From: Andreas Steffen Date: Fri, 30 May 2014 08:00:08 +0000 (+0200) Subject: Updated IMC/IMV entries in strongswan.conf man page X-Git-Tag: 5.2.0dr5~6 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=bfd8f8c5fe8f3d52542dfbef4ee357bc31be8be8;p=thirdparty%2Fstrongswan.git Updated IMC/IMV entries in strongswan.conf man page --- diff --git a/conf/Makefile.am b/conf/Makefile.am index 2cb101cc08..ccc6967818 100644 --- a/conf/Makefile.am +++ b/conf/Makefile.am @@ -51,6 +51,7 @@ plugins = \ plugins/imv-attestation.opt \ plugins/imv-os.opt \ plugins/imv-scanner.opt \ + plugins/imv-swid.opt \ plugins/imv-test.opt \ plugins/ipseckey.opt \ plugins/led.opt \ diff --git a/conf/plugins/imc-attestation.opt b/conf/plugins/imc-attestation.opt index 3169617a68..9b60b9edec 100644 --- a/conf/plugins/imc-attestation.opt +++ b/conf/plugins/imc-attestation.opt @@ -1,20 +1,20 @@ -charon.plugins.imc-attestation.aik_blob = +libimcv.plugins.imc-attestation.aik_blob = AIK encrypted private key blob file. -charon.plugins.imc-attestation.aik_cert = +libimcv.plugins.imc-attestation.aik_cert = AIK certificate file. -charon.plugins.imc-attestation.aik_pubkey = +libimcv.plugins.imc-attestation.aik_pubkey = AIK public key file. -charon.plugins.imc-attestation.mandatory_dh_groups = yes +libimcv.plugins.imc-attestation.mandatory_dh_groups = yes Enforce mandatory Diffie-Hellman groups. -charon.plugins.imc-attestation.nonce_len = 20 +libimcv.plugins.imc-attestation.nonce_len = 20 DH nonce length. -charon.plugins.imc-attestation.use_quote2 = yes +libimcv.plugins.imc-attestation.use_quote2 = yes Use Quote2 AIK signature instead of Quote signature. -charon.plugins.imc-attestation.pcr_info = no +libimcv.plugins.imc-attestation.pcr_info = no Whether to send pcr_before and pcr_after info. diff --git a/conf/plugins/imc-os.opt b/conf/plugins/imc-os.opt index c13676917e..4f559f2b9d 100644 --- a/conf/plugins/imc-os.opt +++ b/conf/plugins/imc-os.opt @@ -1,14 +1,14 @@ -charon.plugins.imc-os.device_cert = +libimcv.plugins.imc-os.device_cert = Manually set the path to the client device certificate (e.g. /etc/pts/aikCert.der) -charon.plugins.imc-os.device_id = +libimcv.plugins.imc-os.device_id = Manually set the client device ID in hexadecimal format (e.g. 1083f03988c9762703b1c1080c2e46f72b99cc31) -charon.plugins.imc-os.device_pubkey = +libimcv.plugins.imc-os.device_pubkey = Manually set the path to the client device public key (e.g. /etc/pts/aikPub.der) -charon.plugins.imc-os.push_info = yes +libimcv.plugins.imc-os.push_info = yes Send operating system info without being prompted. diff --git a/conf/plugins/imc-scanner.opt b/conf/plugins/imc-scanner.opt index 84e6dfa2f6..9cc12b91d4 100644 --- a/conf/plugins/imc-scanner.opt +++ b/conf/plugins/imc-scanner.opt @@ -1,2 +1,2 @@ -charon.plugins.imc-scanner.push_info = yes +libimcv.plugins.imc-scanner.push_info = yes Send open listening ports without being prompted. diff --git a/conf/plugins/imc-swid.opt b/conf/plugins/imc-swid.opt index e14c94aca3..74490c179f 100644 --- a/conf/plugins/imc-swid.opt +++ b/conf/plugins/imc-swid.opt @@ -1,11 +1,11 @@ -charon.plugins.imc-swid.swid_directory = ${prefix}/share +libimcv.plugins.imc-swid.swid_directory = ${prefix}/share Directory where SWID tags are located. -charon.plugins.imc-swid.swid_generator = /usr/local/bin/swid_generator +libimcv.plugins.imc-swid.swid_generator = /usr/local/bin/swid_generator SWID generator command to be executed. -charon.plugins.imc-swid.pretty = FALSE +libimcv.plugins.imc-swid.swid_pretty = FALSE Generate XML-encoded SWID tags with pretty indentation. -charon.plugins.imc-swid.full = FALSE +libimcv.plugins.imc-swid.swid_full = FALSE Include file information in the XML-encoded SWID tags. diff --git a/conf/plugins/imc-test.opt b/conf/plugins/imc-test.opt index c3169b5af7..e15b069e8c 100644 --- a/conf/plugins/imc-test.opt +++ b/conf/plugins/imc-test.opt @@ -1,14 +1,14 @@ -charon.plugins.imc-test.additional_ids = 0 +libimcv.plugins.imc-test.additional_ids = 0 Number of additional IMC IDs. -charon.plugins.imc-test.command = none +libimcv.plugins.imc-test.command = none Command to be sent to the Test IMV. -charon.plugins.imc-test.dummy_size = 0 +libimcv.plugins.imc-test.dummy_size = 0 Size of dummy attribute to be sent to the Test IMV (0 = disabled). -charon.plugins.imc-test.retry = no +libimcv.plugins.imc-test.retry = no Do a handshake retry. -charon.plugins.imc-test.retry_command = +libimcv.plugins.imc-test.retry_command = Command to be sent to the Test IMV in the handshake retry. diff --git a/conf/plugins/imv-attestation.opt b/conf/plugins/imv-attestation.opt index f266281e68..3ad51625da 100644 --- a/conf/plugins/imv-attestation.opt +++ b/conf/plugins/imv-attestation.opt @@ -1,32 +1,32 @@ -charon.plugins.imv-attestation.cadir = +libimcv.plugins.imv-attestation.cadir = Path to directory with AIK cacerts. -charon.plugins.imv-attestation.mandatory_dh_groups = yes +libimcv.plugins.imv-attestation.mandatory_dh_groups = yes Enforce mandatory Diffie-Hellman groups. -charon.plugins.imv-attestation.dh_group = ecp256 +libimcv.plugins.imv-attestation.dh_group = ecp256 Preferred Diffie-Hellman group. -charon.plugins.imv-attestation.hash_algorithm = sha256 +libimcv.plugins.imv-attestation.hash_algorithm = sha256 Preferred measurement hash algorithm. -charon.plugins.imv-attestation.min_nonce_len = 0 +libimcv.plugins.imv-attestation.min_nonce_len = 0 DH minimum nonce length. -charon.plugins.imc-attestation.pcr17_after +libimcv.plugins.imc-attestation.pcr17_after Dummy data if the TBOOT log is not retrieved. -charon.plugins.imc-attestation.pcr17_before +libimcv.plugins.imc-attestation.pcr17_before Dummy data if the TBOOT log is not retrieved. -charon.plugins.imc-attestation.pcr17_meas +libimcv.plugins.imc-attestation.pcr17_meas Dummy data if the TBOOT log is not retrieved. -charon.plugins.imc-attestation.pcr18_after +libimcv.plugins.imc-attestation.pcr18_after Dummy data if the TBOOT log is not retrieved. -charon.plugins.imc-attestation.pcr18_before +libimcv.plugins.imc-attestation.pcr18_before Dummy data if the TBOOT log is not retrieved. -charon.plugins.imc-attestation.pcr18_meas +libimcv.plugins.imc-attestation.pcr18_meas Dummy data if the TBOOT log is not retrieved. diff --git a/conf/plugins/imv-os.opt b/conf/plugins/imv-os.opt index eab926201d..fe83bb66f0 100644 --- a/conf/plugins/imv-os.opt +++ b/conf/plugins/imv-os.opt @@ -1,2 +1,2 @@ -charon.plugins.imv-os.remediation_uri = +libimcv.plugins.imv-os.remediation_uri = URI pointing to operating system remediation instructions. diff --git a/conf/plugins/imv-scanner.opt b/conf/plugins/imv-scanner.opt index 7af87493b8..d23c6bab93 100644 --- a/conf/plugins/imv-scanner.opt +++ b/conf/plugins/imv-scanner.opt @@ -1,2 +1,2 @@ -charon.plugins.imv-scanner.remediation_uri = +libimcv.plugins.imv-scanner.remediation_uri = URI pointing to scanner remediation instructions. diff --git a/conf/plugins/imv-swid.opt b/conf/plugins/imv-swid.opt new file mode 100644 index 0000000000..51237c56af --- /dev/null +++ b/conf/plugins/imv-swid.opt @@ -0,0 +1,5 @@ +libimcv.plugins.imv-swid.rest_api_uri = + HTTP URI of the SWID REST API. + +libimcv.plugins.imc-swid.rest_api_timeout = 120 + Timeout of SWID REST API HTTP POST transaction. diff --git a/conf/plugins/imv-test.opt b/conf/plugins/imv-test.opt index 2cbddc8f6c..196559ed73 100644 --- a/conf/plugins/imv-test.opt +++ b/conf/plugins/imv-test.opt @@ -1,2 +1,2 @@ -charon.plugins.imv-test.rounds = 0 +libimcv.plugins.imv-test.rounds = 0 Number of IMC-IMV retry rounds.