summaryrefslogtreecommitdiff
path: root/sbin/iked/ikev2.c
AgeCommit message (Expand)Author
2020-09-16Move all the EAP logic from a single branch in the message parsing code totobhe
2020-09-06Drop redundant else for readability.tobhe
2020-09-05Use peer from policy, not from the acquire message.tobhe
2020-09-04INFORMATIONAL and CREATE_CHILD_SA exchanges cannot be initiated at thetobhe
2020-08-28Rename ikev2_*_sa() functions to make clear they handle Child SAs.tobhe
2020-08-27Make sure to save certificate in the CERTINVALID case to fixtobhe
2020-08-26Allow disabling DPD liveness checks by setting dpd_check_interval to 0.tobhe
2020-08-25Add dpd_check_interval configuration option. If for any IKE SA no IPsectobhe
2020-08-24Reduce the amount of boilerplate code and imsgs for config options bytobhe
2020-08-23Add a new configuration option to limit the number of connections fortobhe
2020-08-23Rename natt_mode to sc_nattmode for consistency.tobhe
2020-08-22Prevent concurrent CREATE_CHILD_SA and INFORMATIONAL exchanges.tobhe
2020-08-16Clean up unused parameters.tobhe
2020-08-15Remove dead assignments.tobhe
2020-08-14Delete unused variable 'policy'.tobhe
2020-08-14Print local 'sa' variable instead of 'msg->msg_sa'.tobhe
2020-08-14Delete unused variable 'certid'.tobhe
2020-08-12style(9).tobhe
2020-08-11Prioritize incoming certificate requests by the order of CERTEQ payloadstobhe
2020-07-21Handle TEMPORARY_FAILURE notification on IKESA rekeying.tobhe
2020-07-16Remove unused assignment.tobhe
2020-07-16Make sure to update policy dependant SA fields after policy_lookup().tobhe
2020-07-15Make CERT and CERTREQ payloads optional for public key authentication.tobhe
2020-07-14Properly clean up and dereference 'old' policy after failed lookup.tobhe
2020-06-15Log errors with log_info and SPI prepended.tobhe
2020-06-09Move AUTH_REQUEST SA state change from parser to IKE_AUTH exchange handler.tobhe
2020-06-03Pass sockaddr instead of sockaddr_storage to sa_address.tobhe
2020-06-02Don't leak authmsg.tobhe
2020-05-30Indentation style(9).tobhe
2020-05-28Move duplicate SA negotiation code to ikev2_sa_negotiate_common().tobhe
2020-05-26Add AES-GCM mode ciphers (IANA IDs 19 and 20) for IKEv2.tobhe
2020-05-11Fix policy lookup edge case for simultaneous transport and tunnel mode SAs.tobhe
2020-05-09Log error notifications other than NO_PROPOSAL_CHOSENtobhe
2020-05-02Use gettimeofday() instead of CLOCK_MONOTONIC in gettime(). The return valuetobhe
2020-05-01When initiating IKE SA rekeying, make sure to send a key from a mutualtobhe
2020-04-26Fix leak of temporary ID ibufs on IKE SA rekey.tobhe
2020-04-24Add some useful log messages for the IKE handshake.tobhe
2020-04-24Log INFORMATIONAL messages with LOG_DEBUG. They are rarely useful fortobhe
2020-04-23Add support for switching rdomain on IPsec encryption/decryption.tobhe
2020-04-22Log authentication verification failure with "info" priority.tobhe
2020-04-15Remove redundant 'sa == NULL' check.tobhe
2020-04-13Try to send a DELETE message if the SA is reset with 'ikectl reset id'.tobhe
2020-04-11If we haven't received any IKE message from our partner for sometobhe
2020-04-09Simplify socket creation logic. Normally iked needs two sockets, onetobhe
2020-04-08Prevent multiple ibuf leaks. Clean up on proccess shutdown.tobhe
2020-04-05Fix size checks in ikev2_getimsgdata().tobhe
2020-04-04It makes no sense to fall back to original policy if the relookup with thetobhe
2020-04-02Store USE_TRANSPORTMODE in iked_message until the full message was parsedtobhe
2020-04-01Properly handle multiple CERTREQ payloads in CA process. Only for thetobhe
2020-03-31Log summary of certificates in cert store when iked fails to find atobhe
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-22 10:52:56 +0000