Import upstream release 5.2.1

6 files changed, 45 insertions, 6 deletions

diff --git a/conf/options/charon-systemd.conf b/conf/options/charon-systemd.conf
new file mode 100644
index 000000000..630488ad8
--- /dev/null
+++ b/conf/options/charon-systemd.conf
@@ -0,0 +1,16 @@
+charon-systemd {
+
+    # Section to configure native systemd journal logger, very similar to the
+    # syslog logger as described in LOGGER CONFIGURATION in strongswan.conf(5).
+    journal {
+
+        # Loglevel for a specific subsystem.
+        # <subsystem> = <default>
+
+        # Default loglevel.
+        # default = 1
+
+    }
+
+}
+
diff --git a/conf/options/charon-systemd.opt b/conf/options/charon-systemd.opt
new file mode 100644
index 000000000..3482f449f
--- /dev/null
+++ b/conf/options/charon-systemd.opt
@@ -0,0 +1,13 @@
+charon-systemd.journal {}
+	Section to configure native systemd journal logger, very similar to the
+	syslog logger as described in LOGGER CONFIGURATION in
+	**strongswan.conf**(5).
+
+charon-systemd.journal.default = 1
+	Default loglevel.
+
+	Specifies the default loglevel to be used for subsystems for which no
+	specific loglevel is defined.
+
+charon-systemd.journal.<subsystem> = <default>
+	Loglevel for a specific subsystem.
diff --git a/conf/options/charon.conf b/conf/options/charon.conf
index ec3a39a40..0bec9bb0a 100644
--- a/conf/options/charon.conf
+++ b/conf/options/charon.conf
@@ -40,9 +40,11 @@ charon {
     # Free objects during authentication (might conflict with plugins).
     # flush_auth_cfg = no
 
-    # Maximum size (in bytes) of a sent fragment when using the proprietary
-    # IKEv1 fragmentation extension.
-    # fragment_size = 512
+    # Maximum size (complete IP datagram size in bytes) of a sent IKE fragment
+    # when using proprietary IKEv1 or standardized IKEv2 fragmentation (0 for
+    # address family specific        default values). If specified this limit is
+    # used for both IPv4 and IPv6.
+    # fragment_size = 0
 
     # Name of the group the daemon changes to after startup.
     # group =
diff --git a/conf/options/charon.opt b/conf/options/charon.opt
index 1eb1b8877..678aa37bc 100644
--- a/conf/options/charon.opt
+++ b/conf/options/charon.opt
@@ -85,9 +85,11 @@ charon.flush_auth_cfg = no
 	this might conflict with plugins that later need access to e.g. the used
 	certificates.
 
-charon.fragment_size = 512
-	Maximum size (in bytes) of a sent fragment when using the proprietary IKEv1
-	fragmentation extension.
+charon.fragment_size = 0
+	Maximum size (complete IP datagram size in bytes) of a sent IKE fragment
+	when using proprietary IKEv1 or standardized IKEv2 fragmentation (0 for
+	address family specific	default values). If specified this limit is used
+	for both IPv4 and IPv6.
 
 charon.group
 	Name of the group the daemon changes to after startup.
diff --git a/conf/options/starter.conf b/conf/options/starter.conf
index 8465f7e53..447397b0d 100644
--- a/conf/options/starter.conf
+++ b/conf/options/starter.conf
@@ -1,5 +1,8 @@
 starter {
 
+    # Location of the ipsec.conf file
+    # config_file = ${sysconfdir}/ipsec.conf
+
     # Plugins to load in starter.
     # load =
 
diff --git a/conf/options/starter.opt b/conf/options/starter.opt
index 4e6574d58..54689e976 100644
--- a/conf/options/starter.opt
+++ b/conf/options/starter.opt
@@ -1,3 +1,6 @@
+starter.config_file = ${sysconfdir}/ipsec.conf
+	Location of the ipsec.conf file
+
 starter.load =
 	Plugins to load in starter.