?? isakmp.h
字號:
};/* 3.8 Identification Payload */ /* MUST NOT to be used, because of being defined in ipsec-doi. */struct ikev1_pl_id { struct isakmp_gen h; union { u_int8_t id_type; /* ID Type */ u_int32_t doi_data; /* DOI Specific ID Data */ } d; /* Identification Data */};/* 3.9 Certificate Payload */struct ikev1_pl_cert { struct isakmp_gen h; u_int8_t encode; /* Cert Encoding */ char cert; /* Certificate Data */ /* This field indicates the type of certificate or certificate-related information contained in the Certificate Data field. */};/* Certificate Type */#define ISAKMP_CERT_NONE 0#define ISAKMP_CERT_PKCS 1#define ISAKMP_CERT_PGP 2#define ISAKMP_CERT_DNS 3#define ISAKMP_CERT_SIGN 4#define ISAKMP_CERT_KE 5#define ISAKMP_CERT_KT 6#define ISAKMP_CERT_CRL 7#define ISAKMP_CERT_ARL 8#define ISAKMP_CERT_SPKI 9/* 3.10 Certificate Request Payload */struct ikev1_pl_cr { struct isakmp_gen h; u_int8_t num_cert; /* # Cert. Types */ /* Certificate Types (variable length) -- Contains a list of the types of certificates requested, sorted in order of preference. Each individual certificate type is 1 octet. This field is NOT requiredo */ /* # Certificate Authorities (1 octet) */ /* Certificate Authorities (variable length) */};/* 3.11 Hash Payload */ /* may not be used, because of having only data. */struct ikev1_pl_hash { struct isakmp_gen h; /* Hash Data */};/* 3.12 Signature Payload */ /* may not be used, because of having only data. */struct ikev1_pl_sig { struct isakmp_gen h; /* Signature Data */};/* 3.13 Nonce Payload */ /* may not be used, because of having only data. */struct ikev1_pl_nonce { struct isakmp_gen h; /* Nonce Data */};/* 3.14 Notification Payload */struct ikev1_pl_n { struct isakmp_gen h; u_int32_t doi; /* Domain of Interpretation */ u_int8_t prot_id; /* Protocol-ID */ u_int8_t spi_size; /* SPI Size */ u_int16_t type; /* Notify Message Type */ /* SPI */ /* Notification Data */};/* 3.14.1 Notify Message Types *//* NOTIFY MESSAGES - ERROR TYPES */#define ISAKMP_NTYPE_INVALID_PAYLOAD_TYPE 1#define ISAKMP_NTYPE_DOI_NOT_SUPPORTED 2#define ISAKMP_NTYPE_SITUATION_NOT_SUPPORTED 3#define ISAKMP_NTYPE_INVALID_COOKIE 4#define ISAKMP_NTYPE_INVALID_MAJOR_VERSION 5#define ISAKMP_NTYPE_INVALID_MINOR_VERSION 6#define ISAKMP_NTYPE_INVALID_EXCHANGE_TYPE 7#define ISAKMP_NTYPE_INVALID_FLAGS 8#define ISAKMP_NTYPE_INVALID_MESSAGE_ID 9#define ISAKMP_NTYPE_INVALID_PROTOCOL_ID 10#define ISAKMP_NTYPE_INVALID_SPI 11#define ISAKMP_NTYPE_INVALID_TRANSFORM_ID 12#define ISAKMP_NTYPE_ATTRIBUTES_NOT_SUPPORTED 13#define ISAKMP_NTYPE_NO_PROPOSAL_CHOSEN 14#define ISAKMP_NTYPE_BAD_PROPOSAL_SYNTAX 15#define ISAKMP_NTYPE_PAYLOAD_MALFORMED 16#define ISAKMP_NTYPE_INVALID_KEY_INFORMATION 17#define ISAKMP_NTYPE_INVALID_ID_INFORMATION 18#define ISAKMP_NTYPE_INVALID_CERT_ENCODING 19#define ISAKMP_NTYPE_INVALID_CERTIFICATE 20#define ISAKMP_NTYPE_BAD_CERT_REQUEST_SYNTAX 21#define ISAKMP_NTYPE_INVALID_CERT_AUTHORITY 22#define ISAKMP_NTYPE_INVALID_HASH_INFORMATION 23#define ISAKMP_NTYPE_AUTHENTICATION_FAILED 24#define ISAKMP_NTYPE_INVALID_SIGNATURE 25#define ISAKMP_NTYPE_ADDRESS_NOTIFICATION 26/* NOTIFY MESSAGES - STATUS TYPES */#define ISAKMP_NTYPE_CONNECTED 16384/* using only to log */#define ISAKMP_LOG_RETRY_LIMIT_REACHED 65530/* 3.15 Delete Payload */struct ikev1_pl_d { struct isakmp_gen h; u_int32_t doi; /* Domain of Interpretation */ u_int8_t prot_id; /* Protocol-Id */ u_int8_t spi_size; /* SPI Size */ u_int16_t num_spi; /* # of SPIs */ /* SPI(es) */};
struct ikev1_ph1tab { struct ikev1_ph1 *head; struct ikev1_ph1 *tail; int len;};struct isakmp_ph2tab { struct ikev1_ph2 *head; struct ikev1_ph2 *tail; int len;};#define EXCHANGE_PROXY 1#define EXCHANGE_MYSELF 0#define PFS_NEED 1#define PFS_NONEED 0/* IKEv2 (RFC4306) *//* 3.3 Security Association Payload -- generic header *//* 3.3.1. Proposal Substructure */struct ikev2_p { struct isakmp_gen h; u_int8_t p_no; /* Proposal # */ u_int8_t prot_id; /* Protocol */ u_int8_t spi_size; /* SPI Size */ u_int8_t num_t; /* Number of Transforms */};/* 3.3.2. Transform Substructure */struct ikev2_t { struct isakmp_gen h; u_int8_t t_type; /* Transform Type (ENCR,PRF,INTEG,etc.*/ u_int8_t res2; /* reserved byte */ u_int16_t t_id; /* Transform ID */};enum ikev2_t_type { IV2_T_ENCR = 1, IV2_T_PRF = 2, IV2_T_INTEG= 3, IV2_T_DH = 4, IV2_T_ESN = 5,};/* 3.4. Key Exchange Payload */struct ikev2_ke { struct isakmp_gen h; u_int16_t ke_group; u_int16_t ke_res1; /* KE data */};/* 3.10 Notification Payload */struct ikev2_n { struct isakmp_gen h; u_int8_t prot_id; /* Protocol-ID */ u_int8_t spi_size; /* SPI Size */ u_int16_t type; /* Notify Message Type */ /* SPI */ /* Notification Data */};enum ikev2_n_type { IV2_NOTIFY_UNSUPPORTED_CRITICAL_PAYLOAD = 1, IV2_NOTIFY_INVALID_IKE_SPI = 4, IV2_NOTIFY_INVALID_MAJOR_VERSION = 5, IV2_NOTIFY_INVALID_SYNTAX = 7, IV2_NOTIFY_INVALID_MESSAGE_ID = 9, IV2_NOTIFY_INVALID_SPI =11, IV2_NOTIFY_NO_PROPOSAL_CHOSEN =14, IV2_NOTIFY_INVALID_KE_PAYLOAD =17, IV2_NOTIFY_AUTHENTICATION_FAILED =24, IV2_NOTIFY_SINGLE_PAIR_REQUIRED =34, IV2_NOTIFY_NO_ADDITIONAL_SAS =35, IV2_NOTIFY_INTERNAL_ADDRESS_FAILURE =36, IV2_NOTIFY_FAILED_CP_REQUIRED =37, IV2_NOTIFY_INVALID_SELECTORS =39, IV2_NOTIFY_INITIAL_CONTACT =16384, IV2_NOTIFY_SET_WINDOW_SIZE =16385, IV2_NOTIFY_ADDITIONAL_TS_POSSIBLE =16386, IV2_NOTIFY_IPCOMP_SUPPORTED =16387, IV2_NOTIFY_NAT_DETECTION_SOURCE_IP =16388, IV2_NOTIFY_NAT_DETECTION_DESTINATION_IP =16389, IV2_NOTIFY_COOKIE =16390, IV2_NOTIFY_USE_TRANSPORT_MODE =16391, IV2_NOTIFY_HTTP_CERT_LOOKUP_SUPPORTED =16392, IV2_NOTIFY_REKEY_SA =16393, IV2_NOTIFY_ESP_TFC_PADDING_NOT_SUPPORTED =16394, IV2_NOTIFY_NON_FIRST_FRAGMENTS_ALSO =16395};struct notify_messages { u_int16_t type; char *msg;};/* 3.8 Notification Payload */struct ikev2_auth { struct isakmp_gen h; u_int8_t auth_method; /* Protocol-ID */ u_int8_t reserved[3]; /* authentication data */};enum ikev2_auth_type { IV2_RSA_SIG = 1, IV2_SHARED = 2, IV2_DSS_SIG = 3,};#endif /* !defined(_ISAKMP_H_) */?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -