Annotation of embedaddon/strongswan/src/libcharon/encoding/payloads/sa_payload.c, revision 1.1
1.1 ! misho 1: /*
! 2: * Copyright (C) 2012-2020 Tobias Brunner
! 3: * Copyright (C) 2005-2010 Martin Willi
! 4: * Copyright (C) 2005 Jan Hutter
! 5: * HSR Hochschule fuer Technik Rapperswil
! 6: *
! 7: * This program is free software; you can redistribute it and/or modify it
! 8: * under the terms of the GNU General Public License as published by the
! 9: * Free Software Foundation; either version 2 of the License, or (at your
! 10: * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
! 11: *
! 12: * This program is distributed in the hope that it will be useful, but
! 13: * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
! 14: * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
! 15: * for more details.
! 16: */
! 17:
! 18: #include <stddef.h>
! 19:
! 20: #include "sa_payload.h"
! 21:
! 22: #include <encoding/payloads/encodings.h>
! 23: #include <collections/linked_list.h>
! 24: #include <daemon.h>
! 25:
! 26: /* IKEv1 situation */
! 27: #define SIT_IDENTITY_ONLY 1
! 28:
! 29: typedef struct private_sa_payload_t private_sa_payload_t;
! 30:
! 31: /**
! 32: * Private data of an sa_payload_t object.
! 33: */
! 34: struct private_sa_payload_t {
! 35:
! 36: /**
! 37: * Public sa_payload_t interface.
! 38: */
! 39: sa_payload_t public;
! 40:
! 41: /**
! 42: * Next payload type.
! 43: */
! 44: uint8_t next_payload;
! 45:
! 46: /**
! 47: * Critical flag.
! 48: */
! 49: bool critical;
! 50:
! 51: /**
! 52: * Reserved bits
! 53: */
! 54: bool reserved[8];
! 55:
! 56: /**
! 57: * Length of this payload.
! 58: */
! 59: uint16_t payload_length;
! 60:
! 61: /**
! 62: * Proposals in this payload are stored in a linked_list_t.
! 63: */
! 64: linked_list_t *proposals;
! 65:
! 66: /**
! 67: * Type of this payload, V1 or V2
! 68: */
! 69: payload_type_t type;
! 70:
! 71: /**
! 72: * IKEv1 DOI
! 73: */
! 74: uint32_t doi;
! 75:
! 76: /**
! 77: * IKEv1 situation
! 78: */
! 79: uint32_t situation;
! 80: };
! 81:
! 82: /**
! 83: * Encoding rules for IKEv1 SA payload
! 84: */
! 85: static encoding_rule_t encodings_v1[] = {
! 86: /* 1 Byte next payload type, stored in the field next_payload */
! 87: { U_INT_8, offsetof(private_sa_payload_t, next_payload) },
! 88: /* 8 reserved bits */
! 89: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[0]) },
! 90: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[1]) },
! 91: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[2]) },
! 92: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[3]) },
! 93: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[4]) },
! 94: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[5]) },
! 95: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[6]) },
! 96: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[7]) },
! 97: /* Length of the whole SA payload*/
! 98: { PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) },
! 99: /* DOI*/
! 100: { U_INT_32, offsetof(private_sa_payload_t, doi) },
! 101: /* Situation*/
! 102: { U_INT_32, offsetof(private_sa_payload_t, situation) },
! 103: /* Proposals are stored in a proposal substructure list */
! 104: { PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE,
! 105: offsetof(private_sa_payload_t, proposals) },
! 106: };
! 107:
! 108: /*
! 109: 1 2 3
! 110: 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
! 111: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 112: ! Next Payload ! RESERVED ! Payload Length !
! 113: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 114: ! DOI !
! 115: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 116: ! Situation !
! 117: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 118: ! !
! 119: ~ <Proposals> ~
! 120: ! !
! 121: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 122: */
! 123:
! 124: /**
! 125: * Encoding rules for IKEv2 SA payload
! 126: */
! 127: static encoding_rule_t encodings_v2[] = {
! 128: /* 1 Byte next payload type, stored in the field next_payload */
! 129: { U_INT_8, offsetof(private_sa_payload_t, next_payload) },
! 130: /* the critical bit */
! 131: { FLAG, offsetof(private_sa_payload_t, critical) },
! 132: /* 7 Bit reserved bits */
! 133: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[0]) },
! 134: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[1]) },
! 135: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[2]) },
! 136: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[3]) },
! 137: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[4]) },
! 138: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[5]) },
! 139: { RESERVED_BIT, offsetof(private_sa_payload_t, reserved[6]) },
! 140: /* Length of the whole SA payload*/
! 141: { PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) },
! 142: /* Proposals are stored in a proposal substructure list */
! 143: { PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE,
! 144: offsetof(private_sa_payload_t, proposals) },
! 145: };
! 146:
! 147: /*
! 148: 1 2 3
! 149: 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
! 150: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 151: ! Next Payload !C! RESERVED ! Payload Length !
! 152: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 153: ! !
! 154: ~ <Proposals> ~
! 155: ! !
! 156: +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
! 157: */
! 158:
! 159: METHOD(payload_t, verify, status_t,
! 160: private_sa_payload_t *this)
! 161: {
! 162: int expected_number = 0, current_number;
! 163: status_t status = SUCCESS;
! 164: enumerator_t *enumerator;
! 165: proposal_substructure_t *substruct;
! 166:
! 167: if (this->type == PLV2_SECURITY_ASSOCIATION)
! 168: {
! 169: expected_number = 1;
! 170: }
! 171:
! 172: /* check proposal numbering */
! 173: enumerator = this->proposals->create_enumerator(this->proposals);
! 174: while (enumerator->enumerate(enumerator, (void**)&substruct))
! 175: {
! 176: current_number = substruct->get_proposal_number(substruct);
! 177: if (current_number < expected_number)
! 178: {
! 179: DBG1(DBG_ENC, "proposal number smaller than previous");
! 180: status = FAILED;
! 181: break;
! 182: }
! 183:
! 184: status = substruct->payload_interface.verify(&substruct->payload_interface);
! 185: if (status != SUCCESS)
! 186: {
! 187: DBG1(DBG_ENC, "PROPOSAL_SUBSTRUCTURE verification failed");
! 188: break;
! 189: }
! 190: expected_number = current_number;
! 191: }
! 192: enumerator->destroy(enumerator);
! 193: return status;
! 194: }
! 195:
! 196: METHOD(payload_t, get_encoding_rules, int,
! 197: private_sa_payload_t *this, encoding_rule_t **rules)
! 198: {
! 199: if (this->type == PLV1_SECURITY_ASSOCIATION)
! 200: {
! 201: *rules = encodings_v1;
! 202: return countof(encodings_v1);
! 203: }
! 204: *rules = encodings_v2;
! 205: return countof(encodings_v2);
! 206: }
! 207:
! 208: METHOD(payload_t, get_header_length, int,
! 209: private_sa_payload_t *this)
! 210: {
! 211: if (this->type == PLV1_SECURITY_ASSOCIATION)
! 212: {
! 213: return 12;
! 214: }
! 215: return 4;
! 216: }
! 217:
! 218: METHOD(payload_t, get_type, payload_type_t,
! 219: private_sa_payload_t *this)
! 220: {
! 221: return this->type;
! 222: }
! 223:
! 224: METHOD(payload_t, get_next_type, payload_type_t,
! 225: private_sa_payload_t *this)
! 226: {
! 227: return this->next_payload;
! 228: }
! 229:
! 230: METHOD(payload_t, set_next_type, void,
! 231: private_sa_payload_t *this,payload_type_t type)
! 232: {
! 233: this->next_payload = type;
! 234: }
! 235:
! 236: /**
! 237: * recompute length of the payload.
! 238: */
! 239: static void compute_length(private_sa_payload_t *this)
! 240: {
! 241: enumerator_t *enumerator;
! 242: payload_t *current;
! 243:
! 244: this->payload_length = get_header_length(this);
! 245:
! 246: enumerator = this->proposals->create_enumerator(this->proposals);
! 247: while (enumerator->enumerate(enumerator, (void **)¤t))
! 248: {
! 249: this->payload_length += current->get_length(current);
! 250: }
! 251: enumerator->destroy(enumerator);
! 252: }
! 253:
! 254: METHOD(payload_t, get_length, size_t,
! 255: private_sa_payload_t *this)
! 256: {
! 257: return this->payload_length;
! 258: }
! 259:
! 260: /**
! 261: * Create a transform substructure from a proposal, add to payload
! 262: */
! 263: static void add_proposal_v2(private_sa_payload_t *this, proposal_t *proposal)
! 264: {
! 265: proposal_substructure_t *substruct, *last;
! 266: u_int count;
! 267:
! 268: substruct = proposal_substructure_create_from_proposal_v2(proposal);
! 269: count = this->proposals->get_count(this->proposals);
! 270: if (count > 0)
! 271: {
! 272: this->proposals->get_last(this->proposals, (void**)&last);
! 273: /* last transform is now not anymore last one */
! 274: last->set_is_last_proposal(last, FALSE);
! 275: }
! 276: substruct->set_is_last_proposal(substruct, TRUE);
! 277: if (proposal->get_number(proposal))
! 278: { /* use the selected proposals number, if any */
! 279: substruct->set_proposal_number(substruct, proposal->get_number(proposal));
! 280: }
! 281: else
! 282: {
! 283: substruct->set_proposal_number(substruct, count + 1);
! 284: }
! 285: this->proposals->insert_last(this->proposals, substruct);
! 286: compute_length(this);
! 287: }
! 288:
! 289: METHOD(sa_payload_t, get_proposals, linked_list_t*,
! 290: private_sa_payload_t *this)
! 291: {
! 292: int struct_number = 0;
! 293: int ignore_struct_number = 0;
! 294: enumerator_t *enumerator;
! 295: proposal_substructure_t *substruct;
! 296: linked_list_t *substructs, *list;
! 297:
! 298: if (this->type == PLV1_SECURITY_ASSOCIATION)
! 299: { /* IKEv1 proposals may start with 0 or 1 (or any other number really) */
! 300: struct_number = ignore_struct_number = -1;
! 301: }
! 302:
! 303: /* we do not support proposals split up to two proposal substructures, as
! 304: * AH+ESP bundles are not supported in RFC4301 anymore.
! 305: * To handle such structures safely, we just skip proposals with multiple
! 306: * protocols.
! 307: */
! 308: substructs = linked_list_create();
! 309: enumerator = this->proposals->create_enumerator(this->proposals);
! 310: while (enumerator->enumerate(enumerator, &substruct))
! 311: {
! 312: int current_number = substruct->get_proposal_number(substruct);
! 313:
! 314: /* check if a proposal has a single protocol */
! 315: if (current_number == struct_number)
! 316: {
! 317: if (ignore_struct_number < struct_number)
! 318: { /* remove an already added substruct, if first of series */
! 319: substructs->remove_last(substructs, (void**)&substruct);
! 320: ignore_struct_number = struct_number;
! 321: }
! 322: continue;
! 323: }
! 324: /* for IKEv1 the numbers don't have to be consecutive, for IKEv2 they do
! 325: * but since we don't really care for the actual number we accept them
! 326: * anyway. we already verified that they increase monotonically. */
! 327: struct_number = current_number;
! 328: substructs->insert_last(substructs, substruct);
! 329: }
! 330: enumerator->destroy(enumerator);
! 331:
! 332: /* generate proposals from substructs */
! 333: list = linked_list_create();
! 334: enumerator = substructs->create_enumerator(substructs);
! 335: while (enumerator->enumerate(enumerator, &substruct))
! 336: {
! 337: substruct->get_proposals(substruct, list);
! 338: }
! 339: enumerator->destroy(enumerator);
! 340: substructs->destroy(substructs);
! 341: return list;
! 342: }
! 343:
! 344: METHOD(sa_payload_t, get_ipcomp_proposals, linked_list_t*,
! 345: private_sa_payload_t *this, uint16_t *cpi)
! 346: {
! 347: int current_proposal = -1, unsupported_proposal = -1;
! 348: enumerator_t *enumerator;
! 349: proposal_substructure_t *substruct, *espah = NULL, *ipcomp = NULL;
! 350: linked_list_t *list;
! 351:
! 352: /* we currently only support the combination ESP|AH+IPComp, find the first */
! 353: enumerator = this->proposals->create_enumerator(this->proposals);
! 354: while (enumerator->enumerate(enumerator, &substruct))
! 355: {
! 356: uint8_t proposal_number = substruct->get_proposal_number(substruct);
! 357: uint8_t protocol_id = substruct->get_protocol_id(substruct);
! 358:
! 359: if (proposal_number == unsupported_proposal)
! 360: {
! 361: continue;
! 362: }
! 363: if (protocol_id != PROTO_ESP && protocol_id != PROTO_AH &&
! 364: protocol_id != PROTO_IPCOMP)
! 365: { /* unsupported combination */
! 366: espah = ipcomp = NULL;
! 367: unsupported_proposal = current_proposal;
! 368: continue;
! 369: }
! 370: if (proposal_number != current_proposal)
! 371: { /* start of a new proposal */
! 372: if (espah && ipcomp && ipcomp->get_cpi(ipcomp, NULL))
! 373: { /* previous proposal is valid */
! 374: break;
! 375: }
! 376: espah = ipcomp = NULL;
! 377: current_proposal = proposal_number;
! 378: }
! 379: switch (protocol_id)
! 380: {
! 381: case PROTO_ESP:
! 382: case PROTO_AH:
! 383: espah = substruct;
! 384: break;
! 385: case PROTO_IPCOMP:
! 386: ipcomp = substruct;
! 387: break;
! 388: }
! 389: }
! 390: enumerator->destroy(enumerator);
! 391:
! 392: list = linked_list_create();
! 393: if (espah && ipcomp && ipcomp->get_cpi(ipcomp, cpi))
! 394: {
! 395: espah->get_proposals(espah, list);
! 396: }
! 397: return list;
! 398: }
! 399:
! 400: METHOD(sa_payload_t, create_substructure_enumerator, enumerator_t*,
! 401: private_sa_payload_t *this)
! 402: {
! 403: return this->proposals->create_enumerator(this->proposals);
! 404: }
! 405:
! 406: METHOD(sa_payload_t, get_lifetime, uint32_t,
! 407: private_sa_payload_t *this, proposal_t *proposal)
! 408: {
! 409: proposal_substructure_t *substruct;
! 410: enumerator_t *enumerator;
! 411: uint8_t number = proposal->get_number(proposal);
! 412: uint32_t lifetime = 0;
! 413:
! 414: enumerator = this->proposals->create_enumerator(this->proposals);
! 415: while (enumerator->enumerate(enumerator, &substruct))
! 416: {
! 417: if (substruct->get_proposal_number(substruct) == number)
! 418: {
! 419: lifetime = substruct->get_lifetime(substruct,
! 420: proposal->get_transform_number(proposal));
! 421: break;
! 422: }
! 423: }
! 424: enumerator->destroy(enumerator);
! 425:
! 426: return lifetime;
! 427: }
! 428:
! 429: METHOD(sa_payload_t, get_lifebytes, uint64_t,
! 430: private_sa_payload_t *this, proposal_t *proposal)
! 431: {
! 432: proposal_substructure_t *substruct;
! 433: enumerator_t *enumerator;
! 434: uint8_t number = proposal->get_number(proposal);
! 435: uint64_t lifebytes = 0;
! 436:
! 437: enumerator = this->proposals->create_enumerator(this->proposals);
! 438: while (enumerator->enumerate(enumerator, &substruct))
! 439: {
! 440: if (substruct->get_proposal_number(substruct) == number)
! 441: {
! 442: lifebytes = substruct->get_lifebytes(substruct,
! 443: proposal->get_transform_number(proposal));
! 444: break;
! 445: }
! 446: }
! 447: enumerator->destroy(enumerator);
! 448:
! 449: return lifebytes;
! 450: }
! 451:
! 452: METHOD(sa_payload_t, get_auth_method, auth_method_t,
! 453: private_sa_payload_t *this)
! 454: {
! 455: proposal_substructure_t *substruct;
! 456: enumerator_t *enumerator;
! 457: auth_method_t method = AUTH_NONE;
! 458:
! 459: enumerator = this->proposals->create_enumerator(this->proposals);
! 460: if (enumerator->enumerate(enumerator, &substruct))
! 461: {
! 462: method = substruct->get_auth_method(substruct);
! 463: }
! 464: enumerator->destroy(enumerator);
! 465:
! 466: return method;
! 467: }
! 468:
! 469: METHOD(sa_payload_t, get_encap_mode, ipsec_mode_t,
! 470: private_sa_payload_t *this, bool *udp)
! 471: {
! 472: proposal_substructure_t *substruct;
! 473: enumerator_t *enumerator;
! 474: ipsec_mode_t mode = MODE_NONE;
! 475:
! 476: enumerator = this->proposals->create_enumerator(this->proposals);
! 477: if (enumerator->enumerate(enumerator, &substruct))
! 478: {
! 479: mode = substruct->get_encap_mode(substruct, udp);
! 480: }
! 481: enumerator->destroy(enumerator);
! 482:
! 483: return mode;
! 484: }
! 485:
! 486: METHOD2(payload_t, sa_payload_t, destroy, void,
! 487: private_sa_payload_t *this)
! 488: {
! 489: this->proposals->destroy_offset(this->proposals,
! 490: offsetof(payload_t, destroy));
! 491: free(this);
! 492: }
! 493:
! 494: /*
! 495: * Described in header.
! 496: */
! 497: sa_payload_t *sa_payload_create(payload_type_t type)
! 498: {
! 499: private_sa_payload_t *this;
! 500:
! 501: INIT(this,
! 502: .public = {
! 503: .payload_interface = {
! 504: .verify = _verify,
! 505: .get_encoding_rules = _get_encoding_rules,
! 506: .get_header_length = _get_header_length,
! 507: .get_length = _get_length,
! 508: .get_next_type = _get_next_type,
! 509: .set_next_type = _set_next_type,
! 510: .get_type = _get_type,
! 511: .destroy = _destroy,
! 512: },
! 513: .get_proposals = _get_proposals,
! 514: .get_ipcomp_proposals = _get_ipcomp_proposals,
! 515: .create_substructure_enumerator = _create_substructure_enumerator,
! 516: .get_lifetime = _get_lifetime,
! 517: .get_lifebytes = _get_lifebytes,
! 518: .get_auth_method = _get_auth_method,
! 519: .get_encap_mode = _get_encap_mode,
! 520: .destroy = _destroy,
! 521: },
! 522: .next_payload = PL_NONE,
! 523: .proposals = linked_list_create(),
! 524: .type = type,
! 525: /* for IKEv1 only */
! 526: .doi = IKEV1_DOI_IPSEC,
! 527: .situation = SIT_IDENTITY_ONLY,
! 528: );
! 529:
! 530: compute_length(this);
! 531:
! 532: return &this->public;
! 533: }
! 534:
! 535: /*
! 536: * Described in header.
! 537: */
! 538: sa_payload_t *sa_payload_create_from_proposals_v2(linked_list_t *proposals)
! 539: {
! 540: private_sa_payload_t *this;
! 541: enumerator_t *enumerator;
! 542: proposal_t *proposal;
! 543:
! 544: this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
! 545: enumerator = proposals->create_enumerator(proposals);
! 546: while (enumerator->enumerate(enumerator, &proposal))
! 547: {
! 548: add_proposal_v2(this, proposal);
! 549: }
! 550: enumerator->destroy(enumerator);
! 551:
! 552: return &this->public;
! 553: }
! 554:
! 555: /*
! 556: * Described in header.
! 557: */
! 558: sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal)
! 559: {
! 560: private_sa_payload_t *this;
! 561:
! 562: this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
! 563: add_proposal_v2(this, proposal);
! 564:
! 565: return &this->public;
! 566:
! 567: }
! 568:
! 569: /*
! 570: * Described in header.
! 571: */
! 572: sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
! 573: uint32_t lifetime, uint64_t lifebytes,
! 574: auth_method_t auth, ipsec_mode_t mode,
! 575: encap_t udp, uint16_t cpi)
! 576: {
! 577: proposal_substructure_t *substruct;
! 578: private_sa_payload_t *this;
! 579:
! 580: this = (private_sa_payload_t*)sa_payload_create(PLV1_SECURITY_ASSOCIATION);
! 581:
! 582: if (!proposals || !proposals->get_count(proposals))
! 583: {
! 584: return &this->public;
! 585: }
! 586:
! 587: /* IKEv1 encodes multiple proposals in a single substructure
! 588: * TODO-IKEv1: Encode ESP+AH proposals in two substructs with same num */
! 589: substruct = proposal_substructure_create_from_proposals_v1(proposals,
! 590: lifetime, lifebytes, auth, mode, udp);
! 591: this->proposals->insert_last(this->proposals, substruct);
! 592: substruct->set_is_last_proposal(substruct, FALSE);
! 593: if (cpi)
! 594: {
! 595: uint8_t proposal_number = substruct->get_proposal_number(substruct);
! 596:
! 597: substruct = proposal_substructure_create_for_ipcomp_v1(lifetime,
! 598: lifebytes, cpi, mode, udp, proposal_number);
! 599: this->proposals->insert_last(this->proposals, substruct);
! 600: substruct->set_is_last_proposal(substruct, FALSE);
! 601: /* add the proposals again without IPComp */
! 602: substruct = proposal_substructure_create_from_proposals_v1(proposals,
! 603: lifetime, lifebytes, auth, mode, udp);
! 604: substruct->set_proposal_number(substruct, proposal_number + 1);
! 605: this->proposals->insert_last(this->proposals, substruct);
! 606: }
! 607: substruct->set_is_last_proposal(substruct, TRUE);
! 608: compute_length(this);
! 609:
! 610: return &this->public;
! 611: }
! 612:
! 613: /*
! 614: * Described in header.
! 615: */
! 616: sa_payload_t *sa_payload_create_from_proposal_v1(proposal_t *proposal,
! 617: uint32_t lifetime, uint64_t lifebytes,
! 618: auth_method_t auth, ipsec_mode_t mode,
! 619: encap_t udp, uint16_t cpi)
! 620: {
! 621: private_sa_payload_t *this;
! 622: linked_list_t *proposals;
! 623:
! 624: proposals = linked_list_create();
! 625: proposals->insert_last(proposals, proposal);
! 626: this = (private_sa_payload_t*)sa_payload_create_from_proposals_v1(proposals,
! 627: lifetime, lifebytes, auth, mode, udp, cpi);
! 628: proposals->destroy(proposals);
! 629: return &this->public;
! 630: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to sa_payload.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libcharon / encoding / payloads