3bf98189d7
kernel-netlink: Follow RFC 6724 when selecting IPv6 source addresses
...
Instead of using the first address we find on an interface we should
consider properties like an address' scope or whether it is temporary
or public.
Fixes #543 .
2014-06-19 14:16:41 +02:00
b70849ada2
configure: Separate pki from --disable-tools
...
While pki builds and runs just fine on Windows, this is not true for scepclient.
2014-06-04 15:53:08 +02:00
c4c9d291d2
ikev1: Add an option to accept unencrypted ID/HASH payloads
...
Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in
unencrypted form, probably to allow PSK lookup based on the ID payloads. We
by default reject that, but accept it if the
charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf.
Initial patch courtesy of Paul Stewart.
2014-04-17 08:52:28 +02:00
dbd4fc074a
openac: Remove obsolete openac utility
...
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
efce4559e8
conf: Install config files world-readable but warn about permissions for certain options
2014-02-12 15:16:57 +01:00
ff94fe157a
conf: Document options of other programs
2014-02-12 14:34:34 +01:00
5ac757872b
conf: Document options of plugins in libpts
2014-02-12 14:34:34 +01:00
bf3f4bf7a2
conf: Document libimcv options
2014-02-12 14:34:34 +01:00
4576f7f960
conf: Document libtnccs options
2014-02-12 14:34:34 +01:00
da8b16a160
conf: Add logger example config
2014-02-12 14:34:34 +01:00
5da20b3dc6
conf: Converted charon options
2014-02-12 14:34:33 +01:00
1b98f85821
conf: Generate and install config sippets for option descriptions
...
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00
Tobias Brunner