Tobias Brunner
3bf98189d7
kernel-netlink: Follow RFC 6724 when selecting IPv6 source addresses
...
Instead of using the first address we find on an interface we should
consider properties like an address' scope or whether it is temporary
or public.
Fixes #543 .
2014-06-19 14:16:41 +02:00
Martin Willi
b70849ada2
configure: Separate pki from --disable-tools
...
While pki builds and runs just fine on Windows, this is not true for scepclient.
2014-06-04 15:53:08 +02:00
Martin Willi
c4c9d291d2
ikev1: Add an option to accept unencrypted ID/HASH payloads
...
Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in
unencrypted form, probably to allow PSK lookup based on the ID payloads. We
by default reject that, but accept it if the
charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf.
Initial patch courtesy of Paul Stewart.
2014-04-17 08:52:28 +02:00
Martin Willi
dbd4fc074a
openac: Remove obsolete openac utility
...
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
Tobias Brunner
efce4559e8
conf: Install config files world-readable but warn about permissions for certain options
2014-02-12 15:16:57 +01:00
Tobias Brunner
ff94fe157a
conf: Document options of other programs
2014-02-12 14:34:34 +01:00
Tobias Brunner
5ac757872b
conf: Document options of plugins in libpts
2014-02-12 14:34:34 +01:00
Tobias Brunner
bf3f4bf7a2
conf: Document libimcv options
2014-02-12 14:34:34 +01:00
Tobias Brunner
4576f7f960
conf: Document libtnccs options
2014-02-12 14:34:34 +01:00
Tobias Brunner
da8b16a160
conf: Add logger example config
2014-02-12 14:34:34 +01:00
Tobias Brunner
5da20b3dc6
conf: Converted charon options
2014-02-12 14:34:33 +01:00
Tobias Brunner
1b98f85821
conf: Generate and install config sippets for option descriptions
...
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00