Martin Willi
|
b6016fcab3
|
Fixed a config reference leak in IKEv2 initiate
|
2012-03-20 17:30:49 +01:00 |
Martin Willi
|
384c1a32a2
|
XAUTH is initiated based on configuration, no need to call externally
|
2012-03-20 17:30:49 +01:00 |
Martin Willi
|
017d98bf39
|
Merged IKEv1 attribute payload/data into configuration payload/attribute
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
df99e976be
|
Temp fix for compile error with XAUTH code.
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
23f4e4b42d
|
IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle XAUTH requests. Modified task_manager_v1 to enable it to initiate new tasks immediately after finishing a response.
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
79e9f776dc
|
Updates ike_cert_post task with modifications needed for dealing with updated cert_payload class.
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
c71760570e
|
IKEv1 ConfigMode: Added the payload handlers for attribute_payload and data_attribute payload types.
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
54a8a94fa9
|
IKEv1 ConfigMode: Added TRANSACTION exchange type. Added attribute_payload (IKEv2 equiv cp_payload) and data_attribute (IKEv2 equiv configuration_attribute) payload types. Did not combine with IKEv2 because it wasn't trivial to do so. This might be a task worth investigating in the future, because there is a decent amount of shared code here.
|
2012-03-20 17:30:49 +01:00 |
Clavister OpenSource
|
9769b76cab
|
Updated the CERT payload to work for both IKEv1 and IKEv2.
|
2012-03-20 17:30:49 +01:00 |
Martin Willi
|
d50152a70b
|
Parse proposal substructure with multiple IKEv1 transforms to multiple proposals
|
2012-03-20 17:30:49 +01:00 |
Martin Willi
|
62a27ba347
|
Encode multiple IKEv1 proposals in a single transform substructure
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
f9450fc9f7
|
Remove public sa_payload.add_proposal() method
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
cd89f1a074
|
Only add the first algorithm of a kind to IKEv1 transforms
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
5351d63c79
|
Install negotiated IKEv1 CHILD_SA negotiated in quick mode
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
ff2a2ad33a
|
Implemented IKEv1 keymat CHILD_SA key derivation function
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
6cd72730bf
|
Moved keymat key length lookup functions to keymat.c
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
d4f6686c69
|
Extended PRF+ by a non-counting variant as used by IKEv1
|
2012-03-20 17:30:48 +01:00 |
Martin Willi
|
f5c0096086
|
Hardcode some SA lifetimes until we can configure them dynamically
|
2012-03-20 17:30:48 +01:00 |
Tobias Brunner
|
4c6dfbb26b
|
Added missing comma after ME_CONNECT declaration.
|
2012-03-20 17:30:48 +01:00 |
Tobias Brunner
|
8c5e78ae4f
|
Fixed creation of endpoint notifies.
|
2012-03-20 17:30:48 +01:00 |
Tobias Brunner
|
21da1087a5
|
Fixed diagram of IKEv1 encrypted "payload".
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
a0b52db079
|
Refactored main mode NONCE/KE payload processing
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
a0f851cfe0
|
Refactored main mode HASH payload processing
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
73380c8685
|
Skip any payloads in front of SA to extract initiators SA bytes
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
21b7db99c6
|
Implemented quick mode protocol handling, no CHILD_SA or HASH payloads yet
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
cc9629d87c
|
Partially implemented IKEv1 ESP proposal en-/decoding
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
12b6a68a5f
|
Add missing keymat cast to avoid compiler warning
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
17ec1c74de
|
Don't compare initiator flag in IKE_SA manager, pass initiator parameter to IKE_SA constructor
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
1b99befac3
|
Create and verify PSK HASH payloads in IKEv1 main mode
|
2012-03-20 17:30:47 +01:00 |
Martin Willi
|
4eee34ac49
|
Added keymat_v1_t.get_hash() to calculate authentication hashes
|
2012-03-20 17:30:46 +01:00 |
Martin Willi
|
e1f9d6476e
|
Register HASH_V1 in payload factory
|
2012-03-20 17:30:46 +01:00 |
Martin Willi
|
059d694a6b
|
Derive IKE keys as IKEv1 initiator, too
|
2012-03-20 17:30:46 +01:00 |
Martin Willi
|
7fcd26f4fc
|
Fix payload length of id_payload created from a traffic selector
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
42a69b05ab
|
String for ENCRYPTED_DATA fixed.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
780ce7724d
|
Strings for ENCRYPTED_V1 payload added.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
d66199884f
|
Set flags on message according to IKE version when parsing header.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
c92f2cf36d
|
Encrypt IKEv1 messages.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
477e856a15
|
Decrypt IKEv1 messages.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
b6f0029497
|
Added IV generation to keymat_v1_t.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
6f5f8ee4b5
|
Use modified encryption payload to encrypt/decrypt complete IKEv1 messages.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
0463674971
|
Use key derivation in IKEv1 main mode (PSK authentication).
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
aadb9e8355
|
Added a simple AEAD wrapper for IKEv1 encryption/decryption.
|
2012-03-20 17:30:46 +01:00 |
Tobias Brunner
|
b05d91edd7
|
Added IKEv1 key derivation with support for AUTH_CLASS_PSK.
|
2012-03-20 17:30:45 +01:00 |
Tobias Brunner
|
3d59c5c382
|
Update cached hosts on ike_sa_t when processing IKEv1 messages.
|
2012-03-20 17:30:45 +01:00 |
Tobias Brunner
|
0cec72df40
|
Provide keymat_t to message_t to encrypt/decrypt data.
|
2012-03-20 17:30:45 +01:00 |
Tobias Brunner
|
50d493808c
|
Avoid compiler warnings due to extended enums.
|
2012-03-20 17:30:45 +01:00 |
Tobias Brunner
|
a0563846b0
|
Moved version specific keymat functions to specific interfaces.
|
2012-03-20 17:30:45 +01:00 |
Martin Willi
|
a09972df2b
|
Added a generic TASK_ prefix to all task types
|
2012-03-20 17:30:45 +01:00 |
Martin Willi
|
744c080153
|
Initiate and respond to quick mode task (stub)
|
2012-03-20 17:30:45 +01:00 |
Martin Willi
|
3bd5fcc832
|
Print message ID as unsigned integer
|
2012-03-20 17:30:45 +01:00 |