aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev1/tasks/mode_config.c
Commit message (Collapse)AuthorAgeFilesLines
* Use standard unsigned integer typesAndreas Steffen2016-03-241-1/+1
|
* ikev1: Send and verify IPv6 addresses correctlyTobias Brunner2016-03-031-26/+11
| | | | | | | | According to the mode-config draft there is no prefix sent for IPv6 addresses in IKEv1. We still accept 17 bytes long addresses for backwards compatibility with older strongSwan releases. Fixes #1304.
* mode-config: Reassign migrated virtual IP if client requests %anyTobias Brunner2015-11-121-1/+3
| | | | | | | | | If we mistakenly detect a new IKE_SA as a reauthentication the client won't request the previous virtual IP, but since we already migrated it we already triggered the assign_vips() hook, so we should reassign the migrated virtual IP. Fixes #1152.
* ikev1: Adopt virtual IPs on new IKE_SA during re-authenticationTobias Brunner2015-03-191-29/+83
| | | | | | | | | | | Some clients like iOS/Mac OS X don't do a mode config exchange on the new SA during re-authentication. If we don't adopt the previous virtual IP Quick Mode rekeying will later fail. If a client does do Mode Config we directly reassign the VIPs we migrated from the old SA, without querying the attributes framework. Fixes #807, #810.
* attribute-manager: Pass full IKE_SA to handler methodsMartin Willi2015-02-201-4/+2
|
* attribute-manager: Pass the full IKE_SA to provider methodsMartin Willi2015-02-201-5/+5
|
* attributes: Move the configuration attributes framework to libcharonMartin Willi2015-02-201-14/+13
|
* bus: Add a handle_vips() hook invoked after handling configuration attributesMartin Willi2014-06-171-0/+2
| | | | | | | | | Similar to assign_vips() used by a peer assigning virtual IPs to the other peer, the handle_vips() hook gets invoked on a peers after receiving attributes. On release of the same attributes the hook gets invoked again. This is useful to inspect handled attributes, as the ike_updown() hook is invoked after authentication, when attributes have not been handled yet.
* ikev1: Invoke the assign_vips() bus hook for IKEv1 as wellMartin Willi2014-06-161-0/+4
|
* ike: Store unhandled attributes on IKE_SA as wellMartin Willi2014-06-161-5/+2
|
* payload: Use common prefixes for all payload type identifiersMartin Willi2014-06-041-10/+10
| | | | | The old identifiers did not use a proper namespace and often clashed with other defines.
* ikev1: implement mode config push modeMartin Willi2013-09-041-37/+232
|
* Always send a configuration payload in IKEv1 TRANSACTIONs, even if it is emptyMartin Willi2012-09-111-29/+14
|
* Pass the full list of pools to acquire_address, enumerate in providersMartin Willi2012-09-111-20/+6
| | | | | | | | If the provider has access to the full pool list, it can enumerate them twice, for example to search for existing leases first, and only search for new leases in a second step. Fixes lease enumeration in attr-sql using multiple pools.
* Clear virtual IPs before storing assigned ones on the IKE_SATobias Brunner2012-09-051-0/+4
| | | | | Otherwise we'll end up with duplicate or invalid VIPs stored on the IKE_SA.
* In mode_config, destroy temporary pool list instead of the virtual IP list twiceMartin Willi2012-09-051-1/+1
|
* Request and acquire multiple virtual IPs in IKEv1 Mode ConfigMartin Willi2012-08-301-47/+61
|
* Pass all configured pool names to attribute provider enumeratorMartin Willi2012-08-301-2/+9
|
* Pass a list instead of a single virtual IP to attribute enumeratorsMartin Willi2012-08-301-11/+35
|
* Support multiple address pools configured on a peer_cfgMartin Willi2012-08-301-3/+10
|
* Support multiple virtual IPs on peer_cfg and ike_sa classesMartin Willi2012-08-301-5/+12
|
* Reply with received configuration payload identifier in Mode ConfigMartin Willi2012-03-201-0/+8
|
* Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-201-0/+417
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-07 11:20:21 +0000