Merged IKEv1 attribute payload/data into configuration payload/attribute
authorMartin Willi <martin@revosec.ch>
Wed, 23 Nov 2011 10:26:04 +0000 (11:26 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:30:49 +0000 (17:30 +0100)
14 files changed:
src/libcharon/Makefile.am
src/libcharon/encoding/message.c
src/libcharon/encoding/payloads/attribute_payload_v1.c [deleted file]
src/libcharon/encoding/payloads/attribute_payload_v1.h [deleted file]
src/libcharon/encoding/payloads/configuration_attribute.c
src/libcharon/encoding/payloads/configuration_attribute.h
src/libcharon/encoding/payloads/cp_payload.c
src/libcharon/encoding/payloads/cp_payload.h
src/libcharon/encoding/payloads/data_attribute_v1.c [deleted file]
src/libcharon/encoding/payloads/data_attribute_v1.h [deleted file]
src/libcharon/encoding/payloads/payload.c
src/libcharon/encoding/payloads/payload.h
src/libcharon/sa/tasks/ike_config.c
src/libcharon/sa/tasks/xauth_request.c

index 2bead3b..a813e97 100644 (file)
@@ -15,13 +15,11 @@ daemon.c daemon.h \
 encoding/generator.c encoding/generator.h \
 encoding/message.c encoding/message.h \
 encoding/parser.c encoding/parser.h \
-encoding/payloads/attribute_payload_v1.c encoding/payloads/attribute_payload_v1.h \
 encoding/payloads/auth_payload.c encoding/payloads/auth_payload.h \
 encoding/payloads/cert_payload.c encoding/payloads/cert_payload.h \
 encoding/payloads/certreq_payload.c encoding/payloads/certreq_payload.h \
 encoding/payloads/configuration_attribute.c encoding/payloads/configuration_attribute.h \
 encoding/payloads/cp_payload.c encoding/payloads/cp_payload.h \
-encoding/payloads/data_attribute_v1.c encoding/payloads/data_attribute_v1.h \
 encoding/payloads/delete_payload.c encoding/payloads/delete_payload.h \
 encoding/payloads/eap_payload.c encoding/payloads/eap_payload.h \
 encoding/payloads/encodings.c encoding/payloads/encodings.h \
index e84f9a1..032fc1b 100644 (file)
@@ -635,9 +635,9 @@ static payload_order_t quick_mode_r_order[] = {
  * Message rule for TRANSACTION.
  */
 static payload_rule_t transaction_payload_rules_v1[] = {
-/*     payload type                    min     max     encr    suff */
-       {HASH_V1,                       0,      1,      TRUE,   FALSE},
-       {ATTRIBUTE_V1,                  1,      1,      FALSE,  FALSE},
+/*     payload type                            min     max     encr    suff */
+       {HASH_V1,                                       0,      1,      TRUE,   FALSE},
+       {CONFIGURATION_V1,                      1,      1,      FALSE,  FALSE},
 };
 
 /**
@@ -645,8 +645,8 @@ static payload_rule_t transaction_payload_rules_v1[] = {
  */
 static payload_order_t transaction_payload_order_v1[] = {
 /*     payload type                    notify type */
-       {HASH_V1,                       0},
-       {ATTRIBUTE_V1,                  0},
+       {HASH_V1,                                       0},
+       {CONFIGURATION_V1,                      0},
 };
 
 #endif /* USE_IKEV1 */
diff --git a/src/libcharon/encoding/payloads/attribute_payload_v1.c b/src/libcharon/encoding/payloads/attribute_payload_v1.c
deleted file mode 100644 (file)
index 3aa0bc3..0000000
+++ /dev/null
@@ -1,231 +0,0 @@
-
-#include <stddef.h>
-
-#include "attribute_payload_v1.h"
-
-#include <encoding/payloads/encodings.h>
-#include <utils/linked_list.h>
-
-ENUM(config_type_v1_names, ISAKMP_CFG_REQUEST, ISAKMP_CFG_ACK,
-       "ISAKMP_CFG_REQUEST",
-       "ISAKMP_CFG_REPLY",
-       "ISAKMP_CFG_SET",
-       "ISAKMP_CFG_ACK",
-);
-
-typedef struct private_attribute_payload_v1_t private_attribute_payload_v1_t;
-
-/**
- * Private data of an attribute_payload_v1_t object.
- */
-struct private_attribute_payload_v1_t {
-
-       /**
-        * Public cp_payload_t interface.
-        */
-       attribute_payload_v1_t public;
-
-       /**
-        * Next payload type.
-        */
-       u_int8_t  next_payload;
-
-       /**
-        * Length of this payload.
-        */
-       u_int16_t payload_length;
-
-       /**
-        * List of attributes, as configuration_attribute_t
-        */
-       linked_list_t *attributes;
-
-       /**
-        * Reserved bytes
-        */
-       u_int8_t reserved_byte[2];
-
-       /**
-        * Identifier
-        */
-       u_int16_t identifier;
-
-       /**
-        * Config Type.
-        */
-       u_int8_t type;
-};
-
-/**
- * Encoding rules to parse or generate a IKEv2-CP Payload
- *
- * The defined offsets are the positions in a object of type
- * private_attribute_payload_v1_t.
- */
-encoding_rule_t attribute_payload_v1_encodings[] = {
-       /* 1 Byte next payload type, stored in the field next_payload */
-       { U_INT_8,                                      offsetof(private_attribute_payload_v1_t, next_payload)  },
-       /* reserved byte */
-       { RESERVED_BYTE,                                offsetof(private_attribute_payload_v1_t, reserved_byte[0])      },
-       /* Length of the whole Attribute payload*/
-       { PAYLOAD_LENGTH,                       offsetof(private_attribute_payload_v1_t, payload_length)        },
-       /* Config type */
-       { U_INT_8,                                      offsetof(private_attribute_payload_v1_t, type)                  },
-       /* 3 reserved bytes */
-       { RESERVED_BYTE,                        offsetof(private_attribute_payload_v1_t, reserved_byte[1])},
-
-       /* Identifier */
-       { U_INT_16,                             offsetof(private_attribute_payload_v1_t, identifier)},
-
-       /* List of configuration attributes */
-       { PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE,       offsetof(private_attribute_payload_v1_t, attributes)            }
-};
-
-/*
-                           1                   2                   3
-       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      ! Next Payload  !   RESERVED    !         Payload Length        !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !   CFG Type    !   RESERVED    !           Identifier          !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !                                                               !
-      ~                   Configuration Attributes                    ~
-      !                                                               !
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-*/
-
-METHOD(payload_t, verify, status_t,
-       private_attribute_payload_v1_t *this)
-{
-       status_t status = SUCCESS;
-       enumerator_t *enumerator;
-       payload_t *attribute;
-
-       enumerator = this->attributes->create_enumerator(this->attributes);
-       while (enumerator->enumerate(enumerator, &attribute))
-       {
-               status = attribute->verify(attribute);
-               if (status != SUCCESS)
-               {
-                       break;
-               }
-       }
-       enumerator->destroy(enumerator);
-       return status;
-}
-
-METHOD(payload_t, get_encoding_rules, void,
-       private_attribute_payload_v1_t *this, encoding_rule_t **rules, size_t *rule_count)
-{
-       *rules = attribute_payload_v1_encodings;
-       *rule_count = countof(attribute_payload_v1_encodings);
-}
-
-METHOD(payload_t, get_type, payload_type_t,
-       private_attribute_payload_v1_t *this)
-{
-       return ATTRIBUTE_V1;
-}
-
-METHOD(payload_t, get_next_type, payload_type_t,
-       private_attribute_payload_v1_t *this)
-{
-       return this->next_payload;
-}
-
-METHOD(payload_t, set_next_type, void,
-       private_attribute_payload_v1_t *this,payload_type_t type)
-{
-       this->next_payload = type;
-}
-
-/**
- * recompute the length of the payload.
- */
-static void compute_length(private_attribute_payload_v1_t *this)
-{
-       enumerator_t *enumerator;
-       payload_t *attribute;
-
-       this->payload_length = ATTRIBUTE_PAYLOAD_V1_HEADER_LENGTH;
-
-       enumerator = this->attributes->create_enumerator(this->attributes);
-       while (enumerator->enumerate(enumerator, &attribute))
-       {
-               this->payload_length += attribute->get_length(attribute);
-       }
-       enumerator->destroy(enumerator);
-}
-
-METHOD(payload_t, get_length, size_t,
-       private_attribute_payload_v1_t *this)
-{
-       return this->payload_length;
-}
-
-METHOD(attribute_payload_v1_t, create_attribute_enumerator, enumerator_t*,
-       private_attribute_payload_v1_t *this)
-{
-       return this->attributes->create_enumerator(this->attributes);
-}
-
-METHOD(attribute_payload_v1_t, add_attribute, void,
-       private_attribute_payload_v1_t *this, data_attribute_v1_t *attribute)
-{
-       this->attributes->insert_last(this->attributes, attribute);
-       compute_length(this);
-}
-
-METHOD(attribute_payload_v1_t, get_config_type, config_type_v1_t,
-       private_attribute_payload_v1_t *this)
-{
-       return this->type;
-}
-
-METHOD2(payload_t, attribute_payload_v1_t, destroy, void,
-       private_attribute_payload_v1_t *this)
-{
-       this->attributes->destroy_offset(this->attributes,
-                                                               offsetof(data_attribute_v1_t, destroy));
-       free(this);
-}
-
-/*
- * Described in header.
- */
-attribute_payload_v1_t *attribute_payload_v1_create_type(config_type_v1_t type)
-{
-       private_attribute_payload_v1_t *this;
-
-       INIT(this,
-               .public = {
-                       .payload_interface = {
-                               .verify = _verify,
-                               .get_encoding_rules = _get_encoding_rules,
-                               .get_length = _get_length,
-                               .get_next_type = _get_next_type,
-                               .set_next_type = _set_next_type,
-                               .get_type = _get_type,
-                               .destroy = _destroy,
-                       },
-                       .create_attribute_enumerator = _create_attribute_enumerator,
-                       .add_attribute = _add_attribute,
-                       .get_type = _get_config_type,
-                       .destroy = _destroy,
-               },
-               .next_payload = NO_PAYLOAD,
-               .payload_length = ATTRIBUTE_PAYLOAD_V1_HEADER_LENGTH,
-               .attributes = linked_list_create(),
-               .type = type,
-       );
-       return &this->public;
-}
-
-/*
- * Described in header.
- */
-attribute_payload_v1_t *attribute_payload_v1_create()
-{
-       return attribute_payload_v1_create_type(ISAKMP_CFG_REQUEST);
-}
diff --git a/src/libcharon/encoding/payloads/attribute_payload_v1.h b/src/libcharon/encoding/payloads/attribute_payload_v1.h
deleted file mode 100644 (file)
index d59d998..0000000
+++ /dev/null
@@ -1,93 +0,0 @@
-
-/**
- * @defgroup attribute_payload_v1 attribute_payload_v1
- * @{ @ingroup payloads
- */
-
-#ifndef ATTRIBUTE_PAYLOAD_V1_H_
-#define ATTRIBUTE_PAYLOAD_V1_H_
-
-typedef enum config_type_v1_t config_type_v1_t;
-typedef struct attribute_payload_v1_t attribute_payload_v1_t;
-
-#include <library.h>
-#include <encoding/payloads/payload.h>
-#include <encoding/payloads/data_attribute_v1.h>
-#include <utils/enumerator.h>
-
-/**
- * ATTRIBUTE_PAYLOAD_V1 length in bytes without any proposal substructure.
- */
-#define ATTRIBUTE_PAYLOAD_V1_HEADER_LENGTH 8
-
-/**
- * Config Type of an Attribute Payload.
- */
-enum config_type_v1_t {
-       ISAKMP_CFG_REQUEST = 1,
-       ISAKMP_CFG_REPLY = 2,
-       ISAKMP_CFG_SET = 3,
-       ISAKMP_CFG_ACK = 4,
-};
-
-/**
- * enum name for config_type_v1_t.
- */
-extern enum_name_t *config_type_v1_names;
-
-/**
- * Class representing an ISAKMP Config Mode Attribute Payload.
- *
- * The Attribute Payload format is described in draft-ietf-ipsec-isakmp-mode-cfg-o5.txt section 3.2.
- */
-struct attribute_payload_v1_t {
-
-       /**
-        * The payload_t interface.
-        */
-       payload_t payload_interface;
-
-       /**
-        * Creates an enumerator of stored data_attribute_v1_t objects.
-        *
-        * @return                      enumerator over configration_attribute_t
-        */
-       enumerator_t *(*create_attribute_enumerator) (attribute_payload_v1_t *this);
-
-       /**
-        * Adds a configuration attribute to the attribute payload.
-        *
-        * @param attribute     attribute to add
-        */
-       void (*add_attribute)(attribute_payload_v1_t *this,
-                                                 data_attribute_v1_t *attribute);
-
-       /**
-        * Get the attribute payload type.
-        *
-        * @return                      type of attribute payload
-        */
-       config_type_v1_t (*get_type) (attribute_payload_v1_t *this);
-
-       /**
-        * Destroys an attribute_payload_v1_t object.
-        */
-       void (*destroy) (attribute_payload_v1_t *this);
-};
-
-/**
- * Creates an empty attribute payload
- *
- * @return             empty attribute payload
- */
-attribute_payload_v1_t *attribute_payload_v1_create();
-
-/**
- * Creates an attribute_payload_v1_t with type and value
- *
- * @param config_type  type of attribute payload to create
- * @return                             created attribute payload
- */
-attribute_payload_v1_t *attribute_payload_v1_create_type(config_type_v1_t config_type);
-
-#endif /** ATTRIBUTE_PAYLOAD_V1_H_ @}*/
index 88e43fa..5817307 100644 (file)
@@ -36,41 +36,48 @@ struct private_configuration_attribute_t {
        configuration_attribute_t public;
 
        /**
-        * Reserved bit
+        * Value encoded in length field?
+        */
+       bool af_flag;
+
+       /**
+        * Reserved bit (af_flag in IKEv2)
         */
        bool reserved;
 
        /**
         * Type of the attribute.
         */
-       u_int16_t type;
+       u_int16_t attr_type;
 
        /**
-        * Length of the attribute.
+        * Length of the attribute, value if af_flag set.
         */
-       u_int16_t length;
+       u_int16_t length_or_value;
 
        /**
         * Attribute value as chunk.
         */
        chunk_t value;
+
+       /**
+        * Payload type, CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1
+        */
+       payload_type_t type;
 };
 
 /**
- * Encoding rules to parse or generate a configuration attribute.
- *
- * The defined offsets are the positions in a object of type
- * private_configuration_attribute_t.
+ * Encoding rules for a IKEv2 configuration attribute / IKEv1 data attribute
  */
-static encoding_rule_t encodings[] = {
+static encoding_rule_t encodings_v2[] = {
        /* 1 reserved bit */
-       { RESERVED_BIT,                                         offsetof(private_configuration_attribute_t, reserved)},
+       { RESERVED_BIT,                                         offsetof(private_configuration_attribute_t, reserved)           },
        /* type of the attribute as 15 bit unsigned integer */
-       { ATTRIBUTE_TYPE,                                       offsetof(private_configuration_attribute_t, type)       },
+       { ATTRIBUTE_TYPE,                                       offsetof(private_configuration_attribute_t, attr_type)          },
        /* Length of attribute value */
-       { CONFIGURATION_ATTRIBUTE_LENGTH,       offsetof(private_configuration_attribute_t, length)     },
+       { CONFIGURATION_ATTRIBUTE_LENGTH,       offsetof(private_configuration_attribute_t, length_or_value)},
        /* Value of attribute if attribute format flag is zero */
-       { CHUNK_DATA,                                           offsetof(private_configuration_attribute_t, value)      }
+       { CHUNK_DATA,                                           offsetof(private_configuration_attribute_t, value)                      },
 };
 
 /*
@@ -85,18 +92,39 @@ static encoding_rule_t encodings[] = {
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 */
 
+/**
+ * Encoding rules for a IKEv1 data attribute
+ */
+static encoding_rule_t encodings_v1[] = {
+       /* AF Flag */
+       { FLAG,                                                 offsetof(private_configuration_attribute_t, af_flag)            },
+       /* type of the attribute as 15 bit unsigned integer */
+       { ATTRIBUTE_TYPE,                               offsetof(private_configuration_attribute_t, type)                       },
+       /* Length of attribute value */
+       { ATTRIBUTE_LENGTH_OR_VALUE,    offsetof(private_configuration_attribute_t, length_or_value)},
+       /* Value of attribute if attribute format flag is zero */
+       { ATTRIBUTE_VALUE,                              offsetof(private_configuration_attribute_t, value)                      },
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !F|         Attribute Type      !            Length             |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      |                                                               |
+      ~                             Value                             ~
+      |                                                               |
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+
 METHOD(payload_t, verify, status_t,
        private_configuration_attribute_t *this)
 {
        bool failed = FALSE;
 
-       if (this->length != this->value.len)
-       {
-               DBG1(DBG_ENC, "invalid attribute length");
-               return FAILED;
-       }
-
-       switch (this->type)
+       switch (this->attr_type)
        {
                 case INTERNAL_IP4_ADDRESS:
                 case INTERNAL_IP4_NETMASK:
@@ -104,20 +132,20 @@ METHOD(payload_t, verify, status_t,
                 case INTERNAL_IP4_NBNS:
                 case INTERNAL_ADDRESS_EXPIRY:
                 case INTERNAL_IP4_DHCP:
-                       if (this->length != 0 && this->length != 4)
+                       if (this->length_or_value != 0 && this->length_or_value != 4)
                        {
                                failed = TRUE;
                        }
                        break;
                 case INTERNAL_IP4_SUBNET:
-                       if (this->length != 0 && this->length != 8)
+                       if (this->length_or_value != 0 && this->length_or_value != 8)
                        {
                                failed = TRUE;
                        }
                        break;
                 case INTERNAL_IP6_ADDRESS:
                 case INTERNAL_IP6_SUBNET:
-                       if (this->length != 0 && this->length != 17)
+                       if (this->length_or_value != 0 && this->length_or_value != 17)
                        {
                                failed = TRUE;
                        }
@@ -125,13 +153,13 @@ METHOD(payload_t, verify, status_t,
                 case INTERNAL_IP6_DNS:
                 case INTERNAL_IP6_NBNS:
                 case INTERNAL_IP6_DHCP:
-                       if (this->length != 0 && this->length != 16)
+                       if (this->length_or_value != 0 && this->length_or_value != 16)
                        {
                                failed = TRUE;
                        }
                        break;
                 case SUPPORTED_ATTRIBUTES:
-                       if (this->length % 2)
+                       if (this->length_or_value % 2)
                        {
                                failed = TRUE;
                        }
@@ -141,14 +169,15 @@ METHOD(payload_t, verify, status_t,
                        break;
                 default:
                        DBG1(DBG_ENC, "unknown attribute type %N",
-                                configuration_attribute_type_names, this->type);
+                                configuration_attribute_type_names, this->attr_type);
                        break;
        }
 
        if (failed)
        {
                DBG1(DBG_ENC, "invalid attribute length %d for %N",
-                        this->length, configuration_attribute_type_names, this->type);
+                        this->length_or_value, configuration_attribute_type_names,
+                        this->attr_type);
                return FAILED;
        }
        return SUCCESS;
@@ -157,8 +186,13 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
        private_configuration_attribute_t *this, encoding_rule_t **rules)
 {
-       *rules = encodings;
-       return countof(encodings);
+       if (this->type == CONFIGURATION_ATTRIBUTE)
+       {
+               *rules = encodings_v2;
+               return countof(encodings_v2);
+       }
+       *rules = encodings_v1;
+       return countof(encodings_v1);
 }
 
 METHOD(payload_t, get_header_length, int,
@@ -170,7 +204,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
        private_configuration_attribute_t *this)
 {
-       return CONFIGURATION_ATTRIBUTE;
+       return this->type;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -193,15 +227,29 @@ METHOD(payload_t, get_length, size_t,
 METHOD(configuration_attribute_t, get_cattr_type, configuration_attribute_type_t,
        private_configuration_attribute_t *this)
 {
-       return this->type;
+       return this->attr_type;
 }
 
-METHOD(configuration_attribute_t, get_value, chunk_t,
+METHOD(configuration_attribute_t, get_chunk, chunk_t,
        private_configuration_attribute_t *this)
 {
+       if (this->af_flag)
+       {
+               return chunk_from_thing(this->length_or_value);
+       }
        return this->value;
 }
 
+METHOD(configuration_attribute_t, get_value, u_int16_t,
+       private_configuration_attribute_t *this)
+{
+       if (this->af_flag)
+       {
+               return this->length_or_value;
+       }
+       return 0;
+}
+
 METHOD2(payload_t, configuration_attribute_t, destroy, void,
        private_configuration_attribute_t *this)
 {
@@ -212,7 +260,7 @@ METHOD2(payload_t, configuration_attribute_t, destroy, void,
 /*
  * Described in header.
  */
-configuration_attribute_t *configuration_attribute_create()
+configuration_attribute_t *configuration_attribute_create(payload_type_t type)
 {
        private_configuration_attribute_t *this;
 
@@ -228,10 +276,12 @@ configuration_attribute_t *configuration_attribute_create()
                                .get_type = _get_type,
                                .destroy = _destroy,
                        },
+                       .get_chunk = _get_chunk,
                        .get_value = _get_value,
                        .get_type = _get_cattr_type,
                        .destroy = _destroy,
                },
+               .type = type
        );
        return &this->public;
 }
@@ -239,15 +289,33 @@ configuration_attribute_t *configuration_attribute_create()
 /*
  * Described in header.
  */
+configuration_attribute_t *configuration_attribute_create_chunk(
+       payload_type_t type, configuration_attribute_type_t attr_type, chunk_t chunk)
+{
+       private_configuration_attribute_t *this;
+
+       this = (private_configuration_attribute_t*)
+                                                       configuration_attribute_create(type);
+       this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
+       this->value = chunk_clone(chunk);
+       this->length_or_value = chunk.len;
+
+       return &this->public;
+}
+
+/*
+ * Described in header.
+ */
 configuration_attribute_t *configuration_attribute_create_value(
-                                                       configuration_attribute_type_t type, chunk_t value)
+                                       configuration_attribute_type_t attr_type, u_int16_t value)
 {
        private_configuration_attribute_t *this;
 
-       this = (private_configuration_attribute_t*)configuration_attribute_create();
-       this->type = ((u_int16_t)type) & 0x7FFF;
-       this->value = chunk_clone(value);
-       this->length = value.len;
+       this = (private_configuration_attribute_t*)
+                                       configuration_attribute_create(CONFIGURATION_ATTRIBUTE_V1);
+       this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
+       this->length_or_value = value;
+       this->af_flag = TRUE;
 
        return &this->public;
 }
index e216ee3..ecc0f9c 100644 (file)
@@ -29,9 +29,7 @@ typedef struct configuration_attribute_t configuration_attribute_t;
 #include <encoding/payloads/payload.h>
 
 /**
- * Class representing an IKEv2-CONFIGURATION Attribute.
- *
- * The CONFIGURATION ATTRIBUTE format is described in RFC section 3.15.1.
+ * Class representing an IKEv2 configuration attribute / IKEv1 data attribute.
  */
 struct configuration_attribute_t {
 
@@ -48,11 +46,18 @@ struct configuration_attribute_t {
        configuration_attribute_type_t (*get_type)(configuration_attribute_t *this);
 
        /**
-        * Returns the value of the attribute.
+        * Returns the value of the attribute as chunk.
         *
         * @return              chunk_t pointing to the internal value
         */
-       chunk_t (*get_value) (configuration_attribute_t *this);
+       chunk_t (*get_chunk) (configuration_attribute_t *this);
+
+       /**
+        * Returns the 2 byte value of the attribute as u_int16.
+        *
+        * @return              attribute value
+        */
+       u_int16_t (*get_value) (configuration_attribute_t *this);
 
        /**
         * Destroys an configuration_attribute_t object.
@@ -63,18 +68,30 @@ struct configuration_attribute_t {
 /**
  * Creates an empty configuration attribute.
  *
- * @return             created configuration attribute
+ * @param type         CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @return                     created configuration attribute
  */
-configuration_attribute_t *configuration_attribute_create();
+configuration_attribute_t *configuration_attribute_create(payload_type_t type);
 
 /**
  * Creates a configuration attribute with type and value.
  *
- * @param type type of configuration attribute
- * @param value        value, gets cloned
- * @return             created configuration attribute
+ * @param type         CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @param attr_type    type of configuration attribute
+ * @param chunk                attribute value, gets cloned
+ * @return                     created configuration attribute
+ */
+configuration_attribute_t *configuration_attribute_create_chunk(
+       payload_type_t type, configuration_attribute_type_t attr_type, chunk_t chunk);
+
+/**
+ * Creates a IKEv1 configuration attribute with 2 bytes value (IKEv1 only).
+ *
+ * @param attr_type    type of configuration attribute
+ * @param value                attribute value, gets cloned
+ * @return                     created CONFIGURATION_ATTRIBUTE_V1 configuration attribute
  */
 configuration_attribute_t *configuration_attribute_create_value(
-                                                       configuration_attribute_type_t type, chunk_t value);
+                                       configuration_attribute_type_t attr_type, u_int16_t value);
 
 #endif /** CONFIGURATION_ATTRIBUTE_H_ @}*/
index 1813c97..9ecb150 100644 (file)
@@ -44,7 +44,7 @@ struct private_cp_payload_t {
        /**
         * Next payload type.
         */
-       u_int8_t  next_payload;
+       u_int8_t next_payload;
 
        /**
         * Critical flag.
@@ -67,6 +67,11 @@ struct private_cp_payload_t {
        u_int16_t payload_length;
 
        /**
+        * Identifier field, IKEv1 only
+        */
+       u_int16_t identifier;
+
+       /**
         * List of attributes, as configuration_attribute_t
         */
        linked_list_t *attributes;
@@ -74,16 +79,18 @@ struct private_cp_payload_t {
        /**
         * Config Type.
         */
-       u_int8_t type;
+       u_int8_t cfg_type;
+
+       /**
+        * CONFIGURATION or CONFIGURATION_V1
+        */
+       payload_type_t type;
 };
 
 /**
- * Encoding rules to parse or generate a IKEv2-CP Payload
- *
- * The defined offsets are the positions in a object of type
- * private_cp_payload_t.
+ * Encoding rules to for an IKEv2 configuration payload
  */
-static encoding_rule_t encodings[] = {
+static encoding_rule_t encodings_v2[] = {
        /* 1 Byte next payload type, stored in the field next_payload */
        { U_INT_8,                      offsetof(private_cp_payload_t, next_payload)    },
        /* the critical bit */
@@ -98,7 +105,7 @@ static encoding_rule_t encodings[] = {
        { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[6]) },
        /* Length of the whole CP payload*/
        { PAYLOAD_LENGTH,       offsetof(private_cp_payload_t, payload_length)  },
-       { U_INT_8,                      offsetof(private_cp_payload_t, type)                    },
+       { U_INT_8,                      offsetof(private_cp_payload_t, cfg_type)                },
        /* 3 reserved bytes */
        { RESERVED_BYTE,        offsetof(private_cp_payload_t, reserved_byte[0])},
        { RESERVED_BYTE,        offsetof(private_cp_payload_t, reserved_byte[1])},
@@ -122,6 +129,47 @@ static encoding_rule_t encodings[] = {
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
 */
 
+/**
+ * Encoding rules to for an IKEv1 configuration payload
+ */
+static encoding_rule_t encodings_v1[] = {
+       /* 1 Byte next payload type, stored in the field next_payload */
+       { U_INT_8,                      offsetof(private_cp_payload_t, next_payload)    },
+       /* the critical bit */
+       { FLAG,                         offsetof(private_cp_payload_t, critical)                },
+       /* 7 Bit reserved bits */
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[0]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[1]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[2]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[3]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[4]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[5]) },
+       { RESERVED_BIT,         offsetof(private_cp_payload_t, reserved_bit[6]) },
+       /* Length of the whole CP payload*/
+       { PAYLOAD_LENGTH,       offsetof(private_cp_payload_t, payload_length)  },
+       { U_INT_8,                      offsetof(private_cp_payload_t, cfg_type)                },
+       /* 1 reserved bytes */
+       { RESERVED_BYTE,        offsetof(private_cp_payload_t, reserved_byte[0])},
+       { U_INT_16,                     offsetof(private_cp_payload_t, identifier)},
+       /* list of configuration attributes in a list */
+       { PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE,
+                                               offsetof(private_cp_payload_t, attributes)              },
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ! Next Payload  !   RESERVED    !         Payload Length        !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !   CFG Type    !   RESERVED    !           Identifier          !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                                                               !
+      ~                   Configuration Attributes                    ~
+      !                                                               !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
 METHOD(payload_t, verify, status_t,
        private_cp_payload_t *this)
 {
@@ -145,8 +193,13 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
        private_cp_payload_t *this, encoding_rule_t **rules)
 {
-       *rules = encodings;
-       return countof(encodings);
+       if (this->type == CONFIGURATION)
+       {
+               *rules = encodings_v2;
+               return countof(encodings_v2);
+       }
+       *rules = encodings_v1;
+       return countof(encodings_v1);
 }
 
 METHOD(payload_t, get_header_length, int,
@@ -158,7 +211,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
        private_cp_payload_t *this)
 {
-       return CONFIGURATION;
+       return this->type;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -213,7 +266,7 @@ METHOD(cp_payload_t, add_attribute, void,
 METHOD(cp_payload_t, get_config_type, config_type_t,
        private_cp_payload_t *this)
 {
-       return this->type;
+       return this->cfg_type;
 }
 
 METHOD2(payload_t, cp_payload_t, destroy, void,
@@ -227,7 +280,7 @@ METHOD2(payload_t, cp_payload_t, destroy, void,
 /*
  * Described in header.
  */
-cp_payload_t *cp_payload_create_type(config_type_t type)
+cp_payload_t *cp_payload_create_type(payload_type_t type, config_type_t cfg_type)
 {
        private_cp_payload_t *this;
 
@@ -251,6 +304,7 @@ cp_payload_t *cp_payload_create_type(config_type_t type)
                .next_payload = NO_PAYLOAD,
                .payload_length = get_header_length(this),
                .attributes = linked_list_create(),
+               .cfg_type = cfg_type,
                .type = type,
        );
        return &this->public;
@@ -259,7 +313,7 @@ cp_payload_t *cp_payload_create_type(config_type_t type)
 /*
  * Described in header.
  */
-cp_payload_t *cp_payload_create()
+cp_payload_t *cp_payload_create(payload_type_t type)
 {
-       return cp_payload_create_type(CFG_REQUEST);
+       return cp_payload_create_type(type, CFG_REQUEST);
 }
index bc6bdee..0e3cf53 100644 (file)
@@ -46,9 +46,7 @@ enum config_type_t {
 extern enum_name_t *config_type_names;
 
 /**
- * Class representing an IKEv2-CP Payload.
- *
- * The CP Payload format is described in RFC section 3.15.
+ * Class representing an IKEv2 configuration / IKEv1 attribute payload.
  */
 struct cp_payload_t {
 
@@ -88,16 +86,18 @@ struct cp_payload_t {
 /**
  * Creates an empty configuration payload
  *
- * @return             empty configuration payload
+ * @param type         payload type, CONFIGURATION or CONFIGURATION_V1
+ * @return                     empty configuration payload
  */
-cp_payload_t *cp_payload_create();
+cp_payload_t *cp_payload_create(payload_type_t type);
 
 /**
  * Creates an cp_payload_t with type and value
  *
- * @param config_type  type of configuration payload to create
- * @return                             created configuration payload
+ * @param type         payload type, CONFIGURATION or CONFIGURATION_V1
+ * @param cfg_type     type of configuration payload to create
+ * @return                     created configuration payload
  */
-cp_payload_t *cp_payload_create_type(config_type_t config_type);
+cp_payload_t *cp_payload_create_type(payload_type_t type, config_type_t cfg_type);
 
 #endif /** CP_PAYLOAD_H_ @}*/
diff --git a/src/libcharon/encoding/payloads/data_attribute_v1.c b/src/libcharon/encoding/payloads/data_attribute_v1.c
deleted file mode 100644 (file)
index 37f7c00..0000000
+++ /dev/null
@@ -1,260 +0,0 @@
-
-#include <stddef.h>
-
-#include "data_attribute_v1.h"
-
-#include <encoding/payloads/encodings.h>
-#include <library.h>
-#include <daemon.h>
-
-typedef struct private_data_attribute_v1_t private_data_attribute_v1_t;
-
-/**
- * Private data of an data_attribute_v1_t object.
- */
-struct private_data_attribute_v1_t {
-
-       /**
-        * Public data_attribute_v1_t interface.
-        */
-       data_attribute_v1_t public;
-
-       /**
-        * Reserved bit
-        */
-       bool af_flag;
-
-       /**
-        * Type of the attribute.
-        */
-       u_int16_t type;
-
-       /**
-        * Length of the attribute.
-        */
-       u_int16_t length_or_value;
-
-       /**
-        * Attribute value as chunk.
-        */
-       chunk_t value;
-};
-
-/**
- * Encoding rules to parse or generate a configuration attribute.
- *
- * The defined offsets are the positions in a object of type
- * private_data_attribute_v1_t.
- */
-encoding_rule_t data_attribute_v1_encodings[] = {
-       /* AF Flag */
-       { FLAG,                                         offsetof(private_data_attribute_v1_t, af_flag)},
-       /* type of the attribute as 15 bit unsigned integer */
-       { ATTRIBUTE_TYPE,                                       offsetof(private_data_attribute_v1_t, type)     },
-       /* Length of attribute value */
-       { ATTRIBUTE_LENGTH_OR_VALUE,    offsetof(private_data_attribute_v1_t, length_or_value)  },
-       /* Value of attribute if attribute format flag is zero */
-       { ATTRIBUTE_VALUE,      offsetof(private_data_attribute_v1_t, value)    }
-};
-
-/*
-                           1                   2                   3
-       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      !R|         Attribute Type      !            Length             |
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-      |                                                               |
-      ~                             Value                             ~
-      |                                                               |
-      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
-*/
-
-METHOD(payload_t, verify, status_t,
-       private_data_attribute_v1_t *this)
-{
-       bool failed = FALSE;
-
-       if (this->length_or_value != this->value.len)
-       {
-               DBG1(DBG_ENC, "invalid attribute length");
-               return FAILED;
-       }
-
-       switch (this->type)
-       {
-                case INTERNAL_IP4_ADDRESS:
-                case INTERNAL_IP4_NETMASK:
-                case INTERNAL_IP4_DNS:
-                case INTERNAL_IP4_NBNS:
-                case INTERNAL_ADDRESS_EXPIRY:
-                case INTERNAL_IP4_DHCP:
-                       if (this->length_or_value != 0 && this->length_or_value != 4)
-                       {
-                               failed = TRUE;
-                       }
-                       break;
-                case INTERNAL_IP4_SUBNET:
-                       if (this->length_or_value != 0 && this->length_or_value != 8)
-                       {
-                               failed = TRUE;
-                       }
-                       break;
-                case INTERNAL_IP6_ADDRESS:
-                case INTERNAL_IP6_SUBNET:
-                       if (this->length_or_value != 0 && this->length_or_value != 17)
-                       {
-                               failed = TRUE;
-                       }
-                       break;
-                case INTERNAL_IP6_DNS:
-                case INTERNAL_IP6_NBNS:
-                case INTERNAL_IP6_DHCP:
-                       if (this->length_or_value != 0 && this->length_or_value != 16)
-                       {
-                               failed = TRUE;
-                       }
-                       break;
-                case SUPPORTED_ATTRIBUTES:
-                       if (this->length_or_value % 2)
-                       {
-                               failed = TRUE;
-                       }
-                       break;
-                case APPLICATION_VERSION:
-                       /* any length acceptable */
-                       break;
-                default:
-                       DBG1(DBG_ENC, "unknown attribute type %N",
-                                configuration_attribute_type_names, this->type);
-                       break;
-       }
-
-       if (failed)
-       {
-               DBG1(DBG_ENC, "invalid attribute length %d for %N",
-                        this->length_or_value, configuration_attribute_type_names, this->type);
-               return FAILED;
-       }
-       return SUCCESS;
-}
-
-METHOD(payload_t, get_encoding_rules, void,
-       private_data_attribute_v1_t *this, encoding_rule_t **rules,
-       size_t *rule_count)
-{
-       *rules = data_attribute_v1_encodings;
-       *rule_count = countof(data_attribute_v1_encodings);
-}
-
-METHOD(payload_t, get_header_length, int,
-       private_data_attribute_v1_t *this)
-{
-       return 4;
-}
-
-METHOD(payload_t, get_type, payload_type_t,
-       private_data_attribute_v1_t *this)
-{
-       return DATA_ATTRIBUTE_V1;
-}
-
-METHOD(payload_t, get_next_type, payload_type_t,
-       private_data_attribute_v1_t *this)
-{
-       return NO_PAYLOAD;
-}
-
-METHOD(payload_t, set_next_type, void,
-       private_data_attribute_v1_t *this, payload_type_t type)
-{
-}
-
-METHOD(payload_t, get_length, size_t,
-       private_data_attribute_v1_t *this)
-{
-       return get_header_length(this) + this->value.len;
-}
-
-METHOD(data_attribute_v1_t, get_dattr_type, configuration_attribute_type_t,
-       private_data_attribute_v1_t *this)
-{
-       return this->type;
-}
-
-METHOD(data_attribute_v1_t, get_value, u_int16_t,
-       private_data_attribute_v1_t *this)
-{
-       return this->length_or_value;
-}
-
-METHOD(data_attribute_v1_t, get_value_chunk, chunk_t,
-       private_data_attribute_v1_t *this)
-{
-       return this->value;
-}
-
-METHOD2(payload_t, data_attribute_v1_t, destroy, void,
-       private_data_attribute_v1_t *this)
-{
-       free(this->value.ptr);
-       free(this);
-}
-
-/*
- * Described in header.
- */
-data_attribute_v1_t *data_attribute_v1_create()
-{
-       private_data_attribute_v1_t *this;
-
-       INIT(this,
-               .public = {
-                       .payload_interface = {
-                               .verify = _verify,
-                               .get_encoding_rules = _get_encoding_rules,
-                               .get_length = _get_length,
-                               .get_next_type = _get_next_type,
-                               .set_next_type = _set_next_type,
-                               .get_type = _get_type,
-                               .destroy = _destroy,
-                       },
-                       .get_value_chunk = _get_value_chunk,
-                       .get_type = _get_dattr_type,
-                       .destroy = _destroy,
-               },
-       );
-       return &this->public;
-}
-
-/*
- * Described in header.
- */
-data_attribute_v1_t *data_attribute_v1_create_value(
-                                                       configuration_attribute_type_t type, chunk_t value)
-{
-       private_data_attribute_v1_t *this;
-
-       this = (private_data_attribute_v1_t*)data_attribute_v1_create();
-       this->type = ((u_int16_t)type) & 0x7FFF;
-       this->value = chunk_clone(value);
-       this->length_or_value = value.len;
-       this->af_flag = FALSE;
-
-       return &this->public;
-}
-
-/*
- * Described in header.
- */
-data_attribute_v1_t *data_attribute_v1_create_basic(
-                                                       configuration_attribute_type_t type, u_int16_t value)
-{
-       private_data_attribute_v1_t *this;
-
-       this = (private_data_attribute_v1_t*)data_attribute_v1_create();
-       this->type = ((u_int16_t)type) & 0x7FFF;
-       this->length_or_value = value;
-       this->af_flag = TRUE;
-
-       return &this->public;
-}
diff --git a/src/libcharon/encoding/payloads/data_attribute_v1.h b/src/libcharon/encoding/payloads/data_attribute_v1.h
deleted file mode 100644 (file)
index 568b314..0000000
+++ /dev/null
@@ -1,88 +0,0 @@
-
-/**
- * @defgroup data_attribute_v1 data_attribute_v1
- * @{ @ingroup payloads
- */
-
-#ifndef DATA_ATTRIBUTE_V1_H_
-#define DATA_ATTRIBUTE_V1_H_
-
-typedef struct data_attribute_v1_t data_attribute_v1_t;
-
-#include <library.h>
-#include <attributes/attributes.h>
-#include <encoding/payloads/payload.h>
-
-/**
- * Configuration attribute header length in bytes.
- */
-#define DATA_ATTRIBUTE_V1_HEADER_LENGTH 4
-
-/**
- * Class representing an IKEv1-Data Attribute.
- *
- * The DATA_ATTRIBUTE_V1 format is described in RFC section 3.15.1.
- */
-struct data_attribute_v1_t {
-
-       /**
-        * Implements payload_t interface.
-        */
-       payload_t payload_interface;
-
-       /**
-        * Get the type of the attribute.
-        *
-        * @return              type of the data attribute
-        */
-       configuration_attribute_type_t (*get_type)(data_attribute_v1_t *this);
-
-       /**
-        * Returns the value of the attribute.
-        *
-        * @return              the basic internal value
-        */
-       u_int16_t (*get_value) (data_attribute_v1_t *this);
-
-       /**
-        * Returns the value of the attribute.
-        *
-        * @return              chunk_t pointing to the internal value
-        */
-       chunk_t (*get_value_chunk) (data_attribute_v1_t *this);
-
-       /**
-        * Destroys an configuration_attribute_t object.
-        */
-       void (*destroy) (data_attribute_v1_t *this);
-};
-
-/**
- * Creates an empty data attribute.
- *
- * @return             created data attribute
- */
-data_attribute_v1_t *data_attribute_v1_create();
-
-/**
- * Creates a data attribute with type and value.
- *
- * @param type type of data attribute
- * @param value        value, gets cloned
- * @return             created data attribute
- */
-data_attribute_v1_t *data_attribute_v1_create_value(
-                                                       configuration_attribute_type_t type, chunk_t value);
-
-
-/**
- * Creates a data attribute with type and value.
- *
- * @param type type of data attribute
- * @param value        value
- * @return             created data attribute
- */
-data_attribute_v1_t *data_attribute_v1_create_basic(
-                                                       configuration_attribute_type_t type, u_int16_t value);
-
-#endif /** DATA_ATTRIBUTE_V1_H_ @}*/
index 7d6fa66..3a41160 100644 (file)
 #include <encoding/payloads/hash_payload.h>
 #include <encoding/payloads/unknown_payload.h>
 
-#include <encoding/payloads/attribute_payload_v1.h>
-#include <encoding/payloads/data_attribute_v1.h>
-
 ENUM_BEGIN(payload_type_names, NO_PAYLOAD, NO_PAYLOAD,
        "NO_PAYLOAD");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, ATTRIBUTE_V1, NO_PAYLOAD,
+ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
        "SECURITY_ASSOCIATION_V1",
        "PROPOSAL_V1",
        "TRANSFORM_V1",
@@ -57,8 +54,8 @@ ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, ATTRIBUTE_V1, NO_PAYLOAD,
        "NOTIFY_V1",
        "DELETE_V1",
        "VENDOR_ID_V1",
-       "ATTRIBUTE_V1");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, ATTRIBUTE_V1,
+       "CONFIGURATION_V1");
+ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, CONFIGURATION_V1,
        "SECURITY_ASSOCIATION",
        "KEY_EXCHANGE",
        "ID_INITIATOR",
@@ -78,7 +75,7 @@ ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, A
 #ifdef ME
 ENUM_NEXT(payload_type_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION,
        "ID_PEER");
-ENUM_NEXT(payload_type_names, HEADER, DATA_ATTRIBUTE_V1, ID_PEER,
+ENUM_NEXT(payload_type_names, HEADER, ENCRYPTED_V1, ID_PEER,
        "HEADER",
        "PROPOSAL_SUBSTRUCTURE",
        "PROPOSAL_SUBSTRUCTURE_V1",
@@ -88,10 +85,10 @@ ENUM_NEXT(payload_type_names, HEADER, DATA_ATTRIBUTE_V1, ID_PEER,
        "TRANSFORM_ATTRIBUTE_V1",
        "TRAFFIC_SELECTOR_SUBSTRUCTURE",
        "CONFIGURATION_ATTRIBUTE",
-       "ENCRYPTED_V1",
-       "DATA_ATTRIBUTE_V1");
+       "CONFIGURATION_ATTRIBUTE_V1",
+       "ENCRYPTED_V1");
 #else
-ENUM_NEXT(payload_type_names, HEADER, DATA_ATTRIBUTE_V1, EXTENSIBLE_AUTHENTICATION,
+ENUM_NEXT(payload_type_names, HEADER, ENCRYPTED_V1, EXTENSIBLE_AUTHENTICATION,
        "HEADER",
        "PROPOSAL_SUBSTRUCTURE",
        "PROPOSAL_SUBSTRUCTURE_V1",
@@ -101,15 +98,15 @@ ENUM_NEXT(payload_type_names, HEADER, DATA_ATTRIBUTE_V1, EXTENSIBLE_AUTHENTICATI
        "TRANSFORM_ATTRIBUTE_V1",
        "TRAFFIC_SELECTOR_SUBSTRUCTURE",
        "CONFIGURATION_ATTRIBUTE",
-       "ENCRYPTED_V1",
-       "DATA_ATTRIBUTE_V1");
+       "CONFIGURATION_ATTRIBUTE_V1",
+       "ENCRYPTED_V1");
 #endif /* ME */
-ENUM_END(payload_type_names, DATA_ATTRIBUTE_V1);
+ENUM_END(payload_type_names, ENCRYPTED_V1);
 
 /* short forms of payload names */
 ENUM_BEGIN(payload_type_short_names, NO_PAYLOAD, NO_PAYLOAD,
        "--");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, VENDOR_ID_V1, NO_PAYLOAD,
+ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
        "SA",
        "PROP",
        "TRANS",
@@ -122,8 +119,9 @@ ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, VENDOR_ID_V1, NO_PA
        "No",
        "N",
        "D",
-       "V");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, VENDOR_ID_V1,
+       "V",
+       "CP");
+ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICATION, CONFIGURATION_V1,
        "SA",
        "KE",
        "IDi",
@@ -143,7 +141,7 @@ ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, EXTENSIBLE_AUTHENTICAT
 #ifdef ME
 ENUM_NEXT(payload_type_short_names, ID_PEER, ID_PEER, EXTENSIBLE_AUTHENTICATION,
        "IDp");
-ENUM_NEXT(payload_type_short_names, HEADER, DATA_ATTRIBUTE_V1, ID_PEER,
+ENUM_NEXT(payload_type_short_names, HEADER, ENCRYPTED_V1, ID_PEER,
        "HDR",
        "PROP",
        "PROP",
@@ -153,10 +151,10 @@ ENUM_NEXT(payload_type_short_names, HEADER, DATA_ATTRIBUTE_V1, ID_PEER,
        "TRANSATTR",
        "TSSUB",
        "CATTR",
-       "E",
-       "DATAATTR");
+       "CATTR",
+       "E");
 #else
-ENUM_NEXT(payload_type_short_names, HEADER, DATA_ATTRIBUTE_V1, EXTENSIBLE_AUTHENTICATION,
+ENUM_NEXT(payload_type_short_names, HEADER, ENCRYPTED_V1, EXTENSIBLE_AUTHENTICATION,
        "HDR",
        "PROP",
        "PROP",
@@ -166,10 +164,10 @@ ENUM_NEXT(payload_type_short_names, HEADER, DATA_ATTRIBUTE_V1, EXTENSIBLE_AUTHEN
        "TRANSATTR",
        "TSSUB",
        "CATTR",
-       "E",
-       "DATAATTR");
+       "CATTR",
+       "E");
 #endif /* ME */
-ENUM_END(payload_type_short_names, DATA_ATTRIBUTE_V1);
+ENUM_END(payload_type_short_names, ENCRYPTED_V1);
 
 /*
  * see header
@@ -230,18 +228,16 @@ payload_t *payload_create(payload_type_t type)
                case HASH_V1:
                        return (payload_t*)hash_payload_create();
                case CONFIGURATION:
-                       return (payload_t*)cp_payload_create();
+               case CONFIGURATION_V1:
+                       return (payload_t*)cp_payload_create(type);
                case CONFIGURATION_ATTRIBUTE:
-                       return (payload_t*)configuration_attribute_create();
+               case CONFIGURATION_ATTRIBUTE_V1:
+                       return (payload_t*)configuration_attribute_create(type);
                case EXTENSIBLE_AUTHENTICATION:
                        return (payload_t*)eap_payload_create();
                case ENCRYPTED:
                case ENCRYPTED_V1:
                        return (payload_t*)encryption_payload_create(type);
-               case ATTRIBUTE_V1:
-                       return (payload_t*)attribute_payload_v1_create();
-               case DATA_ATTRIBUTE_V1:
-                       return (payload_t*)data_attribute_v1_create();
                default:
                        return (payload_t*)unknown_payload_create(type);
        }
@@ -260,7 +256,7 @@ bool payload_is_known(payload_type_t type)
        {
                return TRUE;
        }
-       if (type >= SECURITY_ASSOCIATION_V1 && type <= VENDOR_ID_V1)
+       if (type >= SECURITY_ASSOCIATION_V1 && type <= CONFIGURATION_V1)
        {
                return TRUE;
        }
index f55099f..6209b08 100644 (file)
@@ -113,9 +113,9 @@ enum payload_type_t {
        VENDOR_ID_V1 = 13,
 
        /**
-        * Attribute payload (ISAKMP Cfg Mode "draft-ietf-ipsec-isakmp-mode-cfg-05")
+        * Attribute payload (ISAKMP Mode Config, aka configuration payload.
         */
-       ATTRIBUTE_V1 = 14,
+       CONFIGURATION_V1 = 14,
 
        /**
         * The security association (SA) payload containing proposals.
@@ -249,20 +249,19 @@ enum payload_type_t {
        TRAFFIC_SELECTOR_SUBSTRUCTURE,
 
        /**
-        * CONFIGURATION_ATTRIBUTE, attribute in a configuration payload.
+        * CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
         */
        CONFIGURATION_ATTRIBUTE,
 
        /**
-        * This is not really a payload, but rather the complete IKEv1 message.
+        * CONFIGURATION_ATTRIBUTE_V1, IKEv1 attribute in a configuration payload.
         */
-       ENCRYPTED_V1,
+       CONFIGURATION_ATTRIBUTE_V1,
 
        /**
-        * DATA_ATTRIBUTE, attribute in an ATTRIBUTE payload.
+        * This is not really a payload, but rather the complete IKEv1 message.
         */
-       DATA_ATTRIBUTE_V1,
-
+       ENCRYPTED_V1,
 };
 
 /**
index 6623730..332af46 100644 (file)
@@ -98,7 +98,8 @@ static configuration_attribute_t *build_vip(host_t *vip)
                        chunk = chunk_cata("cc", chunk, prefix);
                }
        }
-       return configuration_attribute_create_value(type, chunk);
+       return configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+                                                                                               type, chunk);
 }
 
 /**
@@ -128,11 +129,11 @@ static void handle_attribute(private_ike_config_t *this,
        /* and pass it to the handle function */
        handler = hydra->attributes->handle(hydra->attributes,
                                                        this->ike_sa->get_other_id(this->ike_sa), handler,
-                                                       ca->get_type(ca), ca->get_value(ca));
+                                                       ca->get_type(ca), ca->get_chunk(ca));
        if (handler)
        {
                this->ike_sa->add_configuration_attribute(this->ike_sa,
-                               handler, ca->get_type(ca), ca->get_value(ca));
+                               handler, ca->get_type(ca), ca->get_chunk(ca));
        }
 }
 
@@ -153,7 +154,7 @@ static void process_attribute(private_ike_config_t *this,
                        /* fall */
                case INTERNAL_IP6_ADDRESS:
                {
-                       addr = ca->get_value(ca);
+                       addr = ca->get_chunk(ca);
                        if (addr.len == 0)
                        {
                                ip = host_create_any(family);
@@ -252,7 +253,7 @@ METHOD(task_t, build_i, status_t,
                }
                if (vip)
                {
-                       cp = cp_payload_create_type(CFG_REQUEST);
+                       cp = cp_payload_create_type(CONFIGURATION, CFG_REQUEST);
                        cp->add_attribute(cp, build_vip(vip));
                }
 
@@ -266,10 +267,11 @@ METHOD(task_t, build_i, status_t,
                        /* create configuration attribute */
                        DBG2(DBG_IKE, "building %N attribute",
                                 configuration_attribute_type_names, type);
-                       ca = configuration_attribute_create_value(type, data);
+                       ca = configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+                                                                                                         type, data);
                        if (!cp)
                        {
-                               cp = cp_payload_create_type(CFG_REQUEST);
+                               cp = cp_payload_create_type(CONFIGURATION, CFG_REQUEST);
                        }
                        cp->add_attribute(cp, ca);
 
@@ -335,7 +337,7 @@ METHOD(task_t, build_r, status_t,
                        DBG1(DBG_IKE, "assigning virtual IP %H to peer '%Y'", vip, id);
                        this->ike_sa->set_virtual_ip(this->ike_sa, FALSE, vip);
 
-                       cp = cp_payload_create_type(CFG_REPLY);
+                       cp = cp_payload_create_type(CONFIGURATION, CFG_REPLY);
                        cp->add_attribute(cp, build_vip(vip));
                }
 
@@ -346,12 +348,13 @@ METHOD(task_t, build_r, status_t,
                {
                        if (!cp)
                        {
-                               cp = cp_payload_create_type(CFG_REPLY);
+                               cp = cp_payload_create_type(CONFIGURATION, CFG_REPLY);
                        }
                        DBG2(DBG_IKE, "building %N attribute",
                                 configuration_attribute_type_names, type);
                        cp->add_attribute(cp,
-                                               configuration_attribute_create_value(type, value));
+                               configuration_attribute_create_chunk(CONFIGURATION_ATTRIBUTE,
+                                                                                                        type, value));
                }
                enumerator->destroy(enumerator);
 
index a50d0fb..60914be 100644 (file)
@@ -3,8 +3,7 @@
 
 #include <daemon.h>
 #include <hydra.h>
-#include <encoding/payloads/attribute_payload_v1.h>
-#include <encoding/payloads/data_attribute_v1.h>
+#include <encoding/payloads/cp_payload.h>
 #include <encoding/payloads/hash_payload.h>
 #include <encoding/generator.h>
 
@@ -61,10 +60,9 @@ static void process_payloads(private_xauth_request_t *this, message_t *message)
 METHOD(task_t, build_i, status_t,
        private_xauth_request_t *this, message_t *message)
 {
-       attribute_payload_v1_t *ap = NULL;
+       cp_payload_t *cp;
        chunk_t chunk = chunk_empty;
-       data_attribute_v1_t *da = NULL;
-       hash_payload_t *hash_payload = NULL;
+       hash_payload_t *hash_payload;
        generator_t *generator;
        chunk_t attr_chunk;
        chunk_t mid_chunk;
@@ -76,13 +74,11 @@ METHOD(task_t, build_i, status_t,
 
        DBG1(DBG_IKE, "BUILDING XAUTH REQUEST PACKET");
        /* TODO1: Create ATTR payload */
-       ap = attribute_payload_v1_create();
-
-       da = data_attribute_v1_create_value(XAUTH_USER_NAME, chunk);
-       ap->add_attribute(ap, da);
-
-       da = data_attribute_v1_create_value(XAUTH_USER_PASSWORD, chunk);
-       ap->add_attribute(ap, da);
+       cp = cp_payload_create(CONFIGURATION_V1);
+       cp->add_attribute(cp, configuration_attribute_create_chunk(
+                               CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk));
+       cp->add_attribute(cp, configuration_attribute_create_chunk(
+                               CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, chunk));
 
        /* Create HASH payload */
        hash_payload = hash_payload_create();
@@ -90,8 +86,8 @@ METHOD(task_t, build_i, status_t,
 
        /* Calculate the chunk for the ATTR payload */
        generator = generator_create();
-       ap->payload_interface.set_next_type(&ap->payload_interface, NO_PAYLOAD);
-       generator->generate_payload(generator, (payload_t *)ap);
+       cp->payload_interface.set_next_type(&cp->payload_interface, NO_PAYLOAD);
+       generator->generate_payload(generator, (payload_t *)cp);
        attr_chunk = generator->get_chunk(generator, &lenpos);
 
        /* Get the message ID in network order */
@@ -102,7 +98,7 @@ METHOD(task_t, build_i, status_t,
        hash_in = chunk_cat("cc", mid_chunk, attr_chunk);
 
        message->add_payload(message, (payload_t *)hash_payload);
-       message->add_payload(message, (payload_t *)ap);
+       message->add_payload(message, (payload_t *)cp);
 
        return NEED_MORE;
 }