aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
| * swanctl: Register --version as last commandMartin Willi2014-05-071-1/+1
| |
| * swanctl: Support groups, certs and cacerts keywordsMartin Willi2014-05-071-0/+70
| |
| * swanctl: Load shared secrets from the swanctl.conf secrets sectionMartin Willi2014-05-071-1/+96
| |
| * swanctl: Load different private keys with load-credsMartin Willi2014-05-072-1/+197
| |
| * swanctl: Add a command to (re-)load credentialsMartin Willi2014-05-073-0/+197
| |
| * swanctl: Use a ./configure-able swanctl base directoryMartin Willi2014-05-074-6/+35
| |
| * swanctl: After loading connections, unload those that are not in config anymoreMartin Willi2014-05-071-7/+114
| |
| * swanctl: Implement a load-conn command to load connections from a fileMartin Willi2014-05-072-0/+229
| |
| * swanctl: Implement a list-pols command to query trap/shunt policiesMartin Willi2014-05-072-0/+205
| |
| * swanctl: Implement install/uninstall commands to manage shunt/trap policiesMartin Willi2014-05-072-0/+121
| |
| * swanctl: Add a version command to query daemon and OS infoMartin Willi2014-05-072-0/+82
| |
| * swanctl: Add a terminate commandMartin Willi2014-05-072-0/+154
| |
| * swanctl: Add a subcommand to initiate connections by nameMartin Willi2014-05-072-0/+129
| |
| * swanctl: Add a list-sas command to query active IKE_SAsMartin Willi2014-05-072-0/+360
| |
| * swanctl: Add a stub for a vici based configuration and control utilityMartin Willi2014-05-078-0/+496
| |
| * libcharon: Execute scripts defined in strongswan.conf during startup/shutdownMartin Willi2014-05-071-0/+52
|/
* Merge branch 'vici'Martin Willi2014-05-0742-6/+10401
|\ | | | | | | | | | | Introduces the vici plugin providing a Versatile IKE Configuration Interface to configure, monitor and control the IKE daemon charon over a stable IPC socket interface.
| * NEWS: Add vici plugin newsMartin Willi2014-05-071-0/+6
| |
| * vici: Check if header has been received before processing an empty messageMartin Willi2014-05-071-1/+2
| | | | | | | | | | | | If do_read() returns with EWOULDBLOCK, we must ensure that we actually have processed the full length header before checking the zero-initialized buffer length.
| * vici: Properly filter by CHILD_SA name while undoing start actionsMartin Willi2014-05-071-2/+5
| |
| * vici: Fallback to socket listening port if no explicit local port specifiedMartin Willi2014-05-071-1/+4
| |
| * vici: Support a "mtu" value for the tfc_padding optionMartin Willi2014-05-071-2/+16
| |
| * vici: Handle the "trap" action as an alias for "route"Martin Willi2014-05-071-0/+1
| |
| * vici: Document errno values to expect from libvici APIMartin Willi2014-05-072-9/+24
| |
| * vici: Log owners of a just loaded shared-secretMartin Willi2014-05-071-2/+18
| |
| * vici: Handle "xauth" as an alias for "eap" secretsMartin Willi2014-05-071-1/+1
| |
| * vici: Return number of matching and closed SAs in terminate commandMartin Willi2014-05-071-9/+12
| |
| * vici: Complete libvici doxygen commentsMartin Willi2014-05-071-2/+17
| |
| * vici: Ensure we have no active users before mangling event client registrationsMartin Willi2014-05-071-13/+35
| |
| * vici: Properly skip raise_event() for unknown event namesMartin Willi2014-05-071-13/+13
| |
| * vici: Increase vici message length header from 16 to 32 bitsMartin Willi2014-05-075-24/+43
| | | | | | | | | | | | | | | | | | While we currently have no need for messages larger than 65KB, we should design the protocol to be future-proof, as we plan to keep at least to lowest protocol layer stable. To avoid any allocation issues, we currently keep the message size limit at 512KB.
| * vici: Document strongswan.conf optionsMartin Willi2014-05-072-0/+3
| |
| * vici: Have an explicit "relaxed" keyword for the default revocation policyMartin Willi2014-05-071-1/+5
| |
| * vici: Use a default child rekey time of 1 hourMartin Willi2014-05-071-0/+6
| |
| * vici: Use a default IKE rekey time of 4 hoursMartin Willi2014-05-071-0/+6
| |
| * vici: Add low-level IPC protocol descriptionMartin Willi2014-05-072-0/+179
| |
| * vici: Fix descending into non-matching sections during key findMartin Willi2014-05-071-1/+1
| |
| * vici: Add an IKE virtual IP and attribute backendMartin Willi2014-05-074-0/+781
| |
| * vici: Support referencing external named pools for peer configsMartin Willi2014-05-071-0/+14
| |
| * vici: Actually add configured virtual IPs to peer configMartin Willi2014-05-071-0/+5
| |
| * vici: Use a default rand_time of the difference between hard and soft lifetimesMartin Willi2014-05-071-0/+26
| |
| * vici: Use a default hard lifetime of 110% of the soft lifetimeMartin Willi2014-05-071-0/+37
| |
| * vici: Make unit-tests independent from libcharon and libhydraMartin Willi2014-05-073-11/+1
| | | | | | | | Fixes monolithic build, as we can't depend on the not yet built libcharon.
| * vici: Don't compare unsigned certificate_type_t to -1Martin Willi2014-05-071-1/+1
| |
| * vici: Use non-blocking first read when receiving message during client on_read()Martin Willi2014-05-071-1/+15
| | | | | | | | | | | | As select() and finally the watcher may signal an FD even if it does not actually have data, we must make a non-block read to avoid hanging in the read callback.
| * vici: Perform specified start_action on connection load, undo it on unloadMartin Willi2014-05-071-2/+185
| |
| * vici: Add a generic log event to raise events for log messagesMartin Willi2014-05-074-0/+195
| |
| * vici: Be less verbose about client connectionsMartin Willi2014-05-072-5/+31
| | | | | | | | Instead, log the explicit commands at a higher level.
| * vici: Add a list-certs command to query different certificate typesMartin Willi2014-05-071-0/+102
| |
| * vici: Support pinning end entity and CA certificates to connectionsMartin Willi2014-05-072-0/+62
| |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 03:15:19 +0000