ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
4,983 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

3449 Commits

Author SHA1 Message Date
Martin Willi 3c82381296 Try to send HA sync messages synchronously 2010-04-07 13:55:15 +02:00
Martin Willi f4f394e67c Do not sync a delete for a child in a destroying IKE_SA 2010-04-07 13:55:15 +02:00
Martin Willi 5a0a359b88 Include ICMP traffic in sync tunnel 2010-04-07 13:55:15 +02:00
Martin Willi 874c0bd8b8 Refactored segment enabling/disabling 2010-04-07 13:55:15 +02:00
Martin Willi 5d67259042 Use a connected UDP socket 2010-04-07 13:55:15 +02:00
Martin Willi 06308d9ede Removed obsolete socket subclasses 2010-04-07 13:55:15 +02:00
Martin Willi 3912fdb1ec Automatically segment cluster using periodically sent status messages 2010-04-07 13:55:14 +02:00
Martin Willi b7f15be136 Do not enable/disable our own sync tunnel 2010-04-07 13:55:14 +02:00
Martin Willi 9fdf5f712e Enable/disable inactive/active segments only 2010-04-07 13:55:14 +02:00
Martin Willi 310498f3de Deactivate all active segments before shutting down 2010-04-07 13:55:14 +02:00
Martin Willi 4e248733a8 HA kernel interface can mangle netfilter rules, currently with iptables invocation 2010-04-07 13:55:14 +02:00
Martin Willi dbc91f7c84 Added support for kernel segment manipulation 2010-04-07 13:55:14 +02:00
Martin Willi 6921e8d5a9 Moved segment configuration parsing to ha_sync_plugin 2010-04-07 13:55:14 +02:00
Martin Willi 37459ea928 Propagate segment manipulation to cluster node 2010-04-07 13:55:14 +02:00
Martin Willi 3d672d4b0a Segment manipulation in HA sync is thread save 2010-04-07 13:55:14 +02:00
Martin Willi c573b11c55 Passing 0 to segments->(de-)activate enables/disables all segments 2010-04-07 13:55:14 +02:00
Martin Willi 7ceaf50b05 separated auto-tunnel functionality from socket 2010-04-07 13:55:13 +02:00
Martin Willi f5632db953 create external fifo socket only if "fifo_interface" option is set 2010-04-07 13:55:13 +02:00
Martin Willi 47d365deef updated linuxdir include variable 2010-04-07 13:55:13 +02:00
Martin Willi 724736ff1c updated HA sync plugin to new lifetime config 2010-04-07 13:55:13 +02:00
Martin Willi f825238594 print "none" if not serving any segments 2010-04-07 13:55:13 +02:00
Martin Willi a33eb8631c automatically establish a PSK authenticated SA between cluster nodes 2010-04-07 13:55:13 +02:00
Martin Willi 80624c79d5 fixed memleak when installing synced virtual IPs 2010-04-07 13:55:13 +02:00
Martin Willi b1d495f469 do not sync CHILD_SAs without an IKE_SA 2010-04-07 13:55:13 +02:00
Martin Willi 5b7c0f4409 removed $Id$ from ha plugin 2010-04-07 13:55:13 +02:00
Martin Willi 26d08a241a fixed ike_sa condition/extension parsing 2010-04-07 13:55:12 +02:00
Martin Willi 1f32f61c87 added a copy of the linux jenkins hash to dist 2010-04-07 13:55:12 +02:00
Martin Willi 1e977438af fixed sync of CHILD_SA delete 2010-04-07 13:55:12 +02:00
Martin Willi 9ffcbea6f1 added HA resync option to (re-)integrate nodes to a cluster 2010-04-07 13:55:12 +02:00
Martin Willi c81f4fa29d apply peer config during rekeying 2010-04-07 13:55:12 +02:00
Martin Willi 34d240a6e3 manage synced SAs in IKE_SA Manager, tag them with IKE_PASSIVE state 2010-04-07 13:55:12 +02:00
Martin Willi d4113a42e9 support for IKE_SA rekeying sync 2010-04-07 13:55:12 +02:00
Martin Willi aa98188af5 IKE_SA activation/deactivation magic using a fifo socket 2010-04-07 13:55:12 +02:00
Martin Willi c94fe198e9 syncing of complete IKE/CHILD_SAs works 2010-04-07 13:55:11 +02:00
Martin Willi 7999be5b0e pushing basic CHILD_SA sync data to backup node 2010-04-07 13:55:11 +02:00
Martin Willi 765935c8f6 basic syncing of IKE_SAs 
recreating SAs with keymat derivation
 2010-04-07 13:55:11 +02:00
Martin Willi 190edaf527 added a dispatcher class to receive HA sync messages 
simple attribute parser enumerator (probably needs a cleaner implementation)
 2010-04-07 13:55:11 +02:00
Martin Willi 12ec91ba3a generating basic IKE_SA sync messages 
pushing to statically configured failover node
 2010-04-07 13:55:11 +02:00
Martin Willi e5e91eec29 set up basic infrastructure ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e16d76f9a4 added child_sa serialization to ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e67f5136c0 HA sync plugin stub 2010-04-07 13:55:11 +02:00
Tobias Brunner 0a4dc78755 Some whitespace fixes. 2010-04-06 12:56:06 +02:00
Tobias Brunner e41932320c Explicitly unload plugins before deinitializing libhydra and libstrongswan in pluto. 2010-04-06 12:47:41 +02:00
Tobias Brunner 894936ce9e Replaced some DBG_LIB with more specific groups. 2010-04-06 12:47:40 +02:00
Tobias Brunner 8b0e09103b Adding DBG_LIB to all calls of libstrongswan's version of DBG*. 2010-04-06 12:47:40 +02:00
Tobias Brunner 9ed6341d3f Adding support for debug groups in libstrongswan's logger. 2010-04-06 12:47:40 +02:00
Tobias Brunner 3fdee23f18 Move debug groups from charon's bus.h to libstrongswan's debug.h. 2010-04-06 12:47:40 +02:00
Tobias Brunner 9f3df622e4 Manually loading the pluto.(n)dns* settings is not needed anymore. 2010-04-06 12:47:40 +02:00
Tobias Brunner 7ac6060e8d Use daemon-specific config for the attr plugin. 2010-04-06 12:47:40 +02:00
Tobias Brunner a5ec302547 Moved attr plugin from libcharon to libhydra. 2010-04-06 12:47:40 +02:00