aboutsummaryrefslogtreecommitdiffstats
path: root/src/starter/confread.c
Commit message (Collapse)AuthorAgeFilesLines
* starter: Fix memory leaks and warn if conn/ca sections are ignored due to ↵Tobias Brunner2014-07-181-2/+8
| | | | parse errors
* starter: Use new parser to read config fileTobias Brunner2014-06-191-595/+404
|
* starter: Add a replay_window connection optionMartin Willi2014-06-171-0/+2
|
* ipsec_types: Add utility function to parse mark_t from stringsTobias Brunner2013-10-111-44/+3
|
* starter: Remove obsolete 'auth' optionMartin Willi2013-10-111-3/+0
|
* starter: Properly refer to the ipsec script if it was renamedTobias Brunner2013-07-221-1/+1
|
* starter: Make daemon name configurableAdrian-Ken Rueegsegger2013-03-191-1/+1
| | | | | | | | A daemon can be specified using the '--daemon' command line parameter. This tells starter to invoke a daemon other than 'charon'. Additionally the ipsec script uses the environment variable DAEMON_NAME to tell the starter which daemon to use.
* Optionally support port ranges in leftprotoportMartin Willi2013-02-211-4/+20
|
* Support %opaque keyword in leftprotoport for "opaque" portsMartin Willi2013-02-211-0/+5
|
* Pass complete port range over stroke interface for more flexibilityMartin Willi2013-02-211-3/+7
|
* Remove MODP groups from default ESP proposalTobias Brunner2012-10-241-1/+1
| | | | | This now actually makes pfs=no the default and it equals the default listed in ipsec.conf.5. efc69e9f preserved the default of pfs=yes.
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* starter: Allow %any also for protocol in left|rightprotoportTobias Brunner2012-09-121-9/+15
|
* Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-301-53/+0
|
* Remove unused ipsec.conf left/rightnatip keywordMartin Willi2012-08-211-26/+0
|
* starter: Restore original config in case also= is used (which reads the same ↵Tobias Brunner2012-08-161-20/+30
| | | | values)
* Mask the configured mark value to ensure it is in rangeTobias Brunner2012-06-261-0/+2
|
* starter: Fixed parsing of %defaultroute.Tobias Brunner2012-06-151-6/+12
|
* starter: Print additional help texts for selected deprecated keywords.Tobias Brunner2012-06-121-0/+15
|
* starter: Improved how deprecated keywords are handled.Tobias Brunner2012-06-121-0/+50
| | | | We only throw a warning now instead of rejecting the config.
* Revert "starter: Don't treat unsupported keywords as fatal errors just ↵Tobias Brunner2012-06-121-3/+3
| | | | | | report them." This reverts commit e55876a657ae9d4bbf14320e5a14f86cc5c31c7f.
* starter: Fixed parsing of left|right=%any.Tobias Brunner2012-06-121-1/+3
|
* starter: Removed all unsupported keywords.Tobias Brunner2012-06-111-3/+0
|
* starter: Don't treat unsupported keywords as fatal errors just report them.Tobias Brunner2012-06-111-3/+3
|
* Bye bye Pluto!Tobias Brunner2012-06-111-11/+1
| | | | | Charon will take over IKEv1 duties from here. This also removes libfreeswan and whack.
* starter: Remove all ties to pluto/libfreeswan.Tobias Brunner2012-06-111-5/+7
| | | | Moved some types/constants in the process.
* starter: Use custom type for SA specific options (flags).Tobias Brunner2012-06-111-13/+13
|
* starter: Parse left|rightprotoport directly in confread.c.Tobias Brunner2012-06-111-4/+53
|
* starter: No special handling for left|rightsubnet, just pass it on as string.Tobias Brunner2012-06-111-32/+0
|
* starter: Use host_t to parse left|rightsourceip.Tobias Brunner2012-06-111-18/+17
| | | | Also for the yet unused natip option.
* starter: Remove left|rightsubnetwithin option (charon narrows ↵Tobias Brunner2012-06-111-17/+0
| | | | left|rightsubnet down accordingly).
* starter: Don't resolve any addresses in starter.Tobias Brunner2012-06-111-70/+6
| | | | Also removed remains of some unknown iface option.
* starter: Removed pfs and pfsgroup options (handled via esp option).Tobias Brunner2012-06-111-5/+2
|
* starter: Store mode of the IPsec SA/policy in a separate member.Tobias Brunner2012-06-111-16/+16
|
* starter: Use custom type to mark seen keywords.Tobias Brunner2012-06-111-15/+15
|
* starter: Remove left|rightnexthop option.Tobias Brunner2012-06-111-18/+0
| | | | Charon does this lookup dynamically.
* starter: Replaced all usages of clone_str() with strdupnull().Tobias Brunner2012-06-111-12/+12
|
* starter: Parse authby as string.Tobias Brunner2012-06-111-50/+0
|
* starter: Drop support for %defaultroute.Tobias Brunner2012-06-111-61/+11
|
* starter: Migrated logging to libstrongswan.Tobias Brunner2012-06-111-69/+60
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+1
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-34/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Dropped support of deprecated authby=eap and eap= optionsMartin Willi2012-03-201-33/+1
| |
| * Do not ignore configs for IKEv1 in charon anymoreMartin Willi2012-03-201-1/+1
| |
* | Fixed compiler warnings regarding enum comparison.Tobias Brunner2011-11-251-1/+1
|/ | | | | | | | | Warnings like comparison of unsigned expression < 0 is always false are reported with -Wextra when enum types that are compiled to an unsigned type (which is up to the compiler) are checked for negativity.
* Fix DNS error handling for keyexchange=ike.Mirko Parthey2011-10-251-1/+1
| | | | | | starter fails to load a connection when a peer's DNS name is temporarily unresolvable and keyexchange=ike was specified, which defaults to IKEv2. The connection loads just fine in case of keyexchange=ikev2.
* starter: Use automake LEX/YACC automatisms.Tobias Brunner2011-10-101-1/+0
|
* Support resolution of "allow_any" DNS names in charon (%hostname)Martin Willi2011-09-021-4/+1
|
* starter passes unresolved DNS names to charonMartin Willi2011-08-291-65/+71
| | | | Based on an initial patch by Mirko Parthey.
* Verify that executables are available and set (pluto|charon)start accordingly.Tobias Brunner2011-08-111-0/+30
| | | | | | | | Some distributions enable both daemons but then distribute the executables in two separate packages. If only one package is installed but both daemons are enabled in ipsec.conf, starter will try to start the non existing daemon over and over again, and will each time readd the configs to the other daemon.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 17:24:35 +0000