summaryrefslogtreecommitdiff
path: root/sbin/iked/ikev2_pld.c
AgeCommit message (Expand)Author
2020-10-09More unused headers.tobhe
2020-10-09Remove unused "wait.h" includes.tobhe
2020-10-03React to DELETE notifications only in INFORMATIONAL messagestobhe
2020-10-01Skip DELETE payload responses only after they are validated.tobhe
2020-09-30Don't accept AUTH payloads with invalid auth_method 0.tobhe
2020-09-30Don't accept ID payloads with ID type IKEV2_ID_NONE.tobhe
2020-09-29Check ibuf_seek() return value.tobhe
2020-09-21Fix reassembly of out-of-order fragments. Always take the nextpld fieldtobhe
2020-09-16Move all the EAP logic from a single branch in the message parsing code totobhe
2020-08-20Remove redundant variable.tobhe
2020-08-19Restructure traffic selector payload parsing. Add additional size andtobhe
2020-08-16Clean up unused parameters.tobhe
2020-08-11Prioritize incoming certificate requests by the order of CERTEQ payloadstobhe
2020-08-10Reduce log spam.tobhe
2020-08-10Remove unused argument.tobhe
2020-07-21Handle TEMPORARY_FAILURE notification on IKESA rekeying.tobhe
2020-06-09Move AUTH_REQUEST SA state change from parser to IKE_AUTH exchange handler.tobhe
2020-05-11Fix policy lookup edge case for simultaneous transport and tunnel mode SAs.tobhe
2020-04-27Log with SPI_SA().tobhe
2020-04-18SPI_SA(sa, NULL) already prints a colon.tobhe
2020-04-16Print SPI value of deleted SA.tobhe
2020-04-11DELETE payloads are common. Log with log_info instead of log_warnx.tobhe
2020-04-08Prevent multiple ibuf leaks. Clean up on proccess shutdown.tobhe
2020-04-02Store USE_TRANSPORTMODE in iked_message until the full message was parsedtobhe
2020-03-16Handle allocation failure in reallocarry. Print errors with log_info.tobhe
2020-03-10Fix memory leak of 'cr' if allocation of 'cr->data' fails.tobhe
2020-02-21Add transport mode for child SAs. This is useful for GRE over IPsec andtobhe
2019-11-28Move Notify and Certreq payload handlers after the parser. Modify SA statetobhe
2019-11-13Log reason whenever a child SA is freed. This makes it easier totobhe
2019-08-24Fix conflict when IKE SA and Child SA rekeying happen at the same time.tobhe
2019-08-14Fix NAT traversal detection bug when "local" option is not explicitlytobhe
2019-08-12Prepend SPI to send and recv log messages to see which line belongs totobhe
2019-05-11Add support for IKEv2 Message Fragmentation as defined in RFC 7383.Patrick Wildt
2018-03-22The iked(8) fuzzer did not fuzz encrypted payloads. With that changedPatrick Wildt
2017-12-07Change the SA payload parser to parse more than the first proposal. ThisPatrick Wildt
2017-12-04Remove duplicate check that never could execute because the exact samePatrick Wildt
2017-12-04Consistently log "malformed payload" instead of "payload malformed", andPatrick Wildt
2017-12-04Remove check that is now a duplicate due to recent refactoring.Patrick Wildt
2017-12-04The payloads are layered like onions, so you can validate one layer andPatrick Wildt
2017-11-30Add support for rejecting IKE SA messages. This means that we can replyPatrick Wildt
2017-11-27Implement MOBIKE (RFC 4555) support in iked(8), with us acting asPatrick Wildt
2017-04-13Add a NAT-T keepalive timer in case we are behind a NAT gateway.Patrick Wildt
2017-03-27Don't cache the DH group in the policyMike Belopuhov
2017-03-27Add support to reflect the responder IKEv2 COOKIE.Reyk Floeter
2017-03-13Resolve simultaneous IKE SA rekeyingMike Belopuhov
2017-03-13Improve reporting of authentication errorsMike Belopuhov
2017-01-20Include only found SPIs into the PAYLOAD_DELETE messageMike Belopuhov
2017-01-20Minor formatting fixMike Belopuhov
2015-10-15Remove some unnecessary NULL-checks before free(). Change two bzero()mmcc
2015-10-01Don't reject an "empty" CERTREQ (one with no CA hashes), instead treat it asStuart Henderson
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 23:06:34 +0000