aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa/ikev2
Commit message (Collapse)AuthorAgeFilesLines
...
* ike-rekey: Properly handle situation if the peer did not notice the rekey ↵Tobias Brunner2016-06-171-0/+11
| | | | | | | | | | collision We conclude the rekeying before deleting the IKE_SA. Waiting for the potential TEMPORARY_FAILURE notify is no good because if that response does not reach us the peer will not retransmit it upon our retransmits of the rekey request if it already deleted the IKE_SA after receiving our response to the delete.
* ike-delete: Handle deletes while rekeying differently if there was a collisionTobias Brunner2016-06-171-2/+40
| | | | | We treat these as if we concluded the rekeying, the active ike-rekey task will handle the collision afterwards.
* ike-rekey: Add method to check if there was a rekey collisionTobias Brunner2016-06-172-1/+17
|
* ikev2: Check for collisions after handling IKE deletionTobias Brunner2016-06-171-1/+5
|
* child-delete: Reply as usual when concurrently rekeying the IKE_SATobias Brunner2016-06-171-5/+1
| | | | | As per RFC 7296, 2.25.2 (what we did before was the behavior described in RFC 4718).
* child-create: Respond with TEMPORARY_FAILURE while rekeying/deleting IKE_SATobias Brunner2016-06-171-2/+2
|
* ike-rekey: Respond with TEMPORARY_FAILURE if CHILD_SAs are currently ↵Tobias Brunner2016-06-171-1/+8
| | | | rekeyed/deleted/established
* ike-rekey: Handle TEMPORARY_FAILURE notifyTobias Brunner2016-06-171-8/+22
|
* ike-rekey: Respond with TEMPORARY_FAILURE if we are deleting the SATobias Brunner2016-06-171-0/+5
|
* ike-delete: No need to wait for a response in case of concurrent deletesTobias Brunner2016-06-171-14/+0
| | | | | RFC 7296 explicitly says we SHOULD reply as usual and forget about our own close request.
* ikev2: Add a new state to track rekeyed IKE_SAsTobias Brunner2016-06-173-41/+41
| | | | | | | | | This makes handling such IKE_SAs more specifically compared to keeping them in state IKE_CONNECTING or IKE_ESTABLISHED (which we did when we lost a collision - even triggering the ike_updown event), or using IKE_REKEYING for them, which would also be ambiguous. For instance, we can now reject anything but DELETES for such SAs.
* ike-rekey: Add the name/ID of the redundant IKE_SAs to the log messagesTobias Brunner2016-06-171-8/+13
|
* ike-rekey: Establish new IKE_SA earlier as responder, but only if no collisionTobias Brunner2016-06-171-3/+8
| | | | | | Moving to the new SA only after receiving the DELETE for the old SA was not ideal as it rendered the new SA unusable (because it simply didn't exist in the manager) if the DELETE was delayed/got dropped.
* child-delete: Check if the deleted CHILD_SA is the redundant SA of a collisionTobias Brunner2016-06-171-4/+39
| | | | | | This happens if the peer deletes the redundant SA before we are able to handle the response. The deleted SA will be in state CHILD_INSTALLED but we don't want to trigger the child_updown() event for it or recreate it.
* child-rekey: Add method to check for the redundant SA created in a collisionTobias Brunner2016-06-172-18/+37
|
* child-rekey: Don't change state to INSTALLED if it was already REKEYINGTobias Brunner2016-06-171-3/+5
| | | | | This happens if there is a rekey collision and the peers disagree on the DH group.
* ikev2: Use CHILD_REKEYED for replaced CHILD_SAs after rekeyingTobias Brunner2016-06-172-9/+12
| | | | This allows handling collisions better, in particular with deletions.
* child-rekey: Use more appropriate error notifies if CHILD_SA is not found or ↵Tobias Brunner2016-06-171-3/+8
| | | | | | getting deleted These are the notifies we should return according to RFC 7296.
* child-rekey: Recreate the CHILD_SA if we receive a CHILD_SA_NOT_FOUND notifyTobias Brunner2016-06-171-0/+28
|
* child-create: Handle TEMPORARY_FAILURE notify as failureTobias Brunner2016-06-172-4/+5
| | | | | We will later add code to retry creating the CHILD_SA if we are not rekeying. Rekeying is already rescheduled as with any other errors.
* child-delete: Remove unnecessary call to destroy_child_sa()Tobias Brunner2016-06-171-2/+0
| | | | | | | | | | | | Generally, we will not find the CHILD_SA by searching for it with the outbound SPI (the initiator of the DELETE sent its inbound SPI) - and if we found a CHILD_SA it would most likely be the wrong one (one in which we used the same inbound SPI as the peer used for the one it deletes). And we don't actually want to destroy the CHILD_SA at this point as we know we already initiated a DELETE ourselves, which means that task still has a reference to it and will destroy the CHILD_SA when it receives the response from the other peer.
* task-manager: Add retransmit cleared alertTobias Brunner2016-06-061-0/+7
|
* task-manager: Add retransmit count to retransmit send alertThomas Egerer2016-06-061-1/+2
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ikev2: Handle INITIAL_CONTACT notifies also when peer is authenticated with EAPTobias Brunner2016-06-061-16/+5
| | | | Fixes #1380.
* Use standard unsigned integer typesAndreas Steffen2016-03-2418-94/+94
|
* ikev2: Delay online revocation checks during make-before-break reauthenticationTobias Brunner2016-03-101-0/+5
| | | | | | | | | | | | | | | | | | | | | We do these checks after the SA is fully established. When establishing an SA the responder is always able to install the CHILD_SA created with the IKE_SA before the initiator can do so. During make-before-break reauthentication this could cause traffic sent by the responder to get dropped if the installation of the SA on the initiator is delayed e.g. by OCSP/CRL checks. In particular, if the OCSP/CRL URIs are reachable via IPsec tunnel (e.g. with rightsubnet=0.0.0.0/0) the initiator is unable to reach them during make-before-break reauthentication as it wouldn't be able to decrypt the response that the responder sends using the new CHILD_SA. By delaying the revocation checks until the make-before-break reauthentication is completed we avoid the problems described above. Since this only affects reauthentication, not the original IKE_SA, and the delay until the checks are performed is usually not that long this doesn't impose much of a reduction in the overall security.
* ikev2: Add task that verifies a peer's certificateTobias Brunner2016-03-103-0/+176
| | | | | | On failure the SA is deleted and reestablished as configured. The task is activated after the REAUTH_COMPLETE task so a make-before-break reauth is completed before the new SA might get torn down.
* ikev2: Initiate other tasks after a no-op taskTobias Brunner2016-03-101-1/+1
|
* ikev2: Don't do online revocation checks in pubkey authenticator if requestedTobias Brunner2016-03-101-1/+8
| | | | We also update the auth config so the constraints are not enforced.
* credential-manager: Make online revocation checks optional for public key ↵Tobias Brunner2016-03-101-1/+1
| | | | enumerator
* ikev2: Always store signature scheme in auth-cfgTobias Brunner2016-03-041-12/+1
| | | | As we use a different rule we can always store the scheme.
* ikev2: Diversify signature scheme ruleThomas Egerer2016-03-042-3/+4
| | | | | | | This allows for different signature schemes for IKE authentication and trustchain verification. Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike-init: Verify REDIRECT notify before processing IKE_SA_INIT messageTobias Brunner2016-03-041-7/+51
| | | | | | An attacker could blindly send a message with invalid nonce data (or none at all) to DoS an initiator if we just destroy the SA. To prevent this we ignore the message and wait for the one by the correct responder.
* ikev2: Allow tasks to verify request messages before processing themTobias Brunner2016-03-041-4/+47
|
* ikev2: Allow tasks to verify response messages before processing themTobias Brunner2016-03-041-1/+27
|
* ike-init: Ignore notifies related to redirects during rekeyingTobias Brunner2016-03-041-3/+13
| | | | Also don't query redirect providers in this case.
* ike-redirect: Add task to redirect active IKE_SAsTobias Brunner2016-03-043-0/+215
|
* ike-auth: Handle REDIRECT notifies during IKE_AUTHTobias Brunner2016-03-041-22/+44
|
* ike-auth: Send REDIRECT notify during IKE_AUTH if requested by providersTobias Brunner2016-03-041-27/+51
| | | | | | To prevent the creation of the CHILD_SA we set a condition on the IKE_SA. We also schedule a delete job in case the client does not terminate the IKE_SA (which is a SHOULD in RFC 5685).
* ike-config: Do not assign attributes for redirected IKE_SAsTobias Brunner2016-03-041-0/+5
|
* child-create: Don't create CHILD_SA if the IKE_SA got redirected in IKE_AUTHTobias Brunner2016-03-041-0/+4
|
* ike-init: Handle REDIRECTED_FROM similar to REDIRECT_SUPPORTED as serverTobias Brunner2016-03-041-0/+17
|
* ike-init: Send REDIRECTED_FROM instead of REDIRECT_SUPPORTED if appropriateTobias Brunner2016-03-041-1/+19
|
* ikev2: Add option to disable following redirects as clientTobias Brunner2016-03-041-1/+8
|
* ikev2: Handle REDIRECT notifies during IKE_SA_INITTobias Brunner2016-03-041-0/+22
|
* ike-init: Send REDIRECT notify during IKE_SA_INIT if requested by providersTobias Brunner2016-03-041-0/+17
|
* ike-init: Send REDIRECT_SUPPORTED as initiatorTobias Brunner2016-03-041-0/+5
|
* ike-init: Enable redirection extension if client sends REDIRECT_SUPPORTED notifyTobias Brunner2016-03-041-0/+4
|
* libhydra: Move kernel interface to libcharonTobias Brunner2016-03-034-18/+12
| | | | This moves hydra->kernel_interface to charon->kernel.
* ikev2: Use config value for sending of vendor IDsThomas Egerer2016-03-011-13/+43
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-21 18:55:05 +0000