aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* swanctl: Support groups, certs and cacerts keywordsMartin Willi2014-05-071-0/+70
|
* swanctl: Load shared secrets from the swanctl.conf secrets sectionMartin Willi2014-05-071-1/+96
|
* swanctl: Load different private keys with load-credsMartin Willi2014-05-072-1/+197
|
* swanctl: Add a command to (re-)load credentialsMartin Willi2014-05-073-0/+197
|
* swanctl: Use a ./configure-able swanctl base directoryMartin Willi2014-05-073-6/+34
|
* swanctl: After loading connections, unload those that are not in config anymoreMartin Willi2014-05-071-7/+114
|
* swanctl: Implement a load-conn command to load connections from a fileMartin Willi2014-05-072-0/+229
|
* swanctl: Implement a list-pols command to query trap/shunt policiesMartin Willi2014-05-072-0/+205
|
* swanctl: Implement install/uninstall commands to manage shunt/trap policiesMartin Willi2014-05-072-0/+121
|
* swanctl: Add a version command to query daemon and OS infoMartin Willi2014-05-072-0/+82
|
* swanctl: Add a terminate commandMartin Willi2014-05-072-0/+154
|
* swanctl: Add a subcommand to initiate connections by nameMartin Willi2014-05-072-0/+129
|
* swanctl: Add a list-sas command to query active IKE_SAsMartin Willi2014-05-072-0/+360
|
* swanctl: Add a stub for a vici based configuration and control utilityMartin Willi2014-05-077-0/+489
|
* libcharon: Execute scripts defined in strongswan.conf during startup/shutdownMartin Willi2014-05-071-0/+52
|
* vici: Check if header has been received before processing an empty messageMartin Willi2014-05-071-1/+2
| | | | | | If do_read() returns with EWOULDBLOCK, we must ensure that we actually have processed the full length header before checking the zero-initialized buffer length.
* vici: Properly filter by CHILD_SA name while undoing start actionsMartin Willi2014-05-071-2/+5
|
* vici: Fallback to socket listening port if no explicit local port specifiedMartin Willi2014-05-071-1/+4
|
* vici: Support a "mtu" value for the tfc_padding optionMartin Willi2014-05-071-2/+16
|
* vici: Handle the "trap" action as an alias for "route"Martin Willi2014-05-071-0/+1
|
* vici: Document errno values to expect from libvici APIMartin Willi2014-05-072-9/+24
|
* vici: Log owners of a just loaded shared-secretMartin Willi2014-05-071-2/+18
|
* vici: Handle "xauth" as an alias for "eap" secretsMartin Willi2014-05-071-1/+1
|
* vici: Return number of matching and closed SAs in terminate commandMartin Willi2014-05-071-9/+12
|
* vici: Complete libvici doxygen commentsMartin Willi2014-05-071-2/+17
|
* vici: Ensure we have no active users before mangling event client registrationsMartin Willi2014-05-071-13/+35
|
* vici: Properly skip raise_event() for unknown event namesMartin Willi2014-05-071-13/+13
|
* vici: Increase vici message length header from 16 to 32 bitsMartin Willi2014-05-075-24/+43
| | | | | | | | | While we currently have no need for messages larger than 65KB, we should design the protocol to be future-proof, as we plan to keep at least to lowest protocol layer stable. To avoid any allocation issues, we currently keep the message size limit at 512KB.
* vici: Have an explicit "relaxed" keyword for the default revocation policyMartin Willi2014-05-071-1/+5
|
* vici: Use a default child rekey time of 1 hourMartin Willi2014-05-071-0/+6
|
* vici: Use a default IKE rekey time of 4 hoursMartin Willi2014-05-071-0/+6
|
* vici: Add low-level IPC protocol descriptionMartin Willi2014-05-072-0/+179
|
* vici: Fix descending into non-matching sections during key findMartin Willi2014-05-071-1/+1
|
* vici: Add an IKE virtual IP and attribute backendMartin Willi2014-05-074-0/+781
|
* vici: Support referencing external named pools for peer configsMartin Willi2014-05-071-0/+14
|
* vici: Actually add configured virtual IPs to peer configMartin Willi2014-05-071-0/+5
|
* vici: Use a default rand_time of the difference between hard and soft lifetimesMartin Willi2014-05-071-0/+26
|
* vici: Use a default hard lifetime of 110% of the soft lifetimeMartin Willi2014-05-071-0/+37
|
* vici: Make unit-tests independent from libcharon and libhydraMartin Willi2014-05-073-11/+1
| | | | Fixes monolithic build, as we can't depend on the not yet built libcharon.
* vici: Don't compare unsigned certificate_type_t to -1Martin Willi2014-05-071-1/+1
|
* vici: Use non-blocking first read when receiving message during client on_read()Martin Willi2014-05-071-1/+15
| | | | | | As select() and finally the watcher may signal an FD even if it does not actually have data, we must make a non-block read to avoid hanging in the read callback.
* vici: Perform specified start_action on connection load, undo it on unloadMartin Willi2014-05-071-2/+185
|
* vici: Add a generic log event to raise events for log messagesMartin Willi2014-05-074-0/+195
|
* vici: Be less verbose about client connectionsMartin Willi2014-05-072-5/+31
| | | | Instead, log the explicit commands at a higher level.
* vici: Add a list-certs command to query different certificate typesMartin Willi2014-05-071-0/+102
|
* vici: Support pinning end entity and CA certificates to connectionsMartin Willi2014-05-072-0/+62
|
* vici: Support missing groups option in auth configMartin Willi2014-05-072-1/+36
|
* vici: Add a load-shared command to load shared IKE and EAP secretsMartin Willi2014-05-071-0/+68
|
* vici: Add a load-key command to load private keysMartin Willi2014-05-071-0/+50
|
* vici: Support loading of different certificate typesMartin Willi2014-05-071-0/+93
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 11:16:41 +0000