1 /* $OpenBSD: message.c,v 1.129 2016/04/04 17:35:07 yasuoka Exp $ */
2 /* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */
3
4 /*
5 * Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved.
6 * Copyright (c) 1999 Angelos D. Keromytis. All rights reserved.
7 * Copyright (c) 1999, 2000, 2001, 2004 H�kan Olsson. All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
19 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
20 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
21 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
22 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
23 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
24 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
25 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
26 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
27 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
28 */
29
30 /*
31 * This code was written under funding by Ericsson Radio Systems.
32 */
33
34 #include <sys/types.h>
35 #include <sys/socket.h>
36 #include <netinet/in.h>
37 #include <arpa/inet.h>
38 #include <stdlib.h>
39 #include <string.h>
40
41 #include "attribute.h"
42 #include "cert.h"
43 #include "constants.h"
44 #include "crypto.h"
45 #include "doi.h"
46 #include "dpd.h"
47 #include "exchange.h"
48 #include "field.h"
49 #include "hash.h"
50 #include "ipsec.h"
51 #include "ipsec_num.h"
52 #include "isakmp.h"
53 #include "log.h"
54 #include "message.h"
55 #include "nat_traversal.h"
56 #include "prf.h"
57 #include "sa.h"
58 #include "timer.h"
59 #include "transport.h"
60 #include "util.h"
61 #include "vendor.h"
62 #include "virtual.h"
63
64 /* A local set datatype, coincidentally fd_set suits our purpose fine. */
65 typedef fd_set set;
66 #define ISSET FD_ISSET
67 #define SET FD_SET
68 #define ZERO FD_ZERO
69
70 static int message_check_duplicate(struct message *);
71 static int message_encrypt(struct message *);
72 static int message_index_payload(struct message *, struct payload *,
73 u_int8_t ,u_int8_t *);
74 static int message_parse_transform(struct message *, struct payload *,
75 u_int8_t, u_int8_t *);
76 static struct field *message_get_field(u_int8_t);
77 static int message_validate_payload(struct message *, struct payload *,
78 u_int8_t);
79 static u_int16_t message_payload_sz(u_int8_t);
80 static int message_validate_attribute(struct message *, struct payload *);
81 static int message_validate_cert(struct message *, struct payload *);
82 static int message_validate_cert_req(struct message *, struct payload *);
83 static int message_validate_delete(struct message *, struct payload *);
84 static int message_validate_hash(struct message *, struct payload *);
85 static int message_validate_id(struct message *, struct payload *);
86 static int message_validate_key_exch(struct message *, struct payload *);
87 static int message_validate_nat_d(struct message *, struct payload *);
88 static int message_validate_nat_oa(struct message *, struct payload *);
89 static int message_validate_nonce(struct message *, struct payload *);
90 static int message_validate_notify(struct message *, struct payload *);
91 static int message_validate_proposal(struct message *, struct payload *);
92 static int message_validate_sa(struct message *, struct payload *);
93 static int message_validate_sig(struct message *, struct payload *);
94 static int message_validate_transform(struct message *, struct payload *);
95 static int message_validate_vendor(struct message *, struct payload *);
96
97 static void message_packet_log(struct message *);
98
99 /*
100 * Fields used for checking monotonic increasing of proposal and transform
101 * numbers.
102 */
103 static u_int8_t *last_sa = 0;
104 static u_int32_t last_prop_no;
105 static u_int8_t *last_prop = 0;
106 static u_int32_t last_xf_no;
107
108 /*
109 * Allocate a message structure bound to transport T, and with a first
110 * segment buffer sized SZ, copied from BUF if given.
111 */
112 struct message *
message_alloc(struct transport * t,u_int8_t * buf,size_t sz)113 message_alloc(struct transport *t, u_int8_t *buf, size_t sz)
114 {
115 struct message *msg;
116 int i;
117
118 /*
119 * We use calloc(3) because it zeroes the structure which we rely on in
120 * message_free when determining what sub-allocations to free.
121 */
122 msg = calloc(1, sizeof *msg);
123 if (!msg)
124 return 0;
125 msg->iov = calloc(1, sizeof *msg->iov);
126 if (!msg->iov) {
127 message_free(msg);
128 return 0;
129 }
130 msg->iov[0].iov_len = sz;
131 msg->iov[0].iov_base = malloc(sz);
132 if (!msg->iov[0].iov_base) {
133 message_free(msg);
134 return 0;
135 }
136 msg->iovlen = 1;
137 if (buf)
138 memcpy(msg->iov[0].iov_base, buf, sz);
139 msg->nextp = (u_int8_t *)msg->iov[0].iov_base +
140 ISAKMP_HDR_NEXT_PAYLOAD_OFF;
141 msg->transport = t;
142 transport_reference(t);
143 msg->payload = calloc(ISAKMP_PAYLOAD_MAX, sizeof *msg->payload);
144 if (!msg->payload) {
145 message_free(msg);
146 return 0;
147 }
148 for (i = 0; i < ISAKMP_PAYLOAD_MAX; i++)
149 TAILQ_INIT(&msg->payload[i]);
150 TAILQ_INIT(&msg->post_send);
151 LOG_DBG((LOG_MESSAGE, 90, "message_alloc: allocated %p", msg));
152 return msg;
153 }
154
155 /*
156 * Allocate a message suitable for a reply to MSG. Just allocate an empty
157 * ISAKMP header as the first segment.
158 */
159 struct message *
message_alloc_reply(struct message * msg)160 message_alloc_reply(struct message *msg)
161 {
162 struct message *reply;
163
164 reply = message_alloc(msg->transport, 0, ISAKMP_HDR_SZ);
165 reply->exchange = msg->exchange;
166 reply->isakmp_sa = msg->isakmp_sa;
167 reply->flags = msg->flags;
168 if (msg->isakmp_sa)
169 sa_reference(msg->isakmp_sa);
170 return reply;
171 }
172
173 /* Free up all resources used by the MSG message. */
174 void
message_free(struct message * msg)175 message_free(struct message *msg)
176 {
177 u_int32_t i;
178 struct payload *payload;
179 struct post_send *node;
180
181 LOG_DBG((LOG_MESSAGE, 20, "message_free: freeing %p", msg));
182 if (!msg)
183 return;
184 if (msg->iov) {
185 if (msg->orig && msg->orig != (u_int8_t *)msg->iov[0].iov_base)
186 free(msg->orig);
187 for (i = 0; i < msg->iovlen; i++)
188 free(msg->iov[i].iov_base);
189 free(msg->iov);
190 }
191 if (msg->retrans)
192 timer_remove_event(msg->retrans);
193 if (msg->payload) {
194 for (i = 0; i < ISAKMP_PAYLOAD_MAX; i++)
195 while ((payload = TAILQ_FIRST(&msg->payload[i]))) {
196 TAILQ_REMOVE(&msg->payload[i], payload, link);
197 free(payload);
198 }
199 free(msg->payload);
200 }
201 while ((node = TAILQ_FIRST(&msg->post_send)))
202 TAILQ_REMOVE(&msg->post_send, node, link);
203 if (msg->transport) {
204 /* If we are on the send queue, remove us from there. */
205 if (msg->flags & MSG_IN_TRANSIT)
206 TAILQ_REMOVE(msg->transport->vtbl->get_queue(msg),
207 msg, link);
208
209 transport_release(msg->transport);
210 }
211
212 if (msg->isakmp_sa)
213 sa_release(msg->isakmp_sa);
214
215 free(msg);
216 }
217
218 /*
219 * Generic ISAKMP parser.
220 * MSG is the ISAKMP message to be parsed. NEXT is the type of the first
221 * payload to be parsed, and it's pointed to by BUF. ACCEPTED_PAYLOADS
222 * tells what payloads are accepted and FUNC is a pointer to a function
223 * to be called for each payload found, which is also responsible for
224 * freeing the passed ISAKMP message in the failure case.
225 * Returns the total length of the parsed payloads.
226 */
227 static int
message_parse_payloads(struct message * msg,struct payload * p,u_int8_t next,u_int8_t * buf,set * accepted_payloads,int (* func)(struct message *,struct payload *,u_int8_t,u_int8_t *))228 message_parse_payloads(struct message *msg, struct payload *p, u_int8_t next,
229 u_int8_t *buf, set *accepted_payloads, int (*func)(struct message *,
230 struct payload *, u_int8_t, u_int8_t *))
231 {
232 u_int8_t payload;
233 u_int16_t len;
234 int sz = 0;
235
236 do {
237 LOG_DBG((LOG_MESSAGE, 50,
238 "message_parse_payloads: offset %ld payload %s",
239 (long)(buf - (u_int8_t *) msg->iov[0].iov_base),
240 constant_name(isakmp_payload_cst, next)));
241
242 /* Does this payload's header fit? */
243 if (buf + ISAKMP_GEN_SZ > (u_int8_t *)msg->iov[0].iov_base +
244 msg->iov[0].iov_len) {
245 log_print("message_parse_payloads: short message");
246 message_drop(msg,
247 ISAKMP_NOTIFY_UNEQUAL_PAYLOAD_LENGTHS, 0, 1, 1);
248 return -1;
249 }
250 /* Ponder on the payload that is at BUF... */
251 payload = next;
252
253 /* Look at the next payload's type. */
254 next = GET_ISAKMP_GEN_NEXT_PAYLOAD(buf);
255 if (next >= ISAKMP_PAYLOAD_RESERVED_MIN &&
256 next <= ISAKMP_PAYLOAD_RESERVED_MAX) {
257 log_print("message_parse_payloads: invalid next "
258 "payload type %s in payload of type %d",
259 constant_name(isakmp_payload_cst, next), payload);
260 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE,
261 0, 1, 1);
262 return -1;
263 }
264 /* Reserved fields in ISAKMP messages should be zero. */
265 if (GET_ISAKMP_GEN_RESERVED(buf) != 0) {
266 log_print("message_parse_payloads: reserved field "
267 "non-zero: %x", GET_ISAKMP_GEN_RESERVED(buf));
268 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED,
269 0, 1, 1);
270 return -1;
271 }
272 /*
273 * Decode and validate the payload length field.
274 */
275 len = GET_ISAKMP_GEN_LENGTH(buf);
276
277 if (message_payload_sz(payload) == 0) {
278 log_print("message_parse_payloads: unknown minimum "
279 "payload size for payload type %s",
280 constant_name(isakmp_payload_cst, payload));
281 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED,
282 0, 1, 1);
283 return -1;
284 }
285 if (len < message_payload_sz(payload)) {
286 log_print("message_parse_payloads: payload too "
287 "short: %u", len);
288 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED,
289 0, 1, 1);
290 return -1;
291 }
292 if (buf + len > (u_int8_t *)msg->iov[0].iov_base +
293 msg->iov[0].iov_len) {
294 log_print("message_parse_payloads: payload too "
295 "long: %u", len);
296 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED,
297 0, 1, 1);
298 return -1;
299 }
300 /* Ignore most private payloads. */
301 if (next >= ISAKMP_PAYLOAD_PRIVATE_MIN &&
302 next != ISAKMP_PAYLOAD_NAT_D_DRAFT &&
303 next != ISAKMP_PAYLOAD_NAT_OA_DRAFT) {
304 LOG_DBG((LOG_MESSAGE, 30, "message_parse_payloads: "
305 "private next payload type %s in payload of "
306 "type %d ignored",
307 constant_name(isakmp_payload_cst, next), payload));
308 goto next_payload;
309 }
310 /*
311 * Check if the current payload is one of the accepted ones at
312 * this stage.
313 */
314 if (!ISSET(payload, accepted_payloads)) {
315 log_print("message_parse_payloads: payload type %s "
316 "unexpected", constant_name(isakmp_payload_cst,
317 payload));
318 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE,
319 0, 1, 1);
320 return -1;
321 }
322 /* Call the payload handler specified by the caller. */
323 if (func(msg, p, payload, buf))
324 return -1;
325
326 next_payload:
327 /* Advance to next payload. */
328 buf += len;
329 sz += len;
330 } while (next != ISAKMP_PAYLOAD_NONE);
331 return sz;
332 }
333
334 /*
335 * Parse a proposal payload found in message MSG. PAYLOAD is always
336 * ISAKMP_PAYLOAD_PROPOSAL and ignored in here. It's needed as the API for
337 * message_parse_payloads requires it. BUF points to the proposal's
338 * generic payload header.
339 */
340 static int
message_parse_proposal(struct message * msg,struct payload * p,u_int8_t payload,u_int8_t * buf)341 message_parse_proposal(struct message *msg, struct payload *p,
342 u_int8_t payload, u_int8_t *buf)
343 {
344 set payload_set;
345
346 /* Put the proposal into the proposal bucket. */
347 if (message_index_payload(msg, p, payload, buf) == -1)
348 return -1;
349
350 ZERO(&payload_set);
351 SET(ISAKMP_PAYLOAD_TRANSFORM, &payload_set);
352 if (message_parse_payloads(msg,
353 TAILQ_LAST(&msg->payload[ISAKMP_PAYLOAD_PROPOSAL], payload_head),
354 ISAKMP_PAYLOAD_TRANSFORM, buf + ISAKMP_PROP_SPI_OFF +
355 GET_ISAKMP_PROP_SPI_SZ(buf), &payload_set, message_parse_transform)
356 == -1)
357 return -1;
358
359 return 0;
360 }
361
362 static int
message_parse_transform(struct message * msg,struct payload * p,u_int8_t payload,u_int8_t * buf)363 message_parse_transform(struct message *msg, struct payload *p,
364 u_int8_t payload, u_int8_t *buf)
365 {
366 /* Put the transform into the transform bucket. */
367 if (message_index_payload(msg, p, payload, buf) == -1)
368 return -1;
369
370 LOG_DBG((LOG_MESSAGE, 50, "Transform %d's attributes",
371 GET_ISAKMP_TRANSFORM_NO(buf)));
372 attribute_map(buf + ISAKMP_TRANSFORM_SA_ATTRS_OFF,
373 GET_ISAKMP_GEN_LENGTH(buf) - ISAKMP_TRANSFORM_SA_ATTRS_OFF,
374 msg->exchange->doi->debug_attribute, msg);
375
376 return 0;
377 }
378
379 static struct field *
message_get_field(u_int8_t payload)380 message_get_field(u_int8_t payload)
381 {
382 switch (payload) {
383 case ISAKMP_PAYLOAD_SA:
384 return isakmp_sa_fld;
385 case ISAKMP_PAYLOAD_PROPOSAL:
386 return isakmp_prop_fld;
387 case ISAKMP_PAYLOAD_TRANSFORM:
388 return isakmp_transform_fld;
389 case ISAKMP_PAYLOAD_KEY_EXCH:
390 return isakmp_ke_fld;
391 case ISAKMP_PAYLOAD_ID:
392 return isakmp_id_fld;
393 case ISAKMP_PAYLOAD_CERT:
394 return isakmp_cert_fld;
395 case ISAKMP_PAYLOAD_CERT_REQ:
396 return isakmp_certreq_fld;
397 case ISAKMP_PAYLOAD_HASH:
398 return isakmp_hash_fld;
399 case ISAKMP_PAYLOAD_SIG:
400 return isakmp_sig_fld;
401 case ISAKMP_PAYLOAD_NONCE:
402 return isakmp_nonce_fld;
403 case ISAKMP_PAYLOAD_NOTIFY:
404 return isakmp_notify_fld;
405 case ISAKMP_PAYLOAD_DELETE:
406 return isakmp_delete_fld;
407 case ISAKMP_PAYLOAD_VENDOR:
408 return isakmp_vendor_fld;
409 case ISAKMP_PAYLOAD_ATTRIBUTE:
410 return isakmp_attribute_fld;
411 case ISAKMP_PAYLOAD_NAT_D:
412 case ISAKMP_PAYLOAD_NAT_D_DRAFT:
413 return isakmp_nat_d_fld;
414 case ISAKMP_PAYLOAD_NAT_OA:
415 case ISAKMP_PAYLOAD_NAT_OA_DRAFT:
416 return isakmp_nat_oa_fld;
417 /* Not yet supported and any other unknown payloads. */
418 case ISAKMP_PAYLOAD_SAK:
419 case ISAKMP_PAYLOAD_SAT:
420 case ISAKMP_PAYLOAD_KD:
421 case ISAKMP_PAYLOAD_SEQ:
422 case ISAKMP_PAYLOAD_POP:
423 default:
424 break;
425 }
426 return NULL;
427 }
428
429 static int
message_validate_payload(struct message * m,struct payload * p,u_int8_t payload)430 message_validate_payload(struct message *m, struct payload *p, u_int8_t payload)
431 {
432 switch (payload) {
433 case ISAKMP_PAYLOAD_SA:
434 return message_validate_sa(m, p);
435 case ISAKMP_PAYLOAD_PROPOSAL:
436 return message_validate_proposal(m, p);
437 case ISAKMP_PAYLOAD_TRANSFORM:
438 return message_validate_transform(m, p);
439 case ISAKMP_PAYLOAD_KEY_EXCH:
440 return message_validate_key_exch(m, p);
441 case ISAKMP_PAYLOAD_ID:
442 return message_validate_id(m, p);
443 case ISAKMP_PAYLOAD_CERT:
444 return message_validate_cert(m, p);
445 case ISAKMP_PAYLOAD_CERT_REQ:
446 return message_validate_cert_req(m, p);
447 case ISAKMP_PAYLOAD_HASH:
448 return message_validate_hash(m, p);
449 case ISAKMP_PAYLOAD_SIG:
450 return message_validate_sig(m, p);
451 case ISAKMP_PAYLOAD_NONCE:
452 return message_validate_nonce(m, p);
453 case ISAKMP_PAYLOAD_NOTIFY:
454 return message_validate_notify(m, p);
455 case ISAKMP_PAYLOAD_DELETE:
456 return message_validate_delete(m, p);
457 case ISAKMP_PAYLOAD_VENDOR:
458 return message_validate_vendor(m, p);
459 case ISAKMP_PAYLOAD_ATTRIBUTE:
460 return message_validate_attribute(m, p);
461 case ISAKMP_PAYLOAD_NAT_D:
462 case ISAKMP_PAYLOAD_NAT_D_DRAFT:
463 return message_validate_nat_d(m, p);
464 case ISAKMP_PAYLOAD_NAT_OA:
465 case ISAKMP_PAYLOAD_NAT_OA_DRAFT:
466 return message_validate_nat_oa(m, p);
467 /* Not yet supported and any other unknown payloads. */
468 case ISAKMP_PAYLOAD_SAK:
469 case ISAKMP_PAYLOAD_SAT:
470 case ISAKMP_PAYLOAD_KD:
471 case ISAKMP_PAYLOAD_SEQ:
472 case ISAKMP_PAYLOAD_POP:
473 default:
474 break;
475 }
476 message_drop(m, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1);
477 return -1;
478 }
479
480 /* Check payloads for their required minimum size. */
481 static u_int16_t
message_payload_sz(u_int8_t payload)482 message_payload_sz(u_int8_t payload)
483 {
484 switch (payload) {
485 case ISAKMP_PAYLOAD_SA:
486 return ISAKMP_SA_SZ;
487 case ISAKMP_PAYLOAD_PROPOSAL:
488 return ISAKMP_PROP_SZ;
489 case ISAKMP_PAYLOAD_TRANSFORM:
490 return ISAKMP_TRANSFORM_SZ;
491 case ISAKMP_PAYLOAD_KEY_EXCH:
492 return ISAKMP_KE_SZ;
493 case ISAKMP_PAYLOAD_ID:
494 return ISAKMP_ID_SZ;
495 case ISAKMP_PAYLOAD_CERT:
496 return ISAKMP_CERT_SZ;
497 case ISAKMP_PAYLOAD_CERT_REQ:
498 return ISAKMP_CERTREQ_SZ;
499 case ISAKMP_PAYLOAD_HASH:
500 return ISAKMP_HASH_SZ;
501 case ISAKMP_PAYLOAD_SIG:
502 return ISAKMP_SIG_SZ;
503 case ISAKMP_PAYLOAD_NONCE:
504 return ISAKMP_NONCE_SZ;
505 case ISAKMP_PAYLOAD_NOTIFY:
506 return ISAKMP_NOTIFY_SZ;
507 case ISAKMP_PAYLOAD_DELETE:
508 return ISAKMP_DELETE_SZ;
509 case ISAKMP_PAYLOAD_VENDOR:
510 return ISAKMP_VENDOR_SZ;
511 case ISAKMP_PAYLOAD_ATTRIBUTE:
512 return ISAKMP_ATTRIBUTE_SZ;
513 case ISAKMP_PAYLOAD_NAT_D:
514 case ISAKMP_PAYLOAD_NAT_D_DRAFT:
515 return ISAKMP_NAT_D_SZ;
516 case ISAKMP_PAYLOAD_NAT_OA:
517 case ISAKMP_PAYLOAD_NAT_OA_DRAFT:
518 return ISAKMP_NAT_OA_SZ;
519 /* Not yet supported and any other unknown payloads. */
520 case ISAKMP_PAYLOAD_SAK:
521 case ISAKMP_PAYLOAD_SAT:
522 case ISAKMP_PAYLOAD_KD:
523 case ISAKMP_PAYLOAD_SEQ:
524 case ISAKMP_PAYLOAD_POP:
525 default:
526 return 0;
527 }
528 }
529
530 /* Validate the attribute payload P in message MSG. */
531 static int
message_validate_attribute(struct message * msg,struct payload * p)532 message_validate_attribute(struct message *msg, struct payload *p)
533 {
534 /* If we don't have an exchange yet, create one. */
535 if (!msg->exchange) {
536 if (zero_test((u_int8_t *) msg->iov[0].iov_base +
537 ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN))
538 msg->exchange = exchange_setup_p1(msg,
539 IPSEC_DOI_IPSEC);
540 else
541 msg->exchange = exchange_setup_p2(msg,
542 IPSEC_DOI_IPSEC);
543 if (!msg->exchange) {
544 log_print("message_validate_attribute: can not "
545 "create exchange");
546 message_free(msg);
547 return -1;
548 }
549 }
550 return 0;
551 }
552
553 /* Validate the certificate payload P in message MSG. */
554 static int
message_validate_cert(struct message * msg,struct payload * p)555 message_validate_cert(struct message *msg, struct payload *p)
556 {
557 if (GET_ISAKMP_CERT_ENCODING(p->p) >= ISAKMP_CERTENC_RESERVED_MIN) {
558 message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING, 0, 1,
559 1);
560 return -1;
561 }
562 return 0;
563 }
564
565 /* Validate the certificate request payload P in message MSG. */
566 static int
message_validate_cert_req(struct message * msg,struct payload * p)567 message_validate_cert_req(struct message *msg, struct payload *p)
568 {
569 struct cert_handler *cert;
570 size_t len =
571 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_CERTREQ_AUTHORITY_OFF;
572
573 if (GET_ISAKMP_CERTREQ_TYPE(p->p) >= ISAKMP_CERTENC_RESERVED_MIN) {
574 message_drop(msg, ISAKMP_NOTIFY_INVALID_CERT_ENCODING, 0, 1,
575 1);
576 return -1;
577 }
578 /*
579 * Check the certificate types we support and if an acceptable
580 * authority is included in the payload check if it can be decoded
581 */
582 cert = cert_get(GET_ISAKMP_CERTREQ_TYPE(p->p));
583 if (!cert || (len && !cert->certreq_validate(p->p +
584 ISAKMP_CERTREQ_AUTHORITY_OFF, len))) {
585 message_drop(msg, ISAKMP_NOTIFY_CERT_TYPE_UNSUPPORTED, 0, 1,
586 1);
587 return -1;
588 }
589 return 0;
590 }
591
592 /*
593 * Validate the delete payload P in message MSG. As a side-effect, create
594 * an exchange if we do not have one already.
595 */
596 static int
message_validate_delete(struct message * msg,struct payload * p)597 message_validate_delete(struct message *msg, struct payload *p)
598 {
599 u_int8_t proto = GET_ISAKMP_DELETE_PROTO(p->p);
600 struct doi *doi;
601 struct sa *sa, *isakmp_sa;
602 struct sockaddr *dst, *dst_isa;
603 u_int32_t nspis = GET_ISAKMP_DELETE_NSPIS(p->p);
604 u_int8_t *spis = (u_int8_t *)p->p + ISAKMP_DELETE_SPI_OFF;
605 u_int32_t i;
606 char *addr;
607
608 /* Only accept authenticated DELETEs. */
609 if ((msg->flags & MSG_AUTHENTICATED) == 0) {
610 log_print("message_validate_delete: "
611 "got unauthenticated DELETE");
612 message_free(msg);
613 return -1;
614 }
615
616 doi = doi_lookup(GET_ISAKMP_DELETE_DOI(p->p));
617 if (!doi) {
618 log_print("message_validate_delete: DOI not supported");
619 message_free(msg);
620 return -1;
621 }
622 /* If we don't have an exchange yet, create one. */
623 if (!msg->exchange) {
624 if (zero_test((u_int8_t *) msg->iov[0].iov_base
625 + ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN))
626 msg->exchange = exchange_setup_p1(msg, doi->id);
627 else
628 msg->exchange = exchange_setup_p2(msg, doi->id);
629 if (!msg->exchange) {
630 log_print("message_validate_delete: can not create "
631 "exchange");
632 message_free(msg);
633 return -1;
634 }
635 }
636 /* Only accept DELETE as part of an INFORMATIONAL exchange. */
637 if (msg->exchange->type != ISAKMP_EXCH_INFO) {
638 log_print("message_validate_delete: delete in exchange other "
639 "than INFO: %s", constant_name(isakmp_exch_cst,
640 msg->exchange->type));
641 message_free(msg);
642 return -1;
643 }
644 if (proto != ISAKMP_PROTO_ISAKMP && doi->validate_proto(proto)) {
645 log_print("message_validate_delete: protocol not supported");
646 message_free(msg);
647 return -1;
648 }
649 /* Validate the SPIs. */
650 for (i = 0; i < nspis; i++) {
651 /* Get ISAKMP SA protecting this message. */
652 isakmp_sa = msg->isakmp_sa;
653 if (!isakmp_sa) {
654 /* XXX should not happen? */
655 log_print("message_validate_delete: invalid spi (no "
656 "valid ISAKMP SA found)");
657 message_free(msg);
658 return -1;
659 }
660 isakmp_sa->transport->vtbl->get_dst(isakmp_sa->transport,
661 &dst_isa);
662
663 /* Get SA to be deleted. */
664 msg->transport->vtbl->get_dst(msg->transport, &dst);
665 if (proto == ISAKMP_PROTO_ISAKMP)
666 sa = sa_lookup_isakmp_sa(dst, spis + i
667 * ISAKMP_HDR_COOKIES_LEN);
668 else
669 sa = ipsec_sa_lookup(dst, ((u_int32_t *) spis)[i],
670 proto);
671 if (!sa) {
672 LOG_DBG((LOG_MESSAGE, 50, "message_validate_delete: "
673 "invalid spi (no valid SA found)"));
674 message_free(msg);
675 return -1;
676 }
677 sa->transport->vtbl->get_dst(sa->transport, &dst);
678
679 /* Destination addresses must match. */
680 if (dst->sa_family != dst_isa->sa_family ||
681 memcmp(sockaddr_addrdata(dst_isa), sockaddr_addrdata(dst),
682 sockaddr_addrlen(dst))) {
683 sockaddr2text(dst_isa, &addr, 0);
684
685 log_print("message_validate_delete: invalid spi "
686 "(illegal delete request from %s)", addr);
687 free(addr);
688 message_free(msg);
689 return -1;
690 }
691 }
692
693 return 0;
694 }
695
696 /*
697 * Validate the hash payload P in message MSG.
698 */
699 static int
message_validate_hash(struct message * msg,struct payload * p)700 message_validate_hash(struct message *msg, struct payload *p)
701 {
702 struct sa *isakmp_sa = msg->isakmp_sa;
703 struct ipsec_sa *isa;
704 struct hash *hash;
705 struct payload *hashp = payload_first(msg, ISAKMP_PAYLOAD_HASH);
706 struct prf *prf;
707 u_int8_t *rest;
708 u_int8_t message_id[ISAKMP_HDR_MESSAGE_ID_LEN];
709 size_t rest_len;
710
711 /* active exchanges other than INFORMATIONAL validates hash payload. */
712 if (msg->exchange && (msg->exchange->type != ISAKMP_EXCH_INFO))
713 return 0;
714
715 if (isakmp_sa == NULL)
716 goto invalid;
717
718 isa = isakmp_sa->data;
719 hash = hash_get(isa->hash);
720 if (hash == NULL)
721 goto invalid;
722
723 /* If no SKEYID_a, we can not do anything (should not happen). */
724 if (!isa->skeyid_a)
725 goto invalid;
726
727 /* Allocate the prf and start calculating our HASH(1). */
728 LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: SKEYID_a",
729 isa->skeyid_a, isa->skeyid_len));
730 prf = prf_alloc(isa->prf_type, hash->type, isa->skeyid_a,
731 isa->skeyid_len);
732 if (!prf) {
733 message_free(msg);
734 return -1;
735 }
736 /* This is not an active exchange. */
737 GET_ISAKMP_HDR_MESSAGE_ID(msg->iov[0].iov_base, message_id);
738
739 prf->Init(prf->prfctx);
740 LOG_DBG_BUF((LOG_MISC, 90, "message_validate_hash: message_id",
741 message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
742 prf->Update(prf->prfctx, message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
743 rest = hashp->p + GET_ISAKMP_GEN_LENGTH(hashp->p);
744 rest_len = (GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base) - (rest -
745 (u_int8_t *)msg->iov[0].iov_base));
746 LOG_DBG_BUF((LOG_MISC, 90,
747 "message_validate_hash: payloads after HASH(1)", rest, rest_len));
748 prf->Update(prf->prfctx, rest, rest_len);
749 prf->Final(hash->digest, prf->prfctx);
750 prf_free(prf);
751
752 if (memcmp(hashp->p + ISAKMP_HASH_DATA_OFF, hash->digest,
753 hash->hashsize))
754 goto invalid;
755
756 /* Mark the HASH as handled. */
757 hashp->flags |= PL_MARK;
758
759 /* Mark message as authenticated. */
760 msg->flags |= MSG_AUTHENTICATED;
761
762 return 0;
763
764 invalid:
765 log_print("message_validate_hash: invalid hash information");
766 message_drop(msg, ISAKMP_NOTIFY_INVALID_HASH_INFORMATION, 0, 1, 1);
767 return -1;
768 }
769
770 /* Validate the identification payload P in message MSG. */
771 static int
message_validate_id(struct message * msg,struct payload * p)772 message_validate_id(struct message *msg, struct payload *p)
773 {
774 struct exchange *exchange = msg->exchange;
775 size_t len = GET_ISAKMP_GEN_LENGTH(p->p);
776
777 if (!exchange) {
778 /* We should have an exchange at this point. */
779 log_print("message_validate_id: payload out of sequence");
780 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
781 return -1;
782 }
783 if (exchange->doi &&
784 exchange->doi->validate_id_information(GET_ISAKMP_ID_TYPE(p->p),
785 p->p + ISAKMP_ID_DOI_DATA_OFF, p->p + ISAKMP_ID_DATA_OFF,
786 len - ISAKMP_ID_DATA_OFF, exchange)) {
787 message_drop(msg, ISAKMP_NOTIFY_INVALID_ID_INFORMATION, 0, 1,
788 1);
789 return -1;
790 }
791 return 0;
792 }
793
794 /* Validate the key exchange payload P in message MSG. */
795 static int
message_validate_key_exch(struct message * msg,struct payload * p)796 message_validate_key_exch(struct message *msg, struct payload *p)
797 {
798 struct exchange *exchange = msg->exchange;
799 size_t len = GET_ISAKMP_GEN_LENGTH(p->p);
800
801 if (!exchange) {
802 /* We should have an exchange at this point. */
803 log_print("message_validate_key_exch: "
804 "payload out of sequence");
805 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
806 return -1;
807 }
808 if (exchange->doi && exchange->doi->validate_key_information(p->p +
809 ISAKMP_KE_DATA_OFF, len - ISAKMP_KE_DATA_OFF)) {
810 message_drop(msg, ISAKMP_NOTIFY_INVALID_KEY_INFORMATION,
811 0, 1, 1);
812 return -1;
813 }
814 return 0;
815 }
816
817 /* Validate the NAT-D payload P in message MSG. */
818 static int
message_validate_nat_d(struct message * msg,struct payload * p)819 message_validate_nat_d(struct message *msg, struct payload *p)
820 {
821 struct exchange *exchange = msg->exchange;
822
823 if (!exchange) {
824 /* We should have an exchange at this point. */
825 log_print("message_validate_nat_d: payload out of sequence");
826 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
827 return -1;
828 }
829
830 if (exchange->phase != 1) {
831 log_print("message_validate_nat_d: "
832 "NAT-D payload must be in phase 1");
833 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
834 return -1;
835 }
836
837 /* Mark as handled. */
838 p->flags |= PL_MARK;
839
840 return 0;
841 }
842
843 /* Validate the NAT-OA payload P in message MSG. */
844 static int
message_validate_nat_oa(struct message * msg,struct payload * p)845 message_validate_nat_oa(struct message *msg, struct payload *p)
846 {
847 struct exchange *exchange = msg->exchange;
848
849 if (!exchange) {
850 /* We should have an exchange at this point. */
851 log_print("message_validate_nat_d: payload out of sequence");
852 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
853 return -1;
854 }
855
856 #ifdef notyet /* XXX Probably never, due to patent issues. */
857 /* Mark as handled. */
858 p->flags |= PL_MARK;
859 #endif
860
861 return 0;
862 }
863
864 /* Validate the nonce payload P in message MSG. */
865 static int
message_validate_nonce(struct message * msg,struct payload * p)866 message_validate_nonce(struct message *msg, struct payload *p)
867 {
868 if (!msg->exchange) {
869 /* We should have an exchange at this point. */
870 log_print("message_validate_nonce: payload out of sequence");
871 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
872 return -1;
873 }
874 /* Nonces require no specific validation. */
875 return 0;
876 }
877
878 /*
879 * Validate the notify payload P in message MSG. As a side-effect, create
880 * an exchange if we do not have one already.
881 */
882 static int
message_validate_notify(struct message * msg,struct payload * p)883 message_validate_notify(struct message *msg, struct payload *p)
884 {
885 u_int8_t proto = GET_ISAKMP_NOTIFY_PROTO(p->p);
886 u_int16_t type = GET_ISAKMP_NOTIFY_MSG_TYPE(p->p);
887 struct doi *doi;
888
889 doi = doi_lookup(GET_ISAKMP_NOTIFY_DOI(p->p));
890 if (!doi) {
891 log_print("message_validate_notify: DOI not supported");
892 message_free(msg);
893 return -1;
894 }
895 /* If we don't have an exchange yet, create one. */
896 if (!msg->exchange) {
897 if (zero_test((u_int8_t *) msg->iov[0].iov_base +
898 ISAKMP_HDR_MESSAGE_ID_OFF, ISAKMP_HDR_MESSAGE_ID_LEN))
899 msg->exchange = exchange_setup_p1(msg, doi->id);
900 else
901 msg->exchange = exchange_setup_p2(msg, doi->id);
902 if (!msg->exchange) {
903 log_print("message_validate_notify: can not create "
904 "exchange");
905 message_free(msg);
906 return -1;
907 }
908 }
909 if (proto != ISAKMP_PROTO_ISAKMP && doi->validate_proto(proto)) {
910 log_print("message_validate_notify: protocol not supported");
911 message_free(msg);
912 return -1;
913 }
914
915 /* Validate the SPI. XXX Just ISAKMP for now. */
916 if (proto == ISAKMP_PROTO_ISAKMP &&
917 GET_ISAKMP_NOTIFY_SPI_SZ(p->p) == ISAKMP_HDR_COOKIES_LEN &&
918 msg->isakmp_sa &&
919 memcmp(p->p + ISAKMP_NOTIFY_SPI_OFF, msg->isakmp_sa->cookies,
920 ISAKMP_HDR_COOKIES_LEN) != 0) {
921 log_print("message_validate_notify: bad cookies");
922 message_drop(msg, ISAKMP_NOTIFY_INVALID_SPI, 0, 1, 1);
923 return -1;
924 }
925
926 if (type < ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE ||
927 (type >= ISAKMP_NOTIFY_RESERVED_MIN &&
928 type < ISAKMP_NOTIFY_PRIVATE_MIN) ||
929 (type >= ISAKMP_NOTIFY_STATUS_RESERVED1_MIN &&
930 type <= ISAKMP_NOTIFY_STATUS_RESERVED1_MAX) ||
931 (type >= ISAKMP_NOTIFY_STATUS_DOI_MIN &&
932 type <= ISAKMP_NOTIFY_STATUS_DOI_MAX &&
933 doi->validate_notification(type)) ||
934 type >= ISAKMP_NOTIFY_STATUS_RESERVED2_MIN) {
935 log_print("message_validate_notify: "
936 "message type not supported");
937 message_free(msg);
938 return -1;
939 }
940
941 return 0;
942 }
943
944 /* Validate the proposal payload P in message MSG. */
945 static int
message_validate_proposal(struct message * msg,struct payload * p)946 message_validate_proposal(struct message *msg, struct payload *p)
947 {
948 u_int8_t proto = GET_ISAKMP_PROP_PROTO(p->p);
949 u_int8_t *sa = p->context->p;
950
951 if (!msg->exchange) {
952 /* We should have an exchange at this point. */
953 log_print("message_validate_proposal: "
954 "payload out of sequence");
955 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
956 return -1;
957 }
958 if (proto != ISAKMP_PROTO_ISAKMP &&
959 msg->exchange->doi->validate_proto(proto)) {
960 message_drop(msg, ISAKMP_NOTIFY_INVALID_PROTOCOL_ID, 0, 1, 1);
961 return -1;
962 }
963 /* Check that we get monotonically increasing proposal IDs per SA. */
964 if (sa != last_sa)
965 last_sa = sa;
966 else if (GET_ISAKMP_PROP_NO(p->p) < last_prop_no) {
967 message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX, 0, 1, 1);
968 return -1;
969 }
970 last_prop_no = GET_ISAKMP_PROP_NO(p->p);
971
972 /* XXX Validate the SPI, and other syntactic things. */
973
974 return 0;
975 }
976
977 /*
978 * Validate the SA payload P in message MSG.
979 * Aside from normal validation, note what DOI is in use for other
980 * validation routines to look at. Also index the proposal payloads
981 * on the fly.
982 * XXX This assumes PAYLOAD_SA is always the first payload
983 * to be validated, which is true for IKE, except for quick mode where
984 * a PAYLOAD_HASH comes first, but in that specific case it does not matter.
985 * XXX Make sure the above comment is relevant, isn't SA always checked
986 * first due to the IANA assigned payload number?
987 */
988 static int
message_validate_sa(struct message * msg,struct payload * p)989 message_validate_sa(struct message *msg, struct payload *p)
990 {
991 set payload_set;
992 size_t len;
993 u_int32_t doi_id;
994 struct exchange *exchange = msg->exchange;
995 u_int8_t *pkt = msg->iov[0].iov_base;
996
997 doi_id = GET_ISAKMP_SA_DOI(p->p);
998 if (!doi_lookup(doi_id)) {
999 log_print("message_validate_sa: DOI not supported");
1000 message_drop(msg, ISAKMP_NOTIFY_DOI_NOT_SUPPORTED, 0, 1, 1);
1001 return -1;
1002 }
1003 /*
1004 * It's time to figure out what SA this message is about. If it is
1005 * already set, then we are creating a new phase 1 SA. Otherwise,
1006 * lookup the SA using the cookies and the message ID. If we cannot
1007 * find it, and the phase 1 SA is ready, setup a phase 2 SA.
1008 */
1009 if (!exchange) {
1010 if (zero_test(pkt + ISAKMP_HDR_RCOOKIE_OFF,
1011 ISAKMP_HDR_RCOOKIE_LEN))
1012 exchange = exchange_setup_p1(msg, doi_id);
1013 else if (msg->isakmp_sa->flags & SA_FLAG_READY)
1014 exchange = exchange_setup_p2(msg, doi_id);
1015 else {
1016 /* XXX What to do here? */
1017 message_free(msg);
1018 return -1;
1019 }
1020 if (!exchange) {
1021 /* XXX Log? */
1022 message_free(msg);
1023 return -1;
1024 }
1025 }
1026 msg->exchange = exchange;
1027
1028 /*
1029 * Create a struct sa for each SA payload handed to us unless we are
1030 * the initiator where we only will count them.
1031 */
1032 if (exchange->initiator) {
1033 /* XXX Count SA payloads. */
1034 } else if (sa_create(exchange, msg->transport)) {
1035 /* XXX Remove exchange if we just created it? */
1036 message_free(msg);
1037 return -1;
1038 }
1039 if (exchange->phase == 1) {
1040 msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list);
1041 if (msg->isakmp_sa)
1042 sa_reference(msg->isakmp_sa);
1043 }
1044 /*
1045 * Let the DOI validate the situation, at the same time it tells us
1046 * what the length of the situation field is.
1047 */
1048 if (exchange->doi->validate_situation(p->p + ISAKMP_SA_SIT_OFF, &len,
1049 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_SA_SIT_OFF)) {
1050 log_print("message_validate_sa: situation not supported");
1051 message_drop(msg, ISAKMP_NOTIFY_SITUATION_NOT_SUPPORTED,
1052 0, 1, 1);
1053 return -1;
1054 }
1055 /*
1056 * Reset the fields we base our proposal & transform number checks
1057 * on.
1058 */
1059 last_sa = last_prop = 0;
1060 last_prop_no = last_xf_no = 0;
1061
1062 /* Go through the PROPOSAL payloads. */
1063 ZERO(&payload_set);
1064 SET(ISAKMP_PAYLOAD_PROPOSAL, &payload_set);
1065 if (message_parse_payloads(msg, p, ISAKMP_PAYLOAD_PROPOSAL,
1066 p->p + ISAKMP_SA_SIT_OFF + len, &payload_set,
1067 message_parse_proposal) == -1)
1068 return -1;
1069
1070 return 0;
1071 }
1072
1073 /* Validate the signature payload P in message MSG. */
1074 static int
message_validate_sig(struct message * msg,struct payload * p)1075 message_validate_sig(struct message *msg, struct payload *p)
1076 {
1077 if (!msg->exchange) {
1078 /* We should have an exchange at this point. */
1079 log_print("message_validate_sig: payload out of sequence");
1080 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
1081 return -1;
1082 }
1083 /* XXX Not implemented yet. */
1084 return 0;
1085 }
1086
1087 /* Validate the transform payload P in message MSG. */
1088 static int
message_validate_transform(struct message * msg,struct payload * p)1089 message_validate_transform(struct message *msg, struct payload *p)
1090 {
1091 u_int8_t proto = GET_ISAKMP_PROP_PROTO(p->context->p);
1092 u_int8_t *prop = p->context->p;
1093
1094 if (!msg->exchange) {
1095 /* We should have an exchange at this point. */
1096 log_print("message_validate_transform: "
1097 "payload out of sequence");
1098 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
1099 return -1;
1100 }
1101 if (msg->exchange->doi
1102 ->validate_transform_id(proto, GET_ISAKMP_TRANSFORM_ID(p->p))) {
1103 message_drop(msg, ISAKMP_NOTIFY_INVALID_TRANSFORM_ID, 0, 1, 1);
1104 return -1;
1105 }
1106 /* Check that the reserved field is zero. */
1107 if (!zero_test(p->p + ISAKMP_TRANSFORM_RESERVED_OFF,
1108 ISAKMP_TRANSFORM_RESERVED_LEN)) {
1109 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
1110 return -1;
1111 }
1112 /*
1113 * Check that we get monotonically increasing transform numbers per
1114 * proposal.
1115 */
1116 if (prop != last_prop)
1117 last_prop = prop;
1118 else if (GET_ISAKMP_TRANSFORM_NO(p->p) <= last_xf_no) {
1119 message_drop(msg, ISAKMP_NOTIFY_BAD_PROPOSAL_SYNTAX, 0, 1, 1);
1120 return -1;
1121 }
1122 last_xf_no = GET_ISAKMP_TRANSFORM_NO(p->p);
1123
1124 /* Validate the attributes. */
1125 if (attribute_map(p->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF,
1126 GET_ISAKMP_GEN_LENGTH(p->p) - ISAKMP_TRANSFORM_SA_ATTRS_OFF,
1127 msg->exchange->doi->validate_attribute, msg)) {
1128 message_drop(msg, ISAKMP_NOTIFY_ATTRIBUTES_NOT_SUPPORTED,
1129 0, 1, 1);
1130 return -1;
1131 }
1132 return 0;
1133 }
1134
1135 /* Validate the vendor payload P in message MSG. */
1136 static int
message_validate_vendor(struct message * msg,struct payload * p)1137 message_validate_vendor(struct message *msg, struct payload *p)
1138 {
1139 if (!msg->exchange) {
1140 /* We should have an exchange at this point. */
1141 log_print("message_validate_vendor: payload out of sequence");
1142 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
1143 return -1;
1144 }
1145 /* Vendor IDs are only allowed in phase 1. */
1146 if (msg->exchange->phase != 1) {
1147 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1);
1148 return -1;
1149 }
1150 check_vendor_openbsd(msg, p);
1151 dpd_check_vendor_payload(msg, p);
1152 nat_t_check_vendor_payload(msg, p);
1153 if (!(p->flags & PL_MARK))
1154 LOG_DBG((LOG_MESSAGE, 40, "message_validate_vendor: "
1155 "vendor ID seen"));
1156 return 0;
1157 }
1158
1159 /*
1160 * Add an index-record pointing to the payload at BUF in message MSG
1161 * to the PAYLOAD bucket of payloads. This allows us to quickly reference
1162 * payloads by type. Also stash the parent payload P link into the new
1163 * node so we can go from transforms -> payloads -> SAs.
1164 */
1165 static int
message_index_payload(struct message * msg,struct payload * p,u_int8_t payload,u_int8_t * buf)1166 message_index_payload(struct message *msg, struct payload *p, u_int8_t payload,
1167 u_int8_t *buf)
1168 {
1169 struct payload *payload_node;
1170
1171 /* Put the payload pointer into the right bucket. */
1172 payload_node = malloc(sizeof *payload_node);
1173 if (!payload_node) {
1174 message_free(msg);
1175 return -1;
1176 }
1177 payload_node->p = buf;
1178 payload_node->context = p;
1179 payload_node->flags = 0;
1180 TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link);
1181 return 0;
1182 }
1183
1184 /*
1185 * Group each payload found in MSG by type for easy reference later.
1186 * While doing this, validate the generic parts of the message structure too.
1187 * NEXT is the 1st payload's type. This routine will also register the
1188 * computed message length (i.e. without padding) in msg->iov[0].iov_len.
1189 */
1190 static int
message_sort_payloads(struct message * msg,u_int8_t next)1191 message_sort_payloads(struct message *msg, u_int8_t next)
1192 {
1193 set payload_set;
1194 int i, sz;
1195
1196 ZERO(&payload_set);
1197 for (i = ISAKMP_PAYLOAD_SA; i < ISAKMP_PAYLOAD_MAX; i++)
1198 if (i != ISAKMP_PAYLOAD_PROPOSAL && i !=
1199 ISAKMP_PAYLOAD_TRANSFORM)
1200 SET(i, &payload_set);
1201 sz = message_parse_payloads(msg, 0, next,
1202 (u_int8_t *)msg->iov[0].iov_base + ISAKMP_HDR_SZ, &payload_set,
1203 message_index_payload);
1204 if (sz == -1)
1205 return -1;
1206 msg->iov[0].iov_len = ISAKMP_HDR_SZ + sz;
1207 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz);
1208 return 0;
1209 }
1210
1211 /* Run all the generic payload tests that the drafts specify. */
1212 static int
message_validate_payloads(struct message * msg)1213 message_validate_payloads(struct message *msg)
1214 {
1215 int i;
1216 struct payload *p;
1217 struct field *f;
1218
1219 for (i = ISAKMP_PAYLOAD_SA; i < ISAKMP_PAYLOAD_MAX; i++)
1220 TAILQ_FOREACH(p, &msg->payload[i], link) {
1221 LOG_DBG((LOG_MESSAGE, 60, "message_validate_payloads: "
1222 "payload %s at %p of message %p",
1223 constant_name(isakmp_payload_cst, i), p->p, msg));
1224 if ((f = message_get_field(i)) != NULL)
1225 field_dump_payload(f, p->p);
1226 if (message_validate_payload(msg, p, i))
1227 return -1;
1228 }
1229 return 0;
1230 }
1231
1232 /*
1233 * All incoming messages go through here. We do generic validity checks
1234 * and try to find or establish SAs. Last but not least we try to find
1235 * the exchange this message, MSG, is part of, and feed it there.
1236 */
1237 int
message_recv(struct message * msg)1238 message_recv(struct message *msg)
1239 {
1240 u_int8_t *buf = msg->iov[0].iov_base;
1241 size_t sz = msg->iov[0].iov_len;
1242 u_int8_t exch_type;
1243 int setup_isakmp_sa, msgid_is_zero;
1244 u_int8_t flags;
1245 struct keystate *ks = 0;
1246 struct proto tmp_proto;
1247 struct sa tmp_sa;
1248 struct transport *t;
1249
1250 /* Messages shorter than an ISAKMP header are bad. */
1251 if (sz < ISAKMP_HDR_SZ || sz != GET_ISAKMP_HDR_LENGTH(buf)) {
1252 log_print("message_recv: bad message length");
1253 message_drop(msg, 0, 0, 1, 1);
1254 return -1;
1255 }
1256 /* Possibly dump a raw hex image of the message to the log channel. */
1257 message_dump_raw("message_recv", msg, LOG_MESSAGE);
1258
1259 /*
1260 * If the responder cookie is zero, this is a request to setup an
1261 * ISAKMP SA. Otherwise the cookies should refer to an existing
1262 * ISAKMP SA.
1263 *
1264 * XXX This is getting ugly, please reread later to see if it can be
1265 * made nicer.
1266 */
1267 setup_isakmp_sa = zero_test(buf + ISAKMP_HDR_RCOOKIE_OFF,
1268 ISAKMP_HDR_RCOOKIE_LEN);
1269 if (setup_isakmp_sa) {
1270 /*
1271 * This might be a retransmission of a former ISAKMP SA setup
1272 * message. If so, just drop it.
1273 * XXX Must we really look in both the SA and exchange pools?
1274 */
1275 if (exchange_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF) ||
1276 sa_lookup_from_icookie(buf + ISAKMP_HDR_ICOOKIE_OFF)) {
1277 /*
1278 * XXX Later we should differentiate between
1279 * retransmissions and potential replay attacks.
1280 */
1281 LOG_DBG((LOG_MESSAGE, 90,
1282 "message_recv: dropping setup for existing SA"));
1283 message_free(msg);
1284 return -1;
1285 }
1286 } else {
1287 msg->isakmp_sa = sa_lookup_by_header(buf, 0);
1288 if (msg->isakmp_sa)
1289 sa_reference(msg->isakmp_sa);
1290
1291 /*
1292 * If we cannot find an ISAKMP SA out of the cookies, this is
1293 * either a responder's first reply, and we need to upgrade
1294 * our exchange, or it's just plain invalid cookies.
1295 */
1296 if (!msg->isakmp_sa) {
1297 msg->exchange = exchange_lookup_from_icookie(buf +
1298 ISAKMP_HDR_ICOOKIE_OFF);
1299 if (msg->exchange && msg->exchange->phase == 1 &&
1300 zero_test(msg->exchange->cookies +
1301 ISAKMP_HDR_RCOOKIE_OFF, ISAKMP_HDR_RCOOKIE_LEN))
1302 exchange_upgrade_p1(msg);
1303 else {
1304 log_print("message_recv: invalid cookie(s) "
1305 "%08x%08x %08x%08x",
1306 decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF),
1307 decode_32(buf + ISAKMP_HDR_ICOOKIE_OFF + 4),
1308 decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF),
1309 decode_32(buf + ISAKMP_HDR_RCOOKIE_OFF + 4));
1310 tmp_proto.sa = &tmp_sa;
1311 tmp_sa.doi = doi_lookup(ISAKMP_DOI_ISAKMP);
1312 tmp_proto.proto = ISAKMP_PROTO_ISAKMP;
1313 tmp_proto.spi_sz[1] = ISAKMP_HDR_COOKIES_LEN;
1314 tmp_proto.spi[1] =
1315 buf + ISAKMP_HDR_COOKIES_OFF;
1316 message_drop(msg, ISAKMP_NOTIFY_INVALID_COOKIE,
1317 &tmp_proto, 1, 1);
1318 return -1;
1319 }
1320 #if 0
1321 msg->isakmp_sa = sa_lookup_from_icookie(buf +
1322 ISAKMP_HDR_ICOOKIE_OFF);
1323 if (msg->isakmp_sa)
1324 sa_isakmp_upgrade(msg);
1325 #endif
1326 }
1327 msg->exchange = exchange_lookup(buf, 1);
1328 }
1329
1330 if (message_check_duplicate(msg))
1331 return -1;
1332
1333 if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf) >= ISAKMP_PAYLOAD_RESERVED_MIN) {
1334 log_print("message_recv: invalid payload type %d in ISAKMP "
1335 "header (check passphrases, if applicable and in Phase 1)",
1336 GET_ISAKMP_HDR_NEXT_PAYLOAD(buf));
1337 message_drop(msg, ISAKMP_NOTIFY_INVALID_PAYLOAD_TYPE, 0, 1, 1);
1338 return -1;
1339 }
1340 /* Validate that the message is of version 1.0. */
1341 if (ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf)) != 1) {
1342 log_print("message_recv: invalid version major %d",
1343 ISAKMP_VERSION_MAJOR(GET_ISAKMP_HDR_VERSION(buf)));
1344 message_drop(msg, ISAKMP_NOTIFY_INVALID_MAJOR_VERSION, 0, 1,
1345 1);
1346 return -1;
1347 }
1348 if (ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf)) != 0) {
1349 log_print("message_recv: invalid version minor %d",
1350 ISAKMP_VERSION_MINOR(GET_ISAKMP_HDR_VERSION(buf)));
1351 message_drop(msg, ISAKMP_NOTIFY_INVALID_MINOR_VERSION, 0, 1,
1352 1);
1353 return -1;
1354 }
1355 /*
1356 * Validate the exchange type. If it's a DOI-specified exchange wait
1357 * until after all payloads have been seen for the validation as the
1358 * SA payload might not yet have been parsed, thus the DOI might be
1359 * unknown.
1360 */
1361 exch_type = GET_ISAKMP_HDR_EXCH_TYPE(buf);
1362 if (exch_type == ISAKMP_EXCH_NONE ||
1363 (exch_type >= ISAKMP_EXCH_FUTURE_MIN &&
1364 exch_type <= ISAKMP_EXCH_FUTURE_MAX) ||
1365 (setup_isakmp_sa && exch_type >= ISAKMP_EXCH_DOI_MIN)) {
1366 log_print("message_recv: invalid exchange type %s",
1367 constant_name(isakmp_exch_cst, exch_type));
1368 message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE, 0, 1,
1369 1);
1370 return -1;
1371 }
1372 /*
1373 * Check for unrecognized flags, or the encryption flag when we don't
1374 * have an ISAKMP SA to decrypt with.
1375 */
1376 flags = GET_ISAKMP_HDR_FLAGS(buf);
1377 if (flags & ~(ISAKMP_FLAGS_ENC | ISAKMP_FLAGS_COMMIT |
1378 ISAKMP_FLAGS_AUTH_ONLY)) {
1379 log_print("message_recv: invalid flags 0x%x",
1380 GET_ISAKMP_HDR_FLAGS(buf));
1381 message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS, 0, 1, 1);
1382 return -1;
1383 }
1384 /*
1385 * If we are about to setup an ISAKMP SA, the message ID must be
1386 * zero.
1387 */
1388 msgid_is_zero = zero_test(buf + ISAKMP_HDR_MESSAGE_ID_OFF,
1389 ISAKMP_HDR_MESSAGE_ID_LEN);
1390 if (setup_isakmp_sa && !msgid_is_zero) {
1391 log_print("message_recv: invalid message id");
1392 message_drop(msg, ISAKMP_NOTIFY_INVALID_MESSAGE_ID, 0, 1, 1);
1393 return -1;
1394 }
1395 if (!setup_isakmp_sa && msgid_is_zero) {
1396 /*
1397 * XXX Very likely redundant, look at the else clause of the
1398 * if (setup_isakmp_sa) statement above.
1399 */
1400 msg->exchange = exchange_lookup(buf, 0);
1401 if (!msg->exchange) {
1402 log_print("message_recv: phase 1 message after "
1403 "ISAKMP SA is ready");
1404 message_free(msg);
1405 return -1;
1406 } else if (msg->exchange->last_sent) {
1407 LOG_DBG((LOG_MESSAGE, 80, "message_recv: resending "
1408 "last message from phase 1"));
1409 message_send(msg->exchange->last_sent);
1410 }
1411 }
1412 if (flags & ISAKMP_FLAGS_ENC) {
1413 if (!msg->isakmp_sa) {
1414 LOG_DBG((LOG_MISC, 10, "message_recv: no isakmp_sa "
1415 "for encrypted message"));
1416 message_free(msg);
1417 return -1;
1418 }
1419 /* Decrypt rest of message using a DOI-specified IV. */
1420 ks = msg->isakmp_sa->doi->get_keystate(msg);
1421 if (!ks) {
1422 message_free(msg);
1423 return -1;
1424 }
1425 msg->orig = malloc(sz);
1426 if (!msg->orig) {
1427 message_free(msg);
1428 free(ks);
1429 return -1;
1430 }
1431 memcpy(msg->orig, buf, sz);
1432 crypto_decrypt(ks, buf + ISAKMP_HDR_SZ, sz - ISAKMP_HDR_SZ);
1433 } else
1434 msg->orig = buf;
1435 msg->orig_sz = sz;
1436
1437 /* IKE packet capture */
1438 message_packet_log(msg);
1439
1440 /*
1441 * Check the overall payload structure at the same time as indexing
1442 * them by type.
1443 */
1444 if (GET_ISAKMP_HDR_NEXT_PAYLOAD(buf) != ISAKMP_PAYLOAD_NONE &&
1445 message_sort_payloads(msg, GET_ISAKMP_HDR_NEXT_PAYLOAD(buf))) {
1446 free(ks);
1447 return -1;
1448 }
1449 /*
1450 * Run generic payload tests now. If anything fails these checks, the
1451 * message needs either to be retained for later duplicate checks or
1452 * freed entirely.
1453 * XXX Should SAs and even transports be cleaned up then too?
1454 */
1455 if (message_validate_payloads(msg)) {
1456 free(ks);
1457 return -1;
1458 }
1459 /*
1460 * If we have not found an exchange by now something is definitely
1461 * wrong.
1462 */
1463 if (!msg->exchange) {
1464 log_print("message_recv: no exchange");
1465 message_drop(msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
1466 free(ks);
1467 return -1;
1468 }
1469 /*
1470 * NAT-T may have switched ports for us. We need to replace the
1471 * old ISAKMP SA transport here with one that contains the proper
1472 * (i.e translated) ports.
1473 */
1474 if (msg->isakmp_sa && msg->exchange->phase == 1) {
1475 t = msg->isakmp_sa->transport;
1476 msg->isakmp_sa->transport = msg->transport;
1477 transport_reference(msg->transport);
1478 transport_release(t);
1479 }
1480
1481 /*
1482 * Now we can validate DOI-specific exchange types. If we have no SA
1483 * DOI-specific exchange types are definitely wrong.
1484 */
1485 if (exch_type >= ISAKMP_EXCH_DOI_MIN &&
1486 msg->exchange->doi->validate_exchange(exch_type)) {
1487 log_print("message_recv: invalid DOI exchange type %d",
1488 exch_type);
1489 message_drop(msg, ISAKMP_NOTIFY_INVALID_EXCHANGE_TYPE, 0, 1,
1490 1);
1491 free(ks);
1492 return -1;
1493 }
1494 /* Make sure the IV we used gets saved in the proper SA. */
1495 if (ks) {
1496 if (!msg->exchange->keystate) {
1497 msg->exchange->keystate = ks;
1498 msg->exchange->crypto = ks->xf;
1499 } else
1500 free(ks);
1501 }
1502 /* Handle the flags. */
1503 if (flags & ISAKMP_FLAGS_ENC)
1504 msg->exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
1505 if ((msg->exchange->flags & EXCHANGE_FLAG_COMMITTED) == 0 &&
1506 (flags & ISAKMP_FLAGS_COMMIT))
1507 msg->exchange->flags |= EXCHANGE_FLAG_HE_COMMITTED;
1508
1509 /*
1510 * Except for the 3rd Aggressive Mode message, require encryption
1511 * as soon as we have the keystate for it.
1512 */
1513 if ((flags & ISAKMP_FLAGS_ENC) == 0 &&
1514 (msg->exchange->phase == 2 ||
1515 (msg->exchange->keystate &&
1516 msg->exchange->type != ISAKMP_EXCH_AGGRESSIVE))) {
1517 log_print("message_recv: cleartext phase %d message",
1518 msg->exchange->phase);
1519 message_drop(msg, ISAKMP_NOTIFY_INVALID_FLAGS, 0, 1, 1);
1520 return -1;
1521 }
1522
1523 /* OK let the exchange logic do the rest. */
1524 exchange_run(msg);
1525
1526 return 0;
1527 }
1528
1529 void
message_send_expire(struct message * msg)1530 message_send_expire(struct message *msg)
1531 {
1532 msg->retrans = 0;
1533
1534 message_send(msg);
1535 }
1536
1537 /* Queue up message MSG for transmittal. */
1538 void
message_send(struct message * msg)1539 message_send(struct message *msg)
1540 {
1541 struct exchange *exchange = msg->exchange;
1542 struct message *m;
1543 struct msg_head *q;
1544
1545 /* Remove retransmissions on this message */
1546 if (msg->retrans) {
1547 timer_remove_event(msg->retrans);
1548 msg->retrans = 0;
1549 }
1550 /* IKE packet capture */
1551 message_packet_log(msg);
1552
1553 /*
1554 * If the ISAKMP SA has set up encryption, encrypt the message.
1555 * However, in a retransmit, it is already encrypted.
1556 */
1557 if ((msg->flags & MSG_ENCRYPTED) == 0 &&
1558 exchange->flags & EXCHANGE_FLAG_ENCRYPT) {
1559 if (!exchange->keystate) {
1560 exchange->keystate = exchange->doi->get_keystate(msg);
1561 if (!exchange->keystate)
1562 return;
1563 exchange->crypto = exchange->keystate->xf;
1564 exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
1565 }
1566 if (message_encrypt(msg)) {
1567 /* XXX Log. */
1568 return;
1569 }
1570 }
1571 /* Keep the COMMIT bit on. */
1572 if (exchange->flags & EXCHANGE_FLAG_COMMITTED)
1573 SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base,
1574 GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base)
1575 | ISAKMP_FLAGS_COMMIT);
1576
1577 message_dump_raw("message_send", msg, LOG_MESSAGE);
1578 msg->flags |= MSG_IN_TRANSIT;
1579 exchange->in_transit = msg;
1580
1581 /*
1582 * If we get a retransmission of a message before our response
1583 * has left the queue, don't queue it again, as it will result
1584 * in a circular list.
1585 */
1586 q = msg->transport->vtbl->get_queue(msg);
1587 for (m = TAILQ_FIRST(q); m; m = TAILQ_NEXT(m, link))
1588 if (m == msg) {
1589 LOG_DBG((LOG_MESSAGE, 60,
1590 "message_send: msg %p already on sendq %p", m, q));
1591 return;
1592 }
1593 TAILQ_INSERT_TAIL(q, msg, link);
1594 }
1595
1596 /*
1597 * Setup the ISAKMP message header for message MSG. EXCHANGE is the exchange
1598 * type, FLAGS are the ISAKMP header flags and MSG_ID is message ID
1599 * identifying the exchange.
1600 */
1601 void
message_setup_header(struct message * msg,u_int8_t exchange,u_int8_t flags,u_int8_t * msg_id)1602 message_setup_header(struct message *msg, u_int8_t exchange, u_int8_t flags,
1603 u_int8_t *msg_id)
1604 {
1605 u_int8_t *buf = msg->iov[0].iov_base;
1606
1607 SET_ISAKMP_HDR_ICOOKIE(buf, msg->exchange->cookies);
1608 SET_ISAKMP_HDR_RCOOKIE(buf, msg->exchange->cookies +
1609 ISAKMP_HDR_ICOOKIE_LEN);
1610 SET_ISAKMP_HDR_NEXT_PAYLOAD(buf, ISAKMP_PAYLOAD_NONE);
1611 SET_ISAKMP_HDR_VERSION(buf, ISAKMP_VERSION_MAKE(1, 0));
1612 SET_ISAKMP_HDR_EXCH_TYPE(buf, exchange);
1613 SET_ISAKMP_HDR_FLAGS(buf, flags);
1614 SET_ISAKMP_HDR_MESSAGE_ID(buf, msg_id);
1615 SET_ISAKMP_HDR_LENGTH(buf, msg->iov[0].iov_len);
1616 }
1617
1618 /*
1619 * Add the payload of type PAYLOAD in BUF sized SZ to the MSG message.
1620 * The caller thereby is released from the responsibility of freeing BUF,
1621 * unless we return a failure of course. If LINK is set the former
1622 * payload's "next payload" field to PAYLOAD.
1623 *
1624 * XXX We might want to resize the iov array several slots at a time.
1625 */
1626 int
message_add_payload(struct message * msg,u_int8_t payload,u_int8_t * buf,size_t sz,int link)1627 message_add_payload(struct message *msg, u_int8_t payload, u_int8_t *buf,
1628 size_t sz, int link)
1629 {
1630 struct iovec *new_iov;
1631 struct payload *payload_node;
1632
1633 payload_node = calloc(1, sizeof *payload_node);
1634 if (!payload_node) {
1635 log_error("message_add_payload: calloc (1, %lu) failed",
1636 (unsigned long)sizeof *payload_node);
1637 return -1;
1638 }
1639 new_iov = reallocarray(msg->iov, msg->iovlen + 1,
1640 sizeof *msg->iov);
1641 if (!new_iov) {
1642 log_error("message_add_payload: realloc (%p, %lu) failed",
1643 msg->iov, (msg->iovlen + 1) *
1644 (unsigned long)sizeof *msg->iov);
1645 free(payload_node);
1646 return -1;
1647 }
1648 msg->iov = new_iov;
1649 new_iov[msg->iovlen].iov_base = buf;
1650 new_iov[msg->iovlen].iov_len = sz;
1651 msg->iovlen++;
1652 if (link)
1653 *msg->nextp = payload;
1654 msg->nextp = buf + ISAKMP_GEN_NEXT_PAYLOAD_OFF;
1655 *msg->nextp = ISAKMP_PAYLOAD_NONE;
1656 SET_ISAKMP_GEN_RESERVED(buf, 0);
1657 SET_ISAKMP_GEN_LENGTH(buf, sz);
1658 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base,
1659 GET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base) + sz);
1660
1661 /*
1662 * For the sake of exchange_validate we index the payloads even in
1663 * outgoing messages, however context and flags are uninteresting in
1664 * this situation.
1665 */
1666 payload_node->p = buf;
1667 TAILQ_INSERT_TAIL(&msg->payload[payload], payload_node, link);
1668 return 0;
1669 }
1670
1671 /* XXX Move up when ready. */
1672 struct info_args {
1673 char discr;
1674 u_int32_t doi;
1675 u_int8_t proto;
1676 u_int16_t spi_sz;
1677 union {
1678 struct {
1679 u_int16_t msg_type;
1680 u_int8_t *spi;
1681 } n;
1682 struct {
1683 u_int16_t nspis;
1684 u_int8_t *spis;
1685 } d;
1686 struct {
1687 u_int16_t msg_type;
1688 u_int8_t *spi;
1689 u_int32_t seq;
1690 } dpd;
1691 } u;
1692 };
1693
1694 /*
1695 * As a reaction to the incoming message MSG create an informational exchange
1696 * protected by ISAKMP_SA and send a notify payload of type NOTIFY, with
1697 * fields initialized from SA. INCOMING is true if the SPI field should be
1698 * filled with the incoming SPI and false if it is to be filled with the
1699 * outgoing one.
1700 *
1701 * XXX Should we handle sending multiple notify payloads? The draft allows
1702 * it, but do we need it? Furthermore, should we not return a success
1703 * status value?
1704 */
1705 void
message_send_notification(struct message * msg,struct sa * isakmp_sa,u_int16_t notify,struct proto * proto,int incoming)1706 message_send_notification(struct message *msg, struct sa *isakmp_sa,
1707 u_int16_t notify, struct proto *proto, int incoming)
1708 {
1709 struct info_args args;
1710 struct sa *doi_sa = proto ? proto->sa : isakmp_sa;
1711
1712 args.discr = 'N';
1713 args.doi = doi_sa ? doi_sa->doi->id : ISAKMP_DOI_ISAKMP;
1714 args.proto = proto ? proto->proto : ISAKMP_PROTO_ISAKMP;
1715 args.spi_sz = proto ? proto->spi_sz[incoming] : 0;
1716 args.u.n.msg_type = notify;
1717 args.u.n.spi = proto ? proto->spi[incoming] : 0;
1718 if (isakmp_sa && (isakmp_sa->flags & SA_FLAG_READY))
1719 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args,
1720 0, 0);
1721 else
1722 exchange_establish_p1(msg->transport, ISAKMP_EXCH_INFO,
1723 msg->exchange ? msg->exchange->doi->id : ISAKMP_DOI_ISAKMP,
1724 0, &args, 0, 0, 0);
1725 }
1726
1727 /* Send a DELETE inside an informational exchange for each protocol in SA. */
1728 void
message_send_delete(struct sa * sa)1729 message_send_delete(struct sa *sa)
1730 {
1731 struct info_args args;
1732 struct proto *proto;
1733 struct sa *isakmp_sa;
1734 struct sockaddr *dst;
1735
1736 if (!sa->transport)
1737 return;
1738
1739 sa->transport->vtbl->get_dst(sa->transport, &dst);
1740 isakmp_sa = sa_isakmp_lookup_by_peer(dst, SA_LEN(dst));
1741 if (!isakmp_sa) {
1742 /*
1743 * XXX We ought to setup an ISAKMP SA with our peer here and
1744 * send the DELETE over that one.
1745 */
1746 return;
1747 }
1748 args.discr = 'D';
1749 args.doi = sa->doi->id;
1750 args.u.d.nspis = 1;
1751 for (proto = TAILQ_FIRST(&sa->protos); proto;
1752 proto = TAILQ_NEXT(proto, link)) {
1753 switch (proto->proto) {
1754 case ISAKMP_PROTO_ISAKMP:
1755 args.spi_sz = ISAKMP_HDR_COOKIES_LEN;
1756 args.u.d.spis = sa->cookies;
1757 break;
1758
1759 case IPSEC_PROTO_IPSEC_AH:
1760 case IPSEC_PROTO_IPSEC_ESP:
1761 case IPSEC_PROTO_IPCOMP:
1762 args.spi_sz = proto->spi_sz[1];
1763 args.u.d.spis = proto->spi[1];
1764 break;
1765 default:
1766 log_print("message_send_delete: cannot delete unknown "
1767 "protocol %d", proto->proto);
1768 continue;
1769 }
1770
1771 args.proto = proto->proto;
1772 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args,
1773 0, 0);
1774 }
1775 }
1776
1777 void
message_send_dpd_notify(struct sa * isakmp_sa,u_int16_t notify,u_int32_t seq)1778 message_send_dpd_notify(struct sa* isakmp_sa, u_int16_t notify, u_int32_t seq)
1779 {
1780 struct info_args args;
1781
1782 args.discr = 'P';
1783 args.doi = IPSEC_DOI_IPSEC;
1784 args.proto = ISAKMP_PROTO_ISAKMP;
1785 args.spi_sz = ISAKMP_HDR_COOKIES_LEN;
1786 args.u.dpd.msg_type = notify;
1787 args.u.dpd.spi = isakmp_sa->cookies;
1788 args.u.dpd.seq = htonl(seq);
1789
1790 exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_INFO, 0, &args, 0, 0);
1791 }
1792
1793 /* Build the informational message into MSG. */
1794 int
message_send_info(struct message * msg)1795 message_send_info(struct message *msg)
1796 {
1797 u_int8_t *buf;
1798 size_t sz = 0;
1799 struct info_args *args = msg->extra;
1800 u_int8_t payload;
1801
1802 /* Let the DOI get the first hand on the message. */
1803 if (msg->exchange->doi->informational_pre_hook)
1804 if (msg->exchange->doi->informational_pre_hook(msg))
1805 return -1;
1806
1807 switch (args->discr) {
1808 case 'P':
1809 sz = sizeof args->u.dpd.seq;
1810 /* FALLTHROUGH */
1811 case 'N':
1812 sz += ISAKMP_NOTIFY_SPI_OFF + args->spi_sz;
1813 break;
1814 case 'D':
1815 default: /* Silence gcc */
1816 sz = ISAKMP_DELETE_SPI_OFF + args->u.d.nspis * args->spi_sz;
1817 break;
1818 }
1819
1820 buf = calloc(1, sz);
1821 if (!buf) {
1822 log_error("message_send_info: calloc (1, %lu) failed",
1823 (unsigned long)sz);
1824 message_free(msg);
1825 return -1;
1826 }
1827 switch (args->discr) {
1828 case 'P':
1829 memcpy(buf + ISAKMP_NOTIFY_SPI_OFF + args->spi_sz,
1830 &args->u.dpd.seq, sizeof args->u.dpd.seq);
1831 /* FALLTHROUGH */
1832 case 'N':
1833 /* Build the NOTIFY payload. */
1834 payload = ISAKMP_PAYLOAD_NOTIFY;
1835 SET_ISAKMP_NOTIFY_DOI(buf, args->doi);
1836 SET_ISAKMP_NOTIFY_PROTO(buf, args->proto);
1837 SET_ISAKMP_NOTIFY_SPI_SZ(buf, args->spi_sz);
1838 SET_ISAKMP_NOTIFY_MSG_TYPE(buf, args->u.n.msg_type);
1839 memcpy(buf + ISAKMP_NOTIFY_SPI_OFF, args->u.n.spi,
1840 args->spi_sz);
1841 break;
1842
1843 case 'D':
1844 default: /* Silence GCC. */
1845 /* Build the DELETE payload. */
1846 payload = ISAKMP_PAYLOAD_DELETE;
1847 SET_ISAKMP_DELETE_DOI(buf, args->doi);
1848 SET_ISAKMP_DELETE_PROTO(buf, args->proto);
1849 SET_ISAKMP_DELETE_SPI_SZ(buf, args->spi_sz);
1850 SET_ISAKMP_DELETE_NSPIS(buf, args->u.d.nspis);
1851 memcpy(buf + ISAKMP_DELETE_SPI_OFF, args->u.d.spis,
1852 args->u.d.nspis * args->spi_sz);
1853 msg->flags |= MSG_PRIORITIZED;
1854 break;
1855 }
1856
1857 if (message_add_payload(msg, payload, buf, sz, 1)) {
1858 free(buf);
1859 message_free(msg);
1860 return -1;
1861 }
1862 /* Let the DOI get the last hand on the message. */
1863 if (msg->exchange->doi->informational_post_hook)
1864 if (msg->exchange->doi->informational_post_hook(msg)) {
1865 message_free(msg);
1866 return -1;
1867 }
1868 return 0;
1869 }
1870
1871 /*
1872 * Drop the MSG message due to reason given in NOTIFY. If NOTIFY is set
1873 * send out a notification to the originator. Fill this notification with
1874 * values from PROTO. INCOMING decides which SPI to include. If CLEAN is
1875 * set, free the message when ready with it.
1876 */
1877 void
message_drop(struct message * msg,int notify,struct proto * proto,int incoming,int clean)1878 message_drop(struct message *msg, int notify, struct proto *proto,
1879 int incoming, int clean)
1880 {
1881 struct transport *t = msg->transport;
1882 struct sockaddr *dst;
1883 char *address;
1884 short port = 0;
1885
1886 t->vtbl->get_dst(t, &dst);
1887 if (sockaddr2text(dst, &address, 0)) {
1888 log_error("message_drop: sockaddr2text () failed");
1889 address = 0;
1890 }
1891 switch (dst->sa_family) {
1892 case AF_INET:
1893 port = ((struct sockaddr_in *)dst)->sin_port;
1894 break;
1895 case AF_INET6:
1896 port = ((struct sockaddr_in6 *)dst)->sin6_port;
1897 break;
1898 default:
1899 log_print("message_drop: unknown protocol family %d",
1900 dst->sa_family);
1901 }
1902
1903 log_print("dropped message from %s port %d due to notification type "
1904 "%s", address ? address : "<unknown>", htons(port),
1905 constant_name(isakmp_notify_cst, notify));
1906
1907 free(address);
1908
1909 /* If specified, return a notification. */
1910 if (notify)
1911 message_send_notification(msg, msg->isakmp_sa, notify, proto,
1912 incoming);
1913 if (clean)
1914 message_free(msg);
1915 }
1916
1917 /*
1918 * If the user demands debug printouts, printout MSG with as much detail
1919 * as we can without resorting to per-payload handling.
1920 */
1921 void
message_dump_raw(char * header,struct message * msg,int class)1922 message_dump_raw(char *header, struct message *msg, int class)
1923 {
1924 u_int32_t i, j, k = 0;
1925 char buf[80], *p = buf;
1926
1927 LOG_DBG((class, 70, "%s: message %p", header, msg));
1928 field_dump_payload(isakmp_hdr_fld, msg->iov[0].iov_base);
1929 for (i = 0; i < msg->iovlen; i++)
1930 for (j = 0; j < msg->iov[i].iov_len; j++) {
1931 snprintf(p, sizeof buf - (int) (p - buf), "%02x",
1932 ((u_int8_t *) msg->iov[i].iov_base)[j]);
1933 p += strlen(p);
1934 if (++k % 32 == 0) {
1935 *p = '\0';
1936 LOG_DBG((class, 70, "%s: %s", header, buf));
1937 p = buf;
1938 } else if (k % 4 == 0)
1939 *p++ = ' ';
1940 }
1941 *p = '\0';
1942 if (p != buf)
1943 LOG_DBG((class, 70, "%s: %s", header, buf));
1944 }
1945
1946 static void
message_packet_log(struct message * msg)1947 message_packet_log(struct message *msg)
1948 {
1949 struct sockaddr *src, *dst;
1950 struct transport *t = msg->transport;
1951
1952 /* Don't log retransmissions. Redundant for incoming packets... */
1953 if (msg->xmits > 0)
1954 return;
1955
1956 if (msg->exchange && msg->exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE)
1957 t = ((struct virtual_transport *)msg->transport)->encap;
1958
1959 /* Figure out direction. */
1960 if (msg->exchange &&
1961 msg->exchange->initiator ^ (msg->exchange->step % 2)) {
1962 t->vtbl->get_src(t, &src);
1963 t->vtbl->get_dst(t, &dst);
1964 } else {
1965 t->vtbl->get_src(t, &dst);
1966 t->vtbl->get_dst(t, &src);
1967 }
1968
1969 log_packet_iov(src, dst, msg->iov, msg->iovlen);
1970 }
1971
1972 /*
1973 * Encrypt an outgoing message MSG. As outgoing messages are represented
1974 * with an iovec with one segment per payload, we need to coalesce them
1975 * into just une buffer containing all payloads and some padding before
1976 * we encrypt.
1977 */
1978 static int
message_encrypt(struct message * msg)1979 message_encrypt(struct message *msg)
1980 {
1981 struct exchange *exchange = msg->exchange;
1982 size_t i, sz = 0;
1983 u_int8_t *buf;
1984
1985 /* If no payloads, nothing to do. */
1986 if (msg->iovlen == 1)
1987 return 0;
1988
1989 /*
1990 * For encryption we need to put all payloads together in a single
1991 * buffer. This buffer should be padded to the current crypto
1992 * transform's blocksize.
1993 */
1994 for (i = 1; i < msg->iovlen; i++)
1995 sz += msg->iov[i].iov_len;
1996 sz = ((sz + exchange->crypto->blocksize - 1) /
1997 exchange->crypto->blocksize) * exchange->crypto->blocksize;
1998 buf = realloc(msg->iov[1].iov_base, sz);
1999 if (!buf) {
2000 log_error("message_encrypt: realloc (%p, %lu) failed",
2001 msg->iov[1].iov_base, (unsigned long) sz);
2002 return -1;
2003 }
2004 msg->iov[1].iov_base = buf;
2005 for (i = 2; i < msg->iovlen; i++) {
2006 memcpy(buf + msg->iov[1].iov_len, msg->iov[i].iov_base,
2007 msg->iov[i].iov_len);
2008 msg->iov[1].iov_len += msg->iov[i].iov_len;
2009 free(msg->iov[i].iov_base);
2010 }
2011
2012 /* Pad with zeroes. */
2013 memset(buf + msg->iov[1].iov_len, '\0', sz - msg->iov[1].iov_len);
2014 msg->iov[1].iov_len = sz;
2015 msg->iovlen = 2;
2016
2017 SET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base,
2018 GET_ISAKMP_HDR_FLAGS(msg->iov[0].iov_base) | ISAKMP_FLAGS_ENC);
2019 SET_ISAKMP_HDR_LENGTH(msg->iov[0].iov_base, ISAKMP_HDR_SZ + sz);
2020 crypto_encrypt(exchange->keystate, buf, msg->iov[1].iov_len);
2021 msg->flags |= MSG_ENCRYPTED;
2022
2023 /* Update the IV so we can decrypt the next incoming message. */
2024 crypto_update_iv(exchange->keystate);
2025
2026 return 0;
2027 }
2028
2029 /*
2030 * Check whether the message MSG is a duplicate of the last one negotiating
2031 * this specific SA.
2032 */
2033 static int
message_check_duplicate(struct message * msg)2034 message_check_duplicate(struct message *msg)
2035 {
2036 struct exchange *exchange = msg->exchange;
2037 size_t sz = msg->iov[0].iov_len;
2038 u_int8_t *pkt = msg->iov[0].iov_base;
2039
2040 /* If no SA has been found, we cannot test, thus it's good. */
2041 if (!exchange)
2042 return 0;
2043
2044 LOG_DBG((LOG_MESSAGE, 90, "message_check_duplicate: last_received %p",
2045 exchange->last_received));
2046 if (exchange->last_received) {
2047 LOG_DBG_BUF((LOG_MESSAGE, 95,
2048 "message_check_duplicate: last_received",
2049 exchange->last_received->orig,
2050 exchange->last_received->orig_sz));
2051 /* Is it a duplicate, lose the new one. */
2052 if (sz == exchange->last_received->orig_sz &&
2053 memcmp(pkt, exchange->last_received->orig, sz) == 0) {
2054 LOG_DBG((LOG_MESSAGE, 80,
2055 "message_check_duplicate: dropping dup"));
2056
2057 /*
2058 * Retransmit if the previous sent message was the last
2059 * of an exchange, otherwise just wait for the
2060 * ordinary retransmission.
2061 */
2062 if (exchange->last_sent && (exchange->last_sent->flags
2063 & MSG_LAST))
2064 message_send(exchange->last_sent);
2065 message_free(msg);
2066 return -1;
2067 }
2068 }
2069 /*
2070 * As this new message is an indication that state is moving forward
2071 * at the peer, remove the retransmit timer on our last message.
2072 */
2073 if (exchange->last_sent) {
2074 if (exchange->last_sent == exchange->in_transit) {
2075 struct message *m = exchange->in_transit;
2076 TAILQ_REMOVE(m->transport->vtbl->get_queue(m), m,
2077 link);
2078 exchange->in_transit = 0;
2079 }
2080 message_free(exchange->last_sent);
2081 exchange->last_sent = 0;
2082 }
2083 return 0;
2084 }
2085
2086 /* Helper to message_negotiate_sa. */
2087 static __inline struct payload *
step_transform(struct payload * tp,struct payload ** propp,struct payload ** sap)2088 step_transform(struct payload *tp, struct payload **propp,
2089 struct payload **sap)
2090 {
2091 tp = TAILQ_NEXT(tp, link);
2092 if (tp) {
2093 *propp = tp->context;
2094 *sap = (*propp)->context;
2095 }
2096 return tp;
2097 }
2098
2099 /*
2100 * Pick out the first transforms out of MSG (which should contain at least one
2101 * SA payload) we accept as a full protection suite.
2102 */
2103 int
message_negotiate_sa(struct message * msg,int (* validate)(struct exchange *,struct sa *,struct sa *))2104 message_negotiate_sa(struct message *msg, int (*validate)(struct exchange *,
2105 struct sa *, struct sa *))
2106 {
2107 struct payload *tp, *propp, *sap, *next_tp = 0, *next_propp, *next_sap;
2108 struct payload *saved_tp = 0, *saved_propp = 0, *saved_sap = 0;
2109 struct sa *sa;
2110 struct proto *proto;
2111 int suite_ok_so_far = 0;
2112 struct exchange *exchange = msg->exchange;
2113
2114 /*
2115 * This algorithm is a weird bottom-up thing... mostly due to the
2116 * payload links pointing upwards.
2117 *
2118 * The algorithm goes something like this:
2119 * Foreach transform
2120 * If transform is compatible
2121 * Remember that this protocol can work
2122 * Skip to last transform of this protocol
2123 * If next transform belongs to a new protocol inside the same suite
2124 * If no transform was found for the current protocol
2125 * Forget all earlier transforms for protocols in this suite
2126 * Skip to last transform of this suite
2127 * If next transform belongs to a new suite
2128 * If the current protocol had an OK transform
2129 * Skip to the last transform of this SA
2130 * If the next transform belongs to a new SA
2131 * If no transforms have been chosen
2132 * Issue a NO_PROPOSAL_CHOSEN notification
2133 */
2134
2135 sa = TAILQ_FIRST(&exchange->sa_list);
2136 for (tp = payload_first(msg, ISAKMP_PAYLOAD_TRANSFORM); tp;
2137 tp = next_tp) {
2138 propp = tp->context;
2139 sap = propp->context;
2140 sap->flags |= PL_MARK;
2141 next_tp = step_transform(tp, &next_propp, &next_sap);
2142
2143 /* For each transform, see if it is compatible. */
2144 if (!attribute_map(tp->p + ISAKMP_TRANSFORM_SA_ATTRS_OFF,
2145 GET_ISAKMP_GEN_LENGTH(tp->p) -
2146 ISAKMP_TRANSFORM_SA_ATTRS_OFF,
2147 exchange->doi->is_attribute_incompatible, msg)) {
2148 LOG_DBG((LOG_NEGOTIATION, 30, "message_negotiate_sa: "
2149 "transform %d proto %d proposal %d ok",
2150 GET_ISAKMP_TRANSFORM_NO(tp->p),
2151 GET_ISAKMP_PROP_PROTO(propp->p),
2152 GET_ISAKMP_PROP_NO(propp->p)));
2153 if (sa_add_transform(sa, tp, exchange->initiator,
2154 &proto))
2155 goto cleanup;
2156 suite_ok_so_far = 1;
2157
2158 saved_tp = next_tp;
2159 saved_propp = next_propp;
2160 saved_sap = next_sap;
2161 /* Skip to last transform of this protocol proposal. */
2162 while ((next_tp = step_transform(tp, &next_propp,
2163 &next_sap)) && next_propp == propp)
2164 tp = next_tp;
2165 }
2166 retry_transform:
2167 /*
2168 * Figure out if we will be looking at a new protocol proposal
2169 * inside the current protection suite.
2170 */
2171 if (next_tp && propp != next_propp && sap == next_sap &&
2172 (GET_ISAKMP_PROP_NO(propp->p) ==
2173 GET_ISAKMP_PROP_NO(next_propp->p))) {
2174 if (!suite_ok_so_far) {
2175 LOG_DBG((LOG_NEGOTIATION, 30,
2176 "message_negotiate_sa: proto %d proposal "
2177 "%d failed",
2178 GET_ISAKMP_PROP_PROTO(propp->p),
2179 GET_ISAKMP_PROP_NO(propp->p)));
2180 /*
2181 * Remove potentially succeeded choices from
2182 * the SA.
2183 */
2184 while ((proto = TAILQ_FIRST(&sa->protos)))
2185 proto_free(proto);
2186
2187 /*
2188 * Skip to the last transform of this
2189 * protection suite.
2190 */
2191 while ((next_tp = step_transform(tp,
2192 &next_propp, &next_sap)) &&
2193 (GET_ISAKMP_PROP_NO(next_propp->p) ==
2194 GET_ISAKMP_PROP_NO(propp->p)) &&
2195 next_sap == sap)
2196 tp = next_tp;
2197 }
2198 suite_ok_so_far = 0;
2199 }
2200 /*
2201 * Figure out if we will be looking at a new protection
2202 * suite.
2203 */
2204 if (!next_tp ||
2205 (propp != next_propp && (GET_ISAKMP_PROP_NO(propp->p) !=
2206 GET_ISAKMP_PROP_NO(next_propp->p))) ||
2207 sap != next_sap) {
2208 /*
2209 * Check if the suite we just considered was OK, if so
2210 * we check it against the accepted ones.
2211 */
2212 if (suite_ok_so_far) {
2213 if (!validate || validate(exchange, sa,
2214 msg->isakmp_sa)) {
2215 LOG_DBG((LOG_NEGOTIATION, 30,
2216 "message_negotiate_sa: proposal "
2217 "%d succeeded",
2218 GET_ISAKMP_PROP_NO(propp->p)));
2219
2220 /*
2221 * Skip to the last transform of this
2222 * SA.
2223 */
2224 while ((next_tp = step_transform(tp,
2225 &next_propp, &next_sap)) &&
2226 next_sap == sap)
2227 tp = next_tp;
2228 } else {
2229 /* Backtrack. */
2230 LOG_DBG((LOG_NEGOTIATION, 30,
2231 "message_negotiate_sa: proposal "
2232 "%d failed",
2233 GET_ISAKMP_PROP_NO(propp->p)));
2234 next_tp = saved_tp;
2235 next_propp = saved_propp;
2236 next_sap = saved_sap;
2237 suite_ok_so_far = 0;
2238
2239 /*
2240 * Remove potentially succeeded
2241 * choices from the SA.
2242 */
2243 while ((proto =
2244 TAILQ_FIRST(&sa->protos)))
2245 proto_free(proto);
2246 goto retry_transform;
2247 }
2248 }
2249 }
2250 /* Have we walked all the proposals of an SA? */
2251 if (!next_tp || sap != next_sap) {
2252 if (!suite_ok_so_far) {
2253 /*
2254 * XXX We cannot possibly call this a drop...
2255 * seeing we just turn down one of the offers,
2256 * can we? I suggest renaming message_drop to
2257 * something else.
2258 */
2259 log_print("message_negotiate_sa: no "
2260 "compatible proposal found");
2261 message_drop(msg,
2262 ISAKMP_NOTIFY_NO_PROPOSAL_CHOSEN, 0, 1, 0);
2263 }
2264 sa = TAILQ_NEXT(sa, next);
2265 }
2266 }
2267 return 0;
2268
2269 cleanup:
2270 /*
2271 * Remove potentially succeeded choices from the SA.
2272 */
2273 while ((proto = TAILQ_FIRST(&sa->protos)))
2274 proto_free(proto);
2275 return -1;
2276 }
2277
2278 /*
2279 * Add SA, proposal and transform payload(s) to MSG out of information
2280 * found in the exchange MSG is part of..
2281 */
2282 int
message_add_sa_payload(struct message * msg)2283 message_add_sa_payload(struct message *msg)
2284 {
2285 struct exchange *exchange = msg->exchange;
2286 u_int8_t *sa_buf, *saved_nextp_sa, *saved_nextp_prop;
2287 size_t sa_len, extra_sa_len;
2288 int i, nprotos = 0;
2289 struct proto *proto;
2290 u_int8_t **transforms = 0, **proposals = 0;
2291 size_t *transform_lens = 0, *proposal_lens = 0;
2292 struct sa *sa;
2293 struct doi *doi = exchange->doi;
2294 u_int8_t *spi = 0;
2295 size_t spi_sz;
2296
2297 /*
2298 * Generate SA payloads.
2299 */
2300 for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
2301 sa = TAILQ_NEXT(sa, next)) {
2302 /* Setup a SA payload. */
2303 sa_len = ISAKMP_SA_SIT_OFF + doi->situation_size();
2304 extra_sa_len = 0;
2305 sa_buf = malloc(sa_len);
2306 if (!sa_buf) {
2307 log_error("message_add_sa_payload: "
2308 "malloc (%lu) failed", (unsigned long)sa_len);
2309 goto cleanup;
2310 }
2311 SET_ISAKMP_SA_DOI(sa_buf, doi->id);
2312 doi->setup_situation(sa_buf);
2313
2314 /* Count transforms. */
2315 nprotos = 0;
2316 for (proto = TAILQ_FIRST(&sa->protos); proto;
2317 proto = TAILQ_NEXT(proto, link))
2318 nprotos++;
2319
2320 /*
2321 * Allocate transient transform and proposal payload/size
2322 * vectors.
2323 */
2324 transforms = calloc(nprotos, sizeof *transforms);
2325 if (!transforms) {
2326 log_error("message_add_sa_payload: calloc (%d, %lu) "
2327 "failed", nprotos,
2328 (unsigned long)sizeof *transforms);
2329 goto cleanup;
2330 }
2331 transform_lens = calloc(nprotos, sizeof *transform_lens);
2332 if (!transform_lens) {
2333 log_error("message_add_sa_payload: calloc (%d, %lu) "
2334 "failed", nprotos,
2335 (unsigned long) sizeof *transform_lens);
2336 goto cleanup;
2337 }
2338 proposals = calloc(nprotos, sizeof *proposals);
2339 if (!proposals) {
2340 log_error("message_add_sa_payload: calloc (%d, %lu) "
2341 "failed", nprotos,
2342 (unsigned long)sizeof *proposals);
2343 goto cleanup;
2344 }
2345 proposal_lens = calloc(nprotos, sizeof *proposal_lens);
2346 if (!proposal_lens) {
2347 log_error("message_add_sa_payload: calloc (%d, %lu) "
2348 "failed", nprotos,
2349 (unsigned long)sizeof *proposal_lens);
2350 goto cleanup;
2351 }
2352 /* Pick out the chosen transforms. */
2353 for (proto = TAILQ_FIRST(&sa->protos), i = 0; proto;
2354 proto = TAILQ_NEXT(proto, link), i++) {
2355 transform_lens[i] =
2356 GET_ISAKMP_GEN_LENGTH(proto->chosen->p);
2357 transforms[i] = malloc(transform_lens[i]);
2358 if (!transforms[i]) {
2359 log_error("message_add_sa_payload: malloc "
2360 "(%lu) failed",
2361 (unsigned long)transform_lens[i]);
2362 goto cleanup;
2363 }
2364 /* Get incoming SPI from application. */
2365 if (doi->get_spi) {
2366 spi = doi->get_spi(&spi_sz,
2367 GET_ISAKMP_PROP_PROTO(proto->chosen->context->p),
2368 msg);
2369 if (spi_sz && !spi)
2370 goto cleanup;
2371 proto->spi[1] = spi;
2372 proto->spi_sz[1] = spi_sz;
2373 } else
2374 spi_sz = 0;
2375
2376 proposal_lens[i] = ISAKMP_PROP_SPI_OFF + spi_sz;
2377 proposals[i] = malloc(proposal_lens[i]);
2378 if (!proposals[i]) {
2379 log_error("message_add_sa_payload: malloc "
2380 "(%lu) failed",
2381 (unsigned long)proposal_lens[i]);
2382 goto cleanup;
2383 }
2384 memcpy(transforms[i], proto->chosen->p,
2385 transform_lens[i]);
2386 memcpy(proposals[i], proto->chosen->context->p,
2387 ISAKMP_PROP_SPI_OFF);
2388 SET_ISAKMP_PROP_NTRANSFORMS(proposals[i], 1);
2389 SET_ISAKMP_PROP_SPI_SZ(proposals[i], spi_sz);
2390 if (spi_sz)
2391 memcpy(proposals[i] + ISAKMP_PROP_SPI_OFF, spi,
2392 spi_sz);
2393 extra_sa_len += proposal_lens[i] + transform_lens[i];
2394 }
2395
2396 /*
2397 * Add the payloads. As this is a SA, we need to recompute the
2398 * lengths of the payloads containing others. We also need to
2399 * reset these payload's "next payload type" field.
2400 */
2401 if (message_add_payload(msg, ISAKMP_PAYLOAD_SA, sa_buf,
2402 sa_len, 1))
2403 goto cleanup;
2404 SET_ISAKMP_GEN_LENGTH(sa_buf, sa_len + extra_sa_len);
2405 sa_buf = 0;
2406
2407 saved_nextp_sa = msg->nextp;
2408 for (proto = TAILQ_FIRST(&sa->protos), i = 0; proto;
2409 proto = TAILQ_NEXT(proto, link), i++) {
2410 if (message_add_payload(msg, ISAKMP_PAYLOAD_PROPOSAL,
2411 proposals[i], proposal_lens[i], i > 0))
2412 goto cleanup;
2413 SET_ISAKMP_GEN_LENGTH(proposals[i], proposal_lens[i] +
2414 transform_lens[i]);
2415 proposals[i] = 0;
2416
2417 saved_nextp_prop = msg->nextp;
2418 if (message_add_payload(msg, ISAKMP_PAYLOAD_TRANSFORM,
2419 transforms[i], transform_lens[i], 0))
2420 goto cleanup;
2421 msg->nextp = saved_nextp_prop;
2422 transforms[i] = 0;
2423 }
2424 msg->nextp = saved_nextp_sa;
2425
2426 /* Free the temporary allocations made above. */
2427 free(transforms);
2428 free(transform_lens);
2429 free(proposals);
2430 free(proposal_lens);
2431 }
2432 return 0;
2433
2434 cleanup:
2435 free(sa_buf);
2436 for (i = 0; i < nprotos; i++) {
2437 free(transforms[i]);
2438 free(proposals[i]);
2439 }
2440 free(transforms);
2441 free(transform_lens);
2442 free(proposals);
2443 free(proposal_lens);
2444 return -1;
2445 }
2446
2447 /*
2448 * Return a copy of MSG's constants starting from OFFSET and stash the size
2449 * in SZP. It is the callers responsibility to free this up.
2450 */
2451 u_int8_t *
message_copy(struct message * msg,size_t offset,size_t * szp)2452 message_copy(struct message *msg, size_t offset, size_t *szp)
2453 {
2454 int skip = 0;
2455 size_t i, sz = 0;
2456 ssize_t start = -1;
2457 u_int8_t *buf, *p;
2458
2459 /* Calculate size of message and where we want to start to copy. */
2460 for (i = 1; i < msg->iovlen; i++) {
2461 sz += msg->iov[i].iov_len;
2462 if (sz <= offset)
2463 skip = i;
2464 else if (start < 0)
2465 start = offset - (sz - msg->iov[i].iov_len);
2466 }
2467
2468 /* Allocate and copy. */
2469 *szp = sz - offset;
2470 buf = malloc(*szp);
2471 if (!buf)
2472 return 0;
2473 p = buf;
2474 for (i = skip + 1; i < msg->iovlen; i++) {
2475 memcpy(p, (u_int8_t *) msg->iov[i].iov_base + start,
2476 msg->iov[i].iov_len - start);
2477 p += msg->iov[i].iov_len - start;
2478 start = 0;
2479 }
2480 return buf;
2481 }
2482
2483 /* Register a post-send function POST_SEND with message MSG. */
2484 int
message_register_post_send(struct message * msg,void (* post_send)(struct message *))2485 message_register_post_send(struct message *msg,
2486 void (*post_send)(struct message *))
2487 {
2488 struct post_send *node;
2489
2490 node = malloc(sizeof *node);
2491 if (!node)
2492 return -1;
2493 node->func = post_send;
2494 TAILQ_INSERT_TAIL(&msg->post_send, node, link);
2495 return 0;
2496 }
2497
2498 /* Run the post-send functions of message MSG. */
2499 void
message_post_send(struct message * msg)2500 message_post_send(struct message *msg)
2501 {
2502 struct post_send *node;
2503
2504 while ((node = TAILQ_FIRST(&msg->post_send)) != 0) {
2505 TAILQ_REMOVE(&msg->post_send, node, link);
2506 node->func(msg);
2507 free(node);
2508 }
2509 }
2510
2511 struct payload *
payload_first(struct message * msg,u_int8_t payload)2512 payload_first(struct message *msg, u_int8_t payload)
2513 {
2514 return TAILQ_FIRST(&msg->payload[payload]);
2515 }
2516