File: | src/sbin/isakmpd/ipsec.c |
Warning: | line 635, column 18 Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: ipsec.c,v 1.151 2021/10/22 12:30:53 bluhm Exp $ */ |
2 | /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ |
3 | |
4 | /* |
5 | * Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved. |
6 | * Copyright (c) 2001 Angelos D. Keromytis. All rights reserved. |
7 | * Copyright (c) 2001 Håkan Olsson. All rights reserved. |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without |
10 | * modification, are permitted provided that the following conditions |
11 | * are met: |
12 | * 1. Redistributions of source code must retain the above copyright |
13 | * notice, this list of conditions and the following disclaimer. |
14 | * 2. Redistributions in binary form must reproduce the above copyright |
15 | * notice, this list of conditions and the following disclaimer in the |
16 | * documentation and/or other materials provided with the distribution. |
17 | * |
18 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
19 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
21 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
22 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
23 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
24 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
25 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
26 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | */ |
29 | |
30 | /* |
31 | * This code was written under funding by Ericsson Radio Systems. |
32 | */ |
33 | |
34 | #include <sys/types.h> |
35 | #include <sys/socket.h> |
36 | #include <netdb.h> |
37 | #include <netinet/in.h> |
38 | #include <arpa/inet.h> |
39 | #include <stdlib.h> |
40 | #include <string.h> |
41 | |
42 | #include <net/if.h> |
43 | #include <net/pfvar.h> |
44 | |
45 | #include "attribute.h" |
46 | #include "conf.h" |
47 | #include "connection.h" |
48 | #include "constants.h" |
49 | #include "crypto.h" |
50 | #include "dh.h" |
51 | #include "doi.h" |
52 | #include "dpd.h" |
53 | #include "exchange.h" |
54 | #include "hash.h" |
55 | #include "ike_aggressive.h" |
56 | #include "ike_auth.h" |
57 | #include "ike_main_mode.h" |
58 | #include "ike_quick_mode.h" |
59 | #include "ipsec.h" |
60 | #include "ipsec_doi.h" |
61 | #include "isakmp.h" |
62 | #include "isakmp_cfg.h" |
63 | #include "isakmp_fld.h" |
64 | #include "isakmp_num.h" |
65 | #include "log.h" |
66 | #include "message.h" |
67 | #include "nat_traversal.h" |
68 | #include "pf_key_v2.h" |
69 | #include "prf.h" |
70 | #include "sa.h" |
71 | #include "timer.h" |
72 | #include "transport.h" |
73 | #include "util.h" |
74 | #include "x509.h" |
75 | |
76 | extern int acquire_only; |
77 | |
78 | #define MINIMUM(a, b)(((a) < (b)) ? (a) : (b)) (((a) < (b)) ? (a) : (b)) |
79 | #define MAXIMUM(a, b)(((a) > (b)) ? (a) : (b)) (((a) > (b)) ? (a) : (b)) |
80 | |
81 | /* The replay window size used for all IPsec protocols if not overridden. */ |
82 | #define DEFAULT_REPLAY_WINDOW16 16 |
83 | |
84 | struct ipsec_decode_arg { |
85 | struct message *msg; |
86 | struct sa *sa; |
87 | struct proto *proto; |
88 | }; |
89 | |
90 | /* These variables hold the contacted peers ADT state. */ |
91 | struct contact { |
92 | struct sockaddr *addr; |
93 | socklen_t len; |
94 | } *contacts = 0; |
95 | int contact_cnt = 0, contact_limit = 0; |
96 | |
97 | static int addr_cmp(const void *, const void *); |
98 | static int ipsec_add_contact(struct message *); |
99 | static int ipsec_contacted(struct message *); |
100 | static int ipsec_debug_attribute(u_int16_t, u_int8_t *, u_int16_t, |
101 | void *); |
102 | static void ipsec_delete_spi(struct sa *, struct proto *, int); |
103 | static int16_t *ipsec_exchange_script(u_int8_t); |
104 | static void ipsec_finalize_exchange(struct message *); |
105 | static void ipsec_free_exchange_data(void *); |
106 | static void ipsec_free_proto_data(void *); |
107 | static void ipsec_free_sa_data(void *); |
108 | static struct keystate *ipsec_get_keystate(struct message *); |
109 | static u_int8_t *ipsec_get_spi(size_t *, u_int8_t, struct message *); |
110 | static int ipsec_handle_leftover_payload(struct message *, u_int8_t, |
111 | struct payload *); |
112 | static int ipsec_informational_post_hook(struct message *); |
113 | static int ipsec_informational_pre_hook(struct message *); |
114 | static int ipsec_initiator(struct message *); |
115 | static void ipsec_proto_init(struct proto *, char *); |
116 | static int ipsec_responder(struct message *); |
117 | static void ipsec_setup_situation(u_int8_t *); |
118 | static int ipsec_set_network(u_int8_t *, u_int8_t *, struct sa *); |
119 | static size_t ipsec_situation_size(void); |
120 | static u_int8_t ipsec_spi_size(u_int8_t); |
121 | static int ipsec_validate_attribute(u_int16_t, u_int8_t *, u_int16_t, |
122 | void *); |
123 | static int ipsec_validate_exchange(u_int8_t); |
124 | static int ipsec_validate_id_information(u_int8_t, u_int8_t *, u_int8_t *, |
125 | size_t, struct exchange *); |
126 | static int ipsec_validate_key_information(u_int8_t *, size_t); |
127 | static int ipsec_validate_notification(u_int16_t); |
128 | static int ipsec_validate_proto(u_int8_t); |
129 | static int ipsec_validate_situation(u_int8_t *, size_t *, size_t); |
130 | static int ipsec_validate_transform_id(u_int8_t, u_int8_t); |
131 | static int ipsec_sa_check_flow(struct sa *, void *); |
132 | static int ipsec_sa_check_flow_any(struct sa *, void *); |
133 | static int ipsec_sa_tag(struct exchange *, struct sa *, struct sa *); |
134 | |
135 | static struct doi ipsec_doi = { |
136 | {0}, IPSEC_DOI_IPSEC1, |
137 | sizeof(struct ipsec_exch), sizeof(struct ipsec_sa), |
138 | sizeof(struct ipsec_proto), |
139 | ipsec_debug_attribute, |
140 | ipsec_delete_spi, |
141 | ipsec_exchange_script, |
142 | ipsec_finalize_exchange, |
143 | ipsec_free_exchange_data, |
144 | ipsec_free_proto_data, |
145 | ipsec_free_sa_data, |
146 | ipsec_get_keystate, |
147 | ipsec_get_spi, |
148 | ipsec_handle_leftover_payload, |
149 | ipsec_informational_post_hook, |
150 | ipsec_informational_pre_hook, |
151 | ipsec_is_attribute_incompatible, |
152 | ipsec_proto_init, |
153 | ipsec_setup_situation, |
154 | ipsec_situation_size, |
155 | ipsec_spi_size, |
156 | ipsec_validate_attribute, |
157 | ipsec_validate_exchange, |
158 | ipsec_validate_id_information, |
159 | ipsec_validate_key_information, |
160 | ipsec_validate_notification, |
161 | ipsec_validate_proto, |
162 | ipsec_validate_situation, |
163 | ipsec_validate_transform_id, |
164 | ipsec_initiator, |
165 | ipsec_responder, |
166 | ipsec_decode_ids |
167 | }; |
168 | |
169 | int16_t script_quick_mode[] = { |
170 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
171 | ISAKMP_PAYLOAD_SA1, |
172 | ISAKMP_PAYLOAD_NONCE10, |
173 | EXCHANGE_SCRIPT_SWITCH-3, |
174 | ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */ |
175 | ISAKMP_PAYLOAD_SA1, |
176 | ISAKMP_PAYLOAD_NONCE10, |
177 | EXCHANGE_SCRIPT_SWITCH-3, |
178 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
179 | EXCHANGE_SCRIPT_END-4 |
180 | }; |
181 | |
182 | int16_t script_new_group_mode[] = { |
183 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
184 | ISAKMP_PAYLOAD_SA1, |
185 | EXCHANGE_SCRIPT_SWITCH-3, |
186 | ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */ |
187 | ISAKMP_PAYLOAD_SA1, |
188 | EXCHANGE_SCRIPT_END-4 |
189 | }; |
190 | |
191 | struct dst_spi_proto_arg { |
192 | struct sockaddr *dst; |
193 | u_int32_t spi; |
194 | u_int8_t proto; |
195 | }; |
196 | |
197 | /* |
198 | * Check if SA matches what we are asking for through V_ARG. It has to |
199 | * be a finished phase 2 SA. |
200 | * if "proto" arg is 0, match any proto |
201 | */ |
202 | static int |
203 | ipsec_sa_check(struct sa *sa, void *v_arg) |
204 | { |
205 | struct dst_spi_proto_arg *arg = v_arg; |
206 | struct proto *proto; |
207 | struct sockaddr *dst, *src; |
208 | int incoming; |
209 | |
210 | if (sa->phase != 2 || !(sa->flags & SA_FLAG_READY0x01)) |
211 | return 0; |
212 | |
213 | sa->transport->vtbl->get_dst(sa->transport, &dst); |
214 | if (memcmp(sockaddr_addrdata(dst), sockaddr_addrdata(arg->dst), |
215 | sockaddr_addrlen(dst)) == 0) |
216 | incoming = 0; |
217 | else { |
218 | sa->transport->vtbl->get_src(sa->transport, &src); |
219 | if (memcmp(sockaddr_addrdata(src), sockaddr_addrdata(arg->dst), |
220 | sockaddr_addrlen(src)) == 0) |
221 | incoming = 1; |
222 | else |
223 | return 0; |
224 | } |
225 | |
226 | for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first); proto; |
227 | proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) |
228 | if ((arg->proto == 0 || proto->proto == arg->proto) && |
229 | memcmp(proto->spi[incoming], &arg->spi, sizeof arg->spi) |
230 | == 0) |
231 | return 1; |
232 | return 0; |
233 | } |
234 | |
235 | /* Find an SA with a "name" of DST, SPI & PROTO. */ |
236 | struct sa * |
237 | ipsec_sa_lookup(struct sockaddr *dst, u_int32_t spi, u_int8_t proto) |
238 | { |
239 | struct dst_spi_proto_arg arg; |
240 | |
241 | arg.dst = dst; |
242 | arg.spi = spi; |
243 | arg.proto = proto; |
244 | return sa_find(ipsec_sa_check, &arg); |
245 | } |
246 | |
247 | /* |
248 | * Check if SA matches the flow of another SA in V_ARG. It has to |
249 | * be a finished non-replaced phase 2 SA. |
250 | * XXX At some point other selectors will matter here too. |
251 | */ |
252 | static int |
253 | ipsec_sa_check_flow(struct sa *sa, void *v_arg) |
254 | { |
255 | if ((sa->flags & (SA_FLAG_READY0x01 | SA_FLAG_REPLACED0x08)) != SA_FLAG_READY0x01) |
256 | return 0; |
257 | |
258 | return ipsec_sa_check_flow_any(sa, v_arg); |
259 | } |
260 | |
261 | static int |
262 | ipsec_sa_check_flow_any(struct sa *sa, void *v_arg) |
263 | { |
264 | struct sa *sa2 = v_arg; |
265 | struct ipsec_sa *isa = sa->data, *isa2 = sa2->data; |
266 | |
267 | if (sa == sa2 || sa->phase != 2 || |
268 | (sa->flags & SA_FLAG_READY0x01) != SA_FLAG_READY0x01) |
269 | return 0; |
270 | |
271 | if (isa->tproto != isa2->tproto || isa->sport != isa2->sport || |
272 | isa->dport != isa2->dport) |
273 | return 0; |
274 | |
275 | /* |
276 | * If at least one of the IPsec SAs is incomplete, we're done. |
277 | */ |
278 | if (isa->src_net == NULL((void*)0) || isa2->src_net == NULL((void*)0) || |
279 | isa->dst_net == NULL((void*)0) || isa2->dst_net == NULL((void*)0) || |
280 | isa->src_mask == NULL((void*)0) || isa2->src_mask == NULL((void*)0) || |
281 | isa->dst_mask == NULL((void*)0) || isa2->dst_mask == NULL((void*)0)) |
282 | return 0; |
283 | |
284 | return isa->src_net->sa_family == isa2->src_net->sa_family && |
285 | memcmp(sockaddr_addrdata(isa->src_net), |
286 | sockaddr_addrdata(isa2->src_net), |
287 | sockaddr_addrlen(isa->src_net)) == 0 && |
288 | memcmp(sockaddr_addrdata(isa->src_mask), |
289 | sockaddr_addrdata(isa2->src_mask), |
290 | sockaddr_addrlen(isa->src_mask)) == 0 && |
291 | memcmp(sockaddr_addrdata(isa->dst_net), |
292 | sockaddr_addrdata(isa2->dst_net), |
293 | sockaddr_addrlen(isa->dst_net)) == 0 && |
294 | memcmp(sockaddr_addrdata(isa->dst_mask), |
295 | sockaddr_addrdata(isa2->dst_mask), |
296 | sockaddr_addrlen(isa->dst_mask)) == 0; |
297 | } |
298 | |
299 | /* |
300 | * Construct a PF tag if specified in the configuration. |
301 | * It is possible to use variables to expand the tag: |
302 | * $id The string representation of the remote ID |
303 | * $domain The stripped domain part of the ID (for FQDN and UFQDN) |
304 | */ |
305 | static int |
306 | ipsec_sa_tag(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) |
307 | { |
308 | char *format, *section; |
309 | char *id_string = NULL((void*)0), *domain = NULL((void*)0); |
310 | int error = -1; |
311 | size_t len; |
312 | |
313 | sa->tag = NULL((void*)0); |
314 | |
315 | if (exchange->name == NULL((void*)0) || |
316 | (section = exchange->name) == NULL((void*)0) || |
317 | (format = conf_get_str(section, "PF-Tag")) == NULL((void*)0)) |
318 | return (0); /* ignore if not present */ |
319 | |
320 | len = PF_TAG_NAME_SIZE64; |
321 | if ((sa->tag = calloc(1, len)) == NULL((void*)0)) { |
322 | log_error("ipsec_sa_tag: calloc"); |
323 | goto fail; |
324 | } |
325 | if (strlcpy(sa->tag, format, len) >= len) { |
326 | log_print("ipsec_sa_tag: tag too long"); |
327 | goto fail; |
328 | } |
329 | if (isakmp_sa->initiator) |
330 | id_string = ipsec_id_string(isakmp_sa->id_r, |
331 | isakmp_sa->id_r_len); |
332 | else |
333 | id_string = ipsec_id_string(isakmp_sa->id_i, |
334 | isakmp_sa->id_i_len); |
335 | |
336 | if (strstr(format, "$id") != NULL((void*)0)) { |
337 | if (id_string == NULL((void*)0)) { |
338 | log_print("ipsec_sa_tag: cannot get ID"); |
339 | goto fail; |
340 | } |
341 | if (expand_string(sa->tag, len, "$id", id_string) != 0) { |
342 | log_print("ipsec_sa_tag: failed to expand tag"); |
343 | goto fail; |
344 | } |
345 | } |
346 | |
347 | if (strstr(format, "$domain") != NULL((void*)0)) { |
348 | if (id_string == NULL((void*)0)) { |
349 | log_print("ipsec_sa_tag: cannot get ID"); |
350 | goto fail; |
351 | } |
352 | if (strncmp(id_string, "fqdn/", strlen("fqdn/")) == 0) |
353 | domain = strchr(id_string, '.'); |
354 | else if (strncmp(id_string, "ufqdn/", strlen("ufqdn/")) == 0) |
355 | domain = strchr(id_string, '@'); |
356 | if (domain == NULL((void*)0) || strlen(domain) < 2) { |
357 | log_print("ipsec_sa_tag: no valid domain in ID %s", |
358 | id_string); |
359 | goto fail; |
360 | } |
361 | domain++; |
362 | if (expand_string(sa->tag, len, "$domain", domain) != 0) { |
363 | log_print("ipsec_sa_tag: failed to expand tag"); |
364 | goto fail; |
365 | } |
366 | } |
367 | |
368 | LOG_DBG((LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"",log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag) |
369 | strlen(sa->tag), sa->tag))log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag); |
370 | |
371 | error = 0; |
372 | fail: |
373 | free(id_string); |
374 | if (error != 0) { |
375 | free(sa->tag); |
376 | sa->tag = NULL((void*)0); |
377 | } |
378 | |
379 | return (error); |
380 | } |
381 | |
382 | /* |
383 | * Do IPsec DOI specific finalizations task for the exchange where MSG was |
384 | * the final message. |
385 | */ |
386 | static void |
387 | ipsec_finalize_exchange(struct message *msg) |
388 | { |
389 | struct sa *isakmp_sa = msg->isakmp_sa; |
390 | struct ipsec_sa *isa; |
391 | struct exchange *exchange = msg->exchange; |
392 | struct ipsec_exch *ie = exchange->data; |
393 | struct sa *sa = 0, *old_sa; |
394 | struct proto *proto, *last_proto = 0; |
395 | char *addr1, *addr2, *mask1, *mask2; |
396 | |
397 | switch (exchange->phase) { |
398 | case 1: |
399 | switch (exchange->type) { |
400 | case ISAKMP_EXCH_ID_PROT2: |
401 | case ISAKMP_EXCH_AGGRESSIVE4: |
402 | isa = isakmp_sa->data; |
403 | isa->hash = ie->hash->type; |
404 | isa->prf_type = ie->prf_type; |
405 | isa->skeyid_len = ie->skeyid_len; |
406 | isa->skeyid_d = ie->skeyid_d; |
407 | isa->skeyid_a = ie->skeyid_a; |
408 | /* Prevents early free of SKEYID_*. */ |
409 | ie->skeyid_a = ie->skeyid_d = 0; |
410 | |
411 | /* |
412 | * If a lifetime was negotiated setup the expiration |
413 | * timers. |
414 | */ |
415 | if (isakmp_sa->seconds) |
416 | sa_setup_expirations(isakmp_sa); |
417 | |
418 | if (isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE0x200) |
419 | nat_t_setup_keepalive(isakmp_sa); |
420 | break; |
421 | } |
422 | break; |
423 | |
424 | case 2: |
425 | switch (exchange->type) { |
426 | case IKE_EXCH_QUICK_MODE32: |
427 | /* |
428 | * Tell the application(s) about the SPIs and key |
429 | * material. |
430 | */ |
431 | for (sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first); sa; |
432 | sa = TAILQ_NEXT(sa, next)((sa)->next.tqe_next)) { |
433 | isa = sa->data; |
434 | |
435 | if (exchange->initiator) { |
436 | /* |
437 | * Initiator is source, responder is |
438 | * destination. |
439 | */ |
440 | if (ipsec_set_network(ie->id_ci, |
441 | ie->id_cr, sa)) { |
442 | log_print( |
443 | "ipsec_finalize_exchange: " |
444 | "ipsec_set_network " |
445 | "failed"); |
446 | return; |
447 | } |
448 | } else { |
449 | /* |
450 | * Responder is source, initiator is |
451 | * destination. |
452 | */ |
453 | if (ipsec_set_network(ie->id_cr, |
454 | ie->id_ci, sa)) { |
455 | log_print( |
456 | "ipsec_finalize_exchange: " |
457 | "ipsec_set_network " |
458 | "failed"); |
459 | return; |
460 | } |
461 | } |
462 | |
463 | if (ipsec_sa_tag(exchange, sa, isakmp_sa) == -1) |
464 | return; |
465 | |
466 | for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first), |
467 | last_proto = 0; proto; |
468 | proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) { |
469 | if (pf_key_v2_set_spi(sa, proto, |
470 | 0, isakmp_sa) || |
471 | (last_proto && |
472 | pf_key_v2_group_spis(sa, |
473 | last_proto, proto, 0)) || |
474 | pf_key_v2_set_spi(sa, proto, |
475 | 1, isakmp_sa) || |
476 | (last_proto && |
477 | pf_key_v2_group_spis(sa, |
478 | last_proto, proto, 1))) |
479 | /* |
480 | * XXX Tear down this |
481 | * exchange. |
482 | */ |
483 | return; |
484 | last_proto = proto; |
485 | } |
486 | |
487 | if (sockaddr2text(isa->src_net, &addr1, 0)) |
488 | addr1 = 0; |
489 | if (sockaddr2text(isa->src_mask, &mask1, 0)) |
490 | mask1 = 0; |
491 | if (sockaddr2text(isa->dst_net, &addr2, 0)) |
492 | addr2 = 0; |
493 | if (sockaddr2text(isa->dst_mask, &mask2, 0)) |
494 | mask2 = 0; |
495 | |
496 | LOG_DBG((LOG_EXCHANGE, 50,log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
497 | "ipsec_finalize_exchange: src %s %s "log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
498 | "dst %s %s tproto %u sport %u dport %u",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
499 | addr1 ? addr1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
500 | mask1 ? mask1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
501 | addr2 ? addr2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
502 | mask2 ? mask2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
503 | isa->tproto, ntohs(isa->sport),log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
504 | ntohs(isa->dport)))log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))); |
505 | |
506 | free(addr1); |
507 | free(mask1); |
508 | free(addr2); |
509 | free(mask2); |
510 | |
511 | /* |
512 | * If this is not an SA acquired by the |
513 | * kernel, it needs to have a SPD entry |
514 | * (a.k.a. flow) set up. |
515 | */ |
516 | if (!(sa->flags & SA_FLAG_ONDEMAND0x04 || |
517 | conf_get_str("General", "Acquire-Only") || |
518 | acquire_only) && |
519 | pf_key_v2_enable_sa(sa, isakmp_sa)) |
520 | /* XXX Tear down this exchange. */ |
521 | return; |
522 | |
523 | /* |
524 | * Mark elder SAs with the same flow |
525 | * information as replaced. |
526 | */ |
527 | while ((old_sa = sa_find(ipsec_sa_check_flow, |
528 | sa)) != 0) |
529 | sa_mark_replaced(old_sa); |
530 | } |
531 | break; |
532 | } |
533 | } |
534 | } |
535 | |
536 | /* Set the client addresses in ISA from SRC_ID and DST_ID. */ |
537 | static int |
538 | ipsec_set_network(u_int8_t *src_id, u_int8_t *dst_id, struct sa *sa) |
539 | { |
540 | void *src_net, *dst_net; |
541 | void *src_mask = NULL((void*)0), *dst_mask = NULL((void*)0); |
542 | struct sockaddr *addr; |
543 | struct proto *proto; |
544 | struct ipsec_proto *iproto; |
545 | struct ipsec_sa *isa = sa->data; |
546 | int src_af, dst_af; |
547 | int id; |
548 | char *name, *nat = NULL((void*)0); |
549 | u_int8_t *nat_id = NULL((void*)0); |
550 | size_t nat_sz; |
551 | |
552 | if ((name = connection_passive_lookup_by_ids(src_id, dst_id))) |
553 | nat = conf_get_str(name, "NAT-ID"); |
554 | |
555 | if (nat) { |
556 | if ((nat_id = ipsec_build_id(nat, &nat_sz))) { |
557 | LOG_DBG((LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:"log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat) |
558 | " src: %s -> %s", name, nat))log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat); |
559 | src_id = nat_id; |
560 | } else |
561 | log_print("ipsec_set_network: ipsec_build_id" |
562 | " failed for NAT-ID: %s", nat); |
563 | } |
564 | |
565 | if (((proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)) != NULL((void*)0)) && |
566 | ((iproto = proto->data) != NULL((void*)0)) && |
567 | (iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 || |
568 | iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444)) { |
569 | /* |
570 | * For NAT-T with transport mode, we need to use the ISAKMP's |
571 | * SA addresses for the flow. |
572 | */ |
573 | sa->transport->vtbl->get_src(sa->transport, &addr); |
574 | src_af = addr->sa_family; |
575 | src_net = sockaddr_addrdata(addr); |
576 | |
577 | sa->transport->vtbl->get_dst(sa->transport, &addr); |
578 | dst_af = addr->sa_family; |
579 | dst_net = sockaddr_addrdata(addr); |
580 | } else { |
581 | id = GET_ISAKMP_ID_TYPE(src_id)field_get_num (isakmp_id_fld + 0, src_id); |
582 | src_net = src_id + ISAKMP_ID_DATA_OFF8; |
583 | switch (id) { |
584 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
585 | src_mask = (u_int8_t *)src_net + sizeof(struct in_addr); |
586 | /* FALLTHROUGH */ |
587 | case IPSEC_ID_IPV4_ADDR1: |
588 | src_af = AF_INET2; |
589 | break; |
590 | |
591 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
592 | src_mask = (u_int8_t *)src_net + |
593 | sizeof(struct in6_addr); |
594 | /* FALLTHROUGH */ |
595 | case IPSEC_ID_IPV6_ADDR5: |
596 | src_af = AF_INET624; |
597 | break; |
598 | |
599 | default: |
600 | log_print( |
601 | "ipsec_set_network: ID type %d (%s) not supported", |
602 | id, constant_name(ipsec_id_cst, id)); |
603 | return -1; |
604 | } |
605 | |
606 | id = GET_ISAKMP_ID_TYPE(dst_id)field_get_num (isakmp_id_fld + 0, dst_id); |
607 | dst_net = dst_id + ISAKMP_ID_DATA_OFF8; |
608 | switch (id) { |
609 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
610 | dst_mask = (u_int8_t *)dst_net + sizeof(struct in_addr); |
611 | /* FALLTHROUGH */ |
612 | case IPSEC_ID_IPV4_ADDR1: |
613 | dst_af = AF_INET2; |
614 | break; |
615 | |
616 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
617 | dst_mask = (u_int8_t *)dst_net + |
618 | sizeof(struct in6_addr); |
619 | /* FALLTHROUGH */ |
620 | case IPSEC_ID_IPV6_ADDR5: |
621 | dst_af = AF_INET624; |
622 | break; |
623 | |
624 | default: |
625 | log_print( |
626 | "ipsec_set_network: ID type %d (%s) not supported", |
627 | id, constant_name(ipsec_id_cst, id)); |
628 | return -1; |
629 | } |
630 | } |
631 | |
632 | /* Set source address/mask. */ |
633 | switch (src_af) { |
634 | case AF_INET2: |
635 | isa->src_net = calloc(1, sizeof(struct sockaddr_in)); |
Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in' | |
636 | if (!isa->src_net) |
637 | goto memfail; |
638 | isa->src_net->sa_family = AF_INET2; |
639 | isa->src_net->sa_len = sizeof(struct sockaddr_in); |
640 | |
641 | isa->src_mask = calloc(1, sizeof(struct sockaddr_in)); |
642 | if (!isa->src_mask) |
643 | goto memfail; |
644 | isa->src_mask->sa_family = AF_INET2; |
645 | isa->src_mask->sa_len = sizeof(struct sockaddr_in); |
646 | break; |
647 | |
648 | case AF_INET624: |
649 | isa->src_net = calloc(1, sizeof(struct sockaddr_in6)); |
650 | if (!isa->src_net) |
651 | goto memfail; |
652 | isa->src_net->sa_family = AF_INET624; |
653 | isa->src_net->sa_len = sizeof(struct sockaddr_in6); |
654 | |
655 | isa->src_mask = calloc(1, sizeof(struct sockaddr_in6)); |
656 | if (!isa->src_mask) |
657 | goto memfail; |
658 | isa->src_mask->sa_family = AF_INET624; |
659 | isa->src_mask->sa_len = sizeof(struct sockaddr_in6); |
660 | break; |
661 | } |
662 | |
663 | /* Net */ |
664 | memcpy(sockaddr_addrdata(isa->src_net), src_net, |
665 | sockaddr_addrlen(isa->src_net)); |
666 | |
667 | /* Mask */ |
668 | if (src_mask == NULL((void*)0)) |
669 | memset(sockaddr_addrdata(isa->src_mask), 0xff, |
670 | sockaddr_addrlen(isa->src_mask)); |
671 | else |
672 | memcpy(sockaddr_addrdata(isa->src_mask), src_mask, |
673 | sockaddr_addrlen(isa->src_mask)); |
674 | |
675 | memcpy(&isa->sport, |
676 | src_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1, |
677 | IPSEC_ID_PORT_LEN2); |
678 | |
679 | free(nat_id); |
680 | |
681 | /* Set destination address. */ |
682 | switch (dst_af) { |
683 | case AF_INET2: |
684 | isa->dst_net = calloc(1, sizeof(struct sockaddr_in)); |
685 | if (!isa->dst_net) |
686 | goto memfail; |
687 | isa->dst_net->sa_family = AF_INET2; |
688 | isa->dst_net->sa_len = sizeof(struct sockaddr_in); |
689 | |
690 | isa->dst_mask = calloc(1, sizeof(struct sockaddr_in)); |
691 | if (!isa->dst_mask) |
692 | goto memfail; |
693 | isa->dst_mask->sa_family = AF_INET2; |
694 | isa->dst_mask->sa_len = sizeof(struct sockaddr_in); |
695 | break; |
696 | |
697 | case AF_INET624: |
698 | isa->dst_net = calloc(1, sizeof(struct sockaddr_in6)); |
699 | if (!isa->dst_net) |
700 | goto memfail; |
701 | isa->dst_net->sa_family = AF_INET624; |
702 | isa->dst_net->sa_len = sizeof(struct sockaddr_in6); |
703 | |
704 | isa->dst_mask = calloc(1, sizeof(struct sockaddr_in6)); |
705 | if (!isa->dst_mask) |
706 | goto memfail; |
707 | isa->dst_mask->sa_family = AF_INET624; |
708 | isa->dst_mask->sa_len = sizeof(struct sockaddr_in6); |
709 | break; |
710 | } |
711 | |
712 | /* Net */ |
713 | memcpy(sockaddr_addrdata(isa->dst_net), dst_net, |
714 | sockaddr_addrlen(isa->dst_net)); |
715 | |
716 | /* Mask */ |
717 | if (dst_mask == NULL((void*)0)) |
718 | memset(sockaddr_addrdata(isa->dst_mask), 0xff, |
719 | sockaddr_addrlen(isa->dst_mask)); |
720 | else |
721 | memcpy(sockaddr_addrdata(isa->dst_mask), dst_mask, |
722 | sockaddr_addrlen(isa->dst_mask)); |
723 | |
724 | memcpy(&isa->tproto, dst_id + ISAKMP_ID_DOI_DATA_OFF5 + |
725 | IPSEC_ID_PROTO_OFF0, IPSEC_ID_PROTO_LEN1); |
726 | memcpy(&isa->dport, |
727 | dst_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1, |
728 | IPSEC_ID_PORT_LEN2); |
729 | return 0; |
730 | |
731 | memfail: |
732 | log_error("ipsec_set_network: calloc () failed"); |
733 | return -1; |
734 | } |
735 | |
736 | /* Free the DOI-specific exchange data pointed to by VIE. */ |
737 | static void |
738 | ipsec_free_exchange_data(void *vie) |
739 | { |
740 | struct ipsec_exch *ie = vie; |
741 | struct isakmp_cfg_attr *attr; |
742 | |
743 | free(ie->sa_i_b); |
744 | free(ie->id_ci); |
745 | free(ie->id_cr); |
746 | free(ie->g_xi); |
747 | free(ie->g_xr); |
748 | free(ie->g_xy); |
749 | free(ie->skeyid); |
750 | free(ie->skeyid_d); |
751 | free(ie->skeyid_a); |
752 | free(ie->skeyid_e); |
753 | free(ie->hash_i); |
754 | free(ie->hash_r); |
755 | if (ie->group) |
756 | group_free(ie->group); |
757 | for (attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first); attr; |
758 | attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first)) { |
759 | LIST_REMOVE(attr, link)do { if ((attr)->link.le_next != ((void*)0)) (attr)->link .le_next->link.le_prev = (attr)->link.le_prev; *(attr)-> link.le_prev = (attr)->link.le_next; ; ; } while (0); |
760 | if (attr->length) |
761 | free(attr->value); |
762 | free(attr); |
763 | } |
764 | } |
765 | |
766 | /* Free the DOI-specific SA data pointed to by VISA. */ |
767 | static void |
768 | ipsec_free_sa_data(void *visa) |
769 | { |
770 | struct ipsec_sa *isa = visa; |
771 | |
772 | free(isa->src_net); |
773 | free(isa->src_mask); |
774 | free(isa->dst_net); |
775 | free(isa->dst_mask); |
776 | free(isa->skeyid_a); |
777 | free(isa->skeyid_d); |
778 | } |
779 | |
780 | /* Free the DOI-specific protocol data of an SA pointed to by VIPROTO. */ |
781 | static void |
782 | ipsec_free_proto_data(void *viproto) |
783 | { |
784 | struct ipsec_proto *iproto = viproto; |
785 | int i; |
786 | |
787 | for (i = 0; i < 2; i++) |
788 | free(iproto->keymat[i]); |
789 | } |
790 | |
791 | /* Return exchange script based on TYPE. */ |
792 | static int16_t * |
793 | ipsec_exchange_script(u_int8_t type) |
794 | { |
795 | switch (type) { |
796 | case ISAKMP_EXCH_TRANSACTION6: |
797 | return script_transaction; |
798 | case IKE_EXCH_QUICK_MODE32: |
799 | return script_quick_mode; |
800 | case IKE_EXCH_NEW_GROUP_MODE33: |
801 | return script_new_group_mode; |
802 | } |
803 | return 0; |
804 | } |
805 | |
806 | /* Initialize this DOI, requires doi_init to already have been called. */ |
807 | void |
808 | ipsec_init(void) |
809 | { |
810 | doi_register(&ipsec_doi); |
811 | } |
812 | |
813 | /* Given a message MSG, return a suitable IV (or rather keystate). */ |
814 | static struct keystate * |
815 | ipsec_get_keystate(struct message *msg) |
816 | { |
817 | struct keystate *ks; |
818 | struct hash *hash; |
819 | |
820 | /* If we have already have an IV, use it. */ |
821 | if (msg->exchange && msg->exchange->keystate) { |
822 | ks = malloc(sizeof *ks); |
823 | if (!ks) { |
824 | log_error("ipsec_get_keystate: malloc (%lu) failed", |
825 | (unsigned long) sizeof *ks); |
826 | return 0; |
827 | } |
828 | memcpy(ks, msg->exchange->keystate, sizeof *ks); |
829 | return ks; |
830 | } |
831 | /* |
832 | * For phase 2 when no SA yet is setup we need to hash the IV used by |
833 | * the ISAKMP SA concatenated with the message ID, and use that as an |
834 | * IV for further cryptographic operations. |
835 | */ |
836 | if (!msg->isakmp_sa->keystate) { |
837 | log_print("ipsec_get_keystate: no keystate in ISAKMP SA %p", |
838 | msg->isakmp_sa); |
839 | return 0; |
840 | } |
841 | ks = crypto_clone_keystate(msg->isakmp_sa->keystate); |
842 | if (!ks) |
843 | return 0; |
844 | |
845 | hash = hash_get(((struct ipsec_sa *)msg->isakmp_sa->data)->hash); |
846 | hash->Init(hash->ctx); |
847 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize) |
848 | ks->riv, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize); |
849 | hash->Update(hash->ctx, ks->riv, ks->xf->blocksize); |
850 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: message ID",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4) |
851 | ((u_int8_t *) msg->iov[0].iov_base) + ISAKMP_HDR_MESSAGE_ID_OFF,log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4) |
852 | ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4); |
853 | hash->Update(hash->ctx, ((u_int8_t *) msg->iov[0].iov_base) + |
854 | ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4); |
855 | hash->Final(hash->digest, hash->ctx); |
856 | crypto_init_iv(ks, hash->digest, ks->xf->blocksize); |
857 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize) |
858 | hash->digest, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize); |
859 | return ks; |
860 | } |
861 | |
862 | static void |
863 | ipsec_setup_situation(u_int8_t *buf) |
864 | { |
865 | SET_IPSEC_SIT_SIT(buf + ISAKMP_SA_SIT_OFF, IPSEC_SIT_IDENTITY_ONLY)field_set_num (ipsec_sit_fld + 0, buf + 8, 1); |
866 | } |
867 | |
868 | static size_t |
869 | ipsec_situation_size(void) |
870 | { |
871 | return IPSEC_SIT_SIT_LEN4; |
872 | } |
873 | |
874 | static u_int8_t |
875 | ipsec_spi_size(u_int8_t proto) |
876 | { |
877 | return IPSEC_SPI_SIZE4; |
878 | } |
879 | |
880 | static int |
881 | ipsec_validate_attribute(u_int16_t type, u_int8_t * value, u_int16_t len, |
882 | void *vmsg) |
883 | { |
884 | struct message *msg = vmsg; |
885 | |
886 | if (msg->exchange->phase == 1 && |
887 | (type < IKE_ATTR_ENCRYPTION_ALGORITHM1 || type > IKE_ATTR_GROUP_ORDER16)) |
888 | return -1; |
889 | if (msg->exchange->phase == 2 && |
890 | (type < IPSEC_ATTR_SA_LIFE_TYPE1 || type > IPSEC_ATTR_ECN_TUNNEL10)) |
891 | return -1; |
892 | return 0; |
893 | } |
894 | |
895 | static int |
896 | ipsec_validate_exchange(u_int8_t exch) |
897 | { |
898 | return exch != IKE_EXCH_QUICK_MODE32 && exch != IKE_EXCH_NEW_GROUP_MODE33; |
899 | } |
900 | |
901 | static int |
902 | ipsec_validate_id_information(u_int8_t type, u_int8_t *extra, u_int8_t *buf, |
903 | size_t sz, struct exchange *exchange) |
904 | { |
905 | u_int8_t proto = GET_IPSEC_ID_PROTO(extra)field_get_num (ipsec_id_fld + 0, extra); |
906 | u_int16_t port = GET_IPSEC_ID_PORT(extra)field_get_num (ipsec_id_fld + 1, extra); |
907 | |
908 | LOG_DBG((LOG_MESSAGE, 40,log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type) |
909 | "ipsec_validate_id_information: proto %d port %d type %d",log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type) |
910 | proto, port, type))log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type); |
911 | if (type < IPSEC_ID_IPV4_ADDR1 || type > IPSEC_ID_KEY_ID11) |
912 | return -1; |
913 | |
914 | switch (type) { |
915 | case IPSEC_ID_IPV4_ADDR1: |
916 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)) |
917 | "ipsec_validate_id_information: IPv4", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)) |
918 | sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)); |
919 | break; |
920 | |
921 | case IPSEC_ID_IPV6_ADDR5: |
922 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)) |
923 | "ipsec_validate_id_information: IPv6", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)) |
924 | sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)); |
925 | break; |
926 | |
927 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
928 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)) |
929 | "ipsec_validate_id_information: IPv4 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)) |
930 | buf, 2 * sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)); |
931 | break; |
932 | |
933 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
934 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)) |
935 | "ipsec_validate_id_information: IPv6 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)) |
936 | buf, 2 * sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)); |
937 | break; |
938 | |
939 | default: |
940 | break; |
941 | } |
942 | |
943 | if (exchange->phase == 1 && |
944 | (proto != IPPROTO_UDP17 || port != UDP_DEFAULT_PORT500) && |
945 | (proto != 0 || port != 0)) { |
946 | /* |
947 | * XXX SSH's ISAKMP tester fails this test (proto 17 - port |
948 | * 0). |
949 | */ |
950 | #ifdef notyet |
951 | return -1; |
952 | #else |
953 | log_print("ipsec_validate_id_information: dubious ID " |
954 | "information accepted"); |
955 | #endif |
956 | } |
957 | /* XXX More checks? */ |
958 | |
959 | return 0; |
960 | } |
961 | |
962 | static int |
963 | ipsec_validate_key_information(u_int8_t *buf, size_t sz) |
964 | { |
965 | /* XXX Not implemented yet. */ |
966 | return 0; |
967 | } |
968 | |
969 | static int |
970 | ipsec_validate_notification(u_int16_t type) |
971 | { |
972 | return type < IPSEC_NOTIFY_RESPONDER_LIFETIME24576 || |
973 | type > IPSEC_NOTIFY_INITIAL_CONTACT24578 ? -1 : 0; |
974 | } |
975 | |
976 | static int |
977 | ipsec_validate_proto(u_int8_t proto) |
978 | { |
979 | return proto < IPSEC_PROTO_IPSEC_AH2 || |
980 | proto > IPSEC_PROTO_IPCOMP4 ? -1 : 0; |
981 | } |
982 | |
983 | static int |
984 | ipsec_validate_situation(u_int8_t *buf, size_t *sz, size_t len) |
985 | { |
986 | if (len < IPSEC_SIT_SIT_OFF0 + IPSEC_SIT_SIT_LEN4) { |
987 | log_print("ipsec_validate_situation: payload too short: %u", |
988 | (unsigned int) len); |
989 | return -1; |
990 | } |
991 | /* Currently only "identity only" situations are supported. */ |
992 | if (GET_IPSEC_SIT_SIT(buf)field_get_num (ipsec_sit_fld + 0, buf) != IPSEC_SIT_IDENTITY_ONLY1) |
993 | return 1; |
994 | |
995 | *sz = IPSEC_SIT_SIT_LEN4; |
996 | |
997 | return 0; |
998 | } |
999 | |
1000 | static int |
1001 | ipsec_validate_transform_id(u_int8_t proto, u_int8_t transform_id) |
1002 | { |
1003 | switch (proto) { |
1004 | /* |
1005 | * As no unexpected protocols can occur, we just tie the |
1006 | * default case to the first case, in order to silence a GCC |
1007 | * warning. |
1008 | */ |
1009 | default: |
1010 | case ISAKMP_PROTO_ISAKMP1: |
1011 | return transform_id != IPSEC_TRANSFORM_KEY_IKE1; |
1012 | case IPSEC_PROTO_IPSEC_AH2: |
1013 | return transform_id < IPSEC_AH_MD52 || |
1014 | transform_id > IPSEC_AH_RIPEMD8 ? -1 : 0; |
1015 | case IPSEC_PROTO_IPSEC_ESP3: |
1016 | return transform_id < IPSEC_ESP_DES_IV641 || |
1017 | (transform_id > IPSEC_ESP_AES_GMAC23 && |
1018 | transform_id < IPSEC_ESP_AES_MARS249) || |
1019 | transform_id > IPSEC_ESP_AES_TWOFISH253 ? -1 : 0; |
1020 | case IPSEC_PROTO_IPCOMP4: |
1021 | return transform_id < IPSEC_IPCOMP_OUI1 || |
1022 | transform_id > IPSEC_IPCOMP_DEFLATE2 ? -1 : 0; |
1023 | } |
1024 | } |
1025 | |
1026 | static int |
1027 | ipsec_initiator(struct message *msg) |
1028 | { |
1029 | struct exchange *exchange = msg->exchange; |
1030 | int (**script)(struct message *) = 0; |
1031 | |
1032 | /* Check that the SA is coherent with the IKE rules. */ |
1033 | if (exchange->type != ISAKMP_EXCH_TRANSACTION6 && |
1034 | ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 && |
1035 | exchange->type != ISAKMP_EXCH_AGGRESSIVE4 && |
1036 | exchange->type != ISAKMP_EXCH_INFO5) || |
1037 | (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 && |
1038 | exchange->type != ISAKMP_EXCH_INFO5))) { |
1039 | log_print("ipsec_initiator: unsupported exchange type %d " |
1040 | "in phase %d", exchange->type, exchange->phase); |
1041 | return -1; |
1042 | } |
1043 | switch (exchange->type) { |
1044 | case ISAKMP_EXCH_ID_PROT2: |
1045 | script = ike_main_mode_initiator; |
1046 | break; |
1047 | case ISAKMP_EXCH_AGGRESSIVE4: |
1048 | script = ike_aggressive_initiator; |
1049 | break; |
1050 | case ISAKMP_EXCH_TRANSACTION6: |
1051 | script = isakmp_cfg_initiator; |
1052 | break; |
1053 | case ISAKMP_EXCH_INFO5: |
1054 | return message_send_info(msg); |
1055 | case IKE_EXCH_QUICK_MODE32: |
1056 | script = ike_quick_mode_initiator; |
1057 | break; |
1058 | default: |
1059 | log_print("ipsec_initiator: unsupported exchange type %d", |
1060 | exchange->type); |
1061 | return -1; |
1062 | } |
1063 | |
1064 | /* Run the script code for this step. */ |
1065 | if (script) |
1066 | return script[exchange->step] (msg); |
1067 | |
1068 | return 0; |
1069 | } |
1070 | |
1071 | /* |
1072 | * delete all SA's from addr with the associated proto and SPI's |
1073 | * |
1074 | * spis[] is an array of SPIs of size 16-octet for proto ISAKMP |
1075 | * or 4-octet otherwise. |
1076 | */ |
1077 | static void |
1078 | ipsec_delete_spi_list(struct sockaddr *addr, u_int8_t proto, u_int8_t *spis, |
1079 | int nspis, char *type) |
1080 | { |
1081 | struct sa *sa; |
1082 | char *peer; |
1083 | char ids[1024]; |
1084 | int i; |
1085 | |
1086 | for (i = 0; i < nspis; i++) { |
1087 | if (proto == ISAKMP_PROTO_ISAKMP1) { |
1088 | u_int8_t *spi = spis + i * ISAKMP_HDR_COOKIES_LEN(8 + 8); |
1089 | |
1090 | /* |
1091 | * This really shouldn't happen in IPSEC DOI |
1092 | * code, but Cisco VPN 3000 sends ISAKMP DELETE's |
1093 | * this way. |
1094 | */ |
1095 | sa = sa_lookup_isakmp_sa(addr, spi); |
1096 | } else { |
1097 | u_int32_t spi = ((u_int32_t *)spis)[i]; |
1098 | |
1099 | sa = ipsec_sa_lookup(addr, spi, proto); |
1100 | } |
1101 | |
1102 | if (sa == NULL((void*)0)) { |
1103 | LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: could "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto) |
1104 | "not locate SA (SPI %08x, proto %u)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto) |
1105 | ((u_int32_t *)spis)[i], proto))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto); |
1106 | continue; |
1107 | } |
1108 | |
1109 | strlcpy(ids, |
1110 | sa->doi->decode_ids("initiator id: %s, responder id: %s", |
1111 | sa->id_i, sa->id_i_len, sa->id_r, sa->id_r_len, 0), |
1112 | sizeof ids); |
1113 | if (sockaddr2text(addr, &peer, 0)) |
1114 | peer = NULL((void*)0); |
1115 | |
1116 | /* only log deletion of SAs which are not soft expired yet */ |
1117 | if (sa->soft_death != NULL((void*)0)) |
1118 | log_verbose("isakmpd: Peer %s made us delete live SA " |
1119 | "%s for proto %d, %s", peer ? peer : "<unknown>", |
1120 | sa->name ? sa->name : "<unnamed>", proto, ids); |
1121 | |
1122 | LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids) |
1123 | "%s made us delete SA %p (%d references) for proto %d (%s)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids) |
1124 | type, sa, sa->refcnt, proto, ids))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids); |
1125 | free(peer); |
1126 | |
1127 | /* Delete the SA and search for the next */ |
1128 | sa_free(sa); |
1129 | } |
1130 | } |
1131 | |
1132 | static int |
1133 | ipsec_responder(struct message *msg) |
1134 | { |
1135 | struct exchange *exchange = msg->exchange; |
1136 | int (**script)(struct message *) = 0; |
1137 | struct payload *p; |
1138 | u_int16_t type; |
1139 | |
1140 | /* Check that a new exchange is coherent with the IKE rules. */ |
1141 | if (exchange->step == 0 && exchange->type != ISAKMP_EXCH_TRANSACTION6 && |
1142 | ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 && |
1143 | exchange->type != ISAKMP_EXCH_AGGRESSIVE4 && |
1144 | exchange->type != ISAKMP_EXCH_INFO5) || |
1145 | (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 && |
1146 | exchange->type != ISAKMP_EXCH_INFO5))) { |
1147 | message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29, |
1148 | 0, 1, 0); |
1149 | return -1; |
1150 | } |
1151 | LOG_DBG((LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d",log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step) |
1152 | exchange->phase, exchange->type, exchange->step))log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step); |
1153 | switch (exchange->type) { |
1154 | case ISAKMP_EXCH_ID_PROT2: |
1155 | script = ike_main_mode_responder; |
1156 | break; |
1157 | case ISAKMP_EXCH_AGGRESSIVE4: |
1158 | script = ike_aggressive_responder; |
1159 | break; |
1160 | case ISAKMP_EXCH_TRANSACTION6: |
1161 | script = isakmp_cfg_responder; |
1162 | break; |
1163 | case ISAKMP_EXCH_INFO5: |
1164 | TAILQ_FOREACH(p, &msg->payload[ISAKMP_PAYLOAD_NOTIFY], link)for((p) = ((&msg->payload[11])->tqh_first); (p) != ( (void*)0); (p) = ((p)->link.tqe_next)) { |
1165 | type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p)field_get_num (isakmp_notify_fld + 3, p->p); |
1166 | LOG_DBG((LOG_EXCHANGE, 10,log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)) |
1167 | "ipsec_responder: got NOTIFY of type %s",log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)) |
1168 | constant_name(isakmp_notify_cst, type)))log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)); |
1169 | |
1170 | switch (type) { |
1171 | case IPSEC_NOTIFY_INITIAL_CONTACT24578: |
1172 | /* Handled by leftover logic. */ |
1173 | break; |
1174 | |
1175 | case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE36136: |
1176 | case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE_ACK36137: |
1177 | dpd_handle_notify(msg, p); |
1178 | break; |
1179 | |
1180 | default: |
1181 | p->flags |= PL_MARK1; |
1182 | break; |
1183 | } |
1184 | } |
1185 | |
1186 | /* |
1187 | * If any DELETEs are in here, let the logic of leftover |
1188 | * payloads deal with them. |
1189 | */ |
1190 | return 0; |
1191 | |
1192 | case IKE_EXCH_QUICK_MODE32: |
1193 | script = ike_quick_mode_responder; |
1194 | break; |
1195 | |
1196 | default: |
1197 | message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29, |
1198 | 0, 1, 0); |
1199 | return -1; |
1200 | } |
1201 | |
1202 | /* Run the script code for this step. */ |
1203 | if (script) |
1204 | return script[exchange->step] (msg); |
1205 | |
1206 | /* |
1207 | * XXX So far we don't accept any proposals for exchanges we don't |
1208 | * support. |
1209 | */ |
1210 | if (payload_first(msg, ISAKMP_PAYLOAD_SA1)) { |
1211 | message_drop(msg, ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN14, 0, 1, 0); |
1212 | return -1; |
1213 | } |
1214 | return 0; |
1215 | } |
1216 | |
1217 | static enum hashes |
1218 | from_ike_hash(u_int16_t hash) |
1219 | { |
1220 | switch (hash) { |
1221 | case IKE_HASH_MD51: |
1222 | return HASH_MD5; |
1223 | case IKE_HASH_SHA2: |
1224 | return HASH_SHA1; |
1225 | case IKE_HASH_SHA2_2564: |
1226 | return HASH_SHA2_256; |
1227 | case IKE_HASH_SHA2_3845: |
1228 | return HASH_SHA2_384; |
1229 | case IKE_HASH_SHA2_5126: |
1230 | return HASH_SHA2_512; |
1231 | } |
1232 | return -1; |
1233 | } |
1234 | |
1235 | static enum transform |
1236 | from_ike_crypto(u_int16_t crypto) |
1237 | { |
1238 | /* Coincidentally this is the null operation :-) */ |
1239 | return crypto; |
1240 | } |
1241 | |
1242 | /* |
1243 | * Find out whether the attribute of type TYPE with a LEN length value |
1244 | * pointed to by VALUE is incompatible with what we can handle. |
1245 | * VMSG is a pointer to the current message. |
1246 | */ |
1247 | int |
1248 | ipsec_is_attribute_incompatible(u_int16_t type, u_int8_t *value, u_int16_t len, |
1249 | void *vmsg) |
1250 | { |
1251 | struct message *msg = vmsg; |
1252 | u_int16_t dv = decode_16(value); |
1253 | |
1254 | if (msg->exchange->phase == 1) { |
1255 | switch (type) { |
1256 | case IKE_ATTR_ENCRYPTION_ALGORITHM1: |
1257 | return !crypto_get(from_ike_crypto(dv)); |
1258 | case IKE_ATTR_HASH_ALGORITHM2: |
1259 | return !hash_get(from_ike_hash(dv)); |
1260 | case IKE_ATTR_AUTHENTICATION_METHOD3: |
1261 | return !ike_auth_get(dv); |
1262 | case IKE_ATTR_GROUP_DESCRIPTION4: |
1263 | return (dv < IKE_GROUP_DESC_MODP_7681 || |
1264 | dv > IKE_GROUP_DESC_MODP_15365) && |
1265 | (dv < IKE_GROUP_DESC_MODP_204814 || |
1266 | dv > IKE_GROUP_DESC_ECP_52121) && |
1267 | (dv < IKE_GROUP_DESC_ECP_19225 || |
1268 | dv > IKE_GROUP_DESC_BP_51230); |
1269 | case IKE_ATTR_GROUP_TYPE5: |
1270 | return 1; |
1271 | case IKE_ATTR_GROUP_PRIME6: |
1272 | return 1; |
1273 | case IKE_ATTR_GROUP_GENERATOR_17: |
1274 | return 1; |
1275 | case IKE_ATTR_GROUP_GENERATOR_28: |
1276 | return 1; |
1277 | case IKE_ATTR_GROUP_CURVE_A9: |
1278 | return 1; |
1279 | case IKE_ATTR_GROUP_CURVE_B10: |
1280 | return 1; |
1281 | case IKE_ATTR_LIFE_TYPE11: |
1282 | return dv < IKE_DURATION_SECONDS1 || |
1283 | dv > IKE_DURATION_KILOBYTES2; |
1284 | case IKE_ATTR_LIFE_DURATION12: |
1285 | return len != 2 && len != 4; |
1286 | case IKE_ATTR_PRF13: |
1287 | return 1; |
1288 | case IKE_ATTR_KEY_LENGTH14: |
1289 | /* |
1290 | * Our crypto routines only allows key-lengths which |
1291 | * are multiples of an octet. |
1292 | */ |
1293 | return dv % 8 != 0; |
1294 | case IKE_ATTR_FIELD_SIZE15: |
1295 | return 1; |
1296 | case IKE_ATTR_GROUP_ORDER16: |
1297 | return 1; |
1298 | } |
1299 | } else { |
1300 | switch (type) { |
1301 | case IPSEC_ATTR_SA_LIFE_TYPE1: |
1302 | return dv < IPSEC_DURATION_SECONDS1 || |
1303 | dv > IPSEC_DURATION_KILOBYTES2; |
1304 | case IPSEC_ATTR_SA_LIFE_DURATION2: |
1305 | return len != 2 && len != 4; |
1306 | case IPSEC_ATTR_GROUP_DESCRIPTION3: |
1307 | return (dv < IKE_GROUP_DESC_MODP_7681 || |
1308 | dv > IKE_GROUP_DESC_MODP_15365) && |
1309 | (dv < IKE_GROUP_DESC_MODP_204814 || |
1310 | dv > IKE_GROUP_DESC_ECP_52121) && |
1311 | (dv < IKE_GROUP_DESC_ECP_19225 || |
1312 | dv > IKE_GROUP_DESC_BP_51230); |
1313 | case IPSEC_ATTR_ENCAPSULATION_MODE4: |
1314 | return dv != IPSEC_ENCAP_TUNNEL1 && |
1315 | dv != IPSEC_ENCAP_TRANSPORT2 && |
1316 | dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL3 && |
1317 | dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 && |
1318 | dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL_DRAFT61443 && |
1319 | dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444; |
1320 | case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5: |
1321 | return dv < IPSEC_AUTH_HMAC_MD51 || |
1322 | dv > IPSEC_AUTH_HMAC_RIPEMD8; |
1323 | case IPSEC_ATTR_KEY_LENGTH6: |
1324 | /* |
1325 | * XXX Blowfish needs '0'. Others appear to disregard |
1326 | * this attr? |
1327 | */ |
1328 | return 0; |
1329 | case IPSEC_ATTR_KEY_ROUNDS7: |
1330 | return 1; |
1331 | case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8: |
1332 | return 1; |
1333 | case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9: |
1334 | return 1; |
1335 | case IPSEC_ATTR_ECN_TUNNEL10: |
1336 | return 1; |
1337 | } |
1338 | } |
1339 | /* XXX Silence gcc. */ |
1340 | return 1; |
1341 | } |
1342 | |
1343 | /* |
1344 | * Log the attribute of TYPE with a LEN length value pointed to by VALUE |
1345 | * in human-readable form. VMSG is a pointer to the current message. |
1346 | */ |
1347 | int |
1348 | ipsec_debug_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, |
1349 | void *vmsg) |
1350 | { |
1351 | struct message *msg = vmsg; |
1352 | char val[20]; |
1353 | |
1354 | /* XXX Transient solution. */ |
1355 | if (len == 2) |
1356 | snprintf(val, sizeof val, "%d", decode_16(value)); |
1357 | else if (len == 4) |
1358 | snprintf(val, sizeof val, "%d", decode_32(value)); |
1359 | else |
1360 | snprintf(val, sizeof val, "unrepresentable"); |
1361 | |
1362 | LOG_DBG((LOG_MESSAGE, 50, "Attribute %s value %s",log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val) |
1363 | constant_name(msg->exchange->phase == 1 ? ike_attr_cst :log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val) |
1364 | ipsec_attr_cst, type), val))log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val); |
1365 | return 0; |
1366 | } |
1367 | |
1368 | /* |
1369 | * Decode the attribute of type TYPE with a LEN length value pointed to by |
1370 | * VALUE. VIDA is a pointer to a context structure where we can find the |
1371 | * current message, SA and protocol. |
1372 | */ |
1373 | int |
1374 | ipsec_decode_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, |
1375 | void *vida) |
1376 | { |
1377 | struct ipsec_decode_arg *ida = vida; |
1378 | struct message *msg = ida->msg; |
1379 | struct sa *sa = ida->sa; |
1380 | struct ipsec_sa *isa = sa->data; |
1381 | struct proto *proto = ida->proto; |
1382 | struct ipsec_proto *iproto = proto->data; |
1383 | struct exchange *exchange = msg->exchange; |
1384 | struct ipsec_exch *ie = exchange->data; |
1385 | static int lifetype = 0; |
1386 | |
1387 | if (exchange->phase == 1) { |
1388 | switch (type) { |
1389 | case IKE_ATTR_ENCRYPTION_ALGORITHM1: |
1390 | /* XXX Errors possible? */ |
1391 | exchange->crypto = crypto_get(from_ike_crypto( |
1392 | decode_16(value))); |
1393 | break; |
1394 | case IKE_ATTR_HASH_ALGORITHM2: |
1395 | /* XXX Errors possible? */ |
1396 | ie->hash = hash_get(from_ike_hash(decode_16(value))); |
1397 | break; |
1398 | case IKE_ATTR_AUTHENTICATION_METHOD3: |
1399 | /* XXX Errors possible? */ |
1400 | ie->ike_auth = ike_auth_get(decode_16(value)); |
1401 | break; |
1402 | case IKE_ATTR_GROUP_DESCRIPTION4: |
1403 | isa->group_desc = decode_16(value); |
1404 | break; |
1405 | case IKE_ATTR_GROUP_TYPE5: |
1406 | break; |
1407 | case IKE_ATTR_GROUP_PRIME6: |
1408 | break; |
1409 | case IKE_ATTR_GROUP_GENERATOR_17: |
1410 | break; |
1411 | case IKE_ATTR_GROUP_GENERATOR_28: |
1412 | break; |
1413 | case IKE_ATTR_GROUP_CURVE_A9: |
1414 | break; |
1415 | case IKE_ATTR_GROUP_CURVE_B10: |
1416 | break; |
1417 | case IKE_ATTR_LIFE_TYPE11: |
1418 | lifetype = decode_16(value); |
1419 | return 0; |
1420 | case IKE_ATTR_LIFE_DURATION12: |
1421 | switch (lifetype) { |
1422 | case IKE_DURATION_SECONDS1: |
1423 | switch (len) { |
1424 | case 2: |
1425 | sa->seconds = decode_16(value); |
1426 | break; |
1427 | case 4: |
1428 | sa->seconds = decode_32(value); |
1429 | break; |
1430 | default: |
1431 | log_print("ipsec_decode_attribute: " |
1432 | "unreasonable lifetime"); |
1433 | } |
1434 | break; |
1435 | case IKE_DURATION_KILOBYTES2: |
1436 | switch (len) { |
1437 | case 2: |
1438 | sa->kilobytes = decode_16(value); |
1439 | break; |
1440 | case 4: |
1441 | sa->kilobytes = decode_32(value); |
1442 | break; |
1443 | default: |
1444 | log_print("ipsec_decode_attribute: " |
1445 | "unreasonable lifetime"); |
1446 | } |
1447 | break; |
1448 | default: |
1449 | log_print("ipsec_decode_attribute: unknown " |
1450 | "lifetime type"); |
1451 | } |
1452 | break; |
1453 | case IKE_ATTR_PRF13: |
1454 | break; |
1455 | case IKE_ATTR_KEY_LENGTH14: |
1456 | exchange->key_length = decode_16(value) / 8; |
1457 | break; |
1458 | case IKE_ATTR_FIELD_SIZE15: |
1459 | break; |
1460 | case IKE_ATTR_GROUP_ORDER16: |
1461 | break; |
1462 | } |
1463 | } else { |
1464 | switch (type) { |
1465 | case IPSEC_ATTR_SA_LIFE_TYPE1: |
1466 | lifetype = decode_16(value); |
1467 | return 0; |
1468 | case IPSEC_ATTR_SA_LIFE_DURATION2: |
1469 | switch (lifetype) { |
1470 | case IPSEC_DURATION_SECONDS1: |
1471 | switch (len) { |
1472 | case 2: |
1473 | sa->seconds = decode_16(value); |
1474 | break; |
1475 | case 4: |
1476 | sa->seconds = decode_32(value); |
1477 | break; |
1478 | default: |
1479 | log_print("ipsec_decode_attribute: " |
1480 | "unreasonable lifetime"); |
1481 | } |
1482 | break; |
1483 | case IPSEC_DURATION_KILOBYTES2: |
1484 | switch (len) { |
1485 | case 2: |
1486 | sa->kilobytes = decode_16(value); |
1487 | break; |
1488 | case 4: |
1489 | sa->kilobytes = decode_32(value); |
1490 | break; |
1491 | default: |
1492 | log_print("ipsec_decode_attribute: " |
1493 | "unreasonable lifetime"); |
1494 | } |
1495 | break; |
1496 | default: |
1497 | log_print("ipsec_decode_attribute: unknown " |
1498 | "lifetime type"); |
1499 | } |
1500 | break; |
1501 | case IPSEC_ATTR_GROUP_DESCRIPTION3: |
1502 | isa->group_desc = decode_16(value); |
1503 | break; |
1504 | case IPSEC_ATTR_ENCAPSULATION_MODE4: |
1505 | /* |
1506 | * XXX Multiple protocols must have same |
1507 | * encapsulation mode, no? |
1508 | */ |
1509 | iproto->encap_mode = decode_16(value); |
1510 | break; |
1511 | case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5: |
1512 | iproto->auth = decode_16(value); |
1513 | break; |
1514 | case IPSEC_ATTR_KEY_LENGTH6: |
1515 | iproto->keylen = decode_16(value); |
1516 | break; |
1517 | case IPSEC_ATTR_KEY_ROUNDS7: |
1518 | iproto->keyrounds = decode_16(value); |
1519 | break; |
1520 | case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8: |
1521 | break; |
1522 | case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9: |
1523 | break; |
1524 | case IPSEC_ATTR_ECN_TUNNEL10: |
1525 | break; |
1526 | } |
1527 | } |
1528 | lifetype = 0; |
1529 | return 0; |
1530 | } |
1531 | |
1532 | /* |
1533 | * Walk over the attributes of the transform payload found in BUF, and |
1534 | * fill out the fields of the SA attached to MSG. Also mark the SA as |
1535 | * processed. |
1536 | */ |
1537 | void |
1538 | ipsec_decode_transform(struct message *msg, struct sa *sa, struct proto *proto, |
1539 | u_int8_t *buf) |
1540 | { |
1541 | struct ipsec_exch *ie = msg->exchange->data; |
1542 | struct ipsec_decode_arg ida; |
1543 | |
1544 | LOG_DBG((LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen",log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf)) |
1545 | GET_ISAKMP_TRANSFORM_NO(buf)))log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf)); |
1546 | |
1547 | ida.msg = msg; |
1548 | ida.sa = sa; |
1549 | ida.proto = proto; |
1550 | |
1551 | /* The default IKE lifetime is 8 hours. */ |
1552 | if (sa->phase == 1) |
1553 | sa->seconds = 28800; |
1554 | |
1555 | /* Extract the attributes and stuff them into the SA. */ |
1556 | attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF8, |
1557 | GET_ISAKMP_GEN_LENGTH(buf)field_get_num (isakmp_gen_fld + 2, buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF8, |
1558 | ipsec_decode_attribute, &ida); |
1559 | |
1560 | /* |
1561 | * If no pseudo-random function was negotiated, it's HMAC. |
1562 | * XXX As PRF_HMAC currently is zero, this is a no-op. |
1563 | */ |
1564 | if (!ie->prf_type) |
1565 | ie->prf_type = PRF_HMAC; |
1566 | } |
1567 | |
1568 | /* |
1569 | * Delete the IPsec SA represented by the INCOMING direction in protocol PROTO |
1570 | * of the IKE security association SA. |
1571 | */ |
1572 | static void |
1573 | ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming) |
1574 | { |
1575 | struct sa *new_sa; |
1576 | struct ipsec_proto *iproto; |
1577 | |
1578 | if (sa->phase == 1) |
1579 | return; |
1580 | |
1581 | iproto = proto->data; |
1582 | /* |
1583 | * If the SA is using UDP encap and it replaced other SA, |
1584 | * enable the other SA to keep the flow for the other SAs. |
1585 | */ |
1586 | if ((iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 || |
1587 | iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444) && |
1588 | (sa->flags & SA_FLAG_REPLACED0x08) == 0 && |
1589 | (new_sa = sa_find(ipsec_sa_check_flow_any, sa)) != NULL((void*)0) && |
1590 | new_sa->flags & SA_FLAG_REPLACED0x08) |
1591 | sa_replace(sa, new_sa); |
1592 | |
1593 | /* |
1594 | * If the SA was not replaced and was not one acquired through the |
1595 | * kernel (ACQUIRE message), remove the flow associated with it. |
1596 | * We ignore any errors from the disabling of the flow. |
1597 | */ |
1598 | if (sa->flags & SA_FLAG_READY0x01 && !(sa->flags & SA_FLAG_ONDEMAND0x04 || |
1599 | sa->flags & SA_FLAG_REPLACED0x08 || acquire_only || |
1600 | conf_get_str("General", "Acquire-Only"))) |
1601 | pf_key_v2_disable_sa(sa, incoming); |
1602 | |
1603 | /* XXX Error handling? Is it interesting? */ |
1604 | pf_key_v2_delete_spi(sa, proto, incoming); |
1605 | } |
1606 | |
1607 | /* |
1608 | * Store BUF into the g^x entry of the exchange that message MSG belongs to. |
1609 | * PEER is non-zero when the value is our peer's, and zero when it is ours. |
1610 | */ |
1611 | static int |
1612 | ipsec_g_x(struct message *msg, int peer, u_int8_t *buf) |
1613 | { |
1614 | struct exchange *exchange = msg->exchange; |
1615 | struct ipsec_exch *ie = exchange->data; |
1616 | u_int8_t **g_x; |
1617 | int initiator = exchange->initiator ^ peer; |
1618 | char header[32]; |
1619 | |
1620 | g_x = initiator ? &ie->g_xi : &ie->g_xr; |
1621 | *g_x = malloc(ie->g_x_len); |
1622 | if (!*g_x) { |
1623 | log_error("ipsec_g_x: malloc (%lu) failed", |
1624 | (unsigned long)ie->g_x_len); |
1625 | return -1; |
1626 | } |
1627 | memcpy(*g_x, buf, ie->g_x_len); |
1628 | snprintf(header, sizeof header, "ipsec_g_x: g^x%c", |
1629 | initiator ? 'i' : 'r'); |
1630 | LOG_DBG_BUF((LOG_MISC, 80, header, *g_x, ie->g_x_len))log_debug_buf (LOG_MISC, 80, header, *g_x, ie->g_x_len); |
1631 | return 0; |
1632 | } |
1633 | |
1634 | /* Generate our DH value. */ |
1635 | int |
1636 | ipsec_gen_g_x(struct message *msg) |
1637 | { |
1638 | struct exchange *exchange = msg->exchange; |
1639 | struct ipsec_exch *ie = exchange->data; |
1640 | u_int8_t *buf; |
1641 | |
1642 | buf = malloc(ISAKMP_KE_SZ4 + ie->g_x_len); |
1643 | if (!buf) { |
1644 | log_error("ipsec_gen_g_x: malloc (%lu) failed", |
1645 | ISAKMP_KE_SZ4 + (unsigned long)ie->g_x_len); |
1646 | return -1; |
1647 | } |
1648 | if (message_add_payload(msg, ISAKMP_PAYLOAD_KEY_EXCH4, buf, |
1649 | ISAKMP_KE_SZ4 + ie->g_x_len, 1)) { |
1650 | free(buf); |
1651 | return -1; |
1652 | } |
1653 | if (dh_create_exchange(ie->group, buf + ISAKMP_KE_DATA_OFF4)) { |
1654 | log_print("ipsec_gen_g_x: dh_create_exchange failed"); |
1655 | free(buf); |
1656 | return -1; |
1657 | } |
1658 | return ipsec_g_x(msg, 0, buf + ISAKMP_KE_DATA_OFF4); |
1659 | } |
1660 | |
1661 | /* Save the peer's DH value. */ |
1662 | int |
1663 | ipsec_save_g_x(struct message *msg) |
1664 | { |
1665 | struct exchange *exchange = msg->exchange; |
1666 | struct ipsec_exch *ie = exchange->data; |
1667 | struct payload *kep; |
1668 | |
1669 | kep = payload_first(msg, ISAKMP_PAYLOAD_KEY_EXCH4); |
1670 | kep->flags |= PL_MARK1; |
1671 | ie->g_x_len = GET_ISAKMP_GEN_LENGTH(kep->p)field_get_num (isakmp_gen_fld + 2, kep->p) - ISAKMP_KE_DATA_OFF4; |
1672 | |
1673 | /* Check that the given length matches the group's expectancy. */ |
1674 | if (ie->g_x_len != (size_t) dh_getlen(ie->group)) { |
1675 | /* XXX Is this a good notify type? */ |
1676 | message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 0); |
1677 | return -1; |
1678 | } |
1679 | return ipsec_g_x(msg, 1, kep->p + ISAKMP_KE_DATA_OFF4); |
1680 | } |
1681 | |
1682 | /* |
1683 | * Get a SPI for PROTO and the transport MSG passed over. Store the |
1684 | * size where SZ points. NB! A zero return is OK if *SZ is zero. |
1685 | */ |
1686 | static u_int8_t * |
1687 | ipsec_get_spi(size_t *sz, u_int8_t proto, struct message *msg) |
1688 | { |
1689 | struct sockaddr *dst, *src; |
1690 | struct transport *transport = msg->transport; |
1691 | |
1692 | if (msg->exchange->phase == 1) { |
1693 | *sz = 0; |
1694 | return 0; |
1695 | } else { |
1696 | /* We are the destination in the SA we want a SPI for. */ |
1697 | transport->vtbl->get_src(transport, &dst); |
1698 | /* The peer is the source. */ |
1699 | transport->vtbl->get_dst(transport, &src); |
1700 | return pf_key_v2_get_spi(sz, proto, src, dst, |
1701 | msg->exchange->seq); |
1702 | } |
1703 | } |
1704 | |
1705 | /* |
1706 | * We have gotten a payload PAYLOAD of type TYPE, which did not get handled |
1707 | * by the logic of the exchange MSG takes part in. Now is the time to deal |
1708 | * with such a payload if we know how to, if we don't, return -1, otherwise |
1709 | * 0. |
1710 | */ |
1711 | int |
1712 | ipsec_handle_leftover_payload(struct message *msg, u_int8_t type, |
1713 | struct payload *payload) |
1714 | { |
1715 | u_int32_t spisz, nspis; |
1716 | struct sockaddr *dst; |
1717 | int reenter = 0; |
1718 | u_int8_t *spis, proto; |
1719 | struct sa *sa; |
1720 | |
1721 | switch (type) { |
1722 | case ISAKMP_PAYLOAD_DELETE12: |
1723 | proto = GET_ISAKMP_DELETE_PROTO(payload->p)field_get_num (isakmp_delete_fld + 1, payload->p); |
1724 | nspis = GET_ISAKMP_DELETE_NSPIS(payload->p)field_get_num (isakmp_delete_fld + 3, payload->p); |
1725 | spisz = GET_ISAKMP_DELETE_SPI_SZ(payload->p)field_get_num (isakmp_delete_fld + 2, payload->p); |
1726 | |
1727 | if (nspis == 0) { |
1728 | LOG_DBG((LOG_SA, 60, "ipsec_handle_leftover_payload: "log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" ) |
1729 | "message specified zero SPIs, ignoring"))log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" ); |
1730 | return -1; |
1731 | } |
1732 | /* verify proper SPI size */ |
1733 | if ((proto == ISAKMP_PROTO_ISAKMP1 && |
1734 | spisz != ISAKMP_HDR_COOKIES_LEN(8 + 8)) || |
1735 | (proto != ISAKMP_PROTO_ISAKMP1 && spisz != sizeof(u_int32_t))) { |
1736 | log_print("ipsec_handle_leftover_payload: invalid SPI " |
1737 | "size %d for proto %d in DELETE payload", |
1738 | spisz, proto); |
1739 | return -1; |
1740 | } |
1741 | spis = calloc(nspis, spisz); |
1742 | if (!spis) { |
1743 | log_error("ipsec_handle_leftover_payload: malloc " |
1744 | "(%d) failed", nspis * spisz); |
1745 | return -1; |
1746 | } |
1747 | /* extract SPI and get dst address */ |
1748 | memcpy(spis, payload->p + ISAKMP_DELETE_SPI_OFF12, nspis * spisz); |
1749 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
1750 | |
1751 | ipsec_delete_spi_list(dst, proto, spis, nspis, "DELETE"); |
1752 | |
1753 | free(spis); |
1754 | payload->flags |= PL_MARK1; |
1755 | return 0; |
1756 | |
1757 | case ISAKMP_PAYLOAD_NOTIFY11: |
1758 | switch (GET_ISAKMP_NOTIFY_MSG_TYPE(payload->p)field_get_num (isakmp_notify_fld + 3, payload->p)) { |
1759 | case IPSEC_NOTIFY_INITIAL_CONTACT24578: |
1760 | /* |
1761 | * Permit INITIAL-CONTACT if |
1762 | * - this is not an AGGRESSIVE mode exchange |
1763 | * - it is protected by an ISAKMP SA |
1764 | * |
1765 | * XXX Instead of the first condition above, we could |
1766 | * XXX permit this only for phase 2. In the last |
1767 | * XXX packet of main-mode, this payload, while |
1768 | * XXX encrypted, is not part of the hash digest. As |
1769 | * XXX we currently send our own INITIAL-CONTACTs at |
1770 | * XXX this point, this too would need to be changed. |
1771 | */ |
1772 | if (msg->exchange->type == ISAKMP_EXCH_AGGRESSIVE4) { |
1773 | log_print("ipsec_handle_leftover_payload: got " |
1774 | "INITIAL-CONTACT in AGGRESSIVE mode"); |
1775 | return -1; |
1776 | } |
1777 | if ((msg->exchange->flags & EXCHANGE_FLAG_ENCRYPT0x0004) |
1778 | == 0) { |
1779 | log_print("ipsec_handle_leftover_payload: got " |
1780 | "INITIAL-CONTACT without ISAKMP SA"); |
1781 | return -1; |
1782 | } |
1783 | |
1784 | if ((msg->flags & MSG_AUTHENTICATED0x10) == 0) { |
1785 | log_print("ipsec_handle_leftover_payload: " |
1786 | "got unauthenticated INITIAL-CONTACT"); |
1787 | return -1; |
1788 | } |
1789 | /* |
1790 | * Find out who is sending this and then delete every |
1791 | * SA that is ready. Exchanges will timeout |
1792 | * themselves and then the non-ready SAs will |
1793 | * disappear too. |
1794 | */ |
1795 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
1796 | while ((sa = sa_lookup_by_peer(dst, SA_LEN(dst)((dst)->sa_len), 0)) != 0) { |
1797 | /* |
1798 | * Don't delete the current SA -- we received |
1799 | * the notification over it, so it's obviously |
1800 | * still active. We temporarily need to remove |
1801 | * the SA from the list to avoid an endless |
1802 | * loop, but keep a reference so it won't |
1803 | * disappear meanwhile. |
1804 | */ |
1805 | if (sa == msg->isakmp_sa) { |
1806 | sa_reference(sa); |
1807 | sa_remove(sa); |
1808 | reenter = 1; |
1809 | continue; |
1810 | } |
1811 | LOG_DBG((LOG_SA, 30,log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1812 | "ipsec_handle_leftover_payload: "log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1813 | "INITIAL-CONTACT made us delete SA %p",log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1814 | sa))log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa); |
1815 | sa_delete(sa, 0); |
1816 | } |
1817 | |
1818 | if (reenter) { |
1819 | sa_enter(msg->isakmp_sa); |
1820 | sa_release(msg->isakmp_sa); |
1821 | } |
1822 | payload->flags |= PL_MARK1; |
1823 | return 0; |
1824 | } |
1825 | } |
1826 | return -1; |
1827 | } |
1828 | |
1829 | /* Return the encryption keylength in octets of the ESP protocol PROTO. */ |
1830 | int |
1831 | ipsec_esp_enckeylength(struct proto *proto) |
1832 | { |
1833 | struct ipsec_proto *iproto = proto->data; |
1834 | |
1835 | /* Compute the keylength to use. */ |
1836 | switch (proto->id) { |
1837 | case IPSEC_ESP_3DES3: |
1838 | return 24; |
1839 | case IPSEC_ESP_CAST6: |
1840 | if (!iproto->keylen) |
1841 | return 16; |
1842 | return iproto->keylen / 8; |
1843 | case IPSEC_ESP_AES_CTR13: |
1844 | case IPSEC_ESP_AES_GCM_1620: |
1845 | case IPSEC_ESP_AES_GMAC23: |
1846 | if (!iproto->keylen) |
1847 | return 20; |
1848 | return iproto->keylen / 8 + 4; |
1849 | case IPSEC_ESP_AES12: |
1850 | if (!iproto->keylen) |
1851 | return 16; |
1852 | /* FALLTHROUGH */ |
1853 | default: |
1854 | return iproto->keylen / 8; |
1855 | } |
1856 | } |
1857 | |
1858 | /* Return the authentication keylength in octets of the ESP protocol PROTO. */ |
1859 | int |
1860 | ipsec_esp_authkeylength(struct proto *proto) |
1861 | { |
1862 | struct ipsec_proto *iproto = proto->data; |
1863 | |
1864 | switch (iproto->auth) { |
1865 | case IPSEC_AUTH_HMAC_MD51: |
1866 | return 16; |
1867 | case IPSEC_AUTH_HMAC_SHA2: |
1868 | case IPSEC_AUTH_HMAC_RIPEMD8: |
1869 | return 20; |
1870 | case IPSEC_AUTH_HMAC_SHA2_2565: |
1871 | return 32; |
1872 | case IPSEC_AUTH_HMAC_SHA2_3846: |
1873 | return 48; |
1874 | case IPSEC_AUTH_HMAC_SHA2_5127: |
1875 | return 64; |
1876 | default: |
1877 | return 0; |
1878 | } |
1879 | } |
1880 | |
1881 | /* Return the authentication keylength in octets of the AH protocol PROTO. */ |
1882 | int |
1883 | ipsec_ah_keylength(struct proto *proto) |
1884 | { |
1885 | switch (proto->id) { |
1886 | case IPSEC_AH_MD52: |
1887 | return 16; |
1888 | case IPSEC_AH_SHA3: |
1889 | case IPSEC_AH_RIPEMD8: |
1890 | return 20; |
1891 | case IPSEC_AH_SHA2_2565: |
1892 | return 32; |
1893 | case IPSEC_AH_SHA2_3846: |
1894 | return 48; |
1895 | case IPSEC_AH_SHA2_5127: |
1896 | return 64; |
1897 | default: |
1898 | return -1; |
1899 | } |
1900 | } |
1901 | |
1902 | /* Return the total keymaterial length of the protocol PROTO. */ |
1903 | int |
1904 | ipsec_keymat_length(struct proto *proto) |
1905 | { |
1906 | switch (proto->proto) { |
1907 | case IPSEC_PROTO_IPSEC_ESP3: |
1908 | return ipsec_esp_enckeylength(proto) |
1909 | + ipsec_esp_authkeylength(proto); |
1910 | case IPSEC_PROTO_IPSEC_AH2: |
1911 | return ipsec_ah_keylength(proto); |
1912 | default: |
1913 | return -1; |
1914 | } |
1915 | } |
1916 | |
1917 | /* Helper function for ipsec_get_id(). */ |
1918 | static int |
1919 | ipsec_get_proto_port(char *section, u_int8_t *tproto, u_int16_t *port) |
1920 | { |
1921 | struct protoent *pe = NULL((void*)0); |
1922 | struct servent *se; |
1923 | char *pstr; |
1924 | |
1925 | pstr = conf_get_str(section, "Protocol"); |
1926 | if (!pstr) { |
1927 | *tproto = 0; |
1928 | return 0; |
1929 | } |
1930 | *tproto = (u_int8_t)atoi(pstr); |
1931 | if (!*tproto) { |
1932 | pe = getprotobyname(pstr); |
1933 | if (pe) |
1934 | *tproto = pe->p_proto; |
1935 | } |
1936 | if (!*tproto) { |
1937 | log_print("ipsec_get_proto_port: protocol \"%s\" unknown", |
1938 | pstr); |
1939 | return -1; |
1940 | } |
1941 | |
1942 | pstr = conf_get_str(section, "Port"); |
1943 | if (!pstr) |
1944 | return 0; |
1945 | *port = (u_int16_t)atoi(pstr); |
1946 | if (!*port) { |
1947 | se = getservbyname(pstr, |
1948 | pe ? pe->p_name : (pstr ? pstr : NULL((void*)0))); |
1949 | if (se) |
1950 | *port = ntohs(se->s_port)(__uint16_t)(__builtin_constant_p(se->s_port) ? (__uint16_t )(((__uint16_t)(se->s_port) & 0xffU) << 8 | ((__uint16_t )(se->s_port) & 0xff00U) >> 8) : __swap16md(se-> s_port)); |
1951 | } |
1952 | if (!*port) { |
1953 | log_print("ipsec_get_proto_port: port \"%s\" unknown", |
1954 | pstr); |
1955 | return -1; |
1956 | } |
1957 | return 0; |
1958 | } |
1959 | |
1960 | /* |
1961 | * Out of a named section SECTION in the configuration file find out |
1962 | * the network address and mask as well as the ID type. Put the info |
1963 | * in the areas pointed to by ADDR, MASK, TPROTO, PORT, and ID respectively. |
1964 | * Return 0 on success and -1 on failure. |
1965 | */ |
1966 | int |
1967 | ipsec_get_id(char *section, int *id, struct sockaddr **addr, |
1968 | struct sockaddr **mask, u_int8_t *tproto, u_int16_t *port) |
1969 | { |
1970 | char *type, *address, *netmask; |
1971 | sa_family_t af = 0; |
1972 | |
1973 | type = conf_get_str(section, "ID-type"); |
1974 | if (!type) { |
1975 | log_print("ipsec_get_id: section %s has no \"ID-type\" tag", |
1976 | section); |
1977 | return -1; |
1978 | } |
1979 | *id = constant_value(ipsec_id_cst, type); |
1980 | switch (*id) { |
1981 | case IPSEC_ID_IPV4_ADDR1: |
1982 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
1983 | af = AF_INET2; |
1984 | break; |
1985 | case IPSEC_ID_IPV6_ADDR5: |
1986 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
1987 | af = AF_INET624; |
1988 | break; |
1989 | } |
1990 | switch (*id) { |
1991 | case IPSEC_ID_IPV4_ADDR1: |
1992 | case IPSEC_ID_IPV6_ADDR5: { |
1993 | int ret; |
1994 | |
1995 | address = conf_get_str(section, "Address"); |
1996 | if (!address) { |
1997 | log_print("ipsec_get_id: section %s has no " |
1998 | "\"Address\" tag", section); |
1999 | return -1; |
2000 | } |
2001 | if (text2sockaddr(address, NULL((void*)0), addr, af, 0)) { |
2002 | log_print("ipsec_get_id: invalid address %s in " |
2003 | "section %s", address, section); |
2004 | return -1; |
2005 | } |
2006 | ret = ipsec_get_proto_port(section, tproto, port); |
2007 | if (ret < 0) |
2008 | free(*addr); |
2009 | |
2010 | return ret; |
2011 | } |
2012 | |
2013 | #ifdef notyet |
2014 | case IPSEC_ID_FQDN2: |
2015 | return -1; |
2016 | |
2017 | case IPSEC_ID_USER_FQDN3: |
2018 | return -1; |
2019 | #endif |
2020 | |
2021 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2022 | case IPSEC_ID_IPV6_ADDR_SUBNET6: { |
2023 | int ret; |
2024 | |
2025 | address = conf_get_str(section, "Network"); |
2026 | if (!address) { |
2027 | log_print("ipsec_get_id: section %s has no " |
2028 | "\"Network\" tag", section); |
2029 | return -1; |
2030 | } |
2031 | if (text2sockaddr(address, NULL((void*)0), addr, af, 0)) { |
2032 | log_print("ipsec_get_id: invalid section %s " |
2033 | "network %s", section, address); |
2034 | return -1; |
2035 | } |
2036 | netmask = conf_get_str(section, "Netmask"); |
2037 | if (!netmask) { |
2038 | log_print("ipsec_get_id: section %s has no " |
2039 | "\"Netmask\" tag", section); |
2040 | free(*addr); |
2041 | return -1; |
2042 | } |
2043 | if (text2sockaddr(netmask, NULL((void*)0), mask, af, 1)) { |
2044 | log_print("ipsec_get_id: invalid section %s " |
2045 | "network %s", section, netmask); |
2046 | free(*addr); |
2047 | return -1; |
2048 | } |
2049 | ret = ipsec_get_proto_port(section, tproto, port); |
2050 | if (ret < 0) { |
2051 | free(*mask); |
2052 | free(*addr); |
2053 | } |
2054 | return ret; |
2055 | } |
2056 | |
2057 | #ifdef notyet |
2058 | case IPSEC_ID_IPV4_RANGE7: |
2059 | return -1; |
2060 | |
2061 | case IPSEC_ID_IPV6_RANGE8: |
2062 | return -1; |
2063 | |
2064 | case IPSEC_ID_DER_ASN1_DN9: |
2065 | return -1; |
2066 | |
2067 | case IPSEC_ID_DER_ASN1_GN10: |
2068 | return -1; |
2069 | |
2070 | case IPSEC_ID_KEY_ID11: |
2071 | return -1; |
2072 | #endif |
2073 | |
2074 | default: |
2075 | log_print("ipsec_get_id: unknown ID type \"%s\" in " |
2076 | "section %s", type, section); |
2077 | return -1; |
2078 | } |
2079 | |
2080 | return 0; |
2081 | } |
2082 | |
2083 | /* |
2084 | * XXX I rather want this function to return a status code, and fail if |
2085 | * we cannot fit the information in the supplied buffer. |
2086 | */ |
2087 | static void |
2088 | ipsec_decode_id(char *buf, size_t size, u_int8_t *id, size_t id_len, |
2089 | int isakmpform) |
2090 | { |
2091 | int id_type; |
2092 | char *addr = 0, *mask = 0; |
2093 | u_int32_t *idp; |
2094 | |
2095 | if (id) { |
2096 | if (!isakmpform) { |
2097 | /* |
2098 | * Exchanges and SAs dont carry the IDs in ISAKMP |
2099 | * form. |
2100 | */ |
2101 | id -= ISAKMP_GEN_SZ4; |
2102 | id_len += ISAKMP_GEN_SZ4; |
2103 | } |
2104 | id_type = GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id); |
2105 | idp = (u_int32_t *) (id + ISAKMP_ID_DATA_OFF8); |
2106 | switch (id_type) { |
2107 | case IPSEC_ID_IPV4_ADDR1: |
2108 | util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2109 | snprintf(buf, size, "%s", addr); |
2110 | break; |
2111 | |
2112 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2113 | util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2114 | util_ntoa(&mask, AF_INET2, id + ISAKMP_ID_DATA_OFF8 + 4); |
2115 | snprintf(buf, size, "%s/%s", addr, mask); |
2116 | break; |
2117 | |
2118 | case IPSEC_ID_IPV6_ADDR5: |
2119 | util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2120 | snprintf(buf, size, "%s", addr); |
2121 | break; |
2122 | |
2123 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
2124 | util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2125 | util_ntoa(&mask, AF_INET624, id + ISAKMP_ID_DATA_OFF8 + |
2126 | sizeof(struct in6_addr)); |
2127 | snprintf(buf, size, "%s/%s", addr, mask); |
2128 | break; |
2129 | |
2130 | case IPSEC_ID_FQDN2: |
2131 | case IPSEC_ID_USER_FQDN3: |
2132 | /* String is not NUL terminated, be careful */ |
2133 | id_len -= ISAKMP_ID_DATA_OFF8; |
2134 | id_len = MINIMUM(id_len, size - 1)(((id_len) < (size - 1)) ? (id_len) : (size - 1)); |
2135 | memcpy(buf, id + ISAKMP_ID_DATA_OFF8, id_len); |
2136 | buf[id_len] = '\0'; |
2137 | break; |
2138 | |
2139 | case IPSEC_ID_DER_ASN1_DN9: |
2140 | addr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8, |
2141 | id_len - ISAKMP_ID_DATA_OFF8); |
2142 | if (!addr) { |
2143 | snprintf(buf, size, "unparsable ASN1 DN ID"); |
2144 | return; |
2145 | } |
2146 | strlcpy(buf, addr, size); |
2147 | break; |
2148 | |
2149 | default: |
2150 | snprintf(buf, size, "<id type unknown: %x>", id_type); |
2151 | break; |
2152 | } |
2153 | } else |
2154 | snprintf(buf, size, "<no ipsec id>"); |
2155 | free(addr); |
2156 | free(mask); |
2157 | } |
2158 | |
2159 | char * |
2160 | ipsec_decode_ids(char *fmt, u_int8_t *id1, size_t id1_len, u_int8_t *id2, |
2161 | size_t id2_len, int isakmpform) |
2162 | { |
2163 | static char result[1024]; |
2164 | char s_id1[256], s_id2[256]; |
2165 | |
2166 | ipsec_decode_id(s_id1, sizeof s_id1, id1, id1_len, isakmpform); |
2167 | ipsec_decode_id(s_id2, sizeof s_id2, id2, id2_len, isakmpform); |
2168 | |
2169 | snprintf(result, sizeof result, fmt, s_id1, s_id2); |
2170 | return result; |
2171 | } |
2172 | |
2173 | /* |
2174 | * Out of a named section SECTION in the configuration file build an |
2175 | * ISAKMP ID payload. Ths payload size should be stashed in SZ. |
2176 | * The caller is responsible for freeing the payload. |
2177 | */ |
2178 | u_int8_t * |
2179 | ipsec_build_id(char *section, size_t *sz) |
2180 | { |
2181 | struct sockaddr *addr, *mask; |
2182 | u_int8_t *p; |
2183 | int id, subnet = 0; |
2184 | u_int8_t tproto = 0; |
2185 | u_int16_t port = 0; |
2186 | |
2187 | if (ipsec_get_id(section, &id, &addr, &mask, &tproto, &port)) |
2188 | return 0; |
2189 | |
2190 | if (id == IPSEC_ID_IPV4_ADDR_SUBNET4 || id == IPSEC_ID_IPV6_ADDR_SUBNET6) |
2191 | subnet = 1; |
2192 | |
2193 | *sz = ISAKMP_ID_SZ8 + sockaddr_addrlen(addr); |
2194 | if (subnet) |
2195 | *sz += sockaddr_addrlen(mask); |
2196 | |
2197 | p = malloc(*sz); |
2198 | if (!p) { |
2199 | log_print("ipsec_build_id: malloc(%lu) failed", |
2200 | (unsigned long)*sz); |
2201 | if (subnet) |
2202 | free(mask); |
2203 | free(addr); |
2204 | return 0; |
2205 | } |
2206 | SET_ISAKMP_ID_TYPE(p, id)field_set_num (isakmp_id_fld + 0, p, id); |
2207 | SET_ISAKMP_ID_DOI_DATA(p, (unsigned char *)"\000\000\000")field_set_raw (isakmp_id_fld + 1, p, (unsigned char *)"\000\000\000" ); |
2208 | |
2209 | memcpy(p + ISAKMP_ID_DATA_OFF8, sockaddr_addrdata(addr), |
2210 | sockaddr_addrlen(addr)); |
2211 | if (subnet) |
2212 | memcpy(p + ISAKMP_ID_DATA_OFF8 + sockaddr_addrlen(addr), |
2213 | sockaddr_addrdata(mask), sockaddr_addrlen(mask)); |
2214 | |
2215 | SET_IPSEC_ID_PROTO(p + ISAKMP_ID_DOI_DATA_OFF, tproto)field_set_num (ipsec_id_fld + 0, p + 5, tproto); |
2216 | SET_IPSEC_ID_PORT(p + ISAKMP_ID_DOI_DATA_OFF, port)field_set_num (ipsec_id_fld + 1, p + 5, port); |
2217 | |
2218 | if (subnet) |
2219 | free(mask); |
2220 | free(addr); |
2221 | return p; |
2222 | } |
2223 | |
2224 | /* |
2225 | * copy an ISAKMPD id |
2226 | */ |
2227 | int |
2228 | ipsec_clone_id(u_int8_t **did, size_t *did_len, u_int8_t *id, size_t id_len) |
2229 | { |
2230 | free(*did); |
2231 | |
2232 | if (!id_len || !id) { |
2233 | *did = 0; |
2234 | *did_len = 0; |
2235 | return 0; |
2236 | } |
2237 | *did = malloc(id_len); |
2238 | if (!*did) { |
2239 | *did_len = 0; |
2240 | log_error("ipsec_clone_id: malloc(%lu) failed", |
2241 | (unsigned long)id_len); |
2242 | return -1; |
2243 | } |
2244 | *did_len = id_len; |
2245 | memcpy(*did, id, id_len); |
2246 | |
2247 | return 0; |
2248 | } |
2249 | |
2250 | /* |
2251 | * IPsec-specific PROTO initializations. SECTION is only set if we are the |
2252 | * initiator thus only usable there. |
2253 | * XXX I want to fix this later. |
2254 | */ |
2255 | void |
2256 | ipsec_proto_init(struct proto *proto, char *section) |
2257 | { |
2258 | struct ipsec_proto *iproto = proto->data; |
2259 | |
2260 | if (proto->sa->phase == 2) |
2261 | iproto->replay_window = section ? conf_get_num(section, |
2262 | "ReplayWindow", DEFAULT_REPLAY_WINDOW16) : |
2263 | DEFAULT_REPLAY_WINDOW16; |
2264 | } |
2265 | |
2266 | /* |
2267 | * Add a notification payload of type INITIAL CONTACT to MSG if this is |
2268 | * the first contact we have made to our peer. |
2269 | */ |
2270 | int |
2271 | ipsec_initial_contact(struct message *msg) |
2272 | { |
2273 | u_int8_t *buf; |
2274 | |
2275 | if (ipsec_contacted(msg)) |
2276 | return 0; |
2277 | |
2278 | buf = malloc(ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2279 | if (!buf) { |
2280 | log_error("ike_phase_1_initial_contact: malloc (%d) failed", |
2281 | ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2282 | return -1; |
2283 | } |
2284 | SET_ISAKMP_NOTIFY_DOI(buf, IPSEC_DOI_IPSEC)field_set_num (isakmp_notify_fld + 0, buf, 1); |
2285 | SET_ISAKMP_NOTIFY_PROTO(buf, ISAKMP_PROTO_ISAKMP)field_set_num (isakmp_notify_fld + 1, buf, 1); |
2286 | SET_ISAKMP_NOTIFY_SPI_SZ(buf, ISAKMP_HDR_COOKIES_LEN)field_set_num (isakmp_notify_fld + 2, buf, (8 + 8)); |
2287 | SET_ISAKMP_NOTIFY_MSG_TYPE(buf, IPSEC_NOTIFY_INITIAL_CONTACT)field_set_num (isakmp_notify_fld + 3, buf, 24578); |
2288 | memcpy(buf + ISAKMP_NOTIFY_SPI_OFF12, msg->isakmp_sa->cookies, |
2289 | ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2290 | if (message_add_payload(msg, ISAKMP_PAYLOAD_NOTIFY11, buf, |
2291 | ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8), 1)) { |
2292 | free(buf); |
2293 | return -1; |
2294 | } |
2295 | return ipsec_add_contact(msg); |
2296 | } |
2297 | |
2298 | /* |
2299 | * Compare the two contacts pointed to by A and B. Return negative if |
2300 | * *A < *B, 0 if they are equal, and positive if *A is the largest of them. |
2301 | */ |
2302 | static int |
2303 | addr_cmp(const void *a, const void *b) |
2304 | { |
2305 | const struct contact *x = a, *y = b; |
2306 | int minlen = MINIMUM(x->len, y->len)(((x->len) < (y->len)) ? (x->len) : (y->len)); |
2307 | int rv = memcmp(x->addr, y->addr, minlen); |
2308 | |
2309 | return rv ? rv : (x->len - y->len); |
2310 | } |
2311 | |
2312 | /* |
2313 | * Add the peer that MSG is bound to as an address we don't want to send |
2314 | * INITIAL CONTACT too from now on. Do not call this function with a |
2315 | * specific address duplicate times. We want fast lookup, speed of insertion |
2316 | * is unimportant, if this is to scale. |
2317 | */ |
2318 | static int |
2319 | ipsec_add_contact(struct message *msg) |
2320 | { |
2321 | struct contact *new_contacts; |
2322 | struct sockaddr *dst, *addr; |
2323 | int cnt; |
2324 | |
2325 | if (contact_cnt == contact_limit) { |
2326 | cnt = contact_limit ? 2 * contact_limit : 64; |
2327 | new_contacts = reallocarray(contacts, cnt, sizeof contacts[0]); |
2328 | if (!new_contacts) { |
2329 | log_error("ipsec_add_contact: " |
2330 | "realloc (%p, %lu) failed", contacts, |
2331 | cnt * (unsigned long) sizeof contacts[0]); |
2332 | return -1; |
2333 | } |
2334 | contact_limit = cnt; |
2335 | contacts = new_contacts; |
2336 | } |
2337 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
2338 | addr = malloc(SA_LEN(dst)((dst)->sa_len)); |
2339 | if (!addr) { |
2340 | log_error("ipsec_add_contact: malloc (%lu) failed", |
2341 | (unsigned long)SA_LEN(dst)((dst)->sa_len)); |
2342 | return -1; |
2343 | } |
2344 | memcpy(addr, dst, SA_LEN(dst)((dst)->sa_len)); |
2345 | contacts[contact_cnt].addr = addr; |
2346 | contacts[contact_cnt++].len = SA_LEN(dst)((dst)->sa_len); |
2347 | |
2348 | /* |
2349 | * XXX There are better algorithms for already mostly-sorted data like |
2350 | * this, but only qsort is standard. I will someday do this inline. |
2351 | */ |
2352 | qsort(contacts, contact_cnt, sizeof *contacts, addr_cmp); |
2353 | return 0; |
2354 | } |
2355 | |
2356 | /* Return true if the recipient of MSG has already been contacted. */ |
2357 | static int |
2358 | ipsec_contacted(struct message *msg) |
2359 | { |
2360 | struct contact contact; |
2361 | |
2362 | msg->transport->vtbl->get_dst(msg->transport, &contact.addr); |
2363 | contact.len = SA_LEN(contact.addr)((contact.addr)->sa_len); |
2364 | return contacts ? (bsearch(&contact, contacts, contact_cnt, |
2365 | sizeof *contacts, addr_cmp) != 0) : 0; |
2366 | } |
2367 | |
2368 | /* Add a HASH for to MSG. */ |
2369 | u_int8_t * |
2370 | ipsec_add_hash_payload(struct message *msg, size_t hashsize) |
2371 | { |
2372 | u_int8_t *buf; |
2373 | |
2374 | buf = malloc(ISAKMP_HASH_SZ4 + hashsize); |
2375 | if (!buf) { |
2376 | log_error("ipsec_add_hash_payload: malloc (%lu) failed", |
2377 | ISAKMP_HASH_SZ4 + (unsigned long) hashsize); |
2378 | return 0; |
2379 | } |
2380 | if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH8, buf, |
2381 | ISAKMP_HASH_SZ4 + hashsize, 1)) { |
2382 | free(buf); |
2383 | return 0; |
2384 | } |
2385 | return buf; |
2386 | } |
2387 | |
2388 | /* Fill in the HASH payload of MSG. */ |
2389 | int |
2390 | ipsec_fill_in_hash(struct message *msg) |
2391 | { |
2392 | struct exchange *exchange = msg->exchange; |
2393 | struct sa *isakmp_sa = msg->isakmp_sa; |
2394 | struct ipsec_sa *isa = isakmp_sa->data; |
2395 | struct hash *hash = hash_get(isa->hash); |
2396 | struct prf *prf; |
2397 | struct payload *payload; |
2398 | u_int8_t *buf; |
2399 | u_int32_t i; |
2400 | char header[80]; |
2401 | |
2402 | /* If no SKEYID_a, we need not do anything. */ |
2403 | if (!isa->skeyid_a) |
2404 | return 0; |
2405 | |
2406 | payload = payload_first(msg, ISAKMP_PAYLOAD_HASH8); |
2407 | if (!payload) { |
2408 | log_print("ipsec_fill_in_hash: no HASH payload found"); |
2409 | return -1; |
2410 | } |
2411 | buf = payload->p; |
2412 | |
2413 | /* Allocate the prf and start calculating our HASH(1). */ |
2414 | LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len) |
2415 | isa->skeyid_a, isa->skeyid_len))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len); |
2416 | prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a, |
2417 | isa->skeyid_len); |
2418 | if (!prf) |
2419 | return -1; |
2420 | |
2421 | prf->Init(prf->prfctx); |
2422 | LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: message_id",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4) |
2423 | exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4); |
2424 | prf->Update(prf->prfctx, exchange->message_id, |
2425 | ISAKMP_HDR_MESSAGE_ID_LEN4); |
2426 | |
2427 | /* Loop over all payloads after HASH(1). */ |
2428 | for (i = 2; i < msg->iovlen; i++) { |
2429 | /* XXX Misleading payload type printouts. */ |
2430 | snprintf(header, sizeof header, |
2431 | "ipsec_fill_in_hash: payload %d after HASH(1)", i - 1); |
2432 | LOG_DBG_BUF((LOG_MISC, 90, header, msg->iov[i].iov_base,log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len) |
2433 | msg->iov[i].iov_len))log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len); |
2434 | prf->Update(prf->prfctx, msg->iov[i].iov_base, |
2435 | msg->iov[i].iov_len); |
2436 | } |
2437 | prf->Final(buf + ISAKMP_HASH_DATA_OFF4, prf->prfctx); |
2438 | prf_free(prf); |
2439 | LOG_DBG_BUF((LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf +log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize) |
2440 | ISAKMP_HASH_DATA_OFF, hash->hashsize))log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize); |
2441 | |
2442 | return 0; |
2443 | } |
2444 | |
2445 | /* Add a HASH payload to MSG, if we have an ISAKMP SA we're protected by. */ |
2446 | static int |
2447 | ipsec_informational_pre_hook(struct message *msg) |
2448 | { |
2449 | struct sa *isakmp_sa = msg->isakmp_sa; |
2450 | struct ipsec_sa *isa; |
2451 | struct hash *hash; |
2452 | |
2453 | if (!isakmp_sa) |
2454 | return 0; |
2455 | isa = isakmp_sa->data; |
2456 | hash = hash_get(isa->hash); |
2457 | return ipsec_add_hash_payload(msg, hash->hashsize) == 0; |
2458 | } |
2459 | |
2460 | /* |
2461 | * Fill in the HASH payload in MSG, if we have an ISAKMP SA we're protected by. |
2462 | */ |
2463 | static int |
2464 | ipsec_informational_post_hook(struct message *msg) |
2465 | { |
2466 | if (!msg->isakmp_sa) |
2467 | return 0; |
2468 | return ipsec_fill_in_hash(msg); |
2469 | } |
2470 | |
2471 | ssize_t |
2472 | ipsec_id_size(char *section, u_int8_t *id) |
2473 | { |
2474 | char *type, *data; |
2475 | |
2476 | type = conf_get_str(section, "ID-type"); |
2477 | if (!type) { |
2478 | log_print("ipsec_id_size: section %s has no \"ID-type\" tag", |
2479 | section); |
2480 | return -1; |
2481 | } |
2482 | *id = constant_value(ipsec_id_cst, type); |
2483 | switch (*id) { |
2484 | case IPSEC_ID_IPV4_ADDR1: |
2485 | return sizeof(struct in_addr); |
2486 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2487 | return 2 * sizeof(struct in_addr); |
2488 | case IPSEC_ID_IPV6_ADDR5: |
2489 | return sizeof(struct in6_addr); |
2490 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
2491 | return 2 * sizeof(struct in6_addr); |
2492 | case IPSEC_ID_FQDN2: |
2493 | case IPSEC_ID_USER_FQDN3: |
2494 | case IPSEC_ID_KEY_ID11: |
2495 | case IPSEC_ID_DER_ASN1_DN9: |
2496 | case IPSEC_ID_DER_ASN1_GN10: |
2497 | data = conf_get_str(section, "Name"); |
2498 | if (!data) { |
2499 | log_print("ipsec_id_size: " |
2500 | "section %s has no \"Name\" tag", section); |
2501 | return -1; |
2502 | } |
2503 | return strlen(data); |
2504 | } |
2505 | log_print("ipsec_id_size: unrecognized/unsupported ID-type %d (%s)", |
2506 | *id, type); |
2507 | return -1; |
2508 | } |
2509 | |
2510 | /* |
2511 | * Generate a string version of the ID. |
2512 | */ |
2513 | char * |
2514 | ipsec_id_string(u_int8_t *id, size_t id_len) |
2515 | { |
2516 | char *buf = 0; |
2517 | char *addrstr = 0; |
2518 | size_t len, size; |
2519 | |
2520 | /* |
2521 | * XXX Real ugly way of making the offsets correct. Be aware that id |
2522 | * now will point before the actual buffer and cannot be dereferenced |
2523 | * without an offset larger than or equal to ISAKM_GEN_SZ. |
2524 | */ |
2525 | id -= ISAKMP_GEN_SZ4; |
2526 | |
2527 | /* This is the actual length of the ID data field. */ |
2528 | id_len += ISAKMP_GEN_SZ4 - ISAKMP_ID_DATA_OFF8; |
2529 | |
2530 | /* |
2531 | * Conservative allocation. |
2532 | * XXX I think the ASN1 DN case can be thought through to give a better |
2533 | * estimate. |
2534 | */ |
2535 | size = MAXIMUM(sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len)) |
2536 | sizeof "asn1_dn/" + id_len)(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len)); |
2537 | buf = malloc(size); |
2538 | if (!buf) |
2539 | /* XXX Log? */ |
2540 | goto fail; |
2541 | |
2542 | switch (GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id)) { |
2543 | case IPSEC_ID_IPV4_ADDR1: |
2544 | if (id_len < sizeof(struct in_addr)) |
2545 | goto fail; |
2546 | util_ntoa(&addrstr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2547 | if (!addrstr) |
2548 | goto fail; |
2549 | snprintf(buf, size, "ipv4/%s", addrstr); |
2550 | break; |
2551 | |
2552 | case IPSEC_ID_IPV6_ADDR5: |
2553 | if (id_len < sizeof(struct in6_addr)) |
2554 | goto fail; |
2555 | util_ntoa(&addrstr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2556 | if (!addrstr) |
2557 | goto fail; |
2558 | snprintf(buf, size, "ipv6/%s", addrstr); |
2559 | break; |
2560 | |
2561 | case IPSEC_ID_FQDN2: |
2562 | case IPSEC_ID_USER_FQDN3: |
2563 | strlcpy(buf, GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id) == IPSEC_ID_FQDN2 ? |
2564 | "fqdn/" : "ufqdn/", size); |
2565 | len = strlen(buf); |
2566 | |
2567 | memcpy(buf + len, id + ISAKMP_ID_DATA_OFF8, id_len); |
2568 | *(buf + len + id_len) = '\0'; |
2569 | break; |
2570 | |
2571 | case IPSEC_ID_DER_ASN1_DN9: |
2572 | strlcpy(buf, "asn1_dn/", size); |
2573 | len = strlen(buf); |
2574 | addrstr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8, id_len); |
2575 | if (!addrstr) |
2576 | goto fail; |
2577 | if (size < len + strlen(addrstr) + 1) |
2578 | goto fail; |
2579 | strlcpy(buf + len, addrstr, size - len); |
2580 | break; |
2581 | |
2582 | default: |
2583 | /* Unknown type. */ |
2584 | LOG_DBG((LOG_MISC, 10,log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)) |
2585 | "ipsec_id_string: unknown identity type %d\n",log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)) |
2586 | GET_ISAKMP_ID_TYPE(id)))log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)); |
2587 | goto fail; |
2588 | } |
2589 | |
2590 | free(addrstr); |
2591 | return buf; |
2592 | |
2593 | fail: |
2594 | free(buf); |
2595 | free(addrstr); |
2596 | return 0; |
2597 | } |