Martin Willi
4163421f91
plugins: Don't link with -rdynamic on Windows
2014-06-04 15:53:02 +02:00
Martin Willi
8d74ec9e80
ike: Add an additional but separate AEAD proposal to CHILD config
...
This currently has no effect: We don't include AEAD algorithms in the default
ESP proposal, as we don't know if it is supported by the backend. But as we
hopefully get an algorithm query mechanism on kernel interfaces some day, we
add the appropriate functionality nonetheless.
2014-05-16 16:51:19 +02:00
Martin Willi
879e3d12ca
ike: Add an additional but separate AEAD proposal to IKE config, if supported
2014-05-16 16:51:19 +02:00
Tobias Brunner
d223fe807a
libcharon: Use lib->ns instead of charon->name
2014-02-12 14:34:32 +01:00
Tobias Brunner
6e288ed19c
pool: Install SQL schemas from src/pool
...
This allows us to install the schemas if either the attr-sql or sql
plugin is enabled, since both use the same schema (at least in parts).
2014-02-12 14:21:26 +01:00
Tobias Brunner
b2cd0870a3
sql: Set default values for some fields in addresses table
2014-02-12 14:08:34 +01:00
Tobias Brunner
9ca9d99bc4
sql: Install SQL schemas in /usr/share/strongswan/templates/database
2014-02-12 14:08:34 +01:00
Tobias Brunner
68539c38e2
sql: Remove unused cred.sql snippet
2014-02-12 14:08:34 +01:00
Tobias Brunner
e745f5f69f
sql: Don't use MyISAM engine and set collation/charset for all tables
...
The MyISAM engine doesn't support transactions.
2013-10-11 15:16:05 +02:00
Martin Willi
3070697f9f
ike: support multiple addresses, ranges and subnets in IKE address config
...
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
2013-09-04 10:38:37 +02:00
Martin Willi
9aeaa7396e
peer-cfg: add a pull/push mode option to use with mode config
2013-09-04 10:33:37 +02:00
Martin Willi
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
Tobias Brunner
11a27ea28f
sql: Use plugin features with dependency to database backend
2013-06-11 11:18:17 +02:00
Martin Willi
306a269e34
Add a DSCP configuration value to IKE configs
2013-02-06 15:20:32 +01:00
Tobias Brunner
365d9a6f67
Added an option that allows to force IKEv1 fragmentation
2013-01-12 11:54:32 +01:00
Tobias Brunner
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
Tobias Brunner
ed05a1a3b7
'signal' is a keyword in MySQL 5.5
...
Fixes #251 .
2012-11-07 12:37:23 +01:00
Martin Willi
1fdd62ffce
Remove version argument on peer_cfg constructor, use ike_cfg version instead
2012-10-24 10:19:33 +02:00
Martin Willi
9fc7cc6f9b
Add IKE version information to ike_cfg_t
2012-10-24 10:18:35 +02:00
Martin Willi
7b83cc62e0
Handle comma separated pools as multiple pool names in SQL plugin
2012-08-30 16:43:43 +02:00
Martin Willi
497ce2cf51
Support multiple address pools configured on a peer_cfg
2012-08-30 16:43:42 +02:00
Martin Willi
101d26babe
Support multiple virtual IPs on peer_cfg and ike_sa classes
2012-08-30 16:43:42 +02:00
Tobias Brunner
b223d517c8
Replaced usages of CHARON_*_PORT with calls to get_port().
2012-08-08 15:12:25 +02:00
Tobias Brunner
e7ea057fd2
Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
2012-08-08 15:07:43 +02:00
Martin Willi
d19f0ae3e0
Don't modify the message string passed to logger, as it gets reused
2012-07-13 15:43:04 +02:00
Andreas Steffen
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
Andreas Steffen
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
Tobias Brunner
42500c274a
Use name from initialization to access settings in libcharon.
...
Also fixes several whitespace errors.
2012-05-03 13:57:04 +02:00
Tobias Brunner
ead92870b8
Loggers specify what log messages they want to receive during registration.
...
This also allows us to generate the log message only once for all
loggers that need it (avoids calls to custom printf specifier callbacks).
To update the log levels loggers can simply be registered again.
2012-05-02 14:45:38 +02:00
Tobias Brunner
0e474f9148
Use a separate interface for loggers.
...
The new interface does not allow loggers to unregister themselves from
the bus. This allows us to use a rwlock_t for them.
The latter also means that loggers can now be called concurrently by
multiple threads.
2012-05-02 14:45:38 +02:00
Martin Willi
5ce59d4c06
Added an aggressive mode peer_cfg option
2012-03-20 17:31:34 +01:00
Tobias Brunner
f7a8fcedc0
Use enum to define IKE version on peer_cfg_t.
...
Replaced all those magic numbers.
2012-03-20 17:30:41 +01:00
Tobias Brunner
39b30518c2
Syntax error in sqlite.sql fixed.
2011-11-04 14:37:22 +01:00
Tobias Brunner
4f9dc66be2
Migrated sql_logger_t to INIT/METHOD macros.
2011-10-04 10:21:25 +02:00
Tobias Brunner
1d5aae4b53
Fixed syntax in MySQL script.
2011-08-08 16:15:28 +02:00
Martin Willi
c55818ebb0
Added a (not yet implemented) plugin_t method to reload plugin configuration
2011-04-15 10:07:13 +02:00
Martin Willi
787b5884aa
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
2011-04-15 10:07:12 +02:00
Martin Willi
37788b1d06
Added a TFC padding option to child_cfg
2010-12-20 09:45:39 +01:00
Andreas Steffen
93cbe45c09
stupid typo
2010-12-05 15:48:22 +01:00
Andreas Steffen
2da636fd9b
support of reqid field in SQL database
2010-12-05 11:21:40 +01:00
Tobias Brunner
503e1c558e
CDP enumerator added to SQL plugin.
2010-12-03 18:07:17 +01:00
Tobias Brunner
37bc379951
Tables added for CAs and CDPs.
2010-12-03 18:07:17 +01:00
Tobias Brunner
ece5d52e38
Migrated sql_cred_t to INIT/METHOD macros.
2010-12-03 18:07:17 +01:00
Andreas Steffen
a072c34a63
check for malformed IKE and ESP proposals
2010-12-01 09:50:30 +01:00
Andreas Steffen
e79567d07e
Migrated sql_plugin_t to INIT/METHOD macros
2010-11-30 23:31:24 +01:00
Andreas Steffen
e7f586131e
Migrated sql_config_t to INIT/METHOD macros
2010-11-30 23:27:51 +01:00
Andreas Steffen
cbdcca7fd7
renamed algorithm to proposal
2010-11-30 17:38:49 +01:00
Andreas Steffen
f4e5acef3a
store IKE and ESP proposals in SQL database
2010-11-30 17:03:21 +01:00
Andreas Steffen
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
Andreas Steffen
6b7897728a
support PEM-encoded certificates stored in SQL databases
2010-11-26 13:47:37 +01:00