summaryrefslogtreecommitdiff
path: root/sbin/iked/ikev2_pld.c
AgeCommit message (Expand)Author
2024-07-13Add RADIUS support. Authentication, accounting, and "DynamicYASUOKA Masahiko
2024-04-02Add check to make sure EAP header length matches expected payload length.Tobias Heider
2024-03-02Trigger retransmission only for fragment 1/x, otherwise each receivedTobias Heider
2023-09-02Make sure cert_type is not 0 to prevent leak of certid->id_buf.Tobias Heider
2023-08-04Convert calls to ibuf_length() where it is clear that the ibuf is notClaudio Jeker
2023-06-28Add support to verify X509 chain from CERT payloads.Tobias Heider
2023-06-14Replace the last few print_host() calls with print_addr() ones.Claudio Jeker
2023-06-06Use same pattern to work with offset by using a uint8_t pointer thatClaudio Jeker
2023-05-23Replace ibuf_release() with ibuf_free() since the former just calls the latterClaudio Jeker
2022-12-06Print size_t with %zu.Tobias Heider
2022-12-03Include endian.h where needed for betohXX functions.Tobias Heider
2022-09-19Add iked connection statistics for successful and failed connections, commonTobias Heider
2022-07-04Ignore any CERT payload after the first instead of failing the exchangeTobias Heider
2022-03-14Improve retransmission of message fragments. RFC 7383 states that loss ofTobias Heider
2021-12-01whitespace cleanup during review readTheo de Raadt
2021-11-27Rename msg_id to msg_peerid now that we also have msg_localid.Tobias Heider
2021-11-26A peer sends both his local id and remote id he expects us to be. So far wePatrick Wildt
2021-11-12Refactor order of checks when handling IKEv2 message fragments.Tobias Heider
2021-09-01Add client side support for DNS configuration. Use RTM_PROPOSAL_STATICTobias Heider
2021-02-19Fail on duplicate nonce payload.tobhe
2021-02-18Remove redundant ibuf_release. msg_ke is always NULL because of thetobhe
2021-02-16Fail on duplicate KE payload.tobhe
2020-11-25Fix proposal error handling. If a proposal contains an unknown transformtobhe
2020-11-23Ignore duplicate sigsha2 notify, don't fail the exchange.tobhe
2020-11-22Fix comment typo.tobhe
2020-11-21Clean up NATT hack. Pass 'frompeer' as parameter instead of manipulatingtobhe
2020-11-19More sa cleanup + constify.tobhe
2020-11-18Constify sa in ikev2_pld_eap(). The parser code must not change anytobhe
2020-10-29Add initial support to request IP addresses as IKEv2 initiator.tobhe
2020-10-24Don't modify sa in ikev2_pld_cp. Store cp_type in msg until message hastobhe
2020-10-22Handle NO_PROPOSAL_CHOSEN for initiator in IKE_SA_INIT exchange.tobhe
2020-10-22Add missing break.tobhe
2020-10-19Handle NO_PROPOSAL_CHOSEN as IKE_AUTH initiator.tobhe
2020-10-09More unused headers.tobhe
2020-10-09Remove unused "wait.h" includes.tobhe
2020-10-03React to DELETE notifications only in INFORMATIONAL messagestobhe
2020-10-01Skip DELETE payload responses only after they are validated.tobhe
2020-09-30Don't accept AUTH payloads with invalid auth_method 0.tobhe
2020-09-30Don't accept ID payloads with ID type IKEV2_ID_NONE.tobhe
2020-09-29Check ibuf_seek() return value.tobhe
2020-09-21Fix reassembly of out-of-order fragments. Always take the nextpld fieldtobhe
2020-09-16Move all the EAP logic from a single branch in the message parsing code totobhe
2020-08-20Remove redundant variable.tobhe
2020-08-19Restructure traffic selector payload parsing. Add additional size andtobhe
2020-08-16Clean up unused parameters.tobhe
2020-08-11Prioritize incoming certificate requests by the order of CERTEQ payloadstobhe
2020-08-10Reduce log spam.tobhe
2020-08-10Remove unused argument.tobhe
2020-07-21Handle TEMPORARY_FAILURE notification on IKESA rekeying.tobhe
2020-06-09Move AUTH_REQUEST SA state change from parser to IKE_AUTH exchange handler.tobhe
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-01 02:21:20 +0000