aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins/vici/vici_config.c
Commit message (Collapse)AuthorAgeFilesLines
* vici: Certification Authority support added.Andreas Steffen2015-07-211-9/+23
| | | | | | CDP and OCSP URIs for a one or multiple certification authorities can be added via the VICI interface. swanctl allows to read definitions from a new authorities section.
* vici: Compute rekey_bytes and rekey_packets if life_bytes and life_packets ↵Andreas Steffen2015-07-201-6/+20
| | | | are defined
* vici: Default to certificate subject for identityTimo Teräs2015-05-041-0/+37
| | | | | | | | If id is not specified and certificate authentication is used, use the certificate subject name as identity. Simplifies configuration as in most cases this is the right thing to do. Signed-off-by: Timo Teräs <timo.teras@iki.fi>
* vici: Don't use a default rand_time larger than half of rekey/reauth_timeMartin Willi2015-03-031-3/+11
|
* vici: If a IKE reauth_time is configured, disable the default rekey_timeMartin Willi2015-03-031-1/+16
|
* controller: Use the CHILD_SA unique_id to terminate CHILD_SAsMartin Willi2015-02-201-10/+10
|
* vici: Support a replay_window CHILD_SA optionMartin Willi2014-06-171-0/+16
|
* vici: Add Windows supportMartin Willi2014-06-041-1/+0
|
* ike: Add an additional but separate AEAD proposal to CHILD configMartin Willi2014-05-161-2/+10
| | | | | | | This currently has no effect: We don't include AEAD algorithms in the default ESP proposal, as we don't know if it is supported by the backend. But as we hopefully get an algorithm query mechanism on kernel interfaces some day, we add the appropriate functionality nonetheless.
* ike: Add an additional but separate AEAD proposal to IKE config, if supportedMartin Willi2014-05-161-10/+25
|
* vici: Support the close_action keyword, as we have it documentedMartin Willi2014-05-141-1/+6
|
* vici: Properly filter by CHILD_SA name while undoing start actionsMartin Willi2014-05-071-2/+5
|
* vici: Fallback to socket listening port if no explicit local port specifiedMartin Willi2014-05-071-1/+4
|
* vici: Support a "mtu" value for the tfc_padding optionMartin Willi2014-05-071-2/+16
|
* vici: Handle the "trap" action as an alias for "route"Martin Willi2014-05-071-0/+1
|
* vici: Have an explicit "relaxed" keyword for the default revocation policyMartin Willi2014-05-071-1/+5
|
* vici: Use a default child rekey time of 1 hourMartin Willi2014-05-071-0/+6
|
* vici: Use a default IKE rekey time of 4 hoursMartin Willi2014-05-071-0/+6
|
* vici: Support referencing external named pools for peer configsMartin Willi2014-05-071-0/+14
|
* vici: Actually add configured virtual IPs to peer configMartin Willi2014-05-071-0/+5
|
* vici: Use a default rand_time of the difference between hard and soft lifetimesMartin Willi2014-05-071-0/+26
|
* vici: Use a default hard lifetime of 110% of the soft lifetimeMartin Willi2014-05-071-0/+37
|
* vici: Perform specified start_action on connection load, undo it on unloadMartin Willi2014-05-071-2/+185
|
* vici: Support pinning end entity and CA certificates to connectionsMartin Willi2014-05-071-0/+37
|
* vici: Support missing groups option in auth configMartin Willi2014-05-071-1/+24
|
* vici: Add unload-conn and get-conns commands to manage loaded connectionsMartin Willi2014-05-071-0/+62
|
* vici: Add backend providing in-memory connectionsMartin Willi2014-05-071-0/+1539
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 05:07:07 +0000