36 }) ike_notify_payload_header_t;
48 }) ikev2_ip6_addr_pair_t;
68 }) ike_ts_payload_header_t;
92 }) ike_sa_transform_data_t;
107 static ike_payload_header_t *
110 ike_payload_header_t *hdr =
115 hdr->nextpayload = payload_type;
121 hdr = (ike_payload_header_t *) tmp;
124 hdr->length = clib_host_to_net_u16 (len);
133 ike_payload_header_t *hdr;
137 len = clib_net_to_host_u16 (hdr->length);
138 hdr->length = clib_host_to_net_u16 (len +
vec_len (data));
151 ike_notify_payload_header_t *n;
157 n->msg_type = clib_host_to_net_u16 (msg_type);
173 ike_payload_header_t *
ph;
175 ike_sa_transform_data_t *tr;
190 prop->last_or_more = proposals - p + 1 <
vec_len (proposals) ? 2 : 0;
193 prop->spi_size = spi_size;
197 prop->spi[0] = clib_host_to_net_u32 (p->
spi);
202 tr = (ike_sa_transform_data_t *) tmp;
205 tr->transform_type = t->
type;
206 tr->transform_id = clib_host_to_net_u16 (t->
transform_id);
208 clib_host_to_net_u16 (
sizeof (*tr) +
vec_len (t->
attrs));
226 ike_ke_payload_header_t *ke;
230 ke->dh_group = clib_host_to_net_u16 (dh_group);
238 sizeof (ike_payload_header_t));
245 ike_id_payload_header_t *idp;
250 idp->id_type =
id->type;
273 dp->num_of_spi = clib_host_to_net_u16 (num_of_spi);
277 u32 spi = clib_host_to_net_u32 (d2->
spi);
288 ike_auth_payload_header_t *ap;
294 ap->auth_method = auth->
method;
303 int len =
sizeof (*entry);
308 len +=
sizeof (ikev2_ip6_addr_pair_t);
314 entry->selector_len = clib_host_to_net_u16 (len);
315 entry->start_port = clib_host_to_net_u16 (ts->
start_port);
316 entry->end_port = clib_host_to_net_u16 (ts->
end_port);
326 ikev2_ip6_addr_pair_t *pair = (ikev2_ip6_addr_pair_t*) entry->addr_pair;
335 ike_ts_payload_header_t *tsh;
358 u8 *tmp __attribute__ ((unused));
371 u32 plen = clib_net_to_host_u16 (ikep->length);
373 int proposal_ptr = 0;
375 if (
sizeof (*ikep) > rlen)
378 rlen -=
sizeof (*ikep);
381 if (proposal_ptr +
sizeof (*sap) > rlen)
385 int i, transform_ptr;
395 transform_ptr = proposal_ptr +
sizeof (*sap) + sap->spi_size;
396 if (transform_ptr > rlen)
403 if (sap->spi_size == 4)
405 proposal->
spi = clib_net_to_host_u32 (sap->spi[0]);
408 for (i = 0; i < sap->num_transforms; i++)
410 ike_sa_transform_data_t *tr =
411 (ike_sa_transform_data_t *) & ikep->payload[transform_ptr];
412 if (transform_ptr +
sizeof (*tr) > rlen)
414 u16 tlen = clib_net_to_host_u16 (tr->transform_len);
416 if (tlen <
sizeof (*tr))
421 transform->
type = tr->transform_type;
422 transform->
transform_id = clib_net_to_host_u16 (tr->transform_id);
423 if (transform_ptr + tlen > rlen)
425 if (tlen >
sizeof (*tr))
426 vec_add (transform->
attrs, tr->attributes, tlen - sizeof (*tr));
427 transform_ptr += tlen;
430 proposal_ptr += clib_net_to_host_u16 (sap->proposal_len);
432 while (proposal_ptr < (plen -
sizeof (*ikep)) && sap->last_or_more == 2);
435 if (proposal_ptr != (plen -
sizeof (*ikep)) || sap->last_or_more)
449 ike_ts_payload_header_t *tsp = (ike_ts_payload_header_t *) ikep;
452 ikev2_ip6_addr_pair_t *pair6;
456 if (
sizeof (*tsp) > rlen)
459 rlen -=
sizeof (*tsp);
460 n_left = tsp->num_ts;
462 while (n_left && p +
sizeof (*pe) < rlen)
471 "unsupported TS type received (%u)", pe->ts_type);
476 ts->ts_type = pe->ts_type;
477 ts->protocol_id = pe->protocol_id;
478 ts->start_port = pe->start_port;
479 ts->end_port = pe->end_port;
486 p +=
sizeof (*pair4);
490 pair6 = (ikev2_ip6_addr_pair_t*) pe->addr_pair;
493 p +=
sizeof (*pair6);
507 ike_notify_payload_header_t *n = (ike_notify_payload_header_t *) ikep;
508 u32 plen = clib_net_to_host_u16 (n->length);
512 if (
sizeof (*n) > rlen)
516 r->
msg_type = clib_net_to_host_u16 (n->msg_type);
519 if (n->spi_size == 4)
521 if (
sizeof (spi) +
sizeof (*n) > rlen)
525 r->
spi = clib_net_to_host_u32 (spi);
527 else if (n->spi_size == 0)
537 if (plen > (
sizeof (*n) + n->spi_size))
539 if (plen <=
sizeof (*n) + n->spi_size)
543 vec_add (r->
data, n->payload + n->spi_size, data_len);
555 u32 plen = clib_net_to_host_u16 (ikep->length);
556 ikev2_elog_uint (IKEV2_LOG_DEBUG,
"vendor payload skipped, len %d", plen);
566 if (rlen <
sizeof (*d))
569 num_of_spi = clib_net_to_host_u16 (d->num_of_spi);
577 if (
sizeof (*d) + num_of_spi *
sizeof (
u32) > rlen)
580 for (i = 0; i < num_of_spi; i++)
583 del->protocol_id = d->protocol_id;
584 del->spi = clib_net_to_host_u32 (d->spi[i]);
595 ike_notify_payload_header_t *n;
596 ike_payload_header_t *ikep;
597 u32 payload = ike->nextpayload;
601 ikep = (ike_payload_header_t *) & ike->payload[p];
604 n = (ike_notify_payload_header_t *)ikep;
605 if (n->msg_type == clib_net_to_host_u16 (msg_type))
608 u16 plen = clib_net_to_host_u16 (ikep->length);
609 payload = ikep->nextpayload;
vl_api_address_t end_addr
void ikev2_payload_add_nonce(ikev2_payload_chain_t *c, u8 *nonce)
#define IKEV2_PAYLOAD_NONCE
void ikev2_payload_add_notify(ikev2_payload_chain_t *c, u16 msg_type, u8 *data)
vl_api_wireguard_peer_flags_t flags
void ip_address_set(ip_address_t *dst, const void *src, u8 version)
void ikev2_payload_add_sa(ikev2_payload_chain_t *c, ikev2_sa_proposal_t *proposals)
ikev2_traffic_selector_type_t ts_type
#define IKEV2_PAYLOAD_NONE
vl_api_address_t start_addr
#define clib_memcpy_fast(a, b, c)
clib_memset(h->entries, 0, sizeof(h->entries[0]) *entries)
#define vec_add2(V, P, N)
Add N elements to end of vector V, return pointer to new elements in P.
void ikev2_payload_add_ke(ikev2_payload_chain_t *c, u16 dh_group, u8 *dh_data)
#define clib_memcpy(d, s, n)
#define vec_add(V, E, N)
Add N elements to end of vector V (no header, unspecified alignment)
#define IKEV2_PAYLOAD_DELETE
#define vec_new(T, N)
Create new vector of given type and length (unspecified alignment, no header).
void ikev2_parse_vendor_payload(ike_payload_header_t *ikep)
void ikev2_payload_add_id(ikev2_payload_chain_t *c, ikev2_id_t *id, u8 type)
#define IKEV2_PAYLOAD_NOTIFY
#define ikev2_elog_detail(_msg)
ikev2_sa_transform_t * transforms
pool_header_t * ph(void *p)
GDB callable function: ph - call pool_header - get pool header.
void ip_address_copy_addr(void *dst, const ip_address_t *src)
vl_api_fib_path_type_t type
static void cleanup(void)
static void ikev2_payload_add_ts_entry(u8 **data, ikev2_ts_t *ts)
typedef CLIB_PACKED(struct { u8 nextpayload;u8 flags;u16 length;u8 protocol_id;u8 spi_size;u16 msg_type;u8 payload[0];})
void ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t *d)
#define ikev2_elog_uint(_level, _format, _val)
ikev2_auth_method_t method
sll srl srl sll sra u16x4 i
ikev2_sa_proposal_t * ikev2_parse_sa_payload(ike_payload_header_t *ikep, u32 rlen)
#define vec_free(V)
Free vector's memory (no header).
#define clib_warning(format, args...)
static ike_payload_header_t * ikev2_payload_add_hdr(ikev2_payload_chain_t *c, u8 payload_type, int len)
void ikev2_payload_add_auth(ikev2_payload_chain_t *c, ikev2_auth_t *auth)
ikev2_protocol_id_t protocol_id
ikev2_notify_t * ikev2_parse_notify_payload(ike_payload_header_t *ikep, u32 rlen)
ike_delete_payload_header_t
void ikev2_sa_free_proposal_vector(ikev2_sa_proposal_t **v)
#define IKEV2_PAYLOAD_AUTH
#define vec_append(v1, v2)
Append v2 after v1.
uword pe(void *v)
GDB callable function: pe - call pool_elts - number of elements in a pool.
static void ikev2_payload_add_data(ikev2_payload_chain_t *c, u8 *data)
ikev2_delete_t * ikev2_parse_delete_payload(ike_payload_header_t *ikep, u32 rlen)
#define vec_len(v)
Number of elements in vector (rvalue-only, NULL tolerant)
void ikev2_payload_chain_add_padding(ikev2_payload_chain_t *c, int bs)
ikev2_ts_t * ikev2_parse_ts_payload(ike_payload_header_t *ikep, u32 rlen)
#define vec_foreach(var, vec)
Vector iterator.
void ikev2_payload_add_ts(ikev2_payload_chain_t *c, ikev2_ts_t *ts, u8 type)
u8 * ikev2_find_ike_notify_payload(ike_header_t *ike, u32 msg_type)
void ikev2_payload_add_notify_2(ikev2_payload_chain_t *c, u16 msg_type, u8 *data, ikev2_notify_t *notify)