aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * swanctl: Add a list-sas command to query active IKE_SAsMartin Willi2014-05-072-0/+360
| |
| * swanctl: Add a stub for a vici based configuration and control utilityMartin Willi2014-05-078-0/+496
| |
| * libcharon: Execute scripts defined in strongswan.conf during startup/shutdownMartin Willi2014-05-071-0/+52
|/
* Merge branch 'vici'Martin Willi2014-05-0742-6/+10401
|\ | | | | | | | | | | Introduces the vici plugin providing a Versatile IKE Configuration Interface to configure, monitor and control the IKE daemon charon over a stable IPC socket interface.
| * NEWS: Add vici plugin newsMartin Willi2014-05-071-0/+6
| |
| * vici: Check if header has been received before processing an empty messageMartin Willi2014-05-071-1/+2
| | | | | | | | | | | | If do_read() returns with EWOULDBLOCK, we must ensure that we actually have processed the full length header before checking the zero-initialized buffer length.
| * vici: Properly filter by CHILD_SA name while undoing start actionsMartin Willi2014-05-071-2/+5
| |
| * vici: Fallback to socket listening port if no explicit local port specifiedMartin Willi2014-05-071-1/+4
| |
| * vici: Support a "mtu" value for the tfc_padding optionMartin Willi2014-05-071-2/+16
| |
| * vici: Handle the "trap" action as an alias for "route"Martin Willi2014-05-071-0/+1
| |
| * vici: Document errno values to expect from libvici APIMartin Willi2014-05-072-9/+24
| |
| * vici: Log owners of a just loaded shared-secretMartin Willi2014-05-071-2/+18
| |
| * vici: Handle "xauth" as an alias for "eap" secretsMartin Willi2014-05-071-1/+1
| |
| * vici: Return number of matching and closed SAs in terminate commandMartin Willi2014-05-071-9/+12
| |
| * vici: Complete libvici doxygen commentsMartin Willi2014-05-071-2/+17
| |
| * vici: Ensure we have no active users before mangling event client registrationsMartin Willi2014-05-071-13/+35
| |
| * vici: Properly skip raise_event() for unknown event namesMartin Willi2014-05-071-13/+13
| |
| * vici: Increase vici message length header from 16 to 32 bitsMartin Willi2014-05-075-24/+43
| | | | | | | | | | | | | | | | | | While we currently have no need for messages larger than 65KB, we should design the protocol to be future-proof, as we plan to keep at least to lowest protocol layer stable. To avoid any allocation issues, we currently keep the message size limit at 512KB.
| * vici: Document strongswan.conf optionsMartin Willi2014-05-072-0/+3
| |
| * vici: Have an explicit "relaxed" keyword for the default revocation policyMartin Willi2014-05-071-1/+5
| |
| * vici: Use a default child rekey time of 1 hourMartin Willi2014-05-071-0/+6
| |
| * vici: Use a default IKE rekey time of 4 hoursMartin Willi2014-05-071-0/+6
| |
| * vici: Add low-level IPC protocol descriptionMartin Willi2014-05-072-0/+179
| |
| * vici: Fix descending into non-matching sections during key findMartin Willi2014-05-071-1/+1
| |
| * vici: Add an IKE virtual IP and attribute backendMartin Willi2014-05-074-0/+781
| |
| * vici: Support referencing external named pools for peer configsMartin Willi2014-05-071-0/+14
| |
| * vici: Actually add configured virtual IPs to peer configMartin Willi2014-05-071-0/+5
| |
| * vici: Use a default rand_time of the difference between hard and soft lifetimesMartin Willi2014-05-071-0/+26
| |
| * vici: Use a default hard lifetime of 110% of the soft lifetimeMartin Willi2014-05-071-0/+37
| |
| * vici: Make unit-tests independent from libcharon and libhydraMartin Willi2014-05-073-11/+1
| | | | | | | | Fixes monolithic build, as we can't depend on the not yet built libcharon.
| * vici: Don't compare unsigned certificate_type_t to -1Martin Willi2014-05-071-1/+1
| |
| * vici: Use non-blocking first read when receiving message during client on_read()Martin Willi2014-05-071-1/+15
| | | | | | | | | | | | As select() and finally the watcher may signal an FD even if it does not actually have data, we must make a non-block read to avoid hanging in the read callback.
| * vici: Perform specified start_action on connection load, undo it on unloadMartin Willi2014-05-071-2/+185
| |
| * vici: Add a generic log event to raise events for log messagesMartin Willi2014-05-074-0/+195
| |
| * vici: Be less verbose about client connectionsMartin Willi2014-05-072-5/+31
| | | | | | | | Instead, log the explicit commands at a higher level.
| * vici: Add a list-certs command to query different certificate typesMartin Willi2014-05-071-0/+102
| |
| * vici: Support pinning end entity and CA certificates to connectionsMartin Willi2014-05-072-0/+62
| |
| * vici: Support missing groups option in auth configMartin Willi2014-05-072-1/+36
| |
| * vici: Add a load-shared command to load shared IKE and EAP secretsMartin Willi2014-05-071-0/+68
| |
| * vici: Add a load-key command to load private keysMartin Willi2014-05-071-0/+50
| |
| * vici: Support loading of different certificate typesMartin Willi2014-05-071-0/+93
| |
| * vici: Add a credential backendMartin Willi2014-05-074-0/+159
| |
| * vici: Add a command listing all or specific loaded connections using eventsMartin Willi2014-05-071-0/+167
| |
| * vici: Add unload-conn and get-conns commands to manage loaded connectionsMartin Willi2014-05-071-0/+62
| |
| * vici: Make dispatcher a little more verboseMartin Willi2014-05-071-0/+10
| |
| * vici: Add backend providing in-memory connectionsMartin Willi2014-05-074-0/+1607
| |
| * vici: Add generic callback based vici message parsingMartin Willi2014-05-072-0/+139
| |
| * vici: Add a list-policy command to query trap and shunt policiesMartin Willi2014-05-071-0/+147
| |
| * vici: Add install/uninstall commands to manage trap and shunt policiesMartin Willi2014-05-071-0/+112
| |
| * vici: Extract CHILD_SA config lookup methodMartin Willi2014-05-071-14/+26
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 16:16:06 +0000