Tobias Brunner
edad908792
Fixed compiler warnings regarding enum comparison.
...
Warnings like
comparison of unsigned expression < 0 is always false
are reported with -Wextra when enum types that are compiled to an
unsigned type (which is up to the compiler) are checked for negativity.
2011-11-25 09:40:30 +01:00
Mirko Parthey
f3da58aaa9
Fix DNS error handling for keyexchange=ike.
...
starter fails to load a connection when a peer's DNS name is temporarily
unresolvable and keyexchange=ike was specified, which defaults to IKEv2.
The connection loads just fine in case of keyexchange=ikev2.
2011-10-25 09:44:17 +02:00
Tobias Brunner
6f4eaa41a7
starter: Use automake LEX/YACC automatisms.
2011-10-10 19:31:04 +02:00
Martin Willi
40921edc38
Support resolution of "allow_any" DNS names in charon (%hostname)
2011-09-02 13:42:45 +02:00
Martin Willi
e59a50009c
starter passes unresolved DNS names to charon
...
Based on an initial patch by Mirko Parthey.
2011-08-29 09:58:18 +02:00
Tobias Brunner
45048eae23
Verify that executables are available and set (pluto|charon)start accordingly.
...
Some distributions enable both daemons but then distribute the
executables in two separate packages. If only one package is installed
but both daemons are enabled in ipsec.conf, starter will try to start
the non existing daemon over and over again, and will each time readd
the configs to the other daemon.
2011-08-11 13:38:05 +02:00
Andreas Steffen
f87991704e
implemented PASS and DROP shunt policies
2011-06-28 19:42:54 +02:00
Martin Willi
6c302616f1
Added a tfc ipsec.conf keyword to control Traffic Flow Confidentiality
2010-12-20 09:45:39 +01:00
Tobias Brunner
a0d13f42e6
starter: Some whitespace cleanup.
2010-09-02 19:04:25 +02:00
Martin Willi
f13a03add0
Moved EAP type/code definitions to a seprate header file in libstrongswan
2010-08-31 15:35:29 +02:00
Andreas Steffen
87799b0c00
moved eap_from_string() fomr libcharon to libstrongswan to make it available in starter
2010-08-13 15:07:53 +02:00
Andreas Steffen
4412ee86c5
recognize eap-ttls method
2010-08-12 23:58:54 +02:00
Martin Willi
2107953804
Added EAP-TLS plugin stub
2010-08-03 15:39:24 +02:00
Andreas Steffen
26c4d0102a
configuration of different marks for inbound and outbound direction
2010-07-09 09:06:07 +02:00
Andreas Steffen
ee26c537d7
support of xfrm marks for IKEv2
2010-07-02 23:46:09 +02:00
Andreas Steffen
fc753c1d3e
remove subnet from sourceip
2010-05-02 17:58:36 +02:00
Andreas Steffen
61e48488d9
final fix for cloning and deleting sourceip strings
2010-05-02 15:55:46 +02:00
Andreas Steffen
a48484322e
fixed end->sourceip memory leak in ipsec starter
2010-05-02 14:56:35 +02:00
Martin Willi
667b73721a
Added left-/rightikeport ipsec.conf options to use custom IKE ports
2010-02-26 11:44:33 +01:00
Martin Willi
8015c91cb9
Added a ipsec.conf "inactivity" option to configure inactivity timeout for CHILD_SAs
2010-01-27 16:05:11 +01:00
Andreas Steffen
270bb348e3
pluto now supports SQL-based virtual IP pools
2009-10-14 14:30:14 +02:00
Martin Willi
075448fbc8
Complain about missing %defaultroute support only if one is actually used
2009-09-16 13:27:49 +02:00
Martin Willi
7daf5226b7
removed trailing spaces ([[:space:]]+$)
2009-09-04 13:46:09 +02:00
Andreas Steffen
11e6d28533
pluto supports ECDSA authentication
2009-06-12 19:59:49 +02:00
Tobias Brunner
723534283c
use bool instead of int
2009-05-07 17:42:25 +02:00
Tobias Brunner
8c5d72cd0b
removing svn keyword $Id$ from all files
2009-04-30 13:19:35 +00:00
Andreas Steffen
9d53cc5d43
already had the correct formatting
2009-04-19 19:22:31 +00:00
Andreas Steffen
3d7a244b54
conversion from 8 spaces to 4 spaces per tab
2009-04-19 19:16:09 +00:00
Andreas Steffen
67411e66c3
port the libstrongswan memory allocation methods to pluto
2009-04-17 07:11:29 +00:00
Martin Willi
e4838d02b3
set the default of plutostart/charonstart according to ./configure options
2009-03-24 15:02:12 +00:00
Martin Willi
4a6b84a934
reintegrated eap-radius branch into trunk
2009-03-24 10:24:58 +00:00
Tobias Brunner
f98cdf7a47
adding plugin for EAP-MS-CHAPv2
2009-02-18 19:57:15 +00:00
Andreas Steffen
d487b4b727
preliminary support of Mobile IPv6
2008-11-11 06:37:37 +00:00
Martin Willi
1caa265c61
a (incomplete) implementation of draft-sheffer-ikev2-gtc-00.txt using PAM
2008-08-21 12:10:07 +00:00
Andreas Steffen
1dec30625e
check if parsing of ipsec update was successful
2008-07-02 05:51:49 +00:00
Tobias Brunner
ea0823dffd
ECDSA with OpenSSL
2008-06-10 09:08:27 +00:00
Andreas Steffen
77b9c3a214
end->srcip string must be removed if it contains %config
2008-04-27 11:28:58 +00:00
Andreas Steffen
937eb2db00
fixed memory corruption problem in starter
2008-04-27 10:49:31 +00:00
Martin Willi
3444390241
supporting multiple comma seperated subnets in left/rightsubnet definition
...
e.g. leftsubnet=10.2.0.0/16,10.4.0.0/16
2008-04-25 12:41:37 +00:00
Andreas Steffen
f45411c045
set long-forgotten DPD defaults
2008-04-15 11:27:45 +00:00
Martin Willi
cdcfe777f4
implementation of an CFG attribute framework, currently supporting virtual IPs
...
updated ipsec.conf sourceip parameter to support
CIDR notatation to serve from a pool
%poolname to query a separate (database?) pool
2008-04-09 12:54:47 +00:00
Andreas Steffen
aa1a730bfb
set nexthop default value to 0::0 in IPv6 connections
2007-12-19 00:49:32 +00:00
Martin Willi
0f806802ae
implemented Expanded EAP types to support vendor specific methods
2007-12-13 17:31:21 +00:00
Martin Willi
4b403e7672
merged EAP-MD5 into trunk
2007-12-12 14:29:10 +00:00
Andreas Steffen
496e76cbdf
added RCSID
2007-10-08 19:57:54 +00:00
Martin Willi
f9b8417a7c
renamed force_encap to forceencaps (as it is named in openswan)
2007-10-02 06:57:58 +00:00
Martin Willi
9dae1bed00
implemented IKEv2 force_encap connection parameter
...
enforces UDP encapsulation by faking NAT detection payloads
to hurdle restrictive firewalls
2007-10-01 12:19:39 +00:00
Martin Willi
9164e49ac0
added mobike=yes|no connection option
...
yes: include mobike support notifies as initiator
no: only enable mobike as responder when initiator supports it
default: yes
2007-08-29 12:11:25 +00:00
Andreas Steffen
ec11518d1b
handle dns lookup failures
2007-08-02 18:38:28 +00:00
Andreas Steffen
ae4388dca0
cosmetics
2007-07-04 05:42:09 +00:00