From: Tobias Brunner <tobias@strongswan.org>
Date: Fri, 25 Oct 2019 12:40:35 +0000 (+0200)
Subject: message: Add rules for IKE_INTERMEDIATE exchanges
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=92eef40b7efc9319aee64d5ebf6cf6c25f7a1627;p=thirdparty%2Fstrongswan.git

message: Add rules for IKE_INTERMEDIATE exchanges
---

diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c
index 4494f23fd3..467bdda22f 100644
--- a/src/libcharon/encoding/message.c
+++ b/src/libcharon/encoding/message.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (C) 2006-2018 Tobias Brunner
+ * Copyright (C) 2006-2020 Tobias Brunner
  * Copyright (C) 2005-2010 Martin Willi
  * Copyright (C) 2006 Daniel Roethlisberger
  * Copyright (C) 2005 Jan Hutter
@@ -400,6 +400,46 @@ static payload_order_t create_child_sa_r_order[] = {
 	{PLV2_FRAGMENT,					0},
 };
 
+/**
+ * Message rule for IKE_INTERMEDIATE from initiator.
+ */
+static payload_rule_t ike_intermediate_i_rules[] = {
+/*	payload type					min	max						encr	suff */
+	{PLV2_FRAGMENT,					0,	1,						TRUE,	TRUE},
+	{PLV2_NOTIFY,					0,	MAX_NOTIFY_PAYLOADS,	TRUE,	FALSE},
+	{PLV2_KEY_EXCHANGE,				0,	1,						TRUE,	FALSE},
+};
+
+/**
+ * payload order for IKE_INTERMEDIATE initiator
+ */
+static payload_order_t ike_intermediate_i_order[] = {
+/*	payload type					notify type */
+	{PLV2_KEY_EXCHANGE,				0},
+	{PLV2_NOTIFY,					0},
+	{PLV2_FRAGMENT,					0},
+};
+
+/**
+ * Message rule for IKE_INTERMEDIATE from responder.
+ */
+static payload_rule_t ike_intermediate_r_rules[] = {
+/*	payload type					min	max						encr	suff */
+	{PLV2_FRAGMENT,					0,	1,						TRUE,	TRUE},
+	{PLV2_NOTIFY,					0,	MAX_NOTIFY_PAYLOADS,	TRUE,	TRUE},
+	{PLV2_KEY_EXCHANGE,				0,	1,						TRUE,	FALSE},
+};
+
+/**
+ * payload order for IKE_INTERMEDIATE responder
+ */
+static payload_order_t ike_intermediate_r_order[] = {
+/*	payload type					notify type */
+	{PLV2_KEY_EXCHANGE,				0},
+	{PLV2_NOTIFY,					0},
+	{PLV2_FRAGMENT,					0},
+};
+
 #ifdef ME
 /**
  * Message rule for ME_CONNECT from initiator.
@@ -767,6 +807,14 @@ static message_rule_t message_rules[] = {
 		countof(create_child_sa_r_rules), create_child_sa_r_rules,
 		countof(create_child_sa_r_order), create_child_sa_r_order,
 	},
+	{IKE_INTERMEDIATE,	TRUE,	TRUE,
+		countof(ike_intermediate_i_rules), ike_intermediate_i_rules,
+		countof(ike_intermediate_i_order), ike_intermediate_i_order,
+	},
+	{IKE_INTERMEDIATE,			FALSE,	TRUE,
+		countof(ike_intermediate_r_rules), ike_intermediate_r_rules,
+		countof(ike_intermediate_r_order), ike_intermediate_r_order,
+	},
 #ifdef ME
 	{ME_CONNECT,		TRUE,	TRUE,
 		countof(me_connect_i_rules), me_connect_i_rules,