summary |
shortlog | log |
commit |
commitdiff |
tree
first ⋅ prev ⋅ next
Yuting.chen [Fri, 14 Jan 2022 06:03:15 +0000 (14:03 +0800)]
Initial commit
Seongsik Kim [Fri, 22 Jan 2021 04:43:06 +0000 (13:43 +0900)]
[APR-6839]libcharon: Provide a property option for rekeying
[JIRA]: SOC-130596
[Problem/Cause]: Depending on the carrier requirements,
messages should be checked to confirm pass/fail in
some test cases.
[Solution]: Provide a property that shows the oriGin
Session keys.
Change-Id: Ic5d28edf9c3ed805a020fff68c3662f6cc978c6e
Signed-off-by: Seongsik Kim <sz.kim@samsung.com>
Denis Vinogradov [Thu, 24 Dec 2020 01:06:24 +0000 (10:06 +0900)]
[APR-6626]return IKE termination cause to service
[JIRA]: SOC-126438
[Problem]: After DPD timeout connection is deleted but
framework retries to create connection on WiFi.
[Issue]: Service does not know termination cause and
could not make proper decision
[Solution]: Provide termination cause for IKE SA
Change-Id: Ie0e43055a489aba0456d6ef66136d4d5adfce15f
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Seungah Lim [Thu, 17 Dec 2020 02:40:34 +0000 (11:40 +0900)]
[APR-6542]libstrongswan: fix prevent issue (CID: 330540)
[Issue] S5E9815-5808
[Problem] CID 330540 Buffer not null terminated.
[Cause] buffer size warning : Calling strncpy with a maximun size
argument of 16 bytes on destination array this->if_name of size
might leave the destination string unterminated.
[Solution] fix prevent issue by updating strncpy.
Change-Id: I0735a44c82672d4903dc833676cc4bc02bb3f91a
Signed-off-by: Seungah Lim <sss.lim@samsung.com>
Denis Vinogradov [Wed, 2 Dec 2020 08:09:09 +0000 (17:09 +0900)]
[APR-6371]create XFRM device instead of tun if possible
If we can create XFRM vitrual device,
it is possible to link it to CHILD_SA.
It can allow to receive data packets
after binding to created adapter.
Note: adapter index will start with 10, i.e epdg10,
in case successful creation.
Change-Id: I47414bda1748bfda858e2395e4ce2ded7b50ac77
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Tue, 10 Nov 2020 07:14:33 +0000 (16:14 +0900)]
[APR-6039]set retransmit count for connection termination to 1
[JIRA]: RAMEN9610-21788
[Problem]: Connection termination takes 15 seconds.
It is too long and during that time user may
change settings.
[Issue]: Retransmit count for terminate is same as
for initiate and we need to wait until procedure
completed before send response to framework.
[Solution]: Set retransmit count to 1. If no response
received, close connection locally.
Change-Id: Ib5273fc1228e089e8e99beed057266db78dffafb
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Mon, 19 Oct 2020 08:04:47 +0000 (17:04 +0900)]
[APR-5834]rekey child SA instead of IKE SA for IP address change
[JIRA]: NEUS7920-26632
[Problem]: MO call failed after WiFi AP to AP handover
[Issue]: Child SA not re-installed on new IP address
because rekeying IKE SA does not update addresses
to childs.
[Solution]: Rekey CHILD SA instead of IKE SA rekeying
Change-Id: I6f4a38b8e06ae9c6fdd87805a3ed274296afaac1
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Mon, 28 Sep 2020 05:38:35 +0000 (14:38 +0900)]
[APR-5800]check interface name during MOBIKE procedure
[JIRA]: SOC-97122
[Problem]: Call dropped after moving from VoMobile to VoWiFi
[Issue]: MOBIKE address update not started because path
check message received on old interface. Due to long
delay call is dropped - RTP timeout
[Solution]: Check infterface of received packet. If interface
is not matched to expected start update procedure
Change-Id: I789112b28776a8840cdabd376cf2f605dca53086
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
sz.kim [Thu, 17 Sep 2020 10:38:41 +0000 (19:38 +0900)]
[APR-5656]kernel_netlink: Hide a Encryption/integrity key val
Change-Id: I010fbf93d7edd8ce29c755ea16b1f3bde165b016
Signed-off-by: sz.kim <sz.kim@samsung.com>
Seongsik Kim [Mon, 28 Sep 2020 08:45:43 +0000 (17:45 +0900)]
[APR-5544]libcharon: Check if the interface is available after terminate IKE SA
[Jira] NEUS7920-26406
[Problem] Even though there is no interface, a message is sent to the
server after IKE SA terminate.
[Cause] Send without checking if the interface is available.
[Solution] Check if the interface is available.
Change-Id: I5b4b9b7ae64bed4ce7f3bb091df40ad05da82ad4
Signed-off-by: Seongsik Kim <sz.kim@samsung.com>
Denis Vinogradov [Thu, 3 Sep 2020 08:49:49 +0000 (17:49 +0900)]
[APR-5172]add vendor specific notifies processing
[Issue] SOC-101097
[Problem/Cause] vendor specific notifies not supported.
[Solution] support to add vendor specific notifies processing.
Change-Id: I9a2eff352dd9ce6c15d5db4310221ab605f9516d
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Fri, 4 Sep 2020 04:21:33 +0000 (13:21 +0900)]
use count instead of length for request list
Change-Id: If9cd48244a91a36c38b2f1e4ad88cad37a4962d3
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Mon, 31 Aug 2020 05:01:58 +0000 (14:01 +0900)]
add TIMEOUT_PERIOD_FOR_LIVENESS_CHECK attribute support
Change-Id: I45856760eb2f84317b8b95b65f11b4e98e7b35f3
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Wed, 26 Aug 2020 06:01:57 +0000 (15:01 +0900)]
add configurable vendor attributes and notifies lists
Request and response
Change-Id: Ibdab0e2bf9a22fc427c64c7cbf9b66bf85cc84a5
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Seongsik Kim [Wed, 19 Aug 2020 05:46:31 +0000 (14:46 +0900)]
Hide the orGin session key value.
[Problem]: There is a security risk due to the oriGinal
session key code displayed through the debug message.
[Solution]: Encrypted the oriGinal session key by using a public key.
Change-Id: I2ff5557fa751bf5b5c067a57f45a87759a599390
Signed-off-by: Seongsik Kim <sz.kim@samsung.com>
Denis Vinogradov [Tue, 25 Aug 2020 04:42:12 +0000 (13:42 +0900)]
provide IKE_SA name as parameter to authenticator
[JIRA]: NEUS7920-25337
[Problem]: Could not create connection for SIM1
[Issue]: SIM1 and SIM2 authentication stated same time
and last incoming request overwrite previous
authenticator saved connection name. Both requests
were sent to SIM2, and error received from SIM for
SIM1 challenge request.
[Solution]: Remove authenticator pluGin name, add IKE_SA
name as parameter to request
Change-Id: I68531d629ad5a7b6b81984a195efea77fff38e37
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Thu, 16 Jul 2020 01:34:24 +0000 (10:34 +0900)]
add SET_INTERFACE command to stroke
Change-Id: Ie3b34f88a4c4ed38a4a4ec139047cb60e0cfa5f5
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Thu, 13 Aug 2020 04:26:44 +0000 (13:26 +0900)]
disable installing routes with add policy
Problem: incorrect route created, it may cause
routing failure for outgoing packets
Change-Id: I2c63314e1863bd2039bdcadb95e151e3076055c1
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Mon, 29 Jun 2020 03:36:52 +0000 (12:36 +0900)]
configurable retransmit tries added
Change-Id: I2ed22b327b699a821daee00cd082ffe4cfb7c7d5
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Denis Vinogradov [Mon, 8 Jun 2020 03:11:35 +0000 (12:11 +0900)]
remove direct modification of identity, use value from service
For RFC822_ADDR MAC address could be used in IKE_SA identity,
EAP indentity should exclude MAC. Remove modification to change
indentity in code, use eap_identity field in add_conn.
Change-Id: I1f3197583dccf5208ca7e13c4210a6b45de18044
Signed-off-by: Denis Vinogradov <denis.vinogradov@samsung.com>
Seungah Lim [Fri, 26 Jun 2020 07:53:01 +0000 (16:53 +0900)]
Initial changes for strongswan to support IWLAN features
Change-Id: I7c1a181ef6a60427e3c683a3b16063965b6e78d6
Signed-off-by: Seungah Lim <sss.lim@samsung.com>
Sundong Ahn [Fri, 5 Jun 2020 02:25:58 +0000 (11:25 +0900)]
Initial empty repository
projects / GitHub / MotorolaMobilityLLC / external-strongswan.git / log