- implemented and tested cp_payload_t

9 files changed, 928 insertions, 0 deletions

diff --git a/Source/charon/encoding/payloads/Makefile.payloads b/Source/charon/encoding/payloads/Makefile.payloads
index 55215ab81..40d55d32a 100644
--- a/Source/charon/encoding/payloads/Makefile.payloads
+++ b/Source/charon/encoding/payloads/Makefile.payloads
@@ -57,6 +57,15 @@ $(BUILD_DIR)delete_payload.o :			$(PAYLOADS_DIR)delete_payload.c $(PAYLOADS_DIR)
 OBJS+= $(BUILD_DIR)vendor_id_payload.o
 $(BUILD_DIR)vendor_id_payload.o :		$(PAYLOADS_DIR)vendor_id_payload.c $(PAYLOADS_DIR)vendor_id_payload.h
 										$(CC) $(CFLAGS) -c -o $@ $<
+										
+OBJS+= $(BUILD_DIR)cp_payload.o
+$(BUILD_DIR)cp_payload.o :				$(PAYLOADS_DIR)cp_payload.c $(PAYLOADS_DIR)cp_payload.h
+										$(CC) $(CFLAGS) -c -o $@ $<
+										
+OBJS+= $(BUILD_DIR)configuration_attribute.o
+$(BUILD_DIR)configuration_attribute.o :	$(PAYLOADS_DIR)configuration_attribute.c $(PAYLOADS_DIR)configuration_attribute.h
+										$(CC) $(CFLAGS) -c -o $@ $<
+
 
 OBJS+= $(BUILD_DIR)ts_payload.o
 $(BUILD_DIR)ts_payload.o :				$(PAYLOADS_DIR)ts_payload.c $(PAYLOADS_DIR)ts_payload.h
diff --git a/Source/charon/encoding/payloads/configuration_attribute.c b/Source/charon/encoding/payloads/configuration_attribute.c
new file mode 100644
index 000000000..4f3294832
--- /dev/null
+++ b/Source/charon/encoding/payloads/configuration_attribute.c
@@ -0,0 +1,284 @@
+/**
+ * @file configuration_attribute.c
+ * 
+ * @brief Implementation of configuration_attribute_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+ 
+/* offsetof macro */
+#include <stddef.h>
+
+#include "configuration_attribute.h"
+
+#include <encoding/payloads/encodings.h>
+#include <types.h>
+#include <utils/allocator.h>
+
+
+typedef struct private_configuration_attribute_t private_configuration_attribute_t;
+
+/**
+ * Private data of an configuration_attribute_t object.
+ * 
+ */
+struct private_configuration_attribute_t {
+	/**
+	 * Public configuration_attribute_t interface.
+	 */
+	configuration_attribute_t public;
+	
+	/**
+	 * Type of the attribute.
+	 */
+	u_int16_t attribute_type;
+	
+	/**
+	 * Length of the attribute.
+	 */
+	u_int16_t attribute_length;
+	
+
+	/**
+	 * Attribute value as chunk.
+	 */
+	chunk_t attribute_value;
+};
+
+/** 
+ * String mappings for configuration_attribute_type_t.
+ */
+mapping_t configuration_attribute_type_m[] = {
+	{INTERNAL_IP4_ADDRESS, "INTERNAL_IP4_ADDRESS"},
+	{INTERNAL_IP4_NETMASK, "INTERNAL_IP4_NETMASK"},
+	{INTERNAL_IP4_DNS, "INTERNAL_IP4_DNS"},
+	{INTERNAL_IP4_NBNS, "INTERNAL_IP4_NBNS"},
+	{INTERNAL_ADDRESS_EXPIRY, "INTERNAL_ADDRESS_EXPIRY"},
+	{INTERNAL_IP4_DHCP, "INTERNAL_IP4_DHCP"},
+	{APPLICATION_VERSION, "APPLICATION_VERSION"},
+	{INTERNAL_IP6_ADDRESS, "INTERNAL_IP6_ADDRESS"},
+	{INTERNAL_IP6_DNS, "INTERNAL_IP6_DNS"},
+	{INTERNAL_IP6_NBNS, "INTERNAL_IP6_NBNS"},
+	{INTERNAL_IP6_DHCP, "INTERNAL_IP6_DHCP"},
+	{INTERNAL_IP4_SUBNET, "INTERNAL_IP4_SUBNET"},
+	{SUPPORTED_ATTRIBUTES, "SUPPORTED_ATTRIBUTES"},
+	{INTERNAL_IP6_SUBNET, "INTERNAL_IP6_SUBNET"},
+	{MAPPING_END, NULL}
+};
+
+
+/**
+ * Encoding rules to parse or generate a configuration attribute.
+ * 
+ * The defined offsets are the positions in a object of type 
+ * private_configuration_attribute_t.
+ * 
+ */
+encoding_rule_t configuration_attribute_encodings[] = {
+
+	{ RESERVED_BIT,	0																					},
+	/* type of the attribute as 15 bit unsigned integer */
+	{ ATTRIBUTE_TYPE,			offsetof(private_configuration_attribute_t, attribute_type)				},	
+	/* Length of attribute value */
+	{ CONFIGURATION_ATTRIBUTE_LENGTH,		offsetof(private_configuration_attribute_t, attribute_length)},
+	/* Value of attribute if attribute format flag is zero */
+	{ CONFIGURATION_ATTRIBUTE_VALUE,		offsetof(private_configuration_attribute_t, attribute_value)}
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !R|         Attribute Type      !            Length             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                                                               |
+      ~                             Value                             ~
+      |                                                               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+/**
+ * Implementation of payload_t.verify.
+ */
+static status_t verify(private_configuration_attribute_t *this)
+{
+	switch (this->attribute_type)
+	{
+         case INTERNAL_IP4_ADDRESS:
+         case INTERNAL_IP4_NETMASK:
+		 case INTERNAL_IP4_DNS:
+		 case INTERNAL_IP4_NBNS:
+		 case INTERNAL_ADDRESS_EXPIRY:
+		 case INTERNAL_IP4_DHCP:
+		 case APPLICATION_VERSION:
+		 case INTERNAL_IP6_ADDRESS:
+		 case INTERNAL_IP6_DNS:
+		 case INTERNAL_IP6_NBNS:
+		 case INTERNAL_IP6_DHCP:
+		 case INTERNAL_IP4_SUBNET:
+		 case SUPPORTED_ATTRIBUTES:
+		 case INTERNAL_IP6_SUBNET:
+		 {
+		 	/* Attribute types are not checked in here */
+		 	break;
+		 }
+		 default:
+		 	return FAILED;
+	}
+	
+	if (this->attribute_length != this->attribute_value.len)
+	{
+		return FAILED;
+	}
+	
+	return SUCCESS;
+}
+
+/**
+ * Implementation of payload_t.get_encoding_rules.
+ */
+static void get_encoding_rules(private_configuration_attribute_t *this, encoding_rule_t **rules, size_t *rule_count)
+{
+	*rules = configuration_attribute_encodings;
+	*rule_count = sizeof(configuration_attribute_encodings) / sizeof(encoding_rule_t);
+}
+
+/**
+ * Implementation of payload_t.get_type.
+ */
+static payload_type_t get_type(private_configuration_attribute_t *this)
+{
+	return CONFIGURATION_ATTRIBUTE;
+}
+
+/**
+ * Implementation of payload_t.get_next_type.
+ */
+static payload_type_t get_next_type(private_configuration_attribute_t *this)
+{
+	return (NO_PAYLOAD);
+}
+
+/**
+ * Implementation of payload_t.set_next_type.
+ */
+static void set_next_type(private_configuration_attribute_t *this,payload_type_t type)
+{
+}
+
+/**
+ * Implementation of configuration_attribute_t.get_length.
+ */
+static size_t get_length(private_configuration_attribute_t *this)
+{
+	return (this->attribute_value.len + CONFIGURATION_ATTRIBUTE_HEADER_LENGTH);
+}
+
+/**
+ * Implementation of configuration_attribute_t.set_value.
+ */
+static void set_value(private_configuration_attribute_t *this, chunk_t value)
+{
+	if (this->attribute_value.ptr != NULL)
+	{
+		/* free existing value */
+		allocator_free_chunk(&(this->attribute_value));		
+	}
+	
+	this->attribute_value.ptr = allocator_clone_bytes(value.ptr,value.len);
+	this->attribute_value.len = value.len;
+	
+	this->attribute_length = this->attribute_value.len;
+}
+
+/**
+ * Implementation of configuration_attribute_t.get_value.
+ */
+static chunk_t get_value (private_configuration_attribute_t *this)
+{
+	return this->attribute_value;
+}
+
+
+/**
+ * Implementation of configuration_attribute_t.set_attribute_type.
+ */
+static void set_attribute_type (private_configuration_attribute_t *this, u_int16_t type)
+{
+	this->attribute_type = type & 0x7FFF;
+}
+
+/**
+ * Implementation of configuration_attribute_t.get_attribute_type.
+ */
+static u_int16_t get_attribute_type (private_configuration_attribute_t *this)
+{
+	return this->attribute_type;
+}
+
+/**
+ * Implementation of configuration_attribute_t.get_attribute_length.
+ */
+static u_int16_t get_attribute_length (private_configuration_attribute_t *this)
+{
+	return this->attribute_length;
+}
+
+
+/**
+ * Implementation of configuration_attribute_t.destroy and payload_t.destroy.
+ */
+static void destroy(private_configuration_attribute_t *this)
+{
+	if (this->attribute_value.ptr != NULL)
+	{
+		allocator_free(this->attribute_value.ptr);
+	}	
+	allocator_free(this);
+}
+
+/*
+ * Described in header.
+ */
+configuration_attribute_t *configuration_attribute_create()
+{
+	private_configuration_attribute_t *this = allocator_alloc_thing(private_configuration_attribute_t);
+
+	/* payload interface */
+	this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
+	this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
+	this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
+	this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
+	this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
+	this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type;
+	this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
+	
+	/* public functions */
+	this->public.set_value = (void (*) (configuration_attribute_t *,chunk_t)) set_value;
+	this->public.get_value = (chunk_t (*) (configuration_attribute_t *)) get_value;
+	this->public.set_attribute_type = (void (*) (configuration_attribute_t *,u_int16_t type)) set_attribute_type;
+	this->public.get_attribute_type = (u_int16_t (*) (configuration_attribute_t *)) get_attribute_type;
+	this->public.get_attribute_length = (u_int16_t (*) (configuration_attribute_t *)) get_attribute_length;
+	this->public.destroy = (void (*) (configuration_attribute_t *)) destroy;
+	
+	/* set default values of the fields */
+	this->attribute_type = 0;
+	this->attribute_value = CHUNK_INITIALIZER;
+	this->attribute_length = 0;
+
+	return (&(this->public));
+}
diff --git a/Source/charon/encoding/payloads/configuration_attribute.h b/Source/charon/encoding/payloads/configuration_attribute.h
new file mode 100644
index 000000000..9d503c95f
--- /dev/null
+++ b/Source/charon/encoding/payloads/configuration_attribute.h
@@ -0,0 +1,146 @@
+/**
+ * @file configuration_attribute.h
+ * 
+ * @brief Interface of configuration_attribute_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef _CONFIGURATION_ATTRIBUTE_H_
+#define _CONFIGURATION_ATTRIBUTE_H_
+
+#include <types.h>
+#include <encoding/payloads/payload.h>
+
+
+
+/**
+ * Configuration attribute header length in bytes.
+ * 
+ * @ingroup payloads
+ */
+#define CONFIGURATION_ATTRIBUTE_HEADER_LENGTH 4
+
+
+typedef enum configuration_attribute_type_t configuration_attribute_type_t;
+
+/**
+ * Type of the attribute, as in IKEv2 draft 3.15.1.
+ * 
+ * @ingroup payloads
+ */
+enum configuration_attribute_type_t {
+	INTERNAL_IP4_ADDRESS = 1,
+	INTERNAL_IP4_NETMASK = 2,
+	INTERNAL_IP4_DNS = 3,
+	INTERNAL_IP4_NBNS = 4,
+	INTERNAL_ADDRESS_EXPIRY = 5,
+	INTERNAL_IP4_DHCP = 6,
+	APPLICATION_VERSION = 7,
+	INTERNAL_IP6_ADDRESS = 8,
+	INTERNAL_IP6_DNS = 10,
+	INTERNAL_IP6_NBNS = 11,
+	INTERNAL_IP6_DHCP = 12,
+	INTERNAL_IP4_SUBNET = 13,
+	SUPPORTED_ATTRIBUTES = 14,
+	INTERNAL_IP6_SUBNET = 15
+};
+
+/** 
+ * String mappings for configuration_attribute_type_t.
+ * 
+ * @ingroup payloads
+ */
+extern mapping_t configuration_attribute_type_m[];
+
+typedef struct configuration_attribute_t configuration_attribute_t;
+
+/**
+ * Object representing an IKEv2- CONFIGURATION Attribute.
+ * 
+ * The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1.
+ * 
+ * @ingroup payloads
+ */
+struct configuration_attribute_t {
+	/**
+	 * The payload_t interface.
+	 */
+	payload_t payload_interface;
+
+	/**
+	 * @brief Returns the currently set value of the attribute.
+	 * 	
+	 * @warning Returned data are not copied.
+	 * 
+	 * @param this 	calling configuration_attribute_t object
+	 * @return 		chunk_t pointing to the value
+	 */
+	chunk_t (*get_value) (configuration_attribute_t *this);
+	
+	/**
+	 * @brief Sets the value of the attribute.
+	 * 	
+	 * @warning Value is getting copied.
+	 * 
+	 * @param this 	calling configuration_attribute_t object
+	 * @param value chunk_t pointing to the value to set
+	 */
+	void (*set_value) (configuration_attribute_t *this, chunk_t value);
+
+	/**
+	 * @brief Sets the type of the attribute.
+	 * 	
+	 * @param this 	calling configuration_attribute_t object
+	 * @param type	type to set (most significant bit is set to zero)
+	 */
+	void (*set_attribute_type) (configuration_attribute_t *this, u_int16_t type);
+	
+	/**
+	 * @brief get the type of the attribute.
+	 * 	
+	 * @param this 	calling configuration_attribute_t object
+	 * @return 		type of the value
+	 */
+	u_int16_t (*get_attribute_type) (configuration_attribute_t *this);
+	
+	/**
+	 * @brief get the length of an attribute.
+	 * 	
+	 * @param this 	calling configuration_attribute_t object
+	 * @return 		type of the value
+	 */
+	u_int16_t (*get_attribute_length) (configuration_attribute_t *this);
+	
+	/**
+	 * @brief Destroys an configuration_attribute_t object.
+	 *
+	 * @param this 	configuration_attribute_t object to destroy
+	 */
+	void (*destroy) (configuration_attribute_t *this);
+};
+
+/**
+ * @brief Creates an empty configuration_attribute_t object.
+ * 
+ * @return			created configuration_attribute_t object
+ * 
+ * @ingroup payloads
+ */
+configuration_attribute_t *configuration_attribute_create();
+
+#endif /*_CONFIGURATION_ATTRIBUTE_H_*/
diff --git a/Source/charon/encoding/payloads/cp_payload.c b/Source/charon/encoding/payloads/cp_payload.c
new file mode 100644
index 000000000..1bd6764a1
--- /dev/null
+++ b/Source/charon/encoding/payloads/cp_payload.c
@@ -0,0 +1,313 @@
+/**
+ * @file cp_payload.c
+ * 
+ * @brief Implementation of cp_payload_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+ 
+/* offsetof macro */
+#include <stddef.h>
+
+#include "cp_payload.h"
+
+#include <encoding/payloads/encodings.h>
+#include <utils/allocator.h>
+#include <utils/linked_list.h>
+
+
+/** 
+ * String mappings for config_type_t.
+ */
+mapping_t config_type_m[] = {
+{CFG_REQUEST, "CFG_REQUEST"},
+{CFG_REPLY, "CFG_REPLY"},
+{CFG_SET, "CFG_SET"},
+{CFG_ACK, "CFG_ACK"},
+{MAPPING_END, NULL}
+};
+
+
+typedef struct private_cp_payload_t private_cp_payload_t;
+
+/**
+ * Private data of an cp_payload_t object.
+ * 
+ */
+struct private_cp_payload_t {
+	/**
+	 * Public cp_payload_t interface.
+	 */
+	cp_payload_t public;
+	
+	/**
+	 * Next payload type.
+	 */
+	u_int8_t  next_payload;
+
+	/**
+	 * Critical flag.
+	 */
+	bool critical;
+	
+	/**
+	 * Length of this payload.
+	 */
+	u_int16_t payload_length;
+	
+	/**
+	 * Configuration Attributes in this payload are stored in a linked_list_t.
+	 */
+	linked_list_t * attributes;
+	
+	/**
+	 * Config Type.
+	 */
+	u_int8_t config_type;
+	
+	/**
+	 * @brief Computes the length of this payload.
+	 *
+	 * @param this 	calling private_cp_payload_t object
+	 */
+	void (*compute_length) (private_cp_payload_t *this);
+};
+
+/**
+ * Encoding rules to parse or generate a IKEv2-CP Payload
+ * 
+ * The defined offsets are the positions in a object of type 
+ * private_cp_payload_t.
+ * 
+ */
+encoding_rule_t cp_payload_encodings[] = {
+ 	/* 1 Byte next payload type, stored in the field next_payload */
+	{ U_INT_8,		offsetof(private_cp_payload_t, next_payload) 			},
+	/* the critical bit */
+	{ FLAG,			offsetof(private_cp_payload_t, critical) 				},	
+ 	/* 7 Bit reserved bits, nowhere stored */
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	{ RESERVED_BIT,	0 														}, 
+	/* Length of the whole CP payload*/
+	{ PAYLOAD_LENGTH,		offsetof(private_cp_payload_t, payload_length) 	},	
+	/* Proposals are stored in a proposal substructure, 
+	   offset points to a linked_list_t pointer */
+	{ U_INT_8,		offsetof(private_cp_payload_t, config_type)				},
+	{ RESERVED_BYTE,0 														}, 
+	{ RESERVED_BYTE,0														}, 
+	{ RESERVED_BYTE,0														}, 	
+	{ CONFIGURATION_ATTRIBUTES,	offsetof(private_cp_payload_t, attributes)	}
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ! Next Payload  !C! RESERVED    !         Payload Length        !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !   CFG Type    !                    RESERVED                   !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                                                               !
+      ~                   Configuration Attributes                    ~
+      !                                                               !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+/**
+ * Implementation of payload_t.verify.
+ */
+static status_t verify(private_cp_payload_t *this)
+{
+	status_t status = SUCCESS;
+	iterator_t *iterator;
+	
+	if (this->critical)
+	{
+		/* critical bit set! */
+		return FAILED;
+	}
+
+	iterator = this->attributes->create_iterator(this->attributes,TRUE);
+	
+	while(iterator->has_next(iterator))
+	{
+		configuration_attribute_t *attribute;
+		iterator->current(iterator,(void **)&attribute);
+		status = attribute->payload_interface.verify(&(attribute->payload_interface));
+		if (status != SUCCESS)
+		{
+			break;
+		}
+	}
+	
+	iterator->destroy(iterator);
+	return status;
+}
+
+/**
+ * Implementation of payload_t.get_encoding_rules.
+ */
+static void get_encoding_rules(private_cp_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
+{
+	*rules = cp_payload_encodings;
+	*rule_count = sizeof(cp_payload_encodings) / sizeof(encoding_rule_t);
+}
+
+/**
+ * Implementation of payload_t.get_type.
+ */
+static payload_type_t get_type(private_cp_payload_t *this)
+{
+	return CONFIGURATION;
+}
+
+/**
+ * Implementation of payload_t.get_next_type.
+ */
+static payload_type_t get_next_type(private_cp_payload_t *this)
+{
+	return (this->next_payload);
+}
+
+/**
+ * Implementation of payload_t.set_next_type.
+ */
+static void set_next_type(private_cp_payload_t *this,payload_type_t type)
+{
+	this->next_payload = type;
+}
+
+/**
+ * Implementation of payload_t.get_length.
+ */
+static size_t get_length(private_cp_payload_t *this)
+{
+	this->compute_length(this);
+	return this->payload_length;
+}
+
+/**
+ * Implementation of cp_payload_t.create_configuration_attribute_iterator.
+ */
+static iterator_t *create_configuration_attribute_iterator (private_cp_payload_t *this,bool forward)
+{
+	return this->attributes->create_iterator(this->attributes,forward);
+}
+
+/**
+ * Implementation of cp_payload_t.add_proposal_substructure.
+ */
+static void add_configuration_attribute (private_cp_payload_t *this,configuration_attribute_t *attribute)
+{
+	this->attributes->insert_last(this->attributes,(void *) attribute);
+	this->compute_length(this);
+}
+
+/**
+ * Implementation of cp_payload_t.set_config_type.
+ */
+static void set_config_type (private_cp_payload_t *this,config_type_t config_type)
+{
+	this->config_type = config_type;
+}
+
+/**
+ * Implementation of cp_payload_t.get_config_type.
+ */
+static config_type_t get_config_type (private_cp_payload_t *this)
+{
+	return this->config_type;
+}
+
+/**
+ * Implementation of private_cp_payload_t.compute_length.
+ */
+static void compute_length (private_cp_payload_t *this)
+{
+	iterator_t *iterator;
+	size_t length = CP_PAYLOAD_HEADER_LENGTH;
+	iterator = this->attributes->create_iterator(this->attributes,TRUE);
+	while (iterator->has_next(iterator))
+	{
+		payload_t *current_attribute;
+		iterator->current(iterator,(void **) &current_attribute);
+		length += current_attribute->get_length(current_attribute);
+	}
+	iterator->destroy(iterator);
+	
+	this->payload_length = length;
+}
+
+/**
+ * Implementation of payload_t.destroy and cp_payload_t.destroy.
+ */
+static status_t destroy(private_cp_payload_t *this)
+{
+	/* all attributes are getting destroyed */ 
+	while (this->attributes->get_count(this->attributes) > 0)
+	{
+		configuration_attribute_t *current_attribute;
+		this->attributes->remove_last(this->attributes,(void **)&current_attribute);
+		current_attribute->destroy(current_attribute);
+	}
+	this->attributes->destroy(this->attributes);
+	
+	allocator_free(this);
+	
+	return SUCCESS;
+}
+
+/*
+ * Described in header.
+ */
+cp_payload_t *cp_payload_create()
+{
+	private_cp_payload_t *this = allocator_alloc_thing(private_cp_payload_t);
+	
+	/* public interface */
+	this->public.payload_interface.verify = (status_t (*) (payload_t *))verify;
+	this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules;
+	this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length;
+	this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type;
+	this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type;
+	this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type;
+	this->public.payload_interface.destroy = (void (*) (payload_t *))destroy;
+	
+	/* public functions */
+	this->public.create_configuration_attribute_iterator = (iterator_t* (*) (cp_payload_t *,bool)) create_configuration_attribute_iterator;
+	this->public.add_configuration_attribute = (void (*) (cp_payload_t *,configuration_attribute_t *)) add_configuration_attribute;
+	this->public.set_config_type = (void (*) (cp_payload_t *, config_type_t)) set_config_type;
+	this->public.get_config_type = (config_type_t (*) (cp_payload_t *)) get_config_type;
+	this->public.destroy = (void (*) (cp_payload_t *)) destroy;
+	
+	
+	/* private functions */
+	this->compute_length = compute_length;
+	
+	/* set default values of the fields */
+	this->critical = FALSE;
+	this->next_payload = NO_PAYLOAD;
+	this->payload_length = CP_PAYLOAD_HEADER_LENGTH;
+
+	this->attributes = linked_list_create();
+	return (&(this->public));
+}
diff --git a/Source/charon/encoding/payloads/cp_payload.h b/Source/charon/encoding/payloads/cp_payload.h
new file mode 100644
index 000000000..da7476840
--- /dev/null
+++ b/Source/charon/encoding/payloads/cp_payload.h
@@ -0,0 +1,119 @@
+/**
+ * @file cp_payload.h
+ * 
+ * @brief Interface of cp_payload_t.
+ * 
+ */
+
+/*
+ * Copyright (C) 2005 Jan Hutter, Martin Willi
+ * Hochschule fuer Technik Rapperswil
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#ifndef CP_PAYLOAD_H_
+#define CP_PAYLOAD_H_
+
+#include <types.h>
+#include <encoding/payloads/payload.h>
+#include <encoding/payloads/configuration_attribute.h>
+#include <utils/linked_list.h>
+#include <config/init_config.h>
+
+/**
+ * CP_PAYLOAD length in bytes without any proposal substructure.
+ * 
+ * @ingroup payloads
+ */
+#define CP_PAYLOAD_HEADER_LENGTH 8
+
+
+typedef enum config_type_t config_type_t;
+
+/**
+ * Config Type of an Configuration Payload.
+ * 
+ * @ingroup payloads
+ */
+enum config_type_t {
+	CFG_REQUEST = 1,
+	CFG_REPLY = 2,
+	CFG_SET = 3,
+	CFG_ACK = 4,
+};
+
+extern mapping_t config_type_m[];
+
+
+typedef struct cp_payload_t cp_payload_t;
+
+/**
+ * Class representing an IKEv2-CP Payload.
+ * 
+ * The CP Payload format is described in RFC section 3.15.
+ * 
+ * @ingroup payloads
+ */
+struct cp_payload_t {
+	/**
+	 * The payload_t interface.
+	 */
+	payload_t payload_interface;
+	
+	/**
+	 * @brief Creates an iterator of stored configuration_attribute_t objects.
+	 * 
+	 * @warning The created iterator has to get destroyed by the caller!
+	 * 
+	 * @warning When deleting an attribute using this iterator, 
+	 * 			the length of this configuration_attribute_t has to be refreshed 
+	 * 			by calling get_length()!
+	 *
+	 * @param this 			calling cp_payload_t object
+	 * @param[in] forward 	iterator direction (TRUE: front to end)
+	 * @return				created iterator_t object
+	 */
+	iterator_t *(*create_configuration_attribute_iterator) (cp_payload_t *this, bool forward);
+	
+	/**
+	 * @brief Adds a configuration_attribute_t object to this object.
+	 * 
+	 * @warning The added configuration_attribute_t object is 
+	 * 			getting destroyed in destroy function of cp_payload_t.
+	 *
+	 * @param this 		calling cp_payload_t object
+	 * @param attribute	configuration_attribute_t object to add
+	 */
+	void (*add_configuration_attribute) (cp_payload_t *this, configuration_attribute_t *attribute);
+	
+	void (*set_config_type) (cp_payload_t *this,config_type_t config_type);
+	
+	config_type_t (*get_config_type) (cp_payload_t *this);
+	
+	/**
+	 * @brief Destroys an cp_payload_t object.
+	 *
+	 * @param this 	cp_payload_t object to destroy
+	 */
+	void (*destroy) (cp_payload_t *this);
+};
+
+/**
+ * @brief Creates an empty cp_payload_t object
+ * 
+ * @return			created cp_payload_t object
+ * 
+ * @ingroup payloads
+ */
+cp_payload_t *cp_payload_create();
+
+#endif /*CP_PAYLOAD_H_*/
diff --git a/Source/charon/encoding/payloads/encodings.c b/Source/charon/encoding/payloads/encodings.c
index efd6d5993..035d71ada 100644
--- a/Source/charon/encoding/payloads/encodings.c
+++ b/Source/charon/encoding/payloads/encodings.c
@@ -58,5 +58,10 @@ mapping_t encoding_type_m[] = {
 	{CERTREQ_DATA, "CERTREQ_DATA"},
 	{SPIS, "SPIS"},
 	{VID_DATA, "VID_DATA"},
+	{VID_DATA, "VID_DATA"},	
+	{CONFIGURATION_ATTRIBUTES, "CONFIGURATION_ATTRIBUTES"},
+	{CONFIGURATION_ATTRIBUTE_LENGTH, "CONFIGURATION_ATTRIBUTE_LENGTH"},
+	{CONFIGURATION_ATTRIBUTE_VALUE, "CONFIGURATION_ATTRIBUTE_VALUE"},	
+	
 	{MAPPING_END, NULL}
 };
diff --git a/Source/charon/encoding/payloads/encodings.h b/Source/charon/encoding/payloads/encodings.h
index 39c6d31a1..1262a0cbe 100644
--- a/Source/charon/encoding/payloads/encodings.h
+++ b/Source/charon/encoding/payloads/encodings.h
@@ -245,6 +245,29 @@ enum encoding_type_t{
 	 * to be stored in the pointed linked_list.
 	 */	
 	TRANSFORM_ATTRIBUTES,
+
+	/**
+	 * Representating one or more Attributes of a configuration payload.
+	 * 
+	 * The offset points to a linked_list_t pointer.
+	 * 
+	 * When generating the configuration_attribute_t objects are stored 
+	 * in the pointed linked_list.
+	 * 
+	 * When parsing the parsed configuration_attribute_t objects have 
+	 * to be stored in the pointed linked_list.
+	 */		
+	CONFIGURATION_ATTRIBUTES,
+	
+	/**
+	 * 
+ 	 * When generating the content of the chunkt pointing to 
+ 	 * is written.
+	 * 
+	 * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to.
+	 */
+	CONFIGURATION_ATTRIBUTE_VALUE,
+	
 	/**
 	 * Representing a 1 Bit flag specifying the format of a transform attribute.
 	 * 
@@ -288,6 +311,20 @@ enum encoding_type_t{
 	ATTRIBUTE_LENGTH_OR_VALUE,
 
 	/**
+	 * This field contains the length or the value of an configuration attribute.
+	 * Its stored in a 16 unsigned integer field.
+	 * 
+	 * When generating it must be changed from host to network order.
+	 * The value is read from the associated data struct.
+ 	 * The current write position is moved 16 bit forward afterwards.
+	 * 
+	 * When parsing it must be changed from network to host order.
+	 * The value is written to the associated data struct.
+	 * The current read pointer is moved 16 bit forward afterwards.
+	 */
+	CONFIGURATION_ATTRIBUTE_LENGTH,
+
+	/**
 	 * Depending on the field of type ATTRIBUTE_FORMAT
 	 * this field is available or missing and so parsed/generated 
 	 * or not parsed/not generated.
diff --git a/Source/charon/encoding/payloads/payload.c b/Source/charon/encoding/payloads/payload.c
index ac50198cc..2ee8ee642 100644
--- a/Source/charon/encoding/payloads/payload.c
+++ b/Source/charon/encoding/payloads/payload.c
@@ -37,6 +37,8 @@
 #include <encoding/payloads/ts_payload.h>
 #include <encoding/payloads/delete_payload.h>
 #include <encoding/payloads/vendor_id_payload.h>
+#include <encoding/payloads/cp_payload.h>
+#include <encoding/payloads/configuration_attribute.h>
 
 /*
  * build the mappings for payload_type_t
@@ -64,6 +66,7 @@ mapping_t payload_type_m[] = {
 	{TRANSFORM_SUBSTRUCTURE, "TRANSFORM_SUBSTRUCTURE"},
 	{TRANSFORM_ATTRIBUTE, "TRANSFORM_ATTRIBUTE"},
 	{TRAFFIC_SELECTOR_SUBSTRUCTURE, "TRAFFIC_SELECTOR_SUBSTRUCTURE"},
+	{CONFIGURATION_ATTRIBUTE,"CONFIGURATION_ATTRIBUTE"},
 	{MAPPING_END, NULL}
 };
 
@@ -110,6 +113,10 @@ payload_t *payload_create(payload_type_t type)
 			return (payload_t*)delete_payload_create();
 		case VENDOR_ID:
 			return (payload_t*)vendor_id_payload_create();
+		case CONFIGURATION:
+			return (payload_t*)cp_payload_create();
+		case CONFIGURATION_ATTRIBUTE:
+			return (payload_t*)configuration_attribute_create();
 		case ENCRYPTED:
 			return (payload_t*)encryption_payload_create();
 		default:
diff --git a/Source/charon/encoding/payloads/payload.h b/Source/charon/encoding/payloads/payload.h
index 6fceaa2ad..5c9806dac 100644
--- a/Source/charon/encoding/payloads/payload.h
+++ b/Source/charon/encoding/payloads/payload.h
@@ -166,6 +166,14 @@ enum payload_type_t{
 	 * used internally to handle a transform selector like a payload.
 	 */	
 	TRAFFIC_SELECTOR_SUBSTRUCTURE = 144,
+	
+	/**
+	 * CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space.
+	 * 
+	 * This payload type is not send over wire and just 
+	 * used internally to handle a transform attribute like a payload.
+	 */
+	CONFIGURATION_ATTRIBUTE = 145,
 };