aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ike_sa_manager.c
Commit message (Collapse)AuthorAgeFilesLines
* charon: add optional source and remote overrides for initiateTimo Teräs2017-11-201-2/+49
| | | | | | | | | | | This introduces support for specifying optional IKE SA specific source and remote address for child sa initiation. This allows to initiate wildcard connection for known address via vici. In addition this allows impler implementation of trap-any patches and is a prerequisite for dmvpn support. Signed-off-by: Timo Teräs <timo.teras@iki.fi>
* ike: Adhere to IKE_SA limit when checking out by configTobias Brunner2017-11-201-34/+37
| | | | | This prevents new SAs from getting created if we hit the global IKE_SA limit (we still allow checkout_new(), which is used for rekeying).
* ike-sa-manager: Add method to change the initiator SPI of an IKE_SATobias Brunner2017-09-041-2/+86
|
* linked-list: Change return value of find_first() and signature of its callbackTobias Brunner2017-05-261-7/+17
| | | | This avoids the unportable five pointer hack.
* Change interface for enumerator_create_filter() callbackTobias Brunner2017-05-261-24/+34
| | | | | This avoids the unportable 5 pointer hack, but requires enumerating in the callback.
* Migrate all enumerators to venumerate() interface changeTobias Brunner2017-05-261-2/+8
|
* ike-sa-manager: Improve scalability of IKE_SA count checkingThomas Egerer2017-05-191-19/+10
| | | | | | | | Much like in commit a68454b, we now use a global atomic counter to keep track of the number of IKE_SAs currently registered. This should improve scalability for a large number of segments even more. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike-sa-manager: Remove superfluous assignmentThomas Egerer2017-03-161-4/+0
| | | | | | | Memory is allocated with calloc, hence set to zero, thus assigning the numerical value 0 is not required. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ikev2: Add a new state to track rekeyed IKE_SAsTobias Brunner2016-06-171-1/+2
| | | | | | | | | This makes handling such IKE_SAs more specifically compared to keeping them in state IKE_CONNECTING or IKE_ESTABLISHED (which we did when we lost a collision - even triggering the ike_updown event), or using IKE_REKEYING for them, which would also be ambiguous. For instance, we can now reject anything but DELETES for such SAs.
* ike-sa-manager: Make sure rng is defined before destroying it in flush()Tobias Brunner2016-06-171-1/+1
| | | | This allows calling flush() multiple times.
* Use standard unsigned integer typesAndreas Steffen2016-03-241-14/+14
|
* ike-sa-manager: Avoid memory leak if IKE_SAs get checked in after flush() ↵Tobias Brunner2016-03-231-23/+38
| | | | | | | | | | | | | was called A thread might check out a new IKE_SA via checkout_new() or checkout_by_config() and start initiating it while the daemon is terminating and the IKE_SA manager is flushed by the main thread. That SA is not tracked yet so the main thread is not waiting for it and the other thread is able to check it in and creating an entry after flush() already terminated causing a memory leak. Fixes #1348.
* ike-sa-manager: Log a checkin/failure message for every checkoutThomas Egerer2016-03-071-8/+32
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike-sa-manager: Log some additional details like SPIs when checking out SAsTobias Brunner2016-03-041-7/+16
|
* ike-sa-manager: Store a reference to the thread that checked out an IKE_SATobias Brunner2016-02-171-13/+14
| | | | | | This could be helpful when debugging deadlocks that manifest around wait_for_entry(), as it helps identifying other involved threads (the thread object is seen in the thread_main() call in each thread's backtrace).
* ikev1: Always enable charon.reuse_ikesaTobias Brunner2016-02-011-2/+2
| | | | | | | | | With IKEv1 we have to reuse IKE_SAs as otherwise the responder might detect the new SA as reauthentication and will "adopt" the CHILD_SAs of the original IKE_SA, while the initiator will not do so. This could cause CHILD_SA rekeying to fail later. Fixes #1236.
* ike-sa-manager: Don't update entries for init messages after unlocking segmentTobias Brunner2016-02-011-3/+2
| | | | | | | | | | | | | If the retransmit of an initial message is processed concurrently with the original message it might not have been handled as intended as the thread processing the retransmit might not have seen the correct value of entry->processing set by the thread handling the original request. For IKEv1, i.e. without proper message IDs, there might still be races e.g. when receiving a retransmit of the initial IKE message while processing the initiator's second request. Fixes #1269.
* ike-sa-manager: Allow plugins to provide IKE SPIs via a callbackTobias Brunner2015-11-111-10/+34
| | | | | Plugins must depend on `libcharon-sa-managers` to ensure the manager exists.
* ikev1: Also use message hashes for Quick Mode for the early retransmission checkTobias Brunner2015-11-111-4/+8
| | | | | | | | | | We already did so during Phase 1 but because all three Quick Mode message have the same message ID we occasionally dropped the third message as retransmit, so we do it there too. For INFORMATIONAL and TRANSACTION exchanges we don't expect more than one inbound message with the same message ID so we still use them there. Fixes #1198.
* ike-sa-manager: Signal entries that we don't actually check outTobias Brunner2015-11-091-1/+8
| | | | | | | | | In some cases we call wait_for_entry() but don't actually check out the entry afterwards (e.g. because it doesn't match certain criteria). So there won't be a call to checkin() for such entries causing waiting threads to get signaled. Instead, such threads would be blocked until another thread properly checks out/in the entry (or does a blocking enumeration).
* ike-sa-manager: Signal waiting threads after check out/in for uniqueness checkTobias Brunner2015-11-091-0/+3
| | | | Fixes 758b1caa0e75 ("ikev1: Prevent deadlock when checking for duplicate IKEv1 SAs")
* ikev1: Prevent deadlock when checking for duplicate IKEv1 SAsTobias Brunner2015-10-291-0/+16
| | | | | | | | | | | Previously, the current segment was held while checking for duplicate SAs, which requires acquiring all segments. If multiple threads did this concurrently this resulted in a deadlock as they couldn't acquire the segments held by the other threads attempting to do the same. With the default configuration only one segment is used, which prevents the problem as only one thread can check in an IKE SA concurrently. Fixes: a064eaa8a63a ("Handling of initial contact")
* ike: Fix half-open count for initiating SAs when initially checked inTobias Brunner2015-08-271-0/+6
|
* ike: Only consider number of half-open SAs as responder when deciding ↵Tobias Brunner2015-08-271-7/+30
| | | | whether COOKIEs are sent
* ike: Also track initiating IKE_SAs as half-openTobias Brunner2015-08-211-1/+0
|
* ikev2: Compare initiator flag again, partially reverts 17ec1c74deTobias Brunner2015-08-201-0/+2
| | | | | We should ignore messages that have the flag set incorrectly. This restores RFC compliance which was broken since the mentioned commit.
* ike-sa-manager: Safely access the RNG instance with an rwlockTobias Brunner2015-07-141-5/+16
| | | | | | | | | | | Threads might still be allocating SPIs (e.g. triggered by an acquire or an inbound message) while the main thread calls flush(). If there is a context switch right after such a thread successfully checked this->rng in get_spi() and the main thread destroys the RNG instance right then, that worker thread will cause a segmentation fault when it continues and attempts to call get_bytes(). Fixes #1014.
* ikev1: Trigger children_migrate event if CHILD_SAs are adoptedTobias Brunner2015-05-211-1/+3
|
* ikev1: Adopt virtual IPs on new IKE_SA during re-authenticationTobias Brunner2015-03-191-3/+28
| | | | | | | | | | | Some clients like iOS/Mac OS X don't do a mode config exchange on the new SA during re-authentication. If we don't adopt the previous virtual IP Quick Mode rekeying will later fail. If a client does do Mode Config we directly reassign the VIPs we migrated from the old SA, without querying the attributes framework. Fixes #807, #810.
* ike-sa-manager: Make sure the message ID of initial messages is 0Tobias Brunner2015-03-041-1/+2
| | | | | | | | | | | | | | | | | It is mandated by the RFCs and it is expected by the task managers. Initial messages with invalid MID will be treated like regular messages, so no IKE_SA will be created for them. Instead, if the responder SPI is 0 no SA will be found and the message is rejected with ALERT_INVALID_IKE_SPI. If an SPI is set and we do find an SA, then we either ignore the message because the MID is unexpected, or because we don't allow initial messages on established connections. There is one exception, though, if an attacker can slip in an IKE_SA_INIT with both SPIs set before the client's IKE_AUTH is handled by the server, it does get processed (see next commit). References #816.
* ikev2: Don't adopt any CHILD_SA during make-before-break reauthenticationMartin Willi2015-03-041-1/+2
| | | | | | | | | While the comment is rather clear that we should not adopt live CHILD_SAs during reauthentication in IKEv2, the code does nonetheless. Add an additional version check to fix reauthentication if the reauth responder has a replace uniqueids policy. Fixes #871.
* ike-sa-manager: Use IKEv1 uniqueness reauthentication detection for IKEv2, tooMartin Willi2015-02-201-12/+8
|
* ike-sa-manager: Remove IKE_SA checkout by CHILD_SA reqidMartin Willi2015-02-201-29/+10
|
* ikev1: Don't inherit children if INITITAL_CONTACT was seenThomas Egerer2014-10-301-1/+4
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike: Do not cache MID of IKEv2 fragmentsTobias Brunner2014-10-101-2/+3
| | | | | This fails if there are unencrypted payloads before an encrypted fragment payload in the first fragment.
* ike-sa-manager: Use transient hasher for IKE_SA_INIT hash calculationChristophe Gouault2014-08-251-32/+11
| | | | | | | | | | | | | | | | To check if a received IKE_SA_INIT request is a new request or a retransmit, charon maintains hashes of the pending IKE_SA_INIT exchanges. However, the hash calculation is not reentrant because a single hasher is used for the whole IKE SA manager. It leads to bogus calculations under high load and hence dropped messages on responder (IkeInInvalidSpi incremented). Don't share a single hasher in the IKE SA manager, create a transient one whenever a message must be hashed. Signed-off-by: Christophe Gouault <christophe.gouault@6wind.com>
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-041-2/+2
| | | | | The old identifiers did not use a proper namespace and often clashed with other defines.
* ike-sa-manager: Improve scalability of half-open IKE_SA checkingTobias Brunner2014-04-241-7/+8
| | | | | | | | | | | | | | | This patch is based on one by Christoph Gouault. Currently, to count the total number of half_open IKE_SAs, get_half_open_count sums up the count of each segment in the SA hash table (acquiring a lock for each segment). This procedure does not scale well when the number of segments increases, as the method is called for each new negotiation. Instead, lets maintain a global atomic counter. This optimization allows the use of big values for charon.ikesa_table_size and charon.ikesa_table_segments.
* libcharon: Use lib->ns instead of charon->nameTobias Brunner2014-02-121-4/+4
|
* Remove HASH_PREFERRED, usages are replaced with HASH_SHA1, which is required ↵Tobias Brunner2013-10-111-1/+1
| | | | for IKEv2 anyway
* ikev1: Accept reauthentication attempts with a keep unique policy from same hostMartin Willi2013-09-301-6/+17
| | | | | | | When we have a "keep" unique policy in place, we have to be less strict in rejecting Main/Aggressive Modes to enforce it. If the host/port equals to that of an existing ISAKMP SA, we assume it is a reauthentication attempt and accept the new SA (to replace the old).
* ikev1: Delay a potential delete for a duplicate IKE_SA having a replace policyMartin Willi2013-09-301-8/+29
| | | | | | | | | Sending a DELETE for the replaced SA immediately is problematic during reauthentication, as the peer might have associated the Quick Modes to the old SA, and also delete them. With this change the delete for the old ISAKMP SA is usually omitted, as it is gets implicitly deleted by the reauth.
* Merge branch 'ikev1-rekeying'Martin Willi2013-03-011-0/+21
|\ | | | | | | | | Migrates Quick Modes to the new Main Mode if an IKEv1 reauthentication replaces the old Main Mode having a uniqueids=replace policy.
| * When detecting a duplicate IKEv1 SA, adopt children, as it might be a rekeyingMartin Willi2013-02-201-0/+21
| |
* | Merge branch 'ikev1-mm-retransmits'Martin Willi2013-03-011-26/+28
|\ \ | | | | | | | | | | | | | | | Fixes retransmit of the last Main Mode or IKE_AUTH message, and correctly queues Main Mode messages when processing of the last message is still in progress.
| * | For IKEv1 Main Mode, use message hash to detect early retransmissionsMartin Willi2013-02-251-10/+23
| | | | | | | | | | | | | | | As the message ID is zero in all Main Mode messages, it can't be used to detect if we are already processing a given message.
| * | Use INIT macro to initialize IKE_SA manager entriesMartin Willi2013-02-251-17/+6
| |/
* / Trigger an updown event when destroying an IKE_SA based on INITIAL_CONTACTTobias Brunner2013-02-281-0/+1
|/ | | | | In other cases (i.e. when functions return DESTROY_ME) the event should already be triggered, but not in this forced situation.
* Include source port in init hash for fragmented messagesTobias Brunner2012-12-241-1/+8
|
* Map fragmented initial initial Main or Aggressive Mode messages to the same ↵Tobias Brunner2012-12-241-1/+17
| | | | IKE_SA
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-02 20:46:17 +0000