ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
12,338 Commits 7 Branches 233 Tags 88 MiB
Commit Graph

12338 Commits

Author SHA1 Message Date
Tobias Brunner 91cc523ca7 conf: Generate strongswan.conf(5) man page in different directory 2014-02-12 14:34:33 +01:00
Tobias Brunner 1b98f85821 conf: Generate and install config sippets for option descriptions 
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
 2014-02-12 14:34:33 +01:00
Tobias Brunner e90b37b9c3 conf: Script to convert option descriptions to man page and config snippets added 2014-02-12 14:34:33 +01:00
Tobias Brunner dee50a6046 conf: Create /etc/strongswan.d directory and include .conf files 2014-02-12 14:34:33 +01:00
Tobias Brunner 45e19c7c88 conf: Simplified strongswan.conf template 2014-02-12 14:34:33 +01:00
Tobias Brunner c75acc4c44 conf: Install strongswan.conf template from a separate directory 2014-02-12 14:34:33 +01:00
Tobias Brunner 9925eeabd2 settings: Add support to enumerate sections and key/value pairs with fallbacks 2014-02-12 14:34:33 +01:00
Tobias Brunner f4da1989cd settings: Implement subsections and key/value pairs with sorted arrays 
Is a bit more memory efficient (also due to lazy instantiation) and
lookups for sections with lots of subsections/keys (e.g. charon.plugins) are
faster.
 2014-02-12 14:34:33 +01:00
Tobias Brunner b3613c49a2 array: Add fallback for qsort_r using thread-local value 
Cygwin for example does not support qsort_r.
 2014-02-12 14:34:33 +01:00
Tobias Brunner 190a278854 plugin-loader: Optionally use load option in each plugin section to load plugins 
This now works because all plugins use the same config namespace.

If <ns>.load_modular is true, the list of plugins to load is determined
via the value of the <ns>.plugins.<name>.load options.

Using includes the following is possible:

charon {
  load_modular = yes
  plugins {
    include strongswan.d/charon/*.conf
  }
}

charon-cmd {
  load_modular = yes
  plugins {
    include strongswan.d/charon-cmd/*.conf
  }
}

Where each .conf file would contain something like:

<name> {
  load = yes
  <option> = <value>
}

To increase the priority of individual plugins load = <priority> can be
used (the default is 1).  For instance, to use openssl instead of the
built-in crypto plugins set in strongswan.d/charon/openssl.conf:

openssl {
  load = 10
}

If two plugins have the same priority their order in the default plugin
list is preserved.  Plugins not found in that list are ordered
alphabetically before other plugins with the same priority.
 2014-02-12 14:34:33 +01:00
Tobias Brunner 79962d9e99 array: Add array_bsearch function 2014-02-12 14:34:33 +01:00
Tobias Brunner 132b00ce02 array: Add array_sort function 2014-02-12 14:34:33 +01:00
Tobias Brunner 1c306c0ee9 libcharon: Remove unused charon->name 2014-02-12 14:34:33 +01:00
Tobias Brunner 9222bfc695 charon-tkm: Use lib->ns instead of charon->name 2014-02-12 14:34:32 +01:00
Tobias Brunner d223fe807a libcharon: Use lib->ns instead of charon->name 2014-02-12 14:34:32 +01:00
Tobias Brunner 10c4f4e1fd libhydra: Remove unused hydra->daemon 2014-02-12 14:34:32 +01:00
Tobias Brunner d347a130f5 libhydra: Use lib->ns instead of hydra->daemon 2014-02-12 14:34:32 +01:00
Tobias Brunner 409adef43c libtls: Move settings to <ns>.tls with fallback to libtls 2014-02-12 14:34:32 +01:00
Tobias Brunner eb9b375aa1 attr-sql: Use namespace for attr-sql config, with fallback 2014-02-12 14:34:32 +01:00
Tobias Brunner 8dc6e71632 lib: All settings use configured namespace 2014-02-12 14:34:32 +01:00
Tobias Brunner 7a684aece4 lib: Add default config fallback for configured namespace 
All settings in the configured global namespace fall back to libstrongswan.
 2014-02-12 14:34:32 +01:00
Tobias Brunner dbed07782b unit-tests: Test how settings_t handles some invalid data 2014-02-12 14:34:32 +01:00
Tobias Brunner 1713d88278 settings: Add method that allows to define fallback sections for other sections 
The fallbacks are currently only used for single value lookups.
Enumerators are not affected by them.
 2014-02-12 14:34:32 +01:00
Tobias Brunner ef72d4cc3f settings: Make print_key() not rely on null-terminated beginning of key buffer 
The key to print (e.g. until the next .) still has to be
null-terminated.
 2014-02-12 14:34:32 +01:00
Tobias Brunner 24d2bb7793 unit-tests: Add tests for includes and file loading in settings_t 2014-02-12 14:34:32 +01:00
Tobias Brunner 25ee33ba65 settings: Allow empty strings in section key 2014-02-12 14:34:32 +01:00
Tobias Brunner 9f9a6b0681 unit-tests: Add tests for enumerators in settings_t 2014-02-12 14:34:32 +01:00
Tobias Brunner cd0523e0a4 unit-tests: Add tests for setters in settings_t 2014-02-12 14:34:31 +01:00
Tobias Brunner 9f2870216d unit-tests: Add basic tests for settings_t 2014-02-12 14:34:31 +01:00
Tobias Brunner 34d3bfcf14 lib: Add global config namespace 2014-02-12 14:34:31 +01:00
Tobias Brunner 4f8bd6d404 pool: Typo in Makefile fixed 2014-02-12 14:34:09 +01:00
Tobias Brunner b84b5410a4 Merge branch 'sql-install' 
SQL schemas and example data (IMV) are now part of the distribution and
installed in $prefix/share/strongswan.  This way no extra copy is needed
for the test suite and distributions can easily pack those files together
with the plugins.
 2014-02-12 14:27:21 +01:00
Tobias Brunner 6e288ed19c pool: Install SQL schemas from src/pool 
This allows us to install the schemas if either the attr-sql or sql
plugin is enabled, since both use the same schema (at least in parts).
 2014-02-12 14:21:26 +01:00
Tobias Brunner b2cd0870a3 sql: Set default values for some fields in addresses table 2014-02-12 14:08:34 +01:00
Tobias Brunner 9942e43dc6 testing: Use installed PTS SQL schema and data instead of local copy 2014-02-12 14:08:34 +01:00
Tobias Brunner 96e8715e32 testing: Use installed SQL schema instead of local copy 2014-02-12 14:08:34 +01:00
Tobias Brunner de7f5305d9 libimcv: Install SQL files in /usr/share/strongswan/templates/database 2014-02-12 14:08:34 +01:00
Tobias Brunner 9ca9d99bc4 sql: Install SQL schemas in /usr/share/strongswan/templates/database 2014-02-12 14:08:34 +01:00
Tobias Brunner 68539c38e2 sql: Remove unused cred.sql snippet 2014-02-12 14:08:34 +01:00
Tobias Brunner ebc665be4d asn1: Support dates before 1970-01-01 (i.e. when time_t gets negative) 
On x86 we allow "overflows" around 1969/1970 but not for other dates.

Fixes #509.
 2014-02-12 13:54:05 +01:00
Tobias Brunner addc34d5f0 asn1: Add additional validation for parsed ASN.1 date/time values 2014-02-12 13:53:57 +01:00
Tobias Brunner 9e1ce63915 ikev1: Fix config switching due to failed authentication during Aggressive mode 
The encoded ID payload gets destroyed by the authenticator, which caused
a segmentation fault after the switch.

Fixes #501.
 2014-02-12 13:53:03 +01:00
Tobias Brunner 822b22c96f kernel-pfroute: Don't cache route entries if installation fails 2014-02-12 13:52:25 +01:00
Tobias Brunner f0f78b74d4 kernel-netlink: Don't cache route entries if installation fails 
Fixes #500.
 2014-02-12 13:52:01 +01:00
Tobias Brunner 5e75f50b70 identification: Fix printing of empty RDNs on FreeBSD 
On FreeBSD (null) is printed for NULL even if the precision is 0.
 2014-02-12 13:45:42 +01:00
Tobias Brunner f8c9c03de0 tests: Fix test for printing NULL on FreeBSD 2014-02-12 13:45:42 +01:00
Andreas Steffen f0ffb9f9af Fixed description of ikev1/rw-ntru-psk scenario 2014-02-12 13:21:46 +01:00
Andreas Steffen ccb7630ca1 Updated test kvm tests to Linux 3.13 kernel 2014-02-12 13:16:34 +01:00
Andreas Steffen 83caf0827c Added ikev1/net2net-ntru-cert and ikev1/rw-ntru-psk scenarios 2014-02-12 13:16:34 +01:00
Tobias Brunner 44e6dbf04d testing: Add ssh script to distribution 2014-02-12 10:53:17 +01:00