]> git.ipfire.org Git - thirdparty/strongswan.git/commit
projects / thirdparty / strongswan.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f717bb5) | patch
ha: Add support to sync IKE and Child SAs with multiple key exchanges
authorTobias Brunner <tobias@strongswan.org>
Thu, 5 Dec 2024 10:55:52 +0000 (11:55 +0100)
committerTobias Brunner <tobias@strongswan.org>
Fri, 28 Feb 2025 15:02:41 +0000 (16:02 +0100)
commite7848e36fa6ce0f6a19a233173fd302e7e86a5b2
treed88df464a84b34ef0ac54fc596e2c0ae518c3c7ftree
parentf717bb5249caea550bc6e2baeb09ca309ad83b39commit | diff
ha: Add support to sync IKE and Child SAs with multiple key exchanges

Synchronization for the additional transforms in the IKE and Child SA
proposals is added.  Details of the IKE_SA synchronization are changed
to support IKE_INTERMEDIATE exchanges that cause multiple HA_IKE_ADD
messages and key derivations.  The cache has been extended to handle
multiple such messages.

Co-authored-by: Thomas Egerer <thomas.egerer@secunet.com>
src/libcharon/plugins/ha/ha_cache.c diff | blob | blame | history
src/libcharon/plugins/ha/ha_child.c diff | blob | blame | history
src/libcharon/plugins/ha/ha_dispatcher.c diff | blob | blame | history
src/libcharon/plugins/ha/ha_ike.c diff | blob | blame | history
src/libcharon/plugins/ha/ha_message.c diff | blob | blame | history
src/libcharon/plugins/ha/ha_message.h diff | blob | blame | history
src/libcharon/sa/ikev2/tasks/child_create.c diff | blob | blame | history
src/libstrongswan/crypto/transform.h diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.