Tobias Brunner
535277afc5
Fix issue with $< automatic variable on FreeBSD
...
BSD make only evaluates $< for implicit rules, so building from the
repository won't work unless GNU make is installed and used, or we
replace affected uses like this.
2019-08-27 18:12:28 +02:00
Martin Willi
c0d5c6553a
Run gperf with --output-file instead of output redirection
...
When missing gperf, the redirection generates an empty file, which must
be manually removed after gperf has been installed. This is difficult
to diagnose, as the produced build error is cryptic.
Use --output-file of gperf instead to avoid creating an empty file if
gperf is missing. This still requires the user to re-run ./configure
after installing gperf, though.
2019-08-26 10:56:36 +02:00
Tobias Brunner
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
Tobias Brunner
a97de61e78
starter: Add the correct keywords header file to EXTRA_DIST
...
The fix for gperf in 0ae19f0ced
added the generated header to
EXTRA_DIST but that's already added to the distribution because it is
contained in *_SOURCES, what was not added, though, was the .h.in file.
Also fixes the reference to the header file in the .c rule here and for
stroke in out-of-tree builds.
Fixes: 0ae19f0ced
("configure: Fix gperf length parameter determination")
2017-10-12 09:09:12 +02:00
Tobias Brunner
0ae19f0ced
configure: Fix gperf length parameter determination
...
gperf is not actually a build dependency as the generated files are
shipped in the tarball. So the type depends on the gperf version on
the host that ran gperf and created the tarball, which might not be
the same as that on the actual build host, and gperf might not even
be installed there, leaving the type undetermined.
Fixes: e0e4322973
("configure: Detect type of length parameter for gperf generated function")
2017-10-02 17:21:42 +02:00
Tobias Brunner
e0e4322973
configure: Detect type of length parameter for gperf generated function
...
Since 3.1 gperf uses size_t for the length parameter instead of an
unsigned int.
2017-09-19 13:24:43 +02:00
Tobias Brunner
4270c8fcb0
stroke: Make 96-bit truncation for SHA-256 configurable
2017-05-26 11:22:28 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
1c3aa9bfc8
stroke: Fix --utc option for list* commands
...
Fixes: dcb168413f
("stroke: Add --daemon option")
2015-12-17 16:56:20 +01:00
Andreas Steffen
02d431022c
Refactored certificate management for the vici and stroke interfaces
2015-12-12 00:19:24 +01:00
Tobias Brunner
2d5b3d34ec
stroke: Add missing include for UINT16_MAX
...
Fixes the build on FreeBSD.
Fixes #988 .
2015-06-09 10:25:33 +02:00
Tobias Brunner
d8fe354a0e
stroke: Dynamically resize stroke messages
...
The maximum size of a stroke message is currently 64k due to the 2 byte
length field.
Fixes #943 .
2015-05-22 10:40:15 +02:00
Martin Willi
c6bc167c0b
stroke: Double the stroke message string buffer size
2015-02-06 16:44:39 +01:00
Tobias Brunner
dcb168413f
stroke: Add --daemon option
2014-06-19 13:56:38 +02:00
Tobias Brunner
906a409608
stroke: Use stream abstraction to communicate with stroke plugin
...
Without this changing charon.plugins.stroke.socket would not really
work.
2014-06-19 13:56:37 +02:00
Martin Willi
d5367d2262
starter: Add a replay_window connection option
2014-06-17 16:41:31 +02:00
Tobias Brunner
34d3bfcf14
lib: Add global config namespace
2014-02-12 14:34:31 +01:00
Tobias Brunner
20c99edab9
android: Remove dependency on libvstr
2013-11-13 11:40:47 +01:00
Martin Willi
a07b97e804
starter: Add an 'ah' keyword for Authentication Header Security Associations
2013-10-11 10:15:20 +02:00
Martin Willi
2bae838d5e
stroke: re-enable modeconfig keyword
2013-09-04 10:33:38 +02:00
Martin Willi
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
Tobias Brunner
8c88ca0fcf
stroke: Add statusall-nb as alias for statusallnb
2013-06-21 10:51:41 +02:00
Tobias Brunner
4182c86aed
stroke: Add non-blocking versions of up and down
...
stroke up-nb and stroke down-nb do not block until the command has
finished. Instead, they return right after initiating the respective
operation.
2013-06-21 10:49:39 +02:00
Martin Willi
de2debf8e0
stroke: add exportconn{cert,chain} commands in addition to exportx509
...
The new commands either export a single end entity certificate or the
full trust chain for a specific connection name.
2013-06-19 16:27:19 +02:00
Martin Willi
9f1dfd88c8
Use the GEN silent rule when generating gperf files
2013-05-06 15:04:56 +02:00
Tobias Brunner
e5d819b617
android: Remove/filter header files from LOCAL_SRC_FILES
...
This avoids huge warnings when building the native code.
2013-03-20 15:24:26 +01:00
Martin Willi
048872f2f7
Merge branch 'stroke-counters'
...
Extend stroke counters functionality by connection specific counters, and
a resetcounters command to reset the global or connection counters.
2013-03-18 10:12:22 +01:00
Martin Willi
cf729248b2
Add a "resetcounters" command to ipsec, clearing global or connection counters
2013-03-15 10:55:22 +01:00
Martin Willi
d022322bed
Add connection name specific stroke counters
2013-03-15 10:41:04 +01:00
Martin Willi
a36b49f3cb
Merge branch 'opaque-ports'
...
Adds a %opaque port option and support for port ranges in left/rightprotoport.
Currently not supported by any of our kernel backends.
2013-03-01 11:27:12 +01:00
Martin Willi
cd41b951ee
Pass complete port range over stroke interface for more flexibility
2013-02-21 11:52:33 +01:00
Martin Willi
7fbe516f88
Add a ikedscp ipsec.conf option to set DSCP value on outgoing IKE packets
2013-02-06 15:36:36 +01:00
Tobias Brunner
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
Reto Buerki
a7409773e6
stroke: Drop unneeded [MY|OTHER]_NETBITS
2012-12-19 11:24:02 +01:00
Reto Buerki
31944a4366
stroke: Enable install_policy in add_connection()
2012-12-19 11:23:52 +01:00
Martin Willi
0c4b9f7cda
Add a "ipsec listcounters" command to stroke
2012-10-24 11:34:31 +02:00
Martin Willi
96c2b3cf89
Support multiple addresses/pools in left/rightsourceip
2012-08-30 16:43:42 +02:00
Martin Willi
17319aa28d
Add a left/rightdns keyword to configure connection specific DNS attributes
2012-08-21 09:38:00 +02:00
Tobias Brunner
56d07af3be
Added ESP log group for libipsec log messages.
2012-08-08 15:12:25 +02:00
Martin Willi
46df61dff7
Add an ipsec.conf leftgroups2 parameter for the second authentication round
2012-07-26 11:51:58 +02:00
Andreas Steffen
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
Andreas Steffen
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Andreas Steffen
5f1931ada1
added support for raw RSA public keys to stroke
2012-04-30 00:31:42 +02:00
Tobias Brunner
9f1b303afc
Added stroke user-creds command, to set username/password for a connection.
2012-04-17 14:20:58 +02:00
Tobias Brunner
ff5cb888f6
Additional prompt keyword added to stroke.
2012-04-17 14:20:58 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
c8d46f2959
Dropped support of deprecated authby=eap and eap= options
2012-03-20 17:31:38 +01:00
Martin Willi
e129168ba6
Added a "aggressive" ipsec.conf connection option
2012-03-20 17:31:34 +01:00
Martin Willi
d94c923648
Support an "any" IKE version for both IKEv1 or IKEv2
2012-03-20 17:31:25 +01:00