| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
| |
These might have changed by a peer-initiated MOBIKE address update.
Fixes #1125.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
message
|
| |
|
|
|
|
| |
configurable
Fixes #1128.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
are handled delayed
If we haven't received the third QM message for multiple exchanges the
return value of NEED_MORE for passive tasks that are not responsible for
a specific exchange would trigger a fourth empty QM message.
Fixes: 4de361d92c54 ("ikev1: Fix handling of overlapping Quick Mode exchanges")
References #1076.
|
| |
|
|
|
|
|
|
|
|
|
| |
Previously, the current segment was held while checking for duplicate
SAs, which requires acquiring all segments. If multiple threads did this
concurrently this resulted in a deadlock as they couldn't acquire the
segments held by the other threads attempting to do the same. With the
default configuration only one segment is used, which prevents the problem
as only one thread can check in an IKE SA concurrently.
Fixes: a064eaa8a63a ("Handling of initial contact")
|
| |
|
|
|
|
|
|
| |
left|rightsubnet default to %dynamic, which is basically 0.0.0.0/0 until an
address is assigned to it. So if only one side was undefined and the other
traffic selector was IPv6 an address family mismatch would occur.
References #595.
|
| |
|
|
|
|
| |
protocol mismatch
References #595.
|
| |
|
|
|
|
|
| |
attributes
Fixes ec490e68ae37 ("eap-radius: Add support for some basic IPv6-specific RADIUS attributes").
References #1001.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
whether COOKIEs are sent
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
From recvfrom(2) (which UDPSocket#recv backs into):
The return value will be 0 when the peer has performed an orderly
shutdown.
(i.e. it will return an empty string)
Previously in this scenario, Vici::Transport#recv_all would spin
forever trying to pull more data off the socket. I'm not entirely
clear what happened that caused strongSwan to shutdown the socket, but
it probably should not cause vici Ruby apps to spin.
Closes strongswan/strongswan#13.
|
| |
|
|
|
| |
If the init-limits parameter is set (disabled by default) init limits
will be checked and might prevent new SAs from getting initiated.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Actually, resolving addresses in `left` might be overkill as we'll assume
left=local anyway (the only difference is the log message).
|
| |
|
|
|
| |
In some scenarios it might be preferred to ensure left is always local
and no unintended swaps occur.
|
| | |
|
| |
|
|
| |
deleting the SA
|
| |
|
|
|
| |
This allows us to DELETE CHILD_SAs on failures that occur before we
retrieved the selected proposal.
|
| |
|
|
|
|
|
| |
information
Since we only support single protocols we could probably guess it and always
send a DELETE.
|
| |
|
|
|
|
|
| |
When retrying due to a DH group mismatch this is already done by the
child-create task itself. And in other cases where the task returns
NEED_MORE we actually will need access to a possible proposal to properly
delete it.
|
| |
|
|
|
|
|
|
|
|
| |
mismatch
If the responder declines our KE payload during a CHILD_SA rekeying migrate()
is called to reuse the child-create task. But the child-rekey task then
calls the same method again.
Fixes: 32df0d81fb46 ("child-create: Destroy nonceg in migrate()")
|
| |
|
|
|
|
|
|
|
|
|
| |
Since 11c14bd2f5 CA certificates referenced in ca sections were
enumerated by two credential sets if they were also stored in
ipsec.d/cacerts. This caused duplicate certificate requests to
get sent. All CA certificates, whether loaded automatically or
via a ca section, are now stored in stroke_ca_t.
Certificates referenced in ca sections are now also reloaded
when `ipsec rereadcacerts` is used.
|
| |
|
|
|
| |
Also use the right credential set for CA cert references loaded from
stroke_ca_t.
|
| |
|
|
|
| |
Previously it was possible that certificates were not found between the
time the credential sets were cleared and the certificates got readded.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In some cases the third message of a Quick Mode exchange might arrive
after the first message of a subsequent Quick Mode exchange. Previously
these messages were handled incorrectly and the second Quick Mode
exchange failed.
Some implementations might even try to establish multiple Quick Modes
simultaneously, which is explicitly allowed in RFC 2409. We don't fully
support that, though, in particular in case of retransmits.
Fixes #1076.
|
| |
|
|
|
| |
We should ignore messages that have the flag set incorrectly.
This restores RFC compliance which was broken since the mentioned commit.
|
| |
|
|
|
|
|
|
|
|
|
| |
While this doesn't really create any problems it is not 100% correct to
accept such messages because, of course, the sender of an IKE_SA_INIT
request is always the original initiator of an IKE_SA.
We currently don't check the flag later, so we wouldn't notice if the
peer doesn't set it in later messages (ike_sa_id_t.equals doesn't
compare it anymore since we added support for IKEv1, in particular since
17ec1c74de).
|
| |
|
|
|
|
|
|
|
| |
If multiple certificates use the same subjects we might choose the wrong
one otherwise. This way we use the one referenced with leftcert and
stored in the auth-cfg and we actually do the same thing later in the
pubkey authenticator.
Fixes #1077.
|
| |
|
|
|
|
|
| |
This allows symmetric configuration of EAP methods (i.e. the same value
in leftauth and rightauth) when mutual EAP-only authentication is used.
Previously the client had to configure rightauth=eap or rightauth=any,
which prevented it from using this same config as responder.
|
| |
|
|
|
|
| |
When reestablishing the IKE_SA we should still use the original port
when right resolves to %any as some implementations might not like
initial IKE messages on port 4500 (especially for IKEv1).
|
| |
|
|
| |
Fixes #196.
|
| |
|
|
|
|
|
| |
This is required for the case where IDr is not sent (i.e. is %any).
The backend manager does the same.
Fixes #1044.
|
| |
|
|
|
|
| |
This may happen if something like `echo ... > /path/to/fifo` is used
before the plugin was able to create the FIFO. In that case we'd end
up in a loop always reading the same values from the static file.
|
| |
|
|
|
|
|
|
|
|
| |
Some implementations don't send a Key Length attribute for AES-128.
This was allowed for IKE in early drafts of RFC 3602, however, some
implementations also seem to do it for ESP, where it never was allowed.
And the final version of RFC 3602 demands a Key Length attribute for both
phases so they shouldn't do it anymore anyway.
Fixes #1064.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
During a rekeying we want to reuse the current reqid, but if the new SA
does not allocate it via kernel-interface the state there will disappear
when the old SA is destroyed after the rekeying. When the IKE_SA is
later reauthenticated with make-before-break reauthentication the new
CHILD_SAs there will get new reqids as no existing state is found in the
kernel-interface, breaking policy installation in the kernel.
Fixes: a49393954f31 ("child-sa: Use any fixed reqid configured on the CHILD_SA config")
|
| |
|
|
|
|
|
|
|
|
|
| |
Vendor specific EAP methods may be registered with:
PLUGIN_CALLBACK(eap_method_register, <constructor>),
PLUGIN_PROVIDE(EAP_SERVER_VENDOR, <type>, <vendor>),
Same for client implementations via EAP_PEER_VENDOR.
References #969.
|
| |
|
|
|
|
|
|
|
| |
accounting messages
This attribute is more appropriate for single IPv6 virtual IPs than the
Framed-IPv6-Prefix attribute.
Fixes #1001.
|
| |
|
|
|
|
| |
These are defined in RFC 6911.
Fixes #1001.
|
| | |
|
