aboutsummaryrefslogtreecommitdiffstats
path: root/src/starter/confread.h
Commit message (Collapse)AuthorAgeFilesLines
* stroke: Make 96-bit truncation for SHA-256 configurableTobias Brunner2017-05-261-0/+2
|
* Add an option to announce support for IKE fragmentation but not sending ↵Tobias Brunner2017-05-231-0/+1
| | | | fragments
* Use standard unsigned integer typesAndreas Steffen2016-03-241-10/+10
|
* starter: Ensure the daemon executable exists when starting upTobias Brunner2015-05-081-1/+0
| | | | | | | | | The only purpose of starter is to control the IKE daemon, so we terminate it if the daemon executable is not found (e.g. because DAEMON_NAME is incorrect). This removes the charonstart setting (it was not actually configurable anymore).
* starter: Use new parser to read config fileTobias Brunner2014-06-191-38/+4
|
* starter: Add a replay_window connection optionMartin Willi2014-06-171-0/+1
|
* starter: Remove obsolete 'auth' optionMartin Willi2013-10-111-1/+0
|
* starter: Add an 'ah' keyword for Authentication Header Security AssociationsMartin Willi2013-10-111-0/+1
|
* Merge branch 'opaque-ports'Martin Willi2013-03-011-1/+2
|\ | | | | | | | | Adds a %opaque port option and support for port ranges in left/rightprotoport. Currently not supported by any of our kernel backends.
| * Pass complete port range over stroke interface for more flexibilityMartin Willi2013-02-211-2/+2
| |
* | Add a ikedscp ipsec.conf option to set DSCP value on outgoing IKE packetsMartin Willi2013-02-061-1/+1
|/
* Added an option that allows to force IKEv1 fragmentationTobias Brunner2013-01-121-2/+9
|
* Use a connection specific option to en-/disable IKEv1 fragmentationTobias Brunner2012-12-241-0/+1
|
* Support multiple addresses/pools in left/rightsourceipMartin Willi2012-08-301-1/+0
|
* Remove unused ipsec.conf left/rightnatip keywordMartin Willi2012-08-211-1/+0
|
* Add a left/rightdns keyword to configure connection specific DNS attributesMartin Willi2012-08-211-0/+1
|
* Add an ipsec.conf leftgroups2 parameter for the second authentication roundMartin Willi2012-07-261-0/+1
|
* ldaphost and ldapbase ca section keywords are deprecatedTobias Brunner2012-06-251-2/+0
|
* starter: Removed all unsupported keywords.Tobias Brunner2012-06-111-27/+1
|
* starter: Remove all ties to pluto/libfreeswan.Tobias Brunner2012-06-111-2/+16
| | | | Moved some types/constants in the process.
* starter: Use custom type for SA specific options (flags).Tobias Brunner2012-06-111-1/+15
|
* starter: Parse left|rightprotoport directly in confread.c.Tobias Brunner2012-06-111-1/+0
|
* starter: No special handling for left|rightsubnet, just pass it on as string.Tobias Brunner2012-06-111-3/+0
|
* starter: Remove left|rightsubnetwithin option (charon narrows ↵Tobias Brunner2012-06-111-1/+0
| | | | left|rightsubnet down accordingly).
* starter: Don't resolve any addresses in starter.Tobias Brunner2012-06-111-4/+0
| | | | Also removed remains of some unknown iface option.
* starter: Removed pfs and pfsgroup options (handled via esp option).Tobias Brunner2012-06-111-1/+0
|
* starter: Store mode of the IPsec SA/policy in a separate member.Tobias Brunner2012-06-111-0/+3
|
* starter: Use custom type to mark seen keywords.Tobias Brunner2012-06-111-4/+9
|
* starter: Remove left|rightnexthop option.Tobias Brunner2012-06-111-1/+0
| | | | Charon does this lookup dynamically.
* starter: Parse authby as string.Tobias Brunner2012-06-111-5/+6
|
* starter: Drop support for %defaultroute.Tobias Brunner2012-06-111-6/+1
|
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-201-5/+5
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
| * Dropped support of deprecated authby=eap and eap= optionsMartin Willi2012-03-201-2/+0
| |
| * Added a "aggressive" ipsec.conf connection optionMartin Willi2012-03-201-0/+1
| |
| * Support an "any" IKE version for both IKEv1 or IKEv2Martin Willi2012-03-201-3/+4
| |
* | Use correct time_t variables to store ARG_TIME optionsMartin Willi2012-01-181-2/+2
|/
* starter: Use automake LEX/YACC automatisms.Tobias Brunner2011-10-101-1/+1
|
* starter passes unresolved DNS names to charonMartin Willi2011-08-291-0/+1
| | | | Based on an initial patch by Mirko Parthey.
* Add a closeaction ipsec.conf keyword to configure close actionMartin Willi2011-06-071-0/+2
|
* Added a left/rightcertpolicy keyword to specify certificatePolicy requirementsMartin Willi2011-01-071-0/+1
|
* Added a tfc ipsec.conf keyword to control Traffic Flow ConfidentialityMartin Willi2010-12-201-0/+1
|
* starter: Some whitespace cleanup.Tobias Brunner2010-09-021-2/+2
|
* Moved ipsec_transform_t to kernel_ipsec.h in libhydra.Tobias Brunner2010-09-021-7/+0
| | | | | Because of this libfreeswan, pluto, starter etc. now depend on that file (and libhydra). This resolved some duplicate declarations.
* Added support for the ipsec.conf aaa_identity keywordMartin Willi2010-08-311-0/+1
|
* configuration of different marks for inbound and outbound directionAndreas Steffen2010-07-091-2/+9
|
* support of xfrm marks for IKEv2Andreas Steffen2010-07-021-0/+2
|
* introduced xauth_identity keywordAndreas Steffen2010-05-151-0/+1
|
* Add reqid keyword to config connection section.Reto Buerki2010-05-041-0/+1
|
* Fixed starter left-/rightikeport keywordMartin Willi2010-02-261-1/+1
|
* Added left-/rightikeport ipsec.conf options to use custom IKE portsMartin Willi2010-02-261-0/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 10:55:17 +0000