aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/plugins
Commit message (Collapse)AuthorAgeFilesLines
...
* Properly initialize sockaddr_in struct in fast and dhcp pluginsTobias Brunner2012-09-281-4/+7
|
* Clarified error message if enabling UDP decapsulation failsTobias Brunner2012-09-272-2/+4
|
* Made IP address enumeration more flexibleTobias Brunner2012-09-212-2/+2
| | | | Also added an option to enumerate addresses on ignored interfaces.
* Make it easy to check if an address is locally usable via changed ↵Tobias Brunner2012-09-212-18/+9
| | | | get_interface() method
* Don't ignore loopback devices and allow addresses on them being enumeratedTobias Brunner2012-09-212-4/+4
|
* As Unity responder, don't change the proposed TS at all, racoon doesn't like ↵Martin Willi2012-09-182-7/+8
| | | | that
* As initiator, narrow received Unity attributes to configured TSMartin Willi2012-09-181-4/+11
|
* When using Unity, bump up remote TS as initiator to 0.0.0.0/0, tooMartin Willi2012-09-181-5/+8
|
* Enable Cisco Unity only if Unity vendor id receivedMartin Willi2012-09-183-2/+5
|
* Exchange 0.0.0.0/0 traffic selectors with Unity, narrowing after exchangeMartin Willi2012-09-181-22/+87
|
* Add a Unity attribute provider that adds Split-Includes for TSMartin Willi2012-09-184-1/+232
|
* Check if subset calculation actually yields a TS in Unity narrowingMartin Willi2012-09-181-1/+5
|
* Request Unity configuration attributes for IKEv1 onlyMartin Willi2012-09-181-0/+6
|
* Add Cisco Unity client support for Split-Include and Local-LANMartin Willi2012-09-187-0/+774
|
* Make stroke user-creds work with XAuth configsTobias Brunner2012-09-181-9/+18
|
* Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>Tobias Brunner2012-09-181-0/+10
|
* Removed the unneeded socket-raw pluginTobias Brunner2012-09-145-876/+0
|
* Option added to enforce a configured destination address for DHCP packetsTobias Brunner2012-09-131-1/+9
|
* Check for an existing lease in all stroke pools before creating a new oneMartin Willi2012-09-111-7/+31
|
* Pass full pool list to release_addressMartin Willi2012-09-114-16/+56
|
* Pass the full list of pools to acquire_address, enumerate in providersMartin Willi2012-09-114-18/+57
| | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools.
* Support RADIUS accounting when using IKEv1 with xauth-eap and eap-radiusMartin Willi2012-09-111-2/+10
|
* Fix leak while enumerating RADIUS Framed-IPs from IKE_SAMartin Willi2012-09-111-0/+1
|
* Add uniqueids=never to ignore INITIAL_CONTACT notifiesTobias Brunner2012-09-101-0/+3
| | | | | | With uniqueids=no the daemon still deletes any existing IKE_SA with the same peer if an INITIAL_CONTACT notify is received. With this new option it also ignores these notifies.
* Print the name of mem pools instead of the confusing <base>/<size>Tobias Brunner2012-09-101-2/+4
|
* introduced sending of standard IETF Assessment Result PA-TNC attribute by IMVsAndreas Steffen2012-09-093-21/+29
|
* Clear virtual IPs before storing assigned ones on the IKE_SATobias Brunner2012-09-051-1/+10
| | | | | Otherwise we'll end up with duplicate or invalid VIPs stored on the IKE_SA.
* Merge branch 'multi-vip'Martin Willi2012-08-3129-198/+1200
|\ | | | | | | | | | | | | Brings support for multiple virtual IPs and multiple pools in left/rigthsourceip definitions. Also introduces the new left/rightdns options to configure requested DNS server address family and respond with multiple connection specific servers.
| * DHCP plugin returns virtual IPs for IPv4 requests onlyMartin Willi2012-08-301-2/+2
| |
| * Check address family in HA virtual IP backendMartin Willi2012-08-301-0/+6
| |
| * Handle comma separated pools as multiple pool names in SQL pluginMartin Willi2012-08-301-1/+9
| |
| * Pass all configured pool names to attribute provider enumeratorMartin Willi2012-08-302-3/+3
| |
| * Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-304-10/+18
| |
| * Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-305-100/+189
| |
| * Support multiple address pools configured on a peer_cfgMartin Willi2012-08-3010-18/+28
| |
| * Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-3014-85/+151
| |
| * Add a DNS attribute handler to updown, passing servers to updown scriptMartin Willi2012-08-216-4/+377
| |
| * Add a stroke attribute_handler requesting DNS servers given with leftdnsMartin Willi2012-08-214-0/+307
| |
| * Serve ipsec.conf rightdns servers through stroke attribute providerMartin Willi2012-08-211-10/+143
| |
| * Add a left/rightdns keyword to configure connection specific DNS attributesMartin Willi2012-08-211-0/+2
| |
* | Merge branch 'eap-client-select'Tobias Brunner2012-08-318-42/+579
|\ \ | | | | | | | | | | | | | | | This brings support for EAP-Nak payloads on the client (to select a specific or supported method), and the server (via the eap-dynamic plugin which selects a method supported/requested by the client).
| * | Added an option to prefer types sent by peer in eap-dynamic pluginTobias Brunner2012-08-311-14/+42
| | |
| * | eap-dynamic plugin handles EAP-Nak messages and selects a method supported ↵Tobias Brunner2012-08-311-1/+72
| | | | | | | | | | | | by the peer
| * | Preferred EAP methods for eap-dynamic can be configuredTobias Brunner2012-08-311-1/+59
| | |
| * | The eap-dynamic plugin uses the first supported method as defaultTobias Brunner2012-08-311-1/+91
| | |
| * | Added eap-dynamic plugin which can proxy any other EAP methodTobias Brunner2012-08-315-0/+319
| | |
| * | Use eap_vendor_type_from_string() in strokeTobias Brunner2012-08-311-38/+7
| | |
| * | Encode EAP-Naks in expanded format if we got an expanded type requestTobias Brunner2012-08-312-2/+2
| | | | | | | | | | | | | | | Since methods defined by the IETF (vendor ID 0) could also be encoded in expanded type format the previous check was insufficient.
| * | Allow clients to request a configured EAP method via EAP-NakTobias Brunner2012-08-312-2/+2
| | |
| * | Send EAP-Nak with supported types if requested type is unsupportedTobias Brunner2012-08-312-4/+6
| |/
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 21:24:44 +0000