/usr/src/sbin/isakmpd/message.c

Bug Summary

File:	src/sbin/isakmpd/message.c
Warning:	line 2159, column 16 Assigned value is garbage or undefined
Annotated Source Code

Press '?' to see keyboard shortcuts
Show analyzer invocation
clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name message.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/sbin/isakmpd/obj -resource-dir /usr/local/lib/clang/13.0.0 -I /usr/src/sbin/isakmpd -I . -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/sbin/isakmpd/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/sbin/isakmpd/message.c
1/* $OpenBSD: message.c,v 1.129 2016/04/04 17:35:07 yasuoka Exp $	 */
2/* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $	 */

4/*
* Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist.  All rights reserved.
* Copyright (c) 1999 Angelos D. Keromytis.  All rights reserved.
* Copyright (c) 1999, 2000, 2001, 2004 Håkan Olsson.  All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
*    notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
*    notice, this list of conditions and the following disclaimer in the
*    documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

30/*
* This code was written under funding by Ericsson Radio Systems.
*/

34#include <sys/types.h>
35#include <sys/socket.h>
36#include <netinet/in.h>
37#include <arpa/inet.h>
38#include <stdlib.h>
39#include <string.h>

41#include "attribute.h"
42#include "cert.h"
43#include "constants.h"
44#include "crypto.h"
45#include "doi.h"
46#include "dpd.h"
47#include "exchange.h"
48#include "field.h"
49#include "hash.h"
50#include "ipsec.h"
51#include "ipsec_num.h"
52#include "isakmp.h"
53#include "log.h"
54#include "message.h"
55#include "nat_traversal.h"
56#include "prf.h"
57#include "sa.h"
58#include "timer.h"
59#include "transport.h"
60#include "util.h"
61#include "vendor.h"
62#include "virtual.h"

64/* A local set datatype, coincidentally fd_set suits our purpose fine.  */
65typedef fd_set  set;
66#define ISSETFD_ISSET FD_ISSET
67#define SETFD_SET FD_SET
68#define ZEROFD_ZERO FD_ZERO

70static int      message_check_duplicate(struct message *);
71static int      message_encrypt(struct message *);
72static int	message_index_payload(struct message *, struct payload *,
    u_int8_t ,u_int8_t *);
74static int	message_parse_transform(struct message *, struct payload *,
    u_int8_t, u_int8_t *);
76static struct field *message_get_field(u_int8_t);
77static int	message_validate_payload(struct message *, struct payload *,
    u_int8_t);
79static u_int16_t message_payload_sz(u_int8_t);
80static int      message_validate_attribute(struct message *, struct payload *);
81static int      message_validate_cert(struct message *, struct payload *);
82static int      message_validate_cert_req(struct message *, struct payload *);
83static int      message_validate_delete(struct message *, struct payload *);
84static int      message_validate_hash(struct message *, struct payload *);
85static int      message_validate_id(struct message *, struct payload *);
86static int      message_validate_key_exch(struct message *, struct payload *);
87static int      message_validate_nat_d(struct message *, struct payload *);
88static int      message_validate_nat_oa(struct message *, struct payload *);
89static int      message_validate_nonce(struct message *, struct payload *);
90static int      message_validate_notify(struct message *, struct payload *);
91static int      message_validate_proposal(struct message *, struct payload *);
92static int      message_validate_sa(struct message *, struct payload *);
93static int      message_validate_sig(struct message *, struct payload *);
94static int      message_validate_transform(struct message *, struct payload *);
95static int      message_validate_vendor(struct message *, struct payload *);

97static void     message_packet_log(struct message *);

99/*
* Fields used for checking monotonic increasing of proposal and transform
* numbers.
*/
103static u_int8_t *last_sa = 0;
104static u_int32_t last_prop_no;
105static u_int8_t *last_prop = 0;
106static u_int32_t last_xf_no;

108/*
* Allocate a message structure bound to transport T, and with a first
* segment buffer sized SZ, copied from BUF if given.
*/
112struct message *
113message_alloc(struct transport *t, u_int8_t *buf, size_t sz)
114{
struct message *msg;
int             i;

/*
* We use calloc(3) because it zeroes the structure which we rely on in
* message_free when determining what sub-allocations to free.
*/
msg = calloc(1, sizeof *msg);
if (!msg)
return 0;
msg->iov = calloc(1, sizeof *msg->iov);
if (!msg->iov) {
message_free(msg);
return 0;
}
msg->iov[0].iov_len = sz;
msg->iov[0].iov_base = malloc(sz);
if (!msg->iov[0].iov_base) {
message_free(msg);
return 0;
}
msg->iovlen = 1;
if (buf)
memcpy(msg->iov[0].iov_base, buf, sz);
msg->nextp = (u_int8_t *)msg->iov[0].iov_base +
   ISAKMP_HDR_NEXT_PAYLOAD_OFF16;
msg->transport = t;
transport_reference(t);
msg->payload = calloc(ISAKMP_PAYLOAD_MAX255, sizeof *msg->payload);
if (!msg->payload) {
message_free(msg);
return 0;
}
for (i = 0; i < ISAKMP_PAYLOAD_MAX255; i++)
TAILQ_INIT(&msg->payload[i])do { (&msg->payload[i])->tqh_first = ((void*)0); (&
msg->payload[i])->tqh_last = &(&msg->payload
[i])->tqh_first; } while (0);
TAILQ_INIT(&msg->post_send)do { (&msg->post_send)->tqh_first = ((void*)0); (&
msg->post_send)->tqh_last = &(&msg->post_send
)->tqh_first; } while (0);
LOG_DBG((LOG_MESSAGE, 90, "message_alloc: allocated %p", msg))log_debug (LOG_MESSAGE, 90, "message_alloc: allocated %p", msg
);
return msg;
153}

155/*
* Allocate a message suitable for a reply to MSG.  Just allocate an empty
* ISAKMP header as the first segment.
*/
159struct message *
160message_alloc_reply(struct message *msg)
161{
struct message *reply;

reply = message_alloc(msg->transport, 0, ISAKMP_HDR_SZ28);
reply->exchange = msg->exchange;
reply->isakmp_sa = msg->isakmp_sa;
reply->flags = msg->flags;
if (msg->isakmp_sa)
sa_reference(msg->isakmp_sa);
return reply;
171}

173/* Free up all resources used by the MSG message.  */
174void
175message_free(struct message *msg)
176{
u_int32_t       i;
struct payload *payload;
struct post_send *node;

LOG_DBG((LOG_MESSAGE, 20, "message_free: freeing %p", msg))log_debug (LOG_MESSAGE, 20, "message_free: freeing %p", msg);
if (!msg)
return;
if (msg->iov) {
if (msg->orig && msg->orig != (u_int8_t *)msg->iov[0].iov_base)
	free(msg->orig);
for (i = 0; i < msg->iovlen; i++)
	free(msg->iov[i].iov_base);
free(msg->iov);
}
if (msg->retrans)
timer_remove_event(msg->retrans);
if (msg->payload) {
for (i = 0; i < ISAKMP_PAYLOAD_MAX255; i++)
	while ((payload = TAILQ_FIRST(&msg->payload[i])((&msg->payload[i])->tqh_first))) {
		TAILQ_REMOVE(&msg->payload[i], payload, link)do { if (((payload)->link.tqe_next) != ((void*)0)) (payload
)->link.tqe_next->link.tqe_prev = (payload)->link.tqe_prev
; else (&msg->payload[i])->tqh_last = (payload)->
link.tqe_prev; *(payload)->link.tqe_prev = (payload)->link
.tqe_next; ; ; } while (0);
		free(payload);
	}
free(msg->payload);
}
while ((node = TAILQ_FIRST(&msg->post_send)((&msg->post_send)->tqh_first)))
TAILQ_REMOVE(&msg->post_send, node, link)do { if (((node)->link.tqe_next) != ((void*)0)) (node)->
link.tqe_next->link.tqe_prev = (node)->link.tqe_prev; else
 (&msg->post_send)->tqh_last = (node)->link.tqe_prev
; *(node)->link.tqe_prev = (node)->link.tqe_next; ; ; }
 while (0);
if (msg->transport) {
/* If we are on the send queue, remove us from there.  */
if (msg->flags & MSG_IN_TRANSIT0x04)
	TAILQ_REMOVE(msg->transport->vtbl->get_queue(msg),do { if (((msg)->link.tqe_next) != ((void*)0)) (msg)->link
.tqe_next->link.tqe_prev = (msg)->link.tqe_prev; else (
msg->transport->vtbl->get_queue(msg))->tqh_last =
 (msg)->link.tqe_prev; *(msg)->link.tqe_prev = (msg)->
link.tqe_next; ; ; } while (0)
	    msg, link)do { if (((msg)->link.tqe_next) != ((void*)0)) (msg)->link
.tqe_next->link.tqe_prev = (msg)->link.tqe_prev; else (
msg->transport->vtbl->get_queue(msg))->tqh_last =
 (msg)->link.tqe_prev; *(msg)->link.tqe_prev = (msg)->
link.tqe_next; ; ; } while (0);

transport_release(msg->transport);
}

if (msg->isakmp_sa)
sa_release(msg->isakmp_sa);

free(msg);
216}

218/*
* Generic ISAKMP parser.
* MSG is the ISAKMP message to be parsed.  NEXT is the type of the first
* payload to be parsed, and it's pointed to by BUF.  ACCEPTED_PAYLOADS
* tells what payloads are accepted and FUNC is a pointer to a function
* to be called for each payload found, which is also responsible for
* freeing the passed ISAKMP message in the failure case.
* Returns the total length of the parsed payloads.
*/
227static int
228message_parse_payloads(struct message *msg, struct payload *p, u_int8_t next,
  u_int8_t *buf, set *accepted_payloads, int (*func)(struct message *,
  struct payload *, u_int8_t, u_int8_t *))
231{
u_int8_t        payload;
u_int16_t       len;
int             sz = 0;

do {
LOG_DBG((LOG_MESSAGE, 50,log_debug (LOG_MESSAGE, 50, "message_parse_payloads: offset %ld payload %s"
, (long)(buf - (u_int8_t *) msg->iov[0].iov_base), constant_name
(isakmp_payload_cst, next))
	 "message_parse_payloads: offset %ld payload %s",log_debug (LOG_MESSAGE, 50, "message_parse_payloads: offset %ld payload %s"
, (long)(buf - (u_int8_t *) msg->iov[0].iov_base), constant_name
(isakmp_payload_cst, next))
	 (long)(buf - (u_int8_t *) msg->iov[0].iov_base),log_debug (LOG_MESSAGE, 50, "message_parse_payloads: offset %ld payload %s"
, (long)(buf - (u_int8_t *) msg->iov[0].iov_base), constant_name
(isakmp_payload_cst, next))
	 constant_name(isakmp_payload_cst, next)))log_debug (LOG_MESSAGE, 50, "message_parse_payloads: offset %ld payload %s"
, (long)(buf - (u_int8_t *) msg->iov[0].iov_base), constant_name
(isakmp_payload_cst, next));

/* Does this payload's header fit?  */
if (buf + ISAKMP_GEN_SZ4 > (u_int8_t *)msg->iov[0].iov_base +
    msg->iov[0].iov_len) {
	log_print("message_parse_payloads: short message");
	message_drop(msg,
	    ISAKMP_NOTIFY_UNEQUAL_PAYLOAD_LENGTHS30, 0, 1, 1);
	return -1;
}
/* Ponder on the payload that is at BUF...  */
payload = next;

/* Look at the next payload's type.  */
next = GET_ISAKMP_GEN_NEXT_PAYLOAD(buf)field_get_num (isakmp_gen_fld + 0, buf);
if (next >= ISAKMP_PAYLOAD_RESERVED_MIN22 &&
    next <= ISAKMP_PAYLOAD_RESERVED_MAX127) {
	log_print("message_parse_payloads: invalid next "
	    "payload type %s in payload of type %d",
	    constant_name(isakmp_payload_cst, next), payload);
	message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1,
	    0, 1, 1);
	return -1;
}
/* Reserved fields in ISAKMP messages should be zero.  */
if (GET_ISAKMP_GEN_RESERVED(buf)field_get_num (isakmp_gen_fld + 1, buf) != 0) {
	log_print("message_parse_payloads: reserved field "
	    "non-zero: %x", GET_ISAKMP_GEN_RESERVED(buf)field_get_num (isakmp_gen_fld + 1, buf));
	message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16,
	    0, 1, 1);
	return -1;
}
/*
 * Decode and validate the payload length field.
 */
len = GET_ISAKMP_GEN_LENGTH(buf)field_get_num (isakmp_gen_fld + 2, buf);

if (message_payload_sz(payload) == 0) {
	log_print("message_parse_payloads: unknown minimum "
	    "payload size for payload type %s",
	    constant_name(isakmp_payload_cst, payload));
	message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16,
	    0, 1, 1);
	return -1;
}
if (len < message_payload_sz(payload)) {
	log_print("message_parse_payloads: payload too "
	    "short: %u", len);
	message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16,
	    0, 1, 1);
	return -1;
}
if (buf + len > (u_int8_t *)msg->iov[0].iov_base +
    msg->iov[0].iov_len) {
	log_print("message_parse_payloads: payload too "
	    "long: %u", len);
	message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16,
	    0, 1, 1);
	return -1;
}
/* Ignore most private payloads.  */
if (next >= ISAKMP_PAYLOAD_PRIVATE_MIN128 &&
    next != ISAKMP_PAYLOAD_NAT_D_DRAFT130 &&
    next != ISAKMP_PAYLOAD_NAT_OA_DRAFT131) {
	LOG_DBG((LOG_MESSAGE, 30, "message_parse_payloads: "log_debug (LOG_MESSAGE, 30, "message_parse_payloads: " "private next payload type %s in payload of "
 "type %d ignored", constant_name(isakmp_payload_cst, next), payload
)
	    "private next payload type %s in payload of "log_debug (LOG_MESSAGE, 30, "message_parse_payloads: " "private next payload type %s in payload of "
 "type %d ignored", constant_name(isakmp_payload_cst, next), payload
)
	    "type %d ignored",log_debug (LOG_MESSAGE, 30, "message_parse_payloads: " "private next payload type %s in payload of "
 "type %d ignored", constant_name(isakmp_payload_cst, next), payload
)
	    constant_name(isakmp_payload_cst, next), payload))log_debug (LOG_MESSAGE, 30, "message_parse_payloads: " "private next payload type %s in payload of "
 "type %d ignored", constant_name(isakmp_payload_cst, next), payload
);
	goto next_payload;
}
/*
 * Check if the current payload is one of the accepted ones at
 * this stage.
 */
if (!ISSET(payload, accepted_payloads)__fd_isset((payload), (accepted_payloads))) {
	log_print("message_parse_payloads: payload type %s "
	    "unexpected", constant_name(isakmp_payload_cst,
		payload));
	message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1,
	    0, 1, 1);
	return -1;
}
/* Call the payload handler specified by the caller.  */
if (func(msg, p, payload, buf))
	return -1;

326next_payload:
/* Advance to next payload.  */
buf += len;
sz += len;
} while (next != ISAKMP_PAYLOAD_NONE0);
return sz;
332}

334/*
* Parse a proposal payload found in message MSG.  PAYLOAD is always
* ISAKMP_PAYLOAD_PROPOSAL and ignored in here.  It's needed as the API for
* message_parse_payloads requires it.  BUF points to the proposal's
* generic payload header.
*/
340static int
341message_parse_proposal(struct message *msg, struct payload *p,
  u_int8_t payload, u_int8_t *buf)
343{
set	payload_set;

/* Put the proposal into the proposal bucket.  */
if (message_index_payload(msg, p, payload, buf) == -1)
return -1;

ZERO(&payload_set)do { fd_set *_p = (&payload_set); __size_t _n = (((1024) +
 ((((unsigned)(sizeof(__fd_mask) * 8))) - 1)) / (((unsigned)(
sizeof(__fd_mask) * 8)))); while (_n > 0) _p->fds_bits[
--_n] = 0; } while (0);
SET(ISAKMP_PAYLOAD_TRANSFORM, &payload_set)__fd_set((3), (&payload_set));
if (message_parse_payloads(msg,
   TAILQ_LAST(&msg->payload[ISAKMP_PAYLOAD_PROPOSAL], payload_head)(*(((struct payload_head *)((&msg->payload[2])->tqh_last
))->tqh_last)),
   ISAKMP_PAYLOAD_TRANSFORM3, buf + ISAKMP_PROP_SPI_OFF8 +
   GET_ISAKMP_PROP_SPI_SZ(buf)field_get_num (isakmp_prop_fld + 2, buf), &payload_set, message_parse_transform)
   == -1)
return -1;

return 0;
360}

362static int
363message_parse_transform(struct message *msg, struct payload *p,
  u_int8_t payload, u_int8_t *buf)
365{
/* Put the transform into the transform bucket.  */
if (message_index_payload(msg, p, payload, buf) == -1)
return -1;

LOG_DBG((LOG_MESSAGE, 50, "Transform %d's attributes",log_debug (LOG_MESSAGE, 50, "Transform %d's attributes", field_get_num
 (isakmp_transform_fld + 0, buf))
   GET_ISAKMP_TRANSFORM_NO(buf)))log_debug (LOG_MESSAGE, 50, "Transform %d's attributes", field_get_num
 (isakmp_transform_fld + 0, buf));
attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
   GET_ISAKMP_GEN_LENGTH(buf)field_get_num (isakmp_gen_fld + 2, buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
   msg->exchange->doi->debug_attribute, msg);

return 0;
377}

379static struct field *
380message_get_field(u_int8_t payload)
381{
switch (payload) {
case ISAKMP_PAYLOAD_SA1:
return isakmp_sa_fld;
case ISAKMP_PAYLOAD_PROPOSAL2:
return isakmp_prop_fld;
case ISAKMP_PAYLOAD_TRANSFORM3:
return isakmp_transform_fld;
case ISAKMP_PAYLOAD_KEY_EXCH4:
return isakmp_ke_fld;
case ISAKMP_PAYLOAD_ID5:
return isakmp_id_fld;
case ISAKMP_PAYLOAD_CERT6:
return isakmp_cert_fld;
case ISAKMP_PAYLOAD_CERT_REQ7:
return isakmp_certreq_fld;
case ISAKMP_PAYLOAD_HASH8:
return isakmp_hash_fld;
case ISAKMP_PAYLOAD_SIG9:
return isakmp_sig_fld;
case ISAKMP_PAYLOAD_NONCE10:
return isakmp_nonce_fld;
case ISAKMP_PAYLOAD_NOTIFY11:
return isakmp_notify_fld;
case ISAKMP_PAYLOAD_DELETE12:
return isakmp_delete_fld;
case ISAKMP_PAYLOAD_VENDOR13:
return isakmp_vendor_fld;
case ISAKMP_PAYLOAD_ATTRIBUTE14:
return isakmp_attribute_fld;
case ISAKMP_PAYLOAD_NAT_D20:
case ISAKMP_PAYLOAD_NAT_D_DRAFT130:
return isakmp_nat_d_fld;
case ISAKMP_PAYLOAD_NAT_OA21:
case ISAKMP_PAYLOAD_NAT_OA_DRAFT131:
return isakmp_nat_oa_fld;
/* Not yet supported and any other unknown payloads. */
case ISAKMP_PAYLOAD_SAK15:
case ISAKMP_PAYLOAD_SAT16:
case ISAKMP_PAYLOAD_KD17:
case ISAKMP_PAYLOAD_SEQ18:
case ISAKMP_PAYLOAD_POP19:
default:
break;
}
return NULL((void*)0);
427}

429static int
430message_validate_payload(struct message *m, struct payload *p, u_int8_t payload)
431{
switch (payload) {
case ISAKMP_PAYLOAD_SA1:
return message_validate_sa(m, p);
case ISAKMP_PAYLOAD_PROPOSAL2:
return message_validate_proposal(m, p);
case ISAKMP_PAYLOAD_TRANSFORM3:
return message_validate_transform(m, p);
case ISAKMP_PAYLOAD_KEY_EXCH4:
return message_validate_key_exch(m, p);
case ISAKMP_PAYLOAD_ID5:
return message_validate_id(m, p);
case ISAKMP_PAYLOAD_CERT6:
return message_validate_cert(m, p);
case ISAKMP_PAYLOAD_CERT_REQ7:
return message_validate_cert_req(m, p);
case ISAKMP_PAYLOAD_HASH8:
return message_validate_hash(m, p);
case ISAKMP_PAYLOAD_SIG9:
return message_validate_sig(m, p);
case ISAKMP_PAYLOAD_NONCE10:
return message_validate_nonce(m, p);
case ISAKMP_PAYLOAD_NOTIFY11:
return message_validate_notify(m, p);
case ISAKMP_PAYLOAD_DELETE12:
return message_validate_delete(m, p);
case ISAKMP_PAYLOAD_VENDOR13:
return message_validate_vendor(m, p);
case ISAKMP_PAYLOAD_ATTRIBUTE14:
return message_validate_attribute(m, p);
case ISAKMP_PAYLOAD_NAT_D20:
case ISAKMP_PAYLOAD_NAT_D_DRAFT130:
return message_validate_nat_d(m, p);
case ISAKMP_PAYLOAD_NAT_OA21:
case ISAKMP_PAYLOAD_NAT_OA_DRAFT131:
return message_validate_nat_oa(m, p);
/* Not yet supported and any other unknown payloads. */
case ISAKMP_PAYLOAD_SAK15:
case ISAKMP_PAYLOAD_SAT16:
case ISAKMP_PAYLOAD_KD17:
case ISAKMP_PAYLOAD_SEQ18:
case ISAKMP_PAYLOAD_POP19:
default:
break;
}
message_drop(m, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1, 0, 1, 1);
return -1;
478}

480/* Check payloads for their required minimum size. */
481static u_int16_t
482message_payload_sz(u_int8_t payload)
483{
switch (payload) {
case ISAKMP_PAYLOAD_SA1:
return ISAKMP_SA_SZ8;
case ISAKMP_PAYLOAD_PROPOSAL2:
return ISAKMP_PROP_SZ8;
case ISAKMP_PAYLOAD_TRANSFORM3:
return ISAKMP_TRANSFORM_SZ8;
case ISAKMP_PAYLOAD_KEY_EXCH4:
return ISAKMP_KE_SZ4;
case ISAKMP_PAYLOAD_ID5:
return ISAKMP_ID_SZ8;
case ISAKMP_PAYLOAD_CERT6:
return ISAKMP_CERT_SZ5;
case ISAKMP_PAYLOAD_CERT_REQ7:
return ISAKMP_CERTREQ_SZ5;
case ISAKMP_PAYLOAD_HASH8:
return ISAKMP_HASH_SZ4;
case ISAKMP_PAYLOAD_SIG9:
return ISAKMP_SIG_SZ4;
case ISAKMP_PAYLOAD_NONCE10:
return ISAKMP_NONCE_SZ4;
case ISAKMP_PAYLOAD_NOTIFY11:
return ISAKMP_NOTIFY_SZ12;
case ISAKMP_PAYLOAD_DELETE12:
return ISAKMP_DELETE_SZ12;
case ISAKMP_PAYLOAD_VENDOR13:
return ISAKMP_VENDOR_SZ4;
case ISAKMP_PAYLOAD_ATTRIBUTE14:
return ISAKMP_ATTRIBUTE_SZ8;
case ISAKMP_PAYLOAD_NAT_D20:
case ISAKMP_PAYLOAD_NAT_D_DRAFT130:
return ISAKMP_NAT_D_SZ4;
case ISAKMP_PAYLOAD_NAT_OA21:
case ISAKMP_PAYLOAD_NAT_OA_DRAFT131:
return ISAKMP_NAT_OA_SZ8;
/* Not yet supported and any other unknown payloads. */
case ISAKMP_PAYLOAD_SAK15:
case ISAKMP_PAYLOAD_SAT16:
case ISAKMP_PAYLOAD_KD17:
case ISAKMP_PAYLOAD_SEQ18:
case ISAKMP_PAYLOAD_POP19:
default:
return 0;
}
528}

530/* Validate the attribute payload P in message MSG.  */
531static int
532message_validate_attribute(struct message *msg, struct payload *p)
533{
/* If we don't have an exchange yet, create one.  */
if (!msg->exchange) {
if (zero_test((u_int8_t *) msg->iov[0].iov_base +
    ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4))
	msg->exchange = exchange_setup_p1(msg,
	    IPSEC_DOI_IPSEC1);
else
	msg->exchange = exchange_setup_p2(msg,
	    IPSEC_DOI_IPSEC1);
if (!msg->exchange) {
	log_print("message_validate_attribute: can not "
	    "create exchange");
	message_free(msg);
	return -1;
}
}
return 0;
551}

553/* Validate the certificate payload P in message MSG.  */
554static int
555message_validate_cert(struct message *msg, struct payload *p)
556{
if (GET_ISAKMP_CERT_ENCODING(p->p)field_get_num (isakmp_cert_fld + 0, p->p) >= ISAKMP_CERTENC_RESERVED_MIN14) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING19, 0, 1,
    1);
return -1;
}
return 0;
563}

565/* Validate the certificate request payload P in message MSG.  */
566static int
567message_validate_cert_req(struct message *msg, struct payload *p)
568{
struct cert_handler *cert;
size_t	len =
   GET_ISAKMP_GEN_LENGTH(p->p)field_get_num (isakmp_gen_fld + 2, p->p) - ISAKMP_CERTREQ_AUTHORITY_OFF5;

if (GET_ISAKMP_CERTREQ_TYPE(p->p)field_get_num (isakmp_certreq_fld + 0, p->p) >= ISAKMP_CERTENC_RESERVED_MIN14) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING19, 0, 1,
    1);
return -1;
}
/*
* Check the certificate types we support and if an acceptable
* authority is included in the payload check if it can be decoded
*/
cert = cert_get(GET_ISAKMP_CERTREQ_TYPE(p->p)field_get_num (isakmp_certreq_fld + 0, p->p));
if (!cert || (len && !cert->certreq_validate(p->p +
   ISAKMP_CERTREQ_AUTHORITY_OFF5, len))) {
message_drop(msg, ISAKMP_NOTIFY_CERT_TYPE_UNSUPPORTED21, 0, 1,
    1);
return -1;
}
return 0;
590}

592/*
* Validate the delete payload P in message MSG.  As a side-effect, create
* an exchange if we do not have one already.
*/
596static int
597message_validate_delete(struct message *msg, struct payload *p)
598{
u_int8_t        proto = GET_ISAKMP_DELETE_PROTO(p->p)field_get_num (isakmp_delete_fld + 1, p->p);
struct doi     *doi;
struct sa      *sa, *isakmp_sa;
struct sockaddr *dst, *dst_isa;
u_int32_t       nspis = GET_ISAKMP_DELETE_NSPIS(p->p)field_get_num (isakmp_delete_fld + 3, p->p);
u_int8_t       *spis = (u_int8_t *)p->p + ISAKMP_DELETE_SPI_OFF12;
u_int32_t       i;
char           *addr;

/* Only accept authenticated DELETEs. */
if ((msg->flags & MSG_AUTHENTICATED0x10) == 0) {
log_print("message_validate_delete: "
    "got unauthenticated DELETE");
message_free(msg);
return -1;
}

doi = doi_lookup(GET_ISAKMP_DELETE_DOI(p->p)field_get_num (isakmp_delete_fld + 0, p->p));
if (!doi) {
log_print("message_validate_delete: DOI not supported");
message_free(msg);
return -1;
}
/* If we don't have an exchange yet, create one.  */
if (!msg->exchange) {
if (zero_test((u_int8_t *) msg->iov[0].iov_base
    + ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4))
	msg->exchange = exchange_setup_p1(msg, doi->id);
else
	msg->exchange = exchange_setup_p2(msg, doi->id);
if (!msg->exchange) {
	log_print("message_validate_delete: can not create "
	    "exchange");
	message_free(msg);
	return -1;
}
}
/* Only accept DELETE as part of an INFORMATIONAL exchange. */
if (msg->exchange->type != ISAKMP_EXCH_INFO5) {
log_print("message_validate_delete: delete in exchange other "
    "than INFO: %s", constant_name(isakmp_exch_cst,
    msg->exchange->type));
message_free(msg);
return -1;
}
if (proto != ISAKMP_PROTO_ISAKMP1 && doi->validate_proto(proto)) {
log_print("message_validate_delete: protocol not supported");
message_free(msg);
return -1;
}
/* Validate the SPIs.  */
for (i = 0; i < nspis; i++) {
/* Get ISAKMP SA protecting this message. */
isakmp_sa = msg->isakmp_sa;
if (!isakmp_sa) {
	/* XXX should not happen? */
	log_print("message_validate_delete: invalid spi (no "
	    "valid ISAKMP SA found)");
	message_free(msg);
	return -1;
}
isakmp_sa->transport->vtbl->get_dst(isakmp_sa->transport,
    &dst_isa);

/* Get SA to be deleted. */
msg->transport->vtbl->get_dst(msg->transport, &dst);
if (proto == ISAKMP_PROTO_ISAKMP1)
	sa = sa_lookup_isakmp_sa(dst, spis + i
	    * ISAKMP_HDR_COOKIES_LEN(8 + 8));
else
	sa = ipsec_sa_lookup(dst, ((u_int32_t *) spis)[i],
	    proto);
if (!sa) {
	LOG_DBG((LOG_MESSAGE, 50, "message_validate_delete: "log_debug (LOG_MESSAGE, 50, "message_validate_delete: " "invalid spi (no valid SA found)"
)
	    "invalid spi (no valid SA found)"))log_debug (LOG_MESSAGE, 50, "message_validate_delete: " "invalid spi (no valid SA found)"
);
	message_free(msg);
	return -1;
}
sa->transport->vtbl->get_dst(sa->transport, &dst);

/* Destination addresses must match. */
if (dst->sa_family != dst_isa->sa_family ||
    memcmp(sockaddr_addrdata(dst_isa), sockaddr_addrdata(dst),
    sockaddr_addrlen(dst))) {
	sockaddr2text(dst_isa, &addr, 0);

	log_print("message_validate_delete: invalid spi "
	    "(illegal delete request from %s)", addr);
	free(addr);
	message_free(msg);
	return -1;
}
}

return 0;
694}

696/*
* Validate the hash payload P in message MSG.
*/
699static int
700message_validate_hash(struct message *msg, struct payload *p)
701{
struct sa      *isakmp_sa = msg->isakmp_sa;
struct ipsec_sa *isa;
struct hash    *hash;
struct payload *hashp = payload_first(msg, ISAKMP_PAYLOAD_HASH8);
struct prf     *prf;
u_int8_t       *rest;
u_int8_t        message_id[ISAKMP_HDR_MESSAGE_ID_LEN4];
size_t          rest_len;

/* active exchanges other than INFORMATIONAL validates hash payload. */
if (msg->exchange && (msg->exchange->type != ISAKMP_EXCH_INFO5))
return 0;

if (isakmp_sa == NULL((void*)0))
goto invalid;

isa = isakmp_sa->data;
hash = hash_get(isa->hash);
if (hash == NULL((void*)0))
goto invalid;

/* If no SKEYID_a, we can not do anything (should not happen).  */
if (!isa->skeyid_a)
goto invalid;

/* Allocate the prf and start calculating our HASH(1). */
LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: SKEYID_a",log_debug_buf (LOG_MISC, 90, "message_validate_hash: SKEYID_a"
, isa->skeyid_a, isa->skeyid_len)
   isa->skeyid_a, isa->skeyid_len))log_debug_buf (LOG_MISC, 90, "message_validate_hash: SKEYID_a"
, isa->skeyid_a, isa->skeyid_len);
prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a,
   isa->skeyid_len);
if (!prf) {
message_free(msg);
return -1;
}
/* This is not an active exchange. */
GET_ISAKMP_HDR_MESSAGE_ID(msg->iov[0].iov_base, message_id)field_get_raw (isakmp_hdr_fld + 6, msg->iov[0].iov_base, message_id
);

prf->Init(prf->prfctx);
LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: message_id",log_debug_buf (LOG_MISC, 90, "message_validate_hash: message_id"
, message_id, 4)
   message_id, ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_MISC, 90, "message_validate_hash: message_id"
, message_id, 4);
prf->Update(prf->prfctx, message_id, ISAKMP_HDR_MESSAGE_ID_LEN4);
rest = hashp->p + GET_ISAKMP_GEN_LENGTH(hashp->p)field_get_num (isakmp_gen_fld + 2, hashp->p);
rest_len = (GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base)field_get_num (isakmp_hdr_fld + 7, msg->iov[0].iov_base) - (rest -
   (u_int8_t *)msg->iov[0].iov_base));
LOG_DBG_BUF((LOG_MISC, 90,log_debug_buf (LOG_MISC, 90, "message_validate_hash: payloads after HASH(1)"
, rest, rest_len)
   "message_validate_hash: payloads after HASH(1)", rest, rest_len))log_debug_buf (LOG_MISC, 90, "message_validate_hash: payloads after HASH(1)"
, rest, rest_len);
prf->Update(prf->prfctx, rest, rest_len);
prf->Final(hash->digest, prf->prfctx);
prf_free(prf);

if (memcmp(hashp->p + ISAKMP_HASH_DATA_OFF4, hash->digest,
   hash->hashsize))
goto invalid;

/* Mark the HASH as handled. */
hashp->flags |= PL_MARK1;

/* Mark message as authenticated. */
msg->flags |= MSG_AUTHENTICATED0x10;

return 0;

invalid:
log_print("message_validate_hash: invalid hash information");
message_drop(msg, ISAKMP_NOTIFY_INVALID_HASH_INFORMATION23, 0, 1, 1);
return -1;
768}

770/* Validate the identification payload P in message MSG.  */
771static int
772message_validate_id(struct message *msg, struct payload *p)
773{
struct exchange *exchange = msg->exchange;
size_t          len = GET_ISAKMP_GEN_LENGTH(p->p)field_get_num (isakmp_gen_fld + 2, p->p);

if (!exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_id: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
if (exchange->doi &&
   exchange->doi->validate_id_information(GET_ISAKMP_ID_TYPE(p->p)field_get_num (isakmp_id_fld + 0, p->p),
   p->p + ISAKMP_ID_DOI_DATA_OFF5, p->p + ISAKMP_ID_DATA_OFF8,
   len - ISAKMP_ID_DATA_OFF8, exchange)) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_ID_INFORMATION18, 0, 1,
    1);
return -1;
}
return 0;
792}

794/* Validate the key exchange payload P in message MSG.  */
795static int
796message_validate_key_exch(struct message *msg, struct payload *p)
797{
struct exchange *exchange = msg->exchange;
size_t          len = GET_ISAKMP_GEN_LENGTH(p->p)field_get_num (isakmp_gen_fld + 2, p->p);

if (!exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_key_exch: "
    "payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
if (exchange->doi && exchange->doi->validate_key_information(p->p +
   ISAKMP_KE_DATA_OFF4, len - ISAKMP_KE_DATA_OFF4)) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_KEY_INFORMATION17,
    0, 1, 1);
return -1;
}
return 0;
815}

817/* Validate the NAT-D payload P in message MSG.  */
818static int
819message_validate_nat_d(struct message *msg, struct payload *p)
820{
struct exchange	*exchange = msg->exchange;

if (!exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_nat_d: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}

if (exchange->phase != 1) {
log_print("message_validate_nat_d: "
    "NAT-D payload must be in phase 1");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}

/* Mark as handled.  */
p->flags |= PL_MARK1;

return 0;
841}

843/* Validate the NAT-OA payload P in message MSG.  */
844static int
845message_validate_nat_oa(struct message *msg, struct payload *p)
846{
struct exchange	*exchange = msg->exchange;

if (!exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_nat_d: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}

856#ifdef notyet /* XXX Probably never, due to patent issues.  */
/* Mark as handled.  */
p->flags |= PL_MARK1;
859#endif

return 0;
862}

864/* Validate the nonce payload P in message MSG.  */
865static int
866message_validate_nonce(struct message *msg, struct payload *p)
867{
if (!msg->exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_nonce: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
/* Nonces require no specific validation.  */
return 0;
876}

878/*
* Validate the notify payload P in message MSG.  As a side-effect, create
* an exchange if we do not have one already.
*/
882static int
883message_validate_notify(struct message *msg, struct payload *p)
884{
u_int8_t        proto = GET_ISAKMP_NOTIFY_PROTO(p->p)field_get_num (isakmp_notify_fld + 1, p->p);
u_int16_t       type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p)field_get_num (isakmp_notify_fld + 3, p->p);
struct doi     *doi;

doi = doi_lookup(GET_ISAKMP_NOTIFY_DOI(p->p)field_get_num (isakmp_notify_fld + 0, p->p));
if (!doi) {
log_print("message_validate_notify: DOI not supported");
message_free(msg);
return -1;
}
/* If we don't have an exchange yet, create one.  */
if (!msg->exchange) {
if (zero_test((u_int8_t *) msg->iov[0].iov_base +
    ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4))
	msg->exchange = exchange_setup_p1(msg, doi->id);
else
	msg->exchange = exchange_setup_p2(msg, doi->id);
if (!msg->exchange) {
	log_print("message_validate_notify: can not create "
	    "exchange");
	message_free(msg);
	return -1;
}
}
if (proto != ISAKMP_PROTO_ISAKMP1 && doi->validate_proto(proto)) {
log_print("message_validate_notify: protocol not supported");
message_free(msg);
return -1;
}

/* Validate the SPI. XXX Just ISAKMP for now.  */
if (proto == ISAKMP_PROTO_ISAKMP1 &&
   GET_ISAKMP_NOTIFY_SPI_SZ(p->p)field_get_num (isakmp_notify_fld + 2, p->p) == ISAKMP_HDR_COOKIES_LEN(8 + 8) &&
   msg->isakmp_sa &&
   memcmp(p->p + ISAKMP_NOTIFY_SPI_OFF12, msg->isakmp_sa->cookies,
ISAKMP_HDR_COOKIES_LEN(8 + 8)) != 0) {
log_print("message_validate_notify: bad cookies");
message_drop(msg, ISAKMP_NOTIFY_INVALID_SPI11, 0, 1, 1);
return -1;
}

if (type < ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1 ||
   (type >= ISAKMP_NOTIFY_RESERVED_MIN31 &&
   type < ISAKMP_NOTIFY_PRIVATE_MIN8192) ||
   (type >= ISAKMP_NOTIFY_STATUS_RESERVED1_MIN16385 &&
   type <= ISAKMP_NOTIFY_STATUS_RESERVED1_MAX24575) ||
   (type >= ISAKMP_NOTIFY_STATUS_DOI_MIN24576 &&
   type <= ISAKMP_NOTIFY_STATUS_DOI_MAX32767 &&
   doi->validate_notification(type)) ||
   type >= ISAKMP_NOTIFY_STATUS_RESERVED2_MIN40960) {
log_print("message_validate_notify: "
    "message type not supported");
message_free(msg);
return -1;
}

return 0;
942}

944/* Validate the proposal payload P in message MSG.  */
945static int
946message_validate_proposal(struct message *msg, struct payload *p)
947{
u_int8_t        proto = GET_ISAKMP_PROP_PROTO(p->p)field_get_num (isakmp_prop_fld + 1, p->p);
u_int8_t       *sa = p->context->p;

if (!msg->exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_proposal: "
    "payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
if (proto != ISAKMP_PROTO_ISAKMP1 &&
   msg->exchange->doi->validate_proto(proto)) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_PROTOCOL_ID10, 0, 1, 1);
return -1;
}
/* Check that we get monotonically increasing proposal IDs per SA.  */
if (sa != last_sa)
last_sa = sa;
else if (GET_ISAKMP_PROP_NO(p->p)field_get_num (isakmp_prop_fld + 0, p->p) < last_prop_no) {
message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX15, 0, 1, 1);
return -1;
}
last_prop_no = GET_ISAKMP_PROP_NO(p->p)field_get_num (isakmp_prop_fld + 0, p->p);

/* XXX Validate the SPI, and other syntactic things.  */

return 0;
975}

977/*
* Validate the SA payload P in message MSG.
* Aside from normal validation, note what DOI is in use for other
* validation routines to look at.  Also index the proposal payloads
* on the fly.
* XXX This assumes PAYLOAD_SA is always the first payload
* to be validated, which is true for IKE, except for quick mode where
* a PAYLOAD_HASH comes first, but in that specific case it does not matter.
* XXX Make sure the above comment is relevant, isn't SA always checked
* first due to the IANA assigned payload number?
*/
988static int
989message_validate_sa(struct message *msg, struct payload *p)
990{
set             payload_set;
size_t          len;
u_int32_t       doi_id;
struct exchange *exchange = msg->exchange;
u_int8_t       *pkt = msg->iov[0].iov_base;

doi_id = GET_ISAKMP_SA_DOI(p->p)field_get_num (isakmp_sa_fld + 0, p->p);
if (!doi_lookup(doi_id)) {
log_print("message_validate_sa: DOI not supported");
message_drop(msg, ISAKMP_NOTIFY_DOI_NOT_SUPPORTED2, 0, 1, 1);
return -1;
}
/*
* It's time to figure out what SA this message is about.  If it is
* already set, then we are creating a new phase 1 SA.  Otherwise,
* lookup the SA using the cookies and the message ID.  If we cannot
* find it, and the phase 1 SA is ready, setup a phase 2 SA.
*/
if (!exchange) {
if (zero_test(pkt + ISAKMP_HDR_RCOOKIE_OFF8,
    ISAKMP_HDR_RCOOKIE_LEN8))
	exchange = exchange_setup_p1(msg, doi_id);
else if (msg->isakmp_sa->flags & SA_FLAG_READY0x01)
	exchange = exchange_setup_p2(msg, doi_id);
else {
	/* XXX What to do here?  */
	message_free(msg);
	return -1;
}
if (!exchange) {
	/* XXX Log?  */
	message_free(msg);
	return -1;
}
}
msg->exchange = exchange;

/*
* Create a struct sa for each SA payload handed to us unless we are
* the initiator where we only will count them.
*/
if (exchange->initiator) {
/* XXX Count SA payloads.  */
} else if (sa_create(exchange, msg->transport)) {
/* XXX Remove exchange if we just created it?   */
message_free(msg);
return -1;
}
if (exchange->phase == 1) {
msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first);
if (msg->isakmp_sa)
	sa_reference(msg->isakmp_sa);
}
/*
* Let the DOI validate the situation, at the same time it tells us
* what the length of the situation field is.
*/
if (exchange->doi->validate_situation(p->p + ISAKMP_SA_SIT_OFF8, &len,
   GET_ISAKMP_GEN_LENGTH(p->p)field_get_num (isakmp_gen_fld + 2, p->p) - ISAKMP_SA_SIT_OFF8)) {
log_print("message_validate_sa: situation not supported");
message_drop(msg, ISAKMP_NOTIFY_SITUATION_NOT_SUPPORTED3,
    0, 1, 1);
return -1;
}
/*
* Reset the fields we base our proposal & transform number checks
* on.
*/
last_sa = last_prop = 0;
last_prop_no = last_xf_no = 0;

/* Go through the PROPOSAL payloads.  */
ZERO(&payload_set)do { fd_set *_p = (&payload_set); __size_t _n = (((1024) +
 ((((unsigned)(sizeof(__fd_mask) * 8))) - 1)) / (((unsigned)(
sizeof(__fd_mask) * 8)))); while (_n > 0) _p->fds_bits[
--_n] = 0; } while (0);
SET(ISAKMP_PAYLOAD_PROPOSAL, &payload_set)__fd_set((2), (&payload_set));
if (message_parse_payloads(msg, p, ISAKMP_PAYLOAD_PROPOSAL2,
   p->p + ISAKMP_SA_SIT_OFF8 + len, &payload_set,
   message_parse_proposal) == -1)
return -1;

return 0;
1071}

1073/* Validate the signature payload P in message MSG.  */
1074static int
1075message_validate_sig(struct message *msg, struct payload *p)
1076{
if (!msg->exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_sig: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
/* XXX Not implemented yet.  */
return 0;
1085}

1087/* Validate the transform payload P in message MSG.  */
1088static int
1089message_validate_transform(struct message *msg, struct payload *p)
1090{
u_int8_t        proto = GET_ISAKMP_PROP_PROTO(p->context->p)field_get_num (isakmp_prop_fld + 1, p->context->p);
u_int8_t       *prop = p->context->p;

if (!msg->exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_transform: "
    "payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
if (msg->exchange->doi
   ->validate_transform_id(proto, GET_ISAKMP_TRANSFORM_ID(p->p)field_get_num (isakmp_transform_fld + 1, p->p))) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_TRANSFORM_ID12, 0, 1, 1);
return -1;
}
/* Check that the reserved field is zero.  */
if (!zero_test(p->p + ISAKMP_TRANSFORM_RESERVED_OFF6,
   ISAKMP_TRANSFORM_RESERVED_LEN2)) {
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
/*
* Check that we get monotonically increasing transform numbers per
* proposal.
*/
if (prop != last_prop)
last_prop = prop;
else if (GET_ISAKMP_TRANSFORM_NO(p->p)field_get_num (isakmp_transform_fld + 0, p->p) <= last_xf_no) {
message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX15, 0, 1, 1);
return -1;
}
last_xf_no = GET_ISAKMP_TRANSFORM_NO(p->p)field_get_num (isakmp_transform_fld + 0, p->p);

/* Validate the attributes.  */
if (attribute_map(p->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
   GET_ISAKMP_GEN_LENGTH(p->p)field_get_num (isakmp_gen_fld + 2, p->p) - ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
   msg->exchange->doi->validate_attribute, msg)) {
message_drop(msg, ISAKMP_NOTIFY_ATTRIBUTES_NOT_SUPPORTED13,
    0, 1, 1);
return -1;
}
return 0;
1133}

1135/* Validate the vendor payload P in message MSG.  */
1136static int
1137message_validate_vendor(struct message *msg, struct payload *p)
1138{
if (!msg->exchange) {
/* We should have an exchange at this point.  */
log_print("message_validate_vendor: payload out of sequence");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
return -1;
}
/* Vendor IDs are only allowed in phase 1.  */
if (msg->exchange->phase != 1) {
message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1, 0, 1, 1);
return -1;
}
check_vendor_openbsd(msg, p);
dpd_check_vendor_payload(msg, p);
nat_t_check_vendor_payload(msg, p);
if (!(p->flags & PL_MARK1))
LOG_DBG((LOG_MESSAGE, 40, "message_validate_vendor: "log_debug (LOG_MESSAGE, 40, "message_validate_vendor: " "vendor ID seen"
)
    "vendor ID seen"))log_debug (LOG_MESSAGE, 40, "message_validate_vendor: " "vendor ID seen"
);
return 0;
1157}

1159/*
* Add an index-record pointing to the payload at BUF in message MSG
* to the PAYLOAD bucket of payloads.  This allows us to quickly reference
* payloads by type.  Also stash the parent payload P link into the new
* node so we can go from transforms -> payloads -> SAs.
*/
1165static int
1166message_index_payload(struct message *msg, struct payload *p, u_int8_t payload,
  u_int8_t *buf)
1168{
struct payload *payload_node;

/* Put the payload pointer into the right bucket.  */
payload_node = malloc(sizeof *payload_node);
if (!payload_node) {
message_free(msg);
return -1;
}
payload_node->p = buf;
payload_node->context = p;
payload_node->flags = 0;
TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link)do { (payload_node)->link.tqe_next = ((void*)0); (payload_node
)->link.tqe_prev = (&msg->payload[payload])->tqh_last
; *(&msg->payload[payload])->tqh_last = (payload_node
); (&msg->payload[payload])->tqh_last = &(payload_node
)->link.tqe_next; } while (0);
return 0;
1182}

1184/*
* Group each payload found in MSG by type for easy reference later.
* While doing this, validate the generic parts of the message structure too.
* NEXT is the 1st payload's type.  This routine will also register the
* computed message length (i.e. without padding) in msg->iov[0].iov_len.
*/
1190static int
1191message_sort_payloads(struct message *msg, u_int8_t next)
1192{
set	payload_set;
int	i, sz;

ZERO(&payload_set)do { fd_set *_p = (&payload_set); __size_t _n = (((1024) +
 ((((unsigned)(sizeof(__fd_mask) * 8))) - 1)) / (((unsigned)(
sizeof(__fd_mask) * 8)))); while (_n > 0) _p->fds_bits[
--_n] = 0; } while (0);
for (i = ISAKMP_PAYLOAD_SA1; i < ISAKMP_PAYLOAD_MAX255; i++)
if (i != ISAKMP_PAYLOAD_PROPOSAL2 && i !=
    ISAKMP_PAYLOAD_TRANSFORM3)
	SET(i, &payload_set)__fd_set((i), (&payload_set));
sz = message_parse_payloads(msg, 0, next,
   (u_int8_t *)msg->iov[0].iov_base + ISAKMP_HDR_SZ28, &payload_set,
   message_index_payload);
if (sz == -1)
return -1;
msg->iov[0].iov_len = ISAKMP_HDR_SZ28 + sz;
SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz)field_set_num (isakmp_hdr_fld + 7, msg->iov[0].iov_base, 28
 + sz);
return 0;
1209}

1211/* Run all the generic payload tests that the drafts specify.  */
1212static int
1213message_validate_payloads(struct message *msg)
1214{
int             i;
struct payload *p;
struct field   *f;

for (i = ISAKMP_PAYLOAD_SA1; i < ISAKMP_PAYLOAD_MAX255; i++)
TAILQ_FOREACH(p, &msg->payload[i], link)for((p) = ((&msg->payload[i])->tqh_first); (p) != (
(void*)0); (p) = ((p)->link.tqe_next)) {
	LOG_DBG((LOG_MESSAGE, 60, "message_validate_payloads: "log_debug (LOG_MESSAGE, 60, "message_validate_payloads: " "payload %s at %p of message %p"
, constant_name(isakmp_payload_cst, i), p->p, msg)
	    "payload %s at %p of message %p",log_debug (LOG_MESSAGE, 60, "message_validate_payloads: " "payload %s at %p of message %p"
, constant_name(isakmp_payload_cst, i), p->p, msg)
	    constant_name(isakmp_payload_cst, i), p->p, msg))log_debug (LOG_MESSAGE, 60, "message_validate_payloads: " "payload %s at %p of message %p"
, constant_name(isakmp_payload_cst, i), p->p, msg);
	if ((f = message_get_field(i)) != NULL((void*)0))
		field_dump_payload(f, p->p);
	if (message_validate_payload(msg, p, i))
		return -1;
}
return 0;
1230}

1232/*
* All incoming messages go through here.  We do generic validity checks
* and try to find or establish SAs.  Last but not least we try to find
* the exchange this message, MSG, is part of, and feed it there.
*/
1237int
1238message_recv(struct message *msg)
1239{
u_int8_t       *buf = msg->iov[0].iov_base;
size_t          sz = msg->iov[0].iov_len;
u_int8_t        exch_type;
int             setup_isakmp_sa, msgid_is_zero;
u_int8_t        flags;
struct keystate *ks = 0;
struct proto    tmp_proto;
struct sa       tmp_sa;
struct transport *t;

/* Messages shorter than an ISAKMP header are bad.  */
if (sz < ISAKMP_HDR_SZ28 || sz != GET_ISAKMP_HDR_LENGTH(buf)field_get_num (isakmp_hdr_fld + 7, buf)) {
log_print("message_recv: bad message length");
message_drop(msg, 0, 0, 1, 1);
return -1;
}
/* Possibly dump a raw hex image of the message to the log channel.  */
message_dump_raw("message_recv", msg, LOG_MESSAGE);

/*
* If the responder cookie is zero, this is a request to setup an
* ISAKMP SA.  Otherwise the cookies should refer to an existing
* ISAKMP SA.
*
* XXX This is getting ugly, please reread later to see if it can be
* made nicer.
*/
setup_isakmp_sa = zero_test(buf + ISAKMP_HDR_RCOOKIE_OFF8,
   ISAKMP_HDR_RCOOKIE_LEN8);
if (setup_isakmp_sa) {
/*
 * This might be a retransmission of a former ISAKMP SA setup
 * message.  If so, just drop it.
 * XXX Must we really look in both the SA and exchange pools?
 */
if (exchange_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF0) ||
    sa_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF0)) {
	/*
	 * XXX Later we should differentiate between
	 * retransmissions and potential replay attacks.
	 */
	LOG_DBG((LOG_MESSAGE, 90,log_debug (LOG_MESSAGE, 90, "message_recv: dropping setup for existing SA"
)
	    "message_recv: dropping setup for existing SA"))log_debug (LOG_MESSAGE, 90, "message_recv: dropping setup for existing SA"
);
	message_free(msg);
	return -1;
}
} else {
msg->isakmp_sa = sa_lookup_by_header(buf, 0);
if (msg->isakmp_sa)
	sa_reference(msg->isakmp_sa);

/*
 * If we cannot find an ISAKMP SA out of the cookies, this is
 * either a responder's first reply, and we need to upgrade
 * our exchange, or it's just plain invalid cookies.
 */
if (!msg->isakmp_sa) {
	msg->exchange = exchange_lookup_from_icookie(buf +
	    ISAKMP_HDR_ICOOKIE_OFF0);
	if (msg->exchange && msg->exchange->phase == 1 &&
	    zero_test(msg->exchange->cookies +
	    ISAKMP_HDR_RCOOKIE_OFF8, ISAKMP_HDR_RCOOKIE_LEN8))
		exchange_upgrade_p1(msg);
	else {
		log_print("message_recv: invalid cookie(s) "
		    "%08x%08x %08x%08x",
		    decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF0),
		decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF0 + 4),
		    decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF8),
		decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF8 + 4));
		tmp_proto.sa = &tmp_sa;
		tmp_sa.doi = doi_lookup(ISAKMP_DOI_ISAKMP0);
		tmp_proto.proto = ISAKMP_PROTO_ISAKMP1;
		tmp_proto.spi_sz[1] = ISAKMP_HDR_COOKIES_LEN(8 + 8);
		tmp_proto.spi[1] =
		    buf + ISAKMP_HDR_COOKIES_OFF0;
		message_drop(msg, ISAKMP_NOTIFY_INVALID_COOKIE4,
		    &tmp_proto, 1, 1);
		return -1;
	}
1320#if 0
	msg->isakmp_sa = sa_lookup_from_icookie(buf +
	    ISAKMP_HDR_ICOOKIE_OFF0);
	if (msg->isakmp_sa)
		sa_isakmp_upgrade(msg);
1325#endif
}
msg->exchange = exchange_lookup(buf, 1);
}

if (message_check_duplicate(msg))
return -1;

if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf)field_get_num (isakmp_hdr_fld + 2, buf) >= ISAKMP_PAYLOAD_RESERVED_MIN22) {
log_print("message_recv: invalid payload type %d in ISAKMP "
    "header (check passphrases, if applicable and in Phase 1)",
    GET_ISAKMP_HDR_NEXT_PAYLOAD(buf)field_get_num (isakmp_hdr_fld + 2, buf));
message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE1, 0, 1, 1);
return -1;
}
/* Validate that the message is of version 1.0.  */
if (ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf))((field_get_num (isakmp_hdr_fld + 3, buf)) >> 4) != 1) {
log_print("message_recv: invalid version major %d",
    ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf))((field_get_num (isakmp_hdr_fld + 3, buf)) >> 4));
message_drop(msg, ISAKMP_NOTIFY_INVALID_MAJOR_VERSION5, 0, 1,
    1);
return -1;
}
if (ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf))((field_get_num (isakmp_hdr_fld + 3, buf)) & 0xf) != 0) {
log_print("message_recv: invalid version minor %d",
    ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf))((field_get_num (isakmp_hdr_fld + 3, buf)) & 0xf));
message_drop(msg, ISAKMP_NOTIFY_INVALID_MINOR_VERSION6, 0, 1,
    1);
return -1;
}
/*
* Validate the exchange type.  If it's a DOI-specified exchange wait
* until after all payloads have been seen for the validation as the
* SA payload might not yet have been parsed, thus the DOI might be
* unknown.
*/
exch_type = GET_ISAKMP_HDR_EXCH_TYPE(buf)field_get_num (isakmp_hdr_fld + 4, buf);
if (exch_type == ISAKMP_EXCH_NONE0 ||
   (exch_type >= ISAKMP_EXCH_FUTURE_MIN7 &&
   exch_type <= ISAKMP_EXCH_FUTURE_MAX31) ||
   (setup_isakmp_sa && exch_type >= ISAKMP_EXCH_DOI_MIN32)) {
log_print("message_recv: invalid exchange type %s",
    constant_name(isakmp_exch_cst, exch_type));
message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE7, 0, 1,
    1);
return -1;
}
/*
* Check for unrecognized flags, or the encryption flag when we don't
* have an ISAKMP SA to decrypt with.
*/
flags = GET_ISAKMP_HDR_FLAGS(buf)field_get_num (isakmp_hdr_fld + 5, buf);
if (flags & ~(ISAKMP_FLAGS_ENC1 | ISAKMP_FLAGS_COMMIT2 |
   ISAKMP_FLAGS_AUTH_ONLY4)) {
log_print("message_recv: invalid flags 0x%x",
    GET_ISAKMP_HDR_FLAGS(buf)field_get_num (isakmp_hdr_fld + 5, buf));
message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS8, 0, 1, 1);
return -1;
}
/*
* If we are about to setup an ISAKMP SA, the message ID must be
* zero.
*/
msgid_is_zero = zero_test(buf + ISAKMP_HDR_MESSAGE_ID_OFF20,
   ISAKMP_HDR_MESSAGE_ID_LEN4);
if (setup_isakmp_sa && !msgid_is_zero) {
log_print("message_recv: invalid message id");
message_drop(msg, ISAKMP_NOTIFY_INVALID_MESSAGE_ID9, 0, 1, 1);
return -1;
}
if (!setup_isakmp_sa && msgid_is_zero) {
/*
 * XXX Very likely redundant, look at the  else clause of the
 * if (setup_isakmp_sa) statement above.
 */
msg->exchange = exchange_lookup(buf, 0);
if (!msg->exchange) {
	log_print("message_recv: phase 1 message after "
	    "ISAKMP SA is ready");
	message_free(msg);
	return -1;
} else if (msg->exchange->last_sent) {
	LOG_DBG((LOG_MESSAGE, 80, "message_recv: resending "log_debug (LOG_MESSAGE, 80, "message_recv: resending " "last message from phase 1"
)
	    "last message from phase 1"))log_debug (LOG_MESSAGE, 80, "message_recv: resending " "last message from phase 1"
);
	message_send(msg->exchange->last_sent);
}
}
if (flags & ISAKMP_FLAGS_ENC1) {
if (!msg->isakmp_sa) {
	LOG_DBG((LOG_MISC, 10, "message_recv: no isakmp_sa "log_debug (LOG_MISC, 10, "message_recv: no isakmp_sa " "for encrypted message"
)
	    "for encrypted message"))log_debug (LOG_MISC, 10, "message_recv: no isakmp_sa " "for encrypted message"
);
	message_free(msg);
	return -1;
}
/* Decrypt rest of message using a DOI-specified IV.  */
ks = msg->isakmp_sa->doi->get_keystate(msg);
if (!ks) {
	message_free(msg);
	return -1;
}
msg->orig = malloc(sz);
if (!msg->orig) {
	message_free(msg);
	free(ks);
	return -1;
}
memcpy(msg->orig, buf, sz);
crypto_decrypt(ks, buf + ISAKMP_HDR_SZ28, sz - ISAKMP_HDR_SZ28);
} else
msg->orig = buf;
msg->orig_sz = sz;

/* IKE packet capture */
message_packet_log(msg);

/*
* Check the overall payload structure at the same time as indexing
* them by type.
*/
if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf)field_get_num (isakmp_hdr_fld + 2, buf) != ISAKMP_PAYLOAD_NONE0 &&
   message_sort_payloads(msg, GET_ISAKMP_HDR_NEXT_PAYLOAD(buf)field_get_num (isakmp_hdr_fld + 2, buf))) {
free(ks);
return -1;
}
/*
* Run generic payload tests now.  If anything fails these checks, the
* message needs either to be retained for later duplicate checks or
* freed entirely.
* XXX Should SAs and even transports be cleaned up then too?
*/
if (message_validate_payloads(msg)) {
free(ks);
return -1;
}
/*
* If we have not found an exchange by now something is definitely
* wrong.
*/
if (!msg->exchange) {
log_print("message_recv: no exchange");
message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 1);
free(ks);
return -1;
}
/*
* NAT-T may have switched ports for us. We need to replace the
* old ISAKMP SA transport here with one that contains the proper
* (i.e translated) ports.
*/
if (msg->isakmp_sa && msg->exchange->phase == 1) {
t = msg->isakmp_sa->transport;
msg->isakmp_sa->transport = msg->transport;
transport_reference(msg->transport);
transport_release(t);
}

/*
* Now we can validate DOI-specific exchange types.  If we have no SA
* DOI-specific exchange types are definitely wrong.
*/
if (exch_type >= ISAKMP_EXCH_DOI_MIN32 &&
   msg->exchange->doi->validate_exchange(exch_type)) {
log_print("message_recv: invalid DOI exchange type %d",
    exch_type);
message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE7, 0, 1,
    1);
free(ks);
return -1;
}
/* Make sure the IV we used gets saved in the proper SA.  */
if (ks) {
if (!msg->exchange->keystate) {
	msg->exchange->keystate = ks;
	msg->exchange->crypto = ks->xf;
} else
	free(ks);
}
/* Handle the flags.  */
if (flags & ISAKMP_FLAGS_ENC1)
msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT0x0004;
if ((msg->exchange->flags & EXCHANGE_FLAG_COMMITTED(0x0001 | 0x0002)) == 0 &&
   (flags & ISAKMP_FLAGS_COMMIT2))
msg->exchange->flags |= EXCHANGE_FLAG_HE_COMMITTED0x0002;

/*
* Except for the 3rd Aggressive Mode message, require encryption
* as soon as we have the keystate for it.
*/
if ((flags & ISAKMP_FLAGS_ENC1) == 0 &&
   (msg->exchange->phase == 2 ||
(msg->exchange->keystate &&
    msg->exchange->type != ISAKMP_EXCH_AGGRESSIVE4))) {
log_print("message_recv: cleartext phase %d message",
    msg->exchange->phase);
message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS8, 0, 1, 1);
return -1;
}

/* OK let the exchange logic do the rest.  */
exchange_run(msg);

return 0;
1527}

1529void
1530message_send_expire(struct message *msg)
1531{
msg->retrans = 0;

message_send(msg);
1535}

1537/* Queue up message MSG for transmittal.  */
1538void
1539message_send(struct message *msg)
1540{
struct exchange *exchange = msg->exchange;
struct message *m;
struct msg_head *q;

/* Remove retransmissions on this message  */
if (msg->retrans) {
timer_remove_event(msg->retrans);
msg->retrans = 0;
}
/* IKE packet capture */
message_packet_log(msg);

/*
* If the ISAKMP SA has set up encryption, encrypt the message.
* However, in a retransmit, it is already encrypted.
*/
if ((msg->flags & MSG_ENCRYPTED0x02) == 0 &&
   exchange->flags & EXCHANGE_FLAG_ENCRYPT0x0004) {
if (!exchange->keystate) {
	exchange->keystate = exchange->doi->get_keystate(msg);
	if (!exchange->keystate)
		return;
	exchange->crypto = exchange->keystate->xf;
	exchange->flags |= EXCHANGE_FLAG_ENCRYPT0x0004;
}
if (message_encrypt(msg)) {
	/* XXX Log.  */
	return;
}
}
/* Keep the COMMIT bit on.  */
if (exchange->flags & EXCHANGE_FLAG_COMMITTED(0x0001 | 0x0002))
SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base,field_set_num (isakmp_hdr_fld + 5, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 5, msg->iov[0].iov_base) | 2)
    GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base)field_set_num (isakmp_hdr_fld + 5, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 5, msg->iov[0].iov_base) | 2)
    | ISAKMP_FLAGS_COMMIT)field_set_num (isakmp_hdr_fld + 5, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 5, msg->iov[0].iov_base) | 2);

message_dump_raw("message_send", msg, LOG_MESSAGE);
msg->flags |= MSG_IN_TRANSIT0x04;
exchange->in_transit = msg;

/*
* If we get a retransmission of a message before our response
* has left the queue, don't queue it again, as it will result
* in a circular list.
*/
q = msg->transport->vtbl->get_queue(msg);
for (m = TAILQ_FIRST(q)((q)->tqh_first); m; m = TAILQ_NEXT(m, link)((m)->link.tqe_next))
if (m == msg) {
	LOG_DBG((LOG_MESSAGE, 60,log_debug (LOG_MESSAGE, 60, "message_send: msg %p already on sendq %p"
, m, q)
	    "message_send: msg %p already on sendq %p", m, q))log_debug (LOG_MESSAGE, 60, "message_send: msg %p already on sendq %p"
, m, q);
	return;
}
TAILQ_INSERT_TAIL(q, msg, link)do { (msg)->link.tqe_next = ((void*)0); (msg)->link.tqe_prev
 = (q)->tqh_last; *(q)->tqh_last = (msg); (q)->tqh_last
 = &(msg)->link.tqe_next; } while (0);
1594}

1596/*
* Setup the ISAKMP message header for message MSG.  EXCHANGE is the exchange
* type, FLAGS are the ISAKMP header flags and MSG_ID is message ID
* identifying the exchange.
*/
1601void
1602message_setup_header(struct message *msg, u_int8_t exchange, u_int8_t flags,
  u_int8_t *msg_id)
1604{
u_int8_t	*buf = msg->iov[0].iov_base;

SET_ISAKMP_HDR_ICOOKIE(buf, msg->exchange->cookies)field_set_raw (isakmp_hdr_fld + 0, buf, msg->exchange->
cookies);
SET_ISAKMP_HDR_RCOOKIE(buf, msg->exchange->cookies +field_set_raw (isakmp_hdr_fld + 1, buf, msg->exchange->
cookies + 8)
   ISAKMP_HDR_ICOOKIE_LEN)field_set_raw (isakmp_hdr_fld + 1, buf, msg->exchange->
cookies + 8);
SET_ISAKMP_HDR_NEXT_PAYLOAD(buf, ISAKMP_PAYLOAD_NONE)field_set_num (isakmp_hdr_fld + 2, buf, 0);
SET_ISAKMP_HDR_VERSION(buf, ISAKMP_VERSION_MAKE(1, 0))field_set_num (isakmp_hdr_fld + 3, buf, ((1) << 4 | (0)
));
SET_ISAKMP_HDR_EXCH_TYPE(buf, exchange)field_set_num (isakmp_hdr_fld + 4, buf, exchange);
SET_ISAKMP_HDR_FLAGS(buf, flags)field_set_num (isakmp_hdr_fld + 5, buf, flags);
SET_ISAKMP_HDR_MESSAGE_ID(buf, msg_id)field_set_raw (isakmp_hdr_fld + 6, buf, msg_id);
SET_ISAKMP_HDR_LENGTH(buf, msg->iov[0].iov_len)field_set_num (isakmp_hdr_fld + 7, buf, msg->iov[0].iov_len
);
1616}

1618/*
* Add the payload of type PAYLOAD in BUF sized SZ to the MSG message.
* The caller thereby is released from the responsibility of freeing BUF,
* unless we return a failure of course.  If LINK is set the former
* payload's "next payload" field to PAYLOAD.
*
* XXX We might want to resize the iov array several slots at a time.
*/
1626int
1627message_add_payload(struct message *msg, u_int8_t payload, u_int8_t *buf,
  size_t sz, int link)
1629{
struct iovec   *new_iov;
struct payload *payload_node;

payload_node = calloc(1, sizeof *payload_node);
if (!payload_node) {
log_error("message_add_payload: calloc (1, %lu) failed",
    (unsigned long)sizeof *payload_node);
return -1;
}
new_iov = reallocarray(msg->iov, msg->iovlen + 1,
   sizeof *msg->iov);
if (!new_iov) {
log_error("message_add_payload: realloc (%p, %lu) failed",
    msg->iov, (msg->iovlen + 1) *
    (unsigned long)sizeof *msg->iov);
free(payload_node);
return -1;
}
msg->iov = new_iov;
new_iov[msg->iovlen].iov_base = buf;
new_iov[msg->iovlen].iov_len = sz;
msg->iovlen++;
if (link)
*msg->nextp = payload;
msg->nextp = buf + ISAKMP_GEN_NEXT_PAYLOAD_OFF0;
*msg->nextp = ISAKMP_PAYLOAD_NONE0;
SET_ISAKMP_GEN_RESERVED(buf, 0)field_set_num (isakmp_gen_fld + 1, buf, 0);
SET_ISAKMP_GEN_LENGTH(buf, sz)field_set_num (isakmp_gen_fld + 2, buf, sz);
SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base,field_set_num (isakmp_hdr_fld + 7, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 7, msg->iov[0].iov_base) + sz)
   GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base) + sz)field_set_num (isakmp_hdr_fld + 7, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 7, msg->iov[0].iov_base) + sz);

/*
* For the sake of exchange_validate we index the payloads even in
* outgoing messages, however context and flags are uninteresting in
* this situation.
*/
payload_node->p = buf;
TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link)do { (payload_node)->link.tqe_next = ((void*)0); (payload_node
)->link.tqe_prev = (&msg->payload[payload])->tqh_last
; *(&msg->payload[payload])->tqh_last = (payload_node
); (&msg->payload[payload])->tqh_last = &(payload_node
)->link.tqe_next; } while (0);
return 0;
1669}

1671/* XXX Move up when ready.  */
1672struct info_args {
char            discr;
u_int32_t       doi;
u_int8_t        proto;
u_int16_t       spi_sz;
union {
struct {
	u_int16_t       msg_type;
	u_int8_t       *spi;
} n;
struct {
	u_int16_t       nspis;
	u_int8_t       *spis;
} d;
struct {
	u_int16_t	msg_type;
	u_int8_t	*spi;
	u_int32_t	seq;
} dpd;
} u;
1692};

1694/*
* As a reaction to the incoming message MSG create an informational exchange
* protected by ISAKMP_SA and send a notify payload of type NOTIFY, with
* fields initialized from SA.  INCOMING is true if the SPI field should be
* filled with the incoming SPI and false if it is to be filled with the
* outgoing one.
*
* XXX Should we handle sending multiple notify payloads?  The draft allows
* it, but do we need it?  Furthermore, should we not return a success
* status value?
*/
1705void
1706message_send_notification(struct message *msg, struct sa *isakmp_sa,
  u_int16_t notify, struct proto *proto, int incoming)
1708{
struct info_args args;
struct sa      *doi_sa = proto ? proto->sa : isakmp_sa;

args.discr = 'N';
args.doi = doi_sa ? doi_sa->doi->id : ISAKMP_DOI_ISAKMP0;
args.proto = proto ? proto->proto : ISAKMP_PROTO_ISAKMP1;
args.spi_sz = proto ? proto->spi_sz[incoming] : 0;
args.u.n.msg_type = notify;
args.u.n.spi = proto ? proto->spi[incoming] : 0;
if (isakmp_sa && (isakmp_sa->flags & SA_FLAG_READY0x01))
exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO5, 0, &args,
    0, 0);
else
exchange_establish_p1(msg->transport, ISAKMP_EXCH_INFO5,
    msg->exchange ? msg->exchange->doi->id : ISAKMP_DOI_ISAKMP0,
    0, &args, 0, 0, 0);
1725}

1727/* Send a DELETE inside an informational exchange for each protocol in SA.  */
1728void
1729message_send_delete(struct sa *sa)
1730{
struct info_args args;
struct proto   *proto;
struct sa      *isakmp_sa;
struct sockaddr *dst;

if (!sa->transport)
return;

sa->transport->vtbl->get_dst(sa->transport, &dst);
isakmp_sa = sa_isakmp_lookup_by_peer(dst, SA_LEN(dst)((dst)->sa_len));
if (!isakmp_sa) {
/*
 * XXX We ought to setup an ISAKMP SA with our peer here and
 * send the DELETE over that one.
 */
return;
}
args.discr = 'D';
args.doi = sa->doi->id;
args.u.d.nspis = 1;
for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first); proto;
   proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) {
switch (proto->proto) {
case ISAKMP_PROTO_ISAKMP1:
	args.spi_sz = ISAKMP_HDR_COOKIES_LEN(8 + 8);
	args.u.d.spis = sa->cookies;
	break;

case IPSEC_PROTO_IPSEC_AH2:
case IPSEC_PROTO_IPSEC_ESP3:
case IPSEC_PROTO_IPCOMP4:
	args.spi_sz = proto->spi_sz[1];
	args.u.d.spis = proto->spi[1];
	break;
default:
	log_print("message_send_delete: cannot delete unknown "
	    "protocol %d", proto->proto);
	continue;
}

args.proto = proto->proto;
exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO5, 0, &args,
    0, 0);
}
1775}

1777void
1778message_send_dpd_notify(struct sa* isakmp_sa, u_int16_t notify, u_int32_t seq)
1779{
struct info_args args;

args.discr = 'P';
args.doi = IPSEC_DOI_IPSEC1;
args.proto = ISAKMP_PROTO_ISAKMP1;
args.spi_sz = ISAKMP_HDR_COOKIES_LEN(8 + 8);
args.u.dpd.msg_type = notify;
args.u.dpd.spi = isakmp_sa->cookies;
args.u.dpd.seq = htonl(seq)(__uint32_t)(__builtin_constant_p(seq) ? (__uint32_t)(((__uint32_t
)(seq) & 0xff) << 24 | ((__uint32_t)(seq) & 0xff00
) << 8 | ((__uint32_t)(seq) & 0xff0000) >> 8 |
 ((__uint32_t)(seq) & 0xff000000) >> 24) : __swap32md
(seq));

exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO5, 0, &args, 0, 0);
1791}

1793/* Build the informational message into MSG.  */
1794int
1795message_send_info(struct message *msg)
1796{
u_int8_t       *buf;
size_t          sz = 0;
struct info_args *args = msg->extra;
u_int8_t	payload;

/* Let the DOI get the first hand on the message.  */
if (msg->exchange->doi->informational_pre_hook)
if (msg->exchange->doi->informational_pre_hook(msg))
	return -1;

switch (args->discr) {
case 'P':
sz = sizeof args->u.dpd.seq;
/* FALLTHROUGH */
case 'N':
sz += ISAKMP_NOTIFY_SPI_OFF12 + args->spi_sz;
break;
case 'D':
default:	/* Silence gcc */
sz = ISAKMP_DELETE_SPI_OFF12 + args->u.d.nspis * args->spi_sz;
break;
}

buf = calloc(1, sz);
if (!buf) {
log_error("message_send_info: calloc (1, %lu) failed",
    (unsigned long)sz);
message_free(msg);
return -1;
}
switch (args->discr) {
case 'P':
memcpy(buf + ISAKMP_NOTIFY_SPI_OFF12 + args->spi_sz,
    &args->u.dpd.seq, sizeof args->u.dpd.seq);
/* FALLTHROUGH */
case 'N':
/* Build the NOTIFY payload.  */
payload = ISAKMP_PAYLOAD_NOTIFY11;
SET_ISAKMP_NOTIFY_DOI(buf, args->doi)field_set_num (isakmp_notify_fld + 0, buf, args->doi);
SET_ISAKMP_NOTIFY_PROTO(buf, args->proto)field_set_num (isakmp_notify_fld + 1, buf, args->proto);
SET_ISAKMP_NOTIFY_SPI_SZ(buf, args->spi_sz)field_set_num (isakmp_notify_fld + 2, buf, args->spi_sz);
SET_ISAKMP_NOTIFY_MSG_TYPE(buf, args->u.n.msg_type)field_set_num (isakmp_notify_fld + 3, buf, args->u.n.msg_type
);
memcpy(buf + ISAKMP_NOTIFY_SPI_OFF12, args->u.n.spi,
    args->spi_sz);
break;

case 'D':
default:		/* Silence GCC.  */
/* Build the DELETE payload.  */
payload = ISAKMP_PAYLOAD_DELETE12;
SET_ISAKMP_DELETE_DOI(buf, args->doi)field_set_num (isakmp_delete_fld + 0, buf, args->doi);
SET_ISAKMP_DELETE_PROTO(buf, args->proto)field_set_num (isakmp_delete_fld + 1, buf, args->proto);
SET_ISAKMP_DELETE_SPI_SZ(buf, args->spi_sz)field_set_num (isakmp_delete_fld + 2, buf, args->spi_sz);
SET_ISAKMP_DELETE_NSPIS(buf, args->u.d.nspis)field_set_num (isakmp_delete_fld + 3, buf, args->u.d.nspis
);
memcpy(buf + ISAKMP_DELETE_SPI_OFF12, args->u.d.spis,
    args->u.d.nspis * args->spi_sz);
msg->flags |= MSG_PRIORITIZED0x08;
break;
}

if (message_add_payload(msg, payload, buf, sz, 1)) {
free(buf);
message_free(msg);
return -1;
}
/* Let the DOI get the last hand on the message.  */
if (msg->exchange->doi->informational_post_hook)
if (msg->exchange->doi->informational_post_hook(msg)) {
	message_free(msg);
	return -1;
}
return 0;
1869}

1871/*
* Drop the MSG message due to reason given in NOTIFY.  If NOTIFY is set
* send out a notification to the originator.  Fill this notification with
* values from PROTO.  INCOMING decides which SPI to include.  If CLEAN is
* set, free the message when ready with it.
*/
1877void
1878message_drop(struct message *msg, int notify, struct proto *proto,
  int incoming, int clean)
1880{
struct transport *t = msg->transport;
struct sockaddr *dst;
char           *address;
short           port = 0;

t->vtbl->get_dst(t, &dst);
if (sockaddr2text(dst, &address, 0)) {
log_error("message_drop: sockaddr2text () failed");
address = 0;
}
switch (dst->sa_family) {
case AF_INET2:
port = ((struct sockaddr_in *)dst)->sin_port;
break;
case AF_INET624:
port = ((struct sockaddr_in6 *)dst)->sin6_port;
break;
default:
log_print("message_drop: unknown protocol family %d",
    dst->sa_family);
}

log_print("dropped message from %s port %d due to notification type "
   "%s", address ? address : "<unknown>", htons(port)(__uint16_t)(__builtin_constant_p(port) ? (__uint16_t)(((__uint16_t
)(port) & 0xffU) << 8 | ((__uint16_t)(port) & 0xff00U
) >> 8) : __swap16md(port)),
   constant_name(isakmp_notify_cst, notify));

free(address);

/* If specified, return a notification.  */
if (notify)
message_send_notification(msg, msg->isakmp_sa, notify, proto,
    incoming);
if (clean)
message_free(msg);
1915}

1917/*
* If the user demands debug printouts, printout MSG with as much detail
* as we can without resorting to per-payload handling.
*/
1921void
1922message_dump_raw(char *header, struct message *msg, int class)
1923{
u_int32_t	i, j, k = 0;
char            buf[80], *p = buf;

LOG_DBG((class, 70, "%s: message %p", header, msg))log_debug (class, 70, "%s: message %p", header, msg);
field_dump_payload(isakmp_hdr_fld, msg->iov[0].iov_base);
for (i = 0; i < msg->iovlen; i++)
for (j = 0; j < msg->iov[i].iov_len; j++) {
	snprintf(p, sizeof buf - (int) (p - buf), "%02x",
	    ((u_int8_t *) msg->iov[i].iov_base)[j]);
	p += strlen(p);
	if (++k % 32 == 0) {
		*p = '\0';
		LOG_DBG((class, 70, "%s: %s", header, buf))log_debug (class, 70, "%s: %s", header, buf);
		p = buf;
	} else if (k % 4 == 0)
		*p++ = ' ';
}
*p = '\0';
if (p != buf)
LOG_DBG((class, 70, "%s: %s", header, buf))log_debug (class, 70, "%s: %s", header, buf);
1944}

1946static void
1947message_packet_log(struct message *msg)
1948{
struct sockaddr *src, *dst;
struct transport *t = msg->transport;

/* Don't log retransmissions. Redundant for incoming packets... */
if (msg->xmits > 0)
return;

if (msg->exchange && msg->exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE0x0010)
t = ((struct virtual_transport *)msg->transport)->encap;

/* Figure out direction. */
if (msg->exchange &&
   msg->exchange->initiator ^ (msg->exchange->step % 2)) {
t->vtbl->get_src(t, &src);
t->vtbl->get_dst(t, &dst);
} else {
t->vtbl->get_src(t, &dst);
t->vtbl->get_dst(t, &src);
}

log_packet_iov(src, dst, msg->iov, msg->iovlen);
1970}

1972/*
* Encrypt an outgoing message MSG.  As outgoing messages are represented
* with an iovec with one segment per payload, we need to coalesce them
* into just une buffer containing all payloads and some padding before
* we encrypt.
*/
1978static int
1979message_encrypt(struct message *msg)
1980{
struct exchange *exchange = msg->exchange;
size_t          i, sz = 0;
u_int8_t       *buf;

/* If no payloads, nothing to do.  */
if (msg->iovlen == 1)
return 0;

/*
* For encryption we need to put all payloads together in a single
* buffer.  This buffer should be padded to the current crypto
* transform's blocksize.
*/
for (i = 1; i < msg->iovlen; i++)
sz += msg->iov[i].iov_len;
sz = ((sz + exchange->crypto->blocksize - 1) /
   exchange->crypto->blocksize) * exchange->crypto->blocksize;
buf = realloc(msg->iov[1].iov_base, sz);
if (!buf) {
log_error("message_encrypt: realloc (%p, %lu) failed",
    msg->iov[1].iov_base, (unsigned long) sz);
return -1;
}
msg->iov[1].iov_base = buf;
for (i = 2; i < msg->iovlen; i++) {
memcpy(buf + msg->iov[1].iov_len, msg->iov[i].iov_base,
    msg->iov[i].iov_len);
msg->iov[1].iov_len += msg->iov[i].iov_len;
free(msg->iov[i].iov_base);
}

/* Pad with zeroes.  */
memset(buf + msg->iov[1].iov_len, '\0', sz - msg->iov[1].iov_len);
msg->iov[1].iov_len = sz;
msg->iovlen = 2;

SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base,field_set_num (isakmp_hdr_fld + 5, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 5, msg->iov[0].iov_base) | 1)
   GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base) | ISAKMP_FLAGS_ENC)field_set_num (isakmp_hdr_fld + 5, msg->iov[0].iov_base, field_get_num
 (isakmp_hdr_fld + 5, msg->iov[0].iov_base) | 1);
SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz)field_set_num (isakmp_hdr_fld + 7, msg->iov[0].iov_base, 28
 + sz);
crypto_encrypt(exchange->keystate, buf, msg->iov[1].iov_len);
msg->flags |= MSG_ENCRYPTED0x02;

/* Update the IV so we can decrypt the next incoming message.  */
crypto_update_iv(exchange->keystate);

return 0;
2027}

2029/*
* Check whether the message MSG is a duplicate of the last one negotiating
* this specific SA.
*/
2033static int
2034message_check_duplicate(struct message *msg)
2035{
struct exchange *exchange = msg->exchange;
size_t          sz = msg->iov[0].iov_len;
u_int8_t       *pkt = msg->iov[0].iov_base;

/* If no SA has been found, we cannot test, thus it's good.  */
if (!exchange)
return 0;

LOG_DBG((LOG_MESSAGE, 90, "message_check_duplicate: last_received %p",log_debug (LOG_MESSAGE, 90, "message_check_duplicate: last_received %p"
, exchange->last_received)
   exchange->last_received))log_debug (LOG_MESSAGE, 90, "message_check_duplicate: last_received %p"
, exchange->last_received);
if (exchange->last_received) {
LOG_DBG_BUF((LOG_MESSAGE, 95,log_debug_buf (LOG_MESSAGE, 95, "message_check_duplicate: last_received"
, exchange->last_received->orig, exchange->last_received
->orig_sz)
    "message_check_duplicate: last_received",log_debug_buf (LOG_MESSAGE, 95, "message_check_duplicate: last_received"
, exchange->last_received->orig, exchange->last_received
->orig_sz)
    exchange->last_received->orig,log_debug_buf (LOG_MESSAGE, 95, "message_check_duplicate: last_received"
, exchange->last_received->orig, exchange->last_received
->orig_sz)
    exchange->last_received->orig_sz))log_debug_buf (LOG_MESSAGE, 95, "message_check_duplicate: last_received"
, exchange->last_received->orig, exchange->last_received
->orig_sz);
/* Is it a duplicate, lose the new one.  */
if (sz == exchange->last_received->orig_sz &&
    memcmp(pkt, exchange->last_received->orig, sz) == 0) {
	LOG_DBG((LOG_MESSAGE, 80,log_debug (LOG_MESSAGE, 80, "message_check_duplicate: dropping dup"
)
	    "message_check_duplicate: dropping dup"))log_debug (LOG_MESSAGE, 80, "message_check_duplicate: dropping dup"
);

	/*
	 * Retransmit if the previous sent message was the last
	 * of an exchange, otherwise just wait for the
	 * ordinary retransmission.
	 */
	if (exchange->last_sent && (exchange->last_sent->flags
	    & MSG_LAST0x01))
		message_send(exchange->last_sent);
	message_free(msg);
	return -1;
}
}
/*
* As this new message is an indication that state is moving forward
* at the peer, remove the retransmit timer on our last message.
*/
if (exchange->last_sent) {
if (exchange->last_sent == exchange->in_transit) {
	struct message *m = exchange->in_transit;
	TAILQ_REMOVE(m->transport->vtbl->get_queue(m), m,do { if (((m)->link.tqe_next) != ((void*)0)) (m)->link.
tqe_next->link.tqe_prev = (m)->link.tqe_prev; else (m->
transport->vtbl->get_queue(m))->tqh_last = (m)->link
.tqe_prev; *(m)->link.tqe_prev = (m)->link.tqe_next; ; ;
 } while (0)
	    link)do { if (((m)->link.tqe_next) != ((void*)0)) (m)->link.
tqe_next->link.tqe_prev = (m)->link.tqe_prev; else (m->
transport->vtbl->get_queue(m))->tqh_last = (m)->link
.tqe_prev; *(m)->link.tqe_prev = (m)->link.tqe_next; ; ;
 } while (0);
	exchange->in_transit = 0;
}
message_free(exchange->last_sent);
exchange->last_sent = 0;
}
return 0;
2084}

2086/* Helper to message_negotiate_sa.  */
2087static __inline struct payload *
2088step_transform(struct payload *tp, struct payload **propp,
  struct payload **sap)
2090{
tp = TAILQ_NEXT(tp, link)((tp)->link.tqe_next);
if (tp) {
4
←
Assuming 'tp' is null→
5
←
Taking false branch→
*propp = tp->context;
*sap = (*propp)->context;
}
return tp;
6
←
Returning without writing to '*propp'→
2097}

2099/*
* Pick out the first transforms out of MSG (which should contain at least one
* SA payload) we accept as a full protection suite.
*/
2103int
2104message_negotiate_sa(struct message *msg, int (*validate)(struct exchange *,
  struct sa *, struct sa *))
2106{
struct payload *tp, *propp, *sap, *next_tp = 0, *next_propp, *next_sap;
1
'next_propp' declared without an initial value→
struct payload *saved_tp = 0, *saved_propp = 0, *saved_sap = 0;
struct sa      *sa;
struct proto   *proto;
int             suite_ok_so_far = 0;
struct exchange *exchange = msg->exchange;

/*
* This algorithm is a weird bottom-up thing... mostly due to the
* payload links pointing upwards.
*
* The algorithm goes something like this:
* Foreach transform
*   If transform is compatible
*     Remember that this protocol can work
*     Skip to last transform of this protocol
*   If next transform belongs to a new protocol inside the same suite
*     If no transform was found for the current protocol
*       Forget all earlier transforms for protocols in this suite
*       Skip to last transform of this suite
*   If next transform belongs to a new suite
*     If the current protocol had an OK transform
*       Skip to the last transform of this SA
*   If the next transform belongs to a new SA
*     If no transforms have been chosen
*       Issue a NO_PROPOSAL_CHOSEN notification
*/

sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first);
for (tp = payload_first(msg, ISAKMP_PAYLOAD_TRANSFORM3); tp;
2
←
Loop condition is true.  Entering loop body→
   tp = next_tp) {
propp = tp->context;
sap = propp->context;
sap->flags |= PL_MARK1;
next_tp = step_transform(tp, &next_propp, &next_sap);
3
←
Calling 'step_transform'→
7
←
Returning from 'step_transform'→

/* For each transform, see if it is compatible.  */
if (!attribute_map(tp->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
8
←
Assuming the condition is true→
9
←
Taking true branch→
    GET_ISAKMP_GEN_LENGTH(tp->p)field_get_num (isakmp_gen_fld + 2, tp->p) -
    ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
    exchange->doi->is_attribute_incompatible, msg)) {
	LOG_DBG((LOG_NEGOTIATION, 30, "message_negotiate_sa: "log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: " "transform %d proto %d proposal %d ok"
, field_get_num (isakmp_transform_fld + 0, tp->p), field_get_num
 (isakmp_prop_fld + 1, propp->p), field_get_num (isakmp_prop_fld
 + 0, propp->p))
	    "transform %d proto %d proposal %d ok",log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: " "transform %d proto %d proposal %d ok"
, field_get_num (isakmp_transform_fld + 0, tp->p), field_get_num
 (isakmp_prop_fld + 1, propp->p), field_get_num (isakmp_prop_fld
 + 0, propp->p))
	    GET_ISAKMP_TRANSFORM_NO(tp->p),log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: " "transform %d proto %d proposal %d ok"
, field_get_num (isakmp_transform_fld + 0, tp->p), field_get_num
 (isakmp_prop_fld + 1, propp->p), field_get_num (isakmp_prop_fld
 + 0, propp->p))
	    GET_ISAKMP_PROP_PROTO(propp->p),log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: " "transform %d proto %d proposal %d ok"
, field_get_num (isakmp_transform_fld + 0, tp->p), field_get_num
 (isakmp_prop_fld + 1, propp->p), field_get_num (isakmp_prop_fld
 + 0, propp->p))
	    GET_ISAKMP_PROP_NO(propp->p)))log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: " "transform %d proto %d proposal %d ok"
, field_get_num (isakmp_transform_fld + 0, tp->p), field_get_num
 (isakmp_prop_fld + 1, propp->p), field_get_num (isakmp_prop_fld
 + 0, propp->p));
	if (sa_add_transform(sa, tp, exchange->initiator,
10
←
Assuming the condition is false→
11
←
Taking false branch→
	    &proto))
		goto cleanup;
	suite_ok_so_far = 1;

	saved_tp = next_tp;
	saved_propp = next_propp;
12
←
Assigned value is garbage or undefined
	saved_sap = next_sap;
	/* Skip to last transform of this protocol proposal. */
	while ((next_tp = step_transform(tp, &next_propp,
	    &next_sap)) && next_propp == propp)
		tp = next_tp;
}
2166retry_transform:
/*
 * Figure out if we will be looking at a new protocol proposal
 * inside the current protection suite.
 */
if (next_tp && propp != next_propp && sap == next_sap &&
    (GET_ISAKMP_PROP_NO(propp->p)field_get_num (isakmp_prop_fld + 0, propp->p) ==
    GET_ISAKMP_PROP_NO(next_propp->p)field_get_num (isakmp_prop_fld + 0, next_propp->p))) {
	if (!suite_ok_so_far) {
		LOG_DBG((LOG_NEGOTIATION, 30,log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proto %d proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 1, propp->p
), field_get_num (isakmp_prop_fld + 0, propp->p))
		    "message_negotiate_sa: proto %d proposal "log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proto %d proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 1, propp->p
), field_get_num (isakmp_prop_fld + 0, propp->p))
		    "%d failed",log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proto %d proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 1, propp->p
), field_get_num (isakmp_prop_fld + 0, propp->p))
		    GET_ISAKMP_PROP_PROTO(propp->p),log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proto %d proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 1, propp->p
), field_get_num (isakmp_prop_fld + 0, propp->p))
		    GET_ISAKMP_PROP_NO(propp->p)))log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proto %d proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 1, propp->p
), field_get_num (isakmp_prop_fld + 0, propp->p));
		/*
		 * Remove potentially succeeded choices from
		 * the SA.
		 */
		while ((proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)))
			proto_free(proto);

		/*
		 * Skip to the last transform of this
		 * protection suite.
		 */
		while ((next_tp = step_transform(tp,
		    &next_propp, &next_sap)) &&
		    (GET_ISAKMP_PROP_NO(next_propp->p)field_get_num (isakmp_prop_fld + 0, next_propp->p) ==
		    GET_ISAKMP_PROP_NO(propp->p)field_get_num (isakmp_prop_fld + 0, propp->p)) &&
		    next_sap == sap)
			tp = next_tp;
	}
	suite_ok_so_far = 0;
}
/*
 * Figure out if we will be looking at a new protection
 * suite.
 */
if (!next_tp ||
    (propp != next_propp && (GET_ISAKMP_PROP_NO(propp->p)field_get_num (isakmp_prop_fld + 0, propp->p) !=
    GET_ISAKMP_PROP_NO(next_propp->p)field_get_num (isakmp_prop_fld + 0, next_propp->p))) ||
    sap != next_sap) {
	/*
	 * Check if the suite we just considered was OK, if so
	 * we check it against the accepted ones.
	 */
	if (suite_ok_so_far) {
		if (!validate || validate(exchange, sa,
		    msg->isakmp_sa)) {
			LOG_DBG((LOG_NEGOTIATION, 30,log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d succeeded", field_get_num (isakmp_prop_fld + 0, propp->
p))
			    "message_negotiate_sa: proposal "log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d succeeded", field_get_num (isakmp_prop_fld + 0, propp->
p))
			    "%d succeeded",log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d succeeded", field_get_num (isakmp_prop_fld + 0, propp->
p))
			    GET_ISAKMP_PROP_NO(propp->p)))log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d succeeded", field_get_num (isakmp_prop_fld + 0, propp->
p));

			/*
			 * Skip to the last transform of this
			 * SA.
			 */
			while ((next_tp = step_transform(tp,
			    &next_propp, &next_sap)) &&
			    next_sap == sap)
				tp = next_tp;
		} else {
			/* Backtrack.  */
			LOG_DBG((LOG_NEGOTIATION, 30,log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 0, propp->p
))
			    "message_negotiate_sa: proposal "log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 0, propp->p
))
			    "%d failed",log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 0, propp->p
))
			    GET_ISAKMP_PROP_NO(propp->p)))log_debug (LOG_NEGOTIATION, 30, "message_negotiate_sa: proposal "
 "%d failed", field_get_num (isakmp_prop_fld + 0, propp->p
));
			next_tp = saved_tp;
			next_propp = saved_propp;
			next_sap = saved_sap;
			suite_ok_so_far = 0;

			/*
			 * Remove potentially succeeded
			 * choices from the SA.
			 */
			while ((proto =
			    TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)))
				proto_free(proto);
			goto retry_transform;
		}
	}
}
/* Have we walked all the proposals of an SA?  */
if (!next_tp || sap != next_sap) {
	if (!suite_ok_so_far) {
		/*
		 * XXX We cannot possibly call this a drop...
		 * seeing we just turn down one of the offers,
		 * can we?  I suggest renaming message_drop to
		 * something else.
		 */
		log_print("message_negotiate_sa: no "
		    "compatible proposal found");
		message_drop(msg,
		    ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN14, 0, 1, 0);
	}
	sa = TAILQ_NEXT(sa, next)((sa)->next.tqe_next);
}
}
return 0;

2269cleanup:
/*
* Remove potentially succeeded choices from the SA.
*/
while ((proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)))
proto_free(proto);
return -1;
2276}

2278/*
* Add SA, proposal and transform payload(s) to MSG out of information
* found in the exchange MSG is part of..
*/
2282int
2283message_add_sa_payload(struct message *msg)
2284{
struct exchange *exchange = msg->exchange;
u_int8_t       *sa_buf, *saved_nextp_sa, *saved_nextp_prop;
size_t          sa_len, extra_sa_len;
int             i, nprotos = 0;
struct proto   *proto;
u_int8_t      **transforms = 0, **proposals = 0;
size_t         *transform_lens = 0, *proposal_lens = 0;
struct sa      *sa;
struct doi     *doi = exchange->doi;
u_int8_t       *spi = 0;
size_t          spi_sz;

/*
* Generate SA payloads.
*/
for (sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first); sa;
   sa = TAILQ_NEXT(sa, next)((sa)->next.tqe_next)) {
/* Setup a SA payload.  */
sa_len = ISAKMP_SA_SIT_OFF8 + doi->situation_size();
extra_sa_len = 0;
sa_buf = malloc(sa_len);
if (!sa_buf) {
	log_error("message_add_sa_payload: "
	    "malloc (%lu) failed", (unsigned long)sa_len);
	goto cleanup;
}
SET_ISAKMP_SA_DOI(sa_buf, doi->id)field_set_num (isakmp_sa_fld + 0, sa_buf, doi->id);
doi->setup_situation(sa_buf);

/* Count transforms.  */
nprotos = 0;
for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first); proto;
    proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next))
	nprotos++;

/*
 * Allocate transient transform and proposal payload/size
 * vectors.
 */
transforms = calloc(nprotos, sizeof *transforms);
if (!transforms) {
	log_error("message_add_sa_payload: calloc (%d, %lu) "
	    "failed", nprotos,
	    (unsigned long)sizeof *transforms);
	goto cleanup;
}
transform_lens = calloc(nprotos, sizeof *transform_lens);
if (!transform_lens) {
	log_error("message_add_sa_payload: calloc (%d, %lu) "
	    "failed", nprotos,
	    (unsigned long) sizeof *transform_lens);
	goto cleanup;
}
proposals = calloc(nprotos, sizeof *proposals);
if (!proposals) {
	log_error("message_add_sa_payload: calloc (%d, %lu) "
	    "failed", nprotos,
	    (unsigned long)sizeof *proposals);
	goto cleanup;
}
proposal_lens = calloc(nprotos, sizeof *proposal_lens);
if (!proposal_lens) {
	log_error("message_add_sa_payload: calloc (%d, %lu) "
	    "failed", nprotos,
	    (unsigned long)sizeof *proposal_lens);
	goto cleanup;
}
/* Pick out the chosen transforms.  */
for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first), i = 0; proto;
    proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next), i++) {
	transform_lens[i] =
	    GET_ISAKMP_GEN_LENGTH(proto->chosen->p)field_get_num (isakmp_gen_fld + 2, proto->chosen->p);
	transforms[i] = malloc(transform_lens[i]);
	if (!transforms[i]) {
		log_error("message_add_sa_payload: malloc "
		    "(%lu) failed",
		    (unsigned long)transform_lens[i]);
		goto cleanup;
	}
	/* Get incoming SPI from application.  */
	if (doi->get_spi) {
		spi = doi->get_spi(&spi_sz,
		    GET_ISAKMP_PROP_PROTO(proto->chosen->context->p)field_get_num (isakmp_prop_fld + 1, proto->chosen->context
->p),
		    msg);
		if (spi_sz && !spi)
			goto cleanup;
		proto->spi[1] = spi;
		proto->spi_sz[1] = spi_sz;
	} else
		spi_sz = 0;

	proposal_lens[i] = ISAKMP_PROP_SPI_OFF8 + spi_sz;
	proposals[i] = malloc(proposal_lens[i]);
	if (!proposals[i]) {
		log_error("message_add_sa_payload: malloc "
		    "(%lu) failed",
		    (unsigned long)proposal_lens[i]);
		goto cleanup;
	}
	memcpy(transforms[i], proto->chosen->p,
	    transform_lens[i]);
	memcpy(proposals[i], proto->chosen->context->p,
	    ISAKMP_PROP_SPI_OFF8);
	SET_ISAKMP_PROP_NTRANSFORMS(proposals[i], 1)field_set_num (isakmp_prop_fld + 3, proposals[i], 1);
	SET_ISAKMP_PROP_SPI_SZ(proposals[i], spi_sz)field_set_num (isakmp_prop_fld + 2, proposals[i], spi_sz);
	if (spi_sz)
		memcpy(proposals[i] + ISAKMP_PROP_SPI_OFF8, spi,
		    spi_sz);
	extra_sa_len += proposal_lens[i] + transform_lens[i];
}

/*
 * Add the payloads.  As this is a SA, we need to recompute the
 * lengths of the payloads containing others.  We also need to
 * reset these payload's "next payload type" field.
 */
if (message_add_payload(msg, ISAKMP_PAYLOAD_SA1, sa_buf,
    sa_len, 1))
	goto cleanup;
SET_ISAKMP_GEN_LENGTH(sa_buf, sa_len + extra_sa_len)field_set_num (isakmp_gen_fld + 2, sa_buf, sa_len + extra_sa_len
);
sa_buf = 0;

saved_nextp_sa = msg->nextp;
for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first), i = 0; proto;
    proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next), i++) {
	if (message_add_payload(msg, ISAKMP_PAYLOAD_PROPOSAL2,
	    proposals[i], proposal_lens[i], i > 0))
		goto cleanup;
	SET_ISAKMP_GEN_LENGTH(proposals[i], proposal_lens[i] +field_set_num (isakmp_gen_fld + 2, proposals[i], proposal_lens
[i] + transform_lens[i])
	    transform_lens[i])field_set_num (isakmp_gen_fld + 2, proposals[i], proposal_lens
[i] + transform_lens[i]);
	proposals[i] = 0;

	saved_nextp_prop = msg->nextp;
	if (message_add_payload(msg, ISAKMP_PAYLOAD_TRANSFORM3,
	    transforms[i], transform_lens[i], 0))
		goto cleanup;
	msg->nextp = saved_nextp_prop;
	transforms[i] = 0;
}
msg->nextp = saved_nextp_sa;

/* Free the temporary allocations made above.  */
free(transforms);
free(transform_lens);
free(proposals);
free(proposal_lens);
}
return 0;

2434cleanup:
free(sa_buf);
for (i = 0; i < nprotos; i++) {
free(transforms[i]);
free(proposals[i]);
}
free(transforms);
free(transform_lens);
free(proposals);
free(proposal_lens);
return -1;
2445}

2447/*
* Return a copy of MSG's constants starting from OFFSET and stash the size
* in SZP.  It is the callers responsibility to free this up.
*/
2451u_int8_t *
2452message_copy(struct message *msg, size_t offset, size_t *szp)
2453{
int             skip = 0;
size_t          i, sz = 0;
ssize_t         start = -1;
u_int8_t       *buf, *p;

/* Calculate size of message and where we want to start to copy.  */
for (i = 1; i < msg->iovlen; i++) {
sz += msg->iov[i].iov_len;
if (sz <= offset)
	skip = i;
else if (start < 0)
	start = offset - (sz - msg->iov[i].iov_len);
}

/* Allocate and copy.  */
*szp = sz - offset;
buf = malloc(*szp);
if (!buf)
return 0;
p = buf;
for (i = skip + 1; i < msg->iovlen; i++) {
memcpy(p, (u_int8_t *) msg->iov[i].iov_base + start,
    msg->iov[i].iov_len - start);
p += msg->iov[i].iov_len - start;
start = 0;
}
return buf;
2481}

2483/* Register a post-send function POST_SEND with message MSG.  */
2484int
2485message_register_post_send(struct message *msg,
  void (*post_send)(struct message *))
2487{
struct post_send *node;

node = malloc(sizeof *node);
if (!node)
return -1;
node->func = post_send;
TAILQ_INSERT_TAIL(&msg->post_send, node, link)do { (node)->link.tqe_next = ((void*)0); (node)->link.tqe_prev
 = (&msg->post_send)->tqh_last; *(&msg->post_send
)->tqh_last = (node); (&msg->post_send)->tqh_last
 = &(node)->link.tqe_next; } while (0);
return 0;
2496}

2498/* Run the post-send functions of message MSG.  */
2499void
2500message_post_send(struct message *msg)
2501{
struct post_send *node;

while ((node = TAILQ_FIRST(&msg->post_send)((&msg->post_send)->tqh_first)) != 0) {
TAILQ_REMOVE(&msg->post_send, node, link)do { if (((node)->link.tqe_next) != ((void*)0)) (node)->
link.tqe_next->link.tqe_prev = (node)->link.tqe_prev; else
 (&msg->post_send)->tqh_last = (node)->link.tqe_prev
; *(node)->link.tqe_prev = (node)->link.tqe_next; ; ; }
 while (0);
node->func(msg);
free(node);
}
2509}

2511struct payload *
2512payload_first(struct message *msg, u_int8_t payload)
2513{
return TAILQ_FIRST(&msg->payload[payload])((&msg->payload[payload])->tqh_first);
2515}