conf: Document libimcv options

2014-02-07 14:20:53 +01:00 · 2014-02-07 14:20:53 +01:00 · bf3f4bf7a2
parent 1ec3476398
commit bf3f4bf7a2
9 changed files with 64 additions and 0 deletions
--- a/conf/Makefile.am
+++ b/conf/Makefile.am
@ -10,6 +10,8 @@ pluginstemplatedir = $(templatesdir)/plugins
 options = \
 	options/charon.opt \
 	options/charon-logging.opt \
+	options/imcv.opt \
+	options/pacman.opt \
 	options/tnc.opt

 plugins = \
@ -35,6 +37,12 @@ plugins = \
 	plugins/error-notify.opt \
 	plugins/gcrypt.opt \
 	plugins/ha.opt \
+	plugins/imc-os.opt \
+	plugins/imc-scanner.opt \
+	plugins/imc-test.opt \
+	plugins/imv-os.opt \
+	plugins/imv-scanner.opt \
+	plugins/imv-test.opt \
 	plugins/ipseckey.opt \
 	plugins/led.opt \
 	plugins/kernel-klips.opt \
--- a/conf/options/imcv.opt
+++ b/conf/options/imcv.opt
@ -0,0 +1,27 @@
+charon.imcv {}
+	Defaults for options in this section can be configured in the _libimcv_
+	section.
+
+charon.imcv.assessment_result = yes
+	Whether IMVs send a standard IETF Assessment Result attribute.
+
+charon.imcv.database =
+	Global IMV policy database URI.
+
+charon.imcv.os_info.name =
+	Manually set the name of the client OS (e.g. Ubuntu).
+
+charon.imcv.os_info.version =
+	Manually set the version of the client OS (e.g. 12.04 i686).
+
+charon.imcv.policy_script = ipsec _imv_policy
+	Script called for each TNC connection to generate IMV policies.
+
+libimcv.debug_level = 1
+	Debug level for a stand-alone _libimcv_ library.
+
+libimcv.load = random nonce gmp pubkey x509
+	Plugins to load in IMC/IMVs with stand-alone _libimcv_ library.
+
+libimcv.stderr_quiet = no
+	Disable output to stderr with a stand-alone _libimcv_ library.
--- a/conf/options/pacman.opt
+++ b/conf/options/pacman.opt
@ -0,0 +1,5 @@
+pacman.database =
+	Database URI for the database that stores the package information.
+
+pacman.load =
+	Plugins to load in package manager.
--- a/conf/plugins/imc-os.opt
+++ b/conf/plugins/imc-os.opt
@ -0,0 +1,2 @@
+charon.plugins.imc-os.push_info = yes
+	Send operating system info without being prompted.
--- a/conf/plugins/imc-scanner.opt
+++ b/conf/plugins/imc-scanner.opt
@ -0,0 +1,2 @@
+charon.plugins.imc-scanner.push_info = yes
+	Send open listening ports without being prompted.
--- a/conf/plugins/imc-test.opt
+++ b/conf/plugins/imc-test.opt
@ -0,0 +1,14 @@
+charon.plugins.imc-test.additional_ids = 0
+	Number of additional IMC IDs.
+
+charon.plugins.imc-test.command = none
+	Command to be sent to the Test IMV.
+
+charon.plugins.imc-test.dummy_size = 0
+	Size of dummy attribute to be sent to the Test IMV (0 = disabled).
+
+charon.plugins.imc-test.retry = no
+	Do a handshake retry.
+
+charon.plugins.imc-test.retry_command =
+	Command to be sent to the Test IMV in the handshake retry.
--- a/conf/plugins/imv-os.opt
+++ b/conf/plugins/imv-os.opt
@ -0,0 +1,2 @@
+charon.plugins.imv-os.remediation_uri =
+	URI pointing to operating system remediation instructions.
--- a/conf/plugins/imv-scanner.opt
+++ b/conf/plugins/imv-scanner.opt
@ -0,0 +1,2 @@
+charon.plugins.imv-scanner.remediation_uri =
+	URI pointing to scanner remediation instructions.
--- a/conf/plugins/imv-test.opt
+++ b/conf/plugins/imv-test.opt
@ -0,0 +1,2 @@
+charon.plugins.imv-test.rounds = 0
+	Number of IMC-IMV retry rounds.