aboutsummaryrefslogtreecommitdiffstats
path: root/src/swanctl/commands
Commit message (Collapse)AuthorAgeFilesLines
* swanctl: Properly register --counters commmandTobias Brunner2017-11-131-1/+1
| | | | Use C instead of c, which is already used for --load-conns.
* swanctl: Add --counters commandTobias Brunner2017-11-081-0/+154
|
* swanctl: Use returned key ID to track loaded private keysTobias Brunner2017-05-231-13/+6
| | | | | | There was a direct call to load_key() for unencrypted keys that didn't remove the key ID from the hashtable, which caused keys to get unloaded when --load-creds was called multiple times.
* swanctl: Add --rekey commandTobias Brunner2017-02-161-0/+125
|
* vici: Use unique names for CHILD_SAs in the list-sas commandTobias Brunner2017-02-161-2/+3
| | | | | | | | | The original name is returned in the new "name" attribute. This fixes an issue with bindings that map VICI messages to dictionaries. For instance, in roadwarrior scenarios where every CHILD_SA has the same name only the information of the last CHILD_SA would end up in the dictionary for that name.
* swanctl: Allow specifying pubkeys directly via 0x/0s prefixTobias Brunner2017-02-161-28/+38
|
* vici: Add support to load CA certificates from tokens and paths in authority ↵Tobias Brunner2017-02-161-4/+4
| | | | sections
* swanctl: Add `token` secrets for keys on tokens/smartcardsTobias Brunner2017-02-161-0/+90
|
* swanctl: Pass optional connection name to --initiate/install/uninstallTobias Brunner2017-02-162-5/+22
|
* vici: Add support for NT Hash secretsTobias Brunner2017-02-161-1/+3
| | | | Fixes #1002.
* vici: Add support for certificate policiesTobias Brunner2017-02-161-0/+1
|
* swanctl: Automatically unload removed shared keysTobias Brunner2017-02-161-15/+49
|
* swanctl: Automatically unload removed private keysTobias Brunner2017-02-161-76/+175
|
* swanctl: Add possibility to query a specific pool by nameTobias Brunner2017-02-161-3/+11
|
* swanctl: List CHILD_SA marks, if setMartin Willi2017-02-131-0/+18
|
* swanctl: Add 'private' directory/section to load any type of private keyTobias Brunner2016-10-051-5/+10
|
* vici: flush-certs command flushes certificate cacheAndreas Steffen2016-09-131-0/+90
| | | | | | | | | | When fresh CRLs are released with a high update frequency (e.g. every 24 hours) or OCSP is used then the certificate cache gets quickly filled with stale CRLs or OCSP responses. The new VICI flush-certs command allows to flush e.g. cached CRLs or OCSP responses only. Without the type argument all kind of certificates (e.g. also received end entity and intermediate CA certificates) are purged.
* vici: Increased various string buffers to BUF_LEN (512 bytes)Andreas Steffen2016-07-291-1/+1
|
* swanctl: indicate initiator and responder in --list-sasAndreas Steffen2016-05-071-2/+5
|
* swanctl: Do not display rekey times for shuntsAndreas Steffen2016-05-051-3/+5
|
* vici list-conns sends reauthentication and rekeying time informationAndreas Steffen2016-05-041-2/+71
|
* swanctl: --list-conns shows eap_id, xauth_id and aaa_idAndreas Steffen2016-05-041-0/+13
|
* swanctl: list EAP type in --list-connsAndreas Steffen2016-04-261-3/+10
|
* swanctl: log errors to stderrAndreas Steffen2016-04-243-3/+3
|
* Include manual policy priorities and restriction to interfaces in vici ↵Andreas Steffen2016-04-091-0/+13
| | | | list-conn command
* Display IKE ports with swanctl --list-sasAndreas Steffen2016-03-051-4/+9
|
* vici: Match subnets and ranges against peer IP in redirect commandTobias Brunner2016-03-041-1/+1
|
* vici: Match identity with wildcards against remote ID in redirect commandTobias Brunner2016-03-041-1/+1
|
* swanctl: Add --redirect commandTobias Brunner2016-03-041-0/+132
|
* swanctl: Load pubkeys with load-credsAndreas Steffen2016-01-091-0/+1
|
* vici: list-cert sends subject, not-before and not-after attributes for pubkeysAndreas Steffen2016-01-091-5/+36
|
* vici: Support of raw public keysAndreas Steffen2016-01-091-1/+8
|
* swanctl: Slightly change usage summary for --list-certsTobias Brunner2015-12-161-4/+3
|
* swanctl --stats lists loaded pluginsAndreas Steffen2015-12-131-0/+12
|
* Refactored certificate management for the vici and stroke interfaces5.4.0dr1Andreas Steffen2015-12-122-52/+59
|
* Removed VICI protocol versioningAndreas Steffen2015-12-111-14/+7
|
* Use of certificate_printer by swanctl --list-certs commandAndreas Steffen2015-12-111-495/+19
|
* Share vici_cert_info.c with vici_cred.cAndreas Steffen2015-12-111-6/+17
|
* Use VICI 2.0 protocol version for certificate queriesAndreas Steffen2015-12-112-80/+124
|
* swanctl: Add --list-algs command to query loaded algorithmsTobias Brunner2015-11-301-0/+104
|
* swanctl: Add option to query leases with --get-poolsTobias Brunner2015-11-101-3/+29
|
* swanctl: List virtual IPs in --list-sasTobias Brunner2015-11-101-1/+11
|
* Improved legibility of swanctl CRL listings5.3.3dr1Andreas Steffen2015-07-221-1/+4
|
* vici: Certification Authority support added.Andreas Steffen2015-07-214-1/+567
| | | | | | CDP and OCSP URIs for a one or multiple certification authorities can be added via the VICI interface. swanctl allows to read definitions from a new authorities section.
* swanctl: Implement monitoring of IKE_SA and CHILD_SA changesTimo Teräs2015-05-041-1/+83
| | | | Signed-off-by: Timo Teräs <timo.teras@iki.fi>
* swanctl: Add missing unit in install-time logRomain Francoise2015-05-041-1/+1
|
* swanctl: Append /ESN to proposal for a CHILD_SA using Extended Sequence NumbersMartin Willi2015-03-231-1/+1
| | | | | | | We previously printed just the value for the "esn" keyword, which is "1", and not helpful as such. Fixes #904.
* vici: Return authentication rounds with unique namesMartin Willi2015-03-181-2/+3
| | | | | | To simplify handling of authentication rounds in dictionaries/hashtables on the client side, we assign unique names to each authentication round when listing connection.
* swanctl: Cache entered PKCS#12 decryption secretMartin Willi2015-03-181-6/+23
| | | | | It is usually used more than once, but most likely the same for decryption and MAC verification.
* swanctl: Support loading PKCS#12 containers from a pkcs12 swanctl directoryMartin Willi2015-03-181-0/+113
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 12:52:05 +0000