From 526b5afb4510163372f7981e57d69fad3ea53906 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 15 Nov 2011 13:53:56 +0100 Subject: Extended IKE header for IKEv1 support --- src/libcharon/encoding/payloads/ike_header.h | 114 +++++++++++++++++++++++---- 1 file changed, 97 insertions(+), 17 deletions(-) (limited to 'src/libcharon/encoding/payloads/ike_header.h') diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h index 5579a4961..aa456de9d 100644 --- a/src/libcharon/encoding/payloads/ike_header.h +++ b/src/libcharon/encoding/payloads/ike_header.h @@ -1,6 +1,6 @@ /* * Copyright (C) 2007 Tobias Brunner - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2011 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -30,19 +30,24 @@ typedef struct ike_header_t ike_header_t; #include /** - * Major Version of IKEv2. + * Major Version of IKEv1 we implement. */ -#define IKE_MAJOR_VERSION 2 +#define IKEV1_MAJOR_VERSION 1 /** - * Minor Version of IKEv2. + * Minor Version of IKEv2 we implement. */ -#define IKE_MINOR_VERSION 0 +#define IKEV1_MINOR_VERSION 0 /** - * Flag in IKEv2-Header. Always 0. + * Major Version of IKEv2 we implement. */ -#define HIGHER_VERSION_SUPPORTED_FLAG 0 +#define IKEV2_MAJOR_VERSION 2 + +/** + * Minor Version of IKEv2 we implement. + */ +#define IKEV2_MINOR_VERSION 0 /** * Length of IKE Header in Bytes. @@ -57,9 +62,34 @@ typedef struct ike_header_t ike_header_t; enum exchange_type_t{ /** - * EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type. + * Identity Protection (Main mode). */ - EXCHANGE_TYPE_UNDEFINED = 255, + ID_PROT = 2, + + /** + * Authentication Only. + */ + AUTH_ONLY = 3, + + /** + * Aggresive (Aggressive mode) + */ + AGGRESSIVE = 4, + + /** + * Informational in IKEv1 + */ + INFORMATIONAL_V1 = 5, + + /** + * Quick Mode + */ + QUICK_MODE = 32, + + /** + * New Group Mode + */ + NEW_GROUP_MODE = 33, /** * IKE_SA_INIT. @@ -77,7 +107,7 @@ enum exchange_type_t{ CREATE_CHILD_SA = 36, /** - * INFORMATIONAL. + * INFORMATIONAL in IKEv2. */ INFORMATIONAL = 37, @@ -91,6 +121,11 @@ enum exchange_type_t{ */ ME_CONNECT = 240 #endif /* ME */ + + /** + * Undefined exchange type, in private space. + */ + EXCHANGE_TYPE_UNDEFINED = 255, }; /** @@ -99,14 +134,10 @@ enum exchange_type_t{ extern enum_name_t *exchange_type_names; /** - * An object of this type represents an IKEv2 header and is used to - * generate and parse IKEv2 headers. - * - * The header format of an IKEv2-Message is compatible to the - * ISAKMP-Header format to allow implementations supporting - * both versions of the IKE-protocol. + * An object of this type represents an IKE header of either IKEv1 or IKEv2. */ struct ike_header_t { + /** * The payload_t interface. */ @@ -210,6 +241,48 @@ struct ike_header_t { */ void (*set_initiator_flag) (ike_header_t *this, bool initiator); + /** + * Get the encryption flag. + * + * @return encryption flag + */ + bool (*get_encryption_flag) (ike_header_t *this); + + /** + * Set the encryption flag. + * + * @param encryption encryption flag + */ + void (*set_encryption_flag) (ike_header_t *this, bool encryption); + + /** + * Get the commit flag. + * + * @return commit flag + */ + bool (*get_commit_flag) (ike_header_t *this); + + /** + * Set the commit flag. + * + * @param commit commit flag + */ + void (*set_commit_flag) (ike_header_t *this, bool commit); + + /** + * Get the authentication only flag. + * + * @return authonly flag + */ + bool (*get_authonly_flag) (ike_header_t *this); + + /** + * Set the authentication only flag. + * + * @param authonly authonly flag + */ + void (*set_authonly_flag) (ike_header_t *this, bool authonly); + /** * Get the exchange type. * @@ -245,10 +318,17 @@ struct ike_header_t { }; /** - * Create an ike_header_t object + * Create an empty ike_header_t object. * * @return ike_header_t object */ ike_header_t *ike_header_create(void); +/** + * Create an ike_header_t object for a specific major/minor version + * + * @return ike_header_t object + */ +ike_header_t *ike_header_create_version(int major, int minor); + #endif /** IKE_HEADER_H_ @}*/ -- cgit v1.2.3 From fdb8421f3683918c3218838df742a7673e0f542d Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 15 Nov 2011 14:27:19 +0100 Subject: Typo fixed. --- src/libcharon/encoding/payloads/ike_header.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/ike_header.h') diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h index aa456de9d..2ee247873 100644 --- a/src/libcharon/encoding/payloads/ike_header.h +++ b/src/libcharon/encoding/payloads/ike_header.h @@ -35,7 +35,7 @@ typedef struct ike_header_t ike_header_t; #define IKEV1_MAJOR_VERSION 1 /** - * Minor Version of IKEv2 we implement. + * Minor Version of IKEv1 we implement. */ #define IKEV1_MINOR_VERSION 0 -- cgit v1.2.3 From 4c6dfbb26bb353434bcb5bb6fa7b13fb0e447226 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Tue, 22 Nov 2011 09:46:31 +0100 Subject: Added missing comma after ME_CONNECT declaration. --- src/libcharon/encoding/payloads/ike_header.h | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) (limited to 'src/libcharon/encoding/payloads/ike_header.h') diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h index 2ee247873..a63d379b5 100644 --- a/src/libcharon/encoding/payloads/ike_header.h +++ b/src/libcharon/encoding/payloads/ike_header.h @@ -115,11 +115,12 @@ enum exchange_type_t{ * IKE_SESSION_RESUME (RFC 5723). */ IKE_SESSION_RESUME = 38, + #ifdef ME /** * ME_CONNECT */ - ME_CONNECT = 240 + ME_CONNECT = 240, #endif /* ME */ /** @@ -146,7 +147,7 @@ struct ike_header_t { /** * Get the initiator spi. * - * @return initiator_spi + * @return initiator_spi */ u_int64_t (*get_initiator_spi) (ike_header_t *this); @@ -160,7 +161,7 @@ struct ike_header_t { /** * Get the responder spi. * - * @return responder_spi + * @return responder_spi */ u_int64_t (*get_responder_spi) (ike_header_t *this); @@ -174,7 +175,7 @@ struct ike_header_t { /** * Get the major version. * - * @return major version + * @return major version */ u_int8_t (*get_maj_version) (ike_header_t *this); @@ -188,7 +189,7 @@ struct ike_header_t { /** * Get the minor version. * - * @return minor version + * @return minor version */ u_int8_t (*get_min_version) (ike_header_t *this); @@ -202,7 +203,7 @@ struct ike_header_t { /** * Get the response flag. * - * @return response flag + * @return response flag */ bool (*get_response_flag) (ike_header_t *this); @@ -216,7 +217,7 @@ struct ike_header_t { /** * Get "higher version supported"-flag. * - * @return version flag + * @return version flag */ bool (*get_version_flag) (ike_header_t *this); @@ -230,7 +231,7 @@ struct ike_header_t { /** * Get the initiator flag. * - * @return initiator flag + * @return initiator flag */ bool (*get_initiator_flag) (ike_header_t *this); @@ -244,7 +245,7 @@ struct ike_header_t { /** * Get the encryption flag. * - * @return encryption flag + * @return encryption flag */ bool (*get_encryption_flag) (ike_header_t *this); @@ -258,7 +259,7 @@ struct ike_header_t { /** * Get the commit flag. * - * @return commit flag + * @return commit flag */ bool (*get_commit_flag) (ike_header_t *this); @@ -272,7 +273,7 @@ struct ike_header_t { /** * Get the authentication only flag. * - * @return authonly flag + * @return authonly flag */ bool (*get_authonly_flag) (ike_header_t *this); @@ -286,7 +287,7 @@ struct ike_header_t { /** * Get the exchange type. * - * @return exchange type + * @return exchange type */ u_int8_t (*get_exchange_type) (ike_header_t *this); @@ -300,7 +301,7 @@ struct ike_header_t { /** * Get the message id. * - * @return message id + * @return message id */ u_int32_t (*get_message_id) (ike_header_t *this); -- cgit v1.2.3 From 54a8a94fa9009437e4c4d7df52d881fc1203c2ac Mon Sep 17 00:00:00 2001 From: Clavister OpenSource Date: Wed, 23 Nov 2011 08:29:54 +0100 Subject: IKEv1 ConfigMode: Added TRANSACTION exchange type. Added attribute_payload (IKEv2 equiv cp_payload) and data_attribute (IKEv2 equiv configuration_attribute) payload types. Did not combine with IKEv2 because it wasn't trivial to do so. This might be a task worth investigating in the future, because there is a decent amount of shared code here. --- src/libcharon/encoding/payloads/ike_header.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/ike_header.h') diff --git a/src/libcharon/encoding/payloads/ike_header.h b/src/libcharon/encoding/payloads/ike_header.h index a63d379b5..e6b7d0dff 100644 --- a/src/libcharon/encoding/payloads/ike_header.h +++ b/src/libcharon/encoding/payloads/ike_header.h @@ -81,6 +81,11 @@ enum exchange_type_t{ */ INFORMATIONAL_V1 = 5, + /** + * Transaction (ISAKMP Cfg Mode "draft-ietf-ipsec-isakmp-mode-cfg-05") + */ + TRANSACTION = 6, + /** * Quick Mode */ @@ -138,7 +143,6 @@ extern enum_name_t *exchange_type_names; * An object of this type represents an IKE header of either IKEv1 or IKEv2. */ struct ike_header_t { - /** * The payload_t interface. */ -- cgit v1.2.3