/usr/src/sbin/isakmpd/ipsec.c

Bug Summary

File:	src/sbin/isakmpd/ipsec.c
Warning:	line 684, column 18 Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in'

Annotated Source Code

Press '?' to see keyboard shortcuts

Show analyzer invocation

clang -cc1 -cc1 -triple amd64-unknown-openbsd7.0 -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name ipsec.c -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -mrelocation-model pic -pic-level 1 -pic-is-pie -mframe-pointer=all -relaxed-aliasing -fno-rounding-math -mconstructor-aliases -munwind-tables -target-cpu x86-64 -target-feature +retpoline-indirect-calls -target-feature +retpoline-indirect-branches -tune-cpu generic -debugger-tuning=gdb -fcoverage-compilation-dir=/usr/src/sbin/isakmpd/obj -resource-dir /usr/local/lib/clang/13.0.0 -I /usr/src/sbin/isakmpd -I . -internal-isystem /usr/local/lib/clang/13.0.0/include -internal-externc-isystem /usr/include -O2 -fdebug-compilation-dir=/usr/src/sbin/isakmpd/obj -ferror-limit 19 -fwrapv -D_RET_PROTECTOR -ret-protector -fgnuc-version=4.2.1 -vectorize-loops -vectorize-slp -fno-builtin-malloc -fno-builtin-calloc -fno-builtin-realloc -fno-builtin-valloc -fno-builtin-free -fno-builtin-strdup -fno-builtin-strndup -analyzer-output=html -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /home/ben/Projects/vmm/scan-build/2022-01-12-194120-40624-1 -x c /usr/src/sbin/isakmpd/ipsec.c

1	/* $OpenBSD: ipsec.c,v 1.151 2021/10/22 12:30:53 bluhm Exp $ */
2	/* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */
3
4	/*
5	* Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved.
6	* Copyright (c) 2001 Angelos D. Keromytis. All rights reserved.
7	* Copyright (c) 2001 Håkan Olsson. All rights reserved.
8	*
9	* Redistribution and use in source and binary forms, with or without
10	* modification, are permitted provided that the following conditions
11	* are met:
12	* 1. Redistributions of source code must retain the above copyright
13	* notice, this list of conditions and the following disclaimer.
14	* 2. Redistributions in binary form must reproduce the above copyright
15	* notice, this list of conditions and the following disclaimer in the
16	* documentation and/or other materials provided with the distribution.
17	*
18	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28	*/
29
30	/*
31	* This code was written under funding by Ericsson Radio Systems.
32	*/
33
34	#include <sys/types.h>
35	#include <sys/socket.h>
36	#include <netdb.h>
37	#include <netinet/in.h>
38	#include <arpa/inet.h>
39	#include <stdlib.h>
40	#include <string.h>
41
42	#include <net/if.h>
43	#include <net/pfvar.h>
44
45	#include "attribute.h"
46	#include "conf.h"
47	#include "connection.h"
48	#include "constants.h"
49	#include "crypto.h"
50	#include "dh.h"
51	#include "doi.h"
52	#include "dpd.h"
53	#include "exchange.h"
54	#include "hash.h"
55	#include "ike_aggressive.h"
56	#include "ike_auth.h"
57	#include "ike_main_mode.h"
58	#include "ike_quick_mode.h"
59	#include "ipsec.h"
60	#include "ipsec_doi.h"
61	#include "isakmp.h"
62	#include "isakmp_cfg.h"
63	#include "isakmp_fld.h"
64	#include "isakmp_num.h"
65	#include "log.h"
66	#include "message.h"
67	#include "nat_traversal.h"
68	#include "pf_key_v2.h"
69	#include "prf.h"
70	#include "sa.h"
71	#include "timer.h"
72	#include "transport.h"
73	#include "util.h"
74	#include "x509.h"
75
76	extern int acquire_only;
77
78	#define MINIMUM(a, b)(((a) < (b)) ? (a) : (b)) (((a) < (b)) ? (a) : (b))
79	#define MAXIMUM(a, b)(((a) > (b)) ? (a) : (b)) (((a) > (b)) ? (a) : (b))
80
81	/* The replay window size used for all IPsec protocols if not overridden. */
82	#define DEFAULT_REPLAY_WINDOW16 16
83
84	struct ipsec_decode_arg {
85	struct message *msg;
86	struct sa *sa;
87	struct proto *proto;
88	};
89
90	/* These variables hold the contacted peers ADT state. */
91	struct contact {
92	struct sockaddr *addr;
93	socklen_t len;
94	} *contacts = 0;
95	int contact_cnt = 0, contact_limit = 0;
96
97	static int addr_cmp(const void , const void );
98	static int ipsec_add_contact(struct message *);
99	static int ipsec_contacted(struct message *);
100	static int ipsec_debug_attribute(u_int16_t, u_int8_t *, u_int16_t,
101	void *);
102	static void ipsec_delete_spi(struct sa , struct proto , int);
103	static int16_t *ipsec_exchange_script(u_int8_t);
104	static void ipsec_finalize_exchange(struct message *);
105	static void ipsec_free_exchange_data(void *);
106	static void ipsec_free_proto_data(void *);
107	static void ipsec_free_sa_data(void *);
108	static struct keystate ipsec_get_keystate(struct message );
109	static u_int8_t ipsec_get_spi(size_t , u_int8_t, struct message *);
110	static int ipsec_handle_leftover_payload(struct message *, u_int8_t,
111	struct payload *);
112	static int ipsec_informational_post_hook(struct message *);
113	static int ipsec_informational_pre_hook(struct message *);
114	static int ipsec_initiator(struct message *);
115	static void ipsec_proto_init(struct proto , char );
116	static int ipsec_responder(struct message *);
117	static void ipsec_setup_situation(u_int8_t *);
118	static int ipsec_set_network(u_int8_t , u_int8_t , struct sa *);
119	static size_t ipsec_situation_size(void);
120	static u_int8_t ipsec_spi_size(u_int8_t);
121	static int ipsec_validate_attribute(u_int16_t, u_int8_t *, u_int16_t,
122	void *);
123	static int ipsec_validate_exchange(u_int8_t);
124	static int ipsec_validate_id_information(u_int8_t, u_int8_t , u_int8_t ,
125	size_t, struct exchange *);
126	static int ipsec_validate_key_information(u_int8_t *, size_t);
127	static int ipsec_validate_notification(u_int16_t);
128	static int ipsec_validate_proto(u_int8_t);
129	static int ipsec_validate_situation(u_int8_t , size_t , size_t);
130	static int ipsec_validate_transform_id(u_int8_t, u_int8_t);
131	static int ipsec_sa_check_flow(struct sa , void );
132	static int ipsec_sa_check_flow_any(struct sa , void );
133	static int ipsec_sa_tag(struct exchange , struct sa , struct sa *);
134
135	static struct doi ipsec_doi = {
136	{0}, IPSEC_DOI_IPSEC1,
137	sizeof(struct ipsec_exch), sizeof(struct ipsec_sa),
138	sizeof(struct ipsec_proto),
139	ipsec_debug_attribute,
140	ipsec_delete_spi,
141	ipsec_exchange_script,
142	ipsec_finalize_exchange,
143	ipsec_free_exchange_data,
144	ipsec_free_proto_data,
145	ipsec_free_sa_data,
146	ipsec_get_keystate,
147	ipsec_get_spi,
148	ipsec_handle_leftover_payload,
149	ipsec_informational_post_hook,
150	ipsec_informational_pre_hook,
151	ipsec_is_attribute_incompatible,
152	ipsec_proto_init,
153	ipsec_setup_situation,
154	ipsec_situation_size,
155	ipsec_spi_size,
156	ipsec_validate_attribute,
157	ipsec_validate_exchange,
158	ipsec_validate_id_information,
159	ipsec_validate_key_information,
160	ipsec_validate_notification,
161	ipsec_validate_proto,
162	ipsec_validate_situation,
163	ipsec_validate_transform_id,
164	ipsec_initiator,
165	ipsec_responder,
166	ipsec_decode_ids
167	};
168
169	int16_t script_quick_mode[] = {
170	ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */
171	ISAKMP_PAYLOAD_SA1,
172	ISAKMP_PAYLOAD_NONCE10,
173	EXCHANGE_SCRIPT_SWITCH-3,
174	ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */
175	ISAKMP_PAYLOAD_SA1,
176	ISAKMP_PAYLOAD_NONCE10,
177	EXCHANGE_SCRIPT_SWITCH-3,
178	ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */
179	EXCHANGE_SCRIPT_END-4
180	};
181
182	int16_t script_new_group_mode[] = {
183	ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */
184	ISAKMP_PAYLOAD_SA1,
185	EXCHANGE_SCRIPT_SWITCH-3,
186	ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */
187	ISAKMP_PAYLOAD_SA1,
188	EXCHANGE_SCRIPT_END-4
189	};
190
191	struct dst_spi_proto_arg {
192	struct sockaddr *dst;
193	u_int32_t spi;
194	u_int8_t proto;
195	};
196
197	/*
198	* Check if SA matches what we are asking for through V_ARG. It has to
199	* be a finished phase 2 SA.
200	* if "proto" arg is 0, match any proto
201	*/
202	static int
203	ipsec_sa_check(struct sa sa, void v_arg)
204	{
205	struct dst_spi_proto_arg *arg = v_arg;
206	struct proto *proto;
207	struct sockaddr dst, src;
208	int incoming;
209
210	if (sa->phase != 2 \|\| !(sa->flags & SA_FLAG_READY0x01))
211	return 0;
212
213	sa->transport->vtbl->get_dst(sa->transport, &dst);
214	if (memcmp(sockaddr_addrdata(dst), sockaddr_addrdata(arg->dst),
215	sockaddr_addrlen(dst)) == 0)
216	incoming = 0;
217	else {
218	sa->transport->vtbl->get_src(sa->transport, &src);
219	if (memcmp(sockaddr_addrdata(src), sockaddr_addrdata(arg->dst),
220	sockaddr_addrlen(src)) == 0)
221	incoming = 1;
222	else
223	return 0;
224	}
225
226	for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first); proto;
227	proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next))
228	if ((arg->proto == 0 \|\| proto->proto == arg->proto) &&
229	memcmp(proto->spi[incoming], &arg->spi, sizeof arg->spi)
230	== 0)
231	return 1;
232	return 0;
233	}
234
235	/* Find an SA with a "name" of DST, SPI & PROTO. */
236	struct sa *
237	ipsec_sa_lookup(struct sockaddr *dst, u_int32_t spi, u_int8_t proto)
238	{
239	struct dst_spi_proto_arg arg;
240
241	arg.dst = dst;
242	arg.spi = spi;
243	arg.proto = proto;
244	return sa_find(ipsec_sa_check, &arg);
245	}
246
247	/*
248	* Check if SA matches the flow of another SA in V_ARG. It has to
249	* be a finished non-replaced phase 2 SA.
250	* XXX At some point other selectors will matter here too.
251	*/
252	static int
253	ipsec_sa_check_flow(struct sa sa, void v_arg)
254	{
255	if ((sa->flags & (SA_FLAG_READY0x01 \| SA_FLAG_REPLACED0x08)) != SA_FLAG_READY0x01)
256	return 0;
257
258	return ipsec_sa_check_flow_any(sa, v_arg);
259	}
260
261	static int
262	ipsec_sa_check_flow_any(struct sa sa, void v_arg)
263	{
264	struct sa *sa2 = v_arg;
265	struct ipsec_sa isa = sa->data, isa2 = sa2->data;
266
267	if (sa == sa2 \|\| sa->phase != 2 \|\|
268	(sa->flags & SA_FLAG_READY0x01) != SA_FLAG_READY0x01)
269	return 0;
270
271	if (isa->tproto != isa2->tproto \|\| isa->sport != isa2->sport \|\|
272	isa->dport != isa2->dport)
273	return 0;
274
275	/*
276	* If at least one of the IPsec SAs is incomplete, we're done.
277	*/
278	if (isa->src_net == NULL((void)0) \|\| isa2->src_net == NULL((void)0) \|\|
279	isa->dst_net == NULL((void)0) \|\| isa2->dst_net == NULL((void)0) \|\|
280	isa->src_mask == NULL((void)0) \|\| isa2->src_mask == NULL((void)0) \|\|
281	isa->dst_mask == NULL((void)0) \|\| isa2->dst_mask == NULL((void)0))
282	return 0;
283
284	return isa->src_net->sa_family == isa2->src_net->sa_family &&
285	memcmp(sockaddr_addrdata(isa->src_net),
286	sockaddr_addrdata(isa2->src_net),
287	sockaddr_addrlen(isa->src_net)) == 0 &&
288	memcmp(sockaddr_addrdata(isa->src_mask),
289	sockaddr_addrdata(isa2->src_mask),
290	sockaddr_addrlen(isa->src_mask)) == 0 &&
291	memcmp(sockaddr_addrdata(isa->dst_net),
292	sockaddr_addrdata(isa2->dst_net),
293	sockaddr_addrlen(isa->dst_net)) == 0 &&
294	memcmp(sockaddr_addrdata(isa->dst_mask),
295	sockaddr_addrdata(isa2->dst_mask),
296	sockaddr_addrlen(isa->dst_mask)) == 0;
297	}
298
299	/*
300	* Construct a PF tag if specified in the configuration.
301	* It is possible to use variables to expand the tag:
302	* $id The string representation of the remote ID
303	* $domain The stripped domain part of the ID (for FQDN and UFQDN)
304	*/
305	static int
306	ipsec_sa_tag(struct exchange exchange, struct sa sa, struct sa *isakmp_sa)
307	{
308	char format, section;
309	char id_string = NULL((void)0), domain = NULL((void)0);
310	int error = -1;
311	size_t len;
312
313	sa->tag = NULL((void*)0);
314
315	if (exchange->name == NULL((void*)0) \|\|
316	(section = exchange->name) == NULL((void*)0) \|\|
317	(format = conf_get_str(section, "PF-Tag")) == NULL((void*)0))
318	return (0); /* ignore if not present */
319
320	len = PF_TAG_NAME_SIZE64;
321	if ((sa->tag = calloc(1, len)) == NULL((void*)0)) {
322	log_error("ipsec_sa_tag: calloc");
323	goto fail;
324	}
325	if (strlcpy(sa->tag, format, len) >= len) {
326	log_print("ipsec_sa_tag: tag too long");
327	goto fail;
328	}
329	if (isakmp_sa->initiator)
330	id_string = ipsec_id_string(isakmp_sa->id_r,
331	isakmp_sa->id_r_len);
332	else
333	id_string = ipsec_id_string(isakmp_sa->id_i,
334	isakmp_sa->id_i_len);
335
336	if (strstr(format, "$id") != NULL((void*)0)) {
337	if (id_string == NULL((void*)0)) {
338	log_print("ipsec_sa_tag: cannot get ID");
339	goto fail;
340	}
341	if (expand_string(sa->tag, len, "$id", id_string) != 0) {
342	log_print("ipsec_sa_tag: failed to expand tag");
343	goto fail;
344	}
345	}
346
347	if (strstr(format, "$domain") != NULL((void*)0)) {
348	if (id_string == NULL((void*)0)) {
349	log_print("ipsec_sa_tag: cannot get ID");
350	goto fail;
351	}
352	if (strncmp(id_string, "fqdn/", strlen("fqdn/")) == 0)
353	domain = strchr(id_string, '.');
354	else if (strncmp(id_string, "ufqdn/", strlen("ufqdn/")) == 0)
355	domain = strchr(id_string, '@');
356	if (domain == NULL((void*)0) \|\| strlen(domain) < 2) {
357	log_print("ipsec_sa_tag: no valid domain in ID %s",
358	id_string);
359	goto fail;
360	}
361	domain++;
362	if (expand_string(sa->tag, len, "$domain", domain) != 0) {
363	log_print("ipsec_sa_tag: failed to expand tag");
364	goto fail;
365	}
366	}
367
368	LOG_DBG((LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"",log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag)
369	strlen(sa->tag), sa->tag))log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag);
370
371	error = 0;
372	fail:
373	free(id_string);
374	if (error != 0) {
375	free(sa->tag);
376	sa->tag = NULL((void*)0);
377	}
378
379	return (error);
380	}
381
382	/*
383	* Do IPsec DOI specific finalizations task for the exchange where MSG was
384	* the final message.
385	*/
386	static void
387	ipsec_finalize_exchange(struct message *msg)
388	{
389	struct sa *isakmp_sa = msg->isakmp_sa;
390	struct ipsec_sa *isa;
391	struct exchange *exchange = msg->exchange;
392	struct ipsec_exch *ie = exchange->data;
393	struct sa sa = 0, old_sa;
394	struct proto proto, last_proto = 0;
395	char addr1, addr2, mask1, mask2;
396
397	switch (exchange->phase) {
398	case 1:
399	switch (exchange->type) {
400	case ISAKMP_EXCH_ID_PROT2:
401	case ISAKMP_EXCH_AGGRESSIVE4:
402	isa = isakmp_sa->data;
403	isa->hash = ie->hash->type;
404	isa->prf_type = ie->prf_type;
405	isa->skeyid_len = ie->skeyid_len;
406	isa->skeyid_d = ie->skeyid_d;
407	isa->skeyid_a = ie->skeyid_a;
408	/* Prevents early free of SKEYID_. /
409	ie->skeyid_a = ie->skeyid_d = 0;
410
411	/*
412	* If a lifetime was negotiated setup the expiration
413	* timers.
414	*/
415	if (isakmp_sa->seconds)
416	sa_setup_expirations(isakmp_sa);
417
418	if (isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE0x200)
419	nat_t_setup_keepalive(isakmp_sa);
420	break;
421	}
422	break;
423
424	case 2:
425	switch (exchange->type) {
426	case IKE_EXCH_QUICK_MODE32:
427	/*
428	* Tell the application(s) about the SPIs and key
429	* material.
430	*/
431	for (sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first); sa;
432	sa = TAILQ_NEXT(sa, next)((sa)->next.tqe_next)) {
433	isa = sa->data;
434
435	if (exchange->initiator) {
436	/*
437	* Initiator is source, responder is
438	* destination.
439	*/
440	if (ipsec_set_network(ie->id_ci,
441	ie->id_cr, sa)) {
442	log_print(
443	"ipsec_finalize_exchange: "
444	"ipsec_set_network "
445	"failed");
446	return;
447	}
448	} else {
449	/*
450	* Responder is source, initiator is
451	* destination.
452	*/
453	if (ipsec_set_network(ie->id_cr,
454	ie->id_ci, sa)) {
455	log_print(
456	"ipsec_finalize_exchange: "
457	"ipsec_set_network "
458	"failed");
459	return;
460	}
461	}
462
463	if (ipsec_sa_tag(exchange, sa, isakmp_sa) == -1)
464	return;
465
466	for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first),
467	last_proto = 0; proto;
468	proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) {
469	if (pf_key_v2_set_spi(sa, proto,
470	0, isakmp_sa) \|\|
471	(last_proto &&
472	pf_key_v2_group_spis(sa,
473	last_proto, proto, 0)) \|\|
474	pf_key_v2_set_spi(sa, proto,
475	1, isakmp_sa) \|\|
476	(last_proto &&
477	pf_key_v2_group_spis(sa,
478	last_proto, proto, 1)))
479	/*
480	* XXX Tear down this
481	* exchange.
482	*/
483	return;
484	last_proto = proto;
485	}
486
487	if (sockaddr2text(isa->src_net, &addr1, 0))
488	addr1 = 0;
489	if (sockaddr2text(isa->src_mask, &mask1, 0))
490	mask1 = 0;
491	if (sockaddr2text(isa->dst_net, &addr2, 0))
492	addr2 = 0;
493	if (sockaddr2text(isa->dst_mask, &mask2, 0))
494	mask2 = 0;
495
496	LOG_DBG((LOG_EXCHANGE, 50,log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
497	"ipsec_finalize_exchange: src %s %s "log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
498	"dst %s %s tproto %u sport %u dport %u",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
499	addr1 ? addr1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
500	mask1 ? mask1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
501	addr2 ? addr2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
502	mask2 ? mask2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
503	isa->tproto, ntohs(isa->sport),log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)))
504	ntohs(isa->dport)))log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 \| ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 \| ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport)));
505
506	free(addr1);
507	free(mask1);
508	free(addr2);
509	free(mask2);
510
511	/*
512	* If this is not an SA acquired by the
513	* kernel, it needs to have a SPD entry
514	* (a.k.a. flow) set up.
515	*/
516	if (!(sa->flags & SA_FLAG_ONDEMAND0x04 \|\|
517	conf_get_str("General", "Acquire-Only") \|\|
518	acquire_only) &&
519	pf_key_v2_enable_sa(sa, isakmp_sa))
520	/* XXX Tear down this exchange. */
521	return;
522
523	/*
524	* Mark elder SAs with the same flow
525	* information as replaced.
526	*/
527	while ((old_sa = sa_find(ipsec_sa_check_flow,
528	sa)) != 0)
529	sa_mark_replaced(old_sa);
530	}
531	break;
532	}
533	}
534	}
535
536	/* Set the client addresses in ISA from SRC_ID and DST_ID. */
537	static int
538	ipsec_set_network(u_int8_t src_id, u_int8_t dst_id, struct sa *sa)
539	{
540	void src_net, dst_net;
541	void src_mask = NULL((void)0), dst_mask = NULL((void)0);
542	struct sockaddr *addr;
543	struct proto *proto;
544	struct ipsec_proto *iproto;
545	struct ipsec_sa *isa = sa->data;
546	int src_af, dst_af;
547	int id;
548	char name, nat = NULL((void*)0);
549	u_int8_t nat_id = NULL((void)0);
550	size_t nat_sz;
551
552	if ((name = connection_passive_lookup_by_ids(src_id, dst_id)))
553	nat = conf_get_str(name, "NAT-ID");
554
555	if (nat) {
556	if ((nat_id = ipsec_build_id(nat, &nat_sz))) {
557	LOG_DBG((LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:"log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat)
558	" src: %s -> %s", name, nat))log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat);
559	src_id = nat_id;
560	} else
561	log_print("ipsec_set_network: ipsec_build_id"
562	" failed for NAT-ID: %s", nat);
563	}
564
565	if (((proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)) != NULL((void*)0)) &&
566	((iproto = proto->data) != NULL((void*)0)) &&
567	(iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 \|\|
568	iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444)) {
569	/*
570	* For NAT-T with transport mode, we need to use the ISAKMP's
571	* SA addresses for the flow.
572	*/
573	sa->transport->vtbl->get_src(sa->transport, &addr);
574	src_af = addr->sa_family;
575	src_net = sockaddr_addrdata(addr);
576
577	sa->transport->vtbl->get_dst(sa->transport, &addr);
578	dst_af = addr->sa_family;
579	dst_net = sockaddr_addrdata(addr);
580	} else {
581	id = GET_ISAKMP_ID_TYPE(src_id)field_get_num (isakmp_id_fld + 0, src_id);
582	src_net = src_id + ISAKMP_ID_DATA_OFF8;
583	switch (id) {
584	case IPSEC_ID_IPV4_ADDR_SUBNET4:
585	src_mask = (u_int8_t *)src_net + sizeof(struct in_addr);
586	/* FALLTHROUGH */
587	case IPSEC_ID_IPV4_ADDR1:
588	src_af = AF_INET2;
589	break;
590
591	case IPSEC_ID_IPV6_ADDR_SUBNET6:
592	src_mask = (u_int8_t *)src_net +
593	sizeof(struct in6_addr);
594	/* FALLTHROUGH */
595	case IPSEC_ID_IPV6_ADDR5:
596	src_af = AF_INET624;
597	break;
598
599	default:
600	log_print(
601	"ipsec_set_network: ID type %d (%s) not supported",
602	id, constant_name(ipsec_id_cst, id));
603	return -1;
604	}
605
606	id = GET_ISAKMP_ID_TYPE(dst_id)field_get_num (isakmp_id_fld + 0, dst_id);
607	dst_net = dst_id + ISAKMP_ID_DATA_OFF8;
608	switch (id) {
609	case IPSEC_ID_IPV4_ADDR_SUBNET4:
610	dst_mask = (u_int8_t *)dst_net + sizeof(struct in_addr);
611	/* FALLTHROUGH */
612	case IPSEC_ID_IPV4_ADDR1:
613	dst_af = AF_INET2;
614	break;
615
616	case IPSEC_ID_IPV6_ADDR_SUBNET6:
617	dst_mask = (u_int8_t *)dst_net +
618	sizeof(struct in6_addr);
619	/* FALLTHROUGH */
620	case IPSEC_ID_IPV6_ADDR5:
621	dst_af = AF_INET624;
622	break;
623
624	default:
625	log_print(
626	"ipsec_set_network: ID type %d (%s) not supported",
627	id, constant_name(ipsec_id_cst, id));
628	return -1;
629	}
630	}
631
632	/* Set source address/mask. */
633	switch (src_af) {
634	case AF_INET2:
635	isa->src_net = calloc(1, sizeof(struct sockaddr_in));
636	if (!isa->src_net)
637	goto memfail;
638	isa->src_net->sa_family = AF_INET2;
639	isa->src_net->sa_len = sizeof(struct sockaddr_in);
640
641	isa->src_mask = calloc(1, sizeof(struct sockaddr_in));
642	if (!isa->src_mask)
643	goto memfail;
644	isa->src_mask->sa_family = AF_INET2;
645	isa->src_mask->sa_len = sizeof(struct sockaddr_in);
646	break;
647
648	case AF_INET624:
649	isa->src_net = calloc(1, sizeof(struct sockaddr_in6));
650	if (!isa->src_net)
651	goto memfail;
652	isa->src_net->sa_family = AF_INET624;
653	isa->src_net->sa_len = sizeof(struct sockaddr_in6);
654
655	isa->src_mask = calloc(1, sizeof(struct sockaddr_in6));
656	if (!isa->src_mask)
657	goto memfail;
658	isa->src_mask->sa_family = AF_INET624;
659	isa->src_mask->sa_len = sizeof(struct sockaddr_in6);
660	break;
661	}
662
663	/* Net */
664	memcpy(sockaddr_addrdata(isa->src_net), src_net,
665	sockaddr_addrlen(isa->src_net));
666
667	/* Mask */
668	if (src_mask == NULL((void*)0))
669	memset(sockaddr_addrdata(isa->src_mask), 0xff,
670	sockaddr_addrlen(isa->src_mask));
671	else
672	memcpy(sockaddr_addrdata(isa->src_mask), src_mask,
673	sockaddr_addrlen(isa->src_mask));
674
675	memcpy(&isa->sport,
676	src_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1,
677	IPSEC_ID_PORT_LEN2);
678
679	free(nat_id);
680
681	/* Set destination address. */
682	switch (dst_af) {
683	case AF_INET2:
684	isa->dst_net = calloc(1, sizeof(struct sockaddr_in));
	Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in'
685	if (!isa->dst_net)
686	goto memfail;
687	isa->dst_net->sa_family = AF_INET2;
688	isa->dst_net->sa_len = sizeof(struct sockaddr_in);
689
690	isa->dst_mask = calloc(1, sizeof(struct sockaddr_in));
691	if (!isa->dst_mask)
692	goto memfail;
693	isa->dst_mask->sa_family = AF_INET2;
694	isa->dst_mask->sa_len = sizeof(struct sockaddr_in);
695	break;
696
697	case AF_INET624:
698	isa->dst_net = calloc(1, sizeof(struct sockaddr_in6));
699	if (!isa->dst_net)
700	goto memfail;
701	isa->dst_net->sa_family = AF_INET624;
702	isa->dst_net->sa_len = sizeof(struct sockaddr_in6);
703
704	isa->dst_mask = calloc(1, sizeof(struct sockaddr_in6));
705	if (!isa->dst_mask)
706	goto memfail;
707	isa->dst_mask->sa_family = AF_INET624;
708	isa->dst_mask->sa_len = sizeof(struct sockaddr_in6);
709	break;
710	}
711
712	/* Net */
713	memcpy(sockaddr_addrdata(isa->dst_net), dst_net,
714	sockaddr_addrlen(isa->dst_net));
715
716	/* Mask */
717	if (dst_mask == NULL((void*)0))
718	memset(sockaddr_addrdata(isa->dst_mask), 0xff,
719	sockaddr_addrlen(isa->dst_mask));
720	else
721	memcpy(sockaddr_addrdata(isa->dst_mask), dst_mask,
722	sockaddr_addrlen(isa->dst_mask));
723
724	memcpy(&isa->tproto, dst_id + ISAKMP_ID_DOI_DATA_OFF5 +
725	IPSEC_ID_PROTO_OFF0, IPSEC_ID_PROTO_LEN1);
726	memcpy(&isa->dport,
727	dst_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1,
728	IPSEC_ID_PORT_LEN2);
729	return 0;
730
731	memfail:
732	log_error("ipsec_set_network: calloc () failed");
733	return -1;
734	}
735
736	/* Free the DOI-specific exchange data pointed to by VIE. */
737	static void
738	ipsec_free_exchange_data(void *vie)
739	{
740	struct ipsec_exch *ie = vie;
741	struct isakmp_cfg_attr *attr;
742
743	free(ie->sa_i_b);
744	free(ie->id_ci);
745	free(ie->id_cr);
746	free(ie->g_xi);
747	free(ie->g_xr);
748	free(ie->g_xy);
749	free(ie->skeyid);
750	free(ie->skeyid_d);
751	free(ie->skeyid_a);
752	free(ie->skeyid_e);
753	free(ie->hash_i);
754	free(ie->hash_r);
755	if (ie->group)
756	group_free(ie->group);
757	for (attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first); attr;
758	attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first)) {
759	LIST_REMOVE(attr, link)do { if ((attr)->link.le_next != ((void)0)) (attr)->link .le_next->link.le_prev = (attr)->link.le_prev; (attr)-> link.le_prev = (attr)->link.le_next; ; ; } while (0);
760	if (attr->length)
761	free(attr->value);
762	free(attr);
763	}
764	}
765
766	/* Free the DOI-specific SA data pointed to by VISA. */
767	static void
768	ipsec_free_sa_data(void *visa)
769	{
770	struct ipsec_sa *isa = visa;
771
772	free(isa->src_net);
773	free(isa->src_mask);
774	free(isa->dst_net);
775	free(isa->dst_mask);
776	free(isa->skeyid_a);
777	free(isa->skeyid_d);
778	}
779
780	/* Free the DOI-specific protocol data of an SA pointed to by VIPROTO. */
781	static void
782	ipsec_free_proto_data(void *viproto)
783	{
784	struct ipsec_proto *iproto = viproto;
785	int i;
786
787	for (i = 0; i < 2; i++)
788	free(iproto->keymat[i]);
789	}
790
791	/* Return exchange script based on TYPE. */
792	static int16_t *
793	ipsec_exchange_script(u_int8_t type)
794	{
795	switch (type) {
796	case ISAKMP_EXCH_TRANSACTION6:
797	return script_transaction;
798	case IKE_EXCH_QUICK_MODE32:
799	return script_quick_mode;
800	case IKE_EXCH_NEW_GROUP_MODE33:
801	return script_new_group_mode;
802	}
803	return 0;
804	}
805
806	/* Initialize this DOI, requires doi_init to already have been called. */
807	void
808	ipsec_init(void)
809	{
810	doi_register(&ipsec_doi);
811	}
812
813	/* Given a message MSG, return a suitable IV (or rather keystate). */
814	static struct keystate *
815	ipsec_get_keystate(struct message *msg)
816	{
817	struct keystate *ks;
818	struct hash *hash;
819
820	/* If we have already have an IV, use it. */
821	if (msg->exchange && msg->exchange->keystate) {
822	ks = malloc(sizeof *ks);
823	if (!ks) {
824	log_error("ipsec_get_keystate: malloc (%lu) failed",
825	(unsigned long) sizeof *ks);
826	return 0;
827	}
828	memcpy(ks, msg->exchange->keystate, sizeof *ks);
829	return ks;
830	}
831	/*
832	* For phase 2 when no SA yet is setup we need to hash the IV used by
833	* the ISAKMP SA concatenated with the message ID, and use that as an
834	* IV for further cryptographic operations.
835	*/
836	if (!msg->isakmp_sa->keystate) {
837	log_print("ipsec_get_keystate: no keystate in ISAKMP SA %p",
838	msg->isakmp_sa);
839	return 0;
840	}
841	ks = crypto_clone_keystate(msg->isakmp_sa->keystate);
842	if (!ks)
843	return 0;
844
845	hash = hash_get(((struct ipsec_sa *)msg->isakmp_sa->data)->hash);
846	hash->Init(hash->ctx);
847	LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize)
848	ks->riv, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize);
849	hash->Update(hash->ctx, ks->riv, ks->xf->blocksize);
850	LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: message ID",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4)
851	((u_int8_t ) msg->iov[0].iov_base) + ISAKMP_HDR_MESSAGE_ID_OFF,log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t ) msg->iov[0].iov_base) + 20, 4)
852	ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4);
853	hash->Update(hash->ctx, ((u_int8_t *) msg->iov[0].iov_base) +
854	ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4);
855	hash->Final(hash->digest, hash->ctx);
856	crypto_init_iv(ks, hash->digest, ks->xf->blocksize);
857	LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize)
858	hash->digest, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize);
859	return ks;
860	}
861
862	static void
863	ipsec_setup_situation(u_int8_t *buf)
864	{
865	SET_IPSEC_SIT_SIT(buf + ISAKMP_SA_SIT_OFF, IPSEC_SIT_IDENTITY_ONLY)field_set_num (ipsec_sit_fld + 0, buf + 8, 1);
866	}
867
868	static size_t
869	ipsec_situation_size(void)
870	{
871	return IPSEC_SIT_SIT_LEN4;
872	}
873
874	static u_int8_t
875	ipsec_spi_size(u_int8_t proto)
876	{
877	return IPSEC_SPI_SIZE4;
878	}
879
880	static int
881	ipsec_validate_attribute(u_int16_t type, u_int8_t * value, u_int16_t len,
882	void *vmsg)
883	{
884	struct message *msg = vmsg;
885
886	if (msg->exchange->phase == 1 &&
887	(type < IKE_ATTR_ENCRYPTION_ALGORITHM1 \|\| type > IKE_ATTR_GROUP_ORDER16))
888	return -1;
889	if (msg->exchange->phase == 2 &&
890	(type < IPSEC_ATTR_SA_LIFE_TYPE1 \|\| type > IPSEC_ATTR_ECN_TUNNEL10))
891	return -1;
892	return 0;
893	}
894
895	static int
896	ipsec_validate_exchange(u_int8_t exch)
897	{
898	return exch != IKE_EXCH_QUICK_MODE32 && exch != IKE_EXCH_NEW_GROUP_MODE33;
899	}
900
901	static int
902	ipsec_validate_id_information(u_int8_t type, u_int8_t extra, u_int8_t buf,
903	size_t sz, struct exchange *exchange)
904	{
905	u_int8_t proto = GET_IPSEC_ID_PROTO(extra)field_get_num (ipsec_id_fld + 0, extra);
906	u_int16_t port = GET_IPSEC_ID_PORT(extra)field_get_num (ipsec_id_fld + 1, extra);
907
908	LOG_DBG((LOG_MESSAGE, 40,log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type)
909	"ipsec_validate_id_information: proto %d port %d type %d",log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type)
910	proto, port, type))log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type);
911	if (type < IPSEC_ID_IPV4_ADDR1 \|\| type > IPSEC_ID_KEY_ID11)
912	return -1;
913
914	switch (type) {
915	case IPSEC_ID_IPV4_ADDR1:
916	LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr))
917	"ipsec_validate_id_information: IPv4", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr))
918	sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr));
919	break;
920
921	case IPSEC_ID_IPV6_ADDR5:
922	LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr))
923	"ipsec_validate_id_information: IPv6", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr))
924	sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr));
925	break;
926
927	case IPSEC_ID_IPV4_ADDR_SUBNET4:
928	LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr))
929	"ipsec_validate_id_information: IPv4 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr))
930	buf, 2 * sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr));
931	break;
932
933	case IPSEC_ID_IPV6_ADDR_SUBNET6:
934	LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr))
935	"ipsec_validate_id_information: IPv6 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr))
936	buf, 2 * sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr));
937	break;
938
939	default:
940	break;
941	}
942
943	if (exchange->phase == 1 &&
944	(proto != IPPROTO_UDP17 \|\| port != UDP_DEFAULT_PORT500) &&
945	(proto != 0 \|\| port != 0)) {
946	/*
947	* XXX SSH's ISAKMP tester fails this test (proto 17 - port
948	* 0).
949	*/
950	#ifdef notyet
951	return -1;
952	#else
953	log_print("ipsec_validate_id_information: dubious ID "
954	"information accepted");
955	#endif
956	}
957	/* XXX More checks? */
958
959	return 0;
960	}
961
962	static int
963	ipsec_validate_key_information(u_int8_t *buf, size_t sz)
964	{
965	/* XXX Not implemented yet. */
966	return 0;
967	}
968
969	static int
970	ipsec_validate_notification(u_int16_t type)
971	{
972	return type < IPSEC_NOTIFY_RESPONDER_LIFETIME24576 \|\|
973	type > IPSEC_NOTIFY_INITIAL_CONTACT24578 ? -1 : 0;
974	}
975
976	static int
977	ipsec_validate_proto(u_int8_t proto)
978	{
979	return proto < IPSEC_PROTO_IPSEC_AH2 \|\|
980	proto > IPSEC_PROTO_IPCOMP4 ? -1 : 0;
981	}
982
983	static int
984	ipsec_validate_situation(u_int8_t buf, size_t sz, size_t len)
985	{
986	if (len < IPSEC_SIT_SIT_OFF0 + IPSEC_SIT_SIT_LEN4) {
987	log_print("ipsec_validate_situation: payload too short: %u",
988	(unsigned int) len);
989	return -1;
990	}
991	/* Currently only "identity only" situations are supported. */
992	if (GET_IPSEC_SIT_SIT(buf)field_get_num (ipsec_sit_fld + 0, buf) != IPSEC_SIT_IDENTITY_ONLY1)
993	return 1;
994
995	*sz = IPSEC_SIT_SIT_LEN4;
996
997	return 0;
998	}
999
1000	static int
1001	ipsec_validate_transform_id(u_int8_t proto, u_int8_t transform_id)
1002	{
1003	switch (proto) {
1004	/*
1005	* As no unexpected protocols can occur, we just tie the
1006	* default case to the first case, in order to silence a GCC
1007	* warning.
1008	*/
1009	default:
1010	case ISAKMP_PROTO_ISAKMP1:
1011	return transform_id != IPSEC_TRANSFORM_KEY_IKE1;
1012	case IPSEC_PROTO_IPSEC_AH2:
1013	return transform_id < IPSEC_AH_MD52 \|\|
1014	transform_id > IPSEC_AH_RIPEMD8 ? -1 : 0;
1015	case IPSEC_PROTO_IPSEC_ESP3:
1016	return transform_id < IPSEC_ESP_DES_IV641 \|\|
1017	(transform_id > IPSEC_ESP_AES_GMAC23 &&
1018	transform_id < IPSEC_ESP_AES_MARS249) \|\|
1019	transform_id > IPSEC_ESP_AES_TWOFISH253 ? -1 : 0;
1020	case IPSEC_PROTO_IPCOMP4:
1021	return transform_id < IPSEC_IPCOMP_OUI1 \|\|
1022	transform_id > IPSEC_IPCOMP_DEFLATE2 ? -1 : 0;
1023	}
1024	}
1025
1026	static int
1027	ipsec_initiator(struct message *msg)
1028	{
1029	struct exchange *exchange = msg->exchange;
1030	int (*script)(struct message ) = 0;
1031
1032	/* Check that the SA is coherent with the IKE rules. */
1033	if (exchange->type != ISAKMP_EXCH_TRANSACTION6 &&
1034	((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 &&
1035	exchange->type != ISAKMP_EXCH_AGGRESSIVE4 &&
1036	exchange->type != ISAKMP_EXCH_INFO5) \|\|
1037	(exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 &&
1038	exchange->type != ISAKMP_EXCH_INFO5))) {
1039	log_print("ipsec_initiator: unsupported exchange type %d "
1040	"in phase %d", exchange->type, exchange->phase);
1041	return -1;
1042	}
1043	switch (exchange->type) {
1044	case ISAKMP_EXCH_ID_PROT2:
1045	script = ike_main_mode_initiator;
1046	break;
1047	case ISAKMP_EXCH_AGGRESSIVE4:
1048	script = ike_aggressive_initiator;
1049	break;
1050	case ISAKMP_EXCH_TRANSACTION6:
1051	script = isakmp_cfg_initiator;
1052	break;
1053	case ISAKMP_EXCH_INFO5:
1054	return message_send_info(msg);
1055	case IKE_EXCH_QUICK_MODE32:
1056	script = ike_quick_mode_initiator;
1057	break;
1058	default:
1059	log_print("ipsec_initiator: unsupported exchange type %d",
1060	exchange->type);
1061	return -1;
1062	}
1063
1064	/* Run the script code for this step. */
1065	if (script)
1066	return script[exchange->step] (msg);
1067
1068	return 0;
1069	}
1070
1071	/*
1072	* delete all SA's from addr with the associated proto and SPI's
1073	*
1074	* spis[] is an array of SPIs of size 16-octet for proto ISAKMP
1075	* or 4-octet otherwise.
1076	*/
1077	static void
1078	ipsec_delete_spi_list(struct sockaddr addr, u_int8_t proto, u_int8_t spis,
1079	int nspis, char *type)
1080	{
1081	struct sa *sa;
1082	char *peer;
1083	char ids[1024];
1084	int i;
1085
1086	for (i = 0; i < nspis; i++) {
1087	if (proto == ISAKMP_PROTO_ISAKMP1) {
1088	u_int8_t spi = spis + i ISAKMP_HDR_COOKIES_LEN(8 + 8);
1089
1090	/*
1091	* This really shouldn't happen in IPSEC DOI
1092	* code, but Cisco VPN 3000 sends ISAKMP DELETE's
1093	* this way.
1094	*/
1095	sa = sa_lookup_isakmp_sa(addr, spi);
1096	} else {
1097	u_int32_t spi = ((u_int32_t *)spis)[i];
1098
1099	sa = ipsec_sa_lookup(addr, spi, proto);
1100	}
1101
1102	if (sa == NULL((void*)0)) {
1103	LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: could "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto)
1104	"not locate SA (SPI %08x, proto %u)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto)
1105	((u_int32_t )spis)[i], proto))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t )spis)[i], proto);
1106	continue;
1107	}
1108
1109	strlcpy(ids,
1110	sa->doi->decode_ids("initiator id: %s, responder id: %s",
1111	sa->id_i, sa->id_i_len, sa->id_r, sa->id_r_len, 0),
1112	sizeof ids);
1113	if (sockaddr2text(addr, &peer, 0))
1114	peer = NULL((void*)0);
1115
1116	/* only log deletion of SAs which are not soft expired yet */
1117	if (sa->soft_death != NULL((void*)0))
1118	log_verbose("isakmpd: Peer %s made us delete live SA "
1119	"%s for proto %d, %s", peer ? peer : "<unknown>",
1120	sa->name ? sa->name : "<unnamed>", proto, ids);
1121
1122	LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids)
1123	"%s made us delete SA %p (%d references) for proto %d (%s)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids)
1124	type, sa, sa->refcnt, proto, ids))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids);
1125	free(peer);
1126
1127	/* Delete the SA and search for the next */
1128	sa_free(sa);
1129	}
1130	}
1131
1132	static int
1133	ipsec_responder(struct message *msg)
1134	{
1135	struct exchange *exchange = msg->exchange;
1136	int (*script)(struct message ) = 0;
1137	struct payload *p;
1138	u_int16_t type;
1139
1140	/* Check that a new exchange is coherent with the IKE rules. */
1141	if (exchange->step == 0 && exchange->type != ISAKMP_EXCH_TRANSACTION6 &&
1142	((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 &&
1143	exchange->type != ISAKMP_EXCH_AGGRESSIVE4 &&
1144	exchange->type != ISAKMP_EXCH_INFO5) \|\|
1145	(exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 &&
1146	exchange->type != ISAKMP_EXCH_INFO5))) {
1147	message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29,
1148	0, 1, 0);
1149	return -1;
1150	}
1151	LOG_DBG((LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d",log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step)
1152	exchange->phase, exchange->type, exchange->step))log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step);
1153	switch (exchange->type) {
1154	case ISAKMP_EXCH_ID_PROT2:
1155	script = ike_main_mode_responder;
1156	break;
1157	case ISAKMP_EXCH_AGGRESSIVE4:
1158	script = ike_aggressive_responder;
1159	break;
1160	case ISAKMP_EXCH_TRANSACTION6:
1161	script = isakmp_cfg_responder;
1162	break;
1163	case ISAKMP_EXCH_INFO5:
1164	TAILQ_FOREACH(p, &msg->payload[ISAKMP_PAYLOAD_NOTIFY], link)for((p) = ((&msg->payload[11])->tqh_first); (p) != ( (void*)0); (p) = ((p)->link.tqe_next)) {
1165	type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p)field_get_num (isakmp_notify_fld + 3, p->p);
1166	LOG_DBG((LOG_EXCHANGE, 10,log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type))
1167	"ipsec_responder: got NOTIFY of type %s",log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type))
1168	constant_name(isakmp_notify_cst, type)))log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type));
1169
1170	switch (type) {
1171	case IPSEC_NOTIFY_INITIAL_CONTACT24578:
1172	/* Handled by leftover logic. */
1173	break;
1174
1175	case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE36136:
1176	case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE_ACK36137:
1177	dpd_handle_notify(msg, p);
1178	break;
1179
1180	default:
1181	p->flags \|= PL_MARK1;
1182	break;
1183	}
1184	}
1185
1186	/*
1187	* If any DELETEs are in here, let the logic of leftover
1188	* payloads deal with them.
1189	*/
1190	return 0;
1191
1192	case IKE_EXCH_QUICK_MODE32:
1193	script = ike_quick_mode_responder;
1194	break;
1195
1196	default:
1197	message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29,
1198	0, 1, 0);
1199	return -1;
1200	}
1201
1202	/* Run the script code for this step. */
1203	if (script)
1204	return script[exchange->step] (msg);
1205
1206	/*
1207	* XXX So far we don't accept any proposals for exchanges we don't
1208	* support.
1209	*/
1210	if (payload_first(msg, ISAKMP_PAYLOAD_SA1)) {
1211	message_drop(msg, ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN14, 0, 1, 0);
1212	return -1;
1213	}
1214	return 0;
1215	}
1216
1217	static enum hashes
1218	from_ike_hash(u_int16_t hash)
1219	{
1220	switch (hash) {
1221	case IKE_HASH_MD51:
1222	return HASH_MD5;
1223	case IKE_HASH_SHA2:
1224	return HASH_SHA1;
1225	case IKE_HASH_SHA2_2564:
1226	return HASH_SHA2_256;
1227	case IKE_HASH_SHA2_3845:
1228	return HASH_SHA2_384;
1229	case IKE_HASH_SHA2_5126:
1230	return HASH_SHA2_512;
1231	}
1232	return -1;
1233	}
1234
1235	static enum transform
1236	from_ike_crypto(u_int16_t crypto)
1237	{
1238	/* Coincidentally this is the null operation :-) */
1239	return crypto;
1240	}
1241
1242	/*
1243	* Find out whether the attribute of type TYPE with a LEN length value
1244	* pointed to by VALUE is incompatible with what we can handle.
1245	* VMSG is a pointer to the current message.
1246	*/
1247	int
1248	ipsec_is_attribute_incompatible(u_int16_t type, u_int8_t *value, u_int16_t len,
1249	void *vmsg)
1250	{
1251	struct message *msg = vmsg;
1252	u_int16_t dv = decode_16(value);
1253
1254	if (msg->exchange->phase == 1) {
1255	switch (type) {
1256	case IKE_ATTR_ENCRYPTION_ALGORITHM1:
1257	return !crypto_get(from_ike_crypto(dv));
1258	case IKE_ATTR_HASH_ALGORITHM2:
1259	return !hash_get(from_ike_hash(dv));
1260	case IKE_ATTR_AUTHENTICATION_METHOD3:
1261	return !ike_auth_get(dv);
1262	case IKE_ATTR_GROUP_DESCRIPTION4:
1263	return (dv < IKE_GROUP_DESC_MODP_7681 \|\|
1264	dv > IKE_GROUP_DESC_MODP_15365) &&
1265	(dv < IKE_GROUP_DESC_MODP_204814 \|\|
1266	dv > IKE_GROUP_DESC_ECP_52121) &&
1267	(dv < IKE_GROUP_DESC_ECP_19225 \|\|
1268	dv > IKE_GROUP_DESC_BP_51230);
1269	case IKE_ATTR_GROUP_TYPE5:
1270	return 1;
1271	case IKE_ATTR_GROUP_PRIME6:
1272	return 1;
1273	case IKE_ATTR_GROUP_GENERATOR_17:
1274	return 1;
1275	case IKE_ATTR_GROUP_GENERATOR_28:
1276	return 1;
1277	case IKE_ATTR_GROUP_CURVE_A9:
1278	return 1;
1279	case IKE_ATTR_GROUP_CURVE_B10:
1280	return 1;
1281	case IKE_ATTR_LIFE_TYPE11:
1282	return dv < IKE_DURATION_SECONDS1 \|\|
1283	dv > IKE_DURATION_KILOBYTES2;
1284	case IKE_ATTR_LIFE_DURATION12:
1285	return len != 2 && len != 4;
1286	case IKE_ATTR_PRF13:
1287	return 1;
1288	case IKE_ATTR_KEY_LENGTH14:
1289	/*
1290	* Our crypto routines only allows key-lengths which
1291	* are multiples of an octet.
1292	*/
1293	return dv % 8 != 0;
1294	case IKE_ATTR_FIELD_SIZE15:
1295	return 1;
1296	case IKE_ATTR_GROUP_ORDER16:
1297	return 1;
1298	}
1299	} else {
1300	switch (type) {
1301	case IPSEC_ATTR_SA_LIFE_TYPE1:
1302	return dv < IPSEC_DURATION_SECONDS1 \|\|
1303	dv > IPSEC_DURATION_KILOBYTES2;
1304	case IPSEC_ATTR_SA_LIFE_DURATION2:
1305	return len != 2 && len != 4;
1306	case IPSEC_ATTR_GROUP_DESCRIPTION3:
1307	return (dv < IKE_GROUP_DESC_MODP_7681 \|\|
1308	dv > IKE_GROUP_DESC_MODP_15365) &&
1309	(dv < IKE_GROUP_DESC_MODP_204814 \|\|
1310	dv > IKE_GROUP_DESC_ECP_52121) &&
1311	(dv < IKE_GROUP_DESC_ECP_19225 \|\|
1312	dv > IKE_GROUP_DESC_BP_51230);
1313	case IPSEC_ATTR_ENCAPSULATION_MODE4:
1314	return dv != IPSEC_ENCAP_TUNNEL1 &&
1315	dv != IPSEC_ENCAP_TRANSPORT2 &&
1316	dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL3 &&
1317	dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 &&
1318	dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL_DRAFT61443 &&
1319	dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444;
1320	case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5:
1321	return dv < IPSEC_AUTH_HMAC_MD51 \|\|
1322	dv > IPSEC_AUTH_HMAC_RIPEMD8;
1323	case IPSEC_ATTR_KEY_LENGTH6:
1324	/*
1325	* XXX Blowfish needs '0'. Others appear to disregard
1326	* this attr?
1327	*/
1328	return 0;
1329	case IPSEC_ATTR_KEY_ROUNDS7:
1330	return 1;
1331	case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8:
1332	return 1;
1333	case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9:
1334	return 1;
1335	case IPSEC_ATTR_ECN_TUNNEL10:
1336	return 1;
1337	}
1338	}
1339	/* XXX Silence gcc. */
1340	return 1;
1341	}
1342
1343	/*
1344	* Log the attribute of TYPE with a LEN length value pointed to by VALUE
1345	* in human-readable form. VMSG is a pointer to the current message.
1346	*/
1347	int
1348	ipsec_debug_attribute(u_int16_t type, u_int8_t *value, u_int16_t len,
1349	void *vmsg)
1350	{
1351	struct message *msg = vmsg;
1352	char val[20];
1353
1354	/* XXX Transient solution. */
1355	if (len == 2)
1356	snprintf(val, sizeof val, "%d", decode_16(value));
1357	else if (len == 4)
1358	snprintf(val, sizeof val, "%d", decode_32(value));
1359	else
1360	snprintf(val, sizeof val, "unrepresentable");
1361
1362	LOG_DBG((LOG_MESSAGE, 50, "Attribute %s value %s",log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val)
1363	constant_name(msg->exchange->phase == 1 ? ike_attr_cst :log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val)
1364	ipsec_attr_cst, type), val))log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val);
1365	return 0;
1366	}
1367
1368	/*
1369	* Decode the attribute of type TYPE with a LEN length value pointed to by
1370	* VALUE. VIDA is a pointer to a context structure where we can find the
1371	* current message, SA and protocol.
1372	*/
1373	int
1374	ipsec_decode_attribute(u_int16_t type, u_int8_t *value, u_int16_t len,
1375	void *vida)
1376	{
1377	struct ipsec_decode_arg *ida = vida;
1378	struct message *msg = ida->msg;
1379	struct sa *sa = ida->sa;
1380	struct ipsec_sa *isa = sa->data;
1381	struct proto *proto = ida->proto;
1382	struct ipsec_proto *iproto = proto->data;
1383	struct exchange *exchange = msg->exchange;
1384	struct ipsec_exch *ie = exchange->data;
1385	static int lifetype = 0;
1386
1387	if (exchange->phase == 1) {
1388	switch (type) {
1389	case IKE_ATTR_ENCRYPTION_ALGORITHM1:
1390	/* XXX Errors possible? */
1391	exchange->crypto = crypto_get(from_ike_crypto(
1392	decode_16(value)));
1393	break;
1394	case IKE_ATTR_HASH_ALGORITHM2:
1395	/* XXX Errors possible? */
1396	ie->hash = hash_get(from_ike_hash(decode_16(value)));
1397	break;
1398	case IKE_ATTR_AUTHENTICATION_METHOD3:
1399	/* XXX Errors possible? */
1400	ie->ike_auth = ike_auth_get(decode_16(value));
1401	break;
1402	case IKE_ATTR_GROUP_DESCRIPTION4:
1403	isa->group_desc = decode_16(value);
1404	break;
1405	case IKE_ATTR_GROUP_TYPE5:
1406	break;
1407	case IKE_ATTR_GROUP_PRIME6:
1408	break;
1409	case IKE_ATTR_GROUP_GENERATOR_17:
1410	break;
1411	case IKE_ATTR_GROUP_GENERATOR_28:
1412	break;
1413	case IKE_ATTR_GROUP_CURVE_A9:
1414	break;
1415	case IKE_ATTR_GROUP_CURVE_B10:
1416	break;
1417	case IKE_ATTR_LIFE_TYPE11:
1418	lifetype = decode_16(value);
1419	return 0;
1420	case IKE_ATTR_LIFE_DURATION12:
1421	switch (lifetype) {
1422	case IKE_DURATION_SECONDS1:
1423	switch (len) {
1424	case 2:
1425	sa->seconds = decode_16(value);
1426	break;
1427	case 4:
1428	sa->seconds = decode_32(value);
1429	break;
1430	default:
1431	log_print("ipsec_decode_attribute: "
1432	"unreasonable lifetime");
1433	}
1434	break;
1435	case IKE_DURATION_KILOBYTES2:
1436	switch (len) {
1437	case 2:
1438	sa->kilobytes = decode_16(value);
1439	break;
1440	case 4:
1441	sa->kilobytes = decode_32(value);
1442	break;
1443	default:
1444	log_print("ipsec_decode_attribute: "
1445	"unreasonable lifetime");
1446	}
1447	break;
1448	default:
1449	log_print("ipsec_decode_attribute: unknown "
1450	"lifetime type");
1451	}
1452	break;
1453	case IKE_ATTR_PRF13:
1454	break;
1455	case IKE_ATTR_KEY_LENGTH14:
1456	exchange->key_length = decode_16(value) / 8;
1457	break;
1458	case IKE_ATTR_FIELD_SIZE15:
1459	break;
1460	case IKE_ATTR_GROUP_ORDER16:
1461	break;
1462	}
1463	} else {
1464	switch (type) {
1465	case IPSEC_ATTR_SA_LIFE_TYPE1:
1466	lifetype = decode_16(value);
1467	return 0;
1468	case IPSEC_ATTR_SA_LIFE_DURATION2:
1469	switch (lifetype) {
1470	case IPSEC_DURATION_SECONDS1:
1471	switch (len) {
1472	case 2:
1473	sa->seconds = decode_16(value);
1474	break;
1475	case 4:
1476	sa->seconds = decode_32(value);
1477	break;
1478	default:
1479	log_print("ipsec_decode_attribute: "
1480	"unreasonable lifetime");
1481	}
1482	break;
1483	case IPSEC_DURATION_KILOBYTES2:
1484	switch (len) {
1485	case 2:
1486	sa->kilobytes = decode_16(value);
1487	break;
1488	case 4:
1489	sa->kilobytes = decode_32(value);
1490	break;
1491	default:
1492	log_print("ipsec_decode_attribute: "
1493	"unreasonable lifetime");
1494	}
1495	break;
1496	default:
1497	log_print("ipsec_decode_attribute: unknown "
1498	"lifetime type");
1499	}
1500	break;
1501	case IPSEC_ATTR_GROUP_DESCRIPTION3:
1502	isa->group_desc = decode_16(value);
1503	break;
1504	case IPSEC_ATTR_ENCAPSULATION_MODE4:
1505	/*
1506	* XXX Multiple protocols must have same
1507	* encapsulation mode, no?
1508	*/
1509	iproto->encap_mode = decode_16(value);
1510	break;
1511	case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5:
1512	iproto->auth = decode_16(value);
1513	break;
1514	case IPSEC_ATTR_KEY_LENGTH6:
1515	iproto->keylen = decode_16(value);
1516	break;
1517	case IPSEC_ATTR_KEY_ROUNDS7:
1518	iproto->keyrounds = decode_16(value);
1519	break;
1520	case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8:
1521	break;
1522	case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9:
1523	break;
1524	case IPSEC_ATTR_ECN_TUNNEL10:
1525	break;
1526	}
1527	}
1528	lifetype = 0;
1529	return 0;
1530	}
1531
1532	/*
1533	* Walk over the attributes of the transform payload found in BUF, and
1534	* fill out the fields of the SA attached to MSG. Also mark the SA as
1535	* processed.
1536	*/
1537	void
1538	ipsec_decode_transform(struct message msg, struct sa sa, struct proto *proto,
1539	u_int8_t *buf)
1540	{
1541	struct ipsec_exch *ie = msg->exchange->data;
1542	struct ipsec_decode_arg ida;
1543
1544	LOG_DBG((LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen",log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf))
1545	GET_ISAKMP_TRANSFORM_NO(buf)))log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf));
1546
1547	ida.msg = msg;
1548	ida.sa = sa;
1549	ida.proto = proto;
1550
1551	/* The default IKE lifetime is 8 hours. */
1552	if (sa->phase == 1)
1553	sa->seconds = 28800;
1554
1555	/* Extract the attributes and stuff them into the SA. */
1556	attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
1557	GET_ISAKMP_GEN_LENGTH(buf)field_get_num (isakmp_gen_fld + 2, buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF8,
1558	ipsec_decode_attribute, &ida);
1559
1560	/*
1561	* If no pseudo-random function was negotiated, it's HMAC.
1562	* XXX As PRF_HMAC currently is zero, this is a no-op.
1563	*/
1564	if (!ie->prf_type)
1565	ie->prf_type = PRF_HMAC;
1566	}
1567
1568	/*
1569	* Delete the IPsec SA represented by the INCOMING direction in protocol PROTO
1570	* of the IKE security association SA.
1571	*/
1572	static void
1573	ipsec_delete_spi(struct sa sa, struct proto proto, int incoming)
1574	{
1575	struct sa *new_sa;
1576	struct ipsec_proto *iproto;
1577
1578	if (sa->phase == 1)
1579	return;
1580
1581	iproto = proto->data;
1582	/*
1583	* If the SA is using UDP encap and it replaced other SA,
1584	* enable the other SA to keep the flow for the other SAs.
1585	*/
1586	if ((iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 \|\|
1587	iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444) &&
1588	(sa->flags & SA_FLAG_REPLACED0x08) == 0 &&
1589	(new_sa = sa_find(ipsec_sa_check_flow_any, sa)) != NULL((void*)0) &&
1590	new_sa->flags & SA_FLAG_REPLACED0x08)
1591	sa_replace(sa, new_sa);
1592
1593	/*
1594	* If the SA was not replaced and was not one acquired through the
1595	* kernel (ACQUIRE message), remove the flow associated with it.
1596	* We ignore any errors from the disabling of the flow.
1597	*/
1598	if (sa->flags & SA_FLAG_READY0x01 && !(sa->flags & SA_FLAG_ONDEMAND0x04 \|\|
1599	sa->flags & SA_FLAG_REPLACED0x08 \|\| acquire_only \|\|
1600	conf_get_str("General", "Acquire-Only")))
1601	pf_key_v2_disable_sa(sa, incoming);
1602
1603	/* XXX Error handling? Is it interesting? */
1604	pf_key_v2_delete_spi(sa, proto, incoming);
1605	}
1606
1607	/*
1608	* Store BUF into the g^x entry of the exchange that message MSG belongs to.
1609	* PEER is non-zero when the value is our peer's, and zero when it is ours.
1610	*/
1611	static int
1612	ipsec_g_x(struct message msg, int peer, u_int8_t buf)
1613	{
1614	struct exchange *exchange = msg->exchange;
1615	struct ipsec_exch *ie = exchange->data;
1616	u_int8_t **g_x;
1617	int initiator = exchange->initiator ^ peer;
1618	char header[32];
1619
1620	g_x = initiator ? &ie->g_xi : &ie->g_xr;
1621	*g_x = malloc(ie->g_x_len);
1622	if (!*g_x) {
1623	log_error("ipsec_g_x: malloc (%lu) failed",
1624	(unsigned long)ie->g_x_len);
1625	return -1;
1626	}
1627	memcpy(*g_x, buf, ie->g_x_len);
1628	snprintf(header, sizeof header, "ipsec_g_x: g^x%c",
1629	initiator ? 'i' : 'r');
1630	LOG_DBG_BUF((LOG_MISC, 80, header, g_x, ie->g_x_len))log_debug_buf (LOG_MISC, 80, header, g_x, ie->g_x_len);
1631	return 0;
1632	}
1633
1634	/* Generate our DH value. */
1635	int
1636	ipsec_gen_g_x(struct message *msg)
1637	{
1638	struct exchange *exchange = msg->exchange;
1639	struct ipsec_exch *ie = exchange->data;
1640	u_int8_t *buf;
1641
1642	buf = malloc(ISAKMP_KE_SZ4 + ie->g_x_len);
1643	if (!buf) {
1644	log_error("ipsec_gen_g_x: malloc (%lu) failed",
1645	ISAKMP_KE_SZ4 + (unsigned long)ie->g_x_len);
1646	return -1;
1647	}
1648	if (message_add_payload(msg, ISAKMP_PAYLOAD_KEY_EXCH4, buf,
1649	ISAKMP_KE_SZ4 + ie->g_x_len, 1)) {
1650	free(buf);
1651	return -1;
1652	}
1653	if (dh_create_exchange(ie->group, buf + ISAKMP_KE_DATA_OFF4)) {
1654	log_print("ipsec_gen_g_x: dh_create_exchange failed");
1655	free(buf);
1656	return -1;
1657	}
1658	return ipsec_g_x(msg, 0, buf + ISAKMP_KE_DATA_OFF4);
1659	}
1660
1661	/* Save the peer's DH value. */
1662	int
1663	ipsec_save_g_x(struct message *msg)
1664	{
1665	struct exchange *exchange = msg->exchange;
1666	struct ipsec_exch *ie = exchange->data;
1667	struct payload *kep;
1668
1669	kep = payload_first(msg, ISAKMP_PAYLOAD_KEY_EXCH4);
1670	kep->flags \|= PL_MARK1;
1671	ie->g_x_len = GET_ISAKMP_GEN_LENGTH(kep->p)field_get_num (isakmp_gen_fld + 2, kep->p) - ISAKMP_KE_DATA_OFF4;
1672
1673	/* Check that the given length matches the group's expectancy. */
1674	if (ie->g_x_len != (size_t) dh_getlen(ie->group)) {
1675	/* XXX Is this a good notify type? */
1676	message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 0);
1677	return -1;
1678	}
1679	return ipsec_g_x(msg, 1, kep->p + ISAKMP_KE_DATA_OFF4);
1680	}
1681
1682	/*
1683	* Get a SPI for PROTO and the transport MSG passed over. Store the
1684	* size where SZ points. NB! A zero return is OK if *SZ is zero.
1685	*/
1686	static u_int8_t *
1687	ipsec_get_spi(size_t sz, u_int8_t proto, struct message msg)
1688	{
1689	struct sockaddr dst, src;
1690	struct transport *transport = msg->transport;
1691
1692	if (msg->exchange->phase == 1) {
1693	*sz = 0;
1694	return 0;
1695	} else {
1696	/* We are the destination in the SA we want a SPI for. */
1697	transport->vtbl->get_src(transport, &dst);
1698	/* The peer is the source. */
1699	transport->vtbl->get_dst(transport, &src);
1700	return pf_key_v2_get_spi(sz, proto, src, dst,
1701	msg->exchange->seq);
1702	}
1703	}
1704
1705	/*
1706	* We have gotten a payload PAYLOAD of type TYPE, which did not get handled
1707	* by the logic of the exchange MSG takes part in. Now is the time to deal
1708	* with such a payload if we know how to, if we don't, return -1, otherwise
1709	* 0.
1710	*/
1711	int
1712	ipsec_handle_leftover_payload(struct message *msg, u_int8_t type,
1713	struct payload *payload)
1714	{
1715	u_int32_t spisz, nspis;
1716	struct sockaddr *dst;
1717	int reenter = 0;
1718	u_int8_t *spis, proto;
1719	struct sa *sa;
1720
1721	switch (type) {
1722	case ISAKMP_PAYLOAD_DELETE12:
1723	proto = GET_ISAKMP_DELETE_PROTO(payload->p)field_get_num (isakmp_delete_fld + 1, payload->p);
1724	nspis = GET_ISAKMP_DELETE_NSPIS(payload->p)field_get_num (isakmp_delete_fld + 3, payload->p);
1725	spisz = GET_ISAKMP_DELETE_SPI_SZ(payload->p)field_get_num (isakmp_delete_fld + 2, payload->p);
1726
1727	if (nspis == 0) {
1728	LOG_DBG((LOG_SA, 60, "ipsec_handle_leftover_payload: "log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" )
1729	"message specified zero SPIs, ignoring"))log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" );
1730	return -1;
1731	}
1732	/* verify proper SPI size */
1733	if ((proto == ISAKMP_PROTO_ISAKMP1 &&
1734	spisz != ISAKMP_HDR_COOKIES_LEN(8 + 8)) \|\|
1735	(proto != ISAKMP_PROTO_ISAKMP1 && spisz != sizeof(u_int32_t))) {
1736	log_print("ipsec_handle_leftover_payload: invalid SPI "
1737	"size %d for proto %d in DELETE payload",
1738	spisz, proto);
1739	return -1;
1740	}
1741	spis = calloc(nspis, spisz);
1742	if (!spis) {
1743	log_error("ipsec_handle_leftover_payload: malloc "
1744	"(%d) failed", nspis * spisz);
1745	return -1;
1746	}
1747	/* extract SPI and get dst address */
1748	memcpy(spis, payload->p + ISAKMP_DELETE_SPI_OFF12, nspis * spisz);
1749	msg->transport->vtbl->get_dst(msg->transport, &dst);
1750
1751	ipsec_delete_spi_list(dst, proto, spis, nspis, "DELETE");
1752
1753	free(spis);
1754	payload->flags \|= PL_MARK1;
1755	return 0;
1756
1757	case ISAKMP_PAYLOAD_NOTIFY11:
1758	switch (GET_ISAKMP_NOTIFY_MSG_TYPE(payload->p)field_get_num (isakmp_notify_fld + 3, payload->p)) {
1759	case IPSEC_NOTIFY_INITIAL_CONTACT24578:
1760	/*
1761	* Permit INITIAL-CONTACT if
1762	* - this is not an AGGRESSIVE mode exchange
1763	* - it is protected by an ISAKMP SA
1764	*
1765	* XXX Instead of the first condition above, we could
1766	* XXX permit this only for phase 2. In the last
1767	* XXX packet of main-mode, this payload, while
1768	* XXX encrypted, is not part of the hash digest. As
1769	* XXX we currently send our own INITIAL-CONTACTs at
1770	* XXX this point, this too would need to be changed.
1771	*/
1772	if (msg->exchange->type == ISAKMP_EXCH_AGGRESSIVE4) {
1773	log_print("ipsec_handle_leftover_payload: got "
1774	"INITIAL-CONTACT in AGGRESSIVE mode");
1775	return -1;
1776	}
1777	if ((msg->exchange->flags & EXCHANGE_FLAG_ENCRYPT0x0004)
1778	== 0) {
1779	log_print("ipsec_handle_leftover_payload: got "
1780	"INITIAL-CONTACT without ISAKMP SA");
1781	return -1;
1782	}
1783
1784	if ((msg->flags & MSG_AUTHENTICATED0x10) == 0) {
1785	log_print("ipsec_handle_leftover_payload: "
1786	"got unauthenticated INITIAL-CONTACT");
1787	return -1;
1788	}
1789	/*
1790	* Find out who is sending this and then delete every
1791	* SA that is ready. Exchanges will timeout
1792	* themselves and then the non-ready SAs will
1793	* disappear too.
1794	*/
1795	msg->transport->vtbl->get_dst(msg->transport, &dst);
1796	while ((sa = sa_lookup_by_peer(dst, SA_LEN(dst)((dst)->sa_len), 0)) != 0) {
1797	/*
1798	* Don't delete the current SA -- we received
1799	* the notification over it, so it's obviously
1800	* still active. We temporarily need to remove
1801	* the SA from the list to avoid an endless
1802	* loop, but keep a reference so it won't
1803	* disappear meanwhile.
1804	*/
1805	if (sa == msg->isakmp_sa) {
1806	sa_reference(sa);
1807	sa_remove(sa);
1808	reenter = 1;
1809	continue;
1810	}
1811	LOG_DBG((LOG_SA, 30,log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa)
1812	"ipsec_handle_leftover_payload: "log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa)
1813	"INITIAL-CONTACT made us delete SA %p",log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa)
1814	sa))log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa);
1815	sa_delete(sa, 0);
1816	}
1817
1818	if (reenter) {
1819	sa_enter(msg->isakmp_sa);
1820	sa_release(msg->isakmp_sa);
1821	}
1822	payload->flags \|= PL_MARK1;
1823	return 0;
1824	}
1825	}
1826	return -1;
1827	}
1828
1829	/* Return the encryption keylength in octets of the ESP protocol PROTO. */
1830	int
1831	ipsec_esp_enckeylength(struct proto *proto)
1832	{
1833	struct ipsec_proto *iproto = proto->data;
1834
1835	/* Compute the keylength to use. */
1836	switch (proto->id) {
1837	case IPSEC_ESP_3DES3:
1838	return 24;
1839	case IPSEC_ESP_CAST6:
1840	if (!iproto->keylen)
1841	return 16;
1842	return iproto->keylen / 8;
1843	case IPSEC_ESP_AES_CTR13:
1844	case IPSEC_ESP_AES_GCM_1620:
1845	case IPSEC_ESP_AES_GMAC23:
1846	if (!iproto->keylen)
1847	return 20;
1848	return iproto->keylen / 8 + 4;
1849	case IPSEC_ESP_AES12:
1850	if (!iproto->keylen)
1851	return 16;
1852	/* FALLTHROUGH */
1853	default:
1854	return iproto->keylen / 8;
1855	}
1856	}
1857
1858	/* Return the authentication keylength in octets of the ESP protocol PROTO. */
1859	int
1860	ipsec_esp_authkeylength(struct proto *proto)
1861	{
1862	struct ipsec_proto *iproto = proto->data;
1863
1864	switch (iproto->auth) {
1865	case IPSEC_AUTH_HMAC_MD51:
1866	return 16;
1867	case IPSEC_AUTH_HMAC_SHA2:
1868	case IPSEC_AUTH_HMAC_RIPEMD8:
1869	return 20;
1870	case IPSEC_AUTH_HMAC_SHA2_2565:
1871	return 32;
1872	case IPSEC_AUTH_HMAC_SHA2_3846:
1873	return 48;
1874	case IPSEC_AUTH_HMAC_SHA2_5127:
1875	return 64;
1876	default:
1877	return 0;
1878	}
1879	}
1880
1881	/* Return the authentication keylength in octets of the AH protocol PROTO. */
1882	int
1883	ipsec_ah_keylength(struct proto *proto)
1884	{
1885	switch (proto->id) {
1886	case IPSEC_AH_MD52:
1887	return 16;
1888	case IPSEC_AH_SHA3:
1889	case IPSEC_AH_RIPEMD8:
1890	return 20;
1891	case IPSEC_AH_SHA2_2565:
1892	return 32;
1893	case IPSEC_AH_SHA2_3846:
1894	return 48;
1895	case IPSEC_AH_SHA2_5127:
1896	return 64;
1897	default:
1898	return -1;
1899	}
1900	}
1901
1902	/* Return the total keymaterial length of the protocol PROTO. */
1903	int
1904	ipsec_keymat_length(struct proto *proto)
1905	{
1906	switch (proto->proto) {
1907	case IPSEC_PROTO_IPSEC_ESP3:
1908	return ipsec_esp_enckeylength(proto)
1909	+ ipsec_esp_authkeylength(proto);
1910	case IPSEC_PROTO_IPSEC_AH2:
1911	return ipsec_ah_keylength(proto);
1912	default:
1913	return -1;
1914	}
1915	}
1916
1917	/* Helper function for ipsec_get_id(). */
1918	static int
1919	ipsec_get_proto_port(char section, u_int8_t tproto, u_int16_t *port)
1920	{
1921	struct protoent pe = NULL((void)0);
1922	struct servent *se;
1923	char *pstr;
1924
1925	pstr = conf_get_str(section, "Protocol");
1926	if (!pstr) {
1927	*tproto = 0;
1928	return 0;
1929	}
1930	*tproto = (u_int8_t)atoi(pstr);
1931	if (!*tproto) {
1932	pe = getprotobyname(pstr);
1933	if (pe)
1934	*tproto = pe->p_proto;
1935	}
1936	if (!*tproto) {
1937	log_print("ipsec_get_proto_port: protocol \"%s\" unknown",
1938	pstr);
1939	return -1;
1940	}
1941
1942	pstr = conf_get_str(section, "Port");
1943	if (!pstr)
1944	return 0;
1945	*port = (u_int16_t)atoi(pstr);
1946	if (!*port) {
1947	se = getservbyname(pstr,
1948	pe ? pe->p_name : (pstr ? pstr : NULL((void*)0)));
1949	if (se)
1950	*port = ntohs(se->s_port)(__uint16_t)(__builtin_constant_p(se->s_port) ? (__uint16_t )(((__uint16_t)(se->s_port) & 0xffU) << 8 \| ((__uint16_t )(se->s_port) & 0xff00U) >> 8) : __swap16md(se-> s_port));
1951	}
1952	if (!*port) {
1953	log_print("ipsec_get_proto_port: port \"%s\" unknown",
1954	pstr);
1955	return -1;
1956	}
1957	return 0;
1958	}
1959
1960	/*
1961	* Out of a named section SECTION in the configuration file find out
1962	* the network address and mask as well as the ID type. Put the info
1963	* in the areas pointed to by ADDR, MASK, TPROTO, PORT, and ID respectively.
1964	* Return 0 on success and -1 on failure.
1965	*/
1966	int
1967	ipsec_get_id(char section, int id, struct sockaddr **addr,
1968	struct sockaddr *mask, u_int8_t tproto, u_int16_t *port)
1969	{
1970	char type, address, *netmask;
1971	sa_family_t af = 0;
1972
1973	type = conf_get_str(section, "ID-type");
1974	if (!type) {
1975	log_print("ipsec_get_id: section %s has no \"ID-type\" tag",
1976	section);
1977	return -1;
1978	}
1979	*id = constant_value(ipsec_id_cst, type);
1980	switch (*id) {
1981	case IPSEC_ID_IPV4_ADDR1:
1982	case IPSEC_ID_IPV4_ADDR_SUBNET4:
1983	af = AF_INET2;
1984	break;
1985	case IPSEC_ID_IPV6_ADDR5:
1986	case IPSEC_ID_IPV6_ADDR_SUBNET6:
1987	af = AF_INET624;
1988	break;
1989	}
1990	switch (*id) {
1991	case IPSEC_ID_IPV4_ADDR1:
1992	case IPSEC_ID_IPV6_ADDR5: {
1993	int ret;
1994
1995	address = conf_get_str(section, "Address");
1996	if (!address) {
1997	log_print("ipsec_get_id: section %s has no "
1998	"\"Address\" tag", section);
1999	return -1;
2000	}
2001	if (text2sockaddr(address, NULL((void*)0), addr, af, 0)) {
2002	log_print("ipsec_get_id: invalid address %s in "
2003	"section %s", address, section);
2004	return -1;
2005	}
2006	ret = ipsec_get_proto_port(section, tproto, port);
2007	if (ret < 0)
2008	free(*addr);
2009
2010	return ret;
2011	}
2012
2013	#ifdef notyet
2014	case IPSEC_ID_FQDN2:
2015	return -1;
2016
2017	case IPSEC_ID_USER_FQDN3:
2018	return -1;
2019	#endif
2020
2021	case IPSEC_ID_IPV4_ADDR_SUBNET4:
2022	case IPSEC_ID_IPV6_ADDR_SUBNET6: {
2023	int ret;
2024
2025	address = conf_get_str(section, "Network");
2026	if (!address) {
2027	log_print("ipsec_get_id: section %s has no "
2028	"\"Network\" tag", section);
2029	return -1;
2030	}
2031	if (text2sockaddr(address, NULL((void*)0), addr, af, 0)) {
2032	log_print("ipsec_get_id: invalid section %s "
2033	"network %s", section, address);
2034	return -1;
2035	}
2036	netmask = conf_get_str(section, "Netmask");
2037	if (!netmask) {
2038	log_print("ipsec_get_id: section %s has no "
2039	"\"Netmask\" tag", section);
2040	free(*addr);
2041	return -1;
2042	}
2043	if (text2sockaddr(netmask, NULL((void*)0), mask, af, 1)) {
2044	log_print("ipsec_get_id: invalid section %s "
2045	"network %s", section, netmask);
2046	free(*addr);
2047	return -1;
2048	}
2049	ret = ipsec_get_proto_port(section, tproto, port);
2050	if (ret < 0) {
2051	free(*mask);
2052	free(*addr);
2053	}
2054	return ret;
2055	}
2056
2057	#ifdef notyet
2058	case IPSEC_ID_IPV4_RANGE7:
2059	return -1;
2060
2061	case IPSEC_ID_IPV6_RANGE8:
2062	return -1;
2063
2064	case IPSEC_ID_DER_ASN1_DN9:
2065	return -1;
2066
2067	case IPSEC_ID_DER_ASN1_GN10:
2068	return -1;
2069
2070	case IPSEC_ID_KEY_ID11:
2071	return -1;
2072	#endif
2073
2074	default:
2075	log_print("ipsec_get_id: unknown ID type \"%s\" in "
2076	"section %s", type, section);
2077	return -1;
2078	}
2079
2080	return 0;
2081	}
2082
2083	/*
2084	* XXX I rather want this function to return a status code, and fail if
2085	* we cannot fit the information in the supplied buffer.
2086	*/
2087	static void
2088	ipsec_decode_id(char buf, size_t size, u_int8_t id, size_t id_len,
2089	int isakmpform)
2090	{
2091	int id_type;
2092	char addr = 0, mask = 0;
2093	u_int32_t *idp;
2094
2095	if (id) {
2096	if (!isakmpform) {
2097	/*
2098	* Exchanges and SAs dont carry the IDs in ISAKMP
2099	* form.
2100	*/
2101	id -= ISAKMP_GEN_SZ4;
2102	id_len += ISAKMP_GEN_SZ4;
2103	}
2104	id_type = GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id);
2105	idp = (u_int32_t *) (id + ISAKMP_ID_DATA_OFF8);
2106	switch (id_type) {
2107	case IPSEC_ID_IPV4_ADDR1:
2108	util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8);
2109	snprintf(buf, size, "%s", addr);
2110	break;
2111
2112	case IPSEC_ID_IPV4_ADDR_SUBNET4:
2113	util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8);
2114	util_ntoa(&mask, AF_INET2, id + ISAKMP_ID_DATA_OFF8 + 4);
2115	snprintf(buf, size, "%s/%s", addr, mask);
2116	break;
2117
2118	case IPSEC_ID_IPV6_ADDR5:
2119	util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8);
2120	snprintf(buf, size, "%s", addr);
2121	break;
2122
2123	case IPSEC_ID_IPV6_ADDR_SUBNET6:
2124	util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8);
2125	util_ntoa(&mask, AF_INET624, id + ISAKMP_ID_DATA_OFF8 +
2126	sizeof(struct in6_addr));
2127	snprintf(buf, size, "%s/%s", addr, mask);
2128	break;
2129
2130	case IPSEC_ID_FQDN2:
2131	case IPSEC_ID_USER_FQDN3:
2132	/* String is not NUL terminated, be careful */
2133	id_len -= ISAKMP_ID_DATA_OFF8;
2134	id_len = MINIMUM(id_len, size - 1)(((id_len) < (size - 1)) ? (id_len) : (size - 1));
2135	memcpy(buf, id + ISAKMP_ID_DATA_OFF8, id_len);
2136	buf[id_len] = '\0';
2137	break;
2138
2139	case IPSEC_ID_DER_ASN1_DN9:
2140	addr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8,
2141	id_len - ISAKMP_ID_DATA_OFF8);
2142	if (!addr) {
2143	snprintf(buf, size, "unparsable ASN1 DN ID");
2144	return;
2145	}
2146	strlcpy(buf, addr, size);
2147	break;
2148
2149	default:
2150	snprintf(buf, size, "<id type unknown: %x>", id_type);
2151	break;
2152	}
2153	} else
2154	snprintf(buf, size, "<no ipsec id>");
2155	free(addr);
2156	free(mask);
2157	}
2158
2159	char *
2160	ipsec_decode_ids(char fmt, u_int8_t id1, size_t id1_len, u_int8_t *id2,
2161	size_t id2_len, int isakmpform)
2162	{
2163	static char result[1024];
2164	char s_id1[256], s_id2[256];
2165
2166	ipsec_decode_id(s_id1, sizeof s_id1, id1, id1_len, isakmpform);
2167	ipsec_decode_id(s_id2, sizeof s_id2, id2, id2_len, isakmpform);
2168
2169	snprintf(result, sizeof result, fmt, s_id1, s_id2);
2170	return result;
2171	}
2172
2173	/*
2174	* Out of a named section SECTION in the configuration file build an
2175	* ISAKMP ID payload. Ths payload size should be stashed in SZ.
2176	* The caller is responsible for freeing the payload.
2177	*/
2178	u_int8_t *
2179	ipsec_build_id(char section, size_t sz)
2180	{
2181	struct sockaddr addr, mask;
2182	u_int8_t *p;
2183	int id, subnet = 0;
2184	u_int8_t tproto = 0;
2185	u_int16_t port = 0;
2186
2187	if (ipsec_get_id(section, &id, &addr, &mask, &tproto, &port))
2188	return 0;
2189
2190	if (id == IPSEC_ID_IPV4_ADDR_SUBNET4 \|\| id == IPSEC_ID_IPV6_ADDR_SUBNET6)
2191	subnet = 1;
2192
2193	*sz = ISAKMP_ID_SZ8 + sockaddr_addrlen(addr);
2194	if (subnet)
2195	*sz += sockaddr_addrlen(mask);
2196
2197	p = malloc(*sz);
2198	if (!p) {
2199	log_print("ipsec_build_id: malloc(%lu) failed",
2200	(unsigned long)*sz);
2201	if (subnet)
2202	free(mask);
2203	free(addr);
2204	return 0;
2205	}
2206	SET_ISAKMP_ID_TYPE(p, id)field_set_num (isakmp_id_fld + 0, p, id);
2207	SET_ISAKMP_ID_DOI_DATA(p, (unsigned char )"\000\000\000")field_set_raw (isakmp_id_fld + 1, p, (unsigned char )"\000\000\000" );
2208
2209	memcpy(p + ISAKMP_ID_DATA_OFF8, sockaddr_addrdata(addr),
2210	sockaddr_addrlen(addr));
2211	if (subnet)
2212	memcpy(p + ISAKMP_ID_DATA_OFF8 + sockaddr_addrlen(addr),
2213	sockaddr_addrdata(mask), sockaddr_addrlen(mask));
2214
2215	SET_IPSEC_ID_PROTO(p + ISAKMP_ID_DOI_DATA_OFF, tproto)field_set_num (ipsec_id_fld + 0, p + 5, tproto);
2216	SET_IPSEC_ID_PORT(p + ISAKMP_ID_DOI_DATA_OFF, port)field_set_num (ipsec_id_fld + 1, p + 5, port);
2217
2218	if (subnet)
2219	free(mask);
2220	free(addr);
2221	return p;
2222	}
2223
2224	/*
2225	* copy an ISAKMPD id
2226	*/
2227	int
2228	ipsec_clone_id(u_int8_t *did, size_t did_len, u_int8_t *id, size_t id_len)
2229	{
2230	free(*did);
2231
2232	if (!id_len \|\| !id) {
2233	*did = 0;
2234	*did_len = 0;
2235	return 0;
2236	}
2237	*did = malloc(id_len);
2238	if (!*did) {
2239	*did_len = 0;
2240	log_error("ipsec_clone_id: malloc(%lu) failed",
2241	(unsigned long)id_len);
2242	return -1;
2243	}
2244	*did_len = id_len;
2245	memcpy(*did, id, id_len);
2246
2247	return 0;
2248	}
2249
2250	/*
2251	* IPsec-specific PROTO initializations. SECTION is only set if we are the
2252	* initiator thus only usable there.
2253	* XXX I want to fix this later.
2254	*/
2255	void
2256	ipsec_proto_init(struct proto proto, char section)
2257	{
2258	struct ipsec_proto *iproto = proto->data;
2259
2260	if (proto->sa->phase == 2)
2261	iproto->replay_window = section ? conf_get_num(section,
2262	"ReplayWindow", DEFAULT_REPLAY_WINDOW16) :
2263	DEFAULT_REPLAY_WINDOW16;
2264	}
2265
2266	/*
2267	* Add a notification payload of type INITIAL CONTACT to MSG if this is
2268	* the first contact we have made to our peer.
2269	*/
2270	int
2271	ipsec_initial_contact(struct message *msg)
2272	{
2273	u_int8_t *buf;
2274
2275	if (ipsec_contacted(msg))
2276	return 0;
2277
2278	buf = malloc(ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8));
2279	if (!buf) {
2280	log_error("ike_phase_1_initial_contact: malloc (%d) failed",
2281	ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8));
2282	return -1;
2283	}
2284	SET_ISAKMP_NOTIFY_DOI(buf, IPSEC_DOI_IPSEC)field_set_num (isakmp_notify_fld + 0, buf, 1);
2285	SET_ISAKMP_NOTIFY_PROTO(buf, ISAKMP_PROTO_ISAKMP)field_set_num (isakmp_notify_fld + 1, buf, 1);
2286	SET_ISAKMP_NOTIFY_SPI_SZ(buf, ISAKMP_HDR_COOKIES_LEN)field_set_num (isakmp_notify_fld + 2, buf, (8 + 8));
2287	SET_ISAKMP_NOTIFY_MSG_TYPE(buf, IPSEC_NOTIFY_INITIAL_CONTACT)field_set_num (isakmp_notify_fld + 3, buf, 24578);
2288	memcpy(buf + ISAKMP_NOTIFY_SPI_OFF12, msg->isakmp_sa->cookies,
2289	ISAKMP_HDR_COOKIES_LEN(8 + 8));
2290	if (message_add_payload(msg, ISAKMP_PAYLOAD_NOTIFY11, buf,
2291	ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8), 1)) {
2292	free(buf);
2293	return -1;
2294	}
2295	return ipsec_add_contact(msg);
2296	}
2297
2298	/*
2299	* Compare the two contacts pointed to by A and B. Return negative if
2300	* A < B, 0 if they are equal, and positive if *A is the largest of them.
2301	*/
2302	static int
2303	addr_cmp(const void a, const void b)
2304	{
2305	const struct contact x = a, y = b;
2306	int minlen = MINIMUM(x->len, y->len)(((x->len) < (y->len)) ? (x->len) : (y->len));
2307	int rv = memcmp(x->addr, y->addr, minlen);
2308
2309	return rv ? rv : (x->len - y->len);
2310	}
2311
2312	/*
2313	* Add the peer that MSG is bound to as an address we don't want to send
2314	* INITIAL CONTACT too from now on. Do not call this function with a
2315	* specific address duplicate times. We want fast lookup, speed of insertion
2316	* is unimportant, if this is to scale.
2317	*/
2318	static int
2319	ipsec_add_contact(struct message *msg)
2320	{
2321	struct contact *new_contacts;
2322	struct sockaddr dst, addr;
2323	int cnt;
2324
2325	if (contact_cnt == contact_limit) {
2326	cnt = contact_limit ? 2 * contact_limit : 64;
2327	new_contacts = reallocarray(contacts, cnt, sizeof contacts[0]);
2328	if (!new_contacts) {
2329	log_error("ipsec_add_contact: "
2330	"realloc (%p, %lu) failed", contacts,
2331	cnt * (unsigned long) sizeof contacts[0]);
2332	return -1;
2333	}
2334	contact_limit = cnt;
2335	contacts = new_contacts;
2336	}
2337	msg->transport->vtbl->get_dst(msg->transport, &dst);
2338	addr = malloc(SA_LEN(dst)((dst)->sa_len));
2339	if (!addr) {
2340	log_error("ipsec_add_contact: malloc (%lu) failed",
2341	(unsigned long)SA_LEN(dst)((dst)->sa_len));
2342	return -1;
2343	}
2344	memcpy(addr, dst, SA_LEN(dst)((dst)->sa_len));
2345	contacts[contact_cnt].addr = addr;
2346	contacts[contact_cnt++].len = SA_LEN(dst)((dst)->sa_len);
2347
2348	/*
2349	* XXX There are better algorithms for already mostly-sorted data like
2350	* this, but only qsort is standard. I will someday do this inline.
2351	*/
2352	qsort(contacts, contact_cnt, sizeof *contacts, addr_cmp);
2353	return 0;
2354	}
2355
2356	/* Return true if the recipient of MSG has already been contacted. */
2357	static int
2358	ipsec_contacted(struct message *msg)
2359	{
2360	struct contact contact;
2361
2362	msg->transport->vtbl->get_dst(msg->transport, &contact.addr);
2363	contact.len = SA_LEN(contact.addr)((contact.addr)->sa_len);
2364	return contacts ? (bsearch(&contact, contacts, contact_cnt,
2365	sizeof *contacts, addr_cmp) != 0) : 0;
2366	}
2367
2368	/* Add a HASH for to MSG. */
2369	u_int8_t *
2370	ipsec_add_hash_payload(struct message *msg, size_t hashsize)
2371	{
2372	u_int8_t *buf;
2373
2374	buf = malloc(ISAKMP_HASH_SZ4 + hashsize);
2375	if (!buf) {
2376	log_error("ipsec_add_hash_payload: malloc (%lu) failed",
2377	ISAKMP_HASH_SZ4 + (unsigned long) hashsize);
2378	return 0;
2379	}
2380	if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH8, buf,
2381	ISAKMP_HASH_SZ4 + hashsize, 1)) {
2382	free(buf);
2383	return 0;
2384	}
2385	return buf;
2386	}
2387
2388	/* Fill in the HASH payload of MSG. */
2389	int
2390	ipsec_fill_in_hash(struct message *msg)
2391	{
2392	struct exchange *exchange = msg->exchange;
2393	struct sa *isakmp_sa = msg->isakmp_sa;
2394	struct ipsec_sa *isa = isakmp_sa->data;
2395	struct hash *hash = hash_get(isa->hash);
2396	struct prf *prf;
2397	struct payload *payload;
2398	u_int8_t *buf;
2399	u_int32_t i;
2400	char header[80];
2401
2402	/* If no SKEYID_a, we need not do anything. */
2403	if (!isa->skeyid_a)
2404	return 0;
2405
2406	payload = payload_first(msg, ISAKMP_PAYLOAD_HASH8);
2407	if (!payload) {
2408	log_print("ipsec_fill_in_hash: no HASH payload found");
2409	return -1;
2410	}
2411	buf = payload->p;
2412
2413	/* Allocate the prf and start calculating our HASH(1). */
2414	LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len)
2415	isa->skeyid_a, isa->skeyid_len))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len);
2416	prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a,
2417	isa->skeyid_len);
2418	if (!prf)
2419	return -1;
2420
2421	prf->Init(prf->prfctx);
2422	LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: message_id",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4)
2423	exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4);
2424	prf->Update(prf->prfctx, exchange->message_id,
2425	ISAKMP_HDR_MESSAGE_ID_LEN4);
2426
2427	/* Loop over all payloads after HASH(1). */
2428	for (i = 2; i < msg->iovlen; i++) {
2429	/* XXX Misleading payload type printouts. */
2430	snprintf(header, sizeof header,
2431	"ipsec_fill_in_hash: payload %d after HASH(1)", i - 1);
2432	LOG_DBG_BUF((LOG_MISC, 90, header, msg->iov[i].iov_base,log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len)
2433	msg->iov[i].iov_len))log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len);
2434	prf->Update(prf->prfctx, msg->iov[i].iov_base,
2435	msg->iov[i].iov_len);
2436	}
2437	prf->Final(buf + ISAKMP_HASH_DATA_OFF4, prf->prfctx);
2438	prf_free(prf);
2439	LOG_DBG_BUF((LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf +log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize)
2440	ISAKMP_HASH_DATA_OFF, hash->hashsize))log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize);
2441
2442	return 0;
2443	}
2444
2445	/* Add a HASH payload to MSG, if we have an ISAKMP SA we're protected by. */
2446	static int
2447	ipsec_informational_pre_hook(struct message *msg)
2448	{
2449	struct sa *isakmp_sa = msg->isakmp_sa;
2450	struct ipsec_sa *isa;
2451	struct hash *hash;
2452
2453	if (!isakmp_sa)
2454	return 0;
2455	isa = isakmp_sa->data;
2456	hash = hash_get(isa->hash);
2457	return ipsec_add_hash_payload(msg, hash->hashsize) == 0;
2458	}
2459
2460	/*
2461	* Fill in the HASH payload in MSG, if we have an ISAKMP SA we're protected by.
2462	*/
2463	static int
2464	ipsec_informational_post_hook(struct message *msg)
2465	{
2466	if (!msg->isakmp_sa)
2467	return 0;
2468	return ipsec_fill_in_hash(msg);
2469	}
2470
2471	ssize_t
2472	ipsec_id_size(char section, u_int8_t id)
2473	{
2474	char type, data;
2475
2476	type = conf_get_str(section, "ID-type");
2477	if (!type) {
2478	log_print("ipsec_id_size: section %s has no \"ID-type\" tag",
2479	section);
2480	return -1;
2481	}
2482	*id = constant_value(ipsec_id_cst, type);
2483	switch (*id) {
2484	case IPSEC_ID_IPV4_ADDR1:
2485	return sizeof(struct in_addr);
2486	case IPSEC_ID_IPV4_ADDR_SUBNET4:
2487	return 2 * sizeof(struct in_addr);
2488	case IPSEC_ID_IPV6_ADDR5:
2489	return sizeof(struct in6_addr);
2490	case IPSEC_ID_IPV6_ADDR_SUBNET6:
2491	return 2 * sizeof(struct in6_addr);
2492	case IPSEC_ID_FQDN2:
2493	case IPSEC_ID_USER_FQDN3:
2494	case IPSEC_ID_KEY_ID11:
2495	case IPSEC_ID_DER_ASN1_DN9:
2496	case IPSEC_ID_DER_ASN1_GN10:
2497	data = conf_get_str(section, "Name");
2498	if (!data) {
2499	log_print("ipsec_id_size: "
2500	"section %s has no \"Name\" tag", section);
2501	return -1;
2502	}
2503	return strlen(data);
2504	}
2505	log_print("ipsec_id_size: unrecognized/unsupported ID-type %d (%s)",
2506	*id, type);
2507	return -1;
2508	}
2509
2510	/*
2511	* Generate a string version of the ID.
2512	*/
2513	char *
2514	ipsec_id_string(u_int8_t *id, size_t id_len)
2515	{
2516	char *buf = 0;
2517	char *addrstr = 0;
2518	size_t len, size;
2519
2520	/*
2521	* XXX Real ugly way of making the offsets correct. Be aware that id
2522	* now will point before the actual buffer and cannot be dereferenced
2523	* without an offset larger than or equal to ISAKM_GEN_SZ.
2524	*/
2525	id -= ISAKMP_GEN_SZ4;
2526
2527	/* This is the actual length of the ID data field. */
2528	id_len += ISAKMP_GEN_SZ4 - ISAKMP_ID_DATA_OFF8;
2529
2530	/*
2531	* Conservative allocation.
2532	* XXX I think the ASN1 DN case can be thought through to give a better
2533	* estimate.
2534	*/
2535	size = MAXIMUM(sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len))
2536	sizeof "asn1_dn/" + id_len)(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len));
2537	buf = malloc(size);
2538	if (!buf)
2539	/* XXX Log? */
2540	goto fail;
2541
2542	switch (GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id)) {
2543	case IPSEC_ID_IPV4_ADDR1:
2544	if (id_len < sizeof(struct in_addr))
2545	goto fail;
2546	util_ntoa(&addrstr, AF_INET2, id + ISAKMP_ID_DATA_OFF8);
2547	if (!addrstr)
2548	goto fail;
2549	snprintf(buf, size, "ipv4/%s", addrstr);
2550	break;
2551
2552	case IPSEC_ID_IPV6_ADDR5:
2553	if (id_len < sizeof(struct in6_addr))
2554	goto fail;
2555	util_ntoa(&addrstr, AF_INET624, id + ISAKMP_ID_DATA_OFF8);
2556	if (!addrstr)
2557	goto fail;
2558	snprintf(buf, size, "ipv6/%s", addrstr);
2559	break;
2560
2561	case IPSEC_ID_FQDN2:
2562	case IPSEC_ID_USER_FQDN3:
2563	strlcpy(buf, GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id) == IPSEC_ID_FQDN2 ?
2564	"fqdn/" : "ufqdn/", size);
2565	len = strlen(buf);
2566
2567	memcpy(buf + len, id + ISAKMP_ID_DATA_OFF8, id_len);
2568	*(buf + len + id_len) = '\0';
2569	break;
2570
2571	case IPSEC_ID_DER_ASN1_DN9:
2572	strlcpy(buf, "asn1_dn/", size);
2573	len = strlen(buf);
2574	addrstr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8, id_len);
2575	if (!addrstr)
2576	goto fail;
2577	if (size < len + strlen(addrstr) + 1)
2578	goto fail;
2579	strlcpy(buf + len, addrstr, size - len);
2580	break;
2581
2582	default:
2583	/* Unknown type. */
2584	LOG_DBG((LOG_MISC, 10,log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id))
2585	"ipsec_id_string: unknown identity type %d\n",log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id))
2586	GET_ISAKMP_ID_TYPE(id)))log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id));
2587	goto fail;
2588	}
2589
2590	free(addrstr);
2591	return buf;
2592
2593	fail:
2594	free(buf);
2595	free(addrstr);
2596	return 0;
2597	}