* senders SPI
*/
u_int64_t spi;
+
+ /**
+ * Proposal number
+ */
+ u_int number;
};
/**
return NULL;
}
- selected = proposal_create(this->protocol);
+ selected = proposal_create(this->protocol, other->number);
/* select encryption algorithm */
if (select_algo(this->encryption_algos, other->encryption_algos, private,
return equals;
}
+METHOD(proposal_t, get_number, u_int,
+ private_proposal_t *this)
+{
+ return this->number;
+}
+
METHOD(proposal_t, equals, bool,
private_proposal_t *this, proposal_t *other_pub)
{
METHOD(proposal_t, clone_, proposal_t*,
private_proposal_t *this)
{
- private_proposal_t *clone = (private_proposal_t*)proposal_create(this->protocol);
+ private_proposal_t *clone;
+ clone = (private_proposal_t*)proposal_create(this->protocol, 0);
clone_algo_list(this->encryption_algos, clone->encryption_algos);
clone_algo_list(this->integrity_algos, clone->integrity_algos);
clone_algo_list(this->prf_algos, clone->prf_algos);
clone_algo_list(this->esns, clone->esns);
clone->spi = this->spi;
+ clone->number = this->number;
return &clone->public;
}
/*
* Describtion in header-file
*/
-proposal_t *proposal_create(protocol_id_t protocol)
+proposal_t *proposal_create(protocol_id_t protocol, u_int number)
{
private_proposal_t *this;
.get_protocol = _get_protocol,
.set_spi = _set_spi,
.get_spi = _get_spi,
+ .get_number = _get_number,
.equals = _equals,
.clone = _clone_,
.destroy = _destroy,
},
.protocol = protocol,
+ .number = number,
.encryption_algos = linked_list_create(),
.integrity_algos = linked_list_create(),
.prf_algos = linked_list_create(),
*/
proposal_t *proposal_create_default(protocol_id_t protocol)
{
- private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
+ private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0);
switch (protocol)
{
*/
proposal_t *proposal_create_from_string(protocol_id_t protocol, const char *algs)
{
- private_proposal_t *this = (private_proposal_t*)proposal_create(protocol);
+ private_proposal_t *this = (private_proposal_t*)proposal_create(protocol, 0);
chunk_t string = {(void*)algs, strlen(algs)};
chunk_t alg;
status_t status = SUCCESS;
void (*set_spi) (proposal_t *this, u_int64_t spi);
/**
+ * Get the proposal number, as encoded in SA payload
+ *
+ * @return proposal number
+ */
+ u_int (*get_number)(proposal_t *this);
+
+ /**
* Check for the eqality of two proposals.
*
* @param other other proposal to check for equality
* Create a child proposal for AH, ESP or IKE.
*
* @param protocol protocol, such as PROTO_ESP
+ * @param number proposal number, as encoded in SA payload
* @return proposal_t object
*/
-proposal_t *proposal_create(protocol_id_t protocol);
+proposal_t *proposal_create(protocol_id_t protocol, u_int number);
/**
* Create a default proposal if nothing further specified.
last->set_is_last_proposal(last, FALSE);
}
substruct->set_is_last_proposal(substruct, TRUE);
- substruct->set_proposal_number(substruct, count + 1);
- this->proposals->insert_last(this->proposals, proposal);
+ if (proposal->get_number(proposal))
+ { /* use the selected proposals number, if any */
+ substruct->set_proposal_number(substruct, proposal->get_number(proposal));
+ }
+ else
+ {
+ substruct->set_proposal_number(substruct, count + 1);
+ }
+ this->proposals->insert_last(this->proposals, substruct);
compute_length(this);
}
diffie_hellman_t dh = { .get_shared_secret = get_shared_secret,
.destroy = (void*)&secret };
- proposal = proposal_create(PROTO_IKE);
+ proposal = proposal_create(PROTO_IKE, 0);
keymat = ike_sa->get_keymat(ike_sa);
if (integ)
{
child_sa->set_protocol(child_sa, PROTO_ESP);
child_sa->set_ipcomp(child_sa, ipcomp);
- proposal = proposal_create(PROTO_ESP);
+ proposal = proposal_create(PROTO_ESP, 0);
if (integ)
{
proposal->add_algorithm(proposal, INTEGRITY_ALGORITHM, integ, 0);