Version bump to 5.9.7dr1
[strongswan.git] / src / libcharon /
2022-05-10 Tobias Brunneradopt-children-job: Avoid reordering CHILD_SAs
2022-05-10 Xiao Liangquick-mode: Remove outbound SA/policy of rekeyed CHILD_SA
2022-05-06 Tobias Brunnerkeymat_v2: Fix error message if KDF can't be created
2022-04-25 Tobias BrunnerUse mallinfo2() if available
2022-04-20 Tobias Brunnerikev2: Maintain labels during make-before-break reauthe...
2022-04-14 Tobias BrunnerMerge branch 'ikev2-kdf-modularization'
2022-04-14 Tobias Brunnerkeymat_v2: Use plugin-provided KDF_PRF to derive SKEYSEED
2022-04-14 Tobias Brunnerunit-tests: Hand out an actual shared secret and pubkey...
2022-04-14 Tobias Brunnerkeymat_v1: Derive CHILD_SA keys without using prf_plus_t
2022-04-14 Tobias Brunnerkeymat_v2: Use plugin-provided prf+ to derive keys
2022-04-14 Tobias Brunnerkeymat_v2: Refactor CHILD_SA key derivation so it only...
2022-04-14 Tobias Brunnerkeymat_v2: Refactor IKE key derivation so it only needs...
2022-04-14 Tobias Brunnervici: Report registered KDFs
2022-04-14 Tobias Brunnerstroke: List registered KDFs
2022-04-14 Tobias BrunnerMerge branch 'labeled-ipsec'
2022-04-14 Tobias Brunnervici: Add options to only return specific CHILD_SAs...
2022-04-14 Tobias Brunnervici: Report security label on CHILD_SA, policies and...
2022-04-14 Tobias Brunnervici: Make security labels and mode configurable
2022-04-14 Tobias Brunnerkernel-netlink: Forward labels from acquires
2022-04-14 Tobias Brunnertrap-manager: Add support to handle acquires with secur...
2022-04-14 Tobias Brunnerkernel-handler: Log security label received with acquire
2022-04-14 Tobias Brunnerkernel-interface: Optionally pass security label with...
2022-04-14 Tobias Brunnerike-sa: Accept optional security label when initiating...
2022-04-14 Tobias Brunnerchild-rekey: Maintain security label during rekeying
2022-04-14 Tobias Brunnerselinux: Add plugin to install trap policies with gener...
2022-04-14 Tobias Brunnerike-sa: Add helper to determine an IKE_SA's dynamic...
2022-04-14 Tobias Brunnertrap-manager: Add facility to install externally manage...
2022-04-14 Tobias Brunnerchild-sa: Allocate a new reqid if dynamic traffic selec...
2022-04-14 Tobias Brunnerkernel-netlink: Allow reqid updates for policies again
2022-04-14 Tobias Brunnerkernel-interface: Add support to change the reqid in...
2022-04-14 Tobias Brunnerkernel-wfp: Use new UDP ports in update_sa()
2022-04-14 Tobias Brunnerchild-sa: Support dynamically updating trap policies
2022-04-14 Tobias Brunnerchild-create: Add support to handle security labels
2022-04-14 Tobias Brunnerchild-create: Consider security label when comparing...
2022-04-14 Tobias Brunnerchild-sa: Add support for security labels
2022-04-14 Tobias Brunnerkernel-interface: Optionally consider security label...
2022-04-14 Tobias Brunnerpeer-cfg: Consider security labels when selecting child...
2022-04-14 Tobias Brunnerchild-cfg: Add method to select a security label
2022-04-14 Tobias Brunnerchild-cfg: Add optional security label and mode
2022-04-14 Tobias Brunnerkernel-netlink: Add support for optional security label...
2022-04-14 Tobias Brunnerencoding: Remove unused TS_TYPE and ADDRESS encodings
2022-04-14 Tobias Brunnerts-payload: Add support for TS of type TS_SECLABEL
2022-04-14 Tobias Brunnertraffic-selector-substructure: Add support for TS_SECLABEL
2022-04-14 Tobias Brunnertraffic-selector: Add TS_SECLABEL type
2022-04-14 Tobias Brunnervici: Make combination of 'trap' and 'start' configurable
2022-04-14 Tobias Brunnerike: Treat action_t as flags so 'start' and 'trap'...
2022-04-14 Tobias Brunnerenum: Allow specifying the name used when none of the...
2022-04-14 Tobias Brunnerchild-create: Abort initiating a duplicate CHILD_SA
2022-04-14 Tobias Brunnerchild-create: Just abort CREATE_CHILD_SA request if...
2022-04-14 Tobias Brunnerkernel-listener: Use a struct to pass data from acquires
2022-04-14 Tobias Brunnerkernel-netlink: Read protocol of acquire not from template
2022-04-14 Tobias Brunnerike-sa: Use a struct to pass optional arguments when...
2022-04-14 Tobias Brunnerike: Don't reset optional CHILD_SA properties when...
2022-04-14 Tobias Brunnerike: Track unprocessed initial IKE messages like half...
2022-04-14 Tobias Brunnerreceiver: Add per-IP cookie threshold
2022-04-14 Tobias Brunnerreceiver: Use a time based limit to switch COOKIE secrets
2022-03-15 Tobias BrunnerMerge branch 'pfkey-exclude-routes'
2022-03-15 Tobias Brunnerkernel-pfkey: Don't install exclude routes for locally...
2022-03-15 Tobias Brunnerkernel-pfkey: Only install exclude route if not routing...
2022-03-14 Leon Romanovskykernel-netlink: Remove unimplemented XFRM_OFFLOAD_IPV6...
2022-02-15 Tobias BrunnerMerge branch 'natd-fixes'
2022-02-15 Tobias Brunnerike-natd: Queue DPD after faking local NAT to check...
2022-02-15 Tobias Brunnerike-mobike: Make task a no-op if MOBIKE is not supported
2022-02-15 Tobias Brunnerike-natd: Fake NAT situation or disable NAT-D if source...
2022-02-15 Thomas Egererha: Streamline handling of conditions and extensions
2022-02-15 Tobias Brunnererror-notify: Handle missing alerts
2022-01-24 Martin Willisys-logger: Optionally support mapping strongSwan logle...
2022-01-24 Martin Williaddrblock: Allow limiting validation depth of issuer...
2022-01-20 Tobias Brunnereap-authenticator: Enforce failure if MSK generation...
2022-01-20 Tobias BrunnerFixed some typos, courtesy of codespell
2022-01-14 Tobias Brunnermessage: Add getter/setter for metadata handling
2021-12-01 Tobias Brunnerchild-rekey: Uninstall old outbound SA earlier on initi...
2021-11-23 Tobias Brunnervici: Fix check before applying identity to public...
2021-11-17 Tobias Brunnerfarp: Fix incompatible function types warning
2021-11-17 Tobias Brunnereap-radius: Fix incompatible function types warnings
2021-11-09 Tobias Brunnerkernel-pfroute: Set lower MTU on TUN devices
2021-11-03 Tobias Brunnerike: Fix length of vendor ID Cisco VPN 3000 client
2021-11-03 Volker Rümelinike: Fix prefix length and data of vendor ID Cisco...
2021-11-03 Volker Rümelinikev1: Fix prefix length of vendor ID Cisco Unity
2021-11-03 Volker Rümelinikev1: Fix prefix length of vendor ID MS NT5 ISAKMPOAKLEY
2021-10-04 Tobias Brunnerstroke: Clear ipsec.secrets file from memory
2021-10-04 Tobias Brunnervici: Clear all request messages in case they contain...
2021-10-04 Tobias Brunnervici: Clear cached strings in case the message containe...
2021-09-23 Tobias Brunnerkernel-pfkey: Wipe request/response messages when manag...
2021-09-20 Tobias Brunnerkeymat_v2: Properly wipe DH secret during IKE_SA rekeying
2021-09-09 Tobias Brunnervici: Update supported Python versions
2021-09-02 Noel Kuntzevici: Add DBG4 messages that print loaded shared keys...
2021-08-24 Tobias Brunnerike: Initiate new IKE_SA not until all children are...
2021-08-24 Tobias Brunnerikev2: Only request reauth during IKE_AUTH if active...
2021-08-24 Tobias Brunnerike-rekey: Respond with TEMPORARY_FAILURE while reauthe...
2021-08-24 Tobias Brunnerike: Don't rekey IKE_SA while reauthenticating
2021-08-24 Tobias Brunnerike-delete: Don't call reestablish() when reauthenticating
2021-08-23 Tobias BrunnerMerge branch 'swanctl-ssh-public-keys'
2021-08-23 Tobias Brunnervici: Use the more generic BUILD_BLOB to parse certific...
2021-08-11 Tobias Brunnerkernel-netlink: Initialize ifreq structs when detecting...
2021-07-06 Andreas Steffenvici: Suppress trailing nul character
2021-06-25 Tobias Brunnerkernel-netlink: Fix theoretical memory leak when parsin...
2021-06-25 Tobias BrunnerFixed some typos, courtesy of codespell
2021-06-21 Tobias Brunnerike-mobike: Force MOBIKE update after NAT mappings...
2021-06-21 Tobias Brunnerike-sa: Log IKE endpoint changes
next