ikev2: Add SIGNATURE_HASH_ALGORITHMS notify payload
authorTobias Brunner <tobias@strongswan.org>
Mon, 23 Feb 2015 12:54:41 +0000 (13:54 +0100)
committerTobias Brunner <tobias@strongswan.org>
Wed, 4 Mar 2015 12:54:08 +0000 (13:54 +0100)
src/libcharon/encoding/payloads/notify_payload.c
src/libcharon/encoding/payloads/notify_payload.h

index 94723dd..f32a127 100644 (file)
@@ -65,7 +65,7 @@ ENUM_NEXT(notify_type_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, CHILD_SA_NOT_
        "ME_CONNECT_FAILED");
 ENUM_NEXT(notify_type_names, MS_NOTIFY_STATUS, MS_NOTIFY_STATUS, ME_CONNECT_FAILED,
        "MS_NOTIFY_STATUS");
-ENUM_NEXT(notify_type_names, INITIAL_CONTACT, FRAGMENTATION_SUPPORTED, MS_NOTIFY_STATUS,
+ENUM_NEXT(notify_type_names, INITIAL_CONTACT, SIGNATURE_HASH_ALGORITHMS, MS_NOTIFY_STATUS,
        "INITIAL_CONTACT",
        "SET_WINDOW_SIZE",
        "ADDITIONAL_TS_POSSIBLE",
@@ -112,8 +112,9 @@ ENUM_NEXT(notify_type_names, INITIAL_CONTACT, FRAGMENTATION_SUPPORTED, MS_NOTIFY
        "ERX_SUPPORTED",
        "IFOM_CAPABILITY",
        "SENDER_REQUEST_ID",
-       "FRAGMENTATION_SUPPORTED");
-ENUM_NEXT(notify_type_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, FRAGMENTATION_SUPPORTED,
+       "FRAGMENTATION_SUPPORTED",
+       "SIGNATURE_HASH_ALGORITHMS");
+ENUM_NEXT(notify_type_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, SIGNATURE_HASH_ALGORITHMS,
        "INITIAL_CONTACT");
 ENUM_NEXT(notify_type_names, DPD_R_U_THERE, DPD_R_U_THERE_ACK, INITIAL_CONTACT_IKEV1,
        "DPD_R_U_THERE",
@@ -174,7 +175,7 @@ ENUM_NEXT(notify_type_short_names, ME_CONNECT_FAILED, ME_CONNECT_FAILED, CHILD_S
        "ME_CONN_FAIL");
 ENUM_NEXT(notify_type_short_names, MS_NOTIFY_STATUS, MS_NOTIFY_STATUS, ME_CONNECT_FAILED,
        "MS_STATUS");
-ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, FRAGMENTATION_SUPPORTED, MS_NOTIFY_STATUS,
+ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, SIGNATURE_HASH_ALGORITHMS, MS_NOTIFY_STATUS,
        "INIT_CONTACT",
        "SET_WINSIZE",
        "ADD_TS_POSS",
@@ -221,8 +222,9 @@ ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT, FRAGMENTATION_SUPPORTED, MS_
        "ERX_SUP",
        "IFOM_CAP",
        "SENDER_REQ_ID",
-       "FRAG_SUP");
-ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, FRAGMENTATION_SUPPORTED,
+       "FRAG_SUP",
+       "HASH_ALG");
+ENUM_NEXT(notify_type_short_names, INITIAL_CONTACT_IKEV1, INITIAL_CONTACT_IKEV1, SIGNATURE_HASH_ALGORITHMS,
        "INITIAL_CONTACT");
 ENUM_NEXT(notify_type_short_names, DPD_R_U_THERE, DPD_R_U_THERE_ACK, INITIAL_CONTACT_IKEV1,
        "DPD",
@@ -473,6 +475,14 @@ METHOD(payload_t, verify, status_t,
                        }
                        break;
                }
+               case SIGNATURE_HASH_ALGORITHMS:
+               {
+                       if (this->notify_data.len % 2)
+                       {
+                               bad_length = TRUE;
+                       }
+                       break;
+               }
                case AUTH_LIFETIME:
                {
                        if (this->notify_data.len != 4)
index 25521c2..6907573 100644 (file)
@@ -151,6 +151,8 @@ enum notify_type_t {
        SENDER_REQUEST_ID = 16429,
        /* IKEv2 fragmentation supported, RFC 7383 */
        FRAGMENTATION_SUPPORTED = 16430,
+       /* Signature Hash Algorithms, RFC 7427 */
+       SIGNATURE_HASH_ALGORITHMS = 16431,
        /* IKEv1 initial contact */
        INITIAL_CONTACT_IKEV1 = 24578,
        /* IKEv1 DPD */