sharpetronics/strongswan
1
0
Fork 0
mirror of https://github.com/strongswan/strongswan.git synced 2025-10-05 00:00:45 -04:00
Code Issues Projects Releases Wiki Activity

message: Add rules for IKE_INTERMEDIATE exchanges

Browse Source
This commit is contained in:
Tobias Brunner 2019-10-25 14:40:35 +02:00 committed by Andreas Steffen
parent 5f724cd2d4
commit a6c2589402
1 changed files with 49 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
src/libcharon/encoding/message.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (C) 2006-2018 Tobias Brunner
* Copyright (C) 2006-2020 Tobias Brunner
* Copyright (C) 2005-2010 Martin Willi
* Copyright (C) 2010 revosec AG
* Copyright (C) 2006 Daniel Roethlisberger
@ -400,6 +400,46 @@ static payload_order_t create_child_sa_r_order[] = {
{PLV2_FRAGMENT, 0},
};
/**
* Message rule for IKE_INTERMEDIATE from initiator.
*/
static payload_rule_t ike_intermediate_i_rules[] = {
/* payload type min max encr suff */
{PLV2_FRAGMENT, 0, 1, TRUE, TRUE},
{PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE},
{PLV2_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
};
/**
* payload order for IKE_INTERMEDIATE initiator
*/
static payload_order_t ike_intermediate_i_order[] = {
/* payload type notify type */
{PLV2_KEY_EXCHANGE, 0},
{PLV2_NOTIFY, 0},
{PLV2_FRAGMENT, 0},
};
/**
* Message rule for IKE_INTERMEDIATE from responder.
*/
static payload_rule_t ike_intermediate_r_rules[] = {
/* payload type min max encr suff */
{PLV2_FRAGMENT, 0, 1, TRUE, TRUE},
{PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE},
{PLV2_KEY_EXCHANGE, 0, 1, TRUE, FALSE},
};
/**
* payload order for IKE_INTERMEDIATE responder
*/
static payload_order_t ike_intermediate_r_order[] = {
/* payload type notify type */
{PLV2_KEY_EXCHANGE, 0},
{PLV2_NOTIFY, 0},
{PLV2_FRAGMENT, 0},
};
#ifdef ME
/**
* Message rule for ME_CONNECT from initiator.
@ -767,6 +807,14 @@ static message_rule_t message_rules[] = {
countof(create_child_sa_r_rules), create_child_sa_r_rules,
countof(create_child_sa_r_order), create_child_sa_r_order,
},
{IKE_INTERMEDIATE, TRUE, TRUE,
countof(ike_intermediate_i_rules), ike_intermediate_i_rules,
countof(ike_intermediate_i_order), ike_intermediate_i_order,
},
{IKE_INTERMEDIATE, FALSE, TRUE,
countof(ike_intermediate_r_rules), ike_intermediate_r_rules,
countof(ike_intermediate_r_order), ike_intermediate_r_order,
},
#ifdef ME
{ME_CONNECT, TRUE, TRUE,
countof(me_connect_i_rules), me_connect_i_rules,