From e9b55b832546d05f464bdddbe779ed21cd17b624 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 11:27:55 +0100 Subject: Simplify signature of get_encoding_rules(), make all rules static --- src/libcharon/encoding/payloads/configuration_attribute.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index e608497bd..a657ef13a 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -62,7 +62,7 @@ struct private_configuration_attribute_t { * The defined offsets are the positions in a object of type * private_configuration_attribute_t. */ -encoding_rule_t configuration_attribute_encodings[] = { +static encoding_rule_t encodings[] = { /* 1 reserved bit */ { RESERVED_BIT, offsetof(private_configuration_attribute_t, reserved)}, /* type of the attribute as 15 bit unsigned integer */ @@ -154,12 +154,11 @@ METHOD(payload_t, verify, status_t, return SUCCESS; } -METHOD(payload_t, get_encoding_rules, void, - private_configuration_attribute_t *this, encoding_rule_t **rules, - size_t *rule_count) +METHOD(payload_t, get_encoding_rules, int, + private_configuration_attribute_t *this, encoding_rule_t **rules) { - *rules = configuration_attribute_encodings; - *rule_count = countof(configuration_attribute_encodings); + *rules = encodings; + return countof(encodings); } METHOD(payload_t, get_type, payload_type_t, -- cgit v1.2.3 From 38fb67fbf18489f40845b072e4ed50b1f6cf0c9c Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 11:27:46 +0000 Subject: Add a payload.get_header_length() method, remove header length definitions --- src/libcharon/encoding/payloads/configuration_attribute.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index a657ef13a..8746b9b9e 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -161,6 +161,12 @@ METHOD(payload_t, get_encoding_rules, int, return countof(encodings); } +METHOD(payload_t, get_header_length, int, + private_configuration_attribute_t *this) +{ + return 4; +} + METHOD(payload_t, get_type, payload_type_t, private_configuration_attribute_t *this) { @@ -181,7 +187,7 @@ METHOD(payload_t, set_next_type, void, METHOD(payload_t, get_length, size_t, private_configuration_attribute_t *this) { - return this->value.len + CONFIGURATION_ATTRIBUTE_HEADER_LENGTH; + return get_header_length(this) + this->value.len; } METHOD(configuration_attribute_t, get_cattr_type, configuration_attribute_type_t, @@ -215,6 +221,7 @@ configuration_attribute_t *configuration_attribute_create() .payload_interface = { .verify = _verify, .get_encoding_rules = _get_encoding_rules, + .get_header_length = _get_header_length, .get_length = _get_length, .get_next_type = _get_next_type, .set_next_type = _set_next_type, -- cgit v1.2.3 From 95a26523afc0d2a997cd1d4f738c287ae045ae4e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 14:20:16 +0000 Subject: Use a generic encoding type for all variable length chunks --- src/libcharon/encoding/payloads/configuration_attribute.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index 8746b9b9e..88e43fa3d 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -70,7 +70,7 @@ static encoding_rule_t encodings[] = { /* Length of attribute value */ { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length) }, /* Value of attribute if attribute format flag is zero */ - { CONFIGURATION_ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) } + { CHUNK_DATA, offsetof(private_configuration_attribute_t, value) } }; /* -- cgit v1.2.3 From 017d98bf39e3824829cf17be1723b460a2ddeb4e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 23 Nov 2011 11:26:04 +0100 Subject: Merged IKEv1 attribute payload/data into configuration payload/attribute --- .../encoding/payloads/configuration_attribute.c | 144 +++++++++++++++------ 1 file changed, 106 insertions(+), 38 deletions(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index 88e43fa3d..58173077d 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -36,41 +36,48 @@ struct private_configuration_attribute_t { configuration_attribute_t public; /** - * Reserved bit + * Value encoded in length field? + */ + bool af_flag; + + /** + * Reserved bit (af_flag in IKEv2) */ bool reserved; /** * Type of the attribute. */ - u_int16_t type; + u_int16_t attr_type; /** - * Length of the attribute. + * Length of the attribute, value if af_flag set. */ - u_int16_t length; + u_int16_t length_or_value; /** * Attribute value as chunk. */ chunk_t value; + + /** + * Payload type, CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1 + */ + payload_type_t type; }; /** - * Encoding rules to parse or generate a configuration attribute. - * - * The defined offsets are the positions in a object of type - * private_configuration_attribute_t. + * Encoding rules for a IKEv2 configuration attribute / IKEv1 data attribute */ -static encoding_rule_t encodings[] = { +static encoding_rule_t encodings_v2[] = { /* 1 reserved bit */ - { RESERVED_BIT, offsetof(private_configuration_attribute_t, reserved)}, + { RESERVED_BIT, offsetof(private_configuration_attribute_t, reserved) }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, type) }, + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, /* Length of attribute value */ - { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length) }, + { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length_or_value)}, /* Value of attribute if attribute format flag is zero */ - { CHUNK_DATA, offsetof(private_configuration_attribute_t, value) } + { CHUNK_DATA, offsetof(private_configuration_attribute_t, value) }, }; /* @@ -85,18 +92,39 @@ static encoding_rule_t encodings[] = { +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ +/** + * Encoding rules for a IKEv1 data attribute + */ +static encoding_rule_t encodings_v1[] = { + /* AF Flag */ + { FLAG, offsetof(private_configuration_attribute_t, af_flag) }, + /* type of the attribute as 15 bit unsigned integer */ + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, type) }, + /* Length of attribute value */ + { ATTRIBUTE_LENGTH_OR_VALUE, offsetof(private_configuration_attribute_t, length_or_value)}, + /* Value of attribute if attribute format flag is zero */ + { ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) }, +}; + +/* + 1 2 3 + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + !F| Attribute Type ! Length | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + | | + ~ Value ~ + | | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +*/ + + METHOD(payload_t, verify, status_t, private_configuration_attribute_t *this) { bool failed = FALSE; - if (this->length != this->value.len) - { - DBG1(DBG_ENC, "invalid attribute length"); - return FAILED; - } - - switch (this->type) + switch (this->attr_type) { case INTERNAL_IP4_ADDRESS: case INTERNAL_IP4_NETMASK: @@ -104,20 +132,20 @@ METHOD(payload_t, verify, status_t, case INTERNAL_IP4_NBNS: case INTERNAL_ADDRESS_EXPIRY: case INTERNAL_IP4_DHCP: - if (this->length != 0 && this->length != 4) + if (this->length_or_value != 0 && this->length_or_value != 4) { failed = TRUE; } break; case INTERNAL_IP4_SUBNET: - if (this->length != 0 && this->length != 8) + if (this->length_or_value != 0 && this->length_or_value != 8) { failed = TRUE; } break; case INTERNAL_IP6_ADDRESS: case INTERNAL_IP6_SUBNET: - if (this->length != 0 && this->length != 17) + if (this->length_or_value != 0 && this->length_or_value != 17) { failed = TRUE; } @@ -125,13 +153,13 @@ METHOD(payload_t, verify, status_t, case INTERNAL_IP6_DNS: case INTERNAL_IP6_NBNS: case INTERNAL_IP6_DHCP: - if (this->length != 0 && this->length != 16) + if (this->length_or_value != 0 && this->length_or_value != 16) { failed = TRUE; } break; case SUPPORTED_ATTRIBUTES: - if (this->length % 2) + if (this->length_or_value % 2) { failed = TRUE; } @@ -141,14 +169,15 @@ METHOD(payload_t, verify, status_t, break; default: DBG1(DBG_ENC, "unknown attribute type %N", - configuration_attribute_type_names, this->type); + configuration_attribute_type_names, this->attr_type); break; } if (failed) { DBG1(DBG_ENC, "invalid attribute length %d for %N", - this->length, configuration_attribute_type_names, this->type); + this->length_or_value, configuration_attribute_type_names, + this->attr_type); return FAILED; } return SUCCESS; @@ -157,8 +186,13 @@ METHOD(payload_t, verify, status_t, METHOD(payload_t, get_encoding_rules, int, private_configuration_attribute_t *this, encoding_rule_t **rules) { - *rules = encodings; - return countof(encodings); + if (this->type == CONFIGURATION_ATTRIBUTE) + { + *rules = encodings_v2; + return countof(encodings_v2); + } + *rules = encodings_v1; + return countof(encodings_v1); } METHOD(payload_t, get_header_length, int, @@ -170,7 +204,7 @@ METHOD(payload_t, get_header_length, int, METHOD(payload_t, get_type, payload_type_t, private_configuration_attribute_t *this) { - return CONFIGURATION_ATTRIBUTE; + return this->type; } METHOD(payload_t, get_next_type, payload_type_t, @@ -193,15 +227,29 @@ METHOD(payload_t, get_length, size_t, METHOD(configuration_attribute_t, get_cattr_type, configuration_attribute_type_t, private_configuration_attribute_t *this) { - return this->type; + return this->attr_type; } -METHOD(configuration_attribute_t, get_value, chunk_t, +METHOD(configuration_attribute_t, get_chunk, chunk_t, private_configuration_attribute_t *this) { + if (this->af_flag) + { + return chunk_from_thing(this->length_or_value); + } return this->value; } +METHOD(configuration_attribute_t, get_value, u_int16_t, + private_configuration_attribute_t *this) +{ + if (this->af_flag) + { + return this->length_or_value; + } + return 0; +} + METHOD2(payload_t, configuration_attribute_t, destroy, void, private_configuration_attribute_t *this) { @@ -212,7 +260,7 @@ METHOD2(payload_t, configuration_attribute_t, destroy, void, /* * Described in header. */ -configuration_attribute_t *configuration_attribute_create() +configuration_attribute_t *configuration_attribute_create(payload_type_t type) { private_configuration_attribute_t *this; @@ -228,26 +276,46 @@ configuration_attribute_t *configuration_attribute_create() .get_type = _get_type, .destroy = _destroy, }, + .get_chunk = _get_chunk, .get_value = _get_value, .get_type = _get_cattr_type, .destroy = _destroy, }, + .type = type ); return &this->public; } +/* + * Described in header. + */ +configuration_attribute_t *configuration_attribute_create_chunk( + payload_type_t type, configuration_attribute_type_t attr_type, chunk_t chunk) +{ + private_configuration_attribute_t *this; + + this = (private_configuration_attribute_t*) + configuration_attribute_create(type); + this->attr_type = ((u_int16_t)attr_type) & 0x7FFF; + this->value = chunk_clone(chunk); + this->length_or_value = chunk.len; + + return &this->public; +} + /* * Described in header. */ configuration_attribute_t *configuration_attribute_create_value( - configuration_attribute_type_t type, chunk_t value) + configuration_attribute_type_t attr_type, u_int16_t value) { private_configuration_attribute_t *this; - this = (private_configuration_attribute_t*)configuration_attribute_create(); - this->type = ((u_int16_t)type) & 0x7FFF; - this->value = chunk_clone(value); - this->length = value.len; + this = (private_configuration_attribute_t*) + configuration_attribute_create(CONFIGURATION_ATTRIBUTE_V1); + this->attr_type = ((u_int16_t)attr_type) & 0x7FFF; + this->length_or_value = value; + this->af_flag = TRUE; return &this->public; } -- cgit v1.2.3 From ece4ed3fcda19e4a8e4c3d017e0f270c5dd62593 Mon Sep 17 00:00:00 2001 From: Clavister OpenSource Date: Thu, 24 Nov 2011 11:33:38 +0100 Subject: IKEv1 ConfigMode: Fix configuration_attribute encoding rules for IKEv1 to use the attribute type instead of the internal only payload type. --- src/libcharon/encoding/payloads/configuration_attribute.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index 58173077d..fe2e42bc4 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -99,7 +99,7 @@ static encoding_rule_t encodings_v1[] = { /* AF Flag */ { FLAG, offsetof(private_configuration_attribute_t, af_flag) }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, type) }, + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, /* Length of attribute value */ { ATTRIBUTE_LENGTH_OR_VALUE, offsetof(private_configuration_attribute_t, length_or_value)}, /* Value of attribute if attribute format flag is zero */ -- cgit v1.2.3 From c9e5998d7f3583e9b2282c716c5c7f8a2dd26e25 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 9 Dec 2011 14:54:23 +0100 Subject: Interpret attribute format correctly in IKEv1 configuration format --- src/libcharon/encoding/payloads/configuration_attribute.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index fe2e42bc4..bcb89c515 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -97,9 +97,9 @@ static encoding_rule_t encodings_v2[] = { */ static encoding_rule_t encodings_v1[] = { /* AF Flag */ - { FLAG, offsetof(private_configuration_attribute_t, af_flag) }, + { ATTRIBUTE_FORMAT, offsetof(private_configuration_attribute_t, af_flag) }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, /* Length of attribute value */ { ATTRIBUTE_LENGTH_OR_VALUE, offsetof(private_configuration_attribute_t, length_or_value)}, /* Value of attribute if attribute format flag is zero */ -- cgit v1.2.3 From 9626164e9aa042bb74907577c861ddc8aa36191b Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 9 Dec 2011 14:57:51 +0100 Subject: Don't complain when receiving XAuth or Unity configuration attributes --- .../encoding/payloads/configuration_attribute.c | 53 ++++++++++++++++------ 1 file changed, 38 insertions(+), 15 deletions(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index bcb89c515..db2e447a9 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -126,48 +126,71 @@ METHOD(payload_t, verify, status_t, switch (this->attr_type) { - case INTERNAL_IP4_ADDRESS: - case INTERNAL_IP4_NETMASK: - case INTERNAL_IP4_DNS: - case INTERNAL_IP4_NBNS: - case INTERNAL_ADDRESS_EXPIRY: - case INTERNAL_IP4_DHCP: + case INTERNAL_IP4_ADDRESS: + case INTERNAL_IP4_NETMASK: + case INTERNAL_IP4_DNS: + case INTERNAL_IP4_NBNS: + case INTERNAL_ADDRESS_EXPIRY: + case INTERNAL_IP4_DHCP: if (this->length_or_value != 0 && this->length_or_value != 4) { failed = TRUE; } break; - case INTERNAL_IP4_SUBNET: + case INTERNAL_IP4_SUBNET: if (this->length_or_value != 0 && this->length_or_value != 8) { failed = TRUE; } break; - case INTERNAL_IP6_ADDRESS: - case INTERNAL_IP6_SUBNET: + case INTERNAL_IP6_ADDRESS: + case INTERNAL_IP6_SUBNET: if (this->length_or_value != 0 && this->length_or_value != 17) { failed = TRUE; } break; - case INTERNAL_IP6_DNS: - case INTERNAL_IP6_NBNS: - case INTERNAL_IP6_DHCP: + case INTERNAL_IP6_DNS: + case INTERNAL_IP6_NBNS: + case INTERNAL_IP6_DHCP: if (this->length_or_value != 0 && this->length_or_value != 16) { failed = TRUE; } break; - case SUPPORTED_ATTRIBUTES: + case SUPPORTED_ATTRIBUTES: if (this->length_or_value % 2) { failed = TRUE; } break; - case APPLICATION_VERSION: + case APPLICATION_VERSION: + case INTERNAL_IP4_SERVER: + case INTERNAL_IP6_SERVER: + case XAUTH_TYPE: + case XAUTH_USER_NAME: + case XAUTH_USER_PASSWORD: + case XAUTH_PASSCODE: + case XAUTH_MESSAGE: + case XAUTH_CHALLENGE: + case XAUTH_DOMAIN: + case XAUTH_STATUS: + case XAUTH_NEXT_PIN: + case XAUTH_ANSWER: + case UNITY_BANNER: + case UNITY_SAVE_PASSWD: + case UNITY_DEF_DOMAIN: + case UNITY_SPLITDNS_NAME: + case UNITY_SPLIT_INCLUDE: + case UNITY_NATT_PORT: + case UNITY_LOCAL_LAN: + case UNITY_PFS: + case UNITY_FW_TYPE: + case UNITY_BACKUP_SERVERS: + case UNITY_DDNS_HOSTNAME: /* any length acceptable */ break; - default: + default: DBG1(DBG_ENC, "unknown attribute type %N", configuration_attribute_type_names, this->attr_type); break; -- cgit v1.2.3 From 05cb240215b6a496327d151cd180fd58759e45e1 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 20 Jan 2012 14:57:18 +0100 Subject: Use ATTRIBUTE_VALUE rule in configuration attribute to parse it with correct length --- src/libcharon/encoding/payloads/configuration_attribute.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index db2e447a9..4e3df9055 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -77,7 +77,7 @@ static encoding_rule_t encodings_v2[] = { /* Length of attribute value */ { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length_or_value)}, /* Value of attribute if attribute format flag is zero */ - { CHUNK_DATA, offsetof(private_configuration_attribute_t, value) }, + { ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) }, }; /* -- cgit v1.2.3 From c390569a76524a72e25a8885f3f8dc920700207d Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Fri, 20 Jan 2012 15:00:06 +0100 Subject: Renamed CONFIGURATION_ATTRIBUTE_LENGTH to streamline it with other ATTRIBUTE rules --- src/libcharon/encoding/payloads/configuration_attribute.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'src/libcharon/encoding/payloads/configuration_attribute.c') diff --git a/src/libcharon/encoding/payloads/configuration_attribute.c b/src/libcharon/encoding/payloads/configuration_attribute.c index 4e3df9055..482eca882 100644 --- a/src/libcharon/encoding/payloads/configuration_attribute.c +++ b/src/libcharon/encoding/payloads/configuration_attribute.c @@ -71,13 +71,13 @@ struct private_configuration_attribute_t { */ static encoding_rule_t encodings_v2[] = { /* 1 reserved bit */ - { RESERVED_BIT, offsetof(private_configuration_attribute_t, reserved) }, + { RESERVED_BIT, offsetof(private_configuration_attribute_t, reserved) }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attr_type) }, /* Length of attribute value */ - { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length_or_value)}, + { ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length_or_value)}, /* Value of attribute if attribute format flag is zero */ - { ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) }, + { ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) }, }; /* -- cgit v1.2.3