ims-volte-vowifi
/
strongswan
9
0
Fork 0
Code Pull Requests Releases Activity
17,353 Commits 6 Branches 233 Tags 88 MiB
Commit Graph

13 Commits

Author SHA1 Message Date
Josh Soref b3ab7a48cc Spelling fixes 
* accumulating
* acquire
* alignment
* appropriate
* argument
* assign
* attribute
* authenticate
* authentication
* authenticator
* authority
* auxiliary
* brackets
* callback
* camellia
* can't
* cancelability
* certificate
* choinyambuu
* chunk
* collector
* collision
* communicating
* compares
* compatibility
* compressed
* confidentiality
* configuration
* connection
* consistency
* constraint
* construction
* constructor
* database
* decapsulated
* declaration
* decrypt
* derivative
* destination
* destroyed
* details
* devised
* dynamic
* ecapsulation
* encoded
* encoding
* encrypted
* enforcing
* enumerator
* establishment
* excluded
* exclusively
* exited
* expecting
* expire
* extension
* filter
* firewall
* foundation
* fulfillment
* gateways
* hashing
* hashtable
* heartbeats
* identifier
* identifiers
* identities
* identity
* implementers
* indicating
* initialize
* initiate
* initiation
* initiator
* inner
* instantiate
* legitimate
* libraries
* libstrongswan
* logger
* malloc
* manager
* manually
* measurement
* mechanism
* message
* network
* nonexistent
* object
* occurrence
* optional
* outgoing
* packages
* packets
* padding
* particular
* passphrase
* payload
* periodically
* policies
* possible
* previously
* priority
* proposal
* protocol
* provide
* provider
* pseudo
* pseudonym
* public
* qualifier
* quantum
* quintuplets
* reached
* reading
* recommendation to
* recommendation
* recursive
* reestablish
* referencing
* registered
* rekeying
* reliable
* replacing
* representing
* represents
* request
* request
* resolver
* result
* resulting
* resynchronization
* retriable
* revocation
* right
* rollback
* rule
* rules
* runtime
* scenario
* scheduled
* security
* segment
* service
* setting
* signature
* specific
* specified
* speed
* started
* steffen
* strongswan
* subjectaltname
* supported
* threadsafe
* traffic
* tremendously
* treshold
* unique
* uniqueness
* unknown
* until
* upper
* using
* validator
* verification
* version
* version
* warrior

Closes strongswan/strongswan#164.
 2020-02-11 18:23:07 +01:00
Tobias Brunner 1b67166921 Unify format of HSR copyright statements 2018-05-23 16:32:53 +02:00
Andreas Steffen b12c53ce77 Use standard unsigned integer types 2016-03-24 18:52:48 +01:00
Tobias Brunner 8394ea2a42 libhydra: Move kernel interface to libcharon 
This moves hydra->kernel_interface to charon->kernel.
 2016-03-03 17:36:11 +01:00
Tobias Brunner 8484d2b01d ike-natd: Create fake NAT-D payloads in a more static way 
In some scenarios an IKE_SA might get restarted multiple times (e.g.
due to retransmits and delayed INVALID_KE_PAYLOAD notifies) so that
two IKE_SA_INIT messages might be sent that only differ in the
previously randomly generated NAT_DETECTION_SOURCE_IP payload.
This could cause an authentication failure on the responder if the two
peers don't use the same IKE_SA_INIT message in their InitiatorSignedOctets.

While the payload is generated in a reproducible way it will still change
when the daemon is restarted, which should make detecting the payloads
as fake a bit harder (compared to e.g. just using 0.0.0.0:0 as address).

Fixes #1131.
 2015-11-09 16:25:59 +01:00
Martin Willi 3ecfc83c6b payload: Use common prefixes for all payload type identifiers 
The old identifiers did not use a proper namespace and often clashed with
other defines.
 2014-06-04 15:53:03 +02:00
Tobias Brunner 01955eec71 ike: Force NAT-T/UDP encapsulation if kernel interface requires it 2013-06-21 17:03:21 +02:00
Tobias Brunner 4106aea8e4 Made IP address enumeration more flexible 
Also added an option to enumerate addresses on ignored interfaces.
 2012-09-21 18:16:26 +02:00
Tobias Brunner aed33805ce Don't ignore loopback devices and allow addresses on them being enumerated 2012-09-21 18:16:26 +02:00
Martin Willi 87dd205b61 Add a return value to hasher_t.allocate_hash() 2012-07-16 14:55:06 +02:00
Tobias Brunner 92f207477c Check rng return value when generating fake NAT detection payloads 2012-07-16 14:53:35 +02:00
Tobias Brunner 893c3a4ead Simplify NAT-D payload creation if UDP encapsulation is forced 
We don't need any address lookups in that case as the content of the
payload is generated randomly anyway.
 2012-07-13 11:13:43 +02:00
Martin Willi 15a682f4c2 Separated libcharon/sa directory with ikev1 and ikev2 subfolders 2012-03-20 17:31:26 +01:00