b3ab7a48cc
Spelling fixes
...
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior
Closes strongswan/strongswan#164 .
2020-02-11 18:23:07 +01:00
9486a2e5b0
ike-cfg: Pass arguments as struct
2019-04-25 14:31:33 +02:00
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
7b72909774
controller: Add option to force destruction of an IKE_SA
...
It's optionally possible to wait for a timeout to destroy the SA.
2018-05-22 10:06:07 +02:00
2db6d5b8b3
Fixed some typos, courtesy of codespell
2018-02-13 12:19:54 +01:00
95a63bf281
Migrate all enumerators to venumerate() interface change
2017-05-26 13:56:44 +02:00
2ba5dadb12
peer-cfg: Use struct to pass data to constructor
2016-04-09 16:51:01 +02:00
8a00a8452d
child-cfg: Use struct to pass data to constructor
2016-04-09 16:51:01 +02:00
28649f6d91
libhydra: Remove empty unused library
2016-03-03 17:36:11 +01:00
ff0abde9ed
controller: Optionally adhere to init limits also when initiating IKE_SAs
2015-08-21 18:21:13 +02:00
4163421f91
plugins: Don't link with -rdynamic on Windows
2014-06-04 15:53:02 +02:00
3070697f9f
ike: support multiple addresses, ranges and subnets in IKE address config
...
Replace the allowany semantic by a more powerful subnet and IP range matching.
Multiple addresses, DNS names, subnets and ranges can be specified in a comma
separated list. Initiators ignore the ranges/subnets, responders match
configurations against all addresses, ranges and subnets.
2013-09-04 10:38:37 +02:00
9aeaa7396e
peer-cfg: add a pull/push mode option to use with mode config
2013-09-04 10:33:37 +02:00
19cb07b890
automake: replace INCLUDES by AM_CPPFLAGS
...
INCLUDES are now deprecated and throw warnings when using automake 1.13.
We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and
defines are passed to AM_CPPFLAGS only.
2013-07-18 14:59:19 +02:00
553bb78730
child-sa: replace get_traffic_selectors() with create_ts_enumerator()
...
Not directly returning a linked list allows us to change the internals of
the CHILD_SA transparently.
2013-07-17 17:20:18 +02:00
e1360331e9
uci: Use plugin features to register backend and credential set
2013-06-11 11:18:19 +02:00
a36b49f3cb
Merge branch 'opaque-ports'
...
Adds a %opaque port option and support for port ranges in left/rightprotoport.
Currently not supported by any of our kernel backends.
2013-03-01 11:27:12 +01:00
a1db77de7c
Use a complete port range in traffic_selector_create_from_{subnet,cidr}
2013-02-21 11:52:33 +01:00
306a269e34
Add a DSCP configuration value to IKE configs
2013-02-06 15:20:32 +01:00
365d9a6f67
Added an option that allows to force IKEv1 fragmentation
2013-01-12 11:54:32 +01:00
97973f8609
Use a connection specific option to en-/disable IKEv1 fragmentation
2012-12-24 13:00:01 +01:00
12642a6831
Moved data structures to new collections subfolder
2012-10-24 16:00:49 +02:00
1efd6c6f2a
Make use of new CIDR string ts constructor where appropriate
2012-10-24 13:25:08 +02:00
1fdd62ffce
Remove version argument on peer_cfg constructor, use ike_cfg version instead
2012-10-24 10:19:33 +02:00
9fc7cc6f9b
Add IKE version information to ike_cfg_t
2012-10-24 10:18:35 +02:00
497ce2cf51
Support multiple address pools configured on a peer_cfg
2012-08-30 16:43:42 +02:00
101d26babe
Support multiple virtual IPs on peer_cfg and ike_sa classes
2012-08-30 16:43:42 +02:00
b223d517c8
Replaced usages of CHARON_*_PORT with calls to get_port().
2012-08-08 15:12:25 +02:00
e7ea057fd2
Make the UDP ports charon listens for packets on (and uses as source ports) configurable.
2012-08-08 15:07:43 +02:00
26d77eb3e6
Centralized thread cancellation in processor_t
...
This ensures that no threads are active when plugins and the rest of the
daemon are unloaded.
callback_job_t was simplified a lot in the process as its main
functionality is now contained in processor_t. The parent-child
relationships were abandoned as these were only needed to simplify job
cancellation.
2012-06-25 17:38:59 +02:00
1d315bddd3
implemented the right|leftallowany feature
2012-06-08 21:24:41 +02:00
80c5b17d1a
make IKEv1 DPD timeout configurable in charon
2012-05-17 19:49:22 +02:00
5ce59d4c06
Added an aggressive mode peer_cfg option
2012-03-20 17:31:34 +01:00
ac009df132
Pass IKE version to peer config enumerator, filter configs
2012-03-20 17:31:25 +01:00
f7a8fcedc0
Use enum to define IKE version on peer_cfg_t.
...
Replaced all those magic numbers.
2012-03-20 17:30:41 +01:00
3837aadf4c
Migrated uci_config_t to INIT/METHOD macros.
2011-10-04 14:34:25 +02:00
d3e4e92e4a
Migrated uci_parser_t to INIT/METHOD macros.
2011-10-04 14:34:25 +02:00
66633c0580
Migrated uci_creds_t to INIT/METHOD macros.
2011-10-04 14:34:25 +02:00
e751bc9aab
Migrated uci_control_t to INIT/METHOD macros.
2011-10-04 12:12:04 +02:00
8e3f14baab
bus->listen() and the controller wrappers accept a timeout to wait for callbacks
2011-08-26 10:44:25 +02:00
acf380bc05
Properly initialize the UCI plugin.
2011-08-01 13:06:09 +02:00
4bbce1ef37
Replaced ike_sa_t.create_child_sa_iterator with enumerator.
...
This required two new methods on ike_sa_t. One returns the number of
CHILD_SAs and one allows to remove a CHILD_SA.
2011-07-06 09:43:45 +02:00
14bf2f689d
Use CRITICAL job priority class for long running dispatcher jobs
2011-05-16 15:24:15 +02:00
69c3eca0e9
Added a non-blocking, skipping variant of IKE_SA enumerator
2011-05-16 15:24:13 +02:00
c55818ebb0
Added a (not yet implemented) plugin_t method to reload plugin configuration
2011-04-15 10:07:13 +02:00
787b5884aa
Added a get_name() function to plugin_t, create_plugin_enumerator enumerates over plugin_t
2011-04-15 10:07:12 +02:00
6e2791715b
Migrated remaining plugin_t implementations to INIT/METHOD macros
2011-04-15 10:07:12 +02:00
37788b1d06
Added a TFC padding option to child_cfg
2010-12-20 09:45:39 +01:00
c616d84c3f
start and route connections defined in an SQL database via start_action field and ipsec up %startall command
2010-11-28 11:57:49 +01:00
bb381e26c6
Refer to scheduler and processor via lib and not hydra.
2010-09-02 19:04:18 +02:00
Josh Soref