aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/vici/README.md
Commit message (Collapse)AuthorAgeFilesLines
* vici: flush-certs command flushes certificate cacheAndreas Steffen2016-09-131-0/+13
| | | | | | | | | | When fresh CRLs are released with a high update frequency (e.g. every 24 hours) or OCSP is used then the certificate cache gets quickly filled with stale CRLs or OCSP responses. The new VICI flush-certs command allows to flush e.g. cached CRLs or OCSP responses only. Without the type argument all kind of certificates (e.g. also received end entity and intermediate CA certificates) are purged.
* vici list-conns sends reauthentication and rekeying time informationAndreas Steffen2016-05-041-0/+5
|
* vici: Fix documentation of some dictionary keys of two request messagesCameron McCord2016-03-311-3/+3
| | | | Closes strongswan/strongswan#40.
* vici: Match subnets and ranges against peer IP in redirect commandTobias Brunner2016-03-041-1/+2
|
* vici: Match identity with wildcards against remote ID in redirect commandTobias Brunner2016-03-041-1/+2
|
* vici: Add redirect commandTobias Brunner2016-03-041-0/+15
| | | | | This allows redirecting IKE_SAs by multiple different selectors, if none are given all SAs are redirected.
* vici: Provide ports of local and remote IKE endpointsTobias Brunner2016-03-031-0/+2
|
* vici: Correctly document 'up' key for updown eventsTobias Brunner2016-03-011-4/+4
| | | | Instead of sending 'no' it is omitted when an SA goes down.
* vici: list-cert sends subject, not-before and not-after attributes for pubkeysAndreas Steffen2016-01-091-0/+3
|
* Refactored certificate management for the vici and stroke interfaces5.4.0dr1Andreas Steffen2015-12-121-3/+7
|
* vici: Fix documentation about the initiate/terminate timeoutMartin Willi2015-12-071-2/+2
|
* vici: Honor an optionally passed IKE configuration name in initiate/installMartin Willi2015-12-071-0/+2
| | | | | | | If two IKE configurations have CHILD configurations with the same name, we have no control about the CHILD_SA that actually gets controlled. The new "ike" parameter specifies the peer config name to find the "child" config under.
* vici: Support completely asynchronous initiating and terminationMartin Willi2015-12-071-0/+6
| | | | | | In some situations the vici client is not interested in waiting for a timeout at all, so don't register a logging callback if the timeout argument is negative.
* Built the CPAN file structure for the Vici::Session perl moduleAndreas Steffen2015-12-011-0/+40
|
* vici: Add get-algorithms command to query loaded algorithms and implementationsTobias Brunner2015-11-301-0/+10
|
* vici: Add option to query leases of poolsTobias Brunner2015-11-101-1/+10
| | | | | We could later perhaps add filter parameters similar to those of the `ipsec leases` command (pool name/virtual IP).
* vici: Return local and remote virtual IPs when listing SAsTobias Brunner2015-11-101-0/+6
|
* vici: Add NAT information when listing IKE_SAsTobias Brunner2015-11-091-0/+4
| | | | | | | | | | The `nat-local` and `nat-remote` keys contain information on the NAT status of the local and remote IKE endpoints, respectively. If a responder did not detect a NAT but is configured to fake a NAT situation this is indicated by `nat-fake` (if an initiator fakes a NAT situation `nat-local` is set). If any NAT is detected or faked `nat-any` is set. Closes strongswan/strongswan#16.
* vici: Optionally check limits when initiating connectionsTobias Brunner2015-08-211-0/+1
| | | | | If the init-limits parameter is set (disabled by default) init limits will be checked and might prevent new SAs from getting initiated.
* vici: Add ike/child-rekey eventsTobias Brunner2015-08-171-0/+36
|
* vici: Document the ike/child-updown eventsTobias Brunner2015-08-171-0/+23
|
* vici: Certification Authority support added.Andreas Steffen2015-07-211-0/+64
| | | | | | CDP and OCSP URIs for a one or multiple certification authorities can be added via the VICI interface. swanctl allows to read definitions from a new authorities section.
* vici: Catch Python GeneratorExit to properly cancel streamed event iterationMartin Willi2015-03-181-0/+5
|
* vici: Return a Python generator instead of a list for streamed responsesMartin Willi2015-03-181-4/+4
| | | | | | | In addition that it may reduce memory usage and improve performance for large responses, it returns immediate results. This is important for longer lasting commands, such as initiate/terminate, where immediate log feedback is preferable when interactively calling such commands.
* vici: Add initial Python egg documentation to READMEMartin Willi2015-03-181-0/+65
|
* vici: Use default Unix vici socket if none passed to ruby constructorMartin Willi2015-03-181-3/+3
| | | | | While we currently have a static path instead of one generated with Autotools, this at least is congruent to what we have in the Python library.
* vici: Include the CHILD_SA unique ID in list-sa eventMartin Willi2015-02-201-0/+1
|
* vici: Fix README example encoding element type values, off by oneMartin Willi2015-01-211-10/+10
| | | | | | | While we fixed the wrong values in the description with d39e04b5, the example values are still off by one. Fixes #828.
* vici: Document the ruby gem and add some simple examplesMartin Willi2014-10-101-0/+58
|
* vici: Add some simple libvici examples to the READMEMartin Willi2014-10-101-2/+116
|
* vici: Document the available vici command and event messagesMartin Willi2014-10-101-1/+509
|
* vici: Fix message encoding type values in documentationMartin Willi2014-10-101-6/+6
|
* Fixed some typosTobias Brunner2014-06-301-1/+1
|
* vici: Increase vici message length header from 16 to 32 bitsMartin Willi2014-05-071-4/+4
| | | | | | | | | While we currently have no need for messages larger than 65KB, we should design the protocol to be future-proof, as we plan to keep at least to lowest protocol layer stable. To avoid any allocation issues, we currently keep the message size limit at 512KB.
* vici: Add low-level IPC protocol descriptionMartin Willi2014-05-071-0/+176
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 23:20:28 +0000