Tobias Brunner
1b67166921
Unify format of HSR copyright statements
2018-05-23 16:32:53 +02:00
Andreas Steffen
b12c53ce77
Use standard unsigned integer types
2016-03-24 18:52:48 +01:00
Tobias Brunner
1507647434
unknown-payload: Use a new private payload type and make original type available
...
This fixes a DoS and potential remote code execution vulnerability that was
caused because the original payload type that was returned previously was
used to cast such payload objects to payloads of the indicated type (e.g.
when logging notify payloads with a payload type for the wrong IKE version).
Fixes CVE-2015-3991.
2015-06-01 09:42:11 +02:00
Tobias Brunner
75dd984e9e
ike: Allow creation of internally used payloads
...
Since 42e0a317c6
("ike: Only parse payloads valid for the current IKE
version") payload types are checked before creating objects. This check
failed for internally used payload types (e.g. proposal substructures),
which have a type >= 256, i.e. outside the IKE payload type range.
2014-12-12 13:10:26 +01:00
Tobias Brunner
fac310a467
ike: Make check for known payloads depend on IKE version
2014-12-05 15:41:46 +01:00
Tobias Brunner
4c345b15c7
ikev2: Add encrypted fragment payload
2014-10-10 09:32:37 +02:00
Tobias Brunner
147fe503af
ike: Rename encryption_payload to encrypted_payload
2014-10-10 09:30:25 +02:00
Martin Willi
3ecfc83c6b
payload: Use common prefixes for all payload type identifiers
...
The old identifiers did not use a proper namespace and often clashed with
other defines.
2014-06-04 15:53:03 +02:00
Tobias Brunner
8f0ab6dd36
Payload added to handle IKE fragments
2012-12-24 10:24:48 +01:00
Volker Rümelin
0ff8d20a89
Add support for draft-ietf-ipsec-nat-t-ike-03 and earlier
...
This adds support for early versions of the draft that eventually
resulted in RFC 3947.
2012-12-19 11:03:42 +01:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Andreas Steffen
f54c4ed8d6
added GSPM IKEv2 payload
2012-04-03 12:21:39 +02:00
Martin Willi
3ba15819ed
Remove executable flag from source code files
2012-03-20 17:31:22 +01:00
Clavister OpenSource
7d9269bfce
certificate handling for XAuth responder.
2012-03-20 17:31:11 +01:00
Tobias Brunner
1e97783c99
Added payloads for IKEv1 NAT-Traversal negotiation.
2012-03-20 17:31:09 +01:00
Martin Willi
017d98bf39
Merged IKEv1 attribute payload/data into configuration payload/attribute
2012-03-20 17:30:49 +01:00
Clavister OpenSource
54a8a94fa9
IKEv1 ConfigMode: Added TRANSACTION exchange type. Added attribute_payload (IKEv2 equiv cp_payload) and data_attribute (IKEv2 equiv configuration_attribute) payload types. Did not combine with IKEv2 because it wasn't trivial to do so. This might be a task worth investigating in the future, because there is a decent amount of shared code here.
2012-03-20 17:30:49 +01:00
Martin Willi
e1f9d6476e
Register HASH_V1 in payload factory
2012-03-20 17:30:46 +01:00
Tobias Brunner
780ce7724d
Strings for ENCRYPTED_V1 payload added.
2012-03-20 17:30:46 +01:00
Tobias Brunner
6f5f8ee4b5
Use modified encryption payload to encrypt/decrypt complete IKEv1 messages.
2012-03-20 17:30:46 +01:00
Martin Willi
cf6cd5aa4b
Added IKEv1 support to delete payload
2012-03-20 17:30:43 +01:00
Martin Willi
04ee2b7fed
Added IKEv1 support to notify payload
2012-03-20 17:30:43 +01:00
Martin Willi
2a36037ec7
Extended ID payload for (non-TS) IKEv1 use
2012-03-20 17:30:42 +01:00
Martin Willi
e9b55b8325
Simplify signature of get_encoding_rules(), make all rules static
2012-03-20 17:30:42 +01:00
Martin Willi
683d83ed3e
Extended KE payload for IKEv1 support
2012-03-20 17:30:42 +01:00
Martin Willi
bcfb0f4096
Extended nonce payload for IKEv1 support
2012-03-20 17:30:42 +01:00
Martin Willi
3f6d1b13a7
Added additional IKEv1 payload and encoding identifiers
2012-03-20 17:30:40 +01:00
Martin Willi
b0b9d18593
Extend sa_payload for IKEv1 support
2012-03-20 17:30:40 +01:00
Martin Willi
837298c590
Use vendor id payload for IKEv1 payloads, too
2012-03-20 17:30:39 +01:00
Martin Willi
ecf854a00b
Added IKEv1 payload identifiers to "known" payload list
2012-03-20 17:30:39 +01:00
Martin Willi
e33b41e7b0
Added IKEv1 payload identifiers
2012-03-20 17:30:39 +01:00
Martin Willi
e662d62a76
Implemented a generic payload field lookup function
2011-01-05 16:45:51 +01:00
Martin Willi
b6c796464d
Use the payloads actual type in unknown_payload_t
2011-01-05 16:45:43 +01:00
Tobias Brunner
08c5572602
Moving charon to libcharon.
2010-03-19 13:34:52 +01:00