openwrt-packages-dist

46 MiB

Author	SHA1	Message	Date
Philip Prindeville	a783986cbc	strongswan: start charon directly from swanctl ipsec uses starter, and reads /etc/ipsec.conf (which then includes /var/ipsec/ipsec.conf, etc). This is overly complicated, and can be problematic if you're using both swanctl and ipsec for migration. Running charon directly from procd via the init.d script avoid all of this. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago
Philip Prindeville	ba79998e52	strongswan: swanctl init script doesn't load connections Fixes issue #15446 Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago
Philip Prindeville	ff33f4ccd3	strongswan: handle chacha20poly1305 as AEAD chacha20policy1305 is also an AEAD cipher, and hence does not permit a hash algorithm. Fixes issue #15397. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago
Philip Prindeville	c95fd69973	strongswan: fail on serious configuration errors Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago
Philip Prindeville	210640d606	strongswan: drop subshell when possible A subshell caused by $(...) can't persistently modify globals as a side-effect. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago
Philip Prindeville	f9d91f1f47	strongswan: migrate to swanctl configs Derived from the ipsec initd script, with the following changes: (1) various code improvements, corrections (get rid of left/right updown scripts, since there's only one), etc; (2) add reauth and fragmentation parameters; (3) add x.509 certificate-based authentication; and other minor changes. Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>	4 years ago

6 Commits (a783986cbc9e2dea5f2ccf4c429bdb634fd286a8)