diff options
Diffstat (limited to 'src/charon/encoding')
52 files changed, 1882 insertions, 1970 deletions
diff --git a/src/charon/encoding/generator.c b/src/charon/encoding/generator.c index 406cfc688..6485da492 100644 --- a/src/charon/encoding/generator.c +++ b/src/charon/encoding/generator.c @@ -53,55 +53,55 @@ struct private_generator_t { * Public part of a generator_t object. */ generator_t public; - + /** * Buffer used to generate the data into. */ u_int8_t *buffer; - + /** * Current write position in buffer (one byte aligned). */ u_int8_t *out_position; - + /** * Position of last byte in buffer. */ u_int8_t *roof_position; - + /** * Current bit writing to in current byte (between 0 and 7). */ u_int8_t current_bit; - + /** * Associated data struct to read informations from. */ void *data_struct; - + /* * Last payload length position offset in the buffer. */ u_int32_t last_payload_length_position_offset; - + /** * Offset of the header length field in the buffer. */ u_int32_t header_length_position_offset; - + /** * Last SPI size. */ u_int8_t last_spi_size; - + /** * Attribute format of the last generated transform attribute. * - * Used to check if a variable value field is used or not for + * Used to check if a variable value field is used or not for * the transform attribute value. */ bool attribute_format; - + /** * Depending on the value of attribute_format this field is used * to hold the length of the transform attribute in bytes. @@ -149,14 +149,14 @@ static void make_space_available(private_generator_t *this, int bits) while ((get_space(this) * 8 - this->current_bit) < bits) { int old_buffer_size, new_buffer_size, out_position_offset; - + old_buffer_size = get_size(this); new_buffer_size = old_buffer_size + GENERATOR_DATA_BUFFER_INCREASE_VALUE; out_position_offset = this->out_position - this->buffer; - - DBG2(DBG_ENC, "increasing gen buffer from %d to %d byte", + + DBG2(DBG_ENC, "increasing gen buffer from %d to %d byte", old_buffer_size, new_buffer_size); - + this->buffer = realloc(this->buffer,new_buffer_size); this->out_position = (this->buffer + out_position_offset); this->roof_position = (this->buffer + new_buffer_size); @@ -171,9 +171,9 @@ static void write_bytes_to_buffer(private_generator_t *this, void *bytes, { int i; u_int8_t *read_position = (u_int8_t *)bytes; - + make_space_available(this, number_of_bytes * 8); - + for (i = 0; i < number_of_bytes; i++) { *(this->out_position) = *(read_position); @@ -192,14 +192,14 @@ static void write_bytes_to_buffer_at_offset(private_generator_t *this, u_int8_t *read_position = (u_int8_t *)bytes; u_int8_t *write_position; u_int32_t free_space_after_offset = get_size(this) - offset; - - /* check first if enough space for new data is available */ + + /* check first if enough space for new data is available */ if (number_of_bytes > free_space_after_offset) { - make_space_available(this, + make_space_available(this, (number_of_bytes - free_space_after_offset) * 8); } - + write_position = this->buffer + offset; for (i = 0; i < number_of_bytes; i++) { @@ -216,7 +216,7 @@ static void generate_u_int_type(private_generator_t *this, encoding_type_t int_type,u_int32_t offset) { int number_of_bits = 0; - + /* find out number of bits of each U_INT type to check for enough space */ switch (int_type) { @@ -251,14 +251,14 @@ static void generate_u_int_type(private_generator_t *this, encoding_type_names, int_type); return; } - + make_space_available(this, number_of_bits); switch (int_type) { case U_INT_4: { u_int8_t high, low; - + if (this->current_bit == 0) { /* high of current byte in buffer has to be set to the new value*/ @@ -303,7 +303,7 @@ static void generate_u_int_type(private_generator_t *this, { u_int8_t attribute_format_flag; u_int16_t val; - + /* attribute type must not change first bit of current byte */ if (this->current_bit != 1) { @@ -325,7 +325,7 @@ static void generate_u_int_type(private_generator_t *this, write_bytes_to_buffer(this, &val, sizeof(u_int16_t)); this->current_bit = 0; break; - + } case U_INT_16: case CONFIGURATION_ATTRIBUTE_LENGTH: @@ -372,11 +372,11 @@ static void generate_reserved_field(private_generator_t *this, int bits) return ; } make_space_available(this, bits); - + if (bits == 1) { u_int8_t reserved_bit = ~(1 << (7 - this->current_bit)); - + *(this->out_position) = *(this->out_position) & reserved_bit; if (this->current_bit == 0) { @@ -410,11 +410,11 @@ static void generate_flag(private_generator_t *this, u_int32_t offset) { u_int8_t flag_value; u_int8_t flag; - + flag_value = (*((bool *) (this->data_struct + offset))) ? 1 : 0; /* get flag position */ flag = (flag_value << (7 - this->current_bit)); - + /* make sure one bit is available in buffer */ make_space_available(this, 1); if (this->current_bit == 0) @@ -422,10 +422,10 @@ static void generate_flag(private_generator_t *this, u_int32_t offset) /* memory must be zero */ *(this->out_position) = 0x00; } - + *(this->out_position) = *(this->out_position) | flag; DBG3(DBG_ENC, " => %d", *this->out_position); - + this->current_bit++; if (this->current_bit >= 8) { @@ -440,16 +440,16 @@ static void generate_flag(private_generator_t *this, u_int32_t offset) static void generate_from_chunk(private_generator_t *this, u_int32_t offset) { chunk_t *value; - + if (this->current_bit != 0) { DBG1(DBG_ENC, "can not generate a chunk at Bitpos %d", this->current_bit); return ; } - + value = (chunk_t *)(this->data_struct + offset); DBG3(DBG_ENC, " => %B", value); - + write_bytes_to_buffer(this, value->ptr, value->len); } @@ -460,7 +460,7 @@ static void write_to_chunk(private_generator_t *this,chunk_t *data) { int data_length = get_length(this); u_int32_t header_length_field = data_length; - + /* write length into header length field */ if (this->header_length_position_offset > 0) { @@ -468,14 +468,14 @@ static void write_to_chunk(private_generator_t *this,chunk_t *data) write_bytes_to_buffer_at_offset(this, &val, sizeof(u_int32_t), this->header_length_position_offset); } - + if (this->current_bit > 0) { data_length++; } *data = chunk_alloc(data_length); memcpy(data->ptr, this->buffer, data_length); - + DBG3(DBG_ENC, "generated data of this generator %B", data); } @@ -488,20 +488,20 @@ static void generate_payload (private_generator_t *this,payload_t *payload) size_t rule_count; encoding_rule_t *rules; payload_type_t payload_type; - + this->data_struct = payload; payload_type = payload->get_type(payload); /* spi size has to get reseted */ this->last_spi_size = 0; - + offset_start = this->out_position - this->buffer; - + DBG2(DBG_ENC, "generating payload of type %N", payload_type_names, payload_type); - + /* each payload has its own encoding rules */ payload->get_encoding_rules(payload, &rules, &rule_count); - + for (i = 0; i < rule_count;i++) { DBG2(DBG_ENC, " generating rule %d %N", @@ -529,7 +529,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) { generate_reserved_field(this, 8); break; - } + } case FLAG: { generate_flag(this, rules[i].offset); @@ -578,7 +578,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) u_int16_t length_of_payload; u_int16_t header_length = 0; u_int16_t length_in_network_order; - + switch(rules[i].type) { case KEY_EXCHANGE_DATA: @@ -619,13 +619,13 @@ static void generate_payload (private_generator_t *this,payload_t *payload) break; } generate_from_chunk(this, rules[i].offset); - + payload_length_position_offset = this->last_payload_length_position_offset; - - length_of_payload = header_length + + + length_of_payload = header_length + ((chunk_t *)(this->data_struct + rules[i].offset))->len; - + length_in_network_order = htons(length_of_payload); write_bytes_to_buffer_at_offset(this, &length_in_network_order, sizeof(u_int16_t), payload_length_position_offset); @@ -633,7 +633,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) } case PROPOSALS: { - u_int32_t payload_length_position_offset = + u_int32_t payload_length_position_offset = this->last_payload_length_position_offset; /* Length of SA_PAYLOAD is calculated */ u_int16_t length_of_sa_payload = SA_PAYLOAD_HEADER_LENGTH; @@ -642,13 +642,13 @@ static void generate_payload (private_generator_t *this,payload_t *payload) (this->data_struct + rules[i].offset)); iterator_t *iterator; payload_t *current_proposal; - + iterator = proposals->create_iterator(proposals,TRUE); while (iterator->iterate(iterator, (void**)¤t_proposal)) { u_int32_t before_generate_position_offset; u_int32_t after_generate_position_offset; - + before_generate_position_offset = get_offset(this); generate_payload(this, current_proposal); after_generate_position_offset = get_offset(this); @@ -656,7 +656,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) before_generate_position_offset); } iterator->destroy(iterator); - + int16_val = htons(length_of_sa_payload); write_bytes_to_buffer_at_offset(this, &int16_val, sizeof(u_int16_t),payload_length_position_offset); @@ -664,36 +664,36 @@ static void generate_payload (private_generator_t *this,payload_t *payload) } case TRANSFORMS: { - u_int32_t payload_length_position_offset = + u_int32_t payload_length_position_offset = this->last_payload_length_position_offset; - u_int16_t length_of_proposal = + u_int16_t length_of_proposal = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH + this->last_spi_size; u_int16_t int16_val; linked_list_t *transforms = *((linked_list_t **) (this->data_struct + rules[i].offset)); iterator_t *iterator; payload_t *current_transform; - + iterator = transforms->create_iterator(transforms,TRUE); while (iterator->iterate(iterator, (void**)¤t_transform)) { u_int32_t before_generate_position_offset; u_int32_t after_generate_position_offset; - + before_generate_position_offset = get_offset(this); generate_payload(this, current_transform); after_generate_position_offset = get_offset(this); - + length_of_proposal += (after_generate_position_offset - before_generate_position_offset); } iterator->destroy(iterator); - + int16_val = htons(length_of_proposal); write_bytes_to_buffer_at_offset(this, &int16_val, sizeof(u_int16_t), payload_length_position_offset); break; - } + } case TRANSFORM_ATTRIBUTES: { u_int32_t transform_length_position_offset = @@ -705,32 +705,32 @@ static void generate_payload (private_generator_t *this,payload_t *payload) (this->data_struct + rules[i].offset)); iterator_t *iterator; payload_t *current_attribute; - + iterator = transform_attributes->create_iterator( transform_attributes, TRUE); while (iterator->iterate(iterator, (void**)¤t_attribute)) { u_int32_t before_generate_position_offset; u_int32_t after_generate_position_offset; - + before_generate_position_offset = get_offset(this); generate_payload(this, current_attribute); after_generate_position_offset = get_offset(this); - + length_of_transform += (after_generate_position_offset - before_generate_position_offset); } - + iterator->destroy(iterator); - + int16_val = htons(length_of_transform); - write_bytes_to_buffer_at_offset(this, &int16_val, + write_bytes_to_buffer_at_offset(this, &int16_val, sizeof(u_int16_t),transform_length_position_offset); break; } case CONFIGURATION_ATTRIBUTES: { - u_int32_t configurations_length_position_offset = + u_int32_t configurations_length_position_offset = this->last_payload_length_position_offset; u_int16_t length_of_configurations = CP_PAYLOAD_HEADER_LENGTH; u_int16_t int16_val; @@ -738,29 +738,29 @@ static void generate_payload (private_generator_t *this,payload_t *payload) (this->data_struct + rules[i].offset)); iterator_t *iterator; payload_t *current_attribute; - + iterator = configuration_attributes->create_iterator( configuration_attributes,TRUE); while (iterator->iterate(iterator, (void**)¤t_attribute)) { u_int32_t before_generate_position_offset; u_int32_t after_generate_position_offset; - + before_generate_position_offset = get_offset(this); generate_payload(this, current_attribute); after_generate_position_offset = get_offset(this); - + length_of_configurations += after_generate_position_offset - before_generate_position_offset; } - + iterator->destroy(iterator); - + int16_val = htons(length_of_configurations); - write_bytes_to_buffer_at_offset(this, &int16_val, + write_bytes_to_buffer_at_offset(this, &int16_val, sizeof(u_int16_t),configurations_length_position_offset); break; - } + } case ATTRIBUTE_FORMAT: { generate_flag(this, rules[i].offset); @@ -768,7 +768,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) this->attribute_format = *((bool *)(this->data_struct + rules[i].offset)); break; - } + } case ATTRIBUTE_LENGTH_OR_VALUE: { @@ -797,7 +797,7 @@ static void generate_payload (private_generator_t *this,payload_t *payload) } case TRAFFIC_SELECTORS: { - u_int32_t payload_length_position_offset = + u_int32_t payload_length_position_offset = this->last_payload_length_position_offset; u_int16_t length_of_ts_payload = TS_PAYLOAD_HEADER_LENGTH; u_int16_t int16_val; @@ -805,29 +805,29 @@ static void generate_payload (private_generator_t *this,payload_t *payload) (this->data_struct + rules[i].offset)); iterator_t *iterator; payload_t *current_tss; - + iterator = traffic_selectors->create_iterator( traffic_selectors,TRUE); while (iterator->iterate(iterator, (void **)¤t_tss)) { u_int32_t before_generate_position_offset; u_int32_t after_generate_position_offset; - + before_generate_position_offset = get_offset(this); generate_payload(this, current_tss); after_generate_position_offset = get_offset(this); - + length_of_ts_payload += (after_generate_position_offset - before_generate_position_offset); } iterator->destroy(iterator); - + int16_val = htons(length_of_ts_payload); write_bytes_to_buffer_at_offset(this, &int16_val, sizeof(u_int16_t),payload_length_position_offset); break; - } - + } + case ENCRYPTED_DATA: { generate_from_chunk(this, rules[i].offset); @@ -869,10 +869,10 @@ generator_t *generator_create() this->public.generate_payload = (void(*)(generator_t*, payload_t *))generate_payload; this->public.destroy = (void(*)(generator_t*)) destroy; this->public.write_to_chunk = (void (*) (generator_t *,chunk_t *))write_to_chunk; - + /* allocate memory for buffer */ this->buffer = malloc(GENERATOR_DATA_BUFFER_SIZE); - + /* initiate private variables */ this->out_position = this->buffer; this->roof_position = this->buffer + GENERATOR_DATA_BUFFER_SIZE; @@ -880,7 +880,9 @@ generator_t *generator_create() this->current_bit = 0; this->last_payload_length_position_offset = 0; this->header_length_position_offset = 0; - + this->attribute_format = FALSE; + this->attribute_length = 0; + return &(this->public); } diff --git a/src/charon/encoding/generator.h b/src/charon/encoding/generator.h index f6fb8981c..2221c84af 100644 --- a/src/charon/encoding/generator.h +++ b/src/charon/encoding/generator.h @@ -44,7 +44,7 @@ typedef struct generator_t generator_t; * A generator_t class used to generate IKEv2 payloads. * * After creation, multiple payloads can be generated with the generate_payload - * method. The generated bytes are appended. After all payloads are added, + * method. The generated bytes are appended. After all payloads are added, * the write_to_chunk method writes out all generated data since * the creation of the generator. After that, the generator must be destroyed. * The generater uses a set of encoding rules, which it can get from @@ -52,7 +52,7 @@ typedef struct generator_t generator_t; * the payload and all substructures automatically. */ struct generator_t { - + /** * Generates a specific payload from given payload object. * @@ -61,14 +61,14 @@ struct generator_t { * @param payload interface payload_t implementing object */ void (*generate_payload) (generator_t *this,payload_t *payload); - + /** * Writes all generated data of the generator to a chunk. * * @param data chunk to write the data to */ void (*write_to_chunk) (generator_t *this,chunk_t *data); - + /** * Destroys a generator_t object. */ @@ -77,7 +77,7 @@ struct generator_t { /** * Constructor to create a generator. - * + * * @return generator_t object. */ generator_t *generator_create(void); diff --git a/src/charon/encoding/message.c b/src/charon/encoding/message.c index 7c6fdb499..397a3c609 100644 --- a/src/charon/encoding/message.c +++ b/src/charon/encoding/message.c @@ -47,7 +47,7 @@ typedef struct payload_rule_t payload_rule_t; /** * A payload rule defines the rules for a payload - * in a specific message rule. It defines if and how + * in a specific message rule. It defines if and how * many times a payload must/can occur in a message * and if it must be encrypted. */ @@ -56,7 +56,7 @@ struct payload_rule_t { * Payload type. */ payload_type_t payload_type; - + /** * Minimal occurence of this payload. */ @@ -66,15 +66,15 @@ struct payload_rule_t { * Max occurence of this payload. */ size_t max_occurence; - + /** * TRUE if payload must be encrypted */ bool encrypted; - + /** * If this payload occurs, the message rule is - * fullfilled in any case. This applies e.g. to + * fullfilled in any case. This applies e.g. to * notify_payloads. */ bool sufficient; @@ -88,11 +88,11 @@ typedef struct payload_order_t payload_order_t; struct payload_order_t { /** - * payload type + * payload type */ payload_type_t type; - - /** + + /** * notify type, if payload == NOTIFY */ notify_type_t notify; @@ -111,7 +111,7 @@ struct message_rule_t { * Type of message. */ exchange_type_t exchange_type; - + /** * Is message a request or response. */ @@ -121,22 +121,22 @@ struct message_rule_t { * Message contains encrypted content. */ bool encrypted_content; - + /** * Number of payload rules which will follow */ int payload_rule_count; - + /** * Pointer to first payload rule */ payload_rule_t *payload_rules; - + /** * Number of payload order rules */ int payload_order_count; - + /** * payload ordering rules */ @@ -161,9 +161,9 @@ static payload_rule_t ike_sa_init_i_payload_rules[] = { static payload_order_t ike_sa_init_i_payload_order[] = { /* payload type notify type */ {NOTIFY, COOKIE}, - {SECURITY_ASSOCIATION, 0}, - {KEY_EXCHANGE, 0}, - {NONCE, 0}, + {SECURITY_ASSOCIATION, 0}, + {KEY_EXCHANGE, 0}, + {NONCE, 0}, {NOTIFY, NAT_DETECTION_SOURCE_IP}, {NOTIFY, NAT_DETECTION_DESTINATION_IP}, {NOTIFY, 0}, @@ -187,9 +187,9 @@ static payload_rule_t ike_sa_init_r_payload_rules[] = { */ static payload_order_t ike_sa_init_r_payload_order[] = { /* payload type notify type */ - {SECURITY_ASSOCIATION, 0}, - {KEY_EXCHANGE, 0}, - {NONCE, 0}, + {SECURITY_ASSOCIATION, 0}, + {KEY_EXCHANGE, 0}, + {NONCE, 0}, {NOTIFY, NAT_DETECTION_SOURCE_IP}, {NOTIFY, NAT_DETECTION_DESTINATION_IP}, {NOTIFY, HTTP_CERT_LOOKUP_SUPPORTED}, @@ -241,7 +241,7 @@ static payload_order_t ike_auth_i_payload_order[] = { {NOTIFY, USE_TRANSPORT_MODE}, {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED}, {NOTIFY, NON_FIRST_FRAGMENTS_ALSO}, - {SECURITY_ASSOCIATION, 0}, + {SECURITY_ASSOCIATION, 0}, {TRAFFIC_SELECTOR_INITIATOR, 0}, {TRAFFIC_SELECTOR_RESPONDER, 0}, {NOTIFY, MOBIKE_SUPPORTED}, @@ -283,7 +283,7 @@ static payload_order_t ike_auth_r_payload_order[] = { {NOTIFY, USE_TRANSPORT_MODE}, {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED}, {NOTIFY, NON_FIRST_FRAGMENTS_ALSO}, - {SECURITY_ASSOCIATION, 0}, + {SECURITY_ASSOCIATION, 0}, {TRAFFIC_SELECTOR_INITIATOR, 0}, {TRAFFIC_SELECTOR_RESPONDER, 0}, {NOTIFY, AUTH_LIFETIME}, @@ -370,9 +370,9 @@ static payload_order_t create_child_sa_i_payload_order[] = { {NOTIFY, USE_TRANSPORT_MODE}, {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED}, {NOTIFY, NON_FIRST_FRAGMENTS_ALSO}, - {SECURITY_ASSOCIATION, 0}, + {SECURITY_ASSOCIATION, 0}, {NONCE, 0}, - {KEY_EXCHANGE, 0}, + {KEY_EXCHANGE, 0}, {TRAFFIC_SELECTOR_INITIATOR, 0}, {TRAFFIC_SELECTOR_RESPONDER, 0}, {NOTIFY, 0}, @@ -402,9 +402,9 @@ static payload_order_t create_child_sa_r_payload_order[] = { {NOTIFY, USE_TRANSPORT_MODE}, {NOTIFY, ESP_TFC_PADDING_NOT_SUPPORTED}, {NOTIFY, NON_FIRST_FRAGMENTS_ALSO}, - {SECURITY_ASSOCIATION, 0}, + {SECURITY_ASSOCIATION, 0}, {NONCE, 0}, - {KEY_EXCHANGE, 0}, + {KEY_EXCHANGE, 0}, {TRAFFIC_SELECTOR_INITIATOR, 0}, {TRAFFIC_SELECTOR_RESPONDER, 0}, {NOTIFY, ADDITIONAL_TS_POSSIBLE}, @@ -516,7 +516,7 @@ static message_rule_t message_rules[] = { (sizeof(me_connect_r_payload_order)/sizeof(payload_order_t)), me_connect_r_payload_order, }, -#endif /* ME */ +#endif /* ME */ }; @@ -536,12 +536,12 @@ struct private_message_t { * Minor version of message. */ u_int8_t major_version; - + /** * Major version of message. */ u_int8_t minor_version; - + /** * First Payload in message. */ @@ -556,32 +556,32 @@ struct private_message_t { * TRUE if message is a request, FALSE if a reply. */ bool is_request; - + /** * Message ID of this message. */ u_int32_t message_id; - + /** * ID of assigned IKE_SA. */ ike_sa_id_t *ike_sa_id; - + /** * Assigned UDP packet, stores incoming packet or last generated one. */ packet_t *packet; - + /** * Linked List where payload data are stored in. */ linked_list_t *payloads; - + /** * Assigned parser to parse Header and Body of this message. */ parser_t *parser; - + /** * The message rule for this message instance */ @@ -594,7 +594,7 @@ struct private_message_t { static status_t set_message_rule(private_message_t *this) { int i; - + for (i = 0; i < (sizeof(message_rules) / sizeof(message_rule_t)); i++) { if ((this->exchange_type == message_rules[i].exchange_type) && @@ -612,10 +612,11 @@ static status_t set_message_rule(private_message_t *this) /** * Implementation of private_message_t.get_payload_rule. */ -static status_t get_payload_rule(private_message_t *this, payload_type_t payload_type, payload_rule_t **payload_rule) +static status_t get_payload_rule(private_message_t *this, + payload_type_t payload_type, payload_rule_t **payload_rule) { int i; - + for (i = 0; i < this->message_rule->payload_rule_count;i++) { if (this->message_rule->payload_rules[i].payload_type == payload_type) @@ -624,7 +625,7 @@ static status_t get_payload_rule(private_message_t *this, payload_type_t payload return SUCCESS; } } - + *payload_rule = NULL; return NOT_FOUND; } @@ -632,7 +633,7 @@ static status_t get_payload_rule(private_message_t *this, payload_type_t payload /** * Implementation of message_t.set_ike_sa_id. */ -static void set_ike_sa_id (private_message_t *this,ike_sa_id_t *ike_sa_id) +static void set_ike_sa_id(private_message_t *this,ike_sa_id_t *ike_sa_id) { DESTROY_IF(this->ike_sa_id); this->ike_sa_id = ike_sa_id->clone(ike_sa_id); @@ -641,7 +642,7 @@ static void set_ike_sa_id (private_message_t *this,ike_sa_id_t *ike_sa_id) /** * Implementation of message_t.get_ike_sa_id. */ -static ike_sa_id_t* get_ike_sa_id (private_message_t *this) +static ike_sa_id_t* get_ike_sa_id(private_message_t *this) { return this->ike_sa_id; } @@ -649,7 +650,7 @@ static ike_sa_id_t* get_ike_sa_id (private_message_t *this) /** * Implementation of message_t.set_message_id. */ -static void set_message_id (private_message_t *this,u_int32_t message_id) +static void set_message_id(private_message_t *this,u_int32_t message_id) { this->message_id = message_id; } @@ -657,7 +658,7 @@ static void set_message_id (private_message_t *this,u_int32_t message_id) /** * Implementation of message_t.get_message_id. */ -static u_int32_t get_message_id (private_message_t *this) +static u_int32_t get_message_id(private_message_t *this) { return this->message_id; } @@ -665,7 +666,7 @@ static u_int32_t get_message_id (private_message_t *this) /** * Implementation of message_t.get_initiator_spi. */ -static u_int64_t get_initiator_spi (private_message_t *this) +static u_int64_t get_initiator_spi(private_message_t *this) { return (this->ike_sa_id->get_initiator_spi(this->ike_sa_id)); } @@ -673,7 +674,7 @@ static u_int64_t get_initiator_spi (private_message_t *this) /** * Implementation of message_t.get_responder_spi. */ -static u_int64_t get_responder_spi (private_message_t *this) +static u_int64_t get_responder_spi(private_message_t *this) { return (this->ike_sa_id->get_responder_spi(this->ike_sa_id)); } @@ -681,16 +682,15 @@ static u_int64_t get_responder_spi (private_message_t *this) /** * Implementation of message_t.set_major_version. */ -static void set_major_version (private_message_t *this,u_int8_t major_version) +static void set_major_version(private_message_t *this,u_int8_t major_version) { this->major_version = major_version; } - /** * Implementation of message_t.set_major_version. */ -static u_int8_t get_major_version (private_message_t *this) +static u_int8_t get_major_version(private_message_t *this) { return this->major_version; } @@ -698,7 +698,7 @@ static u_int8_t get_major_version (private_message_t *this) /** * Implementation of message_t.set_minor_version. */ -static void set_minor_version (private_message_t *this,u_int8_t minor_version) +static void set_minor_version(private_message_t *this,u_int8_t minor_version) { this->minor_version = minor_version; } @@ -706,7 +706,7 @@ static void set_minor_version (private_message_t *this,u_int8_t minor_version) /** * Implementation of message_t.get_minor_version. */ -static u_int8_t get_minor_version (private_message_t *this) +static u_int8_t get_minor_version(private_message_t *this) { return this->minor_version; } @@ -714,7 +714,8 @@ static u_int8_t get_minor_version (private_message_t *this) /** * Implementation of message_t.set_exchange_type. */ -static void set_exchange_type (private_message_t *this,exchange_type_t exchange_type) +static void set_exchange_type(private_message_t *this, + exchange_type_t exchange_type) { this->exchange_type = exchange_type; } @@ -722,7 +723,7 @@ static void set_exchange_type (private_message_t *this,exchange_type_t exchange_ /** * Implementation of message_t.get_exchange_type. */ -static exchange_type_t get_exchange_type (private_message_t *this) +static exchange_type_t get_exchange_type(private_message_t *this) { return this->exchange_type; } @@ -730,7 +731,7 @@ static exchange_type_t get_exchange_type (private_message_t *this) /** * Implementation of message_t.get_first_payload_type. */ -static payload_type_t get_first_payload_type (private_message_t *this) +static payload_type_t get_first_payload_type(private_message_t *this) { return this->first_payload; } @@ -738,7 +739,7 @@ static payload_type_t get_first_payload_type (private_message_t *this) /** * Implementation of message_t.set_request. */ -static void set_request (private_message_t *this,bool request) +static void set_request(private_message_t *this, bool request) { this->is_request = request; } @@ -746,7 +747,7 @@ static void set_request (private_message_t *this,bool request) /** * Implementation of message_t.get_request. */ -static exchange_type_t get_request (private_message_t *this) +static exchange_type_t get_request(private_message_t *this) { return this->is_request; } @@ -757,7 +758,7 @@ static exchange_type_t get_request (private_message_t *this) static bool is_encoded(private_message_t *this) { chunk_t data = this->packet->get_data(this->packet); - + if (data.ptr == NULL) { return FALSE; @@ -791,15 +792,15 @@ static void add_payload(private_message_t *this, payload_t *payload) /** * Implementation of message_t.add_notify. */ -static void add_notify(private_message_t *this, bool flush, notify_type_t type, +static void add_notify(private_message_t *this, bool flush, notify_type_t type, chunk_t data) { notify_payload_t *notify; payload_t *payload; - + if (flush) { - while (this->payloads->remove_last(this->payloads, + while (this->payloads->remove_last(this->payloads, (void**)&payload) == SUCCESS) { payload->destroy(payload); @@ -858,7 +859,7 @@ static payload_t *get_payload(private_message_t *this, payload_type_t type) { payload_t *current, *found = NULL; enumerator_t *enumerator; - + enumerator = create_payload_enumerator(this); while (enumerator->enumerate(enumerator, ¤t)) { @@ -880,7 +881,7 @@ static notify_payload_t* get_notify(private_message_t *this, notify_type_t type) enumerator_t *enumerator; notify_payload_t *notify = NULL; payload_t *payload; - + enumerator = create_payload_enumerator(this); while (enumerator->enumerate(enumerator, &payload)) { @@ -907,12 +908,12 @@ static char* get_string(private_message_t *this, char *buf, int len) payload_t *payload; int written; char *pos = buf; - + memset(buf, 0, len); len--; - + written = snprintf(pos, len, "%N %s %d [", - exchange_type_names, this->exchange_type, + exchange_type_names, this->exchange_type, this->is_request ? "request" : "response", this->message_id); if (written >= len || written < 0) @@ -921,12 +922,12 @@ static char* get_string(private_message_t *this, char *buf, int len) } pos += written; len -= written; - + enumerator = create_payload_enumerator(this); while (enumerator->enumerate(enumerator, &payload)) { written = snprintf(pos, len, " %N", payload_type_short_names, - payload->get_type(payload)); + payload->get_type(payload)); if (written >= len || written < 0) { return buf; @@ -937,7 +938,36 @@ static char* get_string(private_message_t *this, char *buf, int len) { notify_payload_t *notify = (notify_payload_t*)payload; written = snprintf(pos, len, "(%N)", notify_type_short_names, - notify->get_notify_type(notify)); + notify->get_notify_type(notify)); + if (written >= len || written < 0) + { + return buf; + } + pos += written; + len -= written; + } + if (payload->get_type(payload) == EXTENSIBLE_AUTHENTICATION) + { + eap_payload_t *eap = (eap_payload_t*)payload; + u_int32_t vendor; + eap_type_t type; + char method[64] = ""; + + type = eap->get_type(eap, &vendor); + if (type) + { + if (vendor) + { + snprintf(method, sizeof(method), "/%d-%d", type, vendor); + } + else + { + snprintf(method, sizeof(method), "/%N", + eap_type_short_names, type); + } + } + written = snprintf(pos, len, "/%N%s", eap_code_short_names, + eap->get_code(eap), method); if (written >= len || written < 0) { return buf; @@ -947,7 +977,7 @@ static char* get_string(private_message_t *this, char *buf, int len) } } enumerator->destroy(enumerator); - + /* remove last space */ snprintf(pos, len, " ]"); return buf; @@ -961,7 +991,7 @@ static void order_payloads(private_message_t *this) linked_list_t *list; payload_t *payload; int i; - + /* move to temp list */ list = linked_list_create(); while (this->payloads->remove_last(this->payloads, @@ -975,7 +1005,7 @@ static void order_payloads(private_message_t *this) enumerator_t *enumerator; notify_payload_t *notify; payload_order_t order = this->message_rule->payload_order[i]; - + /* ... find all payload ... */ enumerator = list->create_enumerator(list); while (enumerator->enumerate(enumerator, &payload)) @@ -984,7 +1014,7 @@ static void order_payloads(private_message_t *this) if (payload->get_type(payload) == order.type) { notify = (notify_payload_t*)payload; - + /**... and check notify for type. */ if (order.type != NOTIFY || order.notify == 0 || order.notify == notify->get_notify_type(notify)) @@ -992,17 +1022,21 @@ static void order_payloads(private_message_t *this) list->remove_at(list, enumerator); add_payload(this, payload); } - } + } } enumerator->destroy(enumerator); } /* append all payloads without a rule to the end */ while (list->remove_last(list, (void**)&payload) == SUCCESS) { - DBG1(DBG_ENC, "payload %N has no ordering rule in %N %s", - payload_type_names, payload->get_type(payload), - exchange_type_names, this->message_rule->exchange_type, - this->message_rule->is_request ? "request" : "response"); + /* do not complain about payloads in private use space */ + if (payload->get_type(payload) < 128) + { + DBG1(DBG_ENC, "payload %N has no ordering rule in %N %s", + payload_type_names, payload->get_type(payload), + exchange_type_names, this->message_rule->exchange_type, + this->message_rule->is_request ? "request" : "response"); + } add_payload(this, payload); } list->destroy(list); @@ -1014,80 +1048,73 @@ static void order_payloads(private_message_t *this) static status_t encrypt_payloads(private_message_t *this, crypter_t *crypter, signer_t* signer) { - encryption_payload_t *encryption_payload = NULL; + encryption_payload_t *encryption; + linked_list_t *payloads; + payload_t *current; status_t status; - linked_list_t *all_payloads; - + if (!this->message_rule->encrypted_content) { DBG2(DBG_ENC, "message doesn't have to be encrypted"); /* message contains no content to encrypt */ return SUCCESS; } - + if (!crypter || !signer) { DBG2(DBG_ENC, "no crypter or signer specified, do not encrypt message"); /* message contains no content to encrypt */ return SUCCESS; } - + DBG2(DBG_ENC, "copy all payloads to a temporary list"); - all_payloads = linked_list_create(); - + payloads = linked_list_create(); + /* first copy all payloads in a temporary list */ while (this->payloads->get_count(this->payloads) > 0) { - void *current_payload; - this->payloads->remove_first(this->payloads,¤t_payload); - all_payloads->insert_last(all_payloads,current_payload); + this->payloads->remove_first(this->payloads, (void**)¤t); + payloads->insert_last(payloads, current); } - - encryption_payload = encryption_payload_create(); + + encryption = encryption_payload_create(); DBG2(DBG_ENC, "check each payloads if they have to get encrypted"); - while (all_payloads->get_count(all_payloads) > 0) + while (payloads->get_count(payloads) > 0) { - payload_rule_t *payload_rule; - payload_t *current_payload; - bool to_encrypt = FALSE; - - all_payloads->remove_first(all_payloads,(void **)¤t_payload); - - status = get_payload_rule(this, - current_payload->get_type(current_payload),&payload_rule); - /* for payload types which are not found in supported payload list, - * it is presumed that they don't have to be encrypted */ - if ((status == SUCCESS) && (payload_rule->encrypted)) + payload_rule_t *rule; + payload_type_t type; + bool to_encrypt = TRUE; + + payloads->remove_first(payloads, (void**)¤t); + + type = current->get_type(current); + if (get_payload_rule(this, type, &rule) == SUCCESS) { - DBG2(DBG_ENC, "payload %N gets encrypted", - payload_type_names, current_payload->get_type(current_payload)); - to_encrypt = TRUE; + to_encrypt = rule->encrypted; } - if (to_encrypt) { DBG2(DBG_ENC, "insert payload %N to encryption payload", - payload_type_names, current_payload->get_type(current_payload)); - encryption_payload->add_payload(encryption_payload,current_payload); + payload_type_names, current->get_type(current)); + encryption->add_payload(encryption, current); } else { DBG2(DBG_ENC, "insert payload %N unencrypted", - payload_type_names ,current_payload->get_type(current_payload)); - add_payload(this, (payload_t*)encryption_payload); + payload_type_names, current->get_type(current)); + add_payload(this, (payload_t*)current); } } - status = SUCCESS; DBG2(DBG_ENC, "encrypting encryption payload"); - encryption_payload->set_transforms(encryption_payload, crypter,signer); - status = encryption_payload->encrypt(encryption_payload); + encryption->set_transforms(encryption, crypter, signer); + status = encryption->encrypt(encryption); DBG2(DBG_ENC, "add encrypted payload to payload list"); - add_payload(this, (payload_t*)encryption_payload); - - all_payloads->destroy(all_payloads); - + add_payload(this, (payload_t*)encryption); + + payloads->destroy(payloads); + return status; } @@ -1104,28 +1131,28 @@ static status_t generate(private_message_t *this, crypter_t *crypter, status_t status; chunk_t packet_data; char str[256]; - + if (is_encoded(this)) { /* already generated, return a new packet clone */ *packet = this->packet->clone(this->packet); return SUCCESS; } - + if (this->exchange_type == EXCHANGE_TYPE_UNDEFINED) { DBG1(DBG_ENC, "exchange type is not defined"); return INVALID_STATE; } - + if (this->packet->get_source(this->packet) == NULL || - this->packet->get_destination(this->packet) == NULL) + this->packet->get_destination(this->packet) == NULL) { DBG1(DBG_ENC, "%s not defined", !this->packet->get_source(this->packet) ? "source" : "destination"); return INVALID_STATE; } - + /* set the rules for this messge */ status = set_message_rule(this); if (status != SUCCESS) @@ -1133,11 +1160,11 @@ static status_t generate(private_message_t *this, crypter_t *crypter, DBG1(DBG_ENC, "no message rules specified for this message type"); return NOT_SUPPORTED; } - + order_payloads(this); - + DBG1(DBG_ENC, "generating %s", get_string(this, str, sizeof(str))); - + /* going to encrypt all content which have to be encrypted */ status = encrypt_payloads(this, crypter, signer); if (status != SUCCESS) @@ -1145,21 +1172,24 @@ static status_t generate(private_message_t *this, crypter_t *crypter, DBG1(DBG_ENC, "payload encryption failed"); return status; } - + /* build ike header */ ike_header = ike_header_create(); - + ike_header->set_exchange_type(ike_header, this->exchange_type); ike_header->set_message_id(ike_header, this->message_id); ike_header->set_response_flag(ike_header, !this->is_request); - ike_header->set_initiator_flag(ike_header, this->ike_sa_id->is_initiator(this->ike_sa_id)); - ike_header->set_initiator_spi(ike_header, this->ike_sa_id->get_initiator_spi(this->ike_sa_id)); - ike_header->set_responder_spi(ike_header, this->ike_sa_id->get_responder_spi(this->ike_sa_id)); - + ike_header->set_initiator_flag(ike_header, + this->ike_sa_id->is_initiator(this->ike_sa_id)); + ike_header->set_initiator_spi(ike_header, + this->ike_sa_id->get_initiator_spi(this->ike_sa_id)); + ike_header->set_responder_spi(ike_header, + this->ike_sa_id->get_responder_spi(this->ike_sa_id)); + generator = generator_create(); - + payload = (payload_t*)ike_header; - + /* generate every payload expect last one, this is done later*/ enumerator = create_payload_enumerator(this); while (enumerator->enumerate(enumerator, &next_payload)) @@ -1169,18 +1199,18 @@ static status_t generate(private_message_t *this, crypter_t *crypter, payload = next_payload; } enumerator->destroy(enumerator); - + /* last payload has no next payload*/ payload->set_next_type(payload, NO_PAYLOAD); generator->generate_payload(generator, payload); ike_header->destroy(ike_header); - + /* build packet */ generator->write_to_chunk(generator, &packet_data); generator->destroy(generator); - + /* if last payload is of type encrypted, integrity checksum if necessary */ if (payload->get_type(payload) == ENCRYPTED) { @@ -1192,12 +1222,12 @@ static status_t generate(private_message_t *this, crypter_t *crypter, return status; } } - + this->packet->set_data(this->packet, packet_data); - + /* clone packet for caller */ *packet = this->packet->clone(this->packet); - + DBG2(DBG_ENC, "message generated successfully"); return SUCCESS; } @@ -1205,7 +1235,7 @@ static status_t generate(private_message_t *this, crypter_t *crypter, /** * Implementation of message_t.get_packet. */ -static packet_t *get_packet (private_message_t *this) +static packet_t *get_packet(private_message_t *this) { if (this->packet == NULL) { @@ -1217,7 +1247,7 @@ static packet_t *get_packet (private_message_t *this) /** * Implementation of message_t.get_packet_data. */ -static chunk_t get_packet_data (private_message_t *this) +static chunk_t get_packet_data(private_message_t *this) { if (this->packet == NULL) { @@ -1233,48 +1263,51 @@ static status_t parse_header(private_message_t *this) { ike_header_t *ike_header; status_t status; - + DBG2(DBG_ENC, "parsing header of message"); - + this->parser->reset_context(this->parser); - status = this->parser->parse_payload(this->parser,HEADER,(payload_t **) &ike_header); + status = this->parser->parse_payload(this->parser, HEADER, + (payload_t**)&ike_header); if (status != SUCCESS) { DBG1(DBG_ENC, "header could not be parsed"); return status; - + } - + /* verify payload */ - status = ike_header->payload_interface.verify(&(ike_header->payload_interface)); + status = ike_header->payload_interface.verify( + &ike_header->payload_interface); if (status != SUCCESS) { DBG1(DBG_ENC, "header verification failed"); ike_header->destroy(ike_header); return status; } - + if (this->ike_sa_id != NULL) { this->ike_sa_id->destroy(this->ike_sa_id); } - + this->ike_sa_id = ike_sa_id_create(ike_header->get_initiator_spi(ike_header), - ike_header->get_responder_spi(ike_header), - ike_header->get_initiator_flag(ike_header)); + ike_header->get_responder_spi(ike_header), + ike_header->get_initiator_flag(ike_header)); this->exchange_type = ike_header->get_exchange_type(ike_header); this->message_id = ike_header->get_message_id(ike_header); this->is_request = (!(ike_header->get_response_flag(ike_header))); this->major_version = ike_header->get_maj_version(ike_header); this->minor_version = ike_header->get_min_version(ike_header); - this->first_payload = ike_header->payload_interface.get_next_type(&(ike_header->payload_interface)); - + this->first_payload = ike_header->payload_interface.get_next_type( + &ike_header->payload_interface); + DBG2(DBG_ENC, "parsed a %N %s", exchange_type_names, this->exchange_type, this->is_request ? "request" : "response"); - + ike_header->destroy(ike_header); - + /* get the rules for this messge */ status = set_message_rule(this); if (status != SUCCESS) @@ -1283,14 +1316,15 @@ static status_t parse_header(private_message_t *this) exchange_type_names, this->exchange_type, this->is_request ? "request" : "response"); } - + return status; } /** * Implementation of private_message_t.decrypt_and_verify_payloads. */ -static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, signer_t* signer) +static status_t decrypt_payloads(private_message_t *this, crypter_t *crypter, + signer_t* signer) { bool current_payload_was_encrypted = FALSE; payload_t *previous_payload = NULL; @@ -1306,20 +1340,20 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig { payload_rule_t *payload_rule; payload_type_t current_payload_type; - + /* needed to check */ current_payload_type = current_payload->get_type(current_payload); - + DBG2(DBG_ENC, "process payload of type %N", payload_type_names, current_payload_type); - + if (current_payload_type == ENCRYPTED) { encryption_payload_t *encryption_payload; payload_t *current_encrypted_payload; - + encryption_payload = (encryption_payload_t*)current_payload; - + DBG2(DBG_ENC, "found an encryption payload"); if (payload_number != this->payloads->get_count(this->payloads)) @@ -1330,7 +1364,8 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig return VERIFY_ERROR; } /* decrypt */ - encryption_payload->set_transforms(encryption_payload, crypter, signer); + encryption_payload->set_transforms(encryption_payload, + crypter, signer); DBG2(DBG_ENC, "verify signature of encryption payload"); status = encryption_payload->verify_signature(encryption_payload, this->packet->get_data(this->packet)); @@ -1348,10 +1383,10 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig iterator->destroy(iterator); return PARSE_ERROR; } - + /* needed later to find out if a payload was encrypted */ current_payload_was_encrypted = TRUE; - + /* check if there are payloads contained in the encryption payload */ if (encryption_payload->get_payload_count(encryption_payload) == 0) { @@ -1363,39 +1398,52 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig } else { - /* encryption_payload is replaced with first payload contained in encryption_payload */ - encryption_payload->remove_first_payload(encryption_payload, ¤t_encrypted_payload); - iterator->replace(iterator,NULL,(void *) current_encrypted_payload); - current_payload_type = current_encrypted_payload->get_type(current_encrypted_payload); + /* encryption_payload is replaced with first payload contained + * in encryption_payload */ + encryption_payload->remove_first_payload(encryption_payload, + ¤t_encrypted_payload); + iterator->replace(iterator, NULL, + (void *)current_encrypted_payload); + current_payload_type = current_encrypted_payload->get_type( + current_encrypted_payload); } - + /* is the current paylad the first in the message? */ if (previous_payload == NULL) { - /* yes, set the first payload type of the message to the current type */ + /* yes, set the first payload type of the message to the + * current type */ this->first_payload = current_payload_type; } else { - /* no, set the next_type of the previous payload to the current type */ - previous_payload->set_next_type(previous_payload, current_payload_type); + /* no, set the next_type of the previous payload to the + * current type */ + previous_payload->set_next_type(previous_payload, + current_payload_type); } - + /* all encrypted payloads are added to the payload list */ while (encryption_payload->get_payload_count(encryption_payload) > 0) { - encryption_payload->remove_first_payload(encryption_payload, ¤t_encrypted_payload); - DBG2(DBG_ENC, "insert unencrypted payload of type %N at end of list", - payload_type_names, current_encrypted_payload->get_type(current_encrypted_payload)); - this->payloads->insert_last(this->payloads,current_encrypted_payload); + encryption_payload->remove_first_payload(encryption_payload, + ¤t_encrypted_payload); + DBG2(DBG_ENC, "insert unencrypted payload of type " + "%N at end of list", payload_type_names, + current_encrypted_payload->get_type( + current_encrypted_payload)); + this->payloads->insert_last(this->payloads, + current_encrypted_payload); } - + /* encryption payload is processed, payloads are moved. Destroy it. */ - encryption_payload->destroy(encryption_payload); + encryption_payload->destroy(encryption_payload); } - /* we allow unknown payloads of any type and don't bother if it was encrypted. Not our problem. */ - if (current_payload_type != UNKNOWN_PAYLOAD && current_payload_type != NO_PAYLOAD) + /* we allow unknown payloads of any type and don't bother if it was + * encrypted. Not our problem. */ + if (current_payload_type != UNKNOWN_PAYLOAD && + current_payload_type != NO_PAYLOAD) { /* get the ruleset for found payload */ status = get_payload_rule(this, current_payload_type, &payload_rule); @@ -1407,11 +1455,13 @@ static status_t decrypt_payloads(private_message_t *this,crypter_t *crypter, sig iterator->destroy(iterator); return VERIFY_ERROR; } - - /* check if the payload was encrypted, and if it should been have encrypted */ + + /* check if the payload was encrypted, and if it should been have + * encrypted */ if (payload_rule->encrypted != current_payload_was_encrypted) { - /* payload was not encrypted, but should have been. or vice-versa */ + /* payload was not encrypted, but should have been. + * or vice-versa */ DBG1(DBG_ENC, "payload type %N should be %s!", payload_type_names, current_payload_type, (payload_rule->encrypted) ? "encrypted" : "not encrypted"); @@ -1437,24 +1487,24 @@ static status_t verify(private_message_t *this) enumerator_t *enumerator; payload_t *current_payload; size_t total_found_payloads = 0; - + DBG2(DBG_ENC, "verifying message structure"); - + /* check for payloads with wrong count*/ for (i = 0; i < this->message_rule->payload_rule_count; i++) { size_t found_payloads = 0; payload_rule_t *rule; - + rule = &this->message_rule->payload_rules[i]; enumerator = create_payload_enumerator(this); - + /* check all payloads for specific rule */ while (enumerator->enumerate(enumerator, ¤t_payload)) { payload_type_t current_payload_type; unknown_payload_t *unknown_payload; - + current_payload_type = current_payload->get_type(current_payload); if (current_payload_type == UNKNOWN_PAYLOAD) { @@ -1465,7 +1515,7 @@ static status_t verify(private_message_t *this) DBG1(DBG_ENC, "%N is not supported, but its critical!", payload_type_names, current_payload_type); enumerator->destroy(enumerator); - return NOT_SUPPORTED; + return NOT_SUPPORTED; } } else if (current_payload_type == rule->payload_type) @@ -1474,8 +1524,8 @@ static status_t verify(private_message_t *this) total_found_payloads++; DBG2(DBG_ENC, "found payload of type %N", payload_type_names, rule->payload_type); - - /* as soon as ohe payload occures more then specified, + + /* as soon as ohe payload occures more then specified, * the verification fails */ if (found_payloads > rule->max_occurence) @@ -1489,7 +1539,7 @@ static status_t verify(private_message_t *this) } } } - + if (found_payloads < rule->min_occurence) { DBG1(DBG_ENC, "payload of type %N not occured %d times (%d)", @@ -1502,7 +1552,7 @@ static status_t verify(private_message_t *this) this->payloads->get_count(this->payloads) == total_found_payloads) { enumerator->destroy(enumerator); - return SUCCESS; + return SUCCESS; } enumerator->destroy(enumerator); } @@ -1512,14 +1562,15 @@ static status_t verify(private_message_t *this) /** * Implementation of message_t.parse_body. */ -static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t *signer) +static status_t parse_body(private_message_t *this, crypter_t *crypter, + signer_t *signer) { status_t status = SUCCESS; payload_type_t current_payload_type; char str[256]; - - current_payload_type = this->first_payload; - + + current_payload_type = this->first_payload; + DBG2(DBG_ENC, "parsing body of message, first payload is %N", payload_type_names, current_payload_type); @@ -1527,13 +1578,13 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t while ((current_payload_type != NO_PAYLOAD)) { payload_t *current_payload; - - DBG2(DBG_ENC, "starting parsing a %N payload", + + DBG2(DBG_ENC, "starting parsing a %N payload", payload_type_names, current_payload_type); - + /* parse current payload */ - status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) ¤t_payload); - + status = this->parser->parse_payload(this->parser, current_payload_type, + (payload_t**)¤t_payload); if (status != SUCCESS) { DBG1(DBG_ENC, "payload type %N could not be parsed", @@ -1543,7 +1594,7 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t DBG2(DBG_ENC, "verifying payload of type %N", payload_type_names, current_payload_type); - + /* verify it, stop parsig if its invalid */ status = current_payload->verify(current_payload); if (status != SUCCESS) @@ -1553,19 +1604,20 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t current_payload->destroy(current_payload); return VERIFY_ERROR; } - + DBG2(DBG_ENC, "%N payload verified. Adding to payload list", payload_type_names, current_payload_type); this->payloads->insert_last(this->payloads,current_payload); - - /* an encryption payload is the last one, so STOP here. decryption is done later */ + + /* an encryption payload is the last one, so STOP here. decryption is + * done later */ if (current_payload_type == ENCRYPTED) { DBG2(DBG_ENC, "%N payload found. Stop parsing", payload_type_names, current_payload_type); break; } - + /* get next payload type */ current_payload_type = current_payload->get_next_type(current_payload); } @@ -1579,15 +1631,15 @@ static status_t parse_body(private_message_t *this, crypter_t *crypter, signer_t return status; } } - + status = verify(this); if (status != SUCCESS) { return status; } - + DBG1(DBG_ENC, "parsed %s", get_string(this, str, sizeof(str))); - + return SUCCESS; } @@ -1641,26 +1693,26 @@ message_t *message_create_from_packet(packet_t *packet) this->public.get_packet = (packet_t * (*) (message_t*)) get_packet; this->public.get_packet_data = (chunk_t (*) (message_t *this)) get_packet_data; this->public.destroy = (void(*)(message_t*))destroy; - + /* private values */ this->exchange_type = EXCHANGE_TYPE_UNDEFINED; this->is_request = TRUE; this->ike_sa_id = NULL; this->first_payload = NO_PAYLOAD; this->message_id = 0; - + /* private values */ if (packet == NULL) { - packet = packet_create(); + packet = packet_create(); } this->message_rule = NULL; this->packet = packet; this->payloads = linked_list_create(); - + /* parser is created from data of packet */ this->parser = parser_create(this->packet->get_data(this->packet)); - + return (&this->public); } diff --git a/src/charon/encoding/message.h b/src/charon/encoding/message.h index 1db3ea0cc..2c7718f49 100644 --- a/src/charon/encoding/message.h +++ b/src/charon/encoding/message.h @@ -58,7 +58,7 @@ struct message_t { * @return major version of the message */ u_int8_t (*get_major_version) (message_t *this); - + /** * Sets the IKE minor version of the message. * @@ -86,7 +86,7 @@ struct message_t { * @return message_id type of the message */ u_int32_t (*get_message_id) (message_t *this); - + /** * Gets the initiator SPI of the message. * @@ -103,7 +103,7 @@ struct message_t { /** * Sets the IKE_SA ID of the message. - * + * * ike_sa_id gets cloned. * * @param ike_sa_id ike_sa_id to set @@ -132,10 +132,10 @@ struct message_t { * @return exchange type of the message */ exchange_type_t (*get_exchange_type) (message_t *this); - + /** * Gets the payload type of the first payload. - * + * * @return payload type of the first payload */ payload_type_t (*get_first_payload_type) (message_t *this); @@ -156,20 +156,20 @@ struct message_t { /** * Append a payload to the message. - * + * * If the payload must be encrypted is not specified here. Encryption * of payloads is evaluated via internal rules for the messages and * is done before generation. The order of payloads may change, since - * all payloads to encrypt are added to the encryption payload, which is + * all payloads to encrypt are added to the encryption payload, which is * always the last one. * * @param payload payload to append - */ + */ void (*add_payload) (message_t *this, payload_t *payload); /** * Build a notify payload and add it to the message. - * + * * This is a helper method to create notify messages or add * notify payload to messages. The flush parameter specifies if existing * payloads should get removed before appending the notify. @@ -177,13 +177,13 @@ struct message_t { * @param flush TRUE to remove existing payloads * @param type type of the notify * @param data a chunk of data to add to the notify, gets cloned - */ - void (*add_notify) (message_t *this, bool flush, notify_type_t type, + */ + void (*add_notify) (message_t *this, bool flush, notify_type_t type, chunk_t data); /** * Parses header of message. - * + * * Begins parisng of a message created via message_create_from_packet(). * The parsing context is stored, so a subsequent call to parse_body() * will continue the parsing process. @@ -194,17 +194,17 @@ struct message_t { * - FAILED if consistence check of header failed */ status_t (*parse_header) (message_t *this); - + /** * Parses body of message. - * - * The body gets not only parsed, but rather it gets verified. - * All payloads are verified if they are allowed to exist in the message - * of this type and if their own structure is ok. - * If there are encrypted payloads, they get decrypted via the supplied + * + * The body gets not only parsed, but rather it gets verified. + * All payloads are verified if they are allowed to exist in the message + * of this type and if their own structure is ok. + * If there are encrypted payloads, they get decrypted via the supplied * crypter. Also the message integrity gets verified with the supplied * signer. - * Crypter/signer can be omitted (by passing NULL) when no encryption + * Crypter/signer can be omitted (by passing NULL) when no encryption * payload is expected. * * @param crypter crypter to decrypt encryption payloads @@ -222,13 +222,13 @@ struct message_t { /** * Generates the UDP packet of specific message. - * + * * Payloads which must be encrypted are generated first and added to - * an encryption payload. This encryption payload will get encrypted via + * an encryption payload. This encryption payload will get encrypted via * the supplied crypter. Then all other payloads and the header get generated. - * After that, the checksum is added to the encryption payload over the full + * After that, the checksum is added to the encryption payload over the full * message. - * Crypter/signer can be omitted (by passing NULL) when no encryption + * Crypter/signer can be omitted (by passing NULL) when no encryption * payload is expected. * Generation is only done once, multiple calls will just return a packet copy. * @@ -240,66 +240,66 @@ struct message_t { * - INVALID_STATE if exchange type is currently not set * - NOT_FOUND if no rules found for message generation * - INVALID_STATE if crypter/signer not supplied but needed. - */ + */ status_t (*generate) (message_t *this, crypter_t *crypter, signer_t *signer, packet_t **packet); /** - * Gets the source host informations. - * - * @warning Returned host_t object is not getting cloned, + * Gets the source host informations. + * + * @warning Returned host_t object is not getting cloned, * do not destroy nor modify. * * @return host_t object representing source host - */ + */ host_t * (*get_source) (message_t *this); - + /** - * Sets the source host informations. - * + * Sets the source host informations. + * * @warning host_t object is not getting cloned and gets destroyed by * message_t.destroy or next call of message_t.set_source. * * @param host host_t object representing source host - */ + */ void (*set_source) (message_t *this, host_t *host); /** - * Gets the destination host informations. - * - * @warning Returned host_t object is not getting cloned, + * Gets the destination host informations. + * + * @warning Returned host_t object is not getting cloned, * do not destroy nor modify. * * @return host_t object representing destination host - */ + */ host_t * (*get_destination) (message_t *this); /** - * Sets the destination host informations. - * + * Sets the destination host informations. + * * @warning host_t object is not getting cloned and gets destroyed by * message_t.destroy or next call of message_t.set_destination. * * @param host host_t object representing destination host - */ + */ void (*set_destination) (message_t *this, host_t *host); - + /** * Create an enumerator over all payloads. * * @return enumerator over payload_t - */ + */ enumerator_t * (*create_payload_enumerator) (message_t *this); - + /** * Find a payload of a specific type. - * - * Returns the first occurance. + * + * Returns the first occurance. * * @param type type of the payload to find * @return payload, or NULL if no such payload found - */ + */ payload_t* (*get_payload) (message_t *this, payload_type_t type); - + /** * Get the first notify payload of a specific type. * @@ -307,21 +307,21 @@ struct message_t { * @return notify payload, NULL if no such notify found */ notify_payload_t* (*get_notify)(message_t *this, notify_type_t type); - + /** * Returns a clone of the internal stored packet_t object. * * @return packet_t object as clone of internal one - */ + */ packet_t * (*get_packet) (message_t *this); - + /** * Returns a clone of the internal stored packet_t data. * * @return clone of the internal stored packet_t data. - */ + */ chunk_t (*get_packet_data) (message_t *this); - + /** * Destroys a message and all including objects. */ @@ -330,16 +330,16 @@ struct message_t { /** * Creates an message_t object from a incoming UDP Packet. - * - * @warning the given packet_t object is not copied and gets + * + * @warning the given packet_t object is not copied and gets * destroyed in message_t's destroy call. - * + * * - exchange_type is set to NOT_SET * - original_initiator is set to TRUE * - is_request is set to TRUE * Call message_t.parse_header afterwards. - * - * @param packet packet_t object which is assigned to message + * + * @param packet packet_t object which is assigned to message * @return message_t object */ message_t * message_create_from_packet(packet_t *packet); @@ -351,7 +351,7 @@ message_t * message_create_from_packet(packet_t *packet); * - exchange_type is set to NOT_SET * - original_initiator is set to TRUE * - is_request is set to TRUE - * + * * @return message_t object */ message_t * message_create(void); diff --git a/src/charon/encoding/parser.c b/src/charon/encoding/parser.c index ac2b78c28..9aa34b1bc 100644 --- a/src/charon/encoding/parser.c +++ b/src/charon/encoding/parser.c @@ -50,7 +50,7 @@ typedef struct private_parser_t private_parser_t; /** * Private data stored in a context. - * + * * Contains pointers and counters to store current state. */ struct private_parser_t { @@ -58,27 +58,27 @@ struct private_parser_t { * Public members, see parser_t. */ parser_t public; - + /** * Current bit for reading in input data. */ u_int8_t bit_pos; - + /** * Current byte for reading in input data. */ u_int8_t *byte_pos; - + /** * Input data to parse. */ u_int8_t *input; - + /** * Roof of input, used for length-checking. */ u_int8_t *input_roof; - + /** * Set of encoding rules for this parsing session. */ @@ -277,11 +277,11 @@ static bool parse_bit(private_parser_t *this, int rule_number, return short_input(this, rule_number); } if (output_pos) - { + { u_int8_t mask; mask = 0x01 << (7 - this->bit_pos); *output_pos = *this->byte_pos & mask; - + if (*output_pos) { /* set to a "clean", comparable true */ *output_pos = TRUE; @@ -303,7 +303,7 @@ static bool parse_list(private_parser_t *this, int rule_number, linked_list_t **output_pos, payload_type_t payload_type, int length) { linked_list_t *list = *output_pos; - + if (length < 0) { return short_input(this, rule_number); @@ -316,10 +316,10 @@ static bool parse_list(private_parser_t *this, int rule_number, { u_int8_t *pos_before = this->byte_pos; payload_t *payload; - + DBG2(DBG_ENC, " %d bytes left, parsing recursively %N", length, payload_type_names, payload_type); - + if (parse_payload(this, payload_type, &payload) != SUCCESS) { DBG1(DBG_ENC, " parsing of a %N substructure failed", @@ -377,25 +377,25 @@ static status_t parse_payload(private_parser_t *this, bool attribute_format = FALSE; int rule_number; encoding_rule_t *rule; - + /* create instance of the payload to parse */ pld = payload_create(payload_type); - + DBG2(DBG_ENC, "parsing %N payload, %d bytes left", payload_type_names, payload_type, this->input_roof - this->byte_pos); - + DBG3(DBG_ENC, "parsing payload from %b", this->byte_pos, this->input_roof - this->byte_pos); - + if (pld->get_type(pld) == UNKNOWN_PAYLOAD) { DBG1(DBG_ENC, " payload type %d is unknown, handling as %N", payload_type, payload_type_names, UNKNOWN_PAYLOAD); } - + /* base pointer for output, avoids casting in every rule */ output = pld; - + /* parse the payload with its own rulse */ pld->get_encoding_rules(pld, &this->rules, &rule_count); for (rule_number = 0; rule_number < rule_count; rule_number++) @@ -765,7 +765,7 @@ static status_t parse_payload(private_parser_t *this, case ADDRESS: { int address_length = (ts_type == TS_IPV4_ADDR_RANGE) ? 4 : 16; - + if (!parse_chunk(this, rule_number, output + rule->offset, address_length)) { @@ -808,7 +808,7 @@ static status_t parse_payload(private_parser_t *this, /* process next rulue */ rule++; } - + *payload = pld; DBG2(DBG_ENC, "parsing %N payload finished", payload_type_names, payload_type); @@ -846,17 +846,17 @@ static void destroy(private_parser_t *this) parser_t *parser_create(chunk_t data) { private_parser_t *this = malloc_thing(private_parser_t); - + this->public.parse_payload = (status_t(*)(parser_t*,payload_type_t,payload_t**))parse_payload; this->public.reset_context = (void(*)(parser_t*)) reset_context; this->public.get_remaining_byte_count = (int (*) (parser_t *))get_remaining_byte_count; this->public.destroy = (void(*)(parser_t*)) destroy; - + this->input = data.ptr; this->byte_pos = data.ptr; this->bit_pos = 0; this->input_roof = data.ptr + data.len; - + return &this->public; } diff --git a/src/charon/encoding/parser.h b/src/charon/encoding/parser.h index 230492438..27c5f03fe 100644 --- a/src/charon/encoding/parser.h +++ b/src/charon/encoding/parser.h @@ -36,32 +36,32 @@ typedef struct parser_t parser_t; * The parser remains the state until destroyed. */ struct parser_t { - + /** * Parses the next payload. - * + * * @warning Caller is responsible for freeing allocated payload. - * + * * Rules for parsing are described in the payload definition. * * @param payload_type payload type to parse * @param payload pointer where parsed payload was allocated - * @return + * @return * - SUCCESSFUL if succeeded, * - PARSE_ERROR if corrupted/invalid data found */ status_t (*parse_payload) (parser_t *this, payload_type_t payload_type, payload_t **payload); - + /** * Gets the remaining byte count which is not currently parsed. */ int (*get_remaining_byte_count) (parser_t *this); - + /** * Resets the current parser context. */ void (*reset_context) (parser_t *this); - + /** * Destroys a parser_t object. */ @@ -70,7 +70,7 @@ struct parser_t { /** * Constructor to create a parser_t object. - * + * * @param data chunk of data to parse with this parser_t object * @return parser_t object */ diff --git a/src/charon/encoding/payloads/auth_payload.c b/src/charon/encoding/payloads/auth_payload.c index 53406f564..d31208abb 100644 --- a/src/charon/encoding/payloads/auth_payload.c +++ b/src/charon/encoding/payloads/auth_payload.c @@ -23,15 +23,15 @@ typedef struct private_auth_payload_t private_auth_payload_t; /** * Private data of an auth_payload_t object. - * + * */ struct private_auth_payload_t { - + /** * Public auth_payload_t interface. */ auth_payload_t public; - + /** * Next payload type. */ @@ -41,17 +41,17 @@ struct private_auth_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Method of the AUTH Data. */ u_int8_t auth_method; - + /** * The contained auth data value. */ @@ -60,16 +60,16 @@ struct private_auth_payload_t { /** * Encoding rules to parse or generate a AUTH payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_auth_payload_t. */ encoding_rule_t auth_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_auth_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_auth_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -79,7 +79,7 @@ encoding_rule_t auth_payload_encodings[] = { { RESERVED_BIT, 0 }, /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_auth_payload_t, payload_length)}, - /* 1 Byte AUTH type*/ + /* 1 Byte AUTH type*/ { U_INT_8, offsetof(private_auth_payload_t, auth_method) }, /* 3 reserved bytes */ { RESERVED_BYTE, 0 }, @@ -221,8 +221,8 @@ static void destroy(private_auth_payload_t *this) { chunk_free(&(this->auth_data)); } - - free(this); + + free(this); } /* @@ -240,7 +240,7 @@ auth_payload_t *auth_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (auth_payload_t *)) destroy; this->public.set_auth_method = (void (*) (auth_payload_t *,auth_method_t)) set_auth_method; @@ -248,7 +248,7 @@ auth_payload_t *auth_payload_create() this->public.set_data = (void (*) (auth_payload_t *,chunk_t)) set_data; this->public.get_data_clone = (chunk_t (*) (auth_payload_t *)) get_data_clone; this->public.get_data = (chunk_t (*) (auth_payload_t *)) get_data; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/auth_payload.h b/src/charon/encoding/payloads/auth_payload.h index 4287f14d9..37ee149db 100644 --- a/src/charon/encoding/payloads/auth_payload.h +++ b/src/charon/encoding/payloads/auth_payload.h @@ -39,7 +39,7 @@ typedef struct auth_payload_t auth_payload_t; * The AUTH payload format is described in RFC section 3.8. */ struct auth_payload_t { - + /** * The payload_t interface. */ @@ -51,41 +51,41 @@ struct auth_payload_t { * @param method auth_method_t to use */ void (*set_auth_method) (auth_payload_t *this, auth_method_t method); - + /** * Get the AUTH method. * * @return auth_method_t used */ auth_method_t (*get_auth_method) (auth_payload_t *this); - + /** * Set the AUTH data. - * + * * Data gets cloned. * * @param data AUTH data as chunk_t */ void (*set_data) (auth_payload_t *this, chunk_t data); - + /** * Get the AUTH data. - * + * * Returned data are a copy of the internal one. * * @return AUTH data as chunk_t */ chunk_t (*get_data_clone) (auth_payload_t *this); - + /** * Get the AUTH data. - * + * * Returned data are NOT copied * * @return AUTH data as chunk_t */ chunk_t (*get_data) (auth_payload_t *this); - + /** * Destroys an auth_payload_t object. */ @@ -94,7 +94,7 @@ struct auth_payload_t { /** * Creates an empty auth_payload_t object. - * + * * @return auth_payload_t object */ auth_payload_t *auth_payload_create(void); diff --git a/src/charon/encoding/payloads/cert_payload.c b/src/charon/encoding/payloads/cert_payload.c index 54a8c1392..6dd3141f0 100644 --- a/src/charon/encoding/payloads/cert_payload.c +++ b/src/charon/encoding/payloads/cert_payload.c @@ -43,14 +43,14 @@ typedef struct private_cert_payload_t private_cert_payload_t; /** * Private data of an cert_payload_t object. - * + * */ struct private_cert_payload_t { /** * Public cert_payload_t interface. */ cert_payload_t public; - + /** * Next payload type. */ @@ -60,22 +60,22 @@ struct private_cert_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Encoding of the CERT Data. */ u_int8_t encoding; - + /** * The contained cert data value. */ chunk_t data; - + /** * TRUE if the "Hash and URL" data is invalid */ @@ -84,17 +84,17 @@ struct private_cert_payload_t { /** * Encoding rules to parse or generate a CERT payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_cert_payload_t. - * + * */ encoding_rule_t cert_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_cert_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_cert_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -104,7 +104,7 @@ encoding_rule_t cert_payload_encodings[] = { { RESERVED_BIT, 0 }, /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_cert_payload_t, payload_length)}, - /* 1 Byte CERT type*/ + /* 1 Byte CERT type*/ { U_INT_8, offsetof(private_cert_payload_t, encoding) }, /* some cert data bytes, length is defined in PAYLOAD_LENGTH */ { CERT_DATA, offsetof(private_cert_payload_t, data) } @@ -139,7 +139,7 @@ static status_t verify(private_cert_payload_t *this) this->invalid_hash_and_url = TRUE; return SUCCESS; } - + int i = 20; /* skipping the hash */ for (; i < this->data.len; ++i) { @@ -156,7 +156,7 @@ static status_t verify(private_cert_payload_t *this) return SUCCESS; } } - + /* URL is not null terminated, correct that */ chunk_t data = chunk_alloc(this->data.len + 1); memcpy(data.ptr, this->data.ptr, this->data.len); @@ -268,7 +268,7 @@ static char *get_url(private_cert_payload_t *this) static void destroy(private_cert_payload_t *this) { chunk_free(&this->data); - free(this); + free(this); } /* @@ -285,13 +285,13 @@ cert_payload_t *cert_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t*,payload_type_t))set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t*))get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t*))destroy; - + this->public.destroy = (void (*) (cert_payload_t*))destroy; this->public.get_cert = (certificate_t* (*) (cert_payload_t*))get_cert; this->public.get_cert_encoding = (cert_encoding_t (*) (cert_payload_t*))get_cert_encoding; this->public.get_hash = (chunk_t (*) (cert_payload_t*))get_hash; this->public.get_url = (char* (*) (cert_payload_t*))get_url; - + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = CERT_PAYLOAD_HEADER_LENGTH; @@ -331,14 +331,9 @@ cert_payload_t *cert_payload_create_from_cert(certificate_t *cert) cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url) { private_cert_payload_t *this = (private_cert_payload_t*)cert_payload_create(); - chunk_t url_chunk; - + this->encoding = ENC_X509_HASH_AND_URL; - - url_chunk.ptr = url; - url_chunk.len = strlen(url) + 1; - - this->data = chunk_cat("cc", hash, url_chunk); + this->data = chunk_cat("cc", hash, chunk_create(url, strlen(url))); this->payload_length = CERT_PAYLOAD_HEADER_LENGTH + this->data.len; return &this->public; } diff --git a/src/charon/encoding/payloads/cert_payload.h b/src/charon/encoding/payloads/cert_payload.h index fba404ee2..aa1c7bf5a 100644 --- a/src/charon/encoding/payloads/cert_payload.h +++ b/src/charon/encoding/payloads/cert_payload.h @@ -65,45 +65,45 @@ extern enum_name_t *cert_encoding_names; * The CERT payload format is described in RFC section 3.6. */ struct cert_payload_t { - + /** * The payload_t interface. */ payload_t payload_interface; - + /** * Get the playoads encoded certifcate. * * @return certifcate copy */ certificate_t *(*get_cert)(cert_payload_t *this); - + /** * Get the encoding of the certificate. - * + * * @return encoding */ cert_encoding_t (*get_cert_encoding)(cert_payload_t *this); - + /** * Get the hash if this is a hash and URL encoded certificate. - * + * * This function returns internal data, do not free. - * + * * @return hash */ chunk_t (*get_hash)(cert_payload_t *this); - + /** * Get the URL if this is a hash and URL encoded certificate. - * + * * This function returns internal data, do not free. - * + * * @return url */ char *(*get_url)(cert_payload_t *this); - - + + /** * Destroys the cert_payload object. */ @@ -112,14 +112,14 @@ struct cert_payload_t { /** * Creates an empty certificate payload. - * + * * @return cert_payload_t object */ cert_payload_t *cert_payload_create(void); /** * Creates a certificate payload with an embedded certificate. - * + * * @param cert certificate to embed * @return cert_payload_t object */ @@ -127,7 +127,7 @@ cert_payload_t *cert_payload_create_from_cert(certificate_t *cert); /** * Creates a certificate payload with hash and URL encoding of a certificate. - * + * * @param hash hash of the DER encoded certificate (get's cloned) * @param url the URL to locate the certificate (get's cloned) * @return cert_payload_t object diff --git a/src/charon/encoding/payloads/certreq_payload.c b/src/charon/encoding/payloads/certreq_payload.c index 50adedb28..9ff0bdde0 100644 --- a/src/charon/encoding/payloads/certreq_payload.c +++ b/src/charon/encoding/payloads/certreq_payload.c @@ -27,14 +27,14 @@ typedef struct private_certreq_payload_t private_certreq_payload_t; /** * Private data of an certreq_payload_t object. - * + * */ struct private_certreq_payload_t { /** * Public certreq_payload_t interface. */ certreq_payload_t public; - + /** * Next payload type. */ @@ -44,17 +44,17 @@ struct private_certreq_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Encoding of the CERT Data. */ u_int8_t encoding; - + /** * The contained certreq data value. */ @@ -63,10 +63,10 @@ struct private_certreq_payload_t { /** * Encoding rules to parse or generate a CERTREQ payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_certreq_payload_t. - * + * */ encoding_rule_t certreq_payload_encodings[] = { /* 1 Byte next payload type, stored in the field next_payload */ @@ -160,7 +160,7 @@ static size_t get_length(private_certreq_payload_t *this) { return this->payload_length; } - + /** * Implementation of certreq_payload_t.add_keyid. */ @@ -240,7 +240,7 @@ static certificate_type_t get_cert_type(private_certreq_payload_t *this) static void destroy(private_certreq_payload_t *this) { chunk_free(&this->data); - free(this); + free(this); } /* @@ -258,13 +258,13 @@ certreq_payload_t *certreq_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t*,payload_type_t))set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t*))get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t*))destroy; - + /* public functions */ this->public.destroy = (void (*) (certreq_payload_t*)) destroy; this->public.create_keyid_enumerator = (enumerator_t*(*)(certreq_payload_t*))create_keyid_enumerator; this->public.get_cert_type = (certificate_type_t(*)(certreq_payload_t*))get_cert_type; this->public.add_keyid = (void(*)(certreq_payload_t*, chunk_t keyid))add_keyid; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -281,7 +281,7 @@ certreq_payload_t *certreq_payload_create() certreq_payload_t *certreq_payload_create_type(certificate_type_t type) { private_certreq_payload_t *this = (private_certreq_payload_t*)certreq_payload_create(); - + switch (type) { case CERT_X509: diff --git a/src/charon/encoding/payloads/certreq_payload.h b/src/charon/encoding/payloads/certreq_payload.h index ff9814f8a..914063628 100644 --- a/src/charon/encoding/payloads/certreq_payload.h +++ b/src/charon/encoding/payloads/certreq_payload.h @@ -50,14 +50,14 @@ struct certreq_payload_t { * @return enumerator over chunk_t's. */ enumerator_t* (*create_keyid_enumerator)(certreq_payload_t *this); - + /** * Get the type of contained certificate keyids. * * @return certificate keyid type */ certificate_type_t (*get_cert_type)(certreq_payload_t *this); - + /** * Add a certificates keyid to the payload. * @@ -65,7 +65,7 @@ struct certreq_payload_t { * @return */ void (*add_keyid)(certreq_payload_t *this, chunk_t keyid); - + /** * Destroys an certreq_payload_t object. */ @@ -74,14 +74,14 @@ struct certreq_payload_t { /** * Creates an empty certreq_payload_t object. - * + * * @return certreq payload */ certreq_payload_t *certreq_payload_create(void); /** * Creates an empty certreq_payload_t for a kind of certificates. - * + * * @param type type of the added keyids * @return certreq payload */ diff --git a/src/charon/encoding/payloads/configuration_attribute.c b/src/charon/encoding/payloads/configuration_attribute.c index 674feeddd..9094fd44d 100644 --- a/src/charon/encoding/payloads/configuration_attribute.c +++ b/src/charon/encoding/payloads/configuration_attribute.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -27,67 +27,45 @@ typedef struct private_configuration_attribute_t private_configuration_attribute /** * Private data of an configuration_attribute_t object. - * + * */ struct private_configuration_attribute_t { /** * Public configuration_attribute_t interface. */ configuration_attribute_t public; - + /** * Type of the attribute. */ - u_int16_t attribute_type; - + u_int16_t type; + /** * Length of the attribute. */ - u_int16_t attribute_length; + u_int16_t length; /** * Attribute value as chunk. */ - chunk_t attribute_value; + chunk_t value; }; -ENUM_BEGIN(configuration_attribute_type_names, INTERNAL_IP4_ADDRESS, INTERNAL_IP6_ADDRESS, - "INTERNAL_IP4_ADDRESS", - "INTERNAL_IP4_NETMASK", - "INTERNAL_IP4_DNS", - "INTERNAL_IP4_NBNS", - "INTERNAL_ADDRESS_EXPIRY", - "INTERNAL_IP4_DHCP", - "APPLICATION_VERSION", - "INTERNAL_IP6_ADDRESS"); -ENUM_NEXT(configuration_attribute_type_names, INTERNAL_IP6_DNS, INTERNAL_IP6_SUBNET, INTERNAL_IP6_ADDRESS, - "INTERNAL_IP6_DNS", - "INTERNAL_IP6_NBNS", - "INTERNAL_IP6_DHCP", - "INTERNAL_IP4_SUBNET", - "SUPPORTED_ATTRIBUTES", - "INTERNAL_IP6_SUBNET"); -ENUM_NEXT(configuration_attribute_type_names, INTERNAL_IP4_SERVER, INTERNAL_IP6_SERVER, INTERNAL_IP6_SUBNET, - "INTERNAL_IP4_SERVER", - "INTERNAL_IP6_SERVER"); -ENUM_END(configuration_attribute_type_names, INTERNAL_IP6_SERVER); - /** * Encoding rules to parse or generate a configuration attribute. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_configuration_attribute_t. - * */ encoding_rule_t configuration_attribute_encodings[] = { - { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, attribute_type) }, + { ATTRIBUTE_TYPE, offsetof(private_configuration_attribute_t, type) }, /* Length of attribute value */ - { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, attribute_length)}, + { CONFIGURATION_ATTRIBUTE_LENGTH, offsetof(private_configuration_attribute_t, length) }, /* Value of attribute if attribute format flag is zero */ - { CONFIGURATION_ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, attribute_value)} + { CONFIGURATION_ATTRIBUTE_VALUE, offsetof(private_configuration_attribute_t, value) } }; /* @@ -109,66 +87,65 @@ static status_t verify(private_configuration_attribute_t *this) { bool failed = FALSE; - if (this->attribute_length != this->attribute_value.len) + if (this->length != this->value.len) { DBG1(DBG_ENC, "invalid attribute length"); return FAILED; } - switch (this->attribute_type) + switch (this->type) { - case INTERNAL_IP4_ADDRESS: - case INTERNAL_IP4_NETMASK: + case INTERNAL_IP4_ADDRESS: + case INTERNAL_IP4_NETMASK: case INTERNAL_IP4_DNS: case INTERNAL_IP4_NBNS: case INTERNAL_ADDRESS_EXPIRY: case INTERNAL_IP4_DHCP: - if (this->attribute_length != 0 && this->attribute_length != 4) - { + if (this->length != 0 && this->length != 4) + { failed = TRUE; - } + } break; case INTERNAL_IP4_SUBNET: - if (this->attribute_length != 0 && this->attribute_length != 8) - { + if (this->length != 0 && this->length != 8) + { failed = TRUE; - } + } break; case INTERNAL_IP6_ADDRESS: case INTERNAL_IP6_SUBNET: - if (this->attribute_length != 0 && this->attribute_length != 17) - { + if (this->length != 0 && this->length != 17) + { failed = TRUE; - } + } break; case INTERNAL_IP6_DNS: case INTERNAL_IP6_NBNS: case INTERNAL_IP6_DHCP: - if (this->attribute_length != 0 && this->attribute_length != 16) - { + if (this->length != 0 && this->length != 16) + { failed = TRUE; - } + } break; case SUPPORTED_ATTRIBUTES: - if (this->attribute_length % 2) - { + if (this->length % 2) + { failed = TRUE; - } + } break; case APPLICATION_VERSION: - /* any length acceptable */ - break; + /* any length acceptable */ + break; default: - DBG1(DBG_ENC, "unknown attribute type %N", - configuration_attribute_type_names, this->attribute_type); - break; + DBG1(DBG_ENC, "unknown attribute type %N", + configuration_attribute_type_names, this->type); + break; } - + if (failed) { DBG1(DBG_ENC, "invalid attribute length %d for %N", - this->attribute_length, configuration_attribute_type_names, - this->attribute_type); + this->length, configuration_attribute_type_names, this->type); return FAILED; } return SUCCESS; @@ -177,7 +154,8 @@ static status_t verify(private_configuration_attribute_t *this) /** * Implementation of payload_t.get_encoding_rules. */ -static void get_encoding_rules(private_configuration_attribute_t *this, encoding_rule_t **rules, size_t *rule_count) +static void get_encoding_rules(private_configuration_attribute_t *this, + encoding_rule_t **rules, size_t *rule_count) { *rules = configuration_attribute_encodings; *rule_count = sizeof(configuration_attribute_encodings) / sizeof(encoding_rule_t); @@ -196,13 +174,14 @@ static payload_type_t get_type(private_configuration_attribute_t *this) */ static payload_type_t get_next_type(private_configuration_attribute_t *this) { - return (NO_PAYLOAD); + return NO_PAYLOAD; } /** * Implementation of payload_t.set_next_type. */ -static void set_next_type(private_configuration_attribute_t *this,payload_type_t type) +static void set_next_type(private_configuration_attribute_t *this, + payload_type_t type) { } @@ -211,99 +190,75 @@ static void set_next_type(private_configuration_attribute_t *this,payload_type_t */ static size_t get_length(private_configuration_attribute_t *this) { - return (this->attribute_value.len + CONFIGURATION_ATTRIBUTE_HEADER_LENGTH); + return this->value.len + CONFIGURATION_ATTRIBUTE_HEADER_LENGTH; } /** - * Implementation of configuration_attribute_t.set_value. + * Implementation of configuration_attribute_t.get_type. */ -static void set_value(private_configuration_attribute_t *this, chunk_t value) +static configuration_attribute_type_t get_configuration_attribute_type( + private_configuration_attribute_t *this) { - if (this->attribute_value.ptr != NULL) - { - /* free existing value */ - chunk_free(&(this->attribute_value)); - } - - this->attribute_value.ptr = clalloc(value.ptr,value.len); - this->attribute_value.len = value.len; - - this->attribute_length = this->attribute_value.len; + return this->type; } /** * Implementation of configuration_attribute_t.get_value. */ -static chunk_t get_value (private_configuration_attribute_t *this) +static chunk_t get_value(private_configuration_attribute_t *this) { - return this->attribute_value; + return this->value; } /** - * Implementation of configuration_attribute_t.set_type. + * Implementation of configuration_attribute_t.destroy and payload_t.destroy. */ -static void set_attribute_type (private_configuration_attribute_t *this, u_int16_t type) +static void destroy(private_configuration_attribute_t *this) { - this->attribute_type = type & 0x7FFF; + free(this->value.ptr); + free(this); } -/** - * Implementation of configuration_attribute_t.get_type. +/* + * Described in header. */ -static u_int16_t get_attribute_type (private_configuration_attribute_t *this) +configuration_attribute_t *configuration_attribute_create() { - return this->attribute_type; -} + private_configuration_attribute_t *this; -/** - * Implementation of configuration_attribute_t.get_length. - */ -static u_int16_t get_attribute_length (private_configuration_attribute_t *this) -{ - return this->attribute_length; -} + this = malloc_thing(private_configuration_attribute_t); + this->public.payload_interface.verify = (status_t(*)(payload_t *))verify; + this->public.payload_interface.get_encoding_rules = (void(*)(payload_t *, encoding_rule_t **, size_t *) )get_encoding_rules; + this->public.payload_interface.get_length = (size_t(*)(payload_t *))get_length; + this->public.payload_interface.get_next_type = (payload_type_t(*)(payload_t *))get_next_type; + this->public.payload_interface.set_next_type = (void(*)(payload_t *,payload_type_t))set_next_type; + this->public.payload_interface.get_type = (payload_type_t(*)(payload_t *))get_type; + this->public.payload_interface.destroy = (void(*)(payload_t*))destroy; + this->public.get_value = (chunk_t(*)(configuration_attribute_t *))get_value; + this->public.get_type = (configuration_attribute_type_t(*)(configuration_attribute_t *))get_configuration_attribute_type; + this->public.destroy = (void (*)(configuration_attribute_t*))destroy; -/** - * Implementation of configuration_attribute_t.destroy and payload_t.destroy. - */ -static void destroy(private_configuration_attribute_t *this) -{ - if (this->attribute_value.ptr != NULL) - { - free(this->attribute_value.ptr); - } - free(this); + this->type = 0; + this->value = chunk_empty; + this->length = 0; + + return &this->public; } /* * Described in header. */ -configuration_attribute_t *configuration_attribute_create() +configuration_attribute_t *configuration_attribute_create_value( + configuration_attribute_type_t type, chunk_t value) { - private_configuration_attribute_t *this = malloc_thing(private_configuration_attribute_t); - - /* payload interface */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.set_value = (void (*) (configuration_attribute_t *,chunk_t)) set_value; - this->public.get_value = (chunk_t (*) (configuration_attribute_t *)) get_value; - this->public.set_type = (void (*) (configuration_attribute_t *,u_int16_t type)) set_attribute_type; - this->public.get_type = (u_int16_t (*) (configuration_attribute_t *)) get_attribute_type; - this->public.get_length = (u_int16_t (*) (configuration_attribute_t *)) get_attribute_length; - this->public.destroy = (void (*) (configuration_attribute_t *)) destroy; - - /* set default values of the fields */ - this->attribute_type = 0; - this->attribute_value = chunk_empty; - this->attribute_length = 0; - - return (&(this->public)); + private_configuration_attribute_t *this; + + this = (private_configuration_attribute_t*)configuration_attribute_create(); + this->type = ((u_int16_t)type) & 0x7FFF; + this->value = chunk_clone(value); + this->length = value.len; + + return &this->public; } + diff --git a/src/charon/encoding/payloads/configuration_attribute.h b/src/charon/encoding/payloads/configuration_attribute.h index 404130114..6e4b018bb 100644 --- a/src/charon/encoding/payloads/configuration_attribute.h +++ b/src/charon/encoding/payloads/configuration_attribute.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -22,96 +22,43 @@ #ifndef CONFIGURATION_ATTRIBUTE_H_ #define CONFIGURATION_ATTRIBUTE_H_ -typedef enum configuration_attribute_type_t configuration_attribute_type_t; typedef struct configuration_attribute_t configuration_attribute_t; #include <library.h> +#include <attributes/attributes.h> #include <encoding/payloads/payload.h> - /** * Configuration attribute header length in bytes. */ #define CONFIGURATION_ATTRIBUTE_HEADER_LENGTH 4 /** - * Type of the attribute, as in IKEv2 RFC 3.15.1. - */ -enum configuration_attribute_type_t { - INTERNAL_IP4_ADDRESS = 1, - INTERNAL_IP4_NETMASK = 2, - INTERNAL_IP4_DNS = 3, - INTERNAL_IP4_NBNS = 4, - INTERNAL_ADDRESS_EXPIRY = 5, - INTERNAL_IP4_DHCP = 6, - APPLICATION_VERSION = 7, - INTERNAL_IP6_ADDRESS = 8, - INTERNAL_IP6_DNS = 10, - INTERNAL_IP6_NBNS = 11, - INTERNAL_IP6_DHCP = 12, - INTERNAL_IP4_SUBNET = 13, - SUPPORTED_ATTRIBUTES = 14, - INTERNAL_IP6_SUBNET = 15, - /* proprietary Microsoft attributes */ - INTERNAL_IP4_SERVER = 23456, - INTERNAL_IP6_SERVER = 23457 -}; - -/** - * enum names for configuration_attribute_type_t. - */ -extern enum_name_t *configuration_attribute_type_names; - -/** * Class representing an IKEv2-CONFIGURATION Attribute. - * + * * The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1. */ struct configuration_attribute_t { + /** - * The payload_t interface. + * Implements payload_t interface. */ payload_t payload_interface; /** - * Returns the currently set value of the attribute. - * - * @warning Returned data are not copied. - * - * @return chunk_t pointing to the value - */ - chunk_t (*get_value) (configuration_attribute_t *this); - - /** - * Sets the value of the attribute. - * - * Value is getting copied. - * - * @param value chunk_t pointing to the value to set + * Get the type of the attribute. + * + * @return type of the configuration attribute */ - void (*set_value) (configuration_attribute_t *this, chunk_t value); + configuration_attribute_type_t (*get_type)(configuration_attribute_t *this); /** - * Sets the type of the attribute. - * - * @param type type to set (most significant bit is set to zero) + * Returns the value of the attribute. + * + * @return chunk_t pointing to the internal value */ - void (*set_type) (configuration_attribute_t *this, u_int16_t type); - - /** - * get the type of the attribute. - * - * @return type of the value - */ - u_int16_t (*get_type) (configuration_attribute_t *this); - - /** - * get the length of an attribute. - * - * @return type of the value - */ - u_int16_t (*get_length) (configuration_attribute_t *this); - + chunk_t (*get_value) (configuration_attribute_t *this); + /** * Destroys an configuration_attribute_t object. */ @@ -119,10 +66,20 @@ struct configuration_attribute_t { }; /** - * Creates an empty configuration_attribute_t object. - * - * @return created configuration_attribute_t object + * Creates an empty configuration attribute. + * + * @return created configuration attribute + */ +configuration_attribute_t *configuration_attribute_create(); + +/** + * Creates a configuration attribute with type and value. + * + * @param type type of configuration attribute + * @param value value, gets cloned + * @return created configuration attribute */ -configuration_attribute_t *configuration_attribute_create(void); +configuration_attribute_t *configuration_attribute_create_value( + configuration_attribute_type_t type, chunk_t value); #endif /** CONFIGURATION_ATTRIBUTE_H_ @}*/ diff --git a/src/charon/encoding/payloads/cp_payload.c b/src/charon/encoding/payloads/cp_payload.c index b5f1b35c7..f0a26eee2 100644 --- a/src/charon/encoding/payloads/cp_payload.c +++ b/src/charon/encoding/payloads/cp_payload.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -32,14 +32,14 @@ typedef struct private_cp_payload_t private_cp_payload_t; /** * Private data of an cp_payload_t object. - * + * */ struct private_cp_payload_t { /** * Public cp_payload_t interface. */ cp_payload_t public; - + /** * Next payload type. */ @@ -49,51 +49,51 @@ struct private_cp_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** - * Configuration Attributes in this payload are stored in a linked_list_t. + * List of attributes, as configuration_attribute_t */ - linked_list_t * attributes; - + linked_list_t *attributes; + /** * Config Type. */ - u_int8_t config_type; + u_int8_t type; }; /** * Encoding rules to parse or generate a IKEv2-CP Payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_cp_payload_t. - * + * */ encoding_rule_t cp_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_cp_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_cp_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { FLAG, offsetof(private_cp_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* Length of the whole CP payload*/ - { PAYLOAD_LENGTH, offsetof(private_cp_payload_t, payload_length) }, - /* Proposals are stored in a proposal substructure, + { PAYLOAD_LENGTH, offsetof(private_cp_payload_t, payload_length) }, + /* Proposals are stored in a proposal substructure, offset points to a linked_list_t pointer */ - { U_INT_8, offsetof(private_cp_payload_t, config_type) }, - { RESERVED_BYTE,0 }, - { RESERVED_BYTE,0 }, - { RESERVED_BYTE,0 }, + { U_INT_8, offsetof(private_cp_payload_t, type) }, + { RESERVED_BYTE,0 }, + { RESERVED_BYTE,0 }, + { RESERVED_BYTE,0 }, { CONFIGURATION_ATTRIBUTES, offsetof(private_cp_payload_t, attributes) } }; @@ -117,26 +117,27 @@ encoding_rule_t cp_payload_encodings[] = { static status_t verify(private_cp_payload_t *this) { status_t status = SUCCESS; - iterator_t *iterator; - configuration_attribute_t *attribute; - - iterator = this->attributes->create_iterator(this->attributes,TRUE); - while(iterator->iterate(iterator, (void**)&attribute)) + enumerator_t *enumerator; + payload_t *attribute; + + enumerator = this->attributes->create_enumerator(this->attributes); + while (enumerator->enumerate(enumerator, &attribute)) { - status = attribute->payload_interface.verify(&attribute->payload_interface); + status = attribute->verify(attribute); if (status != SUCCESS) { break; } } - iterator->destroy(iterator); + enumerator->destroy(enumerator); return status; } /** * Implementation of payload_t.get_encoding_rules. */ -static void get_encoding_rules(private_cp_payload_t *this, encoding_rule_t **rules, size_t *rule_count) +static void get_encoding_rules(private_cp_payload_t *this, + encoding_rule_t **rules, size_t *rule_count) { *rules = cp_payload_encodings; *rule_count = sizeof(cp_payload_encodings) / sizeof(encoding_rule_t); @@ -155,7 +156,7 @@ static payload_type_t get_type(private_cp_payload_t *this) */ static payload_type_t get_next_type(private_cp_payload_t *this) { - return (this->next_payload); + return this->next_payload; } /** @@ -171,18 +172,17 @@ static void set_next_type(private_cp_payload_t *this,payload_type_t type) */ static void compute_length(private_cp_payload_t *this) { - iterator_t *iterator; - payload_t *current_attribute; - size_t length = CP_PAYLOAD_HEADER_LENGTH; - - iterator = this->attributes->create_iterator(this->attributes,TRUE); - while (iterator->iterate(iterator, (void**)¤t_attribute)) + enumerator_t *enumerator; + payload_t *attribute; + + this->payload_length = CP_PAYLOAD_HEADER_LENGTH; + + enumerator = this->attributes->create_enumerator(this->attributes); + while (enumerator->enumerate(enumerator, &attribute)) { - length += current_attribute->get_length(current_attribute); + this->payload_length += attribute->get_length(attribute); } - iterator->destroy(iterator); - - this->payload_length = length; + enumerator->destroy(enumerator); } /** @@ -190,41 +190,33 @@ static void compute_length(private_cp_payload_t *this) */ static size_t get_length(private_cp_payload_t *this) { - compute_length(this); return this->payload_length; } /** - * Implementation of cp_payload_t.create_configuration_attribute_iterator. + * Implementation of cp_payload_t.create_attribute_enumerator. */ -static iterator_t *create_attribute_iterator (private_cp_payload_t *this) +static enumerator_t *create_attribute_enumerator(private_cp_payload_t *this) { - return this->attributes->create_iterator(this->attributes, TRUE); + return this->attributes->create_enumerator(this->attributes); } /** - * Implementation of cp_payload_t.add_proposal_substructure. + * Implementation of cp_payload_t.add_attribute. */ -static void add_configuration_attribute (private_cp_payload_t *this,configuration_attribute_t *attribute) +static void add_attribute(private_cp_payload_t *this, + configuration_attribute_t *attribute) { - this->attributes->insert_last(this->attributes,(void *) attribute); + this->attributes->insert_last(this->attributes, attribute); compute_length(this); } /** - * Implementation of cp_payload_t.set_config_type. + * Implementation of cp_payload_t.get_type. */ -static void set_config_type (private_cp_payload_t *this,config_type_t config_type) +static config_type_t get_config_type(private_cp_payload_t *this) { - this->config_type = config_type; -} - -/** - * Implementation of cp_payload_t.get_config_type. - */ -static config_type_t get_config_type (private_cp_payload_t *this) -{ - return this->config_type; + return this->type; } /** @@ -233,7 +225,7 @@ static config_type_t get_config_type (private_cp_payload_t *this) static void destroy(private_cp_payload_t *this) { this->attributes->destroy_offset(this->attributes, - offsetof(configuration_attribute_t, destroy)); + offsetof(configuration_attribute_t, destroy)); free(this); } @@ -243,8 +235,7 @@ static void destroy(private_cp_payload_t *this) cp_payload_t *cp_payload_create() { private_cp_payload_t *this = malloc_thing(private_cp_payload_t); - - /* public interface */ + this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; @@ -252,19 +243,31 @@ cp_payload_t *cp_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.create_attribute_iterator = (iterator_t* (*) (cp_payload_t *)) create_attribute_iterator; - this->public.add_configuration_attribute = (void (*) (cp_payload_t *,configuration_attribute_t *)) add_configuration_attribute; - this->public.set_config_type = (void (*) (cp_payload_t *, config_type_t)) set_config_type; - this->public.get_config_type = (config_type_t (*) (cp_payload_t *)) get_config_type; - this->public.destroy = (void (*) (cp_payload_t *)) destroy; - + + this->public.create_attribute_enumerator = (enumerator_t*(*)(cp_payload_t *))create_attribute_enumerator; + this->public.add_attribute = (void (*) (cp_payload_t *,configuration_attribute_t*))add_attribute; + this->public.get_type = (config_type_t (*) (cp_payload_t *))get_config_type; + this->public.destroy = (void (*)(cp_payload_t *))destroy; + /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = CP_PAYLOAD_HEADER_LENGTH; - this->attributes = linked_list_create(); - return (&(this->public)); + this->type = CFG_REQUEST; + + return &this->public; } + +/* + * Described in header. + */ +cp_payload_t *cp_payload_create_type(config_type_t type) +{ + private_cp_payload_t *this = (private_cp_payload_t*)cp_payload_create(); + + this->type = type; + + return &this->public; +} + diff --git a/src/charon/encoding/payloads/cp_payload.h b/src/charon/encoding/payloads/cp_payload.h index 6ffcca708..c0760885a 100644 --- a/src/charon/encoding/payloads/cp_payload.h +++ b/src/charon/encoding/payloads/cp_payload.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -28,7 +28,7 @@ typedef struct cp_payload_t cp_payload_t; #include <library.h> #include <encoding/payloads/payload.h> #include <encoding/payloads/configuration_attribute.h> -#include <utils/linked_list.h> +#include <utils/enumerator.h> /** * CP_PAYLOAD length in bytes without any proposal substructure. @@ -52,49 +52,38 @@ extern enum_name_t *config_type_names; /** * Class representing an IKEv2-CP Payload. - * + * * The CP Payload format is described in RFC section 3.15. */ struct cp_payload_t { + /** * The payload_t interface. */ payload_t payload_interface; - + /** * Creates an iterator of stored configuration_attribute_t objects. - * - * When deleting an attribute using this iterator, the length of this - * configuration_attribute_t has to be refreshed by calling get_length()! * - * @return created iterator_t object + * @return enumerator over configration_attribute_T */ - iterator_t *(*create_attribute_iterator) (cp_payload_t *this); - - /** - * Adds a configuration_attribute_t object to this object. - * - * The added configuration_attribute_t object is getting destroyed in - * destroy function of cp_payload_t. - * - * @param attribute configuration_attribute_t object to add - */ - void (*add_configuration_attribute) (cp_payload_t *this, configuration_attribute_t *attribute); - + enumerator_t *(*create_attribute_enumerator) (cp_payload_t *this); + /** - * Set the config type. + * Adds a configuration attribute to the configuration payload. * - * @param config_type config_type_t to set + * @param attribute attribute to add */ - void (*set_config_type) (cp_payload_t *this,config_type_t config_type); - + void (*add_attribute)(cp_payload_t *this, + configuration_attribute_t *attribute); + /** - * Get the config type. + * Get the configuration payload type. * - * @return config_type_t + * @return type of configuration payload */ - config_type_t (*get_config_type) (cp_payload_t *this); - + config_type_t (*get_type) (cp_payload_t *this); + /** * Destroys an cp_payload_t object. */ @@ -102,10 +91,18 @@ struct cp_payload_t { }; /** - * Creates an empty cp_payload_t object - * - * @return cp_payload_t object + * Creates an empty configuration payload + * + * @return empty configuration payload + */ +cp_payload_t *cp_payload_create(); + +/** + * Creates an cp_payload_t with type and value + * + * @param type type of configuration payload to create + * @return created configuration payload */ -cp_payload_t *cp_payload_create(void); +cp_payload_t *cp_payload_create_type(config_type_t config_type); #endif /** CP_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/delete_payload.c b/src/charon/encoding/payloads/delete_payload.c index c2be1e8b5..97b4743b2 100644 --- a/src/charon/encoding/payloads/delete_payload.c +++ b/src/charon/encoding/payloads/delete_payload.c @@ -23,14 +23,14 @@ typedef struct private_delete_payload_t private_delete_payload_t; /** * Private data of an delete_payload_t object. - * + * */ struct private_delete_payload_t { /** * Public delete_payload_t interface. */ delete_payload_t public; - + /** * Next payload type. */ @@ -40,12 +40,12 @@ struct private_delete_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Protocol ID. */ @@ -55,36 +55,36 @@ struct private_delete_payload_t { * SPI Size. */ u_int8_t spi_size; - + /** * Number of SPI's. */ u_int16_t spi_count; - + /** * The contained SPI's. */ chunk_t spis; - + /** - * List containing u_int32_t spis + * List containing u_int32_t spis */ linked_list_t *spi_list; }; /** * Encoding rules to parse or generate a DELETE payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_delete_payload_t. - * + * */ encoding_rule_t delete_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_delete_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_delete_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -223,7 +223,7 @@ static void add_spi(private_delete_payload_t *this, u_int32_t spi) static iterator_t* create_spi_iterator(private_delete_payload_t *this) { int i; - + if (this->spi_list == NULL) { this->spi_list = linked_list_create(); @@ -253,7 +253,7 @@ static void destroy(private_delete_payload_t *this) { this->spi_list->destroy(this->spi_list); } - free(this); + free(this); } /* @@ -271,13 +271,13 @@ delete_payload_t *delete_payload_create(protocol_id_t protocol_id) this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (delete_payload_t *)) destroy; this->public.get_protocol_id = (protocol_id_t (*) (delete_payload_t *)) get_protocol_id; this->public.add_spi = (void (*) (delete_payload_t *,u_int32_t))add_spi; this->public.create_spi_iterator = (iterator_t* (*) (delete_payload_t *)) create_spi_iterator; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/delete_payload.h b/src/charon/encoding/payloads/delete_payload.h index 58840741a..3b62c1af1 100644 --- a/src/charon/encoding/payloads/delete_payload.h +++ b/src/charon/encoding/payloads/delete_payload.h @@ -43,21 +43,21 @@ struct delete_payload_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Get the protocol ID. * * @return protocol ID */ protocol_id_t (*get_protocol_id) (delete_payload_t *this); - + /** * Add an SPI to the list of deleted SAs. * * @param spi spi to add */ void (*add_spi) (delete_payload_t *this, u_int32_t spi); - + /** * Get an iterator over the SPIs. * @@ -66,7 +66,7 @@ struct delete_payload_t { * @return iterator over SPIs */ iterator_t *(*create_spi_iterator) (delete_payload_t *this); - + /** * Destroys an delete_payload_t object. */ @@ -75,7 +75,7 @@ struct delete_payload_t { /** * Creates an empty delete_payload_t object. - * + * * @param protocol_id protocol, such as AH|ESP * @return delete_payload_t object */ diff --git a/src/charon/encoding/payloads/eap_payload.c b/src/charon/encoding/payloads/eap_payload.c index 1199bac45..21f34a642 100644 --- a/src/charon/encoding/payloads/eap_payload.c +++ b/src/charon/encoding/payloads/eap_payload.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2010 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -24,14 +24,14 @@ typedef struct private_eap_payload_t private_eap_payload_t; /** * Private data of an eap_payload_t object. - * + * */ struct private_eap_payload_t { /** * Public eap_payload_t interface. */ eap_payload_t public; - + /** * Next payload type. */ @@ -41,12 +41,12 @@ struct private_eap_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * EAP message data, if available */ @@ -55,17 +55,17 @@ struct private_eap_payload_t { /** * Encoding rules to parse or generate a EAP payload. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_eap_payload_t. - * + * */ -encoding_rule_t eap_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ +static encoding_rule_t eap_payload_encodings[] = { + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_eap_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_eap_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -91,27 +91,25 @@ encoding_rule_t eap_payload_encodings[] = { +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+- */ -/** - * Implementation of payload_t.verify. - */ -static status_t verify(private_eap_payload_t *this) +METHOD(payload_t, verify, status_t, + private_eap_payload_t *this) { u_int16_t length; u_int8_t code; - + if (this->data.len < 4) { DBG1(DBG_ENC, "EAP payloads EAP message too short (%d)", this->data.len); return FAILED; } - code = *this->data.ptr; - length = htons(*(u_int16_t*)(this->data.ptr + 2)); + length = untoh16(this->data.ptr + 2); if (this->data.len != length) { - DBG1(DBG_ENC, "EAP payload length (%d) does not match contained message length (%d)", - this->data.len, length); + DBG1(DBG_ENC, "EAP payload length (%d) does not match contained " + "message length (%d)", this->data.len, length); return FAILED; } + code = this->data.ptr[0]; switch (code) { case EAP_REQUEST: @@ -140,119 +138,97 @@ static status_t verify(private_eap_payload_t *this) return SUCCESS; } -/** - * Implementation of eap_payload_t.get_encoding_rules. - */ -static void get_encoding_rules(private_eap_payload_t *this, encoding_rule_t **rules, size_t *rule_count) +METHOD(payload_t, get_encoding_rules, void, + private_eap_payload_t *this, encoding_rule_t **rules, size_t *rule_count) { *rules = eap_payload_encodings; *rule_count = sizeof(eap_payload_encodings) / sizeof(encoding_rule_t); } -/** - * Implementation of payload_t.get_type. - */ -static payload_type_t get_payload_type(private_eap_payload_t *this) +METHOD(payload_t, get_payload_type, payload_type_t, + private_eap_payload_t *this) { return EXTENSIBLE_AUTHENTICATION; } -/** - * Implementation of payload_t.get_next_type. - */ -static payload_type_t get_next_type(private_eap_payload_t *this) +METHOD(payload_t, get_next_type, payload_type_t, + private_eap_payload_t *this) { return (this->next_payload); } -/** - * Implementation of payload_t.set_next_type. - */ -static void set_next_type(private_eap_payload_t *this,payload_type_t type) +METHOD(payload_t, set_next_type, void, + private_eap_payload_t *this, payload_type_t type) { this->next_payload = type; } -/** - * Implementation of payload_t.get_length. - */ -static size_t get_length(private_eap_payload_t *this) +METHOD(payload_t, get_length, size_t, + private_eap_payload_t *this) { return this->payload_length; } -/** - * Implementation of eap_payload_t.get_data. - */ -static chunk_t get_data(private_eap_payload_t *this) +METHOD(eap_payload_t, get_data, chunk_t, + private_eap_payload_t *this) { return this->data; } -/** - * Implementation of eap_payload_t.set_data. - */ -static void set_data(private_eap_payload_t *this, chunk_t data) +METHOD(eap_payload_t, set_data, void, + private_eap_payload_t *this, chunk_t data) { - chunk_free(&this->data); + free(this->data.ptr); this->data = chunk_clone(data); this->payload_length = this->data.len + 4; } -/** - * Implementation of eap_payload_t.get_code. - */ -static eap_code_t get_code(private_eap_payload_t *this) +METHOD(eap_payload_t, get_code, eap_code_t, + private_eap_payload_t *this) { if (this->data.len > 0) { - return *this->data.ptr; + return this->data.ptr[0]; } /* should not happen, as it is verified */ return 0; } -/** - * Implementation of eap_payload_t.get_identifier. - */ -static u_int8_t get_identifier(private_eap_payload_t *this) +METHOD(eap_payload_t, get_identifier, u_int8_t, + private_eap_payload_t *this) { if (this->data.len > 1) { - return *(this->data.ptr + 1); + return this->data.ptr[1]; } /* should not happen, as it is verified */ return 0; } -/** - * Implementation of eap_payload_t.get_type. - */ -static eap_type_t get_type(private_eap_payload_t *this, u_int32_t *vendor) +METHOD(eap_payload_t, get_type, eap_type_t, + private_eap_payload_t *this, u_int32_t *vendor) { eap_type_t type; *vendor = 0; if (this->data.len > 4) { - type = *(this->data.ptr + 4); + type = this->data.ptr[4]; if (type != EAP_EXPANDED) { return type; } if (this->data.len >= 12) { - *vendor = ntohl(*(u_int32_t*)(this->data.ptr + 4)) & 0x00FFFFFF; - return ntohl(*(u_int32_t*)(this->data.ptr + 8)); + *vendor = untoh32(this->data.ptr + 4) & 0x00FFFFFF; + return untoh32(this->data.ptr + 8); } } return 0; } -/** - * Implementation of payload_t.destroy and eap_payload_t.destroy. - */ -static void destroy(private_eap_payload_t *this) +METHOD2(payload_t, eap_payload_t, destroy, void, + private_eap_payload_t *this) { chunk_free(&this->data); free(this); @@ -263,32 +239,30 @@ static void destroy(private_eap_payload_t *this) */ eap_payload_t *eap_payload_create() { - private_eap_payload_t *this = malloc_thing(private_eap_payload_t); - - /* interface functions */ - this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; - this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; - this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; - this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; - this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; - this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (eap_payload_t *)) destroy; - this->public.get_data = (chunk_t (*) (eap_payload_t*))get_data; - this->public.set_data = (void (*) (eap_payload_t *,chunk_t))set_data; - this->public.get_code = (eap_code_t (*) (eap_payload_t*))get_code; - this->public.get_identifier = (u_int8_t (*) (eap_payload_t*))get_identifier; - this->public.get_type = (eap_type_t (*) (eap_payload_t*,u_int32_t*))get_type; - - /* private variables */ - this->critical = FALSE; - this->next_payload = NO_PAYLOAD; - this->payload_length = EAP_PAYLOAD_HEADER_LENGTH; - this->data = chunk_empty; - - return &(this->public); + private_eap_payload_t *this; + + INIT(this, + .public = { + .payload_interface = { + .verify = _verify, + .get_encoding_rules = _get_encoding_rules, + .get_length = _get_length, + .get_next_type = _get_next_type, + .set_next_type = _set_next_type, + .get_type = _get_payload_type, + .destroy = _destroy, + }, + .get_data = _get_data, + .set_data = _set_data, + .get_code = _get_code, + .get_identifier = _get_identifier, + .get_type = _get_type, + .destroy = _destroy, + }, + .next_payload = NO_PAYLOAD, + .payload_length = EAP_PAYLOAD_HEADER_LENGTH, + ); + return &this->public; } /* @@ -297,7 +271,7 @@ eap_payload_t *eap_payload_create() eap_payload_t *eap_payload_create_data(chunk_t data) { eap_payload_t *this = eap_payload_create(); - + this->set_data(this, data); return this; } @@ -307,15 +281,11 @@ eap_payload_t *eap_payload_create_data(chunk_t data) */ eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier) { - eap_payload_t *this = eap_payload_create(); - chunk_t data = chunk_alloca(4); - - *(data.ptr + 0) = code; - *(data.ptr + 1) = identifier; - *(u_int16_t*)(data.ptr + 2) = htons(data.len); - - this->set_data(this, data); - return this; + chunk_t data; + + data = chunk_from_chars(code, identifier, 0, 0); + htoun16(data.ptr + 2, data.len); + return eap_payload_create_data(data); } /* @@ -323,15 +293,10 @@ eap_payload_t *eap_payload_create_code(eap_code_t code, u_int8_t identifier) */ eap_payload_t *eap_payload_create_nak(u_int8_t identifier) { - eap_payload_t *this = eap_payload_create(); - chunk_t data = chunk_alloca(5); - - *(data.ptr + 0) = EAP_RESPONSE; - *(data.ptr + 1) = identifier; - *(u_int16_t*)(data.ptr + 2) = htons(data.len); - *(data.ptr + 4) = EAP_NAK; - - this->set_data(this, data); - return this; + chunk_t data; + + data = chunk_from_chars(EAP_RESPONSE, identifier, 0, 0, EAP_NAK); + htoun16(data.ptr + 2, data.len); + return eap_payload_create_data(data); } diff --git a/src/charon/encoding/payloads/eap_payload.h b/src/charon/encoding/payloads/eap_payload.h index a4d8a38c6..0bde4b15e 100644 --- a/src/charon/encoding/payloads/eap_payload.h +++ b/src/charon/encoding/payloads/eap_payload.h @@ -39,12 +39,12 @@ typedef struct eap_payload_t eap_payload_t; * The EAP payload format is described in RFC section 3.16. */ struct eap_payload_t { - + /** * The payload_t interface. */ payload_t payload_interface; - + /** * Set the contained EAP data. * @@ -54,7 +54,7 @@ struct eap_payload_t { * @param message EAP data */ void (*set_data) (eap_payload_t *this, chunk_t data); - + /** * Get the contained EAP data. * @@ -63,21 +63,21 @@ struct eap_payload_t { * @return EAP data (pointer to internal data) */ chunk_t (*get_data) (eap_payload_t *this); - + /** * Get the EAP code. * * @return EAP message as chunk_t */ eap_code_t (*get_code) (eap_payload_t *this); - + /** * Get the EAP identifier. * * @return unique identifier */ u_int8_t (*get_identifier) (eap_payload_t *this); - + /** * Get the EAP method type. * @@ -85,7 +85,7 @@ struct eap_payload_t { * @return EAP method type, vendor specific if vendor != 0 */ eap_type_t (*get_type) (eap_payload_t *this, u_int32_t *vendor); - + /** * Destroys an eap_payload_t object. */ @@ -109,7 +109,7 @@ eap_payload_t *eap_payload_create_data(chunk_t data); /** * Creates an eap_payload_t object with a code. * - * Could should be either EAP_SUCCESS/EAP_FAILURE, use + * Could should be either EAP_SUCCESS/EAP_FAILURE, use * constructor above otherwise. * * @param code EAP status code diff --git a/src/charon/encoding/payloads/encodings.h b/src/charon/encoding/payloads/encodings.h index 03554f0af..52af4a984 100644 --- a/src/charon/encoding/payloads/encodings.h +++ b/src/charon/encoding/payloads/encodings.h @@ -28,266 +28,266 @@ typedef struct encoding_rule_t encoding_rule_t; #include <library.h> /** - * All different kinds of encoding types. + * All different kinds of encoding types. * - * Each field of an IKEv2-Message (in header or payload) + * Each field of an IKEv2-Message (in header or payload) * which has to be parsed or generated differently has its own * type defined here. * - * Header is parsed like a payload and gets its one payload_id - * from PRIVATE USE space. Also the substructures - * of specific payload types get their own payload_id + * Header is parsed like a payload and gets its one payload_id + * from PRIVATE USE space. Also the substructures + * of specific payload types get their own payload_id * from PRIVATE_USE space. See IKEv2-Draft for more informations. */ enum encoding_type_t { - + /** * Representing a 4 Bit unsigned int value. - * - * + * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 4 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 4 bit forward afterwards. */ U_INT_4, - + /** * Representing a 8 Bit unsigned int value. - * - * + * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 8 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 8 bit forward afterwards. */ U_INT_8, - + /** * Representing a 16 Bit unsigned int value. - * - * + * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * + * The current write position is moved 16 bit forward afterwards. + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 16 bit forward afterwards. */ U_INT_16, - + /** * Representing a 32 Bit unsigned int value. - * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 32 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 32 bit forward afterwards. */ U_INT_32, - + /** * represents a RESERVED_BIT used in FLAG-Bytes. - * - * When generating, the next bit is set to zero and the current write + * + * When generating, the next bit is set to zero and the current write * position is moved one bit forward. * No value is read from the associated data struct. * The current write position is moved 1 bit forward afterwards. - * + * * When parsing, the current read pointer is moved one bit forward. * No value is written to the associated data struct. * The current read pointer is moved 1 bit forward afterwards. */ RESERVED_BIT, - + /** * represents a RESERVED_BYTE. - * - * When generating, the next byte is set to zero and the current write + * + * When generating, the next byte is set to zero and the current write * position is moved one byte forward. * No value is read from the associated data struct. * The current write position is moved 1 byte forward afterwards. - * + * * When parsing, the current read pointer is moved one byte forward. * No value is written to the associated data struct. * The current read pointer is moved 1 byte forward afterwards. */ RESERVED_BYTE, - + /** * Representing a 1 Bit flag. - * - * When generation, the next bit is set to 1 if the associated value - * in the data struct is TRUE, 0 otherwise. The current write position + * + * When generation, the next bit is set to 1 if the associated value + * in the data struct is TRUE, 0 otherwise. The current write position * is moved 1 bit forward afterwards. * - * When parsing, the next bit is read and stored in the associated data - * struct. 0 means FALSE, 1 means TRUE, The current read pointer + * When parsing, the next bit is read and stored in the associated data + * struct. 0 means FALSE, 1 means TRUE, The current read pointer * is moved 1 bit forward afterwards */ FLAG, - + /** * Representating a length field of a payload. - * - * When generating it must be changed from host to network order. + * + * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 16 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 16 bit forward afterwards. */ PAYLOAD_LENGTH, - + /** * Representating a length field of a header. - * - * When generating it must be changed from host to network order. + * + * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 32 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 32 bit forward afterwards. */ HEADER_LENGTH, - + /** * Representating a spi size field. - * - * When generating it must be changed from host to network order. + * + * When generating it must be changed from host to network order. * The value is read from the associated data struct. * The current write position is moved 8 bit forward afterwards. - * + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 8 bit forward afterwards. */ SPI_SIZE, - + /** * Representating a spi field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing SPI_SIZE bytes are read and written into the chunk pointing to. */ SPI, - + /** * Representating a Key Exchange Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ KEY_EXCHANGE_DATA, - + /** * Representating a Notification field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - spi size - 8) bytes are read and written into the chunk pointing to. */ NOTIFICATION_DATA, - + /** * Representating one or more proposal substructures. - * + * * The offset points to a linked_list_t pointer. - * - * When generating the proposal_substructure_t objects are stored + * + * When generating the proposal_substructure_t objects are stored * in the pointed linked_list. - * - * When parsing the parsed proposal_substructure_t objects have + * + * When parsing the parsed proposal_substructure_t objects have * to be stored in the pointed linked_list. - */ + */ PROPOSALS, - + /** * Representating one or more transform substructures. - * + * * The offset points to a linked_list_t pointer. - * - * When generating the transform_substructure_t objects are stored + * + * When generating the transform_substructure_t objects are stored * in the pointed linked_list. - * - * When parsing the parsed transform_substructure_t objects have + * + * When parsing the parsed transform_substructure_t objects have * to be stored in the pointed linked_list. - */ + */ TRANSFORMS, - + /** * Representating one or more Attributes of a transform substructure. - * + * * The offset points to a linked_list_t pointer. - * - * When generating the transform_attribute_t objects are stored + * + * When generating the transform_attribute_t objects are stored * in the pointed linked_list. - * - * When parsing the parsed transform_attribute_t objects have + * + * When parsing the parsed transform_attribute_t objects have * to be stored in the pointed linked_list. - */ + */ TRANSFORM_ATTRIBUTES, /** * Representating one or more Attributes of a configuration payload. - * + * * The offset points to a linked_list_t pointer. - * - * When generating the configuration_attribute_t objects are stored + * + * When generating the configuration_attribute_t objects are stored * in the pointed linked_list. - * - * When parsing the parsed configuration_attribute_t objects have + * + * When parsing the parsed configuration_attribute_t objects have * to be stored in the pointed linked_list. - */ + */ CONFIGURATION_ATTRIBUTES, - + /** - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ CONFIGURATION_ATTRIBUTE_VALUE, - + /** * Representing a 1 Bit flag specifying the format of a transform attribute. - * - * When generation, the next bit is set to 1 if the associated value - * in the data struct is TRUE, 0 otherwise. The current write position + * + * When generation, the next bit is set to 1 if the associated value + * in the data struct is TRUE, 0 otherwise. The current write position * is moved 1 bit forward afterwards. * - * When parsing, the next bit is read and stored in the associated data - * struct. 0 means FALSE, 1 means TRUE, The current read pointer + * When parsing, the next bit is read and stored in the associated data + * struct. 0 means FALSE, 1 means TRUE, The current read pointer * is moved 1 bit forward afterwards. */ ATTRIBUTE_FORMAT, /** - * Representing a 15 Bit unsigned int value used as attribute type + * Representing a 15 Bit unsigned int value used as attribute type * in an attribute transform. - * - * + * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. - * The current write position is moved 15 bit forward afterwards. - * + * The current write position is moved 15 bit forward afterwards. + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 15 bit forward afterwards. @@ -298,11 +298,11 @@ enum encoding_type_t { * Depending on the field of type ATTRIBUTE_FORMAT * this field contains the length or the value of an transform attribute. * Its stored in a 16 unsigned integer field. - * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * + * The current write position is moved 16 bit forward afterwards. + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 16 bit forward afterwards. @@ -312,11 +312,11 @@ enum encoding_type_t { /** * This field contains the length or the value of an configuration attribute. * Its stored in a 16 unsigned integer field. - * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * + * The current write position is moved 16 bit forward afterwards. + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 16 bit forward afterwards. @@ -325,155 +325,155 @@ enum encoding_type_t { /** * Depending on the field of type ATTRIBUTE_FORMAT - * this field is available or missing and so parsed/generated + * this field is available or missing and so parsed/generated * or not parsed/not generated. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing SPI_SIZE bytes are read and written into the chunk pointing to. */ ATTRIBUTE_VALUE, - + /** * Representating one or more Traffic selectors of a TS payload. - * + * * The offset points to a linked_list_t pointer. - * - * When generating the traffic_selector_substructure_t objects are stored + * + * When generating the traffic_selector_substructure_t objects are stored * in the pointed linked_list. - * - * When parsing the parsed traffic_selector_substructure_t objects have + * + * When parsing the parsed traffic_selector_substructure_t objects have * to be stored in the pointed linked_list. - */ + */ TRAFFIC_SELECTORS, - + /** * Representating a Traffic selector type field. - * + * * When generating it must be changed from host to network order. * The value is read from the associated data struct. - * The current write position is moved 16 bit forward afterwards. - * + * The current write position is moved 16 bit forward afterwards. + * * When parsing it must be changed from network to host order. * The value is written to the associated data struct. * The current read pointer is moved 16 bit forward afterwards. */ TS_TYPE, - + /** * Representating an address field in a traffic selector. - * + * * Depending on the last field of type TS_TYPE * this field is either 4 or 16 byte long. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing 4 or 16 bytes are read and written into the chunk pointing to. */ ADDRESS, /** * Representating a Nonce Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ NONCE_DATA, - + /** * Representating a ID Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ ID_DATA, - + /** * Representating a AUTH Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ AUTH_DATA, - + /** * Representating a CERT Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 5) bytes are read and written into the chunk pointing to. */ CERT_DATA, /** * Representating a CERTREQ Data field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 5) bytes are read and written into the chunk pointing to. */ CERTREQ_DATA, - + /** * Representating an EAP message field. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ EAP_DATA, - + /** * Representating the SPIS field in a DELETE payload. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 8) bytes are read and written into the chunk pointing to. */ SPIS, - + /** * Representating the VID DATA field in a VENDOR ID payload. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ VID_DATA, - + /** * Representating the DATA of an unknown payload. - * - * When generating the content of the chunkt pointing to - * is written. - * + * + * When generating the content of the chunkt pointing to + * is written. + * * When parsing (Payload Length - 4) bytes are read and written into the chunk pointing to. */ UNKNOWN_DATA, - + /** * Representating an IKE_SPI field in an IKEv2 Header. - * - * When generating the value of the u_int64_t pointing to - * is written (host and networ order is not changed). - * + * + * When generating the value of the u_int64_t pointing to + * is written (host and networ order is not changed). + * * When parsing 8 bytes are read and written into the u_int64_t pointing to. */ IKE_SPI, - + /** * Representing the encrypted data body of a encryption payload. */ @@ -488,25 +488,25 @@ extern enum_name_t *encoding_type_names; /** * Rule how to en-/decode a payload field. * - * An encoding rule is a mapping of a specific encoding type to + * An encoding rule is a mapping of a specific encoding type to * a location in the data struct where the current field is stored to * or read from. * This rules are used by parser and generator. */ struct encoding_rule_t { - + /** * Encoding type. */ encoding_type_t type; - + /** * Offset in the data struct. - * - * When parsing, data are written to this offset of the + * + * When parsing, data are written to this offset of the * data struct. - * - * When generating, data are read from this offset in the + * + * When generating, data are read from this offset in the * data struct. */ u_int32_t offset; diff --git a/src/charon/encoding/payloads/encryption_payload.c b/src/charon/encoding/payloads/encryption_payload.c index 55a37bb25..389ab09d7 100644 --- a/src/charon/encoding/payloads/encryption_payload.c +++ b/src/charon/encoding/payloads/encryption_payload.c @@ -32,19 +32,19 @@ typedef struct private_encryption_payload_t private_encryption_payload_t; /** * Private data of an encryption_payload_t' Object. - * + * */ struct private_encryption_payload_t { - + /** * Public encryption_payload_t interface. */ encryption_payload_t public; - + /** - * There is no next payload for an encryption payload, + * There is no next payload for an encryption payload, * since encryption payload MUST be the last one. - * next_payload means here the first payload of the + * next_payload means here the first payload of the * contained, encrypted payload. */ u_int8_t next_payload; @@ -53,33 +53,33 @@ struct private_encryption_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload */ u_int16_t payload_length; - + /** * Chunk containing the iv, data, padding, * and (an eventually not calculated) signature. */ chunk_t encrypted; - + /** * Chunk containing the data in decrypted (unpadded) form. */ chunk_t decrypted; - + /** * Signer set by set_signer. */ signer_t *signer; - + /** * Crypter, supplied by encrypt/decrypt */ crypter_t *crypter; - + /** * Contained payloads of this encrpytion_payload. */ @@ -88,10 +88,10 @@ struct private_encryption_payload_t { /** * Encoding rules to parse or generate a IKEv2-Encryption Payload. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_encryption_payload_t. - * + * */ encoding_rule_t encryption_payload_encodings[] = { /* 1 Byte next payload type, stored in the field next_payload */ @@ -170,7 +170,7 @@ static payload_type_t get_next_type(private_encryption_payload_t *this) */ static void set_next_type(private_encryption_payload_t *this, payload_type_t type) { - /* set next type is not allowed, since this payload MUST be the last one + /* set next type is not allowed, since this payload MUST be the last one * and so nothing is done in here*/ } @@ -190,7 +190,7 @@ static void compute_length(private_encryption_payload_t *this) length += current_payload->get_length(current_payload); } iterator->destroy(iterator); - + if (this->crypter && this->signer) { /* append one byte for padding length */ @@ -268,13 +268,13 @@ static void generate(private_encryption_payload_t *this) payload_t *current_payload, *next_payload; generator_t *generator; iterator_t *iterator; - + /* recalculate length before generating */ compute_length(this); - + /* create iterator */ iterator = this->payloads->create_iterator(this->payloads, TRUE); - + /* get first payload */ if (iterator->iterate(iterator, (void**)¤t_payload)) { @@ -289,9 +289,9 @@ static void generate(private_encryption_payload_t *this) iterator->destroy(iterator); return; } - + generator = generator_create(); - + /* build all payload, except last */ while(iterator->iterate(iterator, (void**)&next_payload)) { @@ -300,14 +300,14 @@ static void generate(private_encryption_payload_t *this) current_payload = next_payload; } iterator->destroy(iterator); - + /* build last payload */ current_payload->set_next_type(current_payload, NO_PAYLOAD); generator->generate_payload(generator, current_payload); - + /* free already generated data */ free(this->decrypted.ptr); - + generator->write_to_chunk(generator, &(this->decrypted)); generator->destroy(generator); DBG2(DBG_ENC, "successfully generated content in encryption payload"); @@ -321,13 +321,13 @@ static status_t encrypt(private_encryption_payload_t *this) chunk_t iv, padding, to_crypt, result; rng_t *rng; size_t block_size; - + if (this->signer == NULL || this->crypter == NULL) { DBG1(DBG_ENC, "could not encrypt, signer/crypter not set"); return INVALID_STATE; } - + /* for random data in iv and padding */ rng = lib->crypto->create_rng(lib->crypto, RNG_WEAK); if (!rng) @@ -337,15 +337,15 @@ static status_t encrypt(private_encryption_payload_t *this) } /* build payload chunk */ generate(this); - + DBG2(DBG_ENC, "encrypting payloads"); DBG3(DBG_ENC, "data to encrypt %B", &this->decrypted); - + /* build padding */ block_size = this->crypter->get_block_size(this->crypter); padding.len = block_size - ((this->decrypted.len + 1) % block_size); rng->allocate_bytes(rng, padding.len, &padding); - + /* concatenate payload data, padding, padding len */ to_crypt.len = this->decrypted.len + padding.len + 1; to_crypt.ptr = malloc(to_crypt.len); @@ -353,36 +353,36 @@ static status_t encrypt(private_encryption_payload_t *this) memcpy(to_crypt.ptr, this->decrypted.ptr, this->decrypted.len); memcpy(to_crypt.ptr + this->decrypted.len, padding.ptr, padding.len); *(to_crypt.ptr + to_crypt.len - 1) = padding.len; - + /* build iv */ iv.len = block_size; rng->allocate_bytes(rng, iv.len, &iv); rng->destroy(rng); - + DBG3(DBG_ENC, "data before encryption with padding %B", &to_crypt); - + /* encrypt to_crypt chunk */ free(this->encrypted.ptr); this->crypter->encrypt(this->crypter, to_crypt, iv, &result); free(padding.ptr); free(to_crypt.ptr); - + DBG3(DBG_ENC, "data after encryption %B", &result); - + /* build encrypted result with iv and signature */ this->encrypted.len = iv.len + result.len + this->signer->get_block_size(this->signer); free(this->encrypted.ptr); this->encrypted.ptr = malloc(this->encrypted.len); - + /* fill in result, signature is left out */ memcpy(this->encrypted.ptr, iv.ptr, iv.len); memcpy(this->encrypted.ptr + iv.len, result.ptr, result.len); - + free(result.ptr); free(iv.ptr); DBG3(DBG_ENC, "data after encryption with IV and (invalid) signature %B", &this->encrypted); - + return SUCCESS; } @@ -394,16 +394,16 @@ static status_t parse(private_encryption_payload_t *this) parser_t *parser; status_t status; payload_type_t current_payload_type; - + /* build a parser on the decrypted data */ parser = parser_create(this->decrypted); - + current_payload_type = this->next_payload; /* parse all payloads */ while (current_payload_type != NO_PAYLOAD) { - payload_t *current_payload; - + payload_t *current_payload; + status = parser->parse_payload(parser, current_payload_type, (payload_t**)¤t_payload); if (status != SUCCESS) { @@ -423,7 +423,7 @@ static status_t parse(private_encryption_payload_t *this) /* get next payload type */ current_payload_type = current_payload->get_next_type(current_payload); - + this->payloads->insert_last(this->payloads,current_payload); } parser->destroy(parser); @@ -438,50 +438,50 @@ static status_t decrypt(private_encryption_payload_t *this) { chunk_t iv, concatenated; u_int8_t padding_length; - + DBG2(DBG_ENC, "decrypting encryption payload"); DBG3(DBG_ENC, "data before decryption with IV and (invalid) signature %B", &this->encrypted); - + if (this->signer == NULL || this->crypter == NULL) { DBG1(DBG_ENC, "could not decrypt, no crypter/signer set"); return INVALID_STATE; } - + /* get IV */ iv.len = this->crypter->get_block_size(this->crypter); - + iv.ptr = this->encrypted.ptr; - + /* point concatenated to data + padding + padding_length*/ concatenated.ptr = this->encrypted.ptr + iv.len; concatenated.len = this->encrypted.len - iv.len - this->signer->get_block_size(this->signer); - + /* concatenated must be a multiple of block_size of crypter */ if (concatenated.len < iv.len || concatenated.len % iv.len) { DBG1(DBG_ENC, "could not decrypt, invalid input"); return FAILED; } - + /* free previus data, if any */ free(this->decrypted.ptr); - + DBG3(DBG_ENC, "data before decryption %B", &concatenated); - + this->crypter->decrypt(this->crypter, concatenated, iv, &this->decrypted); DBG3(DBG_ENC, "data after decryption with padding %B", &this->decrypted); - + /* get padding length, sits just bevore signature */ padding_length = *(this->decrypted.ptr + this->decrypted.len - 1); - /* add one byte to the padding length, since the padding_length field is + /* add one byte to the padding length, since the padding_length field is * not included */ padding_length++; this->decrypted.len -= padding_length; - + /* check size again */ if (padding_length > concatenated.len || this->decrypted.len < 0) { @@ -489,7 +489,7 @@ static status_t decrypt(private_encryption_payload_t *this) /* decryption failed :-/ */ return FAILED; } - + /* free padding */ this->decrypted.ptr = realloc(this->decrypted.ptr, this->decrypted.len); DBG3(DBG_ENC, "data after decryption without padding %B", &this->decrypted); @@ -513,13 +513,13 @@ static status_t build_signature(private_encryption_payload_t *this, chunk_t data { chunk_t data_without_sig = data; chunk_t sig; - + if (this->signer == NULL) { DBG1(DBG_ENC, "unable to build signature, no signer set"); return INVALID_STATE; } - + sig.len = this->signer->get_block_size(this->signer); data_without_sig.len -= sig.len; sig.ptr = data.ptr + data_without_sig.len; @@ -535,7 +535,7 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat { chunk_t sig, data_without_sig; bool valid; - + if (this->signer == NULL) { DBG1(DBG_ENC, "unable to verify signature, no signer set"); @@ -549,18 +549,18 @@ static status_t verify_signature(private_encryption_payload_t *this, chunk_t dat return FAILED; } sig.ptr = data.ptr + data.len - sig.len; - + /* verify it */ data_without_sig.len = data.len - sig.len; data_without_sig.ptr = data.ptr; valid = this->signer->verify_signature(this->signer, data_without_sig, sig); - + if (!valid) { DBG1(DBG_ENC, "signature verification failed"); return FAILED; } - + DBG2(DBG_ENC, "signature verification successful"); return SUCCESS; } @@ -582,7 +582,7 @@ static void destroy(private_encryption_payload_t *this) encryption_payload_t *encryption_payload_create() { private_encryption_payload_t *this = malloc_thing(private_encryption_payload_t); - + /* payload_t interface functions */ this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; @@ -591,20 +591,20 @@ encryption_payload_t *encryption_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.create_payload_iterator = (iterator_t * (*) (encryption_payload_t *,bool)) create_payload_iterator; this->public.add_payload = (void (*) (encryption_payload_t *,payload_t *)) add_payload; this->public.remove_first_payload = (status_t (*)(encryption_payload_t*, payload_t **)) remove_first_payload; this->public.get_payload_count = (size_t (*)(encryption_payload_t*)) get_payload_count; - + this->public.encrypt = (status_t (*) (encryption_payload_t *)) encrypt; this->public.decrypt = (status_t (*) (encryption_payload_t *)) decrypt; this->public.set_transforms = (void (*) (encryption_payload_t*,crypter_t*,signer_t*)) set_transforms; this->public.build_signature = (status_t (*) (encryption_payload_t*, chunk_t)) build_signature; this->public.verify_signature = (status_t (*) (encryption_payload_t*, chunk_t)) verify_signature; this->public.destroy = (void (*) (encryption_payload_t *)) destroy; - + /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -614,6 +614,6 @@ encryption_payload_t *encryption_payload_create() this->signer = NULL; this->crypter = NULL; this->payloads = linked_list_create(); - + return (&(this->public)); } diff --git a/src/charon/encoding/payloads/encryption_payload.h b/src/charon/encoding/payloads/encryption_payload.h index 3b94587ec..ac5326b87 100644 --- a/src/charon/encoding/payloads/encryption_payload.h +++ b/src/charon/encoding/payloads/encryption_payload.h @@ -39,7 +39,7 @@ typedef struct encryption_payload_t encryption_payload_t; /** * The encryption payload as described in RFC section 3.14. * - * Before any crypt/decrypt/sign/verify operation can occur, + * Before any crypt/decrypt/sign/verify operation can occur, * the transforms must be set. After that, a parsed encryption payload * can be decrypted, which also will parse the contained payloads. * Encryption is done the same way, added payloads will get generated @@ -54,24 +54,24 @@ struct encryption_payload_t { * Implements payload_t interface. */ payload_t payload_interface; - + /** * Creates an iterator for all contained payloads. - * + * * iterator_t object has to get destroyed by the caller. * * @param forward iterator direction (TRUE: front to end) * return created iterator_t object */ iterator_t *(*create_payload_iterator) (encryption_payload_t *this, bool forward); - + /** * Adds a payload to this encryption payload. * * @param payload payload_t object to add */ void (*add_payload) (encryption_payload_t *this, payload_t *payload); - + /** * Reove the last payload in the contained payload list. * @@ -81,20 +81,20 @@ struct encryption_payload_t { * - NOT_FOUND if list empty */ status_t (*remove_first_payload) (encryption_payload_t *this, payload_t **payload); - + /** * Get the number of payloads. * * @return number of contained payloads */ size_t (*get_payload_count) (encryption_payload_t *this); - + /** * Set transforms to use. - * + * * To decryption, encryption, signature building and verifying, * the payload needs a crypter and a signer object. - * + * * @warning Do NOT call this function again after encryption, since * the signer must be the same while encrypting and signature building! * @@ -102,10 +102,10 @@ struct encryption_payload_t { * @param signer signer_t to use for data signing/verifying */ void (*set_transforms) (encryption_payload_t *this, crypter_t *crypter, signer_t *signer); - + /** * Generate and encrypt contained payloads. - * + * * This function generates the content for added payloads * and encrypts them. Signature is not built, since we need * additional data (the full message). @@ -113,11 +113,11 @@ struct encryption_payload_t { * @return SUCCESS, or INVALID_STATE if transforms not set */ status_t (*encrypt) (encryption_payload_t *this); - + /** * Decrypt and parse contained payloads. - * - * This function decrypts the contained data. After, + * + * This function decrypts the contained data. After, * the payloads are parsed internally and are accessible * via the iterator. * @@ -127,29 +127,29 @@ struct encryption_payload_t { * - FAILED if data is invalid */ status_t (*decrypt) (encryption_payload_t *this); - + /** * Build the signature. - * + * * The signature is built over the FULL message, so the header * and every payload (inclusive this one) must already be generated. * The generated message is supplied via the data paramater. - * + * * @param data chunk contains the already generated message * @return * - SUCCESS, or * - INVALID_STATE if transforms not set */ status_t (*build_signature) (encryption_payload_t *this, chunk_t data); - + /** * Verify the signature. - * + * * Since the signature is built over the full message, we need * this data to do the verification. The message data * is supplied via the data argument. - * - * @param data chunk contains the message + * + * @param data chunk contains the message * @return * - SUCCESS, or * - FAILED if signature invalid, or @@ -165,7 +165,7 @@ struct encryption_payload_t { /** * Creates an empty encryption_payload_t object. - * + * * @return encryption_payload_t object */ encryption_payload_t *encryption_payload_create(void); diff --git a/src/charon/encoding/payloads/endpoint_notify.c b/src/charon/encoding/payloads/endpoint_notify.c index c30d29942..faec1ea71 100644 --- a/src/charon/encoding/payloads/endpoint_notify.c +++ b/src/charon/encoding/payloads/endpoint_notify.c @@ -23,34 +23,33 @@ typedef struct private_endpoint_notify_t private_endpoint_notify_t; /** * Private data of an notify_payload_t object. - * */ struct private_endpoint_notify_t { /** * Public endpoint_notify_t interface. */ endpoint_notify_t public; - + /** * Priority */ u_int32_t priority; - + /** * Family */ me_endpoint_family_t family; - + /** * Endpoint type */ me_endpoint_type_t type; - + /** * Endpoint */ host_t *endpoint; - + /** * Base (used for server reflexive endpoints) */ @@ -65,7 +64,7 @@ struct private_endpoint_notify_t { +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ! Family ! Type ! Port ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ - ! IP Address (variable) + ! IP Address (variable) ! +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ */ @@ -122,9 +121,9 @@ static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t chunk_t addr; u_int8_t *cur = data.ptr; u_int8_t *top = data.ptr + data.len; - + DBG3(DBG_IKE, "me_endpoint_data %B", &data); - + if (parse_uint32(&cur, top, &this->priority) != SUCCESS) { DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid priority"); @@ -136,20 +135,19 @@ static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid family"); return FAILED; } - this->family = (me_endpoint_family_t)family; - - if (parse_uint8(&cur, top, &type) != SUCCESS || type >= MAX_TYPE) + + if (parse_uint8(&cur, top, &type) != SUCCESS || + type == NO_TYPE || type >= MAX_TYPE) { DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid type"); return FAILED; } - this->type = (me_endpoint_type_t)type; - + addr_family = AF_INET; addr.len = 4; - + switch(this->family) { case IPv6: @@ -160,24 +158,23 @@ static status_t parse_notification_data(private_endpoint_notify_t *this, chunk_t if (parse_uint16(&cur, top, &port) != SUCCESS) { DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid port"); - return FAILED; + return FAILED; } - + if (cur + addr.len > top) { DBG1(DBG_IKE, "failed to parse ME_ENDPOINT: invalid IP address"); return FAILED; } - + addr.ptr = cur; - this->endpoint = host_create_from_chunk(addr_family, addr, port); break; case NO_FAMILY: default: this->endpoint = NULL; break; - } + } return SUCCESS; } @@ -192,14 +189,14 @@ static chunk_t build_notification_data(private_endpoint_notify_t *this) u_int32_t prio; u_int16_t port; u_int8_t family, type; - + prio = htonl(this->priority); prio_chunk = chunk_from_thing(prio); family = this->family; family_chunk = chunk_from_thing(family); type = this->type; type_chunk = chunk_from_thing(type); - + if (this->endpoint) { port = htons(this->endpoint->get_port(this->endpoint)); @@ -208,15 +205,14 @@ static chunk_t build_notification_data(private_endpoint_notify_t *this) else { port = 0; - addr_chunk = chunk_empty; + addr_chunk = chunk_empty; } port_chunk = chunk_from_thing(port); - + /* data = prio | family | type | port | addr */ data = chunk_cat("ccccc", prio_chunk, family_chunk, type_chunk, - port_chunk, addr_chunk); + port_chunk, addr_chunk); DBG3(DBG_IKE, "me_endpoint_data %B", &data); - return data; } @@ -226,14 +222,14 @@ static chunk_t build_notification_data(private_endpoint_notify_t *this) static notify_payload_t *build_notify(private_endpoint_notify_t *this) { chunk_t data; - notify_payload_t *notify; - + notify_payload_t *notify; + notify = notify_payload_create(); notify->set_notify_type(notify, ME_ENDPOINT); data = build_notification_data(this); notify->set_notification_data(notify, data); chunk_free(&data); - + return notify; } @@ -291,7 +287,7 @@ static host_t *get_base(private_endpoint_notify_t *this) static endpoint_notify_t *_clone(private_endpoint_notify_t *this) { private_endpoint_notify_t *clone = (private_endpoint_notify_t*)endpoint_notify_create(); - + clone->priority = this->priority; clone->type = this->type; clone->family = this->family; @@ -299,12 +295,12 @@ static endpoint_notify_t *_clone(private_endpoint_notify_t *this) { clone->endpoint = this->endpoint->clone(this->endpoint); } - + if (this->base) { clone->base = this->base->clone(this->base); } - + return &clone->public; } @@ -336,14 +332,14 @@ endpoint_notify_t *endpoint_notify_create() this->public.build_notify = (notify_payload_t *(*) (endpoint_notify_t *)) build_notify; this->public.clone = (endpoint_notify_t *(*) (endpoint_notify_t *)) _clone; this->public.destroy = (void (*) (endpoint_notify_t *)) destroy; - + /* set default values of the fields */ this->priority = 0; this->family = NO_FAMILY; this->type = NO_TYPE; this->endpoint = NULL; this->base = NULL; - + return &this->public; } @@ -353,34 +349,34 @@ endpoint_notify_t *endpoint_notify_create() endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, host_t *host, host_t *base) { private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); - + this->type = type; - + switch(type) { case HOST: - this->priority = pow(2, 16) * ME_PRIO_HOST; + this->priority = pow(2, 16) * ME_PRIO_HOST; break; case PEER_REFLEXIVE: - this->priority = pow(2, 16) * ME_PRIO_PEER; + this->priority = pow(2, 16) * ME_PRIO_PEER; break; case SERVER_REFLEXIVE: - this->priority = pow(2, 16) * ME_PRIO_SERVER; + this->priority = pow(2, 16) * ME_PRIO_SERVER; break; case RELAYED: default: - this->priority = pow(2, 16) * ME_PRIO_RELAY; + this->priority = pow(2, 16) * ME_PRIO_RELAY; break; } - + /* FIXME: if there is more than one ip address we should vary this priority */ this->priority += 65535; - + if (!host) { return &this->public; } - + switch(host->get_family(host)) { case AF_INET: @@ -394,14 +390,14 @@ endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, hos * (family is set to NO_FAMILY) */ return &this->public; } - + this->endpoint = host->clone(host); - + if (base) { this->base = base->clone(base); } - + return &this->public; } @@ -414,7 +410,7 @@ endpoint_notify_t *endpoint_notify_create_from_payload(notify_payload_t *notify) { return NULL; } - + private_endpoint_notify_t *this = (private_endpoint_notify_t*)endpoint_notify_create(); chunk_t data = notify->get_notification_data(notify); if (parse_notification_data(this, data) != SUCCESS) diff --git a/src/charon/encoding/payloads/endpoint_notify.h b/src/charon/encoding/payloads/endpoint_notify.h index 66aabc683..120eef49a 100644 --- a/src/charon/encoding/payloads/endpoint_notify.h +++ b/src/charon/encoding/payloads/endpoint_notify.h @@ -36,34 +36,34 @@ typedef struct endpoint_notify_t endpoint_notify_t; * ME endpoint families. */ enum me_endpoint_family_t { - + NO_FAMILY = 0, - + IPv4 = 1, - + IPv6 = 2, - + MAX_FAMILY = 3 - + }; /** * ME endpoint types. */ enum me_endpoint_type_t { - + NO_TYPE = 0, - + HOST = 1, - + PEER_REFLEXIVE = 2, - + SERVER_REFLEXIVE = 3, - + RELAYED = 4, - + MAX_TYPE = 5 - + }; /** @@ -79,52 +79,52 @@ extern enum_name_t *me_endpoint_type_names; struct endpoint_notify_t { /** * Returns the priority of this endpoint. - * + * * @return priority */ u_int32_t (*get_priority) (endpoint_notify_t *this); - + /** * Sets the priority of this endpoint. - * + * * @param priority priority */ void (*set_priority) (endpoint_notify_t *this, u_int32_t priority); - + /** * Returns the endpoint type of this endpoint. - * + * * @return endpoint type */ me_endpoint_type_t (*get_type) (endpoint_notify_t *this); - + /** * Returns the endpoint family of this endpoint. - * + * * @return endpoint family */ me_endpoint_family_t (*get_family) (endpoint_notify_t *this); - + /** * Returns the host of this endpoint. - * + * * @return host */ host_t *(*get_host) (endpoint_notify_t *this); - + /** * Returns the base of this endpoint. - * + * * If this is not a SERVER_REFLEXIVE endpoint, the returned host is the same * as the one returned by get_host. - * + * * @return host */ host_t *(*get_base) (endpoint_notify_t *this); - + /** - * Generates a notification payload from this endpoint. - * + * Generates a notification payload from this endpoint. + * * @return built notify_payload_t */ notify_payload_t *(*build_notify) (endpoint_notify_t *this); @@ -135,7 +135,7 @@ struct endpoint_notify_t { * @return cloned object */ endpoint_notify_t *(*clone) (endpoint_notify_t *this); - + /** * Destroys an endpoint_notify_t object. */ @@ -144,7 +144,7 @@ struct endpoint_notify_t { /** * Creates an empty endpoint_notify_t object. - * + * * @return created endpoint_notify_t object */ endpoint_notify_t *endpoint_notify_create(void); @@ -152,7 +152,7 @@ endpoint_notify_t *endpoint_notify_create(void); /** * Creates an endpoint_notify_t object from a host. - * + * * @param type the endpoint type * @param host host to base the notify on (gets cloned) * @param base base of the endpoint, applies only to reflexive endpoints (gets cloned) @@ -163,7 +163,7 @@ endpoint_notify_t *endpoint_notify_create_from_host(me_endpoint_type_t type, /** * Creates an endpoint_notify_t object from a notify payload. - * + * * @param notify the notify payload * @return - created endpoint_notify_t object * - NULL if invalid payload diff --git a/src/charon/encoding/payloads/id_payload.c b/src/charon/encoding/payloads/id_payload.c index 4a527cb24..4158c3e07 100644 --- a/src/charon/encoding/payloads/id_payload.c +++ b/src/charon/encoding/payloads/id_payload.c @@ -27,19 +27,19 @@ typedef struct private_id_payload_t private_id_payload_t; /** * Private data of an id_payload_t object. - * + * */ struct private_id_payload_t { /** * Public id_payload_t interface. */ id_payload_t public; - + /** * one of ID_INITIATOR, ID_RESPONDER */ payload_type_t payload_type; - + /** * Next payload type. */ @@ -49,17 +49,17 @@ struct private_id_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Type of the ID Data. */ u_int8_t id_type; - + /** * The contained id data value. */ @@ -68,17 +68,17 @@ struct private_id_payload_t { /** * Encoding rules to parse or generate a ID payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_id_payload_t. - * + * */ encoding_rule_t id_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_id_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_id_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -88,8 +88,8 @@ encoding_rule_t id_payload_encodings[] = { { RESERVED_BIT, 0 }, /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_id_payload_t, payload_length) }, - /* 1 Byte ID type*/ - { U_INT_8, offsetof(private_id_payload_t, id_type) }, + /* 1 Byte ID type*/ + { U_INT_8, offsetof(private_id_payload_t, id_type) }, /* 3 reserved bytes */ { RESERVED_BYTE, 0 }, { RESERVED_BYTE, 0 }, @@ -126,7 +126,7 @@ static status_t verify(private_id_payload_t *this) DBG1(DBG_ENC, "received ID with reserved type %d", this->id_type); return FAILED; } - + return SUCCESS; } @@ -242,7 +242,7 @@ static void destroy(private_id_payload_t *this) { chunk_free(&(this->id_data)); } - free(this); + free(this); } /* @@ -260,7 +260,7 @@ id_payload_t *id_payload_create(payload_type_t payload_type) this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (id_payload_t *)) destroy; this->public.set_id_type = (void (*) (id_payload_t *,id_type_t)) set_id_type; @@ -268,7 +268,7 @@ id_payload_t *id_payload_create(payload_type_t payload_type) this->public.set_data = (void (*) (id_payload_t *,chunk_t)) set_data; this->public.get_data = (chunk_t (*) (id_payload_t *)) get_data; this->public.get_data_clone = (chunk_t (*) (id_payload_t *)) get_data_clone; - + this->public.get_identification = (identification_t * (*) (id_payload_t *this)) get_identification; /* private variables */ diff --git a/src/charon/encoding/payloads/id_payload.h b/src/charon/encoding/payloads/id_payload.h index 555b1324b..5502dc961 100644 --- a/src/charon/encoding/payloads/id_payload.h +++ b/src/charon/encoding/payloads/id_payload.h @@ -51,35 +51,35 @@ struct id_payload_t { * @param type Type of ID */ void (*set_id_type) (id_payload_t *this, id_type_t type); - + /** * Get the ID type. * - * @return type of the ID + * @return type of the ID */ id_type_t (*get_id_type) (id_payload_t *this); - + /** * Set the ID data. - * + * * Data are getting cloned. * * @param data ID data as chunk_t */ void (*set_data) (id_payload_t *this, chunk_t data); - + /** * Get the ID data. - * + * * Returned data are a copy of the internal one * * @return ID data as chunk_t */ chunk_t (*get_data_clone) (id_payload_t *this); - + /** * Get the ID data. - * + * * Returned data are NOT copied. * * @return ID data as chunk_t @@ -88,13 +88,13 @@ struct id_payload_t { /** * Creates an identification object of this id payload. - * + * * Returned object has to get destroyed by the caller. * - * @return identification_t object + * @return identification_t object */ identification_t *(*get_identification) (id_payload_t *this); - + /** * Destroys an id_payload_t object. */ @@ -103,7 +103,7 @@ struct id_payload_t { /** * Creates an empty id_payload_t object. - * + * * @param payload_type one of ID_INITIATOR, ID_RESPONDER * @return id_payload_t object */ @@ -111,7 +111,7 @@ id_payload_t *id_payload_create(payload_type_t payload_type); /** * Creates an id_payload_t from an existing identification_t object. - * + * * @param payload_type one of ID_INITIATOR, ID_RESPONDER * @param identification identification_t object * @return id_payload_t object diff --git a/src/charon/encoding/payloads/ike_header.c b/src/charon/encoding/payloads/ike_header.c index d27bfb82c..735f01304 100644 --- a/src/charon/encoding/payloads/ike_header.c +++ b/src/charon/encoding/payloads/ike_header.c @@ -27,14 +27,13 @@ typedef struct private_ike_header_t private_ike_header_t; /** * Private data of an ike_header_t object. - * */ struct private_ike_header_t { /** * Public interface. */ ike_header_t public; - + /** * SPI of the initiator. */ @@ -56,19 +55,18 @@ struct private_ike_header_t { /** * IKE minor version. - */ + */ u_int8_t min_version; /** * Exchange type . - */ + */ u_int8_t exchange_type; - + /** * Flags of the Message. - * */ - struct { + struct { /** * Sender is initiator of the associated IKE_SA_INIT-Exchange. */ @@ -89,11 +87,11 @@ struct private_ike_header_t { * Associated Message-ID. */ u_int32_t message_id; - + /** * Length of the whole IKEv2-Message (header and all payloads). */ - u_int32_t length; + u_int32_t length; }; ENUM_BEGIN(exchange_type_names, EXCHANGE_TYPE_UNDEFINED, EXCHANGE_TYPE_UNDEFINED, @@ -113,38 +111,37 @@ ENUM_END(exchange_type_names, INFORMATIONAL); /** * Encoding rules to parse or generate a IKEv2-Header. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * ike_header_t. - * */ encoding_rule_t ike_header_encodings[] = { - /* 8 Byte SPI, stored in the field initiator_spi */ + /* 8 Byte SPI, stored in the field initiator_spi */ { IKE_SPI, offsetof(private_ike_header_t, initiator_spi) }, - /* 8 Byte SPI, stored in the field responder_spi */ + /* 8 Byte SPI, stored in the field responder_spi */ { IKE_SPI, offsetof(private_ike_header_t, responder_spi) }, - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_ike_header_t, next_payload) }, - /* 4 Bit major version, stored in the field maj_version */ + /* 4 Bit major version, stored in the field maj_version */ { U_INT_4, offsetof(private_ike_header_t, maj_version) }, - /* 4 Bit minor version, stored in the field min_version */ + /* 4 Bit minor version, stored in the field min_version */ { U_INT_4, offsetof(private_ike_header_t, min_version) }, /* 8 Bit for the exchange type */ { U_INT_8, offsetof(private_ike_header_t, exchange_type) }, - /* 2 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - /* 3 Bit flags, stored in the fields response, version and initiator */ - { FLAG, offsetof(private_ike_header_t, flags.response) }, + /* 2 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + /* 3 Bit flags, stored in the fields response, version and initiator */ + { FLAG, offsetof(private_ike_header_t, flags.response) }, { FLAG, offsetof(private_ike_header_t, flags.version) }, { FLAG, offsetof(private_ike_header_t, flags.initiator) }, - /* 3 Bit reserved bits, nowhere stored */ + /* 3 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, - /* 4 Byte message id, stored in the field message_id */ + /* 4 Byte message id, stored in the field message_id */ { U_INT_32, offsetof(private_ike_header_t, message_id) }, - /* 4 Byte length fied, stored in the field length */ + /* 4 Byte length fied, stored in the field length */ { HEADER_LENGTH, offsetof(private_ike_header_t, length) } }; @@ -194,9 +191,9 @@ static status_t verify(private_ike_header_t *this) /* initiator spi not set */ return FAILED; } - + /* verification of version is not done in here */ - + return SUCCESS; } @@ -212,7 +209,7 @@ static void set_next_type(payload_t *this,payload_type_t type) */ static u_int64_t get_initiator_spi(private_ike_header_t *this) { - return this->initiator_spi; + return this->initiator_spi; } /** @@ -228,7 +225,7 @@ static void set_initiator_spi(private_ike_header_t *this, u_int64_t initiator_sp */ static u_int64_t get_responder_spi(private_ike_header_t *this) { - return this->responder_spi; + return this->responder_spi; } /** @@ -244,7 +241,7 @@ static void set_responder_spi(private_ike_header_t *this, u_int64_t responder_sp */ static u_int8_t get_maj_version(private_ike_header_t *this) { - return this->maj_version; + return this->maj_version; } /** @@ -252,7 +249,7 @@ static u_int8_t get_maj_version(private_ike_header_t *this) */ static u_int8_t get_min_version(private_ike_header_t *this) { - return this->min_version; + return this->min_version; } /** @@ -260,7 +257,7 @@ static u_int8_t get_min_version(private_ike_header_t *this) */ static bool get_response_flag(private_ike_header_t *this) { - return this->flags.response; + return this->flags.response; } /** @@ -268,7 +265,7 @@ static bool get_response_flag(private_ike_header_t *this) */ static void set_response_flag(private_ike_header_t *this, bool response) { - this->flags.response = response; + this->flags.response = response; } /** @@ -276,7 +273,7 @@ static void set_response_flag(private_ike_header_t *this, bool response) */ static bool get_version_flag(private_ike_header_t *this) { - return this->flags.version; + return this->flags.version; } /** @@ -284,7 +281,7 @@ static bool get_version_flag(private_ike_header_t *this) */ static bool get_initiator_flag(private_ike_header_t *this) { - return this->flags.initiator; + return this->flags.initiator; } /** @@ -292,7 +289,7 @@ static bool get_initiator_flag(private_ike_header_t *this) */ static void set_initiator_flag(private_ike_header_t *this, bool initiator) { - this->flags.initiator = initiator; + this->flags.initiator = initiator; } /** @@ -300,7 +297,7 @@ static void set_initiator_flag(private_ike_header_t *this, bool initiator) */ static u_int8_t get_exchange_type(private_ike_header_t *this) { - return this->exchange_type; + return this->exchange_type; } /** @@ -308,7 +305,7 @@ static u_int8_t get_exchange_type(private_ike_header_t *this) */ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type) { - this->exchange_type = exchange_type; + this->exchange_type = exchange_type; } /** @@ -317,7 +314,7 @@ static void set_exchange_type(private_ike_header_t *this, u_int8_t exchange_type */ static u_int32_t get_message_id(private_ike_header_t *this) { - return this->message_id; + return this->message_id; } /** @@ -375,7 +372,7 @@ static size_t get_length(payload_t *this) ike_header_t *ike_header_create() { private_ike_header_t *this = malloc_thing(private_ike_header_t); - + this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = get_encoding_rules; this->public.payload_interface.get_length = get_length; @@ -384,7 +381,7 @@ ike_header_t *ike_header_create() this->public.payload_interface.get_type = get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; this->public.destroy = destroy; - + this->public.get_initiator_spi = (u_int64_t (*) (ike_header_t*))get_initiator_spi; this->public.set_initiator_spi = (void (*) (ike_header_t*,u_int64_t))set_initiator_spi; this->public.get_responder_spi = (u_int64_t (*) (ike_header_t*))get_responder_spi; @@ -400,7 +397,7 @@ ike_header_t *ike_header_create() this->public.set_exchange_type = (void (*) (ike_header_t*,u_int8_t))set_exchange_type; this->public.get_message_id = (u_int32_t (*) (ike_header_t*))get_message_id; this->public.set_message_id = (void (*) (ike_header_t*,u_int32_t))set_message_id; - + /* set default values of the fields */ this->initiator_spi = 0; this->responder_spi = 0; @@ -413,6 +410,6 @@ ike_header_t *ike_header_create() this->flags.response = FALSE; this->message_id = 0; this->length = IKE_HEADER_LENGTH; - + return (ike_header_t*)this; } diff --git a/src/charon/encoding/payloads/ike_header.h b/src/charon/encoding/payloads/ike_header.h index 8de316d19..e63e8bf06 100644 --- a/src/charon/encoding/payloads/ike_header.h +++ b/src/charon/encoding/payloads/ike_header.h @@ -60,7 +60,7 @@ enum exchange_type_t{ * EXCHANGE_TYPE_UNDEFINED. In private space, since not a official message type. */ EXCHANGE_TYPE_UNDEFINED = 255, - + /** * IKE_SA_INIT. */ @@ -94,11 +94,11 @@ enum exchange_type_t{ extern enum_name_t *exchange_type_names; /** - * An object of this type represents an IKEv2 header and is used to + * An object of this type represents an IKEv2 header and is used to * generate and parse IKEv2 headers. - * - * The header format of an IKEv2-Message is compatible to the - * ISAKMP-Header format to allow implementations supporting + * + * The header format of an IKEv2-Message is compatible to the + * ISAKMP-Header format to allow implementations supporting * both versions of the IKE-protocol. */ struct ike_header_t { @@ -106,61 +106,60 @@ struct ike_header_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Get the initiator spi. * * @return initiator_spi */ u_int64_t (*get_initiator_spi) (ike_header_t *this); - + /** * Set the initiator spi. * * @param initiator_spi initiator_spi */ void (*set_initiator_spi) (ike_header_t *this, u_int64_t initiator_spi); - + /** * Get the responder spi. * * @return responder_spi */ u_int64_t (*get_responder_spi) (ike_header_t *this); - + /** * Set the responder spi. * * @param responder_spi responder_spi */ void (*set_responder_spi) (ike_header_t *this, u_int64_t responder_spi); - + /** * Get the major version. * * @return major version */ u_int8_t (*get_maj_version) (ike_header_t *this); - + /** * Get the minor version. * * @return minor version */ u_int8_t (*get_min_version) (ike_header_t *this); - + /** * Get the response flag. * * @return response flag */ bool (*get_response_flag) (ike_header_t *this); - + /** * Set the response flag- * * @param response response flag - * */ void (*set_response_flag) (ike_header_t *this, bool response); /** @@ -169,14 +168,14 @@ struct ike_header_t { * @return version flag */ bool (*get_version_flag) (ike_header_t *this); - + /** * Get the initiator flag. * * @return initiator flag */ bool (*get_initiator_flag) (ike_header_t *this); - + /** * Set the initiator flag. * @@ -190,28 +189,28 @@ struct ike_header_t { * @return exchange type */ u_int8_t (*get_exchange_type) (ike_header_t *this); - + /** * Set the exchange type. * * @param exchange_type exchange type */ void (*set_exchange_type) (ike_header_t *this, u_int8_t exchange_type); - + /** * Get the message id. * * @return message id */ u_int32_t (*get_message_id) (ike_header_t *this); - + /** * Set the message id. * * @param initiator_spi message id */ void (*set_message_id) (ike_header_t *this, u_int32_t message_id); - + /** * Destroys a ike_header_t object. */ @@ -220,7 +219,7 @@ struct ike_header_t { /** * Create an ike_header_t object - * + * * @return ike_header_t object */ ike_header_t *ike_header_create(void); diff --git a/src/charon/encoding/payloads/ke_payload.c b/src/charon/encoding/payloads/ke_payload.c index aa3e075ca..1bc79f084 100644 --- a/src/charon/encoding/payloads/ke_payload.c +++ b/src/charon/encoding/payloads/ke_payload.c @@ -25,14 +25,14 @@ typedef struct private_ke_payload_t private_ke_payload_t; /** * Private data of an ke_payload_t object. - * + * */ struct private_ke_payload_t { /** * Public ke_payload_t interface. */ ke_payload_t public; - + /** * Next payload type. */ @@ -42,17 +42,17 @@ struct private_ke_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * DH Group Number. */ u_int16_t dh_group_number; - + /** * Key Exchange Data of this KE payload. */ @@ -61,30 +61,30 @@ struct private_ke_payload_t { /** * Encoding rules to parse or generate a IKEv2-KE Payload. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_ke_payload_t. - * + * */ encoding_rule_t ke_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_ke_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_ke_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { FLAG, offsetof(private_ke_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_ke_payload_t, payload_length) }, + { PAYLOAD_LENGTH, offsetof(private_ke_payload_t, payload_length) }, /* DH Group number as 16 bit field*/ { U_INT_16, offsetof(private_ke_payload_t, dh_group_number) }, - { RESERVED_BYTE, 0 }, - { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, /* Key Exchange Data is from variable size */ { KEY_EXCHANGE_DATA, offsetof(private_ke_payload_t, key_exchange_data)} }; @@ -166,7 +166,7 @@ static void compute_length(private_ke_payload_t *this) if (this->key_exchange_data.ptr != NULL) { length += this->key_exchange_data.len; - } + } this->payload_length = length; } @@ -199,9 +199,9 @@ static void set_key_exchange_data(private_ke_payload_t *this, chunk_t key_exchan free(this->key_exchange_data.ptr); this->key_exchange_data.ptr = NULL; this->key_exchange_data.len = 0; - + } - + this->key_exchange_data = chunk_clone(key_exchange_data); compute_length(this); } @@ -244,7 +244,7 @@ ke_payload_t *ke_payload_create() this->public.get_dh_group_number = (diffie_hellman_group_t (*) (ke_payload_t *)) get_dh_group_number; this->public.set_dh_group_number =(void (*) (ke_payload_t *,diffie_hellman_group_t)) set_dh_group_number; this->public.destroy = (void (*) (ke_payload_t *)) destroy; - + /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -261,10 +261,10 @@ ke_payload_t *ke_payload_create() ke_payload_t *ke_payload_create_from_diffie_hellman(diffie_hellman_t *dh) { private_ke_payload_t *this = (private_ke_payload_t*)ke_payload_create(); - + dh->get_my_public_value(dh, &this->key_exchange_data); this->dh_group_number = dh->get_dh_group(dh); compute_length(this); - + return &this->public; } diff --git a/src/charon/encoding/payloads/ke_payload.h b/src/charon/encoding/payloads/ke_payload.h index 7e182d970..3ca05009e 100644 --- a/src/charon/encoding/payloads/ke_payload.h +++ b/src/charon/encoding/payloads/ke_payload.h @@ -45,38 +45,38 @@ struct ke_payload_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Returns the currently set key exchange data of this KE payload. - * + * * @warning Returned data are not copied. - * + * * @return chunk_t pointing to the value */ chunk_t (*get_key_exchange_data) (ke_payload_t *this); - + /** * Sets the key exchange data of this KE payload. - * + * * Value is getting copied. - * + * * @param key_exchange_data chunk_t pointing to the value to set */ void (*set_key_exchange_data) (ke_payload_t *this, chunk_t key_exchange_data); /** * Gets the Diffie-Hellman Group Number of this KE payload. - * + * * @return DH Group Number of this payload */ diffie_hellman_group_t (*get_dh_group_number) (ke_payload_t *this); /** * Sets the Diffie-Hellman Group Number of this KE payload. - * + * * @param dh_group_number DH Group to set */ - void (*set_dh_group_number) (ke_payload_t *this, + void (*set_dh_group_number) (ke_payload_t *this, diffie_hellman_group_t dh_group_number); /** @@ -87,14 +87,14 @@ struct ke_payload_t { /** * Creates an empty ke_payload_t object - * + * * @return ke_payload_t object */ ke_payload_t *ke_payload_create(void); /** * Creates a ke_payload_t from a diffie_hellman_t - * + * * @param diffie_hellman diffie hellman object containing group and key * @return ke_payload_t object */ diff --git a/src/charon/encoding/payloads/nonce_payload.c b/src/charon/encoding/payloads/nonce_payload.c index f9e075380..4ad5ce9dd 100644 --- a/src/charon/encoding/payloads/nonce_payload.c +++ b/src/charon/encoding/payloads/nonce_payload.c @@ -13,7 +13,7 @@ * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License * for more details. */ - + /* offsetof macro */ #include <stddef.h> @@ -26,14 +26,14 @@ typedef struct private_nonce_payload_t private_nonce_payload_t; /** * Private data of an nonce_payload_t object. - * + * */ struct private_nonce_payload_t { /** * Public nonce_payload_t interface. */ nonce_payload_t public; - + /** * Next payload type. */ @@ -43,12 +43,12 @@ struct private_nonce_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * The contained nonce value. */ @@ -57,26 +57,26 @@ struct private_nonce_payload_t { /** * Encoding rules to parse or generate a nonce payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_nonce_payload_t. - * + * */ encoding_rule_t nonce_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_nonce_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_nonce_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { FLAG, offsetof(private_nonce_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* Length of the whole nonce payload*/ - { PAYLOAD_LENGTH, offsetof(private_nonce_payload_t, payload_length) }, + { PAYLOAD_LENGTH, offsetof(private_nonce_payload_t, payload_length) }, /* some nonce bytes, lenth is defined in PAYLOAD_LENGTH */ { NONCE_DATA, offsetof(private_nonce_payload_t, nonce) } }; @@ -102,7 +102,7 @@ static status_t verify(private_nonce_payload_t *this) /* nonce length is wrong */ return FAILED; } - + return SUCCESS; } @@ -187,8 +187,8 @@ static void destroy(private_nonce_payload_t *this) { free(this->nonce.ptr); } - - free(this); + + free(this); } /* @@ -206,12 +206,12 @@ nonce_payload_t *nonce_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (nonce_payload_t *)) destroy; this->public.set_nonce = (void (*) (nonce_payload_t *,chunk_t)) set_nonce; this->public.get_nonce = (chunk_t (*) (nonce_payload_t *)) get_nonce; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/nonce_payload.h b/src/charon/encoding/payloads/nonce_payload.h index 4adaba481..e9212202e 100644 --- a/src/charon/encoding/payloads/nonce_payload.h +++ b/src/charon/encoding/payloads/nonce_payload.h @@ -39,7 +39,7 @@ typedef struct nonce_payload_t nonce_payload_t; /** * Object representing an IKEv2 Nonce payload. - * + * * The Nonce payload format is described in RFC section 3.3. */ struct nonce_payload_t { @@ -51,17 +51,17 @@ struct nonce_payload_t { /** * Set the nonce value. * - * @param nonce chunk containing the nonce, will be cloned + * @param nonce chunk containing the nonce, will be cloned */ void (*set_nonce) (nonce_payload_t *this, chunk_t nonce); - + /** * Get the nonce value. * * @return a chunk containing the cloned nonce */ chunk_t (*get_nonce) (nonce_payload_t *this); - + /** * Destroys an nonce_payload_t object. */ @@ -70,7 +70,7 @@ struct nonce_payload_t { /** * Creates an empty nonce_payload_t object - * + * * @return nonce_payload_t object */ nonce_payload_t *nonce_payload_create(void); diff --git a/src/charon/encoding/payloads/notify_payload.c b/src/charon/encoding/payloads/notify_payload.c index d2a995ace..469698ef5 100644 --- a/src/charon/encoding/payloads/notify_payload.c +++ b/src/charon/encoding/payloads/notify_payload.c @@ -41,7 +41,7 @@ ENUM_NEXT(notify_type_names, INVALID_KE_PAYLOAD, INVALID_KE_PAYLOAD, NO_PROPOSAL "INVALID_KE_PAYLOAD"); ENUM_NEXT(notify_type_names, AUTHENTICATION_FAILED, AUTHENTICATION_FAILED, INVALID_KE_PAYLOAD, "AUTHENTICATION_FAILED"); -ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED, AUTHENTICATION_FAILED, +ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, USE_ASSIGNED_HoA, AUTHENTICATION_FAILED, "SINGLE_PAIR_REQUIRED", "NO_ADDITIONAL_SAS", "INTERNAL_ADDRESS_FAILURE", @@ -49,10 +49,11 @@ ENUM_NEXT(notify_type_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED, AUTH "TS_UNACCEPTABLE", "INVALID_SELECTORS", "UNACCEPTABLE_ADDRESSES", - "UNEXPECTED_NAT_DETECTED"); -ENUM_NEXT(notify_type_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, UNEXPECTED_NAT_DETECTED, + "UNEXPECTED_NAT_DETECTED", + "USE_ASSIGNED_HoA"); +ENUM_NEXT(notify_type_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, USE_ASSIGNED_HoA, "ME_CONNECT_FAILED"); -ENUM_NEXT(notify_type_names, INITIAL_CONTACT, ANOTHER_AUTH_FOLLOWS, ME_CONNECT_FAILED, +ENUM_NEXT(notify_type_names, INITIAL_CONTACT, LINK_ID, ME_CONNECT_FAILED, "INITIAL_CONTACT", "SET_WINDOW_SIZE", "ADDITIONAL_TS_POSSIBLE", @@ -74,8 +75,17 @@ ENUM_NEXT(notify_type_names, INITIAL_CONTACT, ANOTHER_AUTH_FOLLOWS, ME_CONNECT_F "NO_NATS_ALLOWED", "AUTH_LIFETIME", "MULTIPLE_AUTH_SUPPORTED", - "ANOTHER_AUTH_FOLLOWS"); -ENUM_NEXT(notify_type_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, ANOTHER_AUTH_FOLLOWS, + "ANOTHER_AUTH_FOLLOWS", + "REDIRECT_SUPPORTED", + "REDIRECT", + "REDIRECTED_FROM", + "TICKET_LT_OPAQUE", + "TICKET_REQUEST", + "TICKET_ACK", + "TICKET_NACK", + "TICKET_OPAQUE", + "LINK_ID"); +ENUM_NEXT(notify_type_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, LINK_ID, "EAP_ONLY_AUTHENTICATION"); ENUM_NEXT(notify_type_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, "USE_BEET_MODE"); @@ -107,7 +117,7 @@ ENUM_NEXT(notify_type_short_names, INVALID_KE_PAYLOAD, INVALID_KE_PAYLOAD, NO_PR "INVAL_KE"); ENUM_NEXT(notify_type_short_names, AUTHENTICATION_FAILED, AUTHENTICATION_FAILED, INVALID_KE_PAYLOAD, "AUTH_FAILED"); -ENUM_NEXT(notify_type_short_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED, AUTHENTICATION_FAILED, +ENUM_NEXT(notify_type_short_names, SINGLE_PAIR_REQUIRED, USE_ASSIGNED_HoA, AUTHENTICATION_FAILED, "SINGLE_PAIR", "NO_ADD_SAS", "INT_ADDR_FAIL", @@ -115,10 +125,11 @@ ENUM_NEXT(notify_type_short_names, SINGLE_PAIR_REQUIRED, UNEXPECTED_NAT_DETECTED "TS_UNACCEPT", "INVAL_SEL", "UNACCEPT_ADDR", - "UNEXPECT_NAT"); -ENUM_NEXT(notify_type_short_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, UNEXPECTED_NAT_DETECTED, + "UNEXPECT_NAT", + "ASSIGNED_HoA"); +ENUM_NEXT(notify_type_short_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, USE_ASSIGNED_HoA, "ME_CONN_FAIL"); -ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, ANOTHER_AUTH_FOLLOWS, ME_CONNECT_FAILED, +ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, LINK_ID, ME_CONNECT_FAILED, "INIT_CONTACT", "SET_WINSIZE", "ADD_TS_POSS", @@ -140,8 +151,17 @@ ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, ANOTHER_AUTH_FOLLOWS, ME_CON "NO_NATS", "AUTH_LFT", "MULT_AUTH", - "AUTH_FOLLOWS"); -ENUM_NEXT(notify_type_short_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, ANOTHER_AUTH_FOLLOWS, + "AUTH_FOLLOWS", + "REDIR_SUP", + "REDIR", + "REDIR_FROM", + "TKT_LT_OPAK", + "TKT_REQ", + "TKT_ACK", + "TKT_NACK", + "TKT_OPAK", + "LINK_ID"); +ENUM_NEXT(notify_type_short_names, EAP_ONLY_AUTHENTICATION, EAP_ONLY_AUTHENTICATION, LINK_ID, "EAP_ONLY"); ENUM_NEXT(notify_type_short_names, USE_BEET_MODE, USE_BEET_MODE, EAP_ONLY_AUTHENTICATION, "BEET_MODE"); @@ -160,14 +180,14 @@ typedef struct private_notify_payload_t private_notify_payload_t; /** * Private data of an notify_payload_t object. - * + * */ struct private_notify_payload_t { /** * Public notify_payload_t interface. */ notify_payload_t public; - + /** * Next payload type. */ @@ -177,27 +197,27 @@ struct private_notify_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Protocol id. */ u_int8_t protocol_id; - + /** * Spi size. */ u_int8_t spi_size; - + /** * Notify message type. */ u_int16_t notify_type; - + /** * Security parameter index (spi). */ @@ -211,26 +231,26 @@ struct private_notify_payload_t { /** * Encoding rules to parse or generate a IKEv2-Notify Payload. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_notify_payload_t. - * + * */ encoding_rule_t notify_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_notify_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_notify_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { FLAG, offsetof(private_notify_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* Length of the whole payload*/ - { PAYLOAD_LENGTH, offsetof(private_notify_payload_t, payload_length) }, + { PAYLOAD_LENGTH, offsetof(private_notify_payload_t, payload_length) }, /* Protocol ID as 8 bit field*/ { U_INT_8, offsetof(private_notify_payload_t, protocol_id) }, /* SPI Size as 8 bit field*/ @@ -238,7 +258,7 @@ encoding_rule_t notify_payload_encodings[] = { /* Notify message type as 16 bit field*/ { U_INT_16, offsetof(private_notify_payload_t, notify_type) }, /* SPI as variable length field*/ - { SPI, offsetof(private_notify_payload_t, spi) }, + { SPI, offsetof(private_notify_payload_t, spi) }, /* Key Exchange Data is from variable size */ { NOTIFICATION_DATA, offsetof(private_notify_payload_t, notification_data) } }; @@ -279,7 +299,7 @@ static status_t verify(private_notify_payload_t *this) DBG1(DBG_ENC, "Unknown protocol (%d)", this->protocol_id); return FAILED; } - + switch (this->notify_type) { case INVALID_KE_PAYLOAD: @@ -567,7 +587,7 @@ notify_payload_t *notify_payload_create() this->public.get_notification_data = (chunk_t (*) (notify_payload_t *)) get_notification_data; this->public.set_notification_data = (void (*) (notify_payload_t *,chunk_t)) set_notification_data; this->public.destroy = (void (*) (notify_payload_t *)) destroy; - + /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -579,7 +599,7 @@ notify_payload_t *notify_payload_create() this->spi_size = 0; this->notification_data.ptr = NULL; this->notification_data.len = 0; - + return &this->public; } @@ -592,6 +612,6 @@ notify_payload_t *notify_payload_create_from_protocol_and_type(protocol_id_t pro notify->set_notify_type(notify,notify_type); notify->set_protocol_id(notify,protocol_id); - + return notify; } diff --git a/src/charon/encoding/payloads/notify_payload.h b/src/charon/encoding/payloads/notify_payload.h index a5f501dca..0e1bc23b8 100644 --- a/src/charon/encoding/payloads/notify_payload.h +++ b/src/charon/encoding/payloads/notify_payload.h @@ -59,11 +59,15 @@ enum notify_type_t { FAILED_CP_REQUIRED = 37, TS_UNACCEPTABLE = 38, INVALID_SELECTORS = 39, + /* mobile extension, RFC 4555 */ UNACCEPTABLE_ADDRESSES = 40, UNEXPECTED_NAT_DETECTED = 41, + /* mobile IPv6 bootstrapping, RFC 5026 */ + USE_ASSIGNED_HoA = 42, + /* IKE-ME, private use */ ME_CONNECT_FAILED = 8192, - + /* notify status messages */ INITIAL_CONTACT = 16384, SET_WINDOW_SIZE = 16385, @@ -87,9 +91,21 @@ enum notify_type_t { NO_NATS_ALLOWED = 16402, /* repeated authentication extension, RFC4478 */ AUTH_LIFETIME = 16403, - /* multiple authentication exchanges, RFC 4739 */ + /* multiple authentication exchanges, RFC 4739 */ MULTIPLE_AUTH_SUPPORTED = 16404, ANOTHER_AUTH_FOLLOWS = 16405, + /* redirect mechanism, RFC 5685 */ + REDIRECT_SUPPORTED = 16406, + REDIRECT = 16407, + REDIRECTED_FROM = 16408, + /* draft-ietf-ipsecme-ikev2-resumption, assigned by IANA */ + TICKET_LT_OPAQUE = 16409, + TICKET_REQUEST = 16410, + TICKET_ACK = 16411, + TICKET_NACK = 16412, + TICKET_OPAQUE = 16413, + LINK_ID = 16414, + /* draft-eronen-ipsec-ikev2-eap-auth, not assigned by IANA yet */ EAP_ONLY_AUTHENTICATION = 40960, /* BEET mode, not even a draft yet. private use */ @@ -116,7 +132,7 @@ extern enum_name_t *notify_type_short_names; /** * Class representing an IKEv2-Notify Payload. - * + * * The Notify Payload format is described in Draft section 3.10. */ struct notify_payload_t { @@ -124,67 +140,67 @@ struct notify_payload_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Gets the protocol id of this payload. - * + * * @return protocol id of this payload */ u_int8_t (*get_protocol_id) (notify_payload_t *this); /** * Sets the protocol id of this payload. - * + * * @param protocol_id protocol id to set */ void (*set_protocol_id) (notify_payload_t *this, u_int8_t protocol_id); /** * Gets the notify message type of this payload. - * + * * @return notify message type of this payload */ notify_type_t (*get_notify_type) (notify_payload_t *this); /** * Sets notify message type of this payload. - * + * * @param type notify message type to set */ void (*set_notify_type) (notify_payload_t *this, notify_type_t type); /** * Returns the currently set spi of this payload. - * + * * This is only valid for notifys with protocol AH|ESP * * @return SPI value */ u_int32_t (*get_spi) (notify_payload_t *this); - + /** * Sets the spi of this payload. - * + * * This is only valid for notifys with protocol AH|ESP - * + * * @param spi SPI value */ void (*set_spi) (notify_payload_t *this, u_int32_t spi); /** * Returns the currently set notification data of payload. - * + * * Returned data are not copied. - * + * * @return chunk_t pointing to the value */ chunk_t (*get_notification_data) (notify_payload_t *this); - + /** * Sets the notification data of this payload. - * + * * @warning Value is getting copied. - * + * * @param notification_data chunk_t pointing to the value to set */ void (*set_notification_data) (notify_payload_t *this, @@ -198,14 +214,14 @@ struct notify_payload_t { /** * Creates an empty notify_payload_t object - * + * * @return created notify_payload_t object */ notify_payload_t *notify_payload_create(void); /** * Creates an notify_payload_t object of specific type for specific protocol id. - * + * * @param protocol_id protocol id (IKE, AH or ESP) * @param type notify type (see notify_type_t) * @return notify_payload_t object diff --git a/src/charon/encoding/payloads/payload.h b/src/charon/encoding/payloads/payload.h index 78f5b7b97..2e783cb30 100644 --- a/src/charon/encoding/payloads/payload.h +++ b/src/charon/encoding/payloads/payload.h @@ -33,7 +33,7 @@ typedef struct payload_t payload_t; /** * Payload-Types of a IKEv2-Message. * - * Header and substructures are also defined as + * Header and substructures are also defined as * payload types with values from PRIVATE USE space. */ enum payload_type_t{ @@ -42,7 +42,7 @@ enum payload_type_t{ * End of payload list in next_payload */ NO_PAYLOAD = 0, - + /** * The security association (SA) payload containing proposals. */ @@ -122,67 +122,67 @@ enum payload_type_t{ * Extensible authentication payload (EAP). */ EXTENSIBLE_AUTHENTICATION = 48, - + #ifdef ME /** * Identification payload for peers has a value from - * the PRIVATE USE space. + * the PRIVATE USE space. */ ID_PEER = 128, #endif /* ME */ - + /** * Header has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle IKEv2-Header like a payload. */ HEADER = 140, - + /** * PROPOSAL_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a proposal substructure like a payload. */ PROPOSAL_SUBSTRUCTURE = 141, /** * TRANSFORM_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform substructure like a payload. */ TRANSFORM_SUBSTRUCTURE = 142, - + /** * TRANSFORM_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ TRANSFORM_ATTRIBUTE = 143, /** * TRAFFIC_SELECTOR_SUBSTRUCTURE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform selector like a payload. - */ + */ TRAFFIC_SELECTOR_SUBSTRUCTURE = 144, - + /** * CONFIGURATION_ATTRIBUTE has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a transform attribute like a payload. */ CONFIGURATION_ATTRIBUTE = 145, - + /** * A unknown payload has a value of PRIVATE USE space. - * - * This payload type is not sent over wire and just + * + * This payload type is not sent over wire and just * used internally to handle a unknown payload. */ UNKNOWN_PAYLOAD = 146, @@ -201,13 +201,13 @@ extern enum_name_t *payload_type_short_names; /** * Generic interface for all payload types (incl.header and substructures). - * + * * To handle all kinds of payloads on a generic way, this interface must * be implemented by every payload. This allows parser_t/generator_t a simple * handling of all payloads. */ struct payload_t { - + /** * Get encoding rules for this payload. * @@ -229,7 +229,7 @@ struct payload_t { * @return type of next payload */ payload_type_t (*get_next_type) (payload_t *this); - + /** * Set type of next payload. * @@ -243,14 +243,14 @@ struct payload_t { * @return length of this payload */ size_t (*get_length) (payload_t *this); - + /** * Verifies payload structure and makes consistence check. * * @return SUCCESS, FAILED if consistence not given */ status_t (*verify) (payload_t *this); - + /** * Destroys a payload and all included substructures. */ @@ -259,11 +259,11 @@ struct payload_t { /** * Create an empty payload. - * + * * Useful for the parser, who wants a generic constructor for all payloads. - * It supports all payload_t methods. If a payload type is not known, + * It supports all payload_t methods. If a payload type is not known, * an unknwon_paylod is created with the chunk of data in it. - * + * * @param type type of the payload to create * @return payload_t object */ diff --git a/src/charon/encoding/payloads/proposal_substructure.c b/src/charon/encoding/payloads/proposal_substructure.c index a8166023c..c93f73a68 100644 --- a/src/charon/encoding/payloads/proposal_substructure.c +++ b/src/charon/encoding/payloads/proposal_substructure.c @@ -35,14 +35,14 @@ typedef struct private_proposal_substructure_t private_proposal_substructure_t; /** * Private data of an proposal_substructure_t object. - * + * */ struct private_proposal_substructure_t { /** * Public proposal_substructure_t interface. */ proposal_substructure_t public; - + /** * Next payload type. */ @@ -52,12 +52,12 @@ struct private_proposal_substructure_t { * Length of this payload. */ u_int16_t proposal_length; - + /** * Proposal number. */ u_int8_t proposal_number; - + /** * Protocol ID. */ @@ -66,32 +66,32 @@ struct private_proposal_substructure_t { /** * SPI size of the following SPI. */ - u_int8_t spi_size; + u_int8_t spi_size; /** * Number of transforms. */ - u_int8_t transforms_count; - - /** - * SPI is stored as chunk. - */ - chunk_t spi; - - /** - * Transforms are stored in a linked_list_t. - */ + u_int8_t transforms_count; + + /** + * SPI is stored as chunk. + */ + chunk_t spi; + + /** + * Transforms are stored in a linked_list_t. + */ linked_list_t * transforms; }; /** * Encoding rules to parse or generate a Proposal substructure. * - * The defined offsets are the positions in a object of type + * The defined offsets are the positions in a object of type * private_proposal_substructure_t. */ encoding_rule_t proposal_substructure_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_proposal_substructure_t, next_payload) }, /* Reserved Byte is skipped */ { RESERVED_BYTE, 0 }, @@ -107,7 +107,7 @@ encoding_rule_t proposal_substructure_encodings[] = { { U_INT_8, offsetof(private_proposal_substructure_t, transforms_count) }, /* SPI is a chunk of variable size*/ { SPI, offsetof(private_proposal_substructure_t, spi) }, - /* Transforms are stored in a transform substructure, + /* Transforms are stored in a transform substructure, offset points to a linked_list_t pointer */ { TRANSFORMS, offsetof(private_proposal_substructure_t, transforms) } }; @@ -136,7 +136,7 @@ static status_t verify(private_proposal_substructure_t *this) status_t status = SUCCESS; iterator_t *iterator; payload_t *current_transform; - + if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 2)) { /* must be 0 or 2 */ @@ -178,7 +178,7 @@ static status_t verify(private_proposal_substructure_t *this) DBG1(DBG_ENC, "invalid protocol"); return FAILED; } - + iterator = this->transforms->create_iterator(this->transforms,TRUE); while(iterator->iterate(iterator, (void**)¤t_transform)) { @@ -190,8 +190,8 @@ static status_t verify(private_proposal_substructure_t *this) } } iterator->destroy(iterator); - - /* proposal number is checked in SA payload */ + + /* proposal number is checked in SA payload */ return status; } @@ -236,7 +236,7 @@ static void compute_length(private_proposal_substructure_t *this) payload_t *current_transform; size_t transforms_count = 0; size_t length = PROPOSAL_SUBSTRUCTURE_HEADER_LENGTH; - + iterator = this->transforms->create_iterator(this->transforms,TRUE); while (iterator->iterate(iterator, (void**)¤t_transform)) { @@ -244,7 +244,7 @@ static void compute_length(private_proposal_substructure_t *this) transforms_count++; } iterator->destroy(iterator); - + length += this->spi.len; this->transforms_count = transforms_count; this->proposal_length = length; @@ -282,7 +282,7 @@ static void add_transform_substructure (private_proposal_substructure_t *this,tr } transform->set_is_last_transform(transform,TRUE); - + this->transforms->insert_last(this->transforms,(void *) transform); compute_length(this); } @@ -340,7 +340,7 @@ static void set_spi(private_proposal_substructure_t *this, chunk_t spi) this->spi.len = 0; compute_length(this); } - + this->spi.ptr = clalloc(spi.ptr,spi.len); this->spi.len = spi.len; this->spi_size = spi.len; @@ -355,7 +355,7 @@ static chunk_t get_spi(private_proposal_substructure_t *this) chunk_t spi; spi.ptr = this->spi.ptr; spi.len = this->spi.len; - + return spi; } @@ -384,24 +384,24 @@ proposal_t* get_proposal(private_proposal_substructure_t *this) transform_substructure_t *transform; proposal_t *proposal; u_int64_t spi; - + proposal = proposal_create(this->protocol_id); - + iterator = this->transforms->create_iterator(this->transforms, TRUE); while (iterator->iterate(iterator, (void**)&transform)) { transform_type_t transform_type; u_int16_t transform_id; u_int16_t key_length = 0; - + transform_type = transform->get_transform_type(transform); transform_id = transform->get_transform_id(transform); transform->get_key_length(transform, &key_length); - + proposal->add_algorithm(proposal, transform_type, transform_id, key_length); } iterator->destroy(iterator); - + switch (this->spi.len) { case 4: @@ -414,7 +414,7 @@ proposal_t* get_proposal(private_proposal_substructure_t *this) spi = 0; } proposal->set_spi(proposal, spi); - + return proposal; } @@ -426,7 +426,7 @@ static private_proposal_substructure_t* clone_(private_proposal_substructure_t * private_proposal_substructure_t *clone; iterator_t *transforms; transform_substructure_t *current_transform; - + clone = (private_proposal_substructure_t *) proposal_substructure_create(); clone->next_payload = this->next_payload; clone->proposal_number = this->proposal_number; @@ -444,8 +444,8 @@ static private_proposal_substructure_t* clone_(private_proposal_substructure_t * current_transform = current_transform->clone(current_transform); clone->public.add_transform_substructure(&clone->public, current_transform); } - transforms->destroy(transforms); - + transforms->destroy(transforms); + return clone; } @@ -468,16 +468,16 @@ proposal_substructure_t *proposal_substructure_create() { private_proposal_substructure_t *this = malloc_thing(private_proposal_substructure_t); - /* interface functions */ + /* interface functions */ this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; + this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - + + /* public functions */ this->public.create_transform_substructure_iterator = (iterator_t* (*) (proposal_substructure_t *,bool)) create_transform_substructure_iterator; this->public.add_transform_substructure = (void (*) (proposal_substructure_t *,transform_substructure_t *)) add_transform_substructure; @@ -490,10 +490,10 @@ proposal_substructure_t *proposal_substructure_create() this->public.set_spi = (void (*) (proposal_substructure_t *,chunk_t))set_spi; this->public.get_spi = (chunk_t (*) (proposal_substructure_t *)) get_spi; this->public.get_transform_count = (size_t (*) (proposal_substructure_t *)) get_transform_count; - this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size; + this->public.get_spi_size = (size_t (*) (proposal_substructure_t *)) get_spi_size; this->public.clone = (proposal_substructure_t * (*) (proposal_substructure_t *)) clone_; this->public.destroy = (void (*) (proposal_substructure_t *)) destroy; - + /* set default values of the fields */ this->next_payload = NO_PAYLOAD; this->proposal_length = 0; @@ -503,9 +503,9 @@ proposal_substructure_t *proposal_substructure_create() this->spi_size = 0; this->spi.ptr = NULL; this->spi.len = 0; - + this->transforms = linked_list_create(); - + return (&(this->public)); } @@ -518,9 +518,9 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * private_proposal_substructure_t *this; u_int16_t alg, key_size; enumerator_t *enumerator; - + this = (private_proposal_substructure_t*)proposal_substructure_create(); - + /* encryption algorithm is only availble in ESP */ enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM); while (enumerator->enumerate(enumerator, &alg, &key_size)) @@ -530,7 +530,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * add_transform_substructure(this, transform); } enumerator->destroy(enumerator); - + /* integrity algorithms */ enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM); while (enumerator->enumerate(enumerator, &alg, &key_size)) @@ -540,7 +540,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * add_transform_substructure(this, transform); } enumerator->destroy(enumerator); - + /* prf algorithms */ enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION); while (enumerator->enumerate(enumerator, &alg, &key_size)) @@ -550,17 +550,17 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * add_transform_substructure(this, transform); } enumerator->destroy(enumerator); - + /* dh groups */ enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP); while (enumerator->enumerate(enumerator, &alg, NULL)) { - transform = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP, + transform = transform_substructure_create_type(DIFFIE_HELLMAN_GROUP, alg, 0); add_transform_substructure(this, transform); } enumerator->destroy(enumerator); - + /* extended sequence numbers */ enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS); while (enumerator->enumerate(enumerator, &alg, NULL)) @@ -570,7 +570,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * add_transform_substructure(this, transform); } enumerator->destroy(enumerator); - + /* add SPI, if necessary */ switch (proposal->get_protocol(proposal)) { @@ -593,6 +593,6 @@ proposal_substructure_t *proposal_substructure_create_from_proposal(proposal_t * } this->proposal_number = 0; this->protocol_id = proposal->get_protocol(proposal); - + return &this->public; } diff --git a/src/charon/encoding/payloads/proposal_substructure.h b/src/charon/encoding/payloads/proposal_substructure.h index 8ccb917d6..4934802af 100644 --- a/src/charon/encoding/payloads/proposal_substructure.h +++ b/src/charon/encoding/payloads/proposal_substructure.h @@ -38,7 +38,7 @@ typedef struct proposal_substructure_t proposal_substructure_t; /** * Class representing an IKEv2-PROPOSAL SUBSTRUCTURE. - * + * * The PROPOSAL SUBSTRUCTURE format is described in RFC section 3.3.1. */ struct proposal_substructure_t { @@ -55,7 +55,7 @@ struct proposal_substructure_t { */ iterator_t *(*create_transform_substructure_iterator) ( proposal_substructure_t *this, bool forward); - + /** * Adds a transform_substructure_t object to this object. * @@ -63,7 +63,7 @@ struct proposal_substructure_t { */ void (*add_transform_substructure) (proposal_substructure_t *this, transform_substructure_t *transform); - + /** * Sets the proposal number of current proposal. * @@ -71,24 +71,24 @@ struct proposal_substructure_t { */ void (*set_proposal_number) (proposal_substructure_t *this, u_int8_t proposal_number); - + /** * get proposal number of current proposal. - * + * * @return proposal number of current proposal substructure. */ u_int8_t (*get_proposal_number) (proposal_substructure_t *this); /** * get the number of transforms in current proposal. - * + * * @return transform count in current proposal */ size_t (*get_transform_count) (proposal_substructure_t *this); /** * get size of the set spi in bytes. - * + * * @return size of the spi in bytes */ size_t (*get_spi_size) (proposal_substructure_t *this); @@ -100,43 +100,43 @@ struct proposal_substructure_t { */ void (*set_protocol_id) (proposal_substructure_t *this, u_int8_t protocol_id); - + /** * get protocol id of current proposal. - * + * * @return protocol id of current proposal substructure. */ u_int8_t (*get_protocol_id) (proposal_substructure_t *this); - + /** * Sets the next_payload field of this substructure - * + * * If this is the last proposal, next payload field is set to 0, * otherwise to 2 * * @param is_last When TRUE, next payload field is set to 0, otherwise to 2 */ void (*set_is_last_proposal) (proposal_substructure_t *this, bool is_last); - + /** * Returns the currently set SPI of this proposal. * * @return chunk_t pointing to the value */ chunk_t (*get_spi) (proposal_substructure_t *this); - + /** * Sets the SPI of the current proposal. - * + * * @warning SPI is getting copied - * + * * @param spi chunk_t pointing to the value to set */ void (*set_spi) (proposal_substructure_t *this, chunk_t spi); - + /** * Get a proposal_t from the propsal_substructure_t. - * + * * @return proposal_t */ proposal_t * (*get_proposal) (proposal_substructure_t *this); @@ -156,7 +156,7 @@ struct proposal_substructure_t { /** * Creates an empty proposal_substructure_t object - * + * * @return proposal_substructure_t object */ proposal_substructure_t *proposal_substructure_create(void); diff --git a/src/charon/encoding/payloads/sa_payload.c b/src/charon/encoding/payloads/sa_payload.c index 3ca2f08c8..187a8fee0 100644 --- a/src/charon/encoding/payloads/sa_payload.c +++ b/src/charon/encoding/payloads/sa_payload.c @@ -27,14 +27,14 @@ typedef struct private_sa_payload_t private_sa_payload_t; /** * Private data of an sa_payload_t object. - * + * */ struct private_sa_payload_t { /** * Public sa_payload_t interface. */ sa_payload_t public; - + /** * Next payload type. */ @@ -44,12 +44,12 @@ struct private_sa_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Proposals in this payload are stored in a linked_list_t. */ @@ -58,27 +58,27 @@ struct private_sa_payload_t { /** * Encoding rules to parse or generate a IKEv2-SA Payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_sa_payload_t. - * + * */ encoding_rule_t sa_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_sa_payload_t, next_payload) }, /* the critical bit */ - { FLAG, offsetof(private_sa_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, - { RESERVED_BIT, 0 }, + { FLAG, offsetof(private_sa_payload_t, critical) }, + /* 7 Bit reserved bits, nowhere stored */ + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, + { RESERVED_BIT, 0 }, /* Length of the whole SA payload*/ - { PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) }, - /* Proposals are stored in a proposal substructure, + { PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) }, + /* Proposals are stored in a proposal substructure, offset points to a linked_list_t pointer */ { PROPOSALS, offsetof(private_sa_payload_t, proposals) } }; @@ -108,12 +108,12 @@ static status_t verify(private_sa_payload_t *this) /* check proposal numbering */ iterator = this->proposals->create_iterator(this->proposals,TRUE); - + while(iterator->iterate(iterator, (void**)¤t_proposal)) { current_number = current_proposal->get_proposal_number(current_proposal); if (current_number < expected_number) - { + { if (current_number != (expected_number + 1)) { DBG1(DBG_ENC, "proposal number is %d, expected %d or %d", @@ -129,7 +129,7 @@ static status_t verify(private_sa_payload_t *this) status = FAILED; break; } - + status = current_proposal->payload_interface.verify(&(current_proposal->payload_interface)); if (status != SUCCESS) { @@ -139,7 +139,7 @@ static status_t verify(private_sa_payload_t *this) first = FALSE; expected_number = current_number; } - + iterator->destroy(iterator); return status; } @@ -197,14 +197,14 @@ static void compute_length (private_sa_payload_t *this) iterator_t *iterator; payload_t *current_proposal; size_t length = SA_PAYLOAD_HEADER_LENGTH; - + iterator = this->proposals->create_iterator(this->proposals,TRUE); while (iterator->iterate(iterator, (void **)¤t_proposal)) { length += current_proposal->get_length(current_proposal); } iterator->destroy(iterator); - + this->payload_length = length; } @@ -232,7 +232,7 @@ static void add_proposal_substructure(private_sa_payload_t *this,proposal_substr { status_t status; u_int proposal_count = this->proposals->get_count(this->proposals); - + if (proposal_count > 0) { proposal_substructure_t *last_proposal; @@ -252,7 +252,7 @@ static void add_proposal_substructure(private_sa_payload_t *this,proposal_substr static void add_proposal(private_sa_payload_t *this, proposal_t *proposal) { proposal_substructure_t *substructure; - + substructure = proposal_substructure_create_from_proposal(proposal); add_proposal_substructure(this, substructure); } @@ -267,10 +267,10 @@ static linked_list_t *get_proposals(private_sa_payload_t *this) iterator_t *iterator; proposal_substructure_t *proposal_struct; linked_list_t *proposal_list; - + /* this list will hold our proposals */ proposal_list = linked_list_create(); - + /* we do not support proposals split up to two proposal substructures, as * AH+ESP bundles are not supported in RFC4301 anymore. * To handle such structures safely, we just skip proposals with multiple @@ -280,7 +280,7 @@ static linked_list_t *get_proposals(private_sa_payload_t *this) while (iterator->iterate(iterator, (void **)&proposal_struct)) { proposal_t *proposal; - + /* check if a proposal has a single protocol */ if (proposal_struct->get_proposal_number(proposal_struct) == struct_number) { @@ -310,7 +310,7 @@ static linked_list_t *get_proposals(private_sa_payload_t *this) sa_payload_t *sa_payload_create() { private_sa_payload_t *this = malloc_thing(private_sa_payload_t); - + /* public interface */ this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; @@ -319,14 +319,14 @@ sa_payload_t *sa_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.create_proposal_substructure_iterator = (iterator_t* (*) (sa_payload_t *,bool)) create_proposal_substructure_iterator; this->public.add_proposal_substructure = (void (*) (sa_payload_t *,proposal_substructure_t *)) add_proposal_substructure; this->public.add_proposal = (void (*) (sa_payload_t*,proposal_t*))add_proposal; this->public.get_proposals = (linked_list_t* (*) (sa_payload_t *)) get_proposals; this->public.destroy = (void (*) (sa_payload_t *)) destroy; - + /* set default values of the fields */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; @@ -343,7 +343,7 @@ sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals) iterator_t *iterator; proposal_t *proposal; sa_payload_t *sa_payload = sa_payload_create(); - + /* add every payload from the list */ iterator = proposals->create_iterator(proposals, TRUE); while (iterator->iterate(iterator, (void**)&proposal)) @@ -351,7 +351,7 @@ sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals) add_proposal((private_sa_payload_t*)sa_payload, proposal); } iterator->destroy(iterator); - + return sa_payload; } @@ -361,8 +361,8 @@ sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals) sa_payload_t *sa_payload_create_from_proposal(proposal_t *proposal) { sa_payload_t *sa_payload = sa_payload_create(); - + add_proposal((private_sa_payload_t*)sa_payload, proposal); - + return sa_payload; } diff --git a/src/charon/encoding/payloads/sa_payload.h b/src/charon/encoding/payloads/sa_payload.h index 58ae72544..25f5a2407 100644 --- a/src/charon/encoding/payloads/sa_payload.h +++ b/src/charon/encoding/payloads/sa_payload.h @@ -44,12 +44,12 @@ struct sa_payload_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Creates an iterator of stored proposal_substructure_t objects. - * - * When deleting an proposal using this iterator, - * the length of this transform substructure has to be refreshed + * + * When deleting an proposal using this iterator, + * the length of this transform substructure has to be refreshed * by calling get_length()! * * @param forward iterator direction (TRUE: front to end) @@ -57,7 +57,7 @@ struct sa_payload_t { */ iterator_t *(*create_proposal_substructure_iterator) (sa_payload_t *this, bool forward); - + /** * Adds a proposal_substructure_t object to this object. * @@ -68,18 +68,18 @@ struct sa_payload_t { /** * Gets the proposals in this payload as a list. - * + * * @return a list containing proposal_t s */ linked_list_t *(*get_proposals) (sa_payload_t *this); - + /** * Add a child proposal (AH/ESP) to the payload. - * + * * @param proposal child proposal to add to the payload */ void (*add_proposal) (sa_payload_t *this, proposal_t *proposal); - + /** * Destroys an sa_payload_t object. */ @@ -88,14 +88,14 @@ struct sa_payload_t { /** * Creates an empty sa_payload_t object - * + * * @return created sa_payload_t object */ sa_payload_t *sa_payload_create(void); /** * Creates a sa_payload_t object from a list of proposals. - * + * * @param proposals list of proposals to build the payload from * @return sa_payload_t object */ @@ -103,10 +103,10 @@ sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals); /** * Creates a sa_payload_t object from a single proposal. - * + * * This is only for convenience. Use sa_payload_create_from_proposal_list * if you want to add more than one proposal. - * + * * @param proposal proposal from which the payload should be built. * @return sa_payload_t object */ diff --git a/src/charon/encoding/payloads/traffic_selector_substructure.c b/src/charon/encoding/payloads/traffic_selector_substructure.c index 7dcdce6aa..f24857591 100644 --- a/src/charon/encoding/payloads/traffic_selector_substructure.c +++ b/src/charon/encoding/payloads/traffic_selector_substructure.c @@ -24,19 +24,19 @@ typedef struct private_traffic_selector_substructure_t private_traffic_selector_ /** * Private data of an traffic_selector_substructure_t object. - * + * */ struct private_traffic_selector_substructure_t { /** * Public traffic_selector_substructure_t interface. */ traffic_selector_substructure_t public; - + /** * Type of traffic selector. */ u_int8_t ts_type; - + /** * IP Protocol ID. */ @@ -46,7 +46,7 @@ struct private_traffic_selector_substructure_t { * Length of this payload. */ u_int16_t payload_length; - + /** * Start port number. */ @@ -56,7 +56,7 @@ struct private_traffic_selector_substructure_t { * End port number. */ u_int16_t end_port; - + /** * Starting address. */ @@ -70,21 +70,21 @@ struct private_traffic_selector_substructure_t { /** * Encoding rules to parse or generate a TS payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_traffic_selector_substructure_t. - * + * */ encoding_rule_t traffic_selector_substructure_encodings[] = { - /* 1 Byte next ts type*/ + /* 1 Byte next ts type*/ { TS_TYPE, offsetof(private_traffic_selector_substructure_t, ts_type) }, - /* 1 Byte IP protocol id*/ + /* 1 Byte IP protocol id*/ { U_INT_8, offsetof(private_traffic_selector_substructure_t, ip_protocol_id) }, - /* Length of the whole payload*/ + /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_traffic_selector_substructure_t, payload_length) }, - /* 2 Byte start port*/ + /* 2 Byte start port*/ { U_INT_16, offsetof(private_traffic_selector_substructure_t, start_port) }, - /* 2 Byte end port*/ + /* 2 Byte end port*/ { U_INT_16, offsetof(private_traffic_selector_substructure_t, end_port) }, /* starting address is either 4 or 16 byte */ { ADDRESS, offsetof(private_traffic_selector_substructure_t, starting_address) }, @@ -124,7 +124,7 @@ static status_t verify(private_traffic_selector_substructure_t *this) { case TS_IPV4_ADDR_RANGE: { - if ((this->starting_address.len != 4) || + if ((this->starting_address.len != 4) || (this->ending_address.len != 4)) { /* ipv4 address must be 4 bytes long */ @@ -148,7 +148,7 @@ static status_t verify(private_traffic_selector_substructure_t *this) return FAILED; } } - + return SUCCESS; } @@ -182,7 +182,7 @@ static payload_type_t get_next_type(private_traffic_selector_substructure_t *thi */ static void set_next_type(private_traffic_selector_substructure_t *this,payload_type_t type) { - + } /** @@ -199,8 +199,8 @@ static size_t get_length(private_traffic_selector_substructure_t *this) static traffic_selector_t *get_traffic_selector(private_traffic_selector_substructure_t *this) { traffic_selector_t *ts; - ts = traffic_selector_create_from_bytes(this->ip_protocol_id, this->ts_type, - this->starting_address, this->start_port, + ts = traffic_selector_create_from_bytes(this->ip_protocol_id, this->ts_type, + this->starting_address, this->start_port, this->ending_address, this->end_port); return ts; } @@ -221,7 +221,7 @@ static void destroy(private_traffic_selector_substructure_t *this) { free(this->starting_address.ptr); free(this->ending_address.ptr); - free(this); + free(this); } /* @@ -239,11 +239,11 @@ traffic_selector_substructure_t *traffic_selector_substructure_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.get_traffic_selector = (traffic_selector_t* (*)(traffic_selector_substructure_t*))get_traffic_selector; this->public.destroy = (void (*) (traffic_selector_substructure_t *)) destroy; - + /* private variables */ this->payload_length = TRAFFIC_SELECTOR_HEADER_LENGTH; this->start_port = 0; @@ -269,8 +269,8 @@ traffic_selector_substructure_t *traffic_selector_substructure_create_from_traff this->end_port = traffic_selector->get_to_port(traffic_selector); this->starting_address = chunk_clone(traffic_selector->get_from_address(traffic_selector)); this->ending_address = chunk_clone(traffic_selector->get_to_address(traffic_selector)); - + compute_length(this); - + return &(this->public); } diff --git a/src/charon/encoding/payloads/traffic_selector_substructure.h b/src/charon/encoding/payloads/traffic_selector_substructure.h index ee3e204a0..0109fd7f5 100644 --- a/src/charon/encoding/payloads/traffic_selector_substructure.h +++ b/src/charon/encoding/payloads/traffic_selector_substructure.h @@ -25,9 +25,9 @@ typedef struct traffic_selector_substructure_t traffic_selector_substructure_t; #include <library.h> -#include <encoding/payloads/payload.h> #include <utils/host.h> -#include <config/traffic_selector.h> +#include <selectors/traffic_selector.h> +#include <encoding/payloads/payload.h> /** * Length of a TRAFFIC SELECTOR SUBSTRUCTURE without start and end address. @@ -36,7 +36,7 @@ typedef struct traffic_selector_substructure_t traffic_selector_substructure_t; /** * Class representing an IKEv2 TRAFFIC SELECTOR. - * + * * The TRAFFIC SELECTOR format is described in RFC section 3.13.1. */ struct traffic_selector_substructure_t { @@ -44,49 +44,49 @@ struct traffic_selector_substructure_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Get the type of Traffic selector. * * @return type of traffic selector - * + * */ ts_type_t (*get_ts_type) (traffic_selector_substructure_t *this); - + /** * Set the type of Traffic selector. * - * @param ts_type type of traffic selector + * @param ts_type type of traffic selector */ void (*set_ts_type) (traffic_selector_substructure_t *this, ts_type_t ts_type); - + /** * Get the IP protocol ID of Traffic selector. * * @return type of traffic selector - * + * */ u_int8_t (*get_protocol_id) (traffic_selector_substructure_t *this); - + /** * Set the IP protocol ID of Traffic selector * - * @param protocol_id protocol ID of traffic selector + * @param protocol_id protocol ID of traffic selector */ void (*set_protocol_id) (traffic_selector_substructure_t *this, u_int8_t protocol_id); - + /** * Get the start port and address as host_t object. * * Returned host_t object has to get destroyed by the caller. - * + * * @return start host as host_t object - * + * */ host_t *(*get_start_host) (traffic_selector_substructure_t *this); - + /** * Set the start port and address as host_t object. * @@ -94,17 +94,17 @@ struct traffic_selector_substructure_t { */ void (*set_start_host) (traffic_selector_substructure_t *this, host_t *start_host); - + /** * Get the end port and address as host_t object. * * Returned host_t object has to get destroyed by the caller. - * + * * @return end host as host_t object - * + * */ host_t *(*get_end_host) (traffic_selector_substructure_t *this); - + /** * Set the end port and address as host_t object. * @@ -112,17 +112,17 @@ struct traffic_selector_substructure_t { */ void (*set_end_host) (traffic_selector_substructure_t *this, host_t *end_host); - + /** * Get a traffic_selector_t from this substructure. * * @warning traffic_selector_t must be destroyed after usage. - * + * * @return contained traffic_selector_t */ traffic_selector_t *(*get_traffic_selector) ( traffic_selector_substructure_t *this); - + /** * Destroys an traffic_selector_substructure_t object. */ @@ -133,7 +133,7 @@ struct traffic_selector_substructure_t { * Creates an empty traffic_selector_substructure_t object. * * TS type is set to default TS_IPV4_ADDR_RANGE! - * + * * @return traffic_selector_substructure_t object */ traffic_selector_substructure_t *traffic_selector_substructure_create(void); @@ -141,7 +141,7 @@ traffic_selector_substructure_t *traffic_selector_substructure_create(void); /** * Creates an initialized traffif selector substructure using * the values from a traffic_selector_t. - * + * * @param traffic_selector traffic_selector_t to use for initialization * @return traffic_selector_substructure_t object */ diff --git a/src/charon/encoding/payloads/transform_attribute.c b/src/charon/encoding/payloads/transform_attribute.c index 507d04a34..8bf2ddef4 100644 --- a/src/charon/encoding/payloads/transform_attribute.c +++ b/src/charon/encoding/payloads/transform_attribute.c @@ -26,32 +26,32 @@ typedef struct private_transform_attribute_t private_transform_attribute_t; /** * Private data of an transform_attribute_t object. - * + * */ struct private_transform_attribute_t { /** * Public transform_attribute_t interface. */ transform_attribute_t public; - + /** * Attribute Format Flag. - * + * * - TRUE means value is stored in attribute_length_or_value * - FALSE means value is stored in attribute_value */ bool attribute_format; - + /** * Type of the attribute. */ u_int16_t attribute_type; - + /** * Attribute Length if attribute_format is 0, attribute Value otherwise. */ u_int16_t attribute_length_or_value; - + /** * Attribute value as chunk if attribute_format is 0 (FALSE). */ @@ -67,16 +67,16 @@ ENUM_END(transform_attribute_type_name, KEY_LENGTH); /** * Encoding rules to parse or generate a Transform attribute. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_transform_attribute_t. - * + * */ encoding_rule_t transform_attribute_encodings[] = { /* Flag defining the format of this payload */ { ATTRIBUTE_FORMAT, offsetof(private_transform_attribute_t, attribute_format) }, /* type of the attribute as 15 bit unsigned integer */ - { ATTRIBUTE_TYPE, offsetof(private_transform_attribute_t, attribute_type) }, + { ATTRIBUTE_TYPE, offsetof(private_transform_attribute_t, attribute_type) }, /* Length or value, depending on the attribute format flag */ { ATTRIBUTE_LENGTH_OR_VALUE, offsetof(private_transform_attribute_t, attribute_length_or_value) }, /* Value of attribute if attribute format flag is zero */ @@ -104,7 +104,7 @@ static status_t verify(private_transform_attribute_t *this) { return FAILED; } - + return SUCCESS; } @@ -164,16 +164,16 @@ static void set_value_chunk(private_transform_attribute_t *this, chunk_t value) free(this->attribute_value.ptr); this->attribute_value.ptr = NULL; this->attribute_value.len = 0; - + } - + if (value.len > 2) { this->attribute_value.ptr = clalloc(value.ptr,value.len); this->attribute_value.len = value.len; this->attribute_length_or_value = value.len; /* attribute has not a fixed length */ - this->attribute_format = FALSE; + this->attribute_format = FALSE; } else { @@ -192,7 +192,7 @@ static void set_value(private_transform_attribute_t *this, u_int16_t value) free(this->attribute_value.ptr); this->attribute_value.ptr = NULL; this->attribute_value.len = 0; - + } this->attribute_length_or_value = value; } @@ -207,14 +207,14 @@ static chunk_t get_value_chunk (private_transform_attribute_t *this) if (this->attribute_format == FALSE) { value.ptr = this->attribute_value.ptr; - value.len = this->attribute_value.len; + value.len = this->attribute_value.len; } else { value.ptr = (void *) &(this->attribute_length_or_value); value.len = 2; } - + return value; } @@ -249,19 +249,19 @@ static u_int16_t get_attribute_type (private_transform_attribute_t *this) static transform_attribute_t * _clone(private_transform_attribute_t *this) { private_transform_attribute_t *new_clone; - + new_clone = (private_transform_attribute_t *) transform_attribute_create(); - + new_clone->attribute_format = this->attribute_format; new_clone->attribute_type = this->attribute_type; new_clone->attribute_length_or_value = this->attribute_length_or_value; - + if (!new_clone->attribute_format) { - new_clone->attribute_value.ptr = clalloc(this->attribute_value.ptr,this->attribute_value.len); + new_clone->attribute_value.ptr = clalloc(this->attribute_value.ptr,this->attribute_value.len); new_clone->attribute_value.len = this->attribute_value.len; } - + return (transform_attribute_t *) new_clone; } @@ -273,7 +273,7 @@ static void destroy(private_transform_attribute_t *this) if (this->attribute_value.ptr != NULL) { free(this->attribute_value.ptr); - } + } free(this); } @@ -292,7 +292,7 @@ transform_attribute_t *transform_attribute_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.set_value_chunk = (void (*) (transform_attribute_t *,chunk_t)) set_value_chunk; this->public.set_value = (void (*) (transform_attribute_t *,u_int16_t)) set_value; @@ -302,7 +302,7 @@ transform_attribute_t *transform_attribute_create() this->public.get_attribute_type = (u_int16_t (*) (transform_attribute_t *)) get_attribute_type; this->public.clone = (transform_attribute_t * (*) (transform_attribute_t *)) _clone; this->public.destroy = (void (*) (transform_attribute_t *)) destroy; - + /* set default values of the fields */ this->attribute_format = TRUE; this->attribute_type = 0; diff --git a/src/charon/encoding/payloads/transform_attribute.h b/src/charon/encoding/payloads/transform_attribute.h index f7d71a9df..a5fe0154b 100644 --- a/src/charon/encoding/payloads/transform_attribute.h +++ b/src/charon/encoding/payloads/transform_attribute.h @@ -37,14 +37,14 @@ enum transform_attribute_type_t { KEY_LENGTH = 14 }; -/** +/** * enum name for transform_attribute_type_t. */ extern enum_name_t *transform_attribute_type_names; /** * Class representing an IKEv2- TRANSFORM Attribute. - * + * * The TRANSFORM ATTRIBUTE format is described in RFC section 3.3.5. */ struct transform_attribute_t { @@ -55,52 +55,52 @@ struct transform_attribute_t { /** * Returns the currently set value of the attribute. - * + * * Returned data are not copied. - * + * * @return chunk_t pointing to the value */ chunk_t (*get_value_chunk) (transform_attribute_t *this); - + /** * Returns the currently set value of the attribute. - * + * * Returned data are not copied. - * + * * @return value */ u_int16_t (*get_value) (transform_attribute_t *this); - + /** * Sets the value of the attribute. - * + * * Value is getting copied. - * + * * @param value chunk_t pointing to the value to set */ void (*set_value_chunk) (transform_attribute_t *this, chunk_t value); /** * Sets the value of the attribute. - * + * * @param value value to set */ void (*set_value) (transform_attribute_t *this, u_int16_t value); /** * Sets the type of the attribute. - * + * * @param type type to set (most significant bit is set to zero) */ void (*set_attribute_type) (transform_attribute_t *this, u_int16_t type); - + /** * get the type of the attribute. - * + * * @return type of the value */ u_int16_t (*get_attribute_type) (transform_attribute_t *this); - + /** * Clones an transform_attribute_t object. * @@ -116,14 +116,14 @@ struct transform_attribute_t { /** * Creates an empty transform_attribute_t object. - * + * * @return transform_attribute_t object */ transform_attribute_t *transform_attribute_create(void); /** * Creates an transform_attribute_t of type KEY_LENGTH. - * + * * @param key_length key length in bytes * @return transform_attribute_t object */ diff --git a/src/charon/encoding/payloads/transform_substructure.c b/src/charon/encoding/payloads/transform_substructure.c index 497bd53b2..c94f6c1a2 100644 --- a/src/charon/encoding/payloads/transform_substructure.c +++ b/src/charon/encoding/payloads/transform_substructure.c @@ -29,37 +29,37 @@ typedef struct private_transform_substructure_t private_transform_substructure_t /** * Private data of an transform_substructure_t object. - * + * */ struct private_transform_substructure_t { /** * Public transform_substructure_t interface. */ transform_substructure_t public; - + /** * Next payload type. */ u_int8_t next_payload; - + /** * Length of this payload. */ u_int16_t transform_length; - - + + /** * Type of the transform. */ u_int8_t transform_type; - + /** * Transform ID. */ u_int16_t transform_id; - - /** + + /** * Transforms Attributes are stored in a linked_list_t. */ linked_list_t *attributes; @@ -68,25 +68,25 @@ struct private_transform_substructure_t { /** * Encoding rules to parse or generate a Transform substructure. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_transform_substructure_t. - * + * */ encoding_rule_t transform_substructure_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_transform_substructure_t, next_payload) }, /* Reserved Byte is skipped */ - { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, /* Length of the whole transform substructure*/ - { PAYLOAD_LENGTH, offsetof(private_transform_substructure_t, transform_length) }, + { PAYLOAD_LENGTH, offsetof(private_transform_substructure_t, transform_length) }, /* transform type is a number of 8 bit */ - { U_INT_8, offsetof(private_transform_substructure_t, transform_type) }, + { U_INT_8, offsetof(private_transform_substructure_t, transform_type) }, /* Reserved Byte is skipped */ - { RESERVED_BYTE, 0 }, + { RESERVED_BYTE, 0 }, /* tranform ID is a number of 8 bit */ - { U_INT_16, offsetof(private_transform_substructure_t, transform_id) }, - /* Attributes are stored in a transform attribute, + { U_INT_16, offsetof(private_transform_substructure_t, transform_id) }, + /* Attributes are stored in a transform attribute, offset points to a linked_list_t pointer */ { TRANSFORM_ATTRIBUTES, offsetof(private_transform_substructure_t, attributes) } }; @@ -114,7 +114,7 @@ static status_t verify(private_transform_substructure_t *this) status_t status = SUCCESS; iterator_t *iterator; payload_t *current_attributes; - + if ((this->next_payload != NO_PAYLOAD) && (this->next_payload != 3)) { /* must be 0 or 3 */ @@ -139,7 +139,7 @@ static status_t verify(private_transform_substructure_t *this) } } iterator = this->attributes->create_iterator(this->attributes,TRUE); - + while(iterator->iterate(iterator, (void**)¤t_attributes)) { status = current_attributes->verify(current_attributes); @@ -149,8 +149,8 @@ static status_t verify(private_transform_substructure_t *this) } } iterator->destroy(iterator); - - /* proposal number is checked in SA payload */ + + /* proposal number is checked in SA payload */ return status; } @@ -187,14 +187,14 @@ static void compute_length (private_transform_substructure_t *this) iterator_t *iterator; payload_t *current_attribute; size_t length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; - + iterator = this->attributes->create_iterator(this->attributes,TRUE); while (iterator->iterate(iterator, (void**)¤t_attribute)) { length += current_attribute->get_length(current_attribute); } iterator->destroy(iterator); - + this->transform_length = length; } @@ -254,7 +254,7 @@ static void set_transform_type (private_transform_substructure_t *this,u_int8_t { this->transform_type = type; } - + /** * Implementation of transform_substructure_t.get_transform_type. */ @@ -270,7 +270,7 @@ static void set_transform_id (private_transform_substructure_t *this,u_int16_t i { this->transform_id = id; } - + /** * Implementation of transform_substructure_t.get_transform_id. */ @@ -287,20 +287,20 @@ static transform_substructure_t *clone_(private_transform_substructure_t *this) private_transform_substructure_t *clone; iterator_t *attributes; transform_attribute_t *current_attribute; - + clone = (private_transform_substructure_t *) transform_substructure_create(); clone->next_payload = this->next_payload; clone->transform_type = this->transform_type; clone->transform_id = this->transform_id; - + attributes = this->attributes->create_iterator(this->attributes, FALSE); while (attributes->iterate(attributes, (void**)¤t_attribute)) { current_attribute = current_attribute->clone(current_attribute); clone->public.add_transform_attribute(&clone->public, current_attribute); } - attributes->destroy(attributes); - + attributes->destroy(attributes); + return &clone->public; } @@ -312,14 +312,14 @@ static status_t get_key_length(private_transform_substructure_t *this, u_int16_t { iterator_t *attributes; transform_attribute_t *current_attribute; - + attributes = this->attributes->create_iterator(this->attributes, TRUE); while (attributes->iterate(attributes, (void**)¤t_attribute)) { if (current_attribute->get_attribute_type(current_attribute) == KEY_LENGTH) { *key_length = current_attribute->get_value(current_attribute); - attributes->destroy(attributes); + attributes->destroy(attributes); return SUCCESS; } } @@ -350,10 +350,10 @@ transform_substructure_t *transform_substructure_create() this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; this->public.payload_interface.get_next_type = (payload_type_t (*) (payload_t *)) get_next_type; - this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; + this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.create_transform_attribute_iterator = (iterator_t * (*) (transform_substructure_t *,bool)) create_transform_attribute_iterator; this->public.add_transform_attribute = (void (*) (transform_substructure_t *,transform_attribute_t *)) add_transform_attribute; @@ -366,14 +366,14 @@ transform_substructure_t *transform_substructure_create() this->public.get_key_length = (status_t (*) (transform_substructure_t *,u_int16_t *)) get_key_length; this->public.clone = (transform_substructure_t* (*) (transform_substructure_t *)) clone_; this->public.destroy = (void (*) (transform_substructure_t *)) destroy; - + /* set default values of the fields */ this->next_payload = NO_PAYLOAD; this->transform_length = TRANSFORM_SUBSTRUCTURE_HEADER_LENGTH; this->transform_id = 0; this->transform_type = 0; this->attributes = linked_list_create(); - + return (&(this->public)); } @@ -385,17 +385,17 @@ transform_substructure_t *transform_substructure_create_type( u_int16_t transform_id, u_int16_t key_length) { transform_substructure_t *transform = transform_substructure_create(); - + transform->set_transform_type(transform,transform_type); transform->set_transform_id(transform,transform_id); - + if (key_length) { transform_attribute_t *attribute; - + attribute = transform_attribute_create_key_length(key_length); transform->add_transform_attribute(transform, attribute); - + } return transform; } diff --git a/src/charon/encoding/payloads/transform_substructure.h b/src/charon/encoding/payloads/transform_substructure.h index b02a94a6c..5d31f8c0a 100644 --- a/src/charon/encoding/payloads/transform_substructure.h +++ b/src/charon/encoding/payloads/transform_substructure.h @@ -48,7 +48,7 @@ typedef struct transform_substructure_t transform_substructure_t; /** * Class representing an IKEv2- TRANSFORM SUBSTRUCTURE. - * + * * The TRANSFORM SUBSTRUCTURE format is described in RFC section 3.3.2. */ struct transform_substructure_t { @@ -56,12 +56,12 @@ struct transform_substructure_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Creates an iterator of stored transform_attribute_t objects. - * - * When deleting an transform attribute using this iterator, - * the length of this transform substructure has to be refreshed + * + * When deleting an transform attribute using this iterator, + * the length of this transform substructure has to be refreshed * by calling get_length(). * * @param forward iterator direction (TRUE: front to end) @@ -69,7 +69,7 @@ struct transform_substructure_t { */ iterator_t * (*create_transform_attribute_iterator) ( transform_substructure_t *this, bool forward); - + /** * Adds a transform_attribute_t object to this object. * @@ -77,59 +77,59 @@ struct transform_substructure_t { */ void (*add_transform_attribute) (transform_substructure_t *this, transform_attribute_t *attribute); - + /** * Sets the next_payload field of this substructure - * + * * If this is the last transform, next payload field is set to 0, * otherwise to 3 * * @param is_last When TRUE, next payload field is set to 0, otherwise to 3 */ void (*set_is_last_transform) (transform_substructure_t *this, bool is_last); - + /** * Checks if this is the last transform. - * + * * @return TRUE if this is the last Transform, FALSE otherwise */ bool (*get_is_last_transform) (transform_substructure_t *this); - + /** * Sets transform type of the current transform substructure. * * @param type type value to set */ void (*set_transform_type) (transform_substructure_t *this, u_int8_t type); - + /** * get transform type of the current transform. - * + * * @return Transform type of current transform substructure. */ u_int8_t (*get_transform_type) (transform_substructure_t *this); - + /** * Sets transform id of the current transform substructure. * * @param id transform id to set */ void (*set_transform_id) (transform_substructure_t *this, u_int16_t id); - + /** * get transform id of the current transform. - * + * * @return Transform id of current transform substructure. */ u_int16_t (*get_transform_id) (transform_substructure_t *this); - + /** * get transform id of the current transform. - * - * @param key_length The key length is written to this location - * @return + * + * @param key_length The key length is written to this location + * @return * - SUCCESS if a key length attribute is contained - * - FAILED if no key length attribute is part of this + * - FAILED if no key length attribute is part of this * transform or key length uses more then 16 bit! */ status_t (*get_key_length) (transform_substructure_t *this, @@ -150,18 +150,18 @@ struct transform_substructure_t { /** * Creates an empty transform_substructure_t object. - * + * * @return created transform_substructure_t object */ transform_substructure_t *transform_substructure_create(void); /** * Creates an empty transform_substructure_t object. - * + * * The key length is used for the transport types ENCRYPTION_ALGORITHM, - * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all + * PSEUDO_RANDOM_FUNCTION, INTEGRITY_ALGORITHM. For all * other transport types the key_length parameter is not used - * + * * @param transform_type type of transform to create * @param transform_id transform id specifying the specific algorithm of a transform type * @param key_length Key length for key lenght attribute diff --git a/src/charon/encoding/payloads/ts_payload.c b/src/charon/encoding/payloads/ts_payload.c index 92ddc380f..6bf3e4293 100644 --- a/src/charon/encoding/payloads/ts_payload.c +++ b/src/charon/encoding/payloads/ts_payload.c @@ -25,19 +25,19 @@ typedef struct private_ts_payload_t private_ts_payload_t; /** * Private data of an ts_payload_t object. - * + * */ struct private_ts_payload_t { /** * Public ts_payload_t interface. */ ts_payload_t public; - + /** * TRUE if this TS payload is of type TSi, FALSE for TSr. */ bool is_initiator; - + /** * Next payload type. */ @@ -47,17 +47,17 @@ struct private_ts_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * Number of traffic selectors */ u_int8_t number_of_traffic_selectors; - + /** * Contains the traffic selectors of type traffic_selector_substructure_t. */ @@ -66,17 +66,17 @@ struct private_ts_payload_t { /** * Encoding rules to parse or generate a TS payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_ts_payload_t. - * + * */ encoding_rule_t ts_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_ts_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_ts_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -84,9 +84,9 @@ encoding_rule_t ts_payload_encodings[] = { { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, - /* Length of the whole payload*/ + /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_ts_payload_t, payload_length)}, - /* 1 Byte TS type*/ + /* 1 Byte TS type*/ { U_INT_8, offsetof(private_ts_payload_t, number_of_traffic_selectors) }, /* 3 reserved bytes */ { RESERVED_BYTE, 0 }, @@ -118,13 +118,13 @@ static status_t verify(private_ts_payload_t *this) iterator_t *iterator; payload_t *current_traffic_selector; status_t status = SUCCESS; - + if (this->number_of_traffic_selectors != (this->traffic_selectors->get_count(this->traffic_selectors))) { /* must be the same */ return FAILED; } - + iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); while(iterator->iterate(iterator, (void**)¤t_traffic_selector)) { @@ -135,7 +135,7 @@ static status_t verify(private_ts_payload_t *this) } } iterator->destroy(iterator); - + return status; } @@ -188,7 +188,7 @@ static void compute_length (private_ts_payload_t *this) size_t ts_count = 0; size_t length = TS_PAYLOAD_HEADER_LENGTH; payload_t *current_traffic_selector; - + iterator = this->traffic_selectors->create_iterator(this->traffic_selectors,TRUE); while (iterator->iterate(iterator, (void**)¤t_traffic_selector)) { @@ -196,9 +196,9 @@ static void compute_length (private_ts_payload_t *this) ts_count++; } iterator->destroy(iterator); - + this->number_of_traffic_selectors= ts_count; - this->payload_length = length; + this->payload_length = length; } /** @@ -252,7 +252,7 @@ static linked_list_t *get_traffic_selectors(private_ts_payload_t *this) iterator_t *iterator; traffic_selector_substructure_t *ts_substructure; linked_list_t *ts_list = linked_list_create(); - + iterator = this->traffic_selectors->create_iterator(this->traffic_selectors, TRUE); while (iterator->iterate(iterator, (void**)&ts_substructure)) { @@ -260,7 +260,7 @@ static linked_list_t *get_traffic_selectors(private_ts_payload_t *this) ts_list->insert_last(ts_list, (void*)ts); } iterator->destroy(iterator); - + return ts_list; } @@ -289,7 +289,7 @@ ts_payload_t *ts_payload_create(bool is_initiator) this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (ts_payload_t *)) destroy; this->public.get_initiator = (bool (*) (ts_payload_t *)) get_initiator; @@ -297,14 +297,14 @@ ts_payload_t *ts_payload_create(bool is_initiator) this->public.add_traffic_selector_substructure = (void (*) (ts_payload_t *,traffic_selector_substructure_t *)) add_traffic_selector_substructure; this->public.create_traffic_selector_substructure_iterator = (iterator_t* (*) (ts_payload_t *,bool)) create_traffic_selector_substructure_iterator; this->public.get_traffic_selectors = (linked_list_t *(*) (ts_payload_t *)) get_traffic_selectors; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length =TS_PAYLOAD_HEADER_LENGTH; this->is_initiator = is_initiator; this->number_of_traffic_selectors = 0; - this->traffic_selectors = linked_list_create(); + this->traffic_selectors = linked_list_create(); return &(this->public); } @@ -318,9 +318,9 @@ ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, linked traffic_selector_t *ts; traffic_selector_substructure_t *ts_substructure; private_ts_payload_t *this; - + this = (private_ts_payload_t*)ts_payload_create(is_initiator); - + iterator = traffic_selectors->create_iterator(traffic_selectors, TRUE); while (iterator->iterate(iterator, (void**)&ts)) { @@ -328,7 +328,7 @@ ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, linked this->public.add_traffic_selector_substructure(&(this->public), ts_substructure); } iterator->destroy(iterator); - + return &(this->public); } diff --git a/src/charon/encoding/payloads/ts_payload.h b/src/charon/encoding/payloads/ts_payload.h index 3c8a6d595..d322ff1a8 100644 --- a/src/charon/encoding/payloads/ts_payload.h +++ b/src/charon/encoding/payloads/ts_payload.h @@ -27,7 +27,7 @@ typedef struct ts_payload_t ts_payload_t; #include <library.h> #include <utils/linked_list.h> -#include <config/traffic_selector.h> +#include <selectors/traffic_selector.h> #include <encoding/payloads/payload.h> #include <encoding/payloads/traffic_selector_substructure.h> @@ -47,7 +47,7 @@ struct ts_payload_t { * The payload_t interface. */ payload_t payload_interface; - + /** * Get the type of TSpayload (TSi or TSr). * @@ -56,16 +56,16 @@ struct ts_payload_t { * - FALSE if this payload is of type TSr */ bool (*get_initiator) (ts_payload_t *this); - + /** * Set the type of TS payload (TSi or TSr). * - * @param is_initiator + * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr */ void (*set_initiator) (ts_payload_t *this,bool is_initiator); - + /** * Adds a traffic_selector_substructure_t object to this object. * @@ -73,12 +73,12 @@ struct ts_payload_t { */ void (*add_traffic_selector_substructure) (ts_payload_t *this, traffic_selector_substructure_t *traffic_selector); - + /** * Creates an iterator of stored traffic_selector_substructure_t objects. - * - * When removing an traffic_selector_substructure_t object - * using this iterator, the length of this payload + * + * When removing an traffic_selector_substructure_t object + * using this iterator, the length of this payload * has to get refreshed by calling payload_t.get_length! * * @param forward iterator direction (TRUE: front to end) @@ -86,10 +86,10 @@ struct ts_payload_t { */ iterator_t *(*create_traffic_selector_substructure_iterator) ( ts_payload_t *this, bool forward); - + /** * Get a list of nested traffic selectors as traffic_selector_t. - * + * * Resulting list and its traffic selectors must be destroyed after usage * * @return list of traffic selectors @@ -104,8 +104,8 @@ struct ts_payload_t { /** * Creates an empty ts_payload_t object. - * - * @param is_initiator + * + * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr * @return ts_payload_t object @@ -114,14 +114,14 @@ ts_payload_t *ts_payload_create(bool is_initiator); /** * Creates ts_payload with a list of traffic_selector_t - * - * @param is_initiator + * + * @param is_initiator * - TRUE if this payload is of type TSi * - FALSE if this payload is of type TSr * @param traffic_selectors list of traffic selectors to include * @return ts_payload_t object */ -ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, +ts_payload_t *ts_payload_create_from_traffic_selectors(bool is_initiator, linked_list_t *traffic_selectors); #endif /** TS_PAYLOAD_H_ @}*/ diff --git a/src/charon/encoding/payloads/unknown_payload.c b/src/charon/encoding/payloads/unknown_payload.c index 309663233..dd5547dc3 100644 --- a/src/charon/encoding/payloads/unknown_payload.c +++ b/src/charon/encoding/payloads/unknown_payload.c @@ -26,12 +26,12 @@ typedef struct private_unknown_payload_t private_unknown_payload_t; * Private data of an unknown_payload_t object. */ struct private_unknown_payload_t { - + /** * Public unknown_payload_t interface. */ unknown_payload_t public; - + /** * Next payload type. */ @@ -41,12 +41,12 @@ struct private_unknown_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** * The contained data. */ @@ -55,17 +55,17 @@ struct private_unknown_payload_t { /** * Encoding rules to parse an payload which is not further specified. - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_unknown_payload_t. - * + * */ encoding_rule_t unknown_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_unknown_payload_t, next_payload)}, /* the critical bit */ { FLAG, offsetof(private_unknown_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -146,7 +146,7 @@ static size_t get_length(private_unknown_payload_t *this) */ static bool is_critical(private_unknown_payload_t *this) { - return this->critical; + return this->critical; } /** @@ -166,8 +166,8 @@ static void destroy(private_unknown_payload_t *this) { chunk_free(&(this->data)); } - - free(this); + + free(this); } /* @@ -185,12 +185,12 @@ unknown_payload_t *unknown_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - + /* public functions */ this->public.destroy = (void (*) (unknown_payload_t *)) destroy; this->public.is_critical = (bool (*) (unknown_payload_t *)) is_critical; this->public.get_data = (chunk_t (*) (unknown_payload_t *)) get_data; - + /* private variables */ this->critical = FALSE; this->next_payload = NO_PAYLOAD; diff --git a/src/charon/encoding/payloads/unknown_payload.h b/src/charon/encoding/payloads/unknown_payload.h index 44b6e1a71..c761ed2b6 100644 --- a/src/charon/encoding/payloads/unknown_payload.h +++ b/src/charon/encoding/payloads/unknown_payload.h @@ -40,29 +40,29 @@ typedef struct unknown_payload_t unknown_payload_t; * a check for the critical bit in the header. */ struct unknown_payload_t { - + /** * The payload_t interface. */ payload_t payload_interface; - + /** - * Get the raw data of this payload, without + * Get the raw data of this payload, without * the generic payload header. - * + * * Returned data are NOT copied and must not be freed. * * @return data as chunk_t */ chunk_t (*get_data) (unknown_payload_t *this); - + /** * Get the critical flag. * * @return TRUE if payload is critical, FALSE if not */ bool (*is_critical) (unknown_payload_t *this); - + /** * Destroys an unknown_payload_t object. */ @@ -71,7 +71,7 @@ struct unknown_payload_t { /** * Creates an empty unknown_payload_t object. - * + * * @return unknown_payload_t object */ unknown_payload_t *unknown_payload_create(void); diff --git a/src/charon/encoding/payloads/vendor_id_payload.c b/src/charon/encoding/payloads/vendor_id_payload.c index 52d9e12a5..bf33d2418 100644 --- a/src/charon/encoding/payloads/vendor_id_payload.c +++ b/src/charon/encoding/payloads/vendor_id_payload.c @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -18,19 +18,18 @@ #include "vendor_id_payload.h" - typedef struct private_vendor_id_payload_t private_vendor_id_payload_t; /** * Private data of an vendor_id_payload_t object. - * */ struct private_vendor_id_payload_t { + /** * Public vendor_id_payload_t interface. */ vendor_id_payload_t public; - + /** * Next payload type. */ @@ -40,31 +39,30 @@ struct private_vendor_id_payload_t { * Critical flag. */ bool critical; - + /** * Length of this payload. */ u_int16_t payload_length; - + /** - * The contained vendor_id data value. + * The contained data. */ - chunk_t vendor_id_data; + chunk_t data; }; /** * Encoding rules to parse or generate a VENDOR ID payload - * - * The defined offsets are the positions in a object of type + * + * The defined offsets are the positions in a object of type * private_vendor_id_payload_t. - * */ encoding_rule_t vendor_id_payload_encodings[] = { - /* 1 Byte next payload type, stored in the field next_payload */ + /* 1 Byte next payload type, stored in the field next_payload */ { U_INT_8, offsetof(private_vendor_id_payload_t, next_payload) }, /* the critical bit */ { FLAG, offsetof(private_vendor_id_payload_t, critical) }, - /* 7 Bit reserved bits, nowhere stored */ + /* 7 Bit reserved bits, nowhere stored */ { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, { RESERVED_BIT, 0 }, @@ -75,7 +73,7 @@ encoding_rule_t vendor_id_payload_encodings[] = { /* Length of the whole payload*/ { PAYLOAD_LENGTH, offsetof(private_vendor_id_payload_t, payload_length)}, /* some vendor_id data bytes, length is defined in PAYLOAD_LENGTH */ - { VID_DATA, offsetof(private_vendor_id_payload_t, vendor_id_data) } + { VID_DATA, offsetof(private_vendor_id_payload_t, data) } }; /* @@ -101,7 +99,8 @@ static status_t verify(private_vendor_id_payload_t *this) /** * Implementation of vendor_id_payload_t.get_encoding_rules. */ -static void get_encoding_rules(private_vendor_id_payload_t *this, encoding_rule_t **rules, size_t *rule_count) +static void get_encoding_rules(private_vendor_id_payload_t *this, + encoding_rule_t **rules, size_t *rule_count) { *rules = vendor_id_payload_encodings; *rule_count = sizeof(vendor_id_payload_encodings) / sizeof(encoding_rule_t); @@ -120,7 +119,7 @@ static payload_type_t get_payload_type(private_vendor_id_payload_t *this) */ static payload_type_t get_next_type(private_vendor_id_payload_t *this) { - return (this->next_payload); + return this->next_payload; } /** @@ -140,40 +139,11 @@ static size_t get_length(private_vendor_id_payload_t *this) } /** - * Implementation of vendor_id_payload_t.set_data. - */ -static void set_data (private_vendor_id_payload_t *this, chunk_t data) -{ - if (this->vendor_id_data.ptr != NULL) - { - chunk_free(&(this->vendor_id_data)); - } - this->vendor_id_data.ptr = clalloc(data.ptr,data.len); - this->vendor_id_data.len = data.len; - this->payload_length = VENDOR_ID_PAYLOAD_HEADER_LENGTH + this->vendor_id_data.len; -} - -/** * Implementation of vendor_id_payload_t.get_data. */ -static chunk_t get_data (private_vendor_id_payload_t *this) -{ - return (this->vendor_id_data); -} - -/** - * Implementation of vendor_id_payload_t.get_data_clone. - */ -static chunk_t get_data_clone (private_vendor_id_payload_t *this) +static chunk_t get_data(private_vendor_id_payload_t *this) { - chunk_t cloned_data; - if (this->vendor_id_data.ptr == NULL) - { - return (this->vendor_id_data); - } - cloned_data.ptr = clalloc(this->vendor_id_data.ptr,this->vendor_id_data.len); - cloned_data.len = this->vendor_id_data.len; - return cloned_data; + return this->data; } /** @@ -181,11 +151,8 @@ static chunk_t get_data_clone (private_vendor_id_payload_t *this) */ static void destroy(private_vendor_id_payload_t *this) { - if (this->vendor_id_data.ptr != NULL) - { - chunk_free(&(this->vendor_id_data)); - } - free(this); + free(this->data.ptr); + free(this); } /* @@ -195,7 +162,6 @@ vendor_id_payload_t *vendor_id_payload_create() { private_vendor_id_payload_t *this = malloc_thing(private_vendor_id_payload_t); - /* interface functions */ this->public.payload_interface.verify = (status_t (*) (payload_t *))verify; this->public.payload_interface.get_encoding_rules = (void (*) (payload_t *, encoding_rule_t **, size_t *) ) get_encoding_rules; this->public.payload_interface.get_length = (size_t (*) (payload_t *)) get_length; @@ -203,18 +169,27 @@ vendor_id_payload_t *vendor_id_payload_create() this->public.payload_interface.set_next_type = (void (*) (payload_t *,payload_type_t)) set_next_type; this->public.payload_interface.get_type = (payload_type_t (*) (payload_t *)) get_payload_type; this->public.payload_interface.destroy = (void (*) (payload_t *))destroy; - - /* public functions */ - this->public.destroy = (void (*) (vendor_id_payload_t *)) destroy; - this->public.set_data = (void (*) (vendor_id_payload_t *,chunk_t)) set_data; - this->public.get_data_clone = (chunk_t (*) (vendor_id_payload_t *)) get_data_clone; this->public.get_data = (chunk_t (*) (vendor_id_payload_t *)) get_data; - - /* private variables */ + this->critical = FALSE; this->next_payload = NO_PAYLOAD; this->payload_length = VENDOR_ID_PAYLOAD_HEADER_LENGTH; - this->vendor_id_data = chunk_empty; + this->data = chunk_empty; - return (&(this->public)); + return &this->public; } + +/* + * Described in header + */ +vendor_id_payload_t *vendor_id_payload_create_data(chunk_t data) +{ + private_vendor_id_payload_t *this; + + this = (private_vendor_id_payload_t*)vendor_id_payload_create(); + this->payload_length += data.len; + this->data = data; + + return &this->public; +} + diff --git a/src/charon/encoding/payloads/vendor_id_payload.h b/src/charon/encoding/payloads/vendor_id_payload.h index 9ee9ea1d4..241535cac 100644 --- a/src/charon/encoding/payloads/vendor_id_payload.h +++ b/src/charon/encoding/payloads/vendor_id_payload.h @@ -1,5 +1,5 @@ /* - * Copyright (C) 2005-2006 Martin Willi + * Copyright (C) 2005-2009 Martin Willi * Copyright (C) 2005 Jan Hutter * Hochschule fuer Technik Rapperswil * @@ -32,56 +32,39 @@ typedef struct vendor_id_payload_t vendor_id_payload_t; */ #define VENDOR_ID_PAYLOAD_HEADER_LENGTH 4 - /** * Class representing an IKEv2 VENDOR ID payload. * * The VENDOR ID payload format is described in RFC section 3.12. */ struct vendor_id_payload_t { + /** * The payload_t interface. */ payload_t payload_interface; /** - * Set the VID data. - * - * Data are getting cloned. - * - * @param data VID data as chunk_t - */ - void (*set_data) (vendor_id_payload_t *this, chunk_t data); - - /** - * Get the VID data. - * - * Returned data are a copy of the internal one. - * - * @return VID data as chunk_t - */ - chunk_t (*get_data_clone) (vendor_id_payload_t *this); - - /** * Get the VID data. - * - * Returned data are NOT copied. * - * @return VID data as chunk_t - */ - chunk_t (*get_data) (vendor_id_payload_t *this); - - /** - * Destroys an vendor_id_payload_t object. + * @return VID data, pointing to an internal chunk_t */ - void (*destroy) (vendor_id_payload_t *this); + chunk_t (*get_data)(vendor_id_payload_t *this); }; /** - * Creates an empty vendor_id_payload_t object. - * - * @return vendor_id_payload_t object + * Creates an empty Vendor ID payload. + * + * @return vendor ID payload + */ +vendor_id_payload_t *vendor_id_payload_create(); + +/** + * Creates a vendor ID payload using a chunk of data + * + * @param data data to use in vendor ID payload, gets owned by payload + * @return vendor ID payload */ -vendor_id_payload_t *vendor_id_payload_create(void); +vendor_id_payload_t *vendor_id_payload_create_data(chunk_t data); #endif /** VENDOR_ID_PAYLOAD_H_ @}*/ |