aboutsummaryrefslogtreecommitdiffstats
path: root/src/libcharon
Commit message (Collapse)AuthorAgeFilesLines
...
| | * Added a get_rekey/reauth_time() jitter parameter to get time without ↵Martin Willi2012-03-203-10/+12
| | | | | | | | | | | | randomization
| | * IKEv1 XAuth: Changed the xauth_request task to use the new MIGRATE status.Clavister OpenSource2012-03-202-1/+4
| | |
| | * IKEv1 XAuth: Added new MIGRATE status type to status_t.Clavister OpenSource2012-03-201-0/+48
| | | | | | | | | | | | | | | | | | | | | | | | | | | When a task returns this status from a build or process method, it is a signal to the task manager that it should treat it as if the task returned SUCCESS. Additionally it will migrate all remaining tasks from the current queue to a different one, calling swap_initiator for each applicable task. Finally, the task manager will call "initiate", if applicable, to kick off tasks in the "queued_tasks" queue. Task queue relocation mapping: passive_tasks moves to queued_tasks (which is then fed to active by the initiate call). active_tasks moves to passive_tasks
| | * IKEv1 XAuth: Added new "swap_initiator" method to the standard task_t ↵Clavister OpenSource2012-03-202-0/+23
| | | | | | | | | | | | interface. This is needed for when we move a task from the passive queue to the active one. I'm not a huge fan of this method of doing things. Perhaps we should change task_t to have build_i, build_r, process_i, and process_r methods, and call the appropriate one from the task manager, since we have these methods for most tasks anyways.
| | * IKEv1 XAuth: XAuthInitPreShared working for XAuth initiator (Main Mode ↵Clavister OpenSource2012-03-201-15/+123
| | | | | | | | | | | | responder). Creates USER/PASS request, retrieves the result and sends status.
| | * IKEv1 XAuth: Added ability to initiate the XAuth transactions under a flag, ↵Clavister OpenSource2012-03-201-1/+5
| | | | | | | | | | | | default not to initiate XAuth.
| | * IKEv1 XAuth: Add XAUTH authentication types to the enum. Added the ability ↵Clavister OpenSource2012-03-201-0/+17
| | | | | | | | | | | | to switch between hardcoded PSK and XAUTH_INIT_PSK authentications using a flag, default to PSK.
| | * IKEv1 ConfigMode: Fix configuration_attribute encoding rules for IKEv1 to ↵Clavister OpenSource2012-03-201-1/+1
| | | | | | | | | | | | use the attribute type instead of the internal only payload type.
| | * IKEv1 ConfigMode: Fixed cp_payload to use CONFIGURATION_ATTRIBUTE_V1 in all ↵Clavister OpenSource2012-03-203-1/+3
| | | | | | | | | | | | appropriate places, so the parsing is done correctly.
| | * IKEv1 XAuth: Added ike_vendor task to the ID_PROT exchange type processing. ↵Clavister OpenSource2012-03-201-0/+3
| | | | | | | | | | | | We need to process vendor payloads to check to see if our peer understands XAuth before using any of these payload types.
| | * IKEv1 XAuth: Added temporary "initiate_xauth" public method to ike_sa_t. ↵Clavister OpenSource2012-03-202-0/+18
| | | | | | | | | | | | This allows us to initiate an XAuth password authentication exchange after responding to the final message of Main Mode. This change should be reverted once we have a better method to initiate this exchange.
| | * IKEv1 XAuth: Temporarilty add an "initiate_later" flag to the task manager. ↵Clavister OpenSource2012-03-202-1/+31
| | | | | | | | | | | | When set to TRUE it will cause "initiate" to be called when the current process_response call is finished. This change should be reverted once we have a better method in place.
| | * Use quick mode task initiator flag instead of passing it as parameterMartin Willi2012-03-201-12/+10
| | |
| | * Add quick mode ID payloads only if establishing a non-host2host tunnelMartin Willi2012-03-201-7/+30
| | |
| | * Refactored traffic selector handling in quick modeMartin Willi2012-03-201-122/+143
| | |
| | * Refactored NONCE payload handling in quick modeMartin Willi2012-03-201-47/+48
| | |
| | * No need to build a HASH payload in XAUTH task.Tobias Brunner2012-03-201-30/+0
| | | | | | | | | | | | It gets added automatically when the message is generated.
| | * Create host-to-host traffic selectors if quick mode identities missingMartin Willi2012-03-201-3/+26
| | |
| | * Removed redundant '=>' when logging binary data in parser and generator.Tobias Brunner2012-03-202-6/+6
| | |
| | * Fixed encryption of IKEv2 messages.Tobias Brunner2012-03-201-2/+2
| | |
| | * Print message payload names after prepending IKEv1 HASH payloadMartin Willi2012-03-201-2/+2
| | |
| | * Fixed task_manager_v1 compiler warningsMartin Willi2012-03-201-3/+4
| | |
| | * Generate a new mid only after we start a new task (and exchange)Martin Willi2012-03-201-3/+7
| | |
| | * Derive IKEv1 CHILD_SA keymat twice, once for each IPsec SAMartin Willi2012-03-203-24/+31
| | |
| | * Fix seed construction for IKEv1 key derivationMartin Willi2012-03-201-1/+1
| | |
| | * Use a dedicated message hash to detect IKEv1 retransmissionsMartin Willi2012-03-201-7/+13
| | |
| | * Include hardcoded tunnel mode attribute in porposal, remove ESN attributeMartin Willi2012-03-201-2/+2
| | |
| | * Authenticate and verify Phase 2 IKEv1 messages with appropriate hashes.Tobias Brunner2012-03-203-2/+265
| | |
| | * Fixed verification of DELETE_V1 payloads.Tobias Brunner2012-03-201-4/+13
| | |
| | * Fixed header length calculation of DELETE payload.Tobias Brunner2012-03-201-6/+6
| | |
| | * Fixed conftests after extending CERT payload.Tobias Brunner2012-03-201-2/+4
| | |
| | * Fixed a config reference leak in IKEv2 initiateMartin Willi2012-03-201-1/+0
| | |
| | * XAUTH is initiated based on configuration, no need to call externallyMartin Willi2012-03-203-21/+0
| | |
| | * Merged IKEv1 attribute payload/data into configuration payload/attributeMartin Willi2012-03-2014-814/+273
| | |
| | * Temp fix for compile error with XAUTH code.Clavister OpenSource2012-03-201-1/+1
| | |
| | * IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle ↵Clavister OpenSource2012-03-209-7/+333
| | | | | | | | | | | | XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response.
| | * Updates ike_cert_post task with modifications needed for dealing with ↵Clavister OpenSource2012-03-201-5/+5
| | | | | | | | | | | | updated cert_payload class.
| | * IKEv1 ConfigMode: Added the payload handlers for attribute_payload and ↵Clavister OpenSource2012-03-204-0/+672
| | | | | | | | | | | | data_attribute payload types.
| | * IKEv1 ConfigMode: Added TRANSACTION exchange type. Added attribute_payload ↵Clavister OpenSource2012-03-206-20/+78
| | | | | | | | | | | | (IKEv2 equiv cp_payload) and data_attribute (IKEv2 equiv configuration_attribute) payload types. Did not combine with IKEv2 because it wasn't trivial to do so. This might be a task worth investigating in the future, because there is a decent amount of shared code here.
| | * Updated the CERT payload to work for both IKEv1 and IKEv2.Clavister OpenSource2012-03-202-14/+25
| | |
| | * Parse proposal substructure with multiple IKEv1 transforms to multiple proposalsMartin Willi2012-03-203-34/+33
| | |
| | * Encode multiple IKEv1 proposals in a single transform substructureMartin Willi2012-03-203-13/+74
| | |
| | * Remove public sa_payload.add_proposal() methodMartin Willi2012-03-202-18/+12
| | |
| | * Only add the first algorithm of a kind to IKEv1 transformsMartin Willi2012-03-201-4/+4
| | |
| | * Install negotiated IKEv1 CHILD_SA negotiated in quick modeMartin Willi2012-03-201-0/+163
| | |
| | * Implemented IKEv1 keymat CHILD_SA key derivation functionMartin Willi2012-03-202-0/+131
| | |
| | * Moved keymat key length lookup functions to keymat.cMartin Willi2012-03-203-55/+75
| | |
| | * Extended PRF+ by a non-counting variant as used by IKEv1Martin Willi2012-03-201-3/+3
| | |
| | * Hardcode some SA lifetimes until we can configure them dynamicallyMartin Willi2012-03-201-0/+12
| | |
| | * Added missing comma after ME_CONNECT declaration.Tobias Brunner2012-03-201-13/+14
| | |
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-15 00:35:52 +0000