1 /* $OpenBSD: ipsec.c,v 1.136 2010/09/22 13:45:15 mikeb Exp $ */ 2 /* $EOM: ipsec.c,v 1.143 2000/12/11 23:57:42 niklas Exp $ */ 3 4 /* 5 * Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved. 6 * Copyright (c) 2001 Angelos D. Keromytis. All rights reserved. 7 * Copyright (c) 2001 H�kan Olsson. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 /* 31 * This code was written under funding by Ericsson Radio Systems. 32 */ 33 34 #include <sys/types.h> 35 #include <sys/socket.h> 36 #include <netdb.h> 37 #include <netinet/in.h> 38 #include <arpa/inet.h> 39 #include <stdlib.h> 40 #include <string.h> 41 42 #include <net/if.h> 43 #include <net/pfvar.h> 44 45 #include "sysdep.h" 46 47 #include "attribute.h" 48 #include "conf.h" 49 #include "connection.h" 50 #include "constants.h" 51 #include "crypto.h" 52 #include "dh.h" 53 #include "doi.h" 54 #include "dpd.h" 55 #include "exchange.h" 56 #include "hash.h" 57 #include "ike_aggressive.h" 58 #include "ike_auth.h" 59 #include "ike_main_mode.h" 60 #include "ike_quick_mode.h" 61 #include "ipsec.h" 62 #include "ipsec_doi.h" 63 #include "isakmp.h" 64 #include "isakmp_cfg.h" 65 #include "isakmp_fld.h" 66 #include "isakmp_num.h" 67 #include "log.h" 68 #include "message.h" 69 #include "nat_traversal.h" 70 #include "pf_key_v2.h" 71 #include "prf.h" 72 #include "sa.h" 73 #include "timer.h" 74 #include "transport.h" 75 #include "util.h" 76 #include "x509.h" 77 78 extern int acquire_only; 79 80 /* Backwards compatibility. */ 81 #ifndef NI_MAXHOST 82 #define NI_MAXHOST 1025 83 #endif 84 85 /* The replay window size used for all IPsec protocols if not overridden. */ 86 #define DEFAULT_REPLAY_WINDOW 16 87 88 struct ipsec_decode_arg { 89 struct message *msg; 90 struct sa *sa; 91 struct proto *proto; 92 }; 93 94 /* These variables hold the contacted peers ADT state. */ 95 struct contact { 96 struct sockaddr *addr; 97 socklen_t len; 98 } *contacts = 0; 99 int contact_cnt = 0, contact_limit = 0; 100 101 static int addr_cmp(const void *, const void *); 102 static int ipsec_add_contact(struct message *); 103 static int ipsec_contacted(struct message *); 104 static int ipsec_debug_attribute(u_int16_t, u_int8_t *, u_int16_t, 105 void *); 106 static void ipsec_delete_spi(struct sa *, struct proto *, int); 107 static int16_t *ipsec_exchange_script(u_int8_t); 108 static void ipsec_finalize_exchange(struct message *); 109 static void ipsec_free_exchange_data(void *); 110 static void ipsec_free_proto_data(void *); 111 static void ipsec_free_sa_data(void *); 112 static struct keystate *ipsec_get_keystate(struct message *); 113 static u_int8_t *ipsec_get_spi(size_t *, u_int8_t, struct message *); 114 static int ipsec_handle_leftover_payload(struct message *, u_int8_t, 115 struct payload *); 116 static int ipsec_informational_post_hook(struct message *); 117 static int ipsec_informational_pre_hook(struct message *); 118 static int ipsec_initiator(struct message *); 119 static void ipsec_proto_init(struct proto *, char *); 120 static int ipsec_responder(struct message *); 121 static void ipsec_setup_situation(u_int8_t *); 122 static int ipsec_set_network(u_int8_t *, u_int8_t *, struct ipsec_sa *); 123 static size_t ipsec_situation_size(void); 124 static u_int8_t ipsec_spi_size(u_int8_t); 125 static int ipsec_validate_attribute(u_int16_t, u_int8_t *, u_int16_t, 126 void *); 127 static int ipsec_validate_exchange(u_int8_t); 128 static int ipsec_validate_id_information(u_int8_t, u_int8_t *, u_int8_t *, 129 size_t, struct exchange *); 130 static int ipsec_validate_key_information(u_int8_t *, size_t); 131 static int ipsec_validate_notification(u_int16_t); 132 static int ipsec_validate_proto(u_int8_t); 133 static int ipsec_validate_situation(u_int8_t *, size_t *, size_t); 134 static int ipsec_validate_transform_id(u_int8_t, u_int8_t); 135 static int ipsec_sa_tag(struct exchange *, struct sa *, struct sa *); 136 137 static struct doi ipsec_doi = { 138 {0}, IPSEC_DOI_IPSEC, 139 sizeof(struct ipsec_exch), sizeof(struct ipsec_sa), 140 sizeof(struct ipsec_proto), 141 ipsec_debug_attribute, 142 ipsec_delete_spi, 143 ipsec_exchange_script, 144 ipsec_finalize_exchange, 145 ipsec_free_exchange_data, 146 ipsec_free_proto_data, 147 ipsec_free_sa_data, 148 ipsec_get_keystate, 149 ipsec_get_spi, 150 ipsec_handle_leftover_payload, 151 ipsec_informational_post_hook, 152 ipsec_informational_pre_hook, 153 ipsec_is_attribute_incompatible, 154 ipsec_proto_init, 155 ipsec_setup_situation, 156 ipsec_situation_size, 157 ipsec_spi_size, 158 ipsec_validate_attribute, 159 ipsec_validate_exchange, 160 ipsec_validate_id_information, 161 ipsec_validate_key_information, 162 ipsec_validate_notification, 163 ipsec_validate_proto, 164 ipsec_validate_situation, 165 ipsec_validate_transform_id, 166 ipsec_initiator, 167 ipsec_responder, 168 ipsec_decode_ids 169 }; 170 171 int16_t script_quick_mode[] = { 172 ISAKMP_PAYLOAD_HASH, /* Initiator -> responder. */ 173 ISAKMP_PAYLOAD_SA, 174 ISAKMP_PAYLOAD_NONCE, 175 EXCHANGE_SCRIPT_SWITCH, 176 ISAKMP_PAYLOAD_HASH, /* Responder -> initiator. */ 177 ISAKMP_PAYLOAD_SA, 178 ISAKMP_PAYLOAD_NONCE, 179 EXCHANGE_SCRIPT_SWITCH, 180 ISAKMP_PAYLOAD_HASH, /* Initiator -> responder. */ 181 EXCHANGE_SCRIPT_END 182 }; 183 184 int16_t script_new_group_mode[] = { 185 ISAKMP_PAYLOAD_HASH, /* Initiator -> responder. */ 186 ISAKMP_PAYLOAD_SA, 187 EXCHANGE_SCRIPT_SWITCH, 188 ISAKMP_PAYLOAD_HASH, /* Responder -> initiator. */ 189 ISAKMP_PAYLOAD_SA, 190 EXCHANGE_SCRIPT_END 191 }; 192 193 struct dst_spi_proto_arg { 194 struct sockaddr *dst; 195 u_int32_t spi; 196 u_int8_t proto; 197 }; 198 199 /* 200 * Check if SA matches what we are asking for through V_ARG. It has to 201 * be a finished phase 2 SA. 202 * if "proto" arg is 0, match any proto 203 */ 204 static int 205 ipsec_sa_check(struct sa *sa, void *v_arg) 206 { 207 struct dst_spi_proto_arg *arg = v_arg; 208 struct proto *proto; 209 struct sockaddr *dst, *src; 210 int incoming; 211 212 if (sa->phase != 2 || !(sa->flags & SA_FLAG_READY)) 213 return 0; 214 215 sa->transport->vtbl->get_dst(sa->transport, &dst); 216 if (memcmp(sockaddr_addrdata(dst), sockaddr_addrdata(arg->dst), 217 sockaddr_addrlen(dst)) == 0) 218 incoming = 0; 219 else { 220 sa->transport->vtbl->get_src(sa->transport, &src); 221 if (memcmp(sockaddr_addrdata(src), sockaddr_addrdata(arg->dst), 222 sockaddr_addrlen(src)) == 0) 223 incoming = 1; 224 else 225 return 0; 226 } 227 228 for (proto = TAILQ_FIRST(&sa->protos); proto; 229 proto = TAILQ_NEXT(proto, link)) 230 if ((arg->proto == 0 || proto->proto == arg->proto) && 231 memcmp(proto->spi[incoming], &arg->spi, sizeof arg->spi) 232 == 0) 233 return 1; 234 return 0; 235 } 236 237 /* Find an SA with a "name" of DST, SPI & PROTO. */ 238 struct sa * 239 ipsec_sa_lookup(struct sockaddr *dst, u_int32_t spi, u_int8_t proto) 240 { 241 struct dst_spi_proto_arg arg; 242 243 arg.dst = dst; 244 arg.spi = spi; 245 arg.proto = proto; 246 return sa_find(ipsec_sa_check, &arg); 247 } 248 249 /* 250 * Check if SA matches the flow of another SA in V_ARG. It has to 251 * be a finished non-replaced phase 2 SA. 252 * XXX At some point other selectors will matter here too. 253 */ 254 static int 255 ipsec_sa_check_flow(struct sa *sa, void *v_arg) 256 { 257 struct sa *sa2 = v_arg; 258 struct ipsec_sa *isa = sa->data, *isa2 = sa2->data; 259 260 if (sa == sa2 || sa->phase != 2 || 261 (sa->flags & (SA_FLAG_READY | SA_FLAG_REPLACED)) != SA_FLAG_READY) 262 return 0; 263 264 if (isa->tproto != isa2->tproto || isa->sport != isa2->sport || 265 isa->dport != isa2->dport) 266 return 0; 267 268 return isa->src_net->sa_family == isa2->src_net->sa_family && 269 memcmp(sockaddr_addrdata(isa->src_net), 270 sockaddr_addrdata(isa2->src_net), 271 sockaddr_addrlen(isa->src_net)) == 0 && 272 memcmp(sockaddr_addrdata(isa->src_mask), 273 sockaddr_addrdata(isa2->src_mask), 274 sockaddr_addrlen(isa->src_mask)) == 0 && 275 memcmp(sockaddr_addrdata(isa->dst_net), 276 sockaddr_addrdata(isa2->dst_net), 277 sockaddr_addrlen(isa->dst_net)) == 0 && 278 memcmp(sockaddr_addrdata(isa->dst_mask), 279 sockaddr_addrdata(isa2->dst_mask), 280 sockaddr_addrlen(isa->dst_mask)) == 0; 281 } 282 283 /* 284 * Construct a PF tag if specified in the configuration. 285 * It is possible to use variables to expand the tag: 286 * $id The string representation of the remote ID 287 * $domain The stripped domain part of the ID (for FQDN and UFQDN) 288 */ 289 static int 290 ipsec_sa_tag(struct exchange *exchange, struct sa *sa, struct sa *isakmp_sa) 291 { 292 char *format, *section; 293 char *id_string = NULL, *domain = NULL; 294 int error = -1; 295 size_t len; 296 297 sa->tag = NULL; 298 299 if (exchange->name == NULL || 300 (section = exchange->name) == NULL || 301 (format = conf_get_str(section, "PF-Tag")) == NULL) 302 return (0); /* ignore if not present */ 303 304 len = PF_TAG_NAME_SIZE; 305 if ((sa->tag = calloc(1, len)) == NULL) { 306 log_error("ipsec_sa_tag: calloc"); 307 goto fail; 308 } 309 if (strlcpy(sa->tag, format, len) >= len) { 310 log_print("ipsec_sa_tag: tag too long"); 311 goto fail; 312 } 313 if (isakmp_sa->initiator) 314 id_string = ipsec_id_string(isakmp_sa->id_r, 315 isakmp_sa->id_r_len); 316 else 317 id_string = ipsec_id_string(isakmp_sa->id_i, 318 isakmp_sa->id_i_len); 319 320 if (strstr(format, "$id") != NULL) { 321 if (id_string == NULL) { 322 log_print("ipsec_sa_tag: cannot get ID"); 323 goto fail; 324 } 325 if (expand_string(sa->tag, len, "$id", id_string) != 0) { 326 log_print("ipsec_sa_tag: failed to expand tag"); 327 goto fail; 328 } 329 } 330 331 if (strstr(format, "$domain") != NULL) { 332 if (id_string == NULL) { 333 log_print("ipsec_sa_tag: cannot get ID"); 334 goto fail; 335 } 336 if (strncmp(id_string, "fqdn/", strlen("fqdn/")) == 0) 337 domain = strchr(id_string, '.'); 338 else if (strncmp(id_string, "ufqdn/", strlen("ufqdn/")) == 0) 339 domain = strchr(id_string, '@'); 340 if (domain == NULL || strlen(domain) < 2) { 341 log_print("ipsec_sa_tag: no valid domain in ID %s", 342 id_string); 343 goto fail; 344 } 345 domain++; 346 if (expand_string(sa->tag, len, "$domain", domain) != 0) { 347 log_print("ipsec_sa_tag: failed to expand tag"); 348 goto fail; 349 } 350 } 351 352 LOG_DBG((LOG_SA, 10, "ipsec_sa_tag: tag_len %ld tag \"%s\"", 353 strlen(sa->tag), sa->tag)); 354 355 error = 0; 356 fail: 357 free(id_string); 358 if (error != 0) { 359 free(sa->tag); 360 sa->tag = NULL; 361 } 362 363 return (error); 364 } 365 366 /* 367 * Do IPsec DOI specific finalizations task for the exchange where MSG was 368 * the final message. 369 */ 370 static void 371 ipsec_finalize_exchange(struct message *msg) 372 { 373 struct sa *isakmp_sa = msg->isakmp_sa; 374 struct ipsec_sa *isa; 375 struct exchange *exchange = msg->exchange; 376 struct ipsec_exch *ie = exchange->data; 377 struct sa *sa = 0, *old_sa; 378 struct proto *proto, *last_proto = 0; 379 char *addr1, *addr2, *mask1, *mask2; 380 381 switch (exchange->phase) { 382 case 1: 383 switch (exchange->type) { 384 case ISAKMP_EXCH_ID_PROT: 385 case ISAKMP_EXCH_AGGRESSIVE: 386 isa = isakmp_sa->data; 387 isa->hash = ie->hash->type; 388 isa->prf_type = ie->prf_type; 389 isa->skeyid_len = ie->skeyid_len; 390 isa->skeyid_d = ie->skeyid_d; 391 isa->skeyid_a = ie->skeyid_a; 392 /* Prevents early free of SKEYID_*. */ 393 ie->skeyid_a = ie->skeyid_d = 0; 394 395 /* 396 * If a lifetime was negotiated setup the expiration 397 * timers. 398 */ 399 if (isakmp_sa->seconds) 400 sa_setup_expirations(isakmp_sa); 401 402 if (isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE) 403 nat_t_setup_keepalive(isakmp_sa); 404 break; 405 } 406 break; 407 408 case 2: 409 switch (exchange->type) { 410 case IKE_EXCH_QUICK_MODE: 411 /* 412 * Tell the application(s) about the SPIs and key 413 * material. 414 */ 415 for (sa = TAILQ_FIRST(&exchange->sa_list); sa; 416 sa = TAILQ_NEXT(sa, next)) { 417 isa = sa->data; 418 419 if (exchange->initiator) { 420 /* 421 * Initiator is source, responder is 422 * destination. 423 */ 424 if (ipsec_set_network(ie->id_ci, 425 ie->id_cr, isa)) { 426 log_print( 427 "ipsec_finalize_exchange: " 428 "ipsec_set_network " 429 "failed"); 430 return; 431 } 432 } else { 433 /* 434 * Responder is source, initiator is 435 * destination. 436 */ 437 if (ipsec_set_network(ie->id_cr, 438 ie->id_ci, isa)) { 439 log_print( 440 "ipsec_finalize_exchange: " 441 "ipsec_set_network " 442 "failed"); 443 return; 444 } 445 } 446 447 if (ipsec_sa_tag(exchange, sa, isakmp_sa) == -1) 448 return; 449 450 for (proto = TAILQ_FIRST(&sa->protos), 451 last_proto = 0; proto; 452 proto = TAILQ_NEXT(proto, link)) { 453 if (pf_key_v2_set_spi(sa, proto, 454 0, isakmp_sa) || 455 (last_proto && 456 pf_key_v2_group_spis(sa, 457 last_proto, proto, 0)) || 458 pf_key_v2_set_spi(sa, proto, 459 1, isakmp_sa) || 460 (last_proto && 461 pf_key_v2_group_spis(sa, 462 last_proto, proto, 1))) 463 /* 464 * XXX Tear down this 465 * exchange. 466 */ 467 return; 468 last_proto = proto; 469 } 470 471 if (sockaddr2text(isa->src_net, &addr1, 0)) 472 addr1 = 0; 473 if (sockaddr2text(isa->src_mask, &mask1, 0)) 474 mask1 = 0; 475 if (sockaddr2text(isa->dst_net, &addr2, 0)) 476 addr2 = 0; 477 if (sockaddr2text(isa->dst_mask, &mask2, 0)) 478 mask2 = 0; 479 480 LOG_DBG((LOG_EXCHANGE, 50, 481 "ipsec_finalize_exchange: src %s %s " 482 "dst %s %s tproto %u sport %u dport %u", 483 addr1 ? addr1 : "<??\?>", 484 mask1 ? mask1 : "<??\?>", 485 addr2 ? addr2 : "<??\?>", 486 mask2 ? mask2 : "<??\?>", 487 isa->tproto, ntohs(isa->sport), 488 ntohs(isa->dport))); 489 490 free(addr1); 491 free(mask1); 492 free(addr2); 493 free(mask2); 494 495 /* 496 * If this is not an SA acquired by the 497 * kernel, it needs to have a SPD entry 498 * (a.k.a. flow) set up. 499 */ 500 if (!(sa->flags & SA_FLAG_ONDEMAND || 501 conf_get_str("General", "Acquire-Only") || 502 acquire_only) && 503 pf_key_v2_enable_sa(sa, isakmp_sa)) 504 /* XXX Tear down this exchange. */ 505 return; 506 507 /* 508 * Mark elder SAs with the same flow 509 * information as replaced. 510 */ 511 while ((old_sa = sa_find(ipsec_sa_check_flow, 512 sa)) != 0) 513 sa_mark_replaced(old_sa); 514 } 515 break; 516 } 517 } 518 } 519 520 /* Set the client addresses in ISA from SRC_ID and DST_ID. */ 521 static int 522 ipsec_set_network(u_int8_t *src_id, u_int8_t *dst_id, struct ipsec_sa *isa) 523 { 524 int id; 525 char *name, *nat = NULL; 526 u_int8_t *nat_id = NULL; 527 size_t nat_sz; 528 529 if ((name = connection_passive_lookup_by_ids(src_id, dst_id))) 530 nat = conf_get_str(name, "NAT-ID"); 531 532 if (nat) { 533 if ((nat_id = ipsec_build_id(nat, &nat_sz))) { 534 LOG_DBG((LOG_EXCHANGE, 50, "ipsec_set_network: SRC-NAT:" 535 " src: %s -> %s", name, nat)); 536 src_id = nat_id; 537 } else 538 log_print("ipsec_set_network: ipsec_build_id" 539 " failed for NAT-ID: %s", nat); 540 } 541 542 /* Set source address/mask. */ 543 id = GET_ISAKMP_ID_TYPE(src_id); 544 switch (id) { 545 case IPSEC_ID_IPV4_ADDR: 546 case IPSEC_ID_IPV4_ADDR_SUBNET: 547 isa->src_net = (struct sockaddr *)calloc(1, 548 sizeof(struct sockaddr_in)); 549 if (!isa->src_net) 550 goto memfail; 551 isa->src_net->sa_family = AF_INET; 552 isa->src_net->sa_len = sizeof(struct sockaddr_in); 553 554 isa->src_mask = (struct sockaddr *)calloc(1, 555 sizeof(struct sockaddr_in)); 556 if (!isa->src_mask) 557 goto memfail; 558 isa->src_mask->sa_family = AF_INET; 559 isa->src_mask->sa_len = sizeof(struct sockaddr_in); 560 break; 561 562 case IPSEC_ID_IPV6_ADDR: 563 case IPSEC_ID_IPV6_ADDR_SUBNET: 564 isa->src_net = (struct sockaddr *)calloc(1, 565 sizeof(struct sockaddr_in6)); 566 if (!isa->src_net) 567 goto memfail; 568 isa->src_net->sa_family = AF_INET6; 569 isa->src_net->sa_len = sizeof(struct sockaddr_in6); 570 571 isa->src_mask = (struct sockaddr *)calloc(1, 572 sizeof(struct sockaddr_in6)); 573 if (!isa->src_mask) 574 goto memfail; 575 isa->src_mask->sa_family = AF_INET6; 576 isa->src_mask->sa_len = sizeof(struct sockaddr_in6); 577 break; 578 579 case IPSEC_ID_IPV4_RANGE: 580 case IPSEC_ID_IPV6_RANGE: 581 case IPSEC_ID_DER_ASN1_DN: 582 case IPSEC_ID_DER_ASN1_GN: 583 case IPSEC_ID_FQDN: 584 case IPSEC_ID_KEY_ID: 585 default: 586 log_print("ipsec_set_network: ID type %d (%s) not supported", 587 id, constant_name(ipsec_id_cst, id)); 588 return -1; 589 } 590 591 /* Net */ 592 memcpy(sockaddr_addrdata(isa->src_net), src_id + ISAKMP_ID_DATA_OFF, 593 sockaddr_addrlen(isa->src_net)); 594 595 /* Mask */ 596 switch (id) { 597 case IPSEC_ID_IPV4_ADDR: 598 case IPSEC_ID_IPV6_ADDR: 599 memset(sockaddr_addrdata(isa->src_mask), 0xff, 600 sockaddr_addrlen(isa->src_mask)); 601 break; 602 case IPSEC_ID_IPV4_ADDR_SUBNET: 603 case IPSEC_ID_IPV6_ADDR_SUBNET: 604 memcpy(sockaddr_addrdata(isa->src_mask), src_id + 605 ISAKMP_ID_DATA_OFF + sockaddr_addrlen(isa->src_net), 606 sockaddr_addrlen(isa->src_mask)); 607 break; 608 } 609 610 memcpy(&isa->sport, 611 src_id + ISAKMP_ID_DOI_DATA_OFF + IPSEC_ID_PORT_OFF, 612 IPSEC_ID_PORT_LEN); 613 614 if (nat_id) 615 free(nat_id); 616 617 /* Set destination address. */ 618 id = GET_ISAKMP_ID_TYPE(dst_id); 619 switch (id) { 620 case IPSEC_ID_IPV4_ADDR: 621 case IPSEC_ID_IPV4_ADDR_SUBNET: 622 isa->dst_net = (struct sockaddr *)calloc(1, 623 sizeof(struct sockaddr_in)); 624 if (!isa->dst_net) 625 goto memfail; 626 isa->dst_net->sa_family = AF_INET; 627 isa->dst_net->sa_len = sizeof(struct sockaddr_in); 628 629 isa->dst_mask = (struct sockaddr *)calloc(1, 630 sizeof(struct sockaddr_in)); 631 if (!isa->dst_mask) 632 goto memfail; 633 isa->dst_mask->sa_family = AF_INET; 634 isa->dst_mask->sa_len = sizeof(struct sockaddr_in); 635 break; 636 637 case IPSEC_ID_IPV6_ADDR: 638 case IPSEC_ID_IPV6_ADDR_SUBNET: 639 isa->dst_net = (struct sockaddr *)calloc(1, 640 sizeof(struct sockaddr_in6)); 641 if (!isa->dst_net) 642 goto memfail; 643 isa->dst_net->sa_family = AF_INET6; 644 isa->dst_net->sa_len = sizeof(struct sockaddr_in6); 645 646 isa->dst_mask = (struct sockaddr *)calloc(1, 647 sizeof(struct sockaddr_in6)); 648 if (!isa->dst_mask) 649 goto memfail; 650 isa->dst_mask->sa_family = AF_INET6; 651 isa->dst_mask->sa_len = sizeof(struct sockaddr_in6); 652 break; 653 654 case IPSEC_ID_IPV4_RANGE: 655 case IPSEC_ID_IPV6_RANGE: 656 case IPSEC_ID_DER_ASN1_DN: 657 case IPSEC_ID_DER_ASN1_GN: 658 case IPSEC_ID_FQDN: 659 case IPSEC_ID_KEY_ID: 660 default: 661 log_print("ipsec_set_network: ID type %d (%s) not supported", 662 id, constant_name(ipsec_id_cst, id)); 663 return -1; 664 } 665 666 /* Net */ 667 memcpy(sockaddr_addrdata(isa->dst_net), dst_id + ISAKMP_ID_DATA_OFF, 668 sockaddr_addrlen(isa->dst_net)); 669 670 /* Mask */ 671 switch (id) { 672 case IPSEC_ID_IPV4_ADDR: 673 case IPSEC_ID_IPV6_ADDR: 674 memset(sockaddr_addrdata(isa->dst_mask), 0xff, 675 sockaddr_addrlen(isa->dst_mask)); 676 break; 677 case IPSEC_ID_IPV4_ADDR_SUBNET: 678 case IPSEC_ID_IPV6_ADDR_SUBNET: 679 memcpy(sockaddr_addrdata(isa->dst_mask), dst_id + 680 ISAKMP_ID_DATA_OFF + sockaddr_addrlen(isa->dst_net), 681 sockaddr_addrlen(isa->dst_mask)); 682 break; 683 } 684 685 memcpy(&isa->tproto, dst_id + ISAKMP_ID_DOI_DATA_OFF + 686 IPSEC_ID_PROTO_OFF, IPSEC_ID_PROTO_LEN); 687 memcpy(&isa->dport, 688 dst_id + ISAKMP_ID_DOI_DATA_OFF + IPSEC_ID_PORT_OFF, 689 IPSEC_ID_PORT_LEN); 690 return 0; 691 692 memfail: 693 log_error("ipsec_set_network: calloc () failed"); 694 return -1; 695 } 696 697 /* Free the DOI-specific exchange data pointed to by VIE. */ 698 static void 699 ipsec_free_exchange_data(void *vie) 700 { 701 struct ipsec_exch *ie = vie; 702 struct isakmp_cfg_attr *attr; 703 704 free(ie->sa_i_b); 705 free(ie->id_ci); 706 free(ie->id_cr); 707 free(ie->g_xi); 708 free(ie->g_xr); 709 free(ie->g_xy); 710 free(ie->skeyid); 711 free(ie->skeyid_d); 712 free(ie->skeyid_a); 713 free(ie->skeyid_e); 714 free(ie->hash_i); 715 free(ie->hash_r); 716 if (ie->group) 717 group_free(ie->group); 718 for (attr = LIST_FIRST(&ie->attrs); attr; 719 attr = LIST_FIRST(&ie->attrs)) { 720 LIST_REMOVE(attr, link); 721 if (attr->length) 722 free(attr->value); 723 free(attr); 724 } 725 } 726 727 /* Free the DOI-specific SA data pointed to by VISA. */ 728 static void 729 ipsec_free_sa_data(void *visa) 730 { 731 struct ipsec_sa *isa = visa; 732 733 free(isa->src_net); 734 free(isa->src_mask); 735 free(isa->dst_net); 736 free(isa->dst_mask); 737 free(isa->skeyid_a); 738 free(isa->skeyid_d); 739 } 740 741 /* Free the DOI-specific protocol data of an SA pointed to by VIPROTO. */ 742 static void 743 ipsec_free_proto_data(void *viproto) 744 { 745 struct ipsec_proto *iproto = viproto; 746 int i; 747 748 for (i = 0; i < 2; i++) 749 free(iproto->keymat[i]); 750 } 751 752 /* Return exchange script based on TYPE. */ 753 static int16_t * 754 ipsec_exchange_script(u_int8_t type) 755 { 756 switch (type) { 757 case ISAKMP_EXCH_TRANSACTION: 758 return script_transaction; 759 case IKE_EXCH_QUICK_MODE: 760 return script_quick_mode; 761 case IKE_EXCH_NEW_GROUP_MODE: 762 return script_new_group_mode; 763 } 764 return 0; 765 } 766 767 /* Initialize this DOI, requires doi_init to already have been called. */ 768 void 769 ipsec_init(void) 770 { 771 doi_register(&ipsec_doi); 772 } 773 774 /* Given a message MSG, return a suitable IV (or rather keystate). */ 775 static struct keystate * 776 ipsec_get_keystate(struct message *msg) 777 { 778 struct keystate *ks; 779 struct hash *hash; 780 781 /* If we have already have an IV, use it. */ 782 if (msg->exchange && msg->exchange->keystate) { 783 ks = malloc(sizeof *ks); 784 if (!ks) { 785 log_error("ipsec_get_keystate: malloc (%lu) failed", 786 (unsigned long) sizeof *ks); 787 return 0; 788 } 789 memcpy(ks, msg->exchange->keystate, sizeof *ks); 790 return ks; 791 } 792 /* 793 * For phase 2 when no SA yet is setup we need to hash the IV used by 794 * the ISAKMP SA concatenated with the message ID, and use that as an 795 * IV for further cryptographic operations. 796 */ 797 if (!msg->isakmp_sa->keystate) { 798 log_print("ipsec_get_keystate: no keystate in ISAKMP SA %p", 799 msg->isakmp_sa); 800 return 0; 801 } 802 ks = crypto_clone_keystate(msg->isakmp_sa->keystate); 803 if (!ks) 804 return 0; 805 806 hash = hash_get(((struct ipsec_sa *)msg->isakmp_sa->data)->hash); 807 hash->Init(hash->ctx); 808 LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: final phase 1 IV", 809 ks->riv, ks->xf->blocksize)); 810 hash->Update(hash->ctx, ks->riv, ks->xf->blocksize); 811 LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: message ID", 812 ((u_int8_t *) msg->iov[0].iov_base) + ISAKMP_HDR_MESSAGE_ID_OFF, 813 ISAKMP_HDR_MESSAGE_ID_LEN)); 814 hash->Update(hash->ctx, ((u_int8_t *) msg->iov[0].iov_base) + 815 ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN); 816 hash->Final(hash->digest, hash->ctx); 817 crypto_init_iv(ks, hash->digest, ks->xf->blocksize); 818 LOG_DBG_BUF((LOG_CRYPTO, 80, "ipsec_get_keystate: phase 2 IV", 819 hash->digest, ks->xf->blocksize)); 820 return ks; 821 } 822 823 static void 824 ipsec_setup_situation(u_int8_t *buf) 825 { 826 SET_IPSEC_SIT_SIT(buf + ISAKMP_SA_SIT_OFF, IPSEC_SIT_IDENTITY_ONLY); 827 } 828 829 static size_t 830 ipsec_situation_size(void) 831 { 832 return IPSEC_SIT_SIT_LEN; 833 } 834 835 static u_int8_t 836 ipsec_spi_size(u_int8_t proto) 837 { 838 return IPSEC_SPI_SIZE; 839 } 840 841 static int 842 ipsec_validate_attribute(u_int16_t type, u_int8_t * value, u_int16_t len, 843 void *vmsg) 844 { 845 struct message *msg = vmsg; 846 847 if (msg->exchange->phase == 1 && 848 (type < IKE_ATTR_ENCRYPTION_ALGORITHM || type > IKE_ATTR_GROUP_ORDER)) 849 return -1; 850 if (msg->exchange->phase == 2 && 851 (type < IPSEC_ATTR_SA_LIFE_TYPE || type > IPSEC_ATTR_ECN_TUNNEL)) 852 return -1; 853 return 0; 854 } 855 856 static int 857 ipsec_validate_exchange(u_int8_t exch) 858 { 859 return exch != IKE_EXCH_QUICK_MODE && exch != IKE_EXCH_NEW_GROUP_MODE; 860 } 861 862 static int 863 ipsec_validate_id_information(u_int8_t type, u_int8_t *extra, u_int8_t *buf, 864 size_t sz, struct exchange *exchange) 865 { 866 u_int8_t proto = GET_IPSEC_ID_PROTO(extra); 867 u_int16_t port = GET_IPSEC_ID_PORT(extra); 868 869 LOG_DBG((LOG_MESSAGE, 40, 870 "ipsec_validate_id_information: proto %d port %d type %d", 871 proto, port, type)); 872 if (type < IPSEC_ID_IPV4_ADDR || type > IPSEC_ID_KEY_ID) 873 return -1; 874 875 switch (type) { 876 case IPSEC_ID_IPV4_ADDR: 877 LOG_DBG_BUF((LOG_MESSAGE, 40, 878 "ipsec_validate_id_information: IPv4", buf, 879 sizeof(struct in_addr))); 880 break; 881 882 case IPSEC_ID_IPV6_ADDR: 883 LOG_DBG_BUF((LOG_MESSAGE, 40, 884 "ipsec_validate_id_information: IPv6", buf, 885 sizeof(struct in6_addr))); 886 break; 887 888 case IPSEC_ID_IPV4_ADDR_SUBNET: 889 LOG_DBG_BUF((LOG_MESSAGE, 40, 890 "ipsec_validate_id_information: IPv4 network/netmask", 891 buf, 2 * sizeof(struct in_addr))); 892 break; 893 894 case IPSEC_ID_IPV6_ADDR_SUBNET: 895 LOG_DBG_BUF((LOG_MESSAGE, 40, 896 "ipsec_validate_id_information: IPv6 network/netmask", 897 buf, 2 * sizeof(struct in6_addr))); 898 break; 899 900 default: 901 break; 902 } 903 904 if (exchange->phase == 1 && 905 (proto != IPPROTO_UDP || port != UDP_DEFAULT_PORT) && 906 (proto != 0 || port != 0)) { 907 /* 908 * XXX SSH's ISAKMP tester fails this test (proto 17 - port 909 * 0). 910 */ 911 #ifdef notyet 912 return -1; 913 #else 914 log_print("ipsec_validate_id_information: dubious ID " 915 "information accepted"); 916 #endif 917 } 918 /* XXX More checks? */ 919 920 return 0; 921 } 922 923 static int 924 ipsec_validate_key_information(u_int8_t *buf, size_t sz) 925 { 926 /* XXX Not implemented yet. */ 927 return 0; 928 } 929 930 static int 931 ipsec_validate_notification(u_int16_t type) 932 { 933 return type < IPSEC_NOTIFY_RESPONDER_LIFETIME || 934 type > IPSEC_NOTIFY_INITIAL_CONTACT ? -1 : 0; 935 } 936 937 static int 938 ipsec_validate_proto(u_int8_t proto) 939 { 940 return proto < IPSEC_PROTO_IPSEC_AH || 941 proto > IPSEC_PROTO_IPCOMP ? -1 : 0; 942 } 943 944 static int 945 ipsec_validate_situation(u_int8_t *buf, size_t *sz, size_t len) 946 { 947 if (len < IPSEC_SIT_SIT_OFF + IPSEC_SIT_SIT_LEN) { 948 log_print("ipsec_validate_situation: payload too short: %u", 949 (unsigned int) len); 950 return -1; 951 } 952 /* Currently only "identity only" situations are supported. */ 953 if (GET_IPSEC_SIT_SIT(buf) != IPSEC_SIT_IDENTITY_ONLY) 954 return 1; 955 956 *sz = IPSEC_SIT_SIT_LEN; 957 958 return 0; 959 } 960 961 static int 962 ipsec_validate_transform_id(u_int8_t proto, u_int8_t transform_id) 963 { 964 switch (proto) { 965 /* 966 * As no unexpected protocols can occur, we just tie the 967 * default case to the first case, in order to silence a GCC 968 * warning. 969 */ 970 default: 971 case ISAKMP_PROTO_ISAKMP: 972 return transform_id != IPSEC_TRANSFORM_KEY_IKE; 973 case IPSEC_PROTO_IPSEC_AH: 974 return transform_id < IPSEC_AH_MD5 || 975 transform_id > IPSEC_AH_RIPEMD ? -1 : 0; 976 case IPSEC_PROTO_IPSEC_ESP: 977 return transform_id < IPSEC_ESP_DES_IV64 || 978 (transform_id > IPSEC_ESP_AES_GMAC && 979 transform_id < IPSEC_ESP_AES_MARS) || 980 transform_id > IPSEC_ESP_AES_TWOFISH ? -1 : 0; 981 case IPSEC_PROTO_IPCOMP: 982 return transform_id < IPSEC_IPCOMP_OUI || 983 transform_id > IPSEC_IPCOMP_V42BIS ? -1 : 0; 984 } 985 } 986 987 static int 988 ipsec_initiator(struct message *msg) 989 { 990 struct exchange *exchange = msg->exchange; 991 int (**script)(struct message *) = 0; 992 993 /* Check that the SA is coherent with the IKE rules. */ 994 if (exchange->type != ISAKMP_EXCH_TRANSACTION && 995 ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT && 996 exchange->type != ISAKMP_EXCH_AGGRESSIVE && 997 exchange->type != ISAKMP_EXCH_INFO) || 998 (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE && 999 exchange->type != ISAKMP_EXCH_INFO))) { 1000 log_print("ipsec_initiator: unsupported exchange type %d " 1001 "in phase %d", exchange->type, exchange->phase); 1002 return -1; 1003 } 1004 switch (exchange->type) { 1005 case ISAKMP_EXCH_ID_PROT: 1006 script = ike_main_mode_initiator; 1007 break; 1008 case ISAKMP_EXCH_AGGRESSIVE: 1009 script = ike_aggressive_initiator; 1010 break; 1011 case ISAKMP_EXCH_TRANSACTION: 1012 script = isakmp_cfg_initiator; 1013 break; 1014 case ISAKMP_EXCH_INFO: 1015 return message_send_info(msg); 1016 case IKE_EXCH_QUICK_MODE: 1017 script = ike_quick_mode_initiator; 1018 break; 1019 default: 1020 log_print("ipsec_initiator: unsupported exchange type %d", 1021 exchange->type); 1022 return -1; 1023 } 1024 1025 /* Run the script code for this step. */ 1026 if (script) 1027 return script[exchange->step] (msg); 1028 1029 return 0; 1030 } 1031 1032 /* 1033 * delete all SA's from addr with the associated proto and SPI's 1034 * 1035 * spis[] is an array of SPIs of size 16-octet for proto ISAKMP 1036 * or 4-octet otherwise. 1037 */ 1038 static void 1039 ipsec_delete_spi_list(struct sockaddr *addr, u_int8_t proto, u_int8_t *spis, 1040 int nspis, char *type) 1041 { 1042 struct sa *sa; 1043 char *peer; 1044 char ids[1024]; 1045 int i; 1046 1047 for (i = 0; i < nspis; i++) { 1048 if (proto == ISAKMP_PROTO_ISAKMP) { 1049 u_int8_t *spi = spis + i * ISAKMP_HDR_COOKIES_LEN; 1050 1051 /* 1052 * This really shouldn't happen in IPSEC DOI 1053 * code, but Cisco VPN 3000 sends ISAKMP DELETE's 1054 * this way. 1055 */ 1056 sa = sa_lookup_isakmp_sa(addr, spi); 1057 } else { 1058 u_int32_t spi = ((u_int32_t *)spis)[i]; 1059 1060 sa = ipsec_sa_lookup(addr, spi, proto); 1061 } 1062 1063 if (sa == NULL) { 1064 LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: could " 1065 "not locate SA (SPI %08x, proto %u)", 1066 ((u_int32_t *)spis)[i], proto)); 1067 continue; 1068 } 1069 1070 strlcpy(ids, 1071 sa->doi->decode_ids("initiator id: %s, responder id: %s", 1072 sa->id_i, sa->id_i_len, sa->id_r, sa->id_r_len, 0), 1073 sizeof ids); 1074 if (sockaddr2text(addr, &peer, 0)) 1075 peer = NULL; 1076 1077 /* only log deletion of SAs which are not soft expired yet */ 1078 if (sa->soft_death != NULL) 1079 log_verbose("isakmpd: Peer %s made us delete live SA " 1080 "%s for proto %d, %s", peer ? peer : "<unknown>", 1081 sa->name ? sa->name : "<unnamed>", proto, ids); 1082 1083 LOG_DBG((LOG_SA, 30, "ipsec_delete_spi_list: " 1084 "%s made us delete SA %p (%d references) for proto %d (%s)", 1085 type, sa, sa->refcnt, proto, ids)); 1086 free(peer); 1087 1088 /* Delete the SA and search for the next */ 1089 sa_free(sa); 1090 } 1091 } 1092 1093 static int 1094 ipsec_responder(struct message *msg) 1095 { 1096 struct exchange *exchange = msg->exchange; 1097 int (**script)(struct message *) = 0; 1098 struct payload *p; 1099 u_int16_t type; 1100 1101 /* Check that a new exchange is coherent with the IKE rules. */ 1102 if (exchange->step == 0 && exchange->type != ISAKMP_EXCH_TRANSACTION && 1103 ((exchange->phase == 1 && exchange->type != ISAKMP_EXCH_ID_PROT && 1104 exchange->type != ISAKMP_EXCH_AGGRESSIVE && 1105 exchange->type != ISAKMP_EXCH_INFO) || 1106 (exchange->phase == 2 && exchange->type != IKE_EXCH_QUICK_MODE && 1107 exchange->type != ISAKMP_EXCH_INFO))) { 1108 message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE, 1109 0, 1, 0); 1110 return -1; 1111 } 1112 LOG_DBG((LOG_MISC, 30, "ipsec_responder: phase %d exchange %d step %d", 1113 exchange->phase, exchange->type, exchange->step)); 1114 switch (exchange->type) { 1115 case ISAKMP_EXCH_ID_PROT: 1116 script = ike_main_mode_responder; 1117 break; 1118 case ISAKMP_EXCH_AGGRESSIVE: 1119 script = ike_aggressive_responder; 1120 break; 1121 case ISAKMP_EXCH_TRANSACTION: 1122 script = isakmp_cfg_responder; 1123 break; 1124 case ISAKMP_EXCH_INFO: 1125 TAILQ_FOREACH(p, &msg->payload[ISAKMP_PAYLOAD_NOTIFY], link) { 1126 type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p); 1127 LOG_DBG((LOG_EXCHANGE, 10, 1128 "ipsec_responder: got NOTIFY of type %s", 1129 constant_name(isakmp_notify_cst, type))); 1130 1131 switch (type) { 1132 case IPSEC_NOTIFY_INITIAL_CONTACT: 1133 /* Handled by leftover logic. */ 1134 break; 1135 1136 case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE: 1137 case ISAKMP_NOTIFY_STATUS_DPD_R_U_THERE_ACK: 1138 dpd_handle_notify(msg, p); 1139 break; 1140 1141 default: 1142 p->flags |= PL_MARK; 1143 break; 1144 } 1145 } 1146 1147 /* 1148 * If any DELETEs are in here, let the logic of leftover 1149 * payloads deal with them. 1150 */ 1151 return 0; 1152 1153 case IKE_EXCH_QUICK_MODE: 1154 script = ike_quick_mode_responder; 1155 break; 1156 1157 default: 1158 message_drop(msg, ISAKMP_NOTIFY_UNSUPPORTED_EXCHANGE_TYPE, 1159 0, 1, 0); 1160 return -1; 1161 } 1162 1163 /* Run the script code for this step. */ 1164 if (script) 1165 return script[exchange->step] (msg); 1166 1167 /* 1168 * XXX So far we don't accept any proposals for exchanges we don't 1169 * support. 1170 */ 1171 if (payload_first(msg, ISAKMP_PAYLOAD_SA)) { 1172 message_drop(msg, ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN, 0, 1, 0); 1173 return -1; 1174 } 1175 return 0; 1176 } 1177 1178 static enum hashes 1179 from_ike_hash(u_int16_t hash) 1180 { 1181 switch (hash) { 1182 case IKE_HASH_MD5: 1183 return HASH_MD5; 1184 case IKE_HASH_SHA: 1185 return HASH_SHA1; 1186 case IKE_HASH_SHA2_256: 1187 return HASH_SHA2_256; 1188 case IKE_HASH_SHA2_384: 1189 return HASH_SHA2_384; 1190 case IKE_HASH_SHA2_512: 1191 return HASH_SHA2_512; 1192 } 1193 return -1; 1194 } 1195 1196 static enum transform 1197 from_ike_crypto(u_int16_t crypto) 1198 { 1199 /* Coincidentally this is the null operation :-) */ 1200 return crypto; 1201 } 1202 1203 /* 1204 * Find out whether the attribute of type TYPE with a LEN length value 1205 * pointed to by VALUE is incompatible with what we can handle. 1206 * VMSG is a pointer to the current message. 1207 */ 1208 int 1209 ipsec_is_attribute_incompatible(u_int16_t type, u_int8_t *value, u_int16_t len, 1210 void *vmsg) 1211 { 1212 struct message *msg = vmsg; 1213 u_int16_t dv = decode_16(value); 1214 1215 if (msg->exchange->phase == 1) { 1216 switch (type) { 1217 case IKE_ATTR_ENCRYPTION_ALGORITHM: 1218 return !crypto_get(from_ike_crypto(dv)); 1219 case IKE_ATTR_HASH_ALGORITHM: 1220 return !hash_get(from_ike_hash(dv)); 1221 case IKE_ATTR_AUTHENTICATION_METHOD: 1222 return !ike_auth_get(dv); 1223 case IKE_ATTR_GROUP_DESCRIPTION: 1224 return (dv < IKE_GROUP_DESC_MODP_768 || 1225 dv > IKE_GROUP_DESC_MODP_1536) && 1226 (dv < IKE_GROUP_DESC_MODP_2048 || 1227 dv > IKE_GROUP_DESC_MODP_8192); 1228 case IKE_ATTR_GROUP_TYPE: 1229 return 1; 1230 case IKE_ATTR_GROUP_PRIME: 1231 return 1; 1232 case IKE_ATTR_GROUP_GENERATOR_1: 1233 return 1; 1234 case IKE_ATTR_GROUP_GENERATOR_2: 1235 return 1; 1236 case IKE_ATTR_GROUP_CURVE_A: 1237 return 1; 1238 case IKE_ATTR_GROUP_CURVE_B: 1239 return 1; 1240 case IKE_ATTR_LIFE_TYPE: 1241 return dv < IKE_DURATION_SECONDS || 1242 dv > IKE_DURATION_KILOBYTES; 1243 case IKE_ATTR_LIFE_DURATION: 1244 return len != 2 && len != 4; 1245 case IKE_ATTR_PRF: 1246 return 1; 1247 case IKE_ATTR_KEY_LENGTH: 1248 /* 1249 * Our crypto routines only allows key-lengths which 1250 * are multiples of an octet. 1251 */ 1252 return dv % 8 != 0; 1253 case IKE_ATTR_FIELD_SIZE: 1254 return 1; 1255 case IKE_ATTR_GROUP_ORDER: 1256 return 1; 1257 } 1258 } else { 1259 switch (type) { 1260 case IPSEC_ATTR_SA_LIFE_TYPE: 1261 return dv < IPSEC_DURATION_SECONDS || 1262 dv > IPSEC_DURATION_KILOBYTES; 1263 case IPSEC_ATTR_SA_LIFE_DURATION: 1264 return len != 2 && len != 4; 1265 case IPSEC_ATTR_GROUP_DESCRIPTION: 1266 return (dv < IKE_GROUP_DESC_MODP_768 || 1267 dv > IKE_GROUP_DESC_MODP_1536) && 1268 (dv < IKE_GROUP_DESC_MODP_2048 || 1269 IKE_GROUP_DESC_MODP_8192 < dv); 1270 case IPSEC_ATTR_ENCAPSULATION_MODE: 1271 return dv != IPSEC_ENCAP_TUNNEL && 1272 dv != IPSEC_ENCAP_TRANSPORT && 1273 dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL && 1274 dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT && 1275 dv != IPSEC_ENCAP_UDP_ENCAP_TUNNEL_DRAFT && 1276 dv != IPSEC_ENCAP_UDP_ENCAP_TRANSPORT_DRAFT; 1277 case IPSEC_ATTR_AUTHENTICATION_ALGORITHM: 1278 return dv < IPSEC_AUTH_HMAC_MD5 || 1279 dv > IPSEC_AUTH_HMAC_RIPEMD; 1280 case IPSEC_ATTR_KEY_LENGTH: 1281 /* 1282 * XXX Blowfish needs '0'. Others appear to disregard 1283 * this attr? 1284 */ 1285 return 0; 1286 case IPSEC_ATTR_KEY_ROUNDS: 1287 return 1; 1288 case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE: 1289 return 1; 1290 case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM: 1291 return 1; 1292 case IPSEC_ATTR_ECN_TUNNEL: 1293 return 1; 1294 } 1295 } 1296 /* XXX Silence gcc. */ 1297 return 1; 1298 } 1299 1300 /* 1301 * Log the attribute of TYPE with a LEN length value pointed to by VALUE 1302 * in human-readable form. VMSG is a pointer to the current message. 1303 */ 1304 int 1305 ipsec_debug_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, 1306 void *vmsg) 1307 { 1308 struct message *msg = vmsg; 1309 char val[20]; 1310 1311 /* XXX Transient solution. */ 1312 if (len == 2) 1313 snprintf(val, sizeof val, "%d", decode_16(value)); 1314 else if (len == 4) 1315 snprintf(val, sizeof val, "%d", decode_32(value)); 1316 else 1317 snprintf(val, sizeof val, "unrepresentable"); 1318 1319 LOG_DBG((LOG_MESSAGE, 50, "Attribute %s value %s", 1320 constant_name(msg->exchange->phase == 1 ? ike_attr_cst : 1321 ipsec_attr_cst, type), val)); 1322 return 0; 1323 } 1324 1325 /* 1326 * Decode the attribute of type TYPE with a LEN length value pointed to by 1327 * VALUE. VIDA is a pointer to a context structure where we can find the 1328 * current message, SA and protocol. 1329 */ 1330 int 1331 ipsec_decode_attribute(u_int16_t type, u_int8_t *value, u_int16_t len, 1332 void *vida) 1333 { 1334 struct ipsec_decode_arg *ida = vida; 1335 struct message *msg = ida->msg; 1336 struct sa *sa = ida->sa; 1337 struct ipsec_sa *isa = sa->data; 1338 struct proto *proto = ida->proto; 1339 struct ipsec_proto *iproto = proto->data; 1340 struct exchange *exchange = msg->exchange; 1341 struct ipsec_exch *ie = exchange->data; 1342 static int lifetype = 0; 1343 1344 if (exchange->phase == 1) { 1345 switch (type) { 1346 case IKE_ATTR_ENCRYPTION_ALGORITHM: 1347 /* XXX Errors possible? */ 1348 exchange->crypto = crypto_get(from_ike_crypto( 1349 decode_16(value))); 1350 break; 1351 case IKE_ATTR_HASH_ALGORITHM: 1352 /* XXX Errors possible? */ 1353 ie->hash = hash_get(from_ike_hash(decode_16(value))); 1354 break; 1355 case IKE_ATTR_AUTHENTICATION_METHOD: 1356 /* XXX Errors possible? */ 1357 ie->ike_auth = ike_auth_get(decode_16(value)); 1358 break; 1359 case IKE_ATTR_GROUP_DESCRIPTION: 1360 isa->group_desc = decode_16(value); 1361 break; 1362 case IKE_ATTR_GROUP_TYPE: 1363 break; 1364 case IKE_ATTR_GROUP_PRIME: 1365 break; 1366 case IKE_ATTR_GROUP_GENERATOR_1: 1367 break; 1368 case IKE_ATTR_GROUP_GENERATOR_2: 1369 break; 1370 case IKE_ATTR_GROUP_CURVE_A: 1371 break; 1372 case IKE_ATTR_GROUP_CURVE_B: 1373 break; 1374 case IKE_ATTR_LIFE_TYPE: 1375 lifetype = decode_16(value); 1376 return 0; 1377 case IKE_ATTR_LIFE_DURATION: 1378 switch (lifetype) { 1379 case IKE_DURATION_SECONDS: 1380 switch (len) { 1381 case 2: 1382 sa->seconds = decode_16(value); 1383 break; 1384 case 4: 1385 sa->seconds = decode_32(value); 1386 break; 1387 default: 1388 log_print("ipsec_decode_attribute: " 1389 "unreasonable lifetime"); 1390 } 1391 break; 1392 case IKE_DURATION_KILOBYTES: 1393 switch (len) { 1394 case 2: 1395 sa->kilobytes = decode_16(value); 1396 break; 1397 case 4: 1398 sa->kilobytes = decode_32(value); 1399 break; 1400 default: 1401 log_print("ipsec_decode_attribute: " 1402 "unreasonable lifetime"); 1403 } 1404 break; 1405 default: 1406 log_print("ipsec_decode_attribute: unknown " 1407 "lifetime type"); 1408 } 1409 break; 1410 case IKE_ATTR_PRF: 1411 break; 1412 case IKE_ATTR_KEY_LENGTH: 1413 exchange->key_length = decode_16(value) / 8; 1414 break; 1415 case IKE_ATTR_FIELD_SIZE: 1416 break; 1417 case IKE_ATTR_GROUP_ORDER: 1418 break; 1419 } 1420 } else { 1421 switch (type) { 1422 case IPSEC_ATTR_SA_LIFE_TYPE: 1423 lifetype = decode_16(value); 1424 return 0; 1425 case IPSEC_ATTR_SA_LIFE_DURATION: 1426 switch (lifetype) { 1427 case IPSEC_DURATION_SECONDS: 1428 switch (len) { 1429 case 2: 1430 sa->seconds = decode_16(value); 1431 break; 1432 case 4: 1433 sa->seconds = decode_32(value); 1434 break; 1435 default: 1436 log_print("ipsec_decode_attribute: " 1437 "unreasonable lifetime"); 1438 } 1439 break; 1440 case IPSEC_DURATION_KILOBYTES: 1441 switch (len) { 1442 case 2: 1443 sa->kilobytes = decode_16(value); 1444 break; 1445 case 4: 1446 sa->kilobytes = decode_32(value); 1447 break; 1448 default: 1449 log_print("ipsec_decode_attribute: " 1450 "unreasonable lifetime"); 1451 } 1452 break; 1453 default: 1454 log_print("ipsec_decode_attribute: unknown " 1455 "lifetime type"); 1456 } 1457 break; 1458 case IPSEC_ATTR_GROUP_DESCRIPTION: 1459 isa->group_desc = decode_16(value); 1460 break; 1461 case IPSEC_ATTR_ENCAPSULATION_MODE: 1462 /* 1463 * XXX Multiple protocols must have same 1464 * encapsulation mode, no? 1465 */ 1466 iproto->encap_mode = decode_16(value); 1467 break; 1468 case IPSEC_ATTR_AUTHENTICATION_ALGORITHM: 1469 iproto->auth = decode_16(value); 1470 break; 1471 case IPSEC_ATTR_KEY_LENGTH: 1472 iproto->keylen = decode_16(value); 1473 break; 1474 case IPSEC_ATTR_KEY_ROUNDS: 1475 iproto->keyrounds = decode_16(value); 1476 break; 1477 case IPSEC_ATTR_COMPRESS_DICTIONARY_SIZE: 1478 break; 1479 case IPSEC_ATTR_COMPRESS_PRIVATE_ALGORITHM: 1480 break; 1481 case IPSEC_ATTR_ECN_TUNNEL: 1482 break; 1483 } 1484 } 1485 lifetype = 0; 1486 return 0; 1487 } 1488 1489 /* 1490 * Walk over the attributes of the transform payload found in BUF, and 1491 * fill out the fields of the SA attached to MSG. Also mark the SA as 1492 * processed. 1493 */ 1494 void 1495 ipsec_decode_transform(struct message *msg, struct sa *sa, struct proto *proto, 1496 u_int8_t *buf) 1497 { 1498 struct ipsec_exch *ie = msg->exchange->data; 1499 struct ipsec_decode_arg ida; 1500 1501 LOG_DBG((LOG_MISC, 20, "ipsec_decode_transform: transform %d chosen", 1502 GET_ISAKMP_TRANSFORM_NO(buf))); 1503 1504 ida.msg = msg; 1505 ida.sa = sa; 1506 ida.proto = proto; 1507 1508 /* The default IKE lifetime is 8 hours. */ 1509 if (sa->phase == 1) 1510 sa->seconds = 28800; 1511 1512 /* Extract the attributes and stuff them into the SA. */ 1513 attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF, 1514 GET_ISAKMP_GEN_LENGTH(buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF, 1515 ipsec_decode_attribute, &ida); 1516 1517 /* 1518 * If no pseudo-random function was negotiated, it's HMAC. 1519 * XXX As PRF_HMAC currently is zero, this is a no-op. 1520 */ 1521 if (!ie->prf_type) 1522 ie->prf_type = PRF_HMAC; 1523 } 1524 1525 /* 1526 * Delete the IPsec SA represented by the INCOMING direction in protocol PROTO 1527 * of the IKE security association SA. 1528 */ 1529 static void 1530 ipsec_delete_spi(struct sa *sa, struct proto *proto, int incoming) 1531 { 1532 if (sa->phase == 1) 1533 return; 1534 1535 /* 1536 * If the SA was not replaced and was not one acquired through the 1537 * kernel (ACQUIRE message), remove the flow associated with it. 1538 * We ignore any errors from the disabling of the flow. 1539 */ 1540 if (sa->flags & SA_FLAG_READY && !(sa->flags & SA_FLAG_ONDEMAND || 1541 sa->flags & SA_FLAG_REPLACED || acquire_only || 1542 conf_get_str("General", "Acquire-Only"))) 1543 pf_key_v2_disable_sa(sa, incoming); 1544 1545 /* XXX Error handling? Is it interesting? */ 1546 pf_key_v2_delete_spi(sa, proto, incoming); 1547 } 1548 1549 /* 1550 * Store BUF into the g^x entry of the exchange that message MSG belongs to. 1551 * PEER is non-zero when the value is our peer's, and zero when it is ours. 1552 */ 1553 static int 1554 ipsec_g_x(struct message *msg, int peer, u_int8_t *buf) 1555 { 1556 struct exchange *exchange = msg->exchange; 1557 struct ipsec_exch *ie = exchange->data; 1558 u_int8_t **g_x; 1559 int initiator = exchange->initiator ^ peer; 1560 char header[32]; 1561 1562 g_x = initiator ? &ie->g_xi : &ie->g_xr; 1563 *g_x = malloc(ie->g_x_len); 1564 if (!*g_x) { 1565 log_error("ipsec_g_x: malloc (%lu) failed", 1566 (unsigned long)ie->g_x_len); 1567 return -1; 1568 } 1569 memcpy(*g_x, buf, ie->g_x_len); 1570 snprintf(header, sizeof header, "ipsec_g_x: g^x%c", 1571 initiator ? 'i' : 'r'); 1572 LOG_DBG_BUF((LOG_MISC, 80, header, *g_x, ie->g_x_len)); 1573 return 0; 1574 } 1575 1576 /* Generate our DH value. */ 1577 int 1578 ipsec_gen_g_x(struct message *msg) 1579 { 1580 struct exchange *exchange = msg->exchange; 1581 struct ipsec_exch *ie = exchange->data; 1582 u_int8_t *buf; 1583 1584 buf = malloc(ISAKMP_KE_SZ + ie->g_x_len); 1585 if (!buf) { 1586 log_error("ipsec_gen_g_x: malloc (%lu) failed", 1587 ISAKMP_KE_SZ + (unsigned long)ie->g_x_len); 1588 return -1; 1589 } 1590 if (message_add_payload(msg, ISAKMP_PAYLOAD_KEY_EXCH, buf, 1591 ISAKMP_KE_SZ + ie->g_x_len, 1)) { 1592 free(buf); 1593 return -1; 1594 } 1595 if (dh_create_exchange(ie->group, buf + ISAKMP_KE_DATA_OFF)) { 1596 log_print("ipsec_gen_g_x: dh_create_exchange failed"); 1597 free(buf); 1598 return -1; 1599 } 1600 return ipsec_g_x(msg, 0, buf + ISAKMP_KE_DATA_OFF); 1601 } 1602 1603 /* Save the peer's DH value. */ 1604 int 1605 ipsec_save_g_x(struct message *msg) 1606 { 1607 struct exchange *exchange = msg->exchange; 1608 struct ipsec_exch *ie = exchange->data; 1609 struct payload *kep; 1610 1611 kep = payload_first(msg, ISAKMP_PAYLOAD_KEY_EXCH); 1612 kep->flags |= PL_MARK; 1613 ie->g_x_len = GET_ISAKMP_GEN_LENGTH(kep->p) - ISAKMP_KE_DATA_OFF; 1614 1615 /* Check that the given length matches the group's expectancy. */ 1616 if (ie->g_x_len != (size_t) dh_getlen(ie->group)) { 1617 /* XXX Is this a good notify type? */ 1618 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 0); 1619 return -1; 1620 } 1621 return ipsec_g_x(msg, 1, kep->p + ISAKMP_KE_DATA_OFF); 1622 } 1623 1624 /* 1625 * Get a SPI for PROTO and the transport MSG passed over. Store the 1626 * size where SZ points. NB! A zero return is OK if *SZ is zero. 1627 */ 1628 static u_int8_t * 1629 ipsec_get_spi(size_t *sz, u_int8_t proto, struct message *msg) 1630 { 1631 struct sockaddr *dst, *src; 1632 struct transport *transport = msg->transport; 1633 1634 if (msg->exchange->phase == 1) { 1635 *sz = 0; 1636 return 0; 1637 } else { 1638 /* We are the destination in the SA we want a SPI for. */ 1639 transport->vtbl->get_src(transport, &dst); 1640 /* The peer is the source. */ 1641 transport->vtbl->get_dst(transport, &src); 1642 return pf_key_v2_get_spi(sz, proto, src, dst, 1643 msg->exchange->seq); 1644 } 1645 } 1646 1647 /* 1648 * We have gotten a payload PAYLOAD of type TYPE, which did not get handled 1649 * by the logic of the exchange MSG takes part in. Now is the time to deal 1650 * with such a payload if we know how to, if we don't, return -1, otherwise 1651 * 0. 1652 */ 1653 int 1654 ipsec_handle_leftover_payload(struct message *msg, u_int8_t type, 1655 struct payload *payload) 1656 { 1657 u_int32_t spisz, nspis; 1658 struct sockaddr *dst; 1659 int reenter = 0; 1660 u_int8_t *spis, proto; 1661 struct sa *sa; 1662 1663 switch (type) { 1664 case ISAKMP_PAYLOAD_DELETE: 1665 proto = GET_ISAKMP_DELETE_PROTO(payload->p); 1666 nspis = GET_ISAKMP_DELETE_NSPIS(payload->p); 1667 spisz = GET_ISAKMP_DELETE_SPI_SZ(payload->p); 1668 1669 if (nspis == 0) { 1670 LOG_DBG((LOG_SA, 60, "ipsec_handle_leftover_payload: " 1671 "message specified zero SPIs, ignoring")); 1672 return -1; 1673 } 1674 /* verify proper SPI size */ 1675 if ((proto == ISAKMP_PROTO_ISAKMP && 1676 spisz != ISAKMP_HDR_COOKIES_LEN) || 1677 (proto != ISAKMP_PROTO_ISAKMP && spisz != sizeof(u_int32_t))) { 1678 log_print("ipsec_handle_leftover_payload: invalid SPI " 1679 "size %d for proto %d in DELETE payload", 1680 spisz, proto); 1681 return -1; 1682 } 1683 spis = (u_int8_t *) calloc(nspis, spisz); 1684 if (!spis) { 1685 log_error("ipsec_handle_leftover_payload: malloc " 1686 "(%d) failed", nspis * spisz); 1687 return -1; 1688 } 1689 /* extract SPI and get dst address */ 1690 memcpy(spis, payload->p + ISAKMP_DELETE_SPI_OFF, nspis * spisz); 1691 msg->transport->vtbl->get_dst(msg->transport, &dst); 1692 1693 ipsec_delete_spi_list(dst, proto, spis, nspis, "DELETE"); 1694 1695 free(spis); 1696 payload->flags |= PL_MARK; 1697 return 0; 1698 1699 case ISAKMP_PAYLOAD_NOTIFY: 1700 switch (GET_ISAKMP_NOTIFY_MSG_TYPE(payload->p)) { 1701 case IPSEC_NOTIFY_INITIAL_CONTACT: 1702 /* 1703 * Permit INITIAL-CONTACT if 1704 * - this is not an AGGRESSIVE mode exchange 1705 * - it is protected by an ISAKMP SA 1706 * 1707 * XXX Instead of the first condition above, we could 1708 * XXX permit this only for phase 2. In the last 1709 * XXX packet of main-mode, this payload, while 1710 * XXX encrypted, is not part of the hash digest. As 1711 * XXX we currently send our own INITIAL-CONTACTs at 1712 * XXX this point, this too would need to be changed. 1713 */ 1714 if (msg->exchange->type == ISAKMP_EXCH_AGGRESSIVE) { 1715 log_print("ipsec_handle_leftover_payload: got " 1716 "INITIAL-CONTACT in AGGRESSIVE mode"); 1717 return -1; 1718 } 1719 if ((msg->exchange->flags & EXCHANGE_FLAG_ENCRYPT) 1720 == 0) { 1721 log_print("ipsec_handle_leftover_payload: got " 1722 "INITIAL-CONTACT without ISAKMP SA"); 1723 return -1; 1724 } 1725 1726 if ((msg->flags & MSG_AUTHENTICATED) == 0) { 1727 log_print("ipsec_handle_leftover_payload: " 1728 "got unauthenticated INITIAL-CONTACT"); 1729 return -1; 1730 } 1731 /* 1732 * Find out who is sending this and then delete every 1733 * SA that is ready. Exchanges will timeout 1734 * themselves and then the non-ready SAs will 1735 * disappear too. 1736 */ 1737 msg->transport->vtbl->get_dst(msg->transport, &dst); 1738 while ((sa = sa_lookup_by_peer(dst, SA_LEN(dst), 0)) != 0) { 1739 /* 1740 * Don't delete the current SA -- we received 1741 * the notification over it, so it's obviously 1742 * still active. We temporarily need to remove 1743 * the SA from the list to avoid an endless 1744 * loop, but keep a reference so it won't 1745 * disappear meanwhile. 1746 */ 1747 if (sa == msg->isakmp_sa) { 1748 sa_reference(sa); 1749 sa_remove(sa); 1750 reenter = 1; 1751 continue; 1752 } 1753 LOG_DBG((LOG_SA, 30, 1754 "ipsec_handle_leftover_payload: " 1755 "INITIAL-CONTACT made us delete SA %p", 1756 sa)); 1757 sa_delete(sa, 0); 1758 } 1759 1760 if (reenter) { 1761 sa_enter(msg->isakmp_sa); 1762 sa_release(msg->isakmp_sa); 1763 } 1764 payload->flags |= PL_MARK; 1765 return 0; 1766 } 1767 } 1768 return -1; 1769 } 1770 1771 /* Return the encryption keylength in octets of the ESP protocol PROTO. */ 1772 int 1773 ipsec_esp_enckeylength(struct proto *proto) 1774 { 1775 struct ipsec_proto *iproto = proto->data; 1776 1777 /* Compute the keylength to use. */ 1778 switch (proto->id) { 1779 case IPSEC_ESP_DES: 1780 case IPSEC_ESP_DES_IV32: 1781 case IPSEC_ESP_DES_IV64: 1782 return 8; 1783 case IPSEC_ESP_3DES: 1784 return 24; 1785 case IPSEC_ESP_CAST: 1786 if (!iproto->keylen) 1787 return 16; 1788 return iproto->keylen / 8; 1789 case IPSEC_ESP_AES_128_CTR: 1790 return 20; 1791 case IPSEC_ESP_AES_GCM_16: 1792 case IPSEC_ESP_AES_GMAC: 1793 if (!iproto->keylen) 1794 return 20; 1795 return iproto->keylen / 8 + 4; 1796 case IPSEC_ESP_AES: 1797 if (!iproto->keylen) 1798 return 16; 1799 /* FALLTHROUGH */ 1800 default: 1801 return iproto->keylen / 8; 1802 } 1803 } 1804 1805 /* Return the authentication keylength in octets of the ESP protocol PROTO. */ 1806 int 1807 ipsec_esp_authkeylength(struct proto *proto) 1808 { 1809 struct ipsec_proto *iproto = proto->data; 1810 1811 switch (iproto->auth) { 1812 case IPSEC_AUTH_HMAC_MD5: 1813 return 16; 1814 case IPSEC_AUTH_HMAC_SHA: 1815 case IPSEC_AUTH_HMAC_RIPEMD: 1816 return 20; 1817 case IPSEC_AUTH_HMAC_SHA2_256: 1818 return 32; 1819 case IPSEC_AUTH_HMAC_SHA2_384: 1820 return 48; 1821 case IPSEC_AUTH_HMAC_SHA2_512: 1822 return 64; 1823 default: 1824 return 0; 1825 } 1826 } 1827 1828 /* Return the authentication keylength in octets of the AH protocol PROTO. */ 1829 int 1830 ipsec_ah_keylength(struct proto *proto) 1831 { 1832 switch (proto->id) { 1833 case IPSEC_AH_MD5: 1834 return 16; 1835 case IPSEC_AH_SHA: 1836 case IPSEC_AH_RIPEMD: 1837 return 20; 1838 case IPSEC_AH_SHA2_256: 1839 return 32; 1840 case IPSEC_AH_SHA2_384: 1841 return 48; 1842 case IPSEC_AH_SHA2_512: 1843 return 64; 1844 default: 1845 return -1; 1846 } 1847 } 1848 1849 /* Return the total keymaterial length of the protocol PROTO. */ 1850 int 1851 ipsec_keymat_length(struct proto *proto) 1852 { 1853 switch (proto->proto) { 1854 case IPSEC_PROTO_IPSEC_ESP: 1855 return ipsec_esp_enckeylength(proto) 1856 + ipsec_esp_authkeylength(proto); 1857 case IPSEC_PROTO_IPSEC_AH: 1858 return ipsec_ah_keylength(proto); 1859 default: 1860 return -1; 1861 } 1862 } 1863 1864 /* Helper function for ipsec_get_id(). */ 1865 static int 1866 ipsec_get_proto_port(char *section, u_int8_t *tproto, u_int16_t *port) 1867 { 1868 struct protoent *pe = NULL; 1869 struct servent *se; 1870 char *pstr; 1871 1872 pstr = conf_get_str(section, "Protocol"); 1873 if (!pstr) { 1874 *tproto = 0; 1875 return 0; 1876 } 1877 *tproto = (u_int8_t)atoi(pstr); 1878 if (!*tproto) { 1879 pe = getprotobyname(pstr); 1880 if (pe) 1881 *tproto = pe->p_proto; 1882 } 1883 if (!*tproto) { 1884 log_print("ipsec_get_proto_port: protocol \"%s\" unknown", 1885 pstr); 1886 return -1; 1887 } 1888 1889 pstr = conf_get_str(section, "Port"); 1890 if (!pstr) 1891 return 0; 1892 *port = (u_int16_t)atoi(pstr); 1893 if (!*port) { 1894 se = getservbyname(pstr, 1895 pe ? pe->p_name : (pstr ? pstr : NULL)); 1896 if (se) 1897 *port = ntohs(se->s_port); 1898 } 1899 if (!*port) { 1900 log_print("ipsec_get_proto_port: port \"%s\" unknown", 1901 pstr); 1902 return -1; 1903 } 1904 return 0; 1905 } 1906 1907 /* 1908 * Out of a named section SECTION in the configuration file find out 1909 * the network address and mask as well as the ID type. Put the info 1910 * in the areas pointed to by ADDR, MASK, TPROTO, PORT, and ID respectively. 1911 * Return 0 on success and -1 on failure. 1912 */ 1913 int 1914 ipsec_get_id(char *section, int *id, struct sockaddr **addr, 1915 struct sockaddr **mask, u_int8_t *tproto, u_int16_t *port) 1916 { 1917 char *type, *address, *netmask; 1918 sa_family_t af = 0; 1919 1920 type = conf_get_str(section, "ID-type"); 1921 if (!type) { 1922 log_print("ipsec_get_id: section %s has no \"ID-type\" tag", 1923 section); 1924 return -1; 1925 } 1926 *id = constant_value(ipsec_id_cst, type); 1927 switch (*id) { 1928 case IPSEC_ID_IPV4_ADDR: 1929 case IPSEC_ID_IPV4_ADDR_SUBNET: 1930 af = AF_INET; 1931 break; 1932 case IPSEC_ID_IPV6_ADDR: 1933 case IPSEC_ID_IPV6_ADDR_SUBNET: 1934 af = AF_INET6; 1935 break; 1936 } 1937 switch (*id) { 1938 case IPSEC_ID_IPV4_ADDR: 1939 case IPSEC_ID_IPV6_ADDR: { 1940 int ret; 1941 1942 address = conf_get_str(section, "Address"); 1943 if (!address) { 1944 log_print("ipsec_get_id: section %s has no " 1945 "\"Address\" tag", section); 1946 return -1; 1947 } 1948 if (text2sockaddr(address, NULL, addr, af, 0)) { 1949 log_print("ipsec_get_id: invalid address %s in " 1950 "section %s", address, section); 1951 return -1; 1952 } 1953 ret = ipsec_get_proto_port(section, tproto, port); 1954 if (ret < 0) 1955 free(*addr); 1956 1957 return ret; 1958 } 1959 1960 #ifdef notyet 1961 case IPSEC_ID_FQDN: 1962 return -1; 1963 1964 case IPSEC_ID_USER_FQDN: 1965 return -1; 1966 #endif 1967 1968 case IPSEC_ID_IPV4_ADDR_SUBNET: 1969 case IPSEC_ID_IPV6_ADDR_SUBNET: { 1970 int ret; 1971 1972 address = conf_get_str(section, "Network"); 1973 if (!address) { 1974 log_print("ipsec_get_id: section %s has no " 1975 "\"Network\" tag", section); 1976 return -1; 1977 } 1978 if (text2sockaddr(address, NULL, addr, af, 0)) { 1979 log_print("ipsec_get_id: invalid section %s " 1980 "network %s", section, address); 1981 return -1; 1982 } 1983 netmask = conf_get_str(section, "Netmask"); 1984 if (!netmask) { 1985 log_print("ipsec_get_id: section %s has no " 1986 "\"Netmask\" tag", section); 1987 free(*addr); 1988 return -1; 1989 } 1990 if (text2sockaddr(netmask, NULL, mask, af, 1)) { 1991 log_print("ipsec_get_id: invalid section %s " 1992 "network %s", section, netmask); 1993 free(*addr); 1994 return -1; 1995 } 1996 ret = ipsec_get_proto_port(section, tproto, port); 1997 if (ret < 0) { 1998 free(*mask); 1999 free(*addr); 2000 } 2001 return ret; 2002 } 2003 2004 #ifdef notyet 2005 case IPSEC_ID_IPV4_RANGE: 2006 return -1; 2007 2008 case IPSEC_ID_IPV6_RANGE: 2009 return -1; 2010 2011 case IPSEC_ID_DER_ASN1_DN: 2012 return -1; 2013 2014 case IPSEC_ID_DER_ASN1_GN: 2015 return -1; 2016 2017 case IPSEC_ID_KEY_ID: 2018 return -1; 2019 #endif 2020 2021 default: 2022 log_print("ipsec_get_id: unknown ID type \"%s\" in " 2023 "section %s", type, section); 2024 return -1; 2025 } 2026 2027 return 0; 2028 } 2029 2030 /* 2031 * XXX I rather want this function to return a status code, and fail if 2032 * we cannot fit the information in the supplied buffer. 2033 */ 2034 static void 2035 ipsec_decode_id(char *buf, size_t size, u_int8_t *id, size_t id_len, 2036 int isakmpform) 2037 { 2038 int id_type; 2039 char *addr = 0, *mask = 0; 2040 u_int32_t *idp; 2041 2042 if (id) { 2043 if (!isakmpform) { 2044 /* 2045 * Exchanges and SAs dont carry the IDs in ISAKMP 2046 * form. 2047 */ 2048 id -= ISAKMP_GEN_SZ; 2049 id_len += ISAKMP_GEN_SZ; 2050 } 2051 id_type = GET_ISAKMP_ID_TYPE(id); 2052 idp = (u_int32_t *) (id + ISAKMP_ID_DATA_OFF); 2053 switch (id_type) { 2054 case IPSEC_ID_IPV4_ADDR: 2055 util_ntoa(&addr, AF_INET, id + ISAKMP_ID_DATA_OFF); 2056 snprintf(buf, size, "%s", addr); 2057 break; 2058 2059 case IPSEC_ID_IPV4_ADDR_SUBNET: 2060 util_ntoa(&addr, AF_INET, id + ISAKMP_ID_DATA_OFF); 2061 util_ntoa(&mask, AF_INET, id + ISAKMP_ID_DATA_OFF + 4); 2062 snprintf(buf, size, "%s/%s", addr, mask); 2063 break; 2064 2065 case IPSEC_ID_IPV6_ADDR: 2066 util_ntoa(&addr, AF_INET6, id + ISAKMP_ID_DATA_OFF); 2067 snprintf(buf, size, "%s", addr); 2068 break; 2069 2070 case IPSEC_ID_IPV6_ADDR_SUBNET: 2071 util_ntoa(&addr, AF_INET6, id + ISAKMP_ID_DATA_OFF); 2072 util_ntoa(&mask, AF_INET6, id + ISAKMP_ID_DATA_OFF + 2073 sizeof(struct in6_addr)); 2074 snprintf(buf, size, "%s/%s", addr, mask); 2075 break; 2076 2077 case IPSEC_ID_FQDN: 2078 case IPSEC_ID_USER_FQDN: 2079 /* String is not NUL terminated, be careful */ 2080 id_len -= ISAKMP_ID_DATA_OFF; 2081 id_len = MIN(id_len, size - 1); 2082 memcpy(buf, id + ISAKMP_ID_DATA_OFF, id_len); 2083 buf[id_len] = '\0'; 2084 break; 2085 2086 case IPSEC_ID_DER_ASN1_DN: 2087 addr = x509_DN_string(id + ISAKMP_ID_DATA_OFF, 2088 id_len - ISAKMP_ID_DATA_OFF); 2089 if (!addr) { 2090 snprintf(buf, size, "unparsable ASN1 DN ID"); 2091 return; 2092 } 2093 strlcpy(buf, addr, size); 2094 break; 2095 2096 default: 2097 snprintf(buf, size, "<id type unknown: %x>", id_type); 2098 break; 2099 } 2100 } else 2101 snprintf(buf, size, "<no ipsec id>"); 2102 free(addr); 2103 free(mask); 2104 } 2105 2106 char * 2107 ipsec_decode_ids(char *fmt, u_int8_t *id1, size_t id1_len, u_int8_t *id2, 2108 size_t id2_len, int isakmpform) 2109 { 2110 static char result[1024]; 2111 char s_id1[256], s_id2[256]; 2112 2113 ipsec_decode_id(s_id1, sizeof s_id1, id1, id1_len, isakmpform); 2114 ipsec_decode_id(s_id2, sizeof s_id2, id2, id2_len, isakmpform); 2115 2116 snprintf(result, sizeof result, fmt, s_id1, s_id2); 2117 return result; 2118 } 2119 2120 /* 2121 * Out of a named section SECTION in the configuration file build an 2122 * ISAKMP ID payload. Ths payload size should be stashed in SZ. 2123 * The caller is responsible for freeing the payload. 2124 */ 2125 u_int8_t * 2126 ipsec_build_id(char *section, size_t *sz) 2127 { 2128 struct sockaddr *addr, *mask; 2129 u_int8_t *p; 2130 int id, subnet = 0; 2131 u_int8_t tproto = 0; 2132 u_int16_t port = 0; 2133 2134 if (ipsec_get_id(section, &id, &addr, &mask, &tproto, &port)) 2135 return 0; 2136 2137 if (id == IPSEC_ID_IPV4_ADDR_SUBNET || id == IPSEC_ID_IPV6_ADDR_SUBNET) 2138 subnet = 1; 2139 2140 *sz = ISAKMP_ID_SZ + sockaddr_addrlen(addr); 2141 if (subnet) 2142 *sz += sockaddr_addrlen(mask); 2143 2144 p = malloc(*sz); 2145 if (!p) { 2146 log_print("ipsec_build_id: malloc(%lu) failed", 2147 (unsigned long)*sz); 2148 if (subnet) 2149 free(mask); 2150 free(addr); 2151 return 0; 2152 } 2153 SET_ISAKMP_ID_TYPE(p, id); 2154 SET_ISAKMP_ID_DOI_DATA(p, (unsigned char *)"\000\000\000"); 2155 2156 memcpy(p + ISAKMP_ID_DATA_OFF, sockaddr_addrdata(addr), 2157 sockaddr_addrlen(addr)); 2158 if (subnet) 2159 memcpy(p + ISAKMP_ID_DATA_OFF + sockaddr_addrlen(addr), 2160 sockaddr_addrdata(mask), sockaddr_addrlen(mask)); 2161 2162 SET_IPSEC_ID_PROTO(p + ISAKMP_ID_DOI_DATA_OFF, tproto); 2163 SET_IPSEC_ID_PORT(p + ISAKMP_ID_DOI_DATA_OFF, port); 2164 2165 if (subnet) 2166 free(mask); 2167 free(addr); 2168 return p; 2169 } 2170 2171 /* 2172 * copy an ISAKMPD id 2173 */ 2174 int 2175 ipsec_clone_id(u_int8_t **did, size_t *did_len, u_int8_t *id, size_t id_len) 2176 { 2177 free(*did); 2178 2179 if (!id_len || !id) { 2180 *did = 0; 2181 *did_len = 0; 2182 return 0; 2183 } 2184 *did = malloc(id_len); 2185 if (!*did) { 2186 *did_len = 0; 2187 log_error("ipsec_clone_id: malloc(%lu) failed", 2188 (unsigned long)id_len); 2189 return -1; 2190 } 2191 *did_len = id_len; 2192 memcpy(*did, id, id_len); 2193 2194 return 0; 2195 } 2196 2197 /* 2198 * IPsec-specific PROTO initializations. SECTION is only set if we are the 2199 * initiator thus only usable there. 2200 * XXX I want to fix this later. 2201 */ 2202 void 2203 ipsec_proto_init(struct proto *proto, char *section) 2204 { 2205 struct ipsec_proto *iproto = proto->data; 2206 2207 if (proto->sa->phase == 2) 2208 iproto->replay_window = section ? conf_get_num(section, 2209 "ReplayWindow", DEFAULT_REPLAY_WINDOW) : 2210 DEFAULT_REPLAY_WINDOW; 2211 } 2212 2213 /* 2214 * Add a notification payload of type INITIAL CONTACT to MSG if this is 2215 * the first contact we have made to our peer. 2216 */ 2217 int 2218 ipsec_initial_contact(struct message *msg) 2219 { 2220 u_int8_t *buf; 2221 2222 if (ipsec_contacted(msg)) 2223 return 0; 2224 2225 buf = malloc(ISAKMP_NOTIFY_SZ + ISAKMP_HDR_COOKIES_LEN); 2226 if (!buf) { 2227 log_error("ike_phase_1_initial_contact: malloc (%d) failed", 2228 ISAKMP_NOTIFY_SZ + ISAKMP_HDR_COOKIES_LEN); 2229 return -1; 2230 } 2231 SET_ISAKMP_NOTIFY_DOI(buf, IPSEC_DOI_IPSEC); 2232 SET_ISAKMP_NOTIFY_PROTO(buf, ISAKMP_PROTO_ISAKMP); 2233 SET_ISAKMP_NOTIFY_SPI_SZ(buf, ISAKMP_HDR_COOKIES_LEN); 2234 SET_ISAKMP_NOTIFY_MSG_TYPE(buf, IPSEC_NOTIFY_INITIAL_CONTACT); 2235 memcpy(buf + ISAKMP_NOTIFY_SPI_OFF, msg->isakmp_sa->cookies, 2236 ISAKMP_HDR_COOKIES_LEN); 2237 if (message_add_payload(msg, ISAKMP_PAYLOAD_NOTIFY, buf, 2238 ISAKMP_NOTIFY_SZ + ISAKMP_HDR_COOKIES_LEN, 1)) { 2239 free(buf); 2240 return -1; 2241 } 2242 return ipsec_add_contact(msg); 2243 } 2244 2245 /* 2246 * Compare the two contacts pointed to by A and B. Return negative if 2247 * *A < *B, 0 if they are equal, and positive if *A is the largest of them. 2248 */ 2249 static int 2250 addr_cmp(const void *a, const void *b) 2251 { 2252 const struct contact *x = a, *y = b; 2253 int minlen = MIN(x->len, y->len); 2254 int rv = memcmp(x->addr, y->addr, minlen); 2255 2256 return rv ? rv : (x->len - y->len); 2257 } 2258 2259 /* 2260 * Add the peer that MSG is bound to as an address we don't want to send 2261 * INITIAL CONTACT too from now on. Do not call this function with a 2262 * specific address duplicate times. We want fast lookup, speed of insertion 2263 * is unimportant, if this is to scale. 2264 */ 2265 static int 2266 ipsec_add_contact(struct message *msg) 2267 { 2268 struct contact *new_contacts; 2269 struct sockaddr *dst, *addr; 2270 int cnt; 2271 2272 if (contact_cnt == contact_limit) { 2273 cnt = contact_limit ? 2 * contact_limit : 64; 2274 new_contacts = realloc(contacts, cnt * sizeof contacts[0]); 2275 if (!new_contacts) { 2276 log_error("ipsec_add_contact: " 2277 "realloc (%p, %lu) failed", contacts, 2278 cnt * (unsigned long) sizeof contacts[0]); 2279 return -1; 2280 } 2281 contact_limit = cnt; 2282 contacts = new_contacts; 2283 } 2284 msg->transport->vtbl->get_dst(msg->transport, &dst); 2285 addr = malloc(SA_LEN(dst)); 2286 if (!addr) { 2287 log_error("ipsec_add_contact: malloc (%lu) failed", 2288 (unsigned long)SA_LEN(dst)); 2289 return -1; 2290 } 2291 memcpy(addr, dst, SA_LEN(dst)); 2292 contacts[contact_cnt].addr = addr; 2293 contacts[contact_cnt++].len = SA_LEN(dst); 2294 2295 /* 2296 * XXX There are better algorithms for already mostly-sorted data like 2297 * this, but only qsort is standard. I will someday do this inline. 2298 */ 2299 qsort(contacts, contact_cnt, sizeof *contacts, addr_cmp); 2300 return 0; 2301 } 2302 2303 /* Return true if the recipient of MSG has already been contacted. */ 2304 static int 2305 ipsec_contacted(struct message *msg) 2306 { 2307 struct contact contact; 2308 2309 msg->transport->vtbl->get_dst(msg->transport, &contact.addr); 2310 contact.len = SA_LEN(contact.addr); 2311 return contacts ? (bsearch(&contact, contacts, contact_cnt, 2312 sizeof *contacts, addr_cmp) != 0) : 0; 2313 } 2314 2315 /* Add a HASH for to MSG. */ 2316 u_int8_t * 2317 ipsec_add_hash_payload(struct message *msg, size_t hashsize) 2318 { 2319 u_int8_t *buf; 2320 2321 buf = malloc(ISAKMP_HASH_SZ + hashsize); 2322 if (!buf) { 2323 log_error("ipsec_add_hash_payload: malloc (%lu) failed", 2324 ISAKMP_HASH_SZ + (unsigned long) hashsize); 2325 return 0; 2326 } 2327 if (message_add_payload(msg, ISAKMP_PAYLOAD_HASH, buf, 2328 ISAKMP_HASH_SZ + hashsize, 1)) { 2329 free(buf); 2330 return 0; 2331 } 2332 return buf; 2333 } 2334 2335 /* Fill in the HASH payload of MSG. */ 2336 int 2337 ipsec_fill_in_hash(struct message *msg) 2338 { 2339 struct exchange *exchange = msg->exchange; 2340 struct sa *isakmp_sa = msg->isakmp_sa; 2341 struct ipsec_sa *isa = isakmp_sa->data; 2342 struct hash *hash = hash_get(isa->hash); 2343 struct prf *prf; 2344 struct payload *payload; 2345 u_int8_t *buf; 2346 u_int32_t i; 2347 char header[80]; 2348 2349 /* If no SKEYID_a, we need not do anything. */ 2350 if (!isa->skeyid_a) 2351 return 0; 2352 2353 payload = payload_first(msg, ISAKMP_PAYLOAD_HASH); 2354 if (!payload) { 2355 log_print("ipsec_fill_in_hash: no HASH payload found"); 2356 return -1; 2357 } 2358 buf = payload->p; 2359 2360 /* Allocate the prf and start calculating our HASH(1). */ 2361 LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: SKEYID_a", 2362 isa->skeyid_a, isa->skeyid_len)); 2363 prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a, 2364 isa->skeyid_len); 2365 if (!prf) 2366 return -1; 2367 2368 prf->Init(prf->prfctx); 2369 LOG_DBG_BUF((LOG_MISC, 90, "ipsec_fill_in_hash: message_id", 2370 exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN)); 2371 prf->Update(prf->prfctx, exchange->message_id, 2372 ISAKMP_HDR_MESSAGE_ID_LEN); 2373 2374 /* Loop over all payloads after HASH(1). */ 2375 for (i = 2; i < msg->iovlen; i++) { 2376 /* XXX Misleading payload type printouts. */ 2377 snprintf(header, sizeof header, 2378 "ipsec_fill_in_hash: payload %d after HASH(1)", i - 1); 2379 LOG_DBG_BUF((LOG_MISC, 90, header, msg->iov[i].iov_base, 2380 msg->iov[i].iov_len)); 2381 prf->Update(prf->prfctx, msg->iov[i].iov_base, 2382 msg->iov[i].iov_len); 2383 } 2384 prf->Final(buf + ISAKMP_HASH_DATA_OFF, prf->prfctx); 2385 prf_free(prf); 2386 LOG_DBG_BUF((LOG_MISC, 80, "ipsec_fill_in_hash: HASH(1)", buf + 2387 ISAKMP_HASH_DATA_OFF, hash->hashsize)); 2388 2389 return 0; 2390 } 2391 2392 /* Add a HASH payload to MSG, if we have an ISAKMP SA we're protected by. */ 2393 static int 2394 ipsec_informational_pre_hook(struct message *msg) 2395 { 2396 struct sa *isakmp_sa = msg->isakmp_sa; 2397 struct ipsec_sa *isa; 2398 struct hash *hash; 2399 2400 if (!isakmp_sa) 2401 return 0; 2402 isa = isakmp_sa->data; 2403 hash = hash_get(isa->hash); 2404 return ipsec_add_hash_payload(msg, hash->hashsize) == 0; 2405 } 2406 2407 /* 2408 * Fill in the HASH payload in MSG, if we have an ISAKMP SA we're protected by. 2409 */ 2410 static int 2411 ipsec_informational_post_hook(struct message *msg) 2412 { 2413 if (!msg->isakmp_sa) 2414 return 0; 2415 return ipsec_fill_in_hash(msg); 2416 } 2417 2418 ssize_t 2419 ipsec_id_size(char *section, u_int8_t *id) 2420 { 2421 char *type, *data; 2422 2423 type = conf_get_str(section, "ID-type"); 2424 if (!type) { 2425 log_print("ipsec_id_size: section %s has no \"ID-type\" tag", 2426 section); 2427 return -1; 2428 } 2429 *id = constant_value(ipsec_id_cst, type); 2430 switch (*id) { 2431 case IPSEC_ID_IPV4_ADDR: 2432 return sizeof(struct in_addr); 2433 case IPSEC_ID_IPV4_ADDR_SUBNET: 2434 return 2 * sizeof(struct in_addr); 2435 case IPSEC_ID_IPV6_ADDR: 2436 return sizeof(struct in6_addr); 2437 case IPSEC_ID_IPV6_ADDR_SUBNET: 2438 return 2 * sizeof(struct in6_addr); 2439 case IPSEC_ID_FQDN: 2440 case IPSEC_ID_USER_FQDN: 2441 case IPSEC_ID_KEY_ID: 2442 case IPSEC_ID_DER_ASN1_DN: 2443 case IPSEC_ID_DER_ASN1_GN: 2444 data = conf_get_str(section, "Name"); 2445 if (!data) { 2446 log_print("ipsec_id_size: " 2447 "section %s has no \"Name\" tag", section); 2448 return -1; 2449 } 2450 return strlen(data); 2451 } 2452 log_print("ipsec_id_size: unrecognized/unsupported ID-type %d (%s)", 2453 *id, type); 2454 return -1; 2455 } 2456 2457 /* 2458 * Generate a string version of the ID. 2459 */ 2460 char * 2461 ipsec_id_string(u_int8_t *id, size_t id_len) 2462 { 2463 char *buf = 0; 2464 char *addrstr = 0; 2465 size_t len, size; 2466 2467 /* 2468 * XXX Real ugly way of making the offsets correct. Be aware that id 2469 * now will point before the actual buffer and cannot be dereferenced 2470 * without an offset larger than or equal to ISAKM_GEN_SZ. 2471 */ 2472 id -= ISAKMP_GEN_SZ; 2473 2474 /* This is the actual length of the ID data field. */ 2475 id_len += ISAKMP_GEN_SZ - ISAKMP_ID_DATA_OFF; 2476 2477 /* 2478 * Conservative allocation. 2479 * XXX I think the ASN1 DN case can be thought through to give a better 2480 * estimate. 2481 */ 2482 size = MAX(sizeof "ipv6/ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff", 2483 sizeof "asn1_dn/" + id_len); 2484 buf = malloc(size); 2485 if (!buf) 2486 /* XXX Log? */ 2487 goto fail; 2488 2489 switch (GET_ISAKMP_ID_TYPE(id)) { 2490 case IPSEC_ID_IPV4_ADDR: 2491 if (id_len < sizeof(struct in_addr)) 2492 goto fail; 2493 util_ntoa(&addrstr, AF_INET, id + ISAKMP_ID_DATA_OFF); 2494 if (!addrstr) 2495 goto fail; 2496 snprintf(buf, size, "ipv4/%s", addrstr); 2497 break; 2498 2499 case IPSEC_ID_IPV6_ADDR: 2500 if (id_len < sizeof(struct in6_addr)) 2501 goto fail; 2502 util_ntoa(&addrstr, AF_INET6, id + ISAKMP_ID_DATA_OFF); 2503 if (!addrstr) 2504 goto fail; 2505 snprintf(buf, size, "ipv6/%s", addrstr); 2506 break; 2507 2508 case IPSEC_ID_FQDN: 2509 case IPSEC_ID_USER_FQDN: 2510 strlcpy(buf, GET_ISAKMP_ID_TYPE(id) == IPSEC_ID_FQDN ? 2511 "fqdn/" : "ufqdn/", size); 2512 len = strlen(buf); 2513 2514 memcpy(buf + len, id + ISAKMP_ID_DATA_OFF, id_len); 2515 *(buf + len + id_len) = '\0'; 2516 break; 2517 2518 case IPSEC_ID_DER_ASN1_DN: 2519 strlcpy(buf, "asn1_dn/", size); 2520 len = strlen(buf); 2521 addrstr = x509_DN_string(id + ISAKMP_ID_DATA_OFF, id_len); 2522 if (!addrstr) 2523 goto fail; 2524 if (size < len + strlen(addrstr) + 1) 2525 goto fail; 2526 strlcpy(buf + len, addrstr, size - len); 2527 break; 2528 2529 default: 2530 /* Unknown type. */ 2531 LOG_DBG((LOG_MISC, 10, 2532 "ipsec_id_string: unknown identity type %d\n", 2533 GET_ISAKMP_ID_TYPE(id))); 2534 goto fail; 2535 } 2536 2537 free(addrstr); 2538 return buf; 2539 2540 fail: 2541 free(buf); 2542 free(addrstr); 2543 return 0; 2544 } 2545