X-Git-Url: https://gerrit.fd.io/r/gitweb?a=blobdiff_plain;f=vnet%2Fvnet%2Fipsec%2Fikev2_payload.c;h=dd14812b5501971f38105e54995125df2bf19d06;hb=166a9d4c21821bdbc9a2d5a818ec5ae0e8bdc036;hp=4ad8699121db4f2d57e7a1efe155e4334273ae45;hpb=e2c987e21fa9d2d2be93176429679dd8eaca9576;p=vpp.git diff --git a/vnet/vnet/ipsec/ikev2_payload.c b/vnet/vnet/ipsec/ikev2_payload.c index 4ad8699121d..dd14812b550 100644 --- a/vnet/vnet/ipsec/ikev2_payload.c +++ b/vnet/vnet/ipsec/ikev2_payload.c @@ -24,206 +24,232 @@ #include #include +/* *INDENT-OFF* */ +typedef CLIB_PACKED (struct + { + u8 nextpayload; + u8 flags; + u16 length; + u8 protocol_id; + u8 spi_size; + u16 msg_type; + u8 payload[0];}) ike_notify_payload_header_t; +/* *INDENT-ON* */ + +/* *INDENT-OFF* */ +typedef CLIB_PACKED (struct + { + u8 ts_type; + u8 protocol_id; + u16 selector_len; + u16 start_port; + u16 end_port; + ip4_address_t start_addr; + ip4_address_t end_addr;}) ikev2_ts_payload_entry_t; +/* *INDENT-OFF* */ + +/* *INDENT-OFF* */ +typedef CLIB_PACKED (struct + { + u8 nextpayload; + u8 flags; + u16 length; + u8 num_ts; + u8 reserved[3]; + ikev2_ts_payload_entry_t ts[0];}) + ike_ts_payload_header_t; +/* *INDENT-OFF* */ + +/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { - u8 nextpayload; - u8 flags; - u16 length; - u8 protocol_id; - u8 spi_size; - u16 msg_type; - u8 payload[0]; -}) ike_notify_payload_header_t; - -typedef CLIB_PACKED (struct { - u8 ts_type; - u8 protocol_id; - u16 selector_len; - u16 start_port; - u16 end_port; - ip4_address_t start_addr; - ip4_address_t end_addr; -}) ikev2_ts_payload_entry_t; - -typedef CLIB_PACKED (struct { - u8 nextpayload; - u8 flags; - u16 length; - u8 num_ts; - u8 reserved[3]; - ikev2_ts_payload_entry_t ts[0]; -}) ike_ts_payload_header_t; - -typedef CLIB_PACKED (struct { - u8 last_or_more; - u8 reserved; - u16 proposal_len; - u8 proposal_num; - u8 protocol_id; - u8 spi_size; - u8 num_transforms; - u32 spi[0]; + u8 last_or_more; + u8 reserved; + u16 proposal_len; + u8 proposal_num; + u8 protocol_id; + u8 spi_size; + u8 num_transforms; u32 spi[0]; }) ike_sa_proposal_data_t; +/* *INDENT-OFF* */ +/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { - u8 last_or_more; - u8 reserved; - u16 transform_len; - u8 transform_type; - u8 reserved2; - u16 transform_id; - u8 attributes[0]; + u8 last_or_more; + u8 reserved; + u16 transform_len; + u8 transform_type; + u8 reserved2; + u16 transform_id; + u8 attributes[0]; }) ike_sa_transform_data_t; +/* *INDENT-OFF* */ +/* *INDENT-OFF* */ typedef CLIB_PACKED (struct { - u8 nextpayload; - u8 flags; - u16 length; - u8 protocol_id; - u8 spi_size; - u16 num_of_spi; - u32 spi[0]; + u8 nextpayload; + u8 flags; + u16 length; + u8 protocol_id; + u8 spi_size; + u16 num_of_spi; + u32 spi[0]; }) ike_delete_payload_header_t; +/* *INDENT-OFF* */ static ike_payload_header_t * -ikev2_payload_add_hdr(ikev2_payload_chain_t * c, u8 payload_type, int len) +ikev2_payload_add_hdr (ikev2_payload_chain_t * c, u8 payload_type, int len) { - ike_payload_header_t * hdr = (ike_payload_header_t *) &c->data[c->last_hdr_off]; - u8 * tmp; + ike_payload_header_t *hdr = + (ike_payload_header_t *) & c->data[c->last_hdr_off]; + u8 *tmp; if (c->data) hdr->nextpayload = payload_type; else c->first_payload_type = payload_type; - c->last_hdr_off = vec_len(c->data); - vec_add2(c->data, tmp, len); + c->last_hdr_off = vec_len (c->data); + vec_add2 (c->data, tmp, len); hdr = (ike_payload_header_t *) tmp; - memset(hdr, 0, len); + memset (hdr, 0, len); - hdr->length = clib_host_to_net_u16(len); + hdr->length = clib_host_to_net_u16 (len); return hdr; } static void -ikev2_payload_add_data(ikev2_payload_chain_t * c, u8 * data) +ikev2_payload_add_data (ikev2_payload_chain_t * c, u8 * data) { u16 len; - ike_payload_header_t * hdr; + ike_payload_header_t *hdr; - vec_append(c->data, data); - hdr = (ike_payload_header_t *) &c->data[c->last_hdr_off]; - len = clib_net_to_host_u16(hdr->length); - hdr->length = clib_host_to_net_u16(len + vec_len(data)); + vec_append (c->data, data); + hdr = (ike_payload_header_t *) & c->data[c->last_hdr_off]; + len = clib_net_to_host_u16 (hdr->length); + hdr->length = clib_host_to_net_u16 (len + vec_len (data)); } void -ikev2_payload_add_notify(ikev2_payload_chain_t * c, u16 msg_type, u8 * data) +ikev2_payload_add_notify (ikev2_payload_chain_t * c, u16 msg_type, u8 * data) { - ike_notify_payload_header_t * n; - - n = (ike_notify_payload_header_t *) ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_NOTIFY, sizeof (*n)); - n->msg_type = clib_host_to_net_u16(msg_type); - ikev2_payload_add_data(c, data); + ike_notify_payload_header_t *n; + + n = + (ike_notify_payload_header_t *) ikev2_payload_add_hdr (c, + IKEV2_PAYLOAD_NOTIFY, + sizeof (*n)); + n->msg_type = clib_host_to_net_u16 (msg_type); + ikev2_payload_add_data (c, data); } void -ikev2_payload_add_sa(ikev2_payload_chain_t * c, ikev2_sa_proposal_t * proposals) +ikev2_payload_add_sa (ikev2_payload_chain_t * c, + ikev2_sa_proposal_t * proposals) { - ike_payload_header_t * ph; - ike_sa_proposal_data_t * prop; - ike_sa_transform_data_t * tr; - ikev2_sa_proposal_t * p; - ikev2_sa_transform_t * t; - - u8 * tmp; - u8 * pr_data = 0; - u8 * tr_data = 0; - - ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_SA, sizeof (*ph)); - - vec_foreach(p, proposals) + ike_payload_header_t *ph; + ike_sa_proposal_data_t *prop; + ike_sa_transform_data_t *tr; + ikev2_sa_proposal_t *p; + ikev2_sa_transform_t *t; + + u8 *tmp; + u8 *pr_data = 0; + u8 *tr_data = 0; + + ikev2_payload_add_hdr (c, IKEV2_PAYLOAD_SA, sizeof (*ph)); + + vec_foreach (p, proposals) + { + int spi_size = (p->protocol_id == IKEV2_PROTOCOL_ESP) ? 4 : 0; + pr_data = vec_new (u8, sizeof (ike_sa_proposal_data_t) + spi_size); + prop = (ike_sa_proposal_data_t *) pr_data; + prop->last_or_more = proposals - p + 1 < vec_len (proposals) ? 2 : 0; + prop->protocol_id = p->protocol_id; + prop->proposal_num = p->proposal_num; + prop->spi_size = spi_size; + prop->num_transforms = vec_len (p->transforms); + + if (spi_size) + prop->spi[0] = clib_host_to_net_u32 (p->spi); + + DBG_PLD ("proposal num %u protocol_id %u last_or_more %u spi_size %u%s%U", + prop->proposal_num, prop->protocol_id, prop->last_or_more, + prop->spi_size, prop->spi_size ? " spi_data " : "", + format_hex_bytes, prop->spi, prop->spi_size); + + vec_foreach (t, p->transforms) { - int spi_size = (p->protocol_id == IKEV2_PROTOCOL_ESP) ? 4 : 0; - pr_data = vec_new(u8, sizeof(ike_sa_proposal_data_t) + spi_size); - prop = (ike_sa_proposal_data_t *) pr_data; - prop->last_or_more = proposals - p + 1 < vec_len(proposals) ? 2 : 0; - prop->protocol_id = p->protocol_id; - prop->proposal_num = p->proposal_num; - prop->spi_size = spi_size; - prop->num_transforms = vec_len(p->transforms); - - if (spi_size) - prop->spi[0] = clib_host_to_net_u32(p->spi); - - DBG_PLD("proposal num %u protocol_id %u last_or_more %u spi_size %u%s%U", - prop->proposal_num, prop->protocol_id, prop->last_or_more, - prop->spi_size, prop->spi_size ? " spi_data " : "", - format_hex_bytes, prop->spi, prop->spi_size); - - vec_foreach(t, p->transforms) - { - vec_add2(tr_data, tmp, sizeof(*tr) + vec_len(t->attrs)); - tr = (ike_sa_transform_data_t *) tmp; - tr->last_or_more = ((t - p->transforms) + 1 < vec_len(p->transforms)) ? 3 : 0; - tr->transform_type = t->type; - tr->transform_id = clib_host_to_net_u16(t->transform_id); - tr->transform_len = clib_host_to_net_u16(sizeof(*tr) + vec_len(t->attrs)); - - if (vec_len(t->attrs) > 0) - clib_memcpy(tr->attributes, t->attrs, vec_len(t->attrs)); - - DBG_PLD("transform type %U transform_id %u last_or_more %u attr_size %u%s%U", - format_ikev2_transform_type, tr->transform_type, - t->transform_id, tr->last_or_more, vec_len(t->attrs), - vec_len(t->attrs) ? " attrs " : "", - format_hex_bytes, tr->attributes, vec_len(t->attrs)); - } - - prop->proposal_len = clib_host_to_net_u16(vec_len(tr_data) + vec_len(pr_data)); - ikev2_payload_add_data(c, pr_data); - ikev2_payload_add_data(c, tr_data); - vec_free(pr_data); - vec_free(tr_data); + vec_add2 (tr_data, tmp, sizeof (*tr) + vec_len (t->attrs)); + tr = (ike_sa_transform_data_t *) tmp; + tr->last_or_more = + ((t - p->transforms) + 1 < vec_len (p->transforms)) ? 3 : 0; + tr->transform_type = t->type; + tr->transform_id = clib_host_to_net_u16 (t->transform_id); + tr->transform_len = + clib_host_to_net_u16 (sizeof (*tr) + vec_len (t->attrs)); + + if (vec_len (t->attrs) > 0) + clib_memcpy (tr->attributes, t->attrs, vec_len (t->attrs)); + + DBG_PLD + ("transform type %U transform_id %u last_or_more %u attr_size %u%s%U", + format_ikev2_transform_type, tr->transform_type, t->transform_id, + tr->last_or_more, vec_len (t->attrs), + vec_len (t->attrs) ? " attrs " : "", format_hex_bytes, + tr->attributes, vec_len (t->attrs)); } + + prop->proposal_len = + clib_host_to_net_u16 (vec_len (tr_data) + vec_len (pr_data)); + ikev2_payload_add_data (c, pr_data); + ikev2_payload_add_data (c, tr_data); + vec_free (pr_data); + vec_free (tr_data); + } } void -ikev2_payload_add_ke(ikev2_payload_chain_t * c, u16 dh_group, u8 * dh_data) +ikev2_payload_add_ke (ikev2_payload_chain_t * c, u16 dh_group, u8 * dh_data) { - ike_ke_payload_header_t * ke; - ke = (ike_ke_payload_header_t *) ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_KE, - sizeof (*ke)); + ike_ke_payload_header_t *ke; + ke = (ike_ke_payload_header_t *) ikev2_payload_add_hdr (c, IKEV2_PAYLOAD_KE, + sizeof (*ke)); - ke->dh_group = clib_host_to_net_u16(dh_group); - ikev2_payload_add_data(c, dh_data); + ke->dh_group = clib_host_to_net_u16 (dh_group); + ikev2_payload_add_data (c, dh_data); } void -ikev2_payload_add_nonce(ikev2_payload_chain_t * c, u8 * nonce) +ikev2_payload_add_nonce (ikev2_payload_chain_t * c, u8 * nonce) { - ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_NONCE, sizeof (ike_payload_header_t)); - ikev2_payload_add_data(c, nonce); + ikev2_payload_add_hdr (c, IKEV2_PAYLOAD_NONCE, + sizeof (ike_payload_header_t)); + ikev2_payload_add_data (c, nonce); } void -ikev2_payload_add_id(ikev2_payload_chain_t *c, ikev2_id_t * id, u8 type) +ikev2_payload_add_id (ikev2_payload_chain_t * c, ikev2_id_t * id, u8 type) { - ike_id_payload_header_t * idp; - idp = (ike_id_payload_header_t *) ikev2_payload_add_hdr(c, type, sizeof (*idp)); + ike_id_payload_header_t *idp; + idp = + (ike_id_payload_header_t *) ikev2_payload_add_hdr (c, type, + sizeof (*idp)); idp->id_type = id->type; - ikev2_payload_add_data(c, id->data); + ikev2_payload_add_data (c, id->data); } void -ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t * d) +ikev2_payload_add_delete (ikev2_payload_chain_t * c, ikev2_delete_t * d) { - ike_delete_payload_header_t * dp; - u16 num_of_spi = vec_len(d); - ikev2_delete_t * d2; - dp = (ike_delete_payload_header_t *) ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_DELETE, - sizeof (*dp)); + ike_delete_payload_header_t *dp; + u16 num_of_spi = vec_len (d); + ikev2_delete_t *d2; + dp = + (ike_delete_payload_header_t *) ikev2_payload_add_hdr (c, + IKEV2_PAYLOAD_DELETE, + sizeof (*dp)); if (d[0].protocol_id == IKEV2_PROTOCOL_IKE) { @@ -233,198 +259,204 @@ ikev2_payload_add_delete(ikev2_payload_chain_t *c, ikev2_delete_t * d) { dp->protocol_id = d[0].protocol_id; dp->spi_size = 4; - dp->num_of_spi = clib_host_to_net_u16(num_of_spi); - vec_foreach(d2, d) - { - u8 * data = vec_new(u8, 4); - u32 spi = clib_host_to_net_u32(d2->spi); - clib_memcpy(data, &spi, 4); - ikev2_payload_add_data(c, data); - vec_free(data); - } + dp->num_of_spi = clib_host_to_net_u16 (num_of_spi); + vec_foreach (d2, d) + { + u8 *data = vec_new (u8, 4); + u32 spi = clib_host_to_net_u32 (d2->spi); + clib_memcpy (data, &spi, 4); + ikev2_payload_add_data (c, data); + vec_free (data); + } } } void -ikev2_payload_add_auth(ikev2_payload_chain_t *c, ikev2_auth_t * auth) +ikev2_payload_add_auth (ikev2_payload_chain_t * c, ikev2_auth_t * auth) { - ike_auth_payload_header_t * ap; - ap = (ike_auth_payload_header_t *) ikev2_payload_add_hdr(c, IKEV2_PAYLOAD_AUTH, - sizeof (*ap)); + ike_auth_payload_header_t *ap; + ap = + (ike_auth_payload_header_t *) ikev2_payload_add_hdr (c, + IKEV2_PAYLOAD_AUTH, + sizeof (*ap)); ap->auth_method = auth->method; - ikev2_payload_add_data(c, auth->data); + ikev2_payload_add_data (c, auth->data); } void -ikev2_payload_add_ts(ikev2_payload_chain_t * c, ikev2_ts_t * ts, u8 type) +ikev2_payload_add_ts (ikev2_payload_chain_t * c, ikev2_ts_t * ts, u8 type) { - ike_ts_payload_header_t * tsh; + ike_ts_payload_header_t *tsh; ikev2_ts_t *ts2; - u8 * data = 0, * tmp; - - tsh = (ike_ts_payload_header_t *) ikev2_payload_add_hdr(c, type, sizeof (*tsh)); - tsh->num_ts = vec_len(ts); - - vec_foreach(ts2, ts) - { - ASSERT(ts2->ts_type == 7); /*TS_IPV4_ADDR_RANGE */ - ikev2_ts_payload_entry_t * entry; - vec_add2(data, tmp, sizeof(*entry)); - entry = (ikev2_ts_payload_entry_t *) tmp; - entry->ts_type = ts2->ts_type; - entry->protocol_id = ts2->protocol_id; - entry->selector_len = clib_host_to_net_u16(16); - entry->start_port = clib_host_to_net_u16(ts2->start_port); - entry->end_port = clib_host_to_net_u16(ts2->end_port); - entry->start_addr.as_u32 = ts2->start_addr.as_u32; - entry->end_addr.as_u32 = ts2->end_addr.as_u32; - } - - ikev2_payload_add_data(c, data); - vec_free(data); + u8 *data = 0, *tmp; + + tsh = + (ike_ts_payload_header_t *) ikev2_payload_add_hdr (c, type, + sizeof (*tsh)); + tsh->num_ts = vec_len (ts); + + vec_foreach (ts2, ts) + { + ASSERT (ts2->ts_type == 7); /*TS_IPV4_ADDR_RANGE */ + ikev2_ts_payload_entry_t *entry; + vec_add2 (data, tmp, sizeof (*entry)); + entry = (ikev2_ts_payload_entry_t *) tmp; + entry->ts_type = ts2->ts_type; + entry->protocol_id = ts2->protocol_id; + entry->selector_len = clib_host_to_net_u16 (16); + entry->start_port = clib_host_to_net_u16 (ts2->start_port); + entry->end_port = clib_host_to_net_u16 (ts2->end_port); + entry->start_addr.as_u32 = ts2->start_addr.as_u32; + entry->end_addr.as_u32 = ts2->end_addr.as_u32; + } + + ikev2_payload_add_data (c, data); + vec_free (data); } void -ikev2_payload_chain_add_padding(ikev2_payload_chain_t * c, int bs) +ikev2_payload_chain_add_padding (ikev2_payload_chain_t * c, int bs) { - u8 * tmp __attribute__((unused)); - u8 pad_len = (vec_len(c->data) / bs + 1) * bs - vec_len(c->data); - vec_add2(c->data, tmp, pad_len); - c->data[vec_len(c->data)-1] = pad_len - 1; + u8 *tmp __attribute__ ((unused)); + u8 pad_len = (vec_len (c->data) / bs + 1) * bs - vec_len (c->data); + vec_add2 (c->data, tmp, pad_len); + c->data[vec_len (c->data) - 1] = pad_len - 1; } ikev2_sa_proposal_t * -ikev2_parse_sa_payload(ike_payload_header_t * ikep) +ikev2_parse_sa_payload (ike_payload_header_t * ikep) { - ikev2_sa_proposal_t * v = 0; - ikev2_sa_proposal_t * proposal; - ikev2_sa_transform_t * transform; + ikev2_sa_proposal_t *v = 0; + ikev2_sa_proposal_t *proposal; + ikev2_sa_transform_t *transform; - u32 plen = clib_net_to_host_u16(ikep->length); + u32 plen = clib_net_to_host_u16 (ikep->length); - ike_sa_proposal_data_t * sap; + ike_sa_proposal_data_t *sap; int proposal_ptr = 0; do { - sap = (ike_sa_proposal_data_t *) &ikep->payload[proposal_ptr]; + sap = (ike_sa_proposal_data_t *) & ikep->payload[proposal_ptr]; int i; int transform_ptr; - DBG_PLD("proposal num %u len %u last_or_more %u id %u " - "spi_size %u num_transforms %u", - sap->proposal_num, clib_net_to_host_u16(sap->proposal_len), - sap->last_or_more, sap->protocol_id, sap->spi_size, - sap->num_transforms); + DBG_PLD ("proposal num %u len %u last_or_more %u id %u " + "spi_size %u num_transforms %u", + sap->proposal_num, clib_net_to_host_u16 (sap->proposal_len), + sap->last_or_more, sap->protocol_id, sap->spi_size, + sap->num_transforms); /* IKE proposal should not have SPI */ if (sap->protocol_id == IKEV2_PROTOCOL_IKE && sap->spi_size != 0) - goto data_corrupted; + goto data_corrupted; /* IKE proposal should not have SPI */ if (sap->protocol_id == IKEV2_PROTOCOL_ESP && sap->spi_size != 4) - goto data_corrupted; + goto data_corrupted; - transform_ptr = proposal_ptr + sizeof(*sap) + sap->spi_size; + transform_ptr = proposal_ptr + sizeof (*sap) + sap->spi_size; - vec_add2(v, proposal, 1); + vec_add2 (v, proposal, 1); proposal->proposal_num = sap->proposal_num; proposal->protocol_id = sap->protocol_id; - if (sap->spi_size == 4) { - proposal->spi = clib_net_to_host_u32(sap->spi[0]); - } + if (sap->spi_size == 4) + { + proposal->spi = clib_net_to_host_u32 (sap->spi[0]); + } - for(i=0; i< sap->num_transforms; i++) - { - ike_sa_transform_data_t * tr = (ike_sa_transform_data_t *) &ikep->payload[transform_ptr]; - u16 tlen = clib_net_to_host_u16(tr->transform_len); + for (i = 0; i < sap->num_transforms; i++) + { + ike_sa_transform_data_t *tr = + (ike_sa_transform_data_t *) & ikep->payload[transform_ptr]; + u16 tlen = clib_net_to_host_u16 (tr->transform_len); - if (tlen < sizeof(*tr)) - goto data_corrupted; + if (tlen < sizeof (*tr)) + goto data_corrupted; - vec_add2(proposal->transforms, transform, 1); + vec_add2 (proposal->transforms, transform, 1); - transform->type = tr->transform_type; - transform->transform_id = clib_net_to_host_u16(tr->transform_id); - if (tlen > sizeof(*tr)) - vec_add(transform->attrs, tr->attributes, tlen - sizeof(*tr)); + transform->type = tr->transform_type; + transform->transform_id = clib_net_to_host_u16 (tr->transform_id); + if (tlen > sizeof (*tr)) + vec_add (transform->attrs, tr->attributes, tlen - sizeof (*tr)); - DBG_PLD("transform num %u len %u last_or_more %u type %U id %u%s%U", - i, tlen, tr->last_or_more, - format_ikev2_sa_transform, transform, - clib_net_to_host_u16(tr->transform_id), - tlen > sizeof(*tr) ? " attrs " : "", - format_hex_bytes, tr->attributes, tlen - sizeof (*tr)); + DBG_PLD + ("transform num %u len %u last_or_more %u type %U id %u%s%U", i, + tlen, tr->last_or_more, format_ikev2_sa_transform, transform, + clib_net_to_host_u16 (tr->transform_id), + tlen > sizeof (*tr) ? " attrs " : "", format_hex_bytes, + tr->attributes, tlen - sizeof (*tr)); - transform_ptr += tlen; - } + transform_ptr += tlen; + } - proposal_ptr += clib_net_to_host_u16(sap->proposal_len); + proposal_ptr += clib_net_to_host_u16 (sap->proposal_len); } - while (proposal_ptr < (plen - sizeof(*ikep)) && sap->last_or_more == 2); + while (proposal_ptr < (plen - sizeof (*ikep)) && sap->last_or_more == 2); /* data validation */ - if (proposal_ptr != (plen - sizeof(*ikep)) || sap->last_or_more) - goto data_corrupted; + if (proposal_ptr != (plen - sizeof (*ikep)) || sap->last_or_more) + goto data_corrupted; return v; data_corrupted: - DBG_PLD("SA payload data corrupted"); - ikev2_sa_free_proposal_vector(&v); + DBG_PLD ("SA payload data corrupted"); + ikev2_sa_free_proposal_vector (&v); return 0; } ikev2_ts_t * -ikev2_parse_ts_payload(ike_payload_header_t * ikep) +ikev2_parse_ts_payload (ike_payload_header_t * ikep) { - ike_ts_payload_header_t * tsp = (ike_ts_payload_header_t *) ikep; - ikev2_ts_t * r = 0, *ts; + ike_ts_payload_header_t *tsp = (ike_ts_payload_header_t *) ikep; + ikev2_ts_t *r = 0, *ts; u8 i; for (i = 0; i < tsp->num_ts; i++) { - if (tsp->ts[i].ts_type != 7) /* TS_IPV4_ADDR_RANGE */ - { - DBG_PLD("unsupported TS type received (%u)", tsp->ts[i].ts_type); - continue; - } - - vec_add2(r, ts, 1); - ts->ts_type = tsp->ts[i].ts_type; - ts->protocol_id = tsp->ts[i].protocol_id; - ts->start_port = tsp->ts[i].start_port; - ts->end_port = tsp->ts[i].end_port; + if (tsp->ts[i].ts_type != 7) /* TS_IPV4_ADDR_RANGE */ + { + DBG_PLD ("unsupported TS type received (%u)", tsp->ts[i].ts_type); + continue; + } + + vec_add2 (r, ts, 1); + ts->ts_type = tsp->ts[i].ts_type; + ts->protocol_id = tsp->ts[i].protocol_id; + ts->start_port = tsp->ts[i].start_port; + ts->end_port = tsp->ts[i].end_port; ts->start_addr.as_u32 = tsp->ts[i].start_addr.as_u32; - ts->end_addr.as_u32 = tsp->ts[i].end_addr.as_u32; + ts->end_addr.as_u32 = tsp->ts[i].end_addr.as_u32; } return r; } ikev2_notify_t * -ikev2_parse_notify_payload(ike_payload_header_t * ikep) +ikev2_parse_notify_payload (ike_payload_header_t * ikep) { - ike_notify_payload_header_t * n = (ike_notify_payload_header_t *) ikep; - u32 plen = clib_net_to_host_u16(ikep->length); - ikev2_notify_t * r = 0; + ike_notify_payload_header_t *n = (ike_notify_payload_header_t *) ikep; + u32 plen = clib_net_to_host_u16 (ikep->length); + ikev2_notify_t *r = 0; u32 spi; - DBG_PLD("msg_type %U len %u%s%U", - format_ikev2_notify_msg_type, clib_net_to_host_u16(n->msg_type), - plen, plen > sizeof(*n) ? " data ":"", - format_hex_bytes, n->payload, plen - sizeof(*n)); + DBG_PLD ("msg_type %U len %u%s%U", + format_ikev2_notify_msg_type, clib_net_to_host_u16 (n->msg_type), + plen, plen > sizeof (*n) ? " data " : "", + format_hex_bytes, n->payload, plen - sizeof (*n)); - r = vec_new(ikev2_notify_t, 1); - r->msg_type = clib_net_to_host_u16(n->msg_type); + r = vec_new (ikev2_notify_t, 1); + r->msg_type = clib_net_to_host_u16 (n->msg_type); r->protocol_id = n->protocol_id; if (n->spi_size == 4) { - clib_memcpy(&spi, n->payload, n->spi_size); - r->spi = clib_net_to_host_u32(spi); - DBG_PLD("spi %lx", r->spi); + clib_memcpy (&spi, n->payload, n->spi_size); + r->spi = clib_net_to_host_u32 (spi); + DBG_PLD ("spi %lx", r->spi); } else if (n->spi_size == 0) { @@ -432,63 +464,72 @@ ikev2_parse_notify_payload(ike_payload_header_t * ikep) } else { - clib_warning("invalid SPI Size %d", n->spi_size); + clib_warning ("invalid SPI Size %d", n->spi_size); } - if (plen > (sizeof(*n) + n->spi_size)) + if (plen > (sizeof (*n) + n->spi_size)) { - vec_add(r->data, n->payload + n->spi_size, plen - sizeof(*n) - n->spi_size); + vec_add (r->data, n->payload + n->spi_size, + plen - sizeof (*n) - n->spi_size); } return r; } void -ikev2_parse_vendor_payload(ike_payload_header_t * ikep) +ikev2_parse_vendor_payload (ike_payload_header_t * ikep) { - u32 plen = clib_net_to_host_u16(ikep->length); + u32 plen = clib_net_to_host_u16 (ikep->length); int i; int is_string = 1; - for(i=0; i < plen - 4; i++) - if (!isprint(ikep->payload[i])) + for (i = 0; i < plen - 4; i++) + if (!isprint (ikep->payload[i])) is_string = 0; - DBG_PLD("len %u data %s:%U", - plen, - is_string ? "string":"hex", - is_string ? format_ascii_bytes : format_hex_bytes, - ikep->payload, plen - sizeof(*ikep)); + DBG_PLD ("len %u data %s:%U", + plen, + is_string ? "string" : "hex", + is_string ? format_ascii_bytes : format_hex_bytes, + ikep->payload, plen - sizeof (*ikep)); } ikev2_delete_t * -ikev2_parse_delete_payload(ike_payload_header_t * ikep) +ikev2_parse_delete_payload (ike_payload_header_t * ikep) { - ike_delete_payload_header_t * d = (ike_delete_payload_header_t *) ikep; - u32 plen = clib_net_to_host_u16(ikep->length); - ikev2_delete_t * r = 0, * del; - u16 num_of_spi = clib_net_to_host_u16(d->num_of_spi); + ike_delete_payload_header_t *d = (ike_delete_payload_header_t *) ikep; + u32 plen = clib_net_to_host_u16 (ikep->length); + ikev2_delete_t *r = 0, *del; + u16 num_of_spi = clib_net_to_host_u16 (d->num_of_spi); u16 i = 0; - DBG_PLD("protocol_id %u spi_size %u num_of_spi %u len %u%s%U", - d->protocol_id, d->spi_size, num_of_spi, - plen, plen > sizeof(d) ? " data ":"", - format_hex_bytes, d->spi, plen - sizeof(*d)); + DBG_PLD ("protocol_id %u spi_size %u num_of_spi %u len %u%s%U", + d->protocol_id, d->spi_size, num_of_spi, + plen, plen > sizeof (d) ? " data " : "", + format_hex_bytes, d->spi, plen - sizeof (*d)); if (d->protocol_id == IKEV2_PROTOCOL_IKE) { - r = vec_new(ikev2_delete_t, 1); + r = vec_new (ikev2_delete_t, 1); r->protocol_id = 1; } else { - r = vec_new(ikev2_delete_t, num_of_spi); - vec_foreach(del, r) - { - del->protocol_id = d->protocol_id; - del->spi = clib_net_to_host_u32(d->spi[i++]); - } + r = vec_new (ikev2_delete_t, num_of_spi); + vec_foreach (del, r) + { + del->protocol_id = d->protocol_id; + del->spi = clib_net_to_host_u32 (d->spi[i++]); + } } return r; } + +/* + * fd.io coding-style-patch-verification: ON + * + * Local Variables: + * eval: (c-set-style "gnu") + * End: + */