aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Collapse)AuthorAgeFilesLines
...
* Check rng return value when generating fake NAT detection payloadsTobias Brunner2012-07-161-2/+2
|
* Nonce: Let get_nonce, allocate_nonce return booleanReto Buerki2012-07-162-3/+19
|
* Add a return value to prf_t.set_key()Martin Willi2012-07-161-13/+16
|
* Add a return value to prf_t.allocate_bytes()Martin Willi2012-07-161-11/+26
|
* Add a return value to keymat_v2_t.get_auth_octets()Martin Willi2012-07-163-17/+24
|
* Add a return value to keymat_v2_t.get_psk_sig()Martin Willi2012-07-164-24/+39
|
* prf_plus_create() can return NULL on failureMartin Willi2012-07-161-0/+10
|
* Add a return value to prf_plus_t.allocate_bytes()Martin Willi2012-07-161-13/+62
|
* Add a return value to signer_t.set_key()Martin Willi2012-07-161-2/+14
|
* Add a return value to aead_t.set_key()Martin Willi2012-07-161-2/+10
|
* Simplify NAT-D payload creation if UDP encapsulation is forcedTobias Brunner2012-07-131-2/+2
| | | | | We don't need any address lookups in that case as the content of the payload is generated randomly anyway.
* Ignore a received %any virtual IP for installationMartin Willi2012-06-261-1/+2
|
* Centralized thread cancellation in processor_tTobias Brunner2012-06-251-8/+19
| | | | | | | | | | This ensures that no threads are active when plugins and the rest of the daemon are unloaded. callback_job_t was simplified a lot in the process as its main functionality is now contained in processor_t. The parent-child relationships were abandoned as these were only needed to simplify job cancellation.
* Try to rekey without KE exchange if peer returns INVALID_KE_PAYLOAD(NONE)Martin Willi2012-06-081-1/+8
| | | | | | According to RFC5996, implementations should just ignore the KE payload if they select a non-PFS proposals. Some implementations don't, but return MODP_NONE in INVALID_KE_PAYLOAD, hence we accept that, too.
* As responder, enforce the same configuration while rekeying CHILD_SAsMartin Willi2012-06-063-1/+19
|
* Fix MOBIKE address update if responder address changed.Tobias Brunner2012-05-251-2/+2
| | | | | Use the source address of the current MOBIKE message as peer address instead of assuming the address cached on the IKE_SA is still valid.
* Don't queue delete_ike_sa job when setting IKE_DELETING.Tobias Brunner2012-05-251-1/+1
| | | | | This avoids deleting IKE_SAs during reauthentication (without trying to reestablish them).
* Integrated main parts of IKE_REAUTH task into ike_sa_t.reestablish.Tobias Brunner2012-05-251-87/+3
|
* Make task managers flush_queue() method publicMartin Willi2012-05-211-9/+30
|
* Use separate Doxygen groups for IKEv1 and IKEv2 entities (authenticators, ↵Tobias Brunner2012-05-1824-25/+25
| | | | tasks etc.).
* Use nonce_gen instead of rng to generate noncesAdrian-Ken Rueegsegger2012-05-182-22/+22
| | | | | Replace usage of rng plugin with nonce generator to create nonces in IKE_INIT, CHILD_CREATE and QUICK_MODE tasks and the IKEv1 phase 1 helper.
* Add create_nonce_gen function to keymat interfaceAdrian-Ken Rueegsegger2012-05-181-0/+7
| | | | This function returns a nonce generator object.
* vendor ID cosmeticsAndreas Steffen2012-05-051-2/+2
|
* Use name from initialization to access settings in libcharon.Tobias Brunner2012-05-035-9/+11
| | | | Also fixes several whitespace errors.
* Merge branch 'ikev1'Martin Willi2012-05-024-27/+34
| | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/encoding/generator.c src/libcharon/encoding/payloads/notify_payload.c src/libcharon/encoding/payloads/notify_payload.h src/libcharon/encoding/payloads/payload.c src/libcharon/network/receiver.c src/libcharon/sa/authenticator.c src/libcharon/sa/authenticator.h src/libcharon/sa/ikev2/tasks/ike_init.c src/libcharon/sa/task_manager.c src/libstrongswan/credentials/auth_cfg.c
* Merge branch 'ikev1-clean' into ikev1-masterMartin Willi2012-03-203-22/+23
| | | | | | | | | | | | | | | | | | | | Conflicts: configure.in man/ipsec.conf.5.in src/libcharon/daemon.c src/libcharon/plugins/eap_ttls/eap_ttls_peer.c src/libcharon/plugins/eap_radius/eap_radius_accounting.c src/libcharon/plugins/eap_radius/eap_radius_forward.c src/libcharon/plugins/farp/farp_listener.c src/libcharon/sa/ike_sa.c src/libcharon/sa/keymat.c src/libcharon/sa/task_manager.c src/libcharon/sa/trap_manager.c src/libstrongswan/plugins/x509/x509_cert.c src/libstrongswan/utils.h Applied lost changes of moved files keymat.c and task_manager.c. Updated listener_t.message hook signature in new plugins.
* Store the major IKE version on ike_sa_id_t.Tobias Brunner2012-03-201-1/+2
|
* Check if we actually have a packet before retransmitting itMartin Willi2012-03-201-1/+1
|
* Invoke bus_t.message hook twice, once plain and parsed, once encoded and ↵Martin Willi2012-03-201-2/+3
| | | | encrypted
* Pass IKEv1 specific keymat to ike_keys hookMartin Willi2012-03-201-2/+2
|
* Get a reference for the child_cfg passed to child_create_create()Martin Willi2012-03-201-2/+2
|
* Do not query CHILD_SA during delete if they already expiredMartin Willi2012-03-204-16/+38
|
* Added a keymat_t version to cast it safelyMartin Willi2012-03-201-0/+7
|
* Handle initiation of not supported IKE versions properlyMartin Willi2012-03-202-9/+17
|
* Fixed scheduling of IKEv2 init tasks in a second keyingtryMartin Willi2012-03-201-20/+42
|
* Moved eap/xauth classes out of protocol specific subdirectoriesMartin Willi2012-03-205-463/+1
|
* Moved MOBIKE task creation to protocol specific task managerMartin Willi2012-03-201-1/+18
|
* Check in task manager if we have to requeue IKE tasks in a non-first keyingtryMartin Willi2012-03-201-13/+42
|
* Moved IKE_SA reauth task creation to protocol specific task managerMartin Willi2012-03-201-0/+8
|
* Moved IKE_SA rekey task creation to protocol specific task managerMartin Willi2012-03-201-0/+7
|
* Moved IKE_SA delete task creation to protocol specific task managerMartin Willi2012-03-201-0/+7
|
* Moved CHILD_SA delete task creation to protocol specific task managerMartin Willi2012-03-201-0/+7
|
* Moved CHILD_SA rekey task creation to protocol specific task managerMartin Willi2012-03-201-0/+7
|
* Moved CHILD_SA initiate task creation to protocol specific task managerMartin Willi2012-03-201-0/+15
|
* Moved IKE_SA initiate task creation to protocol specific task managerMartin Willi2012-03-201-0/+25
|
* Moved liveness checking task creation to protocol specific task managerMartin Willi2012-03-201-0/+21
|
* Separated libcharon/sa directory with ikev1 and ikev2 subfoldersMartin Willi2012-03-2052-0/+15398
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 01:50:01 +0000