Tobias Brunner
040608a48d
Simplify handling of terminating signals in all libcharon wrappers
...
Closes strongswan/strongswan#182 .
2020-09-30 12:47:39 +02:00
Tobias Brunner
33412158f5
ike: Send AEAD ESP default proposal first
...
We generally prefer AEAD nowadays.
References #3461 .
2020-06-12 13:47:13 +02:00
Sheena Mira-ato
fe3ae5be5d
Add compile option to disable internal handling of fatal signals
...
By default, charon and its derivatives internally handle the SIGSEGV,
SIGILL, and SIGBUS signals raised by threads (segv_handler). Add a compile
option so that the signal handling can optionally be done externally.
Closes strongswan/strongswan#132 .
2019-05-28 10:44:48 +02:00
Tobias Brunner
9486a2e5b0
ike-cfg: Pass arguments as struct
2019-04-25 14:31:33 +02:00
Tobias Brunner
157150ca91
charon-cmd: Register atexit() handler for libcharon_deinit twice
...
Similar to cbe9e575ee
, this avoids issues with libraries that are
pulled in via plugins and register their own atexit() handlers.
2018-12-07 10:30:08 +01:00
Tobias Brunner
b982473a86
charon-cmd: Print plugin list before parsing arguments
...
Helps debugging e.g. failures to load certs/keys.
2018-10-26 11:01:10 +02:00
Tobias Brunner
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
Tobias Brunner
2db6d5b8b3
Fixed some typos, courtesy of codespell
2018-02-13 12:19:54 +01:00
Tobias Brunner
9665686bd8
daemon: Use separate method to set default loggers
...
This way it is not necessary to pass the same values to reload the
loggers.
2017-01-25 14:58:09 +01:00
Martin Willi
518a5b2ece
configure: Check for and explicitly link against -latomic
...
Some C libraries, such as uClibc, require an explicit link for some atomic
functions. Check for any libatomic, and explcily link it.
2016-06-14 14:27:20 +02:00
Tobias Brunner
2ba5dadb12
peer-cfg: Use struct to pass data to constructor
2016-04-09 16:51:01 +02:00
Tobias Brunner
8a00a8452d
child-cfg: Use struct to pass data to constructor
2016-04-09 16:51:01 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
28649f6d91
libhydra: Remove empty unused library
2016-03-03 17:36:11 +01:00
Tobias Brunner
88b85e022a
sigwaitinfo() may fail with EINTR if interrupted by an unblocked signal not in the set
...
Fixes #1213 .
2015-11-23 11:37:19 +01:00
Tobias Brunner
858148092d
Replace usages of sigwait(3) with sigwaitinfo(2)
...
This is basically the same call, but it has the advantage of being
supported by FreeBSD's valgrind, which sigwait() is not.
References #1106 .
2015-10-29 15:38:37 +01:00
Tobias Brunner
ff0abde9ed
controller: Optionally adhere to init limits also when initiating IKE_SAs
2015-08-21 18:21:13 +02:00
Martin Willi
68da3bad57
settings: Use strongswan.conf used during library initialization for reload
...
Since 4b670a20
we require an explicit strongswan.conf to re-load configurations.
However, the define was missing in the build, breaking SIGHUP based config
reloading.
Fixes #651 .
2014-09-22 13:40:39 +02:00
Tobias Brunner
b2b54bd71d
Make sure getpass() is available
...
It's not on Android for example.
2014-05-29 12:28:53 +02:00
Martin Willi
8d74ec9e80
ike: Add an additional but separate AEAD proposal to CHILD config
...
This currently has no effect: We don't include AEAD algorithms in the default
ESP proposal, as we don't know if it is supported by the backend. But as we
hopefully get an algorithm query mechanism on kernel interfaces some day, we
add the appropriate functionality nonetheless.
2014-05-16 16:51:19 +02:00
Martin Willi
879e3d12ca
ike: Add an additional but separate AEAD proposal to IKE config, if supported
2014-05-16 16:51:19 +02:00
Martin Willi
064fe9c963
enum: Return boolean result for enum_from_name() lookup
...
Handling the result for enum_from_name() is difficult, as checking for
negative return values requires a cast if the enum type is unsigned. The new
signature clearly differentiates lookup result from lookup value.
Further, this actually allows to convert real -1 enum values, which could not
be distinguished from "not-found" and the -1 return value.
This also fixes several clang warnings where enums are unsigned.
2014-05-16 15:42:07 +02:00
Tobias Brunner
4b670a20a9
settings: strongswan.conf must be loaded explicitly
2014-05-15 11:28:10 +02:00
Tobias Brunner
1c306c0ee9
libcharon: Remove unused charon->name
2014-02-12 14:34:33 +01:00
Tobias Brunner
10c4f4e1fd
libhydra: Remove unused hydra->daemon
2014-02-12 14:34:32 +01:00
Tobias Brunner
34d3bfcf14
lib: Add global config namespace
2014-02-12 14:34:31 +01:00
Martin Willi
e2de972c55
charon-cmd: Request an IPv6 virtual IP if an IPv6 remote subnet given
2014-02-06 15:58:13 +01:00
Martin Willi
fe7269c089
charon-cmd: Document new proposal options in manpage
2014-02-06 15:58:13 +01:00
Martin Willi
c9e85424a8
charon-cmd: Add --esp/--ah-proposal options to specify CHILD_SA proposals
2014-02-06 15:58:07 +01:00
Martin Willi
2796cf59bc
charon-cmd: Add an --ike-proposal option to specify non-default IKE proposals
2014-02-06 15:57:36 +01:00
Martin Willi
1df1430146
charon-cmd: Block SIGUSR1 on worker threads
...
To properly shut down charon-cmd with leak reports, only the main thread
should catch SIGUSR1 to shut down the application. Work threads should ignore
SIGUSR1 to avoid any hard application termination.
2014-02-06 15:57:36 +01:00
Tobias Brunner
8250fc10e8
Build generated man pages via configure script
2013-09-13 14:32:51 +02:00
Martin Willi
3070697f9f
ike: support multiple addresses, ranges and subnets in IKE address config
...
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
2013-09-04 10:38:37 +02:00
Martin Willi
9aeaa7396e
peer-cfg: add a pull/push mode option to use with mode config
2013-09-04 10:33:37 +02:00
Martin Willi
e8b36eb92f
charon-cmd: support prompting for a PIN
...
To support a Password and PIN XAuth combo, additionally support multiple
prompts for different credential types.
2013-09-03 16:26:19 +02:00
Martin Willi
44bb1dc3da
charon-cmd: add --eap-identity and --xauth-username options
2013-07-29 09:00:49 +02:00
Tobias Brunner
0ceb288815
Fix various API doc issues and typos
...
Partially based on an old patch by Adrian-Ken Rueegsegger.
2013-07-18 18:30:36 +02:00
Martin Willi
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
Tobias Brunner
f588349dfe
charon-cmd: Ignore generated man page
2013-07-01 12:33:21 +02:00
Tobias Brunner
a2eb581781
capabilities: Move global capabilities_t instance to libstrongswan
2013-06-25 17:16:32 +02:00
Tobias Brunner
1b3b7ba54d
charon-cmd: Document auxiliary options
2013-06-21 17:00:49 +02:00
Tobias Brunner
4d62ad7571
charon-cmd: Link strongswan.conf(5) and charon-cmd(8) man pages
2013-06-21 16:35:19 +02:00
Tobias Brunner
5991f09565
charon-cmd: Use fixed number of character to align command descriptions
...
If the command and argument is longer than that write the first line of
description to the following line.
2013-06-21 16:04:46 +02:00
Tobias Brunner
5e185047e1
charon-cmd: Shortened and fixed command descriptions
2013-06-21 16:04:45 +02:00
Tobias Brunner
463314b55a
charon-cmd: Simplify usage output for authentication profiles
...
The man page describes the min full.
2013-06-21 16:04:45 +02:00
Tobias Brunner
e8d6b91ebd
charon-cmd: Add Aggressive Mode profiles to man page
2013-06-21 16:04:45 +02:00
Tobias Brunner
0d60489bf8
charon-cmd: Add man page for charon-cmd(8)
2013-06-21 16:04:45 +02:00
Tobias Brunner
295d595b49
charon-cmd: Add --debug argument to set the default log level
2013-06-21 15:55:52 +02:00
Tobias Brunner
4049ec42bf
charon-cmd: Handle simple command line arguments like --help before the others
2013-06-21 15:51:42 +02:00
Tobias Brunner
607f8e9906
plugin-loader: Add method to print loaded plugins on a given log level
2013-06-21 15:17:53 +02:00