sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
9,995 Commits 101 Branches 327 Tags
Commit Graph

9995 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Martin Willi
7ee16e4b85 Only add an implicit PRF based on the MAC alg if no PRF given in proposal 2012-10-24 11:49:37 +02:00
Martin Willi
60e59b7e7f Add proposal keywords to explicitly specify PRF algorithms 2012-10-24 11:49:36 +02:00
Martin Willi
343e998927 Added NEWS about lookip plugin 2012-10-24 11:47:18 +02:00
Martin Willi
a7f5eb1035 Add an interactive mode in lookip tool, demonstrate lasting connections 2012-10-24 11:43:34 +02:00
Martin Willi
9d422bb1b0 Send a lookip NOT_FOUND reply if a lookup yields no results 2012-10-24 11:43:34 +02:00
Martin Willi
f6fb2b98e9 lookup function of lookip listener returns the number of matches 2012-10-24 11:43:34 +02:00
Martin Willi
31576ceddf Handle multiple lookip connections using a single FDSET 2012-10-24 11:43:34 +02:00
Martin Willi
28683ef137 Renamed list to store listening lookip clients 2012-10-24 11:43:34 +02:00
Martin Willi
bae50c7393 Handle client subscriptions in lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi
7650dd9a4f Add a lookip server side UNIX socket processing LOOKUP and DUMP requests 2012-10-24 11:43:34 +02:00
Martin Willi
d59e6db614 Add a simple command line utility to query the lookip plugin 2012-10-24 11:43:34 +02:00
Martin Willi
7877c463ea Defined on-the-wire format used on lookip socket 2012-10-24 11:43:34 +02:00
Martin Willi
1edaa79c06 Add a lookip function to register virtual IP notification listeners 2012-10-24 11:43:34 +02:00
Martin Willi
9c54b445e2 Add a lookup method to lookip plugin, using a callback to invoke 2012-10-24 11:43:34 +02:00
Martin Willi
2caa27d42e Add a lookip listener that collects the information we are interested in 2012-10-24 11:43:34 +02:00
Martin Willi
e0d7c1eda7 Add a lookip plugin stub to lookup connections by virtual IP 2012-10-24 11:43:33 +02:00
Martin Willi
a19d591388 Add NEWS about stroke counters 2012-10-24 11:39:13 +02:00
Martin Willi
3202f4a381 Add "listcounters" command to ipsec.8 manpage 2012-10-24 11:34:31 +02:00
Martin Willi
0c4b9f7cda Add a "ipsec listcounters" command to stroke 2012-10-24 11:34:31 +02:00
Martin Willi
f9332e0a8b Add a print method for stroke counters 2012-10-24 11:34:31 +02:00
Martin Willi
2232d88569 Support field with specifiers in %N printf hook 2012-10-24 11:34:30 +02:00
Martin Willi
fc4d1568d1 Add stroke message type counters 2012-10-24 11:34:30 +02:00
Martin Willi
5715af7508 Add stroke counters for invalid IKE messages 2012-10-24 11:34:30 +02:00
Martin Willi
81e0e10344 Add stroke CHILD_SA rekeying counter 2012-10-24 11:34:30 +02:00
Martin Willi
a32a8d4a67 Add stroke IKE rekey counters 2012-10-24 11:34:30 +02:00
Martin Willi
418f4bc7a5 Raise a bus alert when IKE message body parsing fails 2012-10-24 11:34:30 +02:00
Martin Willi
2b95ab7620 Raise a bus alert when IKE message header parsing fails 2012-10-24 11:34:30 +02:00
Martin Willi
f6f16131d0 Raise a bus alert when a received message contains unknown SPIs 2012-10-24 11:34:30 +02:00
Martin Willi
47904e3c74 Define stroke counter types to implement 2012-10-24 11:34:11 +02:00
Martin Willi
8554895b95 Add a stub for IKE event counters in stroke 2012-10-24 11:34:11 +02:00
Martin Willi
b2265a2738 Add a load-tester option to define the IKE version to use for testing 2012-10-24 10:19:33 +02:00
Martin Willi
e19b23e0b9 Remove peer_cfg IKE version matching, as it is done in ike_cfg matching 2012-10-24 10:19:33 +02:00
Martin Willi
7910116384 Respect IKE version while selecting an ike_cfg as responder 2012-10-24 10:19:33 +02:00
Martin Willi
1fdd62ffce Remove version argument on peer_cfg constructor, use ike_cfg version instead 2012-10-24 10:19:33 +02:00
Martin Willi
9fc7cc6f9b Add IKE version information to ike_cfg_t 2012-10-24 10:18:35 +02:00
Martin Willi
cf62d073f1 Move ike_version_t definition from peer_cfg_t to ike_cfg_t 2012-10-24 10:17:36 +02:00
Tobias Brunner
23ca39010e android: Enable ECC in the app as our custom built libcrypto supports it 2012-10-23 18:13:58 +02:00
Andreas Steffen
d8e62ae9b4 version bump to 5.0.2dr2 2012-10-20 10:49:27 +02:00
Andreas Steffen
c2a5e7bcf9 updated NEWS 2012-10-19 08:52:35 +02:00
Andreas Steffen
a9c9414d58 implemented IETF Numeric Version attribute 2012-10-18 22:33:26 +02:00
Andreas Steffen
ef315c5a1c implemented IETF Remediation Instructions attribute 2012-10-18 18:24:26 +02:00
Tobias Brunner
d2c8bc4df0 Handle type of first EAP-RADIUS response more sophisticated 2012-10-18 14:48:11 +02:00
Tobias Brunner
a5436657e9 Starter ignores non-fatal errors when reloading config 2012-10-18 14:42:11 +02:00
Tobias Brunner
9e730ef9df Starter unroutes removed or changed connections before loading and routing new ones 2012-10-18 14:42:11 +02:00
Tobias Brunner
21037942e8 Update routed connections in trap manager 
Before this change, modified configs that have been updated with ipsec reload,
could properly be started manually, but the old config would get used if
triggered via trap policies.
 2012-10-18 14:42:10 +02:00
Tobias Brunner
3555bacac7 Reload logger configuration on SIGHUP 
Besides changing the configuration this allows to easily rotate log files.

Also moved logger initialization back to daemon_t.
 2012-10-18 14:42:10 +02:00
Tobias Brunner
d35d669180 Make syslog and file loggers configurable at runtime 2012-10-18 14:42:10 +02:00
Tobias Brunner
18a8893e8e Store loggers in conftest separately, not on charon 2012-10-18 14:42:10 +02:00
Tobias Brunner
3c4d383443 Added an option to reload certificates from PKCS#11 tokens on SIGHUP 2012-10-18 14:42:09 +02:00
Tobias Brunner
ca1c2ee281 Copy the name of pkcs11_library_t objects 
Strings returned by settings_t.create_section_enumerator will be freed
when the config is reloaded.
 2012-10-18 14:42:09 +02:00