Merge branch 'win'

Ports the strongSwan core libraries and some plugins to the Windows platform
using a MinGW based toolchain. Beside generic platform abstraction and
the windows.[ch] compatibility layer, this merge introduces a Windows native
threading backend and a charon-svc Windows IKE service.

Travis adds a MinGW cross-compile build to Windows, and further enables -Werror
to let builds fail for all compiler warnings with gcc and Clang.

.gitignore

@@ -23,6 +23,7 @@ libtool
 .dirstamp
 *.l[ao]
 *.[ao]
+*.exe
 y.tab.[ch]
 lex.yy.c
 *keywords.c

.travis.yml

@@ -37,3 +37,5 @@ matrix:
   include:
     - compiler: gcc
       env: TEST=dist
+    - compiler: gcc
+      env: TEST=win MONOLITHIC=yes

conf/Makefile.am

@@ -18,6 +18,7 @@ options = \
 	options/pool.opt \
 	options/starter.opt \
 	options/tnc.opt \
+	options/pki.opt \
 	options/tools.opt
 
 plugins = \

conf/options/pki.opt

@@ -0,0 +1,2 @@
+pki.load =
+	Plugins to load in ipsec pki tool.

conf/options/tools.opt

@@ -1,5 +1,2 @@
-pki.load =
-	Plugins to load in ipsec pki tool.
-
 scepclient.load =
 	Plugins to load in ipsec scepclient tool.

configure.ac

@@ -265,13 +265,16 @@ ARG_ENABL_SET([manager],        [enable web management console (proof of concept
 ARG_ENABL_SET([medcli],         [enable mediation client configuration database plugin.])
 ARG_ENABL_SET([medsrv],         [enable mediation server web frontend and daemon plugin.])
 ARG_ENABL_SET([nm],             [enable NetworkManager backend.])
+ARG_DISBL_SET([pki],            [disable pki certificate utility.])
 ARG_DISBL_SET([scripts],        [disable additional utilities (found in directory scripts).])
+ARG_ENABL_SET([svc],            [enable charon Windows service.])
 ARG_ENABL_SET([swanctl],        [enable swanctl configuration and control tool.])
 ARG_ENABL_SET([tkm],            [enable Trusted Key Manager support.])
-ARG_DISBL_SET([tools],          [disable additional utilities (scepclient and pki).])
+ARG_DISBL_SET([tools],          [disable additional utilities (scepclient).])
 ARG_ENABL_SET([aikgen],         [enable AIK generator.])
 # optional features
 ARG_ENABL_SET([bfd-backtraces], [use binutils libbfd to resolve backtraces for memory leaks and segfaults.])
+ARG_ENABL_SET([dbghelp-backtraces],[use dbghlp.dll on Windows to create and print backtraces for memory leaks and segfaults.])
 ARG_DISBL_SET([ikev1],          [disable IKEv1 protocol support in charon.])
 ARG_DISBL_SET([ikev2],          [disable IKEv2 protocol support in charon.])
 ARG_ENABL_SET([integrity-test], [enable integrity testing of libstrongswan and plugins.])
@@ -567,7 +570,13 @@ AC_CHECK_FUNC(
 )
 
 AC_CHECK_FUNCS(prctl mallinfo getpass closefrom getpwnam_r getgrnam_r getpwuid_r)
-AC_CHECK_FUNCS(fmemopen funopen mmap memrchr)
+AC_CHECK_FUNCS(fmemopen funopen mmap memrchr setlinebuf strptime)
+
+AC_CHECK_FUNC([syslog], [
+	AC_DEFINE([HAVE_SYSLOG], [], [have syslog(3) and friends])
+	syslog=true
+])
+AM_CONDITIONAL(USE_SYSLOG, [test "x$syslog" = xtrue])
 
 AC_CHECK_HEADERS(sys/sockio.h glob.h net/if_tun.h linux/fib_rules.h)
 AC_CHECK_HEADERS(net/pfkeyv2.h netipsec/ipsec.h netinet6/ipsec.h linux/udp.h)
@@ -600,7 +609,7 @@ AC_COMPILE_IFELSE(
 		[[#include <sys/types.h>
 		  #include <sys/socket.h>
 		  #include <netinet/in.h>]],
-		[[struct in6_addr in6;
+		[[struct in6_addr in6 __attribute__((unused));
 		  in6 = in6addr_any;]])],
 	[AC_MSG_RESULT([yes]);
 	 AC_DEFINE([HAVE_IN6ADDR_ANY], [], [have struct in6_addr in6addr_any])],
@@ -724,6 +733,65 @@ if test x$printf_hooks = xauto -o x$printf_hooks = xglibc; then
 	)
 fi
 
+AC_MSG_CHECKING([for Windows target])
+AC_COMPILE_IFELSE(
+	[AC_LANG_PROGRAM(
+		[[#include <windows.h>]],
+		[[#ifndef WIN32
+		  # error WIN32 undefined
+		  #endif
+		]])],
+	[
+		AC_MSG_RESULT([yes])
+		windows=true
+		openssl_lib=eay32
+		AC_SUBST(PTHREADLIB, "")
+		# explicitly disable ms-bitfields, as it breaks __attribute__((packed))
+		case "$CFLAGS" in
+			*ms-bitfields*) ;;
+			*) CFLAGS="$CFLAGS -mno-ms-bitfields" ;;
+		esac
+	],
+	[
+		AC_MSG_RESULT([no])
+		openssl_lib=crypto
+	]
+)
+AC_SUBST(OPENSSL_LIB, [-l$openssl_lib])
+AM_CONDITIONAL(USE_WINDOWS, [test "x$windows" = xtrue])
+
+AC_MSG_CHECKING([for working __attribute__((packed))])
+AC_COMPILE_IFELSE(
+	[AC_LANG_PROGRAM([], [[
+		struct test { char a; short b; } __attribute__((packed));
+		char x[sizeof(struct test) == sizeof(char) + sizeof(short) ? 1 : -1]
+			__attribute__((unused));
+		return 0;
+	]])],
+	[AC_MSG_RESULT([yes])],
+	[AC_MSG_RESULT([no]); AC_MSG_ERROR([__attribute__((packed)) does not work])]
+)
+
+AC_MSG_CHECKING([clang])
+AC_COMPILE_IFELSE(
+	[AC_LANG_PROGRAM(
+		[], [[
+		 #ifndef __clang__
+		 # error not using LLVM clang
+		 #endif
+		]])],
+	[
+		AC_MSG_RESULT([yes])
+	],
+	[
+		AC_MSG_RESULT([no])
+		# GCC, but not MinGW requires -rdynamic for plugins
+		if test x$windows != xtrue; then
+			AC_SUBST(PLUGIN_CFLAGS, [-rdynamic])
+		fi
+	]
+)
+
 if test x$printf_hooks = xvstr; then
 	AC_CHECK_LIB([vstr],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([Vstr string library not found])],[])
 	AC_DEFINE([USE_VSTR], [], [use Vstr string library for printf hooks])
@@ -870,12 +938,18 @@ if test x$fast = xtrue; then
 fi
 
 if test x$mysql = xtrue; then
-	AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
-	if test x$MYSQLCONFIG = x; then
-		AC_MSG_ERROR([mysql_config not found!])
+	if test "x$windows" = xtrue; then
+		AC_CHECK_HEADER([mysql.h],,[AC_MSG_ERROR([MySQL header file mysql.h not found!])])
+		AC_CHECK_LIB([mysql],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([MySQL library not found!])],[])
+		AC_SUBST(MYSQLLIB, -lmysql)
+	else
+		AC_PATH_PROG([MYSQLCONFIG], [mysql_config], [], [$PATH:/bin:/usr/bin:/usr/local/bin])
+		if test x$MYSQLCONFIG = x; then
+			AC_MSG_ERROR([mysql_config not found!])
+		fi
+		AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
+		AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
 	fi
-	AC_SUBST(MYSQLLIB, `$MYSQLCONFIG --libs_r`)
-	AC_SUBST(MYSQLCFLAG, `$MYSQLCONFIG --cflags`)
 fi
 
 if test x$sqlite = xtrue; then
@@ -904,7 +978,7 @@ if test x$sqlite = xtrue; then
 fi
 
 if test x$openssl = xtrue; then
-	AC_CHECK_LIB([crypto],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL crypto library not found])],[])
+	AC_CHECK_LIB([$openssl_lib],[main],[LIBS="$LIBS"],[AC_MSG_ERROR([OpenSSL lib$openssl_lib not found])],[])
 	AC_CHECK_HEADER([openssl/evp.h],,[AC_MSG_ERROR([OpenSSL header openssl/evp.h not found!])])
 fi
 
@@ -1373,12 +1447,13 @@ AM_CONDITIONAL(USE_THREADS, test x$threads = xtrue)
 AM_CONDITIONAL(USE_ADNS, test x$adns = xtrue)
 AM_CONDITIONAL(USE_CHARON, test x$charon = xtrue)
 AM_CONDITIONAL(USE_NM, test x$nm = xtrue)
+AM_CONDITIONAL(USE_PKI, test x$pki = xtrue)
 AM_CONDITIONAL(USE_TOOLS, test x$tools = xtrue)
 AM_CONDITIONAL(USE_SCRIPTS, test x$scripts = xtrue)
 AM_CONDITIONAL(USE_CONFTEST, test x$conftest = xtrue)
-AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue)
-AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
-AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue)
+AM_CONDITIONAL(USE_LIBSTRONGSWAN, test x$charon = xtrue -o x$pki = xtrue -o x$tools = xtrue -o x$conftest = xtrue -o x$fast = xtrue -o x$imcv = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$tls = xtrue -o x$tnc_tnccs = xtrue -o x$aikgen = xtrue -o x$svc = xtrue)
+AM_CONDITIONAL(USE_LIBHYDRA, test x$charon = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue)
+AM_CONDITIONAL(USE_LIBCHARON, test x$charon = xtrue -o x$conftest = xtrue -o x$nm = xtrue -o x$tkm = xtrue -o x$cmd = xtrue -o x$svc = xtrue)
 AM_CONDITIONAL(USE_LIBIPSEC, test x$libipsec = xtrue)
 AM_CONDITIONAL(USE_LIBTNCIF, test x$tnc_tnccs = xtrue -o x$imcv = xtrue)
 AM_CONDITIONAL(USE_LIBTNCCS, test x$tnc_tnccs = xtrue)
@@ -1397,10 +1472,12 @@ AM_CONDITIONAL(USE_TROUSERS, test x$tss = xtrousers -o x$aikgen = xtrue)
 AM_CONDITIONAL(MONOLITHIC, test x$monolithic = xtrue)
 AM_CONDITIONAL(USE_SILENT_RULES, test x$enable_silent_rules = xyes)
 AM_CONDITIONAL(COVERAGE, test x$coverage = xtrue)
+AM_CONDITIONAL(USE_DBGHELP, test x$dbghelp_backtraces = xtrue)
 AM_CONDITIONAL(USE_TKM, test x$tkm = xtrue)
 AM_CONDITIONAL(USE_CMD, test x$cmd = xtrue)
 AM_CONDITIONAL(USE_AIKGEN, test x$aikgen = xtrue)
 AM_CONDITIONAL(USE_SWANCTL, test x$swanctl = xtrue)
+AM_CONDITIONAL(USE_SVC, test x$svc = xtrue)
 
 # ========================
 #  set global definitions
@@ -1438,6 +1515,7 @@ AM_COND_IF([USE_LIBTNCCS], [strongswan_options=${strongswan_options}" tnc"])
 AM_COND_IF([USE_MANAGER], [strongswan_options=${strongswan_options}" manager"])
 AM_COND_IF([USE_MEDSRV], [strongswan_options=${strongswan_options}" medsrv"])
 AM_COND_IF([USE_TOOLS], [strongswan_options=${strongswan_options}" tools"])
+AM_COND_IF([USE_PKI], [strongswan_options=${strongswan_options}" pki"])
 
 AC_SUBST(strongswan_options)
 
@@ -1540,6 +1618,7 @@ AC_CONFIG_FILES([
 	src/charon-nm/Makefile
 	src/charon-tkm/Makefile
 	src/charon-cmd/Makefile
+	src/charon-svc/Makefile
 	src/libcharon/Makefile
 	src/libcharon/plugins/eap_aka/Makefile
 	src/libcharon/plugins/eap_aka_3gpp2/Makefile

scripts/test.sh

@@ -11,6 +11,8 @@ TARGET=check
 
 DEPS="libgmp-dev"
 
+CFLAGS="-g -O2 -Wall -Wno-format -Wno-format-security -Wno-pointer-sign -Werror"
+
 case "$TEST" in
 default)
 	# should be the default, but lets make sure
@@ -31,7 +33,8 @@ all)
 	CONFIG="--enable-all --disable-android-dns --disable-android-log
 			--disable-dumm --disable-kernel-pfroute --disable-keychain
 			--disable-lock-profiler --disable-maemo --disable-padlock
-			--disable-osx-attr --disable-tkm --disable-uci --disable-aikgen"
+			--disable-osx-attr --disable-tkm --disable-uci --disable-aikgen
+			--disable-svc --disable-dbghelp-backtraces"
 	if test "$LEAK_DETECTIVE" = "yes"; then
 		# libgcrypt can't be deinitialized
 		CONFIG="$CONFIG --disable-gcrypt"
@@ -47,6 +50,22 @@ all)
 		  libnm-glib-dev libnm-glib-vpn-dev libpcsclite-dev libpam0g-dev
 		  binutils-dev libunwind7-dev libjson0-dev"
 	;;
+win)
+	CONFIG="--host=x86_64-w64-mingw32 --disable-defaults --enable-svc --enable-ikev2
+			--enable-ikev1 --enable-static --enable-test-vectors --enable-nonce
+			--enable-constraints --enable-revocation --enable-pem --enable-pkcs1
+			--enable-pkcs8 --enable-x509 --enable-pubkey --enable-acert
+			--enable-eap-tnc --enable-eap-ttls --enable-eap-identity
+			--enable-tnccs-20 --enable-imc-attestation --enable-imv-attestation
+			--enable-imc-os --enable-imv-os --enable-tnc-imv --enable-tnc-imc
+			--enable-pki --enable-swanctl"
+	# no make check for Windows binaries
+	TARGET=
+	CFLAGS="$CFLAGS -mno-ms-bitfields"
+	DEPS="gcc-mingw-w64-x86-64 binutils-mingw-w64-x86-64 gcc-mingw-w64-base
+		  mingw-w64-dev"
+	CC="x86_64-w64-mingw32-gcc"
+	;;
 dist)
 	TARGET=distcheck
 	;;
@@ -67,5 +86,5 @@ CONFIG="$CONFIG
 	--enable-monolithic=${MONOLITHIC-no}
 	--enable-leak-detective=${LEAK_DETECTIVE-no}"
 
-echo "$ ./configure $CONFIG && make $TARGET"
-./configure $CONFIG && make -j4 $TARGET
+echo "$ CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG && make $TARGET"
+CC="$CC" CFLAGS="$CFLAGS" ./configure $CONFIG && make -j4 $TARGET

src/Makefile.am

@@ -73,7 +73,11 @@ if USE_UPDOWN
 endif
 
 if USE_TOOLS
-  SUBDIRS += scepclient pki
+  SUBDIRS += scepclient
+endif
+
+if USE_PKI
+  SUBDIRS += pki
 endif
 
 if USE_SWANCTL
@@ -116,6 +120,10 @@ if USE_CMD
   SUBDIRS += charon-cmd
 endif
 
+if USE_SVC
+  SUBDIRS += charon-svc
+endif
+
 if USE_LIBPTTLS
   SUBDIRS += pt-tls-client
 endif

src/charon-svc/Makefile.am

@@ -0,0 +1,16 @@
+bin_PROGRAMS = charon-svc
+
+charon_svc_SOURCES = charon-svc.c
+
+charon-svc.o :	$(top_builddir)/config.status
+
+AM_CPPFLAGS = \
+	-I$(top_srcdir)/src/libstrongswan \
+	-I$(top_srcdir)/src/libhydra \
+	-I$(top_srcdir)/src/libcharon \
+	-DPLUGINS=\""${charon_plugins}\""
+
+charon_svc_LDADD = \
+	$(top_builddir)/src/libstrongswan/libstrongswan.la \
+	$(top_builddir)/src/libhydra/libhydra.la \
+	$(top_builddir)/src/libcharon/libcharon.la

src/charon-svc/charon-svc.c

@@ -0,0 +1,333 @@
+/*
+ * Copyright (C) 2013 Martin Willi
+ * Copyright (C) 2013 revosec AG
+ *
+ * This program is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License as published by the
+ * Free Software Foundation; either version 2 of the License, or (at your
+ * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+ * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * for more details.
+ */
+
+#include <library.h>
+#include <hydra.h>
+#include <daemon.h>
+
+#include <utils/backtrace.h>
+#include <threading/thread.h>
+
+/**
+ * The name of our service, both internal and external
+ */
+#define SERVICE_NAME "charon-svc"
+
+/**
+ * Current service status
+ */
+static SERVICE_STATUS status;
+
+/**
+ * Handle for service status
+ */
+static SERVICE_STATUS_HANDLE handle;
+
+/**
+ * Wait event for main thread
+ */
+static HANDLE event;
+
+/**
+ * hook in library for debugging messages
+ */
+extern void (*dbg) (debug_t group, level_t level, char *fmt, ...);
+
+/**
+ * Forward declaration
+ */
+static DWORD service_handler(DWORD dwControl, DWORD dwEventType,
+							 LPVOID lpEventData, LPVOID lpContext);
+
+/**
+ * Logging hook for library logs, using stderr output
+ */
+static void dbg_stderr(debug_t group, level_t level, char *fmt, ...)
+{
+	va_list args;
+
+	if (level <= 1)
+	{
+		va_start(args, fmt);
+		fprintf(stderr, "00[%N] ", debug_names, group);
+		vfprintf(stderr, fmt, args);
+		fprintf(stderr, "\n");
+		va_end(args);
+	}
+}
+
+/**
+ * Log strongSwan/Windows version during startup
+ */
+static void print_version()
+{
+	OSVERSIONINFOEX osvie;
+
+	memset(&osvie, 0, sizeof(osvie));
+	osvie.dwOSVersionInfoSize = sizeof(osvie);
+
+	if (GetVersionEx((LPOSVERSIONINFO)&osvie))
+	{
+		DBG1(DBG_DMN, "Starting IKE service %s (strongSwan %s, "
+			 "Windows %s %d.%d.%d (SP %d.%d)", SERVICE_NAME, VERSION,
+			 osvie.wProductType == VER_NT_WORKSTATION ? "Client" : "Server",
+			 osvie.dwMajorVersion, osvie.dwMinorVersion, osvie.dwBuildNumber,
+			 osvie.wServicePackMajor, osvie.wServicePackMinor);
+	}
+}
+
+/**
+ * Update service state to SCM, increase check point if state didn't change
+ */
+static void update_status(DWORD state)
+{
+	if (state == status.dwCurrentState)
+	{
+		status.dwCheckPoint++;
+	}
+	else
+	{
+		status.dwCheckPoint = 0;
+	}
+	status.dwCurrentState = state;
+	if (handle)
+	{
+		SetServiceStatus(handle, &status);
+	}
+}
+
+/**
+ * Control handler for console
+ */
+static BOOL console_handler(DWORD dwCtrlType)
+{
+	switch (dwCtrlType)
+	{
+		case CTRL_C_EVENT:
+		case CTRL_BREAK_EVENT:
+		case CTRL_CLOSE_EVENT:
+			DBG1(DBG_DMN, "application is stopping, cleaning up");
+			if (status.dwCurrentState == SERVICE_RUNNING)
+			{
+				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL,
+								   dwCtrlType);
+			}
+			/* signal main thread to clean up */
+			SetEvent(event);
+			return TRUE;
+		default:
+			return FALSE;
+	}
+}
+
+/**
+ * Service handler function
+ */
+static DWORD service_handler(DWORD dwControl, DWORD dwEventType,
+							 LPVOID lpEventData, LPVOID lpContext)
+{
+	switch (dwControl)
+	{
+		case SERVICE_CONTROL_STOP:
+		case SERVICE_CONTROL_SHUTDOWN:
+			DBG1(DBG_DMN, "service is stopping, cleaning up");
+			if (status.dwCurrentState == SERVICE_RUNNING)
+			{
+				charon->bus->alert(charon->bus, ALERT_SHUTDOWN_SIGNAL,
+								   dwControl);
+			}
+			/* signal main thread to clean up */
+			SetEvent(event);
+			return NO_ERROR;
+		case SERVICE_CONTROL_INTERROGATE:
+			return NO_ERROR;
+		default:
+			return ERROR_CALL_NOT_IMPLEMENTED;
+	}
+}
+
+/**
+ * Wait for console program shutdown
+ */
+static int console_wait()
+{
+	update_status(SERVICE_RUNNING);
+
+	if (WaitForSingleObjectEx(event, INFINITE, TRUE) != WAIT_OBJECT_0)
+	{
+		return 2;
+	}
+	return 0;
+}
+
+/**
+ * Wait for service shutdown
+ */
+static int service_wait()
+{
+	/* service is initialized, we now accept control requests */
+	status.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_SHUTDOWN;
+	update_status(SERVICE_RUNNING);
+	status.dwControlsAccepted = 0;
+
+	if (WaitForSingleObjectEx(event, INFINITE, TRUE) != WAIT_OBJECT_0)
+	{
+		return 2;
+	}
+	return 0;
+}
+
+/**
+ * Initialize and run charon using a wait function
+ */
+static void init_and_run(DWORD dwArgc, LPTSTR *lpszArgv, int (*wait)())
+{
+	level_t levels[DBG_MAX];
+	int i;
+
+	for (i = 0; i < DBG_MAX; i++)
+	{
+		levels[i] = LEVEL_CTRL;
+	}
+
+	update_status(SERVICE_START_PENDING);
+	event = CreateEvent(NULL, FALSE, FALSE, NULL);
+	if (event)
+	{
+		update_status(SERVICE_START_PENDING);
+		if (library_init(NULL, SERVICE_NAME))
+		{
+			update_status(SERVICE_START_PENDING);
+			if (libhydra_init())
+			{
+				update_status(SERVICE_START_PENDING);
+				if (libcharon_init())
+				{
+					charon->load_loggers(charon, levels, TRUE);
+					print_version();
+					update_status(SERVICE_START_PENDING);
+					if (charon->initialize(charon, PLUGINS))
+					{
+						update_status(SERVICE_START_PENDING);
+						lib->plugins->status(lib->plugins, LEVEL_CTRL);
+
+						charon->start(charon);
+
+						status.dwWin32ExitCode = wait();
+					}
+					update_status(SERVICE_STOP_PENDING);
+					libcharon_deinit();
+				}
+				update_status(SERVICE_STOP_PENDING);
+				libhydra_deinit();
+			}
+			update_status(SERVICE_STOP_PENDING);
+			library_deinit();
+		}
+		update_status(SERVICE_STOP_PENDING);
+		CloseHandle(event);
+	}
+	update_status(SERVICE_STOPPED);
+}
+
+/**
+ * Main routine when running from console
+ */
+static void console_main(DWORD dwArgc, LPTSTR *lpszArgv)
+{
+	status.dwWin32ExitCode = 1;
+
+	if (SetConsoleCtrlHandler(console_handler, TRUE))
+	{
+		init_and_run(dwArgc, lpszArgv, console_wait);
+		SetConsoleCtrlHandler(console_handler, FALSE);
+	}
+}
+
+/**
+ * Switch the working directory to the executable directory
+ */
+static bool switch_workingdir()
+{
+	CHAR path[MAX_PATH], *pos;
+	HMODULE module;
+
+	module = GetModuleHandle(NULL);
+	if (!module)
+	{
+		return FALSE;
+	}
+	if (!GetModuleFileName(module, path, sizeof(path)))
+	{
+		return FALSE;
+	}
+	pos = strrchr(path, '\\');
+	if (!pos)
+	{
+		return FALSE;
+	}
+	*pos = 0;
+	return SetCurrentDirectory(path);
+}
+
+/**
+ * Service main routine when running as service
+ */
+static void service_main(DWORD dwArgc, LPTSTR *lpszArgv)
+{
+	memset(&status, 0, sizeof(status));
+	status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
+	status.dwWin32ExitCode = 1;
+
+	handle = RegisterServiceCtrlHandlerEx(SERVICE_NAME, service_handler, NULL);
+	if (handle)
+	{
+		if (switch_workingdir())
+		{
+			init_and_run(dwArgc, lpszArgv, service_wait);
+		}
+	}
+}
+
+/**
+ * Main function, starts the service
+ */
+int main(int argc, char *argv[])
+{
+	SERVICE_TABLE_ENTRY services[] = {
+		{
+			.lpServiceName = SERVICE_NAME,
+			.lpServiceProc = service_main,
+		},
+		{ NULL, NULL },
+	};
+	DWORD err;
+
+	dbg = dbg_stderr;
+
+	if (!StartServiceCtrlDispatcher(services))
+	{
+		err = GetLastError();
+		if (err == ERROR_FAILED_SERVICE_CONTROLLER_CONNECT)
+		{
+			console_main(argc, argv);
+		}
+		else
+		{
+			return 2;
+		}
+	}
+	return status.dwWin32ExitCode;
+}

src/charon-tkm/src/tkm/tkm_listener.c

@@ -310,7 +310,7 @@ METHOD(listener_t, message, bool,
 	     " (ISA context %llu)", isa_id);
 
 	auth_payload = (auth_payload_t*)message->get_payload(message,
-														 AUTHENTICATION);
+														 PLV2_AUTH);
 	if (auth_payload)
 	{
 		chunk_t auth_data;

src/checksum/Makefile.am

@@ -22,7 +22,7 @@ AM_CPPFLAGS = \
 	-DPLUGINDIR=\"${DESTDIR}${plugindir}\"
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 # we keep track of build dependencies in deps and use libs to store the paths
 # to the installed libraries. for executables we use the built files directly

src/conftest/Makefile.am

@@ -6,7 +6,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon \
 	-DPLUGINS=\""${charon_plugins}\""
 
-AM_CFLAGS = -rdynamic
+AM_CFLAGS = $(PLUGIN_CFLAGS)
 
 conftest_SOURCES = conftest.c conftest.h config.c config.h actions.c actions.h \
 	hooks/hook.h hooks/ike_auth_fill.c hooks/unsort_message.c \

src/conftest/hooks/add_notify.c

@@ -88,7 +88,7 @@ METHOD(listener_t, message, bool,
 		{
 			data = chunk_clone(chunk_create(this->data, strlen(this->data)));
 		}
-		notify = notify_payload_create_from_protocol_and_type(NOTIFY,
+		notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
 									this->esp ? PROTO_ESP : PROTO_IKE, type);
 		notify->set_spi(notify, this->spi);
 		if (data.len)

src/conftest/hooks/custom_proposal.c

@@ -124,7 +124,7 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+			if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
 			{
 				old = (sa_payload_t*)payload;
 				message->remove_payload_at(message, enumerator);

src/conftest/hooks/force_cookie.c

@@ -44,7 +44,7 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == NOTIFY)
+			if (payload->get_type(payload) == PLV2_NOTIFY)
 			{
 				notify_payload_t *notify = (notify_payload_t*)payload;
 				chunk_t data;

src/conftest/hooks/ike_auth_fill.c

@@ -108,7 +108,7 @@ METHOD(listener_t, message, bool,
 			diff = this->bytes - size - CERT_PAYLOAD_HEADER_LENGTH;
 			data = chunk_alloc(diff);
 			memset(data.ptr, 0x12, data.len);
-			pld = cert_payload_create_custom(CERTIFICATE, 201, data);
+			pld = cert_payload_create_custom(PLV2_CERTIFICATE, 201, data);
 			message->add_payload(message, &pld->payload_interface);
 			DBG1(DBG_CFG, "inserting %d dummy bytes certificate payload", diff);
 		}

src/conftest/hooks/log_id.c

@@ -45,8 +45,8 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == ID_INITIATOR ||
-				payload->get_type(payload) == ID_RESPONDER)
+			if (payload->get_type(payload) == PLV2_ID_INITIATOR ||
+				payload->get_type(payload) == PLV2_ID_RESPONDER)
 			{
 				id_payload = (id_payload_t*)payload;
 				id = id_payload->get_identification(id_payload);

src/conftest/hooks/log_ke.c

@@ -43,7 +43,7 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == KEY_EXCHANGE)
+			if (payload->get_type(payload) == PLV2_KEY_EXCHANGE)
 			{
 				ke = (ke_payload_t*)payload;
 				DBG1(DBG_CFG, "received DH group %N",

src/conftest/hooks/log_proposals.c

@@ -45,7 +45,7 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+			if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
 			{
 				sa = (sa_payload_t*)payload;
 				list = sa->get_proposals(sa);

src/conftest/hooks/log_ts.c

@@ -43,8 +43,8 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == TRAFFIC_SELECTOR_INITIATOR ||
-				payload->get_type(payload) == TRAFFIC_SELECTOR_RESPONDER)
+			if (payload->get_type(payload) == PLV2_TS_INITIATOR ||
+				payload->get_type(payload) == PLV2_TS_RESPONDER)
 			{
 				ts = (ts_payload_t*)payload;
 				host_t *from, *to;

src/conftest/hooks/pretend_auth.c

@@ -79,7 +79,7 @@ static void process_init_request(private_pretend_auth_t *this,
 {
 	nonce_payload_t *nonce;
 
-	nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+	nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
 	if (nonce)
 	{
 		free(this->nonce.ptr);
@@ -98,13 +98,13 @@ static void process_auth_request(private_pretend_auth_t *this,
 	ts_payload_t *tsi, *tsr;
 	linked_list_t *proposals;
 
-	id = (id_payload_t*)message->get_payload(message, ID_RESPONDER);
+	id = (id_payload_t*)message->get_payload(message, PLV2_ID_RESPONDER);
 	if (id)
 	{
 		this->id->destroy(this->id);
 		this->id = id->get_identification(id);
 	}
-	sa = (sa_payload_t*)message->get_payload(message, SECURITY_ASSOCIATION);
+	sa = (sa_payload_t*)message->get_payload(message, PLV2_SECURITY_ASSOCIATION);
 	if (sa)
 	{
 		proposals = sa->get_proposals(sa);
@@ -116,13 +116,13 @@ static void process_auth_request(private_pretend_auth_t *this,
 		proposals->destroy_offset(proposals, offsetof(proposal_t, destroy));
 	}
 	tsi = (ts_payload_t*)message->get_payload(message,
-											  TRAFFIC_SELECTOR_INITIATOR);
+											  PLV2_TS_INITIATOR);
 	if (tsi)
 	{
 		this->tsi = tsi->get_traffic_selectors(tsi);
 	}
 	tsr = (ts_payload_t*)message->get_payload(message,
-											  TRAFFIC_SELECTOR_RESPONDER);
+											  PLV2_TS_RESPONDER);
 	if (tsr)
 	{
 		this->tsr = tsr->get_traffic_selectors(tsr);
@@ -154,7 +154,7 @@ static void build_certs(private_pretend_auth_t *this,
 	cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
 	if (cert)
 	{
-		payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+		payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
 		if (payload)
 		{
 			DBG1(DBG_IKE, "pretending end entity cert \"%Y\"",
@@ -167,7 +167,7 @@ static void build_certs(private_pretend_auth_t *this,
 	{
 		if (type == AUTH_RULE_IM_CERT)
 		{
-			payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+			payload = cert_payload_create_from_cert(PLV2_CERTIFICATE, cert);
 			if (payload)
 			{
 				DBG1(DBG_IKE, "pretending issuer cert \"%Y\"",
@@ -276,7 +276,7 @@ static void process_auth_response(private_pretend_auth_t *this,
 	{
 		notify_payload_t *notify = (notify_payload_t*)payload;
 
-		if (payload->get_type(payload) != NOTIFY ||
+		if (payload->get_type(payload) != PLV2_NOTIFY ||
 			notify->get_notify_type(notify) != AUTHENTICATION_FAILED)
 		{
 			DBG1(DBG_CFG, "no %N notify found, disabling AUTH pretending",
@@ -295,7 +295,7 @@ static void process_auth_response(private_pretend_auth_t *this,
 		return;
 	}
 	message->add_payload(message, (payload_t*)
-				id_payload_create_from_identification(ID_RESPONDER, this->id));
+				id_payload_create_from_identification(PLV2_ID_RESPONDER, this->id));
 	if (this->proposal)
 	{
 		message->add_payload(message, (payload_t*)

src/conftest/hooks/rebuild_auth.c

@@ -70,7 +70,7 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
 	u_int32_t *lenpos;
 
 	payload = message->get_payload(message,
-					message->get_request(message) ? ID_INITIATOR : ID_RESPONDER);
+					message->get_request(message) ? PLV2_ID_INITIATOR : PLV2_ID_RESPONDER);
 	if (!payload)
 	{
 		DBG1(DBG_CFG, "ID payload not found to rebuild AUTH");
@@ -160,7 +160,7 @@ static bool rebuild_auth(private_rebuild_auth_t *this, ike_sa_t *ike_sa,
 	enumerator = message->create_payload_enumerator(message);
 	while (enumerator->enumerate(enumerator, &payload))
 	{
-		if (payload->get_type(payload) == AUTHENTICATION)
+		if (payload->get_type(payload) == PLV2_AUTH)
 		{
 			message->remove_payload_at(message, enumerator);
 			payload->destroy(payload);
@@ -191,7 +191,7 @@ METHOD(listener_t, message, bool,
 			{
 				nonce_payload_t *nonce;
 
-				nonce = (nonce_payload_t*)message->get_payload(message, NONCE);
+				nonce = (nonce_payload_t*)message->get_payload(message, PLV2_NONCE);
 				if (nonce)
 				{
 					free(this->nonce.ptr);

src/conftest/hooks/set_proposal_number.c

@@ -85,7 +85,7 @@ METHOD(listener_t, message, bool,
 		enumerator = message->create_payload_enumerator(message);
 		while (enumerator->enumerate(enumerator, &payload))
 		{
-			if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+			if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
 			{
 				sa = (sa_payload_t*)payload;
 				list = sa->get_proposals(sa);

src/conftest/hooks/set_reserved.c

@@ -55,7 +55,7 @@ static void set_bit(private_set_reserved_t *this, message_t *message,
 	payload_t *payload;
 	bool *bit;
 
-	if (type == HEADER)
+	if (type == PL_HEADER)
 	{
 		message->set_reserved_header_bit(message, nr);
 		DBG1(DBG_CFG, "setting reserved bit %d of %N",
@@ -91,7 +91,7 @@ static void set_byte(private_set_reserved_t *this, message_t *message,
 	payload_t *payload;
 	u_int8_t *byte;
 
-	if (type == TRANSFORM_SUBSTRUCTURE || type == PROPOSAL_SUBSTRUCTURE)
+	if (type == PLV2_TRANSFORM_SUBSTRUCTURE || type == PLV2_PROPOSAL_SUBSTRUCTURE)
 	{
 		enumerator_t *transforms, *proposals;
 		transform_substructure_t *transform;
@@ -101,13 +101,13 @@ static void set_byte(private_set_reserved_t *this, message_t *message,
 		payloads = message->create_payload_enumerator(message);
 		while (payloads->enumerate(payloads, &payload))
 		{
-			if (payload->get_type(payload) == SECURITY_ASSOCIATION)
+			if (payload->get_type(payload) == PLV2_SECURITY_ASSOCIATION)
 			{
 				sa = (sa_payload_t*)payload;
 				proposals = sa->create_substructure_enumerator(sa);
 				while (proposals->enumerate(proposals, &proposal))
 				{
-					if (type == PROPOSAL_SUBSTRUCTURE)
+					if (type == PLV2_PROPOSAL_SUBSTRUCTURE)
 					{
 						byte = payload_get_field(&proposal->payload_interface,
 												 RESERVED_BYTE, nr);
@@ -118,7 +118,7 @@ static void set_byte(private_set_reserved_t *this, message_t *message,
 							*byte = byteval;
 						}
 					}
-					else if (type == TRANSFORM_SUBSTRUCTURE)
+					else if (type == PLV2_TRANSFORM_SUBSTRUCTURE)
 					{
 						transforms = proposal->create_substructure_enumerator(
 																	proposal);

src/conftest/hooks/unencrypted_notify.c

@@ -83,7 +83,7 @@ METHOD(listener_t, ike_updown, bool,
 		{
 			data = chunk_clone(chunk_create(this->data, strlen(this->data)));
 		}
-		notify = notify_payload_create_from_protocol_and_type(NOTIFY,
+		notify = notify_payload_create_from_protocol_and_type(PLV2_NOTIFY,
 									this->esp ? PROTO_ESP : PROTO_IKE, type);
 		notify->set_spi(notify, this->spi);
 		if (data.len)

src/libcharon/Makefile.am

@@ -5,7 +5,6 @@ bus/bus.c bus/bus.h \
 bus/listeners/listener.h \
 bus/listeners/logger.h \
 bus/listeners/file_logger.c bus/listeners/file_logger.h \
-bus/listeners/sys_logger.c bus/listeners/sys_logger.h \
 config/backend_manager.c config/backend_manager.h config/backend.h \
 config/child_cfg.c config/child_cfg.h \
 config/ike_cfg.c config/ike_cfg.h \
@@ -125,6 +124,10 @@ processing/jobs/dpd_timeout_job.c processing/jobs/dpd_timeout_job.h \
 processing/jobs/adopt_children_job.c processing/jobs/adopt_children_job.h
 endif
 
+if USE_SYSLOG
+  libcharon_la_SOURCES += \
+    bus/listeners/sys_logger.c bus/listeners/sys_logger.h
+endif
 
 daemon.lo :		$(top_builddir)/config.status
 
@@ -144,6 +147,10 @@ libcharon_la_LIBADD = \
   $(top_builddir)/src/libhydra/libhydra.la \
   -lm $(PTHREADLIB) $(DLLIB) $(SOCKLIB)
 
+if USE_WINDOWS
+  libcharon_la_LIBADD += -lws2_32
+endif
+
 EXTRA_DIST = Android.mk
 
 # compile options

src/libcharon/bus/listeners/file_logger.c

@@ -49,6 +49,11 @@ struct private_file_logger_t {
 	 */
 	FILE *out;
 
+	/**
+	 * Flush after writing a line?
+	 */
+	bool flush_line;
+
 	/**
 	 * Maximum level to log, for each group
 	 */
@@ -137,6 +142,12 @@ METHOD(logger_t, log_, void,
 		fprintf(this->out, "%.*s\n", (int)(next - current), current);
 		current = next + 1;
 	}
+#ifndef HAVE_SETLINEBUF
+	if (this->flush_line)
+	{
+		fflush(this->out);
+	}
+#endif /* !HAVE_SETLINEBUF */
 	this->mutex->unlock(this->mutex);
 	this->lock->unlock(this->lock);
 }
@@ -214,14 +225,17 @@ METHOD(file_logger_t, open_, void,
 				 this->filename, strerror(errno));
 			return;
 		}
+#ifdef HAVE_SETLINEBUF
 		if (flush_line)
 		{
 			setlinebuf(file);
 		}
+#endif /* HAVE_SETLINEBUF */
 	}
 	this->lock->write_lock(this->lock);
 	close_file(this);
 	this->out = file;
+	this->flush_line = flush_line;
 	this->lock->unlock(this->lock);
 }
 

src/libcharon/control/controller.c

@@ -20,7 +20,6 @@
 #include <sys/types.h>
 #include <dirent.h>
 #include <sys/stat.h>
-#include <dlfcn.h>
 
 #include <daemon.h>
 #include <library.h>

src/libcharon/daemon.c

@@ -19,10 +19,13 @@
 #include <stdio.h>
 #include <sys/types.h>
 #include <unistd.h>
-#include <syslog.h>
 #include <time.h>
 #include <errno.h>
 
+#ifdef HAVE_SYSLOG
+#include <syslog.h>
+#endif
+
 #include "daemon.h"
 
 #include <library.h>
@@ -179,6 +182,7 @@ static bool logger_entry_match(logger_entry_t *this, char *target, bool *file)
  */
 static void handle_syslog_identifier(private_daemon_t *this)
 {
+#ifdef HAVE_SYSLOG
 	char *identifier;
 
 	identifier = lib->settings->get_str(lib->settings, "%s.syslog.identifier",
@@ -198,6 +202,7 @@ static void handle_syslog_identifier(private_daemon_t *this)
 		closelog();
 		this->syslog_identifier = NULL;
 	}
+#endif /* HAVE_SYSLOG */
 }
 
 /**
@@ -206,6 +211,7 @@ static void handle_syslog_identifier(private_daemon_t *this)
  */
 static int get_syslog_facility(char *facility)
 {
+#ifdef HAVE_SYSLOG
 	if (streq(facility, "daemon"))
 	{
 		return LOG_DAEMON;
@@ -214,6 +220,7 @@ static int get_syslog_facility(char *facility)
 	{
 		return LOG_AUTHPRIV;
 	}
+#endif /* HAVE_SYSLOG */
 	return -1;
 }
 
@@ -237,10 +244,12 @@ static logger_entry_t *get_logger_entry(char *target, bool is_file_logger,
 		{
 			entry->logger.file = file_logger_create(target);
 		}
+#ifdef HAVE_SYSLOG
 		else
 		{
 			entry->logger.sys = sys_logger_create(get_syslog_facility(target));
 		}
+#endif /* HAVE_SYSLOG */
 	}
 	else
 	{
@@ -381,18 +390,27 @@ METHOD(daemon_t, load_loggers, void,
 
 		for (group = 0; group < DBG_MAX; group++)
 		{
-			sys_logger->set_level(sys_logger, group, levels[group]);
+			if (sys_logger)
+			{
+				sys_logger->set_level(sys_logger, group, levels[group]);
+			}
 			if (to_stderr)
 			{
 				file_logger->set_level(file_logger, group, levels[group]);
 			}
 		}
-		charon->bus->add_logger(charon->bus, &sys_logger->logger);
+		if (sys_logger)
+		{
+			charon->bus->add_logger(charon->bus, &sys_logger->logger);
+		}
 		charon->bus->add_logger(charon->bus, &file_logger->logger);
 
 		sys_logger = add_sys_logger(this, "auth", current_loggers);
-		sys_logger->set_level(sys_logger, DBG_ANY, LEVEL_AUDIT);
-		charon->bus->add_logger(charon->bus, &sys_logger->logger);
+		if (sys_logger)
+		{
+			sys_logger->set_level(sys_logger, DBG_ANY, LEVEL_AUDIT);
+			charon->bus->add_logger(charon->bus, &sys_logger->logger);
+		}
 	}
 	/* unregister and destroy any unused remaining loggers */
 	current_loggers->destroy_function(current_loggers,

src/libcharon/encoding/generator.c

@@ -17,7 +17,6 @@
 
 #include <stdlib.h>
 #include <string.h>
-#include <arpa/inet.h>
 #include <stdio.h>
 
 #include "generator.h"
@@ -498,15 +497,15 @@ METHOD(generator_t, generate_payload, void,
 			case ENCRYPTED_DATA:
 				generate_from_chunk(this, rules[i].offset);
 				break;
-			case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE:
-			case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1:
-			case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE:
-			case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1:
-			case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE:
-			case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1:
-			case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE:
-			case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1:
-			case PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
 			{
 				linked_list_t *proposals;
 				enumerator_t *enumerator;

src/libcharon/encoding/parser.c

@@ -15,7 +15,6 @@
  */
 
 #include <stdlib.h>
-#include <arpa/inet.h>
 #include <string.h>
 
 #include "parser.h"
@@ -486,15 +485,15 @@ METHOD(parser_t, parse_payload, status_t,
 				}
 				break;
 			}
-			case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE:
-			case PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1:
-			case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE:
-			case PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1:
-			case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE:
-			case PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1:
-			case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE:
-			case PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1:
-			case PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE:
+			case PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE:
+			case PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
 			{
 				if (payload_length < header_length ||
 					!parse_list(this, rule_number, output + rule->offset,

src/libcharon/encoding/payloads/auth_payload.c

@@ -135,7 +135,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
 	private_auth_payload_t *this)
 {
-	return AUTHENTICATION;
+	return PLV2_AUTH;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -214,7 +214,7 @@ auth_payload_t *auth_payload_create()
 			.get_data = _get_data,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 	);
 	return &this->public;

src/libcharon/encoding/payloads/cert_payload.c

@@ -315,7 +315,7 @@ cert_payload_t *cert_payload_create(payload_type_t type)
 			.get_url = _get_url,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);
@@ -363,7 +363,7 @@ cert_payload_t *cert_payload_create_from_hash_and_url(chunk_t hash, char *url)
 {
 	private_cert_payload_t *this;
 
-	this = (private_cert_payload_t*)cert_payload_create(CERTIFICATE);
+	this = (private_cert_payload_t*)cert_payload_create(PLV2_CERTIFICATE);
 	this->encoding = ENC_X509_HASH_AND_URL;
 	this->data = chunk_cat("cc", hash, chunk_create(url, strlen(url)));
 	this->payload_length = get_header_length(this) + this->data.len;

src/libcharon/encoding/payloads/certreq_payload.c

@@ -66,7 +66,7 @@ struct private_certreq_payload_t {
 	chunk_t data;
 
 	/**
-	 * Payload type CERTIFICATE_REQUEST or CERTIFICATE_REQUEST_V1
+	 * Payload type PLV2_CERTREQ or PLV1_CERTREQ
 	 */
 	payload_type_t type;
 };
@@ -111,7 +111,7 @@ static encoding_rule_t encodings[] = {
 METHOD(payload_t, verify, status_t,
 	private_certreq_payload_t *this)
 {
-	if (this->type == CERTIFICATE_REQUEST &&
+	if (this->type == PLV2_CERTREQ &&
 		this->encoding == ENC_X509_SIGNATURE)
 	{
 		if (this->data.len % HASH_SIZE_SHA1)
@@ -218,7 +218,7 @@ METHOD(certreq_payload_t, create_keyid_enumerator, enumerator_t*,
 {
 	keyid_enumerator_t *enumerator;
 
-	if (this->type == CERTIFICATE_REQUEST_V1)
+	if (this->type == PLV1_CERTREQ)
 	{
 		return enumerator_create_empty();
 	}
@@ -276,7 +276,7 @@ certreq_payload_t *certreq_payload_create(payload_type_t type)
 			.destroy = _destroy,
 			.get_dn = _get_dn,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);
@@ -291,7 +291,7 @@ certreq_payload_t *certreq_payload_create_type(certificate_type_t type)
 	private_certreq_payload_t *this;
 
 	this = (private_certreq_payload_t*)
-					certreq_payload_create(CERTIFICATE_REQUEST);
+					certreq_payload_create(PLV2_CERTREQ);
 	switch (type)
 	{
 		case CERT_X509:
@@ -314,7 +314,7 @@ certreq_payload_t *certreq_payload_create_dn(identification_t *id)
 	private_certreq_payload_t *this;
 
 	this = (private_certreq_payload_t*)
-					certreq_payload_create(CERTIFICATE_REQUEST_V1);
+					certreq_payload_create(PLV1_CERTREQ);
 
 	this->encoding = ENC_X509_SIGNATURE;
 	this->data = chunk_clone(id->get_encoding(id));

src/libcharon/encoding/payloads/configuration_attribute.c

@@ -61,7 +61,7 @@ struct private_configuration_attribute_t {
 	chunk_t value;
 
 	/**
-	 * Payload type, CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1
+	 * Payload type, PLV2_CONFIGURATION_ATTRIBUTE or DATA_ATTRIBUTE_V1
 	 */
 	payload_type_t type;
 };
@@ -209,7 +209,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_configuration_attribute_t *this, encoding_rule_t **rules)
 {
-	if (this->type == CONFIGURATION_ATTRIBUTE)
+	if (this->type == PLV2_CONFIGURATION_ATTRIBUTE)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -233,7 +233,7 @@ METHOD(payload_t, get_type, payload_type_t,
 METHOD(payload_t, get_next_type, payload_type_t,
 	private_configuration_attribute_t *this)
 {
-	return NO_PAYLOAD;
+	return PL_NONE;
 }
 
 METHOD(payload_t, set_next_type, void,
@@ -335,7 +335,7 @@ configuration_attribute_t *configuration_attribute_create_value(
 	private_configuration_attribute_t *this;
 
 	this = (private_configuration_attribute_t*)
-					configuration_attribute_create(CONFIGURATION_ATTRIBUTE_V1);
+					configuration_attribute_create(PLV1_CONFIGURATION_ATTRIBUTE);
 	this->attr_type = ((u_int16_t)attr_type) & 0x7FFF;
 	this->length_or_value = value;
 	this->af_flag = TRUE;

src/libcharon/encoding/payloads/configuration_attribute.h

@@ -68,7 +68,7 @@ struct configuration_attribute_t {
 /**
  * Creates an empty configuration attribute.
  *
- * @param type		CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @param type		PLV2_CONFIGURATION_ATTRIBUTE or PLV1_CONFIGURATION_ATTRIBUTE
  * @return			created configuration attribute
  */
 configuration_attribute_t *configuration_attribute_create(payload_type_t type);
@@ -76,7 +76,7 @@ configuration_attribute_t *configuration_attribute_create(payload_type_t type);
 /**
  * Creates a configuration attribute with type and value.
  *
- * @param type		CONFIGURATION_ATTRIBUTE or CONFIGURATION_ATTRIBUTE_V1
+ * @param type		PLV2_CONFIGURATION_ATTRIBUTE or PLV1_CONFIGURATION_ATTRIBUTE
  * @param attr_type	type of configuration attribute
  * @param chunk		attribute value, gets cloned
  * @return			created configuration attribute
@@ -89,7 +89,7 @@ configuration_attribute_t *configuration_attribute_create_chunk(
  *
  * @param attr_type	type of configuration attribute
  * @param value		attribute value, gets cloned
- * @return			created CONFIGURATION_ATTRIBUTE_V1 configuration attribute
+ * @return			created PLV1_CONFIGURATION_ATTRIBUTE configuration attribute
  */
 configuration_attribute_t *configuration_attribute_create_value(
 					configuration_attribute_type_t attr_type, u_int16_t value);

src/libcharon/encoding/payloads/cp_payload.c

@@ -82,7 +82,7 @@ struct private_cp_payload_t {
 	u_int8_t cfg_type;
 
 	/**
-	 * CONFIGURATION or CONFIGURATION_V1
+	 * PLV2_CONFIGURATION or PLV1_CONFIGURATION
 	 */
 	payload_type_t type;
 };
@@ -111,7 +111,7 @@ static encoding_rule_t encodings_v2[] = {
 	{ RESERVED_BYTE,	offsetof(private_cp_payload_t, reserved_byte[1])},
 	{ RESERVED_BYTE,	offsetof(private_cp_payload_t, reserved_byte[2])},
 	/* list of configuration attributes in a list */
-	{ PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE,
+	{ PAYLOAD_LIST + PLV2_CONFIGURATION_ATTRIBUTE,
 						offsetof(private_cp_payload_t, attributes)		},
 };
 
@@ -152,7 +152,7 @@ static encoding_rule_t encodings_v1[] = {
 	{ RESERVED_BYTE,	offsetof(private_cp_payload_t, reserved_byte[0])},
 	{ U_INT_16,			offsetof(private_cp_payload_t, identifier)},
 	/* list of configuration attributes in a list */
-	{ PAYLOAD_LIST + CONFIGURATION_ATTRIBUTE_V1,
+	{ PAYLOAD_LIST + PLV1_CONFIGURATION_ATTRIBUTE,
 						offsetof(private_cp_payload_t, attributes)		},
 };
 
@@ -193,7 +193,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_cp_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == CONFIGURATION)
+	if (this->type == PLV2_CONFIGURATION)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -314,7 +314,7 @@ cp_payload_t *cp_payload_create_type(payload_type_t type, config_type_t cfg_type
 			.set_identifier = _set_identifier,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.attributes = linked_list_create(),
 		.cfg_type = cfg_type,

src/libcharon/encoding/payloads/cp_payload.h

@@ -100,7 +100,7 @@ struct cp_payload_t {
 /**
  * Creates an empty configuration payload
  *
- * @param type		payload type, CONFIGURATION or CONFIGURATION_V1
+ * @param type		payload type, PLV2_CONFIGURATION or PLV1_CONFIGURATION
  * @return			empty configuration payload
  */
 cp_payload_t *cp_payload_create(payload_type_t type);
@@ -108,7 +108,7 @@ cp_payload_t *cp_payload_create(payload_type_t type);
 /**
  * Creates an cp_payload_t with type and value
  *
- * @param type		payload type, CONFIGURATION or CONFIGURATION_V1
+ * @param type		payload type, PLV2_CONFIGURATION or PLV1_CONFIGURATION
  * @param cfg_type	type of configuration payload to create
  * @return			created configuration payload
  */

src/libcharon/encoding/payloads/delete_payload.c

@@ -78,7 +78,7 @@ struct private_delete_payload_t {
 	chunk_t spis;
 
 	/**
-	 * Payload type, DELETE or DELETE_V1
+	 * Payload type, PLV2_DELETE or PLV1_DELETE
 	 */
 	payload_type_t type;
 };
@@ -178,7 +178,7 @@ METHOD(payload_t, verify, status_t,
 			break;
 		case PROTO_IKE:
 		case 0:
-			if (this->type == DELETE)
+			if (this->type == PLV2_DELETE)
 			{	/* IKEv2 deletion has no spi assigned! */
 				if (this->spi_size != 0)
 				{
@@ -206,7 +206,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_delete_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == DELETE)
+	if (this->type == PLV2_DELETE)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -218,7 +218,7 @@ METHOD(payload_t, get_encoding_rules, int,
 METHOD(payload_t, get_header_length, int,
 	private_delete_payload_t *this)
 {
-	if (this->type == DELETE)
+	if (this->type == PLV2_DELETE)
 	{
 		return 8;
 	}
@@ -355,7 +355,7 @@ delete_payload_t *delete_payload_create(payload_type_t type,
 			.create_spi_enumerator = _create_spi_enumerator,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.protocol_id = protocol_id,
 		.doi = IKEV1_DOI_IPSEC,
 		.type = type,
@@ -364,7 +364,7 @@ delete_payload_t *delete_payload_create(payload_type_t type,
 
 	if (protocol_id == PROTO_IKE)
 	{
-		if (type == DELETE_V1)
+		if (type == PLV1_DELETE)
 		{
 			this->spi_size = 16;
 		}

src/libcharon/encoding/payloads/delete_payload.h

@@ -76,7 +76,7 @@ struct delete_payload_t {
 /**
  * Creates an empty delete_payload_t object.
  *
- * @param type			DELETE or DELETE_V1
+ * @param type			PLV2_DELETE or PLV1_DELETE
  * @param protocol_id	protocol, such as AH|ESP
  * @return 				delete_payload_t object
  */

src/libcharon/encoding/payloads/eap_payload.c

@@ -162,7 +162,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_payload_type, payload_type_t,
 	private_eap_payload_t *this)
 {
-	return EXTENSIBLE_AUTHENTICATION;
+	return PLV2_EAP;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -341,7 +341,7 @@ eap_payload_t *eap_payload_create()
 			.is_expanded = _is_expanded,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 	);
 	return &this->public;

src/libcharon/encoding/payloads/encryption_payload.c

@@ -74,7 +74,7 @@ struct private_encryption_payload_t {
 	linked_list_t *payloads;
 
 	/**
-	 * Type of payload, ENCRYPTED or ENCRYPTED_V1
+	 * Type of payload, PLV2_ENCRYPTED or PLV1_ENCRYPTED
 	 */
 	payload_type_t type;
 };
@@ -145,7 +145,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_encryption_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == ENCRYPTED)
+	if (this->type == PLV2_ENCRYPTED)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -157,7 +157,7 @@ METHOD(payload_t, get_encoding_rules, int,
 METHOD(payload_t, get_header_length, int,
 	private_encryption_payload_t *this)
 {
-	if (this->type == ENCRYPTED)
+	if (this->type == PLV2_ENCRYPTED)
 	{
 		return 4;
 	}
@@ -241,7 +241,7 @@ METHOD(encryption_payload_t, add_payload, void,
 	{
 		this->next_payload = payload->get_type(payload);
 	}
-	payload->set_next_type(payload, NO_PAYLOAD);
+	payload->set_next_type(payload, PL_NONE);
 	this->payloads->insert_last(this->payloads, payload);
 	compute_length(this);
 }
@@ -281,7 +281,7 @@ static chunk_t generate(private_encryption_payload_t *this,
 			generator->generate_payload(generator, current);
 			current = next;
 		}
-		current->set_next_type(current, NO_PAYLOAD);
+		current->set_next_type(current, PL_NONE);
 		generator->generate_payload(generator, current);
 
 		chunk = generator->get_chunk(generator, &lenpos);
@@ -447,7 +447,7 @@ static status_t parse(private_encryption_payload_t *this, chunk_t plain)
 
 	parser = parser_create(plain);
 	type = this->next_payload;
-	while (type != NO_PAYLOAD)
+	while (type != PL_NONE)
 	{
 		payload_t *payload;
 
@@ -618,13 +618,13 @@ encryption_payload_t *encryption_payload_create(payload_type_t type)
 			.decrypt = _decrypt,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payloads = linked_list_create(),
 		.type = type,
 	);
 	this->payload_length = get_header_length(this);
 
-	if (type == ENCRYPTED_V1)
+	if (type == PLV1_ENCRYPTED)
 	{
 		this->public.encrypt = _encrypt_v1;
 		this->public.decrypt = _decrypt_v1;

src/libcharon/encoding/payloads/encryption_payload.h

@@ -103,7 +103,7 @@ struct encryption_payload_t {
 /**
  * Creates an empty encryption_payload_t object.
  *
- * @param type		ENCRYPTED or ENCRYPTED_V1
+ * @param type		PLV2_ENCRYPTED or PLV1_ENCRYPTED
  * @return			encryption_payload_t object
  */
 encryption_payload_t *encryption_payload_create(payload_type_t type);

src/libcharon/encoding/payloads/endpoint_notify.c

@@ -227,7 +227,7 @@ METHOD(endpoint_notify_t, build_notify, notify_payload_t*,
 	chunk_t data;
 	notify_payload_t *notify;
 
-	notify = notify_payload_create(NOTIFY);
+	notify = notify_payload_create(PLV2_NOTIFY);
 	notify->set_notify_type(notify, ME_ENDPOINT);
 	data = build_notification_data(this);
 	notify->set_notification_data(notify, data);

src/libcharon/encoding/payloads/fragment_payload.c

@@ -124,7 +124,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
 	private_fragment_payload_t *this)
 {
-	return FRAGMENT_V1;
+	return PLV1_FRAGMENT;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -201,7 +201,7 @@ fragment_payload_t *fragment_payload_create()
 			.get_data = _get_data,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 	);
 	this->payload_length = get_header_length(this);
 	return &this->public;

src/libcharon/encoding/payloads/hash_payload.c

@@ -52,7 +52,7 @@ struct private_hash_payload_t {
 	chunk_t hash;
 
 	/**
-	 * either HASH_V1 or NAT_D_V1
+	 * either PLV1_HASH or PLV1_NAT_D
 	 */
 	payload_type_t type;
 };
@@ -169,7 +169,7 @@ hash_payload_t *hash_payload_create(payload_type_t type)
 			.get_hash = _get_hash,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);

src/libcharon/encoding/payloads/hash_payload.h

@@ -59,7 +59,7 @@ struct hash_payload_t {
 /**
  * Creates an empty hash_payload_t object.
  *
- * @param type		either HASH_V1 or NAT_D_V1
+ * @param type		either PLV1_HASH or PLV1_NAT_D
  * @return			hash_payload_t object
  */
 hash_payload_t *hash_payload_create(payload_type_t type);

src/libcharon/encoding/payloads/id_payload.c

@@ -81,7 +81,7 @@ struct private_id_payload_t {
 	u_int16_t port;
 
 	/**
-	 * one of ID_INITIATOR, ID_RESPONDER, IDv1 and NAT_OA_V1
+	 * one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, IDv1 and PLV1_NAT_OA
 	 */
 	payload_type_t type;
 };
@@ -165,7 +165,7 @@ METHOD(payload_t, verify, status_t,
 {
 	bool bad_length = FALSE;
 
-	if ((this->type == NAT_OA_V1 || this->type == NAT_OA_DRAFT_00_03_V1) &&
+	if ((this->type == PLV1_NAT_OA || this->type == PLV1_NAT_OA_DRAFT_00_03) &&
 		this->id_type != ID_IPV4_ADDR && this->id_type != ID_IPV6_ADDR)
 	{
 		DBG1(DBG_ENC, "invalid ID type %N for %N payload", id_type_names,
@@ -195,8 +195,8 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_id_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == ID_V1 ||
-		this->type == NAT_OA_V1 || this->type == NAT_OA_DRAFT_00_03_V1)
+	if (this->type == PLV1_ID ||
+		this->type == PLV1_NAT_OA || this->type == PLV1_NAT_OA_DRAFT_00_03)
 	{
 		*rules = encodings_v1;
 		return countof(encodings_v1);
@@ -368,7 +368,7 @@ id_payload_t *id_payload_create(payload_type_t type)
 			.get_ts = _get_ts,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);
@@ -400,7 +400,7 @@ id_payload_t *id_payload_create_from_ts(traffic_selector_t *ts)
 	u_int8_t mask;
 	host_t *net;
 
-	this = (private_id_payload_t*)id_payload_create(ID_V1);
+	this = (private_id_payload_t*)id_payload_create(PLV1_ID);
 
 	if (ts->is_host(ts, NULL))
 	{

src/libcharon/encoding/payloads/id_payload.h

@@ -70,7 +70,7 @@ struct id_payload_t {
 /**
  * Creates an empty id_payload_t object.
  *
- * @param type		one of ID_INITIATOR, ID_RESPONDER, ID_V1 and NAT_OA_V1
+ * @param type		one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, PLV1_ID and PLV1_NAT_OA
  * @return			id_payload_t object
  */
 id_payload_t *id_payload_create(payload_type_t type);
@@ -78,7 +78,7 @@ id_payload_t *id_payload_create(payload_type_t type);
 /**
  * Creates an id_payload_t from an existing identification_t object.
  *
- * @param type		one of ID_INITIATOR, ID_RESPONDER, ID_V1 and NAT_OA_V1
+ * @param type		one of PLV2_ID_INITIATOR, PLV2_ID_RESPONDER, PLV1_ID and PLV1_NAT_OA
  * @param id		identification_t object
  * @return			id_payload_t object
  */
@@ -89,7 +89,7 @@ id_payload_t *id_payload_create_from_identification(payload_type_t type,
  * Create an IKEv1 ID_ADDR_SUBNET/RANGE identity from a traffic selector.
  *
  * @param ts		traffic selector
- * @return			ID_V1 id_paylad_t object.
+ * @return			PLV1_ID id_paylad_t object.
  */
 id_payload_t *id_payload_create_from_ts(traffic_selector_t *ts);
 

src/libcharon/encoding/payloads/ike_header.c

@@ -262,7 +262,7 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
 	private_ike_header_t *this)
 {
-	return HEADER;
+	return PL_HEADER;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,

src/libcharon/encoding/payloads/ke_payload.c

@@ -69,7 +69,7 @@ struct private_ke_payload_t {
 	chunk_t key_exchange_data;
 
 	/**
-	 * Payload type, KEY_EXCHANGE or KEY_EXCHANGE_V1
+	 * Payload type, PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
 	 */
 	payload_type_t type;
 };
@@ -148,7 +148,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_ke_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == KEY_EXCHANGE)
+	if (this->type == PLV2_KEY_EXCHANGE)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -160,7 +160,7 @@ METHOD(payload_t, get_encoding_rules, int,
 METHOD(payload_t, get_header_length, int,
 	private_ke_payload_t *this)
 {
-	if (this->type == KEY_EXCHANGE)
+	if (this->type == PLV2_KEY_EXCHANGE)
 	{
 		return 8;
 	}
@@ -233,7 +233,7 @@ ke_payload_t *ke_payload_create(payload_type_t type)
 			.get_dh_group_number = _get_dh_group_number,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.dh_group_number = MODP_NONE,
 		.type = type,
 	);

src/libcharon/encoding/payloads/ke_payload.h

@@ -63,7 +63,7 @@ struct ke_payload_t {
 /**
  * Creates an empty ke_payload_t object.
  *
- * @param type		KEY_EXCHANGE or KEY_EXCHANGE_V1
+ * @param type		PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
  * @return			ke_payload_t object
  */
 ke_payload_t *ke_payload_create(payload_type_t type);
@@ -71,7 +71,7 @@ ke_payload_t *ke_payload_create(payload_type_t type);
 /**
  * Creates a ke_payload_t from a diffie_hellman_t.
  *
- * @param type		KEY_EXCHANGE or KEY_EXCHANGE_V1
+ * @param type		PLV2_KEY_EXCHANGE or PLV1_KEY_EXCHANGE
  * @param dh		diffie hellman object containing group and key
  * @return 			ke_payload_t object
  */

src/libcharon/encoding/payloads/nonce_payload.c

@@ -60,7 +60,7 @@ struct private_nonce_payload_t {
 	chunk_t nonce;
 
 	/**
-	 * Payload type, NONCE or NONCE_V1
+	 * Payload type, PLV2_NONCE or PLV1_NONCE
 	 */
 	payload_type_t type;
 };
@@ -110,12 +110,12 @@ METHOD(payload_t, verify, status_t,
 	{
 		bad_length = TRUE;
 	}
-	if (this->type == NONCE &&
+	if (this->type == PLV2_NONCE &&
 		this->nonce.len < 16)
 	{
 		bad_length = TRUE;
 	}
-	if (this->type == NONCE_V1 &&
+	if (this->type == PLV1_NONCE &&
 		this->nonce.len < 8)
 	{
 		bad_length = TRUE;
@@ -209,7 +209,7 @@ nonce_payload_t *nonce_payload_create(payload_type_t type)
 			.get_nonce = _get_nonce,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);

src/libcharon/encoding/payloads/nonce_payload.h

@@ -64,7 +64,7 @@ struct nonce_payload_t {
 /**
  * Creates an empty nonce_payload_t object
  *
- * @param type		NONCE or NONCE_V1
+ * @param type		PLV2_NONCE or PLV1_NONCE
  * @return			nonce_payload_t object
  */
 nonce_payload_t *nonce_payload_create(payload_type_t type);

src/libcharon/encoding/payloads/notify_payload.c

@@ -302,7 +302,7 @@ struct private_notify_payload_t {
 	chunk_t notify_data;
 
 	/**
-	 * Type of payload, NOTIFY or NOTIFY_V1
+	 * Type of payload, PLV2_NOTIFY or PLV1_NOTIFY
 	 */
 	payload_type_t type;
 };
@@ -427,7 +427,7 @@ METHOD(payload_t, verify, status_t,
 	{
 		case INVALID_KE_PAYLOAD:
 		{
-			if (this->type == NOTIFY && this->notify_data.len != 2)
+			if (this->type == PLV2_NOTIFY && this->notify_data.len != 2)
 			{
 				bad_length = TRUE;
 			}
@@ -447,7 +447,7 @@ METHOD(payload_t, verify, status_t,
 		case INVALID_MAJOR_VERSION:
 		case NO_PROPOSAL_CHOSEN:
 		{
-			if (this->type == NOTIFY && this->notify_data.len != 0)
+			if (this->type == PLV2_NOTIFY && this->notify_data.len != 0)
 			{
 				bad_length = TRUE;
 			}
@@ -531,7 +531,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_notify_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == NOTIFY)
+	if (this->type == PLV2_NOTIFY)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -543,7 +543,7 @@ METHOD(payload_t, get_encoding_rules, int,
 METHOD(payload_t, get_header_length, int,
 	private_notify_payload_t *this)
 {
-	if (this->type == NOTIFY)
+	if (this->type == PLV2_NOTIFY)
 	{
 		return 8 + this->spi_size;
 	}
@@ -726,7 +726,7 @@ notify_payload_t *notify_payload_create(payload_type_t type)
 			.destroy = _destroy,
 		},
 		.doi = IKEV1_DOI_IPSEC,
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.type = type,
 	);
 	compute_length(this);

src/libcharon/encoding/payloads/notify_payload.h

@@ -281,7 +281,7 @@ struct notify_payload_t {
 /**
  * Creates an empty notify_payload_t object
  *
- * @param type		payload type, NOTIFY or NOTIFY_V1
+ * @param type		payload type, PLV2_NOTIFY or PLV1_NOTIFY
  * @return			created notify_payload_t object
  */
 notify_payload_t *notify_payload_create(payload_type_t type);
@@ -289,7 +289,7 @@ notify_payload_t *notify_payload_create(payload_type_t type);
 /**
  * Creates an notify_payload_t object of specific type for specific protocol id.
  *
- * @param type					payload type, NOTIFY or NOTIFY_V1
+ * @param type					payload type, PLV2_NOTIFY or PLV1_NOTIFY
  * @param protocol				protocol id (IKE, AH or ESP)
  * @param notify				type of notify
  * @return						notify_payload_t object

src/libcharon/encoding/payloads/payload.c

@@ -39,16 +39,16 @@
 #include <encoding/payloads/fragment_payload.h>
 #include <encoding/payloads/unknown_payload.h>
 
-ENUM_BEGIN(payload_type_names, NO_PAYLOAD, NO_PAYLOAD,
-	"NO_PAYLOAD");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
+ENUM_BEGIN(payload_type_names, PL_NONE, PL_NONE,
+	"PL_NONE");
+ENUM_NEXT(payload_type_names, PLV1_SECURITY_ASSOCIATION, PLV1_CONFIGURATION, PL_NONE,
 	"SECURITY_ASSOCIATION_V1",
 	"PROPOSAL_V1",
 	"TRANSFORM_V1",
 	"KEY_EXCHANGE_V1",
 	"ID_V1",
 	"CERTIFICATE_V1",
-	"CERTIFICATE_REQUEST_V1",
+	"CERTREQ_V1",
 	"HASH_V1",
 	"SIGNATURE_V1",
 	"NONCE_V1",
@@ -56,41 +56,41 @@ ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYL
 	"DELETE_V1",
 	"VENDOR_ID_V1",
 	"CONFIGURATION_V1");
-ENUM_NEXT(payload_type_names, NAT_D_V1, NAT_OA_V1, CONFIGURATION_V1,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D, PLV1_NAT_OA, PLV1_CONFIGURATION,
 	"NAT_D_V1",
 	"NAT_OA_V1");
-ENUM_NEXT(payload_type_names, SECURITY_ASSOCIATION, GENERIC_SECURE_PASSWORD_METHOD, NAT_OA_V1,
+ENUM_NEXT(payload_type_names, PLV2_SECURITY_ASSOCIATION, PLV2_GSPM, PLV1_NAT_OA,
 	"SECURITY_ASSOCIATION",
 	"KEY_EXCHANGE",
 	"ID_INITIATOR",
 	"ID_RESPONDER",
 	"CERTIFICATE",
-	"CERTIFICATE_REQUEST",
-	"AUTHENTICATION",
+	"CERTREQ",
+	"AUTH",
 	"NONCE",
 	"NOTIFY",
 	"DELETE",
 	"VENDOR_ID",
-	"TRAFFIC_SELECTOR_INITIATOR",
-	"TRAFFIC_SELECTOR_RESPONDER",
+	"TS_INITIATOR",
+	"TS_RESPONDER",
 	"ENCRYPTED",
 	"CONFIGURATION",
-	"EXTENSIBLE_AUTHENTICATION",
-	"GENERIC_SECURE_PASSWORD_METHOD");
+	"EAP",
+	"GSPM");
 #ifdef ME
-ENUM_NEXT(payload_type_names, ID_PEER, ID_PEER, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_names, PLV2_ID_PEER, PLV2_ID_PEER, PLV2_GSPM,
 	"ID_PEER");
-ENUM_NEXT(payload_type_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, ID_PEER,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_ID_PEER,
 	"NAT_D_DRAFT_V1",
 	"NAT_OA_DRAFT_V1",
 	"FRAGMENT");
 #else
-ENUM_NEXT(payload_type_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_GSPM,
 	"NAT_D_DRAFT_V1",
 	"NAT_OA_DRAFT_V1",
 	"FRAGMENT");
 #endif /* ME */
-ENUM_NEXT(payload_type_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
+ENUM_NEXT(payload_type_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
 	"HEADER",
 	"PROPOSAL_SUBSTRUCTURE",
 	"PROPOSAL_SUBSTRUCTURE_V1",
@@ -102,12 +102,12 @@ ENUM_NEXT(payload_type_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
 	"CONFIGURATION_ATTRIBUTE",
 	"CONFIGURATION_ATTRIBUTE_V1",
 	"ENCRYPTED_V1");
-ENUM_END(payload_type_names, ENCRYPTED_V1);
+ENUM_END(payload_type_names, PLV1_ENCRYPTED);
 
 /* short forms of payload names */
-ENUM_BEGIN(payload_type_short_names, NO_PAYLOAD, NO_PAYLOAD,
+ENUM_BEGIN(payload_type_short_names, PL_NONE, PL_NONE,
 	"--");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, NO_PAYLOAD,
+ENUM_NEXT(payload_type_short_names, PLV1_SECURITY_ASSOCIATION, PLV1_CONFIGURATION, PL_NONE,
 	"SA",
 	"PROP",
 	"TRANS",
@@ -122,10 +122,10 @@ ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION_V1, CONFIGURATION_V1, N
 	"D",
 	"V",
 	"CP");
-ENUM_NEXT(payload_type_short_names, NAT_D_V1, NAT_OA_V1, CONFIGURATION_V1,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D, PLV1_NAT_OA, PLV1_CONFIGURATION,
 	"NAT-D",
 	"NAT-OA");
-ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, GENERIC_SECURE_PASSWORD_METHOD, NAT_OA_V1,
+ENUM_NEXT(payload_type_short_names, PLV2_SECURITY_ASSOCIATION, PLV2_GSPM, PLV1_NAT_OA,
 	"SA",
 	"KE",
 	"IDi",
@@ -144,19 +144,19 @@ ENUM_NEXT(payload_type_short_names, SECURITY_ASSOCIATION, GENERIC_SECURE_PASSWOR
 	"EAP",
 	"GSPM");
 #ifdef ME
-ENUM_NEXT(payload_type_short_names, ID_PEER, ID_PEER, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_short_names, PLV2_ID_PEER, PLV2_ID_PEER, PLV2_GSPM,
 	"IDp");
-ENUM_NEXT(payload_type_short_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, ID_PEER,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_ID_PEER,
 	"NAT-D",
 	"NAT-OA",
 	"FRAG");
 #else
-ENUM_NEXT(payload_type_short_names, NAT_D_DRAFT_00_03_V1, FRAGMENT_V1, GENERIC_SECURE_PASSWORD_METHOD,
+ENUM_NEXT(payload_type_short_names, PLV1_NAT_D_DRAFT_00_03, PLV1_FRAGMENT, PLV2_GSPM,
 	"NAT-D",
 	"NAT-OA",
 	"FRAG");
 #endif /* ME */
-ENUM_NEXT(payload_type_short_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
+ENUM_NEXT(payload_type_short_names, PL_HEADER, PLV1_ENCRYPTED, PLV1_FRAGMENT,
 	"HDR",
 	"PROP",
 	"PROP",
@@ -168,7 +168,7 @@ ENUM_NEXT(payload_type_short_names, HEADER, ENCRYPTED_V1, FRAGMENT_V1,
 	"CATTR",
 	"CATTR",
 	"E");
-ENUM_END(payload_type_short_names, ENCRYPTED_V1);
+ENUM_END(payload_type_short_names, PLV1_ENCRYPTED);
 
 /*
  * see header
@@ -177,75 +177,75 @@ payload_t *payload_create(payload_type_t type)
 {
 	switch (type)
 	{
-		case HEADER:
+		case PL_HEADER:
 			return (payload_t*)ike_header_create();
-		case SECURITY_ASSOCIATION:
-		case SECURITY_ASSOCIATION_V1:
+		case PLV2_SECURITY_ASSOCIATION:
+		case PLV1_SECURITY_ASSOCIATION:
 			return (payload_t*)sa_payload_create(type);
-		case PROPOSAL_SUBSTRUCTURE:
-		case PROPOSAL_SUBSTRUCTURE_V1:
+		case PLV2_PROPOSAL_SUBSTRUCTURE:
+		case PLV1_PROPOSAL_SUBSTRUCTURE:
 			return (payload_t*)proposal_substructure_create(type);
-		case TRANSFORM_SUBSTRUCTURE:
-		case TRANSFORM_SUBSTRUCTURE_V1:
+		case PLV2_TRANSFORM_SUBSTRUCTURE:
+		case PLV1_TRANSFORM_SUBSTRUCTURE:
 			return (payload_t*)transform_substructure_create(type);
-		case TRANSFORM_ATTRIBUTE:
-		case TRANSFORM_ATTRIBUTE_V1:
+		case PLV2_TRANSFORM_ATTRIBUTE:
+		case PLV1_TRANSFORM_ATTRIBUTE:
 			return (payload_t*)transform_attribute_create(type);
-		case NONCE:
-		case NONCE_V1:
+		case PLV2_NONCE:
+		case PLV1_NONCE:
 			return (payload_t*)nonce_payload_create(type);
-		case ID_INITIATOR:
-		case ID_RESPONDER:
-		case ID_V1:
-		case NAT_OA_V1:
-		case NAT_OA_DRAFT_00_03_V1:
+		case PLV2_ID_INITIATOR:
+		case PLV2_ID_RESPONDER:
+		case PLV1_ID:
+		case PLV1_NAT_OA:
+		case PLV1_NAT_OA_DRAFT_00_03:
 #ifdef ME
-		case ID_PEER:
+		case PLV2_ID_PEER:
 #endif /* ME */
 			return (payload_t*)id_payload_create(type);
-		case AUTHENTICATION:
+		case PLV2_AUTH:
 			return (payload_t*)auth_payload_create();
-		case CERTIFICATE:
-		case CERTIFICATE_V1:
+		case PLV2_CERTIFICATE:
+		case PLV1_CERTIFICATE:
 			return (payload_t*)cert_payload_create(type);
-		case CERTIFICATE_REQUEST:
-		case CERTIFICATE_REQUEST_V1:
+		case PLV2_CERTREQ:
+		case PLV1_CERTREQ:
 			return (payload_t*)certreq_payload_create(type);
-		case TRAFFIC_SELECTOR_SUBSTRUCTURE:
+		case PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE:
 			return (payload_t*)traffic_selector_substructure_create();
-		case TRAFFIC_SELECTOR_INITIATOR:
+		case PLV2_TS_INITIATOR:
 			return (payload_t*)ts_payload_create(TRUE);
-		case TRAFFIC_SELECTOR_RESPONDER:
+		case PLV2_TS_RESPONDER:
 			return (payload_t*)ts_payload_create(FALSE);
-		case KEY_EXCHANGE:
-		case KEY_EXCHANGE_V1:
+		case PLV2_KEY_EXCHANGE:
+		case PLV1_KEY_EXCHANGE:
 			return (payload_t*)ke_payload_create(type);
-		case NOTIFY:
-		case NOTIFY_V1:
+		case PLV2_NOTIFY:
+		case PLV1_NOTIFY:
 			return (payload_t*)notify_payload_create(type);
-		case DELETE:
-		case DELETE_V1:
+		case PLV2_DELETE:
+		case PLV1_DELETE:
 			return (payload_t*)delete_payload_create(type, 0);
-		case VENDOR_ID:
-		case VENDOR_ID_V1:
+		case PLV2_VENDOR_ID:
+		case PLV1_VENDOR_ID:
 			return (payload_t*)vendor_id_payload_create(type);
-		case HASH_V1:
-		case SIGNATURE_V1:
-		case NAT_D_V1:
-		case NAT_D_DRAFT_00_03_V1:
+		case PLV1_HASH:
+		case PLV1_SIGNATURE:
+		case PLV1_NAT_D:
+		case PLV1_NAT_D_DRAFT_00_03:
 			return (payload_t*)hash_payload_create(type);
-		case CONFIGURATION:
-		case CONFIGURATION_V1:
+		case PLV2_CONFIGURATION:
+		case PLV1_CONFIGURATION:
 			return (payload_t*)cp_payload_create(type);
-		case CONFIGURATION_ATTRIBUTE:
-		case CONFIGURATION_ATTRIBUTE_V1:
+		case PLV2_CONFIGURATION_ATTRIBUTE:
+		case PLV1_CONFIGURATION_ATTRIBUTE:
 			return (payload_t*)configuration_attribute_create(type);
-		case EXTENSIBLE_AUTHENTICATION:
+		case PLV2_EAP:
 			return (payload_t*)eap_payload_create();
-		case ENCRYPTED:
-		case ENCRYPTED_V1:
+		case PLV2_ENCRYPTED:
+		case PLV1_ENCRYPTED:
 			return (payload_t*)encryption_payload_create(type);
-		case FRAGMENT_V1:
+		case PLV1_FRAGMENT:
 			return (payload_t*)fragment_payload_create();
 		default:
 			return (payload_t*)unknown_payload_create(type);
@@ -257,29 +257,29 @@ payload_t *payload_create(payload_type_t type)
  */
 bool payload_is_known(payload_type_t type)
 {
-	if (type == HEADER)
+	if (type == PL_HEADER)
 	{
 		return TRUE;
 	}
-	if (type >= SECURITY_ASSOCIATION && type <= EXTENSIBLE_AUTHENTICATION)
+	if (type >= PLV2_SECURITY_ASSOCIATION && type <= PLV2_EAP)
 	{
 		return TRUE;
 	}
-	if (type >= SECURITY_ASSOCIATION_V1 && type <= CONFIGURATION_V1)
+	if (type >= PLV1_SECURITY_ASSOCIATION && type <= PLV1_CONFIGURATION)
 	{
 		return TRUE;
 	}
-	if (type >= NAT_D_V1 && type <= NAT_OA_V1)
+	if (type >= PLV1_NAT_D && type <= PLV1_NAT_OA)
 	{
 		return TRUE;
 	}
 #ifdef ME
-	if (type == ID_PEER)
+	if (type == PLV2_ID_PEER)
 	{
 		return TRUE;
 	}
 #endif
-	if (type >= NAT_D_DRAFT_00_03_V1 && type <= FRAGMENT_V1)
+	if (type >= PLV1_NAT_D_DRAFT_00_03 && type <= PLV1_FRAGMENT)
 	{
 		return TRUE;
 	}

src/libcharon/encoding/payloads/payload.h

@@ -45,195 +45,195 @@ enum payload_type_t {
 	/**
 	 * End of payload list in next_payload
 	 */
-	NO_PAYLOAD = 0,
+	PL_NONE = 0,
 
 	/**
 	 * The security association (SA) payload containing proposals.
 	 */
-	SECURITY_ASSOCIATION_V1 = 1,
+	PLV1_SECURITY_ASSOCIATION = 1,
 
 	/**
 	 * The proposal payload, containing transforms.
 	 */
-	PROPOSAL_V1 = 2,
+	PLV1_PROPOSAL = 2,
 
 	/**
 	 * The transform payload.
 	 */
-	TRANSFORM_V1 = 3,
+	PLV1_TRANSFORM = 3,
 
 	/**
 	 * The key exchange (KE) payload containing diffie-hellman values.
 	 */
-	KEY_EXCHANGE_V1 = 4,
+	PLV1_KEY_EXCHANGE = 4,
 
 	/**
 	 * ID payload.
 	 */
-	ID_V1 = 5,
+	PLV1_ID = 5,
 
 	/**
 	 * Certificate payload with certificates (CERT).
 	 */
-	CERTIFICATE_V1 = 6,
+	PLV1_CERTIFICATE = 6,
 
 	/**
 	 * Certificate request payload.
 	 */
-	CERTIFICATE_REQUEST_V1 = 7,
+	PLV1_CERTREQ = 7,
 
 	/**
 	 * Hash payload.
 	 */
-	HASH_V1 = 8,
+	PLV1_HASH = 8,
 
 	/**
 	 * Signature payload
 	 */
-	SIGNATURE_V1 = 9,
+	PLV1_SIGNATURE = 9,
 
 	/**
 	 * Nonce payload.
 	 */
-	NONCE_V1 = 10,
+	PLV1_NONCE = 10,
 
 	/**
 	 * Notification payload.
 	 */
-	NOTIFY_V1 = 11,
+	PLV1_NOTIFY = 11,
 
 	/**
 	 * Delete payload.
 	 */
-	DELETE_V1 = 12,
+	PLV1_DELETE = 12,
 
 	/**
 	 * Vendor id payload.
 	 */
-	VENDOR_ID_V1 = 13,
+	PLV1_VENDOR_ID = 13,
 
 	/**
 	 * Attribute payload (ISAKMP Mode Config, aka configuration payload.
 	 */
-	CONFIGURATION_V1 = 14,
+	PLV1_CONFIGURATION = 14,
 
 	/**
 	 * NAT discovery payload (NAT-D).
 	 */
-	NAT_D_V1 = 20,
+	PLV1_NAT_D = 20,
 
 	/**
 	 * NAT original address payload (NAT-OA).
 	 */
-	NAT_OA_V1 = 21,
+	PLV1_NAT_OA = 21,
 
 	/**
 	 * The security association (SA) payload containing proposals.
 	 */
-	SECURITY_ASSOCIATION = 33,
+	PLV2_SECURITY_ASSOCIATION = 33,
 
 	/**
 	 * The key exchange (KE) payload containing diffie-hellman values.
 	 */
-	KEY_EXCHANGE = 34,
+	PLV2_KEY_EXCHANGE = 34,
 
 	/**
 	 * Identification for the original initiator (IDi).
 	 */
-	ID_INITIATOR = 35,
+	PLV2_ID_INITIATOR = 35,
 
 	/**
 	 * Identification for the original responder (IDr).
 	 */
-	ID_RESPONDER = 36,
+	PLV2_ID_RESPONDER = 36,
 
 	/**
 	 * Certificate payload with certificates (CERT).
 	 */
-	CERTIFICATE = 37,
+	PLV2_CERTIFICATE = 37,
 
 	/**
 	 * Certificate request payload (CERTREQ).
 	 */
-	CERTIFICATE_REQUEST = 38,
+	PLV2_CERTREQ = 38,
 
 	/**
 	 * Authentication payload contains auth data (AUTH).
 	 */
-	AUTHENTICATION = 39,
+	PLV2_AUTH = 39,
 
 	/**
 	 * Nonces, for initiator and responder (Ni, Nr, N)
 	 */
-	NONCE = 40,
+	PLV2_NONCE = 40,
 
 	/**
 	 * Notify paylaod (N).
 	 */
-	NOTIFY = 41,
+	PLV2_NOTIFY = 41,
 
 	/**
 	 * Delete payload (D)
 	 */
-	DELETE = 42,
+	PLV2_DELETE = 42,
 
 	/**
 	 * Vendor id paylpoad (V).
 	 */
-	VENDOR_ID = 43,
+	PLV2_VENDOR_ID = 43,
 
 	/**
 	 * Traffic selector for the original initiator (TSi).
 	 */
-	TRAFFIC_SELECTOR_INITIATOR = 44,
+	PLV2_TS_INITIATOR = 44,
 
 	/**
 	 * Traffic selector for the original responser (TSr).
 	 */
-	TRAFFIC_SELECTOR_RESPONDER = 45,
+	PLV2_TS_RESPONDER = 45,
 
 	/**
 	 * Encryption payload, contains other payloads (E).
 	 */
-	ENCRYPTED = 46,
+	PLV2_ENCRYPTED = 46,
 
 	/**
 	 * Configuration payload (CP).
 	 */
-	CONFIGURATION = 47,
+	PLV2_CONFIGURATION = 47,
 
 	/**
 	 * Extensible authentication payload (EAP).
 	 */
-	EXTENSIBLE_AUTHENTICATION = 48,
+	PLV2_EAP = 48,
 
 	/**
 	 * Generic Secure Password Method (GSPM).
 	 */
-	GENERIC_SECURE_PASSWORD_METHOD = 49,
+	PLV2_GSPM = 49,
 
 #ifdef ME
 	/**
 	 * Identification payload for peers has a value from
 	 * the PRIVATE USE space.
 	 */
-	ID_PEER = 128,
+	PLV2_ID_PEER = 128,
 #endif /* ME */
 
 	/**
 	 * NAT discovery payload (NAT-D) (drafts).
 	 */
-	NAT_D_DRAFT_00_03_V1 = 130,
+	PLV1_NAT_D_DRAFT_00_03 = 130,
 
 	/**
 	 * NAT original address payload (NAT-OA) (drafts).
 	 */
-	NAT_OA_DRAFT_00_03_V1 = 131,
+	PLV1_NAT_OA_DRAFT_00_03 = 131,
 
 	/**
 	 * IKE fragment (proprietary IKEv1 extension)
 	 */
-	FRAGMENT_V1 = 132,
+	PLV1_FRAGMENT = 132,
 
 	/**
 	 * Header has a value of PRIVATE USE space.
@@ -241,57 +241,57 @@ enum payload_type_t {
 	 * This type and all the following are never sent over wire and are
 	 * used internally only.
 	 */
-	HEADER = 256,
+	PL_HEADER = 256,
 
 	/**
-	 * PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
+	 * PLV2_PROPOSAL_SUBSTRUCTURE, IKEv2 proposals in a SA payload.
 	 */
-	PROPOSAL_SUBSTRUCTURE,
+	PLV2_PROPOSAL_SUBSTRUCTURE,
 
 	/**
-	 * PROPOSAL_SUBSTRUCTURE_V1, IKEv1 proposals in a SA payload.
+	 * PLV1_PROPOSAL_SUBSTRUCTURE, IKEv1 proposals in a SA payload.
 	 */
-	PROPOSAL_SUBSTRUCTURE_V1,
+	PLV1_PROPOSAL_SUBSTRUCTURE,
 
 	/**
-	 * TRANSFORM_SUBSTRUCTURE, IKEv2 transforms in a proposal substructure.
+	 * PLV2_TRANSFORM_SUBSTRUCTURE, IKEv2 transforms in a proposal substructure.
 	 */
-	TRANSFORM_SUBSTRUCTURE,
+	PLV2_TRANSFORM_SUBSTRUCTURE,
 
 	/**
-	 * TRANSFORM_SUBSTRUCTURE_V1, IKEv1 transforms in a proposal substructure.
+	 * PLV1_TRANSFORM_SUBSTRUCTURE, IKEv1 transforms in a proposal substructure.
 	 */
-	TRANSFORM_SUBSTRUCTURE_V1,
+	PLV1_TRANSFORM_SUBSTRUCTURE,
 
 	/**
-	 * TRANSFORM_ATTRIBUTE, IKEv2 attribute in a transform.
+	 * PLV2_TRANSFORM_ATTRIBUTE, IKEv2 attribute in a transform.
 	 */
-	TRANSFORM_ATTRIBUTE,
+	PLV2_TRANSFORM_ATTRIBUTE,
 
 	/**
-	 * TRANSFORM_ATTRIBUTE_V1, IKEv1 attribute in a transform.
+	 * PLV1_TRANSFORM_ATTRIBUTE, IKEv1 attribute in a transform.
 	 */
-	TRANSFORM_ATTRIBUTE_V1,
+	PLV1_TRANSFORM_ATTRIBUTE,
 
 	/**
-	 * TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic selector in a TS payload.
+	 * PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE, traffic selector in a TS payload.
 	 */
-	TRAFFIC_SELECTOR_SUBSTRUCTURE,
+	PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE,
 
 	/**
-	 * CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
+	 * PLV2_CONFIGURATION_ATTRIBUTE, IKEv2 attribute in a configuration payload.
 	 */
-	CONFIGURATION_ATTRIBUTE,
+	PLV2_CONFIGURATION_ATTRIBUTE,
 
 	/**
-	 * CONFIGURATION_ATTRIBUTE_V1, IKEv1 attribute in a configuration payload.
+	 * PLV1_CONFIGURATION_ATTRIBUTE, IKEv1 attribute in a configuration payload.
 	 */
-	CONFIGURATION_ATTRIBUTE_V1,
+	PLV1_CONFIGURATION_ATTRIBUTE,
 
 	/**
 	 * This is not really a payload, but rather the complete IKEv1 message.
 	 */
-	ENCRYPTED_V1,
+	PLV1_ENCRYPTED,
 };
 
 /**
@@ -336,7 +336,7 @@ struct payload_t {
 	payload_type_t (*get_type) (payload_t *this);
 
 	/**
-	 * Get type of next payload or NO_PAYLOAD (0) if this is the last one.
+	 * Get type of next payload or PL_NONE (0) if this is the last one.
 	 *
 	 * @return				type of next payload
 	 */

src/libcharon/encoding/payloads/proposal_substructure.c

@@ -88,7 +88,7 @@ struct private_proposal_substructure_t {
 	linked_list_t *transforms;
 
 	/**
-	 * Type of this payload, PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
+	 * Type of this payload, PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
 	 */
 	payload_type_t type;
 };
@@ -114,7 +114,7 @@ static encoding_rule_t encodings_v1[] = {
 	/* SPI is a chunk of variable size*/
 	{ SPI,				offsetof(private_proposal_substructure_t, spi)				},
 	/* Transforms are stored in a transform substructure list */
-	{ PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE_V1,
+	{ PAYLOAD_LIST + PLV1_TRANSFORM_SUBSTRUCTURE,
 						offsetof(private_proposal_substructure_t, transforms)		},
 };
 
@@ -139,7 +139,7 @@ static encoding_rule_t encodings_v2[] = {
 	/* SPI is a chunk of variable size*/
 	{ SPI,				offsetof(private_proposal_substructure_t, spi)				},
 	/* Transforms are stored in a transform substructure list */
-	{ PAYLOAD_LIST + TRANSFORM_SUBSTRUCTURE,
+	{ PAYLOAD_LIST + PLV2_TRANSFORM_SUBSTRUCTURE,
 						offsetof(private_proposal_substructure_t, transforms)		},
 };
 
@@ -329,7 +329,7 @@ METHOD(payload_t, verify, status_t,
 	enumerator_t *enumerator;
 	payload_t *current;
 
-	if (this->next_payload != NO_PAYLOAD && this->next_payload != 2)
+	if (this->next_payload != PL_NONE && this->next_payload != 2)
 	{
 		/* must be 0 or 2 */
 		DBG1(DBG_ENC, "inconsistent next payload");
@@ -361,7 +361,7 @@ METHOD(payload_t, verify, status_t,
 			}
 			break;
 		case PROTO_IKE:
-			if (this->type == PROPOSAL_SUBSTRUCTURE_V1)
+			if (this->type == PLV1_PROPOSAL_SUBSTRUCTURE)
 			{
 				if (this->spi.len <= 16)
 				{	/* according to RFC 2409, section 3.5 anything between
@@ -397,7 +397,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_proposal_substructure_t *this, encoding_rule_t **rules)
 {
-	if (this->type == PROPOSAL_SUBSTRUCTURE)
+	if (this->type == PLV2_PROPOSAL_SUBSTRUCTURE)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -1028,7 +1028,7 @@ METHOD(proposal_substructure_t, get_proposals, void,
 			proposal->set_spi(proposal, spi);
 			proposals->insert_last(proposals, proposal);
 		}
-		if (this->type == PROPOSAL_SUBSTRUCTURE)
+		if (this->type == PLV2_PROPOSAL_SUBSTRUCTURE)
 		{
 			add_to_proposal_v2(proposal, transform);
 		}
@@ -1266,7 +1266,7 @@ proposal_substructure_t *proposal_substructure_create(payload_type_t type)
 			.get_encap_mode = _get_encap_mode,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.transforms = linked_list_create(),
 		.type = type,
 	);
@@ -1286,7 +1286,7 @@ static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
 	u_int16_t alg, key_size;
 	enumerator_t *enumerator;
 
-	transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
+	transform = transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE,
 												number, IKEV1_TRANSID_KEY_IKE);
 
 	enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
@@ -1296,12 +1296,12 @@ static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
 		if (alg)
 		{
 			transform->add_transform_attribute(transform,
-				transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+				transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 									TATTR_PH1_ENCRYPTION_ALGORITHM, alg));
 			if (key_size)
 			{
 				transform->add_transform_attribute(transform,
-					transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+					transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 										TATTR_PH1_KEY_LENGTH, key_size));
 			}
 			break;
@@ -1317,7 +1317,7 @@ static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
 		if (alg)
 		{
 			transform->add_transform_attribute(transform,
-				transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+				transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 									TATTR_PH1_HASH_ALGORITHM, alg));
 			break;
 		}
@@ -1328,19 +1328,19 @@ static void set_from_proposal_v1_ike(private_proposal_substructure_t *this,
 	if (enumerator->enumerate(enumerator, &alg, &key_size))
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 								TATTR_PH1_GROUP, alg));
 	}
 	enumerator->destroy(enumerator);
 
 	transform->add_transform_attribute(transform,
-		transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+		transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH1_AUTH_METHOD, get_ikev1_auth(method)));
 	transform->add_transform_attribute(transform,
-		transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+		transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH1_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
 	transform->add_transform_attribute(transform,
-		transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+		transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH1_LIFE_DURATION, lifetime));
 
 	add_transform_substructure(this, transform);
@@ -1366,11 +1366,11 @@ static void set_from_proposal_v1(private_proposal_substructure_t *this,
 		if (alg)
 		{
 			transform = transform_substructure_create_type(
-									TRANSFORM_SUBSTRUCTURE_V1, number, alg);
+									PLV1_TRANSFORM_SUBSTRUCTURE, number, alg);
 			if (key_size)
 			{
 				transform->add_transform_attribute(transform,
-					transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+					transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 											TATTR_PH2_KEY_LENGTH, key_size));
 			}
 		}
@@ -1386,10 +1386,10 @@ static void set_from_proposal_v1(private_proposal_substructure_t *this,
 			if (!transform)
 			{
 				transform = transform_substructure_create_type(
-									TRANSFORM_SUBSTRUCTURE_V1, number, alg);
+									PLV1_TRANSFORM_SUBSTRUCTURE, number, alg);
 			}
 			transform->add_transform_attribute(transform,
-				transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+				transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 									TATTR_PH2_AUTH_ALGORITHM, alg));
 		}
 	}
@@ -1404,30 +1404,30 @@ static void set_from_proposal_v1(private_proposal_substructure_t *this,
 	if (enumerator->enumerate(enumerator, &alg, &key_size))
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 									TATTR_PH2_GROUP, alg));
 	}
 	enumerator->destroy(enumerator);
 
 	transform->add_transform_attribute(transform,
-		transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+		transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
 	if (lifetime)
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_DURATION, lifetime));
 	}
 	if (lifebytes)
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
 	}
 
@@ -1448,12 +1448,12 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
 	enumerator = proposal->create_enumerator(proposal, ENCRYPTION_ALGORITHM);
 	while (enumerator->enumerate(enumerator, &alg, &key_size))
 	{
-		transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+		transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
 												ENCRYPTION_ALGORITHM, alg);
 		if (key_size)
 		{
 			transform->add_transform_attribute(transform,
-				transform_attribute_create_value(TRANSFORM_ATTRIBUTE,
+				transform_attribute_create_value(PLV2_TRANSFORM_ATTRIBUTE,
 											TATTR_IKEV2_KEY_LENGTH, key_size));
 		}
 		add_transform_substructure(this, transform);
@@ -1464,7 +1464,7 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
 	enumerator = proposal->create_enumerator(proposal, INTEGRITY_ALGORITHM);
 	while (enumerator->enumerate(enumerator, &alg, &key_size))
 	{
-		transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+		transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
 												INTEGRITY_ALGORITHM, alg);
 		add_transform_substructure(this, transform);
 	}
@@ -1474,7 +1474,7 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
 	enumerator = proposal->create_enumerator(proposal, PSEUDO_RANDOM_FUNCTION);
 	while (enumerator->enumerate(enumerator, &alg, &key_size))
 	{
-		transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+		transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
 												PSEUDO_RANDOM_FUNCTION, alg);
 		add_transform_substructure(this, transform);
 	}
@@ -1484,7 +1484,7 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
 	enumerator = proposal->create_enumerator(proposal, DIFFIE_HELLMAN_GROUP);
 	while (enumerator->enumerate(enumerator, &alg, NULL))
 	{
-		transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+		transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
 												DIFFIE_HELLMAN_GROUP, alg);
 		add_transform_substructure(this, transform);
 	}
@@ -1494,7 +1494,7 @@ static void set_from_proposal_v2(private_proposal_substructure_t *this,
 	enumerator = proposal->create_enumerator(proposal, EXTENDED_SEQUENCE_NUMBERS);
 	while (enumerator->enumerate(enumerator, &alg, NULL))
 	{
-		transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE,
+		transform = transform_substructure_create_type(PLV2_TRANSFORM_SUBSTRUCTURE,
 												EXTENDED_SEQUENCE_NUMBERS, alg);
 		add_transform_substructure(this, transform);
 	}
@@ -1543,7 +1543,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
 	private_proposal_substructure_t *this;
 
 	this = (private_proposal_substructure_t*)
-							proposal_substructure_create(SECURITY_ASSOCIATION);
+							proposal_substructure_create(PLV2_SECURITY_ASSOCIATION);
 	set_from_proposal_v2(this, proposal);
 	set_data(this, proposal);
 
@@ -1560,7 +1560,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
 	private_proposal_substructure_t *this;
 
 	this = (private_proposal_substructure_t*)
-						proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
+						proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE);
 	switch (proposal->get_protocol(proposal))
 	{
 		case PROTO_IKE:
@@ -1636,31 +1636,31 @@ proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
 
 
 	this = (private_proposal_substructure_t*)
-						proposal_substructure_create(PROPOSAL_SUBSTRUCTURE_V1);
+						proposal_substructure_create(PLV1_PROPOSAL_SUBSTRUCTURE);
 
 	/* we currently support DEFLATE only */
-	transform = transform_substructure_create_type(TRANSFORM_SUBSTRUCTURE_V1,
+	transform = transform_substructure_create_type(PLV1_TRANSFORM_SUBSTRUCTURE,
 												   1, IKEV1_IPCOMP_DEFLATE);
 
 	transform->add_transform_attribute(transform,
-		transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+		transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_ENCAP_MODE, get_ikev1_mode(mode, udp)));
 	if (lifetime)
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_SECONDS));
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_DURATION, lifetime));
 	}
 	if (lifebytes)
 	{
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_TYPE, IKEV1_LIFE_TYPE_KILOBYTES));
 		transform->add_transform_attribute(transform,
-			transform_attribute_create_value(TRANSFORM_ATTRIBUTE_V1,
+			transform_attribute_create_value(PLV1_TRANSFORM_ATTRIBUTE,
 							TATTR_PH2_SA_LIFE_DURATION, lifebytes / 1000));
 	}
 

src/libcharon/encoding/payloads/proposal_substructure.h

@@ -168,7 +168,7 @@ struct proposal_substructure_t {
 /**
  * Creates an empty proposal_substructure_t object
  *
- * @param type		PROPOSAL_SUBSTRUCTURE or PROPOSAL_SUBSTRUCTURE_V1
+ * @param type		PLV2_PROPOSAL_SUBSTRUCTURE or PLV1_PROPOSAL_SUBSTRUCTURE
  * @return			proposal_substructure_t object
  */
 proposal_substructure_t *proposal_substructure_create(payload_type_t type);
@@ -177,7 +177,7 @@ proposal_substructure_t *proposal_substructure_create(payload_type_t type);
  * Creates an IKEv2 proposal_substructure_t from a proposal_t.
  *
  * @param proposal	proposal to build a substruct out of it
- * @return			proposal_substructure_t PROPOSAL_SUBSTRUCTURE
+ * @return			proposal_substructure_t PLV2_PROPOSAL_SUBSTRUCTURE
  */
 proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
 														proposal_t *proposal);
@@ -190,7 +190,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v2(
  * @param auth		authentication method to use, or AUTH_NONE
  * @param mode		IPsec encapsulation mode, TRANSPORT or TUNNEL
  * @param udp		ENCAP_UDP to use UDP encapsulation
- * @return			proposal_substructure_t object PROPOSAL_SUBSTRUCTURE_V1
+ * @return			proposal_substructure_t object PLV1_PROPOSAL_SUBSTRUCTURE
  */
 proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
 			proposal_t *proposal,  u_int32_t lifetime, u_int64_t lifebytes,
@@ -205,7 +205,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposal_v1(
  * @param auth		authentication method to use, or AUTH_NONE
  * @param mode		IPsec encapsulation mode, TRANSPORT or TUNNEL
  * @param udp		ENCAP_UDP to use UDP encapsulation
- * @return			IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1
+ * @return			IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
  */
 proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
 			linked_list_t *proposals, u_int32_t lifetime, u_int64_t lifebytes,
@@ -221,7 +221,7 @@ proposal_substructure_t *proposal_substructure_create_from_proposals_v1(
  * @param mode				IPsec encapsulation mode, TRANSPORT or TUNNEL
  * @param udp				ENCAP_UDP to use UDP encapsulation
  * @param proposal_number	the proposal number of the proposal to be linked
- * @return					IKEv1 proposal_substructure_t PROPOSAL_SUBSTRUCTURE_V1
+ * @return					IKEv1 proposal_substructure_t PLV1_PROPOSAL_SUBSTRUCTURE
  */
 proposal_substructure_t *proposal_substructure_create_for_ipcomp_v1(
 			u_int32_t lifetime, u_int64_t lifebytes, u_int16_t cpi,

src/libcharon/encoding/payloads/sa_payload.c

@@ -101,7 +101,7 @@ static encoding_rule_t encodings_v1[] = {
 	/* Situation*/
 	{ U_INT_32,			offsetof(private_sa_payload_t, situation)		},
 	/* Proposals are stored in a proposal substructure list */
-	{ PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE_V1,
+	{ PAYLOAD_LIST + PLV1_PROPOSAL_SUBSTRUCTURE,
 						offsetof(private_sa_payload_t, proposals)		},
 };
 
@@ -140,7 +140,7 @@ static encoding_rule_t encodings_v2[] = {
 	/* Length of the whole SA payload*/
 	{ PAYLOAD_LENGTH,	offsetof(private_sa_payload_t, payload_length)		},
 	/* Proposals are stored in a proposal substructure list */
-	{ PAYLOAD_LIST + PROPOSAL_SUBSTRUCTURE,
+	{ PAYLOAD_LIST + PLV2_PROPOSAL_SUBSTRUCTURE,
 						offsetof(private_sa_payload_t, proposals)			},
 };
 
@@ -164,7 +164,7 @@ METHOD(payload_t, verify, status_t,
 	enumerator_t *enumerator;
 	proposal_substructure_t *substruct;
 
-	if (this->type == SECURITY_ASSOCIATION)
+	if (this->type == PLV2_SECURITY_ASSOCIATION)
 	{
 		expected_number = 1;
 	}
@@ -196,7 +196,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_sa_payload_t *this, encoding_rule_t **rules)
 {
-	if (this->type == SECURITY_ASSOCIATION_V1)
+	if (this->type == PLV1_SECURITY_ASSOCIATION)
 	{
 		*rules = encodings_v1;
 		return countof(encodings_v1);
@@ -208,7 +208,7 @@ METHOD(payload_t, get_encoding_rules, int,
 METHOD(payload_t, get_header_length, int,
 	private_sa_payload_t *this)
 {
-	if (this->type == SECURITY_ASSOCIATION_V1)
+	if (this->type == PLV1_SECURITY_ASSOCIATION)
 	{
 		return 12;
 	}
@@ -295,7 +295,7 @@ METHOD(sa_payload_t, get_proposals, linked_list_t*,
 	proposal_substructure_t *substruct;
 	linked_list_t *substructs, *list;
 
-	if (this->type == SECURITY_ASSOCIATION_V1)
+	if (this->type == PLV1_SECURITY_ASSOCIATION)
 	{	/* IKEv1 proposals start with 0 */
 		struct_number = ignore_struct_number = -1;
 	}
@@ -502,7 +502,7 @@ sa_payload_t *sa_payload_create(payload_type_t type)
 			.get_encap_mode = _get_encap_mode,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.proposals = linked_list_create(),
 		.type = type,
 		/* for IKEv1 only */
@@ -524,7 +524,7 @@ sa_payload_t *sa_payload_create_from_proposals_v2(linked_list_t *proposals)
 	enumerator_t *enumerator;
 	proposal_t *proposal;
 
-	this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION);
+	this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
 	enumerator = proposals->create_enumerator(proposals);
 	while (enumerator->enumerate(enumerator, &proposal))
 	{
@@ -542,7 +542,7 @@ sa_payload_t *sa_payload_create_from_proposal_v2(proposal_t *proposal)
 {
 	private_sa_payload_t *this;
 
-	this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION);
+	this = (private_sa_payload_t*)sa_payload_create(PLV2_SECURITY_ASSOCIATION);
 	add_proposal_v2(this, proposal);
 
 	return &this->public;
@@ -560,7 +560,7 @@ sa_payload_t *sa_payload_create_from_proposals_v1(linked_list_t *proposals,
 	proposal_substructure_t *substruct;
 	private_sa_payload_t *this;
 
-	this = (private_sa_payload_t*)sa_payload_create(SECURITY_ASSOCIATION_V1);
+	this = (private_sa_payload_t*)sa_payload_create(PLV1_SECURITY_ASSOCIATION);
 
 	if (!proposals || !proposals->get_count(proposals))
 	{

src/libcharon/encoding/payloads/sa_payload.h

@@ -104,7 +104,7 @@ struct sa_payload_t {
 /**
  * Creates an empty sa_payload_t object
  *
- * @param type				SECURITY_ASSOCIATION or SECURITY_ASSOCIATION_V1
+ * @param type				PLV2_SECURITY_ASSOCIATION or PLV1_SECURITY_ASSOCIATION
  * @return					created sa_payload_t object
  */
 sa_payload_t *sa_payload_create(payload_type_t type);

src/libcharon/encoding/payloads/traffic_selector_substructure.c

@@ -168,13 +168,13 @@ METHOD(payload_t, get_header_length, int,
 METHOD(payload_t, get_type, payload_type_t,
 	private_traffic_selector_substructure_t *this)
 {
-	return TRAFFIC_SELECTOR_SUBSTRUCTURE;
+	return PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
 	private_traffic_selector_substructure_t *this)
 {
-	return NO_PAYLOAD;
+	return PL_NONE;
 }
 
 METHOD(payload_t, set_next_type, void,

src/libcharon/encoding/payloads/transform_attribute.c

@@ -98,7 +98,7 @@ struct private_transform_attribute_t {
 	chunk_t attribute_value;
 
 	/**
-	 * Payload type, TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+	 * Payload type, PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
 	 */
 	payload_type_t type;
 };
@@ -157,7 +157,7 @@ METHOD(payload_t, get_type, payload_type_t,
 METHOD(payload_t, get_next_type, payload_type_t,
 	private_transform_attribute_t *this)
 {
-	return NO_PAYLOAD;
+	return PL_NONE;
 }
 
 METHOD(payload_t, set_next_type, void,

src/libcharon/encoding/payloads/transform_attribute.h

@@ -127,7 +127,7 @@ struct transform_attribute_t {
 /**
  * Creates an empty transform_attribute_t object.
  *
- * @param type			TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * @param type			PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
  * @return				transform_attribute_t object
  */
 transform_attribute_t *transform_attribute_create(payload_type_t type);
@@ -135,7 +135,7 @@ transform_attribute_t *transform_attribute_create(payload_type_t type);
 /**
  * Creates a two byte value or a larger attribute for a given attribute kind.
  *
- * @param type			TRANSFORM_ATTRIBUTE or TRANSFORM_ATTRIBUTE_V1
+ * @param type			PLV2_TRANSFORM_ATTRIBUTE or PLV1_TRANSFORM_ATTRIBUTE
  * @param kind			attribute kind
  * @param value			fixed two byte value
  * @return				transform_attribute_t object

src/libcharon/encoding/payloads/transform_substructure.c

@@ -73,13 +73,13 @@ struct private_transform_substructure_t {
 	linked_list_t *attributes;
 
 	/**
-	 * Payload type, TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+	 * Payload type, PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
 	 */
 	payload_type_t type;
 };
 
 /**
- * Encoding rules for TRANSFORM_SUBSTRUCTURE
+ * Encoding rules for PLV2_TRANSFORM_SUBSTRUCTURE
  */
 static encoding_rule_t encodings_v2[] = {
 	/* 1 Byte next payload type, stored in the field next_payload */
@@ -95,12 +95,12 @@ static encoding_rule_t encodings_v2[] = {
 	/* transform identifier, as used by IKEv2 */
 	{ U_INT_16,			offsetof(private_transform_substructure_t, transform_id_v2)	},
 	/* Attributes in a transform attribute list */
-	{ PAYLOAD_LIST + TRANSFORM_ATTRIBUTE,
+	{ PAYLOAD_LIST + PLV2_TRANSFORM_ATTRIBUTE,
 						offsetof(private_transform_substructure_t, attributes)		}
 };
 
 /**
- * Encoding rules for TRANSFORM_SUBSTRUCTURE_V1
+ * Encoding rules for PLV1_TRANSFORM_SUBSTRUCTURE
  */
 static encoding_rule_t encodings_v1[] = {
 	/* 1 Byte next payload type, stored in the field next_payload */
@@ -117,7 +117,7 @@ static encoding_rule_t encodings_v1[] = {
 	{ RESERVED_BYTE,	offsetof(private_transform_substructure_t, reserved[1])		},
 	{ RESERVED_BYTE,	offsetof(private_transform_substructure_t, reserved[2])		},
 	/* Attributes in a transform attribute list */
-	{ PAYLOAD_LIST + TRANSFORM_ATTRIBUTE_V1,
+	{ PAYLOAD_LIST + PLV1_TRANSFORM_ATTRIBUTE,
 						offsetof(private_transform_substructure_t, attributes)		}
 };
 
@@ -142,7 +142,7 @@ METHOD(payload_t, verify, status_t,
 	enumerator_t *enumerator;
 	payload_t *attribute;
 
-	if (this->next_payload != NO_PAYLOAD && this->next_payload != 3)
+	if (this->next_payload != PL_NONE && this->next_payload != 3)
 	{
 		DBG1(DBG_ENC, "inconsistent next payload");
 		return FAILED;
@@ -167,7 +167,7 @@ METHOD(payload_t, verify, status_t,
 METHOD(payload_t, get_encoding_rules, int,
 	private_transform_substructure_t *this, encoding_rule_t **rules)
 {
-	if (this->type == TRANSFORM_SUBSTRUCTURE)
+	if (this->type == PLV2_TRANSFORM_SUBSTRUCTURE)
 	{
 		*rules = encodings_v2;
 		return countof(encodings_v2);
@@ -244,7 +244,7 @@ METHOD(transform_substructure_t, get_transform_type_or_number, u_int8_t,
 METHOD(transform_substructure_t, get_transform_id, u_int16_t,
 	private_transform_substructure_t *this)
 {
-	if (this->type == TRANSFORM_SUBSTRUCTURE)
+	if (this->type == PLV2_TRANSFORM_SUBSTRUCTURE)
 	{
 		return this->transform_id_v2;
 	}
@@ -291,7 +291,7 @@ transform_substructure_t *transform_substructure_create(payload_type_t type)
 			.create_attribute_enumerator = _create_attribute_enumerator,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.transform_length = get_header_length(this),
 		.attributes = linked_list_create(),
 		.type = type,
@@ -310,7 +310,7 @@ transform_substructure_t *transform_substructure_create_type(payload_type_t type
 	this = (private_transform_substructure_t*)transform_substructure_create(type);
 
 	this->transform_ton = type_or_number;
-	if (type == TRANSFORM_SUBSTRUCTURE)
+	if (type == PLV2_TRANSFORM_SUBSTRUCTURE)
 	{
 		this->transform_id_v2 = id;
 	}

src/libcharon/encoding/payloads/transform_substructure.h

@@ -97,7 +97,7 @@ struct transform_substructure_t {
 /**
  * Creates an empty transform_substructure_t object.
  *
- * @param type			TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+ * @param type			PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
  * @return				created transform_substructure_t object
  */
 transform_substructure_t *transform_substructure_create(payload_type_t type);
@@ -105,7 +105,7 @@ transform_substructure_t *transform_substructure_create(payload_type_t type);
 /**
  * Creates an empty transform_substructure_t object.
  *
- * @param type				TRANSFORM_SUBSTRUCTURE or TRANSFORM_SUBSTRUCTURE_V1
+ * @param type				PLV2_TRANSFORM_SUBSTRUCTURE or PLV1_TRANSFORM_SUBSTRUCTURE
  * @param type_or_number	Type (IKEv2) or number (IKEv1) of transform
  * @param id				transform id specifc for the transform type
  * @return					transform_substructure_t object

src/libcharon/encoding/payloads/ts_payload.c

@@ -103,7 +103,7 @@ static encoding_rule_t encodings[] = {
 	{ RESERVED_BYTE,	offsetof(private_ts_payload_t, reserved_byte[1])},
 	{ RESERVED_BYTE,	offsetof(private_ts_payload_t, reserved_byte[2])},
 	/* wrapped list of traffic selectors substructures */
-	{ PAYLOAD_LIST + TRAFFIC_SELECTOR_SUBSTRUCTURE,
+	{ PAYLOAD_LIST + PLV2_TRAFFIC_SELECTOR_SUBSTRUCTURE,
 						offsetof(private_ts_payload_t, substrs)			},
 };
 
@@ -164,9 +164,9 @@ METHOD(payload_t, get_type, payload_type_t,
 {
 	if (this->is_initiator)
 	{
-		return TRAFFIC_SELECTOR_INITIATOR;
+		return PLV2_TS_INITIATOR;
 	}
-	return TRAFFIC_SELECTOR_RESPONDER;
+	return PLV2_TS_RESPONDER;
 }
 
 METHOD(payload_t, get_next_type, payload_type_t,
@@ -269,7 +269,7 @@ ts_payload_t *ts_payload_create(bool is_initiator)
 			.get_traffic_selectors = _get_traffic_selectors,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.is_initiator = is_initiator,
 		.substrs = linked_list_create(),

src/libcharon/encoding/payloads/unknown_payload.c

@@ -184,7 +184,7 @@ unknown_payload_t *unknown_payload_create(payload_type_t type)
 			.get_data = _get_data,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this),
 		.type = type,
 	);

src/libcharon/encoding/payloads/vendor_id_payload.c

@@ -178,7 +178,7 @@ vendor_id_payload_t *vendor_id_payload_create_data(payload_type_t type,
 			.get_data = _get_data,
 			.destroy = _destroy,
 		},
-		.next_payload = NO_PAYLOAD,
+		.next_payload = PL_NONE,
 		.payload_length = get_header_length(this) + data.len,
 		.data = data,
 		.type = type,

src/libcharon/encoding/payloads/vendor_id_payload.h

@@ -55,7 +55,7 @@ struct vendor_id_payload_t {
 /**
  * Creates an empty Vendor ID payload for IKEv1 or IKEv2.
  *
- * @@param type		VENDOR_ID or VENDOR_ID_V1
+ * @@param type		PLV2_VENDOR_ID or PLV1_VENDOR_ID
  * @return			vendor ID payload
  */
 vendor_id_payload_t *vendor_id_payload_create(payload_type_t type);
@@ -63,7 +63,7 @@ vendor_id_payload_t *vendor_id_payload_create(payload_type_t type);
 /**
  * Creates a vendor ID payload using a chunk of data
  *
- * @param type		VENDOR_ID or VENDOR_ID_V1
+ * @param type		PLV2_VENDOR_ID or PLV1_VENDOR_ID
  * @param data		data to use in vendor ID payload, gets owned by payload
  * @return			vendor ID payload
  */

src/libcharon/network/receiver.c

@@ -271,7 +271,7 @@ static bool check_cookie(private_receiver_t *this, message_t *message)
 	if (data.len <
 		 IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
 		 sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
-		*(data.ptr + 16) != NOTIFY ||
+		*(data.ptr + 16) != PLV2_NOTIFY ||
 		*(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
 	{
 		/* no cookie found */

src/libcharon/plugins/addrblock/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-addrblock.la

src/libcharon/plugins/android_dns/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-android-dns.la

src/libcharon/plugins/android_log/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-android-log.la

src/libcharon/plugins/certexpire/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-DIPSEC_PIDDIR=\"${piddir}\"
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-certexpire.la

src/libcharon/plugins/coupling/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-coupling.la

src/libcharon/plugins/dhcp/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-dhcp.la

src/libcharon/plugins/dnscert/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-dnscert.la

src/libcharon/plugins/duplicheck/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-DIPSEC_PIDDIR=\"${piddir}\"
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-duplicheck.la

src/libcharon/plugins/eap_aka/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-aka.la

src/libcharon/plugins/eap_aka_3gpp2/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 libstrongswan_eap_aka_3gpp2_la_LDFLAGS = -module -avoid-version
 libstrongswan_eap_aka_3gpp2_la_LIBADD = -lgmp

src/libcharon/plugins/eap_dynamic/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-dynamic.la

src/libcharon/plugins/eap_gtc/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-gtc.la

src/libcharon/plugins/eap_gtc/eap_gtc.c

@@ -161,11 +161,11 @@ METHOD(eap_method_t, process_server, status_t,
 	{
 		/* assume that "out" contains username/password attributes */
 		co->destroy(co);
-		ci = cp_payload_create_type(CONFIGURATION_V1, CFG_REPLY);
+		ci = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REPLY);
 		ci->add_attribute(ci, configuration_attribute_create_chunk(
-					CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, user));
+					PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, user));
 		ci->add_attribute(ci, configuration_attribute_create_chunk(
-					CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_PASSWORD, pass));
+					PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_PASSWORD, pass));
 		switch (xauth->process(xauth, ci, &co))
 		{
 			case SUCCESS:

src/libcharon/plugins/eap_identity/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS =  \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-identity.la

src/libcharon/plugins/eap_md5/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-md5.la

src/libcharon/plugins/eap_mschapv2/Makefile.am

@@ -4,7 +4,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libcharon
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-mschapv2.la

src/libcharon/plugins/eap_peap/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libtls
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-peap.la

src/libcharon/plugins/eap_radius/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libradius
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-radius.la

src/libcharon/plugins/eap_radius/eap_radius_forward.c

@@ -232,8 +232,8 @@ static void ike2queue(message_t *message, linked_list_t *queue,
 	enumerator = message->create_payload_enumerator(message);
 	while (enumerator->enumerate(enumerator, &payload))
 	{
-		if (payload->get_type(payload) == NOTIFY ||
-			payload->get_type(payload) == NOTIFY_V1)
+		if (payload->get_type(payload) == PLV2_NOTIFY ||
+			payload->get_type(payload) == PLV1_NOTIFY)
 		{
 			notify = (notify_payload_t*)payload;
 			if (notify->get_notify_type(notify) == RADIUS_ATTRIBUTE)

src/libcharon/plugins/eap_radius/eap_radius_xauth.c

@@ -87,12 +87,12 @@ static bool build_round(private_eap_radius_xauth_t *this, cp_payload_t *cp)
 		return FALSE;
 	}
 	cp->add_attribute(cp, configuration_attribute_create_chunk(
-					CONFIGURATION_ATTRIBUTE_V1, this->round.type, chunk_empty));
+					PLV1_CONFIGURATION_ATTRIBUTE, this->round.type, chunk_empty));
 
 	if (this->round.message && strlen(this->round.message))
 	{
 		cp->add_attribute(cp, configuration_attribute_create_chunk(
-					CONFIGURATION_ATTRIBUTE_V1, XAUTH_MESSAGE,
+					PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_MESSAGE,
 					chunk_from_str(this->round.message)));
 	}
 	return TRUE;
@@ -103,10 +103,10 @@ METHOD(xauth_method_t, initiate, status_t,
 {
 	cp_payload_t *cp;
 
-	cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+	cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
 	/* first message always comes with username */
 	cp->add_attribute(cp, configuration_attribute_create_chunk(
-				CONFIGURATION_ATTRIBUTE_V1, XAUTH_USER_NAME, chunk_empty));
+				PLV1_CONFIGURATION_ATTRIBUTE, XAUTH_USER_NAME, chunk_empty));
 
 	if (build_round(this, cp))
 	{
@@ -211,7 +211,7 @@ METHOD(xauth_method_t, process, status_t,
 	{
 		return verify_radius(this);
 	}
-	cp = cp_payload_create_type(CONFIGURATION_V1, CFG_REQUEST);
+	cp = cp_payload_create_type(PLV1_CONFIGURATION, CFG_REQUEST);
 	if (build_round(this, cp))
 	{
 		*out = cp;

src/libcharon/plugins/eap_sim/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-sim.la

src/libcharon/plugins/eap_sim_file/Makefile.am

@@ -6,7 +6,7 @@ AM_CPPFLAGS = \
 	-DIPSEC_CONFDIR=\"${sysconfdir}\"
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-sim-file.la

src/libcharon/plugins/eap_sim_pcsc/Makefile.am

@@ -6,7 +6,7 @@ AM_CPPFLAGS = \
 
 AM_CFLAGS = \
 	${pcsclite_CFLAGS} \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 libstrongswan_eap_sim_pcsc_la_LDFLAGS = -module -avoid-version
 libstrongswan_eap_sim_pcsc_la_LIBADD  = ${pcsclite_LIBS}

src/libcharon/plugins/eap_simaka_pseudonym/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-simaka-pseudonym.la

src/libcharon/plugins/eap_simaka_reauth/Makefile.am

@@ -5,7 +5,7 @@ AM_CPPFLAGS = \
 	-I$(top_srcdir)/src/libsimaka
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-simaka-reauth.la

src/libcharon/plugins/eap_simaka_sql/Makefile.am

@@ -6,7 +6,7 @@ AM_CPPFLAGS = \
 	-DIPSEC_CONFDIR=\"${sysconfdir}\"
 
 AM_CFLAGS = \
-	-rdynamic
+	$(PLUGIN_CFLAGS)
 
 if MONOLITHIC
 noinst_LTLIBRARIES = libstrongswan-eap-simaka-sql.la