diff options
Diffstat (limited to 'Source/charon/encoding/payloads')
17 files changed, 28 insertions, 94 deletions
diff --git a/Source/charon/encoding/payloads/auth_payload.c b/Source/charon/encoding/payloads/auth_payload.c index 73e5abd5d..8adb6fd6d 100644 --- a/Source/charon/encoding/payloads/auth_payload.c +++ b/Source/charon/encoding/payloads/auth_payload.c @@ -116,11 +116,6 @@ encoding_rule_t auth_payload_encodings[] = { */ static status_t verify(private_auth_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->auth_method == 0) || ((this->auth_method >= 4) && (this->auth_method <= 200))) { diff --git a/Source/charon/encoding/payloads/cert_payload.c b/Source/charon/encoding/payloads/cert_payload.c index 10256cf8e..a361f1345 100644 --- a/Source/charon/encoding/payloads/cert_payload.c +++ b/Source/charon/encoding/payloads/cert_payload.c @@ -129,11 +129,6 @@ encoding_rule_t cert_payload_encodings[] = { */ static status_t verify(private_cert_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->cert_encoding == 0) || ((this->cert_encoding >= 14) && (this->cert_encoding <= 200))) { diff --git a/Source/charon/encoding/payloads/certreq_payload.c b/Source/charon/encoding/payloads/certreq_payload.c index 8058ff08f..b7372a7a2 100644 --- a/Source/charon/encoding/payloads/certreq_payload.c +++ b/Source/charon/encoding/payloads/certreq_payload.c @@ -109,11 +109,6 @@ encoding_rule_t certreq_payload_encodings[] = { */ static status_t verify(private_certreq_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->cert_encoding == 0) || ((this->cert_encoding >= 14) && (this->cert_encoding <= 200))) { diff --git a/Source/charon/encoding/payloads/cp_payload.c b/Source/charon/encoding/payloads/cp_payload.c index cca06d1b1..e9d8af77e 100644 --- a/Source/charon/encoding/payloads/cp_payload.c +++ b/Source/charon/encoding/payloads/cp_payload.c @@ -139,12 +139,6 @@ static status_t verify(private_cp_payload_t *this) { status_t status = SUCCESS; iterator_t *iterator; - - if (this->critical) - { - /* critical bit set! */ - return FAILED; - } iterator = this->attributes->create_iterator(this->attributes,TRUE); diff --git a/Source/charon/encoding/payloads/delete_payload.c b/Source/charon/encoding/payloads/delete_payload.c index 21f064e51..59d877945 100644 --- a/Source/charon/encoding/payloads/delete_payload.c +++ b/Source/charon/encoding/payloads/delete_payload.c @@ -121,11 +121,6 @@ encoding_rule_t delete_payload_encodings[] = { */ static status_t verify(private_delete_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->protocol_id == 0) || (this->protocol_id > 3)) { @@ -136,7 +131,7 @@ static status_t verify(private_delete_payload_t *this) { return FAILED; } - if ((this->protocol_id == IKE) && (this->spis.len != 0)) + if ((this->protocol_id == PROTO_IKE) && (this->spis.len != 0)) { /* IKE deletion has no spi assigned! */ return FAILED; @@ -318,7 +313,7 @@ delete_payload_t *delete_payload_create() this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length =DELETE_PAYLOAD_HEADER_LENGTH; - this->protocol_id = UNDEFINED_PROTOCOL_ID; + this->protocol_id = PROTO_NONE; this->spi_size = 0; this->spi_count = 0; this->spis = CHUNK_INITIALIZER; diff --git a/Source/charon/encoding/payloads/eap_payload.c b/Source/charon/encoding/payloads/eap_payload.c index f6f8426e0..2bd8d5ee0 100644 --- a/Source/charon/encoding/payloads/eap_payload.c +++ b/Source/charon/encoding/payloads/eap_payload.c @@ -101,11 +101,6 @@ encoding_rule_t eap_payload_encodings[] = { */ static status_t verify(private_eap_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } return SUCCESS; } diff --git a/Source/charon/encoding/payloads/encryption_payload.c b/Source/charon/encoding/payloads/encryption_payload.c index e642bb318..da48c8349 100644 --- a/Source/charon/encoding/payloads/encryption_payload.c +++ b/Source/charon/encoding/payloads/encryption_payload.c @@ -638,7 +638,6 @@ static void destroy(private_encryption_payload_t *this) current_payload->destroy(current_payload); } this->payloads->destroy(this->payloads); - charon->logger_manager->destroy_logger(charon->logger_manager, this->logger); allocator_free(this->encrypted.ptr); allocator_free(this->decrypted.ptr); allocator_free(this); @@ -677,10 +676,10 @@ encryption_payload_t *encryption_payload_create() this->compute_length = compute_length; this->generate = generate; this->parse = parse; - this->logger = charon->logger_manager->create_logger(charon->logger_manager, ENCRYPTION_PAYLOAD, NULL); + this->logger = charon->logger_manager->get_logger(charon->logger_manager, ENCRYPTION_PAYLOAD); /* set default values of the fields */ - this->critical = TRUE; + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = ENCRYPTION_PAYLOAD_HEADER_LENGTH; this->encrypted = CHUNK_INITIALIZER; diff --git a/Source/charon/encoding/payloads/id_payload.c b/Source/charon/encoding/payloads/id_payload.c index c720c7119..df37a06f5 100644 --- a/Source/charon/encoding/payloads/id_payload.c +++ b/Source/charon/encoding/payloads/id_payload.c @@ -119,11 +119,6 @@ encoding_rule_t id_payload_encodings[] = { */ static status_t verify(private_id_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->id_type == 0) || (this->id_type == 4) || ((this->id_type >= 6) && (this->id_type <= 8)) || diff --git a/Source/charon/encoding/payloads/ke_payload.c b/Source/charon/encoding/payloads/ke_payload.c index f1ba922ca..5cbf99b25 100644 --- a/Source/charon/encoding/payloads/ke_payload.c +++ b/Source/charon/encoding/payloads/ke_payload.c @@ -123,12 +123,6 @@ encoding_rule_t ke_payload_encodings[] = { */ static status_t verify(private_ke_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } - /* dh group is not verified in here */ return SUCCESS; } diff --git a/Source/charon/encoding/payloads/nonce_payload.c b/Source/charon/encoding/payloads/nonce_payload.c index 63f1adddd..aa71f8bf6 100644 --- a/Source/charon/encoding/payloads/nonce_payload.c +++ b/Source/charon/encoding/payloads/nonce_payload.c @@ -111,11 +111,6 @@ encoding_rule_t nonce_payload_encodings[] = { */ static status_t verify(private_nonce_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if ((this->nonce.len < 16) || ((this->nonce.len > 256))) { /* nonce length is wrong */ diff --git a/Source/charon/encoding/payloads/notify_payload.c b/Source/charon/encoding/payloads/notify_payload.c index ee4b44e9e..b26f89b39 100644 --- a/Source/charon/encoding/payloads/notify_payload.c +++ b/Source/charon/encoding/payloads/notify_payload.c @@ -25,6 +25,7 @@ #include "notify_payload.h" +#include <daemon.h> #include <encoding/payloads/encodings.h> #include <utils/allocator.h> @@ -105,6 +106,11 @@ struct private_notify_payload_t { chunk_t notification_data; /** + * Assigned logger + */ + logger_t *logger; + + /** * @brief Computes the length of this payload. * * @param this calling private_ke_payload_t object @@ -169,11 +175,6 @@ encoding_rule_t notify_payload_encodings[] = { */ static status_t verify(private_notify_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if (this->protocol_id > 3) { /* reserved for future use */ @@ -191,9 +192,20 @@ static status_t verify(private_notify_payload_t *this) return FAILED; } dh_group = ntohs(*((u_int16_t*)this->notification_data.ptr)); - if (dh_group < MODP_1024_BIT || dh_group > MODP_8192_BIT) + switch (dh_group) { - return FAILED; + case MODP_768_BIT: + case MODP_1024_BIT: + case MODP_1536_BIT: + case MODP_2048_BIT: + case MODP_3072_BIT: + case MODP_4096_BIT: + case MODP_6144_BIT: + case MODP_8192_BIT: + break; + default: + this->logger->log(this->logger, ERROR, "Bad DH group (%d)", dh_group); + return FAILED; } } return SUCCESS; @@ -402,7 +414,7 @@ notify_payload_t *notify_payload_create() this->compute_length = compute_length; /* set default values of the fields */ - this->critical = NOTIFY_PAYLOAD_CRITICAL_FLAG; + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = NOTIFY_PAYLOAD_HEADER_LENGTH; this->protocol_id = 0; @@ -412,6 +424,7 @@ notify_payload_t *notify_payload_create() this->spi_size = 0; this->notification_data.ptr = NULL; this->notification_data.len = 0; + this->logger = charon->logger_manager->get_logger(charon->logger_manager, PAYLOAD); return (&(this->public)); } diff --git a/Source/charon/encoding/payloads/notify_payload.h b/Source/charon/encoding/payloads/notify_payload.h index 148a8833f..093f99144 100644 --- a/Source/charon/encoding/payloads/notify_payload.h +++ b/Source/charon/encoding/payloads/notify_payload.h @@ -30,13 +30,6 @@ #include <utils/linked_list.h> /** - * Critical flag must not be set. - * - * @ingroup payloads - */ -#define NOTIFY_PAYLOAD_CRITICAL_FLAG FALSE; - -/** * Notify payload length in bytes without any spi and notification data. * * @ingroup payloads diff --git a/Source/charon/encoding/payloads/proposal_substructure.c b/Source/charon/encoding/payloads/proposal_substructure.c index 922dde40d..4ee2e91f4 100644 --- a/Source/charon/encoding/payloads/proposal_substructure.c +++ b/Source/charon/encoding/payloads/proposal_substructure.c @@ -620,7 +620,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * iterator->destroy(iterator); /* take over general infos */ - this->spi_size = proto == IKE ? 8 : 4; + this->spi_size = proto == PROTO_IKE ? 8 : 4; this->spi.len = this->spi_size; this->spi.ptr = allocator_alloc(this->spi_size); *((u_int32_t*)this->spi.ptr) = proposal->get_spi(proposal, proto); diff --git a/Source/charon/encoding/payloads/sa_payload.c b/Source/charon/encoding/payloads/sa_payload.c index 3a40d41b2..91049dd65 100644 --- a/Source/charon/encoding/payloads/sa_payload.c +++ b/Source/charon/encoding/payloads/sa_payload.c @@ -118,12 +118,6 @@ static status_t verify(private_sa_payload_t *this) status_t status = SUCCESS; iterator_t *iterator; bool first = TRUE; - - if (this->critical) - { - /* critical bit set! */ - return FAILED; - } /* check proposal numbering */ iterator = this->proposals->create_iterator(this->proposals,TRUE); @@ -269,7 +263,7 @@ static void add_proposal(private_sa_payload_t *this, proposal_t *proposal) proposal->get_protocols(proposal, proto); for (i = 0; i<2; i++) { - if (proto[i] != UNDEFINED_PROTOCOL_ID) + if (proto[i] != PROTO_NONE) { substructure = proposal_substructure_create_from_proposal(proposal, proto[i]); add_proposal_substructure(this, substructure); @@ -356,7 +350,7 @@ sa_payload_t *sa_payload_create() this->compute_length = compute_length; /* set default values of the fields */ - this->critical = SA_PAYLOAD_CRITICAL_FLAG; + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = SA_PAYLOAD_HEADER_LENGTH; diff --git a/Source/charon/encoding/payloads/sa_payload.h b/Source/charon/encoding/payloads/sa_payload.h index d7120ec4b..45095c030 100644 --- a/Source/charon/encoding/payloads/sa_payload.h +++ b/Source/charon/encoding/payloads/sa_payload.h @@ -29,13 +29,6 @@ #include <utils/linked_list.h> /** - * Critical flag must not be set. - * - * @ingroup payloads - */ -#define SA_PAYLOAD_CRITICAL_FLAG FALSE; - -/** * SA_PAYLOAD length in bytes without any proposal substructure. * * @ingroup payloads diff --git a/Source/charon/encoding/payloads/ts_payload.c b/Source/charon/encoding/payloads/ts_payload.c index 4bc6ccbc8..33a0cdab8 100644 --- a/Source/charon/encoding/payloads/ts_payload.c +++ b/Source/charon/encoding/payloads/ts_payload.c @@ -130,11 +130,6 @@ static status_t verify(private_ts_payload_t *this) iterator_t *iterator; status_t status = SUCCESS; - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } if (this->number_of_traffic_selectors != (this->traffic_selectors->get_count(this->traffic_selectors))) { /* must be the same */ diff --git a/Source/charon/encoding/payloads/vendor_id_payload.c b/Source/charon/encoding/payloads/vendor_id_payload.c index b598f604b..28f07608b 100644 --- a/Source/charon/encoding/payloads/vendor_id_payload.c +++ b/Source/charon/encoding/payloads/vendor_id_payload.c @@ -102,12 +102,6 @@ encoding_rule_t vendor_id_payload_encodings[] = { */ static status_t verify(private_vendor_id_payload_t *this) { - if (this->critical) - { - /* critical bit is set! */ - return FAILED; - } - return SUCCESS; } |