aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/stroke
Commit message (Collapse)AuthorAgeFilesLines
...
* Add a stub for IKE event counters in strokeMartin Willi2012-10-244-0/+112
|
* Remove version argument on peer_cfg constructor, use ike_cfg version insteadMartin Willi2012-10-241-2/+1
|
* Add IKE version information to ike_cfg_tMartin Willi2012-10-241-1/+2
|
* Reload logger configuration on SIGHUPTobias Brunner2012-10-181-18/+1
| | | | | | Besides changing the configuration this allows to easily rotate log files. Also moved logger initialization back to daemon_t.
* Fix leak of PINs from ipsec.secretsMartin Willi2012-10-091-1/+2
|
* Make sure first argument is an int when using %.*s to print e.g. chunksTobias Brunner2012-09-281-1/+1
|
* Made IP address enumeration more flexibleTobias Brunner2012-09-211-1/+1
| | | | Also added an option to enumerate addresses on ignored interfaces.
* Make it easy to check if an address is locally usable via changed ↵Tobias Brunner2012-09-211-15/+7
| | | | get_interface() method
* Don't ignore loopback devices and allow addresses on them being enumeratedTobias Brunner2012-09-211-1/+1
|
* Make stroke user-creds work with XAuth configsTobias Brunner2012-09-181-9/+18
|
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-181-0/+10
|
* Check for an existing lease in all stroke pools before creating a new oneMartin Willi2012-09-111-7/+31
|
* Pass full pool list to release_addressMartin Willi2012-09-111-4/+16
|
* Pass the full list of pools to acquire_address, enumerate in providersMartin Willi2012-09-111-4/+16
| | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools.
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-0/+3
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Print the name of mem pools instead of the confusing <base>/<size>Tobias Brunner2012-09-101-2/+4
|
* Merge branch 'multi-vip'Martin Willi2012-08-319-115/+664
|\ | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers.
| * Pass all configured pool names to attribute provider enumeratorMartin Willi2012-08-301-2/+2
| |
| * Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-302-2/+3
| |
| * Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-305-100/+189
| |
| * Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-2/+8
| |
| * Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-302-22/+33
| |
| * Add a stroke attribute_handler requesting DNS servers given with leftdnsMartin Willi2012-08-214-0/+307
| |
| * Serve ipsec.conf rightdns servers through stroke attribute providerMartin Willi2012-08-211-10/+143
| |
| * Add a left/rightdns keyword to configure connection specific DNS attributesMartin Willi2012-08-211-0/+2
| |
* | Use eap_vendor_type_from_string() in strokeTobias Brunner2012-08-311-38/+7
|/
* Replaced usages of CHARON_*_PORT with calls to get_port().Tobias Brunner2012-08-081-1/+2
|
* Make the UDP ports charon listens for packets on (and uses as source ports) ↵Tobias Brunner2012-08-081-1/+4
| | | | configurable.
* Don't add ANY identity constraint to auth config, as XAuth rounds don't use oneMartin Willi2012-07-262-3/+15
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-262-3/+6
|
* Add a return value to hasher_t.allocate_hash()Martin Willi2012-07-161-3/+5
|
* Avoid that any % characters (e.g. in %any) are evaluated when logging via strokeTobias Brunner2012-07-121-1/+1
|
* Refactored heavily #ifdefd capability code to its own libstrongswan classMartin Willi2012-07-041-1/+2
|
* Show some uname() info in "ipsec statusall"Martin Willi2012-06-281-3/+10
|
* Show remote EAP/XAuth identity in "statusall" on a separate lineMartin Willi2012-06-271-1/+12
|
* Centralized thread cancellation in processor_tTobias Brunner2012-06-251-19/+7
| | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation.
* Show EAP/XAuth identity in "ipsec status", if availableMartin Willi2012-06-251-1/+1
|
* Select requested virtual IP family based on remote TS, if no local TS availableMartin Willi2012-06-201-1/+12
|
* Show what kind of *Swan we run in "ipsec status"Martin Willi2012-06-141-3/+16
|
* Added signature scheme options left/rightauthMartin Willi2012-06-121-11/+99
|
* certificate_t->issued_by takes an argument to receive signature schemeMartin Willi2012-06-121-1/+1
|
* implemented the right|leftallowany featureAndreas Steffen2012-06-082-7/+17
|
* Show expiration time of rekeyed CHILD_SAs in statusallMartin Willi2012-06-051-1/+6
|
* list IKEv1 Aggressive Mode in ipsec statusallAndreas Steffen2012-05-231-2/+9
|
* List registered nonce generators in statusall output.Tobias Brunner2012-05-181-2/+18
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-172-1/+3
|
* fixed feature dependencies for CERT_TRUSTED_PUBKEYAndreas Steffen2012-05-051-0/+2
|
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-032-2/+4
| | | | Also fixes several whitespace errors.
* display (soft) same as (not loaded)Andreas Steffen2012-05-031-1/+1
|
* charon is now an IKE daemonAndreas Steffen2012-05-031-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 09:16:16 +0000