" (ISA context %llu)", isa_id);
auth_payload = (auth_payload_t*)message->get_payload(message,
- AUTHENTICATION);
+ PLV2_AUTH);
if (auth_payload)
{
chunk_t auth_data;
{
data = chunk_clone(chunk_create(this->data, strlen(this->data)));
}
- notify = notify_payload_create_from_protocol_and_type(NOTIFY,
+ notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
this->esp ? PROTO_ESP : PROTO_IKE, type);
notify->set_spi(notify, this->spi);
if (data.len)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+ if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
{
old = (sa_payload_t*)payload;
message->remove_payload_at(message, enumerator);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
chunk_t data;
diff = this->bytes - size - CERT_PAYLOAD_HEADER_LENGTH;
data = chunk_alloc(diff);
memset(data.ptr, 0x12, data.len);
- pld = cert_payload_create_custom(CERTIFICATE, 201, data);
+ pld = cert_payload_create_custom(PLV2_CERTIFICATE, 201, data);
message->add_payload(message, &pld->payload_interface);
DBG1(DBG_CFG, "inserting %d dummy bytes certificate payload", diff);
}
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == ID_INITIATOR ||
- payload->get_type(payload) == ID_RESPONDER)
+ if (payload->get_type(payload) == PLV2_ID_INITIATOR ||
+ payload->get_type(payload) == PLV2_ID_RESPONDER)
{
id_payload = (id_payload_t*)payload;
id = id_payload->get_identification(id_payload);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == KEY_EXCHANGE)
+ if (payload->get_type(payload) == PLV2_KEY_EXCHANGE)
{
ke = (ke_payload_t*)payload;
DBG1(DBG_CFG, "received DH group %N",
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+ if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
{
sa = (sa_payload_t*)payload;
list = sa->get_proposals(sa);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == TRAFFIC_SELECTOR_INITIATOR ||
- payload->get_type(payload) == TRAFFIC_SELECTOR_RESPONDER)
+ if (payload->get_type(payload) == PLV2_TS_INITIATOR ||
+ payload->get_type(payload) == PLV2_TS_RESPONDER)
{
ts = (ts_payload_t*)payload;
host_t *from, *to;
{
nonce_payload_t *nonce;
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
if (nonce)
{
free(this->nonce.ptr);
ts_payload_t *tsi, *tsr;
linked_list_t *proposals;
- id = (id_payload_t*)message->get_payload(message, ID_RESPONDER);
+ id = (id_payload_t*)message->get_payload(message, PLV2_ID_RESPONDER);
if (id)
{
this->id->destroy(this->id);
this->id = id->get_identification(id);
}
- sa = (sa_payload_t*)message->get_payload(message, SECURITY_ASSOCIATION);
+ sa = (sa_payload_t*)message->get_payload(message, PLV2_SECURITY_ASSOCIATION);
if (sa)
{
proposals = sa->get_proposals(sa);
proposals->destroy_offset(proposals, offsetof(proposal_t, destroy));
}
tsi = (ts_payload_t*)message->get_payload(message,
- TRAFFIC_SELECTOR_INITIATOR);
+ PLV2_TS_INITIATOR);
if (tsi)
{
this->tsi = tsi->get_traffic_selectors(tsi);
}
tsr = (ts_payload_t*)message->get_payload(message,
- TRAFFIC_SELECTOR_RESPONDER);
+ PLV2_TS_RESPONDER);
if (tsr)
{
this->tsr = tsr->get_traffic_selectors(tsr);
cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
if (cert)
{
- payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+ payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "pretending end entity cert \"%Y\"",
{
if (type == AUTH_RULE_IM_CERT)
{
- payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+ payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "pretending issuer cert \"%Y\"",
{
notify_payload_t *notify = (notify_payload_t*)payload;
- if (payload->get_type(payload) != NOTIFY ||
+ if (payload->get_type(payload) != PLV2_NOTIFY ||
notify->get_notify_type(notify) != AUTHENTICATION_FAILED)
{
DBG1(DBG_CFG, "no %N notify found, disabling AUTH pretending",
return;
}
message->add_payload(message, (payload_t*)
- id_payload_create_from_identification(ID_RESPONDER, this->id));
+ id_payload_create_from_identification(PLV2_ID_RESPONDER, this->id));
if (this->proposal)
{
message->add_payload(message, (payload_t*)
u_int32_t *lenpos;
payload = message->get_payload(message,
- message->get_request(message) ? ID_INITIATOR : ID_RESPONDER);
+ message->get_request(message) ? PLV2_ID_INITIATOR : PLV2_ID_RESPONDER);
if (!payload)
{
DBG1(DBG_CFG, "ID payload not found to rebuild AUTH");
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == AUTHENTICATION)
+ if (payload->get_type(payload) == PLV2_AUTH)
{
message->remove_payload_at(message, enumerator);
payload->destroy(payload);
{
nonce_payload_t *nonce;
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
if (nonce)
{
free(this->nonce.ptr);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+ if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
{
sa = (sa_payload_t*)payload;
list = sa->get_proposals(sa);
payload_t *payload;
bool *bit;
- if (type == HEADER)
+ if (type == PL_HEADER)
{
message->set_reserved_header_bit(message, nr);
DBG1(DBG_CFG, "setting reserved bit %d of %N",
payload_t *payload;
u_int8_t *byte;
- if (type == TRANSFORM_SUBSTRUCTURE || type == PROPOSAL_SUBSTRUCTURE)
+ if (type == PLV2_TRANSFORM_SUBSTRUCTURE || type == PLV2_PROPOSAL_SUBSTRUCTURE)
{
enumerator_t *transforms, *proposals;
transform_substructure_t *transform;
payloads = message->create_payload_enumerator(message);
while (payloads->enumerate(payloads, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+ if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
{
sa = (sa_payload_t*)payload;
proposals = sa->create_substructure_enumerator(sa);
while (proposals->enumerate(proposals, &proposal))
{
- if (type == PROPOSAL_SUBSTRUCTURE)
+ if (type == PLV2_PROPOSAL_SUBSTRUCTURE)
{
byte = payload_get_field(&proposal->payload_interface,
RESERVED_BYTE, nr);
*byte = byteval;
}
}
- else if (type == TRANSFORM_SUBSTRUCTURE)
+ else if (type == PLV2_TRANSFORM_SUBSTRUCTURE)
{
transforms = proposal->create_substructure_enumerator(
proposal);
{
data = chunk_clone(chunk_create(this->data, strlen(this->data)));
}
- notify = notify_payload_create_from_protocol_and_type(NOTIFY,
+ notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
this->esp ? PROTO_ESP : PROTO_IKE, type);
notify->set_spi(notify, this->spi);
if (data.len)
case ENCRYPTED_DATA:
generate_from_chunk(this, rules[i].offset);
break;
- case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE:
- case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1:
- case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE:
- case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1:
- case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE:
- case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1:
- case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE:
- case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1:
- case PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
{
linked_list_t *proposals;
enumerator_t *enumerator;
typedef struct {
/** payload type */
payload_type_t type;
- /** notify type, if payload == NOTIFY */
+ /** notify type, if payload == PLV2_NOTIFY */
notify_type_t notify;
} payload_order_t;
*/
static payload_rule_t ike_sa_init_i_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
- {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
- {NONCE, 1, 1, FALSE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV2_SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
+ {PLV2_KEY_EXCHANGE, 1, 1, FALSE, FALSE},
+ {PLV2_NONCE, 1, 1, FALSE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
};
/**
*/
static payload_order_t ike_sa_init_i_order[] = {
/* payload type notify type */
- {NOTIFY, COOKIE},
- {SECURITY_ASSOCIATION, 0},
- {KEY_EXCHANGE, 0},
- {NONCE, 0},
- {NOTIFY, NAT_DETECTION_SOURCE_IP},
- {NOTIFY, NAT_DETECTION_DESTINATION_IP},
- {NOTIFY, 0},
- {VENDOR_ID, 0},
+ {PLV2_NOTIFY, COOKIE},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_KEY_EXCHANGE, 0},
+ {PLV2_NONCE, 0},
+ {PLV2_NOTIFY, NAT_DETECTION_SOURCE_IP},
+ {PLV2_NOTIFY, NAT_DETECTION_DESTINATION_IP},
+ {PLV2_NOTIFY, 0},
+ {PLV2_VENDOR_ID, 0},
};
/**
*/
static payload_rule_t ike_sa_init_r_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, TRUE},
- {SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
- {KEY_EXCHANGE, 1, 1, FALSE, FALSE},
- {NONCE, 1, 1, FALSE, FALSE},
- {CERTIFICATE_REQUEST, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, TRUE},
+ {PLV2_SECURITY_ASSOCIATION, 1, 1, FALSE, FALSE},
+ {PLV2_KEY_EXCHANGE, 1, 1, FALSE, FALSE},
+ {PLV2_NONCE, 1, 1, FALSE, FALSE},
+ {PLV2_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
};
/**
*/
static payload_order_t ike_sa_init_r_order[] = {
/* payload type notify type */
- {SECURITY_ASSOCIATION, 0},
- {KEY_EXCHANGE, 0},
- {NONCE, 0},
- {NOTIFY, NAT_DETECTION_SOURCE_IP},
- {NOTIFY, NAT_DETECTION_DESTINATION_IP},
- {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
- {CERTIFICATE_REQUEST, 0},
- {NOTIFY, 0},
- {VENDOR_ID, 0},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_KEY_EXCHANGE, 0},
+ {PLV2_NONCE, 0},
+ {PLV2_NOTIFY, NAT_DETECTION_SOURCE_IP},
+ {PLV2_NOTIFY, NAT_DETECTION_DESTINATION_IP},
+ {PLV2_NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
+ {PLV2_CERTREQ, 0},
+ {PLV2_NOTIFY, 0},
+ {PLV2_VENDOR_ID, 0},
};
/**
*/
static payload_rule_t ike_auth_i_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
- {AUTHENTICATION, 0, 1, TRUE, TRUE},
- {ID_INITIATOR, 0, 1, TRUE, FALSE},
- {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
- {CERTIFICATE_REQUEST, 0, MAX_CERTREQ_PAYLOADS, TRUE, FALSE},
- {ID_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV2_EAP, 0, 1, TRUE, TRUE},
+ {PLV2_AUTH, 0, 1, TRUE, TRUE},
+ {PLV2_ID_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
+ {PLV2_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, TRUE, FALSE},
+ {PLV2_ID_RESPONDER, 0, 1, TRUE, FALSE},
#ifdef ME
- {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
+ {PLV2_TS_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_TS_RESPONDER, 0, 1, TRUE, FALSE},
#else
- {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
+ {PLV2_TS_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_TS_RESPONDER, 0, 1, TRUE, FALSE},
#endif /* ME */
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t ike_auth_i_order[] = {
/* payload type notify type */
- {ID_INITIATOR, 0},
- {CERTIFICATE, 0},
- {NOTIFY, INITIAL_CONTACT},
- {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
- {CERTIFICATE_REQUEST, 0},
- {ID_RESPONDER, 0},
- {AUTHENTICATION, 0},
- {EXTENSIBLE_AUTHENTICATION, 0},
- {CONFIGURATION, 0},
- {NOTIFY, IPCOMP_SUPPORTED},
- {NOTIFY, USE_TRANSPORT_MODE},
- {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
- {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
- {SECURITY_ASSOCIATION, 0},
- {TRAFFIC_SELECTOR_INITIATOR, 0},
- {TRAFFIC_SELECTOR_RESPONDER, 0},
- {NOTIFY, MOBIKE_SUPPORTED},
- {NOTIFY, ADDITIONAL_IP4_ADDRESS},
- {NOTIFY, ADDITIONAL_IP6_ADDRESS},
- {NOTIFY, NO_ADDITIONAL_ADDRESSES},
- {NOTIFY, 0},
- {VENDOR_ID, 0},
+ {PLV2_ID_INITIATOR, 0},
+ {PLV2_CERTIFICATE, 0},
+ {PLV2_NOTIFY, INITIAL_CONTACT},
+ {PLV2_NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED},
+ {PLV2_CERTREQ, 0},
+ {PLV2_ID_RESPONDER, 0},
+ {PLV2_AUTH, 0},
+ {PLV2_EAP, 0},
+ {PLV2_CONFIGURATION, 0},
+ {PLV2_NOTIFY, IPCOMP_SUPPORTED},
+ {PLV2_NOTIFY, USE_TRANSPORT_MODE},
+ {PLV2_NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
+ {PLV2_NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_TS_INITIATOR, 0},
+ {PLV2_TS_RESPONDER, 0},
+ {PLV2_NOTIFY, MOBIKE_SUPPORTED},
+ {PLV2_NOTIFY, ADDITIONAL_IP4_ADDRESS},
+ {PLV2_NOTIFY, ADDITIONAL_IP6_ADDRESS},
+ {PLV2_NOTIFY, NO_ADDITIONAL_ADDRESSES},
+ {PLV2_NOTIFY, 0},
+ {PLV2_VENDOR_ID, 0},
};
/**
*/
static payload_rule_t ike_auth_r_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
- {EXTENSIBLE_AUTHENTICATION, 0, 1, TRUE, TRUE},
- {AUTHENTICATION, 0, 1, TRUE, TRUE},
- {CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
- {ID_RESPONDER, 0, 1, TRUE, FALSE},
- {SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
+ {PLV2_EAP, 0, 1, TRUE, TRUE},
+ {PLV2_AUTH, 0, 1, TRUE, TRUE},
+ {PLV2_CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
+ {PLV2_ID_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_SECURITY_ASSOCIATION, 0, 1, TRUE, FALSE},
+ {PLV2_TS_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_TS_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t ike_auth_r_order[] = {
/* payload type notify type */
- {ID_RESPONDER, 0},
- {CERTIFICATE, 0},
- {AUTHENTICATION, 0},
- {EXTENSIBLE_AUTHENTICATION, 0},
- {CONFIGURATION, 0},
- {NOTIFY, IPCOMP_SUPPORTED},
- {NOTIFY, USE_TRANSPORT_MODE},
- {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
- {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
- {SECURITY_ASSOCIATION, 0},
- {TRAFFIC_SELECTOR_INITIATOR, 0},
- {TRAFFIC_SELECTOR_RESPONDER, 0},
- {NOTIFY, AUTH_LIFETIME},
- {NOTIFY, MOBIKE_SUPPORTED},
- {NOTIFY, ADDITIONAL_IP4_ADDRESS},
- {NOTIFY, ADDITIONAL_IP6_ADDRESS},
- {NOTIFY, NO_ADDITIONAL_ADDRESSES},
- {NOTIFY, 0},
- {VENDOR_ID, 0},
+ {PLV2_ID_RESPONDER, 0},
+ {PLV2_CERTIFICATE, 0},
+ {PLV2_AUTH, 0},
+ {PLV2_EAP, 0},
+ {PLV2_CONFIGURATION, 0},
+ {PLV2_NOTIFY, IPCOMP_SUPPORTED},
+ {PLV2_NOTIFY, USE_TRANSPORT_MODE},
+ {PLV2_NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
+ {PLV2_NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_TS_INITIATOR, 0},
+ {PLV2_TS_RESPONDER, 0},
+ {PLV2_NOTIFY, AUTH_LIFETIME},
+ {PLV2_NOTIFY, MOBIKE_SUPPORTED},
+ {PLV2_NOTIFY, ADDITIONAL_IP4_ADDRESS},
+ {PLV2_NOTIFY, ADDITIONAL_IP6_ADDRESS},
+ {PLV2_NOTIFY, NO_ADDITIONAL_ADDRESSES},
+ {PLV2_NOTIFY, 0},
+ {PLV2_VENDOR_ID, 0},
};
/**
*/
static payload_rule_t informational_i_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t informational_i_order[] = {
/* payload type notify type */
- {NOTIFY, UPDATE_SA_ADDRESSES},
- {NOTIFY, NAT_DETECTION_SOURCE_IP},
- {NOTIFY, NAT_DETECTION_DESTINATION_IP},
- {NOTIFY, COOKIE2},
- {NOTIFY, 0},
- {DELETE, 0},
- {CONFIGURATION, 0},
+ {PLV2_NOTIFY, UPDATE_SA_ADDRESSES},
+ {PLV2_NOTIFY, NAT_DETECTION_SOURCE_IP},
+ {PLV2_NOTIFY, NAT_DETECTION_DESTINATION_IP},
+ {PLV2_NOTIFY, COOKIE2},
+ {PLV2_NOTIFY, 0},
+ {PLV2_DELETE, 0},
+ {PLV2_CONFIGURATION, 0},
};
/**
*/
static payload_rule_t informational_r_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t informational_r_order[] = {
/* payload type notify type */
- {NOTIFY, UPDATE_SA_ADDRESSES},
- {NOTIFY, NAT_DETECTION_SOURCE_IP},
- {NOTIFY, NAT_DETECTION_DESTINATION_IP},
- {NOTIFY, COOKIE2},
- {NOTIFY, 0},
- {DELETE, 0},
- {CONFIGURATION, 0},
+ {PLV2_NOTIFY, UPDATE_SA_ADDRESSES},
+ {PLV2_NOTIFY, NAT_DETECTION_SOURCE_IP},
+ {PLV2_NOTIFY, NAT_DETECTION_DESTINATION_IP},
+ {PLV2_NOTIFY, COOKIE2},
+ {PLV2_NOTIFY, 0},
+ {PLV2_DELETE, 0},
+ {PLV2_CONFIGURATION, 0},
};
/**
*/
static payload_rule_t create_child_sa_i_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
- {NONCE, 1, 1, TRUE, FALSE},
- {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV2_SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
+ {PLV2_NONCE, 1, 1, TRUE, FALSE},
+ {PLV2_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
+ {PLV2_TS_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_TS_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t create_child_sa_i_order[] = {
/* payload type notify type */
- {NOTIFY, REKEY_SA},
- {NOTIFY, IPCOMP_SUPPORTED},
- {NOTIFY, USE_TRANSPORT_MODE},
- {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
- {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
- {SECURITY_ASSOCIATION, 0},
- {NONCE, 0},
- {KEY_EXCHANGE, 0},
- {TRAFFIC_SELECTOR_INITIATOR, 0},
- {TRAFFIC_SELECTOR_RESPONDER, 0},
- {NOTIFY, 0},
+ {PLV2_NOTIFY, REKEY_SA},
+ {PLV2_NOTIFY, IPCOMP_SUPPORTED},
+ {PLV2_NOTIFY, USE_TRANSPORT_MODE},
+ {PLV2_NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
+ {PLV2_NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_NONCE, 0},
+ {PLV2_KEY_EXCHANGE, 0},
+ {PLV2_TS_INITIATOR, 0},
+ {PLV2_TS_RESPONDER, 0},
+ {PLV2_NOTIFY, 0},
};
/**
*/
static payload_rule_t create_child_sa_r_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
- {SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
- {NONCE, 1, 1, TRUE, FALSE},
- {KEY_EXCHANGE, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_INITIATOR, 0, 1, TRUE, FALSE},
- {TRAFFIC_SELECTOR_RESPONDER, 0, 1, TRUE, FALSE},
- {CONFIGURATION, 0, 1, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
+ {PLV2_SECURITY_ASSOCIATION, 1, 1, TRUE, FALSE},
+ {PLV2_NONCE, 1, 1, TRUE, FALSE},
+ {PLV2_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
+ {PLV2_TS_INITIATOR, 0, 1, TRUE, FALSE},
+ {PLV2_TS_RESPONDER, 0, 1, TRUE, FALSE},
+ {PLV2_CONFIGURATION, 0, 1, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
*/
static payload_order_t create_child_sa_r_order[] = {
/* payload type notify type */
- {NOTIFY, IPCOMP_SUPPORTED},
- {NOTIFY, USE_TRANSPORT_MODE},
- {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
- {NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
- {SECURITY_ASSOCIATION, 0},
- {NONCE, 0},
- {KEY_EXCHANGE, 0},
- {TRAFFIC_SELECTOR_INITIATOR, 0},
- {TRAFFIC_SELECTOR_RESPONDER, 0},
- {NOTIFY, ADDITIONAL_TS_POSSIBLE},
- {NOTIFY, 0},
+ {PLV2_NOTIFY, IPCOMP_SUPPORTED},
+ {PLV2_NOTIFY, USE_TRANSPORT_MODE},
+ {PLV2_NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED},
+ {PLV2_NOTIFY, NON_FIRST_FRAGMENTS_ALSO},
+ {PLV2_SECURITY_ASSOCIATION, 0},
+ {PLV2_NONCE, 0},
+ {PLV2_KEY_EXCHANGE, 0},
+ {PLV2_TS_INITIATOR, 0},
+ {PLV2_TS_RESPONDER, 0},
+ {PLV2_NOTIFY, ADDITIONAL_TS_POSSIBLE},
+ {PLV2_NOTIFY, 0},
};
#ifdef ME
*/
static payload_rule_t me_connect_i_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
- {ID_PEER, 1, 1, TRUE, FALSE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
+ {PLV2_ID_PEER, 1, 1, TRUE, FALSE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
};
/**
*/
static payload_order_t me_connect_i_order[] = {
/* payload type notify type */
- {NOTIFY, 0},
- {ID_PEER, 0},
- {VENDOR_ID, 0},
+ {PLV2_NOTIFY, 0},
+ {PLV2_ID_PEER, 0},
+ {PLV2_VENDOR_ID, 0},
};
/**
*/
static payload_rule_t me_connect_r_rules[] = {
/* payload type min max encr suff */
- {NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
- {VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
+ {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
+ {PLV2_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE}
};
/**
*/
static payload_order_t me_connect_r_order[] = {
/* payload type notify type */
- {NOTIFY, 0},
- {VENDOR_ID, 0},
+ {PLV2_NOTIFY, 0},
+ {PLV2_VENDOR_ID, 0},
};
#endif /* ME */
* Message rule for ID_PROT from initiator.
*/
static payload_rule_t id_prot_i_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
- {NONCE_V1, 0, 1, FALSE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
- {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
- {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {ID_V1, 0, 1, TRUE, FALSE},
- {CERTIFICATE_V1, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
- {SIGNATURE_V1, 0, 1, TRUE, FALSE},
- {HASH_V1, 0, 1, TRUE, FALSE},
- {FRAGMENT_V1, 0, 1, FALSE, TRUE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 1, FALSE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, FALSE, FALSE},
+ {PLV1_NONCE, 0, 1, FALSE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV1_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D_DRAFT_00_03, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_ID, 0, 1, TRUE, FALSE},
+ {PLV1_CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
+ {PLV1_SIGNATURE, 0, 1, TRUE, FALSE},
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_FRAGMENT, 0, 1, FALSE, TRUE},
};
/**
* payload order for ID_PROT from initiator.
*/
static payload_order_t id_prot_i_order[] = {
-/* payload type notify type */
- {SECURITY_ASSOCIATION_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {NONCE_V1, 0},
- {ID_V1, 0},
- {CERTIFICATE_V1, 0},
- {SIGNATURE_V1, 0},
- {HASH_V1, 0},
- {CERTIFICATE_REQUEST_V1, 0},
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {NAT_D_V1, 0},
- {NAT_D_DRAFT_00_03_V1, 0},
- {FRAGMENT_V1, 0},
+/* payload type notify type */
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_ID, 0},
+ {PLV1_CERTIFICATE, 0},
+ {PLV1_SIGNATURE, 0},
+ {PLV1_HASH, 0},
+ {PLV1_CERTREQ, 0},
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_NAT_D, 0},
+ {PLV1_NAT_D_DRAFT_00_03, 0},
+ {PLV1_FRAGMENT, 0},
};
/**
* Message rule for ID_PROT from responder.
*/
static payload_rule_t id_prot_r_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
- {NONCE_V1, 0, 1, FALSE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
- {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
- {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {ID_V1, 0, 1, TRUE, FALSE},
- {CERTIFICATE_V1, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
- {SIGNATURE_V1, 0, 1, TRUE, FALSE},
- {HASH_V1, 0, 1, TRUE, FALSE},
- {FRAGMENT_V1, 0, 1, FALSE, TRUE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 1, FALSE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, FALSE, FALSE},
+ {PLV1_NONCE, 0, 1, FALSE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV1_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D_DRAFT_00_03, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_ID, 0, 1, TRUE, FALSE},
+ {PLV1_CERTIFICATE, 0, MAX_CERT_PAYLOADS, TRUE, FALSE},
+ {PLV1_SIGNATURE, 0, 1, TRUE, FALSE},
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_FRAGMENT, 0, 1, FALSE, TRUE},
};
/**
* payload order for ID_PROT from responder.
*/
static payload_order_t id_prot_r_order[] = {
-/* payload type notify type */
- {SECURITY_ASSOCIATION_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {NONCE_V1, 0},
- {ID_V1, 0},
- {CERTIFICATE_V1, 0},
- {SIGNATURE_V1, 0},
- {HASH_V1, 0},
- {CERTIFICATE_REQUEST_V1, 0},
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {NAT_D_V1, 0},
- {NAT_D_DRAFT_00_03_V1, 0},
- {FRAGMENT_V1, 0},
+/* payload type notify type */
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_ID, 0},
+ {PLV1_CERTIFICATE, 0},
+ {PLV1_SIGNATURE, 0},
+ {PLV1_HASH, 0},
+ {PLV1_CERTREQ, 0},
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_NAT_D, 0},
+ {PLV1_NAT_D_DRAFT_00_03, 0},
+ {PLV1_FRAGMENT, 0},
};
/**
* Message rule for AGGRESSIVE from initiator.
*/
static payload_rule_t aggressive_i_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
- {NONCE_V1, 0, 1, FALSE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
- {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
- {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {ID_V1, 0, 1, FALSE, FALSE},
- {CERTIFICATE_V1, 0, 1, TRUE, FALSE},
- {SIGNATURE_V1, 0, 1, TRUE, FALSE},
- {HASH_V1, 0, 1, TRUE, FALSE},
- {FRAGMENT_V1, 0, 1, FALSE, TRUE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 1, FALSE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, FALSE, FALSE},
+ {PLV1_NONCE, 0, 1, FALSE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV1_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D_DRAFT_00_03, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_ID, 0, 1, FALSE, FALSE},
+ {PLV1_CERTIFICATE, 0, 1, TRUE, FALSE},
+ {PLV1_SIGNATURE, 0, 1, TRUE, FALSE},
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_FRAGMENT, 0, 1, FALSE, TRUE},
};
/**
* payload order for AGGRESSIVE from initiator.
*/
static payload_order_t aggressive_i_order[] = {
-/* payload type notify type */
- {SECURITY_ASSOCIATION_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {NONCE_V1, 0},
- {ID_V1, 0},
- {CERTIFICATE_V1, 0},
- {NAT_D_V1, 0},
- {NAT_D_DRAFT_00_03_V1, 0},
- {SIGNATURE_V1, 0},
- {HASH_V1, 0},
- {CERTIFICATE_REQUEST_V1, 0},
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {FRAGMENT_V1, 0},
+/* payload type notify type */
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_ID, 0},
+ {PLV1_CERTIFICATE, 0},
+ {PLV1_NAT_D, 0},
+ {PLV1_NAT_D_DRAFT_00_03, 0},
+ {PLV1_SIGNATURE, 0},
+ {PLV1_HASH, 0},
+ {PLV1_CERTREQ, 0},
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_FRAGMENT, 0},
};
/**
* Message rule for AGGRESSIVE from responder.
*/
static payload_rule_t aggressive_r_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 1, FALSE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, FALSE, FALSE},
- {NONCE_V1, 0, 1, FALSE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
- {CERTIFICATE_REQUEST_V1, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
- {NAT_D_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {NAT_D_DRAFT_00_03_V1, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
- {ID_V1, 0, 1, FALSE, FALSE},
- {CERTIFICATE_V1, 0, 1, FALSE, FALSE},
- {SIGNATURE_V1, 0, 1, FALSE, FALSE},
- {HASH_V1, 0, 1, FALSE, FALSE},
- {FRAGMENT_V1, 0, 1, FALSE, TRUE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 1, FALSE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, FALSE, FALSE},
+ {PLV1_NONCE, 0, 1, FALSE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, FALSE, FALSE},
+ {PLV1_CERTREQ, 0, MAX_CERTREQ_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_NAT_D_DRAFT_00_03, 0, MAX_NAT_D_PAYLOADS, FALSE, FALSE},
+ {PLV1_ID, 0, 1, FALSE, FALSE},
+ {PLV1_CERTIFICATE, 0, 1, FALSE, FALSE},
+ {PLV1_SIGNATURE, 0, 1, FALSE, FALSE},
+ {PLV1_HASH, 0, 1, FALSE, FALSE},
+ {PLV1_FRAGMENT, 0, 1, FALSE, TRUE},
};
/**
* payload order for AGGRESSIVE from responder.
*/
static payload_order_t aggressive_r_order[] = {
-/* payload type notify type */
- {SECURITY_ASSOCIATION_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {NONCE_V1, 0},
- {ID_V1, 0},
- {CERTIFICATE_V1, 0},
- {NAT_D_V1, 0},
- {NAT_D_DRAFT_00_03_V1, 0},
- {SIGNATURE_V1, 0},
- {HASH_V1, 0},
- {CERTIFICATE_REQUEST_V1, 0},
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {FRAGMENT_V1, 0},
+/* payload type notify type */
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_ID, 0},
+ {PLV1_CERTIFICATE, 0},
+ {PLV1_NAT_D, 0},
+ {PLV1_NAT_D_DRAFT_00_03, 0},
+ {PLV1_SIGNATURE, 0},
+ {PLV1_HASH, 0},
+ {PLV1_CERTREQ, 0},
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_FRAGMENT, 0},
};
/**
* Message rule for INFORMATIONAL_V1 from initiator.
*/
static payload_rule_t informational_i_rules_v1[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV1_DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
* payload order for INFORMATIONAL_V1 from initiator.
*/
static payload_order_t informational_i_order_v1[] = {
-/* payload type notify type */
- {NOTIFY_V1, 0},
- {DELETE_V1, 0},
- {VENDOR_ID_V1, 0},
+/* payload type notify type */
+ {PLV1_NOTIFY, 0},
+ {PLV1_DELETE, 0},
+ {PLV1_VENDOR_ID, 0},
};
/**
* Message rule for INFORMATIONAL_V1 from responder.
*/
static payload_rule_t informational_r_rules_v1[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {DELETE_V1, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, FALSE, FALSE},
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV1_DELETE, 0, MAX_DELETE_PAYLOADS, TRUE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
};
/**
* payload order for INFORMATIONAL_V1 from responder.
*/
static payload_order_t informational_r_order_v1[] = {
-/* payload type notify type */
- {NOTIFY_V1, 0},
- {DELETE_V1, 0},
- {VENDOR_ID_V1, 0},
+/* payload type notify type */
+ {PLV1_NOTIFY, 0},
+ {PLV1_DELETE, 0},
+ {PLV1_VENDOR_ID, 0},
};
/**
* Message rule for QUICK_MODE from initiator.
*/
static payload_rule_t quick_mode_i_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
- {HASH_V1, 0, 1, TRUE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
- {NONCE_V1, 0, 1, TRUE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
- {ID_V1, 0, 2, TRUE, FALSE},
- {NAT_OA_V1, 0, 2, TRUE, FALSE},
- {NAT_OA_DRAFT_00_03_V1, 0, 2, TRUE, FALSE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 2, TRUE, FALSE},
+ {PLV1_NONCE, 0, 1, TRUE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
+ {PLV1_ID, 0, 2, TRUE, FALSE},
+ {PLV1_NAT_OA, 0, 2, TRUE, FALSE},
+ {PLV1_NAT_OA_DRAFT_00_03, 0, 2, TRUE, FALSE},
};
/**
* payload order for QUICK_MODE from initiator.
*/
static payload_order_t quick_mode_i_order[] = {
-/* payload type notify type */
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {HASH_V1, 0},
- {SECURITY_ASSOCIATION_V1, 0},
- {NONCE_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {ID_V1, 0},
- {NAT_OA_V1, 0},
- {NAT_OA_DRAFT_00_03_V1, 0},
+/* payload type notify type */
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_HASH, 0},
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_ID, 0},
+ {PLV1_NAT_OA, 0},
+ {PLV1_NAT_OA_DRAFT_00_03, 0},
};
/**
* Message rule for QUICK_MODE from responder.
*/
static payload_rule_t quick_mode_r_rules[] = {
-/* payload type min max encr suff */
- {NOTIFY_V1, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
- {VENDOR_ID_V1, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
- {HASH_V1, 0, 1, TRUE, FALSE},
- {SECURITY_ASSOCIATION_V1, 0, 2, TRUE, FALSE},
- {NONCE_V1, 0, 1, TRUE, FALSE},
- {KEY_EXCHANGE_V1, 0, 1, TRUE, FALSE},
- {ID_V1, 0, 2, TRUE, FALSE},
- {NAT_OA_V1, 0, 2, TRUE, FALSE},
- {NAT_OA_DRAFT_00_03_V1, 0, 2, TRUE, FALSE},
+/* payload type min max encr suff */
+ {PLV1_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
+ {PLV1_VENDOR_ID, 0, MAX_VID_PAYLOADS, TRUE, FALSE},
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_SECURITY_ASSOCIATION, 0, 2, TRUE, FALSE},
+ {PLV1_NONCE, 0, 1, TRUE, FALSE},
+ {PLV1_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
+ {PLV1_ID, 0, 2, TRUE, FALSE},
+ {PLV1_NAT_OA, 0, 2, TRUE, FALSE},
+ {PLV1_NAT_OA_DRAFT_00_03, 0, 2, TRUE, FALSE},
};
/**
* payload order for QUICK_MODE from responder.
*/
static payload_order_t quick_mode_r_order[] = {
-/* payload type notify type */
- {NOTIFY_V1, 0},
- {VENDOR_ID_V1, 0},
- {HASH_V1, 0},
- {SECURITY_ASSOCIATION_V1, 0},
- {NONCE_V1, 0},
- {KEY_EXCHANGE_V1, 0},
- {ID_V1, 0},
- {NAT_OA_V1, 0},
- {NAT_OA_DRAFT_00_03_V1, 0},
+/* payload type notify type */
+ {PLV1_NOTIFY, 0},
+ {PLV1_VENDOR_ID, 0},
+ {PLV1_HASH, 0},
+ {PLV1_SECURITY_ASSOCIATION, 0},
+ {PLV1_NONCE, 0},
+ {PLV1_KEY_EXCHANGE, 0},
+ {PLV1_ID, 0},
+ {PLV1_NAT_OA, 0},
+ {PLV1_NAT_OA_DRAFT_00_03, 0},
};
/**
* Message rule for TRANSACTION.
*/
static payload_rule_t transaction_payload_rules_v1[] = {
-/* payload type min max encr suff */
- {HASH_V1, 0, 1, TRUE, FALSE},
- {CONFIGURATION_V1, 1, 1, FALSE, FALSE},
+/* payload type min max encr suff */
+ {PLV1_HASH, 0, 1, TRUE, FALSE},
+ {PLV1_CONFIGURATION, 1, 1, FALSE, FALSE},
};
/**
* Payload order for TRANSACTION.
*/
static payload_order_t transaction_payload_order_v1[] = {
-/* payload type notify type */
- {HASH_V1, 0},
- {CONFIGURATION_V1, 0},
+/* payload type notify type */
+ {PLV1_HASH, 0},
+ {PLV1_CONFIGURATION, 0},
};
#endif /* USE_IKEV1 */
{
this->first_payload = payload->get_type(payload);
}
- payload->set_next_type(payload, NO_PAYLOAD);
+ payload->set_next_type(payload, PL_NONE);
this->payloads->insert_last(this->payloads, payload);
DBG2(DBG_ENC ,"added payload of type %N to message",
}
if (this->major_version == IKEV2_MAJOR_VERSION)
{
- notify = notify_payload_create(NOTIFY);
+ notify = notify_payload_create(PLV2_NOTIFY);
}
else
{
- notify = notify_payload_create(NOTIFY_V1);
+ notify = notify_payload_create(PLV1_NOTIFY);
}
notify->set_notify_type(notify, type);
notify->set_notification_data(notify, data);
enumerator = create_payload_enumerator(this);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY ||
- payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV2_NOTIFY ||
+ payload->get_type(payload) == PLV1_NOTIFY)
{
notify = (notify_payload_t*)payload;
if (notify->get_notify_type(notify) == type)
}
pos += written;
len -= written;
- if (payload->get_type(payload) == NOTIFY ||
- payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV2_NOTIFY ||
+ payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
pos += written;
len -= written;
}
- if (payload->get_type(payload) == EXTENSIBLE_AUTHENTICATION)
+ if (payload->get_type(payload) == PLV2_EAP)
{
eap_payload_t *eap = (eap_payload_t*)payload;
u_int32_t vendor;
pos += written;
len -= written;
}
- if (payload->get_type(payload) == CONFIGURATION ||
- payload->get_type(payload) == CONFIGURATION_V1)
+ if (payload->get_type(payload) == PLV2_CONFIGURATION ||
+ payload->get_type(payload) == PLV1_CONFIGURATION)
{
cp_payload_t *cp = (cp_payload_t*)payload;
enumerator_t *attributes;
notify = (notify_payload_t*)payload;
/**... and check notify for type. */
- if (order.type != NOTIFY || order.notify == 0 ||
+ if (order.type != PLV2_NOTIFY || order.notify == 0 ||
order.notify == notify->get_notify_type(notify))
{
list->remove_at(list, enumerator);
if (this->is_encrypted)
{
- encryption = encryption_payload_create(ENCRYPTED_V1);
+ encryption = encryption_payload_create(PLV1_ENCRYPTED);
}
else
{
- encryption = encryption_payload_create(ENCRYPTED);
+ encryption = encryption_payload_create(PLV2_ENCRYPTED);
}
while (payloads->remove_first(payloads, (void**)¤t) == SUCCESS)
{
{ /* insert a HASH payload as first payload */
hash_payload_t *hash_payload;
- hash_payload = hash_payload_create(HASH_V1);
+ hash_payload = hash_payload_create(PLV1_HASH);
hash_payload->set_hash(hash_payload, hash);
this->payloads->insert_first(this->payloads, hash_payload);
if (this->exchange_type == INFORMATIONAL_V1)
}
else
{
- next_type = encryption ? ENCRYPTED : NO_PAYLOAD;
+ next_type = encryption ? PLV2_ENCRYPTED : PL_NONE;
}
payload->set_next_type(payload, next_type);
generator->generate_payload(generator, payload);
DBG2(DBG_ENC, "parsing header of message");
this->parser->reset_context(this->parser);
- status = this->parser->parse_payload(this->parser, HEADER,
+ status = this->parser->parse_payload(this->parser, PL_HEADER,
(payload_t**)&ike_header);
if (status != SUCCESS)
{
}
this->first_payload = ike_header->payload_interface.get_next_type(
&ike_header->payload_interface);
- if (this->first_payload == FRAGMENT_V1 && this->is_encrypted)
+ if (this->first_payload == PLV1_FRAGMENT && this->is_encrypted)
{ /* racoon sets the encryted bit when sending a fragment, but these
* messages are really not encrypted */
this->is_encrypted = FALSE;
{
#ifdef ME
if (this->exchange_type == INFORMATIONAL &&
- payload->get_type(payload) == NOTIFY)
+ payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
* payload which is then handled just like a regular payload */
encryption_payload_t *encryption;
- status = this->parser->parse_payload(this->parser, ENCRYPTED_V1,
+ status = this->parser->parse_payload(this->parser, PLV1_ENCRYPTED,
(payload_t**)&encryption);
if (status != SUCCESS)
{
return SUCCESS;
}
- while (type != NO_PAYLOAD)
+ while (type != PL_NONE)
{
DBG2(DBG_ENC, "starting parsing a %N payload",
payload_type_names, type);
/* an encrypted payload is the last one, so STOP here. decryption is
* done later */
- if (type == ENCRYPTED)
+ if (type == PLV2_ENCRYPTED)
{
DBG2(DBG_ENC, "%N payload found, stop parsing",
payload_type_names, type);
{
if (this->exchange_type == ID_PROT)
{
- if (type == ID_V1 || type == HASH_V1)
+ if (type == PLV1_ID || type == PLV1_HASH)
{
return lib->settings->get_bool(lib->settings,
"%s.accept_unencrypted_mainmode_messages",
DBG2(DBG_ENC, "process payload of type %N", payload_type_names, type);
- if (type == ENCRYPTED || type == ENCRYPTED_V1)
+ if (type == PLV2_ENCRYPTED || type == PLV1_ENCRYPTED)
{
encryption_payload_t *encryption;
hash_payload_t *hash_payload;
chunk_t other_hash;
- if (this->first_payload != HASH_V1)
+ if (this->first_payload != PLV1_HASH)
{
if (this->exchange_type == INFORMATIONAL_V1)
{
chunk_free(&hash);
return VERIFY_ERROR;
}
- hash_payload = (hash_payload_t*)get_payload(this, HASH_V1);
+ hash_payload = (hash_payload_t*)get_payload(this, PLV1_HASH);
other_hash = hash_payload->get_hash(hash_payload);
DBG3(DBG_ENC, "HASH received %B\nHASH expected %B",
&other_hash, &hash);
},
.exchange_type = EXCHANGE_TYPE_UNDEFINED,
.is_request = TRUE,
- .first_payload = NO_PAYLOAD,
+ .first_payload = PL_NONE,
.packet = packet,
.payloads = linked_list_create(),
.parser = parser_create(packet->get_data(packet)),
}
break;
}
- case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE:
- case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1:
- case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE:
- case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1:
- case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE:
- case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1:
- case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE:
- case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1:
- case PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE:
+ case PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE:
+ case PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
{
if (payload_length < header_length ||
!parse_list(this, rule_number, output + rule->offset,
METHOD(payload_t, get_type, payload_type_t,
private_auth_payload_t *this)
{
- return AUTHENTICATION;
+ return PLV2_AUTH;
}
METHOD(payload_t, get_next_type, payload_type_t,
.get_data = _get_data,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
);
return &this->public;
.get_url = _get_url,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
{
private_cert_payload_t *this;
- this = (private_cert_payload_t*)cert_payload_create(CERTIFICATE);
+ this = (private_cert_payload_t*)cert_payload_create(PLV2_CERTIFICATE);
this->encoding = ENC_X509_HASH_AND_URL;
this->data = chunk_cat("cc", hash, chunk_create(url, strlen(url)));
this->payload_length = get_header_length(this) + this->data.len;
chunk_t data;
/**
- * Payload type CERTIFICATE_REQUEST or CERTIFICATE_REQUEST_V1
+ * Payload type PLV2_CERTREQ or PLV1_CERTREQ
*/
payload_type_t type;
};
METHOD(payload_t, verify, status_t,
private_certreq_payload_t *this)
{
- if (this->type == CERTIFICATE_REQUEST &&
+ if (this->type == PLV2_CERTREQ &&
this->encoding == ENC_X509_SIGNATURE)
{
if (this->data.len % HASH_SIZE_SHA1)
{
keyid_enumerator_t *enumerator;
- if (this->type == CERTIFICATE_REQUEST_V1)
+ if (this->type == PLV1_CERTREQ)
{
return enumerator_create_empty();
}
.destroy = _destroy,
.get_dn = _get_dn,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
private_certreq_payload_t *this;
this = (private_certreq_payload_t*)
- certreq_payload_create(CERTIFICATE_REQUEST);
+ certreq_payload_create(PLV2_CERTREQ);
switch (type)
{
case CERT_X509:
private_certreq_payload_t *this;
this = (private_certreq_payload_t*)
- certreq_payload_create(CERTIFICATE_REQUEST_V1);
+ certreq_payload_create(PLV1_CERTREQ);
this->encoding = ENC_X509_SIGNATURE;
this->data = chunk_clone(id->get_encoding(id));
chunk_t value;
/**
- * Payload type, CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1
+ * Payload type, PLV2_CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1
*/
payload_type_t type;
};
METHOD(payload_t, get_encoding_rules, int,
private_configuration_attribute_t *this, encoding_rule_t **rules)
{
- if (this->type == CONFIGURATION_ATTRIBUTE)
+ if (this->type == PLV2_CONFIGURATION_ATTRIBUTE)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(payload_t, get_next_type, payload_type_t,
private_configuration_attribute_t *this)
{
- return NO_PAYLOAD;
+ return PL_NONE;
}
METHOD(payload_t, set_next_type, void,
private_configuration_attribute_t *this;
this = (private_configuration_attribute_t*)
- configuration_attribute_create(CONFIGURATION_ATTRIBUTE_V1);
+ configuration_attribute_create(PLV1_CONFIGURATION_ATTRIBUTE);
this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
this->length_or_value = value;
this->af_flag = TRUE;
/**
* Creates an empty configuration attribute.
*
- * @param type CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @param type PLV2_CONFIGURATION_ATTRIBUTE or PLV1_CONFIGURATION_ATTRIBUTE
* @return created configuration attribute
*/
configuration_attribute_t *configuration_attribute_create(payload_type_t type);
/**
* Creates a configuration attribute with type and value.
*
- * @param type CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @param type PLV2_CONFIGURATION_ATTRIBUTE or PLV1_CONFIGURATION_ATTRIBUTE
* @param attr_type type of configuration attribute
* @param chunk attribute value, gets cloned
* @return created configuration attribute
*
* @param attr_type type of configuration attribute
* @param value attribute value, gets cloned
- * @return created CONFIGURATION_ATTRIBUTE_V1 configuration attribute
+ * @return created PLV1_CONFIGURATION_ATTRIBUTE configuration attribute
*/
configuration_attribute_t *configuration_attribute_create_value(
configuration_attribute_type_t attr_type, u_int16_t value);
u_int8_t cfg_type;
/**
- * CONFIGURATION or CONFIGURATION_V1
+ * PLV2_CONFIGURATION or PLV1_CONFIGURATION
*/
payload_type_t type;
};
{ RESERVED_BYTE, offsetof(private_cp_payload_t, reserved_byte[1])},
{ RESERVED_BYTE, offsetof(private_cp_payload_t, reserved_byte[2])},
/* list of configuration attributes in a list */
- { PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE,
+ { PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE,
offsetof(private_cp_payload_t, attributes) },
};
{ RESERVED_BYTE, offsetof(private_cp_payload_t, reserved_byte[0])},
{ U_INT_16, offsetof(private_cp_payload_t, identifier)},
/* list of configuration attributes in a list */
- { PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1,
+ { PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE,
offsetof(private_cp_payload_t, attributes) },
};
METHOD(payload_t, get_encoding_rules, int,
private_cp_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == CONFIGURATION)
+ if (this->type == PLV2_CONFIGURATION)
{
*rules = encodings_v2;
return countof(encodings_v2);
.set_identifier = _set_identifier,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.attributes = linked_list_create(),
.cfg_type = cfg_type,
/**
* Creates an empty configuration payload
*
- * @param type payload type, CONFIGURATION or CONFIGURATION_V1
+ * @param type payload type, PLV2_CONFIGURATION or PLV1_CONFIGURATION
* @return empty configuration payload
*/
cp_payload_t *cp_payload_create(payload_type_t type);
/**
* Creates an cp_payload_t with type and value
*
- * @param type payload type, CONFIGURATION or CONFIGURATION_V1
+ * @param type payload type, PLV2_CONFIGURATION or PLV1_CONFIGURATION
* @param cfg_type type of configuration payload to create
* @return created configuration payload
*/
chunk_t spis;
/**
- * Payload type, DELETE or DELETE_V1
+ * Payload type, PLV2_DELETE or PLV1_DELETE
*/
payload_type_t type;
};
break;
case PROTO_IKE:
case 0:
- if (this->type == DELETE)
+ if (this->type == PLV2_DELETE)
{ /* IKEv2 deletion has no spi assigned! */
if (this->spi_size != 0)
{
METHOD(payload_t, get_encoding_rules, int,
private_delete_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == DELETE)
+ if (this->type == PLV2_DELETE)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(payload_t, get_header_length, int,
private_delete_payload_t *this)
{
- if (this->type == DELETE)
+ if (this->type == PLV2_DELETE)
{
return 8;
}
.create_spi_enumerator = _create_spi_enumerator,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.protocol_id = protocol_id,
.doi = IKEV1_DOI_IPSEC,
.type = type,
if (protocol_id == PROTO_IKE)
{
- if (type == DELETE_V1)
+ if (type == PLV1_DELETE)
{
this->spi_size = 16;
}
/**
* Creates an empty delete_payload_t object.
*
- * @param type DELETE or DELETE_V1
+ * @param type PLV2_DELETE or PLV1_DELETE
* @param protocol_id protocol, such as AH|ESP
* @return delete_payload_t object
*/
METHOD(payload_t, get_payload_type, payload_type_t,
private_eap_payload_t *this)
{
- return EXTENSIBLE_AUTHENTICATION;
+ return PLV2_EAP;
}
METHOD(payload_t, get_next_type, payload_type_t,
.is_expanded = _is_expanded,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
);
return &this->public;
linked_list_t *payloads;
/**
- * Type of payload, ENCRYPTED or ENCRYPTED_V1
+ * Type of payload, PLV2_ENCRYPTED or PLV1_ENCRYPTED
*/
payload_type_t type;
};
METHOD(payload_t, get_encoding_rules, int,
private_encryption_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == ENCRYPTED)
+ if (this->type == PLV2_ENCRYPTED)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(payload_t, get_header_length, int,
private_encryption_payload_t *this)
{
- if (this->type == ENCRYPTED)
+ if (this->type == PLV2_ENCRYPTED)
{
return 4;
}
{
this->next_payload = payload->get_type(payload);
}
- payload->set_next_type(payload, NO_PAYLOAD);
+ payload->set_next_type(payload, PL_NONE);
this->payloads->insert_last(this->payloads, payload);
compute_length(this);
}
generator->generate_payload(generator, current);
current = next;
}
- current->set_next_type(current, NO_PAYLOAD);
+ current->set_next_type(current, PL_NONE);
generator->generate_payload(generator, current);
chunk = generator->get_chunk(generator, &lenpos);
parser = parser_create(plain);
type = this->next_payload;
- while (type != NO_PAYLOAD)
+ while (type != PL_NONE)
{
payload_t *payload;
.decrypt = _decrypt,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payloads = linked_list_create(),
.type = type,
);
this->payload_length = get_header_length(this);
- if (type == ENCRYPTED_V1)
+ if (type == PLV1_ENCRYPTED)
{
this->public.encrypt = _encrypt_v1;
this->public.decrypt = _decrypt_v1;
/**
* Creates an empty encryption_payload_t object.
*
- * @param type ENCRYPTED or ENCRYPTED_V1
+ * @param type PLV2_ENCRYPTED or PLV1_ENCRYPTED
* @return encryption_payload_t object
*/
encryption_payload_t *encryption_payload_create(payload_type_t type);
chunk_t data;
notify_payload_t *notify;
- notify = notify_payload_create(NOTIFY);
+ notify = notify_payload_create(PLV2_NOTIFY);
notify->set_notify_type(notify, ME_ENDPOINT);
data = build_notification_data(this);
notify->set_notification_data(notify, data);
METHOD(payload_t, get_type, payload_type_t,
private_fragment_payload_t *this)
{
- return FRAGMENT_V1;
+ return PLV1_FRAGMENT;
}
METHOD(payload_t, get_next_type, payload_type_t,
.get_data = _get_data,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
);
this->payload_length = get_header_length(this);
return &this->public;
chunk_t hash;
/**
- * either HASH_V1 or NAT_D_V1
+ * either PLV1_HASH or PLV1_NAT_D
*/
payload_type_t type;
};
.get_hash = _get_hash,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
/**
* Creates an empty hash_payload_t object.
*
- * @param type either HASH_V1 or NAT_D_V1
+ * @param type either PLV1_HASH or PLV1_NAT_D
* @return hash_payload_t object
*/
hash_payload_t *hash_payload_create(payload_type_t type);
u_int16_t port;
/**
- * one of ID_INITIATOR, ID_RESPONDER, IDv1 and NAT_OA_V1
+ * one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, IDv1 and PLV1_NAT_OA
*/
payload_type_t type;
};
{
bool bad_length = FALSE;
- if ((this->type == NAT_OA_V1 || this->type == NAT_OA_DRAFT_00_03_V1) &&
+ if ((this->type == PLV1_NAT_OA || this->type == PLV1_NAT_OA_DRAFT_00_03) &&
this->id_type != ID_IPV4_ADDR && this->id_type != ID_IPV6_ADDR)
{
DBG1(DBG_ENC, "invalid ID type %N for %N payload", id_type_names,
METHOD(payload_t, get_encoding_rules, int,
private_id_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == ID_V1 ||
- this->type == NAT_OA_V1 || this->type == NAT_OA_DRAFT_00_03_V1)
+ if (this->type == PLV1_ID ||
+ this->type == PLV1_NAT_OA || this->type == PLV1_NAT_OA_DRAFT_00_03)
{
*rules = encodings_v1;
return countof(encodings_v1);
.get_ts = _get_ts,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
u_int8_t mask;
host_t *net;
- this = (private_id_payload_t*)id_payload_create(ID_V1);
+ this = (private_id_payload_t*)id_payload_create(PLV1_ID);
if (ts->is_host(ts, NULL))
{
/**
* Creates an empty id_payload_t object.
*
- * @param type one of ID_INITIATOR, ID_RESPONDER, ID_V1 and NAT_OA_V1
+ * @param type one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, PLV1_ID and PLV1_NAT_OA
* @return id_payload_t object
*/
id_payload_t *id_payload_create(payload_type_t type);
/**
* Creates an id_payload_t from an existing identification_t object.
*
- * @param type one of ID_INITIATOR, ID_RESPONDER, ID_V1 and NAT_OA_V1
+ * @param type one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, PLV1_ID and PLV1_NAT_OA
* @param id identification_t object
* @return id_payload_t object
*/
* Create an IKEv1 ID_ADDR_SUBNET/RANGE identity from a traffic selector.
*
* @param ts traffic selector
- * @return ID_V1 id_paylad_t object.
+ * @return PLV1_ID id_paylad_t object.
*/
id_payload_t *id_payload_create_from_ts(traffic_selector_t *ts);
METHOD(payload_t, get_type, payload_type_t,
private_ike_header_t *this)
{
- return HEADER;
+ return PL_HEADER;
}
METHOD(payload_t, get_next_type, payload_type_t,
chunk_t key_exchange_data;
/**
- * Payload type, KEY_EXCHANGE or KEY_EXCHANGE_V1
+ * Payload type, PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
*/
payload_type_t type;
};
METHOD(payload_t, get_encoding_rules, int,
private_ke_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == KEY_EXCHANGE)
+ if (this->type == PLV2_KEY_EXCHANGE)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(payload_t, get_header_length, int,
private_ke_payload_t *this)
{
- if (this->type == KEY_EXCHANGE)
+ if (this->type == PLV2_KEY_EXCHANGE)
{
return 8;
}
.get_dh_group_number = _get_dh_group_number,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.dh_group_number = MODP_NONE,
.type = type,
);
/**
* Creates an empty ke_payload_t object.
*
- * @param type KEY_EXCHANGE or KEY_EXCHANGE_V1
+ * @param type PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
* @return ke_payload_t object
*/
ke_payload_t *ke_payload_create(payload_type_t type);
/**
* Creates a ke_payload_t from a diffie_hellman_t.
*
- * @param type KEY_EXCHANGE or KEY_EXCHANGE_V1
+ * @param type PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
* @param dh diffie hellman object containing group and key
* @return ke_payload_t object
*/
chunk_t nonce;
/**
- * Payload type, NONCE or NONCE_V1
+ * Payload type, PLV2_NONCE or PLV1_NONCE
*/
payload_type_t type;
};
{
bad_length = TRUE;
}
- if (this->type == NONCE &&
+ if (this->type == PLV2_NONCE &&
this->nonce.len < 16)
{
bad_length = TRUE;
}
- if (this->type == NONCE_V1 &&
+ if (this->type == PLV1_NONCE &&
this->nonce.len < 8)
{
bad_length = TRUE;
.get_nonce = _get_nonce,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
/**
* Creates an empty nonce_payload_t object
*
- * @param type NONCE or NONCE_V1
+ * @param type PLV2_NONCE or PLV1_NONCE
* @return nonce_payload_t object
*/
nonce_payload_t *nonce_payload_create(payload_type_t type);
chunk_t notify_data;
/**
- * Type of payload, NOTIFY or NOTIFY_V1
+ * Type of payload, PLV2_NOTIFY or PLV1_NOTIFY
*/
payload_type_t type;
};
{
case INVALID_KE_PAYLOAD:
{
- if (this->type == NOTIFY && this->notify_data.len != 2)
+ if (this->type == PLV2_NOTIFY && this->notify_data.len != 2)
{
bad_length = TRUE;
}
case INVALID_MAJOR_VERSION:
case NO_PROPOSAL_CHOSEN:
{
- if (this->type == NOTIFY && this->notify_data.len != 0)
+ if (this->type == PLV2_NOTIFY && this->notify_data.len != 0)
{
bad_length = TRUE;
}
METHOD(payload_t, get_encoding_rules, int,
private_notify_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == NOTIFY)
+ if (this->type == PLV2_NOTIFY)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(payload_t, get_header_length, int,
private_notify_payload_t *this)
{
- if (this->type == NOTIFY)
+ if (this->type == PLV2_NOTIFY)
{
return 8 + this->spi_size;
}
.destroy = _destroy,
},
.doi = IKEV1_DOI_IPSEC,
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.type = type,
);
compute_length(this);
/**
* Creates an empty notify_payload_t object
*
- * @param type payload type, NOTIFY or NOTIFY_V1
+ * @param type payload type, PLV2_NOTIFY or PLV1_NOTIFY
* @return created notify_payload_t object
*/
notify_payload_t *notify_payload_create(payload_type_t type);
/**
* Creates an notify_payload_t object of specific type for specific protocol id.
*
- * @param type payload type, NOTIFY or NOTIFY_V1
+ * @param type payload type, PLV2_NOTIFY or PLV1_NOTIFY
* @param protocol protocol id (IKE, AH or ESP)
* @param notify type of notify
* @return notify_payload_t object
#include <encoding/payloads/fragment_payload.h>
#include <encoding/payloads/unknown_payload.h>
-ENUM_BEGIN(payload_type_names, NO_PAYLOAD, NO_PAYLOAD,
- "NO_PAYLOAD");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
+ENUM_BEGIN(payload_type_names, PL_NONE, PL_NONE,
+ "PL_NONE");
+ENUM_NEXT(payload_type_names, PLV1_SECURITY_ASSOCIATION, PLV1_CONFIGURATION, PL_NONE,
"SECURITY_ASSOCIATION_V1",
"PROPOSAL_V1",
"TRANSFORM_V1",
"KEY_EXCHANGE_V1",
"ID_V1",
"CERTIFICATE_V1",
- "CERTIFICATE_REQUEST_V1",
+ "CERTREQ_V1",
"HASH_V1",
"SIGNATURE_V1",
"NONCE_V1",
"DELETE_V1",
"VENDOR_ID_V1",
"CONFIGURATION_V1");
-ENUM_NEXT(payload_type_names, NAT_D_V1, NAT_OA_V1, CONFIGURATION_V1,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D, PLV1_NAT_OA, PLV1_CONFIGURATION,
"NAT_D_V1",
"NAT_OA_V1");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, GENERIC_SECURE_PASSWORD_METHOD, NAT_OA_V1,
+ENUM_NEXT(payload_type_names, PLV2_SECURITY_ASSOCIATION, PLV2_GSPM, PLV1_NAT_OA,
"SECURITY_ASSOCIATION",
"KEY_EXCHANGE",
"ID_INITIATOR",
"ID_RESPONDER",
"CERTIFICATE",
- "CERTIFICATE_REQUEST",
- "AUTHENTICATION",
+ "CERTREQ",
+ "AUTH",
"NONCE",
"NOTIFY",
"DELETE",
"VENDOR_ID",
- "TRAFFIC_SELECTOR_INITIATOR",
- "TRAFFIC_SELECTOR_RESPONDER",
+ "TS_INITIATOR",
+ "TS_RESPONDER",
"ENCRYPTED",
"CONFIGURATION",
- "EXTENSIBLE_AUTHENTICATION",
- "GENERIC_SECURE_PASSWORD_METHOD");
+ "EAP",
+ "GSPM");
#ifdef ME
-ENUM_NEXT(payload_type_names, ID_PEER, ID_PEER, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_names, PLV2_ID_PEER, PLV2_ID_PEER, PLV2_GSPM,
"ID_PEER");
-ENUM_NEXT(payload_type_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, ID_PEER,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_ID_PEER,
"NAT_D_DRAFT_V1",
"NAT_OA_DRAFT_V1",
"FRAGMENT");
#else
-ENUM_NEXT(payload_type_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_GSPM,
"NAT_D_DRAFT_V1",
"NAT_OA_DRAFT_V1",
"FRAGMENT");
#endif /* ME */
-ENUM_NEXT(payload_type_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
+ENUM_NEXT(payload_type_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
"HEADER",
"PROPOSAL_SUBSTRUCTURE",
"PROPOSAL_SUBSTRUCTURE_V1",
"CONFIGURATION_ATTRIBUTE",
"CONFIGURATION_ATTRIBUTE_V1",
"ENCRYPTED_V1");
-ENUM_END(payload_type_names, ENCRYPTED_V1);
+ENUM_END(payload_type_names, PLV1_ENCRYPTED);
/* short forms of payload names */
-ENUM_BEGIN(payload_type_short_names, NO_PAYLOAD, NO_PAYLOAD,
+ENUM_BEGIN(payload_type_short_names, PL_NONE, PL_NONE,
"--");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
+ENUM_NEXT(payload_type_short_names, PLV1_SECURITY_ASSOCIATION, PLV1_CONFIGURATION, PL_NONE,
"SA",
"PROP",
"TRANS",
"D",
"V",
"CP");
-ENUM_NEXT(payload_type_short_names, NAT_D_V1, NAT_OA_V1, CONFIGURATION_V1,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D, PLV1_NAT_OA, PLV1_CONFIGURATION,
"NAT-D",
"NAT-OA");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, GENERIC_SECURE_PASSWORD_METHOD, NAT_OA_V1,
+ENUM_NEXT(payload_type_short_names, PLV2_SECURITY_ASSOCIATION, PLV2_GSPM, PLV1_NAT_OA,
"SA",
"KE",
"IDi",
"EAP",
"GSPM");
#ifdef ME
-ENUM_NEXT(payload_type_short_names, ID_PEER, ID_PEER, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_short_names, PLV2_ID_PEER, PLV2_ID_PEER, PLV2_GSPM,
"IDp");
-ENUM_NEXT(payload_type_short_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, ID_PEER,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_ID_PEER,
"NAT-D",
"NAT-OA",
"FRAG");
#else
-ENUM_NEXT(payload_type_short_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_GSPM,
"NAT-D",
"NAT-OA",
"FRAG");
#endif /* ME */
-ENUM_NEXT(payload_type_short_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
+ENUM_NEXT(payload_type_short_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
"HDR",
"PROP",
"PROP",
"CATTR",
"CATTR",
"E");
-ENUM_END(payload_type_short_names, ENCRYPTED_V1);
+ENUM_END(payload_type_short_names, PLV1_ENCRYPTED);
/*
* see header
{
switch (type)
{
- case HEADER:
+ case PL_HEADER:
return (payload_t*)ike_header_create();
- case SECURITY_ASSOCIATION:
- case SECURITY_ASSOCIATION_V1:
+ case PLV2_SECURITY_ASSOCIATION:
+ case PLV1_SECURITY_ASSOCIATION:
return (payload_t*)sa_payload_create(type);
- case PROPOSAL_SUBSTRUCTURE:
- case PROPOSAL_SUBSTRUCTURE_V1:
+ case PLV2_PROPOSAL_SUBSTRUCTURE:
+ case PLV1_PROPOSAL_SUBSTRUCTURE:
return (payload_t*)proposal_substructure_create(type);
- case TRANSFORM_SUBSTRUCTURE:
- case TRANSFORM_SUBSTRUCTURE_V1:
+ case PLV2_TRANSFORM_SUBSTRUCTURE:
+ case PLV1_TRANSFORM_SUBSTRUCTURE:
return (payload_t*)transform_substructure_create(type);
- case TRANSFORM_ATTRIBUTE:
- case TRANSFORM_ATTRIBUTE_V1:
+ case PLV2_TRANSFORM_ATTRIBUTE:
+ case PLV1_TRANSFORM_ATTRIBUTE:
return (payload_t*)transform_attribute_create(type);
- case NONCE:
- case NONCE_V1:
+ case PLV2_NONCE:
+ case PLV1_NONCE:
return (payload_t*)nonce_payload_create(type);
- case ID_INITIATOR:
- case ID_RESPONDER:
- case ID_V1:
- case NAT_OA_V1:
- case NAT_OA_DRAFT_00_03_V1:
+ case PLV2_ID_INITIATOR:
+ case PLV2_ID_RESPONDER:
+ case PLV1_ID:
+ case PLV1_NAT_OA:
+ case PLV1_NAT_OA_DRAFT_00_03:
#ifdef ME
- case ID_PEER:
+ case PLV2_ID_PEER:
#endif /* ME */
return (payload_t*)id_payload_create(type);
- case AUTHENTICATION:
+ case PLV2_AUTH:
return (payload_t*)auth_payload_create();
- case CERTIFICATE:
- case CERTIFICATE_V1:
+ case PLV2_CERTIFICATE:
+ case PLV1_CERTIFICATE:
return (payload_t*)cert_payload_create(type);
- case CERTIFICATE_REQUEST:
- case CERTIFICATE_REQUEST_V1:
+ case PLV2_CERTREQ:
+ case PLV1_CERTREQ:
return (payload_t*)certreq_payload_create(type);
- case TRAFFIC_SELECTOR_SUBSTRUCTURE:
+ case PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
return (payload_t*)traffic_selector_substructure_create();
- case TRAFFIC_SELECTOR_INITIATOR:
+ case PLV2_TS_INITIATOR:
return (payload_t*)ts_payload_create(TRUE);
- case TRAFFIC_SELECTOR_RESPONDER:
+ case PLV2_TS_RESPONDER:
return (payload_t*)ts_payload_create(FALSE);
- case KEY_EXCHANGE:
- case KEY_EXCHANGE_V1:
+ case PLV2_KEY_EXCHANGE:
+ case PLV1_KEY_EXCHANGE:
return (payload_t*)ke_payload_create(type);
- case NOTIFY:
- case NOTIFY_V1:
+ case PLV2_NOTIFY:
+ case PLV1_NOTIFY:
return (payload_t*)notify_payload_create(type);
- case DELETE:
- case DELETE_V1:
+ case PLV2_DELETE:
+ case PLV1_DELETE:
return (payload_t*)delete_payload_create(type, 0);
- case VENDOR_ID:
- case VENDOR_ID_V1:
+ case PLV2_VENDOR_ID:
+ case PLV1_VENDOR_ID:
return (payload_t*)vendor_id_payload_create(type);
- case HASH_V1:
- case SIGNATURE_V1:
- case NAT_D_V1:
- case NAT_D_DRAFT_00_03_V1:
+ case PLV1_HASH:
+ case PLV1_SIGNATURE:
+ case PLV1_NAT_D:
+ case PLV1_NAT_D_DRAFT_00_03:
return (payload_t*)hash_payload_create(type);
- case CONFIGURATION:
- case CONFIGURATION_V1:
+ case PLV2_CONFIGURATION:
+ case PLV1_CONFIGURATION:
return (payload_t*)cp_payload_create(type);
- case CONFIGURATION_ATTRIBUTE:
- case CONFIGURATION_ATTRIBUTE_V1:
+ case PLV2_CONFIGURATION_ATTRIBUTE:
+ case PLV1_CONFIGURATION_ATTRIBUTE:
return (payload_t*)configuration_attribute_create(type);
- case EXTENSIBLE_AUTHENTICATION:
+ case PLV2_EAP:
return (payload_t*)eap_payload_create();
- case ENCRYPTED:
- case ENCRYPTED_V1:
+ case PLV2_ENCRYPTED:
+ case PLV1_ENCRYPTED:
return (payload_t*)encryption_payload_create(type);
- case FRAGMENT_V1:
+ case PLV1_FRAGMENT:
return (payload_t*)fragment_payload_create();
default:
return (payload_t*)unknown_payload_create(type);
*/
bool payload_is_known(payload_type_t type)
{
- if (type == HEADER)
+ if (type == PL_HEADER)
{
return TRUE;
}
- if (type >= SECURITY_ASSOCIATION && type <= EXTENSIBLE_AUTHENTICATION)
+ if (type >= PLV2_SECURITY_ASSOCIATION && type <= PLV2_EAP)
{
return TRUE;
}
- if (type >= SECURITY_ASSOCIATION_V1 && type <= CONFIGURATION_V1)
+ if (type >= PLV1_SECURITY_ASSOCIATION && type <= PLV1_CONFIGURATION)
{
return TRUE;
}
- if (type >= NAT_D_V1 && type <= NAT_OA_V1)
+ if (type >= PLV1_NAT_D && type <= PLV1_NAT_OA)
{
return TRUE;
}
#ifdef ME
- if (type == ID_PEER)
+ if (type == PLV2_ID_PEER)
{
return TRUE;
}
#endif
- if (type >= NAT_D_DRAFT_00_03_V1 && type <= FRAGMENT_V1)
+ if (type >= PLV1_NAT_D_DRAFT_00_03 && type <= PLV1_FRAGMENT)
{
return TRUE;
}
/**
* End of payload list in next_payload
*/
- NO_PAYLOAD = 0,
+ PL_NONE = 0,
/**
* The security association (SA) payload containing proposals.
*/
- SECURITY_ASSOCIATION_V1 = 1,
+ PLV1_SECURITY_ASSOCIATION = 1,
/**
* The proposal payload, containing transforms.
*/
- PROPOSAL_V1 = 2,
+ PLV1_PROPOSAL = 2,
/**
* The transform payload.
*/
- TRANSFORM_V1 = 3,
+ PLV1_TRANSFORM = 3,
/**
* The key exchange (KE) payload containing diffie-hellman values.
*/
- KEY_EXCHANGE_V1 = 4,
+ PLV1_KEY_EXCHANGE = 4,
/**
* ID payload.
*/
- ID_V1 = 5,
+ PLV1_ID = 5,
/**
* Certificate payload with certificates (CERT).
*/
- CERTIFICATE_V1 = 6,
+ PLV1_CERTIFICATE = 6,
/**
* Certificate request payload.
*/
- CERTIFICATE_REQUEST_V1 = 7,
+ PLV1_CERTREQ = 7,
/**
* Hash payload.
*/
- HASH_V1 = 8,
+ PLV1_HASH = 8,
/**
* Signature payload
*/
- SIGNATURE_V1 = 9,
+ PLV1_SIGNATURE = 9,
/**
* Nonce payload.
*/
- NONCE_V1 = 10,
+ PLV1_NONCE = 10,
/**
* Notification payload.
*/
- NOTIFY_V1 = 11,
+ PLV1_NOTIFY = 11,
/**
* Delete payload.
*/
- DELETE_V1 = 12,
+ PLV1_DELETE = 12,
/**
* Vendor id payload.
*/
- VENDOR_ID_V1 = 13,
+ PLV1_VENDOR_ID = 13,
/**
* Attribute payload (ISAKMP Mode Config, aka configuration payload.
*/
- CONFIGURATION_V1 = 14,
+ PLV1_CONFIGURATION = 14,
/**
* NAT discovery payload (NAT-D).
*/
- NAT_D_V1 = 20,
+ PLV1_NAT_D = 20,
/**
* NAT original address payload (NAT-OA).
*/
- NAT_OA_V1 = 21,
+ PLV1_NAT_OA = 21,
/**
* The security association (SA) payload containing proposals.
*/
- SECURITY_ASSOCIATION = 33,
+ PLV2_SECURITY_ASSOCIATION = 33,
/**
* The key exchange (KE) payload containing diffie-hellman values.
*/
- KEY_EXCHANGE = 34,
+ PLV2_KEY_EXCHANGE = 34,
/**
* Identification for the original initiator (IDi).
*/
- ID_INITIATOR = 35,
+ PLV2_ID_INITIATOR = 35,
/**
* Identification for the original responder (IDr).
*/
- ID_RESPONDER = 36,
+ PLV2_ID_RESPONDER = 36,
/**
* Certificate payload with certificates (CERT).
*/
- CERTIFICATE = 37,
+ PLV2_CERTIFICATE = 37,
/**
* Certificate request payload (CERTREQ).
*/
- CERTIFICATE_REQUEST = 38,
+ PLV2_CERTREQ = 38,
/**
* Authentication payload contains auth data (AUTH).
*/
- AUTHENTICATION = 39,
+ PLV2_AUTH = 39,
/**
* Nonces, for initiator and responder (Ni, Nr, N)
*/
- NONCE = 40,
+ PLV2_NONCE = 40,
/**
* Notify paylaod (N).
*/
- NOTIFY = 41,
+ PLV2_NOTIFY = 41,
/**
* Delete payload (D)
*/
- DELETE = 42,
+ PLV2_DELETE = 42,
/**
* Vendor id paylpoad (V).
*/
- VENDOR_ID = 43,
+ PLV2_VENDOR_ID = 43,
/**
* Traffic selector for the original initiator (TSi).
*/
- TRAFFIC_SELECTOR_INITIATOR = 44,
+ PLV2_TS_INITIATOR = 44,
/**
* Traffic selector for the original responser (TSr).
*/
- TRAFFIC_SELECTOR_RESPONDER = 45,
+ PLV2_TS_RESPONDER = 45,
/**
* Encryption payload, contains other payloads (E).
*/
- ENCRYPTED = 46,
+ PLV2_ENCRYPTED = 46,
/**
* Configuration payload (CP).
*/
- CONFIGURATION = 47,
+ PLV2_CONFIGURATION = 47,
/**
* Extensible authentication payload (EAP).
*/
- EXTENSIBLE_AUTHENTICATION = 48,
+ PLV2_EAP = 48,
/**
* Generic Secure Password Method (GSPM).
*/
- GENERIC_SECURE_PASSWORD_METHOD = 49,
+ PLV2_GSPM = 49,
#ifdef ME
/**
* Identification payload for peers has a value from
* the PRIVATE USE space.
*/
- ID_PEER = 128,
+ PLV2_ID_PEER = 128,
#endif /* ME */
/**
* NAT discovery payload (NAT-D) (drafts).
*/
- NAT_D_DRAFT_00_03_V1 = 130,
+ PLV1_NAT_D_DRAFT_00_03 = 130,
/**
* NAT original address payload (NAT-OA) (drafts).
*/
- NAT_OA_DRAFT_00_03_V1 = 131,
+ PLV1_NAT_OA_DRAFT_00_03 = 131,
/**
* IKE fragment (proprietary IKEv1 extension)
*/
- FRAGMENT_V1 = 132,
+ PLV1_FRAGMENT = 132,
/**
* Header has a value of PRIVATE USE space.
* This type and all the following are never sent over wire and are
* used internally only.
*/
- HEADER = 256,
+ PL_HEADER = 256,
/**
- * PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
+ * PLV2_PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
*/
- PROPOSAL_SUBSTRUCTURE,
+ PLV2_PROPOSAL_SUBSTRUCTURE,
/**
- * PROPOSAL_SUBSTRUCTURE_V1, IKEv1 proposals in a SA payload.
+ * PLV1_PROPOSAL_SUBSTRUCTURE, IKEv1 proposals in a SA payload.
*/
- PROPOSAL_SUBSTRUCTURE_V1,
+ PLV1_PROPOSAL_SUBSTRUCTURE,
/**
- * TRANSFORM_SUBSTRUCTURE, IKEv2 transforms in a proposal substructure.
+ * PLV2_TRANSFORM_SUBSTRUCTURE, IKEv2 transforms in a proposal substructure.
*/
- TRANSFORM_SUBSTRUCTURE,
+ PLV2_TRANSFORM_SUBSTRUCTURE,
/**
- * TRANSFORM_SUBSTRUCTURE_V1, IKEv1 transforms in a proposal substructure.
+ * PLV1_TRANSFORM_SUBSTRUCTURE, IKEv1 transforms in a proposal substructure.
*/
- TRANSFORM_SUBSTRUCTURE_V1,
+ PLV1_TRANSFORM_SUBSTRUCTURE,
/**
- * TRANSFORM_ATTRIBUTE, IKEv2 attribute in a transform.
+ * PLV2_TRANSFORM_ATTRIBUTE, IKEv2 attribute in a transform.
*/
- TRANSFORM_ATTRIBUTE,
+ PLV2_TRANSFORM_ATTRIBUTE,
/**
- * TRANSFORM_ATTRIBUTE_V1, IKEv1 attribute in a transform.
+ * PLV1_TRANSFORM_ATTRIBUTE, IKEv1 attribute in a transform.
*/
- TRANSFORM_ATTRIBUTE_V1,
+ PLV1_TRANSFORM_ATTRIBUTE,
/**
- * TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic selector in a TS payload.
+ * PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic selector in a TS payload.
*/
- TRAFFIC_SELECTOR_SUBSTRUCTURE,
+ PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE,
/**
- * CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
+ * PLV2_CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
*/
- CONFIGURATION_ATTRIBUTE,
+ PLV2_CONFIGURATION_ATTRIBUTE,
/**
- * CONFIGURATION_ATTRIBUTE_V1, IKEv1 attribute in a configuration payload.
+ * PLV1_CONFIGURATION_ATTRIBUTE, IKEv1 attribute in a configuration payload.
*/
- CONFIGURATION_ATTRIBUTE_V1,
+ PLV1_CONFIGURATION_ATTRIBUTE,
/**
* This is not really a payload, but rather the complete IKEv1 message.
*/
- ENCRYPTED_V1,
+ PLV1_ENCRYPTED,
};
/**
payload_type_t (*get_type) (payload_t *this);
/**
- * Get type of next payload or NO_PAYLOAD (0) if this is the last one.
+ * Get type of next payload or PL_NONE (0) if this is the last one.
*
* @return type of next payload
*/
linked_list_t *transforms;
/**
- * Type of this payload, PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
+ * Type of this payload, PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
*/
payload_type_t type;
};
/* SPI is a chunk of variable size*/
{ SPI, offsetof(private_proposal_substructure_t, spi) },
/* Transforms are stored in a transform substructure list */
- { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1,
+ { PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE,
offsetof(private_proposal_substructure_t, transforms) },
};
/* SPI is a chunk of variable size*/
{ SPI, offsetof(private_proposal_substructure_t, spi) },
/* Transforms are stored in a transform substructure list */
- { PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE,
+ { PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE,
offsetof(private_proposal_substructure_t, transforms) },
};
enumerator_t *enumerator;
payload_t *current;
- if (this->next_payload != NO_PAYLOAD && this->next_payload != 2)
+ if (this->next_payload != PL_NONE && this->next_payload != 2)
{
/* must be 0 or 2 */
DBG1(DBG_ENC, "inconsistent next payload");
}
break;
case PROTO_IKE:
- if (this->type == PROPOSAL_SUBSTRUCTURE_V1)
+ if (this->type == PLV1_PROPOSAL_SUBSTRUCTURE)
{
if (this->spi.len <= 16)
{ /* according to RFC 2409, section 3.5 anything between
METHOD(payload_t, get_encoding_rules, int,
private_proposal_substructure_t *this, encoding_rule_t **rules)
{
- if (this->type == PROPOSAL_SUBSTRUCTURE)
+ if (this->type == PLV2_PROPOSAL_SUBSTRUCTURE)
{
*rules = encodings_v2;
return countof(encodings_v2);
proposal->set_spi(proposal, spi);
proposals->insert_last(proposals, proposal);
}
- if (this->type == PROPOSAL_SUBSTRUCTURE)
+ if (this->type == PLV2_PROPOSAL_SUBSTRUCTURE)
{
add_to_proposal_v2(proposal, transform);
}
.get_encap_mode = _get_encap_mode,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.transforms = linked_list_create(),
.type = type,
);
u_int16_t alg, key_size;
enumerator_t *enumerator;
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
+ transform = transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE,
number, IKEV1_TRANSID_KEY_IKE);
enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
if (alg)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_ENCRYPTION_ALGORITHM, alg));
if (key_size)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_KEY_LENGTH, key_size));
}
break;
if (alg)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_HASH_ALGORITHM, alg));
break;
}
if (enumerator->enumerate(enumerator, &alg, &key_size))
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_GROUP, alg));
}
enumerator->destroy(enumerator);
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_AUTH_METHOD, get_ikev1_auth(method)));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH1_LIFE_DURATION, lifetime));
add_transform_substructure(this, transform);
if (alg)
{
transform = transform_substructure_create_type(
- TRANSFORM_SUBSTRUCTURE_V1, number, alg);
+ PLV1_TRANSFORM_SUBSTRUCTURE, number, alg);
if (key_size)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_KEY_LENGTH, key_size));
}
}
if (!transform)
{
transform = transform_substructure_create_type(
- TRANSFORM_SUBSTRUCTURE_V1, number, alg);
+ PLV1_TRANSFORM_SUBSTRUCTURE, number, alg);
}
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_AUTH_ALGORITHM, alg));
}
}
if (enumerator->enumerate(enumerator, &alg, &key_size))
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_GROUP, alg));
}
enumerator->destroy(enumerator);
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
if (lifetime)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_DURATION, lifetime));
}
if (lifebytes)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
}
enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
while (enumerator->enumerate(enumerator, &alg, &key_size))
{
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+ transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
ENCRYPTION_ALGORITHM, alg);
if (key_size)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE,
+ transform_attribute_create_value(PLV2_TRANSFORM_ATTRIBUTE,
TATTR_IKEV2_KEY_LENGTH, key_size));
}
add_transform_substructure(this, transform);
enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
while (enumerator->enumerate(enumerator, &alg, &key_size))
{
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+ transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
INTEGRITY_ALGORITHM, alg);
add_transform_substructure(this, transform);
}
enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION);
while (enumerator->enumerate(enumerator, &alg, &key_size))
{
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+ transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
PSEUDO_RANDOM_FUNCTION, alg);
add_transform_substructure(this, transform);
}
enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
while (enumerator->enumerate(enumerator, &alg, NULL))
{
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+ transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
DIFFIE_HELLMAN_GROUP, alg);
add_transform_substructure(this, transform);
}
enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS);
while (enumerator->enumerate(enumerator, &alg, NULL))
{
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+ transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
EXTENDED_SEQUENCE_NUMBERS, alg);
add_transform_substructure(this, transform);
}
private_proposal_substructure_t *this;
this = (private_proposal_substructure_t*)
- proposal_substructure_create(SECURITY_ASSOCIATION);
+ proposal_substructure_create(PLV2_SECURITY_ASSOCIATION);
set_from_proposal_v2(this, proposal);
set_data(this, proposal);
private_proposal_substructure_t *this;
this = (private_proposal_substructure_t*)
- proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
+ proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE);
switch (proposal->get_protocol(proposal))
{
case PROTO_IKE:
this = (private_proposal_substructure_t*)
- proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
+ proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE);
/* we currently support DEFLATE only */
- transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
+ transform = transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE,
1, IKEV1_IPCOMP_DEFLATE);
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
if (lifetime)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_DURATION, lifetime));
}
if (lifebytes)
{
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
transform->add_transform_attribute(transform,
- transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+ transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
}
/**
* Creates an empty proposal_substructure_t object
*
- * @param type PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
+ * @param type PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
* @return proposal_substructure_t object
*/
proposal_substructure_t *proposal_substructure_create(payload_type_t type);
* Creates an IKEv2 proposal_substructure_t from a proposal_t.
*
* @param proposal proposal to build a substruct out of it
- * @return proposal_substructure_t PROPOSAL_SUBSTRUCTURE
+ * @return proposal_substructure_t PLV2_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
proposal_t *proposal);
* @param auth authentication method to use, or AUTH_NONE
* @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
* @param udp ENCAP_UDP to use UDP encapsulation
- * @return proposal_substructure_t object PROPOSAL_SUBSTRUCTURE_V1
+ * @return proposal_substructure_t object PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
proposal_t *proposal, u_int32_t lifetime, u_int64_t lifebytes,
* @param auth authentication method to use, or AUTH_NONE
* @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
* @param udp ENCAP_UDP to use UDP encapsulation
- * @return IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1
+ * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
* @param mode IPsec encapsulation mode, TRANSPORT or TUNNEL
* @param udp ENCAP_UDP to use UDP encapsulation
* @param proposal_number the proposal number of the proposal to be linked
- * @return IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1
+ * @return IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
*/
proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
u_int32_t lifetime, u_int64_t lifebytes, u_int16_t cpi,
/* Situation*/
{ U_INT_32, offsetof(private_sa_payload_t, situation) },
/* Proposals are stored in a proposal substructure list */
- { PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1,
+ { PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE,
offsetof(private_sa_payload_t, proposals) },
};
/* Length of the whole SA payload*/
{ PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) },
/* Proposals are stored in a proposal substructure list */
- { PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE,
+ { PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE,
offsetof(private_sa_payload_t, proposals) },
};
enumerator_t *enumerator;
proposal_substructure_t *substruct;
- if (this->type == SECURITY_ASSOCIATION)
+ if (this->type == PLV2_SECURITY_ASSOCIATION)
{
expected_number = 1;
}
METHOD(payload_t, get_encoding_rules, int,
private_sa_payload_t *this, encoding_rule_t **rules)
{
- if (this->type == SECURITY_ASSOCIATION_V1)
+ if (this->type == PLV1_SECURITY_ASSOCIATION)
{
*rules = encodings_v1;
return countof(encodings_v1);
METHOD(payload_t, get_header_length, int,
private_sa_payload_t *this)
{
- if (this->type == SECURITY_ASSOCIATION_V1)
+ if (this->type == PLV1_SECURITY_ASSOCIATION)
{
return 12;
}
proposal_substructure_t *substruct;
linked_list_t *substructs, *list;
- if (this->type == SECURITY_ASSOCIATION_V1)
+ if (this->type == PLV1_SECURITY_ASSOCIATION)
{ /* IKEv1 proposals start with 0 */
struct_number = ignore_struct_number = -1;
}
.get_encap_mode = _get_encap_mode,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.proposals = linked_list_create(),
.type = type,
/* for IKEv1 only */
enumerator_t *enumerator;
proposal_t *proposal;
- this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION);
+ this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
enumerator = proposals->create_enumerator(proposals);
while (enumerator->enumerate(enumerator, &proposal))
{
{
private_sa_payload_t *this;
- this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION);
+ this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
add_proposal_v2(this, proposal);
return &this->public;
proposal_substructure_t *substruct;
private_sa_payload_t *this;
- this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION_V1);
+ this = (private_sa_payload_t*)sa_payload_create(PLV1_SECURITY_ASSOCIATION);
if (!proposals || !proposals->get_count(proposals))
{
/**
* Creates an empty sa_payload_t object
*
- * @param type SECURITY_ASSOCIATION or SECURITY_ASSOCIATION_V1
+ * @param type PLV2_SECURITY_ASSOCIATION or PLV1_SECURITY_ASSOCIATION
* @return created sa_payload_t object
*/
sa_payload_t *sa_payload_create(payload_type_t type);
METHOD(payload_t, get_type, payload_type_t,
private_traffic_selector_substructure_t *this)
{
- return TRAFFIC_SELECTOR_SUBSTRUCTURE;
+ return PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE;
}
METHOD(payload_t, get_next_type, payload_type_t,
private_traffic_selector_substructure_t *this)
{
- return NO_PAYLOAD;
+ return PL_NONE;
}
METHOD(payload_t, set_next_type, void,
chunk_t attribute_value;
/**
- * Payload type, TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * Payload type, PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
*/
payload_type_t type;
};
METHOD(payload_t, get_next_type, payload_type_t,
private_transform_attribute_t *this)
{
- return NO_PAYLOAD;
+ return PL_NONE;
}
METHOD(payload_t, set_next_type, void,
/**
* Creates an empty transform_attribute_t object.
*
- * @param type TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * @param type PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
* @return transform_attribute_t object
*/
transform_attribute_t *transform_attribute_create(payload_type_t type);
/**
* Creates a two byte value or a larger attribute for a given attribute kind.
*
- * @param type TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * @param type PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
* @param kind attribute kind
* @param value fixed two byte value
* @return transform_attribute_t object
linked_list_t *attributes;
/**
- * Payload type, TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+ * Payload type, PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
*/
payload_type_t type;
};
/**
- * Encoding rules for TRANSFORM_SUBSTRUCTURE
+ * Encoding rules for PLV2_TRANSFORM_SUBSTRUCTURE
*/
static encoding_rule_t encodings_v2[] = {
/* 1 Byte next payload type, stored in the field next_payload */
/* transform identifier, as used by IKEv2 */
{ U_INT_16, offsetof(private_transform_substructure_t, transform_id_v2) },
/* Attributes in a transform attribute list */
- { PAYLOAD_LIST + TRANSFORM_ATTRIBUTE,
+ { PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE,
offsetof(private_transform_substructure_t, attributes) }
};
/**
- * Encoding rules for TRANSFORM_SUBSTRUCTURE_V1
+ * Encoding rules for PLV1_TRANSFORM_SUBSTRUCTURE
*/
static encoding_rule_t encodings_v1[] = {
/* 1 Byte next payload type, stored in the field next_payload */
{ RESERVED_BYTE, offsetof(private_transform_substructure_t, reserved[1]) },
{ RESERVED_BYTE, offsetof(private_transform_substructure_t, reserved[2]) },
/* Attributes in a transform attribute list */
- { PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1,
+ { PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE,
offsetof(private_transform_substructure_t, attributes) }
};
enumerator_t *enumerator;
payload_t *attribute;
- if (this->next_payload != NO_PAYLOAD && this->next_payload != 3)
+ if (this->next_payload != PL_NONE && this->next_payload != 3)
{
DBG1(DBG_ENC, "inconsistent next payload");
return FAILED;
METHOD(payload_t, get_encoding_rules, int,
private_transform_substructure_t *this, encoding_rule_t **rules)
{
- if (this->type == TRANSFORM_SUBSTRUCTURE)
+ if (this->type == PLV2_TRANSFORM_SUBSTRUCTURE)
{
*rules = encodings_v2;
return countof(encodings_v2);
METHOD(transform_substructure_t, get_transform_id, u_int16_t,
private_transform_substructure_t *this)
{
- if (this->type == TRANSFORM_SUBSTRUCTURE)
+ if (this->type == PLV2_TRANSFORM_SUBSTRUCTURE)
{
return this->transform_id_v2;
}
.create_attribute_enumerator = _create_attribute_enumerator,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.transform_length = get_header_length(this),
.attributes = linked_list_create(),
.type = type,
this = (private_transform_substructure_t*)transform_substructure_create(type);
this->transform_ton = type_or_number;
- if (type == TRANSFORM_SUBSTRUCTURE)
+ if (type == PLV2_TRANSFORM_SUBSTRUCTURE)
{
this->transform_id_v2 = id;
}
/**
* Creates an empty transform_substructure_t object.
*
- * @param type TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+ * @param type PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
* @return created transform_substructure_t object
*/
transform_substructure_t *transform_substructure_create(payload_type_t type);
/**
* Creates an empty transform_substructure_t object.
*
- * @param type TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+ * @param type PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
* @param type_or_number Type (IKEv2) or number (IKEv1) of transform
* @param id transform id specifc for the transform type
* @return transform_substructure_t object
{ RESERVED_BYTE, offsetof(private_ts_payload_t, reserved_byte[1])},
{ RESERVED_BYTE, offsetof(private_ts_payload_t, reserved_byte[2])},
/* wrapped list of traffic selectors substructures */
- { PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE,
+ { PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE,
offsetof(private_ts_payload_t, substrs) },
};
{
if (this->is_initiator)
{
- return TRAFFIC_SELECTOR_INITIATOR;
+ return PLV2_TS_INITIATOR;
}
- return TRAFFIC_SELECTOR_RESPONDER;
+ return PLV2_TS_RESPONDER;
}
METHOD(payload_t, get_next_type, payload_type_t,
.get_traffic_selectors = _get_traffic_selectors,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.is_initiator = is_initiator,
.substrs = linked_list_create(),
.get_data = _get_data,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this),
.type = type,
);
.get_data = _get_data,
.destroy = _destroy,
},
- .next_payload = NO_PAYLOAD,
+ .next_payload = PL_NONE,
.payload_length = get_header_length(this) + data.len,
.data = data,
.type = type,
/**
* Creates an empty Vendor ID payload for IKEv1 or IKEv2.
*
- * @@param type VENDOR_ID or VENDOR_ID_V1
+ * @@param type PLV2_VENDOR_ID or PLV1_VENDOR_ID
* @return vendor ID payload
*/
vendor_id_payload_t *vendor_id_payload_create(payload_type_t type);
/**
* Creates a vendor ID payload using a chunk of data
*
- * @param type VENDOR_ID or VENDOR_ID_V1
+ * @param type PLV2_VENDOR_ID or PLV1_VENDOR_ID
* @param data data to use in vendor ID payload, gets owned by payload
* @return vendor ID payload
*/
if (data.len <
IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
- *(data.ptr + 16) != NOTIFY ||
+ *(data.ptr + 16) != PLV2_NOTIFY ||
*(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
{
/* no cookie found */
{
/* assume that "out" contains username/password attributes */
co->destroy(co);
- ci = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ ci = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
ci->add_attribute(ci, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, user));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, user));
ci->add_attribute(ci, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, pass));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_PASSWORD, pass));
switch (xauth->process(xauth, ci, &co))
{
case SUCCESS:
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY ||
- payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV2_NOTIFY ||
+ payload->get_type(payload) == PLV1_NOTIFY)
{
notify = (notify_payload_t*)payload;
if (notify->get_notify_type(notify) == RADIUS_ATTRIBUTE)
return FALSE;
}
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, this->round.type, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, this->round.type, chunk_empty));
if (this->round.message && strlen(this->round.message))
{
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_MESSAGE,
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_MESSAGE,
chunk_from_str(this->round.message)));
}
return TRUE;
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
/* first message always comes with username */
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, chunk_empty));
if (build_round(this, cp))
{
{
return verify_radius(this);
}
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
if (build_round(this, cp))
{
*out = cp;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify = (notify_payload_t*)payload;
if (notify->get_notify_type(notify) == RADIUS_ATTRIBUTE)
{
if (plain && ike_sa->supports_extension(ike_sa, EXT_STRONGSWAN) &&
message->get_exchange_type(message) == IKE_AUTH &&
- message->get_payload(message, EXTENSIBLE_AUTHENTICATION))
+ message->get_payload(message, PLV2_EAP))
{
if (incoming)
{
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, chunk_empty));
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_PASSWORD, chunk_empty));
*out = cp;
return NEED_MORE;
}
}
enumerator->destroy(enumerator);
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
enumerator = in->create_attribute_enumerator(in);
while (enumerator->enumerate(enumerator, &attr))
{
case XAUTH_USER_NAME:
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME,
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME,
this->peer->get_encoding(this->peer)));
break;
case XAUTH_NEXT_PIN:
return FAILED;
}
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, attr->get_type(attr),
+ PLV1_CONFIGURATION_ATTRIBUTE, attr->get_type(attr),
shared->get_key(shared)));
shared->destroy(shared);
break;
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, chunk_empty));
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_PASSWORD, chunk_empty));
*out = cp;
return NEED_MORE;
}
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, chunk_empty));
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_PASSWORD, chunk_empty));
*out = cp;
return NEED_MORE;
}
/* if this is an unencrypted INFORMATIONAL exchange it is likely a
* connectivity check. */
if (this->message->get_exchange_type(this->message) == INFORMATIONAL &&
- this->message->get_first_payload_type(this->message) != ENCRYPTED)
+ this->message->get_first_payload_type(this->message) != PLV2_ENCRYPTED)
{
/* theoretically this could also be an error message
* see RFC 4306, section 1.5. */
{
auth_payload_t *auth_payload;
- auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+ auth_payload = (auth_payload_t*)message->get_payload(message, PLV2_AUTH);
if (auth_payload == NULL)
{
return (authenticator_t*)eap_authenticator_create_verifier(ike_sa,
{ /* this might be the case when flush() has been called */
return FALSE;
}
- if (message->get_first_payload_type(message) == FRAGMENT_V1)
+ if (message->get_first_payload_type(message) == PLV1_FRAGMENT)
{ /* only hash the source IP, port and SPI for fragmented init messages */
u_int16_t port;
u_int64_t spi;
ike_id = entry->ike_sa->get_id(entry->ike_sa);
entry->checked_out = TRUE;
- if (message->get_first_payload_type(message) != FRAGMENT_V1)
+ if (message->get_first_payload_type(message) != PLV1_FRAGMENT)
{
entry->processing = get_message_id_or_hash(message);
}
}
free(dh.ptr);
- hash_payload = hash_payload_create(HASH_V1);
+ hash_payload = hash_payload_create(PLV1_HASH);
hash_payload->set_hash(hash_payload, hash);
message->add_payload(message, &hash_payload->payload_interface);
free(hash.ptr);
chunk_t hash, dh;
auth_cfg_t *auth;
- hash_payload = (hash_payload_t*)message->get_payload(message, HASH_V1);
+ hash_payload = (hash_payload_t*)message->get_payload(message, PLV1_HASH);
if (!hash_payload)
{
DBG1(DBG_IKE, "HASH payload missing in message");
if (private->sign(private, scheme, hash, &sig))
{
- sig_payload = hash_payload_create(SIGNATURE_V1);
+ sig_payload = hash_payload_create(PLV1_SIGNATURE);
sig_payload->set_hash(sig_payload, sig);
free(sig.ptr);
message->add_payload(message, &sig_payload->payload_interface);
scheme = SIGN_ECDSA_WITH_NULL;
}
- sig_payload = (hash_payload_t*)message->get_payload(message, SIGNATURE_V1);
+ sig_payload = (hash_payload_t*)message->get_payload(message, PLV1_SIGNATURE);
if (!sig_payload)
{
DBG1(DBG_IKE, "SIG payload missing in message");
static bool get_nonce(message_t *message, chunk_t *n)
{
nonce_payload_t *nonce;
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (nonce)
{
*n = nonce->get_nonce(nonce);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == HASH_V1)
+ if (payload->get_type(payload) == PLV1_HASH)
{
continue;
}
generator->generate_payload(generator, payload);
payload = next;
}
- payload->set_next_type(payload, NO_PAYLOAD);
+ payload->set_next_type(payload, PL_NONE);
generator->generate_payload(generator, payload);
}
enumerator->destroy(enumerator);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa = payload;
break;
nonce_gen_t *nonceg;
chunk_t nonce;
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE_V1, this->dh);
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV1_KEY_EXCHANGE, this->dh);
message->add_payload(message, &ke_payload->payload_interface);
nonceg = this->keymat->keymat.create_nonce_gen(&this->keymat->keymat);
}
nonceg->destroy(nonceg);
- nonce_payload = nonce_payload_create(NONCE_V1);
+ nonce_payload = nonce_payload_create(PLV1_NONCE);
nonce_payload->set_nonce(nonce_payload, nonce);
message->add_payload(message, &nonce_payload->payload_interface);
nonce_payload_t *nonce_payload;
ke_payload_t *ke_payload;
- ke_payload = (ke_payload_t*)message->get_payload(message, KEY_EXCHANGE_V1);
+ ke_payload = (ke_payload_t*)message->get_payload(message, PLV1_KEY_EXCHANGE);
if (!ke_payload)
{
DBG1(DBG_IKE, "KE payload missing in message");
this->dh_value = chunk_clone(ke_payload->get_key_exchange_data(ke_payload));
this->dh->set_other_public_value(this->dh, this->dh_value);
- nonce_payload = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce_payload = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (!nonce_payload)
{
DBG1(DBG_IKE, "NONCE payload missing in message");
response->set_request(response, TRUE);
response->set_message_id(response, mid);
response->add_payload(response, (payload_t*)
- notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type));
me = this->ike_sa->get_my_host(this->ike_sa);
chunk_t data;
u_int8_t num;
- payload = (fragment_payload_t*)msg->get_payload(msg, FRAGMENT_V1);
+ payload = (fragment_payload_t*)msg->get_payload(msg, PLV1_FRAGMENT);
if (!payload)
{
return FAILED;
}
}
- if (msg->get_first_payload_type(msg) == FRAGMENT_V1)
+ if (msg->get_first_payload_type(msg) == PLV1_FRAGMENT)
{
return handle_fragment(this, msg);
}
{
if (this->ike_sa->get_state(this->ike_sa) != IKE_CREATED &&
this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING &&
- msg->get_first_payload_type(msg) != FRAGMENT_V1)
+ msg->get_first_payload_type(msg) != PLV1_FRAGMENT)
{
DBG1(DBG_IKE, "ignoring %N in established IKE_SA state",
exchange_type_names, msg->get_exchange_type(msg));
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
u_int64_t spi_i, spi_r;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
return FAILED;
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
this->id_data = id_payload->get_encoded(id_payload);
message->add_payload(message, &id_payload->payload_interface);
message->get_source(message), TRUE);
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDii payload missing");
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
u_int32_t lifetime;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDir payload missing");
{
switch (payload->get_type(payload))
{
- case NOTIFY_V1:
+ case PLV1_NOTIFY:
notify = (notify_payload_t*)payload;
type = notify->get_notify_type(notify);
notify_type_names, type);
}
continue;
- case DELETE_V1:
+ case PLV1_DELETE:
if (!this->del)
{
delete = (delete_payload_t*)payload;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
{
break;
}
- payload = cert_payload_create_from_cert(CERTIFICATE_V1, cert);
+ payload = cert_payload_create_from_cert(PLV1_CERTIFICATE, cert);
if (!payload)
{
break;
{
if (type == AUTH_RULE_IM_CERT)
{
- payload = cert_payload_create_from_cert(CERTIFICATE_V1, cert);
+ payload = cert_payload_create_from_cert(PLV1_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
{
switch (payload->get_type(payload))
{
- case CERTIFICATE_REQUEST_V1:
+ case PLV1_CERTREQ:
{
certificate_t *cert;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CERTIFICATE_V1)
+ if (payload->get_type(payload) == PLV1_CERTIFICATE)
{
cert_payload_t *cert_payload;
cert_encoding_t encoding;
}
enumerator->destroy(enumerator);
}
- if (!message->get_payload(message, CERTIFICATE_REQUEST_V1))
+ if (!message->get_payload(message, PLV1_CERTREQ))
{
/* otherwise add all trusted CA certificates */
enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
this->ike_sa->get_other_host(this->ike_sa),
this->ike_sa->get_other_id(this->ike_sa));
- delete_payload = delete_payload_create(DELETE_V1, PROTO_IKE);
+ delete_payload = delete_payload_create(PLV1_DELETE, PROTO_IKE);
id = this->ike_sa->get_id(this->ike_sa);
delete_payload->set_ike_spi(delete_payload, id->get_initiator_spi(id),
id->get_responder_spi(id));
u_int32_t seqnr;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, this->type);
seqnr = htonl(this->seqnr);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
{
if (ike_sa->supports_extension(ike_sa, EXT_NATT_DRAFT_02_03))
{
- return NAT_D_DRAFT_00_03_V1;
+ return PLV1_NAT_D_DRAFT_00_03;
}
- return NAT_D_V1;
+ return PLV1_NAT_D;
}
/**
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) != NAT_D_V1 &&
- payload->get_type(payload) != NAT_D_DRAFT_00_03_V1)
+ if (payload->get_type(payload) != PLV1_NAT_D &&
+ payload->get_type(payload) != PLV1_NAT_D_DRAFT_00_03)
{
continue;
}
case ID_PROT:
{ /* add NAT-D payloads to the second request, need to process
* those by the responder contained in the second response */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
case ID_PROT:
{ /* process NAT-D payloads in the second response, added them in the
* second request already, so we're done afterwards */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
case ID_PROT:
{ /* process NAT-D payloads in the second request, need to add ours
* to the second response */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
case ID_PROT:
{ /* add NAT-D payloads to second response, already processed those
* contained in the second request */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
(vendor_ids[i].extension == EXT_IKE_FRAGMENTATION && fragmentation))
{
DBG2(DBG_IKE, "sending %s vendor ID", vendor_ids[i].desc);
- vid_payload = vendor_id_payload_create_data(VENDOR_ID_V1,
+ vid_payload = vendor_id_payload_create_data(PLV1_VENDOR_ID,
chunk_clone(chunk_create(vendor_ids[i].id, vendor_ids[i].len)));
message->add_payload(message, &vid_payload->payload_interface);
}
this->best_natt_ext == i)
{
DBG2(DBG_IKE, "sending %s vendor ID", vendor_natt_ids[i].desc);
- vid_payload = vendor_id_payload_create_data(VENDOR_ID_V1,
+ vid_payload = vendor_id_payload_create_data(PLV1_VENDOR_ID,
chunk_clone(chunk_create(vendor_natt_ids[i].id,
vendor_natt_ids[i].len)));
message->add_payload(message, &vid_payload->payload_interface);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == VENDOR_ID_V1)
+ if (payload->get_type(payload) == PLV1_VENDOR_ID)
{
vendor_id_payload_t *vid;
bool found = FALSE;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
u_int64_t spi_i, spi_r;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
return send_notify(this, INVALID_ID_INFORMATION);
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
message->get_source(message), TRUE);
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
id_payload_t *id_payload;
identification_t *id;
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDii payload missing");
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
id_payload_t *id_payload;
identification_t *id, *cid;
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDir payload missing");
chunk = chunk_cata("cc", chunk, prefix);
}
}
- return configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ return configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, chunk);
}
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CONFIGURATION_V1)
+ if (payload->get_type(payload) == PLV1_CONFIGURATION)
{
cp_payload_t *cp = (cp_payload_t*)payload;
configuration_attribute_t *ca;
entry_t *entry;
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, data));
INIT(entry,
.type = type,
linked_list_t *vips;
host_t *host;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
vips = linked_list_create();
host_t *any4, *any6, *found;
char *name;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_SET);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_SET);
id = this->ike_sa->get_other_eap_id(this->ike_sa);
config = this->ike_sa->get_peer_cfg(this->ike_sa);
linked_list_t *vips, *pools;
host_t *requested;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
id = this->ike_sa->get_other_eap_id(this->ike_sa);
config = this->ike_sa->get_peer_cfg(this->ike_sa);
while (enumerator->enumerate(enumerator, &type, &value))
{
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, value));
}
enumerator->destroy(enumerator);
configuration_attribute_type_t type;
entry_t *entry;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_ACK);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_ACK);
/* return empty attributes for installed IPs */
type = INTERNAL_IP4_ADDRESS;
}
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, type, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, type, chunk_empty));
}
enumerator->destroy(enumerator);
while (enumerator->enumerate(enumerator, &entry))
{
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
entry->type, chunk_empty));
}
enumerator->destroy(enumerator);
DBG1(DBG_IKE, "sending DELETE for %N CHILD_SA with SPI %.8x",
protocol_id_names, this->protocol, ntohl(this->spi));
- delete_payload = delete_payload_create(DELETE_V1, this->protocol);
+ delete_payload = delete_payload_create(PLV1_DELETE, this->protocol);
delete_payload->add_spi(delete_payload, this->spi);
message->add_payload(message, &delete_payload->payload_interface);
payloads = message->create_payload_enumerator(message);
while (payloads->enumerate(payloads, &payload))
{
- if (payload->get_type(payload) == DELETE_V1)
+ if (payload->get_type(payload) == PLV1_DELETE)
{
delete_payload = (delete_payload_t*)payload;
protocol = delete_payload->get_protocol_id(delete_payload);
}
nonceg->destroy(nonceg);
- nonce_payload = nonce_payload_create(NONCE_V1);
+ nonce_payload = nonce_payload_create(PLV1_NONCE);
nonce_payload->set_nonce(nonce_payload, *nonce);
message->add_payload(message, &nonce_payload->payload_interface);
{
nonce_payload_t *nonce_payload;
- nonce_payload = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce_payload = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (!nonce_payload)
{
DBG1(DBG_IKE, "NONCE payload missing in message");
{
ke_payload_t *ke_payload;
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE_V1, this->dh);
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV1_KEY_EXCHANGE, this->dh);
message->add_payload(message, &ke_payload->payload_interface);
}
{
ke_payload_t *ke_payload;
- ke_payload = (ke_payload_t*)message->get_payload(message, KEY_EXCHANGE_V1);
+ ke_payload = (ke_payload_t*)message->get_payload(message, PLV1_KEY_EXCHANGE);
if (!ke_payload)
{
DBG1(DBG_IKE, "KE payload missing");
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == ID_V1)
+ if (payload->get_type(payload) == PLV1_ID)
{
id_payload = (id_payload_t*)payload;
{
if (ike_sa->supports_extension(ike_sa, EXT_NATT_DRAFT_02_03))
{
- return NAT_OA_DRAFT_00_03_V1;
+ return PLV1_NAT_OA_DRAFT_00_03;
}
- return NAT_OA_V1;
+ return PLV1_NAT_OA;
}
/**
{
notify_payload_t *notify;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
this->proto, type);
notify->set_spi(notify, this->spi_i);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "sa payload missing");
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "sa payload missing");
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_SET);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_SET);
cp->add_attribute(cp,
configuration_attribute_create_value(XAUTH_STATUS, this->status));
{
cp_payload_t *cp;
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp || cp->get_type(cp) != CFG_ACK)
{
DBG1(DBG_IKE, "received invalid XAUTH status response");
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_ACK);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_ACK);
cp->set_identifier(cp, this->identifier);
cp->add_attribute(cp,
configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_STATUS, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_STATUS, chunk_empty));
message->add_payload(message, (payload_t *)cp);
return NEED_MORE;
}
}
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp)
{
DBG1(DBG_IKE, "configuration payload missing in XAuth request");
{
if (!this->cp)
{ /* send empty reply if building data failed */
- this->cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ this->cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
}
message->add_payload(message, (payload_t *)this->cp);
this->cp = NULL;
identification_t *id;
cp_payload_t *cp;
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp)
{
DBG1(DBG_IKE, "configuration payload missing in XAuth response");
keymat_v2_t *keymat;
auth_payload = (auth_payload_t*)message->get_payload(message,
- AUTHENTICATION);
+ PLV2_AUTH);
if (!auth_payload)
{
DBG1(DBG_IKE, "AUTH payload missing");
else
{
eap_payload = (eap_payload_t*)message->get_payload(message,
- EXTENSIBLE_AUTHENTICATION);
+ PLV2_EAP);
if (!eap_payload)
{
return FAILED;
}
eap_payload = (eap_payload_t*)message->get_payload(message,
- EXTENSIBLE_AUTHENTICATION);
+ PLV2_EAP);
if (eap_payload)
{
switch (eap_payload->get_code(eap_payload))
int keys_found = 0;
keymat_v2_t *keymat;
- auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+ auth_payload = (auth_payload_t*)message->get_payload(message, PLV2_AUTH);
if (!auth_payload)
{
return FAILED;
status_t status = NOT_FOUND;
keymat_v2_t *keymat;
- auth_payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+ auth_payload = (auth_payload_t*)message->get_payload(message, PLV2_AUTH);
if (!auth_payload)
{
return FAILED;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) != NOTIFY)
+ if (payload->get_type(payload) != PLV2_NOTIFY)
{
DBG1(DBG_IKE, "ignoring payload of type '%N' while processing "
"connectivity check", payload_type_names,
{
switch (payload->get_type(payload))
{
- case NOTIFY:
+ case PLV2_NOTIFY:
{ /* if we find a rekey notify, its CHILD_SA rekeying */
notify = (notify_payload_t*)payload;
if (notify->get_notify_type(notify) == REKEY_SA &&
}
break;
}
- case TRAFFIC_SELECTOR_INITIATOR:
- case TRAFFIC_SELECTOR_RESPONDER:
+ case PLV2_TS_INITIATOR:
+ case PLV2_TS_RESPONDER:
{ /* if we don't find a TS, its IKE rekeying */
ts_found = TRUE;
break;
{
switch (payload->get_type(payload))
{
- case NOTIFY:
+ case PLV2_NOTIFY:
{
notify = (notify_payload_t*)payload;
switch (notify->get_notify_type(notify))
}
break;
}
- case DELETE:
+ case PLV2_DELETE:
{
delete = (delete_payload_t*)payload;
if (delete->get_protocol_id(delete) == PROTO_IKE)
{
nonce_payload_t *payload;
- payload = (nonce_payload_t*)message->get_payload(message, NONCE);
+ payload = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
if (payload == NULL)
{
return FAILED;
/* add nonce payload if not in IKE_AUTH */
if (message->get_exchange_type(message) == CREATE_CHILD_SA)
{
- nonce_payload = nonce_payload_create(NONCE);
+ nonce_payload = nonce_payload_create(PLV2_NONCE);
nonce_payload->set_nonce(nonce_payload, this->my_nonce);
message->add_payload(message, (payload_t*)nonce_payload);
}
/* diffie hellman exchange, if PFS enabled */
if (this->dh)
{
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE,
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV2_KEY_EXCHANGE,
this->dh);
message->add_payload(message, (payload_t*)ke_payload);
}
{
switch (payload->get_type(payload))
{
- case SECURITY_ASSOCIATION:
+ case PLV2_SECURITY_ASSOCIATION:
sa_payload = (sa_payload_t*)payload;
this->proposals = sa_payload->get_proposals(sa_payload);
break;
- case KEY_EXCHANGE:
+ case PLV2_KEY_EXCHANGE:
ke_payload = (ke_payload_t*)payload;
if (!this->initiator)
{
ke_payload->get_key_exchange_data(ke_payload));
}
break;
- case TRAFFIC_SELECTOR_INITIATOR:
+ case PLV2_TS_INITIATOR:
ts_payload = (ts_payload_t*)payload;
this->tsi = ts_payload->get_traffic_selectors(ts_payload);
break;
- case TRAFFIC_SELECTOR_RESPONDER:
+ case PLV2_TS_RESPONDER:
ts_payload = (ts_payload_t*)payload;
this->tsr = ts_payload->get_traffic_selectors(ts_payload);
break;
- case NOTIFY:
+ case PLV2_NOTIFY:
handle_notify(this, (notify_payload_t*)payload);
break;
default:
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
proto = this->proposal->get_protocol(this->proposal);
spi = this->child_sa->get_spi(this->child_sa, TRUE);
- del = delete_payload_create(DELETE, proto);
+ del = delete_payload_create(PLV2_DELETE, proto);
del->add_spi(del, spi);
message->add_payload(message, (payload_t*)del);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
notify_type_t type = notify->get_notify_type(notify);
case PROTO_ESP:
if (esp == NULL)
{
- esp = delete_payload_create(DELETE, PROTO_ESP);
+ esp = delete_payload_create(PLV2_DELETE, PROTO_ESP);
message->add_payload(message, (payload_t*)esp);
}
esp->add_spi(esp, spi);
case PROTO_AH:
if (ah == NULL)
{
- ah = delete_payload_create(DELETE, PROTO_AH);
+ ah = delete_payload_create(PLV2_DELETE, PROTO_AH);
message->add_payload(message, (payload_t*)ah);
}
ah->add_spi(ah, spi);
payloads = message->create_payload_enumerator(message);
while (payloads->enumerate(payloads, &payload))
{
- if (payload->get_type(payload) == DELETE)
+ if (payload->get_type(payload) == PLV2_DELETE)
{
delete_payload = (delete_payload_t*)payload;
protocol = delete_payload->get_protocol_id(delete_payload);
config = this->child_sa->get_config(this->child_sa);
/* we just need the rekey notify ... */
- notify = notify_payload_create_from_protocol_and_type(NOTIFY,
+ notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
this->protocol, REKEY_SA);
notify->set_spi(notify, this->spi);
message->add_payload(message, (payload_t*)notify);
this->child_create->set_config(this->child_create, config->get_ref(config));
this->child_create->task.build(&this->child_create->task, message);
- if (message->get_payload(message, SECURITY_ASSOCIATION) == NULL)
+ if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
{
/* rekeying failed, reuse old child */
this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
this->child_create->task.migrate(&this->child_create->task, this->ike_sa);
return NEED_MORE;
}
- if (message->get_payload(message, SECURITY_ASSOCIATION) == NULL)
+ if (message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
{
/* establishing new child failed, reuse old. but not when we
* received a delete in the meantime */
nonce_payload_t *nonce;
/* get the nonce that was generated in ike_init */
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
if (nonce == NULL)
{
return FAILED;
nonce_payload_t *nonce;
/* get the nonce that was generated in ike_init */
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
if (nonce == NULL)
{
return FAILED;
{
this->ike_sa->set_other_id(this->ike_sa, idr->clone(idr));
id_payload = id_payload_create_from_identification(
- ID_RESPONDER, idr);
+ PLV2_ID_RESPONDER, idr);
message->add_payload(message, (payload_t*)id_payload);
}
}
cfg->add(cfg, AUTH_RULE_IDENTITY, idi);
}
this->ike_sa->set_my_id(this->ike_sa, idi->clone(idi));
- id_payload = id_payload_create_from_identification(ID_INITIATOR, idi);
+ id_payload = id_payload_create_from_identification(PLV2_ID_INITIATOR, idi);
get_reserved_id_bytes(this, id_payload);
message->add_payload(message, (payload_t*)id_payload);
/* check for additional authentication rounds */
if (do_another_auth(this))
{
- if (message->get_payload(message, AUTHENTICATION))
+ if (message->get_payload(message, PLV2_AUTH))
{
message->add_notify(message, FALSE, ANOTHER_AUTH_FOLLOWS, chunk_empty);
}
if (this->my_auth == NULL && this->do_another_auth)
{
/* handle (optional) IDr payload, apply proposed identity */
- id_payload = (id_payload_t*)message->get_payload(message, ID_RESPONDER);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV2_ID_RESPONDER);
if (id_payload)
{
id = id_payload->get_identification(id_payload);
if (this->other_auth == NULL)
{
/* handle IDi payload */
- id_payload = (id_payload_t*)message->get_payload(message, ID_INITIATOR);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV2_ID_INITIATOR);
if (!id_payload)
{
DBG1(DBG_IKE, "IDi payload missing");
return NEED_MORE;
}
}
- if (message->get_payload(message, AUTHENTICATION) == NULL)
+ if (message->get_payload(message, PLV2_AUTH) == NULL)
{ /* before authenticating with EAP, we need a EAP config */
cand = get_auth_cfg(this, FALSE);
while (!cand || (
this->other_auth = NULL;
break;
case NEED_MORE:
- if (message->get_payload(message, AUTHENTICATION))
+ if (message->get_payload(message, PLV2_AUTH))
{ /* AUTH verification successful, but another build() needed */
break;
}
}
}
- id_payload = id_payload_create_from_identification(ID_RESPONDER, id);
+ id_payload = id_payload_create_from_identification(PLV2_ID_RESPONDER, id);
get_reserved_id_bytes(this, id_payload);
message->add_payload(message, (payload_t*)id_payload);
case NEED_MORE:
break;
default:
- if (message->get_payload(message, EXTENSIBLE_AUTHENTICATION))
+ if (message->get_payload(message, PLV2_EAP))
{ /* skip AUTHENTICATION_FAILED if we have EAP_FAILURE */
goto peer_auth_failed_no_notify;
}
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
notify_type_t type = notify->get_notify_type(notify);
/* handle IDr payload */
id_payload = (id_payload_t*)message->get_payload(message,
- ID_RESPONDER);
+ PLV2_ID_RESPONDER);
if (!id_payload)
{
DBG1(DBG_IKE, "IDr payload missing");
cfg = this->ike_sa->get_auth_cfg(this->ike_sa, FALSE);
cfg->add(cfg, AUTH_RULE_IDENTITY, id->clone(id));
- if (message->get_payload(message, AUTHENTICATION))
+ if (message->get_payload(message, PLV2_AUTH))
{
/* verify authentication data */
this->other_auth = authenticator_create_verifier(this->ike_sa,
if (!this->ike_sa->supports_extension(this->ike_sa, EXT_HASH_AND_URL))
{
- return cert_payload_create_from_cert(CERTIFICATE, cert);
+ return cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
}
hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
if (!hasher)
{
DBG1(DBG_IKE, "unable to use hash-and-url: sha1 not supported");
- return cert_payload_create_from_cert(CERTIFICATE, cert);
+ return cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
}
if (!cert->get_encoding(cert, CERT_ASN1_DER, &encoded))
{
hasher->destroy(hasher);
chunk_free(&encoded);
- return cert_payload_create_from_cert(CERTIFICATE, cert);
+ return cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
}
chunk_free(&encoded);
hasher->destroy(hasher);
}
else
{
- payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+ payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
}
enumerator->destroy(enumerator);
chunk_free(&hash);
{
if (type == AUTH_RULE_IM_CERT)
{
- payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+ payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
if (id && id->equals(id, subject->get_issuer(subject)) &&
cert->get_validity(cert, NULL, NULL, NULL))
{
- payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+ payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "sending attribute certificate "
auth_payload_t *payload;
auth_cfg_t *auth;
- payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
+ payload = (auth_payload_t*)message->get_payload(message, PLV2_AUTH);
peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
if (!peer_cfg || !payload || payload->get_auth_method(payload) == AUTH_PSK)
{ /* no CERT payload for EAP/PSK */
{
switch (payload->get_type(payload))
{
- case CERTIFICATE_REQUEST:
+ case PLV2_CERTREQ:
process_certreq(this, (certreq_payload_t*)payload, auth);
break;
- case NOTIFY:
+ case PLV2_NOTIFY:
process_notify(this, (notify_payload_t*)payload);
break;
default:
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CERTIFICATE)
+ if (payload->get_type(payload) == PLV2_CERTIFICATE)
{
cert_payload_t *cert_payload;
cert_encoding_t encoding;
static bool final_auth(message_t *message)
{
/* we check for an AUTH payload without a ANOTHER_AUTH_FOLLOWS notify */
- if (message->get_payload(message, AUTHENTICATION) == NULL)
+ if (message->get_payload(message, PLV2_AUTH) == NULL)
{
return FALSE;
}
chunk = chunk_cata("cc", chunk, prefix);
}
}
- return configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+ return configuration_attribute_create_chunk(PLV2_CONFIGURATION_ATTRIBUTE,
type, chunk);
}
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CONFIGURATION)
+ if (payload->get_type(payload) == PLV2_CONFIGURATION)
{
cp_payload_t *cp = (cp_payload_t*)payload;
configuration_attribute_t *ca;
if (vips->get_count(vips))
{
- cp = cp_payload_create_type(CONFIGURATION, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV2_CONFIGURATION, CFG_REQUEST);
enumerator = vips->create_enumerator(vips);
while (enumerator->enumerate(enumerator, &host))
{
/* create configuration attribute */
DBG2(DBG_IKE, "building %N attribute",
configuration_attribute_type_names, type);
- ca = configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+ ca = configuration_attribute_create_chunk(PLV2_CONFIGURATION_ATTRIBUTE,
type, data);
if (!cp)
{
- cp = cp_payload_create_type(CONFIGURATION, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV2_CONFIGURATION, CFG_REQUEST);
}
cp->add_attribute(cp, ca);
this->ike_sa->add_virtual_ip(this->ike_sa, FALSE, found);
if (!cp)
{
- cp = cp_payload_create_type(CONFIGURATION, CFG_REPLY);
+ cp = cp_payload_create_type(PLV2_CONFIGURATION, CFG_REPLY);
}
cp->add_attribute(cp, build_vip(found));
vips->insert_last(vips, found);
{
if (!cp)
{
- cp = cp_payload_create_type(CONFIGURATION, CFG_REPLY);
+ cp = cp_payload_create_type(PLV2_CONFIGURATION, CFG_REPLY);
}
DBG2(DBG_IKE, "building %N attribute",
configuration_attribute_type_names, type);
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+ configuration_attribute_create_chunk(PLV2_CONFIGURATION_ATTRIBUTE,
type, value));
}
enumerator->destroy(enumerator);
this->ike_sa->get_other_host(this->ike_sa),
this->ike_sa->get_other_id(this->ike_sa));
- delete_payload = delete_payload_create(DELETE, PROTO_IKE);
+ delete_payload = delete_payload_create(PLV2_DELETE, PROTO_IKE);
message->add_payload(message, (payload_t*)delete_payload);
if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)
}
message->add_payload(message, (payload_t*)sa_payload);
- nonce_payload = nonce_payload_create(NONCE);
+ nonce_payload = nonce_payload_create(PLV2_NONCE);
nonce_payload->set_nonce(nonce_payload, this->my_nonce);
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE, this->dh);
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV2_KEY_EXCHANGE, this->dh);
if (this->old_sa)
{ /* payload order differs if we are rekeying */
{
switch (payload->get_type(payload))
{
- case SECURITY_ASSOCIATION:
+ case PLV2_SECURITY_ASSOCIATION:
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
linked_list_t *proposal_list;
offsetof(proposal_t, destroy));
break;
}
- case KEY_EXCHANGE:
+ case PLV2_KEY_EXCHANGE:
{
ke_payload_t *ke_payload = (ke_payload_t*)payload;
}
break;
}
- case NONCE:
+ case PLV2_NONCE:
{
nonce_payload_t *nonce_payload = (nonce_payload_t*)payload;
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY)
+ if (payload->get_type(payload) == PLV2_NOTIFY)
{
notify_payload_t *notify = (notify_payload_t*)payload;
notify_type_t type = notify->get_notify_type(notify);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) != NOTIFY)
+ if (payload->get_type(payload) != PLV2_NOTIFY)
{
continue;
}
{
rng_t *rng;
id_payload_t *id_payload;
- id_payload = id_payload_create_from_identification(ID_PEER,
+ id_payload = id_payload_create_from_identification(PLV2_ID_PEER,
this->peer_id);
message->add_payload(message, (payload_t*)id_payload);
case ME_CONNECT:
{
id_payload_t *id_payload;
- id_payload = (id_payload_t*)message->get_payload(message, ID_PEER);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV2_ID_PEER);
if (!id_payload)
{
DBG1(DBG_IKE, "received ME_CONNECT without ID_PEER payload"
case ME_CONNECT:
{
id_payload_t *id_payload;
- id_payload = id_payload_create_from_identification(ID_PEER,
+ id_payload = id_payload_create_from_identification(PLV2_ID_PEER,
this->peer_id);
message->add_payload(message, (payload_t*)id_payload);
case ME_CONNECT:
{
id_payload_t *id_payload;
- id_payload = (id_payload_t*)message->get_payload(message, ID_PEER);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV2_ID_PEER);
if (!id_payload)
{
DBG1(DBG_IKE, "received ME_CONNECT without ID_PEER payload"
chunk_t data;
host_t *host;
- if (payload->get_type(payload) != NOTIFY)
+ if (payload->get_type(payload) != PLV2_NOTIFY)
{
continue;
}
{
return NULL;
}
- notify = notify_payload_create(NOTIFY);
+ notify = notify_payload_create(PLV2_NOTIFY);
notify->set_notify_type(notify, type);
notify->set_notification_data(notify, hash);
chunk_free(&hash);
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) != NOTIFY)
+ if (payload->get_type(payload) != PLV2_NOTIFY)
{
continue;
}
/* only add notifies on successful responses. */
if (message->get_exchange_type(message) == IKE_SA_INIT &&
- message->get_payload(message, SECURITY_ASSOCIATION) == NULL)
+ message->get_payload(message, PLV2_SECURITY_ASSOCIATION) == NULL)
{
return SUCCESS;
}
if (vids[i].extension == EXT_STRONGSWAN && strongswan)
{
DBG2(DBG_IKE, "sending %s vendor ID", vids[i].desc);
- vid = vendor_id_payload_create_data(VENDOR_ID,
+ vid = vendor_id_payload_create_data(PLV2_VENDOR_ID,
chunk_clone(get_vid_data(&vids[i])));
message->add_payload(message, &vid->payload_interface);
}
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == VENDOR_ID)
+ if (payload->get_type(payload) == PLV2_VENDOR_ID)
{
vendor_id_payload_t *vid;
chunk_t data;
projects / thirdparty / strongswan.git / commitdiff
