packetgen-plugin-ipsec 1.0.2 → 1.0.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/specs.yml +28 -0
- data/.rubocop.yml +8 -1
- data/.travis.yml +1 -1
- data/Gemfile +11 -0
- data/Rakefile +10 -4
- data/lib/packetgen/plugin/crypto.rb +6 -4
- data/lib/packetgen/plugin/esp.rb +373 -370
- data/lib/packetgen/plugin/ike.rb +218 -217
- data/lib/packetgen/plugin/ike/auth.rb +141 -141
- data/lib/packetgen/plugin/ike/cert.rb +61 -62
- data/lib/packetgen/plugin/ike/certreq.rb +51 -52
- data/lib/packetgen/plugin/ike/id.rb +80 -80
- data/lib/packetgen/plugin/ike/ke.rb +64 -66
- data/lib/packetgen/plugin/ike/nonce.rb +29 -31
- data/lib/packetgen/plugin/ike/notify.rb +135 -139
- data/lib/packetgen/plugin/ike/payload.rb +58 -57
- data/lib/packetgen/plugin/ike/sa.rb +515 -452
- data/lib/packetgen/plugin/ike/sk.rb +219 -221
- data/lib/packetgen/plugin/ike/ts.rb +223 -223
- data/lib/packetgen/plugin/ike/vendor_id.rb +28 -30
- data/lib/packetgen/plugin/ipsec_version.rb +8 -1
- data/packetgen-plugin-ipsec.gemspec +3 -9
- metadata +8 -77
@@ -6,94 +6,94 @@
|
|
6
6
|
|
7
7
|
# frozen_string_literal: true
|
8
8
|
|
9
|
-
module PacketGen
|
10
|
-
|
11
|
-
class
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
PAYLOAD_TYPE = 35
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Identification - Initiator payloads, denoted IDi
|
12
|
+
# (see RFC 7296, §3.5).
|
13
|
+
#
|
14
|
+
# A ID payload consists of the IKE generic payload Plugin (see {Payload})
|
15
|
+
# and some specific fields:
|
16
|
+
# 1 2 3
|
17
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
18
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
19
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
20
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
21
|
+
# | ID Type | RESERVED |
|
22
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
23
|
+
# | |
|
24
|
+
# ~ Identification Data ~
|
25
|
+
# | |
|
26
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
27
|
+
# These specific fields are:
|
28
|
+
# * {#type} (ID type),
|
29
|
+
# * {#reserved},
|
30
|
+
# * and {#content} (Identification Data).
|
31
|
+
#
|
32
|
+
# == Create a IDi payload
|
33
|
+
# # Create a IKE packet with a IDi payload
|
34
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
|
35
|
+
# pkt.ike_idi.content.read 'fqdn.example.org'
|
36
|
+
# pkt.calc_length
|
37
|
+
# @author Sylvain Daubert
|
38
|
+
class IDi < Payload
|
39
|
+
# Payload type number
|
40
|
+
PAYLOAD_TYPE = 35
|
42
41
|
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
42
|
+
# ID types
|
43
|
+
TYPES = {
|
44
|
+
'IPV4_ADDR' => 1,
|
45
|
+
'FQDN' => 2,
|
46
|
+
'RFC822_ADDR' => 3,
|
47
|
+
'IPV6_ADDR' => 5,
|
48
|
+
'DER_ASN1_DN' => 9,
|
49
|
+
'DER_ASN1_GN' => 10,
|
50
|
+
'KEY_ID' => 11
|
51
|
+
}.freeze
|
52
52
|
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
53
|
+
# @attribute [r] type
|
54
|
+
# 8-bit ID type
|
55
|
+
# @return [Integer]
|
56
|
+
define_field_before :content, :type, PacketGen::Types::Int8Enum, enum: TYPES
|
57
|
+
# @attribute reserved
|
58
|
+
# 24-bit reserved field
|
59
|
+
# @return [Integer]
|
60
|
+
define_field_before :content, :reserved, PacketGen::Types::Int24
|
61
61
|
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
62
|
+
# Get ID type name
|
63
|
+
# @return [String]
|
64
|
+
def human_type
|
65
|
+
self[:type].to_human
|
66
|
+
end
|
67
67
|
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
end
|
68
|
+
# Get human readable content, from {#type}
|
69
|
+
# @return [String]
|
70
|
+
def human_content
|
71
|
+
case type
|
72
|
+
when TYPES['IPV4_ADDR'], TYPES['IPV4_ADDR']
|
73
|
+
IPAddr.ntop(content)
|
74
|
+
when TYPES['DER_ASN1_DN'], TYPES['DER_ASN1_GN']
|
75
|
+
OpenSSL::X509::Name.new(content).to_s
|
76
|
+
else
|
77
|
+
content.inspect
|
79
78
|
end
|
80
79
|
end
|
81
80
|
|
82
|
-
# This class handles Identification - Responder payloads, denoted IDr.
|
83
|
-
# See {IDi}.
|
84
|
-
#
|
85
|
-
# == Create a IDr payload
|
86
|
-
# # Create a IKE packet with a IDr payload
|
87
|
-
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
|
88
|
-
# pkt.ike_idr.content.read 'fqdn.example.org'
|
89
|
-
# @author Sylvain Daubert
|
90
|
-
class IDr < IDi
|
91
|
-
# Payload type number
|
92
|
-
PAYLOAD_TYPE = 36
|
93
|
-
end
|
94
81
|
end
|
95
82
|
|
96
|
-
|
97
|
-
|
83
|
+
# This class handles Identification - Responder payloads, denoted IDr.
|
84
|
+
# See {IDi}.
|
85
|
+
#
|
86
|
+
# == Create a IDr payload
|
87
|
+
# # Create a IKE packet with a IDr payload
|
88
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
|
89
|
+
# pkt.ike_idr.content.read 'fqdn.example.org'
|
90
|
+
# @author Sylvain Daubert
|
91
|
+
class IDr < IDi
|
92
|
+
# Payload type number
|
93
|
+
PAYLOAD_TYPE = 36
|
94
|
+
end
|
98
95
|
end
|
96
|
+
|
97
|
+
PacketGen::Header.add_class IKE::IDi
|
98
|
+
PacketGen::Header.add_class IKE::IDr
|
99
99
|
end
|
@@ -1,79 +1,77 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
#
|
40
|
-
|
41
|
-
class KE < Payload
|
42
|
-
# Payload type number
|
43
|
-
PAYLOAD_TYPE = 34
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
|
12
|
+
#
|
13
|
+
# A KE payload contains a generic payload Plugin (see {Payload}) and some
|
14
|
+
# specific fields:
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | Diffie-Hellman Group Num | RESERVED |
|
21
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
22
|
+
# | |
|
23
|
+
# ~ Key Exchange Data ~
|
24
|
+
# | |
|
25
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
26
|
+
# These specific fields are:
|
27
|
+
# * {#group_num} (type {PacketGen::Types::Int16}),
|
28
|
+
# * {#reserved} (type {PacketGen::Types::Int16}),
|
29
|
+
# * and {#content} (type {PacketGen::Types::String}).
|
30
|
+
#
|
31
|
+
# == Create a KE payload
|
32
|
+
# # Create a IKE packet with a KE payload
|
33
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE')
|
34
|
+
# # group name is taken from Transform::DH_* constants
|
35
|
+
# pkt.add('IKE::KE', group: 'MODP4096')
|
36
|
+
# # group number may also be used
|
37
|
+
# pkt.ike_ke.group = 1
|
38
|
+
# pkt.calc_length
|
39
|
+
# @author Sylvain Daubert
|
40
|
+
class KE < Payload
|
41
|
+
# Payload type number
|
42
|
+
PAYLOAD_TYPE = 34
|
44
43
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
44
|
+
# @!attribute group_num
|
45
|
+
# 16-bit DH group number
|
46
|
+
# @return [Integer]
|
47
|
+
define_field_before :content, :group_num, PacketGen::Types::Int16
|
48
|
+
# @!attribute reserved
|
49
|
+
# 16-bit reserved field
|
50
|
+
# @return [Integer]
|
51
|
+
define_field_before :content, :reserved, PacketGen::Types::Int16, default: 0
|
53
52
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
53
|
+
def initialize(options={})
|
54
|
+
super
|
55
|
+
self.group = options[:group] if options[:group]
|
56
|
+
end
|
58
57
|
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
end
|
58
|
+
# Set group
|
59
|
+
# @param [Integer,String] value may be a String taken from
|
60
|
+
# {Transform}+::DH_*+ constant names.
|
61
|
+
# @return [Integer]
|
62
|
+
def group=(value)
|
63
|
+
group = case value
|
64
|
+
when Integer
|
65
|
+
value
|
66
|
+
else
|
67
|
+
cname = "DH_#{value}"
|
68
|
+
Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
|
69
|
+
end
|
70
|
+
raise ArgumentError, "unknown group #{value.inspect}" unless group
|
71
|
+
self[:group_num].value = group
|
74
72
|
end
|
75
73
|
end
|
76
|
-
|
77
|
-
Header.add_class IKE::KE
|
78
74
|
end
|
75
|
+
|
76
|
+
PacketGen::Header.add_class IKE::KE
|
79
77
|
end
|
@@ -1,40 +1,38 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
#
|
31
|
-
|
32
|
-
class Nonce < Payload
|
33
|
-
# Payload type number
|
34
|
-
PAYLOAD_TYPE = 40
|
35
|
-
end
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Nonce payloads, as defined in RFC 7296 §3.9.
|
12
|
+
#
|
13
|
+
# A Nonce payload contains a generic payload Plugin (see {Payload}) and
|
14
|
+
# data field (type {PacketGen::Types::String}):
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | |
|
21
|
+
# ~ Nonce Data ~
|
22
|
+
# | |
|
23
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
24
|
+
#
|
25
|
+
# == Create a Nonce payload
|
26
|
+
# # Create a IKE packet with a Nonce payload
|
27
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE')
|
28
|
+
# pkt.add('IKE::Nonce', data: "abcdefgh")
|
29
|
+
# pkt.calc_length
|
30
|
+
# @author Sylvain Daubert
|
31
|
+
class Nonce < Payload
|
32
|
+
# Payload type number
|
33
|
+
PAYLOAD_TYPE = 40
|
36
34
|
end
|
37
|
-
|
38
|
-
Header.add_class IKE::Nonce
|
39
35
|
end
|
36
|
+
|
37
|
+
PacketGen::Header.add_class IKE::Nonce
|
40
38
|
end
|
@@ -1,159 +1,155 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
#
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
#
|
49
|
-
|
50
|
-
class Notify < Payload
|
51
|
-
# Payload type number
|
52
|
-
PAYLOAD_TYPE = 41
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Notify payloads, as defined in RFC 7296 §3.10.
|
12
|
+
#
|
13
|
+
# A Notify payload contains a generic payload Plugin (see {Payload}) and
|
14
|
+
# some specific fields:
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | Protocol ID | SPI Size | Notify Message Type |
|
21
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
22
|
+
# | |
|
23
|
+
# ~ Security Parameter Index (SPI) ~
|
24
|
+
# | |
|
25
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
26
|
+
# | |
|
27
|
+
# ~ Notification Data ~
|
28
|
+
# | |
|
29
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
30
|
+
# These specific fields are:
|
31
|
+
# * {#protocol} (type {PacketGen::Types::Int8}),
|
32
|
+
# * {#spi_size} (type {PacketGen::Types::Int8}),
|
33
|
+
# * {#message_type} (type {PacketGen::Types::Int16}),
|
34
|
+
# * {#spi} (type {PacketGen::Types::String}),
|
35
|
+
# * {#content} (type {PacketGen::Types::String}).
|
36
|
+
#
|
37
|
+
# == Create a Notify payload
|
38
|
+
# # Create a IKE packet with a Notify payload
|
39
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'IKE', type: 'INVALID_SYNTAX')
|
40
|
+
# pkt.ike_notify.spi # => ""
|
41
|
+
# pkt.ike_notify.content # => ""
|
42
|
+
# pkt.calc_length
|
43
|
+
# == Create a Notify payload with a SPI
|
44
|
+
# # Create a IKE packet with a Notify payload
|
45
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'ESP', spi_size: 4, type: 'INVALID_SYNTAX')
|
46
|
+
# pkt.ike_notify.spi.read PacketGen::Types::Int32.new(0x12345678).to_s
|
47
|
+
# pkt.calc_length
|
48
|
+
# @author Sylvain Daubert
|
49
|
+
class Notify < Payload
|
50
|
+
# Payload type number
|
51
|
+
PAYLOAD_TYPE = 41
|
53
52
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
53
|
+
# Message types
|
54
|
+
TYPES = {
|
55
|
+
'UNSUPPORTED_CRITICAL_PAYLOAD' => 1,
|
56
|
+
'INVALID_IKE_SPI' => 4,
|
57
|
+
'INVALID_MAJOR_VERSION' => 5,
|
58
|
+
'INVALID_SYNTAX' => 7,
|
59
|
+
'INVALID_MESSAGE_ID' => 9,
|
60
|
+
'INVALID_SPI' => 11,
|
61
|
+
'NO_PROPOSAL_CHOSEN' => 14,
|
62
|
+
'INVALID_KE_PAYLOAD' => 17,
|
63
|
+
'AUTHENTICATION_FAILED' => 24,
|
64
|
+
'SINGLE_PAIR_REQUIRED' => 34,
|
65
|
+
'NO_ADDITIONAL_SAS' => 35,
|
66
|
+
'INTERNAL_ADDRESS_FAILURE' => 36,
|
67
|
+
'FAILED_CP_REQUIRED' => 37,
|
68
|
+
'TS_UNACCEPTABLE' => 38,
|
69
|
+
'INVALID_SELECTORS' => 39,
|
70
|
+
'TEMPORARY_FAILURE' => 43,
|
71
|
+
'CHILD_SA_NOT_FOUND' => 44,
|
72
|
+
'INITIAL_CONTACT' => 16_384,
|
73
|
+
'SET_WINDOW_SIZE' => 16_385,
|
74
|
+
'ADDITIONAL_TS_POSSIBLE' => 16_386,
|
75
|
+
'IPCOMP_SUPPORTED' => 16_387,
|
76
|
+
'NAT_DETECTION_SOURCE_IP' => 16_388,
|
77
|
+
'NAT_DETECTION_DESTINATION_IP' => 16_389,
|
78
|
+
'COOKIE' => 16_390,
|
79
|
+
'USE_TRANSPORT_MODE' => 16_391,
|
80
|
+
'HTTP_CERT_LOOKUP_SUPPORTED' => 16_392,
|
81
|
+
'REKEY_SA' => 16_393,
|
82
|
+
'ESP_TFC_PADDING_NOT_SUPPORTED' => 16_394,
|
83
|
+
'NON_FIRST_FRAGMENTS_ALSO' => 16_395,
|
84
|
+
}.freeze
|
86
85
|
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
86
|
+
# @!attribute [r] protocol
|
87
|
+
# 8-bit protocol ID. If this notification concerns an existing
|
88
|
+
# SA whose SPI is given in the SPI field, this field indicates the
|
89
|
+
# type of that SA. For notifications concerning Child SAs, this
|
90
|
+
# field MUST contain either (2) to indicate AH or (3) to indicate
|
91
|
+
# ESP. Of the notifications defined in this document, the SPI is
|
92
|
+
# included only with INVALID_SELECTORS, REKEY_SA, and
|
93
|
+
# CHILD_SA_NOT_FOUND. If the SPI field is empty, this field MUST be
|
94
|
+
# sent as zero and MUST be ignored on receipt.
|
95
|
+
# @return [Integer]
|
96
|
+
define_field_before :content, :protocol, PacketGen::Types::Int8Enum, enum: PROTOCOLS
|
97
|
+
# @!attribute spi_size
|
98
|
+
# 8-bit SPI size. Give size of SPI field. Length in octets of the SPI as
|
99
|
+
# defined by the IPsec protocol ID or zero if no SPI is applicable. For a
|
100
|
+
# notification concerning the IKE SA, the SPI Size MUST be zero and
|
101
|
+
# the field must be empty.Set to 0 for an initial IKE SA
|
102
|
+
# negotiation, as SPI is obtained from outer Plugin.
|
103
|
+
# @return [Integer]
|
104
|
+
define_field_before :content, :spi_size, PacketGen::Types::Int8, default: 0
|
105
|
+
# @!attribute message_type
|
106
|
+
# 16-bit notify message type. Specifies the type of notification message.
|
107
|
+
# @return [Integer]
|
108
|
+
define_field_before :content, :message_type, PacketGen::Types::Int16Enum, enum: TYPES, default: 0
|
109
|
+
# @!attribute spi
|
110
|
+
# the sending entity's SPI. When the {#spi_size} field is zero,
|
111
|
+
# this field is not present in the proposal.
|
112
|
+
# @return [String]
|
113
|
+
define_field_before :content, :spi, PacketGen::Types::String,
|
114
|
+
builder: ->(h, t) { t.new(length_from: h[:spi_size]) }
|
116
115
|
|
117
|
-
|
116
|
+
alias type message_type
|
118
117
|
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
self.message_type = options[:type] if options[:type]
|
127
|
-
end
|
118
|
+
def initialize(options={})
|
119
|
+
options[:spi_size] = options[:spi].size if options[:spi] && options[:spi_size].nil?
|
120
|
+
super
|
121
|
+
self.protocol = options[:protocol] if options[:protocol]
|
122
|
+
self.message_type = options[:message_type] if options[:message_type]
|
123
|
+
self.message_type = options[:type] if options[:type]
|
124
|
+
end
|
128
125
|
|
129
|
-
|
126
|
+
alias type= message_type=
|
130
127
|
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
128
|
+
# Get protocol name
|
129
|
+
# @return [String]
|
130
|
+
def human_protocol
|
131
|
+
self[:protocol].to_human
|
132
|
+
end
|
136
133
|
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
134
|
+
# Get message type name
|
135
|
+
# @return [String]
|
136
|
+
def human_message_type
|
137
|
+
self[:message_type].to_human
|
138
|
+
end
|
139
|
+
alias human_type human_message_type
|
143
140
|
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
141
|
+
# @return [String]
|
142
|
+
def inspect
|
143
|
+
super do |attr|
|
144
|
+
next unless attr == :protocol
|
148
145
|
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
end
|
146
|
+
str = PacketGen::Inspect.shift_level
|
147
|
+
str << PacketGen::Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
|
148
|
+
human_protocol]
|
153
149
|
end
|
154
150
|
end
|
155
151
|
end
|
156
|
-
|
157
|
-
Header.add_class IKE::Notify
|
158
152
|
end
|
153
|
+
|
154
|
+
PacketGen::Header.add_class IKE::Notify
|
159
155
|
end
|