This currently has no effect: We don't include AEAD algorithms in the default
ESP proposal, as we don't know if it is supported by the backend. But as we
hopefully get an algorithm query mechanism on kernel interfaces some day, we
add the appropriate functionality nonetheless.
Handling the result for enum_from_name() is difficult, as checking for
negative return values requires a cast if the enum type is unsigned. The new
signature clearly differentiates lookup result from lookup value.
Further, this actually allows to convert real -1 enum values, which could not
be distinguished from "not-found" and the -1 return value.
This also fixes several clang warnings where enums are unsigned.
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
AM_CPPFLAGS only takes preprocessor flags like -I or -D, so it did not
forward -rdynamic to the linker (--export-dynamic), which meant that the
symbols defined in the executable itself were not resolvable via dlsym().
Fixes#394.
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
Both options are well supported for normal operation but were completely
ignored by conftest, which used hard coded defaults. File options are
still missing but could be added in a similar way.
This patch fixes bug #272 ("conftest ignores log settings for stdout").
http://wiki.strongswan.org/issues/272
According to the documentation of add_logger in src/libcharon/bus/bus.h,
the relevant log levels of a logger are registered with the logging
subsystem when adding the logger. If the log levels change later, the
logger must be re-added to propagate the new settings. In conftest.c,
the stdout logger is initialized and added before reading the logging
settings, but wasn't re-added after reading the settings.
This is useful for certain test cases. Passing the sequence number to
the callback requires a new struct that contains both the number and the
xfrm_usersa_id. The new configuration parameter is called oseq in
accordance with the kernel name, see the comment in the reset_cb
callback function for details.
Martin Willi