Commit Graph

201 Commits

Author SHA1 Message Date
Tobias Brunner 33967467e2 conf: Document load-tester.crl option 2014-06-30 13:25:13 +02:00
Tobias Brunner da7cb76974 conf: Document charon.*-scripts options 2014-06-30 13:25:13 +02:00
Tobias Brunner 38f27e172c conf: Document swanctl options 2014-06-30 13:25:13 +02:00
Tobias Brunner 4d066ef7fc conf: Document aikgen options 2014-06-30 13:25:13 +02:00
Tobias Brunner 3986c1e3fd autoconf: Replace --disable-tools option with --disable-scepclient
Since using a separate option for pki this was the only tool that was still
enabled by that option.
2014-06-30 13:25:13 +02:00
Tobias Brunner 566d1a90cd Remove kernel-klips plugin 2014-06-19 14:20:33 +02:00
Tobias Brunner 3bf98189d7 kernel-netlink: Follow RFC 6724 when selecting IPv6 source addresses
Instead of using the first address we find on an interface we should
consider properties like an address' scope or whether it is temporary
or public.

Fixes #543.
2014-06-19 14:16:41 +02:00
Andreas Steffen 18ba2a3035 Fixed typo in strongswan.conf 2014-06-05 11:26:54 +02:00
Martin Willi b70849ada2 configure: Separate pki from --disable-tools
While pki builds and runs just fine on Windows, this is not true for scepclient.
2014-06-04 15:53:08 +02:00
Andreas Steffen bfd8f8c5fe Updated IMC/IMV entries in strongswan.conf man page 2014-05-31 20:37:57 +02:00
Tobias Brunner 35952dc13f conf: Fix sorting of options with Python 3
__cmp__() is not supported anymore with Python 3 and cmp() is deprecated.
Instead rich comparisons should be used (only __lt__() is required for
sorting).
2014-05-13 11:14:44 +02:00
Tobias Brunner 5ee4984da5 conf: print is a function in Python 3 2014-05-13 11:14:43 +02:00
Andreas Steffen 8d59090349 Implemented PT-EAP protocol (RFC 7171) 2014-05-12 06:59:21 +02:00
Andreas Steffen 688b5b99ed Changed default value to libimcv.imc-attestation.pcr_info = no 2014-05-10 20:08:20 +02:00
Martin Willi ae98a39e71 conf: Add a format-options --nosort option to keep order of sections as defined 2014-05-07 15:48:17 +02:00
Tobias Brunner e20deeca77 conf: Properly propagate whether a section is commented or not 2014-05-07 15:48:16 +02:00
Martin Willi 7dbf9e1574 vici: Document strongswan.conf options 2014-05-07 14:13:38 +02:00
Martin Willi c4c9d291d2 ikev1: Add an option to accept unencrypted ID/HASH payloads
Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in
unencrypted form, probably to allow PSK lookup based on the ID payloads. We
by default reject that, but accept it if the
charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf.

Initial patch courtesy of Paul Stewart.
2014-04-17 08:52:28 +02:00
Andreas Steffen 8c40609f96 Use python-based swidGenerator to generated SWID tags 2014-04-15 09:21:06 +02:00
Andreas Steffen 0bd64fa5bf Renamed the AIK public key parameter to imc-attestation.aik_pubkey 2014-04-15 09:21:05 +02:00
Andreas Steffen c54c26dd17 Implemented configurable Device ID in OS IMC 2014-04-15 09:21:05 +02:00
Tobias Brunner 00b91c4325 eap-radius: Add option to not close IKE_SAs on timeouts during interim accouting updates
Fixes #528.
2014-03-31 14:32:44 +02:00
Tobias Brunner 9fa7b03769 conf: Order settings in man page alphabetically
For the config snippets the options are now explicitly ordered before
subsections.
2014-03-31 14:32:44 +02:00
Martin Willi dbd4fc074a openac: Remove obsolete openac utility
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
Andreas Steffen 342bc6e545 Disable mandatory ECP support for attestion 2014-03-07 21:56:34 +01:00
Tobias Brunner bd1c9f1eac conf: Fix out-of-tree build from distribution
It worked from the repository, where strongswan.conf.5.main is generated
in the build dir, but not from the distribution where it is located in
the source dir, so explicitly create it in the source dir.
2014-02-27 12:02:13 +01:00
Tobias Brunner e1af4d88a6 conf: Ignore generated strongswan.conf.5.main 2014-02-18 10:08:54 +01:00
Tobias Brunner 5645ad2976 conf: Fix installation on FreeBSD
Apparently, the -t option for install is not portable.
2014-02-13 13:53:25 +01:00
Tobias Brunner 03650d5a2d conf: The use of $^ is not portable
Generating strongswan.conf.5.main in a subshell gets the file
properly written to the builddir in out-of-tree builds.
2014-02-13 11:47:02 +01:00
Tobias Brunner efce4559e8 conf: Install config files world-readable but warn about permissions for certain options 2014-02-12 15:16:57 +01:00
Tobias Brunner 5422bb9070 conf: Document variables and config files/dirs 2014-02-12 14:34:34 +01:00
Tobias Brunner 7573a7ed56 conf: Only install config snippets for enabled components 2014-02-12 14:34:34 +01:00
Tobias Brunner ff94fe157a conf: Document options of other programs 2014-02-12 14:34:34 +01:00
Tobias Brunner 5ac757872b conf: Document options of plugins in libpts 2014-02-12 14:34:34 +01:00
Tobias Brunner bf3f4bf7a2 conf: Document libimcv options 2014-02-12 14:34:34 +01:00
Tobias Brunner 4576f7f960 conf: Document libtnccs options 2014-02-12 14:34:34 +01:00
Tobias Brunner d56a23c515 conf: Create automatically generated config snippets in build dir 2014-02-12 14:34:34 +01:00
Tobias Brunner 7f535b3938 conf: Install config snippets in /usr/share/strongswan/templates/config too 2014-02-12 14:34:34 +01:00
Tobias Brunner 6a2de77f2e conf: Only install config snippets if they don't exist yet 2014-02-12 14:34:34 +01:00
Tobias Brunner fc380b175d conf: Move load-tester options to plugin specific file 2014-02-12 14:34:34 +01:00
Tobias Brunner 828815b0d8 conf: Options of all plugins documented
Some options are still missing descriptions though.
2014-02-12 14:34:34 +01:00
Tobias Brunner da8b16a160 conf: Add logger example config 2014-02-12 14:34:34 +01:00
Tobias Brunner 5da20b3dc6 conf: Converted charon options 2014-02-12 14:34:33 +01:00
Tobias Brunner c4bb26b849 conf: Split strongswan.conf(5) man page and use generated snippet 2014-02-12 14:34:33 +01:00
Tobias Brunner 7f62b7d02d conf: Generate groff snippet for configuration options 2014-02-12 14:34:33 +01:00
Tobias Brunner 91cc523ca7 conf: Generate strongswan.conf(5) man page in different directory 2014-02-12 14:34:33 +01:00
Tobias Brunner 1b98f85821 conf: Generate and install config sippets for option descriptions
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00
Tobias Brunner e90b37b9c3 conf: Script to convert option descriptions to man page and config snippets added 2014-02-12 14:34:33 +01:00
Tobias Brunner dee50a6046 conf: Create /etc/strongswan.d directory and include .conf files 2014-02-12 14:34:33 +01:00
Tobias Brunner 45e19c7c88 conf: Simplified strongswan.conf template 2014-02-12 14:34:33 +01:00
Tobias Brunner c75acc4c44 conf: Install strongswan.conf template from a separate directory 2014-02-12 14:34:33 +01:00