ligang/vpp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
13,289 Commits 30 Branches 141 Tags
01fe7ab88efe1771618358ee5e90f56996ba909e
Commit Graph

14 Commits

Author SHA1 Message Date
Damjan Marion
8bea589cfe vppinfra: make _vec_len() read-only 
Use of _vec_len() to set vector length breaks address sanitizer.
Users should use vec_set_len(), vec_inc_len(), vec_dec_len () instead.

Type: improvement
Change-Id: I441ae948771eb21c23a61f3ff9163bdad74a2cb8
Signed-off-by: Damjan Marion <damarion@cisco.com>
 2022-04-04 23:17:13 +00:00
Florin Coras
b040f98a88 misc: minimize dependencies on udp.h 
Type: improvement

Signed-off-by: Florin Coras <fcoras@cisco.com>
Change-Id: Id13f33843b230a1d169560742c4f7b2dc17d8718
 2020-10-21 10:56:34 +00:00
Neale Ranns
6e366be38f misc: Purge unused pg includes 
Type: style

Signed-off-by: Neale Ranns <nranns@cisco.com>
Change-Id: I26a19e42076e031ec5399d5ca05cb49fd6fbe1cd
 2020-10-07 16:05:16 +00:00
Filip Tehlar
558607dc3a ikev2: better packet parsing functions 
Ticket: VPP-1918
Type: improvement

Change-Id: I2bc3e30121697404dcd54f1c2127bd85ccc1029e
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2020-09-30 16:38:59 +00:00
Benoît Ganne
a8af7cf253 ikev2: fix memory leaks 
Type: fix

Change-Id: I5be19a4923b37e2636621d36155178ac348ee41c
Signed-off-by: Benoît Ganne <bganne@cisco.com>
 2020-09-28 17:08:47 +00:00
Filip Tehlar
a7b963df27 ikev2: add support for AES-GCM cipher in IKE 
Type: feature
Ticket: VPP-1920

Change-Id: I6e30f3594cb30553f3ca5a35e0a4f679325aacec
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2020-07-15 16:12:16 +00:00
Filip Tehlar
190983de61 ikev2: per thread usage of openssl context 
Type: refactor

Change-Id: I04af90b4d86c00092ce1732aeb3c0517af1808e0
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2020-07-07 08:18:57 +00:00
Filip Tehlar
336eac84eb ikev2: fix wrong usage of BN_bn2bin() 
This patch fixes 2 different crashes:

1) BN_bn2bin() returns bytes written, not actual key length. Use
  BN_bn2binpad() instead which adds padding.
2) Initiator may receive multiple sa-init responses for the same ispi
  which may result in crash. Remember first response and ignore any
  subsequent ones.

Type: fix

Change-Id: Ia1eac9167e3100a6894c0563ee70bab04f6a5f4f
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2020-03-26 12:32:59 +00:00
Filip Tehlar
8ebcb7a99d ikev2: better logging 
Type: refactor

Change-Id: Iedcb24684c54f4d78583ab3aa3db1097e73df248
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2020-02-10 11:57:37 +00:00
Filip Tehlar
c41217ab85 ikev2: fix GCM cipher 
Type: fix

Change-Id: I382499061ff4b1c2cc1b70ebbf9725ff0e1be325
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2019-10-22 14:05:04 +00:00
Christian E. Hopps
9a5aab34f5 ipsec: fix memleaks in ikev2 openssl code 
- Need to always free created contexts
- Always pair init with cleanup for older openssl API.

Type: fix
Signed-off-by: Christian E. Hopps <chopps@chopps.org>
Change-Id: Ie8840403bcac500c20085d57240401ad39d119f8
 2019-09-27 15:41:19 -04:00
Filip Tehlar
de2dd6c356 ikev2: add support for GCM cipher 
Type: feature
Change-Id: Ic703015b55f0ae947e5e44b10b74b3c79efe7da6
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
 2019-09-19 16:52:40 +00:00
Christian E. Hopps
04d26ee2a9 Fix Diffie-Hellman exchange with newer openssl API 
Change-Id: Id42a597c130d0053d074446e552a81c7264549e7
Signed-off-by: Christian E. Hopps <chopps@chopps.org>
 2019-05-22 11:26:30 +00:00
Neale Ranns
7c44d78ef2 IKEv2 to plugin 
for easy integration with ptoducts running their own Ike stack.
Without the VPP IKE plugin loaded, the product is free to handle
IKE packets as it pleases.

Change-Id: Id0839f4d58b797f4c2da0382eb499fc08b05f66f
Signed-off-by: Neale Ranns <nranns@cisco.com>
 2019-02-25 19:37:09 +00:00