summaryrefslogtreecommitdiff
path: root/sbin/iked/ikev2.c
AgeCommit message (Expand)Author
2020-11-07Implement 'from dynamic', which installs flows where 'dynamic' is replacedtobhe
2020-11-06Set correct netmask on patched addresses for debug printing.tobhe
2020-10-30Add missing bits to make 'request addr 0.0.0.0' accept ANY dynamic address.tobhe
2020-10-30Whitespace fixes.tobhe
2020-10-30Fix key payload size. Use size from new SA.tobhe
2020-10-29Add initial support to request IP addresses as IKEv2 initiator.tobhe
2020-10-28Refactor parts of the dh_* API.tobhe
2020-10-24Don't modify sa in ikev2_pld_cp. Store cp_type in msg until message hastobhe
2020-10-22Handle NO_PROPOSAL_CHOSEN for initiator in IKE_SA_INIT exchange.tobhe
2020-10-19Handle NO_PROPOSAL_CHOSEN as IKE_AUTH initiator.tobhe
2020-10-09More unused headers.tobhe
2020-10-09Remove unused "wait.h" includes.tobhe
2020-10-06Always allocate hash_keylength() for buffers passed to hash_final() totobhe
2020-10-05Only handle AUTHENTICATION_FAILED for IKE_AUTH and INFORMATIONAL exchanges.tobhe
2020-10-03React to DELETE notifications only in INFORMATIONAL messagestobhe
2020-10-02Send AUTH_FAILED in ikev2_ike_auth_recv() if the message did not containtobhe
2020-09-24Cleanup logging, print SPIs where it makes sense.tobhe
2020-09-23Add new 'set cert_partial_chain' config option to allow verification oftobhe
2020-09-17Set retransmit timeout for DELETE message on the replaced SA, not ontobhe
2020-09-17Do not send DELETE messages for closing SAs.tobhe
2020-09-17Merge IKEV2_EXCHANGE_CREATE_CHILD_SA and IKEV2_EXCHANGE_INFORMATIONALtobhe
2020-09-16Move all the EAP logic from a single branch in the message parsing code totobhe
2020-09-06Drop redundant else for readability.tobhe
2020-09-05Use peer from policy, not from the acquire message.tobhe
2020-09-04INFORMATIONAL and CREATE_CHILD_SA exchanges cannot be initiated at thetobhe
2020-08-28Rename ikev2_*_sa() functions to make clear they handle Child SAs.tobhe
2020-08-27Make sure to save certificate in the CERTINVALID case to fixtobhe
2020-08-26Allow disabling DPD liveness checks by setting dpd_check_interval to 0.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-24Reduce the amount of boilerplate code and imsgs for config options bytobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-23Rename natt_mode to sc_nattmode for consistency.tobhe
2020-08-22Prevent concurrent CREATE_CHILD_SA and INFORMATIONAL exchanges.tobhe
2020-08-16Clean up unused parameters.tobhe
2020-08-15Remove dead assignments.tobhe
2020-08-14Delete unused variable 'policy'.tobhe
2020-08-14Print local 'sa' variable instead of 'msg->msg_sa'.tobhe
2020-08-14Delete unused variable 'certid'.tobhe
2020-08-12style(9).tobhe
2020-08-11Prioritize incoming certificate requests by the order of CERTEQ payloadstobhe
2020-07-21Handle TEMPORARY_FAILURE notification on IKESA rekeying.tobhe
2020-07-16Remove unused assignment.tobhe
2020-07-16Make sure to update policy dependant SA fields after policy_lookup().tobhe
2020-07-15Make CERT and CERTREQ payloads optional for public key authentication.tobhe
2020-07-14Properly clean up and dereference 'old' policy after failed lookup.tobhe
2020-06-15Log errors with log_info and SPI prepended.tobhe
2020-06-09Move AUTH_REQUEST SA state change from parser to IKE_AUTH exchange handler.tobhe
2020-06-03Pass sockaddr instead of sockaddr_storage to sa_address.tobhe
2020-06-02Don't leak authmsg.tobhe
2020-05-30Indentation style(9).tobhe
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-14 05:49:46 +0000