Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fixed some typos | Tobias Brunner | 2015-08-13 | 1 | -1/+1 |
| | |||||
* | starter: Add support for multi-line strings in ipsec.conf | Tobias Brunner | 2015-07-28 | 3 | -8/+6 |
| | |||||
* | starter: Don't replace rarely used special characters in strings in ipsec.conf | Tobias Brunner | 2015-07-28 | 1 | -2/+0 |
| | |||||
* | stroke: Add missing include for UINT16_MAX | Tobias Brunner | 2015-06-09 | 1 | -0/+1 |
| | | | | | | Fixes the build on FreeBSD. Fixes #988. | ||||
* | stroke: Dynamically resize stroke messages | Tobias Brunner | 2015-05-22 | 1 | -144/+164 |
| | | | | | | | The maximum size of a stroke message is currently 64k due to the 2 byte length field. Fixes #943. | ||||
* | starter: Ensure the daemon executable exists when starting up | Tobias Brunner | 2015-05-08 | 3 | -18/+8 |
| | | | | | | | | | The only purpose of starter is to control the IKE daemon, so we terminate it if the daemon executable is not found (e.g. because DAEMON_NAME is incorrect). This removes the charonstart setting (it was not actually configurable anymore). | ||||
* | starter: Remove START_CHARON compile flag | Tobias Brunner | 2015-05-05 | 3 | -13/+2 |
| | | | | | | Since the removal of pluto this is quite superfluous. The flag itself might be useful to avoid starting charon if the executable does not exist for some reason (e.g. if DAEMON_NAME is incorrect). | ||||
* | starter: Merge quoted strings that span multiple lines | Tobias Brunner | 2015-03-20 | 1 | -3/+2 |
| | |||||
* | starter: Fail sending stroke message if a string exceeds the buffer size | Martin Willi | 2015-02-06 | 1 | -1/+13 |
| | | | | | | | Instead of silently setting the string value to NULL, we fail completely in sending the message to notify the user. Fixes #844. | ||||
* | starter: Fix mark_out.mask in starter_cmp_conn() | Maks Naumov | 2015-01-12 | 1 | -1/+1 |
| | |||||
* | starter: Allow specifying the ipsec.conf location in strongswan.conf | Shea Levy | 2014-10-02 | 1 | -1/+2 |
| | |||||
* | stroke: Allow specifying the ipsec.secrets location in strongswan.conf | Shea Levy | 2014-10-02 | 1 | -3/+7 |
| | |||||
* | starter: Do not close all file descriptors after fork() | Martin Willi | 2014-08-25 | 1 | -1/+0 |
| | | | | | | | | As we use libstrongswan and expect that it still works after the fork, we can't just closefrom() all file descriptors. Watcher, for example, uses a pipe to notify FDSET changes, which must be kept open. Reverts 652ddf5ce2fad08f6569096dd56a821500cc5ba4. | ||||
* | starter: Wait indefinitely for charon when using --attach-gdb | Martin Willi | 2014-08-08 | 1 | -3/+7 |
| | | | | | This makes sure the user has time to set break points etc. before it runs charon under gdb. | ||||
* | starter: Don't monitor child if debugger is attached | Thomas Egerer | 2014-08-08 | 1 | -0/+5 |
| | | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com> | ||||
* | starter: Fix memory leaks and warn if conn/ca sections are ignored due to ↵ | Tobias Brunner | 2014-07-18 | 1 | -2/+8 |
| | | | | parse errors | ||||
* | autoconf: Replace --disable-tools option with --disable-scepclient | Tobias Brunner | 2014-06-30 | 1 | -1/+1 |
| | | | | | Since using a separate option for pki this was the only tool that was still enabled by that option. | ||||
* | starter: Add starter group and fix formatting of conf_parser_section_t enum | Tobias Brunner | 2014-06-30 | 1 | -2/+4 |
| | | | | Make use of the Markdown support in recent Doxygen versions. | ||||
* | starter: Ingore %default conn and ca sections | Tobias Brunner | 2014-06-26 | 2 | -0/+60 |
| | |||||
* | starter: Don't directly refer to source files in Makefile for unit tests | Tobias Brunner | 2014-06-19 | 2 | -5/+8 |
| | | | | | Older versions of automake have trouble recursively cleaning such constructs properly. | ||||
* | starter: Explicitly allow @# at the beginning of strings | Tobias Brunner | 2014-06-19 | 2 | -1/+4 |
| | | | | | Since we treat everything after # as comment identities of type ID_KEY_ID couldn't be parsed otherwise, unless quoted. | ||||
* | starter: Add --conftest option to test ipsec.conf syntax | Tobias Brunner | 2014-06-19 | 1 | -0/+27 |
| | |||||
* | starter: Remove old parser | Tobias Brunner | 2014-06-19 | 6 | -545/+4 |
| | |||||
* | starter: Use new parser to read config file | Tobias Brunner | 2014-06-19 | 4 | -769/+493 |
| | |||||
* | starter: Move kw_entry_t definition | Tobias Brunner | 2014-06-19 | 2 | -9/+10 |
| | |||||
* | starter: Remove unused ARG_LST argument type | Tobias Brunner | 2014-06-19 | 2 | -147/+5 |
| | |||||
* | starter: Add tests for ipsec.conf parser | Tobias Brunner | 2014-06-19 | 6 | -0/+607 |
| | |||||
* | starter: Add new bison/flex based parser for ipsec.conf | Tobias Brunner | 2014-06-19 | 7 | -12/+1257 |
| | | | | | | | | | The parser simply returns key/value pairs of all sections, it already resolves also= and allows overriding options in all included sections (not only %default), options set in included section can also be cleared again (key=). It provides other improvements too, like quoted strings (with escape sequences), unlimited includes and better whitespace/comment handling. | ||||
* | starter: Remove out of date README | Tobias Brunner | 2014-06-19 | 1 | -101/+0 |
| | |||||
* | starter: Use stream abstraction to communicate with stroke plugin | Tobias Brunner | 2014-06-19 | 1 | -33/+16 |
| | |||||
* | starter: Add a replay_window connection option | Martin Willi | 2014-06-17 | 6 | -0/+7 |
| | |||||
* | starter: Fix build on Android | Tobias Brunner | 2014-05-28 | 1 | -0/+1 |
| | | | | | While the (default) ipsec script does not work on Android starter still passes the script's name to charon if leftfirewall is configured. | ||||
* | libhydra: Remove unused hydra->daemon | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | |||||
* | lib: Add global config namespace | Tobias Brunner | 2014-02-12 | 1 | -1/+1 |
| | |||||
* | android: Remove dependency on libvstr | Tobias Brunner | 2013-11-13 | 1 | -1/+0 |
| | |||||
* | ipsec_types: Add utility function to parse mark_t from strings | Tobias Brunner | 2013-10-11 | 1 | -44/+3 |
| | |||||
* | starter: Reject connections having both 'ah' and 'esp' keywords set | Martin Willi | 2013-10-11 | 1 | -0/+9 |
| | | | | | We currently don't support mixed proposals or bundles, so don't create the illusion we would. | ||||
* | starter: Remove obsolete 'auth' option | Martin Willi | 2013-10-11 | 5 | -7/+0 |
| | |||||
* | starter: Add an 'ah' keyword for Authentication Header Security Associations | Martin Willi | 2013-10-11 | 5 | -0/+5 |
| | |||||
* | starter: Don't ignore keyingtries with rekey=no | Tobias Brunner | 2013-09-26 | 1 | -1/+2 |
| | | | | | | | Since keyingtries also affects the number of retries initially or when reestablishing an SA it should not be affected by the rekey option. Fixes #418. | ||||
* | stroke: re-enable modeconfig keyword | Martin Willi | 2013-09-04 | 1 | -0/+1 |
| | |||||
* | starter: Properly refer to the ipsec script if it was renamed | Tobias Brunner | 2013-07-22 | 3 | -2/+3 |
| | |||||
* | automake: replace INCLUDES by AM_CPPFLAGS | Martin Willi | 2013-07-18 | 1 | -18/+16 |
| | | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only. | ||||
* | plugin-loader: Removed unused path argument of load() method | Tobias Brunner | 2013-06-28 | 1 | -1/+1 |
| | | | | | Multiple additional search paths can be added with the add_path() method. | ||||
* | starter: Make ipsec.conf path configurable via command line | Tobias Brunner | 2013-06-21 | 1 | -3/+14 |
| | |||||
* | starter: ignore return value of sete[gu]id(), now having warn_unused_result | Martin Willi | 2013-06-18 | 1 | -5/+4 |
| | |||||
* | Load any type (RSA/ECDSA) of public key via left|rightsigkey | Tobias Brunner | 2013-05-07 | 2 | -5/+7 |
| | |||||
* | Use the GEN silent rule when generating gperf files | Martin Willi | 2013-05-06 | 1 | -1/+1 |
| | |||||
* | android: Remove/filter header files from LOCAL_SRC_FILES | Tobias Brunner | 2013-03-20 | 1 | -1/+3 |
| | | | | This avoids huge warnings when building the native code. | ||||
* | starter: Make daemon name configurable | Adrian-Ken Rueegsegger | 2013-03-19 | 4 | -35/+120 |
| | | | | | | | | A daemon can be specified using the '--daemon' command line parameter. This tells starter to invoke a daemon other than 'charon'. Additionally the ipsec script uses the environment variable DAEMON_NAME to tell the starter which daemon to use. |