From b8358936aa7f0bbd662879209b7a1c05ca01cdc6 Mon Sep 17 00:00:00 2001 From: Tobias Brunner Date: Fri, 3 Apr 2020 15:10:40 +0200 Subject: [PATCH] message: Add rules for IKE_FOLLOWUP_KE exchanges --- src/libcharon/encoding/message.c | 48 ++++++++++++++++++++++++++++++++ 1 file changed, 48 insertions(+) diff --git a/src/libcharon/encoding/message.c b/src/libcharon/encoding/message.c index 1e750370a9..1876d992e0 100644 --- a/src/libcharon/encoding/message.c +++ b/src/libcharon/encoding/message.c @@ -440,6 +440,46 @@ static payload_order_t ike_intermediate_r_order[] = { {PLV2_FRAGMENT, 0}, }; +/** + * Message rule for IKE_FOLLOWUP_KE from initiator. + */ +static payload_rule_t ike_followup_ke_i_rules[] = { +/* payload type min max encr suff */ + {PLV2_FRAGMENT, 0, 1, TRUE, TRUE}, + {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, FALSE}, + {PLV2_KEY_EXCHANGE, 1, 1, TRUE, FALSE}, +}; + +/** + * payload order for IKE_FOLLOWUP_KE initiator + */ +static payload_order_t ike_followup_ke_i_order[] = { +/* payload type notify type */ + {PLV2_KEY_EXCHANGE, 0}, + {PLV2_NOTIFY, 0}, + {PLV2_FRAGMENT, 0}, +}; + +/** + * Message rule for IKE_FOLLOWUP_KE from responder. + */ +static payload_rule_t ike_followup_ke_r_rules[] = { +/* payload type min max encr suff */ + {PLV2_FRAGMENT, 0, 1, TRUE, TRUE}, + {PLV2_NOTIFY, 0, MAX_NOTIFY_PAYLOADS, TRUE, TRUE}, + {PLV2_KEY_EXCHANGE, 1, 1, TRUE, FALSE}, +}; + +/** + * payload order for IKE_FOLLOWUP_KE responder + */ +static payload_order_t ike_followup_ke_r_order[] = { +/* payload type notify type */ + {PLV2_KEY_EXCHANGE, 0}, + {PLV2_NOTIFY, 0}, + {PLV2_FRAGMENT, 0}, +}; + #ifdef ME /** * Message rule for ME_CONNECT from initiator. @@ -815,6 +855,14 @@ static message_rule_t message_rules[] = { countof(ike_intermediate_r_rules), ike_intermediate_r_rules, countof(ike_intermediate_r_order), ike_intermediate_r_order, }, + {IKE_FOLLOWUP_KE, TRUE, TRUE, + countof(ike_followup_ke_i_rules), ike_followup_ke_i_rules, + countof(ike_followup_ke_i_order), ike_followup_ke_i_order, + }, + {IKE_FOLLOWUP_KE, FALSE, TRUE, + countof(ike_followup_ke_r_rules), ike_followup_ke_r_rules, + countof(ike_followup_ke_r_order), ike_followup_ke_r_order, + }, #ifdef ME {ME_CONNECT, TRUE, TRUE, countof(me_connect_i_rules), me_connect_i_rules,