etc/strongswan.d/charon/md5.conf
etc/strongswan.d/charon/nonce.conf
etc/strongswan.d/charon/openssl.conf
-#etc/strongswan.d/charon/padlock.conf
etc/strongswan.d/charon/pem.conf
etc/strongswan.d/charon/pgp.conf
etc/strongswan.d/charon/pkcs1.conf
etc/strongswan.d/charon/sshkey.conf
etc/strongswan.d/charon/stroke.conf
etc/strongswan.d/charon/updown.conf
+etc/strongswan.d/charon/vici.conf
etc/strongswan.d/charon/x509.conf
etc/strongswan.d/charon/xauth-eap.conf
etc/strongswan.d/charon/xauth-generic.conf
etc/strongswan.d/pki.conf
etc/strongswan.d/scepclient.conf
etc/strongswan.d/starter.conf
+etc/strongswan.d/swanctl.conf
+#etc/swanctl
+etc/swanctl/bliss
+etc/swanctl/ecdsa
+etc/swanctl/pkcs12
+etc/swanctl/pkcs8
+etc/swanctl/pubkey
+etc/swanctl/rsa
+etc/swanctl/swanctl.conf
+etc/swanctl/x509
+etc/swanctl/x509aa
+etc/swanctl/x509ac
+etc/swanctl/x509ca
+etc/swanctl/x509crl
+etc/swanctl/x509ocsp
usr/bin/pki
#usr/lib/ipsec
#usr/lib/ipsec/libcharon.a
usr/lib/ipsec/libcharon.so
usr/lib/ipsec/libcharon.so.0
usr/lib/ipsec/libcharon.so.0.0.0
-#usr/lib/ipsec/libhydra.a
-#usr/lib/ipsec/libhydra.la
-usr/lib/ipsec/libhydra.so
-usr/lib/ipsec/libhydra.so.0
-usr/lib/ipsec/libhydra.so.0.0.0
#usr/lib/ipsec/libradius.a
#usr/lib/ipsec/libradius.la
usr/lib/ipsec/libradius.so
usr/lib/ipsec/libtls.so
usr/lib/ipsec/libtls.so.0
usr/lib/ipsec/libtls.so.0.0.0
+#usr/lib/ipsec/libvici.a
+#usr/lib/ipsec/libvici.la
+usr/lib/ipsec/libvici.so
+usr/lib/ipsec/libvici.so.0
+usr/lib/ipsec/libvici.so.0.0.0
#usr/lib/ipsec/plugins
usr/lib/ipsec/plugins/libstrongswan-aes.so
usr/lib/ipsec/plugins/libstrongswan-attr.so
usr/lib/ipsec/plugins/libstrongswan-constraints.so
usr/lib/ipsec/plugins/libstrongswan-ctr.so
usr/lib/ipsec/plugins/libstrongswan-curl.so
-usr/lib/ipsec/plugins/libstrongswan-dhcp.so
usr/lib/ipsec/plugins/libstrongswan-des.so
+usr/lib/ipsec/plugins/libstrongswan-dhcp.so
usr/lib/ipsec/plugins/libstrongswan-dnskey.so
usr/lib/ipsec/plugins/libstrongswan-eap-identity.so
usr/lib/ipsec/plugins/libstrongswan-eap-mschapv2.so
usr/lib/ipsec/plugins/libstrongswan-md5.so
usr/lib/ipsec/plugins/libstrongswan-nonce.so
usr/lib/ipsec/plugins/libstrongswan-openssl.so
-#usr/lib/ipsec/plugins/libstrongswan-padlock.so
usr/lib/ipsec/plugins/libstrongswan-pem.so
usr/lib/ipsec/plugins/libstrongswan-pgp.so
usr/lib/ipsec/plugins/libstrongswan-pkcs1.so
usr/lib/ipsec/plugins/libstrongswan-pubkey.so
usr/lib/ipsec/plugins/libstrongswan-random.so
usr/lib/ipsec/plugins/libstrongswan-rc2.so
-#usr/lib/ipsec/plugins/libstrongswan-rdrand.so
usr/lib/ipsec/plugins/libstrongswan-resolve.so
usr/lib/ipsec/plugins/libstrongswan-revocation.so
usr/lib/ipsec/plugins/libstrongswan-sha1.so
usr/lib/ipsec/plugins/libstrongswan-sshkey.so
usr/lib/ipsec/plugins/libstrongswan-stroke.so
usr/lib/ipsec/plugins/libstrongswan-updown.so
+usr/lib/ipsec/plugins/libstrongswan-vici.so
usr/lib/ipsec/plugins/libstrongswan-x509.so
usr/lib/ipsec/plugins/libstrongswan-xauth-eap.so
usr/lib/ipsec/plugins/libstrongswan-xauth-generic.so
usr/libexec/ipsec/starter
usr/libexec/ipsec/stroke
usr/sbin/ipsec
+usr/sbin/swanctl
#usr/share/man/man1/pki---acert.1
#usr/share/man/man1/pki---dn.1
#usr/share/man/man1/pki---gen.1
#usr/share/man/man5/ipsec.conf.5
#usr/share/man/man5/ipsec.secrets.5
#usr/share/man/man5/strongswan.conf.5
-#usr/share/man/man8/_updown.8
+#usr/share/man/man5/swanctl.conf.5
#usr/share/man/man8/ipsec.8
-#usr/share/man/man8/openac.8
#usr/share/man/man8/scepclient.8
+#usr/share/man/man8/swanctl.8
#usr/share/strongswan
#usr/share/strongswan/templates
#usr/share/strongswan/templates/config
#usr/share/strongswan/templates/config/plugins/md5.conf
#usr/share/strongswan/templates/config/plugins/nonce.conf
#usr/share/strongswan/templates/config/plugins/openssl.conf
-#usr/share/strongswan/templates/config/plugins/padlock.conf
#usr/share/strongswan/templates/config/plugins/pem.conf
#usr/share/strongswan/templates/config/plugins/pgp.conf
#usr/share/strongswan/templates/config/plugins/pkcs1.conf
#usr/share/strongswan/templates/config/plugins/sshkey.conf
#usr/share/strongswan/templates/config/plugins/stroke.conf
#usr/share/strongswan/templates/config/plugins/updown.conf
+#usr/share/strongswan/templates/config/plugins/vici.conf
#usr/share/strongswan/templates/config/plugins/x509.conf
#usr/share/strongswan/templates/config/plugins/xauth-eap.conf
#usr/share/strongswan/templates/config/plugins/xauth-generic.conf
#usr/share/strongswan/templates/config/strongswan.d/pki.conf
#usr/share/strongswan/templates/config/strongswan.d/scepclient.conf
#usr/share/strongswan/templates/config/strongswan.d/starter.conf
+#usr/share/strongswan/templates/config/strongswan.d/swanctl.conf
+++ /dev/null
-From 0e32cbc0bc8fce3319491db360fb23b16561ec58 Mon Sep 17 00:00:00 2001
-From: Tobias Brunner <tobias@strongswan.org>
-Date: Tue, 15 Dec 2015 17:15:32 +0100
-Subject: [PATCH] child-rekey: Suppress updown event when deleting redundant
- CHILD_SAs
-
-When handling a rekey collision we might have to delete an already
-installed redundant CHILD_SA (or expect the other peer to do so). We don't
-want to trigger updown events for these as we don't during rekeying.
-
-Instead of setting the state to CHILD_REKEYING we could maybe use
-CHILD_REKEYED, which we currently only use for IKEv1, and set it for
-all CHILD_SAs we delete or expect the other peer to delete. Would need
-a small change in child-delete too. Or we could introduce a new state.
-
- #853.
----
- src/libcharon/sa/ikev2/tasks/child_rekey.c | 11 ++++++++++-
- 1 file changed, 10 insertions(+), 1 deletion(-)
-
-diff --git a/src/libcharon/sa/ikev2/tasks/child_rekey.c b/src/libcharon/sa/ikev2/tasks/child_rekey.c
-index c7a8a13..6f0c2b2 100644
---- a/src/libcharon/sa/ikev2/tasks/child_rekey.c
-+++ b/src/libcharon/sa/ikev2/tasks/child_rekey.c
-@@ -279,11 +279,15 @@ static child_sa_t *handle_collision(private_child_rekey_t *this)
- /* don't touch child other created, it has already been deleted */
- if (!this->other_child_destroyed)
- {
-- /* disable close action for the redundand child */
-+ /* disable close action and updown event for redundant child */
- child_sa = other->child_create->get_child(other->child_create);
- if (child_sa)
- {
- child_sa->set_close_action(child_sa, ACTION_NONE);
-+ if (child_sa->get_state(child_sa) != CHILD_REKEYING)
-+ {
-+ child_sa->set_state(child_sa, CHILD_REKEYING);
-+ }
- }
- }
- }
-@@ -372,6 +376,11 @@ METHOD(task_t, process_i, status_t,
- {
- return SUCCESS;
- }
-+ /* disable updown event for redundant CHILD_SA */
-+ if (to_delete->get_state(to_delete) != CHILD_REKEYING)
-+ {
-+ to_delete->set_state(to_delete, CHILD_REKEYING);
-+ }
- spi = to_delete->get_spi(to_delete, TRUE);
- protocol = to_delete->get_protocol(to_delete);
-
---
-1.7.9.5
-