IKEv1 XAUTH: Added ability to configure XAUTH+PSK. Added task to handle XAUTH reques...
[strongswan.git] / src / libcharon / sa / tasks / ike_vendor.c
1 /*
2 * Copyright (C) 2009 Martin Willi
3 * Hochschule fuer Technik Rapperswil
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "ike_vendor.h"
17
18 #include <daemon.h>
19 #include <encoding/payloads/vendor_id_payload.h>
20
21 typedef struct private_ike_vendor_t private_ike_vendor_t;
22
23 /**
24 * Private data of an ike_vendor_t object.
25 */
26 struct private_ike_vendor_t {
27
28 /**
29 * Public ike_vendor_t interface.
30 */
31 ike_vendor_t public;
32
33 /**
34 * Associated IKE_SA
35 */
36 ike_sa_t *ike_sa;
37
38 /**
39 * Are we the inititator of this task
40 */
41 bool initiator;
42 };
43
44 /**
45 * strongSwan specific vendor ID without version, MD5("strongSwan")
46 */
47 static chunk_t strongswan_vid = chunk_from_chars(
48 0x88,0x2f,0xe5,0x6d,0x6f,0xd2,0x0d,0xbc,
49 0x22,0x51,0x61,0x3b,0x2e,0xbe,0x5b,0xeb
50 );
51
52 static chunk_t xauth6_vid = chunk_from_chars(
53 0x09,0x00,0x26,0x89,0xdf,0xd6,0xb7,0x12
54 );
55
56 METHOD(task_t, build, status_t,
57 private_ike_vendor_t *this, message_t *message)
58 {
59 if (lib->settings->get_bool(lib->settings,
60 "charon.send_vendor_id", FALSE))
61 {
62 vendor_id_payload_t *vid;
63
64 vid = vendor_id_payload_create_data(VENDOR_ID,
65 chunk_clone(strongswan_vid));
66 message->add_payload(message, &vid->payload_interface);
67
68 vid = vendor_id_payload_create_data(VENDOR_ID,
69 chunk_clone(xauth6_vid));
70 message->add_payload(message, &vid->payload_interface);
71
72 }
73
74 return this->initiator ? NEED_MORE : SUCCESS;
75 }
76
77 METHOD(task_t, process, status_t,
78 private_ike_vendor_t *this, message_t *message)
79 {
80 enumerator_t *enumerator;
81 payload_t *payload;
82
83 enumerator = message->create_payload_enumerator(message);
84 while (enumerator->enumerate(enumerator, &payload))
85 {
86 if (payload->get_type(payload) == VENDOR_ID)
87 {
88 vendor_id_payload_t *vid;
89 chunk_t data;
90
91 vid = (vendor_id_payload_t*)payload;
92 data = vid->get_data(vid);
93
94 if (chunk_equals(data, strongswan_vid))
95 {
96 DBG1(DBG_IKE, "received strongSwan vendor id");
97 this->ike_sa->enable_extension(this->ike_sa, EXT_STRONGSWAN);
98 }
99 else
100 {
101 DBG1(DBG_ENC, "received unknown vendor id: %#B", &data);
102 }
103 }
104
105 if (payload->get_type(payload) == VENDOR_ID_V1)
106 {
107 vendor_id_payload_t *vid;
108 chunk_t data;
109
110 vid = (vendor_id_payload_t*)payload;
111 data = vid->get_data(vid);
112
113 if (chunk_equals(data, xauth6_vid))
114 {
115 DBG1(DBG_IKE, "received XAuth vendor id");
116 this->ike_sa->enable_extension(this->ike_sa, EXT_XAUTH);
117 }
118 else
119 {
120 DBG1(DBG_ENC, "received unknown vendor id: %#B", &data);
121 }
122 }
123 }
124 enumerator->destroy(enumerator);
125
126 return this->initiator ? SUCCESS : NEED_MORE;
127 }
128
129 METHOD(task_t, migrate, void,
130 private_ike_vendor_t *this, ike_sa_t *ike_sa)
131 {
132 this->ike_sa = ike_sa;
133 }
134
135 METHOD(task_t, get_type, task_type_t,
136 private_ike_vendor_t *this)
137 {
138 return TASK_IKE_VENDOR;
139 }
140
141 METHOD(task_t, destroy, void,
142 private_ike_vendor_t *this)
143 {
144 free(this);
145 }
146
147 /**
148 * See header
149 */
150 ike_vendor_t *ike_vendor_create(ike_sa_t *ike_sa, bool initiator)
151 {
152 private_ike_vendor_t *this;
153
154 INIT(this,
155 .public = {
156 .task = {
157 .build = _build,
158 .process = _process,
159 .migrate = _migrate,
160 .get_type = _get_type,
161 .destroy = _destroy,
162 },
163 },
164 .initiator = initiator,
165 .ike_sa = ike_sa,
166 );
167
168 return &this->public;
169 }
170