ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
4,974 Commits 6 Branches 234 Tags 88 MiB
Commit Graph

4974 Commits

Author SHA1 Message Date
Martin Willi 310498f3de Deactivate all active segments before shutting down 2010-04-07 13:55:14 +02:00
Martin Willi 4e248733a8 HA kernel interface can mangle netfilter rules, currently with iptables invocation 2010-04-07 13:55:14 +02:00
Martin Willi dbc91f7c84 Added support for kernel segment manipulation 2010-04-07 13:55:14 +02:00
Martin Willi 6921e8d5a9 Moved segment configuration parsing to ha_sync_plugin 2010-04-07 13:55:14 +02:00
Martin Willi 37459ea928 Propagate segment manipulation to cluster node 2010-04-07 13:55:14 +02:00
Martin Willi 3d672d4b0a Segment manipulation in HA sync is thread save 2010-04-07 13:55:14 +02:00
Martin Willi c573b11c55 Passing 0 to segments->(de-)activate enables/disables all segments 2010-04-07 13:55:14 +02:00
Martin Willi 7ceaf50b05 separated auto-tunnel functionality from socket 2010-04-07 13:55:13 +02:00
Martin Willi f5632db953 create external fifo socket only if "fifo_interface" option is set 2010-04-07 13:55:13 +02:00
Martin Willi 47d365deef updated linuxdir include variable 2010-04-07 13:55:13 +02:00
Martin Willi 724736ff1c updated HA sync plugin to new lifetime config 2010-04-07 13:55:13 +02:00
Martin Willi f825238594 print "none" if not serving any segments 2010-04-07 13:55:13 +02:00
Martin Willi a33eb8631c automatically establish a PSK authenticated SA between cluster nodes 2010-04-07 13:55:13 +02:00
Martin Willi 80624c79d5 fixed memleak when installing synced virtual IPs 2010-04-07 13:55:13 +02:00
Martin Willi b1d495f469 do not sync CHILD_SAs without an IKE_SA 2010-04-07 13:55:13 +02:00
Martin Willi 5b7c0f4409 removed $Id$ from ha plugin 2010-04-07 13:55:13 +02:00
Martin Willi 26d08a241a fixed ike_sa condition/extension parsing 2010-04-07 13:55:12 +02:00
Martin Willi 1f32f61c87 added a copy of the linux jenkins hash to dist 2010-04-07 13:55:12 +02:00
Martin Willi 1e977438af fixed sync of CHILD_SA delete 2010-04-07 13:55:12 +02:00
Martin Willi 9ffcbea6f1 added HA resync option to (re-)integrate nodes to a cluster 2010-04-07 13:55:12 +02:00
Martin Willi c81f4fa29d apply peer config during rekeying 2010-04-07 13:55:12 +02:00
Martin Willi 34d240a6e3 manage synced SAs in IKE_SA Manager, tag them with IKE_PASSIVE state 2010-04-07 13:55:12 +02:00
Martin Willi d4113a42e9 support for IKE_SA rekeying sync 2010-04-07 13:55:12 +02:00
Martin Willi aa98188af5 IKE_SA activation/deactivation magic using a fifo socket 2010-04-07 13:55:12 +02:00
Martin Willi c94fe198e9 syncing of complete IKE/CHILD_SAs works 2010-04-07 13:55:11 +02:00
Martin Willi 7999be5b0e pushing basic CHILD_SA sync data to backup node 2010-04-07 13:55:11 +02:00
Martin Willi 765935c8f6 basic syncing of IKE_SAs 
recreating SAs with keymat derivation
 2010-04-07 13:55:11 +02:00
Martin Willi 190edaf527 added a dispatcher class to receive HA sync messages 
simple attribute parser enumerator (probably needs a cleaner implementation)
 2010-04-07 13:55:11 +02:00
Martin Willi 12ec91ba3a generating basic IKE_SA sync messages 
pushing to statically configured failover node
 2010-04-07 13:55:11 +02:00
Martin Willi e5e91eec29 set up basic infrastructure ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e16d76f9a4 added child_sa serialization to ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e67f5136c0 HA sync plugin stub 2010-04-07 13:55:11 +02:00
Andreas Steffen e6e8eb09dd fixed ikev1/protoport-route timing 2010-04-07 13:24:58 +02:00
Andreas Steffen c3379af391 removed whitespace 2010-04-07 13:07:11 +02:00
Andreas Steffen ef4aa67bf7 generated new research and sales CA certs for carol and dave, respectively 2010-04-07 13:05:17 +02:00
Tobias Brunner 0a4dc78755 Some whitespace fixes. 2010-04-06 12:56:06 +02:00
Tobias Brunner e41932320c Explicitly unload plugins before deinitializing libhydra and libstrongswan in pluto. 2010-04-06 12:47:41 +02:00
Tobias Brunner 894936ce9e Replaced some DBG_LIB with more specific groups. 2010-04-06 12:47:40 +02:00
Tobias Brunner 8b0e09103b Adding DBG_LIB to all calls of libstrongswan's version of DBG*. 2010-04-06 12:47:40 +02:00
Tobias Brunner 9ed6341d3f Adding support for debug groups in libstrongswan's logger. 2010-04-06 12:47:40 +02:00
Tobias Brunner 3fdee23f18 Move debug groups from charon's bus.h to libstrongswan's debug.h. 2010-04-06 12:47:40 +02:00
Tobias Brunner 9f3df622e4 Manually loading the pluto.(n)dns* settings is not needed anymore. 2010-04-06 12:47:40 +02:00
Tobias Brunner 7ac6060e8d Use daemon-specific config for the attr plugin. 2010-04-06 12:47:40 +02:00
Tobias Brunner a5ec302547 Moved attr plugin from libcharon to libhydra. 2010-04-06 12:47:40 +02:00
Tobias Brunner facf887253 Store the name of the daemon that initialized libhydra to load daemon-specific settings. 2010-04-06 12:47:40 +02:00
Tobias Brunner e82b5755be Added pluto/whack output to 'ipsec leases'. 2010-04-06 12:47:40 +02:00
Tobias Brunner 6bfa8e907c Added options to whack to query in-memory leases. 2010-04-06 12:47:39 +02:00
Tobias Brunner 4db0af9080 Added function to list the leases of the in-memory pools. 2010-04-06 12:47:39 +02:00
Tobias Brunner 4e06abe0fa Delete the in-memory IP address pools if a connection gets deleted. 
This fixes ipsec reload.
 2010-04-06 12:47:39 +02:00
Tobias Brunner bd22823358 Use whack_attribute in pluto to provide in-memory IP address pools. 
The pools are configured by setting rightsourceip in ipsec.conf to a
network in CIDR notation.
 2010-04-06 12:47:39 +02:00