Andreas Steffen
4b797f464e
fixed mapping of IKEv1 algorithms
2012-05-05 23:25:34 +02:00
Andreas Steffen
f66a14818e
inserted space
2012-05-05 15:51:24 +02:00
Martin Willi
b24be29646
Merge branch 'ikev1'
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/encoding/generator.c
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/network/receiver.c
src/libcharon/sa/authenticator.c
src/libcharon/sa/authenticator.h
src/libcharon/sa/ikev2/tasks/ike_init.c
src/libcharon/sa/task_manager.c
src/libstrongswan/credentials/auth_cfg.c
2012-05-02 11:12:31 +02:00
Martin Willi
4ef867f578
Accept zero-length certificate request payloads
2012-04-11 17:22:23 +02:00
Andreas Steffen
5893d1b156
added IKEv2 Generic Secure Password Authentication Method
2012-04-03 12:48:48 +02:00
Andreas Steffen
f54c4ed8d6
added GSPM IKEv2 payload
2012-04-03 12:21:39 +02:00
Tobias Brunner
817ab8a8d4
Don't cast second argument of mem_printf_hook (%b) to size_t.
...
Also treat the given number as unsigned int.
Due to the printf hook registration the second argument of
mem_printf_hook (if called via printf etc.) is always of type int*.
Casting this to a size_t pointer and then dereferencing that as int does
not work on big endian machines if int is smaller than size_t (e.g. on ppc64).
In order to make this change work if the argument is of a type larger
than int, size_t for instance, the second argument for %b has to be casted
to (u_)int.
2012-03-27 09:10:34 +02:00
Martin Willi
b1f2f05c92
Merge branch 'ikev1-clean' into ikev1-master
...
Conflicts:
configure.in
man/ipsec.conf.5.in
src/libcharon/daemon.c
src/libcharon/plugins/eap_ttls/eap_ttls_peer.c
src/libcharon/plugins/eap_radius/eap_radius_accounting.c
src/libcharon/plugins/eap_radius/eap_radius_forward.c
src/libcharon/plugins/farp/farp_listener.c
src/libcharon/sa/ike_sa.c
src/libcharon/sa/keymat.c
src/libcharon/sa/task_manager.c
src/libcharon/sa/trap_manager.c
src/libstrongswan/plugins/x509/x509_cert.c
src/libstrongswan/utils.h
Applied lost changes of moved files keymat.c and task_manager.c.
Updated listener_t.message hook signature in new plugins.
2012-03-20 17:57:53 +01:00
Tobias Brunner
1726795fa9
Store the major IKE version on ike_sa_id_t.
2012-03-20 17:31:40 +01:00
Tobias Brunner
eff331f799
Parse IKEv1 Cisco Load Balancing notify (can't act on it yet).
2012-03-20 17:31:40 +01:00
Tobias Brunner
3a9d5cbc14
Fixed transform numbering in IKEv1 proposal.
2012-03-20 17:31:40 +01:00
Martin Willi
5ed4b727d0
Fix mapping of IKEv1 encapsulation mode
2012-03-20 17:31:39 +01:00
Martin Willi
6261c0c3b7
Support encoding of IKEv1 ECDSA proposals
2012-03-20 17:31:38 +01:00
Martin Willi
c390569a76
Renamed CONFIGURATION_ATTRIBUTE_LENGTH to streamline it with other ATTRIBUTE rules
2012-03-20 17:31:38 +01:00
Martin Willi
05cb240215
Use ATTRIBUTE_VALUE rule in configuration attribute to parse it with correct length
2012-03-20 17:31:38 +01:00
Martin Willi
5ac4c2e1a9
Added missing short enum names for DPD notify types
2012-03-20 17:31:35 +01:00
Martin Willi
bb2d4e1882
Print IKEv1 notify types in message summary
2012-03-20 17:31:35 +01:00
Martin Willi
5f2f864efc
Support IKEv1 notifies in message_t.get_notify()
2012-03-20 17:31:35 +01:00
Clavister OpenSource
36c8169629
DPD_R_U_THERE defines added
2012-03-20 17:31:35 +01:00
Tobias Brunner
bd8d1f1d9c
Accept unencrypted Aggressive Mode messages.
...
Racoon does not encrypt the third message during Aggressive Mode.
2012-03-20 17:31:34 +01:00
Martin Willi
ebc7bcb550
Encrypt payloads of third aggressive mode message
2012-03-20 17:31:33 +01:00
Martin Willi
927c1dd9d2
Support IKEv1 proposal encodings having both lifebytes and a lifetime
2012-03-20 17:31:33 +01:00
Clavister OpenSource
e32820f593
Add functions to set mode cfg identifier
2012-03-20 17:31:32 +01:00
Martin Willi
96f98a8c11
Accept IKEv1 INVALID_KE_INFORMATION notifies without data
2012-03-20 17:31:30 +01:00
Tobias Brunner
db1dc81329
IKEv1 ATTRIBUTES_NOT_SUPPORTED error notify added.
2012-03-20 17:31:30 +01:00
Martin Willi
dd5c3787dc
Give a hint that decryption failed if payload length invalid
2012-03-20 17:31:30 +01:00
Martin Willi
07b8ec7c00
Cast keymat safely, not based on external input
2012-03-20 17:31:30 +01:00
Tobias Brunner
fd5d6bb08e
Use IPSEC DOI also for ISAKMP SA deletes.
2012-03-20 17:31:29 +01:00
Martin Willi
82b1e5e270
Accept NULL as keymat when generating a message
2012-03-20 17:31:29 +01:00
Martin Willi
15a682f4c2
Separated libcharon/sa directory with ikev1 and ikev2 subfolders
2012-03-20 17:31:26 +01:00
Martin Willi
8833068877
Doxygen fixes
2012-03-20 17:31:25 +01:00
Martin Willi
26b02f50f4
Always use a transform number of 1 when encoding a single transform
2012-03-20 17:31:25 +01:00
Martin Willi
5d0458af0a
Another set of cleanups in message.c
2012-03-20 17:31:25 +01:00
Martin Willi
b9a707e696
Some coding style cleanups
2012-03-20 17:31:25 +01:00
Martin Willi
2f58f6cba1
Fixed notify enum names
2012-03-20 17:31:25 +01:00
Tobias Brunner
b46b56fac1
Log parsed unsigned ints with proper format strings.
2012-03-20 17:31:24 +01:00
Martin Willi
ca26065745
Add some additional IKEv1 notify types
2012-03-20 17:31:23 +01:00
Martin Willi
a4cc071364
Do not trust unprotected INFORMATIONALS, just print that we got one
2012-03-20 17:31:23 +01:00
Martin Willi
3ba15819ed
Remove executable flag from source code files
2012-03-20 17:31:22 +01:00
Martin Willi
51da01a722
Support encoding of Hybrid initiator authentication method
2012-03-20 17:31:21 +01:00
Tobias Brunner
33493a5253
Added method to get encoded version if ID_V1 payload.
2012-03-20 17:31:21 +01:00
Martin Willi
226b0f36c7
Fixed SPI size calculation in DELETE payload
2012-03-20 17:31:19 +01:00
Martin Willi
0acb520758
Support IKEv1 SPIs in IKEv1 delete payload
2012-03-20 17:31:19 +01:00
Martin Willi
9626164e9a
Don't complain when receiving XAuth or Unity configuration attributes
2012-03-20 17:31:16 +01:00
Martin Willi
c9e5998d7f
Interpret attribute format correctly in IKEv1 configuration format
2012-03-20 17:31:16 +01:00
Clavister OpenSource
b8383f1f2d
Encrypt INFORMATIONAL exchange if needed
2012-03-20 17:31:14 +01:00
Clavister OpenSource
9ce5d0c0e8
added functions for getting/setting ISAKMP SPI to notify payload
2012-03-20 17:31:14 +01:00
Martin Willi
9bb4de1d83
En- and decode DH group attribute in quick mode SA payloads
2012-03-20 17:31:14 +01:00
Clavister OpenSource
5d1eeec297
Handle incoming delete messages
2012-03-20 17:31:13 +01:00
Andreas Steffen
6f6380e670
use untoh64 instead of non-portable be64toh
2012-03-20 17:31:13 +01:00