Tobias Brunner
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
Martin Willi
f6d8fb3687
Updated ipsec.conf.5 regarding (CA) certificates loaded from smartcards
2012-10-24 13:07:53 +02:00
Martin Willi
05e266ea9d
Add leftcert ipsec.conf.5 documentation about smartcard certificates
2012-10-24 13:07:53 +02:00
Martin Willi
5b2e669ba2
Add ipsec.conf.5 documentation for explicit PRFs in IKE proposals
2012-10-24 11:49:37 +02:00
Martin Willi
55f126fd55
Update ipsec.conf.5, leftsubnet can handle multiple subnets in IKEv1 with Unity
2012-09-18 17:17:48 +02:00
Tobias Brunner
b7a500e985
Set AUTH_RULE_IDENTITY_LOOSE for rightid=%<identity>
2012-09-18 14:40:41 +02:00
Tobias Brunner
72970b458d
Some updates to ipsec.conf(5) man page
2012-09-12 16:53:45 +02:00
Tobias Brunner
f4cc7ea11b
Add uniqueids=never to ignore INITIAL_CONTACT notifies
...
With uniqueids=no the daemon still deletes any existing IKE_SA with the
same peer if an INITIAL_CONTACT notify is received. With this new option
it also ignores these notifies.
2012-09-10 17:37:18 +02:00
Martin Willi
1323dc1138
Merge branch 'multi-vip'
...
Brings support for multiple virtual IPs and multiple pools in
left/rigthsourceip definitions. Also introduces the new left/rightdns
options to configure requested DNS server address family and respond
with multiple connection specific servers.
2012-08-31 12:55:56 +02:00
Tobias Brunner
5f6ef5d5ce
Documentation for eap-dynamic added
2012-08-31 11:42:03 +02:00
Martin Willi
26bc695806
Updated ipsec.conf.5 with multiple left/rightsourceip support
2012-08-30 16:43:45 +02:00
Martin Willi
c60f1da424
Add a description of the leftdns option to ipsec.conf.5
2012-08-21 09:38:01 +02:00
Tobias Brunner
56d07af3be
Added ESP log group for libipsec log messages.
2012-08-08 15:12:25 +02:00
Martin Willi
46df61dff7
Add an ipsec.conf leftgroups2 parameter for the second authentication round
2012-07-26 11:51:58 +02:00
Tobias Brunner
66e12b926e
Some updates in ipsec.conf(5) for 5.0.0
2012-06-26 12:39:53 +02:00
Andreas Steffen
2045a9d36d
added secret as valid authby argument
2012-06-18 22:11:18 +02:00
Martin Willi
7c4214bd38
Add documentation for signature hash algorithm enforcing to man ipsec.conf
2012-06-12 15:01:39 +02:00
Tobias Brunner
95e41fb80a
starter: Drop support for %defaultroute.
2012-06-11 17:33:29 +02:00
Tobias Brunner
18dac73f02
Updated ipsec.conf(5) to reflect changes to IPComp support.
2012-05-24 15:32:28 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Andreas Steffen
0293f09597
updated supported EAP methods
2012-03-30 11:15:10 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Martin Willi
75e3d90d43
Updated ipsec.conf man page for the use of IKEv1 with pluto
2012-03-20 17:31:39 +01:00
Martin Willi
c8d46f2959
Dropped support of deprecated authby=eap and eap= options
2012-03-20 17:31:38 +01:00
Tobias Brunner
54d096a712
Added ASN debug group to log low-level encoding/decoding (ASN.1, X.509).
...
This will allow us to remove quite some clutter from the LIB debug group
for higher debug levels.
2011-12-16 16:44:38 +01:00
Tobias Brunner
49b44c98c1
Charon also supports type=passthrough|drop.
2011-12-14 19:01:39 +01:00
Tobias Brunner
b768d6a4a5
Documented xauth_identity in ipsec.conf(5) man page.
2011-12-14 18:04:39 +01:00
Tobias Brunner
de13eab0e6
Documented the strict flag (!) for ike and esp options in ipsec.conf.
2011-09-26 17:51:53 +02:00
Tobias Brunner
7213abcbfb
PTS log group documented in man pages.
2011-09-12 15:07:20 +02:00
Tobias Brunner
5b217e4994
Document charon's default log levels in ipsec.conf(5).
2011-09-12 15:07:20 +02:00
Tobias Brunner
f3bb1bd039
Fixed common misspellings.
...
Mostly found by 'codespell'.
2011-07-20 16:14:10 +02:00
Martin Willi
4876f896a4
Added documentation and NEWS for closeaction
2011-06-07 12:07:22 +02:00
Tobias Brunner
bf870ffbe7
Default value for keyingtries documented properly.
2011-05-31 09:03:23 +02:00
Tobias Brunner
bf3c371531
Note about certificates added to CA section in ipsec.conf man page.
2011-05-05 10:30:51 +02:00
Martin Willi
378219546c
Updated ipsec.conf.5 with new ESN options
2011-04-20 12:26:58 +02:00
Tobias Brunner
84545f6e7c
Some typos fixed.
2011-02-07 11:39:41 +01:00
Martin Willi
44e513a320
Added support for trustchain key strength checking to rightauth option
2011-01-07 15:51:35 +01:00
Martin Willi
6367de28ad
Added a left/rightcertpolicy keyword to specify certificatePolicy requirements
2011-01-07 15:51:35 +01:00
Martin Willi
6c302616f1
Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality
2010-12-20 09:45:39 +01:00
Tobias Brunner
a5477a6fa3
Changed some minor stuff in ipsec.conf(5) man page.
...
Also added some "links" to strongswan.conf(5).
2010-10-19 17:18:30 +02:00
Tobias Brunner
6bcf6016e6
Added accepted values to all options in ipsec.conf(5) man page.
2010-10-19 17:16:07 +02:00
Tobias Brunner
a6f8100812
Removed unsupported options from ipsec.conf(5) man page.
2010-10-19 17:06:57 +02:00
Tobias Brunner
8207a74200
Fixed SEE ALSO references in main man pages.
2010-10-19 10:53:54 +02:00
Tobias Brunner
9f8ceffbd9
Added notes about expiry and rekey to ipsec.conf(5) man page.
2010-10-19 10:53:54 +02:00
Andreas Steffen
456a4f398e
updated keyexchange entry in ipsec.conf.5 man page
2010-10-11 06:23:57 +02:00
Tobias Brunner
0a1233e642
Moved man pages for config files to a separate directory.
2010-09-10 12:01:19 +02:00