From e9b55b832546d05f464bdddbe779ed21cd17b624 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 11:27:55 +0100 Subject: Simplify signature of get_encoding_rules(), make all rules static --- src/libcharon/encoding/payloads/delete_payload.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index e6ee07d39..b396135be 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -79,7 +79,7 @@ struct private_delete_payload_t { * The defined offsets are the positions in a object of type * private_delete_payload_t. */ -encoding_rule_t delete_payload_encodings[] = { +static encoding_rule_t encodings[] = { /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, /* the critical bit */ @@ -145,11 +145,11 @@ METHOD(payload_t, verify, status_t, return SUCCESS; } -METHOD(payload_t, get_encoding_rules, void, - private_delete_payload_t *this, encoding_rule_t **rules, size_t *rule_count) +METHOD(payload_t, get_encoding_rules, int, + private_delete_payload_t *this, encoding_rule_t **rules) { - *rules = delete_payload_encodings; - *rule_count = countof(delete_payload_encodings); + *rules = encodings; + return countof(encodings); } METHOD(payload_t, get_payload_type, payload_type_t, -- cgit v1.2.3 From 38fb67fbf18489f40845b072e4ed50b1f6cf0c9c Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 11:27:46 +0000 Subject: Add a payload.get_header_length() method, remove header length definitions --- src/libcharon/encoding/payloads/delete_payload.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index b396135be..5f0af8c86 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -152,6 +152,12 @@ METHOD(payload_t, get_encoding_rules, int, return countof(encodings); } +METHOD(payload_t, get_header_length, int, + private_delete_payload_t *this) +{ + return 8; +} + METHOD(payload_t, get_payload_type, payload_type_t, private_delete_payload_t *this) { @@ -258,6 +264,7 @@ delete_payload_t *delete_payload_create(protocol_id_t protocol_id) .payload_interface = { .verify = _verify, .get_encoding_rules = _get_encoding_rules, + .get_header_length = _get_header_length, .get_length = _get_length, .get_next_type = _get_next_type, .set_next_type = _set_next_type, @@ -270,7 +277,7 @@ delete_payload_t *delete_payload_create(protocol_id_t protocol_id) .destroy = _destroy, }, .next_payload = NO_PAYLOAD, - .payload_length = DELETE_PAYLOAD_HEADER_LENGTH, + .payload_length = get_header_length(this), .protocol_id = protocol_id, .spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0, ); -- cgit v1.2.3 From 95a26523afc0d2a997cd1d4f738c287ae045ae4e Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 14:20:16 +0000 Subject: Use a generic encoding type for all variable length chunks --- src/libcharon/encoding/payloads/delete_payload.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 5f0af8c86..425bde0c3 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -98,7 +98,7 @@ static encoding_rule_t encodings[] = { { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ - { SPIS, offsetof(private_delete_payload_t, spis) } + { CHUNK_DATA, offsetof(private_delete_payload_t, spis) } }; /* -- cgit v1.2.3 From cf6cd5aa4b55a1f6e9df37acf466d229fc728ace Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 18:14:51 +0100 Subject: Added IKEv1 support to delete payload --- src/libcharon/encoding/payloads/delete_payload.c | 87 ++++++++++++++++++++---- 1 file changed, 74 insertions(+), 13 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 425bde0c3..7cf14cd25 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -24,9 +24,9 @@ typedef struct private_delete_payload_t private_delete_payload_t; /** * Private data of an delete_payload_t object. - * */ struct private_delete_payload_t { + /** * Public delete_payload_t interface. */ @@ -45,13 +45,18 @@ struct private_delete_payload_t { /** * reserved bits */ - bool reserved[7]; + bool reserved[8]; /** * Length of this payload. */ u_int16_t payload_length; + /** + * IKEv1 Domain of Interpretation + */ + u_int32_t doi; + /** * Protocol ID. */ @@ -71,15 +76,17 @@ struct private_delete_payload_t { * The contained SPI's. */ chunk_t spis; + + /** + * Payload type, DELETE or DELETE_V1 + */ + payload_type_t type; }; /** - * Encoding rules to parse or generate a DELETE payload - * - * The defined offsets are the positions in a object of type - * private_delete_payload_t. + * Encoding rules for an IKEv2 delete payload. */ -static encoding_rule_t encodings[] = { +static encoding_rule_t encodings_v2[] = { /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, /* the critical bit */ @@ -98,7 +105,47 @@ static encoding_rule_t encodings[] = { { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ - { CHUNK_DATA, offsetof(private_delete_payload_t, spis) } + { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, +}; + +/* + 1 2 3 + 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Next Payload !C! RESERVED ! Payload Length ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! Protocol ID ! SPI Size ! # of SPIs ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! ! + ~ Security Parameter Index(es) (SPI) ~ + ! ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +*/ + +/** + * Encoding rules for an IKEv1 delete payload. + */ +static encoding_rule_t encodings_v1[] = { + /* 1 Byte next payload type, stored in the field next_payload */ + { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, + /* 8 Bit reserved bits */ + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[0]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[1]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[2]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[3]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[4]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[5]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[6]) }, + { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[7]) }, + /* Length of the whole payload*/ + { PAYLOAD_LENGTH, offsetof(private_delete_payload_t, payload_length) }, + /* Domain of interpretation */ + { U_INT_32, offsetof(private_delete_payload_t, doi) }, + { U_INT_8, offsetof(private_delete_payload_t, protocol_id) }, + { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, + { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, + /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ + { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, }; /* @@ -107,6 +154,8 @@ static encoding_rule_t encodings[] = { +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Next Payload !C! RESERVED ! Payload Length ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ + ! DOI ! + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Protocol ID ! SPI Size ! # of SPIs ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! ! @@ -148,20 +197,29 @@ METHOD(payload_t, verify, status_t, METHOD(payload_t, get_encoding_rules, int, private_delete_payload_t *this, encoding_rule_t **rules) { - *rules = encodings; - return countof(encodings); + if (this->type == DELETE) + { + *rules = encodings_v2; + return countof(encodings_v2); + } + *rules = encodings_v1; + return countof(encodings_v1); } METHOD(payload_t, get_header_length, int, private_delete_payload_t *this) { - return 8; + if (this->type == DELETE) + { + return 8; + } + return 12; } METHOD(payload_t, get_payload_type, payload_type_t, private_delete_payload_t *this) { - return DELETE; + return this->type; } METHOD(payload_t, get_next_type, payload_type_t, @@ -255,7 +313,8 @@ METHOD2(payload_t, delete_payload_t, destroy, void, /* * Described in header */ -delete_payload_t *delete_payload_create(protocol_id_t protocol_id) +delete_payload_t *delete_payload_create(payload_type_t type, + protocol_id_t protocol_id) { private_delete_payload_t *this; @@ -278,8 +337,10 @@ delete_payload_t *delete_payload_create(protocol_id_t protocol_id) }, .next_payload = NO_PAYLOAD, .payload_length = get_header_length(this), + .doi = IKEV1_DOI_IPSEC, .protocol_id = protocol_id, .spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0, + .type = type, ); return &this->public; } -- cgit v1.2.3 From cbb6d765bc29963f3faaf945e4b321204a2f6cd2 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 21 Nov 2011 10:22:50 +0100 Subject: Fixed length calculation of delete payload --- src/libcharon/encoding/payloads/delete_payload.c | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 7cf14cd25..f5bdb3809 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -211,9 +211,9 @@ METHOD(payload_t, get_header_length, int, { if (this->type == DELETE) { - return 8; + return 8 + this->spi_size; } - return 12; + return 12 + this->spi_size; } METHOD(payload_t, get_payload_type, payload_type_t, @@ -255,6 +255,7 @@ METHOD(delete_payload_t, add_spi, void, case PROTO_ESP: this->spi_count++; this->payload_length += sizeof(spi); + this->spi_size += sizeof(spi); this->spis = chunk_cat("mc", this->spis, chunk_from_thing(spi)); break; default: @@ -336,11 +337,12 @@ delete_payload_t *delete_payload_create(payload_type_t type, .destroy = _destroy, }, .next_payload = NO_PAYLOAD, - .payload_length = get_header_length(this), .doi = IKEV1_DOI_IPSEC, .protocol_id = protocol_id, .spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0, .type = type, ); + this->payload_length = get_header_length(this); + return &this->public; } -- cgit v1.2.3 From f3cc8589b1e025f3f077d8ca96db4eb31cc20597 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 23 Nov 2011 12:35:10 +0100 Subject: Fixed header length calculation of DELETE payload. --- src/libcharon/encoding/payloads/delete_payload.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index f5bdb3809..5609ea766 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -88,9 +88,9 @@ struct private_delete_payload_t { */ static encoding_rule_t encodings_v2[] = { /* 1 Byte next payload type, stored in the field next_payload */ - { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, + { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_delete_payload_t, critical) }, + { FLAG, offsetof(private_delete_payload_t, critical) }, /* 7 Bit reserved bits */ { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[0]) }, { RESERVED_BIT, offsetof(private_delete_payload_t, reserved[1]) }, @@ -105,7 +105,7 @@ static encoding_rule_t encodings_v2[] = { { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ - { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, + { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, }; /* @@ -145,7 +145,7 @@ static encoding_rule_t encodings_v1[] = { { U_INT_8, offsetof(private_delete_payload_t, spi_size) }, { U_INT_16, offsetof(private_delete_payload_t, spi_count) }, /* some delete data bytes, length is defined in PAYLOAD_LENGTH */ - { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, + { CHUNK_DATA, offsetof(private_delete_payload_t, spis) }, }; /* @@ -211,9 +211,9 @@ METHOD(payload_t, get_header_length, int, { if (this->type == DELETE) { - return 8 + this->spi_size; + return 8; } - return 12 + this->spi_size; + return 12; } METHOD(payload_t, get_payload_type, payload_type_t, -- cgit v1.2.3 From 1e5dd62bb28ca177e813723327703ff93ba3d3b4 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Wed, 23 Nov 2011 12:35:58 +0100 Subject: Fixed verification of DELETE_V1 payloads. --- src/libcharon/encoding/payloads/delete_payload.c | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 5609ea766..79070a79f 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -178,10 +178,19 @@ METHOD(payload_t, verify, status_t, break; case PROTO_IKE: case 0: - /* IKE deletion has no spi assigned! */ - if (this->spi_size != 0) - { - return FAILED; + if (this->type == DELETE) + { /* IKEv2 deletion has no spi assigned! */ + if (this->spi_size != 0) + { + return FAILED; + } + } + else + { /* IKEv1 uses the two concatenated ISAKMP cookies as SPI */ + if (this->spi_size != 16) + { + return FAILED; + } } break; default: -- cgit v1.2.3 From 0acb5207588c095b34031e9114d4ed4cc637a9e7 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 13 Dec 2011 11:08:53 +0100 Subject: Support IKEv1 SPIs in IKEv1 delete payload --- src/libcharon/encoding/payloads/delete_payload.c | 25 ++++++++++++++++++++++-- 1 file changed, 23 insertions(+), 2 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 79070a79f..3222e9fbe 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -272,6 +272,16 @@ METHOD(delete_payload_t, add_spi, void, } } +METHOD(delete_payload_t, set_ike_spi, void, + private_delete_payload_t *this, u_int64_t spi_i, u_int64_t spi_r) +{ + free(this->spis.ptr); + this->spis = chunk_cat("cc", chunk_from_thing(spi_i), + chunk_from_thing(spi_r)); + this->spi_count = 1; + this->payload_length = get_header_length(this) + this->spi_size; +} + /** * SPI enumerator implementation */ @@ -342,16 +352,27 @@ delete_payload_t *delete_payload_create(payload_type_t type, }, .get_protocol_id = _get_protocol_id, .add_spi = _add_spi, + .set_ike_spi = _set_ike_spi, .create_spi_enumerator = _create_spi_enumerator, .destroy = _destroy, }, .next_payload = NO_PAYLOAD, - .doi = IKEV1_DOI_IPSEC, .protocol_id = protocol_id, - .spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0, .type = type, ); this->payload_length = get_header_length(this); + if (type == DELETE_V1) + { + if (protocol_id == PROTO_IKE) + { + this->spi_size = 16; + } + else + { + this->doi = IKEV1_DOI_IPSEC, + this->spi_size = 4; + } + } return &this->public; } -- cgit v1.2.3 From 226b0f36c74f7739dbf498ad0093e9e208a7db6f Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 13 Dec 2011 11:30:35 +0100 Subject: Fixed SPI size calculation in DELETE payload --- src/libcharon/encoding/payloads/delete_payload.c | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index 3222e9fbe..dec1ba72a 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -264,7 +264,6 @@ METHOD(delete_payload_t, add_spi, void, case PROTO_ESP: this->spi_count++; this->payload_length += sizeof(spi); - this->spi_size += sizeof(spi); this->spis = chunk_cat("mc", this->spis, chunk_from_thing(spi)); break; default: @@ -362,17 +361,17 @@ delete_payload_t *delete_payload_create(payload_type_t type, ); this->payload_length = get_header_length(this); - if (type == DELETE_V1) + if (protocol_id == PROTO_IKE) { - if (protocol_id == PROTO_IKE) + if (type == DELETE_V1) { this->spi_size = 16; } - else - { - this->doi = IKEV1_DOI_IPSEC, - this->spi_size = 4; - } + } + else + { + this->doi = IKEV1_DOI_IPSEC, + this->spi_size = 4; } return &this->public; } -- cgit v1.2.3 From fd5d6bb08e62a795b3700ac6ec1da6bb0bb1f319 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 20 Dec 2011 18:49:49 +0100 Subject: Use IPSEC DOI also for ISAKMP SA deletes. --- src/libcharon/encoding/payloads/delete_payload.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/delete_payload.c') diff --git a/src/libcharon/encoding/payloads/delete_payload.c b/src/libcharon/encoding/payloads/delete_payload.c index dec1ba72a..007411f37 100644 --- a/src/libcharon/encoding/payloads/delete_payload.c +++ b/src/libcharon/encoding/payloads/delete_payload.c @@ -357,6 +357,7 @@ delete_payload_t *delete_payload_create(payload_type_t type, }, .next_payload = NO_PAYLOAD, .protocol_id = protocol_id, + .doi = IKEV1_DOI_IPSEC, .type = type, ); this->payload_length = get_header_length(this); @@ -370,7 +371,6 @@ delete_payload_t *delete_payload_create(payload_type_t type, } else { - this->doi = IKEV1_DOI_IPSEC, this->spi_size = 4; } return &this->public; -- cgit v1.2.3