ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
2,774 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

39 Commits

Author SHA1 Message Date
Martin Willi 3444390241 supporting multiple comma seperated subnets in left/rightsubnet definition 
e.g. leftsubnet=10.2.0.0/16,10.4.0.0/16
 2008-04-25 12:41:37 +00:00
Martin Willi cdcfe777f4 implementation of an CFG attribute framework, currently supporting virtual IPs 
updated ipsec.conf sourceip parameter to support
	CIDR notatation to serve from a pool
	%poolname to query a separate (database?) pool
 2008-04-09 12:54:47 +00:00
Tobias Brunner dc04b7c743 mediation extension adapted to the naming convention of the current version of the draft. note: the external interface (config, autotools) has not yet been changed 2008-03-26 18:40:19 +00:00
Martin Willi 552cc11b1f merged the modularization branch (credentials) back to trunk 2008-03-13 14:14:44 +00:00
Andreas Steffen d41a77e45c added RCSID 2007-10-08 20:12:25 +00:00
Tobias Brunner d5cc175833 experimental P2P-NAT-T for IKEv2 merged back from branch 2007-10-03 15:10:41 +00:00
Martin Willi 9dae1bed00 implemented IKEv2 force_encap connection parameter 
enforces UDP encapsulation by faking NAT detection payloads
  to hurdle restrictive firewalls
 2007-10-01 12:19:39 +00:00
Martin Willi 9164e49ac0 added mobike=yes|no connection option 
yes: include mobike support notifies as initiator
  no: only enable mobike as responder when initiator supports it
  default: yes
 2007-08-29 12:11:25 +00:00
Andreas Steffen 0dbc039ab5 added listaacerts,listacerts,rereadsecerts,rereadocspcerts,rereadaacerts,rereadacerts to stroke 2007-08-10 10:19:53 +00:00
Andreas Steffen a74be4f7eb set STROKE_REREAD_FIRST to STROKE_REREAD_SECRETS 2007-08-10 08:49:20 +00:00
Andreas Steffen f9e0dc3e02 added listaacerts, listacerts, listgroups, rereadaacerts, and rereadacerts keywords 2007-04-14 17:33:02 +00:00
Martin Willi 0c8aba6771 added support for 0.0.0.0/0 traffic selectors 
fixed routing to make correct 0.0.0.0/0 routes
 2007-03-01 11:42:08 +00:00
Martin Willi c60c7694d2 merged tasking branch into trunk 2007-02-28 14:04:36 +00:00
Andreas Steffen 34d7935ed4 added support of ca information records and ocsp keywords 2007-02-14 01:03:08 +00:00
Martin Willi f27f6296e6 merged EAP framework from branch into trunk 
includes a lot of other modifications
 2007-02-12 15:56:47 +00:00
Martin Willi 7652be891c added support for transport mode and (experimental!) BEET mode 
support for the type=transport/tunnel parameter in charon
 2006-12-21 14:35:17 +00:00
Martin Willi 6fe03b0af0 implemented reauthentication using the new reauth=yes|no parameter 2006-12-19 07:30:07 +00:00
Martin Willi 4dfb3cb0f5 fixed stddef.h include 2006-12-14 15:58:32 +00:00
Andreas Steffen 923ee10eef solved 64 bit issue in push/pop stroke interface 2006-10-31 23:17:21 +00:00
Martin Willi db7ef62494 better split up of library files "types.h" & "definitions.h" 
centralized all printf specifier character definitions
reuse of arginfo handlers
more cleanups
fixed more AMD64 issues
added DEBUG_LEVEL compile flag to exclude DBGn() statements
 2006-10-31 12:27:59 +00:00
Martin Willi 5c4cc9a4e3 added verbosity level to stroke 2006-10-24 08:44:47 +00:00
Martin Willi 0ae1deb887 updated stroke to allow run-time manipulation of debug levels 2006-10-18 11:47:26 +00:00
Andreas Steffen 8af7042e3b added hostaccess support 2006-09-25 06:12:22 +00:00
Martin Willi 1239c6f40b implemented handling of dpdaction and dpddelay ipsec.conf parameters 2006-09-08 06:12:02 +00:00
Martin Willi a655f5c09c reuse reqid when a ROUTED child_sa gets INSTALLED 
fixed a bug in retransmission code
added support for the "keyingtries" ipsec.conf parameter
added support for the "dpddelay" ipsec.conf parameter
done some work for "dpdaction" behavior
some other cleanups and fixes
 2006-09-05 14:07:25 +00:00
Martin Willi 45f76a7ddd added possibility to route CHILD_SAs, without to set them up 
support for auto=route parameter
	support for ipsec route and ipsec unroute
	initiating of CHILD and/or IKE_SAs based on kernel acquires
 2006-07-21 13:31:53 +00:00
Martin Willi d109b48968 added support for leftprotoport and rightprotoport 2006-07-05 13:13:07 +00:00
Martin Willi aed58dcc93 readded local_credential_store 
added sendcert policy to connection
some other cleanups
 2006-06-20 08:43:57 +00:00
Andreas Steffen 76dafed7a7 implemented rereadcrls rereadcacerts 2006-06-20 06:08:33 +00:00
Martin Willi c095388f7f added support for "ike" and "esp" keywords 
fixed bugs in proposal code
algorithm selection for charon works now with ipsec.conf
a lot of other fixes
 2006-06-15 11:09:11 +00:00
Andreas Steffen 5347233204 support for stroke listcerts|listcacerts|listall and left|rightca= 2006-06-12 08:43:46 +00:00
Martin Willi a2a3fb3e25 workaround for peers rekeying at the same time 
loading lifetime policies from ipsec.conf
 2006-06-12 07:33:20 +00:00
Andreas Steffen b7f9ca5837 added support for leftsendcert= and left|rightca= parameters 2006-06-09 05:50:41 +00:00
Martin Willi 9fe14f4b8a - policies contain a connections name now 
- used for initiate and delete
- connections won't get initiated twice anymore
- deleting of connections is now possible, which allows us to use
  ipsec update and ipsec reload
 2006-05-29 11:09:45 +00:00
Andreas Steffen ecadab2ba7 stroke now uses constant size string buffer 2006-05-29 07:14:57 +00:00
Martin Willi 7ba69503aa - changed config load strategy: 
starter loads both connections in charon & pluto,
  charon ignores anything with keyexchange!=ikev2.
  pluto needs the same behavior.
 2006-05-23 10:07:02 +00:00
Martin Willi 86a7937b45 - applied patch from andreas, which allows certificate listing via stroke 2006-05-19 06:44:08 +00:00
Martin Willi f2c2d395ff - introduced autotools 
- first working version
  - make dist should work
  - things to do:
    - UML testing!
    - more cleanups
 2006-05-16 14:24:03 +00:00
Martin Willi 95806de938 2006-05-10 07:58:29 +00:00