aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/stroke/stroke_list.c
Commit message (Collapse)AuthorAgeFilesLines
* linked-list: Change return value of find_first() and signature of its callbackTobias Brunner2017-05-261-2/+1
| | | | This avoids the unportable five pointer hack.
* child-cfg: Use flags for boolean optionsTobias Brunner2017-05-231-1/+1
| | | | Makes it potentially easier to add new flags.
* shunt-manager: Add an optional namespace for each shuntTobias Brunner2017-02-161-1/+1
| | | | | This will allow us to reuse the names of child configs e.g. when they are defined in different connections.
* xof: Defined Extended Output FunctionsAndreas Steffen2016-07-291-0/+9
|
* Use standard unsigned integer typesAndreas Steffen2016-03-241-5/+5
|
* stroke: Correctly print IKE SPIs stored in network orderTobias Brunner2016-03-041-2/+4
|
* libhydra: Move kernel interface to libcharonTobias Brunner2016-03-031-3/+2
| | | | This moves hydra->kernel_interface to charon->kernel.
* stroke: List DH groups for CHILD_SA proposalsTobias Brunner2015-12-211-23/+19
| | | | Closes strongswan/strongswan#23.
* Refactored certificate management for the vici and stroke interfaces5.4.0dr1Andreas Steffen2015-12-121-128/+29
|
* Standardized printing of certificate informationAndreas Steffen2015-12-111-445/+68
| | | | | | | The certificate_printer class allows the printing of certificate information to a text file (usually stdout). This class is used by the pki --print and swanctl --list-certs commands as well as by the stroke plugin.
* traffic-selector: Don't end printf'ed list of traffic selectors with a spaceTobias Brunner2015-11-101-3/+3
|
* ike: Only consider number of half-open SAs as responder when deciding ↵Tobias Brunner2015-08-271-1/+1
| | | | whether COOKIEs are sent
* child-sa: Add a new state to track rekeyed IKEv1 CHILD_SAsTobias Brunner2015-03-251-1/+2
| | | | | | This is needed to handle DELETEs properly, which was previously done via CHILD_REKEYING, which we don't use anymore since 5c6a62ceb6 as it prevents reauthentication.
* stroke: Use %u to print stats returned by mallinfo(3)Tobias Brunner2015-03-131-1/+1
| | | | References #886.
* stroke: List CHILD_SA unique ID as the primary identifier, but print reqid, tooMartin Willi2015-02-201-5/+6
|
* stroke: Fix memory leak when printing unknown AC group OIDsTobias Brunner2014-04-091-0/+1
|
* x509: Replace fixed acert group string getter by a more dynamic group enumeratorMartin Willi2014-03-311-16/+68
|
* stroke: List proposals in statusall without leading '/' in AH SAsMartin Willi2013-10-111-1/+7
|
* ike: support multiple addresses, ranges and subnets in IKE address configMartin Willi2013-09-041-3/+2
| | | | | | | Replace the allowany semantic by a more powerful subnet and IP range matching. Multiple addresses, DNS names, subnets and ranges can be specified in a comma separated list. Initiators ignore the ranges/subnets, responders match configurations against all addresses, ranges and subnets.
* ike-cfg: remove the to be obsoleted allow any parameter in get_my/other_addrMartin Willi2013-09-041-4/+2
|
* stroke: stop enumerating IKE_SAs in statusall if output stream gets closedMartin Willi2013-08-231-1/+1
| | | | | | | If the output stream is not interested in more information, it can close the the stream. Checking for stream errors avoids useless enumeration of IKE_SAs, saving resources. This allows to use "ipsec statusall | head" to monitor the daemon, or stop enumerating IKE_SAs after a specific entry has been found.
* child-sa: replace get_traffic_selectors() with create_ts_enumerator()Martin Willi2013-07-171-3/+10
| | | | | Not directly returning a linked list allows us to change the internals of the CHILD_SA transparently.
* Refactored plugin-loader with improved dependency resolutionTobias Brunner2013-06-111-0/+1
| | | | | | With the new implementation the plugins don't have to be listed in any special order, dependencies are properly resolved. The order only matters if two plugins provide the same feature.
* enforce singular of packetsAndreas Steffen2013-03-221-4/+6
|
* Algorithms are not really specific to an IKE versionTobias Brunner2013-03-181-1/+1
| | | | | | But not all of them can be used with IKEv1. Fixes #314.
* Report the number of processed packets in "ipsec statusall"Martin Willi2013-03-141-5/+9
|
* child_sa_t.get_usestats() can additionally return the number of processed ↵Martin Willi2013-03-141-3/+2
| | | | packets
* Moved data structures to new collections subfolderTobias Brunner2012-10-241-1/+1
|
* Made IP address enumeration more flexibleTobias Brunner2012-09-211-1/+1
| | | | Also added an option to enumerate addresses on ignored interfaces.
* Don't ignore loopback devices and allow addresses on them being enumeratedTobias Brunner2012-09-211-1/+1
|
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-261-2/+7
|
* Show some uname() info in "ipsec statusall"Martin Willi2012-06-281-3/+10
|
* Show remote EAP/XAuth identity in "statusall" on a separate lineMartin Willi2012-06-271-1/+12
|
* Show EAP/XAuth identity in "ipsec status", if availableMartin Willi2012-06-251-1/+1
|
* Show what kind of *Swan we run in "ipsec status"Martin Willi2012-06-141-3/+16
|
* implemented the right|leftallowany featureAndreas Steffen2012-06-081-3/+9
|
* Show expiration time of rekeyed CHILD_SAs in statusallMartin Willi2012-06-051-1/+6
|
* list IKEv1 Aggressive Mode in ipsec statusallAndreas Steffen2012-05-231-2/+9
|
* List registered nonce generators in statusall output.Tobias Brunner2012-05-181-2/+18
|
* display (soft) same as (not loaded)Andreas Steffen2012-05-031-1/+1
|
* charon is now an IKE daemonAndreas Steffen2012-05-031-1/+1
|
* Merge branch 'ikev1'Martin Willi2012-05-021-17/+26
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
| * Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-17/+26
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| | * Accept NULL auth_cfg_t passed to credential_manager_t.get_private()Martin Willi2012-03-201-4/+1
| | |
| | * Show IKE version in ipsec statusallMartin Willi2012-03-201-1/+2
| | |
| | * Pass IKE version to peer config enumerator, filter configsMartin Willi2012-03-201-3/+4
| | |
| | * Added support for iKEIntermediate X.509 extended key usage flag.Tobias Brunner2012-03-201-2/+2
| | | | | | | | | | | | Mac OS X requires server certificates to have this flag set.
| | * Be a little more verbose about XAuth configs in ipsec statusallMartin Willi2012-03-201-5/+16
| | |
| | * Do not ignore configs for IKEv1 in charon anymoreMartin Willi2012-03-201-2/+1
| | |
| | * Use enum to define IKE version on peer_cfg_t.Tobias Brunner2012-03-201-1/+1
| | | | | | | | | | | | Replaced all those magic numbers.
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-29 13:10:53 +0000