aboutsummaryrefslogtreecommitdiffstats
path: root/src/libipsec
Commit message (Collapse)AuthorAgeFilesLines
* libipsec: Enforce a minimum of 256 for SPIsTobias Brunner2017-03-021-3/+4
| | | | | | RFC 4303 reserves the SPIs between 1 and 255 for future use. This also avoids an overflow and a division by zero if spi_min is 0 and spi_max is 0xffffffff.
* libipsec: Fix min/max SPITobias Brunner2017-03-021-2/+2
|
* kernel: Make range of SPIs for IPsec SAs configurableTobias Brunner2017-03-021-2/+14
|
* libipsec: Log a packet's ports and protocol in case of a policy mismatchTobias Brunner2017-03-021-5/+7
|
* libipsec: Match IPsec policies against ports of processed packetsTobias Brunner2017-03-021-1/+21
| | | | Fixes #2252.
* libipsec: Add support for AES and Camellia in CCM modeTobias Brunner2017-01-251-3/+16
| | | | Fixes #2172.
* libipsec: Fix Windows build via MinGWTobias Brunner2017-01-253-0/+35
| | | | Fixes #2118.
* Use standard unsigned integer typesAndreas Steffen2016-03-2419-158/+158
|
* libipsec: Pass the same data to del_policy() as to add_policy()Tobias Brunner2016-02-042-8/+12
| | | | | | We already do this for the other kernel interfaces. Fixes e1e88d5adde0 ("libipsec: Don't attempt deletion of any non-IPsec policies")
* libipsec: Don't attempt deletion of any non-IPsec policiesTobias Brunner2016-02-041-1/+1
| | | | | | | | An example are the fallback drop policies installed when updating SAs. We ignore such policies in add_policy() so there is no point in attempting to remove them. Since they use different priorities than regular policies this did not result in policies getting deleted unintentionally but there was an irritating log message on level 2 that indicated otherwise.
* android: Fix build after updating Linux headersTobias Brunner2015-11-121-1/+0
| | | | | | | | Since we don't use the kernel-netlink plugin anymore and the headers in the NDK are reasonably recent, we don't need this anymore (at least when building the app). Fixes #1172.
* libipsec: Properly support CAMELLIA in CTR modeTobias Brunner2015-10-301-0/+1
|
* libipsec: Fix crypter lookup for AES-CTRTobias Brunner2015-10-301-1/+12
| | | | | | | | | | | | Due to the nonce, the ESP key material is four bytes longer than needed for the actual AES key. The crypto plugins, however, register their AES-CTR implementations with the AES key length, so the lookup here failed. For IKEv2 the key material is allocated after creating a crypter instance with the negotiated AES key size. The length of the actual key material is retrieved via get_key_size(), which adds the four bytes to the AES key length. Fixes #1124.
* libipsec: Add a unit-test for ESP encryption using ChaCha20Poly1305Martin Willi2015-07-123-0/+139
|
* libipsec: Add a unit-test test runnerMartin Willi2015-07-125-8/+93
|
* libipsec: Create AEAD with four byte salt for ChaCha20-Poly1305Martin Willi2015-06-291-0/+1
|
* libipsec: Insert SAs first, so latest SA with the same reqid gets usedTobias Brunner2015-05-211-1/+1
| | | | | This was useful for testing purposes of RADIUS accounting, but OS kernels generally will use the latest SA, so we do the same.
* aead: Create AEAD using traditional transforms with an explicit IV generatorMartin Willi2015-04-131-1/+8
| | | | | | Real AEADs directly provide a suitable IV generator, but traditional crypters do not. For some (stream) ciphers, we should use sequential IVs, for which we pass an appropriate generator to the AEAD wrapper.
* libipsec: Pass separate inbound/update flags to the IPsec SA managerMartin Willi2015-03-092-3/+5
| | | | | Similar to other kernel interfaces, the libipsec backends uses the flag for different purposes, and therefore should get separate flags.
* kernel-interface: Raise expires with a proto/SPI/dst tuple instead of reqidMartin Willi2015-02-204-22/+32
|
* libipsec: Remove unused src/dst_ts parameters from ipsec_sa_mgr_t.add_sa()Martin Willi2015-02-204-14/+5
|
* libipsec: Remove unused reqid parameter from ipsec_sa_mgr_t.get_spi()Martin Willi2015-02-192-7/+4
|
* ip-packet: Fix length in IPv6 header of generated packetsTobias Brunner2014-10-201-1/+1
|
* ip-packet: Fix removal of TFC padding for IPv6Tobias Brunner2014-10-141-1/+1
| | | | | | The IPv6 length field denotes the payload length after the 40 bytes header. Fixes: 293515f95cf5 ("libipsec: remove extra RFC4303 TFC padding appended to inner payload")
* ip-packet: Define our own structs to handle TCP/UDP headersTobias Brunner2014-09-091-2/+27
|
* ip_packet: Add function to easily encode UDP packetsTobias Brunner2014-07-222-0/+29
|
* ip_packet: Apply transport protocol ports when encoding IP packetTobias Brunner2014-07-222-10/+30
|
* ip_packet: Add getter for IP payloadTobias Brunner2014-07-222-5/+25
|
* ip_packet: Allow creation of IP packets from dataTobias Brunner2014-07-222-1/+164
|
* ip_packet: Parse ports from TCP and UDP headersTobias Brunner2014-07-221-7/+63
|
* libipsec: Add support for new policy priority classTobias Brunner2014-06-191-1/+4
|
* libipsec: Avoid name clash with sched.h clone()Martin Willi2014-06-042-4/+4
|
* aead: Support custom AEAD salt sizesMartin Willi2014-03-311-1/+2
| | | | | | | | | The salt, or often called implicit nonce, varies between AEAD algorithms and their use in protocols. For IKE and ESP, GCM uses 4 bytes, while CCM uses 3 bytes. With TLS, however, AEAD mode uses 4 bytes for both GCM and CCM. Our GCM backends currently support 4 bytes and CCM 3 bytes only. This is fine until we go for CCM mode support in TLS, which requires 4 byte nonces.
* android: Remove dependency on libvstrTobias Brunner2013-11-131-1/+0
|
* libipsec: Don't print ciphertext with ICV in log messageTobias Brunner2013-10-171-1/+2
|
* libipsec: Properly calculate padding length especially for AES-GCMTobias Brunner2013-10-171-1/+3
|
* iv_gen: Provide external sequence number (IKE, ESP)Tobias Brunner2013-10-111-1/+1
| | | | This prevents duplicate sequential IVs in case of a HA failover.
* ipsec: Use IV generator to encrypt ESP messagesTobias Brunner2013-10-112-9/+7
|
* libipsec: Enforce byte/packet lifetimes on SAsMartin Willi2013-10-113-7/+77
|
* libipsec: remove extra RFC4303 TFC padding appended to inner payloadMartin Willi2013-10-111-0/+6
|
* libipsec: Support usage statistics and query_sa() on IPsec SAsMartin Willi2013-10-115-4/+102
|
* libipsec: fix memory management when cloning ip_packetMartin Willi2013-09-131-1/+1
|
* libipsec: check for a policy with the reqid of the SA on decapsulationMartin Willi2013-09-133-7/+14
| | | | | To prevent a client from sending a packet with a source address of a different client, we require a policy bound via reqid to the decapsulating SA.
* Build all shared libraries with -no-undefined and link them properlyTobias Brunner2013-09-121-1/+5
| | | | | | | | | | The flag is required to convince libtool on Cygwin to build DLLs. But on Windows these shared libraries can not have undefined symbols, so we have to link them explicitly to the libraries they reference. For plugins this is currently not done, so only the monolithic build is supported. The plugin loader wouldn't be able to load DLLs anyway, as it tries to load files that don't exist on Cygwin.
* libipsec: Properly initialize variables when creating AEAD wrapperTobias Brunner2013-09-041-2/+2
|
* libipsec: Don't limit traditional algorithms to AES and SHA1/2Tobias Brunner2013-08-121-25/+7
| | | | Closes #377.
* automake: replace INCLUDES by AM_CPPFLAGSMartin Willi2013-07-181-2/+1
| | | | | | INCLUDES are now deprecated and throw warnings when using automake 1.13. We now also differentiate AM_CPPFLAGS and AM_CFLAGS, where includes and defines are passed to AM_CPPFLAGS only.
* libipsec: Properly handle expiration if no lifetime is setTobias Brunner2013-07-011-0/+5
|
* libipsec: Add initiator flag to definition of ipsec_sa_mgr_t.add_sa()Tobias Brunner2013-06-131-2/+4
|
* kernel-interface: add an exchange initiator parameter to add_sa()Martin Willi2013-06-111-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This new flag gives the kernel-interface a hint how it should priorize the use of newly installed SAs during rekeying. Consider the following rekey procedure in IKEv2: Initiator --- Responder I1 -------CREATE-------> R1 I2 <------CREATE-------- -------DELETE-------> R2 I3 <------DELETE-------- SAs are always handled as pairs, the following happens at the SA level: * Initiator starts the exchange at I1 * Responder installs new SA pair at R1 * Initiator installs new SA pair at I2 * Responder removes old SA pair at R2 * Initiator removes old SA pair at I3 This makes sure SAs get installed/removed overlapping during rekeying. However, to avoid any packet loss, it is crucial that the new outbound SA gets activated at the correct position: * as exchange initiator, in I2 * as exchange responder, in R2 This should guarantee that we don't use the new outbound SA before the peer could install its corresponding inbound SA. The new parameter allows the kernel backend to install the new SA with appropriate priorities, i.e. it should: * as exchange inititator, have the new outbound SA installed with higher priority than the old SA * as exchange responder, have the new outbound SA installed with lower priority than the old SA While we could split up the SA installation at the responder, this approach has another advantage: it allows the kernel backend to switch SAs based on other criteria, for example when receiving traffic on the new inbound SA.
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-22 13:59:14 +0000