summaryrefslogtreecommitdiff
path: root/src/libcharon/sa/ikev1
diff options
context:
space:
mode:
authorYves-Alexis Perez <corsac@debian.org>2014-07-11 07:23:31 +0200
committerYves-Alexis Perez <corsac@debian.org>2014-07-11 07:23:31 +0200
commit81c63b0eed39432878f78727f60a1e7499645199 (patch)
tree82387d8fecd1c20788fd8bd784a9b0bde091fb6b /src/libcharon/sa/ikev1
parentc5ebfc7b9c16551fe825dc1d79c3f7e2f096f6c9 (diff)
downloadvyos-strongswan-81c63b0eed39432878f78727f60a1e7499645199.tar.gz
vyos-strongswan-81c63b0eed39432878f78727f60a1e7499645199.zip
Imported Upstream version 5.2.0
Diffstat (limited to 'src/libcharon/sa/ikev1')
-rw-r--r--src/libcharon/sa/ikev1/authenticators/psk_v1_authenticator.c4
-rw-r--r--src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c4
-rw-r--r--src/libcharon/sa/ikev1/keymat_v1.c6
-rw-r--r--src/libcharon/sa/ikev1/phase1.c10
-rw-r--r--src/libcharon/sa/ikev1/task_manager_v1.c8
-rw-r--r--src/libcharon/sa/ikev1/tasks/aggressive_mode.c16
-rw-r--r--src/libcharon/sa/ikev1/tasks/informational.c4
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c6
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c8
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_delete.c2
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_dpd.c2
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_natd.c16
-rw-r--r--src/libcharon/sa/ikev1/tasks/isakmp_vendor.c6
-rw-r--r--src/libcharon/sa/ikev1/tasks/main_mode.c16
-rw-r--r--src/libcharon/sa/ikev1/tasks/mode_config.c33
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_delete.c4
-rw-r--r--src/libcharon/sa/ikev1/tasks/quick_mode.c24
-rw-r--r--src/libcharon/sa/ikev1/tasks/xauth.c20
18 files changed, 93 insertions, 96 deletions
diff --git a/src/libcharon/sa/ikev1/authenticators/psk_v1_authenticator.c b/src/libcharon/sa/ikev1/authenticators/psk_v1_authenticator.c
index ee15408c7..aa966cd5f 100644
--- a/src/libcharon/sa/ikev1/authenticators/psk_v1_authenticator.c
+++ b/src/libcharon/sa/ikev1/authenticators/psk_v1_authenticator.c
@@ -85,7 +85,7 @@ METHOD(authenticator_t, build, status_t,
}
free(dh.ptr);
- hash_payload = hash_payload_create(HASH_V1);
+ hash_payload = hash_payload_create(PLV1_HASH);
hash_payload->set_hash(hash_payload, hash);
message->add_payload(message, &hash_payload->payload_interface);
free(hash.ptr);
@@ -101,7 +101,7 @@ METHOD(authenticator_t, process, status_t,
chunk_t hash, dh;
auth_cfg_t *auth;
- hash_payload = (hash_payload_t*)message->get_payload(message, HASH_V1);
+ hash_payload = (hash_payload_t*)message->get_payload(message, PLV1_HASH);
if (!hash_payload)
{
DBG1(DBG_IKE, "HASH payload missing in message");
diff --git a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
index d81c77f0d..bfe5ff449 100644
--- a/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
+++ b/src/libcharon/sa/ikev1/authenticators/pubkey_v1_authenticator.c
@@ -108,7 +108,7 @@ METHOD(authenticator_t, build, status_t,
if (private->sign(private, scheme, hash, &sig))
{
- sig_payload = hash_payload_create(SIGNATURE_V1);
+ sig_payload = hash_payload_create(PLV1_SIGNATURE);
sig_payload->set_hash(sig_payload, sig);
free(sig.ptr);
message->add_payload(message, &sig_payload->payload_interface);
@@ -144,7 +144,7 @@ METHOD(authenticator_t, process, status_t,
scheme = SIGN_ECDSA_WITH_NULL;
}
- sig_payload = (hash_payload_t*)message->get_payload(message, SIGNATURE_V1);
+ sig_payload = (hash_payload_t*)message->get_payload(message, PLV1_SIGNATURE);
if (!sig_payload)
{
DBG1(DBG_IKE, "SIG payload missing in message");
diff --git a/src/libcharon/sa/ikev1/keymat_v1.c b/src/libcharon/sa/ikev1/keymat_v1.c
index bf1b0046c..619d197bd 100644
--- a/src/libcharon/sa/ikev1/keymat_v1.c
+++ b/src/libcharon/sa/ikev1/keymat_v1.c
@@ -791,7 +791,7 @@ METHOD(keymat_v1_t, get_hash, bool,
static bool get_nonce(message_t *message, chunk_t *n)
{
nonce_payload_t *nonce;
- nonce = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (nonce)
{
*n = nonce->get_nonce(nonce);
@@ -815,7 +815,7 @@ static chunk_t get_message_data(message_t *message, generator_t *generator)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == HASH_V1)
+ if (payload->get_type(payload) == PLV1_HASH)
{
continue;
}
@@ -835,7 +835,7 @@ static chunk_t get_message_data(message_t *message, generator_t *generator)
generator->generate_payload(generator, payload);
payload = next;
}
- payload->set_next_type(payload, NO_PAYLOAD);
+ payload->set_next_type(payload, PL_NONE);
generator->generate_payload(generator, payload);
}
enumerator->destroy(enumerator);
diff --git a/src/libcharon/sa/ikev1/phase1.c b/src/libcharon/sa/ikev1/phase1.c
index 1189d3c69..114b8a3e4 100644
--- a/src/libcharon/sa/ikev1/phase1.c
+++ b/src/libcharon/sa/ikev1/phase1.c
@@ -648,7 +648,7 @@ METHOD(phase1_t, save_sa_payload, bool,
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa = payload;
break;
@@ -682,7 +682,7 @@ METHOD(phase1_t, add_nonce_ke, bool,
nonce_gen_t *nonceg;
chunk_t nonce;
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE_V1, this->dh);
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV1_KEY_EXCHANGE, this->dh);
message->add_payload(message, &ke_payload->payload_interface);
nonceg = this->keymat->keymat.create_nonce_gen(&this->keymat->keymat);
@@ -699,7 +699,7 @@ METHOD(phase1_t, add_nonce_ke, bool,
}
nonceg->destroy(nonceg);
- nonce_payload = nonce_payload_create(NONCE_V1);
+ nonce_payload = nonce_payload_create(PLV1_NONCE);
nonce_payload->set_nonce(nonce_payload, nonce);
message->add_payload(message, &nonce_payload->payload_interface);
@@ -720,7 +720,7 @@ METHOD(phase1_t, get_nonce_ke, bool,
nonce_payload_t *nonce_payload;
ke_payload_t *ke_payload;
- ke_payload = (ke_payload_t*)message->get_payload(message, KEY_EXCHANGE_V1);
+ ke_payload = (ke_payload_t*)message->get_payload(message, PLV1_KEY_EXCHANGE);
if (!ke_payload)
{
DBG1(DBG_IKE, "KE payload missing in message");
@@ -729,7 +729,7 @@ METHOD(phase1_t, get_nonce_ke, bool,
this->dh_value = chunk_clone(ke_payload->get_key_exchange_data(ke_payload));
this->dh->set_other_public_value(this->dh, this->dh_value);
- nonce_payload = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce_payload = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (!nonce_payload)
{
DBG1(DBG_IKE, "NONCE payload missing in message");
diff --git a/src/libcharon/sa/ikev1/task_manager_v1.c b/src/libcharon/sa/ikev1/task_manager_v1.c
index 8fc158bba..97812a5c5 100644
--- a/src/libcharon/sa/ikev1/task_manager_v1.c
+++ b/src/libcharon/sa/ikev1/task_manager_v1.c
@@ -956,7 +956,7 @@ static void send_notify(private_task_manager_t *this, message_t *request,
response->set_request(response, TRUE);
response->set_message_id(response, mid);
response->add_payload(response, (payload_t*)
- notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type));
me = this->ike_sa->get_my_host(this->ike_sa);
@@ -1265,7 +1265,7 @@ static status_t handle_fragment(private_task_manager_t *this, message_t *msg)
chunk_t data;
u_int8_t num;
- payload = (fragment_payload_t*)msg->get_payload(msg, FRAGMENT_V1);
+ payload = (fragment_payload_t*)msg->get_payload(msg, PLV1_FRAGMENT);
if (!payload)
{
return FAILED;
@@ -1412,7 +1412,7 @@ static status_t parse_message(private_task_manager_t *this, message_t *msg)
}
}
- if (msg->get_first_payload_type(msg) == FRAGMENT_V1)
+ if (msg->get_first_payload_type(msg) == PLV1_FRAGMENT)
{
return handle_fragment(this, msg);
}
@@ -1514,7 +1514,7 @@ METHOD(task_manager_t, process_message, status_t,
{
if (this->ike_sa->get_state(this->ike_sa) != IKE_CREATED &&
this->ike_sa->get_state(this->ike_sa) != IKE_CONNECTING &&
- msg->get_first_payload_type(msg) != FRAGMENT_V1)
+ msg->get_first_payload_type(msg) != PLV1_FRAGMENT)
{
DBG1(DBG_IKE, "ignoring %N in established IKE_SA state",
exchange_type_names, msg->get_exchange_type(msg));
diff --git a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
index 6cc3e04b3..7009ae95d 100644
--- a/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/aggressive_mode.c
@@ -133,7 +133,7 @@ static bool has_notify_errors(private_aggressive_mode_t *this, message_t *messag
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
@@ -167,7 +167,7 @@ static status_t send_notify(private_aggressive_mode_t *this, notify_type_t type)
u_int64_t spi_i, spi_r;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
@@ -276,7 +276,7 @@ METHOD(task_t, build_i, status_t,
return FAILED;
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
this->id_data = id_payload->get_encoded(id_payload);
message->add_payload(message, &id_payload->payload_interface);
@@ -389,7 +389,7 @@ METHOD(task_t, process_r, status_t,
message->get_source(message), TRUE);
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
@@ -448,7 +448,7 @@ METHOD(task_t, process_r, status_t,
return send_notify(this, INVALID_PAYLOAD_TYPE);
}
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDii payload missing");
@@ -588,7 +588,7 @@ METHOD(task_t, build_r, status_t,
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
@@ -614,7 +614,7 @@ METHOD(task_t, process_i, status_t,
u_int32_t lifetime;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
@@ -654,7 +654,7 @@ METHOD(task_t, process_i, status_t,
return send_notify(this, NO_PROPOSAL_CHOSEN);
}
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDir payload missing");
diff --git a/src/libcharon/sa/ikev1/tasks/informational.c b/src/libcharon/sa/ikev1/tasks/informational.c
index bda1d2afb..b742dbef9 100644
--- a/src/libcharon/sa/ikev1/tasks/informational.c
+++ b/src/libcharon/sa/ikev1/tasks/informational.c
@@ -93,7 +93,7 @@ METHOD(task_t, process_r, status_t,
{
switch (payload->get_type(payload))
{
- case NOTIFY_V1:
+ case PLV1_NOTIFY:
notify = (notify_payload_t*)payload;
type = notify->get_notify_type(notify);
@@ -153,7 +153,7 @@ METHOD(task_t, process_r, status_t,
notify_type_names, type);
}
continue;
- case DELETE_V1:
+ case PLV1_DELETE:
if (!this->del)
{
delete = (delete_payload_t*)payload;
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c b/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
index edad3b2fa..7dbbdc92f 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_cert_post.c
@@ -68,7 +68,7 @@ static bool use_certs(private_isakmp_cert_post_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
@@ -132,7 +132,7 @@ static void build_certs(private_isakmp_cert_post_t *this, message_t *message)
{
break;
}
- payload = cert_payload_create_from_cert(CERTIFICATE_V1, cert);
+ payload = cert_payload_create_from_cert(PLV1_CERTIFICATE, cert);
if (!payload)
{
break;
@@ -146,7 +146,7 @@ static void build_certs(private_isakmp_cert_post_t *this, message_t *message)
{
if (type == AUTH_RULE_IM_CERT)
{
- payload = cert_payload_create_from_cert(CERTIFICATE_V1, cert);
+ payload = cert_payload_create_from_cert(PLV1_CERTIFICATE, cert);
if (payload)
{
DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c b/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
index 43a0aaa36..58f856e3f 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_cert_pre.c
@@ -134,7 +134,7 @@ static void process_certreqs(private_isakmp_cert_pre_t *this, message_t *message
{
switch (payload->get_type(payload))
{
- case CERTIFICATE_REQUEST_V1:
+ case PLV1_CERTREQ:
{
certificate_t *cert;
@@ -268,7 +268,7 @@ static void process_certs(private_isakmp_cert_pre_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CERTIFICATE_V1)
+ if (payload->get_type(payload) == PLV1_CERTIFICATE)
{
cert_payload_t *cert_payload;
cert_encoding_t encoding;
@@ -377,7 +377,7 @@ static void build_certreqs(private_isakmp_cert_pre_t *this, message_t *message)
}
enumerator->destroy(enumerator);
}
- if (!message->get_payload(message, CERTIFICATE_REQUEST_V1))
+ if (!message->get_payload(message, PLV1_CERTREQ))
{
/* otherwise add all trusted CA certificates */
enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
@@ -402,7 +402,7 @@ static bool use_certs(private_isakmp_cert_pre_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == SECURITY_ASSOCIATION_V1)
+ if (payload->get_type(payload) == PLV1_SECURITY_ASSOCIATION)
{
sa_payload_t *sa_payload = (sa_payload_t*)payload;
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
index a44f3c4a9..bea0428c4 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_delete.c
@@ -50,7 +50,7 @@ METHOD(task_t, build_i, status_t,
this->ike_sa->get_other_host(this->ike_sa),
this->ike_sa->get_other_id(this->ike_sa));
- delete_payload = delete_payload_create(DELETE_V1, PROTO_IKE);
+ delete_payload = delete_payload_create(PLV1_DELETE, PROTO_IKE);
id = this->ike_sa->get_id(this->ike_sa);
delete_payload->set_ike_spi(delete_payload, id->get_initiator_spi(id),
id->get_responder_spi(id));
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
index a3395a043..5522e9221 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_dpd.c
@@ -55,7 +55,7 @@ METHOD(task_t, build, status_t,
u_int32_t seqnr;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, this->type);
seqnr = htonl(this->seqnr);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
index fc6ac0771..b8af6f67b 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_natd.c
@@ -117,9 +117,9 @@ static payload_type_t get_nat_d_payload_type(ike_sa_t *ike_sa)
{
if (ike_sa->supports_extension(ike_sa, EXT_NATT_DRAFT_02_03))
{
- return NAT_D_DRAFT_00_03_V1;
+ return PLV1_NAT_D_DRAFT_00_03;
}
- return NAT_D_V1;
+ return PLV1_NAT_D;
}
/**
@@ -269,8 +269,8 @@ static void process_payloads(private_isakmp_natd_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) != NAT_D_V1 &&
- payload->get_type(payload) != NAT_D_DRAFT_00_03_V1)
+ if (payload->get_type(payload) != PLV1_NAT_D &&
+ payload->get_type(payload) != PLV1_NAT_D_DRAFT_00_03)
{
continue;
}
@@ -334,7 +334,7 @@ METHOD(task_t, build_i, status_t,
case ID_PROT:
{ /* add NAT-D payloads to the second request, need to process
* those by the responder contained in the second response */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
@@ -362,7 +362,7 @@ METHOD(task_t, process_i, status_t,
case ID_PROT:
{ /* process NAT-D payloads in the second response, added them in the
* second request already, so we're done afterwards */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
@@ -407,7 +407,7 @@ METHOD(task_t, process_r, status_t,
case ID_PROT:
{ /* process NAT-D payloads in the second request, need to add ours
* to the second response */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
@@ -428,7 +428,7 @@ METHOD(task_t, build_r, status_t,
case ID_PROT:
{ /* add NAT-D payloads to second response, already processed those
* contained in the second request */
- if (message->get_payload(message, SECURITY_ASSOCIATION_V1))
+ if (message->get_payload(message, PLV1_SECURITY_ASSOCIATION))
{ /* wait for the second exchange */
return NEED_MORE;
}
diff --git a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
index e07ac0ab4..426c4bd69 100644
--- a/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
+++ b/src/libcharon/sa/ikev1/tasks/isakmp_vendor.c
@@ -209,7 +209,7 @@ static void build(private_isakmp_vendor_t *this, message_t *message)
(vendor_ids[i].extension == EXT_IKE_FRAGMENTATION && fragmentation))
{
DBG2(DBG_IKE, "sending %s vendor ID", vendor_ids[i].desc);
- vid_payload = vendor_id_payload_create_data(VENDOR_ID_V1,
+ vid_payload = vendor_id_payload_create_data(PLV1_VENDOR_ID,
chunk_clone(chunk_create(vendor_ids[i].id, vendor_ids[i].len)));
message->add_payload(message, &vid_payload->payload_interface);
}
@@ -220,7 +220,7 @@ static void build(private_isakmp_vendor_t *this, message_t *message)
this->best_natt_ext == i)
{
DBG2(DBG_IKE, "sending %s vendor ID", vendor_natt_ids[i].desc);
- vid_payload = vendor_id_payload_create_data(VENDOR_ID_V1,
+ vid_payload = vendor_id_payload_create_data(PLV1_VENDOR_ID,
chunk_clone(chunk_create(vendor_natt_ids[i].id,
vendor_natt_ids[i].len)));
message->add_payload(message, &vid_payload->payload_interface);
@@ -240,7 +240,7 @@ static void process(private_isakmp_vendor_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == VENDOR_ID_V1)
+ if (payload->get_type(payload) == PLV1_VENDOR_ID)
{
vendor_id_payload_t *vid;
bool found = FALSE;
diff --git a/src/libcharon/sa/ikev1/tasks/main_mode.c b/src/libcharon/sa/ikev1/tasks/main_mode.c
index 81638169a..8a5d9ae16 100644
--- a/src/libcharon/sa/ikev1/tasks/main_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/main_mode.c
@@ -130,7 +130,7 @@ static bool has_notify_errors(private_main_mode_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
@@ -176,7 +176,7 @@ static status_t send_notify(private_main_mode_t *this, notify_type_t type)
u_int64_t spi_i, spi_r;
chunk_t spi;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
PROTO_IKE, type);
ike_sa_id = this->ike_sa->get_id(this->ike_sa);
spi_i = ike_sa_id->get_initiator_spi(ike_sa_id);
@@ -302,7 +302,7 @@ METHOD(task_t, build_i, status_t,
return send_notify(this, INVALID_ID_INFORMATION);
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
@@ -340,7 +340,7 @@ METHOD(task_t, process_r, status_t,
message->get_source(message), TRUE);
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
@@ -401,7 +401,7 @@ METHOD(task_t, process_r, status_t,
id_payload_t *id_payload;
identification_t *id;
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDii payload missing");
@@ -488,7 +488,7 @@ METHOD(task_t, build_r, status_t,
}
this->ike_sa->set_my_id(this->ike_sa, id->clone(id));
- id_payload = id_payload_create_from_identification(ID_V1, id);
+ id_payload = id_payload_create_from_identification(PLV1_ID, id);
message->add_payload(message, &id_payload->payload_interface);
if (!this->ph1->build_auth(this->ph1, this->method, message,
@@ -575,7 +575,7 @@ METHOD(task_t, process_i, status_t,
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "SA payload missing");
@@ -627,7 +627,7 @@ METHOD(task_t, process_i, status_t,
id_payload_t *id_payload;
identification_t *id, *cid;
- id_payload = (id_payload_t*)message->get_payload(message, ID_V1);
+ id_payload = (id_payload_t*)message->get_payload(message, PLV1_ID);
if (!id_payload)
{
DBG1(DBG_IKE, "IDir payload missing");
diff --git a/src/libcharon/sa/ikev1/tasks/mode_config.c b/src/libcharon/sa/ikev1/tasks/mode_config.c
index 17fe02538..94026b9af 100644
--- a/src/libcharon/sa/ikev1/tasks/mode_config.c
+++ b/src/libcharon/sa/ikev1/tasks/mode_config.c
@@ -107,7 +107,7 @@ static configuration_attribute_t *build_vip(host_t *vip)
chunk = chunk_cata("cc", chunk, prefix);
}
}
- return configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ return configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, chunk);
}
@@ -139,11 +139,8 @@ static void handle_attribute(private_mode_config_t *this,
handler = hydra->attributes->handle(hydra->attributes,
this->ike_sa->get_other_id(this->ike_sa), handler,
ca->get_type(ca), ca->get_chunk(ca));
- if (handler)
- {
- this->ike_sa->add_configuration_attribute(this->ike_sa,
- handler, ca->get_type(ca), ca->get_chunk(ca));
- }
+ this->ike_sa->add_configuration_attribute(this->ike_sa,
+ handler, ca->get_type(ca), ca->get_chunk(ca));
}
/**
@@ -222,7 +219,7 @@ static void process_payloads(private_mode_config_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == CONFIGURATION_V1)
+ if (payload->get_type(payload) == PLV1_CONFIGURATION)
{
cp_payload_t *cp = (cp_payload_t*)payload;
configuration_attribute_t *ca;
@@ -273,7 +270,7 @@ static void add_attribute(private_mode_config_t *this, cp_payload_t *cp,
entry_t *entry;
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, data));
INIT(entry,
.type = type,
@@ -296,7 +293,7 @@ static status_t build_request(private_mode_config_t *this, message_t *message)
linked_list_t *vips;
host_t *host;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
vips = linked_list_create();
@@ -360,7 +357,7 @@ static status_t build_set(private_mode_config_t *this, message_t *message)
host_t *any4, *any6, *found;
char *name;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_SET);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_SET);
id = this->ike_sa->get_other_eap_id(this->ike_sa);
config = this->ike_sa->get_peer_cfg(this->ike_sa);
@@ -396,6 +393,8 @@ static status_t build_set(private_mode_config_t *this, message_t *message)
any4->destroy(any4);
any6->destroy(any6);
+ charon->bus->assign_vips(charon->bus, this->ike_sa, TRUE);
+
/* query registered providers for additional attributes to include */
pools = linked_list_create_from_enumerator(
config->create_pool_enumerator(config));
@@ -442,6 +441,8 @@ static void install_vips(private_mode_config_t *this)
}
}
enumerator->destroy(enumerator);
+
+ charon->bus->handle_vips(charon->bus, this->ike_sa, TRUE);
}
METHOD(task_t, process_r, status_t,
@@ -470,7 +471,7 @@ static status_t build_reply(private_mode_config_t *this, message_t *message)
linked_list_t *vips, *pools;
host_t *requested;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
id = this->ike_sa->get_other_eap_id(this->ike_sa);
config = this->ike_sa->get_peer_cfg(this->ike_sa);
@@ -505,13 +506,15 @@ static status_t build_reply(private_mode_config_t *this, message_t *message)
}
enumerator->destroy(enumerator);
+ charon->bus->assign_vips(charon->bus, this->ike_sa, TRUE);
+
/* query registered providers for additional attributes to include */
enumerator = hydra->attributes->create_responder_enumerator(
hydra->attributes, pools, id, vips);
while (enumerator->enumerate(enumerator, &type, &value))
{
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
type, value));
}
enumerator->destroy(enumerator);
@@ -535,7 +538,7 @@ static status_t build_ack(private_mode_config_t *this, message_t *message)
configuration_attribute_type_t type;
entry_t *entry;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_ACK);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_ACK);
/* return empty attributes for installed IPs */
@@ -552,7 +555,7 @@ static status_t build_ack(private_mode_config_t *this, message_t *message)
type = INTERNAL_IP4_ADDRESS;
}
cp->add_attribute(cp, configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, type, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, type, chunk_empty));
}
enumerator->destroy(enumerator);
@@ -560,7 +563,7 @@ static status_t build_ack(private_mode_config_t *this, message_t *message)
while (enumerator->enumerate(enumerator, &entry))
{
cp->add_attribute(cp,
- configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE_V1,
+ configuration_attribute_create_chunk(PLV1_CONFIGURATION_ATTRIBUTE,
entry->type, chunk_empty));
}
enumerator->destroy(enumerator);
diff --git a/src/libcharon/sa/ikev1/tasks/quick_delete.c b/src/libcharon/sa/ikev1/tasks/quick_delete.c
index 605c10cea..499081caa 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_delete.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_delete.c
@@ -177,7 +177,7 @@ METHOD(task_t, build_i, status_t,
DBG1(DBG_IKE, "sending DELETE for %N CHILD_SA with SPI %.8x",
protocol_id_names, this->protocol, ntohl(this->spi));
- delete_payload = delete_payload_create(DELETE_V1, this->protocol);
+ delete_payload = delete_payload_create(PLV1_DELETE, this->protocol);
delete_payload->add_spi(delete_payload, this->spi);
message->add_payload(message, &delete_payload->payload_interface);
@@ -205,7 +205,7 @@ METHOD(task_t, process_r, status_t,
payloads = message->create_payload_enumerator(message);
while (payloads->enumerate(payloads, &payload))
{
- if (payload->get_type(payload) == DELETE_V1)
+ if (payload->get_type(payload) == PLV1_DELETE)
{
delete_payload = (delete_payload_t*)payload;
protocol = delete_payload->get_protocol_id(delete_payload);
diff --git a/src/libcharon/sa/ikev1/tasks/quick_mode.c b/src/libcharon/sa/ikev1/tasks/quick_mode.c
index 6e7da9852..e6273682d 100644
--- a/src/libcharon/sa/ikev1/tasks/quick_mode.c
+++ b/src/libcharon/sa/ikev1/tasks/quick_mode.c
@@ -427,7 +427,7 @@ static bool add_nonce(private_quick_mode_t *this, chunk_t *nonce,
}
nonceg->destroy(nonceg);
- nonce_payload = nonce_payload_create(NONCE_V1);
+ nonce_payload = nonce_payload_create(PLV1_NONCE);
nonce_payload->set_nonce(nonce_payload, *nonce);
message->add_payload(message, &nonce_payload->payload_interface);
@@ -442,7 +442,7 @@ static bool get_nonce(private_quick_mode_t *this, chunk_t *nonce,
{
nonce_payload_t *nonce_payload;
- nonce_payload = (nonce_payload_t*)message->get_payload(message, NONCE_V1);
+ nonce_payload = (nonce_payload_t*)message->get_payload(message, PLV1_NONCE);
if (!nonce_payload)
{
DBG1(DBG_IKE, "NONCE payload missing in message");
@@ -460,7 +460,7 @@ static void add_ke(private_quick_mode_t *this, message_t *message)
{
ke_payload_t *ke_payload;
- ke_payload = ke_payload_create_from_diffie_hellman(KEY_EXCHANGE_V1, this->dh);
+ ke_payload = ke_payload_create_from_diffie_hellman(PLV1_KEY_EXCHANGE, this->dh);
message->add_payload(message, &ke_payload->payload_interface);
}
@@ -471,7 +471,7 @@ static bool get_ke(private_quick_mode_t *this, message_t *message)
{
ke_payload_t *ke_payload;
- ke_payload = (ke_payload_t*)message->get_payload(message, KEY_EXCHANGE_V1);
+ ke_payload = (ke_payload_t*)message->get_payload(message, PLV1_KEY_EXCHANGE);
if (!ke_payload)
{
DBG1(DBG_IKE, "KE payload missing");
@@ -502,7 +502,7 @@ static traffic_selector_t* select_ts(private_quick_mode_t *this, bool local,
else
{
DBG1(DBG_IKE, "%s traffic selector missing in configuration",
- local ? "local" : "local");
+ local ? "local" : "remote");
ts = NULL;
}
list->destroy_offset(list, offsetof(traffic_selector_t, destroy));
@@ -537,7 +537,7 @@ static bool get_ts(private_quick_mode_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == ID_V1)
+ if (payload->get_type(payload) == PLV1_ID)
{
id_payload = (id_payload_t*)payload;
@@ -640,9 +640,9 @@ static payload_type_t get_nat_oa_payload_type(ike_sa_t *ike_sa)
{
if (ike_sa->supports_extension(ike_sa, EXT_NATT_DRAFT_02_03))
{
- return NAT_OA_DRAFT_00_03_V1;
+ return PLV1_NAT_OA_DRAFT_00_03;
}
- return NAT_OA_V1;
+ return PLV1_NAT_OA;
}
/**
@@ -726,7 +726,7 @@ static status_t send_notify(private_quick_mode_t *this, notify_type_t type)
{
notify_payload_t *notify;
- notify = notify_payload_create_from_protocol_and_type(NOTIFY_V1,
+ notify = notify_payload_create_from_protocol_and_type(PLV1_NOTIFY,
this->proto, type);
notify->set_spi(notify, this->spi_i);
@@ -917,7 +917,7 @@ static bool has_notify_errors(private_quick_mode_t *this, message_t *message)
enumerator = message->create_payload_enumerator(message);
while (enumerator->enumerate(enumerator, &payload))
{
- if (payload->get_type(payload) == NOTIFY_V1)
+ if (payload->get_type(payload) == PLV1_NOTIFY)
{
notify_payload_t *notify;
notify_type_t type;
@@ -1000,7 +1000,7 @@ METHOD(task_t, process_r, status_t,
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "sa payload missing");
@@ -1215,7 +1215,7 @@ METHOD(task_t, process_i, status_t,
bool private;
sa_payload = (sa_payload_t*)message->get_payload(message,
- SECURITY_ASSOCIATION_V1);
+ PLV1_SECURITY_ASSOCIATION);
if (!sa_payload)
{
DBG1(DBG_IKE, "sa payload missing");
diff --git a/src/libcharon/sa/ikev1/tasks/xauth.c b/src/libcharon/sa/ikev1/tasks/xauth.c
index f5555ecd2..bdc5d67f7 100644
--- a/src/libcharon/sa/ikev1/tasks/xauth.c
+++ b/src/libcharon/sa/ikev1/tasks/xauth.c
@@ -277,7 +277,7 @@ METHOD(task_t, build_i_status, status_t,
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_SET);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_SET);
cp->add_attribute(cp,
configuration_attribute_create_value(XAUTH_STATUS, this->status));
@@ -291,7 +291,7 @@ METHOD(task_t, process_i_status, status_t,
{
cp_payload_t *cp;
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp || cp->get_type(cp) != CFG_ACK)
{
DBG1(DBG_IKE, "received invalid XAUTH status response");
@@ -354,11 +354,11 @@ METHOD(task_t, build_r_ack, status_t,
{
cp_payload_t *cp;
- cp = cp_payload_create_type(CONFIGURATION_V1, CFG_ACK);
+ cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_ACK);
cp->set_identifier(cp, this->identifier);
cp->add_attribute(cp,
configuration_attribute_create_chunk(
- CONFIGURATION_ATTRIBUTE_V1, XAUTH_STATUS, chunk_empty));
+ PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_STATUS, chunk_empty));
message->add_payload(message, (payload_t *)cp);
@@ -382,7 +382,7 @@ METHOD(task_t, process_r, status_t,
return NEED_MORE;
}
}
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp)
{
DBG1(DBG_IKE, "configuration payload missing in XAuth request");
@@ -438,7 +438,7 @@ METHOD(task_t, build_r, status_t,
{
if (!this->cp)
{ /* send empty reply if building data failed */
- this->cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+ this->cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
}
message->add_payload(message, (payload_t *)this->cp);
this->cp = NULL;
@@ -451,7 +451,7 @@ METHOD(task_t, process_i, status_t,
identification_t *id;
cp_payload_t *cp;
- cp = (cp_payload_t*)message->get_payload(message, CONFIGURATION_V1);
+ cp = (cp_payload_t*)message->get_payload(message, PLV1_CONFIGURATION);
if (!cp)
{
DBG1(DBG_IKE, "configuration payload missing in XAuth response");
@@ -463,12 +463,6 @@ METHOD(task_t, process_i, status_t,
return NEED_MORE;
case SUCCESS:
id = this->xauth->get_identity(this->xauth);
- if (this->user && !id->matches(id, this->user))
- {
- DBG1(DBG_IKE, "XAuth username '%Y' does not match to "
- "configured username '%Y'", id, this->user);
- break;
- }
DBG1(DBG_IKE, "XAuth authentication of '%Y' successful", id);
if (add_auth_cfg(this, id, FALSE) && allowed(this))
{
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-15 12:10:54 +0000