-07-21 13:31:53 +00:00
Martin Willi c0593835f4 reuse an existing IKE_SA to set up additional CHILD_SAs 2006-07-20 14:57:49 +00:00
Martin Willi 8dfbe71b34 introduced refcounting on policy and connections 
aren't stored in the IKE_SA anymore, they are queried on the fly
	are immutable now, allows it to share them
policy selection based on traffic selectors, leads to valid lookup results
	rekeying queries the policy based on its traffic selectors
 2006-07-20 10:09:32 +00:00
Martin Willi 92ee45a0ee cleanups in kernel interface code 
added proper traffic selector to string conversion
some cleanups here & there
 2006-07-18 12:53:54 +00:00
Martin Willi bcb95ced3d added CHILD_SA states, which allows us to detect further simultaneous transactions 
reimplemented the buggy message id handling
 2006-07-13 08:26:54 +00:00
Martin Willi abba7ecb9d further work done for simultaneous rekeying/delete 
still some cases which cause trouble
 2006-07-10 14:24:04 +00:00
Martin Willi c71d53ba4e updated copyright information 2006-07-07 08:49:06 +00:00
Martin Willi 698d774918 reimplemented CHILD_SA rekeying & delete 
no simultanous transaction with CHILD_SAs yet!
 2006-07-07 07:04:07 +00:00
Martin Willi 3dd3c5f39e redesigned IKE_SA using a transaction mechanism: 
removed old state machine
  reimplemented IKE_SA setup and delete
  implemented dead peer detection
  implemented keep-alives
  a lot of fixes
  no rekeying yet
 2006-07-05 10:53:20 +00:00
Martin Willi 2f89902d07 applied new changes from NATT team 
DPD only done when no IPsec and IKE traffic processed
	minor changes here and there
 2006-06-23 14:02:30 +00:00
Martin Willi 2891590b05 some message code cleanups 2006-06-23 14:00:15 +00:00
Martin Willi 1396815afb first merge of NATT code 2006-06-22 06:36:28 +00:00
Martin Willi 695723d4e8 old child_sa gets deleted after rekeying 
rekeying almost complete, but:
	IKE_SA get in an invalid state when both initiate rekeying at the same time,
 2006-06-09 15:12:43 +00:00
Martin Willi 5238c9afef fixed compile warnings when using -Wall 
further CHILD_SA rekeying work done:
	creation of a new CHILD_SA on a expire from a kernel works
	delete of old CHILD_SA still missing
	some issues when both initiate rekeing
 2006-06-08 14:20:05 +00:00
Martin Willi 8d77eddec2 further work for rekeying: 
get liftimes from policy
  added new state
  initiation of rekeying done
proposal redone:
  removed support for AH+ESP proposals
 2006-06-07 13:26:23 +00:00
Martin Willi 32b6500fbf job management: 
moved job code from thread_pool to job, jobs have an "execute" method now
  added two new jobs: delete_child_sa & rekey_child_sa
kernel interface:
  listens now for ACQUIRE & EXPIRE
  supports hard and soft lifetimes
  fires jobs for delete and rekey child sa
ike sa manager:
  can checkout IKE SAs by requid of owned CHILD SAs
we have now the infrastructure to do the rekeying... :-)
 2006-05-31 14:23:15 +00:00
Martin Willi 2d6c3bce06 2006-05-30 14:56:12 +00:00
Martin Willi b93782903f - fixed event queue for events >36min 2006-05-30 13:22:46 +00:00
Martin Willi f2c2d395ff - introduced autotools 
- first working version
  - make dist should work
  - things to do:
    - UML testing!
    - more cleanups
 2006-05-16 14:24:03 +00:00
Martin Willi b8577029d1 2006-05-10 08:02:49 +00:00