1 /* $OpenBSD: exchange.h,v 1.37 2018/01/15 09:54:48 mpi Exp $ */ 2 /* $EOM: exchange.h,v 1.28 2000/09/28 12:54:28 niklas Exp $ */ 3 4 /* 5 * Copyright (c) 1998, 1999, 2001 Niklas Hallqvist. All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 17 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 18 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 19 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 20 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 21 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 22 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 23 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 24 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 25 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 /* 29 * This code was written under funding by Ericsson Radio Systems. 30 */ 31 32 #ifndef _EXCHANGE_H_ 33 #define _EXCHANGE_H_ 34 35 #include <sys/types.h> 36 #include <sys/queue.h> 37 38 #include "exchange_num.h" 39 #include "isakmp.h" 40 41 /* Remove an exchange if it has not been fully negotiated in this time. */ 42 #define EXCHANGE_MAX_TIME 120 43 44 struct crypto_xf; 45 struct certreq_aca; 46 struct doi; 47 struct event; 48 struct keystate; 49 struct message; 50 struct payload; 51 struct transport; 52 struct sa; 53 54 struct exchange { 55 /* Link to exchanges with the same hash value. */ 56 LIST_ENTRY(exchange) link; 57 58 /* This exchange is linked to the global exchange list. */ 59 int linked; 60 61 /* A name of the SAs this exchange will result in. XXX non unique? */ 62 char *name; 63 64 /* 65 * A name of the major policy deciding offers and acceptable 66 * proposals. 67 */ 68 char *policy; 69 70 /* 71 * A function with a polymorphic argument called after the exchange 72 * has been run to its end, successfully. The 2nd argument is true 73 * if the finalization hook is called due to the exchange not running 74 * to its end normally. 75 */ 76 void (*finalize)(struct exchange *, void *, int); 77 void *finalize_arg; 78 79 /* When several SA's are being negotiated we keep them here. */ 80 TAILQ_HEAD(sa_head, sa) sa_list; 81 82 /* 83 * The event that will occur when it has taken too long time to try to 84 * run the exchange and which will trigger auto-destruction. 85 */ 86 struct event *death; 87 88 /* 89 * Both initiator and responder cookies. 90 * XXX For code clarity we might split this into two fields. 91 */ 92 u_int8_t cookies[ISAKMP_HDR_COOKIES_LEN]; 93 94 /* The message ID signifying phase 2 exchanges. */ 95 u_int8_t message_id[ISAKMP_HDR_MESSAGE_ID_LEN]; 96 97 /* The exchange type we are using. */ 98 u_int8_t type; 99 100 /* Phase is 1 for ISAKMP SA exchanges, and 2 for application ones. */ 101 u_int8_t phase; 102 103 /* The "step counter" of the exchange, starting from zero. */ 104 u_int8_t step; 105 106 /* 1 if we are the initiator, 0 if we are the responder. */ 107 u_int8_t initiator; 108 109 /* Various flags, look below for descriptions. */ 110 u_int32_t flags; 111 112 /* The DOI that is to handle DOI-specific issues for this exchange. */ 113 struct doi *doi; 114 115 /* 116 * A "program counter" into the script that validate message contents 117 * for this exchange. 118 */ 119 int16_t *exch_pc; 120 121 /* The last message received, used for checking for duplicates. */ 122 struct message *last_received; 123 124 /* The last message sent, to be acked when something new is received. */ 125 struct message *last_sent; 126 127 /* 128 * If some message is queued up for sending, we want to be able to 129 * remove it from the queue, when the exchange is deleted. 130 */ 131 struct message *in_transit; 132 133 /* 134 * Initiator's & responder's nonces respectively, with lengths. 135 * XXX Should this be in the DOI-specific parts instead? 136 */ 137 u_int8_t *nonce_i; 138 size_t nonce_i_len; 139 u_int8_t *nonce_r; 140 size_t nonce_r_len; 141 142 /* 143 * The ID payload contents for the initiator & responder, 144 * respectively. 145 */ 146 u_int8_t *id_i; 147 size_t id_i_len; 148 u_int8_t *id_r; 149 size_t id_r_len; 150 151 /* Policy session identifier, where applicable. */ 152 int policy_id; 153 154 /* Crypto info needed to encrypt/decrypt packets in this exchange. */ 155 struct crypto_xf *crypto; 156 size_t key_length; 157 struct keystate *keystate; 158 159 /* 160 * Used only by KeyNote, to cache the key used to authenticate Phase 161 * 1 162 */ 163 char *keynote_key; /* printable format */ 164 165 /* 166 * Received certificate - used to verify signatures on packet, 167 * stored here for later policy processing. 168 * 169 * The rules for the recv_* and sent_* fields are: 170 * - recv_cert stores the credential (if any) received from the peer; 171 * the kernel may pass us one, but we ignore it. We pass it to the 172 * kernel so processes can peek at it. When doing passphrase 173 * authentication in Phase 1, this is empty. 174 * - recv_key stores the key (public or private) used by the peer 175 * to authenticate. Otherwise, same properties as recv_cert except 176 * that we don't tell the kernel about passphrases (so we don't 177 * reveal system-wide passphrases). Processes that used passphrase 178 * authentication already know the passphrase! We ignore it if/when 179 * received from the kernel (meaningless). 180 * - sent_cert stores the credential, if any, we used to authenticate 181 * with the peer. It may be passed to us by the kernel, or we may 182 * have found it in our certificate storage. In either case, there's 183 * no point passing it to the kernel, so we don't. 184 * - sent key stores the private key we used for authentication with 185 * the peer (private key or passphrase). This may have been received 186 * from the kernel, or may be a system-wide setting. In either case, 187 * we don't pass it to the kernel, to avoid revealing such information 188 * to processes (processes either already know it, or have no business 189 * knowing it). 190 */ 191 int recv_certtype, recv_keytype; 192 void *recv_cert; /* Certificate received from peer, 193 * native format */ 194 void *recv_key; /* Key peer used to authenticate, 195 * native format */ 196 197 /* Likewise, for certificates we use. */ 198 int sent_certtype, sent_keytype; 199 void *sent_cert; /* Certificate (to be) sent to peer, 200 * native format */ 201 202 /* ACQUIRE sequence number. */ 203 u_int32_t seq; 204 205 /* XXX This is no longer necessary, it is covered by policy. */ 206 207 /* Acceptable authorities for cert requests. */ 208 TAILQ_HEAD(aca_head, certreq_aca) aca_list; 209 210 /* DOI-specific opaque data. */ 211 void *data; 212 }; 213 214 /* The flag bits. */ 215 #define EXCHANGE_FLAG_I_COMMITTED 0x0001 216 #define EXCHANGE_FLAG_HE_COMMITTED 0x0002 217 #define EXCHANGE_FLAG_COMMITTED (EXCHANGE_FLAG_I_COMMITTED \ 218 | EXCHANGE_FLAG_HE_COMMITTED) 219 #define EXCHANGE_FLAG_ENCRYPT 0x0004 220 #define EXCHANGE_FLAG_NAT_T_CAP_PEER 0x0008 /* Peer is NAT capable. */ 221 #define EXCHANGE_FLAG_NAT_T_ENABLE 0x0010 /* We are doing NAT-T. */ 222 #define EXCHANGE_FLAG_NAT_T_KEEPALIVE 0x0020 /* We are the NAT:ed peer. */ 223 #define EXCHANGE_FLAG_DPD_CAP_PEER 0x0040 /* Peer is DPD capable. */ 224 #define EXCHANGE_FLAG_NAT_T_RFC 0x0080 /* Peer does RFC NAT-T. */ 225 #define EXCHANGE_FLAG_NAT_T_DRAFT 0x0100 /* Peer does draft NAT-T.*/ 226 #define EXCHANGE_FLAG_OPENBSD 0x0200 /* Peer is OpenBSD */ 227 228 extern int exchange_add_certs(struct message *); 229 extern int exchange_add_certreqs(struct message *); 230 extern void exchange_finalize(struct message *); 231 extern void exchange_free(struct exchange *); 232 extern void exchange_free_aca_list(struct exchange *); 233 extern void exchange_establish(char *name, void (*)(struct exchange *, 234 void *, int), void *, int); 235 extern int exchange_establish_p1(struct transport *, u_int8_t, u_int32_t, 236 char *, void *, void (*)(struct exchange *, void *, int), 237 void *, int); 238 extern int exchange_establish_p2(struct sa *, u_int8_t, char *, void *, 239 void (*)(struct exchange *, void *, int), void *); 240 extern int exchange_gen_nonce(struct message *, size_t); 241 extern void exchange_init(void); 242 extern struct exchange *exchange_lookup(u_int8_t *, int); 243 extern struct exchange *exchange_lookup_by_name(char *, int); 244 extern struct exchange *exchange_lookup_from_icookie(u_int8_t *); 245 extern void exchange_report(void); 246 extern void exchange_run(struct message *); 247 extern int exchange_save_nonce(struct message *); 248 extern int exchange_save_certreq(struct message *); 249 extern int16_t *exchange_script(struct exchange *); 250 extern struct exchange *exchange_setup_p1(struct message *, u_int32_t); 251 extern struct exchange *exchange_setup_p2(struct message *, u_int8_t); 252 extern void exchange_upgrade_p1(struct message *); 253 254 #endif /* _EXCHANGE_H_ */ 255