e92364db66
swanctl: Add --redirect command
2016-03-04 16:02:59 +01:00
b84e905482
swanctl: Fix minor typos in documentation
...
"UPD" should be "UDP".
Signed-off-by: Chris Patterson <pattersonc@ainfosec.com>
2016-02-29 11:05:44 +01:00
abe6d07463
swanctl: Load pubkeys with load-creds
2016-01-09 07:23:30 +01:00
4c38c79452
vici: list-cert sends subject, not-before and not-after attributes for pubkeys
2016-01-09 07:23:30 +01:00
87371460f6
vici: Support of raw public keys
2016-01-09 07:23:29 +01:00
e333d4c0f1
swanctl.conf: IKEv2 fragmentation supported
2016-01-09 00:06:12 +01:00
3f2c305226
swanctl: Slightly change usage summary for --list-certs
2015-12-16 12:20:35 +01:00
b0f00b2a3c
swanctl: Never print more than MAX_LINES of usage summary
...
Print a warning if a registered command exceeds that limit.
2015-12-16 12:09:20 +01:00
47e5640378
swanctl --stats lists loaded plugins
2015-12-13 17:07:28 +01:00
02d431022c
Refactored certificate management for the vici and stroke interfaces
2015-12-12 00:19:24 +01:00
44d3b02b57
Removed VICI protocol versioning
2015-12-11 18:26:55 +01:00
b6dba6db74
Use of certificate_printer by swanctl --list-certs command
2015-12-11 18:26:55 +01:00
334119b843
Share vici_cert_info.c with vici_cred.c
2015-12-11 18:26:55 +01:00
fad851e2d3
Use VICI 2.0 protocol version for certificate queries
2015-12-11 18:26:54 +01:00
9709418871
swanctl: Explicitly link against -lpthread and -ldl if required
...
We already do this for charon, as some toolchains require an explicit
link even if libstrongswan already depends on it.
2015-12-04 08:02:03 +01:00
731cf55579
swanctl: Add --list-algs command to query loaded algorithms
2015-11-30 10:55:55 +01:00
c2967484a0
swanctl: Add option to query leases with --get-pools
2015-11-10 10:43:25 +01:00
304a9a97e8
swanctl: List virtual IPs in --list-sas
2015-11-10 10:43:24 +01:00
0709280175
swanctl: Correctly build man page in out-of-tree builds from the repository
2015-08-27 12:46:53 +02:00
9322e5b398
vici: Add option to disable policy installation for CHILD_SAs
2015-08-17 12:01:36 +02:00
2096d54198
Improved legibility of swanctl CRL listings
2015-07-22 17:46:15 +02:00
63d370387d
vici: Certification Authority support added.
...
CDP and OCSP URIs for a one or multiple certification authorities
can be added via the VICI interface. swanctl allows to read
definitions from a new authorities section.
2015-07-21 13:02:30 +02:00
54d0d20bda
swanctl: Fix --uri option
...
As we now pass the vici connection to the command dispatcher callback, we can't
parse the --uri option to create the connection from the same callback. Instead
pre-process the common command options in a separate loop, and ignore the same
options while processing the actual command.
2015-05-05 10:46:48 +02:00
acbdf8c806
swanctl: Implement monitoring of IKE_SA and CHILD_SA changes
...
Signed-off-by: Timo Teräs <timo.teras@iki.fi>
2015-05-04 13:39:08 +02:00
ea79cd6ade
swanctl: Add missing unit in install-time log
2015-05-04 13:25:30 +02:00
d143e7b04b
swanctl: Append /ESN to proposal for a CHILD_SA using Extended Sequence Numbers
...
We previously printed just the value for the "esn" keyword, which is "1", and
not helpful as such.
Fixes #904 .
2015-03-23 10:15:07 +01:00
94bb26fae3
vici: Return authentication rounds with unique names
...
To simplify handling of authentication rounds in dictionaries/hashtables on the
client side, we assign unique names to each authentication round when listing
connection.
2015-03-18 13:59:14 +01:00
1e366429fd
swanctl: Cache entered PKCS#12 decryption secret
...
It is usually used more than once, but most likely the same for decryption and
MAC verification.
2015-03-18 13:34:22 +01:00
54cdf847cc
swanctl: Support loading PKCS#12 containers from a pkcs12 swanctl directory
2015-03-18 13:34:22 +01:00
a1fb5251e0
swanctl: Generalize private key decryption to support other credential types
2015-03-18 13:34:22 +01:00
f6511e36b5
vici: If a IKE reauth_time is configured, disable the default rekey_time
2015-03-03 13:49:14 +01:00
cc1682bef9
ipsec-types: Support the %unique mark value
2015-02-20 16:34:53 +01:00
e4a131b1ce
swanctl: List CHILD_SA unique ID as the primary identifier, but print reqid, too
2015-02-20 13:34:50 +01:00
108e388580
swanctl: Fail loading a connection if loading a cacert constraint fails
2014-12-12 10:23:59 +01:00
5e92534313
vici: Add support for address range definitions of pools
2014-10-30 12:32:45 +01:00
9da2b19189
swanctl: Document identity type prefixes
2014-10-30 11:07:10 +01:00
f8dc376c77
swanctl: Fix man page build on FreeBSD
...
BSD make seems to only evaluate $< for certain rules (like the suffix rule
used to generate the config template).
2014-10-14 16:49:40 +02:00
67f9f09dd3
swanctl: Fix exit codes based on errno
...
As fprintf() most likely sets errno, we should save it before printing the
error message.
2014-10-10 11:42:18 +02:00
0efea2fd86
Don't fail to install if sysconfdir isn't writable
2014-09-26 10:52:37 +02:00
d9a2f1330a
swanctl: Complete --load-creds command summary
2014-09-22 13:55:11 +02:00
71d85b33d9
swanctl: Fix description of load-pools command summary
2014-09-22 13:55:11 +02:00
67402e67af
swanctl: Add a --load-all command, performing --load-{creds,pools,conns}
2014-09-22 13:55:11 +02:00
214a859cd6
swanctl: Add a --reload-settings command
2014-09-22 13:55:11 +02:00
bc9acd7b9e
swanctl: Document --stats command
2014-09-19 11:30:08 +02:00
8a59fa6467
swanctl: Document how connections.*.unique affects initiators
2014-09-09 10:56:15 +02:00
d236db8701
swanctl: Fix documentation of options for send_cert setting
2014-07-28 10:38:34 +02:00
88a33f8aa7
swanctl: Fix the swanctl.conf cacerts option name in the manpage and template
2014-07-14 09:18:47 +02:00
1bd175a9ef
swanctl: Fix Doxygen group assignment
2014-06-30 13:16:16 +02:00
ed01c1afff
Fixed some typos
2014-06-30 13:16:16 +02:00
df93458685
swanctl: Add a --stats command to print daemon infos and statistics
2014-06-17 17:55:45 +02:00
Tobias Brunner