aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon/sa
Commit message (Collapse)AuthorAgeFilesLines
* mode-config: Reassign migrated virtual IP if client requests %anyTobias Brunner2015-11-121-1/+3
| | | | | | | | | If we mistakenly detect a new IKE_SA as a reauthentication the client won't request the previous virtual IP, but since we already migrated it we already triggered the assign_vips() hook, so we should reassign the migrated virtual IP. Fixes #1152.
* ike-sa-manager: Allow plugins to provide IKE SPIs via a callbackTobias Brunner2015-11-112-11/+54
| | | | | Plugins must depend on `libcharon-sa-managers` to ensure the manager exists.
* ikev1: Also use message hashes for Quick Mode for the early retransmission checkTobias Brunner2015-11-111-4/+8
| | | | | | | | | | We already did so during Phase 1 but because all three Quick Mode message have the same message ID we occasionally dropped the third message as retransmit, so we do it there too. For INFORMATIONAL and TRANSACTION exchanges we don't expect more than one inbound message with the same message ID so we still use them there. Fixes #1198.
* kernel-interface: Pass the same data to del_policy() that was passed to ↵Tobias Brunner2015-11-102-98/+107
| | | | | | | add_policy() The additional data can be helpful to identify the exact policy to delete.
* trap-manager: Also clean up remote address in error casesTobias Brunner2015-11-101-0/+2
| | | | Fixes #1201.
* traffic-selector: Don't end printf'ed list of traffic selectors with a spaceTobias Brunner2015-11-104-7/+7
|
* ike-natd: Create fake NAT-D payloads in a more static wayTobias Brunner2015-11-091-20/+8
| | | | | | | | | | | | | | | In some scenarios an IKE_SA might get restarted multiple times (e.g. due to retransmits and delayed INVALID_KE_PAYLOAD notifies) so that two IKE_SA_INIT messages might be sent that only differ in the previously randomly generated NAT_DETECTION_SOURCE_IP payload. This could cause an authentication failure on the responder if the two peers don't use the same IKE_SA_INIT message in their InitiatorSignedOctets. While the payload is generated in a reproducible way it will still change when the daemon is restarted, which should make detecting the payloads as fake a bit harder (compared to e.g. just using 0.0.0.0:0 as address). Fixes #1131.
* ike-sa-manager: Signal entries that we don't actually check outTobias Brunner2015-11-091-1/+8
| | | | | | | | | In some cases we call wait_for_entry() but don't actually check out the entry afterwards (e.g. because it doesn't match certain criteria). So there won't be a call to checkin() for such entries causing waiting threads to get signaled. Instead, such threads would be blocked until another thread properly checks out/in the entry (or does a blocking enumeration).
* ike-sa-manager: Signal waiting threads after check out/in for uniqueness checkTobias Brunner2015-11-091-0/+3
| | | | Fixes 758b1caa0e75 ("ikev1: Prevent deadlock when checking for duplicate IKEv1 SAs")
* ikev1: Fix calculation of DPD timeoutTobias Brunner2015-11-091-0/+2
| | | | | A DPD timeout job is queued whenever a DPD is sent, i.e. after the DPD delay already has elapsed, so we have to compensate for that.
* xauth: Call authorize() hook also when xauth-noauth is usedTobias Brunner2015-11-091-2/+8
| | | | Fixes #1138.
* ikev2: Fix size of key material for CAMELLIA-CTRTobias Brunner2015-10-301-0/+1
| | | | Like AES in CTR mode it includes a 4 byte nonce.
* ike-mobike: Send retransmits to the current local and remote addressesTobias Brunner2015-10-301-1/+5
| | | | | | These might have changed by a peer-initiated MOBIKE address update. Fixes #1125.
* ikev1: Handle queued INFORMATIONAL message after receiving the last AM requestTobias Brunner2015-10-301-0/+16
|
* ikev1: Queue INFORMATIONAL request if AM is not complete yetTobias Brunner2015-10-301-6/+13
|
* ikev1: Handle queued TRANSACTION messages only after processing repliesTobias Brunner2015-10-301-1/+2
|
* ikev1: Extract queueing of TRANSACTIONAL requests when MM is not complete yetTobias Brunner2015-10-301-17/+27
|
* ikev1: Drop TRANSACTION/QUICK_MODE requests until we received the last AM ↵Tobias Brunner2015-10-301-0/+32
| | | | message
* ikev1: Make maximum number of IKEv1 phase 2 exchanges we keep state about ↵Tobias Brunner2015-10-301-9/+11
| | | | | | configurable Fixes #1128.
* ikev1: Avoid fourth QM message if third QM messages of multiple exchanges ↵Tobias Brunner2015-10-292-2/+14
| | | | | | | | | | | | are handled delayed If we haven't received the third QM message for multiple exchanges the return value of NEED_MORE for passive tasks that are not responsible for a specific exchange would trigger a fourth empty QM message. Fixes: 4de361d92c54 ("ikev1: Fix handling of overlapping Quick Mode exchanges") References #1076.
* ikev1: Prevent deadlock when checking for duplicate IKEv1 SAsTobias Brunner2015-10-291-0/+16
| | | | | | | | | | | Previously, the current segment was held while checking for duplicate SAs, which requires acquiring all segments. If multiple threads did this concurrently this resulted in a deadlock as they couldn't acquire the segments held by the other threads attempting to do the same. With the default configuration only one segment is used, which prevents the problem as only one thread can check in an IKE SA concurrently. Fixes: a064eaa8a63a ("Handling of initial contact")
* shunt-manager: Resolve %dynamic to %any4/6 before installing policiesTobias Brunner2015-09-161-7/+22
| | | | | | | | left|rightsubnet default to %dynamic, which is basically 0.0.0.0/0 until an address is assigned to it. So if only one side was undefined and the other traffic selector was IPv6 an address family mismatch would occur. References #595.
* shunt-manager: Don't install policies in case of an address family or IP ↵Tobias Brunner2015-09-161-0/+20
| | | | | | protocol mismatch References #595.
* trap-manager: Cleanup local address in error casesTobias Brunner2015-08-271-0/+2
|
* ike: Fix half-open count for initiating SAs when initially checked inTobias Brunner2015-08-271-0/+6
|
* ike: Only consider number of half-open SAs as responder when deciding ↵Tobias Brunner2015-08-272-11/+35
| | | | whether COOKIEs are sent
* ike: Also track initiating IKE_SAs as half-openTobias Brunner2015-08-211-1/+0
|
* child-rekey: Don't add a REKEY_SA notify if the child-create task is ↵Tobias Brunner2015-08-211-6/+9
| | | | deleting the SA
* child-create: Cache proposed IPsec protocolTobias Brunner2015-08-211-10/+13
| | | | | This allows us to DELETE CHILD_SAs on failures that occur before we retrieved the selected proposal.
* child-create: Don't attempt to delete the SA if we don't have all the ↵Tobias Brunner2015-08-211-8/+10
| | | | | | | information Since we only support single protocols we could probably guess it and always send a DELETE.
* child-rekey: Remove redundant migrate() call for child-create sub-taskTobias Brunner2015-08-211-2/+1
| | | | | | | When retrying due to a DH group mismatch this is already done by the child-create task itself. And in other cases where the task returns NEED_MORE we actually will need access to a possible proposal to properly delete it.
* child-create: Fix crash when retrying CHILD_SA rekeying due to a DH group ↵Tobias Brunner2015-08-211-0/+1
| | | | | | | | | | mismatch If the responder declines our KE payload during a CHILD_SA rekeying migrate() is called to reuse the child-create task. But the child-rekey task then calls the same method again. Fixes: 32df0d81fb46 ("child-create: Destroy nonceg in migrate()")
* ikev1: Fix handling of overlapping Quick Mode exchangesTobias Brunner2015-08-203-2/+70
| | | | | | | | | | | | | In some cases the third message of a Quick Mode exchange might arrive after the first message of a subsequent Quick Mode exchange. Previously these messages were handled incorrectly and the second Quick Mode exchange failed. Some implementations might even try to establish multiple Quick Modes simultaneously, which is explicitly allowed in RFC 2409. We don't fully support that, though, in particular in case of retransmits. Fixes #1076.
* ikev2: Compare initiator flag again, partially reverts 17ec1c74deTobias Brunner2015-08-202-1/+5
| | | | | We should ignore messages that have the flag set incorrectly. This restores RFC compliance which was broken since the mentioned commit.
* ikev1: Pass current auth-cfg when looking for key to determine auth methodTobias Brunner2015-08-191-1/+1
| | | | | | | | | If multiple certificates use the same subjects we might choose the wrong one otherwise. This way we use the one referenced with leftcert and stored in the auth-cfg and we actually do the same thing later in the pubkey authenticator. Fixes #1077.
* ikev2: Store outer EAP method used to authenticate remote peer in auth-cfgTobias Brunner2015-08-191-0/+9
| | | | | | | This allows symmetric configuration of EAP methods (i.e. the same value in leftauth and rightauth) when mutual EAP-only authentication is used. Previously the client had to configure rightauth=eap or rightauth=any, which prevented it from using this same config as responder.
* ike: Use the original port when remote resolves to %anyTobias Brunner2015-08-191-1/+3
| | | | | | When reestablishing the IKE_SA we should still use the original port when right resolves to %any as some implementations might not like initial IKE messages on port 4500 (especially for IKEv1).
* trap-manager: Enable auto=route with right=%any for transport mode connectionsTobias Brunner2015-08-191-27/+118
| | | | Fixes #196.
* child-sa: Fix refcounting of allocated reqidsTobias Brunner2015-08-171-3/+12
| | | | | | | | | | | During a rekeying we want to reuse the current reqid, but if the new SA does not allocate it via kernel-interface the state there will disappear when the old SA is destroyed after the rekeying. When the IKE_SA is later reauthenticated with make-before-break reauthentication the new CHILD_SAs there will get new reqids as no existing state is found in the kernel-interface, breaking policy installation in the kernel. Fixes: a49393954f31 ("child-sa: Use any fixed reqid configured on the CHILD_SA config")
* plugin-feature: Add vendor specific EAP method registration macrosTobias Brunner2015-08-171-1/+2
| | | | | | | | | | | Vendor specific EAP methods may be registered with: PLUGIN_CALLBACK(eap_method_register, <constructor>), PLUGIN_PROVIDE(EAP_SERVER_VENDOR, <type>, <vendor>), Same for client implementations via EAP_PEER_VENDOR. References #969.
* Initialize variables that some compilers seem to warn aboutTobias Brunner2015-08-131-1/+1
|
* ike: Disable NAT keepalives in state PASSIVEThomas Egerer2015-08-041-3/+12
| | | | Signed-off-by: Thomas Egerer <thomas.egerer@secunet.com>
* ike: Fix memory leak if remote address is keptTobias Brunner2015-07-271-0/+4
|
* ike-rekey: Fix cleanup() callTobias Brunner2015-07-271-2/+2
|
* ike-rekey: Reset IKE_SA on bus before sending CREATE_CHILD_SA responseTobias Brunner2015-07-271-1/+2
| | | | | Even when there is no error the CREATE_CHILD_SA response should be sent in the context of the existing IKE_SA.
* ike-rekey: Reset IKE_SA on the bus after destroying new IKE_SATobias Brunner2015-07-271-16/+15
| | | | | | | | | | | | | | | The destroy() method sets the IKE_SA on the bus to NULL, we reset it to the current IKE_SA so any events and log messages that follow happen in the correct context. A practical example where this is problematic is a DH group mismatch, which causes the first CREATE_CHILD_SA exchange to fail. Because the SA was not reset previously, the message() hook for the CREATE_CHILD_SA response, for instance, was triggered outside the context of an IKE_SA, that is, the ike_sa parameter was NULL, which is definitely not expected by several plugins. Fixes #862.
* shunt-manager: Add flush() method to properly uninstall shuntsTobias Brunner2015-07-272-4/+46
| | | | | This will allow us to uninstall shunts before unloading the kernel-interface plugins.
* shunt-manager: Remove stored entries if installation failsTobias Brunner2015-07-271-2/+11
|
* shunt-manager: Add a lock to safely access the list of shunt policiesTobias Brunner2015-07-271-3/+17
|
* trap-manager: Resolve race conditions between flush() and install()Tobias Brunner2015-07-271-0/+31
| | | | | | | | | | | | | When flush() is called there might be threads in install() waiting for trap policies to get installed (without holding the lock). We have to wait until they updated the entries with the respective CHILD_SAs before destroying the list. We also have to prevent further trap policy installations (and wait until threads in install() are really finished), otherwise we might end up destroying CHILD_SA objects after the kernel interface implementations have already been unloaded (avoiding this is the whole point of calling flush() before unloading the plugins).
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-18 22:32:33 +0000