sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity
11,827 Commits 101 Branches 327 Tags
Commit Graph

100 Commits

Author SHA1 Message Date
Tobias Brunner
b07aee496a strongswan.conf: Use configured piddir for UNIX sockets 2013-09-13 14:32:51 +02:00
Tobias Brunner
8250fc10e8 Build generated man pages via configure script 2013-09-13 14:32:51 +02:00
Andreas Steffen
ae32172619 Make SWID directory where tags are stored configurable 2013-09-05 12:25:02 +02:00
Andreas Steffen
0d9e375193 Selectively enable PT-TLS and/or RADIUS sockets in tnc-pdp plugin 2013-08-26 20:36:07 +02:00
Andreas Steffen
12b3db5006 moved tnc_imv plugin to libtnccs thanks to recommendation callback function 2013-08-15 23:34:22 +02:00
Andreas Steffen
9d8c28e2f5 Documented plugin move from libcharon to libtnccs in strongswan.conf 2013-08-15 23:34:22 +02:00
Andreas Steffen
f5b5d262e8 Add PT-TLS interface to strongSwan PDP 2013-08-15 23:34:22 +02:00
Tobias Brunner
e99cfe5f20 strongswan.conf: Add note about reserved threads 2013-08-07 09:06:01 +02:00
Tobias Brunner
3021139f6f strongswan.conf: Moved some stuff around 2013-07-23 12:23:05 +02:00
Tobias Brunner
2ed8b36a8a strongswan.conf: Add missing options 2013-07-22 17:46:41 +02:00
Tobias Brunner
baa6419ec1 kernel-pfroute: Make time that is waited for VIPs to appear configurable 
One second might be too short for IPs to appear/disappear, especially on
virtualized hosts.
 2013-07-17 17:45:17 +02:00
Tobias Brunner
598bec78fa socket-default: Add options to disable address families 2013-07-05 09:48:27 +02:00
Tobias Brunner
68b7448eab capabilities: Make the user and group charon(-nm) changes to configurable 2013-06-25 17:16:33 +02:00
Andreas Steffen
adf8a05a3d Removed obsoleted strongswan.conf options 2013-06-21 23:25:24 +02:00
Tobias Brunner
4d62ad7571 charon-cmd: Link strongswan.conf(5) and charon-cmd(8) man pages 2013-06-21 16:35:19 +02:00
Tobias Brunner
37873f9994 kernel-netlink: Add an option to disable roam events 2013-05-03 15:11:19 +02:00
Andreas Steffen
6b99da026c added libstrongswan.plugins.openssl.fips_mode to man page 2013-04-16 13:44:06 +02:00
Andreas Steffen
654c88bca8 Added charon.initiator_only option which causes charon to ignore IKE initiation requests by peers 2013-04-14 19:57:49 +02:00
Andreas Steffen
1044710b04 implemented periodic IF-MAP RenewSession request 2013-04-03 21:38:04 +02:00
Tobias Brunner
96ad2b17b0 Updated strongswan.conf(5) man page 2013-04-01 16:56:47 +02:00
Andreas Steffen
0cf4dc53c7 updated strongswan.conf man page for tn_ifmap plugin 2013-03-31 19:05:53 +02:00
Andreas Steffen
f2145c8d3a Moved configuration from resolver manager to unbound plugin 
Also streamlined log messages in unbound plugin.
 2013-02-19 12:25:00 +01:00
Reto Guadagnini
932717fbde ipseckey: Added "enable" option for the IPSECKEY plugin to strongswan.conf 2013-02-19 12:25:00 +01:00
Tobias Brunner
9d9410e7b9 Typo in strongswan.conf(5) man page fixed 2013-01-31 11:52:11 +01:00
Tobias Brunner
c186b3940a Documented new options in strongswan.conf(5) man page 2013-01-25 20:22:20 +01:00
Tobias Brunner
ee6902ef7f Added an option to configure the maximum size of a fragment 2013-01-12 11:54:58 +01:00
Tobias Brunner
97973f8609 Use a connection specific option to en-/disable IKEv1 fragmentation 2012-12-24 13:00:01 +01:00
Tobias Brunner
2f62bb1549 Add an option to en-/disable IKE fragmentation 
Fragments are always accepted but will not be sent if disabled.  The
vendor ID is only sent if the option is enabled.
 2012-12-24 12:29:31 +01:00
Andreas Steffen
133fb74841 add dlcose strongswan.conf option to tnc-imc/tnc-imv plugins 2012-12-09 19:40:13 +01:00
Andreas Steffen
742722e2f5 updated strongswan.conf man page 2012-11-12 10:45:38 +01:00
Andreas Steffen
ffd3556bad scanner imc/imv pair uses IETF VPN PA-TNC message subtype 2012-10-31 21:58:21 +01:00
Tobias Brunner
3c4d383443 Added an option to reload certificates from PKCS#11 tokens on SIGHUP 2012-10-18 14:42:09 +02:00
Tobias Brunner
b4f6c39e55 Terminate unused resolver threads after a timeout 2012-10-18 12:26:00 +02:00
Andreas Steffen
6ab1502519 implemented os_info_t class 2012-10-10 21:54:21 +02:00
Tobias Brunner
358104a47f Added description for flush_auth_cfg and acct_port plus some minor editorial changes 2012-09-25 12:22:05 +02:00
Tobias Brunner
31990a19cc Documentation about some time values clarified 2012-09-24 16:02:03 +02:00
Tobias Brunner
e8e9048fee Added an option to configure the interface on which virtual IP addresses are installed 2012-09-21 18:16:26 +02:00
Tobias Brunner
9513225e6b Added options and a lookup function that will allow filtering of network interfaces 2012-09-21 18:16:26 +02:00
Tobias Brunner
bc6ec4de73 Option added to enforce a configured destination address for DHCP packets 2012-09-13 10:59:24 +02:00
Tobias Brunner
629cdca82c Updates to strongswan.conf(5) man page (added several missing options) 2012-09-12 16:53:45 +02:00
Martin Willi
c51af950b1 Add random plugin options to strongswan.conf.5 2012-09-10 17:07:51 +02:00
Andreas Steffen
3b51f34040 added libimcv.assessment_result to strongswan.conf man page 2012-09-09 23:50:32 +02:00
Tobias Brunner
5f6ef5d5ce Documentation for eap-dynamic added 2012-08-31 11:42:03 +02:00
Tobias Brunner
e4ef4c9877 Merge branch 'android-ndk' 
This branch comes with some preliminary changes for the user-land IPsec
implementation and the Android App.

One important change is that the UDP ports used by the socket-default plugin
were made configurable (either via ./configure or strongswan.conf).
Also, the plugin does randomly allocate a port if it is configured to 0,
which is useful for client implementations.  A consequence of these
changes is that the local UDP port used when creating ike_cfg_t objects has
to be fetched from the socket.
 2012-08-13 10:45:39 +02:00
Tobias Brunner
9ede42e112 Documentation fixes regarding xauth-pam/eap-gtc plugins 2012-08-11 16:05:05 +02:00
Andreas Steffen
da21793679 make max_message_size parameter consistent with similar options 2012-08-09 14:11:08 +02:00
Tobias Brunner
6fbf4472ea Added option to prevent socket-default from setting the source address on outbound packets 2012-08-08 15:39:07 +02:00
Tobias Brunner
224ab4c59b socket-default plugin allocates random ports if configured to 0. 
Also added strongswan.conf options to change the ports.
 2012-08-08 15:30:27 +02:00
Tobias Brunner
56d07af3be Added ESP log group for libipsec log messages. 2012-08-08 15:12:25 +02:00
Tobias Brunner
162621ed57 Moved Android specific logger to separate plugin. 
This is mainly because the other parts of the existing android plugin
can not be built in the NDK (access to keystore and system properties are
not part of the stable NDK libraries).
 2012-08-08 15:07:43 +02:00