forked from droe/fiked
-
Notifications
You must be signed in to change notification settings - Fork 0
/
peer_ctx.h
109 lines (91 loc) · 2.65 KB
/
peer_ctx.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
/*
* fiked - a fake IKE PSK+XAUTH daemon based on vpnc
* Copyright (C) 2005, Daniel Roethlisberger <daniel@roe.ch>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, see http://www.gnu.org/copyleft/
*/
#ifndef PEER_CTX_H
#define PEER_CTX_H
#include "datagram.h"
#include "config.h"
#include "vpnc/isakmp.h"
#include "vpnc/isakmp-pkt.h"
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
typedef struct _message_iv {
struct _message_iv *next;
uint32_t id; /* primary key */
uint8_t *iv;
} message_iv;
typedef struct _peer_ctx {
/* bookkeeping */
struct _peer_ctx *next;
struct sockaddr_in peer_addr; /* primary key */
/* pointer to global configuration */
config *cfg;
/* hash of last received datagram */
uint8_t *last_dgm_hash;
/* internal FSM states */
enum {
STATE_NEW,
STATE_PHASE1,
STATE_PHASE2
} state; /* from here, clear will zero everything */
/* done flag: signal that credentials are complete */
int done;
/* the interesting stuff */
uint8_t *ipsec_id;
uint8_t *ipsec_secret;
uint8_t *xauth_username;
uint8_t *xauth_password;
/* IKE: symmetrical crypto */
int algo;
size_t key_len;
size_t blk_len;
uint8_t *key;
uint8_t *iv0;
message_iv *msg_iv;
/* IKE: message digest */
int md_algo;
size_t md_len;
/* IKE: Diffie-Hellman */
struct group *dh_group;
uint8_t *dh_i_public;
uint8_t *dh_r_public;
uint8_t *dh_secret;
/* IKE: intermediate key material */
uint8_t *skeyid;
uint8_t *skeyid_d;
uint8_t *skeyid_a;
uint8_t *skeyid_e;
/* IKE: header fields */
uint8_t i_cookie[ISAKMP_COOKIE_LENGTH];
uint8_t r_cookie[ISAKMP_COOKIE_LENGTH];
uint8_t isakmp_version;
/* IKE: phase 1 payloads */
uint8_t *i_sa, *i_id, *r_id;
size_t i_sa_len, i_id_len, r_id_len;
uint8_t *i_nonce;
uint8_t *r_nonce;
size_t i_nonce_len, r_nonce_len;
uint8_t *i_hash;
uint8_t *r_hash;
} peer_ctx;
peer_ctx * peer_ctx_get(datagram *dgm, config *cfg, peer_ctx **head);
void peer_ctx_reset(peer_ctx *ctx);
void peer_ctx_free(peer_ctx *ctx);
message_iv * message_iv_get(uint32_t id, message_iv **head);
void message_iv_free(message_iv *msg_iv);
#endif /* PEER_CTX_H */