stroke: Add an option to disable side-swapping of configuration options

In some scenarios it might be preferred to ensure left is always local and no unintended swaps occur.
author: Tobias Brunner <tobias@strongswan.org> 2015-08-03 19:26:54 +0200
committer: Tobias Brunner <tobias@strongswan.org> 2015-08-21 18:19:26 +0200
commit: 8212f3d9a4ed356998efeace3952d0188d3ed4ba (patch)
tree: c8f1b0ef24e6bdce279513d02283f18bab6e14a6 /conf
parent: a5c07be0589af9dd65150d20fa421bcd017b85e9 (diff)
download: strongswan-8212f3d9a4ed356998efeace3952d0188d3ed4ba.tar.bz2
strongswan-8212f3d9a4ed356998efeace3952d0188d3ed4ba.tar.xz
1 files changed, 5 insertions, 0 deletions
diff --git a/conf/plugins/stroke.opt b/conf/plugins/stroke.opt
index 4b49b1f04..ad5e62dc4 100644
--- a/conf/plugins/stroke.opt
+++ b/conf/plugins/stroke.opt
@@ -1,3 +1,8 @@
+charon.plugins.stroke.allow_swap = yes
+	Analyze addresses/hostnames in _left|right_ to detect which side is local
+	and swap configuration options if necessary. If disabled _left_ is always
+	_local_.
+
 charon.plugins.stroke.ignore_missing_ca_basic_constraint = no
 	Treat certificates in ipsec.d/cacerts and ipsec.conf ca sections as CA
 	certificates even if they don't contain a CA basic constraint.
author	Tobias Brunner <tobias@strongswan.org>	2015-08-03 19:26:54 +0200
committer	Tobias Brunner <tobias@strongswan.org>	2015-08-21 18:19:26 +0200
commit	8212f3d9a4ed356998efeace3952d0188d3ed4ba (patch)
tree	c8f1b0ef24e6bdce279513d02283f18bab6e14a6 /conf
parent	a5c07be0589af9dd65150d20fa421bcd017b85e9 (diff)
download	strongswan-8212f3d9a4ed356998efeace3952d0188d3ed4ba.tar.bz2 strongswan-8212f3d9a4ed356998efeace3952d0188d3ed4ba.tar.xz