Andreas Steffen
|
eb0cc33886
|
The XFRM_STATE_AF_UNSPEC flag added to xfrm.h allows IPv4-over-IPv6 and IPv6-over-IPv6 tunnels with the 2.6.26 and later Linux kernels
|
2008-07-15 15:28:00 +00:00 |
Martin Willi
|
ef3f717bfe
|
reverted [4125],[4166], reimplemented the proper way
|
2008-07-11 08:54:56 +00:00 |
Martin Willi
|
6b5d95919c
|
setting ike_sa on bus in checkout_new
|
2008-07-11 08:47:18 +00:00 |
Andreas Steffen
|
858a9fd584
|
update_peerid() does not accept %any as a certificate's subjectAltName
|
2008-07-09 22:13:39 +00:00 |
Martin Willi
|
e7991a2eef
|
do a route lookup to allow routing of left=%any connections
|
2008-07-09 14:16:19 +00:00 |
Andreas Steffen
|
2c258d7373
|
ipsec statusall displays dpd options
|
2008-07-02 10:48:57 +00:00 |
Martin Willi
|
4a231f1a2e
|
changed medcli settings keys
|
2008-07-02 09:02:38 +00:00 |
Martin Willi
|
d932435e18
|
sql plugin supports a list of pools to fall back, specified by e.g. rightsourceip=%pool1,pool2
|
2008-07-02 08:31:48 +00:00 |
Martin Willi
|
fca4d3ee03
|
implementation of a simple "token enumerator"
|
2008-07-02 08:09:07 +00:00 |
Martin Willi
|
ab89517218
|
fixed medsrv database uri key
|
2008-07-01 13:57:47 +00:00 |
Martin Willi
|
131064995a
|
added a "ipsec down-srcip <start> [<end>]" command to terminate IKE_SAs by remote virtual ip
|
2008-07-01 12:48:56 +00:00 |
Martin Willi
|
d01783dba4
|
logging peer addresses in peer_cfg lookup
|
2008-07-01 11:10:37 +00:00 |
Martin Willi
|
9eeaa25f5d
|
added host match prio to debugging output
|
2008-07-01 11:01:27 +00:00 |
Martin Willi
|
62bd123952
|
peer_cfg lookup takes peer addresses into account
|
2008-07-01 09:05:20 +00:00 |
Martin Willi
|
866ba8e0b6
|
strongswan.conf's charon.close_ike_on_child_failure closes IKE_SA if CHILD_SA setup in IKE_AUTH fails
|
2008-07-01 07:54:09 +00:00 |
Martin Willi
|
d510eaea47
|
sending INTERNAL_ADDRESS_FAILURE if virtual IP requested but none found
|
2008-07-01 06:36:52 +00:00 |
Andreas Steffen
|
5397a7f91d
|
show authentication method in ipsec statusall
|
2008-06-30 17:08:47 +00:00 |
Martin Willi
|
b119f89a4e
|
fixed chunk_increment, fixes reuse of already assigned addresses
|
2008-06-30 12:33:38 +00:00 |
Martin Willi
|
aafe8ced39
|
added strongswan.conf option charon.reuse_iksa=no to create each CHILD_SA in a new IKE_SA
|
2008-06-30 08:45:11 +00:00 |
Andreas Steffen
|
125aaf1ab1
|
log received vendor id as a hex value
|
2008-06-27 17:11:54 +00:00 |
Andreas Steffen
|
dc04f16e26
|
corrected vendor_id_payload diagram
|
2008-06-27 15:22:27 +00:00 |
Martin Willi
|
c66a1b757f
|
ike/kernel protocol identifier conversion functions
|
2008-06-26 08:59:39 +00:00 |
Martin Willi
|
7e8af02626
|
flushing task_manager on shutdown while IKE_SA is usable
|
2008-06-25 11:40:50 +00:00 |
Tobias Brunner
|
be33d1a51b
|
merging the ESP sequence numbers of an SA in update_sa (fixing #52)
|
2008-06-24 15:35:09 +00:00 |
Martin Willi
|
eec675bf8c
|
enumerating loaded plugins in "ipsec statusall"
|
2008-06-24 12:49:04 +00:00 |
Tobias Brunner
|
ad4d3f81c1
|
changed ipsec.secrets keyword EC to ECDSA
|
2008-06-24 06:57:47 +00:00 |
Andreas Steffen
|
7c8eff1eaa
|
cosmetics
|
2008-06-23 09:08:49 +00:00 |
Martin Willi
|
857ba3574b
|
fixed "double-close" of stroke fd resulting in "bad fd" errors if multiple threads are active
|
2008-06-23 08:53:37 +00:00 |
Martin Willi
|
417421048c
|
fixed medsrv mysql scheme
|
2008-06-23 08:30:57 +00:00 |
Martin Willi
|
e9ab669bc2
|
resolving hosts before route
|
2008-06-23 08:30:35 +00:00 |
Andreas Steffen
|
bc997f6583
|
display selected IKE proposal in ipsec statusall
|
2008-06-22 11:24:33 +00:00 |
Martin Willi
|
bb1383183c
|
support in smp for terminate-by-name
|
2008-06-20 07:14:35 +00:00 |
Martin Willi
|
364fca2cee
|
fixed identation
|
2008-06-19 11:50:13 +00:00 |
Martin Willi
|
252015f017
|
medcli initiates "active" connections on startup
|
2008-06-19 11:09:48 +00:00 |
Martin Willi
|
a5b8e6976b
|
medcli plugin writes connection status to database
|
2008-06-19 08:46:34 +00:00 |
Martin Willi
|
cc7d8dca38
|
fixed UCI default proposals
|
2008-06-18 13:32:23 +00:00 |
Martin Willi
|
fdacb2f181
|
support for more config options in UCI plugin
|
2008-06-18 08:50:32 +00:00 |
Martin Willi
|
61c4638646
|
first simple prototype of a UCI configuration plugin for OpenWRT
|
2008-06-17 14:17:51 +00:00 |
Martin Willi
|
285152b33d
|
do not use self-installed route for IKE if routing table is 0
|
2008-06-17 08:04:12 +00:00 |
Martin Willi
|
035930fc4a
|
added %P printf handler for poposal_t
added some proposal selection debugging code
|
2008-06-12 11:42:19 +00:00 |
Martin Willi
|
9529fb6836
|
added mediation server web frontend
updated charons medsrv plugin to updated database scheme
|
2008-06-11 14:13:24 +00:00 |
Martin Willi
|
63608c9fc6
|
fixed compile error of medsrv plugin
|
2008-06-11 07:45:25 +00:00 |
Andreas Steffen
|
7d4bb52073
|
make config_auth_method_t backward compatible to existing sql templates
|
2008-06-10 20:31:53 +00:00 |
Martin Willi
|
ddedf511bb
|
fixed compile error in smp plugin
|
2008-06-10 11:29:46 +00:00 |
Tobias Brunner
|
ea0823dffd
|
ECDSA with OpenSSL
|
2008-06-10 09:08:27 +00:00 |
Martin Willi
|
a8ed846be7
|
added strongswan.conf option "routing_table" and "routing_table_prio"
|
2008-06-10 07:51:21 +00:00 |
Martin Willi
|
5dcda9e25b
|
added strongswan.conf option to disable route installation
|
2008-06-10 06:58:39 +00:00 |
Martin Willi
|
5a22a02156
|
DNS resolving of ike_cfg hosts dynamically on demand
|
2008-06-06 15:05:54 +00:00 |
Andreas Steffen
|
1e5522ffd7
|
convert comma-separated RDNs into slash-separated OpenSSL --subject format
|
2008-06-05 19:28:08 +00:00 |
Martin Willi
|
6649a3ca80
|
fixed --utc parsing position
support for DN filtering usign id="CN=asdf, O=asdf",addr=1.1.1.1
changed order of --leases columns
|
2008-06-05 13:56:10 +00:00 |