Tobias Brunner
91cc523ca7
conf: Generate strongswan.conf(5) man page in different directory
2014-02-12 14:34:33 +01:00
Tobias Brunner
1b98f85821
conf: Generate and install config sippets for option descriptions
...
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00
Tobias Brunner
e90b37b9c3
conf: Script to convert option descriptions to man page and config snippets added
2014-02-12 14:34:33 +01:00
Tobias Brunner
dee50a6046
conf: Create /etc/strongswan.d directory and include .conf files
2014-02-12 14:34:33 +01:00
Tobias Brunner
45e19c7c88
conf: Simplified strongswan.conf template
2014-02-12 14:34:33 +01:00
Tobias Brunner
c75acc4c44
conf: Install strongswan.conf template from a separate directory
2014-02-12 14:34:33 +01:00
Tobias Brunner
9925eeabd2
settings: Add support to enumerate sections and key/value pairs with fallbacks
2014-02-12 14:34:33 +01:00
Tobias Brunner
f4da1989cd
settings: Implement subsections and key/value pairs with sorted arrays
...
Is a bit more memory efficient (also due to lazy instantiation) and
lookups for sections with lots of subsections/keys (e.g. charon.plugins) are
faster.
2014-02-12 14:34:33 +01:00
Tobias Brunner
b3613c49a2
array: Add fallback for qsort_r using thread-local value
...
Cygwin for example does not support qsort_r.
2014-02-12 14:34:33 +01:00
Tobias Brunner
190a278854
plugin-loader: Optionally use load option in each plugin section to load plugins
...
This now works because all plugins use the same config namespace.
If <ns>.load_modular is true, the list of plugins to load is determined
via the value of the <ns>.plugins.<name>.load options.
Using includes the following is possible:
charon {
load_modular = yes
plugins {
include strongswan.d/charon/*.conf
}
}
charon-cmd {
load_modular = yes
plugins {
include strongswan.d/charon-cmd/*.conf
}
}
Where each .conf file would contain something like:
<name> {
load = yes
<option> = <value>
}
To increase the priority of individual plugins load = <priority> can be
used (the default is 1). For instance, to use openssl instead of the
built-in crypto plugins set in strongswan.d/charon/openssl.conf:
openssl {
load = 10
}
If two plugins have the same priority their order in the default plugin
list is preserved. Plugins not found in that list are ordered
alphabetically before other plugins with the same priority.
2014-02-12 14:34:33 +01:00
Tobias Brunner
79962d9e99
array: Add array_bsearch function
2014-02-12 14:34:33 +01:00
Tobias Brunner
132b00ce02
array: Add array_sort function
2014-02-12 14:34:33 +01:00
Tobias Brunner
1c306c0ee9
libcharon: Remove unused charon->name
2014-02-12 14:34:33 +01:00
Tobias Brunner
9222bfc695
charon-tkm: Use lib->ns instead of charon->name
2014-02-12 14:34:32 +01:00
Tobias Brunner
d223fe807a
libcharon: Use lib->ns instead of charon->name
2014-02-12 14:34:32 +01:00
Tobias Brunner
10c4f4e1fd
libhydra: Remove unused hydra->daemon
2014-02-12 14:34:32 +01:00
Tobias Brunner
d347a130f5
libhydra: Use lib->ns instead of hydra->daemon
2014-02-12 14:34:32 +01:00
Tobias Brunner
409adef43c
libtls: Move settings to <ns>.tls with fallback to libtls
2014-02-12 14:34:32 +01:00
Tobias Brunner
eb9b375aa1
attr-sql: Use namespace for attr-sql config, with fallback
2014-02-12 14:34:32 +01:00
Tobias Brunner
8dc6e71632
lib: All settings use configured namespace
2014-02-12 14:34:32 +01:00
Tobias Brunner
7a684aece4
lib: Add default config fallback for configured namespace
...
All settings in the configured global namespace fall back to libstrongswan.
2014-02-12 14:34:32 +01:00
Tobias Brunner
dbed07782b
unit-tests: Test how settings_t handles some invalid data
2014-02-12 14:34:32 +01:00
Tobias Brunner
1713d88278
settings: Add method that allows to define fallback sections for other sections
...
The fallbacks are currently only used for single value lookups.
Enumerators are not affected by them.
2014-02-12 14:34:32 +01:00
Tobias Brunner
ef72d4cc3f
settings: Make print_key() not rely on null-terminated beginning of key buffer
...
The key to print (e.g. until the next .) still has to be
null-terminated.
2014-02-12 14:34:32 +01:00
Tobias Brunner
24d2bb7793
unit-tests: Add tests for includes and file loading in settings_t
2014-02-12 14:34:32 +01:00
Tobias Brunner
25ee33ba65
settings: Allow empty strings in section key
2014-02-12 14:34:32 +01:00
Tobias Brunner
9f9a6b0681
unit-tests: Add tests for enumerators in settings_t
2014-02-12 14:34:32 +01:00
Tobias Brunner
cd0523e0a4
unit-tests: Add tests for setters in settings_t
2014-02-12 14:34:31 +01:00
Tobias Brunner
9f2870216d
unit-tests: Add basic tests for settings_t
2014-02-12 14:34:31 +01:00
Tobias Brunner
34d3bfcf14
lib: Add global config namespace
2014-02-12 14:34:31 +01:00
Tobias Brunner
4f8bd6d404
pool: Typo in Makefile fixed
2014-02-12 14:34:09 +01:00
Tobias Brunner
b84b5410a4
Merge branch 'sql-install'
...
SQL schemas and example data (IMV) are now part of the distribution and
installed in $prefix/share/strongswan. This way no extra copy is needed
for the test suite and distributions can easily pack those files together
with the plugins.
2014-02-12 14:27:21 +01:00
Tobias Brunner
6e288ed19c
pool: Install SQL schemas from src/pool
...
This allows us to install the schemas if either the attr-sql or sql
plugin is enabled, since both use the same schema (at least in parts).
2014-02-12 14:21:26 +01:00
Tobias Brunner
b2cd0870a3
sql: Set default values for some fields in addresses table
2014-02-12 14:08:34 +01:00
Tobias Brunner
9942e43dc6
testing: Use installed PTS SQL schema and data instead of local copy
2014-02-12 14:08:34 +01:00
Tobias Brunner
96e8715e32
testing: Use installed SQL schema instead of local copy
2014-02-12 14:08:34 +01:00
Tobias Brunner
de7f5305d9
libimcv: Install SQL files in /usr/share/strongswan/templates/database
2014-02-12 14:08:34 +01:00
Tobias Brunner
9ca9d99bc4
sql: Install SQL schemas in /usr/share/strongswan/templates/database
2014-02-12 14:08:34 +01:00
Tobias Brunner
68539c38e2
sql: Remove unused cred.sql snippet
2014-02-12 14:08:34 +01:00
Tobias Brunner
ebc665be4d
asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative)
...
On x86 we allow "overflows" around 1969/1970 but not for other dates.
Fixes #509 .
2014-02-12 13:54:05 +01:00
Tobias Brunner
addc34d5f0
asn1: Add additional validation for parsed ASN.1 date/time values
2014-02-12 13:53:57 +01:00
Tobias Brunner
9e1ce63915
ikev1: Fix config switching due to failed authentication during Aggressive mode
...
The encoded ID payload gets destroyed by the authenticator, which caused
a segmentation fault after the switch.
Fixes #501 .
2014-02-12 13:53:03 +01:00
Tobias Brunner
822b22c96f
kernel-pfroute: Don't cache route entries if installation fails
2014-02-12 13:52:25 +01:00
Tobias Brunner
f0f78b74d4
kernel-netlink: Don't cache route entries if installation fails
...
Fixes #500 .
2014-02-12 13:52:01 +01:00
Tobias Brunner
5e75f50b70
identification: Fix printing of empty RDNs on FreeBSD
...
On FreeBSD (null) is printed for NULL even if the precision is 0.
2014-02-12 13:45:42 +01:00
Tobias Brunner
f8c9c03de0
tests: Fix test for printing NULL on FreeBSD
2014-02-12 13:45:42 +01:00
Andreas Steffen
f0ffb9f9af
Fixed description of ikev1/rw-ntru-psk scenario
2014-02-12 13:21:46 +01:00
Andreas Steffen
ccb7630ca1
Updated test kvm tests to Linux 3.13 kernel
2014-02-12 13:16:34 +01:00
Andreas Steffen
83caf0827c
Added ikev1/net2net-ntru-cert and ikev1/rw-ntru-psk scenarios
2014-02-12 13:16:34 +01:00
Tobias Brunner
44e6dbf04d
testing: Add ssh script to distribution
2014-02-12 10:53:17 +01:00