Tobias Brunner
8b43c9ba34
settings: Adopt the new order of sections and settings when replacing configs
2014-05-15 11:28:09 +02:00
Tobias Brunner
5ac20cbb87
settings: Only purge sections if necessary
...
Instead of removing and caching all values of a previous config, we only
do this for actually removed sections/settings.
2014-05-15 11:28:08 +02:00
Tobias Brunner
b98551c74a
coverage: Make genhtml not fail if sources are not found
...
For some reason the .y and .l files of the settings parser are searched in
the wrong directory.
2014-05-15 11:28:08 +02:00
Tobias Brunner
f5dd274ab8
settings: Maintain order of sections and settings while enumerating
2014-05-15 11:28:08 +02:00
Tobias Brunner
2fbbea55c5
settings: Don't overwrite values in-place
...
This is not thread safe. If threads are reading from pointers to existing
values they could get a partially updated invalid value.
Refactored assignment to a separate function.
2014-05-15 11:28:08 +02:00
Tobias Brunner
725c479f8b
settings: Add functions to add sections and key/value pairs to a section
2014-05-15 11:28:07 +02:00
Tobias Brunner
2fe04fb312
unit-tests: Update settings tests to match new parser
...
Empty settings are now ignored, strings are supported, newlines are
handled properly (e.g. at the end of files) etc.
2014-05-15 11:28:07 +02:00
Tobias Brunner
3855dc01ec
settings: Don't enumerate key/value pairs with NULL value
2014-05-15 11:28:07 +02:00
Tobias Brunner
47a3ed979b
settings: Use generated parser instead of our own
2014-05-15 11:28:07 +02:00
Tobias Brunner
073d72cf49
settings: Optionally keep track of removed/replaced values
2014-05-15 11:28:06 +02:00
Tobias Brunner
1f669078ac
settings: Add flex/bison based parser for strongswan.conf
...
This parser features several improvements over the existing one.
For instance, quoted strings (with escape sequences), unlimited includes,
relaxed newline handling (e.g. at the end of files or before/after { and }),
and the difference between empty and unset values (key = vs. key = "").
It also complains a lot more about invalid syntax. The current one accepts
pretty odd stuff (like settings or sections without name) without any
errors or warnings.
2014-05-15 11:28:06 +02:00
Tobias Brunner
f99d1f7ba5
settings: Extract section and key/value pair types and helper functions
...
This allows us to use them in the upcoming parser.
2014-05-15 11:28:06 +02:00
Tobias Brunner
3cb8016f0e
parser-helper: Add utility class for flex/bison based parsers
2014-05-15 11:28:06 +02:00
Tobias Brunner
3784633fa5
settings: Use glob enumerator to load included files
2014-05-15 11:28:06 +02:00
Tobias Brunner
96de74b879
enumerator: Add enumerator to enumerate files matching a pattern
...
This enumerator is a wrapper around glob(3). If that function is not
supported NULL is returned. If no files match or an error occurs during
the pattern expansion an error is logged and the enumerator simply returns
no items.
RFC: if GLOB_ERR is not supplied glob returns GLOB_NOMATCH if e.g. the
base directory of the pattern does not exist, which would otherwise
result in an error. This way there is at least a clear error message in
case of a typo.
2014-05-15 11:28:05 +02:00
Tobias Brunner
b9b1114ab1
settings: Move to a separate folder
2014-05-15 11:28:05 +02:00
Tobias Brunner
8069b3b14b
array: Allocate initial data properly if esize is 0
2014-05-15 11:28:05 +02:00
Martin Willi
e20e0a0586
swanctl: Increase default debug level to 1
...
We initially intended to silence debugging only during thread initialization,
not for swanctl in general.
2014-05-14 16:28:01 +02:00
Martin Willi
80b56fb468
vici: Support the close_action keyword, as we have it documented
2014-05-14 16:26:53 +02:00
Martin Willi
cdc42256b0
ikev1: Fix debugging log when remote traffic selector selection fails
2014-05-14 10:01:57 +02:00
Andreas Steffen
6becc59dc8
Version bump to 5.2.0dr4
2014-05-14 09:57:08 +02:00
Andreas Steffen
fa34739848
result destructor at the wrong level
2014-05-14 09:43:54 +02:00
Tobias Brunner
35952dc13f
conf: Fix sorting of options with Python 3
...
__cmp__() is not supported anymore with Python 3 and cmp() is deprecated.
Instead rich comparisons should be used (only __lt__() is required for
sorting).
2014-05-13 11:14:44 +02:00
Tobias Brunner
5ee4984da5
conf: print is a function in Python 3
2014-05-13 11:14:43 +02:00
Andreas Steffen
60633a995f
build-database.sh finds all *.so files in /usr/lib
2014-05-13 10:08:04 +02:00
Andreas Steffen
7207e3a7ea
Defined BIOS and EFI event types and log event info
...
On debug level 2 log EV_ACTION and EV_EFI_ACTION strings
and on level 3 dump raw event information
2014-05-13 06:21:28 +02:00
Tobias Brunner
f1a272a0d0
libpts: Updated Android.mk
2014-05-12 11:46:08 +02:00
Andreas Steffen
92b5626055
Version bump to 5.2.0dr3
2014-05-12 07:39:33 +02:00
Andreas Steffen
03b5def0fa
Added implementation of RFC 7171 to NEWS
2014-05-12 06:59:21 +02:00
Andreas Steffen
8d59090349
Implemented PT-EAP protocol (RFC 7171)
2014-05-12 06:59:21 +02:00
Andreas Steffen
ab21875f50
Extended build-database.sh
2014-05-12 06:55:29 +02:00
Andreas Steffen
37a73b9cc7
attest now maintains multiple versions of a file hash
2014-05-10 20:08:20 +02:00
Andreas Steffen
688b5b99ed
Changed default value to libimcv.imc-attestation.pcr_info = no
2014-05-10 20:08:20 +02:00
Martin Willi
b1b01840b6
child-sa: Reclaim old state if SA updating is not supported
...
If the state stays at UPDATING, the fallback using IKEv1 rekeying fails as
the task manager refuses to rekey a CHILD_SA in non-INSTALLED state.
2014-05-09 08:49:08 +02:00
Martin Willi
b30c09eaff
NEWS: Add swanctl news
2014-05-08 09:35:59 +02:00
Martin Willi
2df905474a
Merge branch 'swanctl'
...
Adds a swanctl command line tool to manage the IKE daemon charon using the
VICI interface provided by the vici plugin.
2014-05-07 16:05:39 +02:00
Martin Willi
b1076bc8fd
swanctl: By default print local swanctl version with --version
...
But add a --daemon option to query the IKE daemon for its version.
2014-05-07 15:48:17 +02:00
Martin Willi
92884b4683
swanctl: Install empty credential folders with appropriate permissions
2014-05-07 15:48:17 +02:00
Martin Willi
2230f18358
swanctl: Document most swanctl.conf options in manpage
2014-05-07 15:48:17 +02:00
Martin Willi
d909e51918
swanctl: Keep swanctl.conf man/template section order as defined
2014-05-07 15:48:17 +02:00
Martin Willi
ae98a39e71
conf: Add a format-options --nosort option to keep order of sections as defined
2014-05-07 15:48:17 +02:00
Martin Willi
85d26e0c87
swanctl: Add a swanctl command overview manpage
2014-05-07 15:48:17 +02:00
Tobias Brunner
b18191ba0f
swanctl: Generate swanctl.conf(5) man page
2014-05-07 15:48:16 +02:00
Tobias Brunner
6a461f0852
swanctl: Generate man page snippet with config options
2014-05-07 15:48:16 +02:00
Tobias Brunner
e20deeca77
conf: Properly propagate whether a section is commented or not
2014-05-07 15:48:16 +02:00
Tobias Brunner
5fdba04312
swanctl: Convert swanctl.conf to an options file and generate config
2014-05-07 15:48:16 +02:00
Tobias Brunner
49d8a5f554
swanctl: Install swanctl.conf if it does not exist yet
2014-05-07 15:48:16 +02:00
Martin Willi
1312eab036
swanctl: Change syntax of secrets to accept identities with special chars
...
Having identity strings in the settings key is problematic, as the parser can't
handle arbitrary characters in it. Further, the space separation makes it
impossible to define identities with spaces.
The new format uses key prefixes, similar to those used in local/remote auth
sections of connections. The secrets section takes subsections with type
prefixes, and each subsection uses "id" prefixes to define an arbitrary
number of identities.
2014-05-07 15:48:16 +02:00
Martin Willi
a2875525ae
swanctl: List local and remote addresses in list-conns
2014-05-07 15:48:16 +02:00
Martin Willi
43306afe8e
swanctl: Add a list-pools command to summarize pool status
2014-05-07 15:48:15 +02:00