Tobias Brunner
56d07af3be
Added ESP log group for libipsec log messages.
2012-08-08 15:12:25 +02:00
Tobias Brunner
162621ed57
Moved Android specific logger to separate plugin.
...
This is mainly because the other parts of the existing android plugin
can not be built in the NDK (access to keystore and system properties are
not part of the stable NDK libraries).
2012-08-08 15:07:43 +02:00
Martin Willi
46df61dff7
Add an ipsec.conf leftgroups2 parameter for the second authentication round
2012-07-26 11:51:58 +02:00
Andreas Steffen
be735f0148
added PA-TNC max_msg_len option to man page
2012-07-13 11:02:23 +02:00
Andreas Steffen
d7dcbc95a9
make maximum PB-TNC batch size configurable
2012-07-11 17:09:05 +02:00
Andreas Steffen
c8aabefd08
added charon.plugins.eap-tnc.protocol option
2012-07-11 17:09:05 +02:00
Andreas Steffen
4492ffc907
EAP-TNC does not support fragmentation
2012-07-11 17:09:04 +02:00
Andreas Steffen
87efdef35b
configure size of ITA Dummy PA-TNC attribute
2012-07-11 17:09:04 +02:00
Andreas Steffen
3bd452f8f3
max_message_count = 0 disables limit
2012-07-11 17:09:04 +02:00
Tobias Brunner
66e12b926e
Some updates in ipsec.conf(5) for 5.0.0
2012-06-26 12:39:53 +02:00
Andreas Steffen
c38d6905a2
added charon.cisco_unity to strongswan.conf.5 man page
2012-06-25 11:47:40 +02:00
Andreas Steffen
2045a9d36d
added secret as valid authby argument
2012-06-18 22:11:18 +02:00
Martin Willi
7c4214bd38
Add documentation for signature hash algorithm enforcing to man ipsec.conf
2012-06-12 15:01:39 +02:00
Tobias Brunner
95e41fb80a
starter: Drop support for %defaultroute.
2012-06-11 17:33:29 +02:00
Tobias Brunner
60c82591c5
Retry IKE_SA initiation if DNS resolution failed.
...
This is disabled by default and can be enabled with the
charon.retry_initiate_interval option in strongswan.conf.
2012-05-30 15:32:52 +02:00
Tobias Brunner
18dac73f02
Updated ipsec.conf(5) to reflect changes to IPComp support.
2012-05-24 15:32:28 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Tobias Brunner
13de38e354
Documented strongswan.conf options for radattr plugin.
2012-05-01 13:32:43 +02:00
Tobias Brunner
5895c2e948
Option added to set identifier for syslog(3) logging.
...
This identifier is added to each log message by syslog.
2012-04-20 09:26:12 +02:00
Andreas Steffen
0293f09597
updated supported EAP methods
2012-03-30 11:15:10 +02:00
Tobias Brunner
ed2cab08d2
Make resolvconf interface prefix configurable.
2012-03-27 10:44:21 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
75e3d90d43
Updated ipsec.conf man page for the use of IKEv1 with pluto
2012-03-20 17:31:39 +01:00
Martin Willi
c8d46f2959
Dropped support of deprecated authby=eap and eap= options
2012-03-20 17:31:38 +01:00
Andreas Steffen
f673958e59
added the strongswan.conf options of the tnc-pdp plugin
2012-03-16 11:14:40 +01:00
Andreas Steffen
e01751035e
completed imc/imv-attestation settings
2012-02-07 22:11:51 +01:00
Tobias Brunner
9ec66bc1a5
Added an option to load CA certificates without CA basic constraint.
...
Enabling this option treats all certificates in ipsec.d/cacerts and
ipsec.conf ca sections as CA certificates even if they do not contain a
CA basic constraint.
2012-02-01 14:34:52 +01:00
Martin Willi
503dee4d2f
Added RADIUS accounting option to strongswan.conf manual
2012-02-01 11:35:13 +01:00
Tobias Brunner
7c0c2349a9
Make number of concurrently handled stroke messages configurable.
2011-12-29 18:41:39 +01:00
Tobias Brunner
54d096a712
Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).
...
This will allow us to remove quite some clutter from the LIB debug group
for higher debug levels.
2011-12-16 16:44:38 +01:00
Tobias Brunner
49b44c98c1
Charon also supports type=passthrough|drop.
2011-12-14 19:01:39 +01:00
Tobias Brunner
b768d6a4a5
Documented xauth_identity in ipsec.conf(5) man page.
2011-12-14 18:04:39 +01:00
Tobias Brunner
6d4c6b8f41
Documented binary secrets in ipsec.secrets(5) man page.
2011-12-14 17:46:27 +01:00
Andreas Steffen
15b3dc5b26
added libimcv.plugins.imc-attestation.aik_blob parameter
2011-12-11 22:03:43 +01:00
Andreas Steffen
63179fd459
upgraded Test IMC/IMV pair to fully support multple IMC IDs
2011-12-11 22:01:49 +01:00
Tobias Brunner
53e2fc690e
pkcs11: Documented use_pubkey option in strongswan.conf(5).
2011-11-03 18:36:34 +01:00
Tobias Brunner
1a9e3e0147
pkcs11: Documented new options in strongswan.conf(5).
2011-10-31 18:50:10 +01:00
Andreas Steffen
f0a8bf47f7
refactored TNC framework
2011-10-25 01:10:16 +02:00
Tobias Brunner
848a36fed7
starter.load documented in strongswan.conf(5) man page.
2011-10-21 17:30:39 +02:00
Tobias Brunner
de13eab0e6
Documented the strict flag (!) for ike and esp options in ipsec.conf.
2011-09-26 17:51:53 +02:00
Tobias Brunner
7213abcbfb
PTS log group documented in man pages.
2011-09-12 15:07:20 +02:00
Tobias Brunner
5b217e4994
Document charon's default log levels in ipsec.conf(5).
2011-09-12 15:07:20 +02:00
Andreas Steffen
f7a98122ea
added strongswan.conf attributes for attestation IMC/IMV
2011-09-08 12:08:17 +02:00
Andreas Steffen
a4541f1d20
added tnc-ifmap.ssl_passphrase to strongswan.conf
2011-09-02 06:38:39 +02:00
Andreas Steffen
49c03672a3
updated strongswan.conf
2011-08-12 18:11:32 +02:00
Andreas Steffen
535798cfe3
added tnc-ifmap attributes to manpage
2011-08-10 15:58:18 +02:00
Tobias Brunner
45945fa137
Added tnc, imc, imv debug message groups to man page.
2011-07-26 09:38:13 +02:00
Tobias Brunner
4f3ca916c5
Documentation about job priorities added to man page.
...
Also includes docs about IKE_SA_INIT dropping.
2011-07-21 16:17:08 +02:00
Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Tobias Brunner
355728110a
Added missing load-tester options to man page.
2011-07-18 19:01:18 +02:00
Andreas Steffen
e65a50530e
added libimcv.plugins.imv_scanner options to strongswan.conf
2011-07-18 09:34:49 +02:00
Andreas Steffen
c8eb2dea04
added libimcv options to strongswan.conf
2011-06-18 14:08:37 +02:00
Martin Willi
4876f896a4
Added documentation and NEWS for closeaction
2011-06-07 12:07:22 +02:00
Tobias Brunner
bf870ffbe7
Default value for keyingtries documented properly.
2011-05-31 09:03:23 +02:00
Tobias Brunner
bf3c371531
Note about certificates added to CA section in ipsec.conf man page.
2011-05-05 10:30:51 +02:00
Andreas Steffen
2778b6644b
do not include length field in non-fragmented EAP-PEAP packets
2011-04-21 19:52:49 +02:00
Martin Willi
94c0e8346a
Added charon.replay window to strongswan.conf.5
2011-04-20 12:26:58 +02:00
Martin Willi
378219546c
Updated ipsec.conf.5 with new ESN options
2011-04-20 12:26:58 +02:00
Andreas Steffen
01b39fe900
added EAP-PEAP options to strongswan.conf
2011-04-06 20:08:56 +02:00
Andreas Steffen
e236ed1e8d
added duplicheck.enable and whitelist.enable options to strongswan.conf man page
2011-03-18 08:01:09 +01:00
Tobias Brunner
84545f6e7c
Some typos fixed.
2011-02-07 11:39:41 +01:00
Andreas Steffen
c4fd3b2f42
introduced libstrongswan.x509.enforce_critical parameter
2011-02-05 09:01:18 +01:00
Martin Willi
44e513a320
Added support for trustchain key strength checking to rightauth option
2011-01-07 15:51:35 +01:00
Martin Willi
6367de28ad
Added a left/rightcertpolicy keyword to specify certificatePolicy requirements
2011-01-07 15:51:35 +01:00
Martin Willi
6c302616f1
Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality
2010-12-20 09:45:39 +01:00
Tobias Brunner
5889e864a0
Moved "Reading values" section, typo fixed.
2010-12-17 17:31:42 +01:00
Tobias Brunner
9a1e5261d6
Added documentation about new features of settings_t.
2010-12-03 17:40:52 +01:00
Tobias Brunner
a5477a6fa3
Changed some minor stuff in ipsec.conf(5) man page.
...
Also added some "links" to strongswan.conf(5).
2010-10-19 17:18:30 +02:00
Tobias Brunner
6bcf6016e6
Added accepted values to all options in ipsec.conf(5) man page.
2010-10-19 17:16:07 +02:00
Tobias Brunner
a6f8100812
Removed unsupported options from ipsec.conf(5) man page.
2010-10-19 17:06:57 +02:00
Tobias Brunner
8207a74200
Fixed SEE ALSO references in main man pages.
2010-10-19 10:53:54 +02:00
Tobias Brunner
9f8ceffbd9
Added notes about expiry and rekey to ipsec.conf(5) man page.
2010-10-19 10:53:54 +02:00
Andreas Steffen
f2b1aa4962
added eap-radius-filter_id option to strongswan.conf
2010-10-11 12:20:45 +02:00
Andreas Steffen
456a4f398e
updated keyexchange entry in ipsec.conf.5 man page
2010-10-11 06:23:57 +02:00
Andreas Steffen
aff81d3bac
updated strongswan.conf
2010-10-11 06:12:26 +02:00
Andreas Steffen
68de7267e1
added tnccs-11 plugin options to strongswan.conf
2010-10-06 07:53:50 +02:00
Tobias Brunner
41f525becd
Added missing options (corrected some default values).
2010-09-10 12:01:20 +02:00
Tobias Brunner
3f71c5d95f
Moved load-tester configuration to a separate section.
2010-09-10 12:01:20 +02:00
Tobias Brunner
b2bcc57737
Added information about logger configuration.
2010-09-10 12:01:20 +02:00
Tobias Brunner
fa8c06903f
More information about IKEv2 retransmissions added.
2010-09-10 12:01:20 +02:00
Tobias Brunner
320cecd2dd
Adding most of the strongswan.conf options from the wiki.
2010-09-10 12:01:20 +02:00
Tobias Brunner
483c1feb7e
Added strongswan.conf(5) stub.
2010-09-10 12:01:19 +02:00
Tobias Brunner
0a1233e642
Moved man pages for config files to a separate directory.
2010-09-10 12:01:19 +02:00