1 /* $OpenBSD: message.c,v 1.129 2016/04/04 17:35:07 yasuoka Exp $ */ 2 /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */ 3 4 /* 5 * Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved. 6 * Copyright (c) 1999 Angelos D. Keromytis. All rights reserved. 7 * Copyright (c) 1999, 2000, 2001, 2004 H�kan Olsson. All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 */ 29 30 /* 31 * This code was written under funding by Ericsson Radio Systems. 32 */ 33 34 #include <sys/types.h> 35 #include <sys/socket.h> 36 #include <netinet/in.h> 37 #include <arpa/inet.h> 38 #include <stdlib.h> 39 #include <string.h> 40 41 #include "attribute.h" 42 #include "cert.h" 43 #include "constants.h" 44 #include "crypto.h" 45 #include "doi.h" 46 #include "dpd.h" 47 #include "exchange.h" 48 #include "field.h" 49 #include "hash.h" 50 #include "ipsec.h" 51 #include "ipsec_num.h" 52 #include "isakmp.h" 53 #include "log.h" 54 #include "message.h" 55 #include "nat_traversal.h" 56 #include "prf.h" 57 #include "sa.h" 58 #include "timer.h" 59 #include "transport.h" 60 #include "util.h" 61 #include "vendor.h" 62 #include "virtual.h" 63 64 /* A local set datatype, coincidentally fd_set suits our purpose fine. */ 65 typedef fd_set set; 66 #define ISSET FD_ISSET 67 #define SET FD_SET 68 #define ZERO FD_ZERO 69 70 static int message_check_duplicate(struct message *); 71 static int message_encrypt(struct message *); 72 static int message_index_payload(struct message *, struct payload *, 73 u_int8_t ,u_int8_t *); 74 static int message_parse_transform(struct message *, struct payload *, 75 u_int8_t, u_int8_t *); 76 static struct field *message_get_field(u_int8_t); 77 static int message_validate_payload(struct message *, struct payload *, 78 u_int8_t); 79 static u_int16_t message_payload_sz(u_int8_t); 80 static int message_validate_attribute(struct message *, struct payload *); 81 static int message_validate_cert(struct message *, struct payload *); 82 static int message_validate_cert_req(struct message *, struct payload *); 83 static int message_validate_delete(struct message *, struct payload *); 84 static int message_validate_hash(struct message *, struct payload *); 85 static int message_validate_id(struct message *, struct payload *); 86 static int message_validate_key_exch(struct message *, struct payload *); 87 static int message_validate_nat_d(struct message *, struct payload *); 88 static int message_validate_nat_oa(struct message *, struct payload *); 89 static int message_validate_nonce(struct message *, struct payload *); 90 static int message_validate_notify(struct message *, struct payload *); 91 static int message_validate_proposal(struct message *, struct payload *); 92 static int message_validate_sa(struct message *, struct payload *); 93 static int message_validate_sig(struct message *, struct payload *); 94 static int message_validate_transform(struct message *, struct payload *); 95 static int message_validate_vendor(struct message *, struct payload *); 96 97 static void message_packet_log(struct message *); 98 99 /* 100 * Fields used for checking monotonic increasing of proposal and transform 101 * numbers. 102 */ 103 static u_int8_t *last_sa = 0; 104 static u_int32_t last_prop_no; 105 static u_int8_t *last_prop = 0; 106 static u_int32_t last_xf_no; 107 108 /* 109 * Allocate a message structure bound to transport T, and with a first 110 * segment buffer sized SZ, copied from BUF if given. 111 */ 112 struct message * 113 message_alloc(struct transport *t, u_int8_t *buf, size_t sz) 114 { 115 struct message *msg; 116 int i; 117 118 /* 119 * We use calloc(3) because it zeroes the structure which we rely on in 120 * message_free when determining what sub-allocations to free. 121 */ 122 msg = calloc(1, sizeof *msg); 123 if (!msg) 124 return 0; 125 msg->iov = calloc(1, sizeof *msg->iov); 126 if (!msg->iov) { 127 message_free(msg); 128 return 0; 129 } 130 msg->iov[0].iov_len = sz; 131 msg->iov[0].iov_base = malloc(sz); 132 if (!msg->iov[0].iov_base) { 133 message_free(msg); 134 return 0; 135 } 136 msg->iovlen = 1; 137 if (buf) 138 memcpy(msg->iov[0].iov_base, buf, sz); 139 msg->nextp = (u_int8_t *)msg->iov[0].iov_base + 140 ISAKMP_HDR_NEXT_PAYLOAD_OFF; 141 msg->transport = t; 142 transport_reference(t); 143 msg->payload = calloc(ISAKMP_PAYLOAD_MAX, sizeof *msg->payload); 144 if (!msg->payload) { 145 message_free(msg); 146 return 0; 147 } 148 for (i = 0; i < ISAKMP_PAYLOAD_MAX; i++) 149 TAILQ_INIT(&msg->payload[i]); 150 TAILQ_INIT(&msg->post_send); 151 LOG_DBG((LOG_MESSAGE, 90, "message_alloc: allocated %p", msg)); 152 return msg; 153 } 154 155 /* 156 * Allocate a message suitable for a reply to MSG. Just allocate an empty 157 * ISAKMP header as the first segment. 158 */ 159 struct message * 160 message_alloc_reply(struct message *msg) 161 { 162 struct message *reply; 163 164 reply = message_alloc(msg->transport, 0, ISAKMP_HDR_SZ); 165 reply->exchange = msg->exchange; 166 reply->isakmp_sa = msg->isakmp_sa; 167 reply->flags = msg->flags; 168 if (msg->isakmp_sa) 169 sa_reference(msg->isakmp_sa); 170 return reply; 171 } 172 173 /* Free up all resources used by the MSG message. */ 174 void 175 message_free(struct message *msg) 176 { 177 u_int32_t i; 178 struct payload *payload; 179 struct post_send *node; 180 181 LOG_DBG((LOG_MESSAGE, 20, "message_free: freeing %p", msg)); 182 if (!msg) 183 return; 184 if (msg->iov) { 185 if (msg->orig && msg->orig != (u_int8_t *)msg->iov[0].iov_base) 186 free(msg->orig); 187 for (i = 0; i < msg->iovlen; i++) 188 free(msg->iov[i].iov_base); 189 free(msg->iov); 190 } 191 if (msg->retrans) 192 timer_remove_event(msg->retrans); 193 if (msg->payload) { 194 for (i = 0; i < ISAKMP_PAYLOAD_MAX; i++) 195 while ((payload = TAILQ_FIRST(&msg->payload[i]))) { 196 TAILQ_REMOVE(&msg->payload[i], payload, link); 197 free(payload); 198 } 199 free(msg->payload); 200 } 201 while ((node = TAILQ_FIRST(&msg->post_send))) 202 TAILQ_REMOVE(&msg->post_send, node, link); 203 if (msg->transport) { 204 /* If we are on the send queue, remove us from there. */ 205 if (msg->flags & MSG_IN_TRANSIT) 206 TAILQ_REMOVE(msg->transport->vtbl->get_queue(msg), 207 msg, link); 208 209 transport_release(msg->transport); 210 } 211 212 if (msg->isakmp_sa) 213 sa_release(msg->isakmp_sa); 214 215 free(msg); 216 } 217 218 /* 219 * Generic ISAKMP parser. 220 * MSG is the ISAKMP message to be parsed. NEXT is the type of the first 221 * payload to be parsed, and it's pointed to by BUF. ACCEPTED_PAYLOADS 222 * tells what payloads are accepted and FUNC is a pointer to a function 223 * to be called for each payload found, which is also responsible for 224 * freeing the passed ISAKMP message in the failure case. 225 * Returns the total length of the parsed payloads. 226 */ 227 static int 228 message_parse_payloads(struct message *msg, struct payload *p, u_int8_t next, 229 u_int8_t *buf, set *accepted_payloads, int (*func)(struct message *, 230 struct payload *, u_int8_t, u_int8_t *)) 231 { 232 u_int8_t payload; 233 u_int16_t len; 234 int sz = 0; 235 236 do { 237 LOG_DBG((LOG_MESSAGE, 50, 238 "message_parse_payloads: offset %ld payload %s", 239 (long)(buf - (u_int8_t *) msg->iov[0].iov_base), 240 constant_name(isakmp_payload_cst, next))); 241 242 /* Does this payload's header fit? */ 243 if (buf + ISAKMP_GEN_SZ > (u_int8_t *)msg->iov[0].iov_base + 244 msg->iov[0].iov_len) { 245 log_print("message_parse_payloads: short message"); 246 message_drop(msg, 247 ISAKMP_NOTIFY_UNEQUAL_PAYLOAD_LENGTHS, 0, 1, 1); 248 return -1; 249 } 250 /* Ponder on the payload that is at BUF... */ 251 payload = next; 252 253 /* Look at the next payload's type. */ 254 next = GET_ISAKMP_GEN_NEXT_PAYLOAD(buf); 255 if (next >= ISAKMP_PAYLOAD_RESERVED_MIN && 256 next <= ISAKMP_PAYLOAD_RESERVED_MAX) { 257 log_print("message_parse_payloads: invalid next " 258 "payload type %s in payload of type %d", 259 constant_name(isakmp_payload_cst, next), payload); 260 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 261 0, 1, 1); 262 return -1; 263 } 264 /* Reserved fields in ISAKMP messages should be zero. */ 265 if (GET_ISAKMP_GEN_RESERVED(buf) != 0) { 266 log_print("message_parse_payloads: reserved field " 267 "non-zero: %x", GET_ISAKMP_GEN_RESERVED(buf)); 268 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 269 0, 1, 1); 270 return -1; 271 } 272 /* 273 * Decode and validate the payload length field. 274 */ 275 len = GET_ISAKMP_GEN_LENGTH(buf); 276 277 if (message_payload_sz(payload) == 0) { 278 log_print("message_parse_payloads: unknown minimum " 279 "payload size for payload type %s", 280 constant_name(isakmp_payload_cst, payload)); 281 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 282 0, 1, 1); 283 return -1; 284 } 285 if (len < message_payload_sz(payload)) { 286 log_print("message_parse_payloads: payload too " 287 "short: %u", len); 288 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 289 0, 1, 1); 290 return -1; 291 } 292 if (buf + len > (u_int8_t *)msg->iov[0].iov_base + 293 msg->iov[0].iov_len) { 294 log_print("message_parse_payloads: payload too " 295 "long: %u", len); 296 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 297 0, 1, 1); 298 return -1; 299 } 300 /* Ignore most private payloads. */ 301 if (next >= ISAKMP_PAYLOAD_PRIVATE_MIN && 302 next != ISAKMP_PAYLOAD_NAT_D_DRAFT && 303 next != ISAKMP_PAYLOAD_NAT_OA_DRAFT) { 304 LOG_DBG((LOG_MESSAGE, 30, "message_parse_payloads: " 305 "private next payload type %s in payload of " 306 "type %d ignored", 307 constant_name(isakmp_payload_cst, next), payload)); 308 goto next_payload; 309 } 310 /* 311 * Check if the current payload is one of the accepted ones at 312 * this stage. 313 */ 314 if (!ISSET(payload, accepted_payloads)) { 315 log_print("message_parse_payloads: payload type %s " 316 "unexpected", constant_name(isakmp_payload_cst, 317 payload)); 318 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 319 0, 1, 1); 320 return -1; 321 } 322 /* Call the payload handler specified by the caller. */ 323 if (func(msg, p, payload, buf)) 324 return -1; 325 326 next_payload: 327 /* Advance to next payload. */ 328 buf += len; 329 sz += len; 330 } while (next != ISAKMP_PAYLOAD_NONE); 331 return sz; 332 } 333 334 /* 335 * Parse a proposal payload found in message MSG. PAYLOAD is always 336 * ISAKMP_PAYLOAD_PROPOSAL and ignored in here. It's needed as the API for 337 * message_parse_payloads requires it. BUF points to the proposal's 338 * generic payload header. 339 */ 340 static int 341 message_parse_proposal(struct message *msg, struct payload *p, 342 u_int8_t payload, u_int8_t *buf) 343 { 344 set payload_set; 345 346 /* Put the proposal into the proposal bucket. */ 347 if (message_index_payload(msg, p, payload, buf) == -1) 348 return -1; 349 350 ZERO(&payload_set); 351 SET(ISAKMP_PAYLOAD_TRANSFORM, &payload_set); 352 if (message_parse_payloads(msg, 353 TAILQ_LAST(&msg->payload[ISAKMP_PAYLOAD_PROPOSAL], payload_head), 354 ISAKMP_PAYLOAD_TRANSFORM, buf + ISAKMP_PROP_SPI_OFF + 355 GET_ISAKMP_PROP_SPI_SZ(buf), &payload_set, message_parse_transform) 356 == -1) 357 return -1; 358 359 return 0; 360 } 361 362 static int 363 message_parse_transform(struct message *msg, struct payload *p, 364 u_int8_t payload, u_int8_t *buf) 365 { 366 /* Put the transform into the transform bucket. */ 367 if (message_index_payload(msg, p, payload, buf) == -1) 368 return -1; 369 370 LOG_DBG((LOG_MESSAGE, 50, "Transform %d's attributes", 371 GET_ISAKMP_TRANSFORM_NO(buf))); 372 attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF, 373 GET_ISAKMP_GEN_LENGTH(buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF, 374 msg->exchange->doi->debug_attribute, msg); 375 376 return 0; 377 } 378 379 static struct field * 380 message_get_field(u_int8_t payload) 381 { 382 switch (payload) { 383 case ISAKMP_PAYLOAD_SA: 384 return isakmp_sa_fld; 385 case ISAKMP_PAYLOAD_PROPOSAL: 386 return isakmp_prop_fld; 387 case ISAKMP_PAYLOAD_TRANSFORM: 388 return isakmp_transform_fld; 389 case ISAKMP_PAYLOAD_KEY_EXCH: 390 return isakmp_ke_fld; 391 case ISAKMP_PAYLOAD_ID: 392 return isakmp_id_fld; 393 case ISAKMP_PAYLOAD_CERT: 394 return isakmp_cert_fld; 395 case ISAKMP_PAYLOAD_CERT_REQ: 396 return isakmp_certreq_fld; 397 case ISAKMP_PAYLOAD_HASH: 398 return isakmp_hash_fld; 399 case ISAKMP_PAYLOAD_SIG: 400 return isakmp_sig_fld; 401 case ISAKMP_PAYLOAD_NONCE: 402 return isakmp_nonce_fld; 403 case ISAKMP_PAYLOAD_NOTIFY: 404 return isakmp_notify_fld; 405 case ISAKMP_PAYLOAD_DELETE: 406 return isakmp_delete_fld; 407 case ISAKMP_PAYLOAD_VENDOR: 408 return isakmp_vendor_fld; 409 case ISAKMP_PAYLOAD_ATTRIBUTE: 410 return isakmp_attribute_fld; 411 case ISAKMP_PAYLOAD_NAT_D: 412 case ISAKMP_PAYLOAD_NAT_D_DRAFT: 413 return isakmp_nat_d_fld; 414 case ISAKMP_PAYLOAD_NAT_OA: 415 case ISAKMP_PAYLOAD_NAT_OA_DRAFT: 416 return isakmp_nat_oa_fld; 417 /* Not yet supported and any other unknown payloads. */ 418 case ISAKMP_PAYLOAD_SAK: 419 case ISAKMP_PAYLOAD_SAT: 420 case ISAKMP_PAYLOAD_KD: 421 case ISAKMP_PAYLOAD_SEQ: 422 case ISAKMP_PAYLOAD_POP: 423 default: 424 break; 425 } 426 return NULL; 427 } 428 429 static int 430 message_validate_payload(struct message *m, struct payload *p, u_int8_t payload) 431 { 432 switch (payload) { 433 case ISAKMP_PAYLOAD_SA: 434 return message_validate_sa(m, p); 435 case ISAKMP_PAYLOAD_PROPOSAL: 436 return message_validate_proposal(m, p); 437 case ISAKMP_PAYLOAD_TRANSFORM: 438 return message_validate_transform(m, p); 439 case ISAKMP_PAYLOAD_KEY_EXCH: 440 return message_validate_key_exch(m, p); 441 case ISAKMP_PAYLOAD_ID: 442 return message_validate_id(m, p); 443 case ISAKMP_PAYLOAD_CERT: 444 return message_validate_cert(m, p); 445 case ISAKMP_PAYLOAD_CERT_REQ: 446 return message_validate_cert_req(m, p); 447 case ISAKMP_PAYLOAD_HASH: 448 return message_validate_hash(m, p); 449 case ISAKMP_PAYLOAD_SIG: 450 return message_validate_sig(m, p); 451 case ISAKMP_PAYLOAD_NONCE: 452 return message_validate_nonce(m, p); 453 case ISAKMP_PAYLOAD_NOTIFY: 454 return message_validate_notify(m, p); 455 case ISAKMP_PAYLOAD_DELETE: 456 return message_validate_delete(m, p); 457 case ISAKMP_PAYLOAD_VENDOR: 458 return message_validate_vendor(m, p); 459 case ISAKMP_PAYLOAD_ATTRIBUTE: 460 return message_validate_attribute(m, p); 461 case ISAKMP_PAYLOAD_NAT_D: 462 case ISAKMP_PAYLOAD_NAT_D_DRAFT: 463 return message_validate_nat_d(m, p); 464 case ISAKMP_PAYLOAD_NAT_OA: 465 case ISAKMP_PAYLOAD_NAT_OA_DRAFT: 466 return message_validate_nat_oa(m, p); 467 /* Not yet supported and any other unknown payloads. */ 468 case ISAKMP_PAYLOAD_SAK: 469 case ISAKMP_PAYLOAD_SAT: 470 case ISAKMP_PAYLOAD_KD: 471 case ISAKMP_PAYLOAD_SEQ: 472 case ISAKMP_PAYLOAD_POP: 473 default: 474 break; 475 } 476 message_drop(m, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1); 477 return -1; 478 } 479 480 /* Check payloads for their required minimum size. */ 481 static u_int16_t 482 message_payload_sz(u_int8_t payload) 483 { 484 switch (payload) { 485 case ISAKMP_PAYLOAD_SA: 486 return ISAKMP_SA_SZ; 487 case ISAKMP_PAYLOAD_PROPOSAL: 488 return ISAKMP_PROP_SZ; 489 case ISAKMP_PAYLOAD_TRANSFORM: 490 return ISAKMP_TRANSFORM_SZ; 491 case ISAKMP_PAYLOAD_KEY_EXCH: 492 return ISAKMP_KE_SZ; 493 case ISAKMP_PAYLOAD_ID: 494 return ISAKMP_ID_SZ; 495 case ISAKMP_PAYLOAD_CERT: 496 return ISAKMP_CERT_SZ; 497 case ISAKMP_PAYLOAD_CERT_REQ: 498 return ISAKMP_CERTREQ_SZ; 499 case ISAKMP_PAYLOAD_HASH: 500 return ISAKMP_HASH_SZ; 501 case ISAKMP_PAYLOAD_SIG: 502 return ISAKMP_SIG_SZ; 503 case ISAKMP_PAYLOAD_NONCE: 504 return ISAKMP_NONCE_SZ; 505 case ISAKMP_PAYLOAD_NOTIFY: 506 return ISAKMP_NOTIFY_SZ; 507 case ISAKMP_PAYLOAD_DELETE: 508 return ISAKMP_DELETE_SZ; 509 case ISAKMP_PAYLOAD_VENDOR: 510 return ISAKMP_VENDOR_SZ; 511 case ISAKMP_PAYLOAD_ATTRIBUTE: 512 return ISAKMP_ATTRIBUTE_SZ; 513 case ISAKMP_PAYLOAD_NAT_D: 514 case ISAKMP_PAYLOAD_NAT_D_DRAFT: 515 return ISAKMP_NAT_D_SZ; 516 case ISAKMP_PAYLOAD_NAT_OA: 517 case ISAKMP_PAYLOAD_NAT_OA_DRAFT: 518 return ISAKMP_NAT_OA_SZ; 519 /* Not yet supported and any other unknown payloads. */ 520 case ISAKMP_PAYLOAD_SAK: 521 case ISAKMP_PAYLOAD_SAT: 522 case ISAKMP_PAYLOAD_KD: 523 case ISAKMP_PAYLOAD_SEQ: 524 case ISAKMP_PAYLOAD_POP: 525 default: 526 return 0; 527 } 528 } 529 530 /* Validate the attribute payload P in message MSG. */ 531 static int 532 message_validate_attribute(struct message *msg, struct payload *p) 533 { 534 /* If we don't have an exchange yet, create one. */ 535 if (!msg->exchange) { 536 if (zero_test((u_int8_t *) msg->iov[0].iov_base + 537 ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN)) 538 msg->exchange = exchange_setup_p1(msg, 539 IPSEC_DOI_IPSEC); 540 else 541 msg->exchange = exchange_setup_p2(msg, 542 IPSEC_DOI_IPSEC); 543 if (!msg->exchange) { 544 log_print("message_validate_attribute: can not " 545 "create exchange"); 546 message_free(msg); 547 return -1; 548 } 549 } 550 return 0; 551 } 552 553 /* Validate the certificate payload P in message MSG. */ 554 static int 555 message_validate_cert(struct message *msg, struct payload *p) 556 { 557 if (GET_ISAKMP_CERT_ENCODING(p->p) >= ISAKMP_CERTENC_RESERVED_MIN) { 558 message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING, 0, 1, 559 1); 560 return -1; 561 } 562 return 0; 563 } 564 565 /* Validate the certificate request payload P in message MSG. */ 566 static int 567 message_validate_cert_req(struct message *msg, struct payload *p) 568 { 569 struct cert_handler *cert; 570 size_t len = 571 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_CERTREQ_AUTHORITY_OFF; 572 573 if (GET_ISAKMP_CERTREQ_TYPE(p->p) >= ISAKMP_CERTENC_RESERVED_MIN) { 574 message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING, 0, 1, 575 1); 576 return -1; 577 } 578 /* 579 * Check the certificate types we support and if an acceptable 580 * authority is included in the payload check if it can be decoded 581 */ 582 cert = cert_get(GET_ISAKMP_CERTREQ_TYPE(p->p)); 583 if (!cert || (len && !cert->certreq_validate(p->p + 584 ISAKMP_CERTREQ_AUTHORITY_OFF, len))) { 585 message_drop(msg, ISAKMP_NOTIFY_CERT_TYPE_UNSUPPORTED, 0, 1, 586 1); 587 return -1; 588 } 589 return 0; 590 } 591 592 /* 593 * Validate the delete payload P in message MSG. As a side-effect, create 594 * an exchange if we do not have one already. 595 */ 596 static int 597 message_validate_delete(struct message *msg, struct payload *p) 598 { 599 u_int8_t proto = GET_ISAKMP_DELETE_PROTO(p->p); 600 struct doi *doi; 601 struct sa *sa, *isakmp_sa; 602 struct sockaddr *dst, *dst_isa; 603 u_int32_t nspis = GET_ISAKMP_DELETE_NSPIS(p->p); 604 u_int8_t *spis = (u_int8_t *)p->p + ISAKMP_DELETE_SPI_OFF; 605 u_int32_t i; 606 char *addr; 607 608 /* Only accept authenticated DELETEs. */ 609 if ((msg->flags & MSG_AUTHENTICATED) == 0) { 610 log_print("message_validate_delete: " 611 "got unauthenticated DELETE"); 612 message_free(msg); 613 return -1; 614 } 615 616 doi = doi_lookup(GET_ISAKMP_DELETE_DOI(p->p)); 617 if (!doi) { 618 log_print("message_validate_delete: DOI not supported"); 619 message_free(msg); 620 return -1; 621 } 622 /* If we don't have an exchange yet, create one. */ 623 if (!msg->exchange) { 624 if (zero_test((u_int8_t *) msg->iov[0].iov_base 625 + ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN)) 626 msg->exchange = exchange_setup_p1(msg, doi->id); 627 else 628 msg->exchange = exchange_setup_p2(msg, doi->id); 629 if (!msg->exchange) { 630 log_print("message_validate_delete: can not create " 631 "exchange"); 632 message_free(msg); 633 return -1; 634 } 635 } 636 /* Only accept DELETE as part of an INFORMATIONAL exchange. */ 637 if (msg->exchange->type != ISAKMP_EXCH_INFO) { 638 log_print("message_validate_delete: delete in exchange other " 639 "than INFO: %s", constant_name(isakmp_exch_cst, 640 msg->exchange->type)); 641 message_free(msg); 642 return -1; 643 } 644 if (proto != ISAKMP_PROTO_ISAKMP && doi->validate_proto(proto)) { 645 log_print("message_validate_delete: protocol not supported"); 646 message_free(msg); 647 return -1; 648 } 649 /* Validate the SPIs. */ 650 for (i = 0; i < nspis; i++) { 651 /* Get ISAKMP SA protecting this message. */ 652 isakmp_sa = msg->isakmp_sa; 653 if (!isakmp_sa) { 654 /* XXX should not happen? */ 655 log_print("message_validate_delete: invalid spi (no " 656 "valid ISAKMP SA found)"); 657 message_free(msg); 658 return -1; 659 } 660 isakmp_sa->transport->vtbl->get_dst(isakmp_sa->transport, 661 &dst_isa); 662 663 /* Get SA to be deleted. */ 664 msg->transport->vtbl->get_dst(msg->transport, &dst); 665 if (proto == ISAKMP_PROTO_ISAKMP) 666 sa = sa_lookup_isakmp_sa(dst, spis + i 667 * ISAKMP_HDR_COOKIES_LEN); 668 else 669 sa = ipsec_sa_lookup(dst, ((u_int32_t *) spis)[i], 670 proto); 671 if (!sa) { 672 LOG_DBG((LOG_MESSAGE, 50, "message_validate_delete: " 673 "invalid spi (no valid SA found)")); 674 message_free(msg); 675 return -1; 676 } 677 sa->transport->vtbl->get_dst(sa->transport, &dst); 678 679 /* Destination addresses must match. */ 680 if (dst->sa_family != dst_isa->sa_family || 681 memcmp(sockaddr_addrdata(dst_isa), sockaddr_addrdata(dst), 682 sockaddr_addrlen(dst))) { 683 sockaddr2text(dst_isa, &addr, 0); 684 685 log_print("message_validate_delete: invalid spi " 686 "(illegal delete request from %s)", addr); 687 free(addr); 688 message_free(msg); 689 return -1; 690 } 691 } 692 693 return 0; 694 } 695 696 /* 697 * Validate the hash payload P in message MSG. 698 */ 699 static int 700 message_validate_hash(struct message *msg, struct payload *p) 701 { 702 struct sa *isakmp_sa = msg->isakmp_sa; 703 struct ipsec_sa *isa; 704 struct hash *hash; 705 struct payload *hashp = payload_first(msg, ISAKMP_PAYLOAD_HASH); 706 struct prf *prf; 707 u_int8_t *rest; 708 u_int8_t message_id[ISAKMP_HDR_MESSAGE_ID_LEN]; 709 size_t rest_len; 710 711 /* active exchanges other than INFORMATIONAL validates hash payload. */ 712 if (msg->exchange && (msg->exchange->type != ISAKMP_EXCH_INFO)) 713 return 0; 714 715 if (isakmp_sa == NULL) 716 goto invalid; 717 718 isa = isakmp_sa->data; 719 hash = hash_get(isa->hash); 720 if (hash == NULL) 721 goto invalid; 722 723 /* If no SKEYID_a, we can not do anything (should not happen). */ 724 if (!isa->skeyid_a) 725 goto invalid; 726 727 /* Allocate the prf and start calculating our HASH(1). */ 728 LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: SKEYID_a", 729 isa->skeyid_a, isa->skeyid_len)); 730 prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a, 731 isa->skeyid_len); 732 if (!prf) { 733 message_free(msg); 734 return -1; 735 } 736 /* This is not an active exchange. */ 737 GET_ISAKMP_HDR_MESSAGE_ID(msg->iov[0].iov_base, message_id); 738 739 prf->Init(prf->prfctx); 740 LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: message_id", 741 message_id, ISAKMP_HDR_MESSAGE_ID_LEN)); 742 prf->Update(prf->prfctx, message_id, ISAKMP_HDR_MESSAGE_ID_LEN); 743 rest = hashp->p + GET_ISAKMP_GEN_LENGTH(hashp->p); 744 rest_len = (GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base) - (rest - 745 (u_int8_t *)msg->iov[0].iov_base)); 746 LOG_DBG_BUF((LOG_MISC, 90, 747 "message_validate_hash: payloads after HASH(1)", rest, rest_len)); 748 prf->Update(prf->prfctx, rest, rest_len); 749 prf->Final(hash->digest, prf->prfctx); 750 prf_free(prf); 751 752 if (memcmp(hashp->p + ISAKMP_HASH_DATA_OFF, hash->digest, 753 hash->hashsize)) 754 goto invalid; 755 756 /* Mark the HASH as handled. */ 757 hashp->flags |= PL_MARK; 758 759 /* Mark message as authenticated. */ 760 msg->flags |= MSG_AUTHENTICATED; 761 762 return 0; 763 764 invalid: 765 log_print("message_validate_hash: invalid hash information"); 766 message_drop(msg, ISAKMP_NOTIFY_INVALID_HASH_INFORMATION, 0, 1, 1); 767 return -1; 768 } 769 770 /* Validate the identification payload P in message MSG. */ 771 static int 772 message_validate_id(struct message *msg, struct payload *p) 773 { 774 struct exchange *exchange = msg->exchange; 775 size_t len = GET_ISAKMP_GEN_LENGTH(p->p); 776 777 if (!exchange) { 778 /* We should have an exchange at this point. */ 779 log_print("message_validate_id: payload out of sequence"); 780 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 781 return -1; 782 } 783 if (exchange->doi && 784 exchange->doi->validate_id_information(GET_ISAKMP_ID_TYPE(p->p), 785 p->p + ISAKMP_ID_DOI_DATA_OFF, p->p + ISAKMP_ID_DATA_OFF, 786 len - ISAKMP_ID_DATA_OFF, exchange)) { 787 message_drop(msg, ISAKMP_NOTIFY_INVALID_ID_INFORMATION, 0, 1, 788 1); 789 return -1; 790 } 791 return 0; 792 } 793 794 /* Validate the key exchange payload P in message MSG. */ 795 static int 796 message_validate_key_exch(struct message *msg, struct payload *p) 797 { 798 struct exchange *exchange = msg->exchange; 799 size_t len = GET_ISAKMP_GEN_LENGTH(p->p); 800 801 if (!exchange) { 802 /* We should have an exchange at this point. */ 803 log_print("message_validate_key_exch: " 804 "payload out of sequence"); 805 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 806 return -1; 807 } 808 if (exchange->doi && exchange->doi->validate_key_information(p->p + 809 ISAKMP_KE_DATA_OFF, len - ISAKMP_KE_DATA_OFF)) { 810 message_drop(msg, ISAKMP_NOTIFY_INVALID_KEY_INFORMATION, 811 0, 1, 1); 812 return -1; 813 } 814 return 0; 815 } 816 817 /* Validate the NAT-D payload P in message MSG. */ 818 static int 819 message_validate_nat_d(struct message *msg, struct payload *p) 820 { 821 struct exchange *exchange = msg->exchange; 822 823 if (!exchange) { 824 /* We should have an exchange at this point. */ 825 log_print("message_validate_nat_d: payload out of sequence"); 826 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 827 return -1; 828 } 829 830 if (exchange->phase != 1) { 831 log_print("message_validate_nat_d: " 832 "NAT-D payload must be in phase 1"); 833 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 834 return -1; 835 } 836 837 /* Mark as handled. */ 838 p->flags |= PL_MARK; 839 840 return 0; 841 } 842 843 /* Validate the NAT-OA payload P in message MSG. */ 844 static int 845 message_validate_nat_oa(struct message *msg, struct payload *p) 846 { 847 struct exchange *exchange = msg->exchange; 848 849 if (!exchange) { 850 /* We should have an exchange at this point. */ 851 log_print("message_validate_nat_d: payload out of sequence"); 852 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 853 return -1; 854 } 855 856 #ifdef notyet /* XXX Probably never, due to patent issues. */ 857 /* Mark as handled. */ 858 p->flags |= PL_MARK; 859 #endif 860 861 return 0; 862 } 863 864 /* Validate the nonce payload P in message MSG. */ 865 static int 866 message_validate_nonce(struct message *msg, struct payload *p) 867 { 868 if (!msg->exchange) { 869 /* We should have an exchange at this point. */ 870 log_print("message_validate_nonce: payload out of sequence"); 871 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 872 return -1; 873 } 874 /* Nonces require no specific validation. */ 875 return 0; 876 } 877 878 /* 879 * Validate the notify payload P in message MSG. As a side-effect, create 880 * an exchange if we do not have one already. 881 */ 882 static int 883 message_validate_notify(struct message *msg, struct payload *p) 884 { 885 u_int8_t proto = GET_ISAKMP_NOTIFY_PROTO(p->p); 886 u_int16_t type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p); 887 struct doi *doi; 888 889 doi = doi_lookup(GET_ISAKMP_NOTIFY_DOI(p->p)); 890 if (!doi) { 891 log_print("message_validate_notify: DOI not supported"); 892 message_free(msg); 893 return -1; 894 } 895 /* If we don't have an exchange yet, create one. */ 896 if (!msg->exchange) { 897 if (zero_test((u_int8_t *) msg->iov[0].iov_base + 898 ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN)) 899 msg->exchange = exchange_setup_p1(msg, doi->id); 900 else 901 msg->exchange = exchange_setup_p2(msg, doi->id); 902 if (!msg->exchange) { 903 log_print("message_validate_notify: can not create " 904 "exchange"); 905 message_free(msg); 906 return -1; 907 } 908 } 909 if (proto != ISAKMP_PROTO_ISAKMP && doi->validate_proto(proto)) { 910 log_print("message_validate_notify: protocol not supported"); 911 message_free(msg); 912 return -1; 913 } 914 915 /* Validate the SPI. XXX Just ISAKMP for now. */ 916 if (proto == ISAKMP_PROTO_ISAKMP && 917 GET_ISAKMP_NOTIFY_SPI_SZ(p->p) == ISAKMP_HDR_COOKIES_LEN && 918 msg->isakmp_sa && 919 memcmp(p->p + ISAKMP_NOTIFY_SPI_OFF, msg->isakmp_sa->cookies, 920 ISAKMP_HDR_COOKIES_LEN) != 0) { 921 log_print("message_validate_notify: bad cookies"); 922 message_drop(msg, ISAKMP_NOTIFY_INVALID_SPI, 0, 1, 1); 923 return -1; 924 } 925 926 if (type < ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE || 927 (type >= ISAKMP_NOTIFY_RESERVED_MIN && 928 type < ISAKMP_NOTIFY_PRIVATE_MIN) || 929 (type >= ISAKMP_NOTIFY_STATUS_RESERVED1_MIN && 930 type <= ISAKMP_NOTIFY_STATUS_RESERVED1_MAX) || 931 (type >= ISAKMP_NOTIFY_STATUS_DOI_MIN && 932 type <= ISAKMP_NOTIFY_STATUS_DOI_MAX && 933 doi->validate_notification(type)) || 934 type >= ISAKMP_NOTIFY_STATUS_RESERVED2_MIN) { 935 log_print("message_validate_notify: " 936 "message type not supported"); 937 message_free(msg); 938 return -1; 939 } 940 941 return 0; 942 } 943 944 /* Validate the proposal payload P in message MSG. */ 945 static int 946 message_validate_proposal(struct message *msg, struct payload *p) 947 { 948 u_int8_t proto = GET_ISAKMP_PROP_PROTO(p->p); 949 u_int8_t *sa = p->context->p; 950 951 if (!msg->exchange) { 952 /* We should have an exchange at this point. */ 953 log_print("message_validate_proposal: " 954 "payload out of sequence"); 955 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 956 return -1; 957 } 958 if (proto != ISAKMP_PROTO_ISAKMP && 959 msg->exchange->doi->validate_proto(proto)) { 960 message_drop(msg, ISAKMP_NOTIFY_INVALID_PROTOCOL_ID, 0, 1, 1); 961 return -1; 962 } 963 /* Check that we get monotonically increasing proposal IDs per SA. */ 964 if (sa != last_sa) 965 last_sa = sa; 966 else if (GET_ISAKMP_PROP_NO(p->p) < last_prop_no) { 967 message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX, 0, 1, 1); 968 return -1; 969 } 970 last_prop_no = GET_ISAKMP_PROP_NO(p->p); 971 972 /* XXX Validate the SPI, and other syntactic things. */ 973 974 return 0; 975 } 976 977 /* 978 * Validate the SA payload P in message MSG. 979 * Aside from normal validation, note what DOI is in use for other 980 * validation routines to look at. Also index the proposal payloads 981 * on the fly. 982 * XXX This assumes PAYLOAD_SA is always the first payload 983 * to be validated, which is true for IKE, except for quick mode where 984 * a PAYLOAD_HASH comes first, but in that specific case it does not matter. 985 * XXX Make sure the above comment is relevant, isn't SA always checked 986 * first due to the IANA assigned payload number? 987 */ 988 static int 989 message_validate_sa(struct message *msg, struct payload *p) 990 { 991 set payload_set; 992 size_t len; 993 u_int32_t doi_id; 994 struct exchange *exchange = msg->exchange; 995 u_int8_t *pkt = msg->iov[0].iov_base; 996 997 doi_id = GET_ISAKMP_SA_DOI(p->p); 998 if (!doi_lookup(doi_id)) { 999 log_print("message_validate_sa: DOI not supported"); 1000 message_drop(msg, ISAKMP_NOTIFY_DOI_NOT_SUPPORTED, 0, 1, 1); 1001 return -1; 1002 } 1003 /* 1004 * It's time to figure out what SA this message is about. If it is 1005 * already set, then we are creating a new phase 1 SA. Otherwise, 1006 * lookup the SA using the cookies and the message ID. If we cannot 1007 * find it, and the phase 1 SA is ready, setup a phase 2 SA. 1008 */ 1009 if (!exchange) { 1010 if (zero_test(pkt + ISAKMP_HDR_RCOOKIE_OFF, 1011 ISAKMP_HDR_RCOOKIE_LEN)) 1012 exchange = exchange_setup_p1(msg, doi_id); 1013 else if (msg->isakmp_sa->flags & SA_FLAG_READY) 1014 exchange = exchange_setup_p2(msg, doi_id); 1015 else { 1016 /* XXX What to do here? */ 1017 message_free(msg); 1018 return -1; 1019 } 1020 if (!exchange) { 1021 /* XXX Log? */ 1022 message_free(msg); 1023 return -1; 1024 } 1025 } 1026 msg->exchange = exchange; 1027 1028 /* 1029 * Create a struct sa for each SA payload handed to us unless we are 1030 * the initiator where we only will count them. 1031 */ 1032 if (exchange->initiator) { 1033 /* XXX Count SA payloads. */ 1034 } else if (sa_create(exchange, msg->transport)) { 1035 /* XXX Remove exchange if we just created it? */ 1036 message_free(msg); 1037 return -1; 1038 } 1039 if (exchange->phase == 1) { 1040 msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list); 1041 if (msg->isakmp_sa) 1042 sa_reference(msg->isakmp_sa); 1043 } 1044 /* 1045 * Let the DOI validate the situation, at the same time it tells us 1046 * what the length of the situation field is. 1047 */ 1048 if (exchange->doi->validate_situation(p->p + ISAKMP_SA_SIT_OFF, &len, 1049 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_SA_SIT_OFF)) { 1050 log_print("message_validate_sa: situation not supported"); 1051 message_drop(msg, ISAKMP_NOTIFY_SITUATION_NOT_SUPPORTED, 1052 0, 1, 1); 1053 return -1; 1054 } 1055 /* 1056 * Reset the fields we base our proposal & transform number checks 1057 * on. 1058 */ 1059 last_sa = last_prop = 0; 1060 last_prop_no = last_xf_no = 0; 1061 1062 /* Go through the PROPOSAL payloads. */ 1063 ZERO(&payload_set); 1064 SET(ISAKMP_PAYLOAD_PROPOSAL, &payload_set); 1065 if (message_parse_payloads(msg, p, ISAKMP_PAYLOAD_PROPOSAL, 1066 p->p + ISAKMP_SA_SIT_OFF + len, &payload_set, 1067 message_parse_proposal) == -1) 1068 return -1; 1069 1070 return 0; 1071 } 1072 1073 /* Validate the signature payload P in message MSG. */ 1074 static int 1075 message_validate_sig(struct message *msg, struct payload *p) 1076 { 1077 if (!msg->exchange) { 1078 /* We should have an exchange at this point. */ 1079 log_print("message_validate_sig: payload out of sequence"); 1080 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 1081 return -1; 1082 } 1083 /* XXX Not implemented yet. */ 1084 return 0; 1085 } 1086 1087 /* Validate the transform payload P in message MSG. */ 1088 static int 1089 message_validate_transform(struct message *msg, struct payload *p) 1090 { 1091 u_int8_t proto = GET_ISAKMP_PROP_PROTO(p->context->p); 1092 u_int8_t *prop = p->context->p; 1093 1094 if (!msg->exchange) { 1095 /* We should have an exchange at this point. */ 1096 log_print("message_validate_transform: " 1097 "payload out of sequence"); 1098 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 1099 return -1; 1100 } 1101 if (msg->exchange->doi 1102 ->validate_transform_id(proto, GET_ISAKMP_TRANSFORM_ID(p->p))) { 1103 message_drop(msg, ISAKMP_NOTIFY_INVALID_TRANSFORM_ID, 0, 1, 1); 1104 return -1; 1105 } 1106 /* Check that the reserved field is zero. */ 1107 if (!zero_test(p->p + ISAKMP_TRANSFORM_RESERVED_OFF, 1108 ISAKMP_TRANSFORM_RESERVED_LEN)) { 1109 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 1110 return -1; 1111 } 1112 /* 1113 * Check that we get monotonically increasing transform numbers per 1114 * proposal. 1115 */ 1116 if (prop != last_prop) 1117 last_prop = prop; 1118 else if (GET_ISAKMP_TRANSFORM_NO(p->p) <= last_xf_no) { 1119 message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX, 0, 1, 1); 1120 return -1; 1121 } 1122 last_xf_no = GET_ISAKMP_TRANSFORM_NO(p->p); 1123 1124 /* Validate the attributes. */ 1125 if (attribute_map(p->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF, 1126 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_TRANSFORM_SA_ATTRS_OFF, 1127 msg->exchange->doi->validate_attribute, msg)) { 1128 message_drop(msg, ISAKMP_NOTIFY_ATTRIBUTES_NOT_SUPPORTED, 1129 0, 1, 1); 1130 return -1; 1131 } 1132 return 0; 1133 } 1134 1135 /* Validate the vendor payload P in message MSG. */ 1136 static int 1137 message_validate_vendor(struct message *msg, struct payload *p) 1138 { 1139 if (!msg->exchange) { 1140 /* We should have an exchange at this point. */ 1141 log_print("message_validate_vendor: payload out of sequence"); 1142 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 1143 return -1; 1144 } 1145 /* Vendor IDs are only allowed in phase 1. */ 1146 if (msg->exchange->phase != 1) { 1147 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1); 1148 return -1; 1149 } 1150 check_vendor_openbsd(msg, p); 1151 dpd_check_vendor_payload(msg, p); 1152 nat_t_check_vendor_payload(msg, p); 1153 if (!(p->flags & PL_MARK)) 1154 LOG_DBG((LOG_MESSAGE, 40, "message_validate_vendor: " 1155 "vendor ID seen")); 1156 return 0; 1157 } 1158 1159 /* 1160 * Add an index-record pointing to the payload at BUF in message MSG 1161 * to the PAYLOAD bucket of payloads. This allows us to quickly reference 1162 * payloads by type. Also stash the parent payload P link into the new 1163 * node so we can go from transforms -> payloads -> SAs. 1164 */ 1165 static int 1166 message_index_payload(struct message *msg, struct payload *p, u_int8_t payload, 1167 u_int8_t *buf) 1168 { 1169 struct payload *payload_node; 1170 1171 /* Put the payload pointer into the right bucket. */ 1172 payload_node = malloc(sizeof *payload_node); 1173 if (!payload_node) { 1174 message_free(msg); 1175 return -1; 1176 } 1177 payload_node->p = buf; 1178 payload_node->context = p; 1179 payload_node->flags = 0; 1180 TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link); 1181 return 0; 1182 } 1183 1184 /* 1185 * Group each payload found in MSG by type for easy reference later. 1186 * While doing this, validate the generic parts of the message structure too. 1187 * NEXT is the 1st payload's type. This routine will also register the 1188 * computed message length (i.e. without padding) in msg->iov[0].iov_len. 1189 */ 1190 static int 1191 message_sort_payloads(struct message *msg, u_int8_t next) 1192 { 1193 set payload_set; 1194 int i, sz; 1195 1196 ZERO(&payload_set); 1197 for (i = ISAKMP_PAYLOAD_SA; i < ISAKMP_PAYLOAD_MAX; i++) 1198 if (i != ISAKMP_PAYLOAD_PROPOSAL && i != 1199 ISAKMP_PAYLOAD_TRANSFORM) 1200 SET(i, &payload_set); 1201 sz = message_parse_payloads(msg, 0, next, 1202 (u_int8_t *)msg->iov[0].iov_base + ISAKMP_HDR_SZ, &payload_set, 1203 message_index_payload); 1204 if (sz == -1) 1205 return -1; 1206 msg->iov[0].iov_len = ISAKMP_HDR_SZ + sz; 1207 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz); 1208 return 0; 1209 } 1210 1211 /* Run all the generic payload tests that the drafts specify. */ 1212 static int 1213 message_validate_payloads(struct message *msg) 1214 { 1215 int i; 1216 struct payload *p; 1217 struct field *f; 1218 1219 for (i = ISAKMP_PAYLOAD_SA; i < ISAKMP_PAYLOAD_MAX; i++) 1220 TAILQ_FOREACH(p, &msg->payload[i], link) { 1221 LOG_DBG((LOG_MESSAGE, 60, "message_validate_payloads: " 1222 "payload %s at %p of message %p", 1223 constant_name(isakmp_payload_cst, i), p->p, msg)); 1224 if ((f = message_get_field(i)) != NULL) 1225 field_dump_payload(f, p->p); 1226 if (message_validate_payload(msg, p, i)) 1227 return -1; 1228 } 1229 return 0; 1230 } 1231 1232 /* 1233 * All incoming messages go through here. We do generic validity checks 1234 * and try to find or establish SAs. Last but not least we try to find 1235 * the exchange this message, MSG, is part of, and feed it there. 1236 */ 1237 int 1238 message_recv(struct message *msg) 1239 { 1240 u_int8_t *buf = msg->iov[0].iov_base; 1241 size_t sz = msg->iov[0].iov_len; 1242 u_int8_t exch_type; 1243 int setup_isakmp_sa, msgid_is_zero; 1244 u_int8_t flags; 1245 struct keystate *ks = 0; 1246 struct proto tmp_proto; 1247 struct sa tmp_sa; 1248 struct transport *t; 1249 1250 /* Messages shorter than an ISAKMP header are bad. */ 1251 if (sz < ISAKMP_HDR_SZ || sz != GET_ISAKMP_HDR_LENGTH(buf)) { 1252 log_print("message_recv: bad message length"); 1253 message_drop(msg, 0, 0, 1, 1); 1254 return -1; 1255 } 1256 /* Possibly dump a raw hex image of the message to the log channel. */ 1257 message_dump_raw("message_recv", msg, LOG_MESSAGE); 1258 1259 /* 1260 * If the responder cookie is zero, this is a request to setup an 1261 * ISAKMP SA. Otherwise the cookies should refer to an existing 1262 * ISAKMP SA. 1263 * 1264 * XXX This is getting ugly, please reread later to see if it can be 1265 * made nicer. 1266 */ 1267 setup_isakmp_sa = zero_test(buf + ISAKMP_HDR_RCOOKIE_OFF, 1268 ISAKMP_HDR_RCOOKIE_LEN); 1269 if (setup_isakmp_sa) { 1270 /* 1271 * This might be a retransmission of a former ISAKMP SA setup 1272 * message. If so, just drop it. 1273 * XXX Must we really look in both the SA and exchange pools? 1274 */ 1275 if (exchange_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF) || 1276 sa_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF)) { 1277 /* 1278 * XXX Later we should differentiate between 1279 * retransmissions and potential replay attacks. 1280 */ 1281 LOG_DBG((LOG_MESSAGE, 90, 1282 "message_recv: dropping setup for existing SA")); 1283 message_free(msg); 1284 return -1; 1285 } 1286 } else { 1287 msg->isakmp_sa = sa_lookup_by_header(buf, 0); 1288 if (msg->isakmp_sa) 1289 sa_reference(msg->isakmp_sa); 1290 1291 /* 1292 * If we cannot find an ISAKMP SA out of the cookies, this is 1293 * either a responder's first reply, and we need to upgrade 1294 * our exchange, or it's just plain invalid cookies. 1295 */ 1296 if (!msg->isakmp_sa) { 1297 msg->exchange = exchange_lookup_from_icookie(buf + 1298 ISAKMP_HDR_ICOOKIE_OFF); 1299 if (msg->exchange && msg->exchange->phase == 1 && 1300 zero_test(msg->exchange->cookies + 1301 ISAKMP_HDR_RCOOKIE_OFF, ISAKMP_HDR_RCOOKIE_LEN)) 1302 exchange_upgrade_p1(msg); 1303 else { 1304 log_print("message_recv: invalid cookie(s) " 1305 "%08x%08x %08x%08x", 1306 decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF), 1307 decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF + 4), 1308 decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF), 1309 decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF + 4)); 1310 tmp_proto.sa = &tmp_sa; 1311 tmp_sa.doi = doi_lookup(ISAKMP_DOI_ISAKMP); 1312 tmp_proto.proto = ISAKMP_PROTO_ISAKMP; 1313 tmp_proto.spi_sz[1] = ISAKMP_HDR_COOKIES_LEN; 1314 tmp_proto.spi[1] = 1315 buf + ISAKMP_HDR_COOKIES_OFF; 1316 message_drop(msg, ISAKMP_NOTIFY_INVALID_COOKIE, 1317 &tmp_proto, 1, 1); 1318 return -1; 1319 } 1320 #if 0 1321 msg->isakmp_sa = sa_lookup_from_icookie(buf + 1322 ISAKMP_HDR_ICOOKIE_OFF); 1323 if (msg->isakmp_sa) 1324 sa_isakmp_upgrade(msg); 1325 #endif 1326 } 1327 msg->exchange = exchange_lookup(buf, 1); 1328 } 1329 1330 if (message_check_duplicate(msg)) 1331 return -1; 1332 1333 if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf) >= ISAKMP_PAYLOAD_RESERVED_MIN) { 1334 log_print("message_recv: invalid payload type %d in ISAKMP " 1335 "header (check passphrases, if applicable and in Phase 1)", 1336 GET_ISAKMP_HDR_NEXT_PAYLOAD(buf)); 1337 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1); 1338 return -1; 1339 } 1340 /* Validate that the message is of version 1.0. */ 1341 if (ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf)) != 1) { 1342 log_print("message_recv: invalid version major %d", 1343 ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf))); 1344 message_drop(msg, ISAKMP_NOTIFY_INVALID_MAJOR_VERSION, 0, 1, 1345 1); 1346 return -1; 1347 } 1348 if (ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf)) != 0) { 1349 log_print("message_recv: invalid version minor %d", 1350 ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf))); 1351 message_drop(msg, ISAKMP_NOTIFY_INVALID_MINOR_VERSION, 0, 1, 1352 1); 1353 return -1; 1354 } 1355 /* 1356 * Validate the exchange type. If it's a DOI-specified exchange wait 1357 * until after all payloads have been seen for the validation as the 1358 * SA payload might not yet have been parsed, thus the DOI might be 1359 * unknown. 1360 */ 1361 exch_type = GET_ISAKMP_HDR_EXCH_TYPE(buf); 1362 if (exch_type == ISAKMP_EXCH_NONE || 1363 (exch_type >= ISAKMP_EXCH_FUTURE_MIN && 1364 exch_type <= ISAKMP_EXCH_FUTURE_MAX) || 1365 (setup_isakmp_sa && exch_type >= ISAKMP_EXCH_DOI_MIN)) { 1366 log_print("message_recv: invalid exchange type %s", 1367 constant_name(isakmp_exch_cst, exch_type)); 1368 message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE, 0, 1, 1369 1); 1370 return -1; 1371 } 1372 /* 1373 * Check for unrecognized flags, or the encryption flag when we don't 1374 * have an ISAKMP SA to decrypt with. 1375 */ 1376 flags = GET_ISAKMP_HDR_FLAGS(buf); 1377 if (flags & ~(ISAKMP_FLAGS_ENC | ISAKMP_FLAGS_COMMIT | 1378 ISAKMP_FLAGS_AUTH_ONLY)) { 1379 log_print("message_recv: invalid flags 0x%x", 1380 GET_ISAKMP_HDR_FLAGS(buf)); 1381 message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS, 0, 1, 1); 1382 return -1; 1383 } 1384 /* 1385 * If we are about to setup an ISAKMP SA, the message ID must be 1386 * zero. 1387 */ 1388 msgid_is_zero = zero_test(buf + ISAKMP_HDR_MESSAGE_ID_OFF, 1389 ISAKMP_HDR_MESSAGE_ID_LEN); 1390 if (setup_isakmp_sa && !msgid_is_zero) { 1391 log_print("message_recv: invalid message id"); 1392 message_drop(msg, ISAKMP_NOTIFY_INVALID_MESSAGE_ID, 0, 1, 1); 1393 return -1; 1394 } 1395 if (!setup_isakmp_sa && msgid_is_zero) { 1396 /* 1397 * XXX Very likely redundant, look at the else clause of the 1398 * if (setup_isakmp_sa) statement above. 1399 */ 1400 msg->exchange = exchange_lookup(buf, 0); 1401 if (!msg->exchange) { 1402 log_print("message_recv: phase 1 message after " 1403 "ISAKMP SA is ready"); 1404 message_free(msg); 1405 return -1; 1406 } else if (msg->exchange->last_sent) { 1407 LOG_DBG((LOG_MESSAGE, 80, "message_recv: resending " 1408 "last message from phase 1")); 1409 message_send(msg->exchange->last_sent); 1410 } 1411 } 1412 if (flags & ISAKMP_FLAGS_ENC) { 1413 if (!msg->isakmp_sa) { 1414 LOG_DBG((LOG_MISC, 10, "message_recv: no isakmp_sa " 1415 "for encrypted message")); 1416 message_free(msg); 1417 return -1; 1418 } 1419 /* Decrypt rest of message using a DOI-specified IV. */ 1420 ks = msg->isakmp_sa->doi->get_keystate(msg); 1421 if (!ks) { 1422 message_free(msg); 1423 return -1; 1424 } 1425 msg->orig = malloc(sz); 1426 if (!msg->orig) { 1427 message_free(msg); 1428 free(ks); 1429 return -1; 1430 } 1431 memcpy(msg->orig, buf, sz); 1432 crypto_decrypt(ks, buf + ISAKMP_HDR_SZ, sz - ISAKMP_HDR_SZ); 1433 } else 1434 msg->orig = buf; 1435 msg->orig_sz = sz; 1436 1437 /* IKE packet capture */ 1438 message_packet_log(msg); 1439 1440 /* 1441 * Check the overall payload structure at the same time as indexing 1442 * them by type. 1443 */ 1444 if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf) != ISAKMP_PAYLOAD_NONE && 1445 message_sort_payloads(msg, GET_ISAKMP_HDR_NEXT_PAYLOAD(buf))) { 1446 free(ks); 1447 return -1; 1448 } 1449 /* 1450 * Run generic payload tests now. If anything fails these checks, the 1451 * message needs either to be retained for later duplicate checks or 1452 * freed entirely. 1453 * XXX Should SAs and even transports be cleaned up then too? 1454 */ 1455 if (message_validate_payloads(msg)) { 1456 free(ks); 1457 return -1; 1458 } 1459 /* 1460 * If we have not found an exchange by now something is definitely 1461 * wrong. 1462 */ 1463 if (!msg->exchange) { 1464 log_print("message_recv: no exchange"); 1465 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1); 1466 free(ks); 1467 return -1; 1468 } 1469 /* 1470 * NAT-T may have switched ports for us. We need to replace the 1471 * old ISAKMP SA transport here with one that contains the proper 1472 * (i.e translated) ports. 1473 */ 1474 if (msg->isakmp_sa && msg->exchange->phase == 1) { 1475 t = msg->isakmp_sa->transport; 1476 msg->isakmp_sa->transport = msg->transport; 1477 transport_reference(msg->transport); 1478 transport_release(t); 1479 } 1480 1481 /* 1482 * Now we can validate DOI-specific exchange types. If we have no SA 1483 * DOI-specific exchange types are definitely wrong. 1484 */ 1485 if (exch_type >= ISAKMP_EXCH_DOI_MIN && 1486 msg->exchange->doi->validate_exchange(exch_type)) { 1487 log_print("message_recv: invalid DOI exchange type %d", 1488 exch_type); 1489 message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE, 0, 1, 1490 1); 1491 free(ks); 1492 return -1; 1493 } 1494 /* Make sure the IV we used gets saved in the proper SA. */ 1495 if (ks) { 1496 if (!msg->exchange->keystate) { 1497 msg->exchange->keystate = ks; 1498 msg->exchange->crypto = ks->xf; 1499 } else 1500 free(ks); 1501 } 1502 /* Handle the flags. */ 1503 if (flags & ISAKMP_FLAGS_ENC) 1504 msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT; 1505 if ((msg->exchange->flags & EXCHANGE_FLAG_COMMITTED) == 0 && 1506 (flags & ISAKMP_FLAGS_COMMIT)) 1507 msg->exchange->flags |= EXCHANGE_FLAG_HE_COMMITTED; 1508 1509 /* 1510 * Except for the 3rd Aggressive Mode message, require encryption 1511 * as soon as we have the keystate for it. 1512 */ 1513 if ((flags & ISAKMP_FLAGS_ENC) == 0 && 1514 (msg->exchange->phase == 2 || 1515 (msg->exchange->keystate && 1516 msg->exchange->type != ISAKMP_EXCH_AGGRESSIVE))) { 1517 log_print("message_recv: cleartext phase %d message", 1518 msg->exchange->phase); 1519 message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS, 0, 1, 1); 1520 return -1; 1521 } 1522 1523 /* OK let the exchange logic do the rest. */ 1524 exchange_run(msg); 1525 1526 return 0; 1527 } 1528 1529 void 1530 message_send_expire(struct message *msg) 1531 { 1532 msg->retrans = 0; 1533 1534 message_send(msg); 1535 } 1536 1537 /* Queue up message MSG for transmittal. */ 1538 void 1539 message_send(struct message *msg) 1540 { 1541 struct exchange *exchange = msg->exchange; 1542 struct message *m; 1543 struct msg_head *q; 1544 1545 /* Remove retransmissions on this message */ 1546 if (msg->retrans) { 1547 timer_remove_event(msg->retrans); 1548 msg->retrans = 0; 1549 } 1550 /* IKE packet capture */ 1551 message_packet_log(msg); 1552 1553 /* 1554 * If the ISAKMP SA has set up encryption, encrypt the message. 1555 * However, in a retransmit, it is already encrypted. 1556 */ 1557 if ((msg->flags & MSG_ENCRYPTED) == 0 && 1558 exchange->flags & EXCHANGE_FLAG_ENCRYPT) { 1559 if (!exchange->keystate) { 1560 exchange->keystate = exchange->doi->get_keystate(msg); 1561 if (!exchange->keystate) 1562 return; 1563 exchange->crypto = exchange->keystate->xf; 1564 exchange->flags |= EXCHANGE_FLAG_ENCRYPT; 1565 } 1566 if (message_encrypt(msg)) { 1567 /* XXX Log. */ 1568 return; 1569 } 1570 } 1571 /* Keep the COMMIT bit on. */ 1572 if (exchange->flags & EXCHANGE_FLAG_COMMITTED) 1573 SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base, 1574 GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base) 1575 | ISAKMP_FLAGS_COMMIT); 1576 1577 message_dump_raw("message_send", msg, LOG_MESSAGE); 1578 msg->flags |= MSG_IN_TRANSIT; 1579 exchange->in_transit = msg; 1580 1581 /* 1582 * If we get a retransmission of a message before our response 1583 * has left the queue, don't queue it again, as it will result 1584 * in a circular list. 1585 */ 1586 q = msg->transport->vtbl->get_queue(msg); 1587 for (m = TAILQ_FIRST(q); m; m = TAILQ_NEXT(m, link)) 1588 if (m == msg) { 1589 LOG_DBG((LOG_MESSAGE, 60, 1590 "message_send: msg %p already on sendq %p", m, q)); 1591 return; 1592 } 1593 TAILQ_INSERT_TAIL(q, msg, link); 1594 } 1595 1596 /* 1597 * Setup the ISAKMP message header for message MSG. EXCHANGE is the exchange 1598 * type, FLAGS are the ISAKMP header flags and MSG_ID is message ID 1599 * identifying the exchange. 1600 */ 1601 void 1602 message_setup_header(struct message *msg, u_int8_t exchange, u_int8_t flags, 1603 u_int8_t *msg_id) 1604 { 1605 u_int8_t *buf = msg->iov[0].iov_base; 1606 1607 SET_ISAKMP_HDR_ICOOKIE(buf, msg->exchange->cookies); 1608 SET_ISAKMP_HDR_RCOOKIE(buf, msg->exchange->cookies + 1609 ISAKMP_HDR_ICOOKIE_LEN); 1610 SET_ISAKMP_HDR_NEXT_PAYLOAD(buf, ISAKMP_PAYLOAD_NONE); 1611 SET_ISAKMP_HDR_VERSION(buf, ISAKMP_VERSION_MAKE(1, 0)); 1612 SET_ISAKMP_HDR_EXCH_TYPE(buf, exchange); 1613 SET_ISAKMP_HDR_FLAGS(buf, flags); 1614 SET_ISAKMP_HDR_MESSAGE_ID(buf, msg_id); 1615 SET_ISAKMP_HDR_LENGTH(buf, msg->iov[0].iov_len); 1616 } 1617 1618 /* 1619 * Add the payload of type PAYLOAD in BUF sized SZ to the MSG message. 1620 * The caller thereby is released from the responsibility of freeing BUF, 1621 * unless we return a failure of course. If LINK is set the former 1622 * payload's "next payload" field to PAYLOAD. 1623 * 1624 * XXX We might want to resize the iov array several slots at a time. 1625 */ 1626 int 1627 message_add_payload(struct message *msg, u_int8_t payload, u_int8_t *buf, 1628 size_t sz, int link) 1629 { 1630 struct iovec *new_iov; 1631 struct payload *payload_node; 1632 1633 payload_node = calloc(1, sizeof *payload_node); 1634 if (!payload_node) { 1635 log_error("message_add_payload: calloc (1, %lu) failed", 1636 (unsigned long)sizeof *payload_node); 1637 return -1; 1638 } 1639 new_iov = reallocarray(msg->iov, msg->iovlen + 1, 1640 sizeof *msg->iov); 1641 if (!new_iov) { 1642 log_error("message_add_payload: realloc (%p, %lu) failed", 1643 msg->iov, (msg->iovlen + 1) * 1644 (unsigned long)sizeof *msg->iov); 1645 free(payload_node); 1646 return -1; 1647 } 1648 msg->iov = new_iov; 1649 new_iov[msg->iovlen].iov_base = buf; 1650 new_iov[msg->iovlen].iov_len = sz; 1651 msg->iovlen++; 1652 if (link) 1653 *msg->nextp = payload; 1654 msg->nextp = buf + ISAKMP_GEN_NEXT_PAYLOAD_OFF; 1655 *msg->nextp = ISAKMP_PAYLOAD_NONE; 1656 SET_ISAKMP_GEN_RESERVED(buf, 0); 1657 SET_ISAKMP_GEN_LENGTH(buf, sz); 1658 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, 1659 GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base) + sz); 1660 1661 /* 1662 * For the sake of exchange_validate we index the payloads even in 1663 * outgoing messages, however context and flags are uninteresting in 1664 * this situation. 1665 */ 1666 payload_node->p = buf; 1667 TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link); 1668 return 0; 1669 } 1670 1671 /* XXX Move up when ready. */ 1672 struct info_args { 1673 char discr; 1674 u_int32_t doi; 1675 u_int8_t proto; 1676 u_int16_t spi_sz; 1677 union { 1678 struct { 1679 u_int16_t msg_type; 1680 u_int8_t *spi; 1681 } n; 1682 struct { 1683 u_int16_t nspis; 1684 u_int8_t *spis; 1685 } d; 1686 struct { 1687 u_int16_t msg_type; 1688 u_int8_t *spi; 1689 u_int32_t seq; 1690 } dpd; 1691 } u; 1692 }; 1693 1694 /* 1695 * As a reaction to the incoming message MSG create an informational exchange 1696 * protected by ISAKMP_SA and send a notify payload of type NOTIFY, with 1697 * fields initialized from SA. INCOMING is true if the SPI field should be 1698 * filled with the incoming SPI and false if it is to be filled with the 1699 * outgoing one. 1700 * 1701 * XXX Should we handle sending multiple notify payloads? The draft allows 1702 * it, but do we need it? Furthermore, should we not return a success 1703 * status value? 1704 */ 1705 void 1706 message_send_notification(struct message *msg, struct sa *isakmp_sa, 1707 u_int16_t notify, struct proto *proto, int incoming) 1708 { 1709 struct info_args args; 1710 struct sa *doi_sa = proto ? proto->sa : isakmp_sa; 1711 1712 args.discr = 'N'; 1713 args.doi = doi_sa ? doi_sa->doi->id : ISAKMP_DOI_ISAKMP; 1714 args.proto = proto ? proto->proto : ISAKMP_PROTO_ISAKMP; 1715 args.spi_sz = proto ? proto->spi_sz[incoming] : 0; 1716 args.u.n.msg_type = notify; 1717 args.u.n.spi = proto ? proto->spi[incoming] : 0; 1718 if (isakmp_sa && (isakmp_sa->flags & SA_FLAG_READY)) 1719 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args, 1720 0, 0); 1721 else 1722 exchange_establish_p1(msg->transport, ISAKMP_EXCH_INFO, 1723 msg->exchange ? msg->exchange->doi->id : ISAKMP_DOI_ISAKMP, 1724 0, &args, 0, 0, 0); 1725 } 1726 1727 /* Send a DELETE inside an informational exchange for each protocol in SA. */ 1728 void 1729 message_send_delete(struct sa *sa) 1730 { 1731 struct info_args args; 1732 struct proto *proto; 1733 struct sa *isakmp_sa; 1734 struct sockaddr *dst; 1735 1736 if (!sa->transport) 1737 return; 1738 1739 sa->transport->vtbl->get_dst(sa->transport, &dst); 1740 isakmp_sa = sa_isakmp_lookup_by_peer(dst, SA_LEN(dst)); 1741 if (!isakmp_sa) { 1742 /* 1743 * XXX We ought to setup an ISAKMP SA with our peer here and 1744 * send the DELETE over that one. 1745 */ 1746 return; 1747 } 1748 args.discr = 'D'; 1749 args.doi = sa->doi->id; 1750 args.u.d.nspis = 1; 1751 for (proto = TAILQ_FIRST(&sa->protos); proto; 1752 proto = TAILQ_NEXT(proto, link)) { 1753 switch (proto->proto) { 1754 case ISAKMP_PROTO_ISAKMP: 1755 args.spi_sz = ISAKMP_HDR_COOKIES_LEN; 1756 args.u.d.spis = sa->cookies; 1757 break; 1758 1759 case IPSEC_PROTO_IPSEC_AH: 1760 case IPSEC_PROTO_IPSEC_ESP: 1761 case IPSEC_PROTO_IPCOMP: 1762 args.spi_sz = proto->spi_sz[1]; 1763 args.u.d.spis = proto->spi[1]; 1764 break; 1765 default: 1766 log_print("message_send_delete: cannot delete unknown " 1767 "protocol %d", proto->proto); 1768 continue; 1769 } 1770 1771 args.proto = proto->proto; 1772 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args, 1773 0, 0); 1774 } 1775 } 1776 1777 void 1778 message_send_dpd_notify(struct sa* isakmp_sa, u_int16_t notify, u_int32_t seq) 1779 { 1780 struct info_args args; 1781 1782 args.discr = 'P'; 1783 args.doi = IPSEC_DOI_IPSEC; 1784 args.proto = ISAKMP_PROTO_ISAKMP; 1785 args.spi_sz = ISAKMP_HDR_COOKIES_LEN; 1786 args.u.dpd.msg_type = notify; 1787 args.u.dpd.spi = isakmp_sa->cookies; 1788 args.u.dpd.seq = htonl(seq); 1789 1790 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args, 0, 0); 1791 } 1792 1793 /* Build the informational message into MSG. */ 1794 int 1795 message_send_info(struct message *msg) 1796 { 1797 u_int8_t *buf; 1798 size_t sz = 0; 1799 struct info_args *args = msg->extra; 1800 u_int8_t payload; 1801 1802 /* Let the DOI get the first hand on the message. */ 1803 if (msg->exchange->doi->informational_pre_hook) 1804 if (msg->exchange->doi->informational_pre_hook(msg)) 1805 return -1; 1806 1807 switch (args->discr) { 1808 case 'P': 1809 sz = sizeof args->u.dpd.seq; 1810 /* FALLTHROUGH */ 1811 case 'N': 1812 sz += ISAKMP_NOTIFY_SPI_OFF + args->spi_sz; 1813 break; 1814 case 'D': 1815 default: /* Silence gcc */ 1816 sz = ISAKMP_DELETE_SPI_OFF + args->u.d.nspis * args->spi_sz; 1817 break; 1818 } 1819 1820 buf = calloc(1, sz); 1821 if (!buf) { 1822 log_error("message_send_info: calloc (1, %lu) failed", 1823 (unsigned long)sz); 1824 message_free(msg); 1825 return -1; 1826 } 1827 switch (args->discr) { 1828 case 'P': 1829 memcpy(buf + ISAKMP_NOTIFY_SPI_OFF + args->spi_sz, 1830 &args->u.dpd.seq, sizeof args->u.dpd.seq); 1831 /* FALLTHROUGH */ 1832 case 'N': 1833 /* Build the NOTIFY payload. */ 1834 payload = ISAKMP_PAYLOAD_NOTIFY; 1835 SET_ISAKMP_NOTIFY_DOI(buf, args->doi); 1836 SET_ISAKMP_NOTIFY_PROTO(buf, args->proto); 1837 SET_ISAKMP_NOTIFY_SPI_SZ(buf, args->spi_sz); 1838 SET_ISAKMP_NOTIFY_MSG_TYPE(buf, args->u.n.msg_type); 1839 memcpy(buf + ISAKMP_NOTIFY_SPI_OFF, args->u.n.spi, 1840 args->spi_sz); 1841 break; 1842 1843 case 'D': 1844 default: /* Silence GCC. */ 1845 /* Build the DELETE payload. */ 1846 payload = ISAKMP_PAYLOAD_DELETE; 1847 SET_ISAKMP_DELETE_DOI(buf, args->doi); 1848 SET_ISAKMP_DELETE_PROTO(buf, args->proto); 1849 SET_ISAKMP_DELETE_SPI_SZ(buf, args->spi_sz); 1850 SET_ISAKMP_DELETE_NSPIS(buf, args->u.d.nspis); 1851 memcpy(buf + ISAKMP_DELETE_SPI_OFF, args->u.d.spis, 1852 args->u.d.nspis * args->spi_sz); 1853 msg->flags |= MSG_PRIORITIZED; 1854 break; 1855 } 1856 1857 if (message_add_payload(msg, payload, buf, sz, 1)) { 1858 free(buf); 1859 message_free(msg); 1860 return -1; 1861 } 1862 /* Let the DOI get the last hand on the message. */ 1863 if (msg->exchange->doi->informational_post_hook) 1864 if (msg->exchange->doi->informational_post_hook(msg)) { 1865 message_free(msg); 1866 return -1; 1867 } 1868 return 0; 1869 } 1870 1871 /* 1872 * Drop the MSG message due to reason given in NOTIFY. If NOTIFY is set 1873 * send out a notification to the originator. Fill this notification with 1874 * values from PROTO. INCOMING decides which SPI to include. If CLEAN is 1875 * set, free the message when ready with it. 1876 */ 1877 void 1878 message_drop(struct message *msg, int notify, struct proto *proto, 1879 int incoming, int clean) 1880 { 1881 struct transport *t = msg->transport; 1882 struct sockaddr *dst; 1883 char *address; 1884 short port = 0; 1885 1886 t->vtbl->get_dst(t, &dst); 1887 if (sockaddr2text(dst, &address, 0)) { 1888 log_error("message_drop: sockaddr2text () failed"); 1889 address = 0; 1890 } 1891 switch (dst->sa_family) { 1892 case AF_INET: 1893 port = ((struct sockaddr_in *)dst)->sin_port; 1894 break; 1895 case AF_INET6: 1896 port = ((struct sockaddr_in6 *)dst)->sin6_port; 1897 break; 1898 default: 1899 log_print("message_drop: unknown protocol family %d", 1900 dst->sa_family); 1901 } 1902 1903 log_print("dropped message from %s port %d due to notification type " 1904 "%s", address ? address : "<unknown>", htons(port), 1905 constant_name(isakmp_notify_cst, notify)); 1906 1907 free(address); 1908 1909 /* If specified, return a notification. */ 1910 if (notify) 1911 message_send_notification(msg, msg->isakmp_sa, notify, proto, 1912 incoming); 1913 if (clean) 1914 message_free(msg); 1915 } 1916 1917 /* 1918 * If the user demands debug printouts, printout MSG with as much detail 1919 * as we can without resorting to per-payload handling. 1920 */ 1921 void 1922 message_dump_raw(char *header, struct message *msg, int class) 1923 { 1924 u_int32_t i, j, k = 0; 1925 char buf[80], *p = buf; 1926 1927 LOG_DBG((class, 70, "%s: message %p", header, msg)); 1928 field_dump_payload(isakmp_hdr_fld, msg->iov[0].iov_base); 1929 for (i = 0; i < msg->iovlen; i++) 1930 for (j = 0; j < msg->iov[i].iov_len; j++) { 1931 snprintf(p, sizeof buf - (int) (p - buf), "%02x", 1932 ((u_int8_t *) msg->iov[i].iov_base)[j]); 1933 p += strlen(p); 1934 if (++k % 32 == 0) { 1935 *p = '\0'; 1936 LOG_DBG((class, 70, "%s: %s", header, buf)); 1937 p = buf; 1938 } else if (k % 4 == 0) 1939 *p++ = ' '; 1940 } 1941 *p = '\0'; 1942 if (p != buf) 1943 LOG_DBG((class, 70, "%s: %s", header, buf)); 1944 } 1945 1946 static void 1947 message_packet_log(struct message *msg) 1948 { 1949 struct sockaddr *src, *dst; 1950 struct transport *t = msg->transport; 1951 1952 /* Don't log retransmissions. Redundant for incoming packets... */ 1953 if (msg->xmits > 0) 1954 return; 1955 1956 if (msg->exchange && msg->exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE) 1957 t = ((struct virtual_transport *)msg->transport)->encap; 1958 1959 /* Figure out direction. */ 1960 if (msg->exchange && 1961 msg->exchange->initiator ^ (msg->exchange->step % 2)) { 1962 t->vtbl->get_src(t, &src); 1963 t->vtbl->get_dst(t, &dst); 1964 } else { 1965 t->vtbl->get_src(t, &dst); 1966 t->vtbl->get_dst(t, &src); 1967 } 1968 1969 log_packet_iov(src, dst, msg->iov, msg->iovlen); 1970 } 1971 1972 /* 1973 * Encrypt an outgoing message MSG. As outgoing messages are represented 1974 * with an iovec with one segment per payload, we need to coalesce them 1975 * into just une buffer containing all payloads and some padding before 1976 * we encrypt. 1977 */ 1978 static int 1979 message_encrypt(struct message *msg) 1980 { 1981 struct exchange *exchange = msg->exchange; 1982 size_t i, sz = 0; 1983 u_int8_t *buf; 1984 1985 /* If no payloads, nothing to do. */ 1986 if (msg->iovlen == 1) 1987 return 0; 1988 1989 /* 1990 * For encryption we need to put all payloads together in a single 1991 * buffer. This buffer should be padded to the current crypto 1992 * transform's blocksize. 1993 */ 1994 for (i = 1; i < msg->iovlen; i++) 1995 sz += msg->iov[i].iov_len; 1996 sz = ((sz + exchange->crypto->blocksize - 1) / 1997 exchange->crypto->blocksize) * exchange->crypto->blocksize; 1998 buf = realloc(msg->iov[1].iov_base, sz); 1999 if (!buf) { 2000 log_error("message_encrypt: realloc (%p, %lu) failed", 2001 msg->iov[1].iov_base, (unsigned long) sz); 2002 return -1; 2003 } 2004 msg->iov[1].iov_base = buf; 2005 for (i = 2; i < msg->iovlen; i++) { 2006 memcpy(buf + msg->iov[1].iov_len, msg->iov[i].iov_base, 2007 msg->iov[i].iov_len); 2008 msg->iov[1].iov_len += msg->iov[i].iov_len; 2009 free(msg->iov[i].iov_base); 2010 } 2011 2012 /* Pad with zeroes. */ 2013 memset(buf + msg->iov[1].iov_len, '\0', sz - msg->iov[1].iov_len); 2014 msg->iov[1].iov_len = sz; 2015 msg->iovlen = 2; 2016 2017 SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base, 2018 GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base) | ISAKMP_FLAGS_ENC); 2019 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz); 2020 crypto_encrypt(exchange->keystate, buf, msg->iov[1].iov_len); 2021 msg->flags |= MSG_ENCRYPTED; 2022 2023 /* Update the IV so we can decrypt the next incoming message. */ 2024 crypto_update_iv(exchange->keystate); 2025 2026 return 0; 2027 } 2028 2029 /* 2030 * Check whether the message MSG is a duplicate of the last one negotiating 2031 * this specific SA. 2032 */ 2033 static int 2034 message_check_duplicate(struct message *msg) 2035 { 2036 struct exchange *exchange = msg->exchange; 2037 size_t sz = msg->iov[0].iov_len; 2038 u_int8_t *pkt = msg->iov[0].iov_base; 2039 2040 /* If no SA has been found, we cannot test, thus it's good. */ 2041 if (!exchange) 2042 return 0; 2043 2044 LOG_DBG((LOG_MESSAGE, 90, "message_check_duplicate: last_received %p", 2045 exchange->last_received)); 2046 if (exchange->last_received) { 2047 LOG_DBG_BUF((LOG_MESSAGE, 95, 2048 "message_check_duplicate: last_received", 2049 exchange->last_received->orig, 2050 exchange->last_received->orig_sz)); 2051 /* Is it a duplicate, lose the new one. */ 2052 if (sz == exchange->last_received->orig_sz && 2053 memcmp(pkt, exchange->last_received->orig, sz) == 0) { 2054 LOG_DBG((LOG_MESSAGE, 80, 2055 "message_check_duplicate: dropping dup")); 2056 2057 /* 2058 * Retransmit if the previous sent message was the last 2059 * of an exchange, otherwise just wait for the 2060 * ordinary retransmission. 2061 */ 2062 if (exchange->last_sent && (exchange->last_sent->flags 2063 & MSG_LAST)) 2064 message_send(exchange->last_sent); 2065 message_free(msg); 2066 return -1; 2067 } 2068 } 2069 /* 2070 * As this new message is an indication that state is moving forward 2071 * at the peer, remove the retransmit timer on our last message. 2072 */ 2073 if (exchange->last_sent) { 2074 if (exchange->last_sent == exchange->in_transit) { 2075 struct message *m = exchange->in_transit; 2076 TAILQ_REMOVE(m->transport->vtbl->get_queue(m), m, 2077 link); 2078 exchange->in_transit = 0; 2079 } 2080 message_free(exchange->last_sent); 2081 exchange->last_sent = 0; 2082 } 2083 return 0; 2084 } 2085 2086 /* Helper to message_negotiate_sa. */ 2087 static __inline struct payload * 2088 step_transform(struct payload *tp, struct payload **propp, 2089 struct payload **sap) 2090 { 2091 tp = TAILQ_NEXT(tp, link); 2092 if (tp) { 2093 *propp = tp->context; 2094 *sap = (*propp)->context; 2095 } 2096 return tp; 2097 } 2098 2099 /* 2100 * Pick out the first transforms out of MSG (which should contain at least one 2101 * SA payload) we accept as a full protection suite. 2102 */ 2103 int 2104 message_negotiate_sa(struct message *msg, int (*validate)(struct exchange *, 2105 struct sa *, struct sa *)) 2106 { 2107 struct payload *tp, *propp, *sap, *next_tp = 0, *next_propp, *next_sap; 2108 struct payload *saved_tp = 0, *saved_propp = 0, *saved_sap = 0; 2109 struct sa *sa; 2110 struct proto *proto; 2111 int suite_ok_so_far = 0; 2112 struct exchange *exchange = msg->exchange; 2113 2114 /* 2115 * This algorithm is a weird bottom-up thing... mostly due to the 2116 * payload links pointing upwards. 2117 * 2118 * The algorithm goes something like this: 2119 * Foreach transform 2120 * If transform is compatible 2121 * Remember that this protocol can work 2122 * Skip to last transform of this protocol 2123 * If next transform belongs to a new protocol inside the same suite 2124 * If no transform was found for the current protocol 2125 * Forget all earlier transforms for protocols in this suite 2126 * Skip to last transform of this suite 2127 * If next transform belongs to a new suite 2128 * If the current protocol had an OK transform 2129 * Skip to the last transform of this SA 2130 * If the next transform belongs to a new SA 2131 * If no transforms have been chosen 2132 * Issue a NO_PROPOSAL_CHOSEN notification 2133 */ 2134 2135 sa = TAILQ_FIRST(&exchange->sa_list); 2136 for (tp = payload_first(msg, ISAKMP_PAYLOAD_TRANSFORM); tp; 2137 tp = next_tp) { 2138 propp = tp->context; 2139 sap = propp->context; 2140 sap->flags |= PL_MARK; 2141 next_tp = step_transform(tp, &next_propp, &next_sap); 2142 2143 /* For each transform, see if it is compatible. */ 2144 if (!attribute_map(tp->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF, 2145 GET_ISAKMP_GEN_LENGTH(tp->p) - 2146 ISAKMP_TRANSFORM_SA_ATTRS_OFF, 2147 exchange->doi->is_attribute_incompatible, msg)) { 2148 LOG_DBG((LOG_NEGOTIATION, 30, "message_negotiate_sa: " 2149 "transform %d proto %d proposal %d ok", 2150 GET_ISAKMP_TRANSFORM_NO(tp->p), 2151 GET_ISAKMP_PROP_PROTO(propp->p), 2152 GET_ISAKMP_PROP_NO(propp->p))); 2153 if (sa_add_transform(sa, tp, exchange->initiator, 2154 &proto)) 2155 goto cleanup; 2156 suite_ok_so_far = 1; 2157 2158 saved_tp = next_tp; 2159 saved_propp = next_propp; 2160 saved_sap = next_sap; 2161 /* Skip to last transform of this protocol proposal. */ 2162 while ((next_tp = step_transform(tp, &next_propp, 2163 &next_sap)) && next_propp == propp) 2164 tp = next_tp; 2165 } 2166 retry_transform: 2167 /* 2168 * Figure out if we will be looking at a new protocol proposal 2169 * inside the current protection suite. 2170 */ 2171 if (next_tp && propp != next_propp && sap == next_sap && 2172 (GET_ISAKMP_PROP_NO(propp->p) == 2173 GET_ISAKMP_PROP_NO(next_propp->p))) { 2174 if (!suite_ok_so_far) { 2175 LOG_DBG((LOG_NEGOTIATION, 30, 2176 "message_negotiate_sa: proto %d proposal " 2177 "%d failed", 2178 GET_ISAKMP_PROP_PROTO(propp->p), 2179 GET_ISAKMP_PROP_NO(propp->p))); 2180 /* 2181 * Remove potentially succeeded choices from 2182 * the SA. 2183 */ 2184 while ((proto = TAILQ_FIRST(&sa->protos))) 2185 proto_free(proto); 2186 2187 /* 2188 * Skip to the last transform of this 2189 * protection suite. 2190 */ 2191 while ((next_tp = step_transform(tp, 2192 &next_propp, &next_sap)) && 2193 (GET_ISAKMP_PROP_NO(next_propp->p) == 2194 GET_ISAKMP_PROP_NO(propp->p)) && 2195 next_sap == sap) 2196 tp = next_tp; 2197 } 2198 suite_ok_so_far = 0; 2199 } 2200 /* 2201 * Figure out if we will be looking at a new protection 2202 * suite. 2203 */ 2204 if (!next_tp || 2205 (propp != next_propp && (GET_ISAKMP_PROP_NO(propp->p) != 2206 GET_ISAKMP_PROP_NO(next_propp->p))) || 2207 sap != next_sap) { 2208 /* 2209 * Check if the suite we just considered was OK, if so 2210 * we check it against the accepted ones. 2211 */ 2212 if (suite_ok_so_far) { 2213 if (!validate || validate(exchange, sa, 2214 msg->isakmp_sa)) { 2215 LOG_DBG((LOG_NEGOTIATION, 30, 2216 "message_negotiate_sa: proposal " 2217 "%d succeeded", 2218 GET_ISAKMP_PROP_NO(propp->p))); 2219 2220 /* 2221 * Skip to the last transform of this 2222 * SA. 2223 */ 2224 while ((next_tp = step_transform(tp, 2225 &next_propp, &next_sap)) && 2226 next_sap == sap) 2227 tp = next_tp; 2228 } else { 2229 /* Backtrack. */ 2230 LOG_DBG((LOG_NEGOTIATION, 30, 2231 "message_negotiate_sa: proposal " 2232 "%d failed", 2233 GET_ISAKMP_PROP_NO(propp->p))); 2234 next_tp = saved_tp; 2235 next_propp = saved_propp; 2236 next_sap = saved_sap; 2237 suite_ok_so_far = 0; 2238 2239 /* 2240 * Remove potentially succeeded 2241 * choices from the SA. 2242 */ 2243 while ((proto = 2244 TAILQ_FIRST(&sa->protos))) 2245 proto_free(proto); 2246 goto retry_transform; 2247 } 2248 } 2249 } 2250 /* Have we walked all the proposals of an SA? */ 2251 if (!next_tp || sap != next_sap) { 2252 if (!suite_ok_so_far) { 2253 /* 2254 * XXX We cannot possibly call this a drop... 2255 * seeing we just turn down one of the offers, 2256 * can we? I suggest renaming message_drop to 2257 * something else. 2258 */ 2259 log_print("message_negotiate_sa: no " 2260 "compatible proposal found"); 2261 message_drop(msg, 2262 ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN, 0, 1, 0); 2263 } 2264 sa = TAILQ_NEXT(sa, next); 2265 } 2266 } 2267 return 0; 2268 2269 cleanup: 2270 /* 2271 * Remove potentially succeeded choices from the SA. 2272 */ 2273 while ((proto = TAILQ_FIRST(&sa->protos))) 2274 proto_free(proto); 2275 return -1; 2276 } 2277 2278 /* 2279 * Add SA, proposal and transform payload(s) to MSG out of information 2280 * found in the exchange MSG is part of.. 2281 */ 2282 int 2283 message_add_sa_payload(struct message *msg) 2284 { 2285 struct exchange *exchange = msg->exchange; 2286 u_int8_t *sa_buf, *saved_nextp_sa, *saved_nextp_prop; 2287 size_t sa_len, extra_sa_len; 2288 int i, nprotos = 0; 2289 struct proto *proto; 2290 u_int8_t **transforms = 0, **proposals = 0; 2291 size_t *transform_lens = 0, *proposal_lens = 0; 2292 struct sa *sa; 2293 struct doi *doi = exchange->doi; 2294 u_int8_t *spi = 0; 2295 size_t spi_sz; 2296 2297 /* 2298 * Generate SA payloads. 2299 */ 2300 for (sa = TAILQ_FIRST(&exchange->sa_list); sa; 2301 sa = TAILQ_NEXT(sa, next)) { 2302 /* Setup a SA payload. */ 2303 sa_len = ISAKMP_SA_SIT_OFF + doi->situation_size(); 2304 extra_sa_len = 0; 2305 sa_buf = malloc(sa_len); 2306 if (!sa_buf) { 2307 log_error("message_add_sa_payload: " 2308 "malloc (%lu) failed", (unsigned long)sa_len); 2309 goto cleanup; 2310 } 2311 SET_ISAKMP_SA_DOI(sa_buf, doi->id); 2312 doi->setup_situation(sa_buf); 2313 2314 /* Count transforms. */ 2315 nprotos = 0; 2316 for (proto = TAILQ_FIRST(&sa->protos); proto; 2317 proto = TAILQ_NEXT(proto, link)) 2318 nprotos++; 2319 2320 /* 2321 * Allocate transient transform and proposal payload/size 2322 * vectors. 2323 */ 2324 transforms = calloc(nprotos, sizeof *transforms); 2325 if (!transforms) { 2326 log_error("message_add_sa_payload: calloc (%d, %lu) " 2327 "failed", nprotos, 2328 (unsigned long)sizeof *transforms); 2329 goto cleanup; 2330 } 2331 transform_lens = calloc(nprotos, sizeof *transform_lens); 2332 if (!transform_lens) { 2333 log_error("message_add_sa_payload: calloc (%d, %lu) " 2334 "failed", nprotos, 2335 (unsigned long) sizeof *transform_lens); 2336 goto cleanup; 2337 } 2338 proposals = calloc(nprotos, sizeof *proposals); 2339 if (!proposals) { 2340 log_error("message_add_sa_payload: calloc (%d, %lu) " 2341 "failed", nprotos, 2342 (unsigned long)sizeof *proposals); 2343 goto cleanup; 2344 } 2345 proposal_lens = calloc(nprotos, sizeof *proposal_lens); 2346 if (!proposal_lens) { 2347 log_error("message_add_sa_payload: calloc (%d, %lu) " 2348 "failed", nprotos, 2349 (unsigned long)sizeof *proposal_lens); 2350 goto cleanup; 2351 } 2352 /* Pick out the chosen transforms. */ 2353 for (proto = TAILQ_FIRST(&sa->protos), i = 0; proto; 2354 proto = TAILQ_NEXT(proto, link), i++) { 2355 transform_lens[i] = 2356 GET_ISAKMP_GEN_LENGTH(proto->chosen->p); 2357 transforms[i] = malloc(transform_lens[i]); 2358 if (!transforms[i]) { 2359 log_error("message_add_sa_payload: malloc " 2360 "(%lu) failed", 2361 (unsigned long)transform_lens[i]); 2362 goto cleanup; 2363 } 2364 /* Get incoming SPI from application. */ 2365 if (doi->get_spi) { 2366 spi = doi->get_spi(&spi_sz, 2367 GET_ISAKMP_PROP_PROTO(proto->chosen->context->p), 2368 msg); 2369 if (spi_sz && !spi) 2370 goto cleanup; 2371 proto->spi[1] = spi; 2372 proto->spi_sz[1] = spi_sz; 2373 } else 2374 spi_sz = 0; 2375 2376 proposal_lens[i] = ISAKMP_PROP_SPI_OFF + spi_sz; 2377 proposals[i] = malloc(proposal_lens[i]); 2378 if (!proposals[i]) { 2379 log_error("message_add_sa_payload: malloc " 2380 "(%lu) failed", 2381 (unsigned long)proposal_lens[i]); 2382 goto cleanup; 2383 } 2384 memcpy(transforms[i], proto->chosen->p, 2385 transform_lens[i]); 2386 memcpy(proposals[i], proto->chosen->context->p, 2387 ISAKMP_PROP_SPI_OFF); 2388 SET_ISAKMP_PROP_NTRANSFORMS(proposals[i], 1); 2389 SET_ISAKMP_PROP_SPI_SZ(proposals[i], spi_sz); 2390 if (spi_sz) 2391 memcpy(proposals[i] + ISAKMP_PROP_SPI_OFF, spi, 2392 spi_sz); 2393 extra_sa_len += proposal_lens[i] + transform_lens[i]; 2394 } 2395 2396 /* 2397 * Add the payloads. As this is a SA, we need to recompute the 2398 * lengths of the payloads containing others. We also need to 2399 * reset these payload's "next payload type" field. 2400 */ 2401 if (message_add_payload(msg, ISAKMP_PAYLOAD_SA, sa_buf, 2402 sa_len, 1)) 2403 goto cleanup; 2404 SET_ISAKMP_GEN_LENGTH(sa_buf, sa_len + extra_sa_len); 2405 sa_buf = 0; 2406 2407 saved_nextp_sa = msg->nextp; 2408 for (proto = TAILQ_FIRST(&sa->protos), i = 0; proto; 2409 proto = TAILQ_NEXT(proto, link), i++) { 2410 if (message_add_payload(msg, ISAKMP_PAYLOAD_PROPOSAL, 2411 proposals[i], proposal_lens[i], i > 0)) 2412 goto cleanup; 2413 SET_ISAKMP_GEN_LENGTH(proposals[i], proposal_lens[i] + 2414 transform_lens[i]); 2415 proposals[i] = 0; 2416 2417 saved_nextp_prop = msg->nextp; 2418 if (message_add_payload(msg, ISAKMP_PAYLOAD_TRANSFORM, 2419 transforms[i], transform_lens[i], 0)) 2420 goto cleanup; 2421 msg->nextp = saved_nextp_prop; 2422 transforms[i] = 0; 2423 } 2424 msg->nextp = saved_nextp_sa; 2425 2426 /* Free the temporary allocations made above. */ 2427 free(transforms); 2428 free(transform_lens); 2429 free(proposals); 2430 free(proposal_lens); 2431 } 2432 return 0; 2433 2434 cleanup: 2435 free(sa_buf); 2436 for (i = 0; i < nprotos; i++) { 2437 free(transforms[i]); 2438 free(proposals[i]); 2439 } 2440 free(transforms); 2441 free(transform_lens); 2442 free(proposals); 2443 free(proposal_lens); 2444 return -1; 2445 } 2446 2447 /* 2448 * Return a copy of MSG's constants starting from OFFSET and stash the size 2449 * in SZP. It is the callers responsibility to free this up. 2450 */ 2451 u_int8_t * 2452 message_copy(struct message *msg, size_t offset, size_t *szp) 2453 { 2454 int skip = 0; 2455 size_t i, sz = 0; 2456 ssize_t start = -1; 2457 u_int8_t *buf, *p; 2458 2459 /* Calculate size of message and where we want to start to copy. */ 2460 for (i = 1; i < msg->iovlen; i++) { 2461 sz += msg->iov[i].iov_len; 2462 if (sz <= offset) 2463 skip = i; 2464 else if (start < 0) 2465 start = offset - (sz - msg->iov[i].iov_len); 2466 } 2467 2468 /* Allocate and copy. */ 2469 *szp = sz - offset; 2470 buf = malloc(*szp); 2471 if (!buf) 2472 return 0; 2473 p = buf; 2474 for (i = skip + 1; i < msg->iovlen; i++) { 2475 memcpy(p, (u_int8_t *) msg->iov[i].iov_base + start, 2476 msg->iov[i].iov_len - start); 2477 p += msg->iov[i].iov_len - start; 2478 start = 0; 2479 } 2480 return buf; 2481 } 2482 2483 /* Register a post-send function POST_SEND with message MSG. */ 2484 int 2485 message_register_post_send(struct message *msg, 2486 void (*post_send)(struct message *)) 2487 { 2488 struct post_send *node; 2489 2490 node = malloc(sizeof *node); 2491 if (!node) 2492 return -1; 2493 node->func = post_send; 2494 TAILQ_INSERT_TAIL(&msg->post_send, node, link); 2495 return 0; 2496 } 2497 2498 /* Run the post-send functions of message MSG. */ 2499 void 2500 message_post_send(struct message *msg) 2501 { 2502 struct post_send *node; 2503 2504 while ((node = TAILQ_FIRST(&msg->post_send)) != 0) { 2505 TAILQ_REMOVE(&msg->post_send, node, link); 2506 node->func(msg); 2507 free(node); 2508 } 2509 } 2510 2511 struct payload * 2512 payload_first(struct message *msg, u_int8_t payload) 2513 { 2514 return TAILQ_FIRST(&msg->payload[payload]); 2515 } 2516