Commit History

Autor SHA1 Mensaxe Data
  Dimitri Papadopoulos fe795bf5b3 Reorganize #include %!s(int64=3) %!d(string=hai) anos
  David Woodhouse 931bdf10b4 Split out construct_esp_packet() to avoid duplication %!s(int64=5) %!d(string=hai) anos
  David Woodhouse 8349cfdecd Add HMAC-SHA256-128 support for ESP %!s(int64=5) %!d(string=hai) anos
  David Woodhouse 347060a852 Consolidate common parts of setup_esp_keys() %!s(int64=5) %!d(string=hai) anos
  David Woodhouse 7f10000484 Generate ESP IV from previous packet instead of using RAND_bytes() %!s(int64=5) %!d(string=hai) anos
  David Woodhouse 7d5b9d7484 Reuse OpenSSL HMAC_CTX for ESP packets %!s(int64=5) %!d(string=hai) anos
  Daniel Lenski 4daac3fa2e Save latest ESP sequence number even if replay protection isn't in use %!s(int64=6) %!d(string=hai) anos
  Daniel Lenski 0ca5974685 add new_keys argument to esp_setup_keys() in preparation for supporting GlobalProtect ESP %!s(int64=7) %!d(string=hai) anos
  David Woodhouse d8b283f168 Fix build breakage in OpenSSL ESP %!s(int64=7) %!d(string=hai) anos
  Daniel Lenski b2b1dd0702 store length of ESP encryption and HMAC keys so that they can be manipulated separately for both Juniper and GP %!s(int64=7) %!d(string=hai) anos
  Piotr Kubaj 9c36560d3e Fix build with LibreSSL. %!s(int64=8) %!d(string=hai) anos
  David Woodhouse 585543bdd3 Fix crash in init_esp_ciphers with OpenSSL < 1.1 %!s(int64=8) %!d(string=hai) anos
  David Woodhouse e0689b5518 More OpenSSL 1.1 fixes %!s(int64=8) %!d(string=hai) anos
  David Woodhouse c547093744 Fix build with OpenSSL 1.1 (HEAD) %!s(int64=9) %!d(string=hai) anos
  David Woodhouse 7a8630498f Fix OpenSSL ESP HMAC calculation %!s(int64=9) %!d(string=hai) anos
  David Woodhouse 2c6174775f Accept packets on old ESP setup during changeover %!s(int64=9) %!d(string=hai) anos
  David Woodhouse 92e374fae4 Handle ESP rekeying %!s(int64=9) %!d(string=hai) anos
  David Woodhouse 22021bc51b Treat SPI as a uint32_t instead of char[] %!s(int64=9) %!d(string=hai) anos
  David Woodhouse c43d15b5e2 Add ESP support for OpenSSL %!s(int64=9) %!d(string=hai) anos