Tobias Brunner
|
41e1e435d9
|
Removed xauth-null dummy plugin.
|
2012-03-20 17:31:17 +01:00 |
Clavister OpenSource
|
5c6abd2865
|
Added possibility to send notifications from the Quick Mode task
|
2012-03-20 17:31:17 +01:00 |
Clavister OpenSource
|
e647c98a13
|
Setting Protocol ID of notifys sent from task manager to ISAKMP
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
cc6b03bb5a
|
If no IKEv1 shared key found for hosts, try to find one based on config identities
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
033dfba01f
|
Log peer cfg enumeration externally for flexibility
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
d7376e2ab4
|
Accept NULL identities passed to peer config enumeration
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
0e2cc3fed9
|
Fixed authentication method selection for main mode PSK authentication
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
ea9e047bc5
|
Use virtual IP to substitute dynamic traffic selectors in quick mode
|
2012-03-20 17:31:17 +01:00 |
Martin Willi
|
156b8662a6
|
Queue Mode Config tasks when required
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
b155084c42
|
Added IKEv1 Mode Config task based on IKEv2 ike_config
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
21c916886d
|
Added missing XAuth auth_class enum name
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
a22b9e4f33
|
Reject quick modes if IKE_SA not yet established
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
67a753b95c
|
Use a common function to set IKE_SA to established
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
f223a28ae7
|
Be less verbose if plugin dependecy not satisfied
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
9626164e9a
|
Don't complain when receiving XAuth or Unity configuration attributes
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
c9e5998d7f
|
Interpret attribute format correctly in IKEv1 configuration format
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
9f43868a01
|
Implemented responder part of XAUTH task
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
d192cc9dc8
|
Implemented initiator part of xauth task
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
081b6dd3ed
|
Ask for a username/password in xauth-null as XAUTH initiator
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
59ee898326
|
Get first XAuth backend if none configured
|
2012-03-20 17:31:16 +01:00 |
Martin Willi
|
cbda13f6fe
|
Accept a xauth backend name appended to left/rightauth
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
6ebcbc654c
|
Added auth_cfg option to select XAUTH backend to use
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
89afbe58bb
|
Remove unused task swap_initiator method
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
1fe6cdfac2
|
Use a string to identify xauth backends, no need for integer types
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
4e73f85b81
|
Remove xauth_authenticator, we handle it in the task
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
96c9159d96
|
Use a second authentication config to configure XAUTH authentication
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
69adeb5bf2
|
Replace xauth_request task with a new stub where we reimplement it
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
c6d0098c1b
|
Added missing auth_method_t enum names
|
2012-03-20 17:31:15 +01:00 |
Martin Willi
|
a0eea1a7ac
|
Defined hybrid IKEv1 authentication methods
|
2012-03-20 17:31:15 +01:00 |
Clavister OpenSource
|
c29fba51aa
|
Some notification errors added to main_mode process_r
|
2012-03-20 17:31:15 +01:00 |
Clavister OpenSource
|
b8383f1f2d
|
Encrypt INFORMATIONAL exchange if needed
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
fbbd439bf9
|
Added possibility to send notification if task_manager->process fails
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
1390daae15
|
Added status code to status_t
New status_t enum to allow packets to be sent to peer in task_manager->process
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
9ce5d0c0e8
|
added functions for getting/setting ISAKMP SPI to notify payload
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
a064eaa8a6
|
Handling of initial contact
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
751bd02e98
|
Added retransmissions for initiator.
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
1755ac0617
|
Cleaned up quick mode notify processing
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
5adf855e3d
|
Add support for KE payloads in IKEv1 quick mode (PFS)
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
9bb4de1d83
|
En- and decode DH group attribute in quick mode SA payloads
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
fb8bc6a764
|
Use authenticators in IKEv1 main mode
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
76fe7de3fd
|
Added a factory function for IKEv1 authenticators
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
7c27c914d4
|
Implemented IKEv1 pubkey SIG payload processing in an authenticator
|
2012-03-20 17:31:14 +01:00 |
Martin Willi
|
2792587875
|
Implemented IKEv1 PSK HASH payload processing in separated authenticator
|
2012-03-20 17:31:14 +01:00 |
Clavister OpenSource
|
5d1eeec297
|
Handle incoming delete messages
|
2012-03-20 17:31:13 +01:00 |
Andreas Steffen
|
6f6380e670
|
use untoh64 instead of non-portable be64toh
|
2012-03-20 17:31:13 +01:00 |
Martin Willi
|
c64a4b4f8e
|
Implemented post-authentication certificate handling for IKEv1
|
2012-03-20 17:31:13 +01:00 |
Martin Willi
|
9ad5b8fa95
|
Cleanup CERT payload constructors
|
2012-03-20 17:31:13 +01:00 |
Martin Willi
|
0bcdb8e571
|
Implemented pre-authentication certificate handling for IKEv1
|
2012-03-20 17:31:13 +01:00 |
Martin Willi
|
8c33850615
|
Added task types for IKEv1 certificate handling
|
2012-03-20 17:31:13 +01:00 |
Martin Willi
|
df06ef2098
|
Cleaned up certreq payload for IKEv2/IKEv1 use
|
2012-03-20 17:31:13 +01:00 |