From 1bf2971ff2d63f1f1c4d59d1091b8a1b11b0ef62 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Wed, 16 Nov 2011 13:46:54 +0100 Subject: Implemented limited payload parsing for IKEv1 SA payloads --- src/libcharon/encoding/payloads/proposal_substructure.h | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index d0ba1fd2a..86ccd5b8b 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -37,9 +37,7 @@ typedef struct proposal_substructure_t proposal_substructure_t; #define PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH 8 /** - * Class representing an IKEv2-PROPOSAL SUBSTRUCTURE. - * - * The PROPOSAL SUBSTRUCTURE format is described in RFC section 3.3.1. + * Class representing an IKEv1/IKEv2 proposal substructure. */ struct proposal_substructure_t { @@ -126,17 +124,19 @@ struct proposal_substructure_t { /** * Creates an empty proposal_substructure_t object * - * @return proposal_substructure_t object + * @param type PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1 + * @return proposal_substructure_t object */ -proposal_substructure_t *proposal_substructure_create(void); +proposal_substructure_t *proposal_substructure_create(payload_type_t type); /** * Creates a proposal_substructure_t from a proposal_t. * + * @param type PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1 * @param proposal proposal to build a substruct out of it * @return proposal_substructure_t object */ proposal_substructure_t *proposal_substructure_create_from_proposal( - proposal_t *proposal); + payload_type_t type, proposal_t *proposal); #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/ -- cgit v1.2.3 From 38fb67fbf18489f40845b072e4ed50b1f6cf0c9c Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 17 Nov 2011 11:27:46 +0000 Subject: Add a payload.get_header_length() method, remove header length definitions --- src/libcharon/encoding/payloads/proposal_substructure.h | 6 ------ 1 file changed, 6 deletions(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 86ccd5b8b..72bbdd64f 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -30,12 +30,6 @@ typedef struct proposal_substructure_t proposal_substructure_t; #include #include - -/** - * Length of the proposal substructure header (without spi). - */ -#define PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH 8 - /** * Class representing an IKEv1/IKEv2 proposal substructure. */ -- cgit v1.2.3 From 62a27ba347042fe8cafc500520f0e2cf036b07d4 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 22 Nov 2011 16:47:17 +0100 Subject: Encode multiple IKEv1 proposals in a single transform substructure --- src/libcharon/encoding/payloads/proposal_substructure.h | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 72bbdd64f..79a6ca238 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -127,10 +127,19 @@ proposal_substructure_t *proposal_substructure_create(payload_type_t type); * Creates a proposal_substructure_t from a proposal_t. * * @param type PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1 - * @param proposal proposal to build a substruct out of it - * @return proposal_substructure_t object + * @param proposal proposal to build a substruct out of it + * @return proposal_substructure_t object */ proposal_substructure_t *proposal_substructure_create_from_proposal( payload_type_t type, proposal_t *proposal); +/** + * Creates a proposal_substructure_t from a list of proposal_t (IKEv1 only). + * + * @param proposal proposal to build a substruct out of it + * @return IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1 + */ +proposal_substructure_t *proposal_substructure_create_from_proposals( + linked_list_t *proposals); + #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/ -- cgit v1.2.3 From d50152a70bb109624d05249e11dda6c28a9a6422 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Tue, 22 Nov 2011 17:04:07 +0100 Subject: Parse proposal substructure with multiple IKEv1 transforms to multiple proposals --- src/libcharon/encoding/payloads/proposal_substructure.h | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 79a6ca238..496a352ca 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -96,11 +96,11 @@ struct proposal_substructure_t { void (*set_spi) (proposal_substructure_t *this, chunk_t spi); /** - * Get a proposal_t from the propsal_substructure_t. + * Get proposals contained in a propsal_substructure_t. * - * @return proposal_t + * @param list list to add created proposals to */ - proposal_t * (*get_proposal) (proposal_substructure_t *this); + void (*get_proposals) (proposal_substructure_t *this, linked_list_t *list); /** * Create an enumerator over transform substructures. -- cgit v1.2.3 From fbebc2a068942d16c20f8439b140027395ba25a0 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 24 Nov 2011 12:52:11 +0100 Subject: Implemented encoding of additional IKEv1 proposal attributes --- .../encoding/payloads/proposal_substructure.h | 41 +++++++++++++++++----- 1 file changed, 32 insertions(+), 9 deletions(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 496a352ca..de06f916f 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -29,6 +29,8 @@ typedef struct proposal_substructure_t proposal_substructure_t; #include #include #include +#include +#include /** * Class representing an IKEv1/IKEv2 proposal substructure. @@ -124,22 +126,43 @@ struct proposal_substructure_t { proposal_substructure_t *proposal_substructure_create(payload_type_t type); /** - * Creates a proposal_substructure_t from a proposal_t. + * Creates an IKEv2 proposal_substructure_t from a proposal_t. * - * @param type PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1 * @param proposal proposal to build a substruct out of it - * @return proposal_substructure_t object + * @return proposal_substructure_t PROPOSAL_SUBSTRUCTURE */ -proposal_substructure_t *proposal_substructure_create_from_proposal( - payload_type_t type, proposal_t *proposal); - +proposal_substructure_t *proposal_substructure_create_from_proposal_v2( + proposal_t *proposal); /** - * Creates a proposal_substructure_t from a list of proposal_t (IKEv1 only). + * Creates an IKEv1 proposal_substructure_t from a proposal_t. * * @param proposal proposal to build a substruct out of it + * @param lifetime lifetime in seconds + * @param lifebytes lifebytes, in bytes + * @param auth authentication method to use, or AUTH_NONE + * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL + * @param udp TRUE to use UDP encapsulation + * + * + * @return proposal_substructure_t object PROPOSAL_SUBSTRUCTURE_V1 + */ +proposal_substructure_t *proposal_substructure_create_from_proposal_v1( + proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes, + auth_method_t auth, ipsec_mode_t mode, bool udp); + +/** + * Creates an IKEv1 proposal_substructure_t from a list of proposal_t. + * + * @param proposals list of proposal_t to encode in a substructure + * @param lifetime lifetime in seconds + * @param lifebytes lifebytes, in bytes + * @param auth authentication method to use, or AUTH_NONE + * @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL + * @param udp TRUE to use UDP encapsulation * @return IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1 */ -proposal_substructure_t *proposal_substructure_create_from_proposals( - linked_list_t *proposals); +proposal_substructure_t *proposal_substructure_create_from_proposals_v1( + linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes, + auth_method_t auth, ipsec_mode_t mode, bool udp); #endif /** PROPOSAL_SUBSTRUCTURE_H_ @}*/ -- cgit v1.2.3 From 914ec2dbf29ea70a397418860fb304196131d845 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Thu, 24 Nov 2011 15:25:22 +0100 Subject: Implemented IKEv1 attribute encoding in SA payload --- .../encoding/payloads/proposal_substructure.h | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index de06f916f..03b26e127 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -111,6 +111,35 @@ struct proposal_substructure_t { */ enumerator_t* (*create_substructure_enumerator)(proposal_substructure_t *this); + /** + * Get the (shortest) lifetime of a proposal (IKEv1 only). + * + * @return lifetime, in seconds + */ + u_int32_t (*get_lifetime)(proposal_substructure_t *this); + + /** + * Get the (shortest) life duration of a proposal (IKEv1 only). + * + * @return life duration, in bytes + */ + u_int64_t (*get_lifebytes)(proposal_substructure_t *this); + + /** + * Get the first authentication method from the proposal (IKEv1 only). + * + * @return auth method, or AUTH_NONE + */ + auth_method_t (*get_auth_method)(proposal_substructure_t *this); + + /** + * Get the (first) encapsulation mode from a proposal (IKEv1 only). + * + * @param udp set to TRUE if UDP encapsulation used + * @return ipsec encapsulation mode + */ + ipsec_mode_t (*get_encap_mode)(proposal_substructure_t *this, bool *udp); + /** * Destroys an proposal_substructure_t object. */ -- cgit v1.2.3 From 15a682f4c23d0b8340b31077698e6f6d924c2861 Mon Sep 17 00:00:00 2001 From: Martin Willi Date: Mon, 19 Dec 2011 13:10:29 +0100 Subject: Separated libcharon/sa directory with ikev1 and ikev2 subfolders --- src/libcharon/encoding/payloads/proposal_substructure.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'src/libcharon/encoding/payloads/proposal_substructure.h') diff --git a/src/libcharon/encoding/payloads/proposal_substructure.h b/src/libcharon/encoding/payloads/proposal_substructure.h index 03b26e127..aefdf2f27 100644 --- a/src/libcharon/encoding/payloads/proposal_substructure.h +++ b/src/libcharon/encoding/payloads/proposal_substructure.h @@ -30,7 +30,7 @@ typedef struct proposal_substructure_t proposal_substructure_t; #include #include #include -#include +#include /** * Class representing an IKEv1/IKEv2 proposal substructure. -- cgit v1.2.3