packetgen-plugin-ipsec 1.0.2 → 1.0.3
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.github/workflows/specs.yml +28 -0
- data/.rubocop.yml +8 -1
- data/.travis.yml +1 -1
- data/Gemfile +11 -0
- data/Rakefile +10 -4
- data/lib/packetgen/plugin/crypto.rb +6 -4
- data/lib/packetgen/plugin/esp.rb +373 -370
- data/lib/packetgen/plugin/ike.rb +218 -217
- data/lib/packetgen/plugin/ike/auth.rb +141 -141
- data/lib/packetgen/plugin/ike/cert.rb +61 -62
- data/lib/packetgen/plugin/ike/certreq.rb +51 -52
- data/lib/packetgen/plugin/ike/id.rb +80 -80
- data/lib/packetgen/plugin/ike/ke.rb +64 -66
- data/lib/packetgen/plugin/ike/nonce.rb +29 -31
- data/lib/packetgen/plugin/ike/notify.rb +135 -139
- data/lib/packetgen/plugin/ike/payload.rb +58 -57
- data/lib/packetgen/plugin/ike/sa.rb +515 -452
- data/lib/packetgen/plugin/ike/sk.rb +219 -221
- data/lib/packetgen/plugin/ike/ts.rb +223 -223
- data/lib/packetgen/plugin/ike/vendor_id.rb +28 -30
- data/lib/packetgen/plugin/ipsec_version.rb +8 -1
- data/packetgen-plugin-ipsec.gemspec +3 -9
- metadata +8 -77
@@ -6,94 +6,94 @@
|
|
6
6
|
|
7
7
|
# frozen_string_literal: true
|
8
8
|
|
9
|
-
module PacketGen
|
10
|
-
|
11
|
-
class
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
PAYLOAD_TYPE = 35
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Identification - Initiator payloads, denoted IDi
|
12
|
+
# (see RFC 7296, §3.5).
|
13
|
+
#
|
14
|
+
# A ID payload consists of the IKE generic payload Plugin (see {Payload})
|
15
|
+
# and some specific fields:
|
16
|
+
# 1 2 3
|
17
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
18
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
19
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
20
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
21
|
+
# | ID Type | RESERVED |
|
22
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
23
|
+
# | |
|
24
|
+
# ~ Identification Data ~
|
25
|
+
# | |
|
26
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
27
|
+
# These specific fields are:
|
28
|
+
# * {#type} (ID type),
|
29
|
+
# * {#reserved},
|
30
|
+
# * and {#content} (Identification Data).
|
31
|
+
#
|
32
|
+
# == Create a IDi payload
|
33
|
+
# # Create a IKE packet with a IDi payload
|
34
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDi', type: 'FQDN')
|
35
|
+
# pkt.ike_idi.content.read 'fqdn.example.org'
|
36
|
+
# pkt.calc_length
|
37
|
+
# @author Sylvain Daubert
|
38
|
+
class IDi < Payload
|
39
|
+
# Payload type number
|
40
|
+
PAYLOAD_TYPE = 35
|
42
41
|
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
42
|
+
# ID types
|
43
|
+
TYPES = {
|
44
|
+
'IPV4_ADDR' => 1,
|
45
|
+
'FQDN' => 2,
|
46
|
+
'RFC822_ADDR' => 3,
|
47
|
+
'IPV6_ADDR' => 5,
|
48
|
+
'DER_ASN1_DN' => 9,
|
49
|
+
'DER_ASN1_GN' => 10,
|
50
|
+
'KEY_ID' => 11
|
51
|
+
}.freeze
|
52
52
|
|
53
|
-
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
53
|
+
# @attribute [r] type
|
54
|
+
# 8-bit ID type
|
55
|
+
# @return [Integer]
|
56
|
+
define_field_before :content, :type, PacketGen::Types::Int8Enum, enum: TYPES
|
57
|
+
# @attribute reserved
|
58
|
+
# 24-bit reserved field
|
59
|
+
# @return [Integer]
|
60
|
+
define_field_before :content, :reserved, PacketGen::Types::Int24
|
61
61
|
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
62
|
+
# Get ID type name
|
63
|
+
# @return [String]
|
64
|
+
def human_type
|
65
|
+
self[:type].to_human
|
66
|
+
end
|
67
67
|
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
end
|
68
|
+
# Get human readable content, from {#type}
|
69
|
+
# @return [String]
|
70
|
+
def human_content
|
71
|
+
case type
|
72
|
+
when TYPES['IPV4_ADDR'], TYPES['IPV4_ADDR']
|
73
|
+
IPAddr.ntop(content)
|
74
|
+
when TYPES['DER_ASN1_DN'], TYPES['DER_ASN1_GN']
|
75
|
+
OpenSSL::X509::Name.new(content).to_s
|
76
|
+
else
|
77
|
+
content.inspect
|
79
78
|
end
|
80
79
|
end
|
81
80
|
|
82
|
-
# This class handles Identification - Responder payloads, denoted IDr.
|
83
|
-
# See {IDi}.
|
84
|
-
#
|
85
|
-
# == Create a IDr payload
|
86
|
-
# # Create a IKE packet with a IDr payload
|
87
|
-
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
|
88
|
-
# pkt.ike_idr.content.read 'fqdn.example.org'
|
89
|
-
# @author Sylvain Daubert
|
90
|
-
class IDr < IDi
|
91
|
-
# Payload type number
|
92
|
-
PAYLOAD_TYPE = 36
|
93
|
-
end
|
94
81
|
end
|
95
82
|
|
96
|
-
|
97
|
-
|
83
|
+
# This class handles Identification - Responder payloads, denoted IDr.
|
84
|
+
# See {IDi}.
|
85
|
+
#
|
86
|
+
# == Create a IDr payload
|
87
|
+
# # Create a IKE packet with a IDr payload
|
88
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::IDr', type: 'FQDN')
|
89
|
+
# pkt.ike_idr.content.read 'fqdn.example.org'
|
90
|
+
# @author Sylvain Daubert
|
91
|
+
class IDr < IDi
|
92
|
+
# Payload type number
|
93
|
+
PAYLOAD_TYPE = 36
|
94
|
+
end
|
98
95
|
end
|
96
|
+
|
97
|
+
PacketGen::Header.add_class IKE::IDi
|
98
|
+
PacketGen::Header.add_class IKE::IDr
|
99
99
|
end
|
@@ -1,79 +1,77 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
#
|
40
|
-
|
41
|
-
class KE < Payload
|
42
|
-
# Payload type number
|
43
|
-
PAYLOAD_TYPE = 34
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Key Exchange payloads, as defined in RFC 7296 §3.4
|
12
|
+
#
|
13
|
+
# A KE payload contains a generic payload Plugin (see {Payload}) and some
|
14
|
+
# specific fields:
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | Diffie-Hellman Group Num | RESERVED |
|
21
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
22
|
+
# | |
|
23
|
+
# ~ Key Exchange Data ~
|
24
|
+
# | |
|
25
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
26
|
+
# These specific fields are:
|
27
|
+
# * {#group_num} (type {PacketGen::Types::Int16}),
|
28
|
+
# * {#reserved} (type {PacketGen::Types::Int16}),
|
29
|
+
# * and {#content} (type {PacketGen::Types::String}).
|
30
|
+
#
|
31
|
+
# == Create a KE payload
|
32
|
+
# # Create a IKE packet with a KE payload
|
33
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE')
|
34
|
+
# # group name is taken from Transform::DH_* constants
|
35
|
+
# pkt.add('IKE::KE', group: 'MODP4096')
|
36
|
+
# # group number may also be used
|
37
|
+
# pkt.ike_ke.group = 1
|
38
|
+
# pkt.calc_length
|
39
|
+
# @author Sylvain Daubert
|
40
|
+
class KE < Payload
|
41
|
+
# Payload type number
|
42
|
+
PAYLOAD_TYPE = 34
|
44
43
|
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
44
|
+
# @!attribute group_num
|
45
|
+
# 16-bit DH group number
|
46
|
+
# @return [Integer]
|
47
|
+
define_field_before :content, :group_num, PacketGen::Types::Int16
|
48
|
+
# @!attribute reserved
|
49
|
+
# 16-bit reserved field
|
50
|
+
# @return [Integer]
|
51
|
+
define_field_before :content, :reserved, PacketGen::Types::Int16, default: 0
|
53
52
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
53
|
+
def initialize(options={})
|
54
|
+
super
|
55
|
+
self.group = options[:group] if options[:group]
|
56
|
+
end
|
58
57
|
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
end
|
58
|
+
# Set group
|
59
|
+
# @param [Integer,String] value may be a String taken from
|
60
|
+
# {Transform}+::DH_*+ constant names.
|
61
|
+
# @return [Integer]
|
62
|
+
def group=(value)
|
63
|
+
group = case value
|
64
|
+
when Integer
|
65
|
+
value
|
66
|
+
else
|
67
|
+
cname = "DH_#{value}"
|
68
|
+
Transform.const_defined?(cname) ? Transform.const_get(cname) : nil
|
69
|
+
end
|
70
|
+
raise ArgumentError, "unknown group #{value.inspect}" unless group
|
71
|
+
self[:group_num].value = group
|
74
72
|
end
|
75
73
|
end
|
76
|
-
|
77
|
-
Header.add_class IKE::KE
|
78
74
|
end
|
75
|
+
|
76
|
+
PacketGen::Header.add_class IKE::KE
|
79
77
|
end
|
@@ -1,40 +1,38 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
#
|
31
|
-
|
32
|
-
class Nonce < Payload
|
33
|
-
# Payload type number
|
34
|
-
PAYLOAD_TYPE = 40
|
35
|
-
end
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Nonce payloads, as defined in RFC 7296 §3.9.
|
12
|
+
#
|
13
|
+
# A Nonce payload contains a generic payload Plugin (see {Payload}) and
|
14
|
+
# data field (type {PacketGen::Types::String}):
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | |
|
21
|
+
# ~ Nonce Data ~
|
22
|
+
# | |
|
23
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
24
|
+
#
|
25
|
+
# == Create a Nonce payload
|
26
|
+
# # Create a IKE packet with a Nonce payload
|
27
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE')
|
28
|
+
# pkt.add('IKE::Nonce', data: "abcdefgh")
|
29
|
+
# pkt.calc_length
|
30
|
+
# @author Sylvain Daubert
|
31
|
+
class Nonce < Payload
|
32
|
+
# Payload type number
|
33
|
+
PAYLOAD_TYPE = 40
|
36
34
|
end
|
37
|
-
|
38
|
-
Header.add_class IKE::Nonce
|
39
35
|
end
|
36
|
+
|
37
|
+
PacketGen::Header.add_class IKE::Nonce
|
40
38
|
end
|
@@ -1,159 +1,155 @@
|
|
1
1
|
# coding: utf-8
|
2
|
+
# frozen_string_literal: true
|
3
|
+
|
2
4
|
# This file is part of IPsec packetgen plugin.
|
3
5
|
# See https://github.com/sdaubert/packetgen-plugin-ipsec for more informations
|
4
6
|
# Copyright (c) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
|
5
7
|
# This program is published under MIT license.
|
6
8
|
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
#
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
#
|
49
|
-
|
50
|
-
class Notify < Payload
|
51
|
-
# Payload type number
|
52
|
-
PAYLOAD_TYPE = 41
|
9
|
+
module PacketGen::Plugin
|
10
|
+
class IKE
|
11
|
+
# This class handles Notify payloads, as defined in RFC 7296 §3.10.
|
12
|
+
#
|
13
|
+
# A Notify payload contains a generic payload Plugin (see {Payload}) and
|
14
|
+
# some specific fields:
|
15
|
+
# 1 2 3
|
16
|
+
# 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
17
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
18
|
+
# | Next Payload |C| RESERVED | Payload Length |
|
19
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
20
|
+
# | Protocol ID | SPI Size | Notify Message Type |
|
21
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
22
|
+
# | |
|
23
|
+
# ~ Security Parameter Index (SPI) ~
|
24
|
+
# | |
|
25
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
26
|
+
# | |
|
27
|
+
# ~ Notification Data ~
|
28
|
+
# | |
|
29
|
+
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
30
|
+
# These specific fields are:
|
31
|
+
# * {#protocol} (type {PacketGen::Types::Int8}),
|
32
|
+
# * {#spi_size} (type {PacketGen::Types::Int8}),
|
33
|
+
# * {#message_type} (type {PacketGen::Types::Int16}),
|
34
|
+
# * {#spi} (type {PacketGen::Types::String}),
|
35
|
+
# * {#content} (type {PacketGen::Types::String}).
|
36
|
+
#
|
37
|
+
# == Create a Notify payload
|
38
|
+
# # Create a IKE packet with a Notify payload
|
39
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'IKE', type: 'INVALID_SYNTAX')
|
40
|
+
# pkt.ike_notify.spi # => ""
|
41
|
+
# pkt.ike_notify.content # => ""
|
42
|
+
# pkt.calc_length
|
43
|
+
# == Create a Notify payload with a SPI
|
44
|
+
# # Create a IKE packet with a Notify payload
|
45
|
+
# pkt = PacketGen.gen('IP').add('UDP').add('IKE').add('IKE::Notify', protocol: 'ESP', spi_size: 4, type: 'INVALID_SYNTAX')
|
46
|
+
# pkt.ike_notify.spi.read PacketGen::Types::Int32.new(0x12345678).to_s
|
47
|
+
# pkt.calc_length
|
48
|
+
# @author Sylvain Daubert
|
49
|
+
class Notify < Payload
|
50
|
+
# Payload type number
|
51
|
+
PAYLOAD_TYPE = 41
|
53
52
|
|
54
|
-
|
55
|
-
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
77
|
-
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
53
|
+
# Message types
|
54
|
+
TYPES = {
|
55
|
+
'UNSUPPORTED_CRITICAL_PAYLOAD' => 1,
|
56
|
+
'INVALID_IKE_SPI' => 4,
|
57
|
+
'INVALID_MAJOR_VERSION' => 5,
|
58
|
+
'INVALID_SYNTAX' => 7,
|
59
|
+
'INVALID_MESSAGE_ID' => 9,
|
60
|
+
'INVALID_SPI' => 11,
|
61
|
+
'NO_PROPOSAL_CHOSEN' => 14,
|
62
|
+
'INVALID_KE_PAYLOAD' => 17,
|
63
|
+
'AUTHENTICATION_FAILED' => 24,
|
64
|
+
'SINGLE_PAIR_REQUIRED' => 34,
|
65
|
+
'NO_ADDITIONAL_SAS' => 35,
|
66
|
+
'INTERNAL_ADDRESS_FAILURE' => 36,
|
67
|
+
'FAILED_CP_REQUIRED' => 37,
|
68
|
+
'TS_UNACCEPTABLE' => 38,
|
69
|
+
'INVALID_SELECTORS' => 39,
|
70
|
+
'TEMPORARY_FAILURE' => 43,
|
71
|
+
'CHILD_SA_NOT_FOUND' => 44,
|
72
|
+
'INITIAL_CONTACT' => 16_384,
|
73
|
+
'SET_WINDOW_SIZE' => 16_385,
|
74
|
+
'ADDITIONAL_TS_POSSIBLE' => 16_386,
|
75
|
+
'IPCOMP_SUPPORTED' => 16_387,
|
76
|
+
'NAT_DETECTION_SOURCE_IP' => 16_388,
|
77
|
+
'NAT_DETECTION_DESTINATION_IP' => 16_389,
|
78
|
+
'COOKIE' => 16_390,
|
79
|
+
'USE_TRANSPORT_MODE' => 16_391,
|
80
|
+
'HTTP_CERT_LOOKUP_SUPPORTED' => 16_392,
|
81
|
+
'REKEY_SA' => 16_393,
|
82
|
+
'ESP_TFC_PADDING_NOT_SUPPORTED' => 16_394,
|
83
|
+
'NON_FIRST_FRAGMENTS_ALSO' => 16_395,
|
84
|
+
}.freeze
|
86
85
|
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
99
|
-
|
100
|
-
|
101
|
-
|
102
|
-
|
103
|
-
|
104
|
-
|
105
|
-
|
106
|
-
|
107
|
-
|
108
|
-
|
109
|
-
|
110
|
-
|
111
|
-
|
112
|
-
|
113
|
-
|
114
|
-
|
115
|
-
|
86
|
+
# @!attribute [r] protocol
|
87
|
+
# 8-bit protocol ID. If this notification concerns an existing
|
88
|
+
# SA whose SPI is given in the SPI field, this field indicates the
|
89
|
+
# type of that SA. For notifications concerning Child SAs, this
|
90
|
+
# field MUST contain either (2) to indicate AH or (3) to indicate
|
91
|
+
# ESP. Of the notifications defined in this document, the SPI is
|
92
|
+
# included only with INVALID_SELECTORS, REKEY_SA, and
|
93
|
+
# CHILD_SA_NOT_FOUND. If the SPI field is empty, this field MUST be
|
94
|
+
# sent as zero and MUST be ignored on receipt.
|
95
|
+
# @return [Integer]
|
96
|
+
define_field_before :content, :protocol, PacketGen::Types::Int8Enum, enum: PROTOCOLS
|
97
|
+
# @!attribute spi_size
|
98
|
+
# 8-bit SPI size. Give size of SPI field. Length in octets of the SPI as
|
99
|
+
# defined by the IPsec protocol ID or zero if no SPI is applicable. For a
|
100
|
+
# notification concerning the IKE SA, the SPI Size MUST be zero and
|
101
|
+
# the field must be empty.Set to 0 for an initial IKE SA
|
102
|
+
# negotiation, as SPI is obtained from outer Plugin.
|
103
|
+
# @return [Integer]
|
104
|
+
define_field_before :content, :spi_size, PacketGen::Types::Int8, default: 0
|
105
|
+
# @!attribute message_type
|
106
|
+
# 16-bit notify message type. Specifies the type of notification message.
|
107
|
+
# @return [Integer]
|
108
|
+
define_field_before :content, :message_type, PacketGen::Types::Int16Enum, enum: TYPES, default: 0
|
109
|
+
# @!attribute spi
|
110
|
+
# the sending entity's SPI. When the {#spi_size} field is zero,
|
111
|
+
# this field is not present in the proposal.
|
112
|
+
# @return [String]
|
113
|
+
define_field_before :content, :spi, PacketGen::Types::String,
|
114
|
+
builder: ->(h, t) { t.new(length_from: h[:spi_size]) }
|
116
115
|
|
117
|
-
|
116
|
+
alias type message_type
|
118
117
|
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
self.message_type = options[:type] if options[:type]
|
127
|
-
end
|
118
|
+
def initialize(options={})
|
119
|
+
options[:spi_size] = options[:spi].size if options[:spi] && options[:spi_size].nil?
|
120
|
+
super
|
121
|
+
self.protocol = options[:protocol] if options[:protocol]
|
122
|
+
self.message_type = options[:message_type] if options[:message_type]
|
123
|
+
self.message_type = options[:type] if options[:type]
|
124
|
+
end
|
128
125
|
|
129
|
-
|
126
|
+
alias type= message_type=
|
130
127
|
|
131
|
-
|
132
|
-
|
133
|
-
|
134
|
-
|
135
|
-
|
128
|
+
# Get protocol name
|
129
|
+
# @return [String]
|
130
|
+
def human_protocol
|
131
|
+
self[:protocol].to_human
|
132
|
+
end
|
136
133
|
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
134
|
+
# Get message type name
|
135
|
+
# @return [String]
|
136
|
+
def human_message_type
|
137
|
+
self[:message_type].to_human
|
138
|
+
end
|
139
|
+
alias human_type human_message_type
|
143
140
|
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
141
|
+
# @return [String]
|
142
|
+
def inspect
|
143
|
+
super do |attr|
|
144
|
+
next unless attr == :protocol
|
148
145
|
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
end
|
146
|
+
str = PacketGen::Inspect.shift_level
|
147
|
+
str << PacketGen::Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr,
|
148
|
+
human_protocol]
|
153
149
|
end
|
154
150
|
end
|
155
151
|
end
|
156
|
-
|
157
|
-
Header.add_class IKE::Notify
|
158
152
|
end
|
153
|
+
|
154
|
+
PacketGen::Header.add_class IKE::Notify
|
159
155
|
end
|