File: | src/sbin/isakmpd/ipsec.c |
Warning: | line 724, column 19 Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in' |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: ipsec.c,v 1.154 2023/12/20 00:34:13 tobhe Exp $ */ |
2 | /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ |
3 | |
4 | /* |
5 | * Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved. |
6 | * Copyright (c) 2001 Angelos D. Keromytis. All rights reserved. |
7 | * Copyright (c) 2001 Håkan Olsson. All rights reserved. |
8 | * |
9 | * Redistribution and use in source and binary forms, with or without |
10 | * modification, are permitted provided that the following conditions |
11 | * are met: |
12 | * 1. Redistributions of source code must retain the above copyright |
13 | * notice, this list of conditions and the following disclaimer. |
14 | * 2. Redistributions in binary form must reproduce the above copyright |
15 | * notice, this list of conditions and the following disclaimer in the |
16 | * documentation and/or other materials provided with the distribution. |
17 | * |
18 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR |
19 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES |
20 | * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. |
21 | * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, |
22 | * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT |
23 | * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, |
24 | * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY |
25 | * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT |
26 | * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
27 | * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
28 | */ |
29 | |
30 | /* |
31 | * This code was written under funding by Ericsson Radio Systems. |
32 | */ |
33 | |
34 | #include <sys/types.h> |
35 | #include <sys/socket.h> |
36 | #include <netdb.h> |
37 | #include <netinet/in.h> |
38 | #include <arpa/inet.h> |
39 | #include <stdlib.h> |
40 | #include <string.h> |
41 | #include <limits.h> |
42 | |
43 | #include <net/if.h> |
44 | #include <net/pfvar.h> |
45 | |
46 | #include "attribute.h" |
47 | #include "conf.h" |
48 | #include "connection.h" |
49 | #include "constants.h" |
50 | #include "crypto.h" |
51 | #include "dh.h" |
52 | #include "doi.h" |
53 | #include "dpd.h" |
54 | #include "exchange.h" |
55 | #include "hash.h" |
56 | #include "ike_aggressive.h" |
57 | #include "ike_auth.h" |
58 | #include "ike_main_mode.h" |
59 | #include "ike_quick_mode.h" |
60 | #include "ipsec.h" |
61 | #include "ipsec_doi.h" |
62 | #include "isakmp.h" |
63 | #include "isakmp_cfg.h" |
64 | #include "isakmp_fld.h" |
65 | #include "isakmp_num.h" |
66 | #include "log.h" |
67 | #include "message.h" |
68 | #include "nat_traversal.h" |
69 | #include "pf_key_v2.h" |
70 | #include "prf.h" |
71 | #include "sa.h" |
72 | #include "timer.h" |
73 | #include "transport.h" |
74 | #include "util.h" |
75 | #include "x509.h" |
76 | |
77 | extern int acquire_only; |
78 | |
79 | #define MINIMUM(a, b)(((a) < (b)) ? (a) : (b)) (((a) < (b)) ? (a) : (b)) |
80 | #define MAXIMUM(a, b)(((a) > (b)) ? (a) : (b)) (((a) > (b)) ? (a) : (b)) |
81 | |
82 | /* The replay window size used for all IPsec protocols if not overridden. */ |
83 | #define DEFAULT_REPLAY_WINDOW16 16 |
84 | |
85 | struct ipsec_decode_arg { |
86 | struct message *msg; |
87 | struct sa *sa; |
88 | struct proto *proto; |
89 | }; |
90 | |
91 | /* These variables hold the contacted peers ADT state. */ |
92 | struct contact { |
93 | struct sockaddr *addr; |
94 | socklen_t len; |
95 | } *contacts = 0; |
96 | int contact_cnt = 0, contact_limit = 0; |
97 | |
98 | static int addr_cmp(const void *, const void *); |
99 | static int ipsec_add_contact(struct message *); |
100 | static int ipsec_contacted(struct message *); |
101 | static int ipsec_debug_attribute(u_int16_t, u_int8_t *, u_int16_t, |
102 | void *); |
103 | static void ipsec_delete_spi(struct sa *, struct proto *, int); |
104 | static int16_t *ipsec_exchange_script(u_int8_t); |
105 | static void ipsec_finalize_exchange(struct message *); |
106 | static void ipsec_free_exchange_data(void *); |
107 | static void ipsec_free_proto_data(void *); |
108 | static void ipsec_free_sa_data(void *); |
109 | static struct keystate *ipsec_get_keystate(struct message *); |
110 | static u_int8_t *ipsec_get_spi(size_t *, u_int8_t, struct message *); |
111 | static int ipsec_handle_leftover_payload(struct message *, u_int8_t, |
112 | struct payload *); |
113 | static int ipsec_informational_post_hook(struct message *); |
114 | static int ipsec_informational_pre_hook(struct message *); |
115 | static int ipsec_initiator(struct message *); |
116 | static void ipsec_proto_init(struct proto *, char *); |
117 | static int ipsec_responder(struct message *); |
118 | static void ipsec_setup_situation(u_int8_t *); |
119 | static int ipsec_set_network(u_int8_t *, u_int8_t *, struct sa *); |
120 | static size_t ipsec_situation_size(void); |
121 | static u_int8_t ipsec_spi_size(u_int8_t); |
122 | static int ipsec_validate_attribute(u_int16_t, u_int8_t *, u_int16_t, |
123 | void *); |
124 | static int ipsec_validate_exchange(u_int8_t); |
125 | static int ipsec_validate_id_information(u_int8_t, u_int8_t *, u_int8_t *, |
126 | size_t, struct exchange *); |
127 | static int ipsec_validate_key_information(u_int8_t *, size_t); |
128 | static int ipsec_validate_notification(u_int16_t); |
129 | static int ipsec_validate_proto(u_int8_t); |
130 | static int ipsec_validate_situation(u_int8_t *, size_t *, size_t); |
131 | static int ipsec_validate_transform_id(u_int8_t, u_int8_t); |
132 | static int ipsec_sa_check_flow(struct sa *, void *); |
133 | static int ipsec_sa_check_flow_any(struct sa *, void *); |
134 | static int ipsec_sa_tag(struct exchange *, struct sa *, struct sa *); |
135 | static int ipsec_sa_iface(struct exchange *, struct sa *, struct sa *); |
136 | |
137 | static struct doi ipsec_doi = { |
138 | {0}, IPSEC_DOI_IPSEC1, |
139 | sizeof(struct ipsec_exch), sizeof(struct ipsec_sa), |
140 | sizeof(struct ipsec_proto), |
141 | ipsec_debug_attribute, |
142 | ipsec_delete_spi, |
143 | ipsec_exchange_script, |
144 | ipsec_finalize_exchange, |
145 | ipsec_free_exchange_data, |
146 | ipsec_free_proto_data, |
147 | ipsec_free_sa_data, |
148 | ipsec_get_keystate, |
149 | ipsec_get_spi, |
150 | ipsec_handle_leftover_payload, |
151 | ipsec_informational_post_hook, |
152 | ipsec_informational_pre_hook, |
153 | ipsec_is_attribute_incompatible, |
154 | ipsec_proto_init, |
155 | ipsec_setup_situation, |
156 | ipsec_situation_size, |
157 | ipsec_spi_size, |
158 | ipsec_validate_attribute, |
159 | ipsec_validate_exchange, |
160 | ipsec_validate_id_information, |
161 | ipsec_validate_key_information, |
162 | ipsec_validate_notification, |
163 | ipsec_validate_proto, |
164 | ipsec_validate_situation, |
165 | ipsec_validate_transform_id, |
166 | ipsec_initiator, |
167 | ipsec_responder, |
168 | ipsec_decode_ids |
169 | }; |
170 | |
171 | int16_t script_quick_mode[] = { |
172 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
173 | ISAKMP_PAYLOAD_SA1, |
174 | ISAKMP_PAYLOAD_NONCE10, |
175 | EXCHANGE_SCRIPT_SWITCH-3, |
176 | ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */ |
177 | ISAKMP_PAYLOAD_SA1, |
178 | ISAKMP_PAYLOAD_NONCE10, |
179 | EXCHANGE_SCRIPT_SWITCH-3, |
180 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
181 | EXCHANGE_SCRIPT_END-4 |
182 | }; |
183 | |
184 | int16_t script_new_group_mode[] = { |
185 | ISAKMP_PAYLOAD_HASH8, /* Initiator -> responder. */ |
186 | ISAKMP_PAYLOAD_SA1, |
187 | EXCHANGE_SCRIPT_SWITCH-3, |
188 | ISAKMP_PAYLOAD_HASH8, /* Responder -> initiator. */ |
189 | ISAKMP_PAYLOAD_SA1, |
190 | EXCHANGE_SCRIPT_END-4 |
191 | }; |
192 | |
193 | struct dst_spi_proto_arg { |
194 | struct sockaddr *dst; |
195 | u_int32_t spi; |
196 | u_int8_t proto; |
197 | }; |
198 | |
199 | /* |
200 | * Check if SA matches what we are asking for through V_ARG. It has to |
201 | * be a finished phase 2 SA. |
202 | * if "proto" arg is 0, match any proto |
203 | */ |
204 | static int |
205 | ipsec_sa_check(struct sa *sa, void *v_arg) |
206 | { |
207 | struct dst_spi_proto_arg *arg = v_arg; |
208 | struct proto *proto; |
209 | struct sockaddr *dst, *src; |
210 | int incoming; |
211 | |
212 | if (sa->phase != 2 || !(sa->flags & SA_FLAG_READY0x01)) |
213 | return 0; |
214 | |
215 | sa->transport->vtbl->get_dst(sa->transport, &dst); |
216 | if (memcmp(sockaddr_addrdata(dst), sockaddr_addrdata(arg->dst), |
217 | sockaddr_addrlen(dst)) == 0) |
218 | incoming = 0; |
219 | else { |
220 | sa->transport->vtbl->get_src(sa->transport, &src); |
221 | if (memcmp(sockaddr_addrdata(src), sockaddr_addrdata(arg->dst), |
222 | sockaddr_addrlen(src)) == 0) |
223 | incoming = 1; |
224 | else |
225 | return 0; |
226 | } |
227 | |
228 | for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first); proto; |
229 | proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) |
230 | if ((arg->proto == 0 || proto->proto == arg->proto) && |
231 | memcmp(proto->spi[incoming], &arg->spi, sizeof arg->spi) |
232 | == 0) |
233 | return 1; |
234 | return 0; |
235 | } |
236 | |
237 | /* Find an SA with a "name" of DST, SPI & PROTO. */ |
238 | struct sa * |
239 | ipsec_sa_lookup(struct sockaddr *dst, u_int32_t spi, u_int8_t proto) |
240 | { |
241 | struct dst_spi_proto_arg arg; |
242 | |
243 | arg.dst = dst; |
244 | arg.spi = spi; |
245 | arg.proto = proto; |
246 | return sa_find(ipsec_sa_check, &arg); |
247 | } |
248 | |
249 | /* |
250 | * Check if SA matches the flow of another SA in V_ARG. It has to |
251 | * be a finished non-replaced phase 2 SA. |
252 | * XXX At some point other selectors will matter here too. |
253 | */ |
254 | static int |
255 | ipsec_sa_check_flow(struct sa *sa, void *v_arg) |
256 | { |
257 | if ((sa->flags & (SA_FLAG_READY0x01 | SA_FLAG_REPLACED0x08)) != SA_FLAG_READY0x01) |
258 | return 0; |
259 | |
260 | return ipsec_sa_check_flow_any(sa, v_arg); |
261 | } |
262 | |
263 | static int |
264 | ipsec_sa_check_flow_any(struct sa *sa, void *v_arg) |
265 | { |
266 | struct sa *sa2 = v_arg; |
267 | struct ipsec_sa *isa = sa->data, *isa2 = sa2->data; |
268 | |
269 | if (sa == sa2 || sa->phase != 2 || |
270 | (sa->flags & SA_FLAG_READY0x01) != SA_FLAG_READY0x01) |
271 | return 0; |
272 | |
273 | if (isa->tproto != isa2->tproto || isa->sport != isa2->sport || |
274 | isa->dport != isa2->dport) |
275 | return 0; |
276 | |
277 | if ((sa->flags & SA_FLAG_IFACE0x400) != (sa2->flags & SA_FLAG_IFACE0x400)) |
278 | return 0; |
279 | |
280 | if (sa->flags & SA_FLAG_IFACE0x400) |
281 | return sa->iface == sa2->iface; |
282 | |
283 | /* |
284 | * If at least one of the IPsec SAs is incomplete, we're done. |
285 | */ |
286 | if (isa->src_net == NULL((void *)0) || isa2->src_net == NULL((void *)0) || |
287 | isa->dst_net == NULL((void *)0) || isa2->dst_net == NULL((void *)0) || |
288 | isa->src_mask == NULL((void *)0) || isa2->src_mask == NULL((void *)0) || |
289 | isa->dst_mask == NULL((void *)0) || isa2->dst_mask == NULL((void *)0)) |
290 | return 0; |
291 | |
292 | return isa->src_net->sa_family == isa2->src_net->sa_family && |
293 | memcmp(sockaddr_addrdata(isa->src_net), |
294 | sockaddr_addrdata(isa2->src_net), |
295 | sockaddr_addrlen(isa->src_net)) == 0 && |
296 | memcmp(sockaddr_addrdata(isa->src_mask), |
297 | sockaddr_addrdata(isa2->src_mask), |
298 | sockaddr_addrlen(isa->src_mask)) == 0 && |
299 | memcmp(sockaddr_addrdata(isa->dst_net), |
300 | sockaddr_addrdata(isa2->dst_net), |
301 | sockaddr_addrlen(isa->dst_net)) == 0 && |
302 | memcmp(sockaddr_addrdata(isa->dst_mask), |
303 | sockaddr_addrdata(isa2->dst_mask), |
304 | sockaddr_addrlen(isa->dst_mask)) == 0; |
305 | } |
306 | |
307 | /* |
308 | * Construct a PF tag if specified in the configuration. |
309 | * It is possible to use variables to expand the tag: |
310 | * $id The string representation of the remote ID |
311 | * $domain The stripped domain part of the ID (for FQDN and UFQDN) |
312 | */ |
313 | static int |
314 | ipsec_sa_tag(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) |
315 | { |
316 | char *format, *section; |
317 | char *id_string = NULL((void *)0), *domain = NULL((void *)0); |
318 | int error = -1; |
319 | size_t len; |
320 | |
321 | sa->tag = NULL((void *)0); |
322 | |
323 | if (exchange->name == NULL((void *)0) || |
324 | (section = exchange->name) == NULL((void *)0) || |
325 | (format = conf_get_str(section, "PF-Tag")) == NULL((void *)0)) |
326 | return (0); /* ignore if not present */ |
327 | |
328 | len = PF_TAG_NAME_SIZE64; |
329 | if ((sa->tag = calloc(1, len)) == NULL((void *)0)) { |
330 | log_error("ipsec_sa_tag: calloc"); |
331 | goto fail; |
332 | } |
333 | if (strlcpy(sa->tag, format, len) >= len) { |
334 | log_print("ipsec_sa_tag: tag too long"); |
335 | goto fail; |
336 | } |
337 | if (isakmp_sa->initiator) |
338 | id_string = ipsec_id_string(isakmp_sa->id_r, |
339 | isakmp_sa->id_r_len); |
340 | else |
341 | id_string = ipsec_id_string(isakmp_sa->id_i, |
342 | isakmp_sa->id_i_len); |
343 | |
344 | if (strstr(format, "$id") != NULL((void *)0)) { |
345 | if (id_string == NULL((void *)0)) { |
346 | log_print("ipsec_sa_tag: cannot get ID"); |
347 | goto fail; |
348 | } |
349 | if (expand_string(sa->tag, len, "$id", id_string) != 0) { |
350 | log_print("ipsec_sa_tag: failed to expand tag"); |
351 | goto fail; |
352 | } |
353 | } |
354 | |
355 | if (strstr(format, "$domain") != NULL((void *)0)) { |
356 | if (id_string == NULL((void *)0)) { |
357 | log_print("ipsec_sa_tag: cannot get ID"); |
358 | goto fail; |
359 | } |
360 | if (strncmp(id_string, "fqdn/", strlen("fqdn/")) == 0) |
361 | domain = strchr(id_string, '.'); |
362 | else if (strncmp(id_string, "ufqdn/", strlen("ufqdn/")) == 0) |
363 | domain = strchr(id_string, '@'); |
364 | if (domain == NULL((void *)0) || strlen(domain) < 2) { |
365 | log_print("ipsec_sa_tag: no valid domain in ID %s", |
366 | id_string); |
367 | goto fail; |
368 | } |
369 | domain++; |
370 | if (expand_string(sa->tag, len, "$domain", domain) != 0) { |
371 | log_print("ipsec_sa_tag: failed to expand tag"); |
372 | goto fail; |
373 | } |
374 | } |
375 | |
376 | LOG_DBG((LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"",log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag) |
377 | strlen(sa->tag), sa->tag))log_debug (LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"" , strlen(sa->tag), sa->tag); |
378 | |
379 | error = 0; |
380 | fail: |
381 | free(id_string); |
382 | if (error != 0) { |
383 | free(sa->tag); |
384 | sa->tag = NULL((void *)0); |
385 | } |
386 | |
387 | return (error); |
388 | } |
389 | |
390 | static int |
391 | ipsec_sa_iface(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) |
392 | { |
393 | char *section, *value; |
394 | const char *errstr = NULL((void *)0); |
395 | |
396 | if (exchange->name == NULL((void *)0) || |
397 | (section = exchange->name) == NULL((void *)0) || |
398 | (value = conf_get_str(section, "Interface")) == NULL((void *)0)) |
399 | return (0); /* ignore if not present */ |
400 | |
401 | sa->iface = strtonum(value, 0, UINT_MAX0xffffffffU, &errstr); |
402 | if (errstr != NULL((void *)0)) { |
403 | log_error("[%s]:Interface %s", section, errstr); |
404 | return (-1); |
405 | } |
406 | |
407 | sa->flags |= SA_FLAG_IFACE0x400; |
408 | |
409 | return (0); |
410 | } |
411 | |
412 | /* |
413 | * Do IPsec DOI specific finalizations task for the exchange where MSG was |
414 | * the final message. |
415 | */ |
416 | static void |
417 | ipsec_finalize_exchange(struct message *msg) |
418 | { |
419 | struct sa *isakmp_sa = msg->isakmp_sa; |
420 | struct ipsec_sa *isa; |
421 | struct exchange *exchange = msg->exchange; |
422 | struct ipsec_exch *ie = exchange->data; |
423 | struct sa *sa = 0, *old_sa; |
424 | struct proto *proto, *last_proto = 0; |
425 | char *addr1, *addr2, *mask1, *mask2; |
426 | |
427 | switch (exchange->phase) { |
428 | case 1: |
429 | switch (exchange->type) { |
430 | case ISAKMP_EXCH_ID_PROT2: |
431 | case ISAKMP_EXCH_AGGRESSIVE4: |
432 | isa = isakmp_sa->data; |
433 | isa->hash = ie->hash->type; |
434 | isa->prf_type = ie->prf_type; |
435 | isa->skeyid_len = ie->skeyid_len; |
436 | isa->skeyid_d = ie->skeyid_d; |
437 | isa->skeyid_a = ie->skeyid_a; |
438 | /* Prevents early free of SKEYID_*. */ |
439 | ie->skeyid_a = ie->skeyid_d = 0; |
440 | |
441 | /* |
442 | * If a lifetime was negotiated setup the expiration |
443 | * timers. |
444 | */ |
445 | if (isakmp_sa->seconds) |
446 | sa_setup_expirations(isakmp_sa); |
447 | |
448 | if (isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE0x200) |
449 | nat_t_setup_keepalive(isakmp_sa); |
450 | break; |
451 | } |
452 | break; |
453 | |
454 | case 2: |
455 | switch (exchange->type) { |
456 | case IKE_EXCH_QUICK_MODE32: |
457 | /* |
458 | * Tell the application(s) about the SPIs and key |
459 | * material. |
460 | */ |
461 | for (sa = TAILQ_FIRST(&exchange->sa_list)((&exchange->sa_list)->tqh_first); sa; |
462 | sa = TAILQ_NEXT(sa, next)((sa)->next.tqe_next)) { |
463 | isa = sa->data; |
464 | |
465 | if (exchange->initiator) { |
466 | /* |
467 | * Initiator is source, responder is |
468 | * destination. |
469 | */ |
470 | if (ipsec_set_network(ie->id_ci, |
471 | ie->id_cr, sa)) { |
472 | log_print( |
473 | "ipsec_finalize_exchange: " |
474 | "ipsec_set_network " |
475 | "failed"); |
476 | return; |
477 | } |
478 | } else { |
479 | /* |
480 | * Responder is source, initiator is |
481 | * destination. |
482 | */ |
483 | if (ipsec_set_network(ie->id_cr, |
484 | ie->id_ci, sa)) { |
485 | log_print( |
486 | "ipsec_finalize_exchange: " |
487 | "ipsec_set_network " |
488 | "failed"); |
489 | return; |
490 | } |
491 | } |
492 | |
493 | if (ipsec_sa_tag(exchange, sa, isakmp_sa) == -1) |
494 | return; |
495 | |
496 | if (ipsec_sa_iface(exchange, sa, isakmp_sa) == -1) |
497 | return; |
498 | |
499 | for (proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first), |
500 | last_proto = 0; proto; |
501 | proto = TAILQ_NEXT(proto, link)((proto)->link.tqe_next)) { |
502 | if (pf_key_v2_set_spi(sa, proto, |
503 | 0, isakmp_sa) || |
504 | (last_proto && |
505 | pf_key_v2_group_spis(sa, |
506 | last_proto, proto, 0)) || |
507 | pf_key_v2_set_spi(sa, proto, |
508 | 1, isakmp_sa) || |
509 | (last_proto && |
510 | pf_key_v2_group_spis(sa, |
511 | last_proto, proto, 1))) |
512 | /* |
513 | * XXX Tear down this |
514 | * exchange. |
515 | */ |
516 | return; |
517 | last_proto = proto; |
518 | } |
519 | |
520 | if (sockaddr2text(isa->src_net, &addr1, 0)) |
521 | addr1 = 0; |
522 | if (sockaddr2text(isa->src_mask, &mask1, 0)) |
523 | mask1 = 0; |
524 | if (sockaddr2text(isa->dst_net, &addr2, 0)) |
525 | addr2 = 0; |
526 | if (sockaddr2text(isa->dst_mask, &mask2, 0)) |
527 | mask2 = 0; |
528 | |
529 | LOG_DBG((LOG_EXCHANGE, 50,log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
530 | "ipsec_finalize_exchange: src %s %s "log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
531 | "dst %s %s tproto %u sport %u dport %u",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
532 | addr1 ? addr1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
533 | mask1 ? mask1 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
534 | addr2 ? addr2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
535 | mask2 ? mask2 : "<??\?>",log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
536 | isa->tproto, ntohs(isa->sport),log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))) |
537 | ntohs(isa->dport)))log_debug (LOG_EXCHANGE, 50, "ipsec_finalize_exchange: src %s %s " "dst %s %s tproto %u sport %u dport %u", addr1 ? addr1 : "<??\?>" , mask1 ? mask1 : "<??\?>", addr2 ? addr2 : "<??\?>" , mask2 ? mask2 : "<??\?>", isa->tproto, (__uint16_t )(__builtin_constant_p(isa->sport) ? (__uint16_t)(((__uint16_t )(isa->sport) & 0xffU) << 8 | ((__uint16_t)(isa-> sport) & 0xff00U) >> 8) : __swap16md(isa->sport) ), (__uint16_t)(__builtin_constant_p(isa->dport) ? (__uint16_t )(((__uint16_t)(isa->dport) & 0xffU) << 8 | ((__uint16_t )(isa->dport) & 0xff00U) >> 8) : __swap16md(isa-> dport))); |
538 | |
539 | free(addr1); |
540 | free(mask1); |
541 | free(addr2); |
542 | free(mask2); |
543 | |
544 | /* |
545 | * If this is not an SA acquired by the |
546 | * kernel, it needs to have a SPD entry |
547 | * (a.k.a. flow) set up. |
548 | */ |
549 | if (!(sa->flags & SA_FLAG_ONDEMAND0x04 || |
550 | sa->flags & SA_FLAG_IFACE0x400 || |
551 | conf_get_str("General", "Acquire-Only") || |
552 | acquire_only) && |
553 | pf_key_v2_enable_sa(sa, isakmp_sa)) |
554 | /* XXX Tear down this exchange. */ |
555 | return; |
556 | |
557 | /* |
558 | * Mark elder SAs with the same flow |
559 | * information as replaced. |
560 | */ |
561 | while ((old_sa = sa_find(ipsec_sa_check_flow, |
562 | sa)) != 0) |
563 | sa_mark_replaced(old_sa); |
564 | } |
565 | break; |
566 | } |
567 | } |
568 | } |
569 | |
570 | /* Set the client addresses in ISA from SRC_ID and DST_ID. */ |
571 | static int |
572 | ipsec_set_network(u_int8_t *src_id, u_int8_t *dst_id, struct sa *sa) |
573 | { |
574 | void *src_net, *dst_net; |
575 | void *src_mask = NULL((void *)0), *dst_mask = NULL((void *)0); |
576 | struct sockaddr *addr; |
577 | struct proto *proto; |
578 | struct ipsec_proto *iproto; |
579 | struct ipsec_sa *isa = sa->data; |
580 | int src_af, dst_af; |
581 | int id; |
582 | char *name, *nat = NULL((void *)0); |
583 | u_int8_t *nat_id = NULL((void *)0); |
584 | size_t nat_sz; |
585 | |
586 | if ((name = connection_passive_lookup_by_ids(src_id, dst_id))) |
587 | nat = conf_get_str(name, "NAT-ID"); |
588 | |
589 | if (nat) { |
590 | if ((nat_id = ipsec_build_id(nat, &nat_sz))) { |
591 | LOG_DBG((LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:"log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat) |
592 | " src: %s -> %s", name, nat))log_debug (LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" " src: %s -> %s" , name, nat); |
593 | src_id = nat_id; |
594 | } else |
595 | log_print("ipsec_set_network: ipsec_build_id" |
596 | " failed for NAT-ID: %s", nat); |
597 | } |
598 | |
599 | if (((proto = TAILQ_FIRST(&sa->protos)((&sa->protos)->tqh_first)) != NULL((void *)0)) && |
600 | ((iproto = proto->data) != NULL((void *)0)) && |
601 | (iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 || |
602 | iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444)) { |
603 | /* |
604 | * For NAT-T with transport mode, we need to use the ISAKMP's |
605 | * SA addresses for the flow. |
606 | */ |
607 | sa->transport->vtbl->get_src(sa->transport, &addr); |
608 | src_af = addr->sa_family; |
609 | src_net = sockaddr_addrdata(addr); |
610 | |
611 | sa->transport->vtbl->get_dst(sa->transport, &addr); |
612 | dst_af = addr->sa_family; |
613 | dst_net = sockaddr_addrdata(addr); |
614 | } else { |
615 | id = GET_ISAKMP_ID_TYPE(src_id)field_get_num (isakmp_id_fld + 0, src_id); |
616 | src_net = src_id + ISAKMP_ID_DATA_OFF8; |
617 | switch (id) { |
618 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
619 | src_mask = (u_int8_t *)src_net + sizeof(struct in_addr); |
620 | /* FALLTHROUGH */ |
621 | case IPSEC_ID_IPV4_ADDR1: |
622 | src_af = AF_INET2; |
623 | break; |
624 | |
625 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
626 | src_mask = (u_int8_t *)src_net + |
627 | sizeof(struct in6_addr); |
628 | /* FALLTHROUGH */ |
629 | case IPSEC_ID_IPV6_ADDR5: |
630 | src_af = AF_INET624; |
631 | break; |
632 | |
633 | default: |
634 | log_print( |
635 | "ipsec_set_network: ID type %d (%s) not supported", |
636 | id, constant_name(ipsec_id_cst, id)); |
637 | return -1; |
638 | } |
639 | |
640 | id = GET_ISAKMP_ID_TYPE(dst_id)field_get_num (isakmp_id_fld + 0, dst_id); |
641 | dst_net = dst_id + ISAKMP_ID_DATA_OFF8; |
642 | switch (id) { |
643 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
644 | dst_mask = (u_int8_t *)dst_net + sizeof(struct in_addr); |
645 | /* FALLTHROUGH */ |
646 | case IPSEC_ID_IPV4_ADDR1: |
647 | dst_af = AF_INET2; |
648 | break; |
649 | |
650 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
651 | dst_mask = (u_int8_t *)dst_net + |
652 | sizeof(struct in6_addr); |
653 | /* FALLTHROUGH */ |
654 | case IPSEC_ID_IPV6_ADDR5: |
655 | dst_af = AF_INET624; |
656 | break; |
657 | |
658 | default: |
659 | log_print( |
660 | "ipsec_set_network: ID type %d (%s) not supported", |
661 | id, constant_name(ipsec_id_cst, id)); |
662 | return -1; |
663 | } |
664 | } |
665 | |
666 | /* Set source address/mask. */ |
667 | switch (src_af) { |
668 | case AF_INET2: |
669 | isa->src_net = calloc(1, sizeof(struct sockaddr_in)); |
670 | if (!isa->src_net) |
671 | goto memfail; |
672 | isa->src_net->sa_family = AF_INET2; |
673 | isa->src_net->sa_len = sizeof(struct sockaddr_in); |
674 | |
675 | isa->src_mask = calloc(1, sizeof(struct sockaddr_in)); |
676 | if (!isa->src_mask) |
677 | goto memfail; |
678 | isa->src_mask->sa_family = AF_INET2; |
679 | isa->src_mask->sa_len = sizeof(struct sockaddr_in); |
680 | break; |
681 | |
682 | case AF_INET624: |
683 | isa->src_net = calloc(1, sizeof(struct sockaddr_in6)); |
684 | if (!isa->src_net) |
685 | goto memfail; |
686 | isa->src_net->sa_family = AF_INET624; |
687 | isa->src_net->sa_len = sizeof(struct sockaddr_in6); |
688 | |
689 | isa->src_mask = calloc(1, sizeof(struct sockaddr_in6)); |
690 | if (!isa->src_mask) |
691 | goto memfail; |
692 | isa->src_mask->sa_family = AF_INET624; |
693 | isa->src_mask->sa_len = sizeof(struct sockaddr_in6); |
694 | break; |
695 | } |
696 | |
697 | /* Net */ |
698 | memcpy(sockaddr_addrdata(isa->src_net), src_net, |
699 | sockaddr_addrlen(isa->src_net)); |
700 | |
701 | /* Mask */ |
702 | if (src_mask == NULL((void *)0)) |
703 | memset(sockaddr_addrdata(isa->src_mask), 0xff, |
704 | sockaddr_addrlen(isa->src_mask)); |
705 | else |
706 | memcpy(sockaddr_addrdata(isa->src_mask), src_mask, |
707 | sockaddr_addrlen(isa->src_mask)); |
708 | |
709 | memcpy(&isa->sport, |
710 | src_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1, |
711 | IPSEC_ID_PORT_LEN2); |
712 | |
713 | free(nat_id); |
714 | |
715 | /* Set destination address. */ |
716 | switch (dst_af) { |
717 | case AF_INET2: |
718 | isa->dst_net = calloc(1, sizeof(struct sockaddr_in)); |
719 | if (!isa->dst_net) |
720 | goto memfail; |
721 | isa->dst_net->sa_family = AF_INET2; |
722 | isa->dst_net->sa_len = sizeof(struct sockaddr_in); |
723 | |
724 | isa->dst_mask = calloc(1, sizeof(struct sockaddr_in)); |
Result of 'calloc' is converted to a pointer of type 'struct sockaddr', which is incompatible with sizeof operand type 'struct sockaddr_in' | |
725 | if (!isa->dst_mask) |
726 | goto memfail; |
727 | isa->dst_mask->sa_family = AF_INET2; |
728 | isa->dst_mask->sa_len = sizeof(struct sockaddr_in); |
729 | break; |
730 | |
731 | case AF_INET624: |
732 | isa->dst_net = calloc(1, sizeof(struct sockaddr_in6)); |
733 | if (!isa->dst_net) |
734 | goto memfail; |
735 | isa->dst_net->sa_family = AF_INET624; |
736 | isa->dst_net->sa_len = sizeof(struct sockaddr_in6); |
737 | |
738 | isa->dst_mask = calloc(1, sizeof(struct sockaddr_in6)); |
739 | if (!isa->dst_mask) |
740 | goto memfail; |
741 | isa->dst_mask->sa_family = AF_INET624; |
742 | isa->dst_mask->sa_len = sizeof(struct sockaddr_in6); |
743 | break; |
744 | } |
745 | |
746 | /* Net */ |
747 | memcpy(sockaddr_addrdata(isa->dst_net), dst_net, |
748 | sockaddr_addrlen(isa->dst_net)); |
749 | |
750 | /* Mask */ |
751 | if (dst_mask == NULL((void *)0)) |
752 | memset(sockaddr_addrdata(isa->dst_mask), 0xff, |
753 | sockaddr_addrlen(isa->dst_mask)); |
754 | else |
755 | memcpy(sockaddr_addrdata(isa->dst_mask), dst_mask, |
756 | sockaddr_addrlen(isa->dst_mask)); |
757 | |
758 | memcpy(&isa->tproto, dst_id + ISAKMP_ID_DOI_DATA_OFF5 + |
759 | IPSEC_ID_PROTO_OFF0, IPSEC_ID_PROTO_LEN1); |
760 | memcpy(&isa->dport, |
761 | dst_id + ISAKMP_ID_DOI_DATA_OFF5 + IPSEC_ID_PORT_OFF1, |
762 | IPSEC_ID_PORT_LEN2); |
763 | return 0; |
764 | |
765 | memfail: |
766 | log_error("ipsec_set_network: calloc () failed"); |
767 | return -1; |
768 | } |
769 | |
770 | /* Free the DOI-specific exchange data pointed to by VIE. */ |
771 | static void |
772 | ipsec_free_exchange_data(void *vie) |
773 | { |
774 | struct ipsec_exch *ie = vie; |
775 | struct isakmp_cfg_attr *attr; |
776 | |
777 | free(ie->sa_i_b); |
778 | free(ie->id_ci); |
779 | free(ie->id_cr); |
780 | free(ie->g_xi); |
781 | free(ie->g_xr); |
782 | free(ie->g_xy); |
783 | free(ie->skeyid); |
784 | free(ie->skeyid_d); |
785 | free(ie->skeyid_a); |
786 | free(ie->skeyid_e); |
787 | free(ie->hash_i); |
788 | free(ie->hash_r); |
789 | if (ie->group) |
790 | group_free(ie->group); |
791 | for (attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first); attr; |
792 | attr = LIST_FIRST(&ie->attrs)((&ie->attrs)->lh_first)) { |
793 | LIST_REMOVE(attr, link)do { if ((attr)->link.le_next != ((void *)0)) (attr)->link .le_next->link.le_prev = (attr)->link.le_prev; *(attr)-> link.le_prev = (attr)->link.le_next; ; ; } while (0); |
794 | if (attr->length) |
795 | free(attr->value); |
796 | free(attr); |
797 | } |
798 | } |
799 | |
800 | /* Free the DOI-specific SA data pointed to by VISA. */ |
801 | static void |
802 | ipsec_free_sa_data(void *visa) |
803 | { |
804 | struct ipsec_sa *isa = visa; |
805 | |
806 | free(isa->src_net); |
807 | free(isa->src_mask); |
808 | free(isa->dst_net); |
809 | free(isa->dst_mask); |
810 | free(isa->skeyid_a); |
811 | free(isa->skeyid_d); |
812 | } |
813 | |
814 | /* Free the DOI-specific protocol data of an SA pointed to by VIPROTO. */ |
815 | static void |
816 | ipsec_free_proto_data(void *viproto) |
817 | { |
818 | struct ipsec_proto *iproto = viproto; |
819 | int i; |
820 | |
821 | for (i = 0; i < 2; i++) |
822 | free(iproto->keymat[i]); |
823 | } |
824 | |
825 | /* Return exchange script based on TYPE. */ |
826 | static int16_t * |
827 | ipsec_exchange_script(u_int8_t type) |
828 | { |
829 | switch (type) { |
830 | case ISAKMP_EXCH_TRANSACTION6: |
831 | return script_transaction; |
832 | case IKE_EXCH_QUICK_MODE32: |
833 | return script_quick_mode; |
834 | case IKE_EXCH_NEW_GROUP_MODE33: |
835 | return script_new_group_mode; |
836 | } |
837 | return 0; |
838 | } |
839 | |
840 | /* Initialize this DOI, requires doi_init to already have been called. */ |
841 | void |
842 | ipsec_init(void) |
843 | { |
844 | doi_register(&ipsec_doi); |
845 | } |
846 | |
847 | /* Given a message MSG, return a suitable IV (or rather keystate). */ |
848 | static struct keystate * |
849 | ipsec_get_keystate(struct message *msg) |
850 | { |
851 | struct keystate *ks; |
852 | struct hash *hash; |
853 | |
854 | /* If we have already have an IV, use it. */ |
855 | if (msg->exchange && msg->exchange->keystate) { |
856 | ks = malloc(sizeof *ks); |
857 | if (!ks) { |
858 | log_error("ipsec_get_keystate: malloc (%lu) failed", |
859 | (unsigned long) sizeof *ks); |
860 | return 0; |
861 | } |
862 | memcpy(ks, msg->exchange->keystate, sizeof *ks); |
863 | return ks; |
864 | } |
865 | /* |
866 | * For phase 2 when no SA yet is setup we need to hash the IV used by |
867 | * the ISAKMP SA concatenated with the message ID, and use that as an |
868 | * IV for further cryptographic operations. |
869 | */ |
870 | if (!msg->isakmp_sa->keystate) { |
871 | log_print("ipsec_get_keystate: no keystate in ISAKMP SA %p", |
872 | msg->isakmp_sa); |
873 | return 0; |
874 | } |
875 | ks = crypto_clone_keystate(msg->isakmp_sa->keystate); |
876 | if (!ks) |
877 | return 0; |
878 | |
879 | hash = hash_get(((struct ipsec_sa *)msg->isakmp_sa->data)->hash); |
880 | hash->Init(hash->ctx); |
881 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize) |
882 | ks->riv, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV" , ks->riv, ks->xf->blocksize); |
883 | hash->Update(hash->ctx, ks->riv, ks->xf->blocksize); |
884 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: message ID",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4) |
885 | ((u_int8_t *) msg->iov[0].iov_base) + ISAKMP_HDR_MESSAGE_ID_OFF,log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4) |
886 | ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: message ID" , ((u_int8_t *) msg->iov[0].iov_base) + 20, 4); |
887 | hash->Update(hash->ctx, ((u_int8_t *) msg->iov[0].iov_base) + |
888 | ISAKMP_HDR_MESSAGE_ID_OFF20, ISAKMP_HDR_MESSAGE_ID_LEN4); |
889 | hash->Final(hash->digest, hash->ctx); |
890 | crypto_init_iv(ks, hash->digest, ks->xf->blocksize); |
891 | LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV",log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize) |
892 | hash->digest, ks->xf->blocksize))log_debug_buf (LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV" , hash->digest, ks->xf->blocksize); |
893 | return ks; |
894 | } |
895 | |
896 | static void |
897 | ipsec_setup_situation(u_int8_t *buf) |
898 | { |
899 | SET_IPSEC_SIT_SIT(buf + ISAKMP_SA_SIT_OFF, IPSEC_SIT_IDENTITY_ONLY)field_set_num (ipsec_sit_fld + 0, buf + 8, 1); |
900 | } |
901 | |
902 | static size_t |
903 | ipsec_situation_size(void) |
904 | { |
905 | return IPSEC_SIT_SIT_LEN4; |
906 | } |
907 | |
908 | static u_int8_t |
909 | ipsec_spi_size(u_int8_t proto) |
910 | { |
911 | return IPSEC_SPI_SIZE4; |
912 | } |
913 | |
914 | static int |
915 | ipsec_validate_attribute(u_int16_t type, u_int8_t * value, u_int16_t len, |
916 | void *vmsg) |
917 | { |
918 | struct message *msg = vmsg; |
919 | |
920 | if (msg->exchange->phase == 1 && |
921 | (type < IKE_ATTR_ENCRYPTION_ALGORITHM1 || type > IKE_ATTR_GROUP_ORDER16)) |
922 | return -1; |
923 | if (msg->exchange->phase == 2 && |
924 | (type < IPSEC_ATTR_SA_LIFE_TYPE1 || type > IPSEC_ATTR_ECN_TUNNEL10)) |
925 | return -1; |
926 | return 0; |
927 | } |
928 | |
929 | static int |
930 | ipsec_validate_exchange(u_int8_t exch) |
931 | { |
932 | return exch != IKE_EXCH_QUICK_MODE32 && exch != IKE_EXCH_NEW_GROUP_MODE33; |
933 | } |
934 | |
935 | static int |
936 | ipsec_validate_id_information(u_int8_t type, u_int8_t *extra, u_int8_t *buf, |
937 | size_t sz, struct exchange *exchange) |
938 | { |
939 | u_int8_t proto = GET_IPSEC_ID_PROTO(extra)field_get_num (ipsec_id_fld + 0, extra); |
940 | u_int16_t port = GET_IPSEC_ID_PORT(extra)field_get_num (ipsec_id_fld + 1, extra); |
941 | |
942 | LOG_DBG((LOG_MESSAGE, 40,log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type) |
943 | "ipsec_validate_id_information: proto %d port %d type %d",log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type) |
944 | proto, port, type))log_debug (LOG_MESSAGE, 40, "ipsec_validate_id_information: proto %d port %d type %d" , proto, port, type); |
945 | if (type < IPSEC_ID_IPV4_ADDR1 || type > IPSEC_ID_KEY_ID11) |
946 | return -1; |
947 | |
948 | switch (type) { |
949 | case IPSEC_ID_IPV4_ADDR1: |
950 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)) |
951 | "ipsec_validate_id_information: IPv4", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)) |
952 | sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4" , buf, sizeof(struct in_addr)); |
953 | break; |
954 | |
955 | case IPSEC_ID_IPV6_ADDR5: |
956 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)) |
957 | "ipsec_validate_id_information: IPv6", buf,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)) |
958 | sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6" , buf, sizeof(struct in6_addr)); |
959 | break; |
960 | |
961 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
962 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)) |
963 | "ipsec_validate_id_information: IPv4 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)) |
964 | buf, 2 * sizeof(struct in_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv4 network/netmask" , buf, 2 * sizeof(struct in_addr)); |
965 | break; |
966 | |
967 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
968 | LOG_DBG_BUF((LOG_MESSAGE, 40,log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)) |
969 | "ipsec_validate_id_information: IPv6 network/netmask",log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)) |
970 | buf, 2 * sizeof(struct in6_addr)))log_debug_buf (LOG_MESSAGE, 40, "ipsec_validate_id_information: IPv6 network/netmask" , buf, 2 * sizeof(struct in6_addr)); |
971 | break; |
972 | |
973 | default: |
974 | break; |
975 | } |
976 | |
977 | if (exchange->phase == 1 && |
978 | (proto != IPPROTO_UDP17 || port != UDP_DEFAULT_PORT500) && |
979 | (proto != 0 || port != 0)) { |
980 | /* |
981 | * XXX SSH's ISAKMP tester fails this test (proto 17 - port |
982 | * 0). |
983 | */ |
984 | #ifdef notyet |
985 | return -1; |
986 | #else |
987 | log_print("ipsec_validate_id_information: dubious ID " |
988 | "information accepted"); |
989 | #endif |
990 | } |
991 | /* XXX More checks? */ |
992 | |
993 | return 0; |
994 | } |
995 | |
996 | static int |
997 | ipsec_validate_key_information(u_int8_t *buf, size_t sz) |
998 | { |
999 | /* XXX Not implemented yet. */ |
1000 | return 0; |
1001 | } |
1002 | |
1003 | static int |
1004 | ipsec_validate_notification(u_int16_t type) |
1005 | { |
1006 | return type < IPSEC_NOTIFY_RESPONDER_LIFETIME24576 || |
1007 | type > IPSEC_NOTIFY_INITIAL_CONTACT24578 ? -1 : 0; |
1008 | } |
1009 | |
1010 | static int |
1011 | ipsec_validate_proto(u_int8_t proto) |
1012 | { |
1013 | return proto < IPSEC_PROTO_IPSEC_AH2 || |
1014 | proto > IPSEC_PROTO_IPCOMP4 ? -1 : 0; |
1015 | } |
1016 | |
1017 | static int |
1018 | ipsec_validate_situation(u_int8_t *buf, size_t *sz, size_t len) |
1019 | { |
1020 | if (len < IPSEC_SIT_SIT_OFF0 + IPSEC_SIT_SIT_LEN4) { |
1021 | log_print("ipsec_validate_situation: payload too short: %u", |
1022 | (unsigned int) len); |
1023 | return -1; |
1024 | } |
1025 | /* Currently only "identity only" situations are supported. */ |
1026 | if (GET_IPSEC_SIT_SIT(buf)field_get_num (ipsec_sit_fld + 0, buf) != IPSEC_SIT_IDENTITY_ONLY1) |
1027 | return 1; |
1028 | |
1029 | *sz = IPSEC_SIT_SIT_LEN4; |
1030 | |
1031 | return 0; |
1032 | } |
1033 | |
1034 | static int |
1035 | ipsec_validate_transform_id(u_int8_t proto, u_int8_t transform_id) |
1036 | { |
1037 | switch (proto) { |
1038 | /* |
1039 | * As no unexpected protocols can occur, we just tie the |
1040 | * default case to the first case, in order to silence a GCC |
1041 | * warning. |
1042 | */ |
1043 | default: |
1044 | case ISAKMP_PROTO_ISAKMP1: |
1045 | return transform_id != IPSEC_TRANSFORM_KEY_IKE1; |
1046 | case IPSEC_PROTO_IPSEC_AH2: |
1047 | return transform_id < IPSEC_AH_MD52 || |
1048 | transform_id > IPSEC_AH_RIPEMD8 ? -1 : 0; |
1049 | case IPSEC_PROTO_IPSEC_ESP3: |
1050 | return transform_id < IPSEC_ESP_DES_IV641 || |
1051 | (transform_id > IPSEC_ESP_AES_GMAC23 && |
1052 | transform_id < IPSEC_ESP_AES_MARS249) || |
1053 | transform_id > IPSEC_ESP_AES_TWOFISH253 ? -1 : 0; |
1054 | case IPSEC_PROTO_IPCOMP4: |
1055 | return transform_id < IPSEC_IPCOMP_OUI1 || |
1056 | transform_id > IPSEC_IPCOMP_DEFLATE2 ? -1 : 0; |
1057 | } |
1058 | } |
1059 | |
1060 | static int |
1061 | ipsec_initiator(struct message *msg) |
1062 | { |
1063 | struct exchange *exchange = msg->exchange; |
1064 | int (**script)(struct message *) = 0; |
1065 | |
1066 | /* Check that the SA is coherent with the IKE rules. */ |
1067 | if (exchange->type != ISAKMP_EXCH_TRANSACTION6 && |
1068 | ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 && |
1069 | exchange->type != ISAKMP_EXCH_AGGRESSIVE4 && |
1070 | exchange->type != ISAKMP_EXCH_INFO5) || |
1071 | (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 && |
1072 | exchange->type != ISAKMP_EXCH_INFO5))) { |
1073 | log_print("ipsec_initiator: unsupported exchange type %d " |
1074 | "in phase %d", exchange->type, exchange->phase); |
1075 | return -1; |
1076 | } |
1077 | switch (exchange->type) { |
1078 | case ISAKMP_EXCH_ID_PROT2: |
1079 | script = ike_main_mode_initiator; |
1080 | break; |
1081 | case ISAKMP_EXCH_AGGRESSIVE4: |
1082 | script = ike_aggressive_initiator; |
1083 | break; |
1084 | case ISAKMP_EXCH_TRANSACTION6: |
1085 | script = isakmp_cfg_initiator; |
1086 | break; |
1087 | case ISAKMP_EXCH_INFO5: |
1088 | return message_send_info(msg); |
1089 | case IKE_EXCH_QUICK_MODE32: |
1090 | script = ike_quick_mode_initiator; |
1091 | break; |
1092 | default: |
1093 | log_print("ipsec_initiator: unsupported exchange type %d", |
1094 | exchange->type); |
1095 | return -1; |
1096 | } |
1097 | |
1098 | /* Run the script code for this step. */ |
1099 | if (script) |
1100 | return script[exchange->step] (msg); |
1101 | |
1102 | return 0; |
1103 | } |
1104 | |
1105 | /* |
1106 | * delete all SA's from addr with the associated proto and SPI's |
1107 | * |
1108 | * spis[] is an array of SPIs of size 16-octet for proto ISAKMP |
1109 | * or 4-octet otherwise. |
1110 | */ |
1111 | static void |
1112 | ipsec_delete_spi_list(struct sockaddr *addr, u_int8_t proto, u_int8_t *spis, |
1113 | int nspis, char *type) |
1114 | { |
1115 | struct sa *sa; |
1116 | char *peer; |
1117 | char ids[1024]; |
1118 | int i; |
1119 | |
1120 | for (i = 0; i < nspis; i++) { |
1121 | if (proto == ISAKMP_PROTO_ISAKMP1) { |
1122 | u_int8_t *spi = spis + i * ISAKMP_HDR_COOKIES_LEN(8 + 8); |
1123 | |
1124 | /* |
1125 | * This really shouldn't happen in IPSEC DOI |
1126 | * code, but Cisco VPN 3000 sends ISAKMP DELETE's |
1127 | * this way. |
1128 | */ |
1129 | sa = sa_lookup_isakmp_sa(addr, spi); |
1130 | } else { |
1131 | u_int32_t spi = ((u_int32_t *)spis)[i]; |
1132 | |
1133 | sa = ipsec_sa_lookup(addr, spi, proto); |
1134 | } |
1135 | |
1136 | if (sa == NULL((void *)0)) { |
1137 | LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: could "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto) |
1138 | "not locate SA (SPI %08x, proto %u)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto) |
1139 | ((u_int32_t *)spis)[i], proto))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: could " "not locate SA (SPI %08x, proto %u)" , ((u_int32_t *)spis)[i], proto); |
1140 | continue; |
1141 | } |
1142 | |
1143 | strlcpy(ids, |
1144 | sa->doi->decode_ids("initiator id: %s, responder id: %s", |
1145 | sa->id_i, sa->id_i_len, sa->id_r, sa->id_r_len, 0), |
1146 | sizeof ids); |
1147 | if (sockaddr2text(addr, &peer, 0)) |
1148 | peer = NULL((void *)0); |
1149 | |
1150 | /* only log deletion of SAs which are not soft expired yet */ |
1151 | if (sa->soft_death != NULL((void *)0)) |
1152 | log_verbose("isakmpd: Peer %s made us delete live SA " |
1153 | "%s for proto %d, %s", peer ? peer : "<unknown>", |
1154 | sa->name ? sa->name : "<unnamed>", proto, ids); |
1155 | |
1156 | LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: "log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids) |
1157 | "%s made us delete SA %p (%d references) for proto %d (%s)",log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids) |
1158 | type, sa, sa->refcnt, proto, ids))log_debug (LOG_SA, 30, "ipsec_delete_spi_list: " "%s made us delete SA %p (%d references) for proto %d (%s)" , type, sa, sa->refcnt, proto, ids); |
1159 | free(peer); |
1160 | |
1161 | /* Delete the SA and search for the next */ |
1162 | sa_free(sa); |
1163 | } |
1164 | } |
1165 | |
1166 | static int |
1167 | ipsec_responder(struct message *msg) |
1168 | { |
1169 | struct exchange *exchange = msg->exchange; |
1170 | int (**script)(struct message *) = 0; |
1171 | struct payload *p; |
1172 | u_int16_t type; |
1173 | |
1174 | /* Check that a new exchange is coherent with the IKE rules. */ |
1175 | if (exchange->step == 0 && exchange->type != ISAKMP_EXCH_TRANSACTION6 && |
1176 | ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT2 && |
1177 | exchange->type != ISAKMP_EXCH_AGGRESSIVE4 && |
1178 | exchange->type != ISAKMP_EXCH_INFO5) || |
1179 | (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE32 && |
1180 | exchange->type != ISAKMP_EXCH_INFO5))) { |
1181 | message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29, |
1182 | 0, 1, 0); |
1183 | return -1; |
1184 | } |
1185 | LOG_DBG((LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d",log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step) |
1186 | exchange->phase, exchange->type, exchange->step))log_debug (LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d" , exchange->phase, exchange->type, exchange->step); |
1187 | switch (exchange->type) { |
1188 | case ISAKMP_EXCH_ID_PROT2: |
1189 | script = ike_main_mode_responder; |
1190 | break; |
1191 | case ISAKMP_EXCH_AGGRESSIVE4: |
1192 | script = ike_aggressive_responder; |
1193 | break; |
1194 | case ISAKMP_EXCH_TRANSACTION6: |
1195 | script = isakmp_cfg_responder; |
1196 | break; |
1197 | case ISAKMP_EXCH_INFO5: |
1198 | TAILQ_FOREACH(p, &msg->payload[ISAKMP_PAYLOAD_NOTIFY], link)for((p) = ((&msg->payload[11])->tqh_first); (p) != ( (void *)0); (p) = ((p)->link.tqe_next)) { |
1199 | type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p)field_get_num (isakmp_notify_fld + 3, p->p); |
1200 | LOG_DBG((LOG_EXCHANGE, 10,log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)) |
1201 | "ipsec_responder: got NOTIFY of type %s",log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)) |
1202 | constant_name(isakmp_notify_cst, type)))log_debug (LOG_EXCHANGE, 10, "ipsec_responder: got NOTIFY of type %s" , constant_name(isakmp_notify_cst, type)); |
1203 | |
1204 | switch (type) { |
1205 | case IPSEC_NOTIFY_INITIAL_CONTACT24578: |
1206 | /* Handled by leftover logic. */ |
1207 | break; |
1208 | |
1209 | case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE36136: |
1210 | case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE_ACK36137: |
1211 | dpd_handle_notify(msg, p); |
1212 | break; |
1213 | |
1214 | default: |
1215 | p->flags |= PL_MARK1; |
1216 | break; |
1217 | } |
1218 | } |
1219 | |
1220 | /* |
1221 | * If any DELETEs are in here, let the logic of leftover |
1222 | * payloads deal with them. |
1223 | */ |
1224 | return 0; |
1225 | |
1226 | case IKE_EXCH_QUICK_MODE32: |
1227 | script = ike_quick_mode_responder; |
1228 | break; |
1229 | |
1230 | default: |
1231 | message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE29, |
1232 | 0, 1, 0); |
1233 | return -1; |
1234 | } |
1235 | |
1236 | /* Run the script code for this step. */ |
1237 | if (script) |
1238 | return script[exchange->step] (msg); |
1239 | |
1240 | /* |
1241 | * XXX So far we don't accept any proposals for exchanges we don't |
1242 | * support. |
1243 | */ |
1244 | if (payload_first(msg, ISAKMP_PAYLOAD_SA1)) { |
1245 | message_drop(msg, ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN14, 0, 1, 0); |
1246 | return -1; |
1247 | } |
1248 | return 0; |
1249 | } |
1250 | |
1251 | static enum hashes |
1252 | from_ike_hash(u_int16_t hash) |
1253 | { |
1254 | switch (hash) { |
1255 | case IKE_HASH_MD51: |
1256 | return HASH_MD5; |
1257 | case IKE_HASH_SHA2: |
1258 | return HASH_SHA1; |
1259 | case IKE_HASH_SHA2_2564: |
1260 | return HASH_SHA2_256; |
1261 | case IKE_HASH_SHA2_3845: |
1262 | return HASH_SHA2_384; |
1263 | case IKE_HASH_SHA2_5126: |
1264 | return HASH_SHA2_512; |
1265 | } |
1266 | return -1; |
1267 | } |
1268 | |
1269 | static enum transform |
1270 | from_ike_crypto(u_int16_t crypto) |
1271 | { |
1272 | /* Coincidentally this is the null operation :-) */ |
1273 | return crypto; |
1274 | } |
1275 | |
1276 | /* |
1277 | * Find out whether the attribute of type TYPE with a LEN length value |
1278 | * pointed to by VALUE is incompatible with what we can handle. |
1279 | * VMSG is a pointer to the current message. |
1280 | */ |
1281 | int |
1282 | ipsec_is_attribute_incompatible(u_int16_t type, u_int8_t *value, u_int16_t len, |
1283 | void *vmsg) |
1284 | { |
1285 | struct message *msg = vmsg; |
1286 | u_int16_t dv = decode_16(value); |
1287 | |
1288 | if (msg->exchange->phase == 1) { |
1289 | switch (type) { |
1290 | case IKE_ATTR_ENCRYPTION_ALGORITHM1: |
1291 | return !crypto_get(from_ike_crypto(dv)); |
1292 | case IKE_ATTR_HASH_ALGORITHM2: |
1293 | return !hash_get(from_ike_hash(dv)); |
1294 | case IKE_ATTR_AUTHENTICATION_METHOD3: |
1295 | return !ike_auth_get(dv); |
1296 | case IKE_ATTR_GROUP_DESCRIPTION4: |
1297 | return (dv < IKE_GROUP_DESC_MODP_7681 || |
1298 | dv > IKE_GROUP_DESC_MODP_15365) && |
1299 | (dv < IKE_GROUP_DESC_MODP_204814 || |
1300 | dv > IKE_GROUP_DESC_ECP_52121) && |
1301 | (dv < IKE_GROUP_DESC_ECP_19225 || |
1302 | dv > IKE_GROUP_DESC_BP_51230); |
1303 | case IKE_ATTR_GROUP_TYPE5: |
1304 | return 1; |
1305 | case IKE_ATTR_GROUP_PRIME6: |
1306 | return 1; |
1307 | case IKE_ATTR_GROUP_GENERATOR_17: |
1308 | return 1; |
1309 | case IKE_ATTR_GROUP_GENERATOR_28: |
1310 | return 1; |
1311 | case IKE_ATTR_GROUP_CURVE_A9: |
1312 | return 1; |
1313 | case IKE_ATTR_GROUP_CURVE_B10: |
1314 | return 1; |
1315 | case IKE_ATTR_LIFE_TYPE11: |
1316 | return dv < IKE_DURATION_SECONDS1 || |
1317 | dv > IKE_DURATION_KILOBYTES2; |
1318 | case IKE_ATTR_LIFE_DURATION12: |
1319 | return len != 2 && len != 4; |
1320 | case IKE_ATTR_PRF13: |
1321 | return 1; |
1322 | case IKE_ATTR_KEY_LENGTH14: |
1323 | /* |
1324 | * Our crypto routines only allows key-lengths which |
1325 | * are multiples of an octet. |
1326 | */ |
1327 | return dv % 8 != 0; |
1328 | case IKE_ATTR_FIELD_SIZE15: |
1329 | return 1; |
1330 | case IKE_ATTR_GROUP_ORDER16: |
1331 | return 1; |
1332 | } |
1333 | } else { |
1334 | switch (type) { |
1335 | case IPSEC_ATTR_SA_LIFE_TYPE1: |
1336 | return dv < IPSEC_DURATION_SECONDS1 || |
1337 | dv > IPSEC_DURATION_KILOBYTES2; |
1338 | case IPSEC_ATTR_SA_LIFE_DURATION2: |
1339 | return len != 2 && len != 4; |
1340 | case IPSEC_ATTR_GROUP_DESCRIPTION3: |
1341 | return (dv < IKE_GROUP_DESC_MODP_7681 || |
1342 | dv > IKE_GROUP_DESC_MODP_15365) && |
1343 | (dv < IKE_GROUP_DESC_MODP_204814 || |
1344 | dv > IKE_GROUP_DESC_ECP_52121) && |
1345 | (dv < IKE_GROUP_DESC_ECP_19225 || |
1346 | dv > IKE_GROUP_DESC_BP_51230); |
1347 | case IPSEC_ATTR_ENCAPSULATION_MODE4: |
1348 | return dv != IPSEC_ENCAP_TUNNEL1 && |
1349 | dv != IPSEC_ENCAP_TRANSPORT2 && |
1350 | dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL3 && |
1351 | dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 && |
1352 | dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL_DRAFT61443 && |
1353 | dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444; |
1354 | case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5: |
1355 | return dv < IPSEC_AUTH_HMAC_MD51 || |
1356 | dv > IPSEC_AUTH_HMAC_RIPEMD8; |
1357 | case IPSEC_ATTR_KEY_LENGTH6: |
1358 | /* |
1359 | * XXX Blowfish needs '0'. Others appear to disregard |
1360 | * this attr? |
1361 | */ |
1362 | return 0; |
1363 | case IPSEC_ATTR_KEY_ROUNDS7: |
1364 | return 1; |
1365 | case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8: |
1366 | return 1; |
1367 | case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9: |
1368 | return 1; |
1369 | case IPSEC_ATTR_ECN_TUNNEL10: |
1370 | return 1; |
1371 | } |
1372 | } |
1373 | /* XXX Silence gcc. */ |
1374 | return 1; |
1375 | } |
1376 | |
1377 | /* |
1378 | * Log the attribute of TYPE with a LEN length value pointed to by VALUE |
1379 | * in human-readable form. VMSG is a pointer to the current message. |
1380 | */ |
1381 | int |
1382 | ipsec_debug_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, |
1383 | void *vmsg) |
1384 | { |
1385 | struct message *msg = vmsg; |
1386 | char val[20]; |
1387 | |
1388 | /* XXX Transient solution. */ |
1389 | if (len == 2) |
1390 | snprintf(val, sizeof val, "%d", decode_16(value)); |
1391 | else if (len == 4) |
1392 | snprintf(val, sizeof val, "%d", decode_32(value)); |
1393 | else |
1394 | snprintf(val, sizeof val, "unrepresentable"); |
1395 | |
1396 | LOG_DBG((LOG_MESSAGE, 50, "Attribute %s value %s",log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val) |
1397 | constant_name(msg->exchange->phase == 1 ? ike_attr_cst :log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val) |
1398 | ipsec_attr_cst, type), val))log_debug (LOG_MESSAGE, 50, "Attribute %s value %s", constant_name (msg->exchange->phase == 1 ? ike_attr_cst : ipsec_attr_cst , type), val); |
1399 | return 0; |
1400 | } |
1401 | |
1402 | /* |
1403 | * Decode the attribute of type TYPE with a LEN length value pointed to by |
1404 | * VALUE. VIDA is a pointer to a context structure where we can find the |
1405 | * current message, SA and protocol. |
1406 | */ |
1407 | int |
1408 | ipsec_decode_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, |
1409 | void *vida) |
1410 | { |
1411 | struct ipsec_decode_arg *ida = vida; |
1412 | struct message *msg = ida->msg; |
1413 | struct sa *sa = ida->sa; |
1414 | struct ipsec_sa *isa = sa->data; |
1415 | struct proto *proto = ida->proto; |
1416 | struct ipsec_proto *iproto = proto->data; |
1417 | struct exchange *exchange = msg->exchange; |
1418 | struct ipsec_exch *ie = exchange->data; |
1419 | static int lifetype = 0; |
1420 | |
1421 | if (exchange->phase == 1) { |
1422 | switch (type) { |
1423 | case IKE_ATTR_ENCRYPTION_ALGORITHM1: |
1424 | /* XXX Errors possible? */ |
1425 | exchange->crypto = crypto_get(from_ike_crypto( |
1426 | decode_16(value))); |
1427 | break; |
1428 | case IKE_ATTR_HASH_ALGORITHM2: |
1429 | /* XXX Errors possible? */ |
1430 | ie->hash = hash_get(from_ike_hash(decode_16(value))); |
1431 | break; |
1432 | case IKE_ATTR_AUTHENTICATION_METHOD3: |
1433 | /* XXX Errors possible? */ |
1434 | ie->ike_auth = ike_auth_get(decode_16(value)); |
1435 | break; |
1436 | case IKE_ATTR_GROUP_DESCRIPTION4: |
1437 | isa->group_desc = decode_16(value); |
1438 | break; |
1439 | case IKE_ATTR_GROUP_TYPE5: |
1440 | break; |
1441 | case IKE_ATTR_GROUP_PRIME6: |
1442 | break; |
1443 | case IKE_ATTR_GROUP_GENERATOR_17: |
1444 | break; |
1445 | case IKE_ATTR_GROUP_GENERATOR_28: |
1446 | break; |
1447 | case IKE_ATTR_GROUP_CURVE_A9: |
1448 | break; |
1449 | case IKE_ATTR_GROUP_CURVE_B10: |
1450 | break; |
1451 | case IKE_ATTR_LIFE_TYPE11: |
1452 | lifetype = decode_16(value); |
1453 | return 0; |
1454 | case IKE_ATTR_LIFE_DURATION12: |
1455 | switch (lifetype) { |
1456 | case IKE_DURATION_SECONDS1: |
1457 | switch (len) { |
1458 | case 2: |
1459 | sa->seconds = decode_16(value); |
1460 | break; |
1461 | case 4: |
1462 | sa->seconds = decode_32(value); |
1463 | break; |
1464 | default: |
1465 | log_print("ipsec_decode_attribute: " |
1466 | "unreasonable lifetime"); |
1467 | } |
1468 | break; |
1469 | case IKE_DURATION_KILOBYTES2: |
1470 | switch (len) { |
1471 | case 2: |
1472 | sa->kilobytes = decode_16(value); |
1473 | break; |
1474 | case 4: |
1475 | sa->kilobytes = decode_32(value); |
1476 | break; |
1477 | default: |
1478 | log_print("ipsec_decode_attribute: " |
1479 | "unreasonable lifetime"); |
1480 | } |
1481 | break; |
1482 | default: |
1483 | log_print("ipsec_decode_attribute: unknown " |
1484 | "lifetime type"); |
1485 | } |
1486 | break; |
1487 | case IKE_ATTR_PRF13: |
1488 | break; |
1489 | case IKE_ATTR_KEY_LENGTH14: |
1490 | exchange->key_length = decode_16(value) / 8; |
1491 | break; |
1492 | case IKE_ATTR_FIELD_SIZE15: |
1493 | break; |
1494 | case IKE_ATTR_GROUP_ORDER16: |
1495 | break; |
1496 | } |
1497 | } else { |
1498 | switch (type) { |
1499 | case IPSEC_ATTR_SA_LIFE_TYPE1: |
1500 | lifetype = decode_16(value); |
1501 | return 0; |
1502 | case IPSEC_ATTR_SA_LIFE_DURATION2: |
1503 | switch (lifetype) { |
1504 | case IPSEC_DURATION_SECONDS1: |
1505 | switch (len) { |
1506 | case 2: |
1507 | sa->seconds = decode_16(value); |
1508 | break; |
1509 | case 4: |
1510 | sa->seconds = decode_32(value); |
1511 | break; |
1512 | default: |
1513 | log_print("ipsec_decode_attribute: " |
1514 | "unreasonable lifetime"); |
1515 | } |
1516 | break; |
1517 | case IPSEC_DURATION_KILOBYTES2: |
1518 | switch (len) { |
1519 | case 2: |
1520 | sa->kilobytes = decode_16(value); |
1521 | break; |
1522 | case 4: |
1523 | sa->kilobytes = decode_32(value); |
1524 | break; |
1525 | default: |
1526 | log_print("ipsec_decode_attribute: " |
1527 | "unreasonable lifetime"); |
1528 | } |
1529 | break; |
1530 | default: |
1531 | log_print("ipsec_decode_attribute: unknown " |
1532 | "lifetime type"); |
1533 | } |
1534 | break; |
1535 | case IPSEC_ATTR_GROUP_DESCRIPTION3: |
1536 | isa->group_desc = decode_16(value); |
1537 | break; |
1538 | case IPSEC_ATTR_ENCAPSULATION_MODE4: |
1539 | /* |
1540 | * XXX Multiple protocols must have same |
1541 | * encapsulation mode, no? |
1542 | */ |
1543 | iproto->encap_mode = decode_16(value); |
1544 | break; |
1545 | case IPSEC_ATTR_AUTHENTICATION_ALGORITHM5: |
1546 | iproto->auth = decode_16(value); |
1547 | break; |
1548 | case IPSEC_ATTR_KEY_LENGTH6: |
1549 | iproto->keylen = decode_16(value); |
1550 | break; |
1551 | case IPSEC_ATTR_KEY_ROUNDS7: |
1552 | iproto->keyrounds = decode_16(value); |
1553 | break; |
1554 | case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE8: |
1555 | break; |
1556 | case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM9: |
1557 | break; |
1558 | case IPSEC_ATTR_ECN_TUNNEL10: |
1559 | break; |
1560 | } |
1561 | } |
1562 | lifetype = 0; |
1563 | return 0; |
1564 | } |
1565 | |
1566 | /* |
1567 | * Walk over the attributes of the transform payload found in BUF, and |
1568 | * fill out the fields of the SA attached to MSG. Also mark the SA as |
1569 | * processed. |
1570 | */ |
1571 | void |
1572 | ipsec_decode_transform(struct message *msg, struct sa *sa, struct proto *proto, |
1573 | u_int8_t *buf) |
1574 | { |
1575 | struct ipsec_exch *ie = msg->exchange->data; |
1576 | struct ipsec_decode_arg ida; |
1577 | |
1578 | LOG_DBG((LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen",log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf)) |
1579 | GET_ISAKMP_TRANSFORM_NO(buf)))log_debug (LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen" , field_get_num (isakmp_transform_fld + 0, buf)); |
1580 | |
1581 | ida.msg = msg; |
1582 | ida.sa = sa; |
1583 | ida.proto = proto; |
1584 | |
1585 | /* The default IKE lifetime is 8 hours. */ |
1586 | if (sa->phase == 1) |
1587 | sa->seconds = 28800; |
1588 | |
1589 | /* Extract the attributes and stuff them into the SA. */ |
1590 | attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF8, |
1591 | GET_ISAKMP_GEN_LENGTH(buf)field_get_num (isakmp_gen_fld + 2, buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF8, |
1592 | ipsec_decode_attribute, &ida); |
1593 | |
1594 | /* |
1595 | * If no pseudo-random function was negotiated, it's HMAC. |
1596 | * XXX As PRF_HMAC currently is zero, this is a no-op. |
1597 | */ |
1598 | if (!ie->prf_type) |
1599 | ie->prf_type = PRF_HMAC; |
1600 | } |
1601 | |
1602 | /* |
1603 | * Delete the IPsec SA represented by the INCOMING direction in protocol PROTO |
1604 | * of the IKE security association SA. |
1605 | */ |
1606 | static void |
1607 | ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming) |
1608 | { |
1609 | struct sa *new_sa; |
1610 | struct ipsec_proto *iproto; |
1611 | |
1612 | if (sa->phase == 1) |
1613 | return; |
1614 | |
1615 | iproto = proto->data; |
1616 | /* |
1617 | * If the SA is using UDP encap and it replaced other SA, |
1618 | * enable the other SA to keep the flow for the other SAs. |
1619 | */ |
1620 | if ((iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT4 || |
1621 | iproto->encap_mode == IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT61444) && |
1622 | (sa->flags & SA_FLAG_REPLACED0x08) == 0 && |
1623 | (new_sa = sa_find(ipsec_sa_check_flow_any, sa)) != NULL((void *)0) && |
1624 | new_sa->flags & SA_FLAG_REPLACED0x08) |
1625 | sa_replace(sa, new_sa); |
1626 | |
1627 | /* |
1628 | * If the SA was not replaced and was not one acquired through the |
1629 | * kernel (ACQUIRE message), remove the flow associated with it. |
1630 | * We ignore any errors from the disabling of the flow. |
1631 | */ |
1632 | if (sa->flags & SA_FLAG_READY0x01 && !(sa->flags & SA_FLAG_ONDEMAND0x04 || |
1633 | sa->flags & SA_FLAG_REPLACED0x08 || sa->flags & SA_FLAG_IFACE0x400 || |
1634 | acquire_only || |
1635 | conf_get_str("General", "Acquire-Only"))) |
1636 | pf_key_v2_disable_sa(sa, incoming); |
1637 | |
1638 | /* XXX Error handling? Is it interesting? */ |
1639 | pf_key_v2_delete_spi(sa, proto, incoming); |
1640 | } |
1641 | |
1642 | /* |
1643 | * Store BUF into the g^x entry of the exchange that message MSG belongs to. |
1644 | * PEER is non-zero when the value is our peer's, and zero when it is ours. |
1645 | */ |
1646 | static int |
1647 | ipsec_g_x(struct message *msg, int peer, u_int8_t *buf) |
1648 | { |
1649 | struct exchange *exchange = msg->exchange; |
1650 | struct ipsec_exch *ie = exchange->data; |
1651 | u_int8_t **g_x; |
1652 | int initiator = exchange->initiator ^ peer; |
1653 | char header[32]; |
1654 | |
1655 | g_x = initiator ? &ie->g_xi : &ie->g_xr; |
1656 | *g_x = malloc(ie->g_x_len); |
1657 | if (!*g_x) { |
1658 | log_error("ipsec_g_x: malloc (%lu) failed", |
1659 | (unsigned long)ie->g_x_len); |
1660 | return -1; |
1661 | } |
1662 | memcpy(*g_x, buf, ie->g_x_len); |
1663 | snprintf(header, sizeof header, "ipsec_g_x: g^x%c", |
1664 | initiator ? 'i' : 'r'); |
1665 | LOG_DBG_BUF((LOG_MISC, 80, header, *g_x, ie->g_x_len))log_debug_buf (LOG_MISC, 80, header, *g_x, ie->g_x_len); |
1666 | return 0; |
1667 | } |
1668 | |
1669 | /* Generate our DH value. */ |
1670 | int |
1671 | ipsec_gen_g_x(struct message *msg) |
1672 | { |
1673 | struct exchange *exchange = msg->exchange; |
1674 | struct ipsec_exch *ie = exchange->data; |
1675 | u_int8_t *buf; |
1676 | |
1677 | buf = malloc(ISAKMP_KE_SZ4 + ie->g_x_len); |
1678 | if (!buf) { |
1679 | log_error("ipsec_gen_g_x: malloc (%lu) failed", |
1680 | ISAKMP_KE_SZ4 + (unsigned long)ie->g_x_len); |
1681 | return -1; |
1682 | } |
1683 | if (message_add_payload(msg, ISAKMP_PAYLOAD_KEY_EXCH4, buf, |
1684 | ISAKMP_KE_SZ4 + ie->g_x_len, 1)) { |
1685 | free(buf); |
1686 | return -1; |
1687 | } |
1688 | if (dh_create_exchange(ie->group, buf + ISAKMP_KE_DATA_OFF4)) { |
1689 | log_print("ipsec_gen_g_x: dh_create_exchange failed"); |
1690 | free(buf); |
1691 | return -1; |
1692 | } |
1693 | return ipsec_g_x(msg, 0, buf + ISAKMP_KE_DATA_OFF4); |
1694 | } |
1695 | |
1696 | /* Save the peer's DH value. */ |
1697 | int |
1698 | ipsec_save_g_x(struct message *msg) |
1699 | { |
1700 | struct exchange *exchange = msg->exchange; |
1701 | struct ipsec_exch *ie = exchange->data; |
1702 | struct payload *kep; |
1703 | |
1704 | kep = payload_first(msg, ISAKMP_PAYLOAD_KEY_EXCH4); |
1705 | kep->flags |= PL_MARK1; |
1706 | ie->g_x_len = GET_ISAKMP_GEN_LENGTH(kep->p)field_get_num (isakmp_gen_fld + 2, kep->p) - ISAKMP_KE_DATA_OFF4; |
1707 | |
1708 | /* Check that the given length matches the group's expectancy. */ |
1709 | if (ie->g_x_len != (size_t) dh_getlen(ie->group)) { |
1710 | /* XXX Is this a good notify type? */ |
1711 | message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED16, 0, 1, 0); |
1712 | return -1; |
1713 | } |
1714 | return ipsec_g_x(msg, 1, kep->p + ISAKMP_KE_DATA_OFF4); |
1715 | } |
1716 | |
1717 | /* |
1718 | * Get a SPI for PROTO and the transport MSG passed over. Store the |
1719 | * size where SZ points. NB! A zero return is OK if *SZ is zero. |
1720 | */ |
1721 | static u_int8_t * |
1722 | ipsec_get_spi(size_t *sz, u_int8_t proto, struct message *msg) |
1723 | { |
1724 | struct sockaddr *dst, *src; |
1725 | struct transport *transport = msg->transport; |
1726 | |
1727 | if (msg->exchange->phase == 1) { |
1728 | *sz = 0; |
1729 | return 0; |
1730 | } else { |
1731 | /* We are the destination in the SA we want a SPI for. */ |
1732 | transport->vtbl->get_src(transport, &dst); |
1733 | /* The peer is the source. */ |
1734 | transport->vtbl->get_dst(transport, &src); |
1735 | return pf_key_v2_get_spi(sz, proto, src, dst, |
1736 | msg->exchange->seq); |
1737 | } |
1738 | } |
1739 | |
1740 | /* |
1741 | * We have gotten a payload PAYLOAD of type TYPE, which did not get handled |
1742 | * by the logic of the exchange MSG takes part in. Now is the time to deal |
1743 | * with such a payload if we know how to, if we don't, return -1, otherwise |
1744 | * 0. |
1745 | */ |
1746 | int |
1747 | ipsec_handle_leftover_payload(struct message *msg, u_int8_t type, |
1748 | struct payload *payload) |
1749 | { |
1750 | u_int32_t spisz, nspis; |
1751 | struct sockaddr *dst; |
1752 | int reenter = 0; |
1753 | u_int8_t *spis, proto; |
1754 | struct sa *sa; |
1755 | |
1756 | switch (type) { |
1757 | case ISAKMP_PAYLOAD_DELETE12: |
1758 | proto = GET_ISAKMP_DELETE_PROTO(payload->p)field_get_num (isakmp_delete_fld + 1, payload->p); |
1759 | nspis = GET_ISAKMP_DELETE_NSPIS(payload->p)field_get_num (isakmp_delete_fld + 3, payload->p); |
1760 | spisz = GET_ISAKMP_DELETE_SPI_SZ(payload->p)field_get_num (isakmp_delete_fld + 2, payload->p); |
1761 | |
1762 | if (nspis == 0) { |
1763 | LOG_DBG((LOG_SA, 60, "ipsec_handle_leftover_payload: "log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" ) |
1764 | "message specified zero SPIs, ignoring"))log_debug (LOG_SA, 60, "ipsec_handle_leftover_payload: " "message specified zero SPIs, ignoring" ); |
1765 | return -1; |
1766 | } |
1767 | /* verify proper SPI size */ |
1768 | if ((proto == ISAKMP_PROTO_ISAKMP1 && |
1769 | spisz != ISAKMP_HDR_COOKIES_LEN(8 + 8)) || |
1770 | (proto != ISAKMP_PROTO_ISAKMP1 && spisz != sizeof(u_int32_t))) { |
1771 | log_print("ipsec_handle_leftover_payload: invalid SPI " |
1772 | "size %d for proto %d in DELETE payload", |
1773 | spisz, proto); |
1774 | return -1; |
1775 | } |
1776 | spis = calloc(nspis, spisz); |
1777 | if (!spis) { |
1778 | log_error("ipsec_handle_leftover_payload: malloc " |
1779 | "(%d) failed", nspis * spisz); |
1780 | return -1; |
1781 | } |
1782 | /* extract SPI and get dst address */ |
1783 | memcpy(spis, payload->p + ISAKMP_DELETE_SPI_OFF12, nspis * spisz); |
1784 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
1785 | |
1786 | ipsec_delete_spi_list(dst, proto, spis, nspis, "DELETE"); |
1787 | |
1788 | free(spis); |
1789 | payload->flags |= PL_MARK1; |
1790 | return 0; |
1791 | |
1792 | case ISAKMP_PAYLOAD_NOTIFY11: |
1793 | switch (GET_ISAKMP_NOTIFY_MSG_TYPE(payload->p)field_get_num (isakmp_notify_fld + 3, payload->p)) { |
1794 | case IPSEC_NOTIFY_INITIAL_CONTACT24578: |
1795 | /* |
1796 | * Permit INITIAL-CONTACT if |
1797 | * - this is not an AGGRESSIVE mode exchange |
1798 | * - it is protected by an ISAKMP SA |
1799 | * |
1800 | * XXX Instead of the first condition above, we could |
1801 | * XXX permit this only for phase 2. In the last |
1802 | * XXX packet of main-mode, this payload, while |
1803 | * XXX encrypted, is not part of the hash digest. As |
1804 | * XXX we currently send our own INITIAL-CONTACTs at |
1805 | * XXX this point, this too would need to be changed. |
1806 | */ |
1807 | if (msg->exchange->type == ISAKMP_EXCH_AGGRESSIVE4) { |
1808 | log_print("ipsec_handle_leftover_payload: got " |
1809 | "INITIAL-CONTACT in AGGRESSIVE mode"); |
1810 | return -1; |
1811 | } |
1812 | if ((msg->exchange->flags & EXCHANGE_FLAG_ENCRYPT0x0004) |
1813 | == 0) { |
1814 | log_print("ipsec_handle_leftover_payload: got " |
1815 | "INITIAL-CONTACT without ISAKMP SA"); |
1816 | return -1; |
1817 | } |
1818 | |
1819 | if ((msg->flags & MSG_AUTHENTICATED0x10) == 0) { |
1820 | log_print("ipsec_handle_leftover_payload: " |
1821 | "got unauthenticated INITIAL-CONTACT"); |
1822 | return -1; |
1823 | } |
1824 | /* |
1825 | * Find out who is sending this and then delete every |
1826 | * SA that is ready. Exchanges will timeout |
1827 | * themselves and then the non-ready SAs will |
1828 | * disappear too. |
1829 | */ |
1830 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
1831 | while ((sa = sa_lookup_by_peer(dst, SA_LEN(dst)((dst)->sa_len), 0)) != 0) { |
1832 | /* |
1833 | * Don't delete the current SA -- we received |
1834 | * the notification over it, so it's obviously |
1835 | * still active. We temporarily need to remove |
1836 | * the SA from the list to avoid an endless |
1837 | * loop, but keep a reference so it won't |
1838 | * disappear meanwhile. |
1839 | */ |
1840 | if (sa == msg->isakmp_sa) { |
1841 | sa_reference(sa); |
1842 | sa_remove(sa); |
1843 | reenter = 1; |
1844 | continue; |
1845 | } |
1846 | LOG_DBG((LOG_SA, 30,log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1847 | "ipsec_handle_leftover_payload: "log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1848 | "INITIAL-CONTACT made us delete SA %p",log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa) |
1849 | sa))log_debug (LOG_SA, 30, "ipsec_handle_leftover_payload: " "INITIAL-CONTACT made us delete SA %p" , sa); |
1850 | sa_delete(sa, 0); |
1851 | } |
1852 | |
1853 | if (reenter) { |
1854 | sa_enter(msg->isakmp_sa); |
1855 | sa_release(msg->isakmp_sa); |
1856 | } |
1857 | payload->flags |= PL_MARK1; |
1858 | return 0; |
1859 | } |
1860 | } |
1861 | return -1; |
1862 | } |
1863 | |
1864 | /* Return the encryption keylength in octets of the ESP protocol PROTO. */ |
1865 | int |
1866 | ipsec_esp_enckeylength(struct proto *proto) |
1867 | { |
1868 | struct ipsec_proto *iproto = proto->data; |
1869 | |
1870 | /* Compute the keylength to use. */ |
1871 | switch (proto->id) { |
1872 | case IPSEC_ESP_3DES3: |
1873 | return 24; |
1874 | case IPSEC_ESP_CAST6: |
1875 | if (!iproto->keylen) |
1876 | return 16; |
1877 | return iproto->keylen / 8; |
1878 | case IPSEC_ESP_AES_CTR13: |
1879 | case IPSEC_ESP_AES_GCM_1620: |
1880 | case IPSEC_ESP_AES_GMAC23: |
1881 | if (!iproto->keylen) |
1882 | return 20; |
1883 | return iproto->keylen / 8 + 4; |
1884 | case IPSEC_ESP_AES12: |
1885 | if (!iproto->keylen) |
1886 | return 16; |
1887 | /* FALLTHROUGH */ |
1888 | default: |
1889 | return iproto->keylen / 8; |
1890 | } |
1891 | } |
1892 | |
1893 | /* Return the authentication keylength in octets of the ESP protocol PROTO. */ |
1894 | int |
1895 | ipsec_esp_authkeylength(struct proto *proto) |
1896 | { |
1897 | struct ipsec_proto *iproto = proto->data; |
1898 | |
1899 | switch (iproto->auth) { |
1900 | case IPSEC_AUTH_HMAC_MD51: |
1901 | return 16; |
1902 | case IPSEC_AUTH_HMAC_SHA2: |
1903 | case IPSEC_AUTH_HMAC_RIPEMD8: |
1904 | return 20; |
1905 | case IPSEC_AUTH_HMAC_SHA2_2565: |
1906 | return 32; |
1907 | case IPSEC_AUTH_HMAC_SHA2_3846: |
1908 | return 48; |
1909 | case IPSEC_AUTH_HMAC_SHA2_5127: |
1910 | return 64; |
1911 | default: |
1912 | return 0; |
1913 | } |
1914 | } |
1915 | |
1916 | /* Return the authentication keylength in octets of the AH protocol PROTO. */ |
1917 | int |
1918 | ipsec_ah_keylength(struct proto *proto) |
1919 | { |
1920 | switch (proto->id) { |
1921 | case IPSEC_AH_MD52: |
1922 | return 16; |
1923 | case IPSEC_AH_SHA3: |
1924 | case IPSEC_AH_RIPEMD8: |
1925 | return 20; |
1926 | case IPSEC_AH_SHA2_2565: |
1927 | return 32; |
1928 | case IPSEC_AH_SHA2_3846: |
1929 | return 48; |
1930 | case IPSEC_AH_SHA2_5127: |
1931 | return 64; |
1932 | default: |
1933 | return -1; |
1934 | } |
1935 | } |
1936 | |
1937 | /* Return the total keymaterial length of the protocol PROTO. */ |
1938 | int |
1939 | ipsec_keymat_length(struct proto *proto) |
1940 | { |
1941 | switch (proto->proto) { |
1942 | case IPSEC_PROTO_IPSEC_ESP3: |
1943 | return ipsec_esp_enckeylength(proto) |
1944 | + ipsec_esp_authkeylength(proto); |
1945 | case IPSEC_PROTO_IPSEC_AH2: |
1946 | return ipsec_ah_keylength(proto); |
1947 | default: |
1948 | return -1; |
1949 | } |
1950 | } |
1951 | |
1952 | /* Helper function for ipsec_get_id(). */ |
1953 | static int |
1954 | ipsec_get_proto_port(char *section, u_int8_t *tproto, u_int16_t *port) |
1955 | { |
1956 | struct protoent *pe = NULL((void *)0); |
1957 | struct servent *se; |
1958 | char *pstr; |
1959 | |
1960 | pstr = conf_get_str(section, "Protocol"); |
1961 | if (!pstr) { |
1962 | *tproto = 0; |
1963 | return 0; |
1964 | } |
1965 | *tproto = (u_int8_t)atoi(pstr); |
1966 | if (!*tproto) { |
1967 | pe = getprotobyname(pstr); |
1968 | if (pe) |
1969 | *tproto = pe->p_proto; |
1970 | } |
1971 | if (!*tproto) { |
1972 | log_print("ipsec_get_proto_port: protocol \"%s\" unknown", |
1973 | pstr); |
1974 | return -1; |
1975 | } |
1976 | |
1977 | pstr = conf_get_str(section, "Port"); |
1978 | if (!pstr) |
1979 | return 0; |
1980 | *port = (u_int16_t)atoi(pstr); |
1981 | if (!*port) { |
1982 | se = getservbyname(pstr, |
1983 | pe ? pe->p_name : (pstr ? pstr : NULL((void *)0))); |
1984 | if (se) |
1985 | *port = ntohs(se->s_port)(__uint16_t)(__builtin_constant_p(se->s_port) ? (__uint16_t )(((__uint16_t)(se->s_port) & 0xffU) << 8 | ((__uint16_t )(se->s_port) & 0xff00U) >> 8) : __swap16md(se-> s_port)); |
1986 | } |
1987 | if (!*port) { |
1988 | log_print("ipsec_get_proto_port: port \"%s\" unknown", |
1989 | pstr); |
1990 | return -1; |
1991 | } |
1992 | return 0; |
1993 | } |
1994 | |
1995 | /* |
1996 | * Out of a named section SECTION in the configuration file find out |
1997 | * the network address and mask as well as the ID type. Put the info |
1998 | * in the areas pointed to by ADDR, MASK, TPROTO, PORT, and ID respectively. |
1999 | * Return 0 on success and -1 on failure. |
2000 | */ |
2001 | int |
2002 | ipsec_get_id(char *section, int *id, struct sockaddr **addr, |
2003 | struct sockaddr **mask, u_int8_t *tproto, u_int16_t *port) |
2004 | { |
2005 | char *type, *address, *netmask; |
2006 | sa_family_t af = 0; |
2007 | |
2008 | type = conf_get_str(section, "ID-type"); |
2009 | if (!type) { |
2010 | log_print("ipsec_get_id: section %s has no \"ID-type\" tag", |
2011 | section); |
2012 | return -1; |
2013 | } |
2014 | *id = constant_value(ipsec_id_cst, type); |
2015 | switch (*id) { |
2016 | case IPSEC_ID_IPV4_ADDR1: |
2017 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2018 | af = AF_INET2; |
2019 | break; |
2020 | case IPSEC_ID_IPV6_ADDR5: |
2021 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
2022 | af = AF_INET624; |
2023 | break; |
2024 | } |
2025 | switch (*id) { |
2026 | case IPSEC_ID_IPV4_ADDR1: |
2027 | case IPSEC_ID_IPV6_ADDR5: { |
2028 | int ret; |
2029 | |
2030 | address = conf_get_str(section, "Address"); |
2031 | if (!address) { |
2032 | log_print("ipsec_get_id: section %s has no " |
2033 | "\"Address\" tag", section); |
2034 | return -1; |
2035 | } |
2036 | if (text2sockaddr(address, NULL((void *)0), addr, af, 0)) { |
2037 | log_print("ipsec_get_id: invalid address %s in " |
2038 | "section %s", address, section); |
2039 | return -1; |
2040 | } |
2041 | ret = ipsec_get_proto_port(section, tproto, port); |
2042 | if (ret < 0) |
2043 | free(*addr); |
2044 | |
2045 | return ret; |
2046 | } |
2047 | |
2048 | #ifdef notyet |
2049 | case IPSEC_ID_FQDN2: |
2050 | return -1; |
2051 | |
2052 | case IPSEC_ID_USER_FQDN3: |
2053 | return -1; |
2054 | #endif |
2055 | |
2056 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2057 | case IPSEC_ID_IPV6_ADDR_SUBNET6: { |
2058 | int ret; |
2059 | |
2060 | address = conf_get_str(section, "Network"); |
2061 | if (!address) { |
2062 | log_print("ipsec_get_id: section %s has no " |
2063 | "\"Network\" tag", section); |
2064 | return -1; |
2065 | } |
2066 | if (text2sockaddr(address, NULL((void *)0), addr, af, 0)) { |
2067 | log_print("ipsec_get_id: invalid section %s " |
2068 | "network %s", section, address); |
2069 | return -1; |
2070 | } |
2071 | netmask = conf_get_str(section, "Netmask"); |
2072 | if (!netmask) { |
2073 | log_print("ipsec_get_id: section %s has no " |
2074 | "\"Netmask\" tag", section); |
2075 | free(*addr); |
2076 | return -1; |
2077 | } |
2078 | if (text2sockaddr(netmask, NULL((void *)0), mask, af, 1)) { |
2079 | log_print("ipsec_get_id: invalid section %s " |
2080 | "network %s", section, netmask); |
2081 | free(*addr); |
2082 | return -1; |
2083 | } |
2084 | ret = ipsec_get_proto_port(section, tproto, port); |
2085 | if (ret < 0) { |
2086 | free(*mask); |
2087 | free(*addr); |
2088 | } |
2089 | return ret; |
2090 | } |
2091 | |
2092 | #ifdef notyet |
2093 | case IPSEC_ID_IPV4_RANGE7: |
2094 | return -1; |
2095 | |
2096 | case IPSEC_ID_IPV6_RANGE8: |
2097 | return -1; |
2098 | |
2099 | case IPSEC_ID_DER_ASN1_DN9: |
2100 | return -1; |
2101 | |
2102 | case IPSEC_ID_DER_ASN1_GN10: |
2103 | return -1; |
2104 | |
2105 | case IPSEC_ID_KEY_ID11: |
2106 | return -1; |
2107 | #endif |
2108 | |
2109 | default: |
2110 | log_print("ipsec_get_id: unknown ID type \"%s\" in " |
2111 | "section %s", type, section); |
2112 | return -1; |
2113 | } |
2114 | |
2115 | return 0; |
2116 | } |
2117 | |
2118 | /* |
2119 | * XXX I rather want this function to return a status code, and fail if |
2120 | * we cannot fit the information in the supplied buffer. |
2121 | */ |
2122 | static void |
2123 | ipsec_decode_id(char *buf, size_t size, u_int8_t *id, size_t id_len, |
2124 | int isakmpform) |
2125 | { |
2126 | int id_type; |
2127 | char *addr = 0, *mask = 0; |
2128 | |
2129 | if (id) { |
2130 | if (!isakmpform) { |
2131 | /* |
2132 | * Exchanges and SAs dont carry the IDs in ISAKMP |
2133 | * form. |
2134 | */ |
2135 | id -= ISAKMP_GEN_SZ4; |
2136 | id_len += ISAKMP_GEN_SZ4; |
2137 | } |
2138 | id_type = GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id); |
2139 | switch (id_type) { |
2140 | case IPSEC_ID_IPV4_ADDR1: |
2141 | util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2142 | snprintf(buf, size, "%s", addr); |
2143 | break; |
2144 | |
2145 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2146 | util_ntoa(&addr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2147 | util_ntoa(&mask, AF_INET2, id + ISAKMP_ID_DATA_OFF8 + 4); |
2148 | snprintf(buf, size, "%s/%s", addr, mask); |
2149 | break; |
2150 | |
2151 | case IPSEC_ID_IPV6_ADDR5: |
2152 | util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2153 | snprintf(buf, size, "%s", addr); |
2154 | break; |
2155 | |
2156 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
2157 | util_ntoa(&addr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2158 | util_ntoa(&mask, AF_INET624, id + ISAKMP_ID_DATA_OFF8 + |
2159 | sizeof(struct in6_addr)); |
2160 | snprintf(buf, size, "%s/%s", addr, mask); |
2161 | break; |
2162 | |
2163 | case IPSEC_ID_FQDN2: |
2164 | case IPSEC_ID_USER_FQDN3: |
2165 | /* String is not NUL terminated, be careful */ |
2166 | id_len -= ISAKMP_ID_DATA_OFF8; |
2167 | id_len = MINIMUM(id_len, size - 1)(((id_len) < (size - 1)) ? (id_len) : (size - 1)); |
2168 | memcpy(buf, id + ISAKMP_ID_DATA_OFF8, id_len); |
2169 | buf[id_len] = '\0'; |
2170 | break; |
2171 | |
2172 | case IPSEC_ID_DER_ASN1_DN9: |
2173 | addr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8, |
2174 | id_len - ISAKMP_ID_DATA_OFF8); |
2175 | if (!addr) { |
2176 | snprintf(buf, size, "unparsable ASN1 DN ID"); |
2177 | return; |
2178 | } |
2179 | strlcpy(buf, addr, size); |
2180 | break; |
2181 | |
2182 | default: |
2183 | snprintf(buf, size, "<id type unknown: %x>", id_type); |
2184 | break; |
2185 | } |
2186 | } else |
2187 | snprintf(buf, size, "<no ipsec id>"); |
2188 | free(addr); |
2189 | free(mask); |
2190 | } |
2191 | |
2192 | char * |
2193 | ipsec_decode_ids(char *fmt, u_int8_t *id1, size_t id1_len, u_int8_t *id2, |
2194 | size_t id2_len, int isakmpform) |
2195 | { |
2196 | static char result[1024]; |
2197 | char s_id1[256], s_id2[256]; |
2198 | |
2199 | ipsec_decode_id(s_id1, sizeof s_id1, id1, id1_len, isakmpform); |
2200 | ipsec_decode_id(s_id2, sizeof s_id2, id2, id2_len, isakmpform); |
2201 | |
2202 | snprintf(result, sizeof result, fmt, s_id1, s_id2); |
2203 | return result; |
2204 | } |
2205 | |
2206 | /* |
2207 | * Out of a named section SECTION in the configuration file build an |
2208 | * ISAKMP ID payload. Ths payload size should be stashed in SZ. |
2209 | * The caller is responsible for freeing the payload. |
2210 | */ |
2211 | u_int8_t * |
2212 | ipsec_build_id(char *section, size_t *sz) |
2213 | { |
2214 | struct sockaddr *addr, *mask; |
2215 | u_int8_t *p; |
2216 | int id, subnet = 0; |
2217 | u_int8_t tproto = 0; |
2218 | u_int16_t port = 0; |
2219 | |
2220 | if (ipsec_get_id(section, &id, &addr, &mask, &tproto, &port)) |
2221 | return 0; |
2222 | |
2223 | if (id == IPSEC_ID_IPV4_ADDR_SUBNET4 || id == IPSEC_ID_IPV6_ADDR_SUBNET6) |
2224 | subnet = 1; |
2225 | |
2226 | *sz = ISAKMP_ID_SZ8 + sockaddr_addrlen(addr); |
2227 | if (subnet) |
2228 | *sz += sockaddr_addrlen(mask); |
2229 | |
2230 | p = malloc(*sz); |
2231 | if (!p) { |
2232 | log_print("ipsec_build_id: malloc(%lu) failed", |
2233 | (unsigned long)*sz); |
2234 | if (subnet) |
2235 | free(mask); |
2236 | free(addr); |
2237 | return 0; |
2238 | } |
2239 | SET_ISAKMP_ID_TYPE(p, id)field_set_num (isakmp_id_fld + 0, p, id); |
2240 | SET_ISAKMP_ID_DOI_DATA(p, (unsigned char *)"\000\000\000")field_set_raw (isakmp_id_fld + 1, p, (unsigned char *)"\000\000\000" ); |
2241 | |
2242 | memcpy(p + ISAKMP_ID_DATA_OFF8, sockaddr_addrdata(addr), |
2243 | sockaddr_addrlen(addr)); |
2244 | if (subnet) |
2245 | memcpy(p + ISAKMP_ID_DATA_OFF8 + sockaddr_addrlen(addr), |
2246 | sockaddr_addrdata(mask), sockaddr_addrlen(mask)); |
2247 | |
2248 | SET_IPSEC_ID_PROTO(p + ISAKMP_ID_DOI_DATA_OFF, tproto)field_set_num (ipsec_id_fld + 0, p + 5, tproto); |
2249 | SET_IPSEC_ID_PORT(p + ISAKMP_ID_DOI_DATA_OFF, port)field_set_num (ipsec_id_fld + 1, p + 5, port); |
2250 | |
2251 | if (subnet) |
2252 | free(mask); |
2253 | free(addr); |
2254 | return p; |
2255 | } |
2256 | |
2257 | /* |
2258 | * copy an ISAKMPD id |
2259 | */ |
2260 | int |
2261 | ipsec_clone_id(u_int8_t **did, size_t *did_len, u_int8_t *id, size_t id_len) |
2262 | { |
2263 | free(*did); |
2264 | |
2265 | if (!id_len || !id) { |
2266 | *did = 0; |
2267 | *did_len = 0; |
2268 | return 0; |
2269 | } |
2270 | *did = malloc(id_len); |
2271 | if (!*did) { |
2272 | *did_len = 0; |
2273 | log_error("ipsec_clone_id: malloc(%lu) failed", |
2274 | (unsigned long)id_len); |
2275 | return -1; |
2276 | } |
2277 | *did_len = id_len; |
2278 | memcpy(*did, id, id_len); |
2279 | |
2280 | return 0; |
2281 | } |
2282 | |
2283 | /* |
2284 | * IPsec-specific PROTO initializations. SECTION is only set if we are the |
2285 | * initiator thus only usable there. |
2286 | * XXX I want to fix this later. |
2287 | */ |
2288 | void |
2289 | ipsec_proto_init(struct proto *proto, char *section) |
2290 | { |
2291 | struct ipsec_proto *iproto = proto->data; |
2292 | |
2293 | if (proto->sa->phase == 2) |
2294 | iproto->replay_window = section ? conf_get_num(section, |
2295 | "ReplayWindow", DEFAULT_REPLAY_WINDOW16) : |
2296 | DEFAULT_REPLAY_WINDOW16; |
2297 | } |
2298 | |
2299 | /* |
2300 | * Add a notification payload of type INITIAL CONTACT to MSG if this is |
2301 | * the first contact we have made to our peer. |
2302 | */ |
2303 | int |
2304 | ipsec_initial_contact(struct message *msg) |
2305 | { |
2306 | u_int8_t *buf; |
2307 | |
2308 | if (ipsec_contacted(msg)) |
2309 | return 0; |
2310 | |
2311 | buf = malloc(ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2312 | if (!buf) { |
2313 | log_error("ike_phase_1_initial_contact: malloc (%d) failed", |
2314 | ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2315 | return -1; |
2316 | } |
2317 | SET_ISAKMP_NOTIFY_DOI(buf, IPSEC_DOI_IPSEC)field_set_num (isakmp_notify_fld + 0, buf, 1); |
2318 | SET_ISAKMP_NOTIFY_PROTO(buf, ISAKMP_PROTO_ISAKMP)field_set_num (isakmp_notify_fld + 1, buf, 1); |
2319 | SET_ISAKMP_NOTIFY_SPI_SZ(buf, ISAKMP_HDR_COOKIES_LEN)field_set_num (isakmp_notify_fld + 2, buf, (8 + 8)); |
2320 | SET_ISAKMP_NOTIFY_MSG_TYPE(buf, IPSEC_NOTIFY_INITIAL_CONTACT)field_set_num (isakmp_notify_fld + 3, buf, 24578); |
2321 | memcpy(buf + ISAKMP_NOTIFY_SPI_OFF12, msg->isakmp_sa->cookies, |
2322 | ISAKMP_HDR_COOKIES_LEN(8 + 8)); |
2323 | if (message_add_payload(msg, ISAKMP_PAYLOAD_NOTIFY11, buf, |
2324 | ISAKMP_NOTIFY_SZ12 + ISAKMP_HDR_COOKIES_LEN(8 + 8), 1)) { |
2325 | free(buf); |
2326 | return -1; |
2327 | } |
2328 | return ipsec_add_contact(msg); |
2329 | } |
2330 | |
2331 | /* |
2332 | * Compare the two contacts pointed to by A and B. Return negative if |
2333 | * *A < *B, 0 if they are equal, and positive if *A is the largest of them. |
2334 | */ |
2335 | static int |
2336 | addr_cmp(const void *a, const void *b) |
2337 | { |
2338 | const struct contact *x = a, *y = b; |
2339 | int minlen = MINIMUM(x->len, y->len)(((x->len) < (y->len)) ? (x->len) : (y->len)); |
2340 | int rv = memcmp(x->addr, y->addr, minlen); |
2341 | |
2342 | return rv ? rv : (x->len - y->len); |
2343 | } |
2344 | |
2345 | /* |
2346 | * Add the peer that MSG is bound to as an address we don't want to send |
2347 | * INITIAL CONTACT too from now on. Do not call this function with a |
2348 | * specific address duplicate times. We want fast lookup, speed of insertion |
2349 | * is unimportant, if this is to scale. |
2350 | */ |
2351 | static int |
2352 | ipsec_add_contact(struct message *msg) |
2353 | { |
2354 | struct contact *new_contacts; |
2355 | struct sockaddr *dst, *addr; |
2356 | int cnt; |
2357 | |
2358 | if (contact_cnt == contact_limit) { |
2359 | cnt = contact_limit ? 2 * contact_limit : 64; |
2360 | new_contacts = reallocarray(contacts, cnt, sizeof contacts[0]); |
2361 | if (!new_contacts) { |
2362 | log_error("ipsec_add_contact: " |
2363 | "realloc (%p, %lu) failed", contacts, |
2364 | cnt * (unsigned long) sizeof contacts[0]); |
2365 | return -1; |
2366 | } |
2367 | contact_limit = cnt; |
2368 | contacts = new_contacts; |
2369 | } |
2370 | msg->transport->vtbl->get_dst(msg->transport, &dst); |
2371 | addr = malloc(SA_LEN(dst)((dst)->sa_len)); |
2372 | if (!addr) { |
2373 | log_error("ipsec_add_contact: malloc (%lu) failed", |
2374 | (unsigned long)SA_LEN(dst)((dst)->sa_len)); |
2375 | return -1; |
2376 | } |
2377 | memcpy(addr, dst, SA_LEN(dst)((dst)->sa_len)); |
2378 | contacts[contact_cnt].addr = addr; |
2379 | contacts[contact_cnt++].len = SA_LEN(dst)((dst)->sa_len); |
2380 | |
2381 | /* |
2382 | * XXX There are better algorithms for already mostly-sorted data like |
2383 | * this, but only qsort is standard. I will someday do this inline. |
2384 | */ |
2385 | qsort(contacts, contact_cnt, sizeof *contacts, addr_cmp); |
2386 | return 0; |
2387 | } |
2388 | |
2389 | /* Return true if the recipient of MSG has already been contacted. */ |
2390 | static int |
2391 | ipsec_contacted(struct message *msg) |
2392 | { |
2393 | struct contact contact; |
2394 | |
2395 | msg->transport->vtbl->get_dst(msg->transport, &contact.addr); |
2396 | contact.len = SA_LEN(contact.addr)((contact.addr)->sa_len); |
2397 | return contacts ? (bsearch(&contact, contacts, contact_cnt, |
2398 | sizeof *contacts, addr_cmp) != 0) : 0; |
2399 | } |
2400 | |
2401 | /* Add a HASH for to MSG. */ |
2402 | u_int8_t * |
2403 | ipsec_add_hash_payload(struct message *msg, size_t hashsize) |
2404 | { |
2405 | u_int8_t *buf; |
2406 | |
2407 | buf = malloc(ISAKMP_HASH_SZ4 + hashsize); |
2408 | if (!buf) { |
2409 | log_error("ipsec_add_hash_payload: malloc (%lu) failed", |
2410 | ISAKMP_HASH_SZ4 + (unsigned long) hashsize); |
2411 | return 0; |
2412 | } |
2413 | if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH8, buf, |
2414 | ISAKMP_HASH_SZ4 + hashsize, 1)) { |
2415 | free(buf); |
2416 | return 0; |
2417 | } |
2418 | return buf; |
2419 | } |
2420 | |
2421 | /* Fill in the HASH payload of MSG. */ |
2422 | int |
2423 | ipsec_fill_in_hash(struct message *msg) |
2424 | { |
2425 | struct exchange *exchange = msg->exchange; |
2426 | struct sa *isakmp_sa = msg->isakmp_sa; |
2427 | struct ipsec_sa *isa = isakmp_sa->data; |
2428 | struct hash *hash = hash_get(isa->hash); |
2429 | struct prf *prf; |
2430 | struct payload *payload; |
2431 | u_int8_t *buf; |
2432 | u_int32_t i; |
2433 | char header[80]; |
2434 | |
2435 | /* If no SKEYID_a, we need not do anything. */ |
2436 | if (!isa->skeyid_a) |
2437 | return 0; |
2438 | |
2439 | payload = payload_first(msg, ISAKMP_PAYLOAD_HASH8); |
2440 | if (!payload) { |
2441 | log_print("ipsec_fill_in_hash: no HASH payload found"); |
2442 | return -1; |
2443 | } |
2444 | buf = payload->p; |
2445 | |
2446 | /* Allocate the prf and start calculating our HASH(1). */ |
2447 | LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len) |
2448 | isa->skeyid_a, isa->skeyid_len))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", isa ->skeyid_a, isa->skeyid_len); |
2449 | prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a, |
2450 | isa->skeyid_len); |
2451 | if (!prf) |
2452 | return -1; |
2453 | |
2454 | prf->Init(prf->prfctx); |
2455 | LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: message_id",log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4) |
2456 | exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN))log_debug_buf (LOG_MISC, 90, "ipsec_fill_in_hash: message_id" , exchange->message_id, 4); |
2457 | prf->Update(prf->prfctx, exchange->message_id, |
2458 | ISAKMP_HDR_MESSAGE_ID_LEN4); |
2459 | |
2460 | /* Loop over all payloads after HASH(1). */ |
2461 | for (i = 2; i < msg->iovlen; i++) { |
2462 | /* XXX Misleading payload type printouts. */ |
2463 | snprintf(header, sizeof header, |
2464 | "ipsec_fill_in_hash: payload %d after HASH(1)", i - 1); |
2465 | LOG_DBG_BUF((LOG_MISC, 90, header, msg->iov[i].iov_base,log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len) |
2466 | msg->iov[i].iov_len))log_debug_buf (LOG_MISC, 90, header, msg->iov[i].iov_base, msg->iov[i].iov_len); |
2467 | prf->Update(prf->prfctx, msg->iov[i].iov_base, |
2468 | msg->iov[i].iov_len); |
2469 | } |
2470 | prf->Final(buf + ISAKMP_HASH_DATA_OFF4, prf->prfctx); |
2471 | prf_free(prf); |
2472 | LOG_DBG_BUF((LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf +log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize) |
2473 | ISAKMP_HASH_DATA_OFF, hash->hashsize))log_debug_buf (LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 4, hash->hashsize); |
2474 | |
2475 | return 0; |
2476 | } |
2477 | |
2478 | /* Add a HASH payload to MSG, if we have an ISAKMP SA we're protected by. */ |
2479 | static int |
2480 | ipsec_informational_pre_hook(struct message *msg) |
2481 | { |
2482 | struct sa *isakmp_sa = msg->isakmp_sa; |
2483 | struct ipsec_sa *isa; |
2484 | struct hash *hash; |
2485 | |
2486 | if (!isakmp_sa) |
2487 | return 0; |
2488 | isa = isakmp_sa->data; |
2489 | hash = hash_get(isa->hash); |
2490 | return ipsec_add_hash_payload(msg, hash->hashsize) == 0; |
2491 | } |
2492 | |
2493 | /* |
2494 | * Fill in the HASH payload in MSG, if we have an ISAKMP SA we're protected by. |
2495 | */ |
2496 | static int |
2497 | ipsec_informational_post_hook(struct message *msg) |
2498 | { |
2499 | if (!msg->isakmp_sa) |
2500 | return 0; |
2501 | return ipsec_fill_in_hash(msg); |
2502 | } |
2503 | |
2504 | ssize_t |
2505 | ipsec_id_size(char *section, u_int8_t *id) |
2506 | { |
2507 | char *type, *data; |
2508 | |
2509 | type = conf_get_str(section, "ID-type"); |
2510 | if (!type) { |
2511 | log_print("ipsec_id_size: section %s has no \"ID-type\" tag", |
2512 | section); |
2513 | return -1; |
2514 | } |
2515 | *id = constant_value(ipsec_id_cst, type); |
2516 | switch (*id) { |
2517 | case IPSEC_ID_IPV4_ADDR1: |
2518 | return sizeof(struct in_addr); |
2519 | case IPSEC_ID_IPV4_ADDR_SUBNET4: |
2520 | return 2 * sizeof(struct in_addr); |
2521 | case IPSEC_ID_IPV6_ADDR5: |
2522 | return sizeof(struct in6_addr); |
2523 | case IPSEC_ID_IPV6_ADDR_SUBNET6: |
2524 | return 2 * sizeof(struct in6_addr); |
2525 | case IPSEC_ID_FQDN2: |
2526 | case IPSEC_ID_USER_FQDN3: |
2527 | case IPSEC_ID_KEY_ID11: |
2528 | case IPSEC_ID_DER_ASN1_DN9: |
2529 | case IPSEC_ID_DER_ASN1_GN10: |
2530 | data = conf_get_str(section, "Name"); |
2531 | if (!data) { |
2532 | log_print("ipsec_id_size: " |
2533 | "section %s has no \"Name\" tag", section); |
2534 | return -1; |
2535 | } |
2536 | return strlen(data); |
2537 | } |
2538 | log_print("ipsec_id_size: unrecognized/unsupported ID-type %d (%s)", |
2539 | *id, type); |
2540 | return -1; |
2541 | } |
2542 | |
2543 | /* |
2544 | * Generate a string version of the ID. |
2545 | */ |
2546 | char * |
2547 | ipsec_id_string(u_int8_t *id, size_t id_len) |
2548 | { |
2549 | char *buf = 0; |
2550 | char *addrstr = 0; |
2551 | size_t len, size; |
2552 | |
2553 | /* |
2554 | * XXX Real ugly way of making the offsets correct. Be aware that id |
2555 | * now will point before the actual buffer and cannot be dereferenced |
2556 | * without an offset larger than or equal to ISAKM_GEN_SZ. |
2557 | */ |
2558 | id -= ISAKMP_GEN_SZ4; |
2559 | |
2560 | /* This is the actual length of the ID data field. */ |
2561 | id_len += ISAKMP_GEN_SZ4 - ISAKMP_ID_DATA_OFF8; |
2562 | |
2563 | /* |
2564 | * Conservative allocation. |
2565 | * XXX I think the ASN1 DN case can be thought through to give a better |
2566 | * estimate. |
2567 | */ |
2568 | size = MAXIMUM(sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff",(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len)) |
2569 | sizeof "asn1_dn/" + id_len)(((sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff") > (sizeof "asn1_dn/" + id_len)) ? (sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff" ) : (sizeof "asn1_dn/" + id_len)); |
2570 | buf = malloc(size); |
2571 | if (!buf) |
2572 | /* XXX Log? */ |
2573 | goto fail; |
2574 | |
2575 | switch (GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id)) { |
2576 | case IPSEC_ID_IPV4_ADDR1: |
2577 | if (id_len < sizeof(struct in_addr)) |
2578 | goto fail; |
2579 | util_ntoa(&addrstr, AF_INET2, id + ISAKMP_ID_DATA_OFF8); |
2580 | if (!addrstr) |
2581 | goto fail; |
2582 | snprintf(buf, size, "ipv4/%s", addrstr); |
2583 | break; |
2584 | |
2585 | case IPSEC_ID_IPV6_ADDR5: |
2586 | if (id_len < sizeof(struct in6_addr)) |
2587 | goto fail; |
2588 | util_ntoa(&addrstr, AF_INET624, id + ISAKMP_ID_DATA_OFF8); |
2589 | if (!addrstr) |
2590 | goto fail; |
2591 | snprintf(buf, size, "ipv6/%s", addrstr); |
2592 | break; |
2593 | |
2594 | case IPSEC_ID_FQDN2: |
2595 | case IPSEC_ID_USER_FQDN3: |
2596 | strlcpy(buf, GET_ISAKMP_ID_TYPE(id)field_get_num (isakmp_id_fld + 0, id) == IPSEC_ID_FQDN2 ? |
2597 | "fqdn/" : "ufqdn/", size); |
2598 | len = strlen(buf); |
2599 | |
2600 | memcpy(buf + len, id + ISAKMP_ID_DATA_OFF8, id_len); |
2601 | *(buf + len + id_len) = '\0'; |
2602 | break; |
2603 | |
2604 | case IPSEC_ID_DER_ASN1_DN9: |
2605 | strlcpy(buf, "asn1_dn/", size); |
2606 | len = strlen(buf); |
2607 | addrstr = x509_DN_string(id + ISAKMP_ID_DATA_OFF8, id_len); |
2608 | if (!addrstr) |
2609 | goto fail; |
2610 | if (size < len + strlen(addrstr) + 1) |
2611 | goto fail; |
2612 | strlcpy(buf + len, addrstr, size - len); |
2613 | break; |
2614 | |
2615 | default: |
2616 | /* Unknown type. */ |
2617 | LOG_DBG((LOG_MISC, 10,log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)) |
2618 | "ipsec_id_string: unknown identity type %d\n",log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)) |
2619 | GET_ISAKMP_ID_TYPE(id)))log_debug (LOG_MISC, 10, "ipsec_id_string: unknown identity type %d\n" , field_get_num (isakmp_id_fld + 0, id)); |
2620 | goto fail; |
2621 | } |
2622 | |
2623 | free(addrstr); |
2624 | return buf; |
2625 | |
2626 | fail: |
2627 | free(buf); |
2628 | free(addrstr); |
2629 | return 0; |
2630 | } |