tteras/strongswan/src/libcharon/plugins, branch tteras-release

vici: add support for individual sa state changes

2017-11-20T08:45:02+00:00

Useful for monitoring and tracking full SA.

Signed-off-by: Timo Teräs

vici: send certificates for ike-sa events

2017-11-20T08:45:02+00:00

Signed-off-by: Timo Teräs

charon: add optional source and remote overrides for initiate

2017-11-20T08:45:02+00:00

This introduces support for specifying optional IKE SA specific
source and remote address for child sa initiation. This allows
to initiate wildcard connection for known address via vici.

In addition this allows impler implementation of trap-any patches
and is a prerequisite for dmvpn support.

Signed-off-by: Timo Teräs

Fixed some typos, courtesy of codespell

2017-11-15T09:21:13+00:00

unit-tests: Rename targets for libstrongswan and kernel-netlink

2017-11-09T08:11:42+00:00

libstrongswan and kernel-netlink are the only two components which do
not adhere to the naming scheme used for all other tests. If the tests
are run by an external application this imposes problems due to clashing
names.

Signed-off-by: Thomas Egerer

kernel-pfkey: Support anti-replay windows > 2k

2017-11-08T15:35:38+00:00

FreeBSD 11.1 supports a new extension to configure larger anti-replay
windows, now configured as number of packets.

Fixes #2461.

kernel-pfkey: Don't include keys in SADB_UPDATE message to update IPs on FreeBSD

2017-11-08T15:34:12+00:00

The FreeBSD kernel explicitly rejects messages containing keys for mature SAs.

Fixes #2457.

vici: Add 'get|reset-counters' commands

2017-11-08T15:28:28+00:00

counters: Move IKE event counter collection from stroke to a separate plugin

2017-11-08T15:28:28+00:00

systime-fix: Add timeout option to stop waiting for valid system time

2017-11-08T15:20:35+00:00

A certificate check is forced once the timeout is reached even if the
system time appears to be invalid.