Andreas Steffen
bfd8f8c5fe
Updated IMC/IMV entries in strongswan.conf man page
2014-05-31 20:37:57 +02:00
Tobias Brunner
35952dc13f
conf: Fix sorting of options with Python 3
...
__cmp__() is not supported anymore with Python 3 and cmp() is deprecated.
Instead rich comparisons should be used (only __lt__() is required for
sorting).
2014-05-13 11:14:44 +02:00
Tobias Brunner
5ee4984da5
conf: print is a function in Python 3
2014-05-13 11:14:43 +02:00
Andreas Steffen
8d59090349
Implemented PT-EAP protocol (RFC 7171)
2014-05-12 06:59:21 +02:00
Andreas Steffen
688b5b99ed
Changed default value to libimcv.imc-attestation.pcr_info = no
2014-05-10 20:08:20 +02:00
Martin Willi
ae98a39e71
conf: Add a format-options --nosort option to keep order of sections as defined
2014-05-07 15:48:17 +02:00
Tobias Brunner
e20deeca77
conf: Properly propagate whether a section is commented or not
2014-05-07 15:48:16 +02:00
Martin Willi
7dbf9e1574
vici: Document strongswan.conf options
2014-05-07 14:13:38 +02:00
Martin Willi
c4c9d291d2
ikev1: Add an option to accept unencrypted ID/HASH payloads
...
Even in Main Mode, some Sonicwall boxes seem to send ID/HASH payloads in
unencrypted form, probably to allow PSK lookup based on the ID payloads. We
by default reject that, but accept it if the
charon.accept_unencrypted_mainmode_messages option is set in strongswan.conf.
Initial patch courtesy of Paul Stewart.
2014-04-17 08:52:28 +02:00
Andreas Steffen
8c40609f96
Use python-based swidGenerator to generated SWID tags
2014-04-15 09:21:06 +02:00
Andreas Steffen
0bd64fa5bf
Renamed the AIK public key parameter to imc-attestation.aik_pubkey
2014-04-15 09:21:05 +02:00
Andreas Steffen
c54c26dd17
Implemented configurable Device ID in OS IMC
2014-04-15 09:21:05 +02:00
Tobias Brunner
00b91c4325
eap-radius: Add option to not close IKE_SAs on timeouts during interim accouting updates
...
Fixes #528 .
2014-03-31 14:32:44 +02:00
Tobias Brunner
9fa7b03769
conf: Order settings in man page alphabetically
...
For the config snippets the options are now explicitly ordered before
subsections.
2014-03-31 14:32:44 +02:00
Martin Willi
dbd4fc074a
openac: Remove obsolete openac utility
...
The same functionality is now provided by the pki --acert subcommand.
2014-03-31 11:39:25 +02:00
Andreas Steffen
342bc6e545
Disable mandatory ECP support for attestion
2014-03-07 21:56:34 +01:00
Tobias Brunner
bd1c9f1eac
conf: Fix out-of-tree build from distribution
...
It worked from the repository, where strongswan.conf.5.main is generated
in the build dir, but not from the distribution where it is located in
the source dir, so explicitly create it in the source dir.
2014-02-27 12:02:13 +01:00
Tobias Brunner
e1af4d88a6
conf: Ignore generated strongswan.conf.5.main
2014-02-18 10:08:54 +01:00
Tobias Brunner
5645ad2976
conf: Fix installation on FreeBSD
...
Apparently, the -t option for install is not portable.
2014-02-13 13:53:25 +01:00
Tobias Brunner
03650d5a2d
conf: The use of $^ is not portable
...
Generating strongswan.conf.5.main in a subshell gets the file
properly written to the builddir in out-of-tree builds.
2014-02-13 11:47:02 +01:00
Tobias Brunner
efce4559e8
conf: Install config files world-readable but warn about permissions for certain options
2014-02-12 15:16:57 +01:00
Tobias Brunner
5422bb9070
conf: Document variables and config files/dirs
2014-02-12 14:34:34 +01:00
Tobias Brunner
7573a7ed56
conf: Only install config snippets for enabled components
2014-02-12 14:34:34 +01:00
Tobias Brunner
ff94fe157a
conf: Document options of other programs
2014-02-12 14:34:34 +01:00
Tobias Brunner
5ac757872b
conf: Document options of plugins in libpts
2014-02-12 14:34:34 +01:00
Tobias Brunner
bf3f4bf7a2
conf: Document libimcv options
2014-02-12 14:34:34 +01:00
Tobias Brunner
4576f7f960
conf: Document libtnccs options
2014-02-12 14:34:34 +01:00
Tobias Brunner
d56a23c515
conf: Create automatically generated config snippets in build dir
2014-02-12 14:34:34 +01:00
Tobias Brunner
7f535b3938
conf: Install config snippets in /usr/share/strongswan/templates/config too
2014-02-12 14:34:34 +01:00
Tobias Brunner
6a2de77f2e
conf: Only install config snippets if they don't exist yet
2014-02-12 14:34:34 +01:00
Tobias Brunner
fc380b175d
conf: Move load-tester options to plugin specific file
2014-02-12 14:34:34 +01:00
Tobias Brunner
828815b0d8
conf: Options of all plugins documented
...
Some options are still missing descriptions though.
2014-02-12 14:34:34 +01:00
Tobias Brunner
da8b16a160
conf: Add logger example config
2014-02-12 14:34:34 +01:00
Tobias Brunner
5da20b3dc6
conf: Converted charon options
2014-02-12 14:34:33 +01:00
Tobias Brunner
c4bb26b849
conf: Split strongswan.conf(5) man page and use generated snippet
2014-02-12 14:34:33 +01:00
Tobias Brunner
7f62b7d02d
conf: Generate groff snippet for configuration options
2014-02-12 14:34:33 +01:00
Tobias Brunner
91cc523ca7
conf: Generate strongswan.conf(5) man page in different directory
2014-02-12 14:34:33 +01:00
Tobias Brunner
1b98f85821
conf: Generate and install config sippets for option descriptions
...
The strongswan.d directory is also created relative to the configured
location of strongswan.conf.
2014-02-12 14:34:33 +01:00
Tobias Brunner
e90b37b9c3
conf: Script to convert option descriptions to man page and config snippets added
2014-02-12 14:34:33 +01:00
Tobias Brunner
dee50a6046
conf: Create /etc/strongswan.d directory and include .conf files
2014-02-12 14:34:33 +01:00
Tobias Brunner
45e19c7c88
conf: Simplified strongswan.conf template
2014-02-12 14:34:33 +01:00
Tobias Brunner
c75acc4c44
conf: Install strongswan.conf template from a separate directory
2014-02-12 14:34:33 +01:00