1c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* $NetBSD: isakmp.h,v 1.4 2006/09/09 16:22:09 manu Exp $ */ 20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Id: isakmp.h,v 1.11 2005/04/25 22:19:39 manubsd Exp */ 40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * All rights reserved. 80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Redistribution and use in source and binary forms, with or without 100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modification, are permitted provided that the following conditions 110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * are met: 120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1. Redistributions of source code must retain the above copyright 130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer. 140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2. Redistributions in binary form must reproduce the above copyright 150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer in the 160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * documentation and/or other materials provided with the distribution. 170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 3. Neither the name of the project nor the names of its contributors 180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * may be used to endorse or promote products derived from this software 190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * without specific prior written permission. 200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * SUCH DAMAGE. 320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#ifndef _ISAKMP_H 350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define _ISAKMP_H 360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* refer to RFC 2408 */ 380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 39c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* must include <netinet/in.h> first. */ 40c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* must include "isakmp_var.h" first. */ 410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define INITIATOR 0 /* synonym sender */ 430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define RESPONDER 1 /* synonym receiver */ 440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define GENERATE 1 460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define VALIDATE 0 470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.1 ISAKMP Header Format 490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Initiator ! 520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Cookie ! 530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Responder ! 550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Cookie ! 560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Next Payload ! MjVer ! MnVer ! Exchange Type ! Flags ! 580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Message ID ! 600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Length ! 620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang*/ 640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp { 650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang cookie_t i_ck; /* Initiator Cookie */ 660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang cookie_t r_ck; /* Responder Cookie */ 670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t np; /* Next Payload Type */ 680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t v; 690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t etype; /* Exchange Type */ 700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t flags; /* Flags */ 710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t msgid; 720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t len; /* Length */ 730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Next Payload Type */ 760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NONE 0 /* NONE*/ 770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_SA 1 /* Security Association */ 780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_P 2 /* Proposal */ 790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_T 3 /* Transform */ 800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_KE 4 /* Key Exchange */ 810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_ID 5 /* Identification */ 820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_CERT 6 /* Certificate */ 830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_CR 7 /* Certificate Request */ 840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_HASH 8 /* Hash */ 850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_SIG 9 /* Signature */ 860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NONCE 10 /* Nonce */ 870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_N 11 /* Notification */ 880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_D 12 /* Delete */ 890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_VID 13 /* Vendor ID */ 900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_ATTR 14 /* Attribute */ 910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NAT-T draft-ietf-ipsec-nat-t-ike-05 and later */ 940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* XXX conflicts with values assigned to RFC 3547 */ 950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATD_BADDRAFT 15 /* NAT Discovery */ 960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATOA_BADDRAFT 16 /* NAT Original Address */ 970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NAT-T RFC */ 1000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATD_RFC 20 /* NAT Discovery */ 1010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATOA_RFC 21 /* NAT Original Address */ 1020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NAT-T up to draft-ietf-ipsec-nat-t-ike-04 */ 1040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATD_DRAFT 130 /* NAT Discovery */ 1050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_NATOA_DRAFT 131 /* NAT Original Address */ 1060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Frag does not seems to be documented */ 1080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_FRAG 132 /* IKE fragmentation payload */ 1090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_MAX 17 1110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 128 - 255 Private Use */ 1120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 1140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * The following are valid when the Vendor ID is one of the 1150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * following: 1160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * MD5("A GSS-API Authentication Method for IKE") 1180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * MD5("GSSAPI") (recognized by Windows 2000) 1190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * MD5("MS NT5 ISAKMPOAKLEY") (sent by Windows 2000) 1200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * See draft-ietf-ipsec-isakmp-gss-auth-06.txt. 1220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 1230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NPTYPE_GSS 129 /* GSS token */ 1240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_MAJOR_VERSION 1 1260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_MINOR_VERSION 0 1270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_VERSION_NUMBER 0x10 1280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_GETMAJORV(v) (((v) & 0xf0) >> 4) 1290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_SETMAJORV(v, m) ((v) = ((v) & 0x0f) | (((m) << 4) & 0xf0)) 1300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_GETMINORV(v) ((v) & 0x0f) 1310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_SETMINORV(v, m) ((v) = ((v) & 0xf0) | ((m) & 0x0f)) 1320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Exchange Type */ 1340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_NONE 0 /* NONE */ 1350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_BASE 1 /* Base */ 136c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh#define ISAKMP_ETYPE_IDENT 2 /* Identity Proteciton */ 1370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_AUTH 3 /* Authentication Only */ 1380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_AGG 4 /* Aggressive */ 1390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_INFO 5 /* Informational */ 1400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_CFG 6 /* Mode config */ 1410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Additional Exchange Type */ 1420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_QUICK 32 /* Quick Mode */ 1430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_NEWGRP 33 /* New group Mode */ 1440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ETYPE_ACKINFO 34 /* Acknowledged Informational */ 1450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Flags */ 1470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_FLAG_E 0x01 /* Encryption Bit */ 1480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_FLAG_C 0x02 /* Commit Bit */ 1490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_FLAG_A 0x04 /* Authentication Only Bit */ 1500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.2 Payload Generic Header 1520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang ! Next Payload ! RESERVED ! Payload Length ! 1550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang*/ 1570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_gen { 1580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t np; /* Next Payload */ 1590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t reserved; /* RESERVED, unused, must set to 0 */ 1600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t len; /* Payload Length */ 1610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 1620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.3 Data Attributes 1640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 1650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang !A! Attribute Type ! AF=0 Attribute Length ! 1670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang !F! ! AF=1 Attribute Value ! 1680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang . AF=0 Attribute Value . 1700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang . AF=1 Not Transmitted . 1710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 1720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang*/ 1730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_data { 1740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t type; /* defined by DOI-spec, and Attribute Format */ 1750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t lorv; /* if f equal 1, Attribute Length */ 1760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* if f equal 0, Attribute Value */ 1770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* if f equal 1, Attribute Value */ 1780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 1790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_GEN_TLV 0x0000 1800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_GEN_TV 0x8000 1810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* mask for type of attribute format */ 1820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_GEN_MASK 0x8000 1830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#if 0 1850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* MAY NOT be used, because of being defined in ipsec-doi. */ 1860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.4 Security Association Payload */ 1870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_sa { 1880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 1890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t doi; /* Domain of Interpretation */ 1900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t sit; /* Situation */ 1910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 1920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif 1930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.5 Proposal Payload */ 1950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 1960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang The value of the next payload field MUST only contain the value "2" 1970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang or "0". If there are additional Proposal payloads in the message, 1980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang then this field will be 2. If the current Proposal payload is the 1990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang last within the security association proposal, then this field will 2000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang be 0. 2010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 2020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_p { 2030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t p_no; /* Proposal # */ 2050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t proto_id; /* Protocol */ 2060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t spi_size; /* SPI Size */ 2070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t num_t; /* Number of Transforms */ 2080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* SPI */ 2090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.6 Transform Payload */ 2120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 2130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang The value of the next payload field MUST only contain the value "3" 2140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang or "0". If there are additional Transform payloads in the proposal, 2150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang then this field will be 3. If the current Transform payload is the 2160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang last within the proposal, then this field will be 0. 2170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 2180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_t { 2190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t t_no; /* Transform # */ 2210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t t_id; /* Transform-Id */ 2220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t reserved; /* RESERVED2 */ 2230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* SA Attributes */ 2240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.7 Key Exchange Payload */ 2270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_ke { 2280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Key Exchange Data */ 2300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#if 0 2330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NOTE: MUST NOT use because of being defined in ipsec-doi instead them. */ 2340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.8 Identification Payload */ 2350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_id { 2360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang union { 2380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t id_type; /* ID Type */ 2390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t doi_data; /* DOI Specific ID Data */ 2400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } d; 2410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Identification Data */ 2420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* A.4 ISAKMP Identification Type Values */ 2440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ID_IPV4_ADDR 0 2450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ID_IPV4_ADDR_SUBNET 1 2460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ID_IPV6_ADDR 2 2470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_ID_IPV6_ADDR_SUBNET 3 2480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif 2490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.9 Certificate Payload */ 2510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_cert { 2520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 2540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Encoding type of 1 octet follows immediately, 2550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * variable length CERT data follows encoding type. 2560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 2570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Certificate Type */ 2600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_NONE 0 2610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_PKCS7 1 2620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_PGP 2 2630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_DNS 3 2640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_X509SIGN 4 2650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_X509KE 5 2660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_KERBEROS 6 2670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_CRL 7 2680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_ARL 8 2690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_SPKI 9 2700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_X509ATTR 10 2710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CERT_PLAINRSA 11 2720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 273c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* the method to get peers certificate */ 274c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh#define ISAKMP_GETCERT_PAYLOAD 1 275c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh#define ISAKMP_GETCERT_LOCALFILE 2 276c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh#define ISAKMP_GETCERT_DNS 3 277c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh 2780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.10 Certificate Request Payload */ 2790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_cr { 2800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t num_cert; /* # Cert. Types */ 2820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 2830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang Certificate Types (variable length) 2840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang -- Contains a list of the types of certificates requested, 2850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sorted in order of preference. Each individual certificate 2860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang type is 1 octet. This field is NOT required. 2870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 2880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* # Certificate Authorities (1 octet) */ 2890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Certificate Authorities (variable length) */ 2900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.11 Hash Payload */ 2930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_hash { 2940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 2950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Hash Data */ 2960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 2970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.12 Signature Payload */ 2990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_sig { 3000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 3010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Signature Data */ 3020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 3030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.13 Nonce Payload */ 3050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_nonce { 3060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 3070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Nonce Data */ 3080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 3090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.14 Notification Payload */ 3110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_n { 3120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 3130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t doi; /* Domain of Interpretation */ 3140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t proto_id; /* Protocol-ID */ 3150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t spi_size; /* SPI Size */ 3160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t type; /* Notify Message Type */ 3170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* SPI */ 3180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Notification Data */ 3190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 3200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.14.1 Notify Message Types */ 3220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NOTIFY MESSAGES - ERROR TYPES */ 3230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE 1 3240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_DOI_NOT_SUPPORTED 2 3250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED 3 3260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_COOKIE 4 3270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_MAJOR_VERSION 5 3280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_MINOR_VERSION 6 3290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE 7 3300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_FLAGS 8 3310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_MESSAGE_ID 9 3320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_PROTOCOL_ID 10 3330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_SPI 11 3340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_TRANSFORM_ID 12 3350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED 13 3360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN 14 3370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX 15 3380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_PAYLOAD_MALFORMED 16 3390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_KEY_INFORMATION 17 3400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_ID_INFORMATION 18 3410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_CERT_ENCODING 19 3420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_CERTIFICATE 20 3430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX 21 3440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_CERT_AUTHORITY 22 3450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_HASH_INFORMATION 23 3460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_AUTHENTICATION_FAILED 24 3470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INVALID_SIGNATURE 25 3480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_ADDRESS_NOTIFICATION 26 3490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_NOTIFY_SA_LIFETIME 27 3500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_CERTIFICATE_UNAVAILABLE 28 3510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_UNSUPPORTED_EXCHANGE_TYPE 29 3520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_UNEQUAL_PAYLOAD_LENGTHS 30 3530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_MINERROR 1 3540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_MAXERROR 16383 3550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* NOTIFY MESSAGES - STATUS TYPES */ 3560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_CONNECTED 16384 3570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 4.6.3 IPSEC DOI Notify Message Types */ 3580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_RESPONDER_LIFETIME 24576 3590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_REPLAY_STATUS 24577 3600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_INITIAL_CONTACT 24578 3610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* DPD */ 3630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_R_U_THERE 36136 3640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_R_U_THERE_ACK 36137 3650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_NTYPE_HEARTBEAT 40503 3670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* using only to log */ 3690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_LOG_RETRY_LIMIT_REACHED 65530 3700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* XXX means internal error but it's not reserved by any drafts... */ 3720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_INTERNAL_ERROR -1 3730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 3.15 Delete Payload */ 3750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_d { 3760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 3770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t doi; /* Domain of Interpretation */ 3780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t proto_id; /* Protocol-Id */ 3790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t spi_size; /* SPI Size */ 3800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t num_spi; /* # of SPIs */ 3810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* SPI(es) */ 3820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 3830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct payload_list { 3850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct payload_list *next, *prev; 3860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t *payload; 387c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh int payload_type; 3880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang}; 3890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* See draft-ietf-ipsec-isakmp-mode-cfg-04.txt, 3.2 */ 3920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_attr { 3930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 3940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t type; /* Exchange type */ 3950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t res2; 3960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t id; /* Per transaction id */ 3970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 3980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Exchange type */ 4000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CFG_REQUEST 1 4010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CFG_REPLY 2 4020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CFG_SET 3 4030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_CFG_ACK 4 4040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 4050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* IKE fragmentation payload */ 4060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_frag { 4070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t unknown0; /* always set to zero? */ 4080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t len; 4090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t unknown1; /* always set to 1? */ 4100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t index; 4110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t flags; 4120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 4130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 4140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* flags */ 4150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define ISAKMP_FRAG_LAST 1 4160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 4170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* DPD R-U-THERE / R-U-THERE-ACK Payload */ 4180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstruct isakmp_pl_ru { 4190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct isakmp_gen h; 4200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t doi; /* Domain of Interpretation */ 4210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t proto_id; /* Protocol-Id */ 4220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int8_t spi_size; /* SPI Size */ 4230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int16_t type; /* Notify type */ 4240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang cookie_t i_ck; /* Initiator Cookie */ 4250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang cookie_t r_ck; /* Responder cookie*/ 4260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang u_int32_t data; /* Notification data */ 4270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} __attribute__((__packed__)); 4280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 4290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#endif /* _ISAKMP_H */ 430