Tobias Brunner
34d3bfcf14
lib: Add global config namespace
2014-02-12 14:34:31 +01:00
Tobias Brunner
20c99edab9
android: Remove dependency on libvstr
2013-11-13 11:40:47 +01:00
Martin Willi
a07b97e804
starter: Add an 'ah' keyword for Authentication Header Security Associations
2013-10-11 10:15:20 +02:00
Martin Willi
2bae838d5e
stroke: re-enable modeconfig keyword
2013-09-04 10:33:38 +02:00
Martin Willi
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
Tobias Brunner
8c88ca0fcf
stroke: Add statusall-nb as alias for statusallnb
2013-06-21 10:51:41 +02:00
Tobias Brunner
4182c86aed
stroke: Add non-blocking versions of up and down
...
stroke up-nb and stroke down-nb do not block until the command has
finished. Instead, they return right after initiating the respective
operation.
2013-06-21 10:49:39 +02:00
Martin Willi
de2debf8e0
stroke: add exportconn{cert,chain} commands in addition to exportx509
...
The new commands either export a single end entity certificate or the
full trust chain for a specific connection name.
2013-06-19 16:27:19 +02:00
Martin Willi
9f1dfd88c8
Use the GEN silent rule when generating gperf files
2013-05-06 15:04:56 +02:00
Tobias Brunner
e5d819b617
android: Remove/filter header files from LOCAL_SRC_FILES
...
This avoids huge warnings when building the native code.
2013-03-20 15:24:26 +01:00
Martin Willi
048872f2f7
Merge branch 'stroke-counters'
...
Extend stroke counters functionality by connection specific counters, and
a resetcounters command to reset the global or connection counters.
2013-03-18 10:12:22 +01:00
Martin Willi
cf729248b2
Add a "resetcounters" command to ipsec, clearing global or connection counters
2013-03-15 10:55:22 +01:00
Martin Willi
d022322bed
Add connection name specific stroke counters
2013-03-15 10:41:04 +01:00
Martin Willi
a36b49f3cb
Merge branch 'opaque-ports'
...
Adds a %opaque port option and support for port ranges in left/rightprotoport.
Currently not supported by any of our kernel backends.
2013-03-01 11:27:12 +01:00
Martin Willi
cd41b951ee
Pass complete port range over stroke interface for more flexibility
2013-02-21 11:52:33 +01:00
Martin Willi
7fbe516f88
Add a ikedscp ipsec.conf option to set DSCP value on outgoing IKE packets
2013-02-06 15:36:36 +01:00
Tobias Brunner
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
Reto Buerki
a7409773e6
stroke: Drop unneeded [MY|OTHER]_NETBITS
2012-12-19 11:24:02 +01:00
Reto Buerki
31944a4366
stroke: Enable install_policy in add_connection()
2012-12-19 11:23:52 +01:00
Martin Willi
0c4b9f7cda
Add a "ipsec listcounters" command to stroke
2012-10-24 11:34:31 +02:00
Martin Willi
96c2b3cf89
Support multiple addresses/pools in left/rightsourceip
2012-08-30 16:43:42 +02:00
Martin Willi
17319aa28d
Add a left/rightdns keyword to configure connection specific DNS attributes
2012-08-21 09:38:00 +02:00
Tobias Brunner
56d07af3be
Added ESP log group for libipsec log messages.
2012-08-08 15:12:25 +02:00
Martin Willi
46df61dff7
Add an ipsec.conf leftgroups2 parameter for the second authentication round
2012-07-26 11:51:58 +02:00
Andreas Steffen
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
Andreas Steffen
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Andreas Steffen
5f1931ada1
added support for raw RSA public keys to stroke
2012-04-30 00:31:42 +02:00
Tobias Brunner
9f1b303afc
Added stroke user-creds command, to set username/password for a connection.
2012-04-17 14:20:58 +02:00
Tobias Brunner
ff5cb888f6
Additional prompt keyword added to stroke.
2012-04-17 14:20:58 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
c8d46f2959
Dropped support of deprecated authby=eap and eap= options
2012-03-20 17:31:38 +01:00
Martin Willi
e129168ba6
Added a "aggressive" ipsec.conf connection option
2012-03-20 17:31:34 +01:00
Martin Willi
d94c923648
Support an "any" IKE version for both IKEv1 or IKEv2
2012-03-20 17:31:25 +01:00
Martin Willi
21a4fc832e
Pass ipsec.conf xauth_identity option via stroke to charon configurations
2012-03-20 17:31:23 +01:00
Tobias Brunner
2e0b478a01
Android 4 requires LOCAL_MODULE_TAGS to be set for all modules.
...
Because all packages are now marked as optional executables that are to
be installed on the final system have to be added to PRODUCT_PACKAGES in
build/target/product/core.mk. Dependencies (such as libraries) are
installed automatically.
2012-01-12 19:18:35 +01:00
Tobias Brunner
54d096a712
Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).
...
This will allow us to remove quite some clutter from the LIB debug group
for higher debug levels.
2011-12-16 16:44:38 +01:00
Tobias Brunner
4f775afda9
Added missing Android.mk files to distribution.
2011-11-22 18:31:12 +01:00
Martin Willi
2d2ffa58f6
Added a listplugins stroke command to show plugin features
2011-10-14 10:05:44 +02:00
Tobias Brunner
b3b1419e06
Build stroke on Android.
2011-10-11 16:30:20 +02:00
Tobias Brunner
2421ac9e98
getpass(3) is not supported on Android.
...
No replacement yet.
2011-10-11 16:30:20 +02:00
Tobias Brunner
f7ce74983d
Removed unneeded include.
...
This is not available on Android and redirects to <fcntl.h> on Ubuntu.
2011-10-11 16:30:20 +02:00
Andreas Steffen
b9d61f78d3
added PTS debug class
2011-09-11 00:11:04 +02:00
Martin Willi
f34ebc845b
Add a closeaction ipsec.conf keyword to configure close action
2011-06-07 12:07:21 +02:00
Tobias Brunner
d30df6ff3d
stroke: Usage output updated.
2011-05-16 18:47:52 +02:00
Martin Willi
a694b481ee
Added a statusallnb stroke command to show status non-blocking
2011-05-16 15:24:14 +02:00
Martin Willi
dfe9bad981
Added a stroke memusage command to show memory usage
2011-05-16 15:22:21 +02:00
Martin Willi
fc2e43eb27
Fix order of PURGE_* flags to be compatible with STROKE_PURGE_* keywords
2011-03-23 09:28:40 +01:00
Martin Willi
6367de28ad
Added a left/rightcertpolicy keyword to specify certificatePolicy requirements
2011-01-07 15:51:35 +01:00
Martin Willi
6c302616f1
Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality
2010-12-20 09:45:39 +01:00