New upstream version 5.6.0

8 files changed, 97 insertions, 3 deletions

diff --git a/conf/options/charon.conf b/conf/options/charon.conf
index 7ccb74939..f0d084bed 100644
--- a/conf/options/charon.conf
+++ b/conf/options/charon.conf
@@ -168,7 +168,7 @@ charon {
     # will be allocated.
     # port_nat_t = 4500
 
-    # Wether to prefer updating SAs to the path with the best route.
+    # Whether to prefer updating SAs to the path with the best route.
     # prefer_best_path = no
 
     # Prefer locally configured proposals for IKE/IPsec over supplied ones as
diff --git a/conf/options/charon.opt b/conf/options/charon.opt
index 3593c6a5f..900b9b46b 100644
--- a/conf/options/charon.opt
+++ b/conf/options/charon.opt
@@ -271,7 +271,7 @@ charon.port_nat_t = 4500
 	port will be allocated.
 
 charon.prefer_best_path = no
-	Wether to prefer updating SAs to the path with the best route.
+	Whether to prefer updating SAs to the path with the best route.
 
 	By default, charon keeps SAs on the routing path with addresses it
 	previously used if that path is still usable. By setting this option to
diff --git a/conf/options/imcv.conf b/conf/options/imcv.conf
index bc1f183fc..ede2d9db4 100644
--- a/conf/options/imcv.conf
+++ b/conf/options/imcv.conf
@@ -42,5 +42,22 @@ libimcv {
     # Disable output to stderr with a stand-alone libimcv library.
     # stderr_quiet = no
 
+    swid_gen {
+
+        # SWID generator command to be executed.
+        # command = /usr/local/bin/swid_generator
+
+        tag_creator {
+
+            # Name of the tagCreator entity.
+            # name = strongSwan Project
+
+            # regid of the tagCreator entity.
+            # regid = strongswan.org
+
+        }
+
+    }
+
 }
 
diff --git a/conf/options/imcv.opt b/conf/options/imcv.opt
index 33ab74bd5..177781ff7 100644
--- a/conf/options/imcv.opt
+++ b/conf/options/imcv.opt
@@ -21,6 +21,15 @@ charon.imcv.os_info.default_password_enabled = no
 charon.imcv.policy_script = ipsec _imv_policy
 	Script called for each TNC connection to generate IMV policies.
 
+libimcv.swid_gen.command = /usr/local/bin/swid_generator
+	SWID generator command to be executed.
+
+libimcv.swid_gen.tag_creator.name = strongSwan Project
+	Name of the tagCreator entity.
+
+libimcv.swid_gen.tag_creator.regid = strongswan.org
+	regid of the tagCreator entity.
+
 libimcv.debug_level = 1
 	Debug level for a stand-alone _libimcv_ library.
 
diff --git a/conf/options/sw-collector.conf b/conf/options/sw-collector.conf
new file mode 100644
index 000000000..6f588b41a
--- /dev/null
+++ b/conf/options/sw-collector.conf
@@ -0,0 +1,31 @@
+# Options for the sw-collector tool.
+sw-collector {
+
+    # URI to software collector database containing event timestamps, software
+    # creation and deletion events and collected software identifiers.
+    # database =
+
+    # Path pointing to file created when the Linux OS was installed.
+    # first_file = /var/log/bootstrap.log
+
+    # Time in UTC when the Linux OS was installed.
+    # first_time = 0000-00-00T00:00:00Z
+
+    # Path pointing to apt history.log file.
+    # history =
+
+    # Plugins to load in sw-collector tool.
+    # load =
+
+    rest_api {
+
+        # Timeout of REST API HTTP POST transaction.
+        # timeout = 120
+
+        # HTTP URI of the central collector's REST API.
+        # uri =
+
+    }
+
+}
+
diff --git a/conf/options/sw-collector.opt b/conf/options/sw-collector.opt
new file mode 100644
index 000000000..976f4f497
--- /dev/null
+++ b/conf/options/sw-collector.opt
@@ -0,0 +1,31 @@
+sw-collector {}
+	Options for the sw-collector tool.
+
+	Options for the sw-collector tool.
+
+sw-collector.database =
+	URI to software collector database containing event timestamps, software
+	creation and deletion events and collected software identifiers.
+
+	URI to software collector database containing event timestamps,	software
+	creation and deletion events and collected software identifiers.
+	If it contains a password, make sure to adjust the permissions of the config
+	file accordingly.
+
+sw-collector.first_file = /var/log/bootstrap.log
+	Path pointing to file created when the Linux OS was installed.
+
+sw-collector.first_time = 0000-00-00T00:00:00Z
+	Time in UTC when the Linux OS was installed.
+
+sw-collector.history =
+	Path pointing to apt history.log file.
+
+sw-collector.rest_api.uri =
+	HTTP URI of the central collector's REST API.
+
+sw-collector.rest_api.timeout = 120
+	Timeout of REST API HTTP POST transaction.
+
+sw-collector.load =
+	Plugins to load in sw-collector tool.
diff --git a/conf/options/swanctl.conf b/conf/options/swanctl.conf
index cb182396b..18cea486a 100644
--- a/conf/options/swanctl.conf
+++ b/conf/options/swanctl.conf
@@ -3,5 +3,8 @@ swanctl {
     # Plugins to load in swanctl.
     # load =
 
+    # VICI socket to connect to by default.
+    # socket = unix://${piddir}/charon.vici
+
 }
 
diff --git a/conf/options/swanctl.opt b/conf/options/swanctl.opt
index f78b4bccc..f2a8a0ff7 100644
--- a/conf/options/swanctl.opt
+++ b/conf/options/swanctl.opt
@@ -1,2 +1,5 @@
 swanctl.load =
-	Plugins to load in swanctl.
\ No newline at end of file
+	Plugins to load in swanctl.
+
+swanctl.socket = unix://${piddir}/charon.vici
+	VICI socket to connect to by default.