aboutsummaryrefslogtreecommitdiffstats
path: root/src/charon-nm
Commit message (Collapse)AuthorAgeFilesLines
* plugin-loader: Support a reload() callback for static featuresMartin Willi2014-09-221-1/+1
|
* ike: Add an additional but separate AEAD proposal to CHILD configMartin Willi2014-05-161-0/+1
| | | | | | | This currently has no effect: We don't include AEAD algorithms in the default ESP proposal, as we don't know if it is supported by the backend. But as we hopefully get an algorithm query mechanism on kernel interfaces some day, we add the appropriate functionality nonetheless.
* ike: Add an additional but separate AEAD proposal to IKE config, if supportedMartin Willi2014-05-161-0/+1
|
* nm: Fix NULL-pointer dereference when handling TUN device failureTobias Brunner2014-04-091-1/+0
|
* charon-nm: No additional secrets are required once a password has been enteredTobias Brunner2014-03-181-0/+4
| | | | | | | Recent versions of NM will call need_secrets() as long as it returns TRUE, but then fail as the number of calls is limited by an assert. Fixes #547.
* libcharon: Remove unused charon->nameTobias Brunner2014-02-121-1/+1
|
* libhydra: Remove unused hydra->daemonTobias Brunner2014-02-121-1/+1
|
* lib: Add global config namespaceTobias Brunner2014-02-121-1/+1
|
* agent: Keep CAP_DAC_OVERRIDE to connect to ssh-agent socketTobias Brunner2014-01-231-12/+0
| | | | This is also required if charon-cmd is used with capability dropping.
* nm: Handle PSK option in NM backendTobias Brunner2013-11-271-4/+12
|
* ike: support multiple addresses, ranges and subnets in IKE address configMartin Willi2013-09-041-2/+2
| | | | | | | Replace the allowany semantic by a more powerful subnet and IP range matching. Multiple addresses, DNS names, subnets and ranges can be specified in a comma separated list. Initiators ignore the ranges/subnets, responders match configurations against all addresses, ranges and subnets.
* peer-cfg: add a pull/push mode option to use with mode configMartin Willi2013-09-041-1/+1
|
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-9/+9
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* nm: omit deprecated g_type_init() when using >= GLIB 2.36Martin Willi2013-07-181-0/+2
|
* capabilities: Make the user and group charon(-nm) changes to configurableTobias Brunner2013-06-251-6/+19
|
* capabilities: Move global capabilities_t instance to libstrongswanTobias Brunner2013-06-252-4/+4
|
* capabilities: Ensure required capabilities are actually held by the process/userTobias Brunner2013-06-251-1/+6
|
* plugin-loader: Add method to print loaded plugins on a given log levelTobias Brunner2013-06-211-0/+1
|
* charon-nm: Add dependencies to CERT_DECODE and PRIVKEY plugin featuresTobias Brunner2013-03-191-0/+4
| | | | | | This ensures the NM-specific credential set is unloaded before any implementation of certificate/key objects, which causes a segmentation fault during shutdown.
* charon-nm: Prevent NM from changing the default routeTobias Brunner2013-03-191-0/+8
| | | | | | This is not required as we install our own (narrow) route(s) in our own routing table. This should allow split tunneling if configured on the gateway.
* charon-nm: Use VIP (if any) as local addressTobias Brunner2013-03-191-1/+10
| | | | NM will install this address on the provided device.
* charon-nm: Pass a dummy TUN device to NetworkManagerTobias Brunner2013-03-191-5/+37
| | | | | | NetworkManager modifies the addresses etc. on this interface so using "lo" is not optimal. With the dummy interface NM is free to do its thing.
* charon-nm: Fix NM plugin utility macrosTobias Brunner2013-03-191-3/+3
|
* Add a DSCP configuration value to IKE configsMartin Willi2013-02-061-2/+1
|
* g_thread_init() is deprecated since Glib 2.23Tobias Brunner2013-01-241-0/+3
|
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-1/+2
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-1/+1
|
* Moved host_t and host_resolver_t to a new networking subfolderTobias Brunner2012-10-241-1/+1
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-241-1/+1
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-241-1/+1
|
* Reload logger configuration on SIGHUPTobias Brunner2012-10-181-23/+5
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Make syslog and file loggers configurable at runtimeTobias Brunner2012-10-181-1/+1
|
* Make streq() and strcaseeq() static inline functions so they can be used as ↵Tobias Brunner2012-09-211-1/+1
| | | | callbacks
* Use random ports in NetworkManager backendTobias Brunner2012-09-181-0/+4
|
* Use AUTH_RULE_IDENTITY_LOOSE in NetworkManager backendTobias Brunner2012-09-181-1/+3
|
* Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-301-7/+9
|
* Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-1/+1
|
* Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-1/+4
|
* Replaced usages of CHARON_*_PORT with calls to get_port().Tobias Brunner2012-08-081-1/+2
|
* Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-081-1/+1
| | | | configurable.
* Proper fallback if capability dropping is not availableTobias Brunner2012-07-271-0/+2
|
* Refactored heavily #ifdefd capability code to its own libstrongswan classMartin Willi2012-07-042-55/+7
|
* Add charon-nm to .gitignoreMartin Willi2012-07-031-0/+1
|
* Pass "lo" as faked tundev to NM, as it now needs a valid interface since 0.9Martin Willi2012-06-291-3/+4
|
* Use static plugin features in libcharon to define essential dependenciesTobias Brunner2012-06-271-0/+1
|
* Use static plugin features in charon-nmTobias Brunner2012-06-273-22/+37
|
* Centralized thread cancellation in processor_tTobias Brunner2012-06-251-10/+18
| | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation.
* implemented the right|leftallowany featureAndreas Steffen2012-06-081-2/+2
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+2
|
* Store the name of the binary using libcharon to enable specific settings.Tobias Brunner2012-05-031-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 01:07:33 +0000