X-Git-Url: https://git.saurik.com/apple/ipsec.git/blobdiff_plain/52b7d2ce06d68d0a9160d16f6e7c08c21c149d0d..7685aad60c1b188a3f84904e9b609a7438e833c9:/ipsec-tools/racoon/isakmp.h diff --git a/ipsec-tools/racoon/isakmp.h b/ipsec-tools/racoon/isakmp.h index 06ee511..b66bf06 100644 --- a/ipsec-tools/racoon/isakmp.h +++ b/ipsec-tools/racoon/isakmp.h @@ -32,6 +32,11 @@ #ifndef _ISAKMP_H #define _ISAKMP_H +#include +#include "racoon_types.h" +#include "vmbuf.h" +#include "isakmp_var.h" + /* refer to RFC 2408 */ /* must include first. */ @@ -120,9 +125,11 @@ struct isakmp { */ #define ISAKMP_NPTYPE_GSS 129 /* GSS token */ -#define ISAKMP_MAJOR_VERSION 1 +#define ISAKMP_MAJOR_VERSION_IKEV1 1 +#define ISAKMP_MAJOR_VERSION_IKEV2 2 #define ISAKMP_MINOR_VERSION 0 -#define ISAKMP_VERSION_NUMBER 0x10 +#define ISAKMP_VERSION_NUMBER_IKEV1 0x10 +#define ISAKMP_VERSION_NUMBER_IKEV2 0x20 #define ISAKMP_GETMAJORV(v) (((v) & 0xf0) >> 4) #define ISAKMP_SETMAJORV(v, m) ((v) = ((v) & 0x0f) | (((m) << 4) & 0xf0)) #define ISAKMP_GETMINORV(v) ((v) & 0x0f) @@ -348,6 +355,8 @@ struct isakmp_pl_n { #define ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE 28 #define ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE 29 #define ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS 30 +#define ISAKMP_NTYPE_MINERROR 1 +#define ISAKMP_NTYPE_MAXERROR 16383 /* NOTIFY MESSAGES - STATUS TYPES */ #define ISAKMP_NTYPE_CONNECTED 16384 /* 4.6.3 IPSEC DOI Notify Message Types */ @@ -362,6 +371,7 @@ struct isakmp_pl_n { #define ISAKMP_NTYPE_LOAD_BALANCE 40501 #define ISAKMP_NTYPE_HEARTBEAT 40503 + /* using only to log */ #define ISAKMP_LOG_RETRY_LIMIT_REACHED 65530 @@ -387,12 +397,16 @@ struct isakmp_pl_natoa { /* IP address */ } __attribute__((__packed__)); -struct payload_list { +typedef struct payload_list { struct payload_list *next, *prev; vchar_t *payload; int payload_type; -}; +} payload_list_t; +typedef struct payload_list_head { + int num_payloads; + payload_list_t *payloads; +} payload_list_head_t; /* See draft-ietf-ipsec-isakmp-mode-cfg-04.txt, 3.2 */ struct isakmp_pl_attr { @@ -410,9 +424,9 @@ struct isakmp_pl_attr { /* IKE fragmentation payload */ struct isakmp_frag { - u_int16_t unknown0; /* always set to zero? */ + u_int16_t unknown0; /* Next Payload (1st u_int8_t) and RESERVED (2nd u_int8_t), both must set to 0 */ u_int16_t len; - u_int16_t unknown1; /* always set to 1? */ + u_int16_t unknown1; /* fragid */ u_int8_t index; u_int8_t flags; } __attribute__((__packed__)); @@ -444,4 +458,18 @@ struct isakmp_pl_lb { u_int32_t address; /* redirect address */ } __attribute__((__packed__)); +/* Responder-Lifetime Notification */ +struct isakmp_pl_resp_lifetime { + struct isakmp_gen h; + u_int32_t doi; /* Domain of Interpretation */ + u_int8_t proto_id; /* Protocol-Id */ + u_int8_t spi_size; /* SPI Size */ + u_int16_t type; /* Notify type */ + /* spi follows next */ + /* data follows next */ +} __attribute__((__packed__)); + +extern u_char i_ck0[]; +extern u_char r_ck0[]; + #endif /* _ISAKMP_H */