Andreas Steffen
7b1c711ea0
version bump to 5.0.1dr4
2012-08-31 02:47:37 +02:00
Martin Willi
69e056a2c1
Added multiple left/rightsourceip NEWS
2012-08-30 16:43:46 +02:00
Martin Willi
e76f3d0df7
Added NEWS for left/rightdns options
2012-08-30 16:43:45 +02:00
Martin Willi
26bc695806
Updated ipsec.conf.5 with multiple left/rightsourceip support
2012-08-30 16:43:45 +02:00
Martin Willi
2df155958c
Added a note to _updown for the new PLUTO_MY_SOURCEIP* variables
2012-08-30 16:43:45 +02:00
Martin Willi
7f52f621c2
Be less verbose if IP allocation for a single pool fails
2012-08-30 16:43:44 +02:00
Martin Willi
980c468cdc
DHCP plugin returns virtual IPs for IPv4 requests only
2012-08-30 16:43:44 +02:00
Martin Willi
769446a8c7
Check address family in HA virtual IP backend
2012-08-30 16:43:44 +02:00
Martin Willi
40e9089889
Strictly enforce address family match while acquiring mem_pool IPs
2012-08-30 16:43:44 +02:00
Martin Willi
13f11ccf46
Don't parse comma separated pool names in attr-sql
...
We now handle multiple pools at a deeper level, making that special
handling obsolete. Comma separated pools are parsed in stroke.
2012-08-30 16:43:44 +02:00
Martin Willi
7b83cc62e0
Handle comma separated pools as multiple pool names in SQL plugin
2012-08-30 16:43:43 +02:00
Martin Willi
b5d2bf975b
Request and acquire multiple virtual IPs in IKEv1 Mode Config
2012-08-30 16:43:43 +02:00
Martin Willi
61d6ccf51c
Request and acquire multiple virtual IPs in IKEv2 configuration payload
2012-08-30 16:43:43 +02:00
Martin Willi
d55fe264d1
Pass all configured pool names to attribute provider enumerator
2012-08-30 16:43:43 +02:00
Martin Willi
feb8550401
Pass a list instead of a single virtual IP to attribute enumerators
2012-08-30 16:43:42 +02:00
Martin Willi
96c2b3cf89
Support multiple addresses/pools in left/rightsourceip
2012-08-30 16:43:42 +02:00
Martin Willi
497ce2cf51
Support multiple address pools configured on a peer_cfg
2012-08-30 16:43:42 +02:00
Martin Willi
101d26babe
Support multiple virtual IPs on peer_cfg and ike_sa classes
2012-08-30 16:43:42 +02:00
Tobias Brunner
db275b1477
Ported tun_device de-/initialization to FreeBSD
2012-08-29 15:34:17 +02:00
Tobias Brunner
39e9af9666
struct iphdr is Linux specific use struct ip instead
2012-08-29 15:32:26 +02:00
Tobias Brunner
55e05aa226
Include stdint.h for UINT32_MAX on FreeBSD
2012-08-29 15:32:26 +02:00
Martin Willi
584c063e36
Ported tun_device initialization to OS X utun
2012-08-28 11:16:31 +02:00
Tobias Brunner
48f51d9454
android: Field added to store the type of a VPN profile
2012-08-27 15:36:36 +02:00
Tobias Brunner
1f6f501978
android: Enum added for VPN types
2012-08-27 15:33:58 +02:00
Tobias Brunner
8a9956762c
android: Simplified handling of error dialog that is displayed if VpnService API is not supported
2012-08-27 10:48:13 +02:00
Tobias Brunner
aa55040192
android: LoginDialog refactored so it also works when the device is rotated
2012-08-27 10:48:13 +02:00
Tobias Brunner
e09f4120d4
android: Added a field to store selected user certificate
2012-08-27 10:48:13 +02:00
Andreas Steffen
8528f841de
Ewa did the new Polish translation
2012-08-24 16:59:47 +02:00
Tobias Brunner
a21fac9a85
Log configured IKE_SA proposals as initiator
2012-08-24 13:43:14 +02:00
Tobias Brunner
d2b4dff5dd
Log configured CHILD_SA proposals as initiator
2012-08-24 13:43:14 +02:00
Tobias Brunner
1184493407
Fall back to local address as IKEv1 identity if nothing else is configured
2012-08-24 12:55:01 +02:00
Tobias Brunner
454fb91367
Removed deprecated options from ipsec.conf template
2012-08-24 11:52:01 +02:00
Tobias Brunner
20915d6fa7
Apply send delay before adding non-ESP marker
...
Otherwise the packet header could not be parsed correctly when NAT-T is
used.
2012-08-24 11:23:36 +02:00
Martin Willi
d8eec395b2
Add a getter for the mem_pool_t base address
2012-08-24 11:19:07 +02:00
Andreas Steffen
014d007000
use pen_type_t for PA Message Subtype
2012-08-23 10:49:00 +02:00
Tobias Brunner
078755d099
Added a method to enumerate registered EAP methods
2012-08-21 16:48:47 +02:00
Martin Willi
da646ab94a
Remove unused ipsec.conf left/rightnatip keyword
2012-08-21 09:38:01 +02:00
Martin Willi
2b08ae4524
Add description about DNS server variables to _updown
2012-08-21 09:38:01 +02:00
Martin Willi
e0d3014a17
Add a DNS attribute handler to updown, passing servers to updown script
2012-08-21 09:38:01 +02:00
Martin Willi
c60f1da424
Add a description of the leftdns option to ipsec.conf.5
2012-08-21 09:38:01 +02:00
Martin Willi
63e460542c
Add a stroke attribute_handler requesting DNS servers given with leftdns
2012-08-21 09:38:01 +02:00
Martin Willi
9937ca069a
Serve ipsec.conf rightdns servers through stroke attribute provider
2012-08-21 09:38:01 +02:00
Martin Willi
17319aa28d
Add a left/rightdns keyword to configure connection specific DNS attributes
2012-08-21 09:38:00 +02:00
Martin Willi
f26796deb5
Remove unused src/dst variables in send_no_marker()
2012-08-21 09:34:32 +02:00
Andreas Steffen
ba922f99cb
use pen_type_t for attribute request entries
2012-08-21 00:22:02 +02:00
Andreas Steffen
dbb7859f9f
define pen_type_t as a vendor-specific type
2012-08-20 22:37:08 +02:00
Martin Willi
88a5abf5e2
Don't use POSIX semaphores if a MONOTONIC clock is available
...
POSIX semaphores use CLOCK_REALTIME, but our semaphore_t abstraction
expects CLOCK_MONOTONIC based times. Use the mutex/condvar based
fallback if time_monotonic() actuall returns monotonic times.
2012-08-20 18:01:20 +02:00
Martin Willi
10bdc7a968
Remove the unused second IKE_SA entry match function argument
...
LLVMs clang complains about this parameter, so remove it.
2012-08-20 17:42:14 +02:00
Martin Willi
907d3d0f1d
Add a mutex/condvar based semaphore implementation if sem_timedwait is unavailable
...
Fixes #214 .
2012-08-20 17:20:26 +02:00
Andreas Steffen
f39b3915cd
added IBM and OpenPTS Private Enterprise Numbers
2012-08-20 15:02:25 +02:00