Permalink
Browse files

added commit bit proccesing. (not tested)

XXX don't initiate commit bit.  should be fixed in the future.

add a question:
	Is it forbidden to clear commit bit during phase2 negotiation ?
  • Loading branch information...
1 parent 7a2e917 commit e10ba506fb2246375a079cec599c4957a8ff4c8a sakane committed Jan 10, 2000
@@ -1,4 +1,4 @@
-$Id: question,v 1.2 2000/01/09 23:38:24 sakane Exp $
+$Id: question,v 1.3 2000/01/10 00:39:40 sakane Exp $
HOW DO I DO ?
o ID payload handling in phase 2 besides IPSECDOI_ID_IP*.
@@ -34,3 +34,4 @@ o base mode
Nr ?
o What's proto_id in notify message of responder 2nd message with commit bit
processing when multiple different SA applyed ?
+o Is it forbidden to clear commit bit during phase2 negotiation ?
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/* YIPS @(#)$Id: handler.c,v 1.8 2000/01/09 01:31:23 itojun Exp $ */
+/* YIPS @(#)$Id: handler.c,v 1.9 2000/01/10 00:39:35 sakane Exp $ */
#include <sys/types.h>
#include <sys/param.h>
@@ -379,7 +379,6 @@ void
initph2(iph2)
struct ph2handle *iph2;
{
- /* iph2->inuse = 0; don't init ! */
if (iph2->ivm)
oakley_delivm(iph2->ivm);
if (iph2->sce)
View
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/* YIPS @(#)$Id: handler.h,v 1.4 2000/01/09 23:11:04 sakane Exp $ */
+/* YIPS @(#)$Id: handler.h,v 1.5 2000/01/10 00:39:35 sakane Exp $ */
/* Phase 1 handler */
/*
@@ -173,9 +173,10 @@ struct ph1handle {
* 4 getspi done getspi done
* 5 1st msg sent 1st msg sent
* 6 1st valid msg received 2nd valid msg received
- * 7 SAs added SAs added
- * 8 SAs established SAs established
- * 9 SAs expired SAs expired
+ * 7 (commit bit) (commit bit)
+ * 8 SAs added SAs added
+ * 9 SAs established SAs established
+ * 10 SAs expired SAs expired
*/
#define PHASE2ST_SPAWN 0
#define PHASE2ST_START 1
@@ -184,10 +185,11 @@ struct ph1handle {
#define PHASE2ST_GETSPIDONE 4
#define PHASE2ST_MSG1SENT 5
#define PHASE2ST_STATUS6 6
-#define PHASE2ST_ADDSA 7
-#define PHASE2ST_ESTABLISHED 8
-#define PHASE2ST_EXPIRED 9
-#define PHASE2ST_MAX 10
+#define PHASE2ST_COMMIT 7
+#define PHASE2ST_ADDSA 8
+#define PHASE2ST_ESTABLISHED 9
+#define PHASE2ST_EXPIRED 10
+#define PHASE2ST_MAX 11
struct ph2handle {
struct policyindex *spidx; /* pointer to policy */
View
@@ -26,7 +26,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/* YIPS @(#)$Id: isakmp.c,v 1.16 2000/01/09 23:11:06 sakane Exp $ */
+/* YIPS @(#)$Id: isakmp.c,v 1.17 2000/01/10 00:39:36 sakane Exp $ */
#include <sys/types.h>
#include <sys/param.h>
@@ -112,9 +112,9 @@ static int (*ph2exchange[][2][PHASE2ST_MAX])
__P((struct ph2handle *, vchar_t *)) = {
{ /* Quick mode for IKE*/
{ NULL, NULL, quick_i1prep, NULL, quick_i1send,
- quick_i2recv, quick_i2send, NULL, NULL, NULL, },
+ quick_i2recv, quick_i2send, quick_i3recv, NULL, NULL, },
{ NULL, quick_r1recv, quick_r1prep, NULL, quick_r2send,
- quick_r3recv, quick_r3prep, NULL, NULL, NULL, }
+ quick_r3recv, quick_r3send, quick_r3prep, NULL, NULL, }
},
};
@@ -448,6 +448,16 @@ isakmp_main(msg, remote, local)
/*NOTREACHED*/
}
+ /* commit bit. */
+ /* XXX
+ * we keep to set commit bit during negotiation.
+ * When SA is configured, bit will be reset.
+ * XXX
+ * don't initiate commit bit. should be fixed in the future.
+ */
+ if (ISSET(isakmp->flags, ISAKMP_FLAG_C))
+ iph2->ph1->flags |= ISAKMP_FLAG_C;
+
/* receive */
YIPSDEBUG(DEBUG_USEFUL, plog(logp, LOCATION, NULL, "===\n"));
if ((ph2exchange[etypesw(isakmp->etype)]
Oops, something went wrong.

0 comments on commit e10ba50

Please sign in to comment.