1b33e6c4ca
charon-nm: Add dependencies to CERT_DECODE and PRIVKEY plugin features
...
This ensures the NM-specific credential set is unloaded before any
implementation of certificate/key objects, which causes a segmentation
fault during shutdown.
2013-03-19 16:25:26 +01:00
3651c8dcd5
charon-nm: Prevent NM from changing the default route
...
This is not required as we install our own (narrow) route(s) in our own
routing table. This should allow split tunneling if configured on the
gateway.
2013-03-19 16:25:26 +01:00
9cf09ecad7
charon-nm: Use VIP (if any) as local address
...
NM will install this address on the provided device.
2013-03-19 16:25:26 +01:00
c15eea7306
charon-nm: Pass a dummy TUN device to NetworkManager
...
NetworkManager modifies the addresses etc. on this interface so using
"lo" is not optimal. With the dummy interface NM is free to do its
thing.
2013-03-19 16:25:26 +01:00
b7645a5d30
charon-nm: Fix NM plugin utility macros
2013-03-19 16:25:26 +01:00
306a269e34
Add a DSCP configuration value to IKE configs
2013-02-06 15:20:32 +01:00
69c6a60176
g_thread_init() is deprecated since Glib 2.23
2013-01-24 19:13:40 +01:00
365d9a6f67
Added an option that allows to force IKEv1 fragmentation
2013-01-12 11:54:32 +01:00
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
2e7cc07ecd
Moved host_t and host_resolver_t to a new networking subfolder
2012-10-24 15:06:18 +02:00
1fdd62ffce
Remove version argument on peer_cfg constructor, use ike_cfg version instead
2012-10-24 10:19:33 +02:00
9fc7cc6f9b
Add IKE version information to ike_cfg_t
2012-10-24 10:18:35 +02:00
a2a28d90ac
Make streq() and strcaseeq() static inline functions so they can be used as callbacks
2012-09-21 18:16:26 +02:00
e6fcc172f8
Use AUTH_RULE_IDENTITY_LOOSE in NetworkManager backend
2012-09-18 14:40:40 +02:00
feb8550401
Pass a list instead of a single virtual IP to attribute enumerators
2012-08-30 16:43:42 +02:00
497ce2cf51
Support multiple address pools configured on a peer_cfg
2012-08-30 16:43:42 +02:00
101d26babe
Support multiple virtual IPs on peer_cfg and ike_sa classes
2012-08-30 16:43:42 +02:00
b223d517c8
Replaced usages of CHARON_*_PORT with calls to get_port().
2012-08-08 15:12:25 +02:00
e7ea057fd2
Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
2012-08-08 15:07:43 +02:00
63ac6d00b0
Proper fallback if capability dropping is not available
2012-07-27 14:46:42 +02:00
0619ddfaa4
Refactored heavily #ifdefd capability code to its own libstrongswan class
2012-07-04 11:01:40 +02:00
d12635c77d
Pass "lo" as faked tundev to NM, as it now needs a valid interface since 0.9
2012-06-29 15:21:57 +02:00
aa54ecef44
Use static plugin features in libcharon to define essential dependencies
2012-06-27 11:31:16 +02:00
ec3b332bf8
Use static plugin features in charon-nm
2012-06-27 11:31:16 +02:00
26d77eb3e6
Centralized thread cancellation in processor_t
...
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.
callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t. The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
2012-06-25 17:38:59 +02:00
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
b64f333612
Integrate nm plugin directly in charon-nm.
2012-05-03 13:57:03 +02:00
Tobias Brunner