aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/ikev2/ikev2.c
AgeCommit message (Collapse)AuthorFilesLines
2020-01-27ipip: Multi-point interfaceNeale Ranns1-1/+1
Type: feature plus fixes for gre Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I0eca5f94b8b8ea0fcfb058162cafea4491708db6
2020-01-27tunnel: Common types for IP tunnelsNeale Ranns1-1/+2
Type: refactor Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I18dcdb7af3e327f6cacdbcb1e52b89f13d6ba6e2
2019-12-12ikev2: fix crash during SA rekeyFilip Tehlar1-0/+24
Type: fix Change-Id: Ib00ab9b2f28c0f4d85e96bf95697f61b8e415f37 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-12-03ipip: Tunnel flags controlling copying data to/from payload/encapNeale Ranns1-1/+2
Type: feature Signed-off-by: Neale Ranns <nranns@cisco.com> Change-Id: I9467f11775936754406892b8e9e275f989ac9b30
2019-11-22ikev2: install/remove ipsec tunnels from main threadFilip Tehlar1-65/+155
Type: fix Change-Id: I5ad27b05c34494c5a2ea28706130612b547aaf67 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-11-20ikev2: fix memory leak in child SAFilip Tehlar1-16/+15
traffic selector vector isn't freed when freeing child SA Type: fix Change-Id: Icf6c240db5093f45d141451bad6f6627a61821cf Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-11-04ikev2: fix traffic selector matchFilip Tehlar1-2/+2
Type: fix Change-Id: I81ab3dcd03f397b3d275da6cfa094e048ad92f95 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-10-22ikev2: fix GCM cipherFilip Tehlar1-104/+155
Type: fix Change-Id: I382499061ff4b1c2cc1b70ebbf9725ff0e1be325 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-10-09ikev2: fix dangling pointerFilip Tehlar1-13/+26
Type: fix Change-Id: I8aa9029e0a5cf21aa24a90b39eb2787653f65abb Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-10-03ipsec: initialize msgid and allow no dh in child saChristian E. Hopps1-14/+18
- set msgid to 0 not random. - allow for no DH in ESP child SA Ticket: VPP-1781 Type: fix Signed-off-by: Christian E. Hopps <chopps@chopps.org> Change-Id: Ibe26009d38f444eeaec5b042097f145d161c7672
2019-09-19ikev2: add support for GCM cipherFilip Tehlar1-0/+20
Type: feature Change-Id: Ic703015b55f0ae947e5e44b10b74b3c79efe7da6 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-09-06ikev2: fix crash during IKE SA Init exchangeFilip Tehlar1-6/+1
Type: fix Change-Id: If827fe348fe35d1221d29f91b7e6ea1624d13999 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
2019-05-16init / exit function orderingDave Barach1-9/+9
The vlib init function subsystem now supports a mix of procedural and formally-specified ordering constraints. We should eliminate procedural knowledge wherever possible. The following schemes are *roughly* equivalent: static clib_error_t *init_runs_first (vlib_main_t *vm) { clib_error_t *error; ... do some stuff... if ((error = vlib_call_init_function (init_runs_next))) return error; ... } VLIB_INIT_FUNCTION (init_runs_first); and static clib_error_t *init_runs_first (vlib_main_t *vm) { ... do some stuff... } VLIB_INIT_FUNCTION (init_runs_first) = { .runs_before = VLIB_INITS("init_runs_next"), }; The first form will [most likely] call "init_runs_next" on the spot. The second form means that "init_runs_first" runs before "init_runs_next," possibly much earlier in the sequence. Please DO NOT construct sets of init functions where A before B actually means A *right before* B. It's not necessary - simply combine A and B - and it leads to hugely annoying debugging exercises when trying to switch from ad-hoc procedural ordering constraints to formal ordering constraints. Change-Id: I5e4353503bf43b4acb11a45fb33c79a5ade8426c Signed-off-by: Dave Barach <dave@barachs.net>
2019-05-03plugins: clean up plugin descriptionsDave Wallace1-1/+1
- Make plugin descriptions more consistent so the output of "show plugin" can be used in the wiki. Change-Id: I4c6feb11e7dcc5a4cf0848eed37f1d3b035c7dda Signed-off-by: Dave Wallace <dwallacelf@gmail.com>
2019-02-25IKEv2 to pluginNeale Ranns1-0/+3487
for easy integration with ptoducts running their own Ike stack. Without the VPP IKE plugin loaded, the product is free to handle IKE packets as it pleases. Change-Id: Id0839f4d58b797f4c2da0382eb499fc08b05f66f Signed-off-by: Neale Ranns <nranns@cisco.com>