Martin Willi
7dbf9e1574
vici: Document strongswan.conf options
2014-05-07 14:13:38 +02:00
Martin Willi
f3e1ec4a85
vici: Have an explicit "relaxed" keyword for the default revocation policy
2014-05-07 14:13:38 +02:00
Martin Willi
585814470d
vici: Use a default child rekey time of 1 hour
2014-05-07 14:13:38 +02:00
Martin Willi
046befeca5
vici: Use a default IKE rekey time of 4 hours
2014-05-07 14:13:38 +02:00
Martin Willi
ff3217db4b
vici: Add low-level IPC protocol description
2014-05-07 14:13:38 +02:00
Martin Willi
c193732162
vici: Fix descending into non-matching sections during key find
2014-05-07 14:13:38 +02:00
Martin Willi
eacf864c21
vici: Add an IKE virtual IP and attribute backend
2014-05-07 14:13:38 +02:00
Martin Willi
afb8f492ef
vici: Support referencing external named pools for peer configs
2014-05-07 14:13:37 +02:00
Martin Willi
3ad9c34c92
vici: Actually add configured virtual IPs to peer config
2014-05-07 14:13:37 +02:00
Martin Willi
e651afe67b
vici: Use a default rand_time of the difference between hard and soft lifetimes
2014-05-07 14:13:37 +02:00
Martin Willi
c520510508
vici: Use a default hard lifetime of 110% of the soft lifetime
2014-05-07 14:13:37 +02:00
Martin Willi
93d60c479a
vici: Make unit-tests independent from libcharon and libhydra
...
Fixes monolithic build, as we can't depend on the not yet built libcharon.
2014-05-07 14:13:37 +02:00
Martin Willi
0963a9952c
vici: Don't compare unsigned certificate_type_t to -1
2014-05-07 14:13:37 +02:00
Martin Willi
e00ce378fa
vici: Use non-blocking first read when receiving message during client on_read()
...
As select() and finally the watcher may signal an FD even if it does not
actually have data, we must make a non-block read to avoid hanging in the
read callback.
2014-05-07 14:13:37 +02:00
Martin Willi
7de35b7ff6
vici: Perform specified start_action on connection load, undo it on unload
2014-05-07 14:13:37 +02:00
Martin Willi
96071fdb55
vici: Add a generic log event to raise events for log messages
2014-05-07 14:13:37 +02:00
Martin Willi
2676ffdb9f
vici: Be less verbose about client connections
...
Instead, log the explicit commands at a higher level.
2014-05-07 14:13:37 +02:00
Martin Willi
101dba01ce
vici: Add a list-certs command to query different certificate types
2014-05-07 14:13:37 +02:00
Martin Willi
b57739f721
vici: Support pinning end entity and CA certificates to connections
2014-05-07 14:13:37 +02:00
Martin Willi
e6e975ff9d
vici: Support missing groups option in auth config
2014-05-07 14:13:37 +02:00
Martin Willi
6efa792d22
vici: Add a load-shared command to load shared IKE and EAP secrets
2014-05-07 14:13:37 +02:00
Martin Willi
559ef7de48
vici: Add a load-key command to load private keys
2014-05-07 14:13:36 +02:00
Martin Willi
c12edb2a27
vici: Support loading of different certificate types
2014-05-07 14:13:36 +02:00
Martin Willi
de190f62c2
vici: Add a credential backend
2014-05-07 14:13:36 +02:00
Martin Willi
e1b65630b2
vici: Add a command listing all or specific loaded connections using events
2014-05-07 14:13:36 +02:00
Martin Willi
501ddf127b
vici: Add unload-conn and get-conns commands to manage loaded connections
2014-05-07 14:13:36 +02:00
Martin Willi
37aa250cad
vici: Make dispatcher a little more verbose
2014-05-07 14:13:36 +02:00
Martin Willi
b3d8bd8d26
vici: Add backend providing in-memory connections
2014-05-07 14:13:36 +02:00
Martin Willi
dd5ce0a97a
vici: Add generic callback based vici message parsing
2014-05-07 14:13:36 +02:00
Martin Willi
1f2e63ea41
vici: Add a list-policy command to query trap and shunt policies
2014-05-07 14:13:36 +02:00
Martin Willi
5c6e81dcf8
vici: Add install/uninstall commands to manage trap and shunt policies
2014-05-07 14:13:36 +02:00
Martin Willi
550f3f5646
vici: Extract CHILD_SA config lookup method
2014-05-07 14:13:36 +02:00
Martin Willi
e567675d29
vici: Refactor socket to clean up locking
...
Uses separate locks for socket read and write operations. While holding the
socket reader lock, a different thread can still claim the socket write lock.
This allows to asynchronously send event messages while holding the read
lock.
2014-05-07 14:13:36 +02:00
Martin Willi
9bfa397eba
vici: Fix dispatcher leak when handling unknown request
2014-05-07 14:13:36 +02:00
Martin Willi
e2496bda02
vici: Add a test case raising events during request, checks in-order delivery
2014-05-07 14:13:35 +02:00
Martin Willi
3b5808a0f6
vici: Avoid recursive control log invocations
2014-05-07 14:13:35 +02:00
Martin Willi
993bfe95fb
vici: Add a callback based recursive parser function
2014-05-07 14:13:35 +02:00
Martin Willi
d9ae1c68e5
vici: Add a version command to print daemon and OS version info
2014-05-07 14:13:35 +02:00
Martin Willi
c7d4dad66d
vici: Implement a terminate command to close IKE or CHILD_SAs
2014-05-07 14:13:35 +02:00
Martin Willi
5f95657c65
vici: Add a control backend, currently to initiate connections by name
2014-05-07 14:13:35 +02:00
Martin Willi
ecc4b51048
vici: Support thread cancellation in command callbacks
2014-05-07 14:13:35 +02:00
Martin Willi
045bdf5283
vici: Move dumping to core message class, use it in libvici
2014-05-07 14:13:35 +02:00
Martin Willi
7f4cfdff58
vici: Add convenience value/string/integer getter to libvici
2014-05-07 14:13:35 +02:00
Martin Willi
db18495514
vici: Add some convenience getters on message
2014-05-07 14:13:35 +02:00
Martin Willi
b40a12a96f
vici: Raise events with an optional identifier for specific connections
2014-05-07 14:13:35 +02:00
Martin Willi
293431269b
vici: Invoke dispatcher outside of connection log, allowing events from commands
2014-05-07 14:13:35 +02:00
Martin Willi
252025210f
vici: Add a query class, currently implementing a list-sas command
2014-05-07 14:13:35 +02:00
Martin Willi
eb4fd014b8
vici: Add a libvici low-level client library
2014-05-07 14:13:35 +02:00
Martin Willi
8383d626b9
vici: Provide a command dispatcher handling request and event registration
2014-05-07 14:13:34 +02:00
Martin Willi
8457da7528
vici: Add a fully asynchronous IPC socket segmenting messages on/from stream
2014-05-07 14:13:34 +02:00
