aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/encoding/message.c
Commit message (Collapse)AuthorAgeFilesLines
* Allow more than one CERTREQ payload for IKEv2Tobias Brunner2013-02-081-2/+2
| | | | | | There is no reason not to do so (RFC 5996 explicitly mentions multiple CERTREQ payloads) and some implementations seem to use the same behavior as had to be used with IKEv1 (i.e. each CA in its own CERTREQ payload).
* Add message rules to properly handle IKE fragmentsTobias Brunner2012-12-241-0/+8
| | | | | These are sent in unencrypted messages and are the only payload contained in such messages.
* Reset the encrypted flag when handling IKE messages that contain a fragmentTobias Brunner2012-12-241-0/+6
| | | | | Racoon sets the encrypted bit for messages containing a fragment, but these messages are not really encrypted (the fragmented message is though).
* Add support for draft-ietf-ipsec-nat-t-ike-03 and earlierVolker Rümelin2012-12-191-0/+12
| | | | | This adds support for early versions of the draft that eventually resulted in RFC 3947.
* Increase the limit of acceptable IKEv1 CERTREQ payloads to 20Martin Willi2012-10-241-1/+1
|
* Don't print hexdumps on loglevel 1 if hash verification failsMartin Willi2012-07-201-3/+3
|
* Cleaned up memory management and return values for encryption payloadMartin Willi2012-07-161-14/+11
|
* Add a return value to keymat_v1_t.{get,update,confirm}_ivMartin Willi2012-07-161-9/+36
|
* Use a bool return value in keymat_v1_t.get_hash_phase2()Martin Willi2012-07-161-4/+2
|
* Store the major IKE version on ike_sa_id_t.Tobias Brunner2012-03-201-0/+1
|
* Print IKEv1 notify types in message summaryMartin Willi2012-03-201-1/+2
|
* Support IKEv1 notifies in message_t.get_notify()Martin Willi2012-03-201-1/+2
|
* Accept unencrypted Aggressive Mode messages.Tobias Brunner2012-03-201-1/+2
| | | | Racoon does not encrypt the third message during Aggressive Mode.
* Encrypt payloads of third aggressive mode messageMartin Willi2012-03-201-3/+3
|
* Cast keymat safely, not based on external inputMartin Willi2012-03-201-36/+44
|
* Accept NULL as keymat when generating a messageMartin Willi2012-03-201-4/+10
|
* Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-201-1/+1
|
* Another set of cleanups in message.cMartin Willi2012-03-201-18/+19
|
* Some coding style cleanupsMartin Willi2012-03-201-3/+6
|
* Do not trust unprotected INFORMATIONALS, just print that we got oneMartin Willi2012-03-201-13/+18
|
* Remove executable flag from source code filesMartin Willi2012-03-201-0/+0
|
* Encrypt INFORMATIONAL exchange if neededClavister OpenSource2012-03-201-11/+22
|
* Handle incoming delete messagesClavister OpenSource2012-03-201-0/+25
|
* certificate handling for XAuth responder.Clavister OpenSource2012-03-201-2/+2
|
* IKEv1: Added basic support for INFORMATIONAL exchange types, and for ↵Clavister OpenSource2012-03-201-9/+13
| | | | NOTIFY_V1 messages in the 3rd message in quick_mode.
* Message rules for IKEv1 NAT-T payloads added.Tobias Brunner2012-03-201-0/+17
|
* Added payloads for IKEv1 NAT-Traversal negotiation.Tobias Brunner2012-03-201-1/+1
|
* Handle invalid IKEv1 hashes more specifically.Tobias Brunner2012-03-201-1/+1
|
* Handle unsupported IKEv1 exchange types more specifically.Tobias Brunner2012-03-201-1/+1
|
* Handle INFORMATIONAL_V1 messages when no keys have been derived yet.Tobias Brunner2012-03-201-2/+3
| | | | | | | | This allows to gracefully process the INFORMATIONAL_V1 message rules which require the payloads to be encrypted and thus the exchange to be authenticated with a HASH payload. If such an exchange is now initiated before the ISAKMP_SA is established, the message is simply sent unencrypted and without HASH payload.
* Fixed encryption of IKEv2 messages.Tobias Brunner2012-03-201-2/+2
|
* Print message payload names after prepending IKEv1 HASH payloadMartin Willi2012-03-201-2/+2
|
* Authenticate and verify Phase 2 IKEv1 messages with appropriate hashes.Tobias Brunner2012-03-201-2/+44
|
* Merged IKEv1 attribute payload/data into configuration payload/attributeMartin Willi2012-03-201-5/+5
|
* IKEv1 ConfigMode: Added TRANSACTION exchange type. Added attribute_payload ↵Clavister OpenSource2012-03-201-0/+26
| | | | (IKEv2 equiv cp_payload) and data_attribute (IKEv2 equiv configuration_attribute) payload types. Did not combine with IKEv2 because it wasn't trivial to do so. This might be a task worth investigating in the future, because there is a decent amount of shared code here.
* Set flags on message according to IKE version when parsing header.Tobias Brunner2012-03-201-2/+8
|
* Encrypt IKEv1 messages.Tobias Brunner2012-03-201-17/+66
|
* Decrypt IKEv1 messages.Tobias Brunner2012-03-201-3/+43
|
* Provide keymat_t to message_t to encrypt/decrypt data.Tobias Brunner2012-03-201-7/+8
|
* Print message ID as unsigned integerMartin Willi2012-03-201-1/+1
|
* Added message encoding rules for quick modeMartin Willi2012-03-201-0/+65
|
* Don't clone chunk in message.get_packet_dataMartin Willi2012-03-201-1/+1
|
* Added IKEv1 support to notify payloadMartin Willi2012-03-201-11/+18
|
* Don't set IKEv2 only header flags when using IKEv1Martin Willi2012-03-201-3/+6
|
* Compile error fixed.Tobias Brunner2012-03-201-1/+2
|
* Message parsing slightly refactored, allows parsing of unencrypted IKEv1 ↵Tobias Brunner2012-03-201-40/+52
| | | | messages.
* Allow creation of message_t objects for IKEv1 packets.Tobias Brunner2012-03-201-20/+32
|
* Certificate request payloads can be sent in pretty much any IKEv1 message.Tobias Brunner2012-03-201-5/+18
|
* Message rules for IKEv1 INFORMATIONAL exchange added.Tobias Brunner2012-03-201-0/+24
| | | | | Since INFORMATIONAL "exchanges" are actually unidirectionally sent message we don't have any responder rules.
* Message rules for IKEv1 AGGRESSIVE exchange added.Tobias Brunner2012-03-201-0/+72
| | | | | These are basically the same as for ID_PROT but no payloads are expected to be encrypted (at least if using PSK or signatures for authentication).
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 20:31:28 +0000