SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
src/sbin/isakmpd/exchange.c

1861 lines
52 KiB
C
Raw Permalink Blame History

/* $OpenBSD: exchange.c,v 1.142 2018/01/15 09:54:48 mpi Exp $ */
/* $EOM: exchange.c,v 1.143 2000/12/04 00:02:25 angelos Exp $ */
/*
* Copyright (c) 1998, 1999, 2000, 2001 Niklas Hallqvist. All rights reserved.
* Copyright (c) 1999, 2001 Angelos D. Keromytis. All rights reserved.
* Copyright (c) 1999, 2000, 2002 Håkan Olsson. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
/*
* This code was written under funding by Ericsson Radio Systems.
*/
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <stdlib.h>
#include <string.h>
#include <regex.h>
#include <keynote.h>
#include "cert.h"
#include "conf.h"
#include "connection.h"
#include "constants.h"
#include "cookie.h"
#include "crypto.h"
#include "doi.h"
#include "exchange.h"
#include "ipsec_num.h"
#include "isakmp.h"
#include "isakmp_cfg.h"
#include "libcrypto.h"
#include "log.h"
#include "message.h"
#include "timer.h"
#include "transport.h"
#include "ipsec.h"
#include "sa.h"
#include "ui.h"
#include "util.h"
#include "key.h"
#include "dpd.h"
/* Initial number of bits from the cookies used as hash. */
#define INITIAL_BUCKET_BITS 6
/*
* Don't try to use more bits than this as a hash.
* We only XOR 16 bits so going above that means changing the code below
* too.
*/
#define MAX_BUCKET_BITS 16
static void exchange_dump(char *, struct exchange *);
static void exchange_free_aux(void *);
static struct exchange *exchange_lookup_active(char *, int);
static
LIST_HEAD(exchange_list, exchange) *exchange_tab;
/* Works both as a maximum index and a mask. */
static int bucket_mask;
/*
* Validation scripts used to test messages for correct content of
* payloads depending on the exchange type.
*/
int16_t script_base[] = {
ISAKMP_PAYLOAD_SA, /* Initiator -> responder. */
ISAKMP_PAYLOAD_NONCE,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_SA, /* Responder -> initiator. */
ISAKMP_PAYLOAD_NONCE,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_KEY_EXCH, /* Initiator -> responder. */
ISAKMP_PAYLOAD_ID,
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_KEY_EXCH, /* Responder -> initiator. */
ISAKMP_PAYLOAD_ID,
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_END
};
int16_t script_identity_protection[] = {
ISAKMP_PAYLOAD_SA, /* Initiator -> responder. */
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_SA, /* Responder -> initiator. */
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_KEY_EXCH, /* Initiator -> responder. */
ISAKMP_PAYLOAD_NONCE,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_KEY_EXCH, /* Responder -> initiator. */
ISAKMP_PAYLOAD_NONCE,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_ID, /* Initiator -> responder. */
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_ID, /* Responder -> initiator. */
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_END
};
int16_t script_authentication_only[] = {
ISAKMP_PAYLOAD_SA, /* Initiator -> responder. */
ISAKMP_PAYLOAD_NONCE,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_SA, /* Responder -> initiator. */
ISAKMP_PAYLOAD_NONCE,
ISAKMP_PAYLOAD_ID,
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_ID, /* Initiator -> responder. */
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_END
};
int16_t script_aggressive[] = {
ISAKMP_PAYLOAD_SA, /* Initiator -> responder. */
ISAKMP_PAYLOAD_KEY_EXCH,
ISAKMP_PAYLOAD_NONCE,
ISAKMP_PAYLOAD_ID,
EXCHANGE_SCRIPT_SWITCH,
ISAKMP_PAYLOAD_SA, /* Responder -> initiator. */
ISAKMP_PAYLOAD_KEY_EXCH,
ISAKMP_PAYLOAD_NONCE,
ISAKMP_PAYLOAD_ID,
EXCHANGE_SCRIPT_AUTH,
EXCHANGE_SCRIPT_SWITCH,
EXCHANGE_SCRIPT_AUTH, /* Initiator -> responder. */
EXCHANGE_SCRIPT_END
};
int16_t script_informational[] = {
EXCHANGE_SCRIPT_INFO, /* Initiator -> responder. */
EXCHANGE_SCRIPT_END
};
/*
* Check what exchange SA is negotiated with and return a suitable validation
* script.
*/
int16_t *
exchange_script(struct exchange *exchange)
{
switch (exchange->type) {
case ISAKMP_EXCH_BASE:
return script_base;
case ISAKMP_EXCH_ID_PROT:
return script_identity_protection;
case ISAKMP_EXCH_AUTH_ONLY:
return script_authentication_only;
case ISAKMP_EXCH_AGGRESSIVE:
return script_aggressive;
case ISAKMP_EXCH_INFO:
return script_informational;
case ISAKMP_EXCH_TRANSACTION:
return script_transaction;
default:
if (exchange->type >= ISAKMP_EXCH_DOI_MIN)
return exchange->doi->exchange_script(exchange->type);
}
return 0;
}
/*
* Validate the message MSG's contents wrt what payloads the exchange type
* requires at this point in the dialogue. Return -1 if the validation fails,
* 0 if it succeeds and the script is not finished and 1 if it's ready.
*/
static int
exchange_validate(struct message *msg)
{
struct exchange *exchange = msg->exchange;
int16_t *pc = exchange->exch_pc;
while (*pc != EXCHANGE_SCRIPT_END && *pc != EXCHANGE_SCRIPT_SWITCH) {
LOG_DBG((LOG_EXCHANGE, 90,
"exchange_validate: checking for required %s",
*pc >= ISAKMP_PAYLOAD_NONE
? constant_name(isakmp_payload_cst, *pc)
: constant_name(exchange_script_cst, *pc)));
/* Check for existence of the required payloads. */
if ((*pc > 0 && !payload_first(msg, *pc)) ||
(*pc == EXCHANGE_SCRIPT_AUTH &&
!payload_first(msg, ISAKMP_PAYLOAD_HASH) &&
!payload_first(msg, ISAKMP_PAYLOAD_SIG)) ||
(*pc == EXCHANGE_SCRIPT_INFO &&
((!payload_first(msg, ISAKMP_PAYLOAD_NOTIFY) &&
!payload_first(msg, ISAKMP_PAYLOAD_DELETE)) ||
(payload_first(msg, ISAKMP_PAYLOAD_DELETE) &&
!payload_first(msg, ISAKMP_PAYLOAD_HASH))))) {
/* Missing payload. */
LOG_DBG((LOG_MESSAGE, 70,
"exchange_validate: msg %p requires missing %s",
msg, *pc >= ISAKMP_PAYLOAD_NONE
? constant_name(isakmp_payload_cst, *pc)
: constant_name(exchange_script_cst, *pc)));
return -1;
}
pc++;
}
if (*pc == EXCHANGE_SCRIPT_END)
/* Cleanup. */
return 1;
return 0;
}
/* Feed unhandled payloads to the DOI for handling. Help for exchange_run(). */
static void
exchange_handle_leftover_payloads(struct message *msg)
{
struct exchange *exchange = msg->exchange;
struct doi *doi = exchange->doi;
struct payload *p;
int i;
for (i = ISAKMP_PAYLOAD_SA; i < ISAKMP_PAYLOAD_MAX; i++) {
if (i == ISAKMP_PAYLOAD_PROPOSAL ||
i == ISAKMP_PAYLOAD_TRANSFORM)
continue;
TAILQ_FOREACH(p, &msg->payload[i], link) {
if (p->flags & PL_MARK)
continue;
if (!doi->handle_leftover_payload ||
doi->handle_leftover_payload(msg, i, p))
LOG_DBG((LOG_EXCHANGE, 10,
"exchange_handle_leftover_payloads: "
"unexpected payload %s",
constant_name(isakmp_payload_cst, i)));
}
}
}
/*
* Run the exchange script from a point given by the "program counter"
* upto either the script's end or a transmittal of a message. If we are
* at the point of a reception of a message, that message should be handed
* in here in the MSG argument. Otherwise we are the initiator and should
* expect MSG to be a half-cooked message without payloads.
*/
void
exchange_run(struct message *msg)
{
struct exchange *exchange = msg->exchange;
struct doi *doi = exchange->doi;
int (*handler)(struct message *) = exchange->initiator ?
doi->initiator : doi->responder;
int done = 0;
while (!done) {
/*
* It's our turn if we're either the initiator on an even step,
* or the responder on an odd step of the dialogue.
*/
if (exchange->initiator ^ (exchange->step % 2)) {
done = 1;
if (exchange->step)
msg = message_alloc_reply(msg);
message_setup_header(msg, exchange->type, 0,
exchange->message_id);
if (handler(msg)) {
/*
* This can happen when transient starvation
* of memory occurs.
* XXX The peer's retransmit ought to
* kick-start this exchange again. If he's
* stopped retransmitting he's likely dropped
* the SA at his side so we need to do that
* too, i.e. implement automatic SA teardown
* after a certain amount of inactivity.
*/
log_print("exchange_run: doi->%s (%p) failed",
exchange->initiator ? "initiator" :
"responder", msg);
message_free(msg);
return;
}
switch (exchange_validate(msg)) {
case 1:
/*
* The last message of a multi-message
* exchange should not be retransmitted other
* than "on-demand", i.e. if we see
* retransmits of the last message of the peer
* later.
*/
msg->flags |= MSG_LAST;
if (exchange->step > 0) {
if (exchange->last_sent)
message_free(exchange->last_sent);
exchange->last_sent = msg;
}
/*
* After we physically have sent our last
* message we need to do SA-specific
* finalization, like telling our application
* the SA is ready to be used, or issuing a
* CONNECTED notify if we set the COMMIT bit.
*/
message_register_post_send(msg,
exchange_finalize);
/* FALLTHROUGH */
case 0:
/*
* Don't retransmit responses for
* unauthenticated messages.
*/
if ((exchange->type == ISAKMP_EXCH_ID_PROT ||
exchange->type == ISAKMP_EXCH_AGGRESSIVE) &&
exchange->phase == 1 && exchange->step == 1)
msg->flags |= MSG_DONTRETRANSMIT;
/* XXX error handling. */
message_send(msg);
break;
default:
log_print("exchange_run: exchange_validate "
"failed, DOI error");
exchange_free(exchange);
message_free(msg);
return;
}
} else {
done = exchange_validate(msg);
switch (done) {
case 0:
case 1:
/* Feed the message to the DOI. */
if (handler(msg)) {
/*
* Trust the peer to retransmit.
* XXX We have to implement SA aging
* with automatic teardown.
*/
message_free(msg);
return;
}
/*
* Go over the yet unhandled payloads and feed
* them to DOI for handling.
*/
exchange_handle_leftover_payloads(msg);
/*
* We have advanced the state. If we have
* been processing an incoming message, record
* that message as the one to do duplication
* tests against.
*/
if (exchange->last_received)
message_free(exchange->last_received);
exchange->last_received = msg;
if (exchange->flags & EXCHANGE_FLAG_ENCRYPT)
crypto_update_iv(exchange->keystate);
if (done) {
exchange_finalize(msg);
return;
}
break;
case -1:
log_print("exchange_run: exchange_validate "
"failed");
/*
* XXX Is this the best error notification
* type?
*/
message_drop(msg,
ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
return;
}
}
LOG_DBG((LOG_EXCHANGE, 40,
"exchange_run: exchange %p finished step %d, advancing...",
exchange, exchange->step));
exchange->step++;
while (*exchange->exch_pc != EXCHANGE_SCRIPT_SWITCH &&
*exchange->exch_pc != EXCHANGE_SCRIPT_END)
exchange->exch_pc++;
exchange->exch_pc++;
}
}
void
exchange_init(void)
{
int i;
bucket_mask = (1 << INITIAL_BUCKET_BITS) - 1;
exchange_tab = calloc(bucket_mask + 1, sizeof(struct exchange_list));
if (!exchange_tab)
log_fatal("exchange_init: out of memory");
for (i = 0; i <= bucket_mask; i++)
LIST_INIT(&exchange_tab[i]);
}
/* Lookup a phase 1 exchange out of just the initiator cookie. */
struct exchange *
exchange_lookup_from_icookie(u_int8_t *cookie)
{
struct exchange *exchange;
int i;
for (i = 0; i <= bucket_mask; i++)
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
exchange = LIST_NEXT(exchange, link))
if (memcmp(exchange->cookies, cookie,
ISAKMP_HDR_ICOOKIE_LEN) == 0 &&
exchange->phase == 1)
return exchange;
return 0;
}
/* Lookup an exchange out of the name and phase. */
struct exchange *
exchange_lookup_by_name(char *name, int phase)
{
struct exchange *exchange;
int i;
/* If we search for nothing, we will find nothing. */
if (!name)
return 0;
for (i = 0; i <= bucket_mask; i++)
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
exchange = LIST_NEXT(exchange, link)) {
LOG_DBG((LOG_EXCHANGE, 90,
"exchange_lookup_by_name: %s == %s && %d == %d?",
name, exchange->name ? exchange->name :
"<unnamed>", phase, exchange->phase));
/*
* Match by name, but don't select finished exchanges,
* i.e where MSG_LAST are set in last_sent msg.
*/
if (exchange->name &&
strcasecmp(exchange->name, name) == 0 &&
exchange->phase == phase &&
(!exchange->last_sent ||
(exchange->last_sent->flags & MSG_LAST) == 0))
return exchange;
}
return 0;
}
/* Lookup an exchange out of the name, phase and step > 1. */
static struct exchange *
exchange_lookup_active(char *name, int phase)
{
struct exchange *exchange;
int i;
/* XXX Almost identical to exchange_lookup_by_name. */
if (!name)
return 0;
for (i = 0; i <= bucket_mask; i++)
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
exchange = LIST_NEXT(exchange, link)) {
LOG_DBG((LOG_EXCHANGE, 90,
"exchange_lookup_active: %s == %s && %d == %d?",
name, exchange->name ? exchange->name :
"<unnamed>", phase, exchange->phase));
if (exchange->name &&
strcasecmp(exchange->name, name) == 0 &&
exchange->phase == phase) {
if (exchange->step > 1)
return exchange;
else
LOG_DBG((LOG_EXCHANGE, 80,
"exchange_lookup_active: avoided "
"early (pre-step 1) exchange %p",
exchange));
}
}
return 0;
}
static void
exchange_enter(struct exchange *exchange)
{
u_int16_t bucket = 0;
u_int8_t *cp;
int i;
/* XXX We might resize if we are crossing a certain threshold */
for (i = 0; i < ISAKMP_HDR_COOKIES_LEN; i += 2) {
cp = exchange->cookies + i;
/* Doing it this way avoids alignment problems. */
bucket ^= cp[0] | cp[1] << 8;
}
for (i = 0; i < ISAKMP_HDR_MESSAGE_ID_LEN; i += 2) {
cp = exchange->message_id + i;
/* Doing it this way avoids alignment problems. */
bucket ^= cp[0] | cp[1] << 8;
}
bucket &= bucket_mask;
LIST_INSERT_HEAD(&exchange_tab[bucket], exchange, link);
exchange->linked = 1;
}
/*
* Lookup the exchange given by the header fields MSG. PHASE2 is false when
* looking for phase 1 exchanges and true otherwise.
*/
struct exchange *
exchange_lookup(u_int8_t *msg, int phase2)
{
struct exchange *exchange;
u_int16_t bucket = 0;
u_int8_t *cp;
int i;
/*
* We use the cookies to get bits to use as an index into exchange_tab,
* as at least one (our cookie) is a good hash, xoring all the bits,
* 16 at a time, and then masking, should do. Doing it this way means
* we can validate cookies very fast thus delimiting the effects of
* "Denial of service"-attacks using packet flooding.
*/
for (i = 0; i < ISAKMP_HDR_COOKIES_LEN; i += 2) {
cp = msg + ISAKMP_HDR_COOKIES_OFF + i;
/* Doing it this way avoids alignment problems. */
bucket ^= cp[0] | cp[1] << 8;
}
if (phase2)
for (i = 0; i < ISAKMP_HDR_MESSAGE_ID_LEN; i += 2) {
cp = msg + ISAKMP_HDR_MESSAGE_ID_OFF + i;
/* Doing it this way avoids alignment problems. */
bucket ^= cp[0] | cp[1] << 8;
}
bucket &= bucket_mask;
for (exchange = LIST_FIRST(&exchange_tab[bucket]);
exchange && (memcmp(msg + ISAKMP_HDR_COOKIES_OFF,
exchange->cookies, ISAKMP_HDR_COOKIES_LEN) != 0 ||
(phase2 && memcmp(msg + ISAKMP_HDR_MESSAGE_ID_OFF,
exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN) != 0) ||
(!phase2 && !zero_test(msg + ISAKMP_HDR_MESSAGE_ID_OFF,
ISAKMP_HDR_MESSAGE_ID_LEN)));
exchange = LIST_NEXT(exchange, link))
;
return exchange;
}
/*
* Create a phase PHASE exchange where INITIATOR denotes our role. DOI
* is the domain of interpretation identifier and TYPE tells what exchange
* type to use per either the DOI document or the ISAKMP spec proper.
* NSA tells how many SAs we should pre-allocate, and should be zero
* when we have the responder role.
*/
static struct exchange *
exchange_create(int phase, int initiator, int doi, int type)
{
struct exchange *exchange;
struct timespec expiration;
int delta;
/*
* We want the exchange zeroed for exchange_free to be able to find
* out what fields have been filled-in.
*/
exchange = calloc(1, sizeof *exchange);
if (!exchange) {
log_error("exchange_create: calloc (1, %lu) failed",
(unsigned long)sizeof *exchange);
return 0;
}
exchange->phase = phase;
exchange->step = 0;
exchange->initiator = initiator;
bzero(exchange->cookies, ISAKMP_HDR_COOKIES_LEN);
bzero(exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
exchange->doi = doi_lookup(doi);
exchange->type = type;
exchange->policy_id = -1;
exchange->exch_pc = exchange_script(exchange);
exchange->last_sent = exchange->last_received = 0;
TAILQ_INIT(&exchange->sa_list);
TAILQ_INIT(&exchange->aca_list);
/* Allocate the DOI-specific structure and initialize it to zeroes. */
if (exchange->doi->exchange_size) {
exchange->data = calloc(1, exchange->doi->exchange_size);
if (!exchange->data) {
log_error("exchange_create: calloc (1, %lu) failed",
(unsigned long)exchange->doi->exchange_size);
exchange_free(exchange);
return 0;
}
}
clock_gettime(CLOCK_MONOTONIC, &expiration);
delta = conf_get_num("General", "Exchange-max-time",
EXCHANGE_MAX_TIME);
expiration.tv_sec += delta;
exchange->death = timer_add_event("exchange_free_aux",
exchange_free_aux, exchange, &expiration);
if (!exchange->death) {
/* If we don't give up we might start leaking... */
exchange_free_aux(exchange);
return 0;
}
return exchange;
}
struct exchange_finalization_node {
void (*first)(struct exchange *, void *, int);
void *first_arg;
void (*second)(struct exchange *, void *, int);
void *second_arg;
};
/* Run the finalization functions of ARG. */
static void
exchange_run_finalizations(struct exchange *exchange, void *arg, int fail)
{
struct exchange_finalization_node *node = arg;
node->first(exchange, node->first_arg, fail);
node->second(exchange, node->second_arg, fail);
free(node);
}
/*
* Add a finalization function FINALIZE with argument ARG to the tail
* of the finalization function list of EXCHANGE.
*/
static void
exchange_add_finalization(struct exchange *exchange,
void (*finalize)(struct exchange *, void *, int), void *arg)
{
struct exchange_finalization_node *node;
if (!finalize)
return;
if (!exchange->finalize) {
exchange->finalize = finalize;
exchange->finalize_arg = arg;
return;
}
node = malloc(sizeof *node);
if (!node) {
log_error("exchange_add_finalization: malloc (%lu) failed",
(unsigned long)sizeof *node);
free(arg);
return;
}
node->first = exchange->finalize;
node->first_arg = exchange->finalize_arg;
node->second = finalize;
node->second_arg = arg;
exchange->finalize = exchange_run_finalizations;
exchange->finalize_arg = node;
}
static void
exchange_establish_transaction(struct exchange *exchange, void *arg, int fail)
{
/* Establish a TRANSACTION exchange. */
struct exchange_finalization_node *node =
(struct exchange_finalization_node *)arg;
struct sa *isakmp_sa = sa_lookup_by_name((char *) node->second_arg, 1);
if (isakmp_sa && !fail)
exchange_establish_p2(isakmp_sa, ISAKMP_EXCH_TRANSACTION, 0, 0,
node->first, node->first_arg);
free(node);
}
/* Establish a phase 1 exchange. */
int
exchange_establish_p1(struct transport *t, u_int8_t type, u_int32_t doi,
char *name, void *args, void (*finalize)(struct exchange *, void *, int),
void *arg, int stayalive)
{
struct exchange *exchange;
struct message *msg;
struct conf_list *flags;
struct conf_list_node *flag;
char *tag = 0;
char *str;
if (name) {
/* If no exchange type given, fetch from the configuration. */
if (type == 0) {
/*
* XXX Similar code can be found in
* exchange_setup_p1. Share?
*/
/* Find out our phase 1 mode. */
tag = conf_get_str(name, "Configuration");
if (!tag) {
/* Use default setting. */
tag = CONF_DFLT_TAG_PHASE1_CONFIG;
}
/* Figure out the DOI. XXX Factor out? */
str = conf_get_str(tag, "DOI");
if (!str || strcasecmp(str, "IPSEC") == 0)
doi = IPSEC_DOI_IPSEC;
else if (strcasecmp(str, "ISAKMP") == 0)
doi = ISAKMP_DOI_ISAKMP;
else {
log_print("exchange_establish_p1: "
"DOI \"%s\" unsupported", str);
return -1;
}
/* What exchange type do we want? */
str = conf_get_str(tag, "EXCHANGE_TYPE");
if (!str) {
log_print("exchange_establish_p1: "
"no \"EXCHANGE_TYPE\" tag in [%s] section",
tag);
return -1;
}
type = constant_value(isakmp_exch_cst, str);
if (!type) {
log_print("exchange_establish_p1: "
"unknown exchange type %s", str);
return -1;
}
}
}
exchange = exchange_create(1, 1, doi, type);
if (!exchange) {
return -1;
}
if (name) {
exchange->name = strdup(name);
if (!exchange->name) {
log_error("exchange_establish_p1: "
"strdup (\"%s\") failed", name);
exchange_free(exchange);
return -1;
}
}
exchange->policy = name ? conf_get_str(name, "Configuration") : 0;
if (!exchange->policy && name)
exchange->policy = CONF_DFLT_TAG_PHASE1_CONFIG;
if (name && (flags = conf_get_list(name, "Flags")) != NULL) {
for (flag = TAILQ_FIRST(&flags->fields); flag;
flag = TAILQ_NEXT(flag, link))
if (strcasecmp(flag->field, "ikecfg") == 0) {
struct exchange_finalization_node *node;
node = calloc(1, (unsigned long)sizeof *node);
if (!node) {
log_print("exchange_establish_p1: "
"calloc (1, %lu) failed",
(unsigned long)sizeof(*node));
exchange_free(exchange);
return -1;
}
/*
* Insert this finalization inbetween
* the original.
*/
node->first = finalize;
node->first_arg = arg;
node->second_arg = name;
exchange_add_finalization(exchange,
exchange_establish_transaction,
node);
finalize = 0;
}
conf_free_list(flags);
}
exchange_add_finalization(exchange, finalize, arg);
cookie_gen(t, exchange, exchange->cookies, ISAKMP_HDR_ICOOKIE_LEN);
exchange_enter(exchange);
exchange_dump("exchange_establish_p1", exchange);
msg = message_alloc(t, 0, ISAKMP_HDR_SZ);
if (!msg) {
log_print("exchange_establish_p1: message_alloc () failed");
exchange_free(exchange);
return 0; /* exchange_free() runs finalize */
}
msg->exchange = exchange;
/* Do not create SA for an information or transaction exchange. */
if (exchange->type != ISAKMP_EXCH_INFO &&
exchange->type != ISAKMP_EXCH_TRANSACTION) {
/*
* Don't install a transport into this SA as it will be an
* INADDR_ANY address in the local end, which is not good at
* all. Let the reply packet install the transport instead.
*/
sa_create(exchange, 0);
msg->isakmp_sa = TAILQ_FIRST(&exchange->sa_list);
if (!msg->isakmp_sa) {
message_free(msg);
exchange_free(exchange);
return 0; /* exchange_free() runs finalize */
}
sa_reference(msg->isakmp_sa);
if (stayalive)
msg->isakmp_sa->flags |= SA_FLAG_STAYALIVE;
}
msg->extra = args;
exchange_run(msg);
return 0;
}
/* Establish a phase 2 exchange. XXX With just one SA for now. */
int
exchange_establish_p2(struct sa *isakmp_sa, u_int8_t type, char *name,
void *args, void (*finalize)(struct exchange *, void *, int), void *arg)
{
struct exchange *exchange;
struct message *msg;
u_int32_t doi = ISAKMP_DOI_ISAKMP;
u_int32_t seq = 0;
int i;
char *tag, *str;
if (isakmp_sa)
doi = isakmp_sa->doi->id;
if (name) {
/* Find out our phase 2 modes. */
tag = conf_get_str(name, "Configuration");
if (!tag) {
log_print("exchange_establish_p2: "
"no configuration for peer \"%s\"", name);
return -1;
}
seq = (u_int32_t)conf_get_num(name, "Acquire-ID", 0);
/* Figure out the DOI. */
str = conf_get_str(tag, "DOI");
if (!str || strcasecmp(str, "IPSEC") == 0)
doi = IPSEC_DOI_IPSEC;
else if (strcasecmp(str, "ISAKMP") == 0)
doi = ISAKMP_DOI_ISAKMP;
else {
log_print("exchange_establish_p2: "
"DOI \"%s\" unsupported", str);
return -1;
}
/* What exchange type do we want? */
if (!type) {
str = conf_get_str(tag, "EXCHANGE_TYPE");
if (!str) {
log_print("exchange_establish_p2: "
"no \"EXCHANGE_TYPE\" tag in [%s] section",
tag);
return -1;
}
/* XXX IKE dependent. */
type = constant_value(ike_exch_cst, str);
if (!type) {
log_print("exchange_establish_p2: unknown "
"exchange type %s", str);
return -1;
}
}
}
exchange = exchange_create(2, 1, doi, type);
if (!exchange) {
return -1;
}
if (name) {
exchange->name = strdup(name);
if (!exchange->name) {
log_error("exchange_establish_p2: "
"strdup (\"%s\") failed", name);
exchange_free(exchange);
return -1;
}
}
exchange->policy = name ? conf_get_str(name, "Configuration") : 0;
exchange->finalize = finalize;
exchange->finalize_arg = arg;
exchange->seq = seq;
memcpy(exchange->cookies, isakmp_sa->cookies, ISAKMP_HDR_COOKIES_LEN);
arc4random_buf(exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
exchange->flags |= EXCHANGE_FLAG_ENCRYPT;
if (isakmp_sa->flags & SA_FLAG_NAT_T_ENABLE)
exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
if (isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE)
exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE;
exchange_enter(exchange);
exchange_dump("exchange_establish_p2", exchange);
/*
* Do not create SA's for informational exchanges.
* XXX How to handle new group mode?
*/
if (exchange->type != ISAKMP_EXCH_INFO &&
exchange->type != ISAKMP_EXCH_TRANSACTION) {
/* XXX Number of SAs should come from the args structure. */
for (i = 0; i < 1; i++)
if (sa_create(exchange, isakmp_sa->transport)) {
exchange_free(exchange);
return 0; /* exchange_free() runs finalize */
}
}
msg = message_alloc(isakmp_sa->transport, 0, ISAKMP_HDR_SZ);
msg->isakmp_sa = isakmp_sa;
sa_reference(isakmp_sa);
msg->extra = args;
/* This needs to be done late or else get_keystate won't work right. */
msg->exchange = exchange;
exchange_run(msg);
return 0;
}
/* Out of an incoming phase 1 message, setup an exchange. */
struct exchange *
exchange_setup_p1(struct message *msg, u_int32_t doi)
{
struct transport *t = msg->transport;
struct exchange *exchange;
struct sockaddr *dst;
struct conf_list *flags;
struct conf_list_node *flag;
char *name = 0, *policy = 0, *str;
u_int32_t want_doi;
u_int8_t type;
/* XXX Similar code can be found in exchange_establish_p1. Share? */
/*
* Unless this is an informational exchange, look up our policy for
* this peer.
*/
type = GET_ISAKMP_HDR_EXCH_TYPE(msg->iov[0].iov_base);
if (type != ISAKMP_EXCH_INFO) {
/*
* Find out our inbound phase 1 mode.
*/
t->vtbl->get_dst(t, &dst);
if (sockaddr2text(dst, &str, 0) == -1)
return 0;
name = conf_get_str("Phase 1", str);
free(str);
if (name) {
/*
* If another phase 1 exchange is ongoing don't bother
* returning the call. However, we will need to
* continue responding if our phase 1 exchange is
* still waiting for step 1 (i.e still half-open).
*/
exchange = exchange_lookup_active(name, 1);
if (exchange) {
LOG_DBG((LOG_EXCHANGE, 40,
"exchange_establish: %s exchange already "
"exists as %p", name, exchange));
return 0;
}
} else {
name = conf_get_str("Phase 1", "Default");
if (!name) {
log_print("exchange_setup_p1: no \"Default\" "
"tag in [Phase 1] section");
return 0;
}
}
policy = conf_get_str(name, "Configuration");
if (!policy)
policy = CONF_DFLT_TAG_PHASE1_CONFIG;
/* Figure out the DOI. */
str = conf_get_str(policy, "DOI");
if (!str || strcasecmp(str, "IPSEC") == 0) {
want_doi = IPSEC_DOI_IPSEC;
str = "IPSEC";
}
else if (strcasecmp(str, "ISAKMP") == 0)
want_doi = ISAKMP_DOI_ISAKMP;
else {
log_print("exchange_setup_p1: "
"DOI \"%s\" unsupported", str);
return 0;
}
if (want_doi != doi) {
/* XXX Should I tell what DOI I got? */
log_print("exchange_setup_p1: expected %s DOI", str);
return 0;
}
/* What exchange type do we want? */
str = conf_get_str(policy, "EXCHANGE_TYPE");
if (!str) {
log_print("exchange_setup_p1: no \"EXCHANGE_TYPE\" "
"tag in [%s] section", policy);
return 0;
}
type = constant_value(isakmp_exch_cst, str);
if (!type) {
log_print("exchange_setup_p1: "
"unknown exchange type %s", str);
return 0;
}
if (type != GET_ISAKMP_HDR_EXCH_TYPE(msg->iov[0].iov_base)) {
log_print("exchange_setup_p1: "
"expected exchange type %s got %s", str,
constant_name(isakmp_exch_cst,
GET_ISAKMP_HDR_EXCH_TYPE(msg->iov[0].iov_base)));
return 0;
}
}
exchange = exchange_create(1, 0, doi, type);
if (!exchange)
return 0;
exchange->name = name ? strdup(name) : 0;
if (name && !exchange->name) {
log_error("exchange_setup_p1: strdup (\"%s\") failed", name);
exchange_free(exchange);
return 0;
}
exchange->policy = policy;
if (name && (flags = conf_get_list(name, "Flags")) != NULL) {
for (flag = TAILQ_FIRST(&flags->fields); flag;
flag = TAILQ_NEXT(flag, link))
if (strcasecmp(flag->field, "ikecfg") == 0) {
struct exchange_finalization_node *node;
node = calloc(1, (unsigned long)sizeof *node);
if (!node) {
log_print("exchange_establish_p1: "
"calloc (1, %lu) failed",
(unsigned long)sizeof(*node));
exchange_free(exchange);
return 0;
}
/*
* Insert this finalization inbetween
* the original.
*/
node->first = 0;
node->first_arg = 0;
node->second_arg = name;
exchange_add_finalization(exchange,
exchange_establish_transaction,
node);
}
conf_free_list(flags);
}
cookie_gen(msg->transport, exchange, exchange->cookies +
ISAKMP_HDR_ICOOKIE_LEN, ISAKMP_HDR_RCOOKIE_LEN);
GET_ISAKMP_HDR_ICOOKIE(msg->iov[0].iov_base, exchange->cookies);
exchange_enter(exchange);
exchange_dump("exchange_setup_p1", exchange);
return exchange;
}
/* Out of an incoming phase 2 message, setup an exchange. */
struct exchange *
exchange_setup_p2(struct message *msg, u_int8_t doi)
{
struct exchange *exchange;
u_int8_t *buf = msg->iov[0].iov_base;
exchange = exchange_create(2, 0, doi, GET_ISAKMP_HDR_EXCH_TYPE(buf));
if (!exchange)
return 0;
GET_ISAKMP_HDR_ICOOKIE(buf, exchange->cookies);
GET_ISAKMP_HDR_RCOOKIE(buf,
exchange->cookies + ISAKMP_HDR_ICOOKIE_LEN);
GET_ISAKMP_HDR_MESSAGE_ID(buf, exchange->message_id);
if (msg->isakmp_sa && (msg->isakmp_sa->flags & SA_FLAG_NAT_T_ENABLE))
exchange->flags |= EXCHANGE_FLAG_NAT_T_ENABLE;
if (msg->isakmp_sa && (msg->isakmp_sa->flags & SA_FLAG_NAT_T_KEEPALIVE))
exchange->flags |= EXCHANGE_FLAG_NAT_T_KEEPALIVE;
exchange_enter(exchange);
exchange_dump("exchange_setup_p2", exchange);
return exchange;
}
/* Dump interesting data about an exchange. */
static void
exchange_dump_real(char *header, struct exchange *exchange, int class,
int level)
{
struct sa *sa;
char buf[LOG_SIZE];
/* Don't risk overflowing the final log buffer. */
size_t bufsize_max = LOG_SIZE - strlen(header) - 32;
LOG_DBG((class, level,
"%s: %p %s %s policy %s phase %d doi %d exchange %d step %d",
header, exchange, exchange->name ? exchange->name : "<unnamed>",
exchange->policy ? exchange->policy : "<no policy>",
exchange->initiator ? "initiator" : "responder", exchange->phase,
exchange->doi->id, exchange->type, exchange->step));
LOG_DBG((class, level, "%s: icookie %08x%08x rcookie %08x%08x", header,
decode_32(exchange->cookies), decode_32(exchange->cookies + 4),
decode_32(exchange->cookies + 8),
decode_32(exchange->cookies + 12)));
/* Include phase 2 SA list for this exchange */
if (exchange->phase == 2) {
snprintf(buf, bufsize_max, "sa_list ");
for (sa = TAILQ_FIRST(&exchange->sa_list);
sa && strlen(buf) < bufsize_max; sa = TAILQ_NEXT(sa, next))
snprintf(buf + strlen(buf), bufsize_max - strlen(buf),
"%p ", sa);
if (sa)
strlcat(buf, "...", bufsize_max);
} else
buf[0] = '\0';
LOG_DBG((class, level, "%s: msgid %08x %s", header,
decode_32(exchange->message_id), buf));
}
static void
exchange_dump(char *header, struct exchange *exchange)
{
exchange_dump_real(header, exchange, LOG_EXCHANGE, 10);
}
void
exchange_report(void)
{
struct exchange *exchange;
int i;
for (i = 0; i <= bucket_mask; i++)
for (exchange = LIST_FIRST(&exchange_tab[i]); exchange;
exchange = LIST_NEXT(exchange, link))
exchange_dump_real("exchange_report", exchange,
LOG_REPORT, 0);
}
/*
* Release all resources this exchange is using *except* for the "death"
* event. When removing an exchange from the expiration handler that event
* will be dealt with therein instead.
*/
static void
exchange_free_aux(void *v_exch)
{
struct exchange *exchange = v_exch;
struct sa *sa, *next_sa;
struct cert_handler *handler;
LOG_DBG((LOG_EXCHANGE, 80, "exchange_free_aux: freeing exchange %p",
exchange));
if (exchange->last_received)
message_free(exchange->last_received);
if (exchange->last_sent)
message_free(exchange->last_sent);
if (exchange->in_transit &&
exchange->in_transit != exchange->last_sent)
message_free(exchange->in_transit);
free(exchange->nonce_i);
free(exchange->nonce_r);
free(exchange->id_i);
free(exchange->id_r);
free(exchange->keystate);
if (exchange->data) {
if (exchange->doi && exchange->doi->free_exchange_data)
exchange->doi->free_exchange_data(exchange->data);
free(exchange->data);
}
free(exchange->name);
if (exchange->recv_cert) {
handler = cert_get(exchange->recv_certtype);
if (handler)
handler->cert_free(exchange->recv_cert);
}
if (exchange->sent_cert) {
handler = cert_get(exchange->sent_certtype);
if (handler)
handler->cert_free(exchange->sent_cert);
}
if (exchange->recv_key)
key_free(exchange->recv_keytype, ISAKMP_KEYTYPE_PUBLIC,
exchange->recv_key);
free(exchange->keynote_key); /* This is just a string */
if (exchange->policy_id != -1)
kn_close(exchange->policy_id);
exchange_free_aca_list(exchange);
if (exchange->linked) {
LIST_REMOVE(exchange, link);
exchange->linked = 0;
}
/* Tell potential finalize routine we never got there. */
if (exchange->finalize)
exchange->finalize(exchange, exchange->finalize_arg, 1);
/* Remove any SAs that have not been disassociated from us. */
for (sa = TAILQ_FIRST(&exchange->sa_list); sa; sa = next_sa) {
next_sa = TAILQ_NEXT(sa, next);
/* One for the reference in exchange->sa_list. */
sa_release(sa);
/* And two more for the expiration and SA linked list. */
sa_free(sa);
}
free(exchange);
}
/* Release all resources this exchange is using. */
void
exchange_free(struct exchange *exchange)
{
if (exchange->death)
timer_remove_event(exchange->death);
exchange_free_aux(exchange);
}
/*
* Upgrade the phase 1 exchange and its ISAKMP SA with the rcookie of our
* peer (found in his recently sent message MSG).
*/
void
exchange_upgrade_p1(struct message *msg)
{
struct exchange *exchange = msg->exchange;
LIST_REMOVE(exchange, link);
exchange->linked = 0;
GET_ISAKMP_HDR_RCOOKIE(msg->iov[0].iov_base, exchange->cookies +
ISAKMP_HDR_ICOOKIE_LEN);
exchange_enter(exchange);
sa_isakmp_upgrade(msg);
}
static int
exchange_check_old_sa(struct sa *sa, void *v_arg)
{
struct sa *new_sa = v_arg;
char res1[1024];
if (sa == new_sa || !sa->name || !(sa->flags & SA_FLAG_READY) ||
(sa->flags & SA_FLAG_REPLACED))
return 0;
if (sa->phase != new_sa->phase || new_sa->name == 0 ||
strcasecmp(sa->name, new_sa->name))
return 0;
if (sa->initiator)
strlcpy(res1, ipsec_decode_ids("%s %s", sa->id_i, sa->id_i_len,
sa->id_r, sa->id_r_len, 0), sizeof res1);
else
strlcpy(res1, ipsec_decode_ids("%s %s", sa->id_r, sa->id_r_len,
sa->id_i, sa->id_i_len, 0), sizeof res1);
LOG_DBG((LOG_EXCHANGE, 30,
"checking whether new SA replaces existing SA with IDs %s", res1));
if (new_sa->initiator)
return strcasecmp(res1, ipsec_decode_ids("%s %s", new_sa->id_i,
new_sa->id_i_len, new_sa->id_r, new_sa->id_r_len, 0)) == 0;
else
return strcasecmp(res1, ipsec_decode_ids("%s %s", new_sa->id_r,
new_sa->id_r_len, new_sa->id_i, new_sa->id_i_len, 0)) == 0;
}
void
exchange_finalize(struct message *msg)
{
struct exchange *exchange = msg->exchange;
struct sa *sa, *old_sa;
struct proto *proto;
struct conf_list *attrs;
struct conf_list_node *attr;
struct cert_handler *handler;
int i;
char *id_doi, *id_trp;
exchange_dump("exchange_finalize", exchange);
/* Copy the ID from phase 1 to exchange or phase 2 SA. */
if (msg->isakmp_sa) {
if (exchange->id_i && exchange->id_r) {
ipsec_clone_id(&msg->isakmp_sa->id_i,
&msg->isakmp_sa->id_i_len, exchange->id_i,
exchange->id_i_len);
ipsec_clone_id(&msg->isakmp_sa->id_r,
&msg->isakmp_sa->id_r_len, exchange->id_r,
exchange->id_r_len);
} else if (msg->isakmp_sa->id_i && msg->isakmp_sa->id_r) {
ipsec_clone_id(&exchange->id_i, &exchange->id_i_len,
msg->isakmp_sa->id_i, msg->isakmp_sa->id_i_len);
ipsec_clone_id(&exchange->id_r, &exchange->id_r_len,
msg->isakmp_sa->id_r, msg->isakmp_sa->id_r_len);
}
}
/*
* Walk over all the SAs and noting them as ready. If we set the
* COMMIT bit, tell the peer each SA is connected.
*
* XXX The decision should really be based on if a SA was installed
* successfully.
*/
for (sa = TAILQ_FIRST(&exchange->sa_list); sa;
sa = TAILQ_NEXT(sa, next)) {
/* Move over the name to the SA. */
sa->name = exchange->name ? strdup(exchange->name) : 0;
if (exchange->flags & EXCHANGE_FLAG_I_COMMITTED) {
for (proto = TAILQ_FIRST(&sa->protos); proto;
proto = TAILQ_NEXT(proto, link))
for (i = 0; i < 2; i++)
message_send_notification(exchange->last_received,
msg->isakmp_sa,
ISAKMP_NOTIFY_STATUS_CONNECTED,
proto, i);
}
/*
* Locate any old SAs and mark them replaced
* (SA_FLAG_REPLACED).
*/
sa->initiator = exchange->initiator;
while ((old_sa = sa_find(exchange_check_old_sa, sa)) != 0)
sa_mark_replaced(old_sa);
/* Setup the SA flags. */
sa->flags |= SA_FLAG_READY;
if (exchange->name) {
attrs = conf_get_list(exchange->name, "Flags");
if (attrs) {
for (attr = TAILQ_FIRST(&attrs->fields); attr;
attr = TAILQ_NEXT(attr, link))
sa->flags |= sa_flag(attr->field);
conf_free_list(attrs);
}
/* 'Connections' should stay alive. */
if (connection_exist(exchange->name)) {
sa->flags |= SA_FLAG_STAYALIVE;
/*
* ISAKMP SA of this connection should also
* stay alive.
*/
if (exchange->phase == 2 && msg->isakmp_sa)
msg->isakmp_sa->flags |=
SA_FLAG_STAYALIVE;
}
}
sa->seq = exchange->seq;
sa->exch_type = exchange->type;
}
/*
* If this was an phase 1 SA negotiation, save the keystate in the
* ISAKMP SA structure for future initialization of phase 2 exchanges'
* keystates. Also save the Phase 1 ID and authentication
* information.
*/
if (exchange->phase == 1 && msg->isakmp_sa) {
msg->isakmp_sa->keystate = exchange->keystate;
exchange->keystate = 0;
msg->isakmp_sa->recv_certtype = exchange->recv_certtype;
msg->isakmp_sa->sent_certtype = exchange->sent_certtype;
msg->isakmp_sa->recv_keytype = exchange->recv_keytype;
msg->isakmp_sa->recv_key = exchange->recv_key;
msg->isakmp_sa->keynote_key = exchange->keynote_key;
/* Reset. */
exchange->recv_key = 0;
exchange->keynote_key = 0;
msg->isakmp_sa->policy_id = exchange->policy_id;
exchange->policy_id = -1;
msg->isakmp_sa->initiator = exchange->initiator;
if (exchange->recv_certtype && exchange->recv_cert) {
handler = cert_get(exchange->recv_certtype);
if (handler)
msg->isakmp_sa->recv_cert =
handler->cert_dup(exchange->recv_cert);
}
if (exchange->sent_certtype) {
handler = cert_get(exchange->sent_certtype);
if (handler)
msg->isakmp_sa->sent_cert =
handler->cert_dup(exchange->sent_cert);
}
if (exchange->doi)
id_doi = exchange->doi->decode_ids(
"initiator id %s, responder id %s",
exchange->id_i, exchange->id_i_len,
exchange->id_r, exchange->id_r_len, 0);
else
id_doi = "<no doi>";
if (msg->isakmp_sa->transport)
id_trp =
msg->isakmp_sa->transport->vtbl->decode_ids(msg->isakmp_sa->transport);
else
id_trp = "<no transport>";
if (exchange->flags & EXCHANGE_FLAG_NAT_T_ENABLE)
msg->isakmp_sa->flags |= SA_FLAG_NAT_T_ENABLE;
if (exchange->flags & EXCHANGE_FLAG_NAT_T_KEEPALIVE)
msg->isakmp_sa->flags |= SA_FLAG_NAT_T_KEEPALIVE;
LOG_DBG((LOG_EXCHANGE, 10,
"exchange_finalize: phase 1 done: %s, %s", id_doi,
id_trp));
log_verbose("isakmpd: phase 1 done%s: %s, %s",
(exchange->initiator == 0) ? " (as responder)" : "",
id_doi, id_trp);
}
exchange->doi->finalize_exchange(msg);
if (exchange->finalize)
exchange->finalize(exchange, exchange->finalize_arg, 0);
exchange->finalize = 0;
/*
* There is no reason to keep the SAs connected to us anymore, in fact
* it can hurt us if we have short lifetimes on the SAs and we try
* to call exchange_report, where the SA list will be walked and
* references to freed SAs can occur.
*/
while (TAILQ_FIRST(&exchange->sa_list)) {
sa = TAILQ_FIRST(&exchange->sa_list);
if (exchange->id_i && exchange->id_r) {
ipsec_clone_id(&sa->id_i, &sa->id_i_len,
exchange->id_i, exchange->id_i_len);
ipsec_clone_id(&sa->id_r, &sa->id_r_len,
exchange->id_r, exchange->id_r_len);
}
TAILQ_REMOVE(&exchange->sa_list, sa, next);
sa_release(sa);
}
/*
* Start sending DPD messages after all SAs have been released.
* Otherwise we have a race between exchange_free_aux() and
* dpd_check_event() where both will call sa_free().
*/
if (exchange->phase == 1 && msg->isakmp_sa &&
(exchange->flags & EXCHANGE_FLAG_DPD_CAP_PEER))
dpd_start(msg->isakmp_sa);
/* If we have nothing to retransmit we can safely remove ourselves. */
if (!exchange->last_sent)
exchange_free(exchange);
}
/* Stash a nonce into the exchange data. */
static int
exchange_nonce(struct exchange *exchange, int peer, size_t nonce_sz,
u_int8_t *buf)
{
u_int8_t **nonce;
size_t *nonce_len;
int initiator = exchange->initiator ^ peer;
char header[32];
if (nonce_sz < 8 || nonce_sz > 256) {
/*
* RFC2409, ch 5: The length of nonce payload MUST be
* between 8 and 256 bytes inclusive.
* XXX I'm assuming the generic payload header is not included.
*/
LOG_DBG((LOG_EXCHANGE, 20,
"exchange_nonce: invalid nonce length %lu",
(unsigned long)nonce_sz));
return -1;
}
nonce = initiator ? &exchange->nonce_i : &exchange->nonce_r;
nonce_len =
initiator ? &exchange->nonce_i_len : &exchange->nonce_r_len;
*nonce_len = nonce_sz;
*nonce = malloc(nonce_sz);
if (!*nonce) {
log_error("exchange_nonce: malloc (%lu) failed",
(unsigned long)nonce_sz);
return -1;
}
memcpy(*nonce, buf, nonce_sz);
snprintf(header, sizeof header, "exchange_nonce: NONCE_%c",
initiator ? 'i' : 'r');
LOG_DBG_BUF((LOG_EXCHANGE, 80, header, *nonce, nonce_sz));
return 0;
}
/* Generate our NONCE. */
int
exchange_gen_nonce(struct message *msg, size_t nonce_sz)
{
struct exchange *exchange = msg->exchange;
u_int8_t *buf;
buf = malloc(ISAKMP_NONCE_SZ + nonce_sz);
if (!buf) {
log_error("exchange_gen_nonce: malloc (%lu) failed",
ISAKMP_NONCE_SZ + (unsigned long)nonce_sz);
return -1;
}
arc4random_buf(buf + ISAKMP_NONCE_DATA_OFF, nonce_sz);
if (message_add_payload(msg, ISAKMP_PAYLOAD_NONCE, buf,
ISAKMP_NONCE_SZ + nonce_sz, 1)) {
free(buf);
return -1;
}
return exchange_nonce(exchange, 0, nonce_sz,
buf + ISAKMP_NONCE_DATA_OFF);
}
/* Save the peer's NONCE. */
int
exchange_save_nonce(struct message *msg)
{
struct payload *noncep;
struct exchange *exchange = msg->exchange;
noncep = payload_first(msg, ISAKMP_PAYLOAD_NONCE);
noncep->flags |= PL_MARK;
return exchange_nonce(exchange, 1, GET_ISAKMP_GEN_LENGTH(noncep->p) -
ISAKMP_NONCE_DATA_OFF, noncep->p + ISAKMP_NONCE_DATA_OFF);
}
/* Save the peer's CERT REQuests. */
int
exchange_save_certreq(struct message *msg)
{
struct payload *cp;
struct exchange *exchange = msg->exchange;
struct certreq_aca *aca;
TAILQ_FOREACH(cp, &msg->payload[ISAKMP_PAYLOAD_CERT_REQ], link) {
cp->flags |= PL_MARK;
aca = certreq_decode(GET_ISAKMP_CERTREQ_TYPE(cp->p), cp->p +
ISAKMP_CERTREQ_AUTHORITY_OFF, GET_ISAKMP_GEN_LENGTH(cp->p)
- ISAKMP_CERTREQ_AUTHORITY_OFF);
if (aca)
TAILQ_INSERT_TAIL(&exchange->aca_list, aca, link);
}
return 0;
}
/* Free the list of pending CERTREQs. */
void
exchange_free_aca_list(struct exchange *exchange)
{
struct certreq_aca *aca;
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
aca = TAILQ_FIRST(&exchange->aca_list)) {
free(aca->raw_ca);
if (aca->data) {
if (aca->handler)
aca->handler->free_aca(aca->data);
free(aca->data);
}
TAILQ_REMOVE(&exchange->aca_list, aca, link);
free(aca);
}
}
/* Add any CERTREQs we should send. */
int
exchange_add_certreqs(struct message *msg)
{
struct exchange *exchange = msg->exchange;
struct certreq_aca *aca;
u_int8_t *buf;
/*
* Some peers (e.g. Cisco IOS) won't send their cert unless we
* specifically ask beforehand with CERTREQ. We reflect any
* CERTREQs we receive from the initiator in order to do this.
* This avoids leaking information about which CAs we trust,
* and works in the most common case where both ends trust the
* same CA.
*/
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
aca = TAILQ_NEXT(aca, link)) {
/* But only do this if we have at least one CA */
if (aca->handler != NULL && aca->handler->ca_count() == 0) {
LOG_DBG((LOG_EXCHANGE, 10,
"exchange_add_certreqs: no CA, so not "
"sending a CERTREQ"));
continue;
}
if (aca->raw_ca_len) {
buf = malloc(ISAKMP_CERTREQ_SZ + aca->raw_ca_len);
if (buf == NULL) {
log_error("exchange_add_certreqs: "
"malloc (%lu) failed",
ISAKMP_CERTREQ_SZ +
(unsigned long)aca->raw_ca_len);
return -1;
}
buf[ISAKMP_CERTREQ_TYPE_OFF] = aca->id;
memcpy(buf + ISAKMP_CERTREQ_AUTHORITY_OFF,
aca->raw_ca, aca->raw_ca_len);
if (message_add_payload(msg, ISAKMP_PAYLOAD_CERT_REQ,
buf, ISAKMP_CERTREQ_SZ + aca->raw_ca_len, 1)) {
free(buf);
return -1;
}
}
}
return 0;
}
/* Obtain certificates from acceptable certification authority. */
int
exchange_add_certs(struct message *msg)
{
struct exchange *exchange = msg->exchange;
struct certreq_aca *aca;
u_int8_t *cert = 0, *new_cert = 0;
u_int32_t certlen;
u_int8_t *id;
size_t id_len;
id = exchange->initiator ? exchange->id_r : exchange->id_i;
id_len = exchange->initiator ? exchange->id_r_len : exchange->id_i_len;
/*
* Without IDs we cannot handle this yet. Keep the aca_list around for
* a later step/retry to see if we got the ID by then.
* Note: A 'return -1' breaks X509-auth interop in the responder case
* with some IPsec clients that send CERTREQs early (such as
* the SSH Sentinel).
*/
if (!id)
return 0;
for (aca = TAILQ_FIRST(&exchange->aca_list); aca;
aca = TAILQ_NEXT(aca, link)) {
/* XXX? If we can not satisfy a CERTREQ we drop the message. */
if (!aca->handler->cert_obtain(id, id_len, aca->data, &cert,
&certlen)) {
log_print("exchange_add_certs: could not obtain cert "
"for a type %d cert request", aca->id);
free(cert);
return -1;
}
new_cert = realloc(cert, ISAKMP_CERT_SZ + certlen);
if (!new_cert) {
log_error("exchange_add_certs: realloc (%p, %d) "
"failed", cert, ISAKMP_CERT_SZ + certlen);
free(cert);
return -1;
}
cert = new_cert;
memmove(cert + ISAKMP_CERT_DATA_OFF, cert, certlen);
SET_ISAKMP_CERT_ENCODING(cert, aca->id);
if (message_add_payload(msg, ISAKMP_PAYLOAD_CERT, cert,
ISAKMP_CERT_SZ + certlen, 1)) {
free(cert);
return -1;
}
/*
* We need to reset cert here, as it is now controlled by
* message_add_payload() (i.e. we must not free() it), and
* it is possible for the next iteration of the aca loop
* to fail early in cert_obtain before it writes to &cert.
*/
cert = NULL;
}
/* We dont need the CERT REQs any more, they are answered. */
exchange_free_aca_list(exchange);
return 0;
}
static void
exchange_establish_finalize(struct exchange *exchange, void *arg, int fail)
{
char *name = arg;
LOG_DBG((LOG_EXCHANGE, 20, "exchange_establish_finalize: "
"finalizing exchange %p with arg %p (%s) & fail = %d",
exchange, arg, name ? name : "<unnamed>", fail));
if (!fail)
exchange_establish(name, 0, 0, 0);
free(name);
}
/*
* Establish an exchange named NAME, and record the FINALIZE function
* taking ARG as an argument to be run after the exchange is ready.
*/
void
exchange_establish(char *name, void (*finalize)(struct exchange *, void *,
int), void *arg, int stayalive)
{
struct transport *transport;
struct sa *isakmp_sa;
struct exchange *exchange;
int phase;
char *trpt, *peer;
phase = conf_get_num(name, "Phase", 0);
if (ui_daemon_passive) {
LOG_DBG((LOG_EXCHANGE, 40, "exchange_establish:"
" returning in passive mode for exchange %s phase %d",
name, phase));
if (finalize)
finalize(0, arg, 1);
return;
}
/*
* First of all, never try to establish anything if another exchange
* of the same kind is running.
*/
exchange = exchange_lookup_by_name(name, phase);
if (exchange) {
LOG_DBG((LOG_EXCHANGE, 40,
"exchange_establish: %s exchange already exists as %p",
name, exchange));
exchange_add_finalization(exchange, finalize, arg);
return;
}
switch (phase) {
case 1:
trpt = conf_get_str(name, "Transport");
if (!trpt) {
/* Phase 1 transport defaults to "udp". */
trpt = ISAKMP_DEFAULT_TRANSPORT;
}
transport = transport_create(trpt, name);
if (!transport) {
log_print("exchange_establish: transport \"%s\" for "
"peer \"%s\" could not be created", trpt, name);
if (finalize)
finalize(0, arg, 1);
return;
}
if (exchange_establish_p1(transport, 0, 0, name, 0, finalize,
arg, stayalive) < 0 && finalize)
finalize(0, arg, 1);
break;
case 2:
peer = conf_get_str(name, "ISAKMP-peer");
if (!peer) {
log_print("exchange_establish: No ISAKMP-peer given "
"for \"%s\"", name);
if (finalize)
finalize(0, arg, 1);
return;
}
isakmp_sa = sa_lookup_by_name(peer, 1);
if (!isakmp_sa) {
/* freed by exchange_establish_finalize() */
name = strdup(name);
if (!name) {
log_error("exchange_establish: "
"strdup (\"%s\") failed", name);
if (finalize)
finalize(0, arg, 1);
return;
}
if (conf_get_num(peer, "Phase", 0) != 1) {
log_print("exchange_establish: "
"[%s]:ISAKMP-peer's (%s) phase is not 1",
name, peer);
if (finalize)
finalize(0, arg, 1);
free(name);
return;
}
/*
* XXX We're losing information here (what the
* original finalize routine was. As a result, if an
* exchange does not manage to get through, there may
* be application-specific information that won't get
* cleaned up, since no error signaling will be done.
* This is the case with dynamic SAs and PFKEY.
*/
exchange_establish(peer, exchange_establish_finalize,
name, 0);
exchange = exchange_lookup_by_name(peer, 1);
/*
* If the exchange was correctly initialized, add the
* original finalization routine; otherwise, call it
* directly.
*/
if (exchange)
exchange_add_finalization(exchange, finalize,
arg);
else {
/* Indicate failure */
if (finalize)
finalize(0, arg, 1);
}
return;
} else {
if (exchange_establish_p2(isakmp_sa, 0, name, 0,
finalize, arg) < 0 && finalize)
finalize(0, arg, 1);
}
break;
default:
log_print("exchange_establish: "
"peer \"%s\" does not have a correct phase (%d)",
name, phase);
break;
}
}
Reference in New Issue View Git Blame Copy Permalink