aboutsummaryrefslogtreecommitdiffstats
path: root/src/starter/confread.c
Commit message (Collapse)AuthorAgeFilesLines
* Use standard unsigned integer typesAndreas Steffen2016-03-241-1/+1
|
* 128 bit default security strength requires 3072 bit prime DH groupAndreas Steffen2015-12-141-2/+2
|
* starter: Ensure the daemon executable exists when starting upTobias Brunner2015-05-081-16/+0
| | | | | | | | | The only purpose of starter is to control the IKE daemon, so we terminate it if the daemon executable is not found (e.g. because DAEMON_NAME is incorrect). This removes the charonstart setting (it was not actually configurable anymore).
* starter: Remove START_CHARON compile flagTobias Brunner2015-05-051-8/+1
| | | | | | Since the removal of pluto this is quite superfluous. The flag itself might be useful to avoid starting charon if the executable does not exist for some reason (e.g. if DAEMON_NAME is incorrect).
* starter: Fix memory leaks and warn if conn/ca sections are ignored due to ↵Tobias Brunner2014-07-181-2/+8
| | | | parse errors
* starter: Use new parser to read config fileTobias Brunner2014-06-191-595/+404
|
* starter: Add a replay_window connection optionMartin Willi2014-06-171-0/+2
|
* ipsec_types: Add utility function to parse mark_t from stringsTobias Brunner2013-10-111-44/+3
|
* starter: Remove obsolete 'auth' optionMartin Willi2013-10-111-3/+0
|
* starter: Properly refer to the ipsec script if it was renamedTobias Brunner2013-07-221-1/+1
|
* starter: Make daemon name configurableAdrian-Ken Rueegsegger2013-03-191-1/+1
| | | | | | | | A daemon can be specified using the '--daemon' command line parameter. This tells starter to invoke a daemon other than 'charon'. Additionally the ipsec script uses the environment variable DAEMON_NAME to tell the starter which daemon to use.
* Optionally support port ranges in leftprotoportMartin Willi2013-02-211-4/+20
|
* Support %opaque keyword in leftprotoport for "opaque" portsMartin Willi2013-02-211-0/+5
|
* Pass complete port range over stroke interface for more flexibilityMartin Willi2013-02-211-3/+7
|
* Remove MODP groups from default ESP proposalTobias Brunner2012-10-241-1/+1
| | | | | This now actually makes pfs=no the default and it equals the default listed in ipsec.conf.5. efc69e9f preserved the default of pfs=yes.
* Moved debug.[ch] to utils folderTobias Brunner2012-10-241-1/+1
|
* starter: Allow %any also for protocol in left|rightprotoportTobias Brunner2012-09-121-9/+15
|
* Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-301-53/+0
|
* Remove unused ipsec.conf left/rightnatip keywordMartin Willi2012-08-211-26/+0
|
* starter: Restore original config in case also= is used (which reads the same ↵Tobias Brunner2012-08-161-20/+30
| | | | values)
* Mask the configured mark value to ensure it is in rangeTobias Brunner2012-06-261-0/+2
|
* starter: Fixed parsing of %defaultroute.Tobias Brunner2012-06-151-6/+12
|
* starter: Print additional help texts for selected deprecated keywords.Tobias Brunner2012-06-121-0/+15
|
* starter: Improved how deprecated keywords are handled.Tobias Brunner2012-06-121-0/+50
| | | | We only throw a warning now instead of rejecting the config.
* Revert "starter: Don't treat unsupported keywords as fatal errors just ↵Tobias Brunner2012-06-121-3/+3
| | | | | | report them." This reverts commit e55876a657ae9d4bbf14320e5a14f86cc5c31c7f.
* starter: Fixed parsing of left|right=%any.Tobias Brunner2012-06-121-1/+3
|
* starter: Removed all unsupported keywords.Tobias Brunner2012-06-111-3/+0
|
* starter: Don't treat unsupported keywords as fatal errors just report them.Tobias Brunner2012-06-111-3/+3
|
* Bye bye Pluto!Tobias Brunner2012-06-111-11/+1
| | | | | Charon will take over IKEv1 duties from here. This also removes libfreeswan and whack.
* starter: Remove all ties to pluto/libfreeswan.Tobias Brunner2012-06-111-5/+7
| | | | Moved some types/constants in the process.
* starter: Use custom type for SA specific options (flags).Tobias Brunner2012-06-111-13/+13
|
* starter: Parse left|rightprotoport directly in confread.c.Tobias Brunner2012-06-111-4/+53
|
* starter: No special handling for left|rightsubnet, just pass it on as string.Tobias Brunner2012-06-111-32/+0
|
* starter: Use host_t to parse left|rightsourceip.Tobias Brunner2012-06-111-18/+17
| | | | Also for the yet unused natip option.
* starter: Remove left|rightsubnetwithin option (charon narrows ↵Tobias Brunner2012-06-111-17/+0
| | | | left|rightsubnet down accordingly).
* starter: Don't resolve any addresses in starter.Tobias Brunner2012-06-111-70/+6
| | | | Also removed remains of some unknown iface option.
* starter: Removed pfs and pfsgroup options (handled via esp option).Tobias Brunner2012-06-111-5/+2
|
* starter: Store mode of the IPsec SA/policy in a separate member.Tobias Brunner2012-06-111-16/+16
|
* starter: Use custom type to mark seen keywords.Tobias Brunner2012-06-111-15/+15
|
* starter: Remove left|rightnexthop option.Tobias Brunner2012-06-111-18/+0
| | | | Charon does this lookup dynamically.
* starter: Replaced all usages of clone_str() with strdupnull().Tobias Brunner2012-06-111-12/+12
|
* starter: Parse authby as string.Tobias Brunner2012-06-111-50/+0
|
* starter: Drop support for %defaultroute.Tobias Brunner2012-06-111-61/+11
|
* starter: Migrated logging to libstrongswan.Tobias Brunner2012-06-111-69/+60
|
* make IKEv1 DPD timeout configurable in charonAndreas Steffen2012-05-171-1/+1
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-34/+2
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Dropped support of deprecated authby=eap and eap= optionsMartin Willi2012-03-201-33/+1
| |
| * Do not ignore configs for IKEv1 in charon anymoreMartin Willi2012-03-201-1/+1
| |
* | Fixed compiler warnings regarding enum comparison.Tobias Brunner2011-11-251-1/+1
|/ | | | | | | | | Warnings like comparison of unsigned expression < 0 is always false are reported with -Wextra when enum types that are compiled to an unsigned type (which is up to the compiler) are checked for negativity.
* Fix DNS error handling for keyexchange=ike.Mirko Parthey2011-10-251-1/+1
| | | | | | starter fails to load a connection when a peer's DNS name is temporarily unresolvable and keyexchange=ike was specified, which defaults to IKEv2. The connection loads just fine in case of keyexchange=ikev2.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 17:02:29 +0000