aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2/tasks
Commit message (Collapse)AuthorAgeFilesLines
* Implemented EdDSA for IKEv2 using a pro forma Identity hash functionAndreas Steffen2016-12-141-0/+32
|
* ikev2: Respond with NO_PROPOSAL_CHOSEN if proposal without DH group was selectedTobias Brunner2016-10-051-0/+1
| | | | Fixes #2051.
* ikev2: Send derived CHILD_SA keys to the busTobias Brunner2016-10-041-26/+43
|
* ikev2: Store proposal on IKE_SA before creating DH objectTobias Brunner2016-09-061-2/+5
| | | | This might be useful for custom implementations of keymat_t.
* child-rekey: Only rekey installed CHILD_SAsTobias Brunner2016-06-171-7/+14
| | | | | | | | | | | | Depending on the lifetimes a CHILD_SA we rekeyed as responder might expire shortly afterwards. We don't want to rekey it again. When retrying due to an INVALID_KE_PAYLOAD notify the expected state is CHILD_REKEYING if it is anything else (e.g. due to a collision) we ignore it. We also abort the exchange properly if we don't find the CHILD_SA, no need for an empty INFORMATIONAL exchange anymore.
* child-rekey: Ignore failed colliding CHILD_SA rekeyingsTobias Brunner2016-06-171-1/+10
| | | | | | | If a passive rekeying fails due to an INVALID_KE_PAYLOAD we don't want to consider this task later when resolving collisions. This previously might have caused the wrong SA to get deleted/installed based on the nonces in the unsuccessful exchange.
* child-create: Retry creating the CHILD_SA if TEMPORARY_FAILURE is receivedTobias Brunner2016-06-171-4/+33
| | | | We queue a delayed task that is initiated after a while.
* ike-rekey: Return TEMPORARY_FAILURE when concurrently creating a CHILD_SATobias Brunner2016-06-171-14/+35
|
* ike: Add configuration option to switch to preferring supplied proposals ↵Tobias Brunner2016-06-172-4/+8
| | | | over local ones
* child-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-171-1/+1
|
* ike-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-171-1/+1
|
* ike-rekey: Make sure to ignore task when detecting collisions if ike-init ↵Tobias Brunner2016-06-171-1/+2
| | | | | | | subtask failed For instance, if INVALID_KE_PAYLOAD is returned we don't want this task to affect any active rekeying (no new SA has been established so far).
* ike-rekey: Handle undetected collisions also if delete is delayedTobias Brunner2016-06-171-16/+26
| | | | | | | | | | | If the peer does not detect the rekey collision and deletes the old IKE_SA and then receives the colliding rekey request it will respond with TEMPORARY_FAILURE. That notify may arrive before the DELETE does, in which case we may just conclude the rekeying initiated by the peer. Also, since the IKE_SA is destroyed in any case when we receive a delete there is no point in storing the delete task in collide() as process_i() in the ike-rekey task will never be called.
* ike-rekey: There is no passive reauth task, so it will never collide with oneTobias Brunner2016-06-171-3/+2
|
* ike-rekey: Ignore colliding rekey tasks that did not create an IKE_SATobias Brunner2016-06-171-56/+64
| | | | | This simplifies collision handling and we don't need to know about these tasks when concluding the rekeying we initiated.
* ike-rekey: Properly handle situation if the peer did not notice the rekey ↵Tobias Brunner2016-06-171-0/+11
| | | | | | | | | | collision We conclude the rekeying before deleting the IKE_SA. Waiting for the potential TEMPORARY_FAILURE notify is no good because if that response does not reach us the peer will not retransmit it upon our retransmits of the rekey request if it already deleted the IKE_SA after receiving our response to the delete.
* ike-delete: Handle deletes while rekeying differently if there was a collisionTobias Brunner2016-06-171-2/+40
| | | | | We treat these as if we concluded the rekeying, the active ike-rekey task will handle the collision afterwards.
* ike-rekey: Add method to check if there was a rekey collisionTobias Brunner2016-06-172-1/+17
|
* child-delete: Reply as usual when concurrently rekeying the IKE_SATobias Brunner2016-06-171-5/+1
| | | | | As per RFC 7296, 2.25.2 (what we did before was the behavior described in RFC 4718).
* child-create: Respond with TEMPORARY_FAILURE while rekeying/deleting IKE_SATobias Brunner2016-06-171-2/+2
|
* ike-rekey: Respond with TEMPORARY_FAILURE if CHILD_SAs are currently ↵Tobias Brunner2016-06-171-1/+8
| | | | rekeyed/deleted/established
* ike-rekey: Handle TEMPORARY_FAILURE notifyTobias Brunner2016-06-171-8/+22
|
* ike-rekey: Respond with TEMPORARY_FAILURE if we are deleting the SATobias Brunner2016-06-171-0/+5
|
* ike-delete: No need to wait for a response in case of concurrent deletesTobias Brunner2016-06-171-14/+0
| | | | | RFC 7296 explicitly says we SHOULD reply as usual and forget about our own close request.
* ikev2: Add a new state to track rekeyed IKE_SAsTobias Brunner2016-06-172-31/+16
| | | | | | | | | This makes handling such IKE_SAs more specifically compared to keeping them in state IKE_CONNECTING or IKE_ESTABLISHED (which we did when we lost a collision - even triggering the ike_updown event), or using IKE_REKEYING for them, which would also be ambiguous. For instance, we can now reject anything but DELETES for such SAs.
* ike-rekey: Add the name/ID of the redundant IKE_SAs to the log messagesTobias Brunner2016-06-171-8/+13
|
* ike-rekey: Establish new IKE_SA earlier as responder, but only if no collisionTobias Brunner2016-06-171-3/+8
| | | | | | Moving to the new SA only after receiving the DELETE for the old SA was not ideal as it rendered the new SA unusable (because it simply didn't exist in the manager) if the DELETE was delayed/got dropped.
* child-delete: Check if the deleted CHILD_SA is the redundant SA of a collisionTobias Brunner2016-06-171-4/+39
| | | | | | This happens if the peer deletes the redundant SA before we are able to handle the response. The deleted SA will be in state CHILD_INSTALLED but we don't want to trigger the child_updown() event for it or recreate it.
* child-rekey: Add method to check for the redundant SA created in a collisionTobias Brunner2016-06-172-18/+37
|
* child-rekey: Don't change state to INSTALLED if it was already REKEYINGTobias Brunner2016-06-171-3/+5
| | | | | This happens if there is a rekey collision and the peers disagree on the DH group.
* ikev2: Use CHILD_REKEYED for replaced CHILD_SAs after rekeyingTobias Brunner2016-06-172-9/+12
| | | | This allows handling collisions better, in particular with deletions.
* child-rekey: Use more appropriate error notifies if CHILD_SA is not found or ↵Tobias Brunner2016-06-171-3/+8
| | | | | | getting deleted These are the notifies we should return according to RFC 7296.
* child-rekey: Recreate the CHILD_SA if we receive a CHILD_SA_NOT_FOUND notifyTobias Brunner2016-06-171-0/+28
|
* child-create: Handle TEMPORARY_FAILURE notify as failureTobias Brunner2016-06-172-4/+5
| | | | | We will later add code to retry creating the CHILD_SA if we are not rekeying. Rekeying is already rescheduled as with any other errors.
* child-delete: Remove unnecessary call to destroy_child_sa()Tobias Brunner2016-06-171-2/+0
| | | | | | | | | | | | Generally, we will not find the CHILD_SA by searching for it with the outbound SPI (the initiator of the DELETE sent its inbound SPI) - and if we found a CHILD_SA it would most likely be the wrong one (one in which we used the same inbound SPI as the peer used for the one it deletes). And we don't actually want to destroy the CHILD_SA at this point as we know we already initiated a DELETE ourselves, which means that task still has a reference to it and will destroy the CHILD_SA when it receives the response from the other peer.
* ikev2: Handle INITIAL_CONTACT notifies also when peer is authenticated with EAPTobias Brunner2016-06-061-16/+5
| | | | Fixes #1380.
* Use standard unsigned integer typesAndreas Steffen2016-03-2413-44/+44
|
* ikev2: Add task that verifies a peer's certificateTobias Brunner2016-03-102-0/+171
| | | | | | On failure the SA is deleted and reestablished as configured. The task is activated after the REAUTH_COMPLETE task so a make-before-break reauth is completed before the new SA might get torn down.
* ikev2: Diversify signature scheme ruleThomas Egerer2016-03-041-1/+1
| | | | | | | This allows for different signature schemes for IKE authentication and trustchain verification. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike-init: Verify REDIRECT notify before processing IKE_SA_INIT messageTobias Brunner2016-03-041-7/+51
| | | | | | An attacker could blindly send a message with invalid nonce data (or none at all) to DoS an initiator if we just destroy the SA. To prevent this we ignore the message and wait for the one by the correct responder.
* ike-init: Ignore notifies related to redirects during rekeyingTobias Brunner2016-03-041-3/+13
| | | | Also don't query redirect providers in this case.
* ike-redirect: Add task to redirect active IKE_SAsTobias Brunner2016-03-042-0/+204
|
* ike-auth: Handle REDIRECT notifies during IKE_AUTHTobias Brunner2016-03-041-22/+44
|
* ike-auth: Send REDIRECT notify during IKE_AUTH if requested by providersTobias Brunner2016-03-041-27/+51
| | | | | | To prevent the creation of the CHILD_SA we set a condition on the IKE_SA. We also schedule a delete job in case the client does not terminate the IKE_SA (which is a SHOULD in RFC 5685).
* ike-config: Do not assign attributes for redirected IKE_SAsTobias Brunner2016-03-041-0/+5
|
* child-create: Don't create CHILD_SA if the IKE_SA got redirected in IKE_AUTHTobias Brunner2016-03-041-0/+4
|
* ike-init: Handle REDIRECTED_FROM similar to REDIRECT_SUPPORTED as serverTobias Brunner2016-03-041-0/+17
|
* ike-init: Send REDIRECTED_FROM instead of REDIRECT_SUPPORTED if appropriateTobias Brunner2016-03-041-1/+19
|
* ikev2: Add option to disable following redirects as clientTobias Brunner2016-03-041-1/+8
|
* ikev2: Handle REDIRECT notifies during IKE_SA_INITTobias Brunner2016-03-041-0/+22
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-22 19:49:25 +0000