ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
4,984 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

661 Commits

Author SHA1 Message Date
Martin Willi d87489661c Renamed ha-sync plugin to ha 2010-04-07 13:55:15 +02:00
Martin Willi 3c82381296 Try to send HA sync messages synchronously 2010-04-07 13:55:15 +02:00
Martin Willi f4f394e67c Do not sync a delete for a child in a destroying IKE_SA 2010-04-07 13:55:15 +02:00
Martin Willi 5a0a359b88 Include ICMP traffic in sync tunnel 2010-04-07 13:55:15 +02:00
Martin Willi 874c0bd8b8 Refactored segment enabling/disabling 2010-04-07 13:55:15 +02:00
Martin Willi 5d67259042 Use a connected UDP socket 2010-04-07 13:55:15 +02:00
Martin Willi 06308d9ede Removed obsolete socket subclasses 2010-04-07 13:55:15 +02:00
Martin Willi 3912fdb1ec Automatically segment cluster using periodically sent status messages 2010-04-07 13:55:14 +02:00
Martin Willi b7f15be136 Do not enable/disable our own sync tunnel 2010-04-07 13:55:14 +02:00
Martin Willi 9fdf5f712e Enable/disable inactive/active segments only 2010-04-07 13:55:14 +02:00
Martin Willi 310498f3de Deactivate all active segments before shutting down 2010-04-07 13:55:14 +02:00
Martin Willi 4e248733a8 HA kernel interface can mangle netfilter rules, currently with iptables invocation 2010-04-07 13:55:14 +02:00
Martin Willi dbc91f7c84 Added support for kernel segment manipulation 2010-04-07 13:55:14 +02:00
Martin Willi 6921e8d5a9 Moved segment configuration parsing to ha_sync_plugin 2010-04-07 13:55:14 +02:00
Martin Willi 37459ea928 Propagate segment manipulation to cluster node 2010-04-07 13:55:14 +02:00
Martin Willi 3d672d4b0a Segment manipulation in HA sync is thread save 2010-04-07 13:55:14 +02:00
Martin Willi c573b11c55 Passing 0 to segments->(de-)activate enables/disables all segments 2010-04-07 13:55:14 +02:00
Martin Willi 7ceaf50b05 separated auto-tunnel functionality from socket 2010-04-07 13:55:13 +02:00
Martin Willi f5632db953 create external fifo socket only if "fifo_interface" option is set 2010-04-07 13:55:13 +02:00
Martin Willi 47d365deef updated linuxdir include variable 2010-04-07 13:55:13 +02:00
Martin Willi 724736ff1c updated HA sync plugin to new lifetime config 2010-04-07 13:55:13 +02:00
Martin Willi f825238594 print "none" if not serving any segments 2010-04-07 13:55:13 +02:00
Martin Willi a33eb8631c automatically establish a PSK authenticated SA between cluster nodes 2010-04-07 13:55:13 +02:00
Martin Willi 80624c79d5 fixed memleak when installing synced virtual IPs 2010-04-07 13:55:13 +02:00
Martin Willi b1d495f469 do not sync CHILD_SAs without an IKE_SA 2010-04-07 13:55:13 +02:00
Martin Willi 5b7c0f4409 removed $Id$ from ha plugin 2010-04-07 13:55:13 +02:00
Martin Willi 26d08a241a fixed ike_sa condition/extension parsing 2010-04-07 13:55:12 +02:00
Martin Willi 1e977438af fixed sync of CHILD_SA delete 2010-04-07 13:55:12 +02:00
Martin Willi 9ffcbea6f1 added HA resync option to (re-)integrate nodes to a cluster 2010-04-07 13:55:12 +02:00
Martin Willi c81f4fa29d apply peer config during rekeying 2010-04-07 13:55:12 +02:00
Martin Willi 34d240a6e3 manage synced SAs in IKE_SA Manager, tag them with IKE_PASSIVE state 2010-04-07 13:55:12 +02:00
Martin Willi d4113a42e9 support for IKE_SA rekeying sync 2010-04-07 13:55:12 +02:00
Martin Willi aa98188af5 IKE_SA activation/deactivation magic using a fifo socket 2010-04-07 13:55:12 +02:00
Martin Willi c94fe198e9 syncing of complete IKE/CHILD_SAs works 2010-04-07 13:55:11 +02:00
Martin Willi 7999be5b0e pushing basic CHILD_SA sync data to backup node 2010-04-07 13:55:11 +02:00
Martin Willi 765935c8f6 basic syncing of IKE_SAs 
recreating SAs with keymat derivation
 2010-04-07 13:55:11 +02:00
Martin Willi 190edaf527 added a dispatcher class to receive HA sync messages 
simple attribute parser enumerator (probably needs a cleaner implementation)
 2010-04-07 13:55:11 +02:00
Martin Willi 12ec91ba3a generating basic IKE_SA sync messages 
pushing to statically configured failover node
 2010-04-07 13:55:11 +02:00
Martin Willi e5e91eec29 set up basic infrastructure ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e16d76f9a4 added child_sa serialization to ha_sync plugin 2010-04-07 13:55:11 +02:00
Martin Willi e67f5136c0 HA sync plugin stub 2010-04-07 13:55:11 +02:00
Tobias Brunner 08c5572602 Moving charon to libcharon. 2010-03-19 13:34:52 +01:00
Martin Willi f0da32c58d Introduced ipsec.conf NTLM keyword for NT hashes 2010-03-17 18:51:00 +01:00
Martin Willi a7fb418edd EAP-MSCHAPv2 can use stored NT hashes in addition to plaintext passwords 2010-03-17 18:50:53 +01:00
Thomas Egerer d266e8953e lookup exclusion for several arbitrary routing tables 2010-03-17 10:08:02 +01:00
Tobias Brunner afb364fff9 Reverting eba28948a5 which was only necessary when cross-compiling the plugins for Android 2.0. 
With the coming monolithic build using Android.mk files this won't be
necessary anymore.
 2010-03-02 12:03:44 +01:00
Tobias Brunner 4e657051f7 Streamlined the source file list formatting in plugin makefiles. 2010-03-02 10:40:50 +01:00
Tobias Brunner 6ec60bb92b Link all enabled libstrongswan plugins into the library, link all enabled charon plugins into libcharon. 2010-03-02 10:38:52 +01:00
Tobias Brunner 9ce567f895 Changed plugin constructors from plugin_create to plugin_name_plugin_create. 2010-03-02 09:10:26 +01:00
Tobias Brunner 6cc13cd9c5 Removing the plugin constructor declarations from the header files. 2010-03-02 09:10:19 +01:00