aboutsummaryrefslogtreecommitdiffstats
path: root/src/plugins/ikev2
AgeCommit message (Expand)AuthorFilesLines
2020-10-13ikev2: fix initial contact cleanupFilip Tehlar2-306/+562
2020-10-13ikev2: fix coverity warningFilip Tehlar1-5/+21
2020-10-13ikev2: fix memory leak in auth routineFilip Tehlar1-0/+4
2020-10-07misc: Purge unused pg includesNeale Ranns3-3/+0
2020-10-05ikev2: support ipv6 traffic selectors & overlayFilip Tehlar11-380/+695
2020-10-02ikev2: fix leaking pending INIT requestsFilip Tehlar1-0/+16
2020-10-02ikev2: fix cli memory leakBenoît Ganne1-30/+40
2020-09-30ikev2: fix issue when decrypting packet with no keysFilip Tehlar1-1/+1
2020-10-01ikev2: refactor ikev2 nodeFilip Tehlar1-407/+359
2020-09-30ikev2: better packet parsing functionsFilip Tehlar7-274/+596
2020-09-30ikev2: show IKE SA command improvementsFilip Tehlar1-95/+169
2020-09-29ikev2: fix false positive NAT detectionFilip Tehlar1-18/+13
2020-09-28ikev2: fix memory leaksBenoît Ganne2-3/+21
2020-09-10ikev2: fix copy-paste error when freeing memoryFilip Tehlar1-1/+1
2020-09-11ikev2: fix memory leaksBenoît Ganne1-7/+20
2020-07-28ikev2: fix session re-initiate after SA expiresFilip Tehlar2-1/+3
2020-07-24ikev2: add SA dump APIjan_cavojsky5-6/+907
2020-07-23ikev2: add global message length checkBenoît Ganne1-96/+89
2020-07-20ikev2: refactor and test profile dump APIFilip Tehlar9-129/+340
2020-07-16ikev2: fix race condition in child_sa updateBenoît Ganne1-0/+3
2020-07-15ikev2: add support for AES-GCM cipher in IKEFilip Tehlar6-120/+345
2020-07-14ikev2: API downgrade due to lack of ikev2 testsFilip Tehlar1-19/+17
2020-07-07ikev2: per thread usage of openssl contextFilip Tehlar3-77/+47
2020-07-06ikev2: add profile dump APIJan Cavojsky6-0/+436
2020-07-06ikev2: add more ikev2 testsFilip Tehlar1-18/+135
2020-07-02ikev2: use remote proposals when installing tunnelFilip Tehlar1-2/+2
2020-06-30tests: ikev2: add nat traversal & cert based auth testFilip Tehlar6-49/+253
2020-06-27ikev2: add FEATURE.yamlBenoît Ganne1-0/+17
2020-06-27ikev2: remove unused fieldFilip Tehlar1-1/+0
2020-06-18ikev2: use both local and remote ID for profile lookupFilip Tehlar2-22/+50
2020-06-18tests: add ikev2 test framework with basic test caseFilip Tehlar2-0/+651
2020-06-15ikev2: announce both 'ESN' and 'No ESN'Filip Tehlar1-1/+0
2020-06-11ikev2: don't add DH group in ESP transform proposalsFilip Tehlar2-10/+10
2020-06-04ikev2: session cleanup after profile is deletedFilip Tehlar2-52/+119
2020-06-02ikev2: remove unused hash computationFilip Tehlar1-4/+1
2020-05-15ikev2: add support for NAT traversalFilip Tehlar4-82/+286
2020-05-14ikev2: use u32 in unformatFilip Tehlar1-1/+1
2020-05-13ikev2: fix removing of expired SAsFilip Tehlar1-1/+1
2020-05-05ipsec: User can choose the UDP source portNeale Ranns1-2/+2
2020-05-05ikev2: remove sa from main threadFilip Tehlar1-17/+29
2020-05-04ikev2: fix string in apiFilip Tehlar1-1/+1
2020-04-30ikev2: use thread local vlib_main in vlib_time_nowFilip Tehlar1-13/+9
2020-04-07ikev2: make liveness params configurableFilip Tehlar7-4/+130
2020-04-06ikev2: fix wrong index computationFilip Tehlar1-1/+1
2020-03-31ikev2: fix crash during peer live checkFilip Tehlar1-1/+8
2020-03-26ikev2: fix wrong usage of BN_bn2bin()Filip Tehlar3-12/+56
2020-03-26ikev2: dead peer detectionFilip Tehlar2-4/+95
2020-03-25ikev2: fix gcm in ike protocolFilip Tehlar1-1/+1
2020-03-23ikev2: fix typo in .api descriptionVratko Polak1-2/+1
2020-03-21ikev2: fix l2 interfaceFilip Tehlar1-2/+4
class="cp"> &_qzz_leaked, &_qzz_dubious, \ &_qzz_reachable, &_qzz_suppressed, 0); \ leaked = _qzz_leaked; \ dubious = _qzz_dubious; \ reachable = _qzz_reachable; \ suppressed = _qzz_suppressed; \ } /* Return number of leaked, dubious, reachable and suppressed bytes found by all previous leak checks. They must be lvalues. */ #define VALGRIND_COUNT_LEAK_BLOCKS(leaked, dubious, reachable, suppressed) \ /* For safety on 64-bit platforms we assign the results to private unsigned long variables, then assign these to the lvalues the user specified, which works no matter what type 'leaked', 'dubious', etc are. We also initialise '_qzz_leaked', etc because VG_USERREQ__COUNT_LEAKS doesn't mark the values returned as defined. */ \ {unsigned long _qzz_res; \ unsigned long _qzz_leaked = 0, _qzz_dubious = 0; \ unsigned long _qzz_reachable = 0, _qzz_suppressed = 0; \ VALGRIND_DO_CLIENT_REQUEST(_qzz_res, 0, \ VG_USERREQ__COUNT_LEAK_BLOCKS, \ &_qzz_leaked, &_qzz_dubious, \ &_qzz_reachable, &_qzz_suppressed, 0); \ leaked = _qzz_leaked; \ dubious = _qzz_dubious; \ reachable = _qzz_reachable; \ suppressed = _qzz_suppressed; \ } /* Get the validity data for addresses [zza..zza+zznbytes-1] and copy it into the provided zzvbits array. Return values: 0 if not running on valgrind 1 success 2 [previously indicated unaligned arrays; these are now allowed] 3 if any parts of zzsrc/zzvbits are not addressable. The metadata is not copied in cases 0, 2 or 3 so it should be impossible to segfault your system by using this call. */ #define VALGRIND_GET_VBITS(zza,zzvbits,zznbytes) \ (__extension__({unsigned long _qzz_res; \ char* czza = (char*)zza; \ char* czzvbits = (char*)zzvbits; \ VALGRIND_DO_CLIENT_REQUEST(_qzz_res, 0, \ VG_USERREQ__GET_VBITS, \ czza, czzvbits, zznbytes, 0, 0 ); \ _qzz_res; \ })) /* Set the validity data for addresses [zza..zza+zznbytes-1], copying it from the provided zzvbits array. Return values: 0 if not running on valgrind 1 success 2 [previously indicated unaligned arrays; these are now allowed] 3 if any parts of zza/zzvbits are not addressable. The metadata is not copied in cases 0, 2 or 3 so it should be impossible to segfault your system by using this call. */ #define VALGRIND_SET_VBITS(zza,zzvbits,zznbytes) \ (__extension__({unsigned int _qzz_res; \ char* czza = (char*)zza; \ char* czzvbits = (char*)zzvbits; \ VALGRIND_DO_CLIENT_REQUEST(_qzz_res, 0, \ VG_USERREQ__SET_VBITS, \ czza, czzvbits, zznbytes, 0, 0 ); \ _qzz_res; \ })) #endif /* * fd.io coding-style-patch-verification: ON * * Local Variables: * eval: (c-set-style "gnu") * End: */