| Age | Commit message (Collapse) | Author |
|---|
|
responder. In practice this support means that clients like iPhones
can roam in different networks (LTE, WiFi) and change their external
addresses without having to re-do the whole handshake. It allows the
client to choose how and when to change the external tunnel endpoint
addresses on demand, depending on which network is better or even is
connected at all.
ok sthen@
tweaks from jmc@
tested by a handful
|
|
with the no-longer-available address over and over and over, requiring
iked to be restarted eventually. instead, on EADDRNOTAVAIL, schedule
SA deletion so a new one is set up shortly thereafter. ok reyk mikeb
|
|
This fixes connecting to Azure VPN and other implementations that
implement the IKEv2 COOKIE mechanism on the responder side. Azure
decides to send you a responder COOKIE after too many connection
attempts - we have to keep it and reflect it to establish a
connection. This implementation is only for the initiator (client)
side, we do not support sending COOKIEs on the responder (server) side
yet.
OK patrick@ mikeb@
|
|
These modes provide stronger and more flexible ways for
authentication: while RSA public key auth relies on SHA-1 hashes, the
news modes use SHA2-256 and up to SHA2-512 hashes.
Original diff from markus@ with patches from mikeb@ and me.
OK mikeb@ patrick@
|
|
Move repeated creation of the NAT-T payload into a function, remove
erroneous msg_offset, and improve NAT-T handling.
From and OK markus, OK mikeb
|
|
From and OK markus@, OK reyk
|
|
From and OK markus@, OK reyk
|
|
Ok jca@ and reyk@
|
|
process for ISAKMP+IKEv1. I kept it to let somebody either contribute
the old protocol one day, I never intended to implement IKEv1 myself,
or to add a new kind of pipe to isakmpd to hand off IKEv1 messages.
As IKEv2 is widely supported by all major OS and networking vendors
now, I'm happy to scrap the idea of supporting ISAKMP+IKEv1. It is
still possible to use isakmpd for legacy VPNs.
OK mikeb@
|
|
calls on pf data to explicit_bzero().
ok mikeb@
|
|
OK mikeb@
|
|
restricted to SHA1 for RSA signatures. ok mikeb@
|
|
ok doug millert miod
|
|
|
|
|
|
possible. Annotate <sys/param.h> lines with their current reasons. Switch
to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change
MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where
sensible to avoid pulling in the pollution. These are the files confirmed
through binary verification.
ok guenther, millert, doug (helped with the verification protocol)
|
|
Attempt state transition to VALID (or EAP_VALID) in the
ikev2_ike_auth after we have completed authentication
synchronously (PSK) or asynchronously (X.509 and RSA)
eliminating the need to do so in multiple places and
restoring the correct order for PSK.
ok markus
|
|
concept ok deraadt@
diff looks ok tedu@
|
|
|
|
events while we are busy initiating child-SAs; ok mikeb@
|
|
|
|
been verified; with & ok mikeb@
|
|
Less differences, less code to audit.
ok mikeb@
|
|
header structure is checked for sanity before copying the header.
Always pass down the number of remaining bytes in the payload or
substructure so we can always ensure to not go beyond actual data.
Also remove the quick parsing step as it does not provide a real
benefit anymore.
From Hans-Joerg Hoexer
ok mikeb@ markus@
|
|
%zu for size_t.
From Andre de Oliveira
With input and OK from blambert@ markus@
|
|
|
|
this fixes an out-of-bounds-memcpy in pfkey_process(); ok mikeb@
|
|
might no longer point to the same memory as before.
The bug was reported and fix was tested by LEVAI Daniel. Thanks!
|
|
|
|
to 2013 while I'm here... this is my way of saying "happy new year!".
|
|
|
|
side. Also add a new command line option -t to optionally enforce
NAT-T with UDP encapsulation on port 4500.
Tested by mikeb@ and me
ok mikeb@
|
|
sure jsg@ mikeb@
|
|
|
|
|
|
|
|
proceed with a response only when the appropriate request
is found.
|
|
This should still be considered an experimental work in progress.
|
|
|
|
while it might look like a step backwards, this fixes up eap negotiation
and bigger changes to this code are in the pipe anyways.
|
|
IKEv2 Payload Type "Encrypted" (E) to "Encrypted and Authenticated" (SK).
|
|
proc.c. this is the first sync to what i did for relayd but does not include
the multi-instance handling - so no functional change.
|
|
ok mikeb@
|
|
use the last matching semantics of PF. The previous rbtree-based
implementation was broken and tried to do a longest prefix match. But
instead of prefix match and using radix-trees to fix it I decided with
mikeb@ to implement it as last matching policy evaluation. The last
matching policy wins; the "quick" keyword can enforce first matching;
additional keywords like "skip" are specific to iked(8). See
iked.conf(5) for more details.
The implementation also uses skip steps based on PF's code. It
significantly speeds up the evaluation of many policies but also adds
a little delay when loading them (only noticeable with thousands of
policies). This allows iked(8) to scale well with thousands of
configured policies but I also liked the fact to have skip steps in
another piece of code.
ok dhartmei@ for using his skip step code under the ISC license in policy.c
ok mikeb@, jmc@
|
|
with suggestions and OK from reyk
|
|
additional space in the buffer and just pad input length up to the
block size. finalization is not needed for properly padded data.
kills a bunch of XXX's and an annoying error from openssl.
also, check a result from CipherUpdate while here.
ok reyk
|
|
parsing routines directly, first parse the message and save the parsed
elements in the temporary message struct before validating the
information and taking any other actions on the actual SA. This needs
more testing, but is the cleaner and better approach.
|
|
|
|
"client" or to configure iked to iked (OpenBSD to OpenBSD) IKEv2 VPNs.
It currently only supports psk (pre-shared keys) and no certificates,
doesn't do any rekeying or SA timeouts, and needs more cleanup. So it
is not quite production ready yet - but ready for simple tests...
|
|
- split responder/initiator- specific code into different functions and use
shared functions for common stuff.
- first parse the received message and store information in the temporary
message struct instead of modifying the ike sa in the parsing code directly.
|
