summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/isakmp_num.cst
blob: 24d994abbfa795996b4bd60118dca8f0948720fc (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
#	$OpenBSD: isakmp_num.cst,v 1.9 2004/06/20 15:20:07 ho Exp $
#	$EOM: isakmp_num.cst,v 1.3 2000/05/17 03:09:50 angelos Exp $

#
# Copyright (c) 1998, 2001 Niklas Hallqvist.  All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
#    notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
#    notice, this list of conditions and the following disclaimer in the
#    documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
# IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
# OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
# IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
# NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
# THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#

#
# This code was written under funding by Ericsson Radio Systems.
#

# XXX Please fill in references to the drafts, chapter & verse for each
# constant group below.
# Also think about ranges, can they be specified differently?  Can we use
# these constants for validity checks?

# ISAKMP payload type.
ISAKMP_PAYLOAD
  NONE				0
  SA				1
  PROPOSAL			2
  TRANSFORM			3
  KEY_EXCH			4
  ID				5
  CERT				6
  CERT_REQ			7
  HASH				8
  SIG				9
  NONCE				10
  NOTIFY			11
  DELETE			12
  VENDOR			13
# XXX the following are not quite legitimate according to the IETF process
  ATTRIBUTE			14	# IKE Mode-Config attribute
  SAK				15	# RFC 3547, SA KEK Payload
  SAT				16	# RFC 3547, SA TEK Payload
  KD				17	# RFC 3547, Key Download
  SEQ				18	# RFC 3547, Sequence Number
  POP				19	# RFC 3547, Proof of possession
  RESERVED_MIN			20
  RESERVED_MAX			127
  PRIVATE_MIN			128
# XXX values from draft-ietf-ipsec-nat-t-ike-01,02,03. Later drafts specify
# XXX NAT_D as payload 15 and NAT_OA as 16, but these are allocated by RFC
# XXX 3547 as seen above.
  NAT_D				130	# NAT Discovery payload
  NAT_OA			131	# NAT Original Address payload
  PRIVATE_MAX			255
.

# ISAKMP exchange types.
ISAKMP_EXCH
  NONE				0
  BASE				1
  ID_PROT			2
  AUTH_ONLY			3
  AGGRESSIVE			4
  INFO				5
# XXX the following are not quite legitimate according to the IETF process
  TRANSACTION			6
  DPD				7
  FUTURE_MIN			8
  FUTURE_MAX			31
  DOI_MIN			32
  DOI_MAX			255
.

# ISAKMP flags.
ISAKMP_FLAGS
  ENC				1
  COMMIT			2
  AUTH_ONLY			4
.

# ISAKMP certificate encoding.
ISAKMP_CERTENC
  NONE				0
  PKCS				1
  PGP				2
  DNS				3
  X509_SIG			4
  X509_KE			5
  KERBEROS			6
  CRL				7
  ARL				8
  SPKI				9
  X509_ATTR			10
  KEYNOTE			11
  HASH_URL_PKIX_CERT		12
  HASH_URL_PKIX_BUNDLE		13
  RESERVED_MIN			14
  RESERVED_MAX			255
.

# ISAKMP Notify message types.
ISAKMP_NOTIFY
  INVALID_PAYLOAD_TYPE		1
  DOI_NOT_SUPPORTED		2
  SITUATION_NOT_SUPPORTED	3
  INVALID_COOKIE		4
  INVALID_MAJOR_VERSION		5
  INVALID_MINOR_VERSION		6
  INVALID_EXCHANGE_TYPE		7
  INVALID_FLAGS			8
  INVALID_MESSAGE_ID		9
  INVALID_PROTOCOL_ID		10
  INVALID_SPI			11
  INVALID_TRANSFORM_ID		12
  ATTRIBUTES_NOT_SUPPORTED	13
  NO_PROPOSAL_CHOSEN		14
  BAD_PROPOSAL_SYNTAX		15
  PAYLOAD_MALFORMED		16
  INVALID_KEY_INFORMATION	17
  INVALID_ID_INFORMATION	18
  INVALID_CERT_ENCODING		19
  INVALID_CERTIFICATE		20
  CERT_TYPE_UNSUPPORTED		21
  INVALID_CERT_AUTHORITY	22
  INVALID_HASH_INFORMATION	23
  AUTHENTICATION_FAILED		24
  INVALID_SIGNATURE		25
  ADDRESS_NOTIFICATION		26
  NOTIFY_SA_LIFETIME		27
  CERTIFICATE_UNAVAILABLE	28
  UNSUPPORTED_EXCHANGE_TYPE	29
  UNEQUAL_PAYLOAD_LENGTHS	30
  RESERVED_MIN			31
  RESERVED_MAX			8191
  PRIVATE_MIN			8192
  PRIVATE_MAX			16383
  STATUS_CONNECTED		16384
  STATUS_RESERVED1_MIN		16385
  STATUS_RESERVED1_MAX		24575
  STATUS_DOI_MIN		24576
  STATUS_DOI_MAX		32767
  STATUS_PRIVATE_MIN		32768
  STATUS_DPD_R_U_THERE		36136
  STATUS_DPD_R_U_THERE_ACK	36137
  STATUS_PRIVATE_MAX		40959
  STATUS_RESERVED2_MIN		40960
  STATUS_RESERVED2_MAX		65535
.

# ISAKMP V2 Notify payload types
ISAKMP_V2_NOTIFY
  UNSUPPORTED_CRITICAL_PAYLOAD		1
  INVALID_IKE_SPI			4
  INVALID_MAJOR_VERSION			5
  INVALID_SYNTAX			7
  INVALID_MESSAGE_ID			9
  INVALID_SPI				11
  NO_PROPOSAL_CHOSEN			14
  AUTHENTICATION_FAILED			24
  SINGLE_PAIR_REQUIRED			34
  NO_ADDITIONAL_SAS			35
  INTERNAL_ADDRESS_FAILURE		36
  FAILED_CP_REQUIRED			37
  TS_UNACCEPTABLE			38
  RESERVED_MIN				39
  RESERVED_MAX				8191
  PRIVATE_MIN				8192
  PRIVATE_MAX				16383
  STATUS_RESERVED1_MIN			16384
  STATUS_RESERVED1_MAX			24577
  STATUS_INITIAL_CONTACT		24578
  STATUS_SET_WINDOW_SIZE		24579
  STATUS_ADDITIONAL_IS_POSSIBLE		24580
  STATUS_IPCOMP_SUPPORTED		24581
  STATUS_NAT_DETECTION_SOURCE_IP	24582
  STATUS_NAT_DETECTION_DESTINATION_IP	24583
  STATUS_COOKIE				24584
  STATUS_USE_TRANSPORT_MODE		24585
  STATUS_HTTP_CERT_LOOKUP_SUPPORTED	24586
  STATUS_RESERVED2_MIN			24587
  STATUS_RESERVED2_MAX			40959
  STATUS_PRIVATE_MIN			40960
  STATUS_PRIVATE_MAX			65535
.

# ISAKMP DOI Identifier.
ISAKMP_DOI
  ISAKMP		0
.

# ISAKMP Protocol ID.
ISAKMP_PROTO
  ISAKMP		1
.

# ISAKMP transaction message type.
ISAKMP_CFG
  REQUEST		1
  REPLY			2
  SET			3
  ACK			4
  FUTURE_MIN		5
  FUTURE_MAX		127
  PRIVATE_MIN		128
  PRIVATE_MAX		255
.

# ISAKMP configuration attributes.
ISAKMP_CFG_ATTR
  INTERNAL_IP4_ADDRESS		1
  INTERNAL_IP4_NETMASK		2
  INTERNAL_IP4_DNS		3
  INTERNAL_IP4_NBNS		4
  INTERNAL_ADDRESS_EXPIRY	5
  INTERNAL_IP4_DHCP		6
  APPLICATION_VERSION		7
  INTERNAL_IP6_ADDRESS		8
  INTERNAL_IP6_NETMASK		9
  INTERNAL_IP6_DNS		10
  INTERNAL_IP6_NBNS		11
  INTERNAL_IP6_DHCP		12
  INTERNAL_IP4_SUBNET		13
  SUPPORTED_ATTRIBUTES		14
  INTERNAL_IP6_SUBNET		15
  FUTURE_MIN			16
  FUTURE_MAX			16383
  PRIVATE_MIN			16384
  PRIVATE_MAX			32767
.

# ISAKMP EAP
ISAKMP_EAP_CODE
  REQUEST			1
  RESPONSE			2
  SUCCESS			3
  FAILURE			4
.

# ISAKMP EAP Types (RFC2284)
ISAKMP_EAP_TYPE
  IDENTITY			1
  NOTIFICATION			2
  NAK				3	# Response only
  MD5_CHALLENGE			4
  OTP				5
  TOKEN				6	# Generic token card
.