46df61dff7
Add an ipsec.conf leftgroups2 parameter for the second authentication round
2012-07-26 11:51:58 +02:00
be735f0148
added PA-TNC max_msg_len option to man page
2012-07-13 11:02:23 +02:00
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
c8aabefd08
added charon.plugins.eap-tnc.protocol option
2012-07-11 17:09:05 +02:00
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
87efdef35b
configure size of ITA Dummy PA-TNC attribute
2012-07-11 17:09:04 +02:00
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
66e12b926e
Some updates in ipsec.conf(5) for 5.0.0
2012-06-26 12:39:53 +02:00
c38d6905a2
added charon.cisco_unity to strongswan.conf.5 man page
2012-06-25 11:47:40 +02:00
2045a9d36d
added secret as valid authby argument
2012-06-18 22:11:18 +02:00
7c4214bd38
Add documentation for signature hash algorithm enforcing to man ipsec.conf
2012-06-12 15:01:39 +02:00
95e41fb80a
starter: Drop support for %defaultroute.
2012-06-11 17:33:29 +02:00
60c82591c5
Retry IKE_SA initiation if DNS resolution failed.
...
This is disabled by default and can be enabled with the
charon.retry_initiate_interval option in strongswan.conf.
2012-05-30 15:32:52 +02:00
18dac73f02
Updated ipsec.conf(5) to reflect changes to IPComp support.
2012-05-24 15:32:28 +02:00
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
13de38e354
Documented strongswan.conf options for radattr plugin.
2012-05-01 13:32:43 +02:00
5895c2e948
Option added to set identifier for syslog(3) logging.
...
This identifier is added to each log message by syslog.
2012-04-20 09:26:12 +02:00
0293f09597
updated supported EAP methods
2012-03-30 11:15:10 +02:00
ed2cab08d2
Make resolvconf interface prefix configurable.
2012-03-27 10:44:21 +02:00
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
75e3d90d43
Updated ipsec.conf man page for the use of IKEv1 with pluto
2012-03-20 17:31:39 +01:00
c8d46f2959
Dropped support of deprecated authby=eap and eap= options
2012-03-20 17:31:38 +01:00
f673958e59
added the strongswan.conf options of the tnc-pdp plugin
2012-03-16 11:14:40 +01:00
e01751035e
completed imc/imv-attestation settings
2012-02-07 22:11:51 +01:00
9ec66bc1a5
Added an option to load CA certificates without CA basic constraint.
...
Enabling this option treats all certificates in ipsec.d/cacerts and
ipsec.conf ca sections as CA certificates even if they do not contain a
CA basic constraint.
2012-02-01 14:34:52 +01:00
503dee4d2f
Added RADIUS accounting option to strongswan.conf manual
2012-02-01 11:35:13 +01:00
7c0c2349a9
Make number of concurrently handled stroke messages configurable.
2011-12-29 18:41:39 +01:00
54d096a712
Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).
...
This will allow us to remove quite some clutter from the LIB debug group
for higher debug levels.
2011-12-16 16:44:38 +01:00
49b44c98c1
Charon also supports type=passthrough|drop.
2011-12-14 19:01:39 +01:00
b768d6a4a5
Documented xauth_identity in ipsec.conf(5) man page.
2011-12-14 18:04:39 +01:00
6d4c6b8f41
Documented binary secrets in ipsec.secrets(5) man page.
2011-12-14 17:46:27 +01:00
15b3dc5b26
added libimcv.plugins.imc-attestation.aik_blob parameter
2011-12-11 22:03:43 +01:00
63179fd459
upgraded Test IMC/IMV pair to fully support multple IMC IDs
2011-12-11 22:01:49 +01:00
53e2fc690e
pkcs11: Documented use_pubkey option in strongswan.conf(5).
2011-11-03 18:36:34 +01:00
1a9e3e0147
pkcs11: Documented new options in strongswan.conf(5).
2011-10-31 18:50:10 +01:00
f0a8bf47f7
refactored TNC framework
2011-10-25 01:10:16 +02:00
848a36fed7
starter.load documented in strongswan.conf(5) man page.
2011-10-21 17:30:39 +02:00
de13eab0e6
Documented the strict flag (!) for ike and esp options in ipsec.conf.
2011-09-26 17:51:53 +02:00
7213abcbfb
PTS log group documented in man pages.
2011-09-12 15:07:20 +02:00
5b217e4994
Document charon's default log levels in ipsec.conf(5).
2011-09-12 15:07:20 +02:00
f7a98122ea
added strongswan.conf attributes for attestation IMC/IMV
2011-09-08 12:08:17 +02:00
a4541f1d20
added tnc-ifmap.ssl_passphrase to strongswan.conf
2011-09-02 06:38:39 +02:00
49c03672a3
updated strongswan.conf
2011-08-12 18:11:32 +02:00
535798cfe3
added tnc-ifmap attributes to manpage
2011-08-10 15:58:18 +02:00
45945fa137
Added tnc, imc, imv debug message groups to man page.
2011-07-26 09:38:13 +02:00
4f3ca916c5
Documentation about job priorities added to man page.
...
Also includes docs about IKE_SA_INIT dropping.
2011-07-21 16:17:08 +02:00
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
355728110a
Added missing load-tester options to man page.
2011-07-18 19:01:18 +02:00
e65a50530e
added libimcv.plugins.imv_scanner options to strongswan.conf
2011-07-18 09:34:49 +02:00
c8eb2dea04
added libimcv options to strongswan.conf
2011-06-18 14:08:37 +02:00
Martin Willi