aboutsummaryrefslogtreecommitdiffstats
path: root/src
Commit message (Collapse)AuthorAgeFilesLines
...
* ike: Reduce RETRY_INTERVAL a bitTobias Brunner2016-06-171-2/+2
| | | | Retry exchanges between 5 and 15 seconds after a temporary failure.
* ike-rekey: Return TEMPORARY_FAILURE when concurrently creating a CHILD_SATobias Brunner2016-06-171-14/+35
|
* unit-tests: Add tests for IKE rekeying if INVALID_KE_PAYLOAD notifies are ↵Tobias Brunner2016-06-171-0/+470
| | | | received
* ike: Add configuration option to switch to preferring supplied proposals ↵Tobias Brunner2016-06-175-10/+21
| | | | over local ones
* child-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-174-23/+38
|
* ike-cfg: Add option to prefer supplied proposals over locally configured onesTobias Brunner2016-06-175-32/+48
|
* proposal: Remove MODP_NONE from IKE proposals parsed from stringsTobias Brunner2016-06-171-0/+10
|
* proposal: Handle MODP_NONE in both directions when selecting proposalsTobias Brunner2016-06-174-6/+97
|
* proposal: Parse modpnone as MODP_NONE(0)Tobias Brunner2016-06-171-0/+1
|
* ike-rekey: Make sure to ignore task when detecting collisions if ike-init ↵Tobias Brunner2016-06-171-1/+2
| | | | | | | subtask failed For instance, if INVALID_KE_PAYLOAD is returned we don't want this task to affect any active rekeying (no new SA has been established so far).
* unit-tests: Add test for rekey collision if one CREATE_CHILD_SA response is ↵Tobias Brunner2016-06-171-0/+221
| | | | delayed
* unit-tests: Add tests for IKE_SA rekeying if collision is not detected by ↵Tobias Brunner2016-06-171-0/+340
| | | | one peer
* ike-rekey: Handle undetected collisions also if delete is delayedTobias Brunner2016-06-171-16/+26
| | | | | | | | | | | If the peer does not detect the rekey collision and deletes the old IKE_SA and then receives the colliding rekey request it will respond with TEMPORARY_FAILURE. That notify may arrive before the DELETE does, in which case we may just conclude the rekeying initiated by the peer. Also, since the IKE_SA is destroyed in any case when we receive a delete there is no point in storing the delete task in collide() as process_i() in the ike-rekey task will never be called.
* ike-rekey: There is no passive reauth task, so it will never collide with oneTobias Brunner2016-06-172-7/+4
|
* ike-rekey: Ignore colliding rekey tasks that did not create an IKE_SATobias Brunner2016-06-171-56/+64
| | | | | This simplifies collision handling and we don't need to know about these tasks when concluding the rekeying we initiated.
* ike-rekey: Properly handle situation if the peer did not notice the rekey ↵Tobias Brunner2016-06-171-0/+11
| | | | | | | | | | collision We conclude the rekeying before deleting the IKE_SA. Waiting for the potential TEMPORARY_FAILURE notify is no good because if that response does not reach us the peer will not retransmit it upon our retransmits of the rekey request if it already deleted the IKE_SA after receiving our response to the delete.
* ike-delete: Handle deletes while rekeying differently if there was a collisionTobias Brunner2016-06-171-2/+40
| | | | | We treat these as if we concluded the rekeying, the active ike-rekey task will handle the collision afterwards.
* ike-rekey: Add method to check if there was a rekey collisionTobias Brunner2016-06-172-1/+17
|
* ikev2: Check for collisions after handling IKE deletionTobias Brunner2016-06-171-1/+5
|
* unit-tests: Add tests for IKE/CHILD delete collisionsTobias Brunner2016-06-171-0/+165
|
* child-delete: Reply as usual when concurrently rekeying the IKE_SATobias Brunner2016-06-171-5/+1
| | | | | As per RFC 7296, 2.25.2 (what we did before was the behavior described in RFC 4718).
* unit-tests: Add tests for IKE/CHILD rekey collisionsTobias Brunner2016-06-171-0/+170
|
* child-create: Respond with TEMPORARY_FAILURE while rekeying/deleting IKE_SATobias Brunner2016-06-171-2/+2
|
* ike-rekey: Respond with TEMPORARY_FAILURE if CHILD_SAs are currently ↵Tobias Brunner2016-06-171-1/+8
| | | | rekeyed/deleted/established
* unit-tests: Add tests for collisions between IKE_SA rekeying and deletionTobias Brunner2016-06-171-0/+174
|
* ike-rekey: Handle TEMPORARY_FAILURE notifyTobias Brunner2016-06-171-8/+22
|
* ike-rekey: Respond with TEMPORARY_FAILURE if we are deleting the SATobias Brunner2016-06-171-0/+5
|
* unit-tests: Add tests for IKE SA deletionTobias Brunner2016-06-173-0/+139
|
* ike-delete: No need to wait for a response in case of concurrent deletesTobias Brunner2016-06-171-14/+0
| | | | | RFC 7296 explicitly says we SHOULD reply as usual and forget about our own close request.
* unit-tests: Only deliver messages to the SA they are addressed toTobias Brunner2016-06-171-4/+12
|
* unit-tests: Add test for simple IKE rekey collisionTobias Brunner2016-06-171-5/+171
|
* ikev2: Add a new state to track rekeyed IKE_SAsTobias Brunner2016-06-177-44/+53
| | | | | | | | | This makes handling such IKE_SAs more specifically compared to keeping them in state IKE_CONNECTING or IKE_ESTABLISHED (which we did when we lost a collision - even triggering the ike_updown event), or using IKE_REKEYING for them, which would also be ambiguous. For instance, we can now reject anything but DELETES for such SAs.
* ike-rekey: Add the name/ID of the redundant IKE_SAs to the log messagesTobias Brunner2016-06-171-8/+13
|
* unit-tests: Add tests for IKE_SA rekeyingTobias Brunner2016-06-173-0/+111
|
* unit-tests: Add asserts against IKE_SAsTobias Brunner2016-06-171-0/+45
|
* unit-tests: Make sure to flush the IKE_SA manager before destroying the senderTobias Brunner2016-06-171-1/+3
| | | | | | | | | | As the static plugin that creates and destroys the default sender was not initialized because of the missing socket the daemon won't destroy our sender. Test cases will eventually have to flush the IKE_SA manager to satisfy the leak detective. However, in case of a test failure and if there are IKE_SAs in the manager the daemon will flush the SAs when deinitializing, which will cause deletes to get sent. This crashes if the sender is already destroyed.
* unit-tests: Return status from process_message()Tobias Brunner2016-06-172-4/+8
|
* unit-tests: Use wrapper for add_listener in bus_t related assertsTobias Brunner2016-06-171-2/+2
|
* unit-tests: Provide a wrapper around bus_t::add_listener and unregister them ↵Tobias Brunner2016-06-172-0/+32
| | | | | | | | during cleanup In case listeners on the stack are triggered while cleaning up after a test failed (e.g. via ike_sa_manager_t::flush) remaining listeners defined on the stack would cause a segmentation fault.
* ike-sa-manager: Make sure rng is defined before destroying it in flush()Tobias Brunner2016-06-171-1/+1
| | | | This allows calling flush() multiple times.
* ike-rekey: Establish new IKE_SA earlier as responder, but only if no collisionTobias Brunner2016-06-171-3/+8
| | | | | | Moving to the new SA only after receiving the DELETE for the old SA was not ideal as it rendered the new SA unusable (because it simply didn't exist in the manager) if the DELETE was delayed/got dropped.
* unit-tests: Add tests where a peer is not aware of a CHILD_SA rekey collisionTobias Brunner2016-06-171-1/+354
|
* child-delete: Check if the deleted CHILD_SA is the redundant SA of a collisionTobias Brunner2016-06-171-4/+39
| | | | | | This happens if the peer deletes the redundant SA before we are able to handle the response. The deleted SA will be in state CHILD_INSTALLED but we don't want to trigger the child_updown() event for it or recreate it.
* child-rekey: Add method to check for the redundant SA created in a collisionTobias Brunner2016-06-172-18/+37
|
* unit-tests: Test for rekeying if INVALID_KE_PAYLOAD notifies are receivedTobias Brunner2016-06-171-0/+253
|
* child-rekey: Don't change state to INSTALLED if it was already REKEYINGTobias Brunner2016-06-171-3/+5
| | | | | This happens if there is a rekey collision and the peers disagree on the DH group.
* unit-tests: Make IKE and ESP proposals configurableTobias Brunner2016-06-174-44/+116
|
* unit-tests: Add tests for CHILD_SA rekeying/deletion collisionsTobias Brunner2016-06-171-1/+288
|
* unit-tests: Add asserts against job schedulingTobias Brunner2016-06-172-0/+60
|
* ikev2: Use CHILD_REKEYED for replaced CHILD_SAs after rekeyingTobias Brunner2016-06-173-15/+17
| | | | This allows handling collisions better, in particular with deletions.
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 16:38:44 +0000