Added IKEv1 support to delete payload
authorMartin Willi <martin@revosec.ch>
Thu, 17 Nov 2011 17:14:51 +0000 (18:14 +0100)
committerMartin Willi <martin@revosec.ch>
Tue, 20 Mar 2012 16:30:43 +0000 (17:30 +0100)
src/libcharon/encoding/payloads/delete_payload.c
src/libcharon/encoding/payloads/delete_payload.h
src/libcharon/encoding/payloads/payload.c
src/libcharon/sa/tasks/child_delete.c
src/libcharon/sa/tasks/ike_delete.c

index 425bde0..7cf14cd 100644 (file)
@@ -24,9 +24,9 @@ typedef struct private_delete_payload_t private_delete_payload_t;
 
 /**
  * Private data of an delete_payload_t object.
- *
  */
 struct private_delete_payload_t {
+
        /**
         * Public delete_payload_t interface.
         */
@@ -45,7 +45,7 @@ struct private_delete_payload_t {
        /**
         * reserved bits
         */
-       bool reserved[7];
+       bool reserved[8];
 
        /**
         * Length of this payload.
@@ -53,6 +53,11 @@ struct private_delete_payload_t {
        u_int16_t payload_length;
 
        /**
+        * IKEv1 Domain of Interpretation
+        */
+       u_int32_t doi;
+
+       /**
         * Protocol ID.
         */
        u_int8_t protocol_id;
@@ -71,15 +76,17 @@ struct private_delete_payload_t {
         * The contained SPI's.
         */
        chunk_t spis;
+
+       /**
+        * Payload type, DELETE or DELETE_V1
+        */
+       payload_type_t type;
 };
 
 /**
- * Encoding rules to parse or generate a DELETE payload
- *
- * The defined offsets are the positions in a object of type
- * private_delete_payload_t.
+ * Encoding rules for an IKEv2 delete payload.
  */
-static encoding_rule_t encodings[] = {
+static encoding_rule_t encodings_v2[] = {
        /* 1 Byte next payload type, stored in the field next_payload */
        { U_INT_8,                      offsetof(private_delete_payload_t, next_payload)        },
        /* the critical bit */
@@ -98,7 +105,47 @@ static encoding_rule_t encodings[] = {
        { U_INT_8,                      offsetof(private_delete_payload_t, spi_size)            },
        { U_INT_16,                     offsetof(private_delete_payload_t, spi_count)           },
        /* some delete data bytes, length is defined in PAYLOAD_LENGTH */
-       { CHUNK_DATA,           offsetof(private_delete_payload_t, spis)                        }
+       { CHUNK_DATA,           offsetof(private_delete_payload_t, spis)                        },
+};
+
+/*
+                           1                   2                   3
+       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ! Next Payload  !C!  RESERVED   !         Payload Length        !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      ! Protocol ID   !   SPI Size    !           # of SPIs           !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                                                               !
+      ~               Security Parameter Index(es) (SPI)              ~
+      !                                                               !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+*/
+
+/**
+ * Encoding rules for an IKEv1 delete payload.
+ */
+static encoding_rule_t encodings_v1[] = {
+       /* 1 Byte next payload type, stored in the field next_payload */
+       { U_INT_8,                      offsetof(private_delete_payload_t, next_payload)        },
+       /* 8 Bit reserved bits */
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[0])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[1])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[2])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[3])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[4])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[5])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[6])         },
+       { RESERVED_BIT,         offsetof(private_delete_payload_t, reserved[7])         },
+       /* Length of the whole payload*/
+       { PAYLOAD_LENGTH,       offsetof(private_delete_payload_t, payload_length)      },
+       /* Domain of interpretation */
+       { U_INT_32,                     offsetof(private_delete_payload_t, doi)                         },
+       { U_INT_8,                      offsetof(private_delete_payload_t, protocol_id)         },
+       { U_INT_8,                      offsetof(private_delete_payload_t, spi_size)            },
+       { U_INT_16,                     offsetof(private_delete_payload_t, spi_count)           },
+       /* some delete data bytes, length is defined in PAYLOAD_LENGTH */
+       { CHUNK_DATA,           offsetof(private_delete_payload_t, spis)                        },
 };
 
 /*
@@ -107,6 +154,8 @@ static encoding_rule_t encodings[] = {
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
       ! Next Payload  !C!  RESERVED   !         Payload Length        !
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
+      !                          DOI                                  !
+      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
       ! Protocol ID   !   SPI Size    !           # of SPIs           !
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
       !                                                               !
@@ -148,20 +197,29 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
        private_delete_payload_t *this, encoding_rule_t **rules)
 {
-       *rules = encodings;
-       return countof(encodings);
+       if (this->type == DELETE)
+       {
+               *rules = encodings_v2;
+               return countof(encodings_v2);
+       }
+       *rules = encodings_v1;
+       return countof(encodings_v1);
 }
 
 METHOD(payload_t, get_header_length, int,
        private_delete_payload_t *this)
 {
-       return 8;
+       if (this->type == DELETE)
+       {
+               return 8;
+       }
+       return 12;
 }
 
 METHOD(payload_t, get_payload_type, payload_type_t,
        private_delete_payload_t *this)
 {
-       return DELETE;
+       return this->type;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -255,7 +313,8 @@ METHOD2(payload_t, delete_payload_t, destroy, void,
 /*
  * Described in header
  */
-delete_payload_t *delete_payload_create(protocol_id_t protocol_id)
+delete_payload_t *delete_payload_create(payload_type_t type,
+                                                                               protocol_id_t protocol_id)
 {
        private_delete_payload_t *this;
 
@@ -278,8 +337,10 @@ delete_payload_t *delete_payload_create(protocol_id_t protocol_id)
                },
                .next_payload = NO_PAYLOAD,
                .payload_length = get_header_length(this),
+               .doi = IKEV1_DOI_IPSEC,
                .protocol_id = protocol_id,
                .spi_size = protocol_id == PROTO_AH || protocol_id == PROTO_ESP ? 4 : 0,
+               .type = type,
        );
        return &this->public;
 }
index ebafe04..0ee0d4f 100644 (file)
@@ -29,9 +29,7 @@ typedef struct delete_payload_t delete_payload_t;
 #include <encoding/payloads/proposal_substructure.h>
 
 /**
- * Class representing an IKEv2 DELETE payload.
- *
- * The DELETE payload format is described in RFC section 3.11.
+ * Class representing an IKEv1 or a IKEv2 DELETE payload.
  */
 struct delete_payload_t {
 
@@ -70,9 +68,11 @@ struct delete_payload_t {
 /**
  * Creates an empty delete_payload_t object.
  *
+ * @param type                 DELETE or DELETE_V1
  * @param protocol_id  protocol, such as AH|ESP
  * @return                             delete_payload_t object
  */
-delete_payload_t *delete_payload_create(protocol_id_t protocol_id);
+delete_payload_t *delete_payload_create(payload_type_t type,
+                                                                               protocol_id_t protocol_id);
 
 #endif /** DELETE_PAYLOAD_H_ @}*/
index 95f1601..9dc2677 100644 (file)
@@ -208,7 +208,8 @@ payload_t *payload_create(payload_type_t type)
                case NOTIFY_V1:
                        return (payload_t*)notify_payload_create(type);
                case DELETE:
-                       return (payload_t*)delete_payload_create(0);
+               case DELETE_V1:
+                       return (payload_t*)delete_payload_create(type, 0);
                case VENDOR_ID:
                case VENDOR_ID_V1:
                        return (payload_t*)vendor_id_payload_create(type);
index dc4b30d..e730746 100644 (file)
@@ -87,7 +87,7 @@ static void build_payloads(private_child_delete_t *this, message_t *message)
                        case PROTO_ESP:
                                if (esp == NULL)
                                {
-                                       esp = delete_payload_create(PROTO_ESP);
+                                       esp = delete_payload_create(DELETE, PROTO_ESP);
                                        message->add_payload(message, (payload_t*)esp);
                                }
                                esp->add_spi(esp, spi);
@@ -97,7 +97,7 @@ static void build_payloads(private_child_delete_t *this, message_t *message)
                        case PROTO_AH:
                                if (ah == NULL)
                                {
-                                       ah = delete_payload_create(PROTO_AH);
+                                       ah = delete_payload_create(DELETE, PROTO_AH);
                                        message->add_payload(message, (payload_t*)ah);
                                }
                                ah->add_spi(ah, spi);
index 8f253ce..fc24a6e 100644 (file)
@@ -65,7 +65,7 @@ METHOD(task_t, build_i, status_t,
                 this->ike_sa->get_other_host(this->ike_sa),
                 this->ike_sa->get_other_id(this->ike_sa));
 
-       delete_payload = delete_payload_create(PROTO_IKE);
+       delete_payload = delete_payload_create(DELETE, PROTO_IKE);
        message->add_payload(message, (payload_t*)delete_payload);
 
        if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING)