4163421f91
plugins: Don't link with -rdynamic on Windows
2014-06-04 15:53:02 +02:00
8d74ec9e80
ike: Add an additional but separate AEAD proposal to CHILD config
...
This currently has no effect: We don't include AEAD algorithms in the default
ESP proposal, as we don't know if it is supported by the backend. But as we
hopefully get an algorithm query mechanism on kernel interfaces some day, we
add the appropriate functionality nonetheless.
2014-05-16 16:51:19 +02:00
879e3d12ca
ike: Add an additional but separate AEAD proposal to IKE config, if supported
2014-05-16 16:51:19 +02:00
d223fe807a
libcharon: Use lib->ns instead of charon->name
2014-02-12 14:34:32 +01:00
6e288ed19c
pool: Install SQL schemas from src/pool
...
This allows us to install the schemas if either the attr-sql or sql
plugin is enabled, since both use the same schema (at least in parts).
2014-02-12 14:21:26 +01:00
b2cd0870a3
sql: Set default values for some fields in addresses table
2014-02-12 14:08:34 +01:00
9ca9d99bc4
sql: Install SQL schemas in /usr/share/strongswan/templates/database
2014-02-12 14:08:34 +01:00
68539c38e2
sql: Remove unused cred.sql snippet
2014-02-12 14:08:34 +01:00
e745f5f69f
sql: Don't use MyISAM engine and set collation/charset for all tables
...
The MyISAM engine doesn't support transactions.
2013-10-11 15:16:05 +02:00
3070697f9f
ike: support multiple addresses, ranges and subnets in IKE address config
...
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
2013-09-04 10:38:37 +02:00
9aeaa7396e
peer-cfg: add a pull/push mode option to use with mode config
2013-09-04 10:33:37 +02:00
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
11a27ea28f
sql: Use plugin features with dependency to database backend
2013-06-11 11:18:17 +02:00
306a269e34
Add a DSCP configuration value to IKE configs
2013-02-06 15:20:32 +01:00
365d9a6f67
Added an option that allows to force IKEv1 fragmentation
2013-01-12 11:54:32 +01:00
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
ed05a1a3b7
'signal' is a keyword in MySQL 5.5
...
Fixes #251 .
2012-11-07 12:37:23 +01:00
1fdd62ffce
Remove version argument on peer_cfg constructor, use ike_cfg version instead
2012-10-24 10:19:33 +02:00
9fc7cc6f9b
Add IKE version information to ike_cfg_t
2012-10-24 10:18:35 +02:00
7b83cc62e0
Handle comma separated pools as multiple pool names in SQL plugin
2012-08-30 16:43:43 +02:00
497ce2cf51
Support multiple address pools configured on a peer_cfg
2012-08-30 16:43:42 +02:00
101d26babe
Support multiple virtual IPs on peer_cfg and ike_sa classes
2012-08-30 16:43:42 +02:00
b223d517c8
Replaced usages of CHARON_*_PORT with calls to get_port().
2012-08-08 15:12:25 +02:00
e7ea057fd2
Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
2012-08-08 15:07:43 +02:00
d19f0ae3e0
Don't modify the message string passed to logger, as it gets reused
2012-07-13 15:43:04 +02:00
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
5ce59d4c06
Added an aggressive mode peer_cfg option
2012-03-20 17:31:34 +01:00
f7a8fcedc0
Use enum to define IKE version on peer_cfg_t.
...
Replaced all those magic numbers.
2012-03-20 17:30:41 +01:00
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
4f9dc66be2
Migrated sql_logger_t to INIT/METHOD macros.
2011-10-04 10:21:25 +02:00
1d5aae4b53
Fixed syntax in MySQL script.
2011-08-08 16:15:28 +02:00
c55818ebb0
Added a (not yet implemented) plugin_t method to reload plugin configuration
2011-04-15 10:07:13 +02:00
787b5884aa
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
2011-04-15 10:07:12 +02:00
37788b1d06
Added a TFC padding option to child_cfg
2010-12-20 09:45:39 +01:00
93cbe45c09
stupid typo
2010-12-05 15:48:22 +01:00
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
503e1c558e
CDP enumerator added to SQL plugin.
2010-12-03 18:07:17 +01:00
37bc379951
Tables added for CAs and CDPs.
2010-12-03 18:07:17 +01:00
ece5d52e38
Migrated sql_cred_t to INIT/METHOD macros.
2010-12-03 18:07:17 +01:00
a072c34a63
check for malformed IKE and ESP proposals
2010-12-01 09:50:30 +01:00
e79567d07e
Migrated sql_plugin_t to INIT/METHOD macros
2010-11-30 23:31:24 +01:00
e7f586131e
Migrated sql_config_t to INIT/METHOD macros
2010-11-30 23:27:51 +01:00
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
6b7897728a
support PEM-encoded certificates stored in SQL databases
2010-11-26 13:47:37 +01:00
Martin Willi