1 /* $OpenBSD: ikev2_pld.c,v 1.117 2021/02/19 21:52:53 tobhe Exp $ */ 2 3 /* 4 * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> 5 * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> 6 * Copyright (c) 2014 Hans-Joerg Hoexer 7 * 8 * Permission to use, copy, modify, and distribute this software for any 9 * purpose with or without fee is hereby granted, provided that the above 10 * copyright notice and this permission notice appear in all copies. 11 * 12 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 13 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 14 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 15 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 16 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 17 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 18 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 19 */ 20 21 #include <sys/queue.h> 22 #include <sys/socket.h> 23 #include <sys/uio.h> 24 25 #include <netinet/in.h> 26 #include <arpa/inet.h> 27 28 #include <stdlib.h> 29 #include <stdio.h> 30 #include <unistd.h> 31 #include <string.h> 32 #include <signal.h> 33 #include <errno.h> 34 #include <err.h> 35 #include <event.h> 36 37 #include <openssl/sha.h> 38 #include <openssl/evp.h> 39 40 #include "iked.h" 41 #include "ikev2.h" 42 #include "eap.h" 43 #include "dh.h" 44 45 int ikev2_validate_pld(struct iked_message *, size_t, size_t, 46 struct ikev2_payload *); 47 int ikev2_pld_payloads(struct iked *, struct iked_message *, 48 size_t, size_t, unsigned int); 49 int ikev2_validate_sa(struct iked_message *, size_t, size_t, 50 struct ikev2_sa_proposal *); 51 int ikev2_pld_sa(struct iked *, struct ikev2_payload *, 52 struct iked_message *, size_t, size_t); 53 int ikev2_validate_xform(struct iked_message *, size_t, size_t, 54 struct ikev2_transform *); 55 int ikev2_pld_xform(struct iked *, struct iked_message *, 56 size_t, size_t); 57 int ikev2_validate_attr(struct iked_message *, size_t, size_t, 58 struct ikev2_attribute *); 59 int ikev2_pld_attr(struct iked *, struct ikev2_transform *, 60 struct iked_message *, size_t, size_t); 61 int ikev2_validate_ke(struct iked_message *, size_t, size_t, 62 struct ikev2_keyexchange *); 63 int ikev2_pld_ke(struct iked *, struct ikev2_payload *, 64 struct iked_message *, size_t, size_t); 65 int ikev2_validate_id(struct iked_message *, size_t, size_t, 66 struct ikev2_id *); 67 int ikev2_pld_id(struct iked *, struct ikev2_payload *, 68 struct iked_message *, size_t, size_t, unsigned int); 69 int ikev2_validate_cert(struct iked_message *, size_t, size_t, 70 struct ikev2_cert *); 71 int ikev2_pld_cert(struct iked *, struct ikev2_payload *, 72 struct iked_message *, size_t, size_t); 73 int ikev2_validate_certreq(struct iked_message *, size_t, size_t, 74 struct ikev2_cert *); 75 int ikev2_pld_certreq(struct iked *, struct ikev2_payload *, 76 struct iked_message *, size_t, size_t); 77 int ikev2_pld_nonce(struct iked *, struct ikev2_payload *, 78 struct iked_message *, size_t, size_t); 79 int ikev2_validate_notify(struct iked_message *, size_t, size_t, 80 struct ikev2_notify *); 81 int ikev2_pld_notify(struct iked *, struct ikev2_payload *, 82 struct iked_message *, size_t, size_t); 83 int ikev2_validate_delete(struct iked_message *, size_t, size_t, 84 struct ikev2_delete *); 85 int ikev2_pld_delete(struct iked *, struct ikev2_payload *, 86 struct iked_message *, size_t, size_t); 87 int ikev2_validate_tss(struct iked_message *, size_t, size_t, 88 struct ikev2_tsp *); 89 int ikev2_pld_tss(struct iked *, struct ikev2_payload *, 90 struct iked_message *, size_t, size_t); 91 int ikev2_validate_ts(struct iked_message *, size_t, size_t, 92 struct ikev2_ts *); 93 int ikev2_pld_ts(struct iked *, struct ikev2_payload *, 94 struct iked_message *, size_t, size_t, unsigned int); 95 int ikev2_validate_auth(struct iked_message *, size_t, size_t, 96 struct ikev2_auth *); 97 int ikev2_pld_auth(struct iked *, struct ikev2_payload *, 98 struct iked_message *, size_t, size_t); 99 int ikev2_pld_e(struct iked *, struct ikev2_payload *, 100 struct iked_message *, size_t, size_t); 101 int ikev2_pld_ef(struct iked *env, struct ikev2_payload *pld, 102 struct iked_message *msg, size_t offset, size_t left); 103 int ikev2_frags_reassemble(struct iked *env, 104 struct ikev2_payload *pld, struct iked_message *msg); 105 int ikev2_validate_cp(struct iked_message *, size_t, size_t, 106 struct ikev2_cp *); 107 int ikev2_pld_cp(struct iked *, struct ikev2_payload *, 108 struct iked_message *, size_t, size_t); 109 int ikev2_validate_eap(struct iked_message *, size_t, size_t, 110 struct eap_header *); 111 int ikev2_pld_eap(struct iked *, struct ikev2_payload *, 112 struct iked_message *, size_t, size_t); 113 114 int 115 ikev2_pld_parse(struct iked *env, struct ike_header *hdr, 116 struct iked_message *msg, size_t offset) 117 { 118 log_debug("%s: header ispi %s rspi %s" 119 " nextpayload %s version 0x%02x exchange %s flags 0x%02x" 120 " msgid %d length %u response %d", __func__, 121 print_spi(betoh64(hdr->ike_ispi), 8), 122 print_spi(betoh64(hdr->ike_rspi), 8), 123 print_map(hdr->ike_nextpayload, ikev2_payload_map), 124 hdr->ike_version, 125 print_map(hdr->ike_exchange, ikev2_exchange_map), 126 hdr->ike_flags, 127 betoh32(hdr->ike_msgid), 128 betoh32(hdr->ike_length), 129 msg->msg_response); 130 131 if (ibuf_size(msg->msg_data) < betoh32(hdr->ike_length)) { 132 log_debug("%s: short message", __func__); 133 return (-1); 134 } 135 136 offset += sizeof(*hdr); 137 138 return (ikev2_pld_payloads(env, msg, offset, 139 betoh32(hdr->ike_length), hdr->ike_nextpayload)); 140 } 141 142 int 143 ikev2_validate_pld(struct iked_message *msg, size_t offset, size_t left, 144 struct ikev2_payload *pld) 145 { 146 uint8_t *msgbuf = ibuf_data(msg->msg_data); 147 size_t pld_length; 148 149 /* We need at least the generic header. */ 150 if (left < sizeof(*pld)) { 151 log_debug("%s: malformed payload: too short for generic " 152 "header (%zu < %zu)", __func__, left, sizeof(*pld)); 153 return (-1); 154 } 155 memcpy(pld, msgbuf + offset, sizeof(*pld)); 156 157 /* 158 * We need at least the specified number of bytes. 159 * pld_length is the full size of the payload including 160 * the generic payload header. 161 */ 162 pld_length = betoh16(pld->pld_length); 163 if (left < pld_length) { 164 log_debug("%s: malformed payload: shorter than specified " 165 "(%zu < %zu)", __func__, left, pld_length); 166 return (-1); 167 } 168 /* 169 * Sanity check the specified payload size, it must 170 * be at least the size of the generic payload header. 171 */ 172 if (pld_length < sizeof(*pld)) { 173 log_debug("%s: malformed payload: shorter than minimum " 174 "header size (%zu < %zu)", __func__, pld_length, 175 sizeof(*pld)); 176 return (-1); 177 } 178 179 return (0); 180 } 181 182 int 183 ikev2_pld_payloads(struct iked *env, struct iked_message *msg, 184 size_t offset, size_t length, unsigned int payload) 185 { 186 struct ikev2_payload pld; 187 unsigned int e; 188 int ret; 189 uint8_t *msgbuf = ibuf_data(msg->msg_data); 190 size_t total, left; 191 192 /* Check if message was decrypted in an E payload */ 193 e = msg->msg_e ? IKED_E : 0; 194 195 /* Bytes left in datagram. */ 196 total = length - offset; 197 198 while (payload != 0 && offset < length) { 199 if (ikev2_validate_pld(msg, offset, total, &pld)) 200 return (-1); 201 202 log_debug("%s: %spayload %s" 203 " nextpayload %s critical 0x%02x length %d", 204 __func__, e ? "decrypted " : "", 205 print_map(payload, ikev2_payload_map), 206 print_map(pld.pld_nextpayload, ikev2_payload_map), 207 pld.pld_reserved & IKEV2_CRITICAL_PAYLOAD, 208 betoh16(pld.pld_length)); 209 210 /* Skip over generic payload header. */ 211 offset += sizeof(pld); 212 total -= sizeof(pld); 213 left = betoh16(pld.pld_length) - sizeof(pld); 214 ret = 0; 215 216 switch (payload | e) { 217 case IKEV2_PAYLOAD_SA: 218 case IKEV2_PAYLOAD_SA | IKED_E: 219 ret = ikev2_pld_sa(env, &pld, msg, offset, left); 220 break; 221 case IKEV2_PAYLOAD_KE: 222 case IKEV2_PAYLOAD_KE | IKED_E: 223 ret = ikev2_pld_ke(env, &pld, msg, offset, left); 224 break; 225 case IKEV2_PAYLOAD_IDi | IKED_E: 226 case IKEV2_PAYLOAD_IDr | IKED_E: 227 ret = ikev2_pld_id(env, &pld, msg, offset, left, 228 payload); 229 break; 230 case IKEV2_PAYLOAD_CERT | IKED_E: 231 ret = ikev2_pld_cert(env, &pld, msg, offset, left); 232 break; 233 case IKEV2_PAYLOAD_CERTREQ: 234 case IKEV2_PAYLOAD_CERTREQ | IKED_E: 235 ret = ikev2_pld_certreq(env, &pld, msg, offset, left); 236 break; 237 case IKEV2_PAYLOAD_AUTH | IKED_E: 238 ret = ikev2_pld_auth(env, &pld, msg, offset, left); 239 break; 240 case IKEV2_PAYLOAD_NONCE: 241 case IKEV2_PAYLOAD_NONCE | IKED_E: 242 ret = ikev2_pld_nonce(env, &pld, msg, offset, left); 243 break; 244 case IKEV2_PAYLOAD_NOTIFY: 245 case IKEV2_PAYLOAD_NOTIFY | IKED_E: 246 ret = ikev2_pld_notify(env, &pld, msg, offset, left); 247 break; 248 case IKEV2_PAYLOAD_DELETE | IKED_E: 249 ret = ikev2_pld_delete(env, &pld, msg, offset, left); 250 break; 251 case IKEV2_PAYLOAD_TSi | IKED_E: 252 case IKEV2_PAYLOAD_TSr | IKED_E: 253 ret = ikev2_pld_tss(env, &pld, msg, offset, left); 254 break; 255 case IKEV2_PAYLOAD_SK: 256 ret = ikev2_pld_e(env, &pld, msg, offset, left); 257 break; 258 case IKEV2_PAYLOAD_SKF: 259 ret = ikev2_pld_ef(env, &pld, msg, offset, left); 260 break; 261 case IKEV2_PAYLOAD_CP | IKED_E: 262 ret = ikev2_pld_cp(env, &pld, msg, offset, left); 263 break; 264 case IKEV2_PAYLOAD_EAP | IKED_E: 265 ret = ikev2_pld_eap(env, &pld, msg, offset, left); 266 break; 267 default: 268 print_hex(msgbuf, offset, 269 betoh16(pld.pld_length) - sizeof(pld)); 270 break; 271 } 272 273 if (ret != 0 && ikev2_msg_frompeer(msg)) { 274 (void)ikev2_send_informational(env, msg); 275 return (-1); 276 } 277 278 /* Encrypted payloads must appear last */ 279 if ((payload == IKEV2_PAYLOAD_SK) || 280 (payload == IKEV2_PAYLOAD_SKF)) 281 return (0); 282 283 payload = pld.pld_nextpayload; 284 offset += left; 285 total -= left; 286 } 287 288 return (0); 289 } 290 291 int 292 ikev2_validate_sa(struct iked_message *msg, size_t offset, size_t left, 293 struct ikev2_sa_proposal *sap) 294 { 295 uint8_t *msgbuf = ibuf_data(msg->msg_data); 296 size_t sap_length; 297 298 if (left < sizeof(*sap)) { 299 log_debug("%s: malformed payload: too short for header " 300 "(%zu < %zu)", __func__, left, sizeof(*sap)); 301 return (-1); 302 } 303 memcpy(sap, msgbuf + offset, sizeof(*sap)); 304 305 sap_length = betoh16(sap->sap_length); 306 if (sap_length < sizeof(*sap)) { 307 log_debug("%s: malformed payload: shorter than minimum header " 308 "size (%zu < %zu)", __func__, sap_length, sizeof(*sap)); 309 return (-1); 310 } 311 if (left < sap_length) { 312 log_debug("%s: malformed payload: too long for actual payload " 313 "size (%zu < %zu)", __func__, left, sap_length); 314 return (-1); 315 } 316 /* 317 * If there is only one proposal, sap_length must be the 318 * total payload size. 319 */ 320 if (!sap->sap_more && left != sap_length) { 321 log_debug("%s: malformed payload: SA payload length mismatches " 322 "single proposal substructure length (%lu != %zu)", 323 __func__, left, sap_length); 324 return (-1); 325 } 326 /* 327 * If there are more than one proposal, there must be bytes 328 * left in the payload. 329 */ 330 if (sap->sap_more && left <= sap_length) { 331 log_debug("%s: malformed payload: SA payload too small for " 332 "further proposals (%zu <= %zu)", __func__, 333 left, sap_length); 334 return (-1); 335 } 336 return (0); 337 } 338 339 int 340 ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, 341 struct iked_message *msg, size_t offset, size_t left) 342 { 343 struct ikev2_sa_proposal sap; 344 struct iked_proposal *prop = NULL; 345 uint32_t spi32; 346 uint64_t spi = 0, spi64; 347 uint8_t *msgbuf = ibuf_data(msg->msg_data); 348 int r; 349 struct iked_proposals *props; 350 size_t total; 351 352 do { 353 if (ikev2_validate_sa(msg, offset, left, &sap)) 354 return (-1); 355 356 /* Assumed size of the first proposals, including SPI if present. */ 357 total = (betoh16(sap.sap_length) - sizeof(sap)); 358 359 props = &msg->msg_parent->msg_proposals; 360 361 offset += sizeof(sap); 362 left -= sizeof(sap); 363 364 if (sap.sap_spisize) { 365 if (left < sap.sap_spisize) { 366 log_debug("%s: malformed payload: SPI larger than " 367 "actual payload (%zu < %d)", __func__, left, 368 sap.sap_spisize); 369 return (-1); 370 } 371 if (total < sap.sap_spisize) { 372 log_debug("%s: malformed payload: SPI larger than " 373 "proposal (%zu < %d)", __func__, total, 374 sap.sap_spisize); 375 return (-1); 376 } 377 switch (sap.sap_spisize) { 378 case 4: 379 memcpy(&spi32, msgbuf + offset, 4); 380 spi = betoh32(spi32); 381 break; 382 case 8: 383 memcpy(&spi64, msgbuf + offset, 8); 384 spi = betoh64(spi64); 385 break; 386 default: 387 log_debug("%s: unsupported SPI size %d", 388 __func__, sap.sap_spisize); 389 return (-1); 390 } 391 392 offset += sap.sap_spisize; 393 left -= sap.sap_spisize; 394 395 /* Assumed size of the proposal, now without SPI. */ 396 total -= sap.sap_spisize; 397 } 398 399 /* 400 * As we verified sanity of packet headers, this check will 401 * be always false, but just to be sure we keep it. 402 */ 403 if (left < total) { 404 log_debug("%s: malformed payload: too long for payload " 405 "(%zu < %zu)", __func__, left, total); 406 return (-1); 407 } 408 409 log_debug("%s: more %d reserved %d length %d" 410 " proposal #%d protoid %s spisize %d xforms %d spi %s", 411 __func__, sap.sap_more, sap.sap_reserved, 412 betoh16(sap.sap_length), sap.sap_proposalnr, 413 print_map(sap.sap_protoid, ikev2_saproto_map), sap.sap_spisize, 414 sap.sap_transforms, print_spi(spi, sap.sap_spisize)); 415 416 if (ikev2_msg_frompeer(msg)) { 417 if ((msg->msg_parent->msg_prop = config_add_proposal(props, 418 sap.sap_proposalnr, sap.sap_protoid)) == NULL) { 419 log_debug("%s: invalid proposal", __func__); 420 return (-1); 421 } 422 prop = msg->msg_parent->msg_prop; 423 prop->prop_peerspi.spi = spi; 424 prop->prop_peerspi.spi_protoid = sap.sap_protoid; 425 prop->prop_peerspi.spi_size = sap.sap_spisize; 426 427 prop->prop_localspi.spi_protoid = sap.sap_protoid; 428 prop->prop_localspi.spi_size = sap.sap_spisize; 429 } 430 431 /* 432 * Parse the attached transforms 433 */ 434 if (sap.sap_transforms) { 435 r = ikev2_pld_xform(env, msg, offset, total); 436 if ((r == -2) && ikev2_msg_frompeer(msg)) { 437 log_debug("%s: invalid proposal transform", 438 __func__); 439 440 /* cleanup and ignore proposal */ 441 config_free_proposal(props, prop); 442 prop = msg->msg_parent->msg_prop = NULL; 443 } else if (r != 0) { 444 log_debug("%s: invalid proposal transforms", 445 __func__); 446 return (-1); 447 } 448 } 449 450 offset += total; 451 left -= total; 452 } while (sap.sap_more); 453 454 return (0); 455 } 456 457 int 458 ikev2_validate_xform(struct iked_message *msg, size_t offset, size_t total, 459 struct ikev2_transform *xfrm) 460 { 461 uint8_t *msgbuf = ibuf_data(msg->msg_data); 462 size_t xfrm_length; 463 464 if (total < sizeof(*xfrm)) { 465 log_debug("%s: malformed payload: too short for header " 466 "(%zu < %zu)", __func__, total, sizeof(*xfrm)); 467 return (-1); 468 } 469 memcpy(xfrm, msgbuf + offset, sizeof(*xfrm)); 470 471 xfrm_length = betoh16(xfrm->xfrm_length); 472 if (xfrm_length < sizeof(*xfrm)) { 473 log_debug("%s: malformed payload: shorter than minimum header " 474 "size (%zu < %zu)", __func__, xfrm_length, sizeof(*xfrm)); 475 return (-1); 476 } 477 if (total < xfrm_length) { 478 log_debug("%s: malformed payload: too long for payload size " 479 "(%zu < %zu)", __func__, total, xfrm_length); 480 return (-1); 481 } 482 483 return (0); 484 } 485 486 int 487 ikev2_pld_xform(struct iked *env, struct iked_message *msg, 488 size_t offset, size_t total) 489 { 490 struct ikev2_transform xfrm; 491 char id[BUFSIZ]; 492 int ret = 0; 493 int r; 494 size_t xfrm_length; 495 496 if (ikev2_validate_xform(msg, offset, total, &xfrm)) 497 return (-1); 498 499 xfrm_length = betoh16(xfrm.xfrm_length); 500 501 switch (xfrm.xfrm_type) { 502 case IKEV2_XFORMTYPE_ENCR: 503 strlcpy(id, print_map(betoh16(xfrm.xfrm_id), 504 ikev2_xformencr_map), sizeof(id)); 505 break; 506 case IKEV2_XFORMTYPE_PRF: 507 strlcpy(id, print_map(betoh16(xfrm.xfrm_id), 508 ikev2_xformprf_map), sizeof(id)); 509 break; 510 case IKEV2_XFORMTYPE_INTEGR: 511 strlcpy(id, print_map(betoh16(xfrm.xfrm_id), 512 ikev2_xformauth_map), sizeof(id)); 513 break; 514 case IKEV2_XFORMTYPE_DH: 515 strlcpy(id, print_map(betoh16(xfrm.xfrm_id), 516 ikev2_xformdh_map), sizeof(id)); 517 break; 518 case IKEV2_XFORMTYPE_ESN: 519 strlcpy(id, print_map(betoh16(xfrm.xfrm_id), 520 ikev2_xformesn_map), sizeof(id)); 521 break; 522 default: 523 snprintf(id, sizeof(id), "<%d>", betoh16(xfrm.xfrm_id)); 524 break; 525 } 526 527 log_debug("%s: more %d reserved %d length %zu" 528 " type %s id %s", 529 __func__, xfrm.xfrm_more, xfrm.xfrm_reserved, xfrm_length, 530 print_map(xfrm.xfrm_type, ikev2_xformtype_map), id); 531 532 /* 533 * Parse transform attributes, if available 534 */ 535 msg->msg_attrlength = 0; 536 if (xfrm_length > sizeof(xfrm)) { 537 if (ikev2_pld_attr(env, &xfrm, msg, offset + sizeof(xfrm), 538 xfrm_length - sizeof(xfrm)) != 0) { 539 return (-1); 540 } 541 } 542 543 if (ikev2_msg_frompeer(msg)) { 544 r = config_add_transform(msg->msg_parent->msg_prop, 545 xfrm.xfrm_type, betoh16(xfrm.xfrm_id), 546 msg->msg_attrlength, msg->msg_attrlength); 547 if (r == -1) { 548 log_debug("%s: failed to add transform: alloc error", 549 __func__); 550 return (r); 551 } else if (r == -2) { 552 log_debug("%s: failed to add transform: unknown type", 553 __func__); 554 return (r); 555 } 556 } 557 558 /* Next transform */ 559 offset += xfrm_length; 560 total -= xfrm_length; 561 if (xfrm.xfrm_more == IKEV2_XFORM_MORE) 562 ret = ikev2_pld_xform(env, msg, offset, total); 563 else if (total != 0) { 564 /* No more transforms but still some data left. */ 565 log_debug("%s: less data than specified, %zu bytes left", 566 __func__, total); 567 ret = -1; 568 } 569 570 return (ret); 571 } 572 573 int 574 ikev2_validate_attr(struct iked_message *msg, size_t offset, size_t total, 575 struct ikev2_attribute *attr) 576 { 577 uint8_t *msgbuf = ibuf_data(msg->msg_data); 578 579 if (total < sizeof(*attr)) { 580 log_debug("%s: malformed payload: too short for header " 581 "(%zu < %zu)", __func__, total, sizeof(*attr)); 582 return (-1); 583 } 584 memcpy(attr, msgbuf + offset, sizeof(*attr)); 585 586 return (0); 587 } 588 589 int 590 ikev2_pld_attr(struct iked *env, struct ikev2_transform *xfrm, 591 struct iked_message *msg, size_t offset, size_t total) 592 { 593 struct ikev2_attribute attr; 594 unsigned int type; 595 uint8_t *msgbuf = ibuf_data(msg->msg_data); 596 int ret = 0; 597 size_t attr_length; 598 599 if (ikev2_validate_attr(msg, offset, total, &attr)) 600 return (-1); 601 602 type = betoh16(attr.attr_type) & ~IKEV2_ATTRAF_TV; 603 604 log_debug("%s: attribute type %s length %d total %zu", 605 __func__, print_map(type, ikev2_attrtype_map), 606 betoh16(attr.attr_length), total); 607 608 if (betoh16(attr.attr_type) & IKEV2_ATTRAF_TV) { 609 /* Type-Value attribute */ 610 offset += sizeof(attr); 611 total -= sizeof(attr); 612 613 if (type == IKEV2_ATTRTYPE_KEY_LENGTH) 614 msg->msg_attrlength = betoh16(attr.attr_length); 615 } else { 616 /* Type-Length-Value attribute */ 617 attr_length = betoh16(attr.attr_length); 618 if (attr_length < sizeof(attr)) { 619 log_debug("%s: malformed payload: shorter than " 620 "minimum header size (%zu < %zu)", __func__, 621 attr_length, sizeof(attr)); 622 return (-1); 623 } 624 if (total < attr_length) { 625 log_debug("%s: malformed payload: attribute larger " 626 "than actual payload (%zu < %zu)", __func__, 627 total, attr_length); 628 return (-1); 629 } 630 print_hex(msgbuf, offset + sizeof(attr), 631 attr_length - sizeof(attr)); 632 offset += attr_length; 633 total -= attr_length; 634 } 635 636 if (total > 0) { 637 /* Next attribute */ 638 ret = ikev2_pld_attr(env, xfrm, msg, offset, total); 639 } 640 641 return (ret); 642 } 643 644 int 645 ikev2_validate_ke(struct iked_message *msg, size_t offset, size_t left, 646 struct ikev2_keyexchange *kex) 647 { 648 uint8_t *msgbuf = ibuf_data(msg->msg_data); 649 650 if (left < sizeof(*kex)) { 651 log_debug("%s: malformed payload: too short for header " 652 "(%zu < %zu)", __func__, left, sizeof(*kex)); 653 return (-1); 654 } 655 memcpy(kex, msgbuf + offset, sizeof(*kex)); 656 657 return (0); 658 } 659 660 int 661 ikev2_pld_ke(struct iked *env, struct ikev2_payload *pld, 662 struct iked_message *msg, size_t offset, size_t left) 663 { 664 struct ikev2_keyexchange kex; 665 uint8_t *buf; 666 size_t len; 667 uint8_t *msgbuf = ibuf_data(msg->msg_data); 668 669 if (ikev2_validate_ke(msg, offset, left, &kex)) 670 return (-1); 671 672 log_debug("%s: dh group %s reserved %d", __func__, 673 print_map(betoh16(kex.kex_dhgroup), ikev2_xformdh_map), 674 betoh16(kex.kex_reserved)); 675 676 buf = msgbuf + offset + sizeof(kex); 677 len = left - sizeof(kex); 678 679 if (len == 0) { 680 log_debug("%s: malformed payload: no KE data given", __func__); 681 return (-1); 682 } 683 684 print_hex(buf, 0, len); 685 686 if (ikev2_msg_frompeer(msg)) { 687 if (ibuf_length(msg->msg_parent->msg_ke)) { 688 log_info("%s: duplicate KE payload", __func__); 689 return (-1); 690 } 691 if ((msg->msg_parent->msg_ke = ibuf_new(buf, len)) == NULL) { 692 log_debug("%s: failed to get exchange", __func__); 693 return (-1); 694 } 695 msg->msg_parent->msg_dhgroup = betoh16(kex.kex_dhgroup); 696 } 697 698 return (0); 699 } 700 701 int 702 ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, 703 struct ikev2_id *id) 704 { 705 uint8_t *msgbuf = ibuf_data(msg->msg_data); 706 707 if (left < sizeof(*id)) { 708 log_debug("%s: malformed payload: too short for header " 709 "(%zu < %zu)", __func__, left, sizeof(*id)); 710 return (-1); 711 } 712 memcpy(id, msgbuf + offset, sizeof(*id)); 713 714 if (id->id_type == IKEV2_ID_NONE) { 715 log_debug("%s: malformed payload: invalid ID type.", 716 __func__); 717 return (-1); 718 } 719 720 return (0); 721 } 722 723 int 724 ikev2_pld_id(struct iked *env, struct ikev2_payload *pld, 725 struct iked_message *msg, size_t offset, size_t left, unsigned int payload) 726 { 727 uint8_t *ptr; 728 struct ikev2_id id; 729 size_t len; 730 struct iked_id *idp, idb; 731 const struct iked_sa *sa = msg->msg_sa; 732 uint8_t *msgbuf = ibuf_data(msg->msg_data); 733 char idstr[IKED_ID_SIZE]; 734 735 if (ikev2_validate_id(msg, offset, left, &id)) 736 return (-1); 737 738 bzero(&idb, sizeof(idb)); 739 740 /* Don't strip the Id payload header */ 741 ptr = msgbuf + offset; 742 len = left; 743 744 idb.id_type = id.id_type; 745 idb.id_offset = sizeof(id); 746 if ((idb.id_buf = ibuf_new(ptr, len)) == NULL) 747 return (-1); 748 749 if (ikev2_print_id(&idb, idstr, sizeof(idstr)) == -1) { 750 ibuf_release(idb.id_buf); 751 log_debug("%s: malformed id", __func__); 752 return (-1); 753 } 754 755 log_debug("%s: id %s length %zu", __func__, idstr, len); 756 757 if (!ikev2_msg_frompeer(msg)) { 758 ibuf_release(idb.id_buf); 759 return (0); 760 } 761 762 if (!((sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDr) || 763 (!sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDi))) { 764 ibuf_release(idb.id_buf); 765 log_debug("%s: unexpected id payload", __func__); 766 return (0); 767 } 768 769 idp = &msg->msg_parent->msg_id; 770 if (idp->id_type) { 771 ibuf_release(idb.id_buf); 772 log_debug("%s: duplicate id payload", __func__); 773 return (-1); 774 } 775 776 idp->id_buf = idb.id_buf; 777 idp->id_offset = idb.id_offset; 778 idp->id_type = idb.id_type; 779 780 return (0); 781 } 782 783 int 784 ikev2_validate_cert(struct iked_message *msg, size_t offset, size_t left, 785 struct ikev2_cert *cert) 786 { 787 uint8_t *msgbuf = ibuf_data(msg->msg_data); 788 789 if (left < sizeof(*cert)) { 790 log_debug("%s: malformed payload: too short for header " 791 "(%zu < %zu)", __func__, left, sizeof(*cert)); 792 return (-1); 793 } 794 memcpy(cert, msgbuf + offset, sizeof(*cert)); 795 796 return (0); 797 } 798 799 int 800 ikev2_pld_cert(struct iked *env, struct ikev2_payload *pld, 801 struct iked_message *msg, size_t offset, size_t left) 802 { 803 struct ikev2_cert cert; 804 uint8_t *buf; 805 size_t len; 806 struct iked_id *certid; 807 uint8_t *msgbuf = ibuf_data(msg->msg_data); 808 const struct iked_sa *sa = msg->msg_sa; 809 810 if (ikev2_validate_cert(msg, offset, left, &cert)) 811 return (-1); 812 offset += sizeof(cert); 813 814 buf = msgbuf + offset; 815 len = left - sizeof(cert); 816 817 log_debug("%s: type %s length %zu", 818 __func__, print_map(cert.cert_type, ikev2_cert_map), len); 819 820 print_hex(buf, 0, len); 821 822 if (!ikev2_msg_frompeer(msg)) 823 return (0); 824 825 certid = &msg->msg_parent->msg_cert; 826 if (certid->id_type) { 827 log_info("%s: multiple cert payloads not supported", 828 SPI_SA(sa, __func__)); 829 return (-1); 830 } 831 832 if ((certid->id_buf = ibuf_new(buf, len)) == NULL) { 833 log_debug("%s: failed to save cert", __func__); 834 return (-1); 835 } 836 certid->id_type = cert.cert_type; 837 certid->id_offset = 0; 838 839 return (0); 840 } 841 842 int 843 ikev2_validate_certreq(struct iked_message *msg, size_t offset, size_t left, 844 struct ikev2_cert *cert) 845 { 846 uint8_t *msgbuf = ibuf_data(msg->msg_data); 847 848 if (left < sizeof(*cert)) { 849 log_debug("%s: malformed payload: too short for header " 850 "(%zu < %zu)", __func__, left, sizeof(*cert)); 851 return (-1); 852 } 853 memcpy(cert, msgbuf + offset, sizeof(*cert)); 854 855 return (0); 856 } 857 858 int 859 ikev2_pld_certreq(struct iked *env, struct ikev2_payload *pld, 860 struct iked_message *msg, size_t offset, size_t left) 861 { 862 struct ikev2_cert cert; 863 struct iked_certreq *cr; 864 uint8_t *buf; 865 ssize_t len; 866 uint8_t *msgbuf = ibuf_data(msg->msg_data); 867 868 if (ikev2_validate_certreq(msg, offset, left, &cert)) 869 return (-1); 870 offset += sizeof(cert); 871 872 buf = msgbuf + offset; 873 len = left - sizeof(cert); 874 875 log_debug("%s: type %s length %zd", 876 __func__, print_map(cert.cert_type, ikev2_cert_map), len); 877 878 print_hex(buf, 0, len); 879 880 if (!ikev2_msg_frompeer(msg)) 881 return (0); 882 883 if (cert.cert_type == IKEV2_CERT_X509_CERT) { 884 if (len == 0) { 885 log_info("%s: invalid length 0", __func__); 886 return (0); 887 } 888 if ((len % SHA_DIGEST_LENGTH) != 0) { 889 log_info("%s: invalid certificate request", 890 __func__); 891 return (-1); 892 } 893 } 894 895 if ((cr = calloc(1, sizeof(struct iked_certreq))) == NULL) { 896 log_info("%s: failed to allocate certreq.", __func__); 897 return (-1); 898 } 899 if ((cr->cr_data = ibuf_new(buf, len)) == NULL) { 900 log_info("%s: failed to allocate buffer.", __func__); 901 free(cr); 902 return (-1); 903 } 904 cr->cr_type = cert.cert_type; 905 SIMPLEQ_INSERT_TAIL(&msg->msg_parent->msg_certreqs, cr, cr_entry); 906 907 return (0); 908 } 909 910 int 911 ikev2_validate_auth(struct iked_message *msg, size_t offset, size_t left, 912 struct ikev2_auth *auth) 913 { 914 uint8_t *msgbuf = ibuf_data(msg->msg_data); 915 916 if (left < sizeof(*auth)) { 917 log_debug("%s: malformed payload: too short for header " 918 "(%zu < %zu)", __func__, left, sizeof(*auth)); 919 return (-1); 920 } 921 memcpy(auth, msgbuf + offset, sizeof(*auth)); 922 923 if (auth->auth_method == 0) { 924 log_info("%s: malformed payload: invalid auth method", 925 __func__); 926 return (-1); 927 } 928 929 return (0); 930 } 931 932 int 933 ikev2_pld_auth(struct iked *env, struct ikev2_payload *pld, 934 struct iked_message *msg, size_t offset, size_t left) 935 { 936 struct ikev2_auth auth; 937 struct iked_id *idp; 938 uint8_t *buf; 939 size_t len; 940 uint8_t *msgbuf = ibuf_data(msg->msg_data); 941 942 if (ikev2_validate_auth(msg, offset, left, &auth)) 943 return (-1); 944 offset += sizeof(auth); 945 946 buf = msgbuf + offset; 947 len = left - sizeof(auth); 948 949 log_debug("%s: method %s length %zu", 950 __func__, print_map(auth.auth_method, ikev2_auth_map), len); 951 952 print_hex(buf, 0, len); 953 954 if (!ikev2_msg_frompeer(msg)) 955 return (0); 956 957 idp = &msg->msg_parent->msg_auth; 958 if (idp->id_type) { 959 log_debug("%s: duplicate auth payload", __func__); 960 return (-1); 961 } 962 963 ibuf_release(idp->id_buf); 964 idp->id_type = auth.auth_method; 965 idp->id_offset = 0; 966 if ((idp->id_buf = ibuf_new(buf, len)) == NULL) 967 return (-1); 968 969 return (0); 970 } 971 972 int 973 ikev2_pld_nonce(struct iked *env, struct ikev2_payload *pld, 974 struct iked_message *msg, size_t offset, size_t left) 975 { 976 size_t len; 977 uint8_t *buf; 978 uint8_t *msgbuf = ibuf_data(msg->msg_data); 979 980 buf = msgbuf + offset; 981 len = left; 982 983 if (len == 0) { 984 log_debug("%s: malformed payload: no NONCE given", __func__); 985 return (-1); 986 } 987 988 print_hex(buf, 0, len); 989 990 if (ikev2_msg_frompeer(msg)) { 991 if (ibuf_length(msg->msg_parent->msg_nonce)) { 992 log_info("%s: duplicate NONCE payload", __func__); 993 return (-1); 994 } 995 if ((msg->msg_nonce = ibuf_new(buf, len)) == NULL) { 996 log_debug("%s: failed to get peer nonce", __func__); 997 return (-1); 998 } 999 msg->msg_parent->msg_nonce = msg->msg_nonce; 1000 } 1001 1002 return (0); 1003 } 1004 1005 int 1006 ikev2_validate_notify(struct iked_message *msg, size_t offset, size_t left, 1007 struct ikev2_notify *n) 1008 { 1009 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1010 1011 if (left < sizeof(*n)) { 1012 log_debug("%s: malformed payload: too short for header " 1013 "(%zu < %zu)", __func__, left, sizeof(*n)); 1014 return (-1); 1015 } 1016 memcpy(n, msgbuf + offset, sizeof(*n)); 1017 1018 return (0); 1019 } 1020 1021 int 1022 ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, 1023 struct iked_message *msg, size_t offset, size_t left) 1024 { 1025 struct ikev2_notify n; 1026 const struct iked_sa *sa = msg->msg_sa; 1027 uint8_t *buf, md[SHA_DIGEST_LENGTH]; 1028 uint32_t spi32; 1029 uint64_t spi64; 1030 struct iked_spi *rekey; 1031 uint16_t type; 1032 uint16_t signature_hash; 1033 1034 if (ikev2_validate_notify(msg, offset, left, &n)) 1035 return (-1); 1036 type = betoh16(n.n_type); 1037 1038 log_debug("%s: protoid %s spisize %d type %s", 1039 __func__, 1040 print_map(n.n_protoid, ikev2_saproto_map), n.n_spisize, 1041 print_map(type, ikev2_n_map)); 1042 1043 left -= sizeof(n); 1044 if ((buf = ibuf_seek(msg->msg_data, offset + sizeof(n), left)) == NULL) 1045 return (-1); 1046 1047 print_hex(buf, 0, left); 1048 1049 if (!ikev2_msg_frompeer(msg)) 1050 return (0); 1051 1052 switch (type) { 1053 case IKEV2_N_NAT_DETECTION_SOURCE_IP: 1054 case IKEV2_N_NAT_DETECTION_DESTINATION_IP: 1055 if (left != sizeof(md)) { 1056 log_debug("%s: malformed payload: hash size mismatch" 1057 " (%zu != %zu)", __func__, left, sizeof(md)); 1058 return (-1); 1059 } 1060 if (ikev2_nat_detection(env, msg, md, sizeof(md), type, 1061 ikev2_msg_frompeer(msg)) == -1) 1062 return (-1); 1063 if (memcmp(buf, md, left) != 0) { 1064 log_debug("%s: %s detected NAT", __func__, 1065 print_map(type, ikev2_n_map)); 1066 if (type == IKEV2_N_NAT_DETECTION_SOURCE_IP) 1067 msg->msg_parent->msg_nat_detected 1068 |= IKED_MSG_NAT_SRC_IP; 1069 else 1070 msg->msg_parent->msg_nat_detected 1071 |= IKED_MSG_NAT_DST_IP; 1072 } 1073 print_hex(md, 0, sizeof(md)); 1074 /* remember for MOBIKE */ 1075 msg->msg_parent->msg_natt_rcvd = 1; 1076 break; 1077 case IKEV2_N_AUTHENTICATION_FAILED: 1078 if (!msg->msg_e) { 1079 log_debug("%s: AUTHENTICATION_FAILED not encrypted", 1080 __func__); 1081 return (-1); 1082 } 1083 /* 1084 * If we are the responder, then we only accept 1085 * AUTHENTICATION_FAILED from authenticated peers. 1086 * If we are the initiator, the peer cannot be authenticated. 1087 */ 1088 if (!sa->sa_hdr.sh_initiator) { 1089 if (!sa_stateok(sa, IKEV2_STATE_VALID)) { 1090 log_debug("%s: ignoring AUTHENTICATION_FAILED" 1091 " from unauthenticated initiator", 1092 __func__); 1093 return (-1); 1094 } 1095 } else { 1096 if (sa_stateok(sa, IKEV2_STATE_VALID)) { 1097 log_debug("%s: ignoring AUTHENTICATION_FAILED" 1098 " from authenticated responder", 1099 __func__); 1100 return (-1); 1101 } 1102 } 1103 msg->msg_parent->msg_flags 1104 |= IKED_MSG_FLAGS_AUTHENTICATION_FAILED; 1105 break; 1106 case IKEV2_N_INVALID_KE_PAYLOAD: 1107 if (sa_stateok(sa, IKEV2_STATE_VALID) && 1108 !msg->msg_e) { 1109 log_debug("%s: INVALID_KE_PAYLOAD not encrypted", 1110 __func__); 1111 return (-1); 1112 } 1113 if (left != sizeof(msg->msg_parent->msg_group)) { 1114 log_debug("%s: malformed payload: group size mismatch" 1115 " (%zu != %zu)", __func__, left, 1116 sizeof(msg->msg_parent->msg_group)); 1117 return (-1); 1118 } 1119 memcpy(&msg->msg_parent->msg_group, buf, left); 1120 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_INVALID_KE; 1121 break; 1122 case IKEV2_N_NO_ADDITIONAL_SAS: 1123 if (!msg->msg_e) { 1124 log_debug("%s: NO_ADDITIONAL_SAS not encrypted", 1125 __func__); 1126 return (-1); 1127 } 1128 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_NO_ADDITIONAL_SAS; 1129 break; 1130 case IKEV2_N_REKEY_SA: 1131 if (!msg->msg_e) { 1132 log_debug("%s: N_REKEY_SA not encrypted", __func__); 1133 return (-1); 1134 } 1135 if (left != n.n_spisize) { 1136 log_debug("%s: malformed notification", __func__); 1137 return (-1); 1138 } 1139 rekey = &msg->msg_parent->msg_rekey; 1140 if (rekey->spi != 0) { 1141 log_debug("%s: rekeying of multiple SAs not supported", 1142 __func__); 1143 return (-1); 1144 } 1145 switch (n.n_spisize) { 1146 case 4: 1147 memcpy(&spi32, buf, left); 1148 rekey->spi = betoh32(spi32); 1149 break; 1150 case 8: 1151 memcpy(&spi64, buf, left); 1152 rekey->spi = betoh64(spi64); 1153 break; 1154 default: 1155 log_debug("%s: invalid spi size %d", __func__, 1156 n.n_spisize); 1157 return (-1); 1158 } 1159 rekey->spi_size = n.n_spisize; 1160 rekey->spi_protoid = n.n_protoid; 1161 1162 log_debug("%s: rekey %s spi %s", __func__, 1163 print_map(n.n_protoid, ikev2_saproto_map), 1164 print_spi(rekey->spi, n.n_spisize)); 1165 break; 1166 case IKEV2_N_TEMPORARY_FAILURE: 1167 if (!msg->msg_e) { 1168 log_debug("%s: IKEV2_N_TEMPORARY_FAILURE not encrypted", 1169 __func__); 1170 return (-1); 1171 } 1172 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_TEMPORARY_FAILURE; 1173 break; 1174 case IKEV2_N_IPCOMP_SUPPORTED: 1175 if (!msg->msg_e) { 1176 log_debug("%s: N_IPCOMP_SUPPORTED not encrypted", 1177 __func__); 1178 return (-1); 1179 } 1180 if (left < sizeof(msg->msg_parent->msg_cpi) + 1181 sizeof(msg->msg_parent->msg_transform)) { 1182 log_debug("%s: ignoring malformed ipcomp notification", 1183 __func__); 1184 return (0); 1185 } 1186 memcpy(&msg->msg_parent->msg_cpi, buf, 1187 sizeof(msg->msg_parent->msg_cpi)); 1188 memcpy(&msg->msg_parent->msg_transform, 1189 buf + sizeof(msg->msg_parent->msg_cpi), 1190 sizeof(msg->msg_parent->msg_transform)); 1191 1192 log_debug("%s: %s cpi 0x%x, transform %s, length %zu", __func__, 1193 msg->msg_parent->msg_response ? "res" : "req", 1194 betoh16(msg->msg_parent->msg_cpi), 1195 print_map(msg->msg_parent->msg_transform, 1196 ikev2_ipcomp_map), left); 1197 1198 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_IPCOMP_SUPPORTED; 1199 break; 1200 case IKEV2_N_CHILD_SA_NOT_FOUND: 1201 if (!msg->msg_e) { 1202 log_debug("%s: N_CHILD_SA_NOT_FOUND not encrypted", 1203 __func__); 1204 return (-1); 1205 } 1206 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_CHILD_SA_NOT_FOUND; 1207 break; 1208 case IKEV2_N_NO_PROPOSAL_CHOSEN: 1209 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_NO_PROPOSAL_CHOSEN; 1210 break; 1211 case IKEV2_N_MOBIKE_SUPPORTED: 1212 if (!msg->msg_e) { 1213 log_debug("%s: N_MOBIKE_SUPPORTED not encrypted", 1214 __func__); 1215 return (-1); 1216 } 1217 if (left != 0) { 1218 log_debug("%s: ignoring malformed mobike" 1219 " notification: %zu", __func__, left); 1220 return (0); 1221 } 1222 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_MOBIKE; 1223 break; 1224 case IKEV2_N_USE_TRANSPORT_MODE: 1225 if (!msg->msg_e) { 1226 log_debug("%s: N_USE_TRANSPORT_MODE not encrypted", 1227 __func__); 1228 return (-1); 1229 } 1230 if (left != 0) { 1231 log_debug("%s: ignoring malformed transport mode" 1232 " notification: %zu", __func__, left); 1233 return (0); 1234 } 1235 if (msg->msg_parent->msg_response) { 1236 if (!(msg->msg_policy->pol_flags & IKED_POLICY_TRANSPORT)) { 1237 log_debug("%s: ignoring transport mode" 1238 " notification (policy)", __func__); 1239 return (0); 1240 } 1241 } 1242 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_USE_TRANSPORT; 1243 break; 1244 case IKEV2_N_UPDATE_SA_ADDRESSES: 1245 if (!msg->msg_e) { 1246 log_debug("%s: N_UPDATE_SA_ADDRESSES not encrypted", 1247 __func__); 1248 return (-1); 1249 } 1250 if (!sa->sa_mobike) { 1251 log_debug("%s: ignoring update sa addresses" 1252 " notification w/o mobike: %zu", __func__, left); 1253 return (0); 1254 } 1255 if (left != 0) { 1256 log_debug("%s: ignoring malformed update sa addresses" 1257 " notification: %zu", __func__, left); 1258 return (0); 1259 } 1260 msg->msg_parent->msg_update_sa_addresses = 1; 1261 break; 1262 case IKEV2_N_COOKIE2: 1263 if (!msg->msg_e) { 1264 log_debug("%s: N_COOKIE2 not encrypted", 1265 __func__); 1266 return (-1); 1267 } 1268 if (!sa->sa_mobike) { 1269 log_debug("%s: ignoring cookie2 notification" 1270 " w/o mobike: %zu", __func__, left); 1271 return (0); 1272 } 1273 if (left < IKED_COOKIE2_MIN || left > IKED_COOKIE2_MAX) { 1274 log_debug("%s: ignoring malformed cookie2" 1275 " notification: %zu", __func__, left); 1276 return (0); 1277 } 1278 ibuf_release(msg->msg_cookie2); /* should not happen */ 1279 if ((msg->msg_cookie2 = ibuf_new(buf, left)) == NULL) { 1280 log_debug("%s: failed to get peer cookie2", __func__); 1281 return (-1); 1282 } 1283 msg->msg_parent->msg_cookie2 = msg->msg_cookie2; 1284 break; 1285 case IKEV2_N_COOKIE: 1286 if (msg->msg_e) { 1287 log_debug("%s: N_COOKIE encrypted", 1288 __func__); 1289 return (-1); 1290 } 1291 if (left < IKED_COOKIE_MIN || left > IKED_COOKIE_MAX) { 1292 log_debug("%s: ignoring malformed cookie" 1293 " notification: %zu", __func__, left); 1294 return (0); 1295 } 1296 log_debug("%s: received cookie, len %zu", __func__, left); 1297 print_hex(buf, 0, left); 1298 1299 ibuf_release(msg->msg_cookie); 1300 if ((msg->msg_cookie = ibuf_new(buf, left)) == NULL) { 1301 log_debug("%s: failed to get peer cookie", __func__); 1302 return (-1); 1303 } 1304 msg->msg_parent->msg_cookie = msg->msg_cookie; 1305 break; 1306 case IKEV2_N_FRAGMENTATION_SUPPORTED: 1307 if (msg->msg_e) { 1308 log_debug("%s: N_FRAGMENTATION_SUPPORTED encrypted", 1309 __func__); 1310 return (-1); 1311 } 1312 if (left != 0) { 1313 log_debug("%s: ignoring malformed fragmentation" 1314 " notification: %zu", __func__, left); 1315 return (0); 1316 } 1317 msg->msg_parent->msg_flags |= IKED_MSG_FLAGS_FRAGMENTATION; 1318 break; 1319 case IKEV2_N_SIGNATURE_HASH_ALGORITHMS: 1320 if (msg->msg_e) { 1321 log_debug("%s: SIGNATURE_HASH_ALGORITHMS: encrypted", 1322 __func__); 1323 return (-1); 1324 } 1325 if (sa == NULL) { 1326 log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA", 1327 __func__); 1328 return (-1); 1329 } 1330 if (sa->sa_sigsha2) { 1331 log_debug("%s: SIGNATURE_HASH_ALGORITHMS: " 1332 "duplicate notify", __func__); 1333 return (0); 1334 } 1335 if (left < sizeof(signature_hash) || 1336 left % sizeof(signature_hash)) { 1337 log_debug("%s: malformed signature hash notification" 1338 "(%zu bytes)", __func__, left); 1339 return (0); 1340 } 1341 while (left >= sizeof(signature_hash)) { 1342 memcpy(&signature_hash, buf, sizeof(signature_hash)); 1343 signature_hash = betoh16(signature_hash); 1344 log_debug("%s: signature hash %s (%x)", __func__, 1345 print_map(signature_hash, ikev2_sighash_map), 1346 signature_hash); 1347 left -= sizeof(signature_hash); 1348 buf += sizeof(signature_hash); 1349 if (signature_hash == IKEV2_SIGHASH_SHA2_256) 1350 msg->msg_parent->msg_flags 1351 |= IKED_MSG_FLAGS_SIGSHA2; 1352 } 1353 break; 1354 } 1355 1356 return (0); 1357 } 1358 1359 int 1360 ikev2_validate_delete(struct iked_message *msg, size_t offset, size_t left, 1361 struct ikev2_delete *del) 1362 { 1363 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1364 1365 if (left < sizeof(*del)) { 1366 log_debug("%s: malformed payload: too short for header " 1367 "(%zu < %zu)", __func__, left, sizeof(*del)); 1368 return (-1); 1369 } 1370 memcpy(del, msgbuf + offset, sizeof(*del)); 1371 1372 if (del->del_protoid == 0) { 1373 log_info("%s: malformed payload: invalid protoid", __func__); 1374 return (-1); 1375 } 1376 1377 return (0); 1378 } 1379 1380 int 1381 ikev2_pld_delete(struct iked *env, struct ikev2_payload *pld, 1382 struct iked_message *msg, size_t offset, size_t left) 1383 { 1384 struct ikev2_delete del; 1385 uint8_t *buf, *msgbuf = ibuf_data(msg->msg_data); 1386 size_t cnt, sz, len; 1387 1388 if (ikev2_validate_delete(msg, offset, left, &del)) 1389 return (-1); 1390 1391 /* Skip if it's a response, then we don't have to deal with it */ 1392 if (ikev2_msg_frompeer(msg) && 1393 msg->msg_parent->msg_response) 1394 return (0); 1395 1396 cnt = betoh16(del.del_nspi); 1397 sz = del.del_spisize; 1398 1399 log_debug("%s: proto %s spisize %zu nspi %zu", 1400 __func__, print_map(del.del_protoid, ikev2_saproto_map), 1401 sz, cnt); 1402 1403 if (msg->msg_parent->msg_del_protoid) { 1404 log_debug("%s: duplicate delete payload", __func__); 1405 return (0); 1406 } 1407 1408 msg->msg_parent->msg_del_protoid = del.del_protoid; 1409 msg->msg_parent->msg_del_cnt = cnt; 1410 msg->msg_parent->msg_del_spisize = sz; 1411 1412 buf = msgbuf + offset + sizeof(del); 1413 len = left - sizeof(del); 1414 if (len == 0 || sz == 0 || cnt == 0) 1415 return (0); 1416 1417 if ((len / sz) != cnt) { 1418 log_debug("%s: invalid payload length %zu/%zu != %zu", 1419 __func__, len, sz, cnt); 1420 return (-1); 1421 } 1422 1423 print_hex(buf, 0, len); 1424 1425 msg->msg_parent->msg_del_buf = ibuf_new(buf, len); 1426 1427 return (0); 1428 } 1429 1430 int 1431 ikev2_validate_tss(struct iked_message *msg, size_t offset, size_t left, 1432 struct ikev2_tsp *tsp) 1433 { 1434 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1435 1436 if (left < sizeof(*tsp)) { 1437 log_debug("%s: malformed payload: too short for header " 1438 "(%zu < %zu)", __func__, left, sizeof(*tsp)); 1439 return (-1); 1440 } 1441 memcpy(tsp, msgbuf + offset, sizeof(*tsp)); 1442 1443 return (0); 1444 } 1445 1446 int 1447 ikev2_pld_tss(struct iked *env, struct ikev2_payload *pld, 1448 struct iked_message *msg, size_t offset, size_t left) 1449 { 1450 struct ikev2_tsp tsp; 1451 struct ikev2_ts ts; 1452 size_t ts_len, i; 1453 1454 if (ikev2_validate_tss(msg, offset, left, &tsp)) 1455 return (-1); 1456 1457 offset += sizeof(tsp); 1458 left -= sizeof(tsp); 1459 1460 log_debug("%s: count %d length %zu", __func__, 1461 tsp.tsp_count, left); 1462 1463 for (i = 0; i < tsp.tsp_count; i++) { 1464 if (ikev2_validate_ts(msg, offset, left, &ts)) 1465 return (-1); 1466 1467 log_debug("%s: type %s protoid %u length %d " 1468 "startport %u endport %u", __func__, 1469 print_map(ts.ts_type, ikev2_ts_map), 1470 ts.ts_protoid, betoh16(ts.ts_length), 1471 betoh16(ts.ts_startport), 1472 betoh16(ts.ts_endport)); 1473 1474 offset += sizeof(ts); 1475 left -= sizeof(ts); 1476 1477 ts_len = betoh16(ts.ts_length) - sizeof(ts); 1478 if (ikev2_pld_ts(env, pld, msg, offset, ts_len, ts.ts_type)) 1479 return (-1); 1480 1481 offset += ts_len; 1482 left -= ts_len; 1483 } 1484 1485 return (0); 1486 } 1487 1488 int 1489 ikev2_validate_ts(struct iked_message *msg, size_t offset, size_t left, 1490 struct ikev2_ts *ts) 1491 { 1492 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1493 size_t ts_length; 1494 1495 if (left < sizeof(*ts)) { 1496 log_debug("%s: malformed payload: too short for header " 1497 "(%zu < %zu)", __func__, left, sizeof(*ts)); 1498 return (-1); 1499 } 1500 memcpy(ts, msgbuf + offset, sizeof(*ts)); 1501 1502 ts_length = betoh16(ts->ts_length); 1503 if (ts_length < sizeof(*ts)) { 1504 log_debug("%s: malformed payload: shorter than minimum header " 1505 "size (%zu < %zu)", __func__, ts_length, sizeof(*ts)); 1506 return (-1); 1507 } 1508 if (left < ts_length) { 1509 log_debug("%s: malformed payload: too long for payload size " 1510 "(%zu < %zu)", __func__, left, ts_length); 1511 return (-1); 1512 } 1513 1514 return (0); 1515 } 1516 1517 int 1518 ikev2_pld_ts(struct iked *env, struct ikev2_payload *pld, 1519 struct iked_message *msg, size_t offset, size_t left, unsigned int type) 1520 { 1521 struct sockaddr_in s4; 1522 struct sockaddr_in6 s6; 1523 uint8_t buf[2][128]; 1524 uint8_t *ptr; 1525 1526 ptr = ibuf_data(msg->msg_data) + offset; 1527 1528 switch (type) { 1529 case IKEV2_TS_IPV4_ADDR_RANGE: 1530 if (left < 2 * 4) { 1531 log_debug("%s: malformed payload: too short " 1532 "for ipv4 addr range (%zu < %u)", 1533 __func__, left, 2 * 4); 1534 return (-1); 1535 } 1536 1537 bzero(&s4, sizeof(s4)); 1538 s4.sin_family = AF_INET; 1539 s4.sin_len = sizeof(s4); 1540 memcpy(&s4.sin_addr.s_addr, ptr, 4); 1541 ptr += 4; 1542 left -= 4; 1543 print_host((struct sockaddr *)&s4, 1544 (char *)buf[0], sizeof(buf[0])); 1545 1546 memcpy(&s4.sin_addr.s_addr, ptr, 4); 1547 left -= 4; 1548 print_host((struct sockaddr *)&s4, 1549 (char *)buf[1], sizeof(buf[1])); 1550 1551 log_debug("%s: start %s end %s", __func__, 1552 buf[0], buf[1]); 1553 break; 1554 case IKEV2_TS_IPV6_ADDR_RANGE: 1555 if (left < 2 * 16) { 1556 log_debug("%s: malformed payload: too short " 1557 "for ipv6 addr range (%zu < %u)", 1558 __func__, left, 2 * 16); 1559 return (-1); 1560 } 1561 bzero(&s6, sizeof(s6)); 1562 s6.sin6_family = AF_INET6; 1563 s6.sin6_len = sizeof(s6); 1564 memcpy(&s6.sin6_addr, ptr, 16); 1565 ptr += 16; 1566 left -= 16; 1567 print_host((struct sockaddr *)&s6, 1568 (char *)buf[0], sizeof(buf[0])); 1569 1570 memcpy(&s6.sin6_addr, ptr, 16); 1571 left -= 16; 1572 print_host((struct sockaddr *)&s6, 1573 (char *)buf[1], sizeof(buf[1])); 1574 log_debug("%s: start %s end %s", __func__, 1575 buf[0], buf[1]); 1576 break; 1577 default: 1578 log_debug("%s: ignoring unknown TS type %u", __func__, type); 1579 return (0); 1580 } 1581 1582 if (left > 0) { 1583 log_debug("%s: malformed payload: left (%zu) > 0", 1584 __func__, left); 1585 return (-1); 1586 } 1587 1588 return (0); 1589 } 1590 1591 int 1592 ikev2_pld_ef(struct iked *env, struct ikev2_payload *pld, 1593 struct iked_message *msg, size_t offset, size_t left) 1594 { 1595 struct iked_sa *sa = msg->msg_sa; 1596 struct iked_frag *sa_frag = &sa->sa_fragments; 1597 struct iked_frag_entry *el; 1598 struct ikev2_frag_payload frag; 1599 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1600 uint8_t *buf; 1601 struct ibuf *e = NULL; 1602 size_t frag_num, frag_total; 1603 size_t len; 1604 int ret = -1; 1605 ssize_t elen; 1606 1607 buf = msgbuf + offset; 1608 memcpy(&frag, buf, sizeof(frag)); 1609 frag_num = betoh16(frag.frag_num); 1610 frag_total = betoh16(frag.frag_total); 1611 1612 offset += sizeof(frag); 1613 buf = msgbuf + offset; 1614 len = left - sizeof(frag); 1615 1616 /* Limit number of total fragments to avoid DOS */ 1617 if (frag_total > IKED_FRAG_TOTAL_MAX ) { 1618 log_debug("%s: Total Fragments too big %zu", 1619 __func__, frag_total); 1620 goto dropall; 1621 } 1622 1623 /* Check sanity of fragment header */ 1624 if (frag_num == 0 || frag_total == 0) { 1625 log_debug("%s: Malformed fragment received: %zu of %zu", 1626 __func__, frag_num, frag_total); 1627 goto done; 1628 } 1629 log_debug("%s: Received fragment: %zu of %zu", 1630 __func__, frag_num, frag_total); 1631 1632 /* Check new fragmented message */ 1633 if (sa_frag->frag_arr == NULL) { 1634 sa_frag->frag_arr = recallocarray(NULL, 0, frag_total, 1635 sizeof(struct iked_frag_entry*)); 1636 if (sa_frag->frag_arr == NULL) { 1637 log_info("%s: recallocarray sa_frag->frag_arr.", __func__); 1638 goto done; 1639 } 1640 sa_frag->frag_total = frag_total; 1641 } 1642 1643 /* Drop all fragments if frag_num or frag_total don't match */ 1644 if (frag_num > sa_frag->frag_total || frag_total != sa_frag->frag_total) 1645 goto dropall; 1646 1647 /* Silent drop if fragment already stored */ 1648 if (sa_frag->frag_arr[frag_num-1] != NULL) 1649 goto done; 1650 1651 /* The first fragments IKE header determines pld_nextpayload */ 1652 if (frag_num == 1) 1653 sa_frag->frag_nextpayload = pld->pld_nextpayload; 1654 1655 /* Decrypt fragment */ 1656 if ((e = ibuf_new(buf, len)) == NULL) 1657 goto done; 1658 1659 if ((e = ikev2_msg_decrypt(env, msg->msg_sa, msg->msg_data, e)) 1660 == NULL ) { 1661 log_debug("%s: Failed to decrypt fragment: %zu of %zu", 1662 __func__, frag_num, frag_total); 1663 goto done; 1664 } 1665 elen = ibuf_length(e); 1666 1667 /* Insert new list element */ 1668 el = calloc(1, sizeof(struct iked_frag_entry)); 1669 if (el == NULL) { 1670 log_info("%s: Failed allocating new fragment: %zu of %zu", 1671 __func__, frag_num, frag_total); 1672 goto done; 1673 } 1674 1675 sa_frag->frag_arr[frag_num-1] = el; 1676 el->frag_size = elen; 1677 el->frag_data = calloc(1, elen); 1678 if (el->frag_data == NULL) { 1679 log_debug("%s: Failed allocating new fragment data: %zu of %zu", 1680 __func__, frag_num, frag_total); 1681 goto done; 1682 } 1683 1684 /* Copy plaintext to fragment */ 1685 memcpy(el->frag_data, ibuf_seek(e, 0, 0), elen); 1686 sa_frag->frag_total_size += elen; 1687 sa_frag->frag_count++; 1688 1689 /* If all frags are received start reassembly */ 1690 if (sa_frag->frag_count == sa_frag->frag_total) { 1691 log_debug("%s: All fragments received: %zu of %zu", 1692 __func__, frag_num, frag_total); 1693 ret = ikev2_frags_reassemble(env, pld, msg); 1694 } else { 1695 ret = 0; 1696 } 1697 done: 1698 ibuf_release(e); 1699 return (ret); 1700 dropall: 1701 config_free_fragments(sa_frag); 1702 ibuf_release(e); 1703 return -1; 1704 } 1705 1706 int 1707 ikev2_frags_reassemble(struct iked *env, struct ikev2_payload *pld, 1708 struct iked_message *msg) 1709 { 1710 struct iked_frag *sa_frag = &msg->msg_sa->sa_fragments; 1711 struct ibuf *e = NULL; 1712 struct iked_frag_entry *el; 1713 uint8_t *ptr; 1714 size_t offset; 1715 size_t i; 1716 struct iked_message emsg; 1717 int ret = -1; 1718 1719 /* Reassemble fragments to single buffer */ 1720 if ((e = ibuf_new(NULL, sa_frag->frag_total_size)) == NULL) { 1721 log_debug("%s: Failed allocating SK buffer.", __func__); 1722 goto done; 1723 } 1724 1725 /* Empty queue to new buffer */ 1726 offset = 0; 1727 for (i = 0; i < sa_frag->frag_total; i++) { 1728 if ((el = sa_frag->frag_arr[i]) == NULL) 1729 fatalx("Tried to reassemble shallow frag_arr"); 1730 ptr = ibuf_seek(e, offset, el->frag_size); 1731 if (ptr == NULL) { 1732 log_info("%s: failed to reassemble fragments", __func__); 1733 goto done; 1734 } 1735 memcpy(ptr, el->frag_data, el->frag_size); 1736 offset += el->frag_size; 1737 } 1738 1739 log_debug("%s: Defragmented length %zd", __func__, 1740 sa_frag->frag_total_size); 1741 print_hex(ibuf_data(e), 0, sa_frag->frag_total_size); 1742 1743 /* 1744 * Parse decrypted payload 1745 */ 1746 bzero(&emsg, sizeof(emsg)); 1747 memcpy(&emsg, msg, sizeof(*msg)); 1748 emsg.msg_data = e; 1749 emsg.msg_e = 1; 1750 emsg.msg_parent = msg; 1751 TAILQ_INIT(&emsg.msg_proposals); 1752 1753 ret = ikev2_pld_payloads(env, &emsg, 0, ibuf_size(e), 1754 sa_frag->frag_nextpayload); 1755 done: 1756 config_free_fragments(sa_frag); 1757 ibuf_release(e); 1758 1759 return (ret); 1760 } 1761 1762 int 1763 ikev2_pld_e(struct iked *env, struct ikev2_payload *pld, 1764 struct iked_message *msg, size_t offset, size_t left) 1765 { 1766 struct iked_sa *sa = msg->msg_sa; 1767 struct ibuf *e = NULL; 1768 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1769 struct iked_message emsg; 1770 uint8_t *buf; 1771 size_t len; 1772 int ret = -1; 1773 1774 if (sa->sa_fragments.frag_arr != NULL) { 1775 log_warn("%s: Received SK payload when SKFs are in queue.", 1776 __func__); 1777 config_free_fragments(&sa->sa_fragments); 1778 return (ret); 1779 } 1780 1781 buf = msgbuf + offset; 1782 len = left; 1783 1784 if ((e = ibuf_new(buf, len)) == NULL) 1785 goto done; 1786 1787 if (ikev2_msg_frompeer(msg)) { 1788 e = ikev2_msg_decrypt(env, msg->msg_sa, msg->msg_data, e); 1789 } else { 1790 sa->sa_hdr.sh_initiator = sa->sa_hdr.sh_initiator ? 0 : 1; 1791 e = ikev2_msg_decrypt(env, msg->msg_sa, msg->msg_data, e); 1792 sa->sa_hdr.sh_initiator = sa->sa_hdr.sh_initiator ? 0 : 1; 1793 } 1794 1795 if (e == NULL) 1796 goto done; 1797 1798 /* 1799 * Parse decrypted payload 1800 */ 1801 bzero(&emsg, sizeof(emsg)); 1802 memcpy(&emsg, msg, sizeof(*msg)); 1803 emsg.msg_data = e; 1804 emsg.msg_e = 1; 1805 emsg.msg_parent = msg; 1806 TAILQ_INIT(&emsg.msg_proposals); 1807 1808 ret = ikev2_pld_payloads(env, &emsg, 0, ibuf_size(e), 1809 pld->pld_nextpayload); 1810 1811 done: 1812 ibuf_release(e); 1813 1814 return (ret); 1815 } 1816 1817 int 1818 ikev2_validate_cp(struct iked_message *msg, size_t offset, size_t left, 1819 struct ikev2_cp *cp) 1820 { 1821 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1822 1823 if (left < sizeof(*cp)) { 1824 log_debug("%s: malformed payload: too short for header " 1825 "(%zu < %zu)", __func__, left, sizeof(*cp)); 1826 return (-1); 1827 } 1828 memcpy(cp, msgbuf + offset, sizeof(*cp)); 1829 1830 return (0); 1831 } 1832 1833 int 1834 ikev2_pld_cp(struct iked *env, struct ikev2_payload *pld, 1835 struct iked_message *msg, size_t offset, size_t left) 1836 { 1837 struct ikev2_cp cp; 1838 struct ikev2_cfg *cfg; 1839 struct iked_addr *addr; 1840 struct sockaddr_in *in4; 1841 struct sockaddr_in6 *in6; 1842 uint8_t *ptr; 1843 size_t len; 1844 uint8_t buf[128]; 1845 1846 if (ikev2_validate_cp(msg, offset, left, &cp)) 1847 return (-1); 1848 1849 ptr = ibuf_data(msg->msg_data) + offset + sizeof(cp); 1850 len = left - sizeof(cp); 1851 1852 log_debug("%s: type %s length %zu", 1853 __func__, print_map(cp.cp_type, ikev2_cp_map), len); 1854 print_hex(ptr, 0, len); 1855 1856 while (len > 0) { 1857 if (len < sizeof(*cfg)) { 1858 log_debug("%s: malformed payload: too short for cfg " 1859 "(%zu < %zu)", __func__, len, sizeof(*cfg)); 1860 return (-1); 1861 } 1862 cfg = (struct ikev2_cfg *)ptr; 1863 1864 log_debug("%s: %s 0x%04x length %d", __func__, 1865 print_map(betoh16(cfg->cfg_type), ikev2_cfg_map), 1866 betoh16(cfg->cfg_type), 1867 betoh16(cfg->cfg_length)); 1868 1869 ptr += sizeof(*cfg); 1870 len -= sizeof(*cfg); 1871 1872 if (len < betoh16(cfg->cfg_length)) { 1873 log_debug("%s: malformed payload: too short for " 1874 "cfg_length (%zu < %u)", __func__, len, 1875 betoh16(cfg->cfg_length)); 1876 return (-1); 1877 } 1878 1879 print_hex(ptr, sizeof(*cfg), betoh16(cfg->cfg_length)); 1880 1881 switch (betoh16(cfg->cfg_type)) { 1882 case IKEV2_CFG_INTERNAL_IP4_ADDRESS: 1883 if (!ikev2_msg_frompeer(msg)) 1884 break; 1885 if (betoh16(cfg->cfg_length) == 0) 1886 break; 1887 /* XXX multiple-valued */ 1888 if (betoh16(cfg->cfg_length) < 4) { 1889 log_debug("%s: malformed payload: too short " 1890 "for ipv4 addr (%u < %u)", 1891 __func__, betoh16(cfg->cfg_length), 4); 1892 return (-1); 1893 } 1894 if (msg->msg_parent->msg_cp_addr != NULL) { 1895 log_debug("%s: address already set", __func__); 1896 break; 1897 } 1898 if ((addr = calloc(1, sizeof(*addr))) == NULL) { 1899 log_debug("%s: malloc failed", __func__); 1900 break; 1901 } 1902 addr->addr_af = AF_INET; 1903 in4 = (struct sockaddr_in *)&addr->addr; 1904 in4->sin_family = AF_INET; 1905 in4->sin_len = sizeof(*in4); 1906 memcpy(&in4->sin_addr.s_addr, ptr, 4); 1907 print_host((struct sockaddr *)in4, (char *)buf, 1908 sizeof(buf)); 1909 log_debug("%s: cfg %s", __func__, buf); 1910 msg->msg_parent->msg_cp_addr = addr; 1911 break; 1912 case IKEV2_CFG_INTERNAL_IP6_ADDRESS: 1913 if (!ikev2_msg_frompeer(msg)) 1914 break; 1915 if (betoh16(cfg->cfg_length) == 0) 1916 break; 1917 /* XXX multiple-valued */ 1918 if (betoh16(cfg->cfg_length) < 16 + 1) { 1919 log_debug("%s: malformed payload: too short " 1920 "for ipv6 addr w/prefixlen (%u < %u)", 1921 __func__, betoh16(cfg->cfg_length), 16 + 1); 1922 return (-1); 1923 } 1924 if (msg->msg_parent->msg_cp_addr6 != NULL) { 1925 log_debug("%s: address already set", __func__); 1926 break; 1927 } 1928 if ((addr = calloc(1, sizeof(*addr))) == NULL) { 1929 log_debug("%s: malloc failed", __func__); 1930 break; 1931 } 1932 addr->addr_af = AF_INET6; 1933 in6 = (struct sockaddr_in6 *)&addr->addr; 1934 in6->sin6_family = AF_INET6; 1935 in6->sin6_len = sizeof(*in6); 1936 memcpy(&in6->sin6_addr, ptr, 16); 1937 print_host((struct sockaddr *)in6, (char *)buf, 1938 sizeof(buf)); 1939 log_debug("%s: cfg %s/%d", __func__, buf, ptr[16]); 1940 msg->msg_parent->msg_cp_addr6 = addr; 1941 break; 1942 } 1943 1944 ptr += betoh16(cfg->cfg_length); 1945 len -= betoh16(cfg->cfg_length); 1946 } 1947 1948 if (!ikev2_msg_frompeer(msg)) 1949 return (0); 1950 1951 msg->msg_parent->msg_cp = cp.cp_type; 1952 1953 return (0); 1954 } 1955 1956 int 1957 ikev2_validate_eap(struct iked_message *msg, size_t offset, size_t left, 1958 struct eap_header *hdr) 1959 { 1960 uint8_t *msgbuf = ibuf_data(msg->msg_data); 1961 1962 if (left < sizeof(*hdr)) { 1963 log_debug("%s: malformed payload: too short for header " 1964 "(%zu < %zu)", __func__, left, sizeof(*hdr)); 1965 return (-1); 1966 } 1967 memcpy(hdr, msgbuf + offset, sizeof(*hdr)); 1968 1969 return (0); 1970 } 1971 1972 int 1973 ikev2_pld_eap(struct iked *env, struct ikev2_payload *pld, 1974 struct iked_message *msg, size_t offset, size_t left) 1975 { 1976 struct eap_header hdr; 1977 struct eap_message *eap = NULL; 1978 const struct iked_sa *sa = msg->msg_sa; 1979 size_t len; 1980 1981 if (ikev2_validate_eap(msg, offset, left, &hdr)) 1982 return (-1); 1983 len = betoh16(hdr.eap_length); 1984 1985 if (len < sizeof(*eap)) { 1986 log_info("%s: %s id %d length %d", SPI_SA(sa, __func__), 1987 print_map(hdr.eap_code, eap_code_map), 1988 hdr.eap_id, betoh16(hdr.eap_length)); 1989 } else { 1990 /* Now try to get the indicated length */ 1991 if ((eap = ibuf_seek(msg->msg_data, offset, len)) == NULL) { 1992 log_debug("%s: invalid EAP length", __func__); 1993 return (-1); 1994 } 1995 1996 log_info("%s: %s id %d length %d EAP-%s", SPI_SA(sa, __func__), 1997 print_map(eap->eap_code, eap_code_map), 1998 eap->eap_id, betoh16(eap->eap_length), 1999 print_map(eap->eap_type, eap_type_map)); 2000 2001 if (eap_parse(env, sa, msg, eap, msg->msg_response) == -1) 2002 return (-1); 2003 msg->msg_parent->msg_eap.eam_found = 1; 2004 } 2005 2006 return (0); 2007 } 2008