aboutsummaryrefslogtreecommitdiffstats
path: root/conf
Commit message (Collapse)AuthorAgeFilesLines
* ext-auth: Add an ext-auth plugin invoking an external authorization scriptMartin Willi2014-10-062-0/+16
| | | | Original patch courtesy of Vyronas Tsingaras.
* starter: Allow specifying the ipsec.conf location in strongswan.confShea Levy2014-10-021-0/+3
|
* stroke: Allow specifying the ipsec.secrets location in strongswan.confShea Levy2014-10-021-0/+3
|
* Don't fail to install if sysconfdir isn't writableShea Levy2014-09-261-3/+3
|
* systemd: Add a native systemd journal loggerMartin Willi2014-09-222-0/+14
|
* kernel-netlink: Optionally install protocol and ports on transport mode SAsTobias Brunner2014-09-121-0/+9
|
* kernel-netlink: Add global option to configure MSS-clamping on installed routesTobias Brunner2014-09-121-0/+3
|
* kernel-netlink: Add global option to set MTU on installed routesTobias Brunner2014-09-121-0/+3
|
* conf: Document load-tester.crl optionTobias Brunner2014-06-301-0/+4
|
* conf: Document charon.*-scripts optionsTobias Brunner2014-06-301-0/+8
|
* conf: Document swanctl optionsTobias Brunner2014-06-302-0/+3
|
* conf: Document aikgen optionsTobias Brunner2014-06-302-0/+3
|
* autoconf: Replace --disable-tools option with --disable-scepclientTobias Brunner2014-06-302-3/+3
| | | | | Since using a separate option for pki this was the only tool that was still enabled by that option.
* Remove kernel-klips pluginTobias Brunner2014-06-192-6/+0
|
* kernel-netlink: Follow RFC 6724 when selecting IPv6 source addressesTobias Brunner2014-06-191-0/+4
| | | | | | | | Instead of using the first address we find on an interface we should consider properties like an address' scope or whether it is temporary or public. Fixes #543.
* Fixed typo in strongswan.confAndreas Steffen2014-06-051-1/+1
|
* configure: Separate pki from --disable-toolsMartin Willi2014-06-043-3/+3
| | | | While pki builds and runs just fine on Windows, this is not true for scepclient.
* Updated IMC/IMV entries in strongswan.conf man pageAndreas Steffen2014-05-3111-35/+41
|
* conf: Fix sorting of options with Python 3Tobias Brunner2014-05-131-2/+2
| | | | | | __cmp__() is not supported anymore with Python 3 and cmp() is deprecated. Instead rich comparisons should be used (only __lt__() is required for sorting).
* conf: print is a function in Python 3Tobias Brunner2014-05-131-13/+13
|
* Implemented PT-EAP protocol (RFC 7171)Andreas Steffen2014-05-122-1/+4
|
* Changed default value to libimcv.imc-attestation.pcr_info = noAndreas Steffen2014-05-101-1/+1
|
* conf: Add a format-options --nosort option to keep order of sections as definedMartin Willi2014-05-071-4/+10
|
* conf: Properly propagate whether a section is commented or notTobias Brunner2014-05-071-3/+4
|
* vici: Document strongswan.conf optionsMartin Willi2014-05-072-0/+3
|
* ikev1: Add an option to accept unencrypted ID/HASH payloadsMartin Willi2014-04-171-0/+15
| | | | | | | | | Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in unencrypted form, probably to allow PSK lookup based on the ID payloads. We by default reject that, but accept it if the charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf. Initial patch courtesy of Paul Stewart.
* Use python-based swidGenerator to generated SWID tagsAndreas Steffen2014-04-151-0/+9
|
* Renamed the AIK public key parameter to imc-attestation.aik_pubkeyAndreas Steffen2014-04-151-1/+1
|
* Implemented configurable Device ID in OS IMCAndreas Steffen2014-04-151-0/+12
|
* eap-radius: Add option to not close IKE_SAs on timeouts during interim ↵Tobias Brunner2014-03-311-0/+4
| | | | | | accouting updates Fixes #528.
* conf: Order settings in man page alphabeticallyTobias Brunner2014-03-311-5/+4
| | | | | For the config snippets the options are now explicitly ordered before subsections.
* openac: Remove obsolete openac utilityMartin Willi2014-03-311-3/+0
| | | | The same functionality is now provided by the pki --acert subcommand.
* Disable mandatory ECP support for attestionAndreas Steffen2014-03-072-1/+7
|
* conf: Fix out-of-tree build from distributionTobias Brunner2014-02-271-6/+3
| | | | | | It worked from the repository, where strongswan.conf.5.main is generated in the build dir, but not from the distribution where it is located in the source dir, so explicitly create it in the source dir.
* conf: Ignore generated strongswan.conf.5.mainTobias Brunner2014-02-181-1/+2
|
* conf: Fix installation on FreeBSDTobias Brunner2014-02-131-2/+2
| | | | Apparently, the -t option for install is not portable.
* conf: The use of $^ is not portableTobias Brunner2014-02-131-3/+6
| | | | | Generating strongswan.conf.5.main in a subshell gets the file properly written to the builddir in out-of-tree builds.
* conf: Install config files world-readable but warn about permissions for ↵Tobias Brunner2014-02-1212-15/+28
| | | | certain options
* conf: Document variables and config files/dirsTobias Brunner2014-02-121-2/+22
|
* conf: Only install config snippets for enabled componentsTobias Brunner2014-02-121-2/+3
|
* conf: Document options of other programsTobias Brunner2014-02-126-1/+68
|
* conf: Document options of plugins in libptsTobias Brunner2014-02-125-0/+57
|
* conf: Document libimcv optionsTobias Brunner2014-02-129-0/+64
|
* conf: Document libtnccs optionsTobias Brunner2014-02-126-1/+25
|
* conf: Create automatically generated config snippets in build dirTobias Brunner2014-02-121-3/+8
|
* conf: Install config snippets in /usr/share/strongswan/templates/config tooTobias Brunner2014-02-121-0/+7
|
* conf: Only install config snippets if they don't exist yetTobias Brunner2014-02-121-7/+13
|
* conf: Move load-tester options to plugin specific fileTobias Brunner2014-02-122-130/+133
|
* conf: Options of all plugins documentedTobias Brunner2014-02-1249-31/+574
| | | | Some options are still missing descriptions though.
* conf: Add logger example configTobias Brunner2014-02-124-50/+66
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-08 03:25:18 +0000