aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/stroke/stroke_config.c
Commit message (Collapse)AuthorAgeFilesLines
...
* Add IKE version information to ike_cfg_tMartin Willi2012-10-241-1/+2
|
* Make it easy to check if an address is locally usable via changed ↵Tobias Brunner2012-09-211-15/+7
| | | | get_interface() method
* Make stroke user-creds work with XAuth configsTobias Brunner2012-09-181-9/+18
|
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-181-0/+10
|
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-0/+3
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Merge branch 'multi-vip'Martin Willi2012-08-311-47/+126
|\ | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers.
| * Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-301-53/+122
| |
| * Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-2/+8
| |
| * Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-1/+5
| |
* | Use eap_vendor_type_from_string() in strokeTobias Brunner2012-08-311-38/+7
|/
* Replaced usages of CHARON_*_PORT with calls to get_port().Tobias Brunner2012-08-081-1/+2
|
* Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-081-1/+4
| | | | configurable.
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-261-1/+8
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-261-3/+4
|
* Select requested virtual IP family based on remote TS, if no local TS availableMartin Willi2012-06-201-1/+12
|
* Added signature scheme options left/rightauthMartin Willi2012-06-121-11/+99
|
* implemented the right|leftallowany featureAndreas Steffen2012-06-081-4/+8
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+2
|
* Merge branch 'ikev1'Martin Willi2012-05-021-44/+19
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Added support for authby/xauth_server legacy optionsMartin Willi2012-03-201-42/+1
| |
| * Added a "aggressive" ipsec.conf connection optionMartin Willi2012-03-201-1/+1
| |
| * Added an aggressive mode peer_cfg optionMartin Willi2012-03-201-1/+1
| |
| * Support an "any" IKE version for both IKEv1 or IKEv2Martin Willi2012-03-201-1/+1
| |
| * Pass ipsec.conf xauth_identity option via stroke to charon configurationsMartin Willi2012-03-201-0/+5
| |
| * Accept a xauth backend name appended to left/rightauthMartin Willi2012-03-201-1/+8
| |
| * Use a second authentication config to configure XAUTH authenticationMartin Willi2012-03-201-6/+2
| |
| * Map auth_class to auth method and IKEv1 proposal attributeMartin Willi2012-03-201-0/+4
| |
| * IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle ↵Clavister OpenSource2012-03-201-0/+4
| | | | | | | | XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response.
| * Use enum to define IKE version on peer_cfg_t.Tobias Brunner2012-03-201-1/+1
| | | | | | | | Replaced all those magic numbers.
* | add AUTH_RULE_SUBJECT_CERT for raw public keys4.6.3Andreas Steffen2012-04-301-0/+4
| |
* | added support for raw RSA public keys to strokeAndreas Steffen2012-04-301-1/+9
| |
* | Removed auth_cfg_t.replace_value() and replaced usages with add().Tobias Brunner2012-04-181-5/+1
| | | | | | | | | | replace_value() was used to replace identities. Since for these the latest is now returned by get(), adding the new identity with add() is sufficient.
* | Store password with remote ID to tie it stronger to a specific connection.Tobias Brunner2012-04-181-12/+50
| |
* | Added stroke user-creds command, to set username/password for a connection.Tobias Brunner2012-04-171-0/+137
|/
* implemented PASS and DROP shunt policiesAndreas Steffen2011-06-281-0/+3
|
* Add a closeaction ipsec.conf keyword to configure close actionMartin Willi2011-06-071-17/+20
|
* put DN in double quotesAndreas Steffen2011-03-011-1/+1
|
* Added support for trustchain key strength checking to rightauth optionMartin Willi2011-01-071-2/+13
|
* Added a left/rightcertpolicy keyword to specify certificatePolicy requirementsMartin Willi2011-01-071-0/+14
|
* Added a tfc ipsec.conf keyword to control Traffic Flow ConfidentialityMartin Willi2010-12-201-1/+1
|
* Added a TFC padding option to child_cfgMartin Willi2010-12-201-1/+1
|
* Migrated stroke_config_t to INIT/METHOD macrosAndreas Steffen2010-11-271-41/+31
|
* Refer to kernel interface via hydra and not charon.Tobias Brunner2010-09-021-4/+5
|
* Load a left/rightcert2 for EAP-TLS even if no left/rightauth2 is definedMartin Willi2010-08-311-1/+10
|
* Added support for the ipsec.conf aaa_identity keywordMartin Willi2010-08-311-0/+5
|
* Moved credential manager to libstrongswanMartin Willi2010-07-131-2/+2
|
* configuration of different marks for inbound and outbound directionAndreas Steffen2010-07-091-4/+9
|
* Use the group constraint in a more generic fashion, not only for attribute ↵Martin Willi2010-07-051-4/+3
| | | | certificates
* support of xfrm marks for IKEv2Andreas Steffen2010-07-021-1/+5
|
* Add reqid field and getter function to child_cfg_t.Reto Buerki2010-05-041-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 03:04:23 +0000