1 |
|
|
/* $OpenBSD: ikev2.c,v 1.131 2016/06/02 07:14:26 patrick Exp $ */ |
2 |
|
|
|
3 |
|
|
/* |
4 |
|
|
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> |
5 |
|
|
* |
6 |
|
|
* Permission to use, copy, modify, and distribute this software for any |
7 |
|
|
* purpose with or without fee is hereby granted, provided that the above |
8 |
|
|
* copyright notice and this permission notice appear in all copies. |
9 |
|
|
* |
10 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
11 |
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
12 |
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
13 |
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
14 |
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
15 |
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
16 |
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
17 |
|
|
*/ |
18 |
|
|
|
19 |
|
|
#include <sys/param.h> /* roundup */ |
20 |
|
|
#include <sys/queue.h> |
21 |
|
|
#include <sys/socket.h> |
22 |
|
|
#include <sys/wait.h> |
23 |
|
|
#include <sys/uio.h> |
24 |
|
|
|
25 |
|
|
#include <netinet/in.h> |
26 |
|
|
#include <netinet/ip_ipsp.h> |
27 |
|
|
#include <arpa/inet.h> |
28 |
|
|
|
29 |
|
|
#include <stdlib.h> |
30 |
|
|
#include <stdio.h> |
31 |
|
|
#include <unistd.h> |
32 |
|
|
#include <string.h> |
33 |
|
|
#include <signal.h> |
34 |
|
|
#include <errno.h> |
35 |
|
|
#include <err.h> |
36 |
|
|
#include <pwd.h> |
37 |
|
|
#include <event.h> |
38 |
|
|
|
39 |
|
|
#include <openssl/sha.h> |
40 |
|
|
#include <openssl/evp.h> |
41 |
|
|
#include <openssl/x509.h> |
42 |
|
|
|
43 |
|
|
#include "iked.h" |
44 |
|
|
#include "ikev2.h" |
45 |
|
|
#include "eap.h" |
46 |
|
|
#include "dh.h" |
47 |
|
|
|
48 |
|
|
void ikev2_run(struct privsep *, struct privsep_proc *, void *); |
49 |
|
|
int ikev2_dispatch_parent(int, struct privsep_proc *, struct imsg *); |
50 |
|
|
int ikev2_dispatch_cert(int, struct privsep_proc *, struct imsg *); |
51 |
|
|
|
52 |
|
|
struct iked_sa * |
53 |
|
|
ikev2_getimsgdata(struct iked *, struct imsg *, struct iked_sahdr *, |
54 |
|
|
uint8_t *, uint8_t **, size_t *); |
55 |
|
|
|
56 |
|
|
void ikev2_recv(struct iked *, struct iked_message *); |
57 |
|
|
int ikev2_ike_auth_compatible(struct iked_sa *, uint8_t, uint8_t); |
58 |
|
|
int ikev2_ike_auth_recv(struct iked *, struct iked_sa *, |
59 |
|
|
struct iked_message *); |
60 |
|
|
int ikev2_ike_auth(struct iked *, struct iked_sa *); |
61 |
|
|
|
62 |
|
|
void ikev2_init_recv(struct iked *, struct iked_message *, |
63 |
|
|
struct ike_header *); |
64 |
|
|
int ikev2_init_ike_sa_peer(struct iked *, struct iked_policy *, |
65 |
|
|
struct iked_addr *); |
66 |
|
|
int ikev2_init_ike_auth(struct iked *, struct iked_sa *); |
67 |
|
|
int ikev2_init_auth(struct iked *, struct iked_message *); |
68 |
|
|
int ikev2_init_done(struct iked *, struct iked_sa *); |
69 |
|
|
|
70 |
|
|
void ikev2_resp_recv(struct iked *, struct iked_message *, |
71 |
|
|
struct ike_header *); |
72 |
|
|
int ikev2_resp_ike_sa_init(struct iked *, struct iked_message *); |
73 |
|
|
int ikev2_resp_ike_auth(struct iked *, struct iked_sa *); |
74 |
|
|
int ikev2_resp_ike_eap(struct iked *, struct iked_sa *, struct ibuf *); |
75 |
|
|
|
76 |
|
|
int ikev2_send_create_child_sa(struct iked *, struct iked_sa *, |
77 |
|
|
struct iked_spi *, uint8_t); |
78 |
|
|
int ikev2_ikesa_enable(struct iked *, struct iked_sa *, struct iked_sa *); |
79 |
|
|
void ikev2_ikesa_delete(struct iked *, struct iked_sa *, int); |
80 |
|
|
int ikev2_init_create_child_sa(struct iked *, struct iked_message *); |
81 |
|
|
int ikev2_resp_create_child_sa(struct iked *, struct iked_message *); |
82 |
|
|
void ikev2_ike_sa_rekey(struct iked *, void *); |
83 |
|
|
void ikev2_ike_sa_timeout(struct iked *env, void *); |
84 |
|
|
void ikev2_ike_sa_alive(struct iked *, void *); |
85 |
|
|
|
86 |
|
|
int ikev2_sa_initiator(struct iked *, struct iked_sa *, |
87 |
|
|
struct iked_sa *, struct iked_message *); |
88 |
|
|
int ikev2_sa_responder(struct iked *, struct iked_sa *, struct iked_sa *, |
89 |
|
|
struct iked_message *); |
90 |
|
|
int ikev2_sa_initiator_dh(struct iked_sa *, struct iked_message *, |
91 |
|
|
unsigned int); |
92 |
|
|
int ikev2_sa_responder_dh(struct iked_kex *, struct iked_proposals *, |
93 |
|
|
struct iked_message *, unsigned int); |
94 |
|
|
void ikev2_sa_cleanup_dh(struct iked_sa *); |
95 |
|
|
int ikev2_sa_keys(struct iked *, struct iked_sa *, struct ibuf *); |
96 |
|
|
int ikev2_sa_tag(struct iked_sa *, struct iked_id *); |
97 |
|
|
int ikev2_set_sa_proposal(struct iked_sa *, struct iked_policy *, |
98 |
|
|
unsigned int); |
99 |
|
|
|
100 |
|
|
int ikev2_childsa_negotiate(struct iked *, struct iked_sa *, |
101 |
|
|
struct iked_kex *, struct iked_proposals *, int, int); |
102 |
|
|
int ikev2_match_proposals(struct iked_proposal *, struct iked_proposal *, |
103 |
|
|
struct iked_transform **); |
104 |
|
|
int ikev2_valid_proposal(struct iked_proposal *, |
105 |
|
|
struct iked_transform **, struct iked_transform **, int *); |
106 |
|
|
|
107 |
|
|
ssize_t ikev2_add_proposals(struct iked *, struct iked_sa *, struct ibuf *, |
108 |
|
|
struct iked_proposals *, uint8_t, int, int); |
109 |
|
|
ssize_t ikev2_add_cp(struct iked *, struct iked_sa *, struct ibuf *); |
110 |
|
|
ssize_t ikev2_add_transform(struct ibuf *, |
111 |
|
|
uint8_t, uint8_t, uint16_t, uint16_t); |
112 |
|
|
ssize_t ikev2_add_ts(struct ibuf *, struct ikev2_payload **, ssize_t, |
113 |
|
|
struct iked_sa *, int); |
114 |
|
|
ssize_t ikev2_add_certreq(struct ibuf *, struct ikev2_payload **, ssize_t, |
115 |
|
|
struct ibuf *, uint8_t); |
116 |
|
|
ssize_t ikev2_add_ipcompnotify(struct iked *, struct ibuf *, |
117 |
|
|
struct ikev2_payload **, ssize_t, struct iked_sa *); |
118 |
|
|
ssize_t ikev2_add_ts_payload(struct ibuf *, unsigned int, struct iked_sa *); |
119 |
|
|
int ikev2_add_data(struct ibuf *, void *, size_t); |
120 |
|
|
int ikev2_add_buf(struct ibuf *buf, struct ibuf *); |
121 |
|
|
|
122 |
|
|
int ikev2_ipcomp_enable(struct iked *, struct iked_sa *); |
123 |
|
|
void ikev2_ipcomp_csa_free(struct iked *, struct iked_childsa *); |
124 |
|
|
|
125 |
|
|
int ikev2_cp_setaddr(struct iked *, struct iked_sa *, sa_family_t); |
126 |
|
|
int ikev2_cp_fixaddr(struct iked_sa *, struct iked_addr *, |
127 |
|
|
struct iked_addr *); |
128 |
|
|
|
129 |
|
|
ssize_t ikev2_add_sighashnotify(struct ibuf *, struct ikev2_payload **, |
130 |
|
|
ssize_t); |
131 |
|
|
|
132 |
|
|
static struct privsep_proc procs[] = { |
133 |
|
|
{ "parent", PROC_PARENT, ikev2_dispatch_parent }, |
134 |
|
|
{ "certstore", PROC_CERT, ikev2_dispatch_cert } |
135 |
|
|
}; |
136 |
|
|
|
137 |
|
|
pid_t |
138 |
|
|
ikev2(struct privsep *ps, struct privsep_proc *p) |
139 |
|
|
{ |
140 |
|
|
return (proc_run(ps, p, procs, nitems(procs), ikev2_run, NULL)); |
141 |
|
|
} |
142 |
|
|
|
143 |
|
|
void |
144 |
|
|
ikev2_run(struct privsep *ps, struct privsep_proc *p, void *arg) |
145 |
|
|
{ |
146 |
|
|
/* |
147 |
|
|
* pledge in the ikev2 process: |
148 |
|
|
* stdio - for malloc and basic I/O including events. |
149 |
|
|
* inet - for sendto with specified peer address. |
150 |
|
|
* recvfd - for PFKEYv2 and the listening UDP sockets. |
151 |
|
|
* In theory, recvfd could be dropped after getting the fds once. |
152 |
|
|
*/ |
153 |
|
|
if (pledge("stdio inet recvfd rpath cpath wpath", NULL) == -1) |
154 |
|
|
fatal("pledge"); |
155 |
|
|
} |
156 |
|
|
|
157 |
|
|
int |
158 |
|
|
ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg) |
159 |
|
|
{ |
160 |
|
|
struct iked *env = p->p_env; |
161 |
|
|
|
162 |
|
|
switch (imsg->hdr.type) { |
163 |
|
|
case IMSG_CTL_RESET: |
164 |
|
|
return (config_getreset(env, imsg)); |
165 |
|
|
case IMSG_CTL_COUPLE: |
166 |
|
|
case IMSG_CTL_DECOUPLE: |
167 |
|
|
return (config_getcoupled(env, imsg->hdr.type)); |
168 |
|
|
case IMSG_CTL_ACTIVE: |
169 |
|
|
case IMSG_CTL_PASSIVE: |
170 |
|
|
if (config_getmode(env, imsg->hdr.type) == -1) |
171 |
|
|
return (0); /* ignore error */ |
172 |
|
|
timer_set(env, &env->sc_inittmr, ikev2_init_ike_sa, |
173 |
|
|
NULL); |
174 |
|
|
timer_add(env, &env->sc_inittmr, IKED_INITIATOR_INITIAL); |
175 |
|
|
return (0); |
176 |
|
|
case IMSG_UDP_SOCKET: |
177 |
|
|
return (config_getsocket(env, imsg, ikev2_msg_cb)); |
178 |
|
|
case IMSG_PFKEY_SOCKET: |
179 |
|
|
return (config_getpfkey(env, imsg)); |
180 |
|
|
case IMSG_CFG_POLICY: |
181 |
|
|
return (config_getpolicy(env, imsg)); |
182 |
|
|
case IMSG_CFG_USER: |
183 |
|
|
return (config_getuser(env, imsg)); |
184 |
|
|
case IMSG_COMPILE: |
185 |
|
|
return (config_getcompile(env, imsg)); |
186 |
|
|
default: |
187 |
|
|
break; |
188 |
|
|
} |
189 |
|
|
|
190 |
|
|
return (-1); |
191 |
|
|
} |
192 |
|
|
|
193 |
|
|
int |
194 |
|
|
ikev2_dispatch_cert(int fd, struct privsep_proc *p, struct imsg *imsg) |
195 |
|
|
{ |
196 |
|
|
struct iked *env = p->p_env; |
197 |
|
|
struct iked_sahdr sh; |
198 |
|
|
struct iked_sa *sa; |
199 |
|
|
uint8_t type; |
200 |
|
|
uint8_t *ptr; |
201 |
|
|
size_t len; |
202 |
|
|
struct iked_id *id = NULL; |
203 |
|
|
int ignore = 0; |
204 |
|
|
|
205 |
|
|
switch (imsg->hdr.type) { |
206 |
|
|
case IMSG_CERTREQ: |
207 |
|
|
IMSG_SIZE_CHECK(imsg, &type); |
208 |
|
|
|
209 |
|
|
ptr = imsg->data; |
210 |
|
|
memcpy(&type, ptr, sizeof(type)); |
211 |
|
|
ptr += sizeof(type); |
212 |
|
|
|
213 |
|
|
ibuf_release(env->sc_certreq); |
214 |
|
|
env->sc_certreqtype = type; |
215 |
|
|
env->sc_certreq = ibuf_new(ptr, |
216 |
|
|
IMSG_DATA_SIZE(imsg) - sizeof(type)); |
217 |
|
|
|
218 |
|
|
log_debug("%s: updated local CERTREQ type %s length %zu", |
219 |
|
|
__func__, print_map(type, ikev2_cert_map), |
220 |
|
|
ibuf_length(env->sc_certreq)); |
221 |
|
|
|
222 |
|
|
break; |
223 |
|
|
case IMSG_CERTVALID: |
224 |
|
|
case IMSG_CERTINVALID: |
225 |
|
|
memcpy(&sh, imsg->data, sizeof(sh)); |
226 |
|
|
memcpy(&type, (uint8_t *)imsg->data + sizeof(sh), |
227 |
|
|
sizeof(type)); |
228 |
|
|
|
229 |
|
|
/* Ignore invalid or unauthenticated SAs */ |
230 |
|
|
if ((sa = sa_lookup(env, |
231 |
|
|
sh.sh_ispi, sh.sh_rspi, sh.sh_initiator)) == NULL || |
232 |
|
|
sa->sa_state < IKEV2_STATE_EAP) |
233 |
|
|
break; |
234 |
|
|
|
235 |
|
|
if (imsg->hdr.type == IMSG_CERTVALID) { |
236 |
|
|
log_debug("%s: peer certificate is valid", __func__); |
237 |
|
|
sa_stateflags(sa, IKED_REQ_CERTVALID); |
238 |
|
|
} else { |
239 |
|
|
log_warnx("%s: peer certificate is invalid", __func__); |
240 |
|
|
} |
241 |
|
|
|
242 |
|
|
if (ikev2_ike_auth(env, sa) != 0) |
243 |
|
|
log_debug("%s: failed to send ike auth", __func__); |
244 |
|
|
break; |
245 |
|
|
case IMSG_CERT: |
246 |
|
|
if ((sa = ikev2_getimsgdata(env, imsg, |
247 |
|
|
&sh, &type, &ptr, &len)) == NULL) { |
248 |
|
|
log_debug("%s: invalid cert reply", __func__); |
249 |
|
|
break; |
250 |
|
|
} |
251 |
|
|
|
252 |
|
|
/* |
253 |
|
|
* Ignore the message if we already got a valid certificate. |
254 |
|
|
* This might happen if the peer sent multiple CERTREQs. |
255 |
|
|
*/ |
256 |
|
|
if (sa->sa_stateflags & IKED_REQ_CERT || |
257 |
|
|
type == IKEV2_CERT_NONE) |
258 |
|
|
ignore = 1; |
259 |
|
|
|
260 |
|
|
log_debug("%s: cert type %s length %zu, %s", __func__, |
261 |
|
|
print_map(type, ikev2_cert_map), len, |
262 |
|
|
ignore ? "ignored" : "ok"); |
263 |
|
|
|
264 |
|
|
if (ignore) |
265 |
|
|
break; |
266 |
|
|
|
267 |
|
|
if (sh.sh_initiator) |
268 |
|
|
id = &sa->sa_icert; |
269 |
|
|
else |
270 |
|
|
id = &sa->sa_rcert; |
271 |
|
|
|
272 |
|
|
id->id_type = type; |
273 |
|
|
id->id_offset = 0; |
274 |
|
|
ibuf_release(id->id_buf); |
275 |
|
|
id->id_buf = NULL; |
276 |
|
|
|
277 |
|
|
if (len <= 0 || (id->id_buf = ibuf_new(ptr, len)) == NULL) { |
278 |
|
|
log_debug("%s: failed to get cert payload", |
279 |
|
|
__func__); |
280 |
|
|
break; |
281 |
|
|
} |
282 |
|
|
|
283 |
|
|
sa_stateflags(sa, IKED_REQ_CERT); |
284 |
|
|
|
285 |
|
|
if (ikev2_ike_auth(env, sa) != 0) |
286 |
|
|
log_debug("%s: failed to send ike auth", __func__); |
287 |
|
|
break; |
288 |
|
|
case IMSG_AUTH: |
289 |
|
|
if ((sa = ikev2_getimsgdata(env, imsg, |
290 |
|
|
&sh, &type, &ptr, &len)) == NULL) { |
291 |
|
|
log_debug("%s: invalid auth reply", __func__); |
292 |
|
|
break; |
293 |
|
|
} |
294 |
|
|
if (sa_stateok(sa, IKEV2_STATE_VALID)) { |
295 |
|
|
log_warnx("%s: ignoring AUTH in state %s", __func__, |
296 |
|
|
print_map(sa->sa_state, ikev2_state_map)); |
297 |
|
|
break; |
298 |
|
|
} |
299 |
|
|
|
300 |
|
|
log_debug("%s: AUTH type %d len %zu", __func__, type, len); |
301 |
|
|
|
302 |
|
|
id = &sa->sa_localauth; |
303 |
|
|
id->id_type = type; |
304 |
|
|
id->id_offset = 0; |
305 |
|
|
ibuf_release(id->id_buf); |
306 |
|
|
|
307 |
|
|
if (type != IKEV2_AUTH_NONE) { |
308 |
|
|
if (len <= 0 || |
309 |
|
|
(id->id_buf = ibuf_new(ptr, len)) == NULL) { |
310 |
|
|
log_debug("%s: failed to get auth payload", |
311 |
|
|
__func__); |
312 |
|
|
break; |
313 |
|
|
} |
314 |
|
|
} |
315 |
|
|
|
316 |
|
|
sa_stateflags(sa, IKED_REQ_AUTH); |
317 |
|
|
|
318 |
|
|
if (ikev2_ike_auth(env, sa) != 0) |
319 |
|
|
log_debug("%s: failed to send ike auth", __func__); |
320 |
|
|
break; |
321 |
|
|
default: |
322 |
|
|
return (-1); |
323 |
|
|
} |
324 |
|
|
|
325 |
|
|
return (0); |
326 |
|
|
} |
327 |
|
|
|
328 |
|
|
struct iked_sa * |
329 |
|
|
ikev2_getimsgdata(struct iked *env, struct imsg *imsg, struct iked_sahdr *sh, |
330 |
|
|
uint8_t *type, uint8_t **buf, size_t *size) |
331 |
|
|
{ |
332 |
|
|
uint8_t *ptr; |
333 |
|
|
size_t len; |
334 |
|
|
struct iked_sa *sa; |
335 |
|
|
|
336 |
|
|
IMSG_SIZE_CHECK(imsg, sh); |
337 |
|
|
|
338 |
|
|
ptr = imsg->data; |
339 |
|
|
len = IMSG_DATA_SIZE(imsg) - sizeof(*sh) - sizeof(*type); |
340 |
|
|
memcpy(sh, ptr, sizeof(*sh)); |
341 |
|
|
memcpy(type, ptr + sizeof(*sh), sizeof(*type)); |
342 |
|
|
|
343 |
|
|
sa = sa_lookup(env, sh->sh_ispi, sh->sh_rspi, sh->sh_initiator); |
344 |
|
|
|
345 |
|
|
log_debug("%s: imsg %d rspi %s ispi %s initiator %d sa %s" |
346 |
|
|
" type %d data length %zd", |
347 |
|
|
__func__, imsg->hdr.type, |
348 |
|
|
print_spi(sh->sh_rspi, 8), |
349 |
|
|
print_spi(sh->sh_ispi, 8), |
350 |
|
|
sh->sh_initiator, |
351 |
|
|
sa == NULL ? "invalid" : "valid", *type, len); |
352 |
|
|
|
353 |
|
|
if (sa == NULL) |
354 |
|
|
return (NULL); |
355 |
|
|
|
356 |
|
|
*buf = ptr + sizeof(*sh) + sizeof(*type); |
357 |
|
|
*size = len; |
358 |
|
|
|
359 |
|
|
return (sa); |
360 |
|
|
} |
361 |
|
|
|
362 |
|
|
void |
363 |
|
|
ikev2_recv(struct iked *env, struct iked_message *msg) |
364 |
|
|
{ |
365 |
|
|
struct ike_header *hdr; |
366 |
|
|
struct iked_message *m; |
367 |
|
|
struct iked_sa *sa; |
368 |
|
|
unsigned int initiator, flag = 0; |
369 |
|
|
|
370 |
|
|
hdr = ibuf_seek(msg->msg_data, msg->msg_offset, sizeof(*hdr)); |
371 |
|
|
|
372 |
|
|
if (hdr == NULL || ibuf_size(msg->msg_data) < |
373 |
|
|
(betoh32(hdr->ike_length) - msg->msg_offset)) |
374 |
|
|
return; |
375 |
|
|
|
376 |
|
|
initiator = (hdr->ike_flags & IKEV2_FLAG_INITIATOR) ? 0 : 1; |
377 |
|
|
msg->msg_response = (hdr->ike_flags & IKEV2_FLAG_RESPONSE) ? 1 : 0; |
378 |
|
|
msg->msg_sa = sa_lookup(env, |
379 |
|
|
betoh64(hdr->ike_ispi), betoh64(hdr->ike_rspi), |
380 |
|
|
initiator); |
381 |
|
|
msg->msg_msgid = betoh32(hdr->ike_msgid); |
382 |
|
|
if (policy_lookup(env, msg) != 0) |
383 |
|
|
return; |
384 |
|
|
|
385 |
|
|
log_info("%s: %s %s from %s %s to %s policy '%s' id %u, %ld bytes", |
386 |
|
|
__func__, print_map(hdr->ike_exchange, ikev2_exchange_map), |
387 |
|
|
msg->msg_response ? "response" : "request", |
388 |
|
|
initiator ? "responder" : "initiator", |
389 |
|
|
print_host((struct sockaddr *)&msg->msg_peer, NULL, 0), |
390 |
|
|
print_host((struct sockaddr *)&msg->msg_local, NULL, 0), |
391 |
|
|
msg->msg_policy->pol_name, msg->msg_msgid, |
392 |
|
|
ibuf_length(msg->msg_data)); |
393 |
|
|
log_debug("%s: ispi %s rspi %s", __func__, |
394 |
|
|
print_spi(betoh64(hdr->ike_ispi), 8), |
395 |
|
|
print_spi(betoh64(hdr->ike_rspi), 8)); |
396 |
|
|
|
397 |
|
|
if ((sa = msg->msg_sa) == NULL) |
398 |
|
|
goto done; |
399 |
|
|
|
400 |
|
|
if (hdr->ike_exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA) |
401 |
|
|
flag = IKED_REQ_CHILDSA; |
402 |
|
|
if (hdr->ike_exchange == IKEV2_EXCHANGE_INFORMATIONAL) |
403 |
|
|
flag = IKED_REQ_INF; |
404 |
|
|
|
405 |
|
|
if (msg->msg_response) { |
406 |
|
|
if (msg->msg_msgid > sa->sa_reqid) |
407 |
|
|
return; |
408 |
|
|
if (hdr->ike_exchange != IKEV2_EXCHANGE_INFORMATIONAL && |
409 |
|
|
!ikev2_msg_lookup(env, &sa->sa_requests, msg, hdr)) |
410 |
|
|
return; |
411 |
|
|
if (flag) { |
412 |
|
|
if ((sa->sa_stateflags & flag) == 0) |
413 |
|
|
return; |
414 |
|
|
/* |
415 |
|
|
* We have initiated this exchange, even if |
416 |
|
|
* we are not the initiator of the IKE SA. |
417 |
|
|
*/ |
418 |
|
|
initiator = 1; |
419 |
|
|
} |
420 |
|
|
/* |
421 |
|
|
* There's no need to keep the request around anymore |
422 |
|
|
*/ |
423 |
|
|
if ((m = ikev2_msg_lookup(env, &sa->sa_requests, msg, hdr))) |
424 |
|
|
ikev2_msg_dispose(env, &sa->sa_requests, m); |
425 |
|
|
} else { |
426 |
|
|
if (msg->msg_msgid < sa->sa_msgid) |
427 |
|
|
return; |
428 |
|
|
if (flag) |
429 |
|
|
initiator = 0; |
430 |
|
|
/* |
431 |
|
|
* See if we have responded to this request before |
432 |
|
|
*/ |
433 |
|
|
if ((m = ikev2_msg_lookup(env, &sa->sa_responses, msg, hdr))) { |
434 |
|
|
if (ikev2_msg_retransmit_response(env, sa, m)) { |
435 |
|
|
log_warn("%s: failed to retransmit a " |
436 |
|
|
"response", __func__); |
437 |
|
|
sa_free(env, sa); |
438 |
|
|
} |
439 |
|
|
return; |
440 |
|
|
} else if (sa->sa_msgid_set && msg->msg_msgid == sa->sa_msgid) { |
441 |
|
|
/* |
442 |
|
|
* Response is being worked on, most likely we're |
443 |
|
|
* waiting for the CA process to get back to us |
444 |
|
|
*/ |
445 |
|
|
return; |
446 |
|
|
} |
447 |
|
|
/* |
448 |
|
|
* If it's a new request, make sure to update the peer's |
449 |
|
|
* message ID and dispose of all previous responses. |
450 |
|
|
* We need to set sa_msgid_set in order to distinguish between |
451 |
|
|
* "last msgid was 0" and "msgid not set yet". |
452 |
|
|
*/ |
453 |
|
|
sa->sa_msgid = msg->msg_msgid; |
454 |
|
|
sa->sa_msgid_set = 1; |
455 |
|
|
ikev2_msg_prevail(env, &sa->sa_responses, msg); |
456 |
|
|
} |
457 |
|
|
|
458 |
|
|
if (sa_address(sa, &sa->sa_peer, &msg->msg_peer) == -1 || |
459 |
|
|
sa_address(sa, &sa->sa_local, &msg->msg_local) == -1) |
460 |
|
|
return; |
461 |
|
|
|
462 |
|
|
sa->sa_fd = msg->msg_fd; |
463 |
|
|
|
464 |
|
|
log_debug("%s: updated SA to peer %s local %s", __func__, |
465 |
|
|
print_host((struct sockaddr *)&sa->sa_peer.addr, NULL, 0), |
466 |
|
|
print_host((struct sockaddr *)&sa->sa_local.addr, NULL, 0)); |
467 |
|
|
|
468 |
|
|
done: |
469 |
|
|
if (initiator) |
470 |
|
|
ikev2_init_recv(env, msg, hdr); |
471 |
|
|
else |
472 |
|
|
ikev2_resp_recv(env, msg, hdr); |
473 |
|
|
|
474 |
|
|
if (sa != NULL && sa->sa_state == IKEV2_STATE_CLOSED) { |
475 |
|
|
log_debug("%s: closing SA", __func__); |
476 |
|
|
sa_free(env, sa); |
477 |
|
|
} |
478 |
|
|
} |
479 |
|
|
|
480 |
|
|
int |
481 |
|
|
ikev2_ike_auth_compatible(struct iked_sa *sa, uint8_t want, uint8_t have) |
482 |
|
|
{ |
483 |
|
|
if (want == have) |
484 |
|
|
return (0); |
485 |
|
|
if (sa->sa_sigsha2 && |
486 |
|
|
have == IKEV2_AUTH_SIG && want == IKEV2_AUTH_RSA_SIG) |
487 |
|
|
return (0); |
488 |
|
|
return (-1); |
489 |
|
|
} |
490 |
|
|
|
491 |
|
|
int |
492 |
|
|
ikev2_ike_auth_recv(struct iked *env, struct iked_sa *sa, |
493 |
|
|
struct iked_message *msg) |
494 |
|
|
{ |
495 |
|
|
struct iked_id *id, *certid; |
496 |
|
|
struct ibuf *authmsg; |
497 |
|
|
struct iked_auth ikeauth; |
498 |
|
|
struct iked_policy *policy = sa->sa_policy; |
499 |
|
|
int ret = -1; |
500 |
|
|
|
501 |
|
|
if (sa->sa_hdr.sh_initiator) { |
502 |
|
|
id = &sa->sa_rid; |
503 |
|
|
certid = &sa->sa_rcert; |
504 |
|
|
} else { |
505 |
|
|
id = &sa->sa_iid; |
506 |
|
|
certid = &sa->sa_icert; |
507 |
|
|
} |
508 |
|
|
/* try to relookup the policy based on the peerid */ |
509 |
|
|
if (msg->msg_id.id_type && !sa->sa_hdr.sh_initiator) { |
510 |
|
|
struct iked_policy *old = sa->sa_policy; |
511 |
|
|
|
512 |
|
|
sa->sa_policy = NULL; |
513 |
|
|
if (policy_lookup(env, msg) == 0 && msg->msg_policy && |
514 |
|
|
msg->msg_policy != old) { |
515 |
|
|
/* move sa to new policy */ |
516 |
|
|
policy = sa->sa_policy = msg->msg_policy; |
517 |
|
|
TAILQ_REMOVE(&old->pol_sapeers, sa, sa_peer_entry); |
518 |
|
|
TAILQ_INSERT_TAIL(&policy->pol_sapeers, |
519 |
|
|
sa, sa_peer_entry); |
520 |
|
|
} else { |
521 |
|
|
/* restore */ |
522 |
|
|
msg->msg_policy = sa->sa_policy = old; |
523 |
|
|
} |
524 |
|
|
} |
525 |
|
|
|
526 |
|
|
if (msg->msg_id.id_type) { |
527 |
|
|
memcpy(id, &msg->msg_id, sizeof(*id)); |
528 |
|
|
bzero(&msg->msg_id, sizeof(msg->msg_id)); |
529 |
|
|
|
530 |
|
|
if (!sa->sa_hdr.sh_initiator) { |
531 |
|
|
if ((authmsg = ikev2_msg_auth(env, sa, |
532 |
|
|
!sa->sa_hdr.sh_initiator)) == NULL) { |
533 |
|
|
log_debug("%s: failed to get response " |
534 |
|
|
"auth data", __func__); |
535 |
|
|
return (-1); |
536 |
|
|
} |
537 |
|
|
|
538 |
|
|
ca_setauth(env, sa, authmsg, PROC_CERT); |
539 |
|
|
ibuf_release(authmsg); |
540 |
|
|
} |
541 |
|
|
} |
542 |
|
|
|
543 |
|
|
if (msg->msg_cert.id_type) { |
544 |
|
|
memcpy(certid, &msg->msg_cert, sizeof(*certid)); |
545 |
|
|
bzero(&msg->msg_cert, sizeof(msg->msg_cert)); |
546 |
|
|
|
547 |
|
|
ca_setcert(env, &sa->sa_hdr, |
548 |
|
|
id, certid->id_type, |
549 |
|
|
ibuf_data(certid->id_buf), |
550 |
|
|
ibuf_length(certid->id_buf), PROC_CERT); |
551 |
|
|
} |
552 |
|
|
|
553 |
|
|
if (msg->msg_auth.id_type) { |
554 |
|
|
memcpy(&ikeauth, &policy->pol_auth, sizeof(ikeauth)); |
555 |
|
|
|
556 |
|
|
if (policy->pol_auth.auth_eap && sa->sa_eapmsk != NULL) { |
557 |
|
|
/* |
558 |
|
|
* The initiator EAP auth is a PSK derived |
559 |
|
|
* from the EAP-specific MSK |
560 |
|
|
*/ |
561 |
|
|
ikeauth.auth_method = IKEV2_AUTH_SHARED_KEY_MIC; |
562 |
|
|
|
563 |
|
|
/* Copy session key as PSK */ |
564 |
|
|
memcpy(ikeauth.auth_data, ibuf_data(sa->sa_eapmsk), |
565 |
|
|
ibuf_size(sa->sa_eapmsk)); |
566 |
|
|
ikeauth.auth_length = ibuf_size(sa->sa_eapmsk); |
567 |
|
|
} |
568 |
|
|
|
569 |
|
|
if (ikev2_ike_auth_compatible(sa, |
570 |
|
|
ikeauth.auth_method, msg->msg_auth.id_type) < 0) { |
571 |
|
|
log_warnx("%s: unexpected auth method %s", __func__, |
572 |
|
|
print_map(msg->msg_auth.id_type, ikev2_auth_map)); |
573 |
|
|
return (-1); |
574 |
|
|
} |
575 |
|
|
ikeauth.auth_method = msg->msg_auth.id_type; |
576 |
|
|
|
577 |
|
|
if ((authmsg = ikev2_msg_auth(env, sa, |
578 |
|
|
sa->sa_hdr.sh_initiator)) == NULL) { |
579 |
|
|
log_debug("%s: failed to get auth data", __func__); |
580 |
|
|
return (-1); |
581 |
|
|
} |
582 |
|
|
|
583 |
|
|
ret = ikev2_msg_authverify(env, sa, &ikeauth, |
584 |
|
|
ibuf_data(msg->msg_auth.id_buf), |
585 |
|
|
ibuf_length(msg->msg_auth.id_buf), |
586 |
|
|
authmsg); |
587 |
|
|
ibuf_release(authmsg); |
588 |
|
|
|
589 |
|
|
if (ret != 0) { |
590 |
|
|
log_debug("%s: ikev2_msg_authverify failed", __func__); |
591 |
|
|
return (-1); |
592 |
|
|
} |
593 |
|
|
|
594 |
|
|
if (sa->sa_eapmsk != NULL) { |
595 |
|
|
if ((authmsg = ikev2_msg_auth(env, sa, |
596 |
|
|
!sa->sa_hdr.sh_initiator)) == NULL) { |
597 |
|
|
log_debug("%s: failed to get auth data", |
598 |
|
|
__func__); |
599 |
|
|
return (-1); |
600 |
|
|
} |
601 |
|
|
|
602 |
|
|
/* XXX 2nd AUTH for EAP messages */ |
603 |
|
|
ret = ikev2_msg_authsign(env, sa, &ikeauth, authmsg); |
604 |
|
|
ibuf_release(authmsg); |
605 |
|
|
|
606 |
|
|
if (ret != 0) { |
607 |
|
|
/* XXX */ |
608 |
|
|
return (-1); |
609 |
|
|
} |
610 |
|
|
|
611 |
|
|
/* ikev2_msg_authverify verified AUTH */ |
612 |
|
|
sa_stateflags(sa, IKED_REQ_AUTHVALID); |
613 |
|
|
sa_stateflags(sa, IKED_REQ_EAPVALID); |
614 |
|
|
|
615 |
|
|
sa_state(env, sa, IKEV2_STATE_EAP_SUCCESS); |
616 |
|
|
} |
617 |
|
|
} |
618 |
|
|
|
619 |
|
|
if (!TAILQ_EMPTY(&msg->msg_proposals)) { |
620 |
|
|
if (ikev2_sa_negotiate(&sa->sa_proposals, |
621 |
|
|
&sa->sa_policy->pol_proposals, &msg->msg_proposals) != 0) { |
622 |
|
|
log_debug("%s: no proposal chosen", __func__); |
623 |
|
|
msg->msg_error = IKEV2_N_NO_PROPOSAL_CHOSEN; |
624 |
|
|
return (-1); |
625 |
|
|
} else |
626 |
|
|
sa_stateflags(sa, IKED_REQ_SA); |
627 |
|
|
} |
628 |
|
|
|
629 |
|
|
return ikev2_ike_auth(env, sa); |
630 |
|
|
} |
631 |
|
|
|
632 |
|
|
int |
633 |
|
|
ikev2_ike_auth(struct iked *env, struct iked_sa *sa) |
634 |
|
|
{ |
635 |
|
|
struct iked_policy *pol = sa->sa_policy; |
636 |
|
|
uint8_t certreqtype; |
637 |
|
|
|
638 |
|
|
/* Attempt state transition */ |
639 |
|
|
if (sa->sa_state == IKEV2_STATE_EAP_SUCCESS) |
640 |
|
|
sa_state(env, sa, IKEV2_STATE_EAP_VALID); |
641 |
|
|
else if (sa->sa_state == IKEV2_STATE_AUTH_SUCCESS) |
642 |
|
|
sa_state(env, sa, IKEV2_STATE_VALID); |
643 |
|
|
|
644 |
|
|
if (sa->sa_hdr.sh_initiator) { |
645 |
|
|
if (sa_stateok(sa, IKEV2_STATE_AUTH_SUCCESS)) |
646 |
|
|
return (ikev2_init_done(env, sa)); |
647 |
|
|
else |
648 |
|
|
return (ikev2_init_ike_auth(env, sa)); |
649 |
|
|
} |
650 |
|
|
|
651 |
|
|
/* |
652 |
|
|
* If we have to send a local certificate but did not receive an |
653 |
|
|
* optional CERTREQ, use our own certreq to find a local certificate. |
654 |
|
|
* We could alternatively extract the CA from the peer certificate |
655 |
|
|
* to find a matching local one. |
656 |
|
|
*/ |
657 |
|
|
if (sa->sa_statevalid & IKED_REQ_CERT) { |
658 |
|
|
if ((sa->sa_stateflags & IKED_REQ_CERTREQ) == 0) { |
659 |
|
|
log_debug("%s: no CERTREQ, using default", __func__); |
660 |
|
|
if (pol->pol_certreqtype) |
661 |
|
|
certreqtype = pol->pol_certreqtype; |
662 |
|
|
else |
663 |
|
|
certreqtype = env->sc_certreqtype; |
664 |
|
|
return (ca_setreq(env, sa, |
665 |
|
|
&pol->pol_localid, certreqtype, |
666 |
|
|
ibuf_data(env->sc_certreq), |
667 |
|
|
ibuf_size(env->sc_certreq), PROC_CERT)); |
668 |
|
|
} else if ((sa->sa_stateflags & IKED_REQ_CERT) == 0) |
669 |
|
|
return (0); /* ignored, wait for cert */ |
670 |
|
|
} |
671 |
|
|
|
672 |
|
|
return (ikev2_resp_ike_auth(env, sa)); |
673 |
|
|
} |
674 |
|
|
|
675 |
|
|
void |
676 |
|
|
ikev2_init_recv(struct iked *env, struct iked_message *msg, |
677 |
|
|
struct ike_header *hdr) |
678 |
|
|
{ |
679 |
|
|
struct iked_sa *sa; |
680 |
|
|
in_port_t port; |
681 |
|
|
struct iked_socket *sock; |
682 |
|
|
|
683 |
|
|
if (ikev2_msg_valid_ike_sa(env, hdr, msg) == -1) { |
684 |
|
|
log_debug("%s: unknown SA", __func__); |
685 |
|
|
return; |
686 |
|
|
} |
687 |
|
|
sa = msg->msg_sa; |
688 |
|
|
|
689 |
|
|
switch (hdr->ike_exchange) { |
690 |
|
|
case IKEV2_EXCHANGE_IKE_SA_INIT: |
691 |
|
|
/* Update the SPIs */ |
692 |
|
|
if ((sa = sa_new(env, |
693 |
|
|
betoh64(hdr->ike_ispi), betoh64(hdr->ike_rspi), 1, |
694 |
|
|
NULL)) == NULL || sa != msg->msg_sa) { |
695 |
|
|
log_debug("%s: invalid new SA", __func__); |
696 |
|
|
if (sa) |
697 |
|
|
sa_free(env, sa); |
698 |
|
|
} |
699 |
|
|
break; |
700 |
|
|
case IKEV2_EXCHANGE_IKE_AUTH: |
701 |
|
|
case IKEV2_EXCHANGE_CREATE_CHILD_SA: |
702 |
|
|
if (ikev2_msg_valid_ike_sa(env, hdr, msg) == -1) |
703 |
|
|
return; |
704 |
|
|
break; |
705 |
|
|
case IKEV2_EXCHANGE_INFORMATIONAL: |
706 |
|
|
break; |
707 |
|
|
default: |
708 |
|
|
log_debug("%s: unsupported exchange: %s", __func__, |
709 |
|
|
print_map(hdr->ike_exchange, ikev2_exchange_map)); |
710 |
|
|
return; |
711 |
|
|
} |
712 |
|
|
|
713 |
|
|
if (ikev2_pld_parse(env, hdr, msg, msg->msg_offset) != 0) { |
714 |
|
|
log_debug("%s: failed to parse message", __func__); |
715 |
|
|
return; |
716 |
|
|
} |
717 |
|
|
|
718 |
|
|
if (!ikev2_msg_frompeer(msg)) |
719 |
|
|
return; |
720 |
|
|
|
721 |
|
|
if (sa->sa_udpencap && sa->sa_natt == 0 && |
722 |
|
|
(sock = ikev2_msg_getsocket(env, |
723 |
|
|
sa->sa_local.addr_af, 1)) != NULL) { |
724 |
|
|
/* |
725 |
|
|
* Update address information and use the NAT-T |
726 |
|
|
* port and socket, if available. |
727 |
|
|
*/ |
728 |
|
|
port = htons(socket_getport( |
729 |
|
|
(struct sockaddr *)&sock->sock_addr)); |
730 |
|
|
sa->sa_local.addr_port = port; |
731 |
|
|
sa->sa_peer.addr_port = port; |
732 |
|
|
(void)socket_af((struct sockaddr *)&sa->sa_local.addr, port); |
733 |
|
|
(void)socket_af((struct sockaddr *)&sa->sa_peer.addr, port); |
734 |
|
|
|
735 |
|
|
msg->msg_fd = sa->sa_fd = sock->sock_fd; |
736 |
|
|
msg->msg_sock = sock; |
737 |
|
|
sa->sa_natt = 1; |
738 |
|
|
|
739 |
|
|
log_debug("%s: NAT detected, updated SA to " |
740 |
|
|
"peer %s local %s", __func__, |
741 |
|
|
print_host((struct sockaddr *)&sa->sa_peer.addr, NULL, 0), |
742 |
|
|
print_host((struct sockaddr *)&sa->sa_local.addr, NULL, 0)); |
743 |
|
|
} |
744 |
|
|
|
745 |
|
|
switch (hdr->ike_exchange) { |
746 |
|
|
case IKEV2_EXCHANGE_IKE_SA_INIT: |
747 |
|
|
(void)ikev2_init_auth(env, msg); |
748 |
|
|
break; |
749 |
|
|
case IKEV2_EXCHANGE_IKE_AUTH: |
750 |
|
|
(void)ikev2_ike_auth_recv(env, sa, msg); |
751 |
|
|
break; |
752 |
|
|
case IKEV2_EXCHANGE_CREATE_CHILD_SA: |
753 |
|
|
(void)ikev2_init_create_child_sa(env, msg); |
754 |
|
|
break; |
755 |
|
|
case IKEV2_EXCHANGE_INFORMATIONAL: |
756 |
|
|
sa->sa_stateflags &= ~IKED_REQ_INF; |
757 |
|
|
break; |
758 |
|
|
default: |
759 |
|
|
log_debug("%s: exchange %s not implemented", __func__, |
760 |
|
|
print_map(hdr->ike_exchange, ikev2_exchange_map)); |
761 |
|
|
break; |
762 |
|
|
} |
763 |
|
|
} |
764 |
|
|
|
765 |
|
|
void |
766 |
|
|
ikev2_init_ike_sa(struct iked *env, void *arg) |
767 |
|
|
{ |
768 |
|
|
struct iked_policy *pol; |
769 |
|
|
|
770 |
|
|
TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) { |
771 |
|
|
if ((pol->pol_flags & IKED_POLICY_ACTIVE) == 0) |
772 |
|
|
continue; |
773 |
|
|
if (!TAILQ_EMPTY(&pol->pol_sapeers)) { |
774 |
|
|
log_debug("%s: \"%s\" is already active", |
775 |
|
|
__func__, pol->pol_name); |
776 |
|
|
continue; |
777 |
|
|
} |
778 |
|
|
|
779 |
|
|
log_debug("%s: initiating \"%s\"", __func__, pol->pol_name); |
780 |
|
|
|
781 |
|
|
if (ikev2_init_ike_sa_peer(env, pol, &pol->pol_peer)) |
782 |
|
|
log_debug("%s: failed to initiate with peer %s", |
783 |
|
|
__func__, |
784 |
|
|
print_host((struct sockaddr *)&pol->pol_peer.addr, |
785 |
|
|
NULL, 0)); |
786 |
|
|
} |
787 |
|
|
|
788 |
|
|
timer_set(env, &env->sc_inittmr, ikev2_init_ike_sa, NULL); |
789 |
|
|
timer_add(env, &env->sc_inittmr, IKED_INITIATOR_INTERVAL); |
790 |
|
|
} |
791 |
|
|
|
792 |
|
|
int |
793 |
|
|
ikev2_init_ike_sa_peer(struct iked *env, struct iked_policy *pol, |
794 |
|
|
struct iked_addr *peer) |
795 |
|
|
{ |
796 |
|
|
struct sockaddr_storage ss; |
797 |
|
|
struct iked_message req; |
798 |
|
|
struct ike_header *hdr; |
799 |
|
|
struct ikev2_payload *pld; |
800 |
|
|
struct ikev2_keyexchange *ke; |
801 |
|
|
struct ikev2_notify *n; |
802 |
|
|
struct iked_sa *sa; |
803 |
|
|
struct ibuf *buf; |
804 |
|
|
struct group *group; |
805 |
|
|
uint8_t *ptr; |
806 |
|
|
ssize_t len; |
807 |
|
|
int ret = -1; |
808 |
|
|
struct iked_socket *sock; |
809 |
|
|
in_port_t port; |
810 |
|
|
|
811 |
|
|
if ((sock = ikev2_msg_getsocket(env, peer->addr_af, 0)) == NULL) |
812 |
|
|
return (-1); |
813 |
|
|
|
814 |
|
|
/* Create a new initiator SA */ |
815 |
|
|
if ((sa = sa_new(env, 0, 0, 1, pol)) == NULL) |
816 |
|
|
return (-1); |
817 |
|
|
|
818 |
|
|
/* Pick peer's DH group if asked */ |
819 |
|
|
/* XXX free old sa_dhgroup ? */ |
820 |
|
|
sa->sa_dhgroup = pol->pol_peerdh; |
821 |
|
|
|
822 |
|
|
if (ikev2_sa_initiator(env, sa, NULL, NULL) == -1) |
823 |
|
|
goto done; |
824 |
|
|
|
825 |
|
|
if (pol->pol_local.addr.ss_family == AF_UNSPEC) { |
826 |
|
|
if (socket_getaddr(sock->sock_fd, &ss) == -1) |
827 |
|
|
goto done; |
828 |
|
|
} else |
829 |
|
|
memcpy(&ss, &pol->pol_local.addr, pol->pol_local.addr.ss_len); |
830 |
|
|
|
831 |
|
|
if ((buf = ikev2_msg_init(env, &req, &peer->addr, peer->addr.ss_len, |
832 |
|
|
&ss, ss.ss_len, 0)) == NULL) |
833 |
|
|
goto done; |
834 |
|
|
|
835 |
|
|
/* Inherit the port from the 1st send socket */ |
836 |
|
|
port = htons(socket_getport((struct sockaddr *)&sock->sock_addr)); |
837 |
|
|
(void)socket_af((struct sockaddr *)&req.msg_local, port); |
838 |
|
|
(void)socket_af((struct sockaddr *)&req.msg_peer, port); |
839 |
|
|
|
840 |
|
|
req.msg_fd = sock->sock_fd; |
841 |
|
|
req.msg_sa = sa; |
842 |
|
|
req.msg_sock = sock; |
843 |
|
|
req.msg_msgid = ikev2_msg_id(env, sa); |
844 |
|
|
|
845 |
|
|
/* IKE header */ |
846 |
|
|
if ((hdr = ikev2_add_header(buf, sa, req.msg_msgid, |
847 |
|
|
IKEV2_PAYLOAD_SA, IKEV2_EXCHANGE_IKE_SA_INIT, 0)) == NULL) |
848 |
|
|
goto done; |
849 |
|
|
|
850 |
|
|
/* SA payload */ |
851 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
852 |
|
|
goto done; |
853 |
|
|
if ((len = ikev2_add_proposals(env, sa, buf, &pol->pol_proposals, |
854 |
|
|
IKEV2_SAPROTO_IKE, sa->sa_hdr.sh_initiator, 0)) == -1) |
855 |
|
|
goto done; |
856 |
|
|
|
857 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_KE) == -1) |
858 |
|
|
goto done; |
859 |
|
|
|
860 |
|
|
/* KE payload */ |
861 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
862 |
|
|
goto done; |
863 |
|
|
if ((ke = ibuf_advance(buf, sizeof(*ke))) == NULL) |
864 |
|
|
goto done; |
865 |
|
|
if ((group = sa->sa_dhgroup) == NULL) { |
866 |
|
|
log_debug("%s: invalid dh", __func__); |
867 |
|
|
goto done; |
868 |
|
|
} |
869 |
|
|
ke->kex_dhgroup = htobe16(group->id); |
870 |
|
|
if (ikev2_add_buf(buf, sa->sa_dhiexchange) == -1) |
871 |
|
|
goto done; |
872 |
|
|
len = sizeof(*ke) + dh_getlen(group); |
873 |
|
|
|
874 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONCE) == -1) |
875 |
|
|
goto done; |
876 |
|
|
|
877 |
|
|
/* NONCE payload */ |
878 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
879 |
|
|
goto done; |
880 |
|
|
if (ikev2_add_buf(buf, sa->sa_inonce) == -1) |
881 |
|
|
goto done; |
882 |
|
|
len = ibuf_size(sa->sa_inonce); |
883 |
|
|
|
884 |
|
|
if ((env->sc_opts & IKED_OPT_NONATT) == 0) { |
885 |
|
|
if (ntohs(port) == IKED_NATT_PORT) { |
886 |
|
|
/* Enforce NAT-T on the initiator side */ |
887 |
|
|
log_debug("%s: enforcing NAT-T", __func__); |
888 |
|
|
req.msg_natt = sa->sa_natt = 1; |
889 |
|
|
} |
890 |
|
|
|
891 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
892 |
|
|
goto done; |
893 |
|
|
|
894 |
|
|
/* NAT-T notify payloads */ |
895 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
896 |
|
|
goto done; |
897 |
|
|
if ((n = ibuf_advance(buf, sizeof(*n))) == NULL) |
898 |
|
|
goto done; |
899 |
|
|
n->n_type = htobe16(IKEV2_N_NAT_DETECTION_SOURCE_IP); |
900 |
|
|
len = ikev2_nat_detection(env, &req, NULL, 0, 0); |
901 |
|
|
if ((ptr = ibuf_advance(buf, len)) == NULL) |
902 |
|
|
goto done; |
903 |
|
|
if ((len = ikev2_nat_detection(env, &req, ptr, len, |
904 |
|
|
betoh16(n->n_type))) == -1) |
905 |
|
|
goto done; |
906 |
|
|
len += sizeof(*n); |
907 |
|
|
|
908 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
909 |
|
|
goto done; |
910 |
|
|
|
911 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
912 |
|
|
goto done; |
913 |
|
|
if ((n = ibuf_advance(buf, sizeof(*n))) == NULL) |
914 |
|
|
goto done; |
915 |
|
|
n->n_type = htobe16(IKEV2_N_NAT_DETECTION_DESTINATION_IP); |
916 |
|
|
len = ikev2_nat_detection(env, &req, NULL, 0, 0); |
917 |
|
|
if ((ptr = ibuf_advance(buf, len)) == NULL) |
918 |
|
|
goto done; |
919 |
|
|
if ((len = ikev2_nat_detection(env, &req, ptr, len, |
920 |
|
|
betoh16(n->n_type))) == -1) |
921 |
|
|
goto done; |
922 |
|
|
len += sizeof(*n); |
923 |
|
|
} |
924 |
|
|
|
925 |
|
|
if ((len = ikev2_add_sighashnotify(buf, &pld, len)) == -1) |
926 |
|
|
goto done; |
927 |
|
|
|
928 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
929 |
|
|
goto done; |
930 |
|
|
|
931 |
|
|
if (ikev2_set_header(hdr, ibuf_size(buf) - sizeof(*hdr)) == -1) |
932 |
|
|
goto done; |
933 |
|
|
|
934 |
|
|
(void)ikev2_pld_parse(env, hdr, &req, 0); |
935 |
|
|
|
936 |
|
|
ibuf_release(sa->sa_1stmsg); |
937 |
|
|
if ((sa->sa_1stmsg = ibuf_dup(buf)) == NULL) { |
938 |
|
|
log_debug("%s: failed to copy 1st message", __func__); |
939 |
|
|
goto done; |
940 |
|
|
} |
941 |
|
|
|
942 |
|
|
if ((ret = ikev2_msg_send(env, &req)) == 0) |
943 |
|
|
sa_state(env, sa, IKEV2_STATE_SA_INIT); |
944 |
|
|
|
945 |
|
|
done: |
946 |
|
|
if (ret == -1) { |
947 |
|
|
log_debug("%s: closing SA", __func__); |
948 |
|
|
sa_free(env, sa); |
949 |
|
|
} |
950 |
|
|
ikev2_msg_cleanup(env, &req); |
951 |
|
|
|
952 |
|
|
return (ret); |
953 |
|
|
} |
954 |
|
|
|
955 |
|
|
int |
956 |
|
|
ikev2_init_auth(struct iked *env, struct iked_message *msg) |
957 |
|
|
{ |
958 |
|
|
struct iked_sa *sa = msg->msg_sa; |
959 |
|
|
struct ibuf *authmsg; |
960 |
|
|
|
961 |
|
|
if (sa == NULL) |
962 |
|
|
return (-1); |
963 |
|
|
|
964 |
|
|
if (ikev2_sa_initiator(env, sa, NULL, msg) == -1) { |
965 |
|
|
log_debug("%s: failed to get IKE keys", __func__); |
966 |
|
|
return (-1); |
967 |
|
|
} |
968 |
|
|
|
969 |
|
|
if ((authmsg = ikev2_msg_auth(env, sa, |
970 |
|
|
!sa->sa_hdr.sh_initiator)) == NULL) { |
971 |
|
|
log_debug("%s: failed to get auth data", __func__); |
972 |
|
|
return (-1); |
973 |
|
|
} |
974 |
|
|
|
975 |
|
|
if (ca_setauth(env, sa, authmsg, PROC_CERT) == -1) { |
976 |
|
|
log_debug("%s: failed to get cert", __func__); |
977 |
|
|
return (-1); |
978 |
|
|
} |
979 |
|
|
|
980 |
|
|
return (ikev2_init_ike_auth(env, sa)); |
981 |
|
|
} |
982 |
|
|
|
983 |
|
|
int |
984 |
|
|
ikev2_init_ike_auth(struct iked *env, struct iked_sa *sa) |
985 |
|
|
{ |
986 |
|
|
struct iked_policy *pol = sa->sa_policy; |
987 |
|
|
struct ikev2_payload *pld; |
988 |
|
|
struct ikev2_cert *cert; |
989 |
|
|
struct ikev2_auth *auth; |
990 |
|
|
struct iked_id *id, *certid; |
991 |
|
|
struct ibuf *e = NULL; |
992 |
|
|
uint8_t firstpayload; |
993 |
|
|
int ret = -1; |
994 |
|
|
ssize_t len; |
995 |
|
|
|
996 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_SA_INIT)) |
997 |
|
|
return (0); |
998 |
|
|
|
999 |
|
|
if (!sa->sa_localauth.id_type) { |
1000 |
|
|
log_debug("%s: no local auth", __func__); |
1001 |
|
|
return (-1); |
1002 |
|
|
} |
1003 |
|
|
|
1004 |
|
|
/* New encrypted message buffer */ |
1005 |
|
|
if ((e = ibuf_static()) == NULL) |
1006 |
|
|
goto done; |
1007 |
|
|
|
1008 |
|
|
id = &sa->sa_iid; |
1009 |
|
|
certid = &sa->sa_icert; |
1010 |
|
|
|
1011 |
|
|
/* ID payload */ |
1012 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
1013 |
|
|
goto done; |
1014 |
|
|
firstpayload = IKEV2_PAYLOAD_IDi; |
1015 |
|
|
if (ibuf_cat(e, id->id_buf) != 0) |
1016 |
|
|
goto done; |
1017 |
|
|
len = ibuf_size(id->id_buf); |
1018 |
|
|
|
1019 |
|
|
/* CERT payload */ |
1020 |
|
|
if ((sa->sa_stateinit & IKED_REQ_CERT) && |
1021 |
|
|
(certid->id_type != IKEV2_CERT_NONE)) { |
1022 |
|
|
if (ikev2_next_payload(pld, len, |
1023 |
|
|
IKEV2_PAYLOAD_CERT) == -1) |
1024 |
|
|
goto done; |
1025 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
1026 |
|
|
goto done; |
1027 |
|
|
if ((cert = ibuf_advance(e, sizeof(*cert))) == NULL) |
1028 |
|
|
goto done; |
1029 |
|
|
cert->cert_type = certid->id_type; |
1030 |
|
|
if (ibuf_cat(e, certid->id_buf) != 0) |
1031 |
|
|
goto done; |
1032 |
|
|
len = ibuf_size(certid->id_buf) + sizeof(*cert); |
1033 |
|
|
|
1034 |
|
|
/* CERTREQ payload(s) */ |
1035 |
|
|
if ((len = ikev2_add_certreq(e, &pld, |
1036 |
|
|
len, env->sc_certreq, env->sc_certreqtype)) == -1) |
1037 |
|
|
goto done; |
1038 |
|
|
|
1039 |
|
|
if (env->sc_certreqtype != pol->pol_certreqtype && |
1040 |
|
|
(len = ikev2_add_certreq(e, &pld, |
1041 |
|
|
len, NULL, pol->pol_certreqtype)) == -1) |
1042 |
|
|
goto done; |
1043 |
|
|
} |
1044 |
|
|
|
1045 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_AUTH) == -1) |
1046 |
|
|
goto done; |
1047 |
|
|
|
1048 |
|
|
/* AUTH payload */ |
1049 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
1050 |
|
|
goto done; |
1051 |
|
|
if ((auth = ibuf_advance(e, sizeof(*auth))) == NULL) |
1052 |
|
|
goto done; |
1053 |
|
|
auth->auth_method = sa->sa_localauth.id_type; |
1054 |
|
|
if (ibuf_cat(e, sa->sa_localauth.id_buf) != 0) |
1055 |
|
|
goto done; |
1056 |
|
|
len = ibuf_size(sa->sa_localauth.id_buf) + sizeof(*auth); |
1057 |
|
|
|
1058 |
|
|
/* CP payload */ |
1059 |
|
|
if (sa->sa_cp) { |
1060 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_CP) == -1) |
1061 |
|
|
goto done; |
1062 |
|
|
|
1063 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
1064 |
|
|
goto done; |
1065 |
|
|
if ((len = ikev2_add_cp(env, sa, e)) == -1) |
1066 |
|
|
goto done; |
1067 |
|
|
} |
1068 |
|
|
|
1069 |
|
|
/* compression */ |
1070 |
|
|
if ((pol->pol_flags & IKED_POLICY_IPCOMP) && |
1071 |
|
|
(len = ikev2_add_ipcompnotify(env, e, &pld, len, sa)) == -1) |
1072 |
|
|
goto done; |
1073 |
|
|
|
1074 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1) |
1075 |
|
|
goto done; |
1076 |
|
|
|
1077 |
|
|
/* SA payload */ |
1078 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
1079 |
|
|
goto done; |
1080 |
|
|
if ((len = ikev2_add_proposals(env, sa, e, &pol->pol_proposals, 0, |
1081 |
|
|
sa->sa_hdr.sh_initiator, 0)) == -1) |
1082 |
|
|
goto done; |
1083 |
|
|
|
1084 |
|
|
if ((len = ikev2_add_ts(e, &pld, len, sa, 0)) == -1) |
1085 |
|
|
goto done; |
1086 |
|
|
|
1087 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
1088 |
|
|
goto done; |
1089 |
|
|
|
1090 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, |
1091 |
|
|
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 0); |
1092 |
|
|
|
1093 |
|
|
done: |
1094 |
|
|
ibuf_release(e); |
1095 |
|
|
|
1096 |
|
|
return (ret); |
1097 |
|
|
} |
1098 |
|
|
|
1099 |
|
|
int |
1100 |
|
|
ikev2_init_done(struct iked *env, struct iked_sa *sa) |
1101 |
|
|
{ |
1102 |
|
|
int ret; |
1103 |
|
|
|
1104 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_VALID)) |
1105 |
|
|
return (0); /* ignored */ |
1106 |
|
|
|
1107 |
|
|
ret = ikev2_childsa_negotiate(env, sa, &sa->sa_kex, &sa->sa_proposals, |
1108 |
|
|
sa->sa_hdr.sh_initiator, 0); |
1109 |
|
|
if (ret == 0) |
1110 |
|
|
ret = ikev2_childsa_enable(env, sa); |
1111 |
|
|
if (ret == 0) { |
1112 |
|
|
sa_state(env, sa, IKEV2_STATE_ESTABLISHED); |
1113 |
|
|
timer_set(env, &sa->sa_timer, ikev2_ike_sa_alive, sa); |
1114 |
|
|
timer_add(env, &sa->sa_timer, IKED_IKE_SA_ALIVE_TIMEOUT); |
1115 |
|
|
timer_set(env, &sa->sa_rekey, ikev2_ike_sa_rekey, sa); |
1116 |
|
|
if (sa->sa_policy->pol_rekey) |
1117 |
|
|
timer_add(env, &sa->sa_rekey, sa->sa_policy->pol_rekey); |
1118 |
|
|
} |
1119 |
|
|
|
1120 |
|
|
if (ret) |
1121 |
|
|
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1); |
1122 |
|
|
return (ret); |
1123 |
|
|
} |
1124 |
|
|
|
1125 |
|
|
int |
1126 |
|
|
ikev2_policy2id(struct iked_static_id *polid, struct iked_id *id, int srcid) |
1127 |
|
|
{ |
1128 |
|
|
struct ikev2_id hdr; |
1129 |
|
|
struct iked_static_id localpid; |
1130 |
|
|
char idstr[IKED_ID_SIZE]; |
1131 |
|
|
struct in_addr in4; |
1132 |
|
|
struct in6_addr in6; |
1133 |
|
|
X509_NAME *name = NULL; |
1134 |
|
|
uint8_t *p; |
1135 |
|
|
int len; |
1136 |
|
|
|
1137 |
|
|
/* Fixup the local Id if not specified */ |
1138 |
|
|
if (srcid && polid->id_type == 0) { |
1139 |
|
|
polid = &localpid; |
1140 |
|
|
bzero(polid, sizeof(*polid)); |
1141 |
|
|
|
1142 |
|
|
/* Create a default local ID based on our FQDN */ |
1143 |
|
|
polid->id_type = IKEV2_ID_FQDN; |
1144 |
|
|
if (gethostname((char *)polid->id_data, |
1145 |
|
|
sizeof(polid->id_data)) != 0) |
1146 |
|
|
return (-1); |
1147 |
|
|
polid->id_offset = 0; |
1148 |
|
|
polid->id_length = |
1149 |
|
|
strlen((char *)polid->id_data); /* excluding NUL */ |
1150 |
|
|
} |
1151 |
|
|
|
1152 |
|
|
if (!polid->id_length) |
1153 |
|
|
return (-1); |
1154 |
|
|
|
1155 |
|
|
/* Create an IKEv2 ID payload */ |
1156 |
|
|
bzero(&hdr, sizeof(hdr)); |
1157 |
|
|
hdr.id_type = id->id_type = polid->id_type; |
1158 |
|
|
id->id_offset = sizeof(hdr); |
1159 |
|
|
|
1160 |
|
|
if ((id->id_buf = ibuf_new(&hdr, sizeof(hdr))) == NULL) |
1161 |
|
|
return (-1); |
1162 |
|
|
|
1163 |
|
|
switch (id->id_type) { |
1164 |
|
|
case IKEV2_ID_IPV4: |
1165 |
|
|
if (inet_pton(AF_INET, (char *)polid->id_data, &in4) != 1 || |
1166 |
|
|
ibuf_add(id->id_buf, &in4, sizeof(in4)) != 0) { |
1167 |
|
|
ibuf_release(id->id_buf); |
1168 |
|
|
return (-1); |
1169 |
|
|
} |
1170 |
|
|
break; |
1171 |
|
|
case IKEV2_ID_IPV6: |
1172 |
|
|
if (inet_pton(AF_INET6, (char *)polid->id_data, &in6) != 1 || |
1173 |
|
|
ibuf_add(id->id_buf, &in6, sizeof(in6)) != 0) { |
1174 |
|
|
ibuf_release(id->id_buf); |
1175 |
|
|
return (-1); |
1176 |
|
|
} |
1177 |
|
|
break; |
1178 |
|
|
case IKEV2_ID_ASN1_DN: |
1179 |
|
|
/* policy has ID in string-format, convert to ASN1 */ |
1180 |
|
|
if ((name = ca_x509_name_parse(polid->id_data)) == NULL || |
1181 |
|
|
(len = i2d_X509_NAME(name, NULL)) < 0 || |
1182 |
|
|
(p = ibuf_reserve(id->id_buf, len)) == NULL || |
1183 |
|
|
(i2d_X509_NAME(name, &p)) < 0) { |
1184 |
|
|
if (name) |
1185 |
|
|
X509_NAME_free(name); |
1186 |
|
|
ibuf_release(id->id_buf); |
1187 |
|
|
return (-1); |
1188 |
|
|
} |
1189 |
|
|
X509_NAME_free(name); |
1190 |
|
|
break; |
1191 |
|
|
default: |
1192 |
|
|
if (ibuf_add(id->id_buf, |
1193 |
|
|
polid->id_data, polid->id_length) != 0) { |
1194 |
|
|
ibuf_release(id->id_buf); |
1195 |
|
|
return (-1); |
1196 |
|
|
} |
1197 |
|
|
break; |
1198 |
|
|
} |
1199 |
|
|
|
1200 |
|
|
if (ikev2_print_id(id, idstr, sizeof(idstr)) == -1) |
1201 |
|
|
return (-1); |
1202 |
|
|
|
1203 |
|
|
log_debug("%s: %s %s length %zu", __func__, |
1204 |
|
|
srcid ? "srcid" : "dstid", |
1205 |
|
|
idstr, ibuf_size(id->id_buf)); |
1206 |
|
|
|
1207 |
|
|
return (0); |
1208 |
|
|
} |
1209 |
|
|
|
1210 |
|
|
struct ike_header * |
1211 |
|
|
ikev2_add_header(struct ibuf *buf, struct iked_sa *sa, |
1212 |
|
|
uint32_t msgid, uint8_t nextpayload, |
1213 |
|
|
uint8_t exchange, uint8_t flags) |
1214 |
|
|
{ |
1215 |
|
|
struct ike_header *hdr; |
1216 |
|
|
|
1217 |
|
|
if ((hdr = ibuf_advance(buf, sizeof(*hdr))) == NULL) { |
1218 |
|
|
log_debug("%s: failed to add header", __func__); |
1219 |
|
|
return (NULL); |
1220 |
|
|
} |
1221 |
|
|
|
1222 |
|
|
hdr->ike_ispi = htobe64(sa->sa_hdr.sh_ispi); |
1223 |
|
|
hdr->ike_rspi = htobe64(sa->sa_hdr.sh_rspi); |
1224 |
|
|
hdr->ike_nextpayload = nextpayload; |
1225 |
|
|
hdr->ike_version = IKEV2_VERSION; |
1226 |
|
|
hdr->ike_exchange = exchange; |
1227 |
|
|
hdr->ike_msgid = htobe32(msgid); |
1228 |
|
|
hdr->ike_length = htobe32(sizeof(*hdr)); |
1229 |
|
|
hdr->ike_flags = flags; |
1230 |
|
|
|
1231 |
|
|
if (sa->sa_hdr.sh_initiator) |
1232 |
|
|
hdr->ike_flags |= IKEV2_FLAG_INITIATOR; |
1233 |
|
|
|
1234 |
|
|
return (hdr); |
1235 |
|
|
} |
1236 |
|
|
|
1237 |
|
|
int |
1238 |
|
|
ikev2_set_header(struct ike_header *hdr, size_t length) |
1239 |
|
|
{ |
1240 |
|
|
uint32_t hdrlength = sizeof(*hdr) + length; |
1241 |
|
|
|
1242 |
|
|
if (hdrlength > UINT32_MAX) { |
1243 |
|
|
log_debug("%s: message too long", __func__); |
1244 |
|
|
return (-1); |
1245 |
|
|
} |
1246 |
|
|
|
1247 |
|
|
hdr->ike_length = htobe32(sizeof(*hdr) + length); |
1248 |
|
|
|
1249 |
|
|
return (0); |
1250 |
|
|
} |
1251 |
|
|
|
1252 |
|
|
struct ikev2_payload * |
1253 |
|
|
ikev2_add_payload(struct ibuf *buf) |
1254 |
|
|
{ |
1255 |
|
|
struct ikev2_payload *pld; |
1256 |
|
|
|
1257 |
|
|
if ((pld = ibuf_advance(buf, sizeof(*pld))) == NULL) { |
1258 |
|
|
log_debug("%s: failed to add payload", __func__); |
1259 |
|
|
return (NULL); |
1260 |
|
|
} |
1261 |
|
|
|
1262 |
|
|
pld->pld_nextpayload = IKEV2_PAYLOAD_NONE; |
1263 |
|
|
pld->pld_length = sizeof(*pld); |
1264 |
|
|
|
1265 |
|
|
return (pld); |
1266 |
|
|
} |
1267 |
|
|
|
1268 |
|
|
ssize_t |
1269 |
|
|
ikev2_add_ts_payload(struct ibuf *buf, unsigned int type, struct iked_sa *sa) |
1270 |
|
|
{ |
1271 |
|
|
struct iked_policy *pol = sa->sa_policy; |
1272 |
|
|
struct ikev2_tsp *tsp; |
1273 |
|
|
struct ikev2_ts *ts; |
1274 |
|
|
struct iked_flow *flow; |
1275 |
|
|
struct iked_addr *addr; |
1276 |
|
|
struct iked_addr pooladdr; |
1277 |
|
|
uint8_t *ptr; |
1278 |
|
|
size_t len = 0; |
1279 |
|
|
uint32_t av[4], bv[4], mv[4]; |
1280 |
|
|
struct sockaddr_in *in4; |
1281 |
|
|
struct sockaddr_in6 *in6; |
1282 |
|
|
|
1283 |
|
|
if ((tsp = ibuf_advance(buf, sizeof(*tsp))) == NULL) |
1284 |
|
|
return (-1); |
1285 |
|
|
tsp->tsp_count = pol->pol_nflows; |
1286 |
|
|
len = sizeof(*tsp); |
1287 |
|
|
|
1288 |
|
|
RB_FOREACH(flow, iked_flows, &pol->pol_flows) { |
1289 |
|
|
if ((ts = ibuf_advance(buf, sizeof(*ts))) == NULL) |
1290 |
|
|
return (-1); |
1291 |
|
|
|
1292 |
|
|
if (type == IKEV2_PAYLOAD_TSi) { |
1293 |
|
|
if (sa->sa_hdr.sh_initiator) |
1294 |
|
|
addr = &flow->flow_src; |
1295 |
|
|
else |
1296 |
|
|
addr = &flow->flow_dst; |
1297 |
|
|
} else if (type == IKEV2_PAYLOAD_TSr) { |
1298 |
|
|
if (sa->sa_hdr.sh_initiator) |
1299 |
|
|
addr = &flow->flow_dst; |
1300 |
|
|
else |
1301 |
|
|
addr = &flow->flow_src; |
1302 |
|
|
} else |
1303 |
|
|
return (-1); |
1304 |
|
|
|
1305 |
|
|
/* patch remote address (if configured to 0.0.0.0) */ |
1306 |
|
|
if ((type == IKEV2_PAYLOAD_TSi && !sa->sa_hdr.sh_initiator) || |
1307 |
|
|
(type == IKEV2_PAYLOAD_TSr && sa->sa_hdr.sh_initiator)) { |
1308 |
|
|
if (ikev2_cp_fixaddr(sa, addr, &pooladdr) != -1) |
1309 |
|
|
addr = &pooladdr; |
1310 |
|
|
} |
1311 |
|
|
|
1312 |
|
|
ts->ts_protoid = flow->flow_ipproto; |
1313 |
|
|
|
1314 |
|
|
if (addr->addr_port) { |
1315 |
|
|
ts->ts_startport = addr->addr_port; |
1316 |
|
|
ts->ts_endport = addr->addr_port; |
1317 |
|
|
} else { |
1318 |
|
|
ts->ts_startport = 0; |
1319 |
|
|
ts->ts_endport = 0xffff; |
1320 |
|
|
} |
1321 |
|
|
|
1322 |
|
|
switch (addr->addr_af) { |
1323 |
|
|
case AF_INET: |
1324 |
|
|
ts->ts_type = IKEV2_TS_IPV4_ADDR_RANGE; |
1325 |
|
|
ts->ts_length = htobe16(sizeof(*ts) + 8); |
1326 |
|
|
|
1327 |
|
|
if ((ptr = ibuf_advance(buf, 8)) == NULL) |
1328 |
|
|
return (-1); |
1329 |
|
|
|
1330 |
|
|
in4 = (struct sockaddr_in *)&addr->addr; |
1331 |
|
|
if (addr->addr_net) { |
1332 |
|
|
/* Convert IPv4 network to address range */ |
1333 |
|
|
mv[0] = prefixlen2mask(addr->addr_mask); |
1334 |
|
|
av[0] = in4->sin_addr.s_addr & mv[0]; |
1335 |
|
|
bv[0] = in4->sin_addr.s_addr | ~mv[0]; |
1336 |
|
|
} else |
1337 |
|
|
av[0] = bv[0] = in4->sin_addr.s_addr; |
1338 |
|
|
|
1339 |
|
|
memcpy(ptr, &av[0], 4); |
1340 |
|
|
memcpy(ptr + 4, &bv[0], 4); |
1341 |
|
|
break; |
1342 |
|
|
case AF_INET6: |
1343 |
|
|
ts->ts_type = IKEV2_TS_IPV6_ADDR_RANGE; |
1344 |
|
|
ts->ts_length = htobe16(sizeof(*ts) + 32); |
1345 |
|
|
|
1346 |
|
|
if ((ptr = ibuf_advance(buf, 32)) == NULL) |
1347 |
|
|
return (-1); |
1348 |
|
|
|
1349 |
|
|
in6 = (struct sockaddr_in6 *)&addr->addr; |
1350 |
|
|
|
1351 |
|
|
memcpy(&av, &in6->sin6_addr.s6_addr, 16); |
1352 |
|
|
memcpy(&bv, &in6->sin6_addr.s6_addr, 16); |
1353 |
|
|
if (addr->addr_net) { |
1354 |
|
|
/* Convert IPv6 network to address range */ |
1355 |
|
|
prefixlen2mask6(addr->addr_mask, mv); |
1356 |
|
|
av[0] &= mv[0]; |
1357 |
|
|
av[1] &= mv[1]; |
1358 |
|
|
av[2] &= mv[2]; |
1359 |
|
|
av[3] &= mv[3]; |
1360 |
|
|
bv[0] |= ~mv[0]; |
1361 |
|
|
bv[1] |= ~mv[1]; |
1362 |
|
|
bv[2] |= ~mv[2]; |
1363 |
|
|
bv[3] |= ~mv[3]; |
1364 |
|
|
} |
1365 |
|
|
|
1366 |
|
|
memcpy(ptr, &av, 16); |
1367 |
|
|
memcpy(ptr + 16, &bv, 16); |
1368 |
|
|
break; |
1369 |
|
|
} |
1370 |
|
|
|
1371 |
|
|
len += betoh16(ts->ts_length); |
1372 |
|
|
} |
1373 |
|
|
|
1374 |
|
|
return (len); |
1375 |
|
|
} |
1376 |
|
|
|
1377 |
|
|
ssize_t |
1378 |
|
|
ikev2_add_ts(struct ibuf *e, struct ikev2_payload **pld, ssize_t len, |
1379 |
|
|
struct iked_sa *sa, int reverse) |
1380 |
|
|
{ |
1381 |
|
|
if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_TSi) == -1) |
1382 |
|
|
return (-1); |
1383 |
|
|
|
1384 |
|
|
/* TSi payload */ |
1385 |
|
|
if ((*pld = ikev2_add_payload(e)) == NULL) |
1386 |
|
|
return (-1); |
1387 |
|
|
if ((len = ikev2_add_ts_payload(e, reverse ? IKEV2_PAYLOAD_TSr : |
1388 |
|
|
IKEV2_PAYLOAD_TSi, sa)) == -1) |
1389 |
|
|
return (-1); |
1390 |
|
|
|
1391 |
|
|
if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_TSr) == -1) |
1392 |
|
|
return (-1); |
1393 |
|
|
|
1394 |
|
|
/* TSr payload */ |
1395 |
|
|
if ((*pld = ikev2_add_payload(e)) == NULL) |
1396 |
|
|
return (-1); |
1397 |
|
|
if ((len = ikev2_add_ts_payload(e, reverse ? IKEV2_PAYLOAD_TSi : |
1398 |
|
|
IKEV2_PAYLOAD_TSr, sa)) == -1) |
1399 |
|
|
return (-1); |
1400 |
|
|
|
1401 |
|
|
return (len); |
1402 |
|
|
} |
1403 |
|
|
|
1404 |
|
|
|
1405 |
|
|
ssize_t |
1406 |
|
|
ikev2_add_certreq(struct ibuf *e, struct ikev2_payload **pld, ssize_t len, |
1407 |
|
|
struct ibuf *certreq, uint8_t type) |
1408 |
|
|
{ |
1409 |
|
|
struct ikev2_cert *cert; |
1410 |
|
|
|
1411 |
|
|
if (type == IKEV2_CERT_NONE) |
1412 |
|
|
return (len); |
1413 |
|
|
|
1414 |
|
|
if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_CERTREQ) == -1) |
1415 |
|
|
return (-1); |
1416 |
|
|
|
1417 |
|
|
/* CERTREQ payload */ |
1418 |
|
|
if ((*pld = ikev2_add_payload(e)) == NULL) |
1419 |
|
|
return (-1); |
1420 |
|
|
|
1421 |
|
|
if ((cert = ibuf_advance(e, sizeof(*cert))) == NULL) |
1422 |
|
|
return (-1); |
1423 |
|
|
|
1424 |
|
|
cert->cert_type = type; |
1425 |
|
|
len = sizeof(*cert); |
1426 |
|
|
|
1427 |
|
|
if (certreq != NULL && cert->cert_type == IKEV2_CERT_X509_CERT) { |
1428 |
|
|
if (ikev2_add_buf(e, certreq) == -1) |
1429 |
|
|
return (-1); |
1430 |
|
|
len += ibuf_size(certreq); |
1431 |
|
|
} |
1432 |
|
|
|
1433 |
|
|
log_debug("%s: type %s length %zd", __func__, |
1434 |
|
|
print_map(type, ikev2_cert_map), len); |
1435 |
|
|
|
1436 |
|
|
return (len); |
1437 |
|
|
} |
1438 |
|
|
|
1439 |
|
|
ssize_t |
1440 |
|
|
ikev2_add_ipcompnotify(struct iked *env, struct ibuf *e, |
1441 |
|
|
struct ikev2_payload **pld, ssize_t len, struct iked_sa *sa) |
1442 |
|
|
{ |
1443 |
|
|
struct iked_childsa csa; |
1444 |
|
|
struct ikev2_notify *n; |
1445 |
|
|
uint8_t *ptr; |
1446 |
|
|
uint16_t cpi; |
1447 |
|
|
uint32_t spi; |
1448 |
|
|
uint8_t transform; |
1449 |
|
|
|
1450 |
|
|
/* we only support deflate */ |
1451 |
|
|
transform = IKEV2_IPCOMP_DEFLATE; |
1452 |
|
|
|
1453 |
|
|
bzero(&csa, sizeof(csa)); |
1454 |
|
|
csa.csa_saproto = IKEV2_SAPROTO_IPCOMP; |
1455 |
|
|
csa.csa_ikesa = sa; |
1456 |
|
|
csa.csa_local = &sa->sa_peer; |
1457 |
|
|
csa.csa_peer = &sa->sa_local; |
1458 |
|
|
|
1459 |
|
|
if (pfkey_sa_init(env->sc_pfkey, &csa, &spi) == -1) |
1460 |
|
|
return (-1); |
1461 |
|
|
/* |
1462 |
|
|
* We get spi == 0 if the kernel does not support IPcomp, |
1463 |
|
|
* so just return the length of the current payload. |
1464 |
|
|
*/ |
1465 |
|
|
if (spi == 0) |
1466 |
|
|
return (len); |
1467 |
|
|
cpi = htobe16((uint16_t)spi); |
1468 |
|
|
if (*pld) |
1469 |
|
|
if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
1470 |
|
|
return (-1); |
1471 |
|
|
if ((*pld = ikev2_add_payload(e)) == NULL) |
1472 |
|
|
return (-1); |
1473 |
|
|
len = sizeof(*n) + sizeof(cpi) + sizeof(transform); |
1474 |
|
|
if ((ptr = ibuf_advance(e, len)) == NULL) |
1475 |
|
|
return (-1); |
1476 |
|
|
n = (struct ikev2_notify *)ptr; |
1477 |
|
|
n->n_protoid = 0; |
1478 |
|
|
n->n_spisize = 0; |
1479 |
|
|
n->n_type = htobe16(IKEV2_N_IPCOMP_SUPPORTED); |
1480 |
|
|
ptr += sizeof(*n); |
1481 |
|
|
memcpy(ptr, &cpi, sizeof(cpi)); |
1482 |
|
|
ptr += sizeof(cpi); |
1483 |
|
|
memcpy(ptr, &transform, sizeof(transform)); |
1484 |
|
|
|
1485 |
|
|
sa->sa_cpi_in = spi; /* already on host byte order */ |
1486 |
|
|
log_debug("%s: sa_cpi_in 0x%04x", __func__, sa->sa_cpi_in); |
1487 |
|
|
|
1488 |
|
|
return (len); |
1489 |
|
|
} |
1490 |
|
|
|
1491 |
|
|
ssize_t |
1492 |
|
|
ikev2_add_sighashnotify(struct ibuf *e, struct ikev2_payload **pld, |
1493 |
|
|
ssize_t len) |
1494 |
|
|
{ |
1495 |
|
|
struct ikev2_notify *n; |
1496 |
|
|
uint8_t *ptr; |
1497 |
|
|
size_t i; |
1498 |
|
|
uint16_t hash, signature_hashes[] = { |
1499 |
|
|
IKEV2_SIGHASH_SHA2_256, |
1500 |
|
|
IKEV2_SIGHASH_SHA2_384, |
1501 |
|
|
IKEV2_SIGHASH_SHA2_512 |
1502 |
|
|
}; |
1503 |
|
|
|
1504 |
|
|
if (ikev2_next_payload(*pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
1505 |
|
|
return (-1); |
1506 |
|
|
|
1507 |
|
|
/* XXX signature_hashes are hardcoded for now */ |
1508 |
|
|
len = sizeof(*n) + nitems(signature_hashes) * sizeof(hash); |
1509 |
|
|
|
1510 |
|
|
/* NOTIFY payload */ |
1511 |
|
|
if ((*pld = ikev2_add_payload(e)) == NULL) |
1512 |
|
|
return (-1); |
1513 |
|
|
if ((ptr = ibuf_advance(e, len)) == NULL) |
1514 |
|
|
return (-1); |
1515 |
|
|
|
1516 |
|
|
n = (struct ikev2_notify *)ptr; |
1517 |
|
|
n->n_protoid = 0; |
1518 |
|
|
n->n_spisize = 0; |
1519 |
|
|
n->n_type = htobe16(IKEV2_N_SIGNATURE_HASH_ALGORITHMS); |
1520 |
|
|
ptr += sizeof(*n); |
1521 |
|
|
|
1522 |
|
|
for (i = 0; i < nitems(signature_hashes); i++) { |
1523 |
|
|
hash = htobe16(signature_hashes[i]); |
1524 |
|
|
memcpy(ptr, &hash, sizeof(hash)); |
1525 |
|
|
ptr += sizeof(hash); |
1526 |
|
|
} |
1527 |
|
|
|
1528 |
|
|
return (len); |
1529 |
|
|
} |
1530 |
|
|
|
1531 |
|
|
int |
1532 |
|
|
ikev2_next_payload(struct ikev2_payload *pld, size_t length, |
1533 |
|
|
uint8_t nextpayload) |
1534 |
|
|
{ |
1535 |
|
|
size_t pldlength = sizeof(*pld) + length; |
1536 |
|
|
|
1537 |
|
|
if (pldlength > UINT16_MAX) { |
1538 |
|
|
log_debug("%s: payload too long", __func__); |
1539 |
|
|
return (-1); |
1540 |
|
|
} |
1541 |
|
|
|
1542 |
|
|
log_debug("%s: length %zu nextpayload %s", |
1543 |
|
|
__func__, pldlength, print_map(nextpayload, ikev2_payload_map)); |
1544 |
|
|
|
1545 |
|
|
pld->pld_length = htobe16(pldlength); |
1546 |
|
|
pld->pld_nextpayload = nextpayload; |
1547 |
|
|
|
1548 |
|
|
return (0); |
1549 |
|
|
} |
1550 |
|
|
|
1551 |
|
|
ssize_t |
1552 |
|
|
ikev2_nat_detection(struct iked *env, struct iked_message *msg, |
1553 |
|
|
void *ptr, size_t len, unsigned int type) |
1554 |
|
|
{ |
1555 |
|
|
EVP_MD_CTX ctx; |
1556 |
|
|
struct ike_header *hdr; |
1557 |
|
|
uint8_t md[SHA_DIGEST_LENGTH]; |
1558 |
|
|
unsigned int mdlen = sizeof(md); |
1559 |
|
|
struct iked_sa *sa = msg->msg_sa; |
1560 |
|
|
struct sockaddr_in *in4; |
1561 |
|
|
struct sockaddr_in6 *in6; |
1562 |
|
|
ssize_t ret = -1; |
1563 |
|
|
struct sockaddr *src, *dst, *ss; |
1564 |
|
|
uint64_t rspi, ispi; |
1565 |
|
|
struct ibuf *buf; |
1566 |
|
|
int frompeer = 0; |
1567 |
|
|
uint32_t rnd; |
1568 |
|
|
|
1569 |
|
|
if (ptr == NULL) |
1570 |
|
|
return (mdlen); |
1571 |
|
|
|
1572 |
|
|
if (ikev2_msg_frompeer(msg)) { |
1573 |
|
|
buf = msg->msg_parent->msg_data; |
1574 |
|
|
if ((hdr = ibuf_seek(buf, 0, sizeof(*hdr))) == NULL) |
1575 |
|
|
return (-1); |
1576 |
|
|
ispi = hdr->ike_ispi; |
1577 |
|
|
rspi = hdr->ike_rspi; |
1578 |
|
|
frompeer = 1; |
1579 |
|
|
src = (struct sockaddr *)&msg->msg_peer; |
1580 |
|
|
dst = (struct sockaddr *)&msg->msg_local; |
1581 |
|
|
} else { |
1582 |
|
|
ispi = htobe64(sa->sa_hdr.sh_ispi); |
1583 |
|
|
rspi = htobe64(sa->sa_hdr.sh_rspi); |
1584 |
|
|
frompeer = 0; |
1585 |
|
|
src = (struct sockaddr *)&msg->msg_local; |
1586 |
|
|
dst = (struct sockaddr *)&msg->msg_peer; |
1587 |
|
|
} |
1588 |
|
|
|
1589 |
|
|
EVP_MD_CTX_init(&ctx); |
1590 |
|
|
EVP_DigestInit_ex(&ctx, EVP_sha1(), NULL); |
1591 |
|
|
|
1592 |
|
|
switch (type) { |
1593 |
|
|
case IKEV2_N_NAT_DETECTION_SOURCE_IP: |
1594 |
|
|
log_debug("%s: %s source %s %s %s", __func__, |
1595 |
|
|
frompeer ? "peer" : "local", |
1596 |
|
|
print_spi(betoh64(ispi), 8), |
1597 |
|
|
print_spi(betoh64(rspi), 8), |
1598 |
|
|
print_host(src, NULL, 0)); |
1599 |
|
|
ss = src; |
1600 |
|
|
break; |
1601 |
|
|
case IKEV2_N_NAT_DETECTION_DESTINATION_IP: |
1602 |
|
|
log_debug("%s: %s destination %s %s %s", __func__, |
1603 |
|
|
frompeer ? "peer" : "local", |
1604 |
|
|
print_spi(betoh64(ispi), 8), |
1605 |
|
|
print_spi(betoh64(rspi), 8), |
1606 |
|
|
print_host(dst, NULL, 0)); |
1607 |
|
|
ss = dst; |
1608 |
|
|
break; |
1609 |
|
|
default: |
1610 |
|
|
goto done; |
1611 |
|
|
} |
1612 |
|
|
|
1613 |
|
|
EVP_DigestUpdate(&ctx, &ispi, sizeof(ispi)); |
1614 |
|
|
EVP_DigestUpdate(&ctx, &rspi, sizeof(rspi)); |
1615 |
|
|
|
1616 |
|
|
switch (ss->sa_family) { |
1617 |
|
|
case AF_INET: |
1618 |
|
|
in4 = (struct sockaddr_in *)ss; |
1619 |
|
|
EVP_DigestUpdate(&ctx, &in4->sin_addr.s_addr, |
1620 |
|
|
sizeof(in4->sin_addr.s_addr)); |
1621 |
|
|
EVP_DigestUpdate(&ctx, &in4->sin_port, |
1622 |
|
|
sizeof(in4->sin_port)); |
1623 |
|
|
break; |
1624 |
|
|
case AF_INET6: |
1625 |
|
|
in6 = (struct sockaddr_in6 *)ss; |
1626 |
|
|
EVP_DigestUpdate(&ctx, &in6->sin6_addr.s6_addr, |
1627 |
|
|
sizeof(in6->sin6_addr.s6_addr)); |
1628 |
|
|
EVP_DigestUpdate(&ctx, &in6->sin6_port, |
1629 |
|
|
sizeof(in6->sin6_port)); |
1630 |
|
|
break; |
1631 |
|
|
default: |
1632 |
|
|
goto done; |
1633 |
|
|
} |
1634 |
|
|
|
1635 |
|
|
if (env->sc_opts & IKED_OPT_NATT) { |
1636 |
|
|
/* Enforce NAT-T/UDP-encapsulation by distorting the digest */ |
1637 |
|
|
rnd = arc4random(); |
1638 |
|
|
EVP_DigestUpdate(&ctx, &rnd, sizeof(rnd)); |
1639 |
|
|
} |
1640 |
|
|
|
1641 |
|
|
EVP_DigestFinal_ex(&ctx, md, &mdlen); |
1642 |
|
|
|
1643 |
|
|
if (len < mdlen) |
1644 |
|
|
goto done; |
1645 |
|
|
|
1646 |
|
|
memcpy(ptr, md, mdlen); |
1647 |
|
|
ret = mdlen; |
1648 |
|
|
done: |
1649 |
|
|
EVP_MD_CTX_cleanup(&ctx); |
1650 |
|
|
|
1651 |
|
|
return (ret); |
1652 |
|
|
} |
1653 |
|
|
|
1654 |
|
|
ssize_t |
1655 |
|
|
ikev2_add_cp(struct iked *env, struct iked_sa *sa, struct ibuf *buf) |
1656 |
|
|
{ |
1657 |
|
|
struct iked_policy *pol = sa->sa_policy; |
1658 |
|
|
struct ikev2_cp *cp; |
1659 |
|
|
struct ikev2_cfg *cfg; |
1660 |
|
|
struct iked_cfg *ikecfg; |
1661 |
|
|
unsigned int i; |
1662 |
|
|
uint32_t mask4; |
1663 |
|
|
size_t len; |
1664 |
|
|
struct sockaddr_in *in4; |
1665 |
|
|
struct sockaddr_in6 *in6; |
1666 |
|
|
uint8_t prefixlen; |
1667 |
|
|
|
1668 |
|
|
if ((cp = ibuf_advance(buf, sizeof(*cp))) == NULL) |
1669 |
|
|
return (-1); |
1670 |
|
|
len = sizeof(*cp); |
1671 |
|
|
|
1672 |
|
|
switch (sa->sa_cp) { |
1673 |
|
|
case IKEV2_CP_REQUEST: |
1674 |
|
|
cp->cp_type = IKEV2_CP_REPLY; |
1675 |
|
|
break; |
1676 |
|
|
case IKEV2_CP_REPLY: |
1677 |
|
|
case IKEV2_CP_SET: |
1678 |
|
|
case IKEV2_CP_ACK: |
1679 |
|
|
/* Not yet supported */ |
1680 |
|
|
return (-1); |
1681 |
|
|
} |
1682 |
|
|
|
1683 |
|
|
for (i = 0; i < pol->pol_ncfg; i++) { |
1684 |
|
|
ikecfg = &pol->pol_cfg[i]; |
1685 |
|
|
if (ikecfg->cfg_action != cp->cp_type) |
1686 |
|
|
continue; |
1687 |
|
|
|
1688 |
|
|
if ((cfg = ibuf_advance(buf, sizeof(*cfg))) == NULL) |
1689 |
|
|
return (-1); |
1690 |
|
|
|
1691 |
|
|
cfg->cfg_type = htobe16(ikecfg->cfg_type); |
1692 |
|
|
len += sizeof(*cfg); |
1693 |
|
|
|
1694 |
|
|
switch (ikecfg->cfg_type) { |
1695 |
|
|
case IKEV2_CFG_INTERNAL_IP4_ADDRESS: |
1696 |
|
|
case IKEV2_CFG_INTERNAL_IP4_NETMASK: |
1697 |
|
|
case IKEV2_CFG_INTERNAL_IP4_DNS: |
1698 |
|
|
case IKEV2_CFG_INTERNAL_IP4_NBNS: |
1699 |
|
|
case IKEV2_CFG_INTERNAL_IP4_DHCP: |
1700 |
|
|
case IKEV2_CFG_INTERNAL_IP4_SERVER: |
1701 |
|
|
/* 4 bytes IPv4 address */ |
1702 |
|
|
in4 = (ikecfg->cfg.address.addr_mask != 32 && |
1703 |
|
|
(ikecfg->cfg_type == |
1704 |
|
|
IKEV2_CFG_INTERNAL_IP4_ADDRESS) && |
1705 |
|
|
sa->sa_addrpool && |
1706 |
|
|
sa->sa_addrpool->addr_af == AF_INET) ? |
1707 |
|
|
(struct sockaddr_in *)&sa->sa_addrpool->addr : |
1708 |
|
|
(struct sockaddr_in *)&ikecfg->cfg.address.addr; |
1709 |
|
|
cfg->cfg_length = htobe16(4); |
1710 |
|
|
if (ibuf_add(buf, &in4->sin_addr.s_addr, 4) == -1) |
1711 |
|
|
return (-1); |
1712 |
|
|
len += 4; |
1713 |
|
|
break; |
1714 |
|
|
case IKEV2_CFG_INTERNAL_IP4_SUBNET: |
1715 |
|
|
/* 4 bytes IPv4 address + 4 bytes IPv4 mask + */ |
1716 |
|
|
in4 = (struct sockaddr_in *)&ikecfg->cfg.address.addr; |
1717 |
|
|
mask4 = prefixlen2mask(ikecfg->cfg.address.addr_mask); |
1718 |
|
|
cfg->cfg_length = htobe16(8); |
1719 |
|
|
if (ibuf_add(buf, &in4->sin_addr.s_addr, 4) == -1) |
1720 |
|
|
return (-1); |
1721 |
|
|
if (ibuf_add(buf, &mask4, 4) == -1) |
1722 |
|
|
return (-1); |
1723 |
|
|
len += 8; |
1724 |
|
|
break; |
1725 |
|
|
case IKEV2_CFG_INTERNAL_IP6_DNS: |
1726 |
|
|
case IKEV2_CFG_INTERNAL_IP6_NBNS: |
1727 |
|
|
case IKEV2_CFG_INTERNAL_IP6_DHCP: |
1728 |
|
|
case IKEV2_CFG_INTERNAL_IP6_SERVER: |
1729 |
|
|
/* 16 bytes IPv6 address */ |
1730 |
|
|
in6 = (struct sockaddr_in6 *)&ikecfg->cfg.address; |
1731 |
|
|
cfg->cfg_length = htobe16(16); |
1732 |
|
|
if (ibuf_add(buf, &in6->sin6_addr.s6_addr, 16) == -1) |
1733 |
|
|
return (-1); |
1734 |
|
|
len += 16; |
1735 |
|
|
break; |
1736 |
|
|
case IKEV2_CFG_INTERNAL_IP6_ADDRESS: |
1737 |
|
|
case IKEV2_CFG_INTERNAL_IP6_SUBNET: |
1738 |
|
|
/* 16 bytes IPv6 address + 1 byte prefix length */ |
1739 |
|
|
in6 = (ikecfg->cfg.address.addr_mask != 128 && |
1740 |
|
|
(ikecfg->cfg_type == |
1741 |
|
|
IKEV2_CFG_INTERNAL_IP6_ADDRESS) && |
1742 |
|
|
sa->sa_addrpool6 && |
1743 |
|
|
sa->sa_addrpool6->addr_af == AF_INET6) ? |
1744 |
|
|
(struct sockaddr_in6 *)&sa->sa_addrpool6->addr : |
1745 |
|
|
(struct sockaddr_in6 *)&ikecfg->cfg.address.addr; |
1746 |
|
|
cfg->cfg_length = htobe16(17); |
1747 |
|
|
if (ibuf_add(buf, &in6->sin6_addr.s6_addr, 16) == -1) |
1748 |
|
|
return (-1); |
1749 |
|
|
if (ikecfg->cfg.address.addr_net) |
1750 |
|
|
prefixlen = ikecfg->cfg.address.addr_mask; |
1751 |
|
|
else |
1752 |
|
|
prefixlen = 128; |
1753 |
|
|
if (ibuf_add(buf, &prefixlen, 1) == -1) |
1754 |
|
|
return (-1); |
1755 |
|
|
len += 16 + 1; |
1756 |
|
|
break; |
1757 |
|
|
case IKEV2_CFG_APPLICATION_VERSION: |
1758 |
|
|
/* Reply with an empty string (non-NUL terminated) */ |
1759 |
|
|
cfg->cfg_length = 0; |
1760 |
|
|
break; |
1761 |
|
|
} |
1762 |
|
|
} |
1763 |
|
|
|
1764 |
|
|
return (len); |
1765 |
|
|
} |
1766 |
|
|
|
1767 |
|
|
ssize_t |
1768 |
|
|
ikev2_add_proposals(struct iked *env, struct iked_sa *sa, struct ibuf *buf, |
1769 |
|
|
struct iked_proposals *proposals, uint8_t protoid, int initiator, |
1770 |
|
|
int sendikespi) |
1771 |
|
|
{ |
1772 |
|
|
struct ikev2_sa_proposal *sap; |
1773 |
|
|
struct iked_transform *xform; |
1774 |
|
|
struct iked_proposal *prop; |
1775 |
|
|
struct iked_childsa csa; |
1776 |
|
|
ssize_t length = 0, saplength, xflen; |
1777 |
|
|
uint64_t spi64; |
1778 |
|
|
uint32_t spi32, spi; |
1779 |
|
|
unsigned int i; |
1780 |
|
|
|
1781 |
|
|
TAILQ_FOREACH(prop, proposals, prop_entry) { |
1782 |
|
|
if ((protoid && prop->prop_protoid != protoid) || |
1783 |
|
|
(!protoid && prop->prop_protoid == IKEV2_SAPROTO_IKE)) |
1784 |
|
|
continue; |
1785 |
|
|
|
1786 |
|
|
if (protoid != IKEV2_SAPROTO_IKE && initiator) { |
1787 |
|
|
bzero(&csa, sizeof(csa)); |
1788 |
|
|
csa.csa_ikesa = sa; |
1789 |
|
|
csa.csa_saproto = prop->prop_protoid; |
1790 |
|
|
csa.csa_local = &sa->sa_peer; |
1791 |
|
|
csa.csa_peer = &sa->sa_local; |
1792 |
|
|
|
1793 |
|
|
if (pfkey_sa_init(env->sc_pfkey, &csa, &spi) == -1) |
1794 |
|
|
return (-1); |
1795 |
|
|
|
1796 |
|
|
prop->prop_localspi.spi = spi; |
1797 |
|
|
prop->prop_localspi.spi_size = 4; |
1798 |
|
|
prop->prop_localspi.spi_protoid = prop->prop_protoid; |
1799 |
|
|
} |
1800 |
|
|
|
1801 |
|
|
if ((sap = ibuf_advance(buf, sizeof(*sap))) == NULL) { |
1802 |
|
|
log_debug("%s: failed to add proposal", __func__); |
1803 |
|
|
return (-1); |
1804 |
|
|
} |
1805 |
|
|
|
1806 |
|
|
if (sendikespi) { |
1807 |
|
|
/* Special case for IKE SA rekeying */ |
1808 |
|
|
prop->prop_localspi.spi = initiator ? |
1809 |
|
|
sa->sa_hdr.sh_ispi : sa->sa_hdr.sh_rspi; |
1810 |
|
|
prop->prop_localspi.spi_size = 8; |
1811 |
|
|
prop->prop_localspi.spi_protoid = IKEV2_SAPROTO_IKE; |
1812 |
|
|
} |
1813 |
|
|
|
1814 |
|
|
sap->sap_proposalnr = prop->prop_id; |
1815 |
|
|
sap->sap_protoid = prop->prop_protoid; |
1816 |
|
|
sap->sap_spisize = prop->prop_localspi.spi_size; |
1817 |
|
|
sap->sap_transforms = prop->prop_nxforms; |
1818 |
|
|
saplength = sizeof(*sap); |
1819 |
|
|
|
1820 |
|
|
switch (prop->prop_localspi.spi_size) { |
1821 |
|
|
case 4: |
1822 |
|
|
spi32 = htobe32(prop->prop_localspi.spi); |
1823 |
|
|
if (ibuf_add(buf, &spi32, sizeof(spi32)) != 0) |
1824 |
|
|
return (-1); |
1825 |
|
|
saplength += 4; |
1826 |
|
|
break; |
1827 |
|
|
case 8: |
1828 |
|
|
spi64 = htobe64(prop->prop_localspi.spi); |
1829 |
|
|
if (ibuf_add(buf, &spi64, sizeof(spi64)) != 0) |
1830 |
|
|
return (-1); |
1831 |
|
|
saplength += 8; |
1832 |
|
|
break; |
1833 |
|
|
default: |
1834 |
|
|
break; |
1835 |
|
|
} |
1836 |
|
|
|
1837 |
|
|
for (i = 0; i < prop->prop_nxforms; i++) { |
1838 |
|
|
xform = prop->prop_xforms + i; |
1839 |
|
|
|
1840 |
|
|
if ((xflen = ikev2_add_transform(buf, |
1841 |
|
|
i == prop->prop_nxforms - 1 ? |
1842 |
|
|
IKEV2_XFORM_LAST : IKEV2_XFORM_MORE, |
1843 |
|
|
xform->xform_type, xform->xform_id, |
1844 |
|
|
xform->xform_length)) == -1) |
1845 |
|
|
return (-1); |
1846 |
|
|
|
1847 |
|
|
saplength += xflen; |
1848 |
|
|
} |
1849 |
|
|
|
1850 |
|
|
sap->sap_length = htobe16(saplength); |
1851 |
|
|
length += saplength; |
1852 |
|
|
} |
1853 |
|
|
|
1854 |
|
|
log_debug("%s: length %zd", __func__, length); |
1855 |
|
|
|
1856 |
|
|
return (length); |
1857 |
|
|
} |
1858 |
|
|
|
1859 |
|
|
ssize_t |
1860 |
|
|
ikev2_add_transform(struct ibuf *buf, |
1861 |
|
|
uint8_t more, uint8_t type, uint16_t id, uint16_t length) |
1862 |
|
|
{ |
1863 |
|
|
struct ikev2_transform *xfrm; |
1864 |
|
|
struct ikev2_attribute *attr; |
1865 |
|
|
|
1866 |
|
|
if ((xfrm = ibuf_advance(buf, sizeof(*xfrm))) == NULL) { |
1867 |
|
|
log_debug("%s: failed to add transform", __func__); |
1868 |
|
|
return (-1); |
1869 |
|
|
} |
1870 |
|
|
xfrm->xfrm_more = more; |
1871 |
|
|
xfrm->xfrm_type = type; |
1872 |
|
|
xfrm->xfrm_id = htobe16(id); |
1873 |
|
|
|
1874 |
|
|
if (length) { |
1875 |
|
|
xfrm->xfrm_length = htobe16(sizeof(*xfrm) + sizeof(*attr)); |
1876 |
|
|
|
1877 |
|
|
if ((attr = ibuf_advance(buf, sizeof(*attr))) == NULL) { |
1878 |
|
|
log_debug("%s: failed to add attribute", __func__); |
1879 |
|
|
return (-1); |
1880 |
|
|
} |
1881 |
|
|
attr->attr_type = htobe16(IKEV2_ATTRAF_TV | |
1882 |
|
|
IKEV2_ATTRTYPE_KEY_LENGTH); |
1883 |
|
|
attr->attr_length = htobe16(length); |
1884 |
|
|
} else |
1885 |
|
|
xfrm->xfrm_length = htobe16(sizeof(*xfrm)); |
1886 |
|
|
|
1887 |
|
|
return (betoh16(xfrm->xfrm_length)); |
1888 |
|
|
} |
1889 |
|
|
|
1890 |
|
|
int |
1891 |
|
|
ikev2_add_data(struct ibuf *buf, void *data, size_t length) |
1892 |
|
|
{ |
1893 |
|
|
void *msgbuf; |
1894 |
|
|
|
1895 |
|
|
if ((msgbuf = ibuf_advance(buf, length)) == NULL) { |
1896 |
|
|
log_debug("%s: failed", __func__); |
1897 |
|
|
return (-1); |
1898 |
|
|
} |
1899 |
|
|
memcpy(msgbuf, data, length); |
1900 |
|
|
|
1901 |
|
|
return (0); |
1902 |
|
|
} |
1903 |
|
|
|
1904 |
|
|
int |
1905 |
|
|
ikev2_add_buf(struct ibuf *buf, struct ibuf *data) |
1906 |
|
|
{ |
1907 |
|
|
void *msgbuf; |
1908 |
|
|
|
1909 |
|
|
if ((msgbuf = ibuf_advance(buf, ibuf_size(data))) == NULL) { |
1910 |
|
|
log_debug("%s: failed", __func__); |
1911 |
|
|
return (-1); |
1912 |
|
|
} |
1913 |
|
|
memcpy(msgbuf, ibuf_data(data), ibuf_size(data)); |
1914 |
|
|
|
1915 |
|
|
return (0); |
1916 |
|
|
} |
1917 |
|
|
|
1918 |
|
|
void |
1919 |
|
|
ikev2_resp_recv(struct iked *env, struct iked_message *msg, |
1920 |
|
|
struct ike_header *hdr) |
1921 |
|
|
{ |
1922 |
|
|
struct iked_sa *sa; |
1923 |
|
|
|
1924 |
|
|
switch (hdr->ike_exchange) { |
1925 |
|
|
case IKEV2_EXCHANGE_IKE_SA_INIT: |
1926 |
|
|
if (msg->msg_sa != NULL) { |
1927 |
|
|
log_debug("%s: SA already exists", __func__); |
1928 |
|
|
return; |
1929 |
|
|
} |
1930 |
|
|
if ((msg->msg_sa = sa_new(env, |
1931 |
|
|
betoh64(hdr->ike_ispi), betoh64(hdr->ike_rspi), |
1932 |
|
|
0, msg->msg_policy)) == NULL) { |
1933 |
|
|
log_debug("%s: failed to get new SA", __func__); |
1934 |
|
|
return; |
1935 |
|
|
} |
1936 |
|
|
break; |
1937 |
|
|
case IKEV2_EXCHANGE_IKE_AUTH: |
1938 |
|
|
if (ikev2_msg_valid_ike_sa(env, hdr, msg) == -1) |
1939 |
|
|
return; |
1940 |
|
|
if (sa_stateok(msg->msg_sa, IKEV2_STATE_VALID)) { |
1941 |
|
|
log_debug("%s: already authenticated", __func__); |
1942 |
|
|
return; |
1943 |
|
|
} |
1944 |
|
|
break; |
1945 |
|
|
case IKEV2_EXCHANGE_CREATE_CHILD_SA: |
1946 |
|
|
if (ikev2_msg_valid_ike_sa(env, hdr, msg) == -1) |
1947 |
|
|
return; |
1948 |
|
|
break; |
1949 |
|
|
case IKEV2_EXCHANGE_INFORMATIONAL: |
1950 |
|
|
if (ikev2_msg_valid_ike_sa(env, hdr, msg) == -1) |
1951 |
|
|
return; |
1952 |
|
|
break; |
1953 |
|
|
default: |
1954 |
|
|
log_debug("%s: unsupported exchange: %s", __func__, |
1955 |
|
|
print_map(hdr->ike_exchange, ikev2_exchange_map)); |
1956 |
|
|
return; |
1957 |
|
|
} |
1958 |
|
|
|
1959 |
|
|
if (ikev2_pld_parse(env, hdr, msg, msg->msg_offset) != 0) { |
1960 |
|
|
log_debug("%s: failed to parse message", __func__); |
1961 |
|
|
return; |
1962 |
|
|
} |
1963 |
|
|
|
1964 |
|
|
if (!ikev2_msg_frompeer(msg)) |
1965 |
|
|
return; |
1966 |
|
|
|
1967 |
|
|
if ((sa = msg->msg_sa) == NULL) |
1968 |
|
|
return; |
1969 |
|
|
|
1970 |
|
|
if (msg->msg_natt && sa->sa_natt == 0) { |
1971 |
|
|
log_debug("%s: NAT-T message received, updated SA", __func__); |
1972 |
|
|
sa->sa_natt = 1; |
1973 |
|
|
} |
1974 |
|
|
|
1975 |
|
|
switch (hdr->ike_exchange) { |
1976 |
|
|
case IKEV2_EXCHANGE_IKE_SA_INIT: |
1977 |
|
|
if (ikev2_sa_responder(env, sa, NULL, msg) != 0) { |
1978 |
|
|
log_debug("%s: failed to get IKE SA keys", __func__); |
1979 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSED); |
1980 |
|
|
return; |
1981 |
|
|
} |
1982 |
|
|
if (ikev2_resp_ike_sa_init(env, msg) != 0) { |
1983 |
|
|
log_debug("%s: failed to send init response", __func__); |
1984 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSED); |
1985 |
|
|
return; |
1986 |
|
|
} |
1987 |
|
|
break; |
1988 |
|
|
case IKEV2_EXCHANGE_IKE_AUTH: |
1989 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_SA_INIT)) { |
1990 |
|
|
log_debug("%s: state mismatch", __func__); |
1991 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSED); |
1992 |
|
|
return; |
1993 |
|
|
} |
1994 |
|
|
|
1995 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_AUTH_REQUEST) && |
1996 |
|
|
sa->sa_policy->pol_auth.auth_eap) |
1997 |
|
|
sa_state(env, sa, IKEV2_STATE_EAP); |
1998 |
|
|
|
1999 |
|
|
if (ikev2_ike_auth_recv(env, sa, msg) != 0) { |
2000 |
|
|
log_debug("%s: failed to send auth response", __func__); |
2001 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSED); |
2002 |
|
|
return; |
2003 |
|
|
} |
2004 |
|
|
break; |
2005 |
|
|
case IKEV2_EXCHANGE_CREATE_CHILD_SA: |
2006 |
|
|
(void)ikev2_resp_create_child_sa(env, msg); |
2007 |
|
|
break; |
2008 |
|
|
case IKEV2_EXCHANGE_INFORMATIONAL: |
2009 |
|
|
if (!msg->msg_responded && !msg->msg_error) { |
2010 |
|
|
(void)ikev2_send_ike_e(env, sa, NULL, |
2011 |
|
|
IKEV2_PAYLOAD_NONE, IKEV2_EXCHANGE_INFORMATIONAL, |
2012 |
|
|
1); |
2013 |
|
|
msg->msg_responded = 1; |
2014 |
|
|
} |
2015 |
|
|
break; |
2016 |
|
|
default: |
2017 |
|
|
break; |
2018 |
|
|
} |
2019 |
|
|
} |
2020 |
|
|
|
2021 |
|
|
int |
2022 |
|
|
ikev2_resp_ike_sa_init(struct iked *env, struct iked_message *msg) |
2023 |
|
|
{ |
2024 |
|
|
struct iked_message resp; |
2025 |
|
|
struct ike_header *hdr; |
2026 |
|
|
struct ikev2_payload *pld; |
2027 |
|
|
struct ikev2_keyexchange *ke; |
2028 |
|
|
struct ikev2_notify *n; |
2029 |
|
|
struct iked_sa *sa = msg->msg_sa; |
2030 |
|
|
struct ibuf *buf; |
2031 |
|
|
struct group *group; |
2032 |
|
|
uint8_t *ptr; |
2033 |
|
|
ssize_t len; |
2034 |
|
|
int ret = -1; |
2035 |
|
|
|
2036 |
|
|
if (sa->sa_hdr.sh_initiator) { |
2037 |
|
|
log_debug("%s: called by initiator", __func__); |
2038 |
|
|
return (-1); |
2039 |
|
|
} |
2040 |
|
|
|
2041 |
|
|
if ((buf = ikev2_msg_init(env, &resp, |
2042 |
|
|
&msg->msg_peer, msg->msg_peerlen, |
2043 |
|
|
&msg->msg_local, msg->msg_locallen, 1)) == NULL) |
2044 |
|
|
goto done; |
2045 |
|
|
|
2046 |
|
|
resp.msg_sa = sa; |
2047 |
|
|
resp.msg_fd = msg->msg_fd; |
2048 |
|
|
resp.msg_natt = msg->msg_natt; |
2049 |
|
|
resp.msg_msgid = 0; |
2050 |
|
|
|
2051 |
|
|
/* IKE header */ |
2052 |
|
|
if ((hdr = ikev2_add_header(buf, sa, resp.msg_msgid, |
2053 |
|
|
IKEV2_PAYLOAD_SA, IKEV2_EXCHANGE_IKE_SA_INIT, |
2054 |
|
|
IKEV2_FLAG_RESPONSE)) == NULL) |
2055 |
|
|
goto done; |
2056 |
|
|
|
2057 |
|
|
/* SA payload */ |
2058 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
2059 |
|
|
goto done; |
2060 |
|
|
if ((len = ikev2_add_proposals(env, sa, buf, &sa->sa_proposals, |
2061 |
|
|
IKEV2_SAPROTO_IKE, sa->sa_hdr.sh_initiator, 0)) == -1) |
2062 |
|
|
goto done; |
2063 |
|
|
|
2064 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_KE) == -1) |
2065 |
|
|
goto done; |
2066 |
|
|
|
2067 |
|
|
/* KE payload */ |
2068 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
2069 |
|
|
goto done; |
2070 |
|
|
if ((ke = ibuf_advance(buf, sizeof(*ke))) == NULL) |
2071 |
|
|
goto done; |
2072 |
|
|
if ((group = sa->sa_dhgroup) == NULL) { |
2073 |
|
|
log_debug("%s: invalid dh", __func__); |
2074 |
|
|
goto done; |
2075 |
|
|
} |
2076 |
|
|
ke->kex_dhgroup = htobe16(group->id); |
2077 |
|
|
if (ikev2_add_buf(buf, sa->sa_dhrexchange) == -1) |
2078 |
|
|
goto done; |
2079 |
|
|
len = sizeof(*ke) + dh_getlen(group); |
2080 |
|
|
|
2081 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONCE) == -1) |
2082 |
|
|
goto done; |
2083 |
|
|
|
2084 |
|
|
/* NONCE payload */ |
2085 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
2086 |
|
|
goto done; |
2087 |
|
|
if (ikev2_add_buf(buf, sa->sa_rnonce) == -1) |
2088 |
|
|
goto done; |
2089 |
|
|
len = ibuf_size(sa->sa_rnonce); |
2090 |
|
|
|
2091 |
|
|
if ((env->sc_opts & IKED_OPT_NONATT) == 0 && |
2092 |
|
|
msg->msg_local.ss_family != AF_UNSPEC) { |
2093 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
2094 |
|
|
goto done; |
2095 |
|
|
|
2096 |
|
|
/* NAT-T notify payloads */ |
2097 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
2098 |
|
|
goto done; |
2099 |
|
|
if ((n = ibuf_advance(buf, sizeof(*n))) == NULL) |
2100 |
|
|
goto done; |
2101 |
|
|
n->n_type = htobe16(IKEV2_N_NAT_DETECTION_SOURCE_IP); |
2102 |
|
|
len = ikev2_nat_detection(env, &resp, NULL, 0, 0); |
2103 |
|
|
if ((ptr = ibuf_advance(buf, len)) == NULL) |
2104 |
|
|
goto done; |
2105 |
|
|
if ((len = ikev2_nat_detection(env, &resp, ptr, len, |
2106 |
|
|
betoh16(n->n_type))) == -1) |
2107 |
|
|
goto done; |
2108 |
|
|
len += sizeof(*n); |
2109 |
|
|
|
2110 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
2111 |
|
|
goto done; |
2112 |
|
|
|
2113 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
2114 |
|
|
goto done; |
2115 |
|
|
if ((n = ibuf_advance(buf, sizeof(*n))) == NULL) |
2116 |
|
|
goto done; |
2117 |
|
|
n->n_type = htobe16(IKEV2_N_NAT_DETECTION_DESTINATION_IP); |
2118 |
|
|
len = ikev2_nat_detection(env, &resp, NULL, 0, 0); |
2119 |
|
|
if ((ptr = ibuf_advance(buf, len)) == NULL) |
2120 |
|
|
goto done; |
2121 |
|
|
if ((len = ikev2_nat_detection(env, &resp, ptr, len, |
2122 |
|
|
betoh16(n->n_type))) == -1) |
2123 |
|
|
goto done; |
2124 |
|
|
len += sizeof(*n); |
2125 |
|
|
} |
2126 |
|
|
|
2127 |
|
|
if (sa->sa_statevalid & IKED_REQ_CERT) { |
2128 |
|
|
/* CERTREQ payload(s) */ |
2129 |
|
|
if ((len = ikev2_add_certreq(buf, &pld, |
2130 |
|
|
len, env->sc_certreq, env->sc_certreqtype)) == -1) |
2131 |
|
|
goto done; |
2132 |
|
|
|
2133 |
|
|
if (env->sc_certreqtype != sa->sa_policy->pol_certreqtype && |
2134 |
|
|
(len = ikev2_add_certreq(buf, &pld, |
2135 |
|
|
len, NULL, sa->sa_policy->pol_certreqtype)) == -1) |
2136 |
|
|
goto done; |
2137 |
|
|
} |
2138 |
|
|
|
2139 |
|
|
if (sa->sa_sigsha2 && |
2140 |
|
|
(len = ikev2_add_sighashnotify(buf, &pld, len)) == -1) |
2141 |
|
|
goto done; |
2142 |
|
|
|
2143 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
2144 |
|
|
goto done; |
2145 |
|
|
|
2146 |
|
|
if (ikev2_set_header(hdr, ibuf_size(buf) - sizeof(*hdr)) == -1) |
2147 |
|
|
goto done; |
2148 |
|
|
|
2149 |
|
|
(void)ikev2_pld_parse(env, hdr, &resp, 0); |
2150 |
|
|
|
2151 |
|
|
ibuf_release(sa->sa_2ndmsg); |
2152 |
|
|
if ((sa->sa_2ndmsg = ibuf_dup(buf)) == NULL) { |
2153 |
|
|
log_debug("%s: failed to copy 2nd message", __func__); |
2154 |
|
|
goto done; |
2155 |
|
|
} |
2156 |
|
|
|
2157 |
|
|
resp.msg_sa = NULL; /* Don't save the response */ |
2158 |
|
|
ret = ikev2_msg_send(env, &resp); |
2159 |
|
|
|
2160 |
|
|
done: |
2161 |
|
|
ikev2_msg_cleanup(env, &resp); |
2162 |
|
|
|
2163 |
|
|
return (ret); |
2164 |
|
|
} |
2165 |
|
|
|
2166 |
|
|
int |
2167 |
|
|
ikev2_resp_ike_auth(struct iked *env, struct iked_sa *sa) |
2168 |
|
|
{ |
2169 |
|
|
struct ikev2_payload *pld; |
2170 |
|
|
struct ikev2_notify *n; |
2171 |
|
|
struct ikev2_cert *cert; |
2172 |
|
|
struct ikev2_auth *auth; |
2173 |
|
|
struct iked_id *id, *certid; |
2174 |
|
|
struct ibuf *e = NULL; |
2175 |
|
|
uint8_t firstpayload; |
2176 |
|
|
int ret = -1; |
2177 |
|
|
ssize_t len; |
2178 |
|
|
|
2179 |
|
|
if (sa == NULL) |
2180 |
|
|
return (-1); |
2181 |
|
|
|
2182 |
|
|
if (sa->sa_state == IKEV2_STATE_EAP) |
2183 |
|
|
return (ikev2_resp_ike_eap(env, sa, NULL)); |
2184 |
|
|
else if (!sa_stateok(sa, IKEV2_STATE_VALID)) |
2185 |
|
|
return (0); /* ignore */ |
2186 |
|
|
|
2187 |
|
|
if (ikev2_cp_setaddr(env, sa, AF_INET) < 0 || |
2188 |
|
|
ikev2_cp_setaddr(env, sa, AF_INET6) < 0) |
2189 |
|
|
return (-1); |
2190 |
|
|
|
2191 |
|
|
if (ikev2_childsa_negotiate(env, sa, &sa->sa_kex, &sa->sa_proposals, |
2192 |
|
|
sa->sa_hdr.sh_initiator, 0) < 0) |
2193 |
|
|
return (-1); |
2194 |
|
|
|
2195 |
|
|
/* New encrypted message buffer */ |
2196 |
|
|
if ((e = ibuf_static()) == NULL) |
2197 |
|
|
goto done; |
2198 |
|
|
|
2199 |
|
|
if (!sa->sa_localauth.id_type) { |
2200 |
|
|
/* Downgrade the state */ |
2201 |
|
|
sa_state(env, sa, IKEV2_STATE_AUTH_SUCCESS); |
2202 |
|
|
} |
2203 |
|
|
|
2204 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_VALID)) { |
2205 |
|
|
/* Notify payload */ |
2206 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2207 |
|
|
goto done; |
2208 |
|
|
firstpayload = IKEV2_PAYLOAD_NOTIFY; |
2209 |
|
|
|
2210 |
|
|
if ((n = ibuf_advance(e, sizeof(*n))) == NULL) |
2211 |
|
|
goto done; |
2212 |
|
|
n->n_protoid = IKEV2_SAPROTO_IKE; /* XXX ESP etc. */ |
2213 |
|
|
n->n_spisize = 0; |
2214 |
|
|
n->n_type = htobe16(IKEV2_N_AUTHENTICATION_FAILED); |
2215 |
|
|
len = sizeof(*n); |
2216 |
|
|
|
2217 |
|
|
goto send; |
2218 |
|
|
} |
2219 |
|
|
|
2220 |
|
|
if (sa->sa_hdr.sh_initiator) { |
2221 |
|
|
id = &sa->sa_iid; |
2222 |
|
|
certid = &sa->sa_icert; |
2223 |
|
|
} else { |
2224 |
|
|
id = &sa->sa_rid; |
2225 |
|
|
certid = &sa->sa_rcert; |
2226 |
|
|
} |
2227 |
|
|
|
2228 |
|
|
if (sa->sa_state != IKEV2_STATE_EAP_VALID) { |
2229 |
|
|
/* ID payload */ |
2230 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2231 |
|
|
goto done; |
2232 |
|
|
firstpayload = IKEV2_PAYLOAD_IDr; |
2233 |
|
|
if (ibuf_cat(e, id->id_buf) != 0) |
2234 |
|
|
goto done; |
2235 |
|
|
len = ibuf_size(id->id_buf); |
2236 |
|
|
|
2237 |
|
|
/* CERT payload */ |
2238 |
|
|
if ((sa->sa_statevalid & IKED_REQ_CERT) && |
2239 |
|
|
(certid->id_type != IKEV2_CERT_NONE)) { |
2240 |
|
|
if (ikev2_next_payload(pld, len, |
2241 |
|
|
IKEV2_PAYLOAD_CERT) == -1) |
2242 |
|
|
goto done; |
2243 |
|
|
|
2244 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2245 |
|
|
goto done; |
2246 |
|
|
if ((cert = ibuf_advance(e, sizeof(*cert))) == NULL) |
2247 |
|
|
goto done; |
2248 |
|
|
cert->cert_type = certid->id_type; |
2249 |
|
|
if (ibuf_cat(e, certid->id_buf) != 0) |
2250 |
|
|
goto done; |
2251 |
|
|
len = ibuf_size(certid->id_buf) + sizeof(*cert); |
2252 |
|
|
} |
2253 |
|
|
|
2254 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_AUTH) == -1) |
2255 |
|
|
goto done; |
2256 |
|
|
} else |
2257 |
|
|
firstpayload = IKEV2_PAYLOAD_AUTH; |
2258 |
|
|
|
2259 |
|
|
/* AUTH payload */ |
2260 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2261 |
|
|
goto done; |
2262 |
|
|
if ((auth = ibuf_advance(e, sizeof(*auth))) == NULL) |
2263 |
|
|
goto done; |
2264 |
|
|
auth->auth_method = sa->sa_localauth.id_type; |
2265 |
|
|
if (ibuf_cat(e, sa->sa_localauth.id_buf) != 0) |
2266 |
|
|
goto done; |
2267 |
|
|
len = ibuf_size(sa->sa_localauth.id_buf) + sizeof(*auth); |
2268 |
|
|
|
2269 |
|
|
/* CP payload */ |
2270 |
|
|
if (sa->sa_cp) { |
2271 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_CP) == -1) |
2272 |
|
|
goto done; |
2273 |
|
|
|
2274 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2275 |
|
|
goto done; |
2276 |
|
|
if ((len = ikev2_add_cp(env, sa, e)) == -1) |
2277 |
|
|
goto done; |
2278 |
|
|
} |
2279 |
|
|
|
2280 |
|
|
/* compression */ |
2281 |
|
|
if (sa->sa_ipcomp && |
2282 |
|
|
(len = ikev2_add_ipcompnotify(env, e, &pld, len, sa)) == -1) |
2283 |
|
|
goto done; |
2284 |
|
|
|
2285 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1) |
2286 |
|
|
goto done; |
2287 |
|
|
|
2288 |
|
|
/* SA payload */ |
2289 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2290 |
|
|
goto done; |
2291 |
|
|
if ((len = ikev2_add_proposals(env, sa, e, &sa->sa_proposals, 0, |
2292 |
|
|
sa->sa_hdr.sh_initiator, 0)) == -1) |
2293 |
|
|
goto done; |
2294 |
|
|
|
2295 |
|
|
if ((len = ikev2_add_ts(e, &pld, len, sa, 0)) == -1) |
2296 |
|
|
goto done; |
2297 |
|
|
|
2298 |
|
|
send: |
2299 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
2300 |
|
|
goto done; |
2301 |
|
|
|
2302 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, |
2303 |
|
|
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 1); |
2304 |
|
|
if (ret == 0) |
2305 |
|
|
ret = ikev2_childsa_enable(env, sa); |
2306 |
|
|
if (ret == 0) { |
2307 |
|
|
sa_state(env, sa, IKEV2_STATE_ESTABLISHED); |
2308 |
|
|
timer_set(env, &sa->sa_timer, ikev2_ike_sa_alive, sa); |
2309 |
|
|
timer_add(env, &sa->sa_timer, IKED_IKE_SA_ALIVE_TIMEOUT); |
2310 |
|
|
timer_set(env, &sa->sa_rekey, ikev2_ike_sa_rekey, sa); |
2311 |
|
|
if (sa->sa_policy->pol_rekey) |
2312 |
|
|
timer_add(env, &sa->sa_rekey, sa->sa_policy->pol_rekey); |
2313 |
|
|
} |
2314 |
|
|
|
2315 |
|
|
done: |
2316 |
|
|
if (ret) |
2317 |
|
|
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1); |
2318 |
|
|
ibuf_release(e); |
2319 |
|
|
return (ret); |
2320 |
|
|
} |
2321 |
|
|
|
2322 |
|
|
int |
2323 |
|
|
ikev2_resp_ike_eap(struct iked *env, struct iked_sa *sa, struct ibuf *eapmsg) |
2324 |
|
|
{ |
2325 |
|
|
struct ikev2_payload *pld; |
2326 |
|
|
struct ikev2_cert *cert; |
2327 |
|
|
struct ikev2_auth *auth; |
2328 |
|
|
struct iked_id *id, *certid; |
2329 |
|
|
struct ibuf *e = NULL; |
2330 |
|
|
uint8_t firstpayload; |
2331 |
|
|
int ret = -1; |
2332 |
|
|
ssize_t len = 0; |
2333 |
|
|
|
2334 |
|
|
/* Responder only */ |
2335 |
|
|
if (sa->sa_hdr.sh_initiator) |
2336 |
|
|
return (-1); |
2337 |
|
|
|
2338 |
|
|
/* Check if "ca" has done it's job yet */ |
2339 |
|
|
if (!sa->sa_localauth.id_type) |
2340 |
|
|
return (0); |
2341 |
|
|
|
2342 |
|
|
/* New encrypted message buffer */ |
2343 |
|
|
if ((e = ibuf_static()) == NULL) |
2344 |
|
|
goto done; |
2345 |
|
|
|
2346 |
|
|
id = &sa->sa_rid; |
2347 |
|
|
certid = &sa->sa_rcert; |
2348 |
|
|
|
2349 |
|
|
/* ID payload */ |
2350 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2351 |
|
|
goto done; |
2352 |
|
|
firstpayload = IKEV2_PAYLOAD_IDr; |
2353 |
|
|
if (ibuf_cat(e, id->id_buf) != 0) |
2354 |
|
|
goto done; |
2355 |
|
|
len = ibuf_size(id->id_buf); |
2356 |
|
|
|
2357 |
|
|
if ((sa->sa_statevalid & IKED_REQ_CERT) && |
2358 |
|
|
(certid->id_type != IKEV2_CERT_NONE)) { |
2359 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_CERT) == -1) |
2360 |
|
|
goto done; |
2361 |
|
|
|
2362 |
|
|
/* CERT payload */ |
2363 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2364 |
|
|
goto done; |
2365 |
|
|
if ((cert = ibuf_advance(e, sizeof(*cert))) == NULL) |
2366 |
|
|
goto done; |
2367 |
|
|
cert->cert_type = certid->id_type; |
2368 |
|
|
if (ibuf_cat(e, certid->id_buf) != 0) |
2369 |
|
|
goto done; |
2370 |
|
|
len = ibuf_size(certid->id_buf) + sizeof(*cert); |
2371 |
|
|
} |
2372 |
|
|
|
2373 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_AUTH) == -1) |
2374 |
|
|
goto done; |
2375 |
|
|
|
2376 |
|
|
/* AUTH payload */ |
2377 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2378 |
|
|
goto done; |
2379 |
|
|
if ((auth = ibuf_advance(e, sizeof(*auth))) == NULL) |
2380 |
|
|
goto done; |
2381 |
|
|
auth->auth_method = sa->sa_localauth.id_type; |
2382 |
|
|
if (ibuf_cat(e, sa->sa_localauth.id_buf) != 0) |
2383 |
|
|
goto done; |
2384 |
|
|
len = ibuf_size(sa->sa_localauth.id_buf) + sizeof(*auth); |
2385 |
|
|
|
2386 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_EAP) == -1) |
2387 |
|
|
goto done; |
2388 |
|
|
|
2389 |
|
|
/* EAP payload */ |
2390 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2391 |
|
|
goto done; |
2392 |
|
|
if ((len = eap_identity_request(e)) == -1) |
2393 |
|
|
goto done; |
2394 |
|
|
|
2395 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
2396 |
|
|
goto done; |
2397 |
|
|
|
2398 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, |
2399 |
|
|
IKEV2_EXCHANGE_IKE_AUTH, firstpayload, 1); |
2400 |
|
|
|
2401 |
|
|
done: |
2402 |
|
|
ibuf_release(e); |
2403 |
|
|
|
2404 |
|
|
return (ret); |
2405 |
|
|
} |
2406 |
|
|
|
2407 |
|
|
int |
2408 |
|
|
ikev2_send_ike_e(struct iked *env, struct iked_sa *sa, struct ibuf *buf, |
2409 |
|
|
uint8_t firstpayload, uint8_t exchange, int response) |
2410 |
|
|
{ |
2411 |
|
|
struct ikev2_payload *pld; |
2412 |
|
|
struct ibuf *e = NULL; |
2413 |
|
|
int ret = -1; |
2414 |
|
|
|
2415 |
|
|
/* New encrypted message buffer */ |
2416 |
|
|
if ((e = ibuf_static()) == NULL) |
2417 |
|
|
goto done; |
2418 |
|
|
|
2419 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2420 |
|
|
goto done; |
2421 |
|
|
|
2422 |
|
|
if (buf) { |
2423 |
|
|
if (ibuf_cat(e, buf) != 0) |
2424 |
|
|
goto done; |
2425 |
|
|
|
2426 |
|
|
if (ikev2_next_payload(pld, ibuf_size(buf), |
2427 |
|
|
IKEV2_PAYLOAD_NONE) == -1) |
2428 |
|
|
goto done; |
2429 |
|
|
} |
2430 |
|
|
|
2431 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, exchange, firstpayload, |
2432 |
|
|
response); |
2433 |
|
|
|
2434 |
|
|
done: |
2435 |
|
|
ibuf_release(e); |
2436 |
|
|
|
2437 |
|
|
return (ret); |
2438 |
|
|
} |
2439 |
|
|
|
2440 |
|
|
int |
2441 |
|
|
ikev2_set_sa_proposal(struct iked_sa *sa, struct iked_policy *pol, |
2442 |
|
|
unsigned int proto) |
2443 |
|
|
{ |
2444 |
|
|
struct iked_proposal *prop, *copy; |
2445 |
|
|
struct iked_transform *xform; |
2446 |
|
|
unsigned int i; |
2447 |
|
|
|
2448 |
|
|
/* create copy of the policy proposals */ |
2449 |
|
|
config_free_proposals(&sa->sa_proposals, proto); |
2450 |
|
|
TAILQ_FOREACH(prop, &pol->pol_proposals, prop_entry) { |
2451 |
|
|
if (proto != 0 && prop->prop_protoid != proto) |
2452 |
|
|
continue; |
2453 |
|
|
if ((copy = config_add_proposal(&sa->sa_proposals, |
2454 |
|
|
prop->prop_id, prop->prop_protoid)) == NULL) |
2455 |
|
|
return (-1); |
2456 |
|
|
for (i = 0; i < prop->prop_nxforms; i++) { |
2457 |
|
|
xform = &prop->prop_xforms[i]; |
2458 |
|
|
if (config_add_transform(copy, xform->xform_type, |
2459 |
|
|
xform->xform_id, xform->xform_length, |
2460 |
|
|
xform->xform_keylength) == NULL) |
2461 |
|
|
return (-1); |
2462 |
|
|
} |
2463 |
|
|
} |
2464 |
|
|
return (0); |
2465 |
|
|
} |
2466 |
|
|
|
2467 |
|
|
int |
2468 |
|
|
ikev2_send_create_child_sa(struct iked *env, struct iked_sa *sa, |
2469 |
|
|
struct iked_spi *rekey, uint8_t protoid) |
2470 |
|
|
{ |
2471 |
|
|
struct iked_policy *pol = sa->sa_policy; |
2472 |
|
|
struct iked_childsa *csa = NULL, *csb = NULL; |
2473 |
|
|
struct ikev2_notify *n; |
2474 |
|
|
struct ikev2_payload *pld = NULL; |
2475 |
|
|
struct ikev2_keyexchange *ke; |
2476 |
|
|
struct group *group; |
2477 |
|
|
struct ibuf *e = NULL, *nonce = NULL; |
2478 |
|
|
uint8_t *ptr; |
2479 |
|
|
uint8_t firstpayload; |
2480 |
|
|
uint32_t spi; |
2481 |
|
|
ssize_t len = 0; |
2482 |
|
|
int initiator, ret = -1; |
2483 |
|
|
|
2484 |
|
|
if (rekey) |
2485 |
|
|
log_debug("%s: rekeying %s spi %s", __func__, |
2486 |
|
|
print_map(rekey->spi_protoid, ikev2_saproto_map), |
2487 |
|
|
print_spi(rekey->spi, rekey->spi_size)); |
2488 |
|
|
else |
2489 |
|
|
log_debug("%s: creating new CHILD SAs", __func__); |
2490 |
|
|
|
2491 |
|
|
/* XXX cannot initiate multiple concurrent CREATE_CHILD_SA exchanges */ |
2492 |
|
|
if (sa->sa_stateflags & IKED_REQ_CHILDSA) { |
2493 |
|
|
log_debug("%s: another CREATE_CHILD_SA exchange already active", |
2494 |
|
|
__func__); |
2495 |
|
|
return (-1); |
2496 |
|
|
} |
2497 |
|
|
|
2498 |
|
|
sa->sa_rekeyspi = 0; /* clear rekey spi */ |
2499 |
|
|
initiator = sa->sa_hdr.sh_initiator ? 1 : 0; |
2500 |
|
|
|
2501 |
|
|
if (rekey && |
2502 |
|
|
((csa = childsa_lookup(sa, rekey->spi, |
2503 |
|
|
rekey->spi_protoid)) == NULL || |
2504 |
|
|
(csb = csa->csa_peersa) == NULL)) { |
2505 |
|
|
log_debug("%s: CHILD SA %s wasn't found", __func__, |
2506 |
|
|
print_spi(rekey->spi, rekey->spi_size)); |
2507 |
|
|
goto done; |
2508 |
|
|
} |
2509 |
|
|
|
2510 |
|
|
/* Generate new nonce */ |
2511 |
|
|
if ((nonce = ibuf_random(IKED_NONCE_SIZE)) == NULL) |
2512 |
|
|
goto done; |
2513 |
|
|
|
2514 |
|
|
/* Update initiator nonce */ |
2515 |
|
|
ibuf_release(sa->sa_inonce); |
2516 |
|
|
sa->sa_inonce = nonce; |
2517 |
|
|
|
2518 |
|
|
if ((e = ibuf_static()) == NULL) |
2519 |
|
|
goto done; |
2520 |
|
|
|
2521 |
|
|
/* compression */ |
2522 |
|
|
if ((pol->pol_flags & IKED_POLICY_IPCOMP) && |
2523 |
|
|
(len = ikev2_add_ipcompnotify(env, e, &pld, 0, sa)) == -1) |
2524 |
|
|
goto done; |
2525 |
|
|
|
2526 |
|
|
if (pld) { |
2527 |
|
|
firstpayload = IKEV2_PAYLOAD_NOTIFY; |
2528 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1) |
2529 |
|
|
goto done; |
2530 |
|
|
} else |
2531 |
|
|
firstpayload = IKEV2_PAYLOAD_SA; |
2532 |
|
|
|
2533 |
|
|
/* SA payload */ |
2534 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2535 |
|
|
goto done; |
2536 |
|
|
|
2537 |
|
|
/* |
2538 |
|
|
* We need to reset the sa_proposal. Otherwise it would be |
2539 |
|
|
* left over from the IKE_AUTH exchange and would not contain |
2540 |
|
|
* any DH groups (e.g. for ESP child SAs). |
2541 |
|
|
*/ |
2542 |
|
|
if (ikev2_set_sa_proposal(sa, pol, protoid) < 0) { |
2543 |
|
|
log_debug("%s: ikev2_set_sa_proposal failed", __func__); |
2544 |
|
|
goto done; |
2545 |
|
|
} |
2546 |
|
|
|
2547 |
|
|
if ((len = ikev2_add_proposals(env, sa, e, &sa->sa_proposals, |
2548 |
|
|
protoid, 1, 0)) == -1) |
2549 |
|
|
goto done; |
2550 |
|
|
|
2551 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONCE) == -1) |
2552 |
|
|
goto done; |
2553 |
|
|
|
2554 |
|
|
/* NONCE payload */ |
2555 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2556 |
|
|
goto done; |
2557 |
|
|
if (ikev2_add_buf(e, nonce) == -1) |
2558 |
|
|
goto done; |
2559 |
|
|
len = ibuf_size(nonce); |
2560 |
|
|
|
2561 |
|
|
if (config_findtransform(&pol->pol_proposals, IKEV2_XFORMTYPE_DH, |
2562 |
|
|
protoid)) { |
2563 |
|
|
log_debug("%s: enable PFS", __func__); |
2564 |
|
|
ikev2_sa_cleanup_dh(sa); |
2565 |
|
|
if (ikev2_sa_initiator_dh(sa, NULL, protoid) < 0) { |
2566 |
|
|
log_debug("%s: failed to setup DH", __func__); |
2567 |
|
|
goto done; |
2568 |
|
|
} |
2569 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_KE) == -1) |
2570 |
|
|
goto done; |
2571 |
|
|
|
2572 |
|
|
/* KE payload */ |
2573 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2574 |
|
|
goto done; |
2575 |
|
|
if ((ke = ibuf_advance(e, sizeof(*ke))) == NULL) |
2576 |
|
|
goto done; |
2577 |
|
|
if ((group = sa->sa_dhgroup) == NULL) { |
2578 |
|
|
log_debug("%s: invalid dh", __func__); |
2579 |
|
|
goto done; |
2580 |
|
|
} |
2581 |
|
|
ke->kex_dhgroup = htobe16(group->id); |
2582 |
|
|
if (ikev2_add_buf(e, sa->sa_dhiexchange) == -1) |
2583 |
|
|
goto done; |
2584 |
|
|
len = sizeof(*ke) + dh_getlen(group); |
2585 |
|
|
} |
2586 |
|
|
|
2587 |
|
|
if ((len = ikev2_add_ts(e, &pld, len, sa, !initiator)) == -1) |
2588 |
|
|
goto done; |
2589 |
|
|
|
2590 |
|
|
if (rekey) { |
2591 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NOTIFY) == -1) |
2592 |
|
|
goto done; |
2593 |
|
|
|
2594 |
|
|
/* REKEY_SA notification */ |
2595 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2596 |
|
|
goto done; |
2597 |
|
|
if ((n = ibuf_advance(e, sizeof(*n))) == NULL) |
2598 |
|
|
goto done; |
2599 |
|
|
n->n_type = htobe16(IKEV2_N_REKEY_SA); |
2600 |
|
|
n->n_protoid = rekey->spi_protoid; |
2601 |
|
|
n->n_spisize = rekey->spi_size; |
2602 |
|
|
if ((ptr = ibuf_advance(e, rekey->spi_size)) == NULL) |
2603 |
|
|
goto done; |
2604 |
|
|
len = rekey->spi_size; |
2605 |
|
|
spi = htobe32((uint32_t)csa->csa_peerspi); |
2606 |
|
|
memcpy(ptr, &spi, rekey->spi_size); |
2607 |
|
|
len += sizeof(*n); |
2608 |
|
|
} |
2609 |
|
|
|
2610 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
2611 |
|
|
goto done; |
2612 |
|
|
|
2613 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, |
2614 |
|
|
IKEV2_EXCHANGE_CREATE_CHILD_SA, firstpayload, 0); |
2615 |
|
|
if (ret == 0) { |
2616 |
|
|
if (rekey) { |
2617 |
|
|
csa->csa_rekey = 1; |
2618 |
|
|
csb->csa_rekey = 1; |
2619 |
|
|
/* |
2620 |
|
|
* Remember the peer spi of the rekeyed |
2621 |
|
|
* SA for ikev2_init_create_child_sa(). |
2622 |
|
|
*/ |
2623 |
|
|
sa->sa_rekeyspi = csa->csa_peerspi; |
2624 |
|
|
} |
2625 |
|
|
sa->sa_stateflags |= IKED_REQ_CHILDSA; |
2626 |
|
|
} |
2627 |
|
|
|
2628 |
|
|
done: |
2629 |
|
|
ibuf_release(e); |
2630 |
|
|
return (ret); |
2631 |
|
|
} |
2632 |
|
|
|
2633 |
|
|
void |
2634 |
|
|
ikev2_ike_sa_rekey(struct iked *env, void *arg) |
2635 |
|
|
{ |
2636 |
|
|
struct iked_sa *sa = arg; |
2637 |
|
|
struct iked_sa *nsa = NULL; |
2638 |
|
|
struct ikev2_payload *pld = NULL; |
2639 |
|
|
struct ikev2_keyexchange *ke; |
2640 |
|
|
struct group *group; |
2641 |
|
|
struct ibuf *e = NULL, *nonce = NULL; |
2642 |
|
|
ssize_t len = 0; |
2643 |
|
|
int ret = -1; |
2644 |
|
|
|
2645 |
|
|
log_debug("%s: called for IKE SA %p", __func__, sa); |
2646 |
|
|
|
2647 |
|
|
if (sa->sa_stateflags & IKED_REQ_CHILDSA) { |
2648 |
|
|
/* |
2649 |
|
|
* We cannot initiate multiple concurrent CREATE_CHILD_SA |
2650 |
|
|
* exchanges, so retry in one minute. |
2651 |
|
|
*/ |
2652 |
|
|
timer_add(env, &sa->sa_rekey, 60); |
2653 |
|
|
return; |
2654 |
|
|
} |
2655 |
|
|
|
2656 |
|
|
if ((nsa = sa_new(env, 0, 0, 1, sa->sa_policy)) == NULL) { |
2657 |
|
|
log_debug("%s: failed to get new SA", __func__); |
2658 |
|
|
goto done; |
2659 |
|
|
} |
2660 |
|
|
|
2661 |
|
|
if (ikev2_sa_initiator(env, nsa, sa, NULL)) { |
2662 |
|
|
log_debug("%s: failed to setup DH", __func__); |
2663 |
|
|
goto done; |
2664 |
|
|
} |
2665 |
|
|
sa_state(env, nsa, IKEV2_STATE_AUTH_SUCCESS); |
2666 |
|
|
nonce = nsa->sa_inonce; |
2667 |
|
|
|
2668 |
|
|
if ((e = ibuf_static()) == NULL) |
2669 |
|
|
goto done; |
2670 |
|
|
|
2671 |
|
|
/* SA payload */ |
2672 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2673 |
|
|
goto done; |
2674 |
|
|
|
2675 |
|
|
/* just reuse the old IKE SA proposals */ |
2676 |
|
|
if ((len = ikev2_add_proposals(env, nsa, e, &sa->sa_proposals, |
2677 |
|
|
IKEV2_SAPROTO_IKE, 1, 1)) == -1) |
2678 |
|
|
goto done; |
2679 |
|
|
|
2680 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONCE) == -1) |
2681 |
|
|
goto done; |
2682 |
|
|
|
2683 |
|
|
/* NONCE payload */ |
2684 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2685 |
|
|
goto done; |
2686 |
|
|
if (ikev2_add_buf(e, nonce) == -1) |
2687 |
|
|
goto done; |
2688 |
|
|
len = ibuf_size(nonce); |
2689 |
|
|
|
2690 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_KE) == -1) |
2691 |
|
|
goto done; |
2692 |
|
|
|
2693 |
|
|
/* KE payload */ |
2694 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
2695 |
|
|
goto done; |
2696 |
|
|
if ((ke = ibuf_advance(e, sizeof(*ke))) == NULL) |
2697 |
|
|
goto done; |
2698 |
|
|
if ((group = nsa->sa_dhgroup) == NULL) { |
2699 |
|
|
log_debug("%s: invalid dh", __func__); |
2700 |
|
|
goto done; |
2701 |
|
|
} |
2702 |
|
|
ke->kex_dhgroup = htobe16(group->id); |
2703 |
|
|
if (ikev2_add_buf(e, nsa->sa_dhiexchange) == -1) |
2704 |
|
|
goto done; |
2705 |
|
|
len = sizeof(*ke) + dh_getlen(group); |
2706 |
|
|
|
2707 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
2708 |
|
|
goto done; |
2709 |
|
|
|
2710 |
|
|
ret = ikev2_msg_send_encrypt(env, sa, &e, |
2711 |
|
|
IKEV2_EXCHANGE_CREATE_CHILD_SA, IKEV2_PAYLOAD_SA, 0); |
2712 |
|
|
if (ret == 0) { |
2713 |
|
|
sa->sa_stateflags |= IKED_REQ_CHILDSA; |
2714 |
|
|
sa->sa_next = nsa; |
2715 |
|
|
nsa = NULL; |
2716 |
|
|
} |
2717 |
|
|
done: |
2718 |
|
|
if (nsa) |
2719 |
|
|
sa_free(env, nsa); |
2720 |
|
|
ibuf_release(e); |
2721 |
|
|
|
2722 |
|
|
if (ret == 0) |
2723 |
|
|
log_debug("%s: create child SA sent", __func__); |
2724 |
|
|
else |
2725 |
|
|
log_debug("%s: could not send create child SA", __func__); |
2726 |
|
|
/* XXX should we try again in case of ret != 0 ? */ |
2727 |
|
|
} |
2728 |
|
|
|
2729 |
|
|
int |
2730 |
|
|
ikev2_init_create_child_sa(struct iked *env, struct iked_message *msg) |
2731 |
|
|
{ |
2732 |
|
|
struct iked_childsa *csa = NULL; |
2733 |
|
|
struct iked_proposal *prop; |
2734 |
|
|
struct iked_sa *sa = msg->msg_sa; |
2735 |
|
|
struct iked_sa *nsa; |
2736 |
|
|
struct iked_spi *spi; |
2737 |
|
|
struct ikev2_delete *del; |
2738 |
|
|
struct ibuf *buf = NULL; |
2739 |
|
|
uint32_t spi32; |
2740 |
|
|
int pfs = 0, ret = -1; |
2741 |
|
|
|
2742 |
|
|
if (!ikev2_msg_frompeer(msg) || |
2743 |
|
|
(sa->sa_stateflags & IKED_REQ_CHILDSA) == 0) |
2744 |
|
|
return (0); |
2745 |
|
|
|
2746 |
|
|
if (msg->msg_prop == NULL || |
2747 |
|
|
TAILQ_EMPTY(&msg->msg_proposals)) { |
2748 |
|
|
log_debug("%s: no proposal specified", __func__); |
2749 |
|
|
return (-1); |
2750 |
|
|
} |
2751 |
|
|
|
2752 |
|
|
if (ikev2_sa_negotiate(&sa->sa_proposals, &sa->sa_proposals, |
2753 |
|
|
&msg->msg_proposals) != 0) { |
2754 |
|
|
log_debug("%s: no proposal chosen", __func__); |
2755 |
|
|
return (-1); |
2756 |
|
|
} |
2757 |
|
|
|
2758 |
|
|
TAILQ_FOREACH(prop, &sa->sa_proposals, prop_entry) { |
2759 |
|
|
if (prop->prop_protoid == msg->msg_prop->prop_protoid) |
2760 |
|
|
break; |
2761 |
|
|
} |
2762 |
|
|
if (prop == NULL) { |
2763 |
|
|
log_debug("%s: failed to find %s proposals", __func__, |
2764 |
|
|
print_map(msg->msg_prop->prop_protoid, ikev2_saproto_map)); |
2765 |
|
|
return (-1); |
2766 |
|
|
} |
2767 |
|
|
|
2768 |
|
|
/* IKE SA rekeying */ |
2769 |
|
|
if (prop->prop_protoid == IKEV2_SAPROTO_IKE) { |
2770 |
|
|
if (sa->sa_next == NULL) { |
2771 |
|
|
log_debug("%s: missing IKE SA for rekeying", __func__); |
2772 |
|
|
return (-1); |
2773 |
|
|
} |
2774 |
|
|
/* Update the responder SPI */ |
2775 |
|
|
spi = &msg->msg_prop->prop_peerspi; |
2776 |
|
|
if ((nsa = sa_new(env, sa->sa_next->sa_hdr.sh_ispi, |
2777 |
|
|
spi->spi, 1, NULL)) == NULL || nsa != sa->sa_next) { |
2778 |
|
|
log_debug("%s: invalid rekey SA", __func__); |
2779 |
|
|
if (nsa) |
2780 |
|
|
sa_free(env, nsa); |
2781 |
|
|
sa_free(env, sa->sa_next); |
2782 |
|
|
sa->sa_next = NULL; |
2783 |
|
|
return (-1); |
2784 |
|
|
} |
2785 |
|
|
if (ikev2_sa_initiator(env, nsa, sa, msg) == -1) { |
2786 |
|
|
log_debug("%s: failed to get IKE keys", __func__); |
2787 |
|
|
return (-1); |
2788 |
|
|
} |
2789 |
|
|
sa->sa_stateflags &= ~IKED_REQ_CHILDSA; |
2790 |
|
|
sa->sa_next = NULL; |
2791 |
|
|
return (ikev2_ikesa_enable(env, sa, nsa)); |
2792 |
|
|
} |
2793 |
|
|
|
2794 |
|
|
/* Child SA rekeying */ |
2795 |
|
|
if (sa->sa_rekeyspi && |
2796 |
|
|
(csa = childsa_lookup(sa, sa->sa_rekeyspi, prop->prop_protoid)) |
2797 |
|
|
!= NULL) { |
2798 |
|
|
log_debug("%s: rekeying CHILD SA old %s spi %s", __func__, |
2799 |
|
|
print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size), |
2800 |
|
|
print_spi(prop->prop_peerspi.spi, |
2801 |
|
|
prop->prop_peerspi.spi_size)); |
2802 |
|
|
} |
2803 |
|
|
|
2804 |
|
|
/* check KE payload for PFS */ |
2805 |
|
|
if (ibuf_length(msg->msg_ke)) { |
2806 |
|
|
log_debug("%s: using PFS", __func__); |
2807 |
|
|
if (ikev2_sa_initiator_dh(sa, msg, prop->prop_protoid) < 0) { |
2808 |
|
|
log_debug("%s: failed to setup DH", __func__); |
2809 |
|
|
return (ret); |
2810 |
|
|
} |
2811 |
|
|
if (sa->sa_dhpeer == NULL) { |
2812 |
|
|
log_debug("%s: no peer DH", __func__); |
2813 |
|
|
return (ret); |
2814 |
|
|
} |
2815 |
|
|
pfs = 1; |
2816 |
|
|
/* XXX check group against policy ? */ |
2817 |
|
|
/* XXX should ikev2_sa_negotiate do this? */ |
2818 |
|
|
} |
2819 |
|
|
|
2820 |
|
|
/* Update responder's nonce */ |
2821 |
|
|
if (!ibuf_length(msg->msg_nonce)) { |
2822 |
|
|
log_debug("%s: responder didn't send nonce", __func__); |
2823 |
|
|
return (-1); |
2824 |
|
|
} |
2825 |
|
|
ibuf_release(sa->sa_rnonce); |
2826 |
|
|
sa->sa_rnonce = ibuf_dup(msg->msg_nonce); |
2827 |
|
|
|
2828 |
|
|
if (ikev2_childsa_negotiate(env, sa, &sa->sa_kex, &sa->sa_proposals, 1, |
2829 |
|
|
pfs)) { |
2830 |
|
|
log_debug("%s: failed to get CHILD SAs", __func__); |
2831 |
|
|
return (-1); |
2832 |
|
|
} |
2833 |
|
|
|
2834 |
|
|
if (csa) { |
2835 |
|
|
/* Child SA rekeying */ |
2836 |
|
|
|
2837 |
|
|
if ((buf = ibuf_static()) == NULL) |
2838 |
|
|
goto done; |
2839 |
|
|
|
2840 |
|
|
if ((del = ibuf_advance(buf, sizeof(*del))) == NULL) |
2841 |
|
|
goto done; |
2842 |
|
|
|
2843 |
|
|
del->del_protoid = prop->prop_protoid; |
2844 |
|
|
del->del_spisize = sizeof(spi32); |
2845 |
|
|
del->del_nspi = htobe16(1); |
2846 |
|
|
|
2847 |
|
|
spi32 = htobe32(csa->csa_spi.spi); |
2848 |
|
|
if (ibuf_add(buf, &spi32, sizeof(spi32))) |
2849 |
|
|
goto done; |
2850 |
|
|
|
2851 |
|
|
if (ikev2_send_ike_e(env, sa, buf, IKEV2_PAYLOAD_DELETE, |
2852 |
|
|
IKEV2_EXCHANGE_INFORMATIONAL, 0)) |
2853 |
|
|
goto done; |
2854 |
|
|
|
2855 |
|
|
sa->sa_stateflags |= IKED_REQ_INF; |
2856 |
|
|
} |
2857 |
|
|
|
2858 |
|
|
ret = ikev2_childsa_enable(env, sa); |
2859 |
|
|
|
2860 |
|
|
done: |
2861 |
|
|
sa->sa_stateflags &= ~IKED_REQ_CHILDSA; |
2862 |
|
|
|
2863 |
|
|
if (ret) |
2864 |
|
|
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1); |
2865 |
|
|
ibuf_release(buf); |
2866 |
|
|
return (ret); |
2867 |
|
|
} |
2868 |
|
|
|
2869 |
|
|
int |
2870 |
|
|
ikev2_ikesa_enable(struct iked *env, struct iked_sa *sa, struct iked_sa *nsa) |
2871 |
|
|
{ |
2872 |
|
|
struct iked_childsa *csa, *nextcsa; |
2873 |
|
|
struct iked_flow *flow, *nextflow; |
2874 |
|
|
struct iked_proposal *prop, *nextprop; |
2875 |
|
|
|
2876 |
|
|
log_debug("%s: IKE SA %p ispi %s rspi %s replaced" |
2877 |
|
|
" by SA %p ispi %s rspi %s ", |
2878 |
|
|
__func__, sa, |
2879 |
|
|
print_spi(sa->sa_hdr.sh_ispi, 8), |
2880 |
|
|
print_spi(sa->sa_hdr.sh_rspi, 8), |
2881 |
|
|
nsa, |
2882 |
|
|
print_spi(nsa->sa_hdr.sh_ispi, 8), |
2883 |
|
|
print_spi(nsa->sa_hdr.sh_rspi, 8)); |
2884 |
|
|
|
2885 |
|
|
/* Transfer socket and NAT information */ |
2886 |
|
|
nsa->sa_fd = sa->sa_fd; |
2887 |
|
|
nsa->sa_natt = sa->sa_natt; |
2888 |
|
|
nsa->sa_udpencap = sa->sa_udpencap; |
2889 |
|
|
|
2890 |
|
|
/* Transfer all Child SAs and flows from the old IKE SA */ |
2891 |
|
|
for (flow = TAILQ_FIRST(&sa->sa_flows); flow != NULL; |
2892 |
|
|
flow = nextflow) { |
2893 |
|
|
nextflow = TAILQ_NEXT(flow, flow_entry); |
2894 |
|
|
TAILQ_REMOVE(&sa->sa_flows, flow, flow_entry); |
2895 |
|
|
TAILQ_INSERT_TAIL(&nsa->sa_flows, flow, |
2896 |
|
|
flow_entry); |
2897 |
|
|
flow->flow_ikesa = nsa; |
2898 |
|
|
flow->flow_local = &nsa->sa_local; |
2899 |
|
|
flow->flow_peer = &nsa->sa_peer; |
2900 |
|
|
} |
2901 |
|
|
for (csa = TAILQ_FIRST(&sa->sa_childsas); csa != NULL; |
2902 |
|
|
csa = nextcsa) { |
2903 |
|
|
nextcsa = TAILQ_NEXT(csa, csa_entry); |
2904 |
|
|
TAILQ_REMOVE(&sa->sa_childsas, csa, csa_entry); |
2905 |
|
|
TAILQ_INSERT_TAIL(&nsa->sa_childsas, csa, |
2906 |
|
|
csa_entry); |
2907 |
|
|
csa->csa_ikesa = nsa; |
2908 |
|
|
if (csa->csa_dir == IPSP_DIRECTION_IN) { |
2909 |
|
|
csa->csa_local = &nsa->sa_peer; |
2910 |
|
|
csa->csa_peer = &nsa->sa_local; |
2911 |
|
|
} else { |
2912 |
|
|
csa->csa_local = &nsa->sa_local; |
2913 |
|
|
csa->csa_peer = &nsa->sa_peer; |
2914 |
|
|
} |
2915 |
|
|
} |
2916 |
|
|
/* Transfer all non-IKE proposals */ |
2917 |
|
|
for (prop = TAILQ_FIRST(&sa->sa_proposals); prop != NULL; |
2918 |
|
|
prop = nextprop) { |
2919 |
|
|
nextprop = TAILQ_NEXT(prop, prop_entry); |
2920 |
|
|
if (prop->prop_protoid == IKEV2_SAPROTO_IKE) |
2921 |
|
|
continue; |
2922 |
|
|
TAILQ_REMOVE(&sa->sa_proposals, prop, prop_entry); |
2923 |
|
|
TAILQ_INSERT_TAIL(&nsa->sa_proposals, prop, |
2924 |
|
|
prop_entry); |
2925 |
|
|
} |
2926 |
|
|
|
2927 |
|
|
/* Preserve ID information */ |
2928 |
|
|
if (sa->sa_hdr.sh_initiator == nsa->sa_hdr.sh_initiator) { |
2929 |
|
|
nsa->sa_iid = sa->sa_iid; |
2930 |
|
|
nsa->sa_rid = sa->sa_rid; |
2931 |
|
|
} else { |
2932 |
|
|
/* initiator and responder role swapped */ |
2933 |
|
|
nsa->sa_iid = sa->sa_rid; |
2934 |
|
|
nsa->sa_rid = sa->sa_iid; |
2935 |
|
|
} |
2936 |
|
|
/* duplicate the actual buffer */ |
2937 |
|
|
nsa->sa_iid.id_buf = ibuf_dup(nsa->sa_iid.id_buf); |
2938 |
|
|
nsa->sa_rid.id_buf = ibuf_dup(nsa->sa_rid.id_buf); |
2939 |
|
|
|
2940 |
|
|
/* Transfer sa_addrpool address */ |
2941 |
|
|
if (sa->sa_addrpool) { |
2942 |
|
|
RB_REMOVE(iked_addrpool, &env->sc_addrpool, sa); |
2943 |
|
|
nsa->sa_addrpool = sa->sa_addrpool; |
2944 |
|
|
sa->sa_addrpool = NULL; |
2945 |
|
|
RB_INSERT(iked_addrpool, &env->sc_addrpool, nsa); |
2946 |
|
|
} |
2947 |
|
|
if (sa->sa_addrpool6) { |
2948 |
|
|
RB_REMOVE(iked_addrpool6, &env->sc_addrpool6, sa); |
2949 |
|
|
nsa->sa_addrpool6 = sa->sa_addrpool6; |
2950 |
|
|
sa->sa_addrpool6 = NULL; |
2951 |
|
|
RB_INSERT(iked_addrpool6, &env->sc_addrpool6, nsa); |
2952 |
|
|
} |
2953 |
|
|
|
2954 |
|
|
log_debug("%s: activating new IKE SA", __func__); |
2955 |
|
|
sa_state(env, nsa, IKEV2_STATE_ESTABLISHED); |
2956 |
|
|
timer_set(env, &nsa->sa_timer, ikev2_ike_sa_alive, nsa); |
2957 |
|
|
timer_add(env, &nsa->sa_timer, IKED_IKE_SA_ALIVE_TIMEOUT); |
2958 |
|
|
timer_set(env, &nsa->sa_rekey, ikev2_ike_sa_rekey, nsa); |
2959 |
|
|
if (nsa->sa_policy->pol_rekey) |
2960 |
|
|
timer_add(env, &nsa->sa_rekey, nsa->sa_policy->pol_rekey); |
2961 |
|
|
nsa->sa_stateflags = nsa->sa_statevalid; /* XXX */ |
2962 |
|
|
|
2963 |
|
|
/* unregister DPD keep alive timer & rekey first */ |
2964 |
|
|
if (sa->sa_state == IKEV2_STATE_ESTABLISHED) { |
2965 |
|
|
timer_del(env, &sa->sa_rekey); |
2966 |
|
|
timer_del(env, &sa->sa_timer); |
2967 |
|
|
} |
2968 |
|
|
|
2969 |
|
|
ikev2_ikesa_delete(env, sa, nsa->sa_hdr.sh_initiator); |
2970 |
|
|
return (0); |
2971 |
|
|
} |
2972 |
|
|
|
2973 |
|
|
void |
2974 |
|
|
ikev2_ikesa_delete(struct iked *env, struct iked_sa *sa, int initiator) |
2975 |
|
|
{ |
2976 |
|
|
struct ibuf *buf = NULL; |
2977 |
|
|
struct ikev2_delete *del; |
2978 |
|
|
|
2979 |
|
|
if (initiator) { |
2980 |
|
|
/* Send PAYLOAD_DELETE */ |
2981 |
|
|
if ((buf = ibuf_static()) == NULL) |
2982 |
|
|
goto done; |
2983 |
|
|
if ((del = ibuf_advance(buf, sizeof(*del))) == NULL) |
2984 |
|
|
goto done; |
2985 |
|
|
del->del_protoid = IKEV2_SAPROTO_IKE; |
2986 |
|
|
del->del_spisize = 0; |
2987 |
|
|
del->del_nspi = 0; |
2988 |
|
|
if (ikev2_send_ike_e(env, sa, buf, IKEV2_PAYLOAD_DELETE, |
2989 |
|
|
IKEV2_EXCHANGE_INFORMATIONAL, 0) == -1) |
2990 |
|
|
goto done; |
2991 |
|
|
log_debug("%s: sent delete, closing SA", __func__); |
2992 |
|
|
done: |
2993 |
|
|
ibuf_release(buf); |
2994 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSED); |
2995 |
|
|
} else { |
2996 |
|
|
sa_state(env, sa, IKEV2_STATE_CLOSING); |
2997 |
|
|
} |
2998 |
|
|
|
2999 |
|
|
/* Remove IKE-SA after timeout, e.g. if we don't get a delete */ |
3000 |
|
|
timer_set(env, &sa->sa_timer, ikev2_ike_sa_timeout, sa); |
3001 |
|
|
timer_add(env, &sa->sa_timer, IKED_IKE_SA_DELETE_TIMEOUT); |
3002 |
|
|
} |
3003 |
|
|
|
3004 |
|
|
int |
3005 |
|
|
ikev2_resp_create_child_sa(struct iked *env, struct iked_message *msg) |
3006 |
|
|
{ |
3007 |
|
|
struct iked_childsa *csa; |
3008 |
|
|
struct iked_proposal *prop; |
3009 |
|
|
struct iked_proposals proposals; |
3010 |
|
|
struct iked_kex *kex, *kextmp = NULL; |
3011 |
|
|
struct iked_sa *nsa = NULL, *sa = msg->msg_sa; |
3012 |
|
|
struct iked_spi *spi, *rekey = &msg->msg_rekey; |
3013 |
|
|
struct ikev2_keyexchange *ke; |
3014 |
|
|
struct ikev2_payload *pld = NULL; |
3015 |
|
|
struct ibuf *e = NULL, *nonce = NULL; |
3016 |
|
|
uint8_t firstpayload; |
3017 |
|
|
ssize_t len = 0; |
3018 |
|
|
int initiator, protoid, rekeying = 1; |
3019 |
|
|
int ret = -1; |
3020 |
|
|
int pfs = 0; |
3021 |
|
|
|
3022 |
|
|
initiator = sa->sa_hdr.sh_initiator ? 1 : 0; |
3023 |
|
|
|
3024 |
|
|
if (!ikev2_msg_frompeer(msg) || msg->msg_prop == NULL) |
3025 |
|
|
return (0); |
3026 |
|
|
|
3027 |
|
|
TAILQ_INIT(&proposals); |
3028 |
|
|
|
3029 |
|
|
if ((protoid = rekey->spi_protoid) == 0) { |
3030 |
|
|
/* |
3031 |
|
|
* If REKEY_SA notification is not present, then it's either |
3032 |
|
|
* IKE SA rekeying or the client wants to create additional |
3033 |
|
|
* CHILD SAs |
3034 |
|
|
*/ |
3035 |
|
|
if (msg->msg_prop->prop_protoid == IKEV2_SAPROTO_IKE) { |
3036 |
|
|
protoid = rekey->spi_protoid = IKEV2_SAPROTO_IKE; |
3037 |
|
|
if (sa->sa_hdr.sh_initiator) |
3038 |
|
|
rekey->spi = sa->sa_hdr.sh_rspi; |
3039 |
|
|
else |
3040 |
|
|
rekey->spi = sa->sa_hdr.sh_ispi; |
3041 |
|
|
rekey->spi_size = 8; |
3042 |
|
|
} else { |
3043 |
|
|
protoid = msg->msg_prop->prop_protoid; |
3044 |
|
|
rekeying = 0; |
3045 |
|
|
} |
3046 |
|
|
} |
3047 |
|
|
|
3048 |
|
|
if (rekeying) |
3049 |
|
|
log_debug("%s: rekey %s spi %s", __func__, |
3050 |
|
|
print_map(rekey->spi_protoid, ikev2_saproto_map), |
3051 |
|
|
print_spi(rekey->spi, rekey->spi_size)); |
3052 |
|
|
else |
3053 |
|
|
log_debug("%s: creating new %s SA", __func__, |
3054 |
|
|
print_map(protoid, ikev2_saproto_map)); |
3055 |
|
|
|
3056 |
|
|
if (protoid == IKEV2_SAPROTO_IKE) { |
3057 |
|
|
/* IKE SA rekeying */ |
3058 |
|
|
spi = &msg->msg_prop->prop_peerspi; |
3059 |
|
|
|
3060 |
|
|
if ((nsa = sa_new(env, spi->spi, 0, 0, |
3061 |
|
|
msg->msg_policy)) == NULL) { |
3062 |
|
|
log_debug("%s: failed to get new SA", __func__); |
3063 |
|
|
return (ret); |
3064 |
|
|
} |
3065 |
|
|
|
3066 |
|
|
if (ikev2_sa_responder(env, nsa, sa, msg)) { |
3067 |
|
|
log_debug("%s: failed to get IKE SA keys", __func__); |
3068 |
|
|
return (ret); |
3069 |
|
|
} |
3070 |
|
|
|
3071 |
|
|
sa_state(env, nsa, IKEV2_STATE_AUTH_SUCCESS); |
3072 |
|
|
|
3073 |
|
|
nonce = nsa->sa_rnonce; |
3074 |
|
|
kex = &nsa->sa_kex; |
3075 |
|
|
} else { |
3076 |
|
|
/* Child SA creating/rekeying */ |
3077 |
|
|
|
3078 |
|
|
if ((kex = kextmp = calloc(1, sizeof(*kextmp))) == NULL) { |
3079 |
|
|
log_debug("%s: calloc kex", __func__); |
3080 |
|
|
goto fail; |
3081 |
|
|
} |
3082 |
|
|
|
3083 |
|
|
if (ikev2_sa_negotiate(&proposals, |
3084 |
|
|
&sa->sa_policy->pol_proposals, &msg->msg_proposals) != 0) { |
3085 |
|
|
log_debug("%s: no proposal chosen", __func__); |
3086 |
|
|
goto fail; |
3087 |
|
|
} |
3088 |
|
|
|
3089 |
|
|
/* check KE payload for PFS */ |
3090 |
|
|
if (ibuf_length(msg->msg_parent->msg_ke)) { |
3091 |
|
|
log_debug("%s: using PFS", __func__); |
3092 |
|
|
if (ikev2_sa_responder_dh(kex, &proposals, |
3093 |
|
|
msg->msg_parent, protoid) < 0) { |
3094 |
|
|
log_debug("%s: failed to setup DH", __func__); |
3095 |
|
|
goto fail; |
3096 |
|
|
} |
3097 |
|
|
pfs = 1; |
3098 |
|
|
/* XXX check group against policy ? */ |
3099 |
|
|
} |
3100 |
|
|
|
3101 |
|
|
/* Update peer SPI */ |
3102 |
|
|
TAILQ_FOREACH(prop, &proposals, prop_entry) { |
3103 |
|
|
if (prop->prop_protoid == protoid) |
3104 |
|
|
break; |
3105 |
|
|
} |
3106 |
|
|
if (prop == NULL) { |
3107 |
|
|
log_debug("%s: failed to find %s proposals", __func__, |
3108 |
|
|
print_map(protoid, ikev2_saproto_map)); |
3109 |
|
|
goto fail; |
3110 |
|
|
} else |
3111 |
|
|
prop->prop_peerspi = msg->msg_prop->prop_peerspi; |
3112 |
|
|
|
3113 |
|
|
/* Set rekeying flags on Child SAs */ |
3114 |
|
|
if (rekeying) { |
3115 |
|
|
if ((csa = childsa_lookup(sa, rekey->spi, |
3116 |
|
|
rekey->spi_protoid)) == NULL) { |
3117 |
|
|
log_debug("%s: CHILD SA %s wasn't found", |
3118 |
|
|
__func__, print_spi(rekey->spi, |
3119 |
|
|
rekey->spi_size)); |
3120 |
|
|
goto fail; |
3121 |
|
|
} |
3122 |
|
|
if (!csa->csa_loaded || !csa->csa_peersa || |
3123 |
|
|
!csa->csa_peersa->csa_loaded) { |
3124 |
|
|
log_debug("%s: SA is not loaded or no peer SA", |
3125 |
|
|
__func__); |
3126 |
|
|
goto fail; |
3127 |
|
|
} |
3128 |
|
|
csa->csa_rekey = 1; |
3129 |
|
|
csa->csa_peersa->csa_rekey = 1; |
3130 |
|
|
} |
3131 |
|
|
|
3132 |
|
|
/* Update initiator's nonce */ |
3133 |
|
|
if (!ibuf_length(msg->msg_nonce)) { |
3134 |
|
|
log_debug("%s: initiator didn't send nonce", __func__); |
3135 |
|
|
goto fail; |
3136 |
|
|
} |
3137 |
|
|
ibuf_release(kex->kex_inonce); |
3138 |
|
|
kex->kex_inonce = ibuf_dup(msg->msg_nonce); |
3139 |
|
|
|
3140 |
|
|
/* Generate new responder's nonce */ |
3141 |
|
|
if ((nonce = ibuf_random(IKED_NONCE_SIZE)) == NULL) |
3142 |
|
|
goto fail; |
3143 |
|
|
|
3144 |
|
|
/* Update responder's nonce */ |
3145 |
|
|
ibuf_release(kex->kex_rnonce); |
3146 |
|
|
kex->kex_rnonce = nonce; |
3147 |
|
|
|
3148 |
|
|
if (ikev2_childsa_negotiate(env, sa, kex, &proposals, 0, pfs)) { |
3149 |
|
|
log_debug("%s: failed to get CHILD SAs", __func__); |
3150 |
|
|
goto fail; |
3151 |
|
|
} |
3152 |
|
|
} |
3153 |
|
|
|
3154 |
|
|
if ((e = ibuf_static()) == NULL) |
3155 |
|
|
goto done; |
3156 |
|
|
|
3157 |
|
|
/* compression (unless IKE rekeying) */ |
3158 |
|
|
if (!nsa && sa->sa_ipcomp && |
3159 |
|
|
(len = ikev2_add_ipcompnotify(env, e, &pld, 0, sa)) == -1) |
3160 |
|
|
goto done; |
3161 |
|
|
|
3162 |
|
|
if (pld) { |
3163 |
|
|
firstpayload = IKEV2_PAYLOAD_NOTIFY; |
3164 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_SA) == -1) |
3165 |
|
|
goto done; |
3166 |
|
|
} else |
3167 |
|
|
firstpayload = IKEV2_PAYLOAD_SA; |
3168 |
|
|
|
3169 |
|
|
/* SA payload */ |
3170 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
3171 |
|
|
goto done; |
3172 |
|
|
|
3173 |
|
|
if ((len = ikev2_add_proposals(env, nsa ? nsa : sa, e, |
3174 |
|
|
nsa ? &nsa->sa_proposals : &proposals, |
3175 |
|
|
protoid, 0, nsa ? 1 : 0)) == -1) |
3176 |
|
|
goto done; |
3177 |
|
|
|
3178 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONCE) == -1) |
3179 |
|
|
goto done; |
3180 |
|
|
|
3181 |
|
|
/* NONCE payload */ |
3182 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
3183 |
|
|
goto done; |
3184 |
|
|
if (ikev2_add_buf(e, nonce) == -1) |
3185 |
|
|
goto done; |
3186 |
|
|
len = ibuf_size(nonce); |
3187 |
|
|
|
3188 |
|
|
if (protoid == IKEV2_SAPROTO_IKE || pfs) { |
3189 |
|
|
|
3190 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_KE) == -1) |
3191 |
|
|
goto done; |
3192 |
|
|
|
3193 |
|
|
/* KE payload */ |
3194 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
3195 |
|
|
goto done; |
3196 |
|
|
if ((ke = ibuf_advance(e, sizeof(*ke))) == NULL) |
3197 |
|
|
goto done; |
3198 |
|
|
if (kex->kex_dhgroup == NULL) { |
3199 |
|
|
log_debug("%s: invalid dh", __func__); |
3200 |
|
|
goto done; |
3201 |
|
|
} |
3202 |
|
|
ke->kex_dhgroup = htobe16(kex->kex_dhgroup->id); |
3203 |
|
|
if (ikev2_add_buf(e, kex->kex_dhrexchange) == -1) |
3204 |
|
|
goto done; |
3205 |
|
|
len = sizeof(*ke) + dh_getlen(kex->kex_dhgroup); |
3206 |
|
|
} |
3207 |
|
|
|
3208 |
|
|
if (protoid != IKEV2_SAPROTO_IKE) |
3209 |
|
|
if ((len = ikev2_add_ts(e, &pld, len, sa, initiator)) == -1) |
3210 |
|
|
goto done; |
3211 |
|
|
|
3212 |
|
|
if (ikev2_next_payload(pld, len, IKEV2_PAYLOAD_NONE) == -1) |
3213 |
|
|
goto done; |
3214 |
|
|
|
3215 |
|
|
if ((ret = ikev2_msg_send_encrypt(env, sa, &e, |
3216 |
|
|
IKEV2_EXCHANGE_CREATE_CHILD_SA, firstpayload, 1)) == -1) |
3217 |
|
|
goto done; |
3218 |
|
|
|
3219 |
|
|
if (protoid == IKEV2_SAPROTO_IKE) |
3220 |
|
|
ret = ikev2_ikesa_enable(env, sa, nsa); |
3221 |
|
|
else |
3222 |
|
|
ret = ikev2_childsa_enable(env, sa); |
3223 |
|
|
|
3224 |
|
|
done: |
3225 |
|
|
if (ret && protoid != IKEV2_SAPROTO_IKE) |
3226 |
|
|
ikev2_childsa_delete(env, sa, 0, 0, NULL, 1); |
3227 |
|
|
ibuf_release(e); |
3228 |
|
|
config_free_proposals(&proposals, 0); |
3229 |
|
|
config_free_kex(kextmp); |
3230 |
|
|
return (ret); |
3231 |
|
|
|
3232 |
|
|
fail: |
3233 |
|
|
config_free_proposals(&proposals, 0); |
3234 |
|
|
config_free_kex(kextmp); |
3235 |
|
|
return (-1); |
3236 |
|
|
} |
3237 |
|
|
|
3238 |
|
|
void |
3239 |
|
|
ikev2_ike_sa_timeout(struct iked *env, void *arg) |
3240 |
|
|
{ |
3241 |
|
|
struct iked_sa *sa = arg; |
3242 |
|
|
|
3243 |
|
|
log_debug("%s: closing SA", __func__); |
3244 |
|
|
sa_free(env, sa); |
3245 |
|
|
} |
3246 |
|
|
|
3247 |
|
|
void |
3248 |
|
|
ikev2_ike_sa_alive(struct iked *env, void *arg) |
3249 |
|
|
{ |
3250 |
|
|
struct iked_sa *sa = arg; |
3251 |
|
|
struct iked_childsa *csa = NULL; |
3252 |
|
|
struct timeval tv; |
3253 |
|
|
uint64_t last_used, diff; |
3254 |
|
|
int foundin = 0, foundout = 0; |
3255 |
|
|
|
3256 |
|
|
/* check for incoming traffic on any child SA */ |
3257 |
|
|
TAILQ_FOREACH(csa, &sa->sa_childsas, csa_entry) { |
3258 |
|
|
if (!csa->csa_loaded || |
3259 |
|
|
csa->csa_saproto == IKEV2_SAPROTO_IPCOMP) |
3260 |
|
|
continue; |
3261 |
|
|
if (pfkey_sa_last_used(env->sc_pfkey, csa, &last_used) != 0) |
3262 |
|
|
continue; |
3263 |
|
|
gettimeofday(&tv, NULL); |
3264 |
|
|
diff = (uint32_t)(tv.tv_sec - last_used); |
3265 |
|
|
log_debug("%s: %s CHILD SA spi %s last used %llu second(s) ago", |
3266 |
|
|
__func__, |
3267 |
|
|
csa->csa_dir == IPSP_DIRECTION_IN ? "incoming" : "outgoing", |
3268 |
|
|
print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size), diff); |
3269 |
|
|
if (diff < IKED_IKE_SA_ALIVE_TIMEOUT) { |
3270 |
|
|
if (csa->csa_dir == IPSP_DIRECTION_IN) { |
3271 |
|
|
foundin = 1; |
3272 |
|
|
break; |
3273 |
|
|
} else { |
3274 |
|
|
foundout = 1; |
3275 |
|
|
} |
3276 |
|
|
} |
3277 |
|
|
} |
3278 |
|
|
|
3279 |
|
|
/* send probe if any outging SA has been used, but no incoming SA */ |
3280 |
|
|
if (!foundin && foundout) { |
3281 |
|
|
log_debug("%s: sending alive check", __func__); |
3282 |
|
|
ikev2_send_ike_e(env, sa, NULL, IKEV2_PAYLOAD_NONE, |
3283 |
|
|
IKEV2_EXCHANGE_INFORMATIONAL, 0); |
3284 |
|
|
sa->sa_stateflags |= IKED_REQ_INF; |
3285 |
|
|
} |
3286 |
|
|
|
3287 |
|
|
/* re-register */ |
3288 |
|
|
timer_add(env, &sa->sa_timer, IKED_IKE_SA_ALIVE_TIMEOUT); |
3289 |
|
|
} |
3290 |
|
|
|
3291 |
|
|
int |
3292 |
|
|
ikev2_send_informational(struct iked *env, struct iked_message *msg) |
3293 |
|
|
{ |
3294 |
|
|
struct iked_message resp; |
3295 |
|
|
struct ike_header *hdr; |
3296 |
|
|
struct ikev2_payload *pld; |
3297 |
|
|
struct ikev2_notify *n; |
3298 |
|
|
struct iked_sa *sa = msg->msg_sa, sah; |
3299 |
|
|
struct ibuf *buf, *e = NULL; |
3300 |
|
|
int ret = -1; |
3301 |
|
|
|
3302 |
|
|
if (msg->msg_error == 0) |
3303 |
|
|
return (0); |
3304 |
|
|
|
3305 |
|
|
if ((buf = ikev2_msg_init(env, &resp, |
3306 |
|
|
&msg->msg_peer, msg->msg_peerlen, |
3307 |
|
|
&msg->msg_local, msg->msg_locallen, 0)) == NULL) |
3308 |
|
|
goto done; |
3309 |
|
|
|
3310 |
|
|
/* New encrypted message buffer */ |
3311 |
|
|
if ((e = ibuf_static()) == NULL) |
3312 |
|
|
goto done; |
3313 |
|
|
|
3314 |
|
|
/* NOTIFY payload */ |
3315 |
|
|
if ((pld = ikev2_add_payload(e)) == NULL) |
3316 |
|
|
goto done; |
3317 |
|
|
|
3318 |
|
|
if ((n = ibuf_advance(e, sizeof(*n))) == NULL) |
3319 |
|
|
goto done; |
3320 |
|
|
n->n_protoid = IKEV2_SAPROTO_IKE; /* XXX ESP etc. */ |
3321 |
|
|
n->n_spisize = 0; |
3322 |
|
|
n->n_type = htobe16(msg->msg_error); |
3323 |
|
|
|
3324 |
|
|
switch (msg->msg_error) { |
3325 |
|
|
case IKEV2_N_INVALID_IKE_SPI: |
3326 |
|
|
case IKEV2_N_NO_PROPOSAL_CHOSEN: |
3327 |
|
|
break; |
3328 |
|
|
default: |
3329 |
|
|
log_debug("%s: unsupported notification %s", __func__, |
3330 |
|
|
print_map(msg->msg_error, ikev2_n_map)); |
3331 |
|
|
goto done; |
3332 |
|
|
} |
3333 |
|
|
|
3334 |
|
|
if (ikev2_next_payload(pld, sizeof(*n), IKEV2_PAYLOAD_NONE) == -1) |
3335 |
|
|
goto done; |
3336 |
|
|
|
3337 |
|
|
if (sa != NULL && msg->msg_e) { |
3338 |
|
|
resp.msg_msgid = ikev2_msg_id(env, sa); |
3339 |
|
|
|
3340 |
|
|
/* IKE header */ |
3341 |
|
|
if ((hdr = ikev2_add_header(buf, sa, resp.msg_msgid, |
3342 |
|
|
IKEV2_PAYLOAD_SK, IKEV2_EXCHANGE_INFORMATIONAL, |
3343 |
|
|
0)) == NULL) |
3344 |
|
|
goto done; |
3345 |
|
|
|
3346 |
|
|
if ((pld = ikev2_add_payload(buf)) == NULL) |
3347 |
|
|
goto done; |
3348 |
|
|
|
3349 |
|
|
/* Encrypt message and add as an E payload */ |
3350 |
|
|
if ((e = ikev2_msg_encrypt(env, sa, e)) == NULL) { |
3351 |
|
|
log_debug("%s: encryption failed", __func__); |
3352 |
|
|
goto done; |
3353 |
|
|
} |
3354 |
|
|
if (ibuf_cat(buf, e) != 0) |
3355 |
|
|
goto done; |
3356 |
|
|
if (ikev2_next_payload(pld, ibuf_size(e), |
3357 |
|
|
IKEV2_PAYLOAD_NOTIFY) == -1) |
3358 |
|
|
goto done; |
3359 |
|
|
|
3360 |
|
|
if (ikev2_set_header(hdr, ibuf_size(buf) - sizeof(*hdr)) == -1) |
3361 |
|
|
goto done; |
3362 |
|
|
|
3363 |
|
|
/* Add integrity checksum (HMAC) */ |
3364 |
|
|
if (ikev2_msg_integr(env, sa, buf) != 0) { |
3365 |
|
|
log_debug("%s: integrity checksum failed", __func__); |
3366 |
|
|
goto done; |
3367 |
|
|
} |
3368 |
|
|
} else { |
3369 |
|
|
if ((hdr = ibuf_seek(msg->msg_data, 0, sizeof(*hdr))) == NULL) |
3370 |
|
|
goto done; |
3371 |
|
|
|
3372 |
|
|
bzero(&sah, sizeof(sah)); |
3373 |
|
|
sah.sa_hdr.sh_rspi = betoh64(hdr->ike_rspi); |
3374 |
|
|
sah.sa_hdr.sh_ispi = betoh64(hdr->ike_ispi); |
3375 |
|
|
sah.sa_hdr.sh_initiator = |
3376 |
|
|
hdr->ike_flags & IKEV2_FLAG_INITIATOR ? 0 : 1; |
3377 |
|
|
|
3378 |
|
|
resp.msg_msgid = ikev2_msg_id(env, &sah); |
3379 |
|
|
|
3380 |
|
|
/* IKE header */ |
3381 |
|
|
if ((hdr = ikev2_add_header(buf, &sah, resp.msg_msgid, |
3382 |
|
|
IKEV2_PAYLOAD_NOTIFY, IKEV2_EXCHANGE_INFORMATIONAL, |
3383 |
|
|
0)) == NULL) |
3384 |
|
|
goto done; |
3385 |
|
|
if (ibuf_cat(buf, e) != 0) |
3386 |
|
|
goto done; |
3387 |
|
|
if (ikev2_set_header(hdr, ibuf_size(buf) - sizeof(*hdr)) == -1) |
3388 |
|
|
goto done; |
3389 |
|
|
} |
3390 |
|
|
|
3391 |
|
|
resp.msg_data = buf; |
3392 |
|
|
resp.msg_fd = msg->msg_fd; |
3393 |
|
|
TAILQ_INIT(&resp.msg_proposals); |
3394 |
|
|
|
3395 |
|
|
ret = ikev2_msg_send(env, &resp); |
3396 |
|
|
|
3397 |
|
|
done: |
3398 |
|
|
ibuf_release(e); |
3399 |
|
|
ikev2_msg_cleanup(env, &resp); |
3400 |
|
|
|
3401 |
|
|
return (ret); |
3402 |
|
|
} |
3403 |
|
|
|
3404 |
|
|
ssize_t |
3405 |
|
|
ikev2_psk(struct iked_sa *sa, uint8_t *data, size_t length, |
3406 |
|
|
uint8_t **pskptr) |
3407 |
|
|
{ |
3408 |
|
|
uint8_t *psk; |
3409 |
|
|
size_t psklen = -1; |
3410 |
|
|
|
3411 |
|
|
if (hash_setkey(sa->sa_prf, data, length) == NULL) |
3412 |
|
|
return (-1); |
3413 |
|
|
|
3414 |
|
|
if ((psk = calloc(1, hash_keylength(sa->sa_prf))) == NULL) |
3415 |
|
|
return (-1); |
3416 |
|
|
|
3417 |
|
|
hash_init(sa->sa_prf); |
3418 |
|
|
hash_update(sa->sa_prf, IKEV2_KEYPAD, strlen(IKEV2_KEYPAD)); |
3419 |
|
|
hash_final(sa->sa_prf, psk, &psklen); |
3420 |
|
|
|
3421 |
|
|
*pskptr = psk; |
3422 |
|
|
return (psklen); |
3423 |
|
|
} |
3424 |
|
|
|
3425 |
|
|
int |
3426 |
|
|
ikev2_match_proposals(struct iked_proposal *local, struct iked_proposal *peer, |
3427 |
|
|
struct iked_transform **xforms) |
3428 |
|
|
{ |
3429 |
|
|
struct iked_transform *tpeer, *tlocal; |
3430 |
|
|
unsigned int i, j, type, score; |
3431 |
|
|
uint8_t protoid = peer->prop_protoid; |
3432 |
|
|
|
3433 |
|
|
for (i = 0; i < peer->prop_nxforms; i++) { |
3434 |
|
|
tpeer = peer->prop_xforms + i; |
3435 |
|
|
for (j = 0; j < local->prop_nxforms; j++) { |
3436 |
|
|
tlocal = local->prop_xforms + j; |
3437 |
|
|
if (tpeer->xform_type != tlocal->xform_type || |
3438 |
|
|
tpeer->xform_id != tlocal->xform_id || |
3439 |
|
|
tpeer->xform_length != tlocal->xform_length) |
3440 |
|
|
continue; |
3441 |
|
|
if (tpeer->xform_type > IKEV2_XFORMTYPE_MAX) |
3442 |
|
|
continue; |
3443 |
|
|
type = tpeer->xform_type; |
3444 |
|
|
|
3445 |
|
|
if (xforms[type] == NULL || tlocal->xform_score < |
3446 |
|
|
xforms[type]->xform_score) { |
3447 |
|
|
xforms[type] = tlocal; |
3448 |
|
|
} else |
3449 |
|
|
continue; |
3450 |
|
|
|
3451 |
|
|
print_debug("%s: xform %d <-> %d (%d): %s %s " |
3452 |
|
|
"(keylength %d <-> %d)", __func__, |
3453 |
|
|
peer->prop_id, local->prop_id, tlocal->xform_score, |
3454 |
|
|
print_map(type, ikev2_xformtype_map), |
3455 |
|
|
print_map(tpeer->xform_id, tpeer->xform_map), |
3456 |
|
|
tpeer->xform_keylength, tlocal->xform_keylength); |
3457 |
|
|
if (tpeer->xform_length) |
3458 |
|
|
print_debug(" %d", tpeer->xform_length); |
3459 |
|
|
print_debug("\n"); |
3460 |
|
|
} |
3461 |
|
|
} |
3462 |
|
|
|
3463 |
|
|
for (i = score = 0; i < IKEV2_XFORMTYPE_MAX; i++) { |
3464 |
|
|
if (protoid == IKEV2_SAPROTO_IKE && xforms[i] == NULL && |
3465 |
|
|
(i == IKEV2_XFORMTYPE_ENCR || i == IKEV2_XFORMTYPE_PRF || |
3466 |
|
|
i == IKEV2_XFORMTYPE_INTEGR || i == IKEV2_XFORMTYPE_DH)) { |
3467 |
|
|
score = 0; |
3468 |
|
|
break; |
3469 |
|
|
} else if (protoid == IKEV2_SAPROTO_AH && xforms[i] == NULL && |
3470 |
|
|
(i == IKEV2_XFORMTYPE_INTEGR || i == IKEV2_XFORMTYPE_ESN)) { |
3471 |
|
|
score = 0; |
3472 |
|
|
break; |
3473 |
|
|
} else if (protoid == IKEV2_SAPROTO_ESP && xforms[i] == NULL && |
3474 |
|
|
(i == IKEV2_XFORMTYPE_ENCR || i == IKEV2_XFORMTYPE_ESN)) { |
3475 |
|
|
score = 0; |
3476 |
|
|
break; |
3477 |
|
|
} else if (xforms[i] == NULL) |
3478 |
|
|
continue; |
3479 |
|
|
|
3480 |
|
|
score += xforms[i]->xform_score; |
3481 |
|
|
} |
3482 |
|
|
|
3483 |
|
|
return (score); |
3484 |
|
|
} |
3485 |
|
|
|
3486 |
|
|
int |
3487 |
|
|
ikev2_sa_negotiate(struct iked_proposals *result, struct iked_proposals *local, |
3488 |
|
|
struct iked_proposals *peer) |
3489 |
|
|
{ |
3490 |
|
|
struct iked_proposal *ppeer = NULL, *plocal, *prop, vpeer, vlocal; |
3491 |
|
|
struct iked_transform chosen[IKEV2_XFORMTYPE_MAX]; |
3492 |
|
|
struct iked_transform *valid[IKEV2_XFORMTYPE_MAX]; |
3493 |
|
|
struct iked_transform *match[IKEV2_XFORMTYPE_MAX]; |
3494 |
|
|
unsigned int i, score, chosen_score = 0; |
3495 |
|
|
uint8_t protoid = 0; |
3496 |
|
|
|
3497 |
|
|
bzero(valid, sizeof(valid)); |
3498 |
|
|
bzero(&vlocal, sizeof(vlocal)); |
3499 |
|
|
bzero(&vpeer, sizeof(vpeer)); |
3500 |
|
|
|
3501 |
|
|
if (TAILQ_EMPTY(peer)) { |
3502 |
|
|
log_debug("%s: peer did not send %s proposals", __func__, |
3503 |
|
|
print_map(protoid, ikev2_saproto_map)); |
3504 |
|
|
return (-1); |
3505 |
|
|
} |
3506 |
|
|
|
3507 |
|
|
TAILQ_FOREACH(plocal, local, prop_entry) { |
3508 |
|
|
TAILQ_FOREACH(ppeer, peer, prop_entry) { |
3509 |
|
|
if (ppeer->prop_protoid != plocal->prop_protoid) |
3510 |
|
|
continue; |
3511 |
|
|
bzero(match, sizeof(match)); |
3512 |
|
|
score = ikev2_match_proposals(plocal, ppeer, match); |
3513 |
|
|
log_debug("%s: score %d", __func__, score); |
3514 |
|
|
if (score && (!chosen_score || score < chosen_score)) { |
3515 |
|
|
chosen_score = score; |
3516 |
|
|
for (i = 0; i < IKEV2_XFORMTYPE_MAX; i++) { |
3517 |
|
|
if ((valid[i] = match[i])) |
3518 |
|
|
memcpy(&chosen[i], match[i], |
3519 |
|
|
sizeof(chosen[0])); |
3520 |
|
|
} |
3521 |
|
|
memcpy(&vpeer, ppeer, sizeof(vpeer)); |
3522 |
|
|
memcpy(&vlocal, plocal, sizeof(vlocal)); |
3523 |
|
|
} |
3524 |
|
|
} |
3525 |
|
|
if (chosen_score != 0) |
3526 |
|
|
break; |
3527 |
|
|
} |
3528 |
|
|
|
3529 |
|
|
if (chosen_score == 0) |
3530 |
|
|
return (-1); |
3531 |
|
|
else if (result == NULL) |
3532 |
|
|
return (0); |
3533 |
|
|
|
3534 |
|
|
(void)config_free_proposals(result, vpeer.prop_protoid); |
3535 |
|
|
prop = config_add_proposal(result, vpeer.prop_id, vpeer.prop_protoid); |
3536 |
|
|
|
3537 |
|
|
if (vpeer.prop_localspi.spi_size) { |
3538 |
|
|
prop->prop_localspi.spi_size = vpeer.prop_localspi.spi_size; |
3539 |
|
|
prop->prop_peerspi = vpeer.prop_peerspi; |
3540 |
|
|
} |
3541 |
|
|
if (vlocal.prop_localspi.spi_size) { |
3542 |
|
|
prop->prop_localspi.spi_size = vlocal.prop_localspi.spi_size; |
3543 |
|
|
prop->prop_localspi.spi = vlocal.prop_localspi.spi; |
3544 |
|
|
} |
3545 |
|
|
|
3546 |
|
|
for (i = 0; i < IKEV2_XFORMTYPE_MAX; i++) { |
3547 |
|
|
if (valid[i] == NULL) |
3548 |
|
|
continue; |
3549 |
|
|
print_debug("%s: score %d: %s %s", __func__, |
3550 |
|
|
chosen[i].xform_score, print_map(i, ikev2_xformtype_map), |
3551 |
|
|
print_map(chosen[i].xform_id, chosen[i].xform_map)); |
3552 |
|
|
if (chosen[i].xform_length) |
3553 |
|
|
print_debug(" %d", chosen[i].xform_length); |
3554 |
|
|
print_debug("\n"); |
3555 |
|
|
|
3556 |
|
|
if (config_add_transform(prop, chosen[i].xform_type, |
3557 |
|
|
chosen[i].xform_id, chosen[i].xform_length, |
3558 |
|
|
chosen[i].xform_keylength) == NULL) |
3559 |
|
|
break; |
3560 |
|
|
} |
3561 |
|
|
|
3562 |
|
|
return (0); |
3563 |
|
|
} |
3564 |
|
|
|
3565 |
|
|
int |
3566 |
|
|
ikev2_sa_initiator_dh(struct iked_sa *sa, struct iked_message *msg, |
3567 |
|
|
unsigned int proto) |
3568 |
|
|
{ |
3569 |
|
|
struct iked_policy *pol = sa->sa_policy; |
3570 |
|
|
struct iked_transform *xform; |
3571 |
|
|
|
3572 |
|
|
if (sa->sa_dhgroup == NULL) { |
3573 |
|
|
if ((xform = config_findtransform(&pol->pol_proposals, |
3574 |
|
|
IKEV2_XFORMTYPE_DH, proto)) == NULL) { |
3575 |
|
|
log_debug("%s: did not find dh transform", __func__); |
3576 |
|
|
return (-1); |
3577 |
|
|
} |
3578 |
|
|
if ((sa->sa_dhgroup = |
3579 |
|
|
group_get(xform->xform_id)) == NULL) { |
3580 |
|
|
log_debug("%s: invalid dh %d", __func__, |
3581 |
|
|
xform->xform_id); |
3582 |
|
|
return (-1); |
3583 |
|
|
} |
3584 |
|
|
} |
3585 |
|
|
|
3586 |
|
|
if (!ibuf_length(sa->sa_dhiexchange)) { |
3587 |
|
|
if ((sa->sa_dhiexchange = ibuf_new(NULL, |
3588 |
|
|
dh_getlen(sa->sa_dhgroup))) == NULL) { |
3589 |
|
|
log_debug("%s: failed to alloc dh exchange", __func__); |
3590 |
|
|
return (-1); |
3591 |
|
|
} |
3592 |
|
|
if (dh_create_exchange(sa->sa_dhgroup, |
3593 |
|
|
sa->sa_dhiexchange->buf) == -1) { |
3594 |
|
|
log_debug("%s: failed to get dh exchange", __func__); |
3595 |
|
|
return (-1); |
3596 |
|
|
} |
3597 |
|
|
} |
3598 |
|
|
|
3599 |
|
|
/* Initial message */ |
3600 |
|
|
if (msg == NULL) |
3601 |
|
|
return (0); |
3602 |
|
|
|
3603 |
|
|
if (!ibuf_length(sa->sa_dhrexchange)) { |
3604 |
|
|
if (!ibuf_length(msg->msg_ke)) { |
3605 |
|
|
log_debug("%s: invalid peer dh exchange", __func__); |
3606 |
|
|
return (-1); |
3607 |
|
|
} |
3608 |
|
|
if ((ssize_t)ibuf_length(msg->msg_ke) != |
3609 |
|
|
dh_getlen(sa->sa_dhgroup)) { |
3610 |
|
|
log_debug("%s: invalid dh length, size %d", __func__, |
3611 |
|
|
dh_getlen(sa->sa_dhgroup) * 8); |
3612 |
|
|
return (-1); |
3613 |
|
|
} |
3614 |
|
|
if ((sa->sa_dhrexchange = ibuf_dup(msg->msg_ke)) == NULL) { |
3615 |
|
|
log_debug("%s: failed to copy dh exchange", __func__); |
3616 |
|
|
return (-1); |
3617 |
|
|
} |
3618 |
|
|
} |
3619 |
|
|
|
3620 |
|
|
/* Set a pointer to the peer exchange */ |
3621 |
|
|
sa->sa_dhpeer = sa->sa_dhrexchange; |
3622 |
|
|
return (0); |
3623 |
|
|
} |
3624 |
|
|
|
3625 |
|
|
int |
3626 |
|
|
ikev2_sa_initiator(struct iked *env, struct iked_sa *sa, |
3627 |
|
|
struct iked_sa *osa, struct iked_message *msg) |
3628 |
|
|
{ |
3629 |
|
|
struct iked_transform *xform; |
3630 |
|
|
|
3631 |
|
|
if (ikev2_sa_initiator_dh(sa, msg, 0) < 0) |
3632 |
|
|
return (-1); |
3633 |
|
|
|
3634 |
|
|
if (!ibuf_length(sa->sa_inonce)) { |
3635 |
|
|
if ((sa->sa_inonce = ibuf_random(IKED_NONCE_SIZE)) == NULL) { |
3636 |
|
|
log_debug("%s: failed to get local nonce", __func__); |
3637 |
|
|
return (-1); |
3638 |
|
|
} |
3639 |
|
|
} |
3640 |
|
|
|
3641 |
|
|
/* Initial message */ |
3642 |
|
|
if (msg == NULL) |
3643 |
|
|
return (0); |
3644 |
|
|
|
3645 |
|
|
if (!ibuf_length(sa->sa_rnonce)) { |
3646 |
|
|
if (!ibuf_length(msg->msg_nonce)) { |
3647 |
|
|
log_debug("%s: invalid peer nonce", __func__); |
3648 |
|
|
return (-1); |
3649 |
|
|
} |
3650 |
|
|
if ((sa->sa_rnonce = ibuf_dup(msg->msg_nonce)) == NULL) { |
3651 |
|
|
log_debug("%s: failed to get peer nonce", __func__); |
3652 |
|
|
return (-1); |
3653 |
|
|
} |
3654 |
|
|
} |
3655 |
|
|
|
3656 |
|
|
/* XXX we need a better way to get this */ |
3657 |
|
|
if (ikev2_sa_negotiate(&sa->sa_proposals, |
3658 |
|
|
&msg->msg_policy->pol_proposals, &msg->msg_proposals) != 0) { |
3659 |
|
|
log_debug("%s: no proposal chosen", __func__); |
3660 |
|
|
msg->msg_error = IKEV2_N_NO_PROPOSAL_CHOSEN; |
3661 |
|
|
return (-1); |
3662 |
|
|
} else if (sa_stateok(sa, IKEV2_STATE_SA_INIT)) |
3663 |
|
|
sa_stateflags(sa, IKED_REQ_SA); |
3664 |
|
|
|
3665 |
|
|
if (sa->sa_encr == NULL) { |
3666 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3667 |
|
|
IKEV2_XFORMTYPE_ENCR, 0)) == NULL) { |
3668 |
|
|
log_debug("%s: did not find encr transform", __func__); |
3669 |
|
|
return (-1); |
3670 |
|
|
} |
3671 |
|
|
if ((sa->sa_encr = cipher_new(xform->xform_type, |
3672 |
|
|
xform->xform_id, xform->xform_length)) == NULL) { |
3673 |
|
|
log_debug("%s: failed to get encr", __func__); |
3674 |
|
|
return (-1); |
3675 |
|
|
} |
3676 |
|
|
} |
3677 |
|
|
|
3678 |
|
|
if (sa->sa_prf == NULL) { |
3679 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3680 |
|
|
IKEV2_XFORMTYPE_PRF, 0)) == NULL) { |
3681 |
|
|
log_debug("%s: did not find prf transform", __func__); |
3682 |
|
|
return (-1); |
3683 |
|
|
} |
3684 |
|
|
if ((sa->sa_prf = |
3685 |
|
|
hash_new(xform->xform_type, xform->xform_id)) == NULL) { |
3686 |
|
|
log_debug("%s: failed to get prf", __func__); |
3687 |
|
|
return (-1); |
3688 |
|
|
} |
3689 |
|
|
} |
3690 |
|
|
|
3691 |
|
|
if (sa->sa_integr == NULL) { |
3692 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3693 |
|
|
IKEV2_XFORMTYPE_INTEGR, 0)) == NULL) { |
3694 |
|
|
log_debug("%s: did not find integr transform", |
3695 |
|
|
__func__); |
3696 |
|
|
return (-1); |
3697 |
|
|
} |
3698 |
|
|
if ((sa->sa_integr = |
3699 |
|
|
hash_new(xform->xform_type, xform->xform_id)) == NULL) { |
3700 |
|
|
log_debug("%s: failed to get integr", __func__); |
3701 |
|
|
return (-1); |
3702 |
|
|
} |
3703 |
|
|
} |
3704 |
|
|
|
3705 |
|
|
ibuf_release(sa->sa_2ndmsg); |
3706 |
|
|
if ((sa->sa_2ndmsg = ibuf_dup(msg->msg_data)) == NULL) { |
3707 |
|
|
log_debug("%s: failed to copy 2nd message", __func__); |
3708 |
|
|
return (-1); |
3709 |
|
|
} |
3710 |
|
|
|
3711 |
|
|
return (ikev2_sa_keys(env, sa, osa ? osa->sa_key_d : NULL)); |
3712 |
|
|
} |
3713 |
|
|
|
3714 |
|
|
int |
3715 |
|
|
ikev2_sa_responder_dh(struct iked_kex *kex, struct iked_proposals *proposals, |
3716 |
|
|
struct iked_message *msg, unsigned int proto) |
3717 |
|
|
{ |
3718 |
|
|
struct iked_transform *xform; |
3719 |
|
|
|
3720 |
|
|
if (kex->kex_dhgroup == NULL) { |
3721 |
|
|
if ((xform = config_findtransform(proposals, |
3722 |
|
|
IKEV2_XFORMTYPE_DH, proto)) == NULL) { |
3723 |
|
|
log_debug("%s: did not find dh transform", __func__); |
3724 |
|
|
return (-1); |
3725 |
|
|
} |
3726 |
|
|
if ((kex->kex_dhgroup = |
3727 |
|
|
group_get(xform->xform_id)) == NULL) { |
3728 |
|
|
log_debug("%s: invalid dh %d", __func__, |
3729 |
|
|
xform->xform_id); |
3730 |
|
|
return (-1); |
3731 |
|
|
} |
3732 |
|
|
} |
3733 |
|
|
|
3734 |
|
|
if (!ibuf_length(kex->kex_dhrexchange)) { |
3735 |
|
|
if ((kex->kex_dhrexchange = ibuf_new(NULL, |
3736 |
|
|
dh_getlen(kex->kex_dhgroup))) == NULL) { |
3737 |
|
|
log_debug("%s: failed to alloc dh exchange", __func__); |
3738 |
|
|
return (-1); |
3739 |
|
|
} |
3740 |
|
|
if (dh_create_exchange(kex->kex_dhgroup, |
3741 |
|
|
kex->kex_dhrexchange->buf) == -1) { |
3742 |
|
|
log_debug("%s: failed to get dh exchange", __func__); |
3743 |
|
|
return (-1); |
3744 |
|
|
} |
3745 |
|
|
} |
3746 |
|
|
|
3747 |
|
|
if (!ibuf_length(kex->kex_dhiexchange)) { |
3748 |
|
|
if ((kex->kex_dhiexchange = ibuf_dup(msg->msg_ke)) == NULL || |
3749 |
|
|
((ssize_t)ibuf_length(kex->kex_dhiexchange) != |
3750 |
|
|
dh_getlen(kex->kex_dhgroup))) { |
3751 |
|
|
/* XXX send notification to peer */ |
3752 |
|
|
log_debug("%s: invalid dh, size %d", __func__, |
3753 |
|
|
dh_getlen(kex->kex_dhgroup) * 8); |
3754 |
|
|
return (-1); |
3755 |
|
|
} |
3756 |
|
|
} |
3757 |
|
|
|
3758 |
|
|
/* Set a pointer to the peer exchange */ |
3759 |
|
|
kex->kex_dhpeer = kex->kex_dhiexchange; |
3760 |
|
|
return (0); |
3761 |
|
|
} |
3762 |
|
|
int |
3763 |
|
|
ikev2_sa_responder(struct iked *env, struct iked_sa *sa, struct iked_sa *osa, |
3764 |
|
|
struct iked_message *msg) |
3765 |
|
|
{ |
3766 |
|
|
struct iked_transform *xform; |
3767 |
|
|
|
3768 |
|
|
sa_state(env, sa, IKEV2_STATE_SA_INIT); |
3769 |
|
|
|
3770 |
|
|
ibuf_release(sa->sa_1stmsg); |
3771 |
|
|
if ((sa->sa_1stmsg = ibuf_dup(msg->msg_data)) == NULL) { |
3772 |
|
|
log_debug("%s: failed to copy 1st message", __func__); |
3773 |
|
|
return (-1); |
3774 |
|
|
} |
3775 |
|
|
|
3776 |
|
|
if (!ibuf_length(sa->sa_rnonce) && |
3777 |
|
|
(sa->sa_rnonce = ibuf_random(IKED_NONCE_SIZE)) == NULL) { |
3778 |
|
|
log_debug("%s: failed to get local nonce", __func__); |
3779 |
|
|
return (-1); |
3780 |
|
|
} |
3781 |
|
|
|
3782 |
|
|
if (!ibuf_length(sa->sa_inonce) && |
3783 |
|
|
((ibuf_length(msg->msg_nonce) < IKED_NONCE_MIN) || |
3784 |
|
|
(sa->sa_inonce = ibuf_dup(msg->msg_nonce)) == NULL)) { |
3785 |
|
|
log_debug("%s: failed to get peer nonce", __func__); |
3786 |
|
|
return (-1); |
3787 |
|
|
} |
3788 |
|
|
|
3789 |
|
|
/* XXX we need a better way to get this */ |
3790 |
|
|
if (ikev2_sa_negotiate(&sa->sa_proposals, |
3791 |
|
|
&msg->msg_policy->pol_proposals, &msg->msg_proposals) != 0) { |
3792 |
|
|
log_debug("%s: no proposal chosen", __func__); |
3793 |
|
|
msg->msg_error = IKEV2_N_NO_PROPOSAL_CHOSEN; |
3794 |
|
|
return (-1); |
3795 |
|
|
} else if (sa_stateok(sa, IKEV2_STATE_SA_INIT)) |
3796 |
|
|
sa_stateflags(sa, IKED_REQ_SA); |
3797 |
|
|
|
3798 |
|
|
if (sa->sa_encr == NULL) { |
3799 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3800 |
|
|
IKEV2_XFORMTYPE_ENCR, 0)) == NULL) { |
3801 |
|
|
log_debug("%s: did not find encr transform", __func__); |
3802 |
|
|
return (-1); |
3803 |
|
|
} |
3804 |
|
|
if ((sa->sa_encr = cipher_new(xform->xform_type, |
3805 |
|
|
xform->xform_id, xform->xform_length)) == NULL) { |
3806 |
|
|
log_debug("%s: failed to get encr", __func__); |
3807 |
|
|
return (-1); |
3808 |
|
|
} |
3809 |
|
|
} |
3810 |
|
|
|
3811 |
|
|
if (sa->sa_prf == NULL) { |
3812 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3813 |
|
|
IKEV2_XFORMTYPE_PRF, 0)) == NULL) { |
3814 |
|
|
log_debug("%s: did not find prf transform", __func__); |
3815 |
|
|
return (-1); |
3816 |
|
|
} |
3817 |
|
|
if ((sa->sa_prf = |
3818 |
|
|
hash_new(xform->xform_type, xform->xform_id)) == NULL) { |
3819 |
|
|
log_debug("%s: failed to get prf", __func__); |
3820 |
|
|
return (-1); |
3821 |
|
|
} |
3822 |
|
|
} |
3823 |
|
|
|
3824 |
|
|
if (sa->sa_integr == NULL) { |
3825 |
|
|
if ((xform = config_findtransform(&sa->sa_proposals, |
3826 |
|
|
IKEV2_XFORMTYPE_INTEGR, 0)) == NULL) { |
3827 |
|
|
log_debug("%s: did not find integr transform", |
3828 |
|
|
__func__); |
3829 |
|
|
return (-1); |
3830 |
|
|
} |
3831 |
|
|
if ((sa->sa_integr = |
3832 |
|
|
hash_new(xform->xform_type, xform->xform_id)) == NULL) { |
3833 |
|
|
log_debug("%s: failed to get integr", __func__); |
3834 |
|
|
return (-1); |
3835 |
|
|
} |
3836 |
|
|
} |
3837 |
|
|
|
3838 |
|
|
if (ikev2_sa_responder_dh(&sa->sa_kex, &sa->sa_proposals, msg, 0) < 0) |
3839 |
|
|
return (-1); |
3840 |
|
|
|
3841 |
|
|
return (ikev2_sa_keys(env, sa, osa ? osa->sa_key_d : NULL)); |
3842 |
|
|
} |
3843 |
|
|
|
3844 |
|
|
int |
3845 |
|
|
ikev2_sa_keys(struct iked *env, struct iked_sa *sa, struct ibuf *key) |
3846 |
|
|
{ |
3847 |
|
|
struct iked_hash *prf, *integr; |
3848 |
|
|
struct iked_cipher *encr; |
3849 |
|
|
struct group *group; |
3850 |
|
|
struct ibuf *ninr, *dhsecret, *skeyseed, *s, *t; |
3851 |
|
|
size_t nonceminlen, ilen, rlen, tmplen; |
3852 |
|
|
uint64_t ispi, rspi; |
3853 |
|
|
int ret = -1; |
3854 |
|
|
|
3855 |
|
|
ninr = dhsecret = skeyseed = s = t = NULL; |
3856 |
|
|
|
3857 |
|
|
if ((encr = sa->sa_encr) == NULL || |
3858 |
|
|
(prf = sa->sa_prf) == NULL || |
3859 |
|
|
(integr = sa->sa_integr) == NULL || |
3860 |
|
|
(group = sa->sa_dhgroup) == NULL) { |
3861 |
|
|
log_debug("%s: failed to get key input data", __func__); |
3862 |
|
|
return (-1); |
3863 |
|
|
} |
3864 |
|
|
|
3865 |
|
|
if (prf->hash_fixedkey) |
3866 |
|
|
nonceminlen = prf->hash_fixedkey; |
3867 |
|
|
else |
3868 |
|
|
nonceminlen = IKED_NONCE_MIN; |
3869 |
|
|
|
3870 |
|
|
/* Nonces need a minimal size and should have an even length */ |
3871 |
|
|
if (ibuf_length(sa->sa_inonce) < nonceminlen || |
3872 |
|
|
(ibuf_length(sa->sa_inonce) % 2) != 0 || |
3873 |
|
|
ibuf_length(sa->sa_rnonce) < nonceminlen || |
3874 |
|
|
(ibuf_length(sa->sa_rnonce) % 2) != 0) { |
3875 |
|
|
log_debug("%s: invalid nonces", __func__); |
3876 |
|
|
return (-1); |
3877 |
|
|
} |
3878 |
|
|
|
3879 |
|
|
if (prf->hash_fixedkey) { |
3880 |
|
|
/* Half of the key bits must come from Ni, and half from Nr */ |
3881 |
|
|
ilen = prf->hash_fixedkey / 2; |
3882 |
|
|
rlen = prf->hash_fixedkey / 2; |
3883 |
|
|
} else { |
3884 |
|
|
/* Most PRF functions accept a variable-length key */ |
3885 |
|
|
ilen = ibuf_length(sa->sa_inonce); |
3886 |
|
|
rlen = ibuf_length(sa->sa_rnonce); |
3887 |
|
|
} |
3888 |
|
|
|
3889 |
|
|
/* |
3890 |
|
|
* Depending on whether we're generating new keying material |
3891 |
|
|
* or rekeying existing SA the algorithm is different. If the |
3892 |
|
|
* "key" argument is not specified a concatenation of nonces |
3893 |
|
|
* (Ni | Nr) is used as a PRF key, otherwise a "key" buffer |
3894 |
|
|
* is used and PRF is performed on the concatenation of DH |
3895 |
|
|
* exchange result and nonces (g^ir | Ni | Nr). See sections |
3896 |
|
|
* 2.14 and 2.18 of RFC5996 for more information. |
3897 |
|
|
*/ |
3898 |
|
|
|
3899 |
|
|
/* |
3900 |
|
|
* Generate g^ir |
3901 |
|
|
*/ |
3902 |
|
|
if ((dhsecret = ibuf_new(NULL, dh_getlen(group))) == NULL) { |
3903 |
|
|
log_debug("%s: failed to alloc dh secret", __func__); |
3904 |
|
|
goto done; |
3905 |
|
|
} |
3906 |
|
|
if (dh_create_shared(group, dhsecret->buf, |
3907 |
|
|
sa->sa_dhpeer->buf) == -1) { |
3908 |
|
|
log_debug("%s: failed to get dh secret" |
3909 |
|
|
" group %d len %d secret %zu exchange %zu", __func__, |
3910 |
|
|
group->id, dh_getlen(group), ibuf_length(dhsecret), |
3911 |
|
|
ibuf_length(sa->sa_dhpeer)); |
3912 |
|
|
goto done; |
3913 |
|
|
} |
3914 |
|
|
|
3915 |
|
|
if (!key) { |
3916 |
|
|
/* |
3917 |
|
|
* Set PRF key to generate SKEEYSEED = prf(Ni | Nr, g^ir) |
3918 |
|
|
*/ |
3919 |
|
|
if ((ninr = ibuf_new(sa->sa_inonce->buf, ilen)) == NULL || |
3920 |
|
|
ibuf_add(ninr, sa->sa_rnonce->buf, rlen) != 0) { |
3921 |
|
|
log_debug("%s: failed to get nonce key buffer", |
3922 |
|
|
__func__); |
3923 |
|
|
goto done; |
3924 |
|
|
} |
3925 |
|
|
key = ninr; |
3926 |
|
|
} else { |
3927 |
|
|
/* |
3928 |
|
|
* Set PRF key to generate SKEEYSEED = prf(key, g^ir | Ni | Nr) |
3929 |
|
|
*/ |
3930 |
|
|
if (ibuf_add(dhsecret, sa->sa_inonce->buf, ilen) != 0 || |
3931 |
|
|
ibuf_add(dhsecret, sa->sa_rnonce->buf, rlen) != 0) { |
3932 |
|
|
log_debug("%s: failed to get nonce key buffer", |
3933 |
|
|
__func__); |
3934 |
|
|
goto done; |
3935 |
|
|
} |
3936 |
|
|
} |
3937 |
|
|
|
3938 |
|
|
if ((hash_setkey(prf, key->buf, ibuf_length(key))) == NULL) { |
3939 |
|
|
log_debug("%s: failed to set prf key", __func__); |
3940 |
|
|
goto done; |
3941 |
|
|
} |
3942 |
|
|
|
3943 |
|
|
if ((skeyseed = ibuf_new(NULL, hash_length(prf))) == NULL) { |
3944 |
|
|
log_debug("%s: failed to get SKEYSEED buffer", __func__); |
3945 |
|
|
goto done; |
3946 |
|
|
} |
3947 |
|
|
|
3948 |
|
|
tmplen = 0; |
3949 |
|
|
hash_init(prf); |
3950 |
|
|
hash_update(prf, dhsecret->buf, ibuf_length(dhsecret)); |
3951 |
|
|
hash_final(prf, skeyseed->buf, &tmplen); |
3952 |
|
|
|
3953 |
|
|
log_debug("%s: SKEYSEED with %zu bytes", __func__, tmplen); |
3954 |
|
|
print_hex(skeyseed->buf, 0, tmplen); |
3955 |
|
|
|
3956 |
|
|
if (ibuf_setsize(skeyseed, tmplen) == -1) { |
3957 |
|
|
log_debug("%s: failed to set keymaterial length", __func__); |
3958 |
|
|
goto done; |
3959 |
|
|
} |
3960 |
|
|
|
3961 |
|
|
/* |
3962 |
|
|
* Now generate the key material |
3963 |
|
|
* |
3964 |
|
|
* S = Ni | Nr | SPIi | SPIr |
3965 |
|
|
*/ |
3966 |
|
|
|
3967 |
|
|
/* S = Ni | Nr | SPIi | SPIr */ |
3968 |
|
|
ilen = ibuf_length(sa->sa_inonce); |
3969 |
|
|
rlen = ibuf_length(sa->sa_rnonce); |
3970 |
|
|
ispi = htobe64(sa->sa_hdr.sh_ispi); |
3971 |
|
|
rspi = htobe64(sa->sa_hdr.sh_rspi); |
3972 |
|
|
|
3973 |
|
|
if ((s = ibuf_new(sa->sa_inonce->buf, ilen)) == NULL || |
3974 |
|
|
ibuf_add(s, sa->sa_rnonce->buf, rlen) != 0 || |
3975 |
|
|
ibuf_add(s, &ispi, sizeof(ispi)) != 0 || |
3976 |
|
|
ibuf_add(s, &rspi, sizeof(rspi)) != 0) { |
3977 |
|
|
log_debug("%s: failed to set S buffer", __func__); |
3978 |
|
|
goto done; |
3979 |
|
|
} |
3980 |
|
|
|
3981 |
|
|
log_debug("%s: S with %zu bytes", __func__, ibuf_length(s)); |
3982 |
|
|
print_hex(s->buf, 0, ibuf_length(s)); |
3983 |
|
|
|
3984 |
|
|
/* |
3985 |
|
|
* Get the size of the key material we need and the number |
3986 |
|
|
* of rounds we need to run the prf+ function. |
3987 |
|
|
*/ |
3988 |
|
|
ilen = hash_length(prf) + /* SK_d */ |
3989 |
|
|
hash_keylength(integr) + /* SK_ai */ |
3990 |
|
|
hash_keylength(integr) + /* SK_ar */ |
3991 |
|
|
cipher_keylength(encr) + /* SK_ei */ |
3992 |
|
|
cipher_keylength(encr) + /* SK_er */ |
3993 |
|
|
hash_keylength(prf) + /* SK_pi */ |
3994 |
|
|
hash_keylength(prf); /* SK_pr */ |
3995 |
|
|
|
3996 |
|
|
if ((t = ikev2_prfplus(prf, skeyseed, s, ilen)) == NULL) { |
3997 |
|
|
log_debug("%s: failed to get IKE SA key material", __func__); |
3998 |
|
|
goto done; |
3999 |
|
|
} |
4000 |
|
|
|
4001 |
|
|
/* ibuf_get() returns a new buffer from the next read offset */ |
4002 |
|
|
if ((sa->sa_key_d = ibuf_get(t, hash_length(prf))) == NULL || |
4003 |
|
|
(sa->sa_key_iauth = ibuf_get(t, hash_keylength(integr))) == NULL || |
4004 |
|
|
(sa->sa_key_rauth = ibuf_get(t, hash_keylength(integr))) == NULL || |
4005 |
|
|
(sa->sa_key_iencr = ibuf_get(t, cipher_keylength(encr))) == NULL || |
4006 |
|
|
(sa->sa_key_rencr = ibuf_get(t, cipher_keylength(encr))) == NULL || |
4007 |
|
|
(sa->sa_key_iprf = ibuf_get(t, hash_length(prf))) == NULL || |
4008 |
|
|
(sa->sa_key_rprf = ibuf_get(t, hash_length(prf))) == NULL) { |
4009 |
|
|
log_debug("%s: failed to get SA keys", __func__); |
4010 |
|
|
goto done; |
4011 |
|
|
} |
4012 |
|
|
|
4013 |
|
|
log_debug("%s: SK_d with %zu bytes", __func__, |
4014 |
|
|
ibuf_length(sa->sa_key_d)); |
4015 |
|
|
print_hex(sa->sa_key_d->buf, 0, ibuf_length(sa->sa_key_d)); |
4016 |
|
|
log_debug("%s: SK_ai with %zu bytes", __func__, |
4017 |
|
|
ibuf_length(sa->sa_key_iauth)); |
4018 |
|
|
print_hex(sa->sa_key_iauth->buf, 0, ibuf_length(sa->sa_key_iauth)); |
4019 |
|
|
log_debug("%s: SK_ar with %zu bytes", __func__, |
4020 |
|
|
ibuf_length(sa->sa_key_rauth)); |
4021 |
|
|
print_hex(sa->sa_key_rauth->buf, 0, ibuf_length(sa->sa_key_rauth)); |
4022 |
|
|
log_debug("%s: SK_ei with %zu bytes", __func__, |
4023 |
|
|
ibuf_length(sa->sa_key_iencr)); |
4024 |
|
|
print_hex(sa->sa_key_iencr->buf, 0, ibuf_length(sa->sa_key_iencr)); |
4025 |
|
|
log_debug("%s: SK_er with %zu bytes", __func__, |
4026 |
|
|
ibuf_length(sa->sa_key_rencr)); |
4027 |
|
|
print_hex(sa->sa_key_rencr->buf, 0, ibuf_length(sa->sa_key_rencr)); |
4028 |
|
|
log_debug("%s: SK_pi with %zu bytes", __func__, |
4029 |
|
|
ibuf_length(sa->sa_key_iprf)); |
4030 |
|
|
print_hex(sa->sa_key_iprf->buf, 0, ibuf_length(sa->sa_key_iprf)); |
4031 |
|
|
log_debug("%s: SK_pr with %zu bytes", __func__, |
4032 |
|
|
ibuf_length(sa->sa_key_rprf)); |
4033 |
|
|
print_hex(sa->sa_key_rprf->buf, 0, ibuf_length(sa->sa_key_rprf)); |
4034 |
|
|
|
4035 |
|
|
ret = 0; |
4036 |
|
|
|
4037 |
|
|
done: |
4038 |
|
|
ibuf_release(ninr); |
4039 |
|
|
ibuf_release(dhsecret); |
4040 |
|
|
ibuf_release(skeyseed); |
4041 |
|
|
ibuf_release(s); |
4042 |
|
|
ibuf_release(t); |
4043 |
|
|
|
4044 |
|
|
return (ret); |
4045 |
|
|
} |
4046 |
|
|
|
4047 |
|
|
void |
4048 |
|
|
ikev2_sa_cleanup_dh(struct iked_sa *sa) |
4049 |
|
|
{ |
4050 |
|
|
ibuf_release(sa->sa_dhiexchange); |
4051 |
|
|
ibuf_release(sa->sa_dhrexchange); |
4052 |
|
|
group_free(sa->sa_dhgroup); |
4053 |
|
|
sa->sa_dhiexchange = NULL; |
4054 |
|
|
sa->sa_dhrexchange = NULL; |
4055 |
|
|
sa->sa_dhgroup = NULL; |
4056 |
|
|
} |
4057 |
|
|
|
4058 |
|
|
struct ibuf * |
4059 |
|
|
ikev2_prfplus(struct iked_hash *prf, struct ibuf *key, struct ibuf *seed, |
4060 |
|
|
size_t keymatlen) |
4061 |
|
|
{ |
4062 |
|
|
struct ibuf *t = NULL, *t1 = NULL, *t2 = NULL; |
4063 |
|
|
size_t rlen, i, hashlen = 0; |
4064 |
|
|
uint8_t pad = 0; |
4065 |
|
|
|
4066 |
|
|
/* |
4067 |
|
|
* prf+ (K, S) = T1 | T2 | T3 | T4 | ... |
4068 |
|
|
* |
4069 |
|
|
* T1 = prf (K, S | 0x01) |
4070 |
|
|
* T2 = prf (K, T1 | S | 0x02) |
4071 |
|
|
* T3 = prf (K, T2 | S | 0x03) |
4072 |
|
|
* T4 = prf (K, T3 | S | 0x04) |
4073 |
|
|
*/ |
4074 |
|
|
|
4075 |
|
|
if ((hash_setkey(prf, ibuf_data(key), ibuf_size(key))) == NULL) { |
4076 |
|
|
log_debug("%s: failed to set prf+ key", __func__); |
4077 |
|
|
goto fail; |
4078 |
|
|
} |
4079 |
|
|
|
4080 |
|
|
if ((t = ibuf_new(NULL, 0)) == NULL) { |
4081 |
|
|
log_debug("%s: failed to get T buffer", __func__); |
4082 |
|
|
goto fail; |
4083 |
|
|
} |
4084 |
|
|
|
4085 |
|
|
rlen = roundup(keymatlen, hash_length(prf)) / hash_length(prf); |
4086 |
|
|
if (rlen > 255) |
4087 |
|
|
fatalx("ikev2_prfplus: key material too large"); |
4088 |
|
|
|
4089 |
|
|
for (i = 0; i < rlen; i++) { |
4090 |
|
|
if (t1 != NULL) { |
4091 |
|
|
t2 = ibuf_new(t1->buf, ibuf_length(t1)); |
4092 |
|
|
ibuf_release(t1); |
4093 |
|
|
} else |
4094 |
|
|
t2 = ibuf_new(NULL, 0); |
4095 |
|
|
t1 = ibuf_new(NULL, hash_length(prf)); |
4096 |
|
|
|
4097 |
|
|
ibuf_add(t2, seed->buf, ibuf_length(seed)); |
4098 |
|
|
pad = i + 1; |
4099 |
|
|
ibuf_add(t2, &pad, 1); |
4100 |
|
|
|
4101 |
|
|
hash_init(prf); |
4102 |
|
|
hash_update(prf, t2->buf, ibuf_length(t2)); |
4103 |
|
|
hash_final(prf, t1->buf, &hashlen); |
4104 |
|
|
|
4105 |
|
|
if (hashlen != hash_length(prf)) |
4106 |
|
|
fatalx("ikev2_prfplus: hash length mismatch"); |
4107 |
|
|
|
4108 |
|
|
ibuf_release(t2); |
4109 |
|
|
ibuf_add(t, t1->buf, ibuf_length(t1)); |
4110 |
|
|
|
4111 |
|
|
log_debug("%s: T%d with %zu bytes", __func__, |
4112 |
|
|
pad, ibuf_length(t1)); |
4113 |
|
|
print_hex(t1->buf, 0, ibuf_length(t1)); |
4114 |
|
|
} |
4115 |
|
|
|
4116 |
|
|
log_debug("%s: Tn with %zu bytes", __func__, ibuf_length(t)); |
4117 |
|
|
print_hex(t->buf, 0, ibuf_length(t)); |
4118 |
|
|
|
4119 |
|
|
ibuf_release(t1); |
4120 |
|
|
|
4121 |
|
|
return (t); |
4122 |
|
|
|
4123 |
|
|
fail: |
4124 |
|
|
ibuf_release(t1); |
4125 |
|
|
ibuf_release(t); |
4126 |
|
|
|
4127 |
|
|
return (NULL); |
4128 |
|
|
} |
4129 |
|
|
|
4130 |
|
|
int |
4131 |
|
|
ikev2_sa_tag(struct iked_sa *sa, struct iked_id *id) |
4132 |
|
|
{ |
4133 |
|
|
char *format, *domain = NULL, *idrepl = NULL; |
4134 |
|
|
char idstr[IKED_ID_SIZE]; |
4135 |
|
|
int ret = -1; |
4136 |
|
|
size_t len; |
4137 |
|
|
|
4138 |
|
|
free(sa->sa_tag); |
4139 |
|
|
sa->sa_tag = NULL; |
4140 |
|
|
format = sa->sa_policy->pol_tag; |
4141 |
|
|
|
4142 |
|
|
len = IKED_TAG_SIZE; |
4143 |
|
|
if ((sa->sa_tag = calloc(1, len)) == NULL) { |
4144 |
|
|
log_debug("%s: calloc", __func__); |
4145 |
|
|
goto fail; |
4146 |
|
|
} |
4147 |
|
|
if (strlcpy(sa->sa_tag, format, len) >= len) { |
4148 |
|
|
log_debug("%s: tag too long", __func__); |
4149 |
|
|
goto fail; |
4150 |
|
|
} |
4151 |
|
|
|
4152 |
|
|
if (ikev2_print_id(id, idstr, sizeof(idstr)) == -1) { |
4153 |
|
|
log_debug("%s: invalid id", __func__); |
4154 |
|
|
goto fail; |
4155 |
|
|
} |
4156 |
|
|
|
4157 |
|
|
/* ASN.1 DER IDs are too long, use the CN part instead */ |
4158 |
|
|
if ((id->id_type == IKEV2_ID_ASN1_DN) && |
4159 |
|
|
(idrepl = strstr(idstr, "CN=")) != NULL) { |
4160 |
|
|
domain = strstr(idrepl, "emailAddress="); |
4161 |
|
|
idrepl[strcspn(idrepl, "/")] = '\0'; |
4162 |
|
|
} else |
4163 |
|
|
idrepl = idstr; |
4164 |
|
|
|
4165 |
|
|
if (strstr(format, "$id") != NULL) { |
4166 |
|
|
if (expand_string(sa->sa_tag, len, "$id", idrepl) != 0) { |
4167 |
|
|
log_debug("%s: failed to expand tag", __func__); |
4168 |
|
|
goto fail; |
4169 |
|
|
} |
4170 |
|
|
} |
4171 |
|
|
|
4172 |
|
|
if (strstr(format, "$name") != NULL) { |
4173 |
|
|
if (expand_string(sa->sa_tag, len, "$name", |
4174 |
|
|
sa->sa_policy->pol_name) != 0) { |
4175 |
|
|
log_debug("%s: failed to expand tag", __func__); |
4176 |
|
|
goto fail; |
4177 |
|
|
} |
4178 |
|
|
} |
4179 |
|
|
|
4180 |
|
|
if (strstr(format, "$domain") != NULL) { |
4181 |
|
|
if (id->id_type == IKEV2_ID_FQDN) |
4182 |
|
|
domain = strchr(idrepl, '.'); |
4183 |
|
|
else if (id->id_type == IKEV2_ID_UFQDN) |
4184 |
|
|
domain = strchr(idrepl, '@'); |
4185 |
|
|
else if (*idstr == '/' && domain != NULL) |
4186 |
|
|
domain = strchr(domain, '@'); |
4187 |
|
|
else |
4188 |
|
|
domain = NULL; |
4189 |
|
|
if (domain == NULL || strlen(domain) < 2) { |
4190 |
|
|
log_debug("%s: no valid domain in ID %s", |
4191 |
|
|
__func__, idstr); |
4192 |
|
|
goto fail; |
4193 |
|
|
} |
4194 |
|
|
domain++; |
4195 |
|
|
if (expand_string(sa->sa_tag, len, "$domain", domain) != 0) { |
4196 |
|
|
log_debug("%s: failed to expand tag", __func__); |
4197 |
|
|
goto fail; |
4198 |
|
|
} |
4199 |
|
|
} |
4200 |
|
|
|
4201 |
|
|
log_debug("%s: %s (%zu)", __func__, sa->sa_tag, strlen(sa->sa_tag)); |
4202 |
|
|
|
4203 |
|
|
ret = 0; |
4204 |
|
|
fail: |
4205 |
|
|
if (ret != 0) { |
4206 |
|
|
free(sa->sa_tag); |
4207 |
|
|
sa->sa_tag = NULL; |
4208 |
|
|
} |
4209 |
|
|
|
4210 |
|
|
return (ret); |
4211 |
|
|
} |
4212 |
|
|
|
4213 |
|
|
int |
4214 |
|
|
ikev2_childsa_negotiate(struct iked *env, struct iked_sa *sa, |
4215 |
|
|
struct iked_kex *kex, struct iked_proposals *proposals, int initiator, |
4216 |
|
|
int pfs) |
4217 |
|
|
{ |
4218 |
|
|
struct iked_proposal *prop; |
4219 |
|
|
struct iked_transform *xform, *encrxf = NULL, *integrxf = NULL; |
4220 |
|
|
struct iked_childsa *csa, *csb; |
4221 |
|
|
struct iked_flow *flow, *saflow, *flowa, *flowb; |
4222 |
|
|
struct ibuf *keymat = NULL, *seed = NULL, *dhsecret = NULL; |
4223 |
|
|
struct group *group; |
4224 |
|
|
uint32_t spi = 0; |
4225 |
|
|
unsigned int i; |
4226 |
|
|
size_t ilen = 0; |
4227 |
|
|
int esn, skip, ret = -1; |
4228 |
|
|
|
4229 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_VALID)) |
4230 |
|
|
return (-1); |
4231 |
|
|
|
4232 |
|
|
if (ikev2_sa_tag(sa, IKESA_DSTID(sa)) == -1) |
4233 |
|
|
return (-1); |
4234 |
|
|
|
4235 |
|
|
/* We need to determine the key material length first */ |
4236 |
|
|
TAILQ_FOREACH(prop, proposals, prop_entry) { |
4237 |
|
|
if (prop->prop_protoid == IKEV2_SAPROTO_IKE) |
4238 |
|
|
continue; |
4239 |
|
|
log_debug("%s: proposal %d", __func__, prop->prop_id); |
4240 |
|
|
for (i = 0; i < prop->prop_nxforms; i++) { |
4241 |
|
|
xform = prop->prop_xforms + i; |
4242 |
|
|
xform->xform_keylength = |
4243 |
|
|
keylength_xf(prop->prop_protoid, |
4244 |
|
|
xform->xform_type, xform->xform_id); |
4245 |
|
|
|
4246 |
|
|
switch (xform->xform_type) { |
4247 |
|
|
case IKEV2_XFORMTYPE_ENCR: |
4248 |
|
|
case IKEV2_XFORMTYPE_INTEGR: |
4249 |
|
|
if (xform->xform_length) |
4250 |
|
|
xform->xform_keylength = |
4251 |
|
|
xform->xform_length; |
4252 |
|
|
xform->xform_keylength += |
4253 |
|
|
noncelength_xf(xform->xform_type, |
4254 |
|
|
xform->xform_id); |
4255 |
|
|
ilen += xform->xform_keylength / 8; |
4256 |
|
|
break; |
4257 |
|
|
} |
4258 |
|
|
} |
4259 |
|
|
} |
4260 |
|
|
|
4261 |
|
|
/* double key material length for inbound/outbound */ |
4262 |
|
|
ilen *= 2; |
4263 |
|
|
|
4264 |
|
|
log_debug("%s: key material length %zu", __func__, ilen); |
4265 |
|
|
|
4266 |
|
|
if ((seed = ibuf_new(NULL, 0)) == NULL) { |
4267 |
|
|
log_debug("%s: failed to setup IKE SA key material", __func__); |
4268 |
|
|
goto done; |
4269 |
|
|
} |
4270 |
|
|
if (pfs) { |
4271 |
|
|
log_debug("%s: using PFS", __func__); |
4272 |
|
|
if (kex->kex_dhpeer == NULL || |
4273 |
|
|
ibuf_length(kex->kex_dhpeer) == 0 || |
4274 |
|
|
(group = kex->kex_dhgroup) == NULL) { |
4275 |
|
|
log_debug("%s: no dh group for pfs", __func__); |
4276 |
|
|
goto done; |
4277 |
|
|
} |
4278 |
|
|
if ((dhsecret = ibuf_new(NULL, dh_getlen(group))) == NULL) { |
4279 |
|
|
log_debug("%s: failed to alloc dh secret", __func__); |
4280 |
|
|
goto done; |
4281 |
|
|
} |
4282 |
|
|
if (dh_create_shared(group, dhsecret->buf, |
4283 |
|
|
kex->kex_dhpeer->buf) == -1) { |
4284 |
|
|
log_debug("%s: failed to get dh secret" |
4285 |
|
|
" group %d len %d secret %zu exchange %zu", |
4286 |
|
|
__func__, group->id, dh_getlen(group), |
4287 |
|
|
ibuf_length(dhsecret), |
4288 |
|
|
ibuf_length(kex->kex_dhpeer)); |
4289 |
|
|
goto done; |
4290 |
|
|
} |
4291 |
|
|
if (ibuf_cat(seed, dhsecret) != 0) { |
4292 |
|
|
log_debug("%s: failed to set dh secret", __func__); |
4293 |
|
|
goto done; |
4294 |
|
|
} |
4295 |
|
|
} |
4296 |
|
|
if (ibuf_cat(seed, kex->kex_inonce) != 0 || |
4297 |
|
|
ibuf_cat(seed, kex->kex_rnonce) != 0 || |
4298 |
|
|
(keymat = ikev2_prfplus(sa->sa_prf, |
4299 |
|
|
sa->sa_key_d, seed, ilen)) == NULL) { |
4300 |
|
|
log_debug("%s: failed to get IKE SA key material", __func__); |
4301 |
|
|
goto done; |
4302 |
|
|
} |
4303 |
|
|
|
4304 |
|
|
/* Create the new flows */ |
4305 |
|
|
TAILQ_FOREACH(prop, proposals, prop_entry) { |
4306 |
|
|
if (ikev2_valid_proposal(prop, NULL, NULL, NULL) != 0) |
4307 |
|
|
continue; |
4308 |
|
|
|
4309 |
|
|
RB_FOREACH(flow, iked_flows, &sa->sa_policy->pol_flows) { |
4310 |
|
|
skip = 0; |
4311 |
|
|
TAILQ_FOREACH(saflow, &sa->sa_flows, flow_entry) { |
4312 |
|
|
if (IKED_ADDR_EQ(&saflow->flow_src, |
4313 |
|
|
&flow->flow_src) && |
4314 |
|
|
IKED_ADDR_EQ(&saflow->flow_dst, |
4315 |
|
|
&flow->flow_dst) && |
4316 |
|
|
saflow->flow_saproto == |
4317 |
|
|
prop->prop_protoid) { |
4318 |
|
|
skip = 1; |
4319 |
|
|
break; |
4320 |
|
|
} |
4321 |
|
|
} |
4322 |
|
|
if (skip) |
4323 |
|
|
continue; |
4324 |
|
|
|
4325 |
|
|
if ((flowa = calloc(1, sizeof(*flowa))) == NULL) { |
4326 |
|
|
log_debug("%s: failed to get flow", __func__); |
4327 |
|
|
goto done; |
4328 |
|
|
} |
4329 |
|
|
|
4330 |
|
|
memcpy(flowa, flow, sizeof(*flow)); |
4331 |
|
|
flowa->flow_dir = IPSP_DIRECTION_OUT; |
4332 |
|
|
flowa->flow_saproto = prop->prop_protoid; |
4333 |
|
|
flowa->flow_local = &sa->sa_local; |
4334 |
|
|
flowa->flow_peer = &sa->sa_peer; |
4335 |
|
|
flowa->flow_ikesa = sa; |
4336 |
|
|
ikev2_cp_fixaddr(sa, &flow->flow_dst, &flowa->flow_dst); |
4337 |
|
|
|
4338 |
|
|
if ((flowb = calloc(1, sizeof(*flowb))) == NULL) { |
4339 |
|
|
log_debug("%s: failed to get flow", __func__); |
4340 |
|
|
flow_free(flowa); |
4341 |
|
|
goto done; |
4342 |
|
|
} |
4343 |
|
|
|
4344 |
|
|
memcpy(flowb, flowa, sizeof(*flow)); |
4345 |
|
|
|
4346 |
|
|
flowb->flow_dir = IPSP_DIRECTION_IN; |
4347 |
|
|
memcpy(&flowb->flow_src, &flow->flow_dst, |
4348 |
|
|
sizeof(flow->flow_dst)); |
4349 |
|
|
memcpy(&flowb->flow_dst, &flow->flow_src, |
4350 |
|
|
sizeof(flow->flow_src)); |
4351 |
|
|
ikev2_cp_fixaddr(sa, &flow->flow_dst, &flowb->flow_src); |
4352 |
|
|
|
4353 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_flows, flowa, flow_entry); |
4354 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_flows, flowb, flow_entry); |
4355 |
|
|
} |
4356 |
|
|
} |
4357 |
|
|
|
4358 |
|
|
/* create the CHILD SAs using the key material */ |
4359 |
|
|
TAILQ_FOREACH(prop, proposals, prop_entry) { |
4360 |
|
|
if (ikev2_valid_proposal(prop, &encrxf, &integrxf, &esn) != 0) |
4361 |
|
|
continue; |
4362 |
|
|
|
4363 |
|
|
spi = 0; |
4364 |
|
|
|
4365 |
|
|
if ((csa = calloc(1, sizeof(*csa))) == NULL) { |
4366 |
|
|
log_debug("%s: failed to get CHILD SA", __func__); |
4367 |
|
|
goto done; |
4368 |
|
|
} |
4369 |
|
|
|
4370 |
|
|
csa->csa_saproto = prop->prop_protoid; |
4371 |
|
|
csa->csa_ikesa = sa; |
4372 |
|
|
csa->csa_spi.spi_protoid = prop->prop_protoid; |
4373 |
|
|
csa->csa_esn = esn; |
4374 |
|
|
|
4375 |
|
|
/* Set up responder's SPIs */ |
4376 |
|
|
if (initiator) { |
4377 |
|
|
csa->csa_dir = IPSP_DIRECTION_OUT; |
4378 |
|
|
csa->csa_local = &sa->sa_local; |
4379 |
|
|
csa->csa_peer = &sa->sa_peer; |
4380 |
|
|
csa->csa_peerspi = prop->prop_localspi.spi; |
4381 |
|
|
csa->csa_spi.spi = prop->prop_peerspi.spi; |
4382 |
|
|
csa->csa_spi.spi_size = prop->prop_peerspi.spi_size; |
4383 |
|
|
} else { |
4384 |
|
|
csa->csa_dir = IPSP_DIRECTION_IN; |
4385 |
|
|
csa->csa_local = &sa->sa_peer; |
4386 |
|
|
csa->csa_peer = &sa->sa_local; |
4387 |
|
|
|
4388 |
|
|
if ((ret = pfkey_sa_init(env->sc_pfkey, csa, |
4389 |
|
|
&spi)) != 0) |
4390 |
|
|
goto done; |
4391 |
|
|
csa->csa_allocated = 1; |
4392 |
|
|
|
4393 |
|
|
csa->csa_peerspi = prop->prop_peerspi.spi; |
4394 |
|
|
csa->csa_spi.spi = prop->prop_localspi.spi = spi; |
4395 |
|
|
csa->csa_spi.spi_size = 4; |
4396 |
|
|
} |
4397 |
|
|
|
4398 |
|
|
if (encrxf && (csa->csa_encrkey = ibuf_get(keymat, |
4399 |
|
|
encrxf->xform_keylength / 8)) == NULL) { |
4400 |
|
|
log_debug("%s: failed to get CHILD SA encryption key", |
4401 |
|
|
__func__); |
4402 |
|
|
childsa_free(csa); |
4403 |
|
|
goto done; |
4404 |
|
|
} |
4405 |
|
|
if (integrxf && (csa->csa_integrkey = ibuf_get(keymat, |
4406 |
|
|
integrxf->xform_keylength / 8)) == NULL) { |
4407 |
|
|
log_debug("%s: failed to get CHILD SA integrity key", |
4408 |
|
|
__func__); |
4409 |
|
|
childsa_free(csa); |
4410 |
|
|
goto done; |
4411 |
|
|
} |
4412 |
|
|
if (encrxf) |
4413 |
|
|
csa->csa_encrid = encrxf->xform_id; |
4414 |
|
|
if (integrxf) |
4415 |
|
|
csa->csa_integrid = integrxf->xform_id; |
4416 |
|
|
|
4417 |
|
|
if ((csb = calloc(1, sizeof(*csb))) == NULL) { |
4418 |
|
|
log_debug("%s: failed to get CHILD SA", __func__); |
4419 |
|
|
childsa_free(csa); |
4420 |
|
|
goto done; |
4421 |
|
|
} |
4422 |
|
|
|
4423 |
|
|
memcpy(csb, csa, sizeof(*csb)); |
4424 |
|
|
|
4425 |
|
|
/* Set up initiator's SPIs */ |
4426 |
|
|
csb->csa_spi.spi = csa->csa_peerspi; |
4427 |
|
|
csb->csa_peerspi = csa->csa_spi.spi; |
4428 |
|
|
csb->csa_allocated = csa->csa_allocated ? 0 : 1; |
4429 |
|
|
csb->csa_dir = csa->csa_dir == IPSP_DIRECTION_IN ? |
4430 |
|
|
IPSP_DIRECTION_OUT : IPSP_DIRECTION_IN; |
4431 |
|
|
csb->csa_local = csa->csa_peer; |
4432 |
|
|
csb->csa_peer = csa->csa_local; |
4433 |
|
|
|
4434 |
|
|
if (encrxf && (csb->csa_encrkey = ibuf_get(keymat, |
4435 |
|
|
encrxf->xform_keylength / 8)) == NULL) { |
4436 |
|
|
log_debug("%s: failed to get CHILD SA encryption key", |
4437 |
|
|
__func__); |
4438 |
|
|
childsa_free(csa); |
4439 |
|
|
childsa_free(csb); |
4440 |
|
|
goto done; |
4441 |
|
|
} |
4442 |
|
|
if (integrxf && (csb->csa_integrkey = ibuf_get(keymat, |
4443 |
|
|
integrxf->xform_keylength / 8)) == NULL) { |
4444 |
|
|
log_debug("%s: failed to get CHILD SA integrity key", |
4445 |
|
|
__func__); |
4446 |
|
|
childsa_free(csa); |
4447 |
|
|
childsa_free(csb); |
4448 |
|
|
goto done; |
4449 |
|
|
} |
4450 |
|
|
|
4451 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_childsas, csa, csa_entry); |
4452 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_childsas, csb, csa_entry); |
4453 |
|
|
|
4454 |
|
|
csa->csa_peersa = csb; |
4455 |
|
|
csb->csa_peersa = csa; |
4456 |
|
|
} |
4457 |
|
|
|
4458 |
|
|
ret = 0; |
4459 |
|
|
done: |
4460 |
|
|
ibuf_release(dhsecret); |
4461 |
|
|
ibuf_release(keymat); |
4462 |
|
|
ibuf_release(seed); |
4463 |
|
|
|
4464 |
|
|
return (ret); |
4465 |
|
|
} |
4466 |
|
|
|
4467 |
|
|
/* free a replaced IPCOMP SA */ |
4468 |
|
|
void |
4469 |
|
|
ikev2_ipcomp_csa_free(struct iked *env, struct iked_childsa *csa) |
4470 |
|
|
{ |
4471 |
|
|
if (csa->csa_children) |
4472 |
|
|
fatalx("ikev2_ipcomp_csa_free: has children"); |
4473 |
|
|
if (csa->csa_ikesa) |
4474 |
|
|
TAILQ_REMOVE(&csa->csa_ikesa->sa_childsas, csa, |
4475 |
|
|
csa_entry); |
4476 |
|
|
if (csa->csa_loaded) { |
4477 |
|
|
log_debug("%s: csa %p loaded: calling pfkey_sa_delete", |
4478 |
|
|
__func__, csa); |
4479 |
|
|
pfkey_sa_delete(env->sc_pfkey, csa); |
4480 |
|
|
RB_REMOVE(iked_activesas, &env->sc_activesas, csa); |
4481 |
|
|
} |
4482 |
|
|
childsa_free(csa); |
4483 |
|
|
} |
4484 |
|
|
|
4485 |
|
|
int |
4486 |
|
|
ikev2_ipcomp_enable(struct iked *env, struct iked_sa *sa) |
4487 |
|
|
{ |
4488 |
|
|
struct iked_childsa *other, *nother, *csa = NULL, *csb = NULL; |
4489 |
|
|
struct iked_flow *flow, *flowa = NULL, *flowb = NULL; |
4490 |
|
|
struct iked_flow *nflow, *oflow; |
4491 |
|
|
|
4492 |
|
|
if ((csa = calloc(1, sizeof(*csa))) == NULL || |
4493 |
|
|
(csb = calloc(1, sizeof(*csb))) == NULL || |
4494 |
|
|
(flowa = calloc(1, sizeof(*flowa))) == NULL || |
4495 |
|
|
(flowb = calloc(1, sizeof(*flowb))) == NULL) { |
4496 |
|
|
free(csa); |
4497 |
|
|
free(csb); |
4498 |
|
|
free(flowa); |
4499 |
|
|
free(flowb); |
4500 |
|
|
return (-1); |
4501 |
|
|
} |
4502 |
|
|
|
4503 |
|
|
/* switch ESP SAs to transport mode */ |
4504 |
|
|
TAILQ_FOREACH(other, &sa->sa_childsas, csa_entry) { |
4505 |
|
|
if (!other->csa_rekey && !other->csa_loaded && |
4506 |
|
|
other->csa_saproto == IKEV2_SAPROTO_ESP) { |
4507 |
|
|
other->csa_transport = 1; |
4508 |
|
|
if (other->csa_dir == IPSP_DIRECTION_OUT) { |
4509 |
|
|
other->csa_parent = csa; |
4510 |
|
|
csa->csa_children++; |
4511 |
|
|
} else { |
4512 |
|
|
other->csa_parent = csb; |
4513 |
|
|
csb->csa_children++; |
4514 |
|
|
} |
4515 |
|
|
} |
4516 |
|
|
} |
4517 |
|
|
|
4518 |
|
|
/* install IPCOMP SAs */ |
4519 |
|
|
csa->csa_ikesa = sa; |
4520 |
|
|
csa->csa_saproto = IKEV2_SAPROTO_IPCOMP; |
4521 |
|
|
csa->csa_spi.spi_size = 2; |
4522 |
|
|
csa->csa_spi.spi = sa->sa_cpi_out; |
4523 |
|
|
csa->csa_peerspi = sa->sa_cpi_in; |
4524 |
|
|
csa->csa_dir = IPSP_DIRECTION_OUT; |
4525 |
|
|
csa->csa_local = &sa->sa_local; |
4526 |
|
|
csa->csa_peer = &sa->sa_peer; |
4527 |
|
|
|
4528 |
|
|
memcpy(csb, csa, sizeof(*csb)); |
4529 |
|
|
csb->csa_spi.spi = csa->csa_peerspi; |
4530 |
|
|
csb->csa_peerspi = csa->csa_spi.spi; |
4531 |
|
|
csb->csa_dir = IPSP_DIRECTION_IN; |
4532 |
|
|
csb->csa_local = csa->csa_peer; |
4533 |
|
|
csb->csa_peer = csa->csa_local; |
4534 |
|
|
csb->csa_allocated = 1; |
4535 |
|
|
|
4536 |
|
|
/* remove old replaced IPCOMP SAs */ |
4537 |
|
|
TAILQ_FOREACH_SAFE(other, &sa->sa_childsas, csa_entry, nother) { |
4538 |
|
|
if (other->csa_saproto != IKEV2_SAPROTO_IPCOMP || |
4539 |
|
|
other->csa_children != 0) |
4540 |
|
|
continue; |
4541 |
|
|
if (other->csa_dir == csa->csa_dir && |
4542 |
|
|
IKED_ADDR_EQ(other->csa_local, csa->csa_local) && |
4543 |
|
|
IKED_ADDR_EQ(other->csa_peer, csa->csa_peer)) { |
4544 |
|
|
log_debug("%s: csa %p replaces %p", |
4545 |
|
|
__func__, csa, other); |
4546 |
|
|
ikev2_ipcomp_csa_free(env, other); |
4547 |
|
|
} else if (other->csa_dir == csb->csa_dir && |
4548 |
|
|
IKED_ADDR_EQ(other->csa_local, csb->csa_local) && |
4549 |
|
|
IKED_ADDR_EQ(other->csa_peer, csb->csa_peer)) { |
4550 |
|
|
log_debug("%s: csa %p replaces %p", |
4551 |
|
|
__func__, csb, other); |
4552 |
|
|
ikev2_ipcomp_csa_free(env, other); |
4553 |
|
|
} |
4554 |
|
|
} |
4555 |
|
|
|
4556 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_childsas, csa, csa_entry); |
4557 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_childsas, csb, csa_entry); |
4558 |
|
|
|
4559 |
|
|
csa->csa_peersa = csb; |
4560 |
|
|
csb->csa_peersa = csa; |
4561 |
|
|
|
4562 |
|
|
/* redirect flows to IPCOMP */ |
4563 |
|
|
/* XXX expensive? should be merged into ikev2_childsa_negotiate() */ |
4564 |
|
|
TAILQ_FOREACH_SAFE(flow, &sa->sa_flows, flow_entry, nflow) { |
4565 |
|
|
if (flow->flow_loaded || |
4566 |
|
|
flow->flow_saproto != IKEV2_SAPROTO_ESP) |
4567 |
|
|
continue; |
4568 |
|
|
TAILQ_FOREACH(oflow, &sa->sa_flows, flow_entry) |
4569 |
|
|
if (IKED_ADDR_EQ(&oflow->flow_src, &flow->flow_src) && |
4570 |
|
|
IKED_ADDR_EQ(&oflow->flow_dst, &flow->flow_dst) && |
4571 |
|
|
oflow->flow_dir == flow->flow_dir && |
4572 |
|
|
oflow->flow_saproto == IKEV2_SAPROTO_IPCOMP) |
4573 |
|
|
break; |
4574 |
|
|
if (oflow != NULL) { |
4575 |
|
|
log_debug("%s: keeping oflow %p, indentical to flow %p", |
4576 |
|
|
__func__, oflow, flow); |
4577 |
|
|
TAILQ_REMOVE(&sa->sa_flows, flow, flow_entry); |
4578 |
|
|
flow_free(flow); |
4579 |
|
|
} else { |
4580 |
|
|
log_debug("%s: flow %p saproto %d -> %d", __func__, |
4581 |
|
|
flow, flow->flow_saproto, IKEV2_SAPROTO_IPCOMP); |
4582 |
|
|
flow->flow_saproto = IKEV2_SAPROTO_IPCOMP; |
4583 |
|
|
} |
4584 |
|
|
} |
4585 |
|
|
|
4586 |
|
|
/* setup ESP flows for gateways */ |
4587 |
|
|
flowa->flow_dir = IPSP_DIRECTION_OUT; |
4588 |
|
|
flowa->flow_saproto = IKEV2_SAPROTO_ESP; |
4589 |
|
|
flowa->flow_local = &sa->sa_local; |
4590 |
|
|
flowa->flow_peer = &sa->sa_peer; |
4591 |
|
|
memcpy(&flowa->flow_src, &sa->sa_local, sizeof(sa->sa_local)); |
4592 |
|
|
memcpy(&flowa->flow_dst, &sa->sa_peer, sizeof(sa->sa_peer)); |
4593 |
|
|
socket_setport((struct sockaddr *)&flowa->flow_src.addr, 0); |
4594 |
|
|
socket_setport((struct sockaddr *)&flowa->flow_dst.addr, 0); |
4595 |
|
|
flowa->flow_src.addr_port = flowa->flow_dst.addr_port = 0; |
4596 |
|
|
flowa->flow_src.addr_mask = flowa->flow_dst.addr_mask = |
4597 |
|
|
(sa->sa_local.addr_af == AF_INET) ? 32 : 128; |
4598 |
|
|
flowa->flow_ikesa = sa; |
4599 |
|
|
|
4600 |
|
|
/* skip if flow already exists */ |
4601 |
|
|
TAILQ_FOREACH(flow, &sa->sa_flows, flow_entry) { |
4602 |
|
|
if (IKED_ADDR_EQ(&flow->flow_src, &flowa->flow_src) && |
4603 |
|
|
IKED_ADDR_EQ(&flow->flow_dst, &flowa->flow_dst) && |
4604 |
|
|
flow->flow_dir == flowa->flow_dir && |
4605 |
|
|
flow->flow_saproto == flowa->flow_saproto) { |
4606 |
|
|
free(flowa); |
4607 |
|
|
free(flowb); |
4608 |
|
|
goto done; |
4609 |
|
|
} |
4610 |
|
|
} |
4611 |
|
|
|
4612 |
|
|
memcpy(flowb, flowa, sizeof(*flowb)); |
4613 |
|
|
flowb->flow_dir = IPSP_DIRECTION_IN; |
4614 |
|
|
memcpy(&flowb->flow_dst, &flowa->flow_src, sizeof(flowa->flow_src)); |
4615 |
|
|
memcpy(&flowb->flow_src, &flowa->flow_dst, sizeof(flowa->flow_dst)); |
4616 |
|
|
|
4617 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_flows, flowa, flow_entry); |
4618 |
|
|
TAILQ_INSERT_TAIL(&sa->sa_flows, flowb, flow_entry); |
4619 |
|
|
|
4620 |
|
|
done: |
4621 |
|
|
/* make sure IPCOMP CPIs are not reused */ |
4622 |
|
|
sa->sa_ipcomp = 0; |
4623 |
|
|
sa->sa_cpi_in = sa->sa_cpi_out = 0; |
4624 |
|
|
|
4625 |
|
|
return (0); |
4626 |
|
|
} |
4627 |
|
|
|
4628 |
|
|
int |
4629 |
|
|
ikev2_childsa_enable(struct iked *env, struct iked_sa *sa) |
4630 |
|
|
{ |
4631 |
|
|
struct iked_childsa *csa; |
4632 |
|
|
struct iked_flow *flow, *oflow; |
4633 |
|
|
|
4634 |
|
|
if (sa->sa_ipcomp && sa->sa_cpi_in && sa->sa_cpi_out && |
4635 |
|
|
ikev2_ipcomp_enable(env, sa) == -1) |
4636 |
|
|
return (-1); |
4637 |
|
|
|
4638 |
|
|
TAILQ_FOREACH(csa, &sa->sa_childsas, csa_entry) { |
4639 |
|
|
if (csa->csa_rekey || csa->csa_loaded) |
4640 |
|
|
continue; |
4641 |
|
|
|
4642 |
|
|
if (pfkey_sa_add(env->sc_pfkey, csa, NULL) != 0) { |
4643 |
|
|
log_debug("%s: failed to load CHILD SA spi %s", |
4644 |
|
|
__func__, print_spi(csa->csa_spi.spi, |
4645 |
|
|
csa->csa_spi.spi_size)); |
4646 |
|
|
return (-1); |
4647 |
|
|
} |
4648 |
|
|
|
4649 |
|
|
RB_INSERT(iked_activesas, &env->sc_activesas, csa); |
4650 |
|
|
|
4651 |
|
|
log_debug("%s: loaded CHILD SA spi %s", __func__, |
4652 |
|
|
print_spi(csa->csa_spi.spi, csa->csa_spi.spi_size)); |
4653 |
|
|
} |
4654 |
|
|
|
4655 |
|
|
TAILQ_FOREACH(flow, &sa->sa_flows, flow_entry) { |
4656 |
|
|
if (flow->flow_loaded) |
4657 |
|
|
continue; |
4658 |
|
|
|
4659 |
|
|
if (pfkey_flow_add(env->sc_pfkey, flow) != 0) { |
4660 |
|
|
log_debug("%s: failed to load flow", __func__); |
4661 |
|
|
return (-1); |
4662 |
|
|
} |
4663 |
|
|
|
4664 |
|
|
if ((oflow = RB_FIND(iked_flows, &env->sc_activeflows, flow)) |
4665 |
|
|
!= NULL) { |
4666 |
|
|
log_debug("%s: replaced old flow %p with %p", |
4667 |
|
|
__func__, oflow, flow); |
4668 |
|
|
oflow->flow_loaded = 0; |
4669 |
|
|
RB_REMOVE(iked_flows, &env->sc_activeflows, oflow); |
4670 |
|
|
} |
4671 |
|
|
|
4672 |
|
|
RB_INSERT(iked_flows, &env->sc_activeflows, flow); |
4673 |
|
|
|
4674 |
|
|
log_debug("%s: loaded flow %p", __func__, flow); |
4675 |
|
|
} |
4676 |
|
|
|
4677 |
|
|
return (0); |
4678 |
|
|
} |
4679 |
|
|
|
4680 |
|
|
int |
4681 |
|
|
ikev2_childsa_delete(struct iked *env, struct iked_sa *sa, uint8_t saproto, |
4682 |
|
|
uint64_t spi, uint64_t *spiptr, int cleanup) |
4683 |
|
|
{ |
4684 |
|
|
struct iked_childsa *csa, *nextcsa = NULL; |
4685 |
|
|
uint64_t peerspi = 0; |
4686 |
|
|
int found = 0; |
4687 |
|
|
|
4688 |
|
|
for (csa = TAILQ_FIRST(&sa->sa_childsas); csa != NULL; csa = nextcsa) { |
4689 |
|
|
nextcsa = TAILQ_NEXT(csa, csa_entry); |
4690 |
|
|
|
4691 |
|
|
if ((saproto && csa->csa_saproto != saproto) || |
4692 |
|
|
(spi && (csa->csa_spi.spi != spi && |
4693 |
|
|
csa->csa_peerspi != spi)) || |
4694 |
|
|
(cleanup && csa->csa_loaded)) |
4695 |
|
|
continue; |
4696 |
|
|
|
4697 |
|
|
if (csa->csa_loaded) |
4698 |
|
|
RB_REMOVE(iked_activesas, &env->sc_activesas, csa); |
4699 |
|
|
|
4700 |
|
|
if (pfkey_sa_delete(env->sc_pfkey, csa) != 0) |
4701 |
|
|
log_debug("%s: failed to delete CHILD SA spi %s", |
4702 |
|
|
__func__, print_spi(csa->csa_spi.spi, |
4703 |
|
|
csa->csa_spi.spi_size)); |
4704 |
|
|
else |
4705 |
|
|
log_debug("%s: deleted CHILD SA spi %s", __func__, |
4706 |
|
|
print_spi(csa->csa_spi.spi, |
4707 |
|
|
csa->csa_spi.spi_size)); |
4708 |
|
|
found++; |
4709 |
|
|
|
4710 |
|
|
if (spi && csa->csa_spi.spi == spi) |
4711 |
|
|
peerspi = csa->csa_peerspi; |
4712 |
|
|
|
4713 |
|
|
TAILQ_REMOVE(&sa->sa_childsas, csa, csa_entry); |
4714 |
|
|
childsa_free(csa); |
4715 |
|
|
} |
4716 |
|
|
|
4717 |
|
|
if (spiptr) |
4718 |
|
|
*spiptr = peerspi; |
4719 |
|
|
|
4720 |
|
|
return (found ? 0 : -1); |
4721 |
|
|
} |
4722 |
|
|
|
4723 |
|
|
int |
4724 |
|
|
ikev2_valid_proposal(struct iked_proposal *prop, |
4725 |
|
|
struct iked_transform **exf, struct iked_transform **ixf, int *esn) |
4726 |
|
|
{ |
4727 |
|
|
struct iked_transform *xform, *encrxf, *integrxf; |
4728 |
|
|
unsigned int i, doesn = 0; |
4729 |
|
|
|
4730 |
|
|
switch (prop->prop_protoid) { |
4731 |
|
|
case IKEV2_SAPROTO_ESP: |
4732 |
|
|
case IKEV2_SAPROTO_AH: |
4733 |
|
|
break; |
4734 |
|
|
default: |
4735 |
|
|
return (-1); |
4736 |
|
|
} |
4737 |
|
|
|
4738 |
|
|
encrxf = integrxf = NULL; |
4739 |
|
|
for (i = 0; i < prop->prop_nxforms; i++) { |
4740 |
|
|
xform = prop->prop_xforms + i; |
4741 |
|
|
if (xform->xform_type == IKEV2_XFORMTYPE_ENCR) |
4742 |
|
|
encrxf = xform; |
4743 |
|
|
else if (xform->xform_type == IKEV2_XFORMTYPE_INTEGR) |
4744 |
|
|
integrxf = xform; |
4745 |
|
|
else if (xform->xform_type == IKEV2_XFORMTYPE_ESN && |
4746 |
|
|
xform->xform_id == IKEV2_XFORMESN_ESN) |
4747 |
|
|
doesn = 1; |
4748 |
|
|
} |
4749 |
|
|
|
4750 |
|
|
if (prop->prop_protoid == IKEV2_SAPROTO_IKE) { |
4751 |
|
|
if (encrxf == NULL || integrxf == NULL) |
4752 |
|
|
return (-1); |
4753 |
|
|
} else if (prop->prop_protoid == IKEV2_SAPROTO_AH) { |
4754 |
|
|
if (integrxf == NULL) |
4755 |
|
|
return (-1); |
4756 |
|
|
} else if (prop->prop_protoid == IKEV2_SAPROTO_ESP) { |
4757 |
|
|
if (encrxf == NULL) |
4758 |
|
|
return (-1); |
4759 |
|
|
} |
4760 |
|
|
|
4761 |
|
|
if (exf) |
4762 |
|
|
*exf = encrxf; |
4763 |
|
|
if (ixf) |
4764 |
|
|
*ixf = integrxf; |
4765 |
|
|
if (esn) |
4766 |
|
|
*esn = doesn; |
4767 |
|
|
|
4768 |
|
|
return (0); |
4769 |
|
|
} |
4770 |
|
|
|
4771 |
|
|
/* return 0 if processed, -1 if busy */ |
4772 |
|
|
int |
4773 |
|
|
ikev2_acquire_sa(struct iked *env, struct iked_flow *acquire) |
4774 |
|
|
{ |
4775 |
|
|
struct iked_flow *flow; |
4776 |
|
|
struct iked_sa *sa; |
4777 |
|
|
struct iked_policy pol, *p = NULL; |
4778 |
|
|
|
4779 |
|
|
if (env->sc_passive) |
4780 |
|
|
return (0); |
4781 |
|
|
|
4782 |
|
|
/* First try to find an active flow with IKE SA */ |
4783 |
|
|
flow = RB_FIND(iked_flows, &env->sc_activeflows, acquire); |
4784 |
|
|
if (!flow) { |
4785 |
|
|
/* Otherwise try to find a matching policy */ |
4786 |
|
|
bzero(&pol, sizeof(pol)); |
4787 |
|
|
pol.pol_af = acquire->flow_peer->addr_af; |
4788 |
|
|
memcpy(&pol.pol_peer, acquire->flow_peer, |
4789 |
|
|
sizeof(pol.pol_peer)); |
4790 |
|
|
|
4791 |
|
|
RB_INIT(&pol.pol_flows); |
4792 |
|
|
RB_INSERT(iked_flows, &pol.pol_flows, acquire); |
4793 |
|
|
pol.pol_nflows = 1; |
4794 |
|
|
|
4795 |
|
|
if ((p = policy_test(env, &pol)) == NULL) { |
4796 |
|
|
log_warnx("%s: flow wasn't found", __func__); |
4797 |
|
|
return (0); |
4798 |
|
|
} |
4799 |
|
|
|
4800 |
|
|
log_debug("%s: found matching policy '%s'", __func__, |
4801 |
|
|
p->pol_name); |
4802 |
|
|
|
4803 |
|
|
if (ikev2_init_ike_sa_peer(env, p, acquire->flow_peer) != 0) |
4804 |
|
|
log_warnx("%s: failed to initiate a " |
4805 |
|
|
"IKE_SA_INIT exchange", __func__); |
4806 |
|
|
} else { |
4807 |
|
|
log_debug("%s: found active flow", __func__); |
4808 |
|
|
|
4809 |
|
|
if ((sa = flow->flow_ikesa) == NULL) { |
4810 |
|
|
log_warnx("%s: flow without SA", __func__); |
4811 |
|
|
return (0); |
4812 |
|
|
} |
4813 |
|
|
if (sa->sa_stateflags & IKED_REQ_CHILDSA) |
4814 |
|
|
return (-1); /* busy, retry later */ |
4815 |
|
|
if (ikev2_send_create_child_sa(env, sa, NULL, |
4816 |
|
|
flow->flow_saproto) != 0) |
4817 |
|
|
log_warnx("%s: failed to initiate a " |
4818 |
|
|
"CREATE_CHILD_SA exchange", __func__); |
4819 |
|
|
} |
4820 |
|
|
return (0); |
4821 |
|
|
} |
4822 |
|
|
|
4823 |
|
|
void |
4824 |
|
|
ikev2_disable_rekeying(struct iked *env, struct iked_sa *sa) |
4825 |
|
|
{ |
4826 |
|
|
struct iked_childsa *csa; |
4827 |
|
|
|
4828 |
|
|
TAILQ_FOREACH(csa, &sa->sa_childsas, csa_entry) { |
4829 |
|
|
csa->csa_persistent = 1; |
4830 |
|
|
csa->csa_rekey = 0; |
4831 |
|
|
} |
4832 |
|
|
|
4833 |
|
|
(void)ikev2_childsa_delete(env, sa, 0, 0, NULL, 1); |
4834 |
|
|
} |
4835 |
|
|
|
4836 |
|
|
/* return 0 if processed, -1 if busy */ |
4837 |
|
|
int |
4838 |
|
|
ikev2_rekey_sa(struct iked *env, struct iked_spi *rekey) |
4839 |
|
|
{ |
4840 |
|
|
struct iked_childsa *csa, key; |
4841 |
|
|
struct iked_sa *sa; |
4842 |
|
|
|
4843 |
|
|
key.csa_spi = *rekey; |
4844 |
|
|
csa = RB_FIND(iked_activesas, &env->sc_activesas, &key); |
4845 |
|
|
if (!csa) |
4846 |
|
|
return (0); |
4847 |
|
|
|
4848 |
|
|
if (csa->csa_rekey) /* See if it's already taken care of */ |
4849 |
|
|
return (0); |
4850 |
|
|
if (csa->csa_saproto == IKEV2_SAPROTO_IPCOMP) /* no rekey */ |
4851 |
|
|
return (0); |
4852 |
|
|
if ((sa = csa->csa_ikesa) == NULL) { |
4853 |
|
|
log_warnx("%s: SA %s doesn't have a parent SA", __func__, |
4854 |
|
|
print_spi(rekey->spi, rekey->spi_size)); |
4855 |
|
|
return (0); |
4856 |
|
|
} |
4857 |
|
|
if (!sa_stateok(sa, IKEV2_STATE_ESTABLISHED)) { |
4858 |
|
|
log_warnx("%s: SA %s is not established", __func__, |
4859 |
|
|
print_spi(rekey->spi, rekey->spi_size)); |
4860 |
|
|
return (0); |
4861 |
|
|
} |
4862 |
|
|
if (sa->sa_stateflags & IKED_REQ_CHILDSA) |
4863 |
|
|
return (-1); /* busy, retry later */ |
4864 |
|
|
if (csa->csa_allocated) /* Peer SPI died first, get the local one */ |
4865 |
|
|
rekey->spi = csa->csa_peerspi; |
4866 |
|
|
if (ikev2_send_create_child_sa(env, sa, rekey, rekey->spi_protoid)) |
4867 |
|
|
log_warnx("%s: failed to initiate a CREATE_CHILD_SA exchange", |
4868 |
|
|
__func__); |
4869 |
|
|
return (0); |
4870 |
|
|
} |
4871 |
|
|
|
4872 |
|
|
/* return 0 if processed, -1 if busy */ |
4873 |
|
|
int |
4874 |
|
|
ikev2_drop_sa(struct iked *env, struct iked_spi *drop) |
4875 |
|
|
{ |
4876 |
|
|
struct ibuf *buf = NULL; |
4877 |
|
|
struct iked_childsa *csa, key; |
4878 |
|
|
struct iked_sa *sa; |
4879 |
|
|
struct ikev2_delete *del; |
4880 |
|
|
uint32_t spi32; |
4881 |
|
|
|
4882 |
|
|
key.csa_spi = *drop; |
4883 |
|
|
csa = RB_FIND(iked_activesas, &env->sc_activesas, &key); |
4884 |
|
|
if (!csa || csa->csa_rekey) |
4885 |
|
|
return (0); |
4886 |
|
|
|
4887 |
|
|
sa = csa->csa_ikesa; |
4888 |
|
|
if (sa && (sa->sa_stateflags & IKED_REQ_CHILDSA)) |
4889 |
|
|
return (-1); /* busy, retry later */ |
4890 |
|
|
|
4891 |
|
|
RB_REMOVE(iked_activesas, &env->sc_activesas, csa); |
4892 |
|
|
csa->csa_loaded = 0; |
4893 |
|
|
csa->csa_rekey = 1; /* prevent re-loading */ |
4894 |
|
|
if (sa == NULL) { |
4895 |
|
|
log_debug("%s: failed to find a parent SA", __func__); |
4896 |
|
|
return (0); |
4897 |
|
|
} |
4898 |
|
|
if (csa->csa_saproto == IKEV2_SAPROTO_IPCOMP) { |
4899 |
|
|
/* matching Child SAs (e.g. ESP) should have expired by now */ |
4900 |
|
|
if (csa->csa_children == 0) |
4901 |
|
|
ikev2_ipcomp_csa_free(env, csa); |
4902 |
|
|
return (0); |
4903 |
|
|
} |
4904 |
|
|
|
4905 |
|
|
if (csa->csa_allocated) |
4906 |
|
|
spi32 = htobe32(csa->csa_spi.spi); |
4907 |
|
|
else |
4908 |
|
|
spi32 = htobe32(csa->csa_peerspi); |
4909 |
|
|
|
4910 |
|
|
if (ikev2_childsa_delete(env, sa, csa->csa_saproto, |
4911 |
|
|
csa->csa_peerspi, NULL, 0)) |
4912 |
|
|
log_debug("%s: failed to delete CHILD SA %s", __func__, |
4913 |
|
|
print_spi(csa->csa_peerspi, drop->spi_size)); |
4914 |
|
|
|
4915 |
|
|
/* Send PAYLOAD_DELETE */ |
4916 |
|
|
|
4917 |
|
|
if ((buf = ibuf_static()) == NULL) |
4918 |
|
|
return (0); |
4919 |
|
|
if ((del = ibuf_advance(buf, sizeof(*del))) == NULL) |
4920 |
|
|
goto done; |
4921 |
|
|
del->del_protoid = drop->spi_protoid; |
4922 |
|
|
del->del_spisize = 4; |
4923 |
|
|
del->del_nspi = htobe16(1); |
4924 |
|
|
if (ibuf_add(buf, &spi32, sizeof(spi32))) |
4925 |
|
|
goto done; |
4926 |
|
|
|
4927 |
|
|
if (ikev2_send_ike_e(env, sa, buf, IKEV2_PAYLOAD_DELETE, |
4928 |
|
|
IKEV2_EXCHANGE_INFORMATIONAL, 0) == -1) |
4929 |
|
|
goto done; |
4930 |
|
|
|
4931 |
|
|
sa->sa_stateflags |= IKED_REQ_INF; |
4932 |
|
|
|
4933 |
|
|
/* Initiate Child SA creation */ |
4934 |
|
|
if (ikev2_send_create_child_sa(env, sa, NULL, drop->spi_protoid)) |
4935 |
|
|
log_warnx("%s: failed to initiate a CREATE_CHILD_SA exchange", |
4936 |
|
|
__func__); |
4937 |
|
|
|
4938 |
|
|
done: |
4939 |
|
|
ibuf_release(buf); |
4940 |
|
|
return (0); |
4941 |
|
|
} |
4942 |
|
|
|
4943 |
|
|
int |
4944 |
|
|
ikev2_print_id(struct iked_id *id, char *idstr, size_t idstrlen) |
4945 |
|
|
{ |
4946 |
|
|
uint8_t buf[BUFSIZ], *ptr; |
4947 |
|
|
struct sockaddr_in *s4; |
4948 |
|
|
struct sockaddr_in6 *s6; |
4949 |
|
|
char *str; |
4950 |
|
|
ssize_t len; |
4951 |
|
|
int i; |
4952 |
|
|
const char *type; |
4953 |
|
|
|
4954 |
|
|
bzero(buf, sizeof(buf)); |
4955 |
|
|
bzero(idstr, idstrlen); |
4956 |
|
|
|
4957 |
|
|
if (id->id_buf == NULL) |
4958 |
|
|
return (-1); |
4959 |
|
|
|
4960 |
|
|
len = ibuf_size(id->id_buf); |
4961 |
|
|
ptr = ibuf_data(id->id_buf); |
4962 |
|
|
|
4963 |
|
|
if (len <= id->id_offset) |
4964 |
|
|
return (-1); |
4965 |
|
|
|
4966 |
|
|
len -= id->id_offset; |
4967 |
|
|
ptr += id->id_offset; |
4968 |
|
|
|
4969 |
|
|
type = print_map(id->id_type, ikev2_id_map); |
4970 |
|
|
|
4971 |
|
|
if (strlcpy(idstr, type, idstrlen) >= idstrlen || |
4972 |
|
|
strlcat(idstr, "/", idstrlen) >= idstrlen) |
4973 |
|
|
return (-1); |
4974 |
|
|
|
4975 |
|
|
idstr += strlen(idstr); |
4976 |
|
|
idstrlen -= strlen(idstr); |
4977 |
|
|
|
4978 |
|
|
switch (id->id_type) { |
4979 |
|
|
case IKEV2_ID_IPV4: |
4980 |
|
|
s4 = (struct sockaddr_in *)buf; |
4981 |
|
|
s4->sin_family = AF_INET; |
4982 |
|
|
s4->sin_len = sizeof(*s4); |
4983 |
|
|
memcpy(&s4->sin_addr.s_addr, ptr, len); |
4984 |
|
|
|
4985 |
|
|
if (print_host((struct sockaddr *)s4, |
4986 |
|
|
idstr, idstrlen) == NULL) |
4987 |
|
|
return (-1); |
4988 |
|
|
break; |
4989 |
|
|
case IKEV2_ID_FQDN: |
4990 |
|
|
case IKEV2_ID_UFQDN: |
4991 |
|
|
if (len >= (ssize_t)sizeof(buf)) |
4992 |
|
|
return (-1); |
4993 |
|
|
|
4994 |
|
|
if ((str = get_string(ptr, len)) == NULL) |
4995 |
|
|
return (-1); |
4996 |
|
|
|
4997 |
|
|
if (strlcpy(idstr, str, idstrlen) >= idstrlen) { |
4998 |
|
|
free(str); |
4999 |
|
|
return (-1); |
5000 |
|
|
} |
5001 |
|
|
free(str); |
5002 |
|
|
break; |
5003 |
|
|
case IKEV2_ID_IPV6: |
5004 |
|
|
s6 = (struct sockaddr_in6 *)buf; |
5005 |
|
|
s6->sin6_family = AF_INET6; |
5006 |
|
|
s6->sin6_len = sizeof(*s6); |
5007 |
|
|
memcpy(&s6->sin6_addr, ptr, len); |
5008 |
|
|
|
5009 |
|
|
if (print_host((struct sockaddr *)s6, |
5010 |
|
|
idstr, idstrlen) == NULL) |
5011 |
|
|
return (-1); |
5012 |
|
|
break; |
5013 |
|
|
case IKEV2_ID_ASN1_DN: |
5014 |
|
|
if ((str = ca_asn1_name(ptr, len)) == NULL) |
5015 |
|
|
return (-1); |
5016 |
|
|
if (strlcpy(idstr, str, idstrlen) >= idstrlen) { |
5017 |
|
|
free(str); |
5018 |
|
|
return (-1); |
5019 |
|
|
} |
5020 |
|
|
free(str); |
5021 |
|
|
break; |
5022 |
|
|
default: |
5023 |
|
|
/* XXX test */ |
5024 |
|
|
for (i = 0; i < ((ssize_t)idstrlen - 1) && i < len; i++) |
5025 |
|
|
snprintf(idstr + i, idstrlen - i, |
5026 |
|
|
"%02x", ptr[i]); |
5027 |
|
|
break; |
5028 |
|
|
} |
5029 |
|
|
|
5030 |
|
|
return (0); |
5031 |
|
|
} |
5032 |
|
|
|
5033 |
|
|
/* |
5034 |
|
|
* If we have an IKEV2_CP_REQUEST for IKEV2_CFG_INTERNAL_IP4_ADDRESS and |
5035 |
|
|
* if a network(pool) is configured, then select an address from that pool |
5036 |
|
|
* and remember it in the sa_addrpool attribute. |
5037 |
|
|
*/ |
5038 |
|
|
int |
5039 |
|
|
ikev2_cp_setaddr(struct iked *env, struct iked_sa *sa, sa_family_t family) |
5040 |
|
|
{ |
5041 |
|
|
struct iked_cfg *ikecfg = NULL; |
5042 |
|
|
struct iked_policy *pol = sa->sa_policy; |
5043 |
|
|
struct sockaddr_in *in4 = NULL, *cfg4 = NULL; |
5044 |
|
|
struct sockaddr_in6 *in6 = NULL, *cfg6 = NULL; |
5045 |
|
|
struct iked_sa key; |
5046 |
|
|
struct iked_addr addr; |
5047 |
|
|
uint32_t mask, host, lower, upper, start, nhost; |
5048 |
|
|
size_t i; |
5049 |
|
|
|
5050 |
|
|
switch (family) { |
5051 |
|
|
case AF_INET: |
5052 |
|
|
if (sa->sa_addrpool) |
5053 |
|
|
return (0); |
5054 |
|
|
break; |
5055 |
|
|
case AF_INET6: |
5056 |
|
|
if (sa->sa_addrpool6) |
5057 |
|
|
return (0); |
5058 |
|
|
break; |
5059 |
|
|
default: |
5060 |
|
|
return (-1); |
5061 |
|
|
} |
5062 |
|
|
if (pol->pol_ncfg == 0) |
5063 |
|
|
return (0); |
5064 |
|
|
/* check for an address pool config (address w/ prefixlen != 32) */ |
5065 |
|
|
bzero(&addr, sizeof(addr)); |
5066 |
|
|
for (i = 0; i < pol->pol_ncfg; i++) { |
5067 |
|
|
ikecfg = &pol->pol_cfg[i]; |
5068 |
|
|
if (family == AF_INET && |
5069 |
|
|
ikecfg->cfg_type == IKEV2_CFG_INTERNAL_IP4_ADDRESS && |
5070 |
|
|
ikecfg->cfg.address.addr_mask != 32) { |
5071 |
|
|
addr.addr_af = AF_INET; |
5072 |
|
|
break; |
5073 |
|
|
} |
5074 |
|
|
if (family == AF_INET6 && |
5075 |
|
|
ikecfg->cfg_type == IKEV2_CFG_INTERNAL_IP6_ADDRESS && |
5076 |
|
|
ikecfg->cfg.address.addr_mask != 128) { |
5077 |
|
|
addr.addr_af = AF_INET6; |
5078 |
|
|
break; |
5079 |
|
|
} |
5080 |
|
|
} |
5081 |
|
|
if (i == pol->pol_ncfg) |
5082 |
|
|
return (0); |
5083 |
|
|
|
5084 |
|
|
/* |
5085 |
|
|
* failure: pool configured, but not requested. |
5086 |
|
|
* If we continue, we might end up with flows where 0.0.0.0 is NOT |
5087 |
|
|
* replaced with an address from the pool with ikev2_cp_fixaddr(). |
5088 |
|
|
*/ |
5089 |
|
|
if (sa->sa_cp != IKEV2_CP_REQUEST) { |
5090 |
|
|
log_debug("%s: pool configured, but IKEV2_CP_REQUEST missing", |
5091 |
|
|
__func__); |
5092 |
|
|
return (-1); |
5093 |
|
|
} |
5094 |
|
|
|
5095 |
|
|
switch (addr.addr_af) { |
5096 |
|
|
case AF_INET: |
5097 |
|
|
cfg4 = (struct sockaddr_in *)&ikecfg->cfg.address.addr; |
5098 |
|
|
in4 = (struct sockaddr_in *)&addr.addr; |
5099 |
|
|
in4->sin_family = AF_INET; |
5100 |
|
|
in4->sin_len = sizeof(*in4); |
5101 |
|
|
mask = prefixlen2mask(ikecfg->cfg.address.addr_mask); |
5102 |
|
|
lower = ntohl(cfg4->sin_addr.s_addr & ~mask); |
5103 |
|
|
key.sa_addrpool = &addr; |
5104 |
|
|
break; |
5105 |
|
|
case AF_INET6: |
5106 |
|
|
cfg6 = (struct sockaddr_in6 *)&ikecfg->cfg.address.addr; |
5107 |
|
|
in6 = (struct sockaddr_in6 *)&addr.addr; |
5108 |
|
|
in6->sin6_family = AF_INET6; |
5109 |
|
|
in6->sin6_len = sizeof(*in6); |
5110 |
|
|
/* truncate prefixlen to get a 32-bit space */ |
5111 |
|
|
mask = (ikecfg->cfg.address.addr_mask >= 96) |
5112 |
|
|
? prefixlen2mask(ikecfg->cfg.address.addr_mask - 96) |
5113 |
|
|
: prefixlen2mask(0); |
5114 |
|
|
memcpy(&lower, &cfg6->sin6_addr.s6_addr[12], sizeof(uint32_t)); |
5115 |
|
|
lower = ntohl(lower & ~mask); |
5116 |
|
|
key.sa_addrpool6 = &addr; |
5117 |
|
|
break; |
5118 |
|
|
default: |
5119 |
|
|
return (-1); |
5120 |
|
|
} |
5121 |
|
|
|
5122 |
|
|
if (lower == 0) |
5123 |
|
|
lower = 1; |
5124 |
|
|
/* Note that start, upper and host are in HOST byte order */ |
5125 |
|
|
upper = ntohl(~mask); |
5126 |
|
|
/* Randomly select start from [lower, upper-1] */ |
5127 |
|
|
start = arc4random_uniform(upper - lower) + lower; |
5128 |
|
|
|
5129 |
|
|
for (host = start;;) { |
5130 |
|
|
log_debug("%s: mask %x start %x lower %x host %x upper %x", |
5131 |
|
|
__func__, mask, start, lower, host, upper); |
5132 |
|
|
switch (addr.addr_af) { |
5133 |
|
|
case AF_INET: |
5134 |
|
|
in4->sin_addr.s_addr = |
5135 |
|
|
(cfg4->sin_addr.s_addr & mask) | htonl(host); |
5136 |
|
|
break; |
5137 |
|
|
case AF_INET6: |
5138 |
|
|
memcpy(in6, cfg6, sizeof(*in6)); |
5139 |
|
|
nhost = htonl(host); |
5140 |
|
|
memcpy(&in6->sin6_addr.s6_addr[12], &nhost, |
5141 |
|
|
sizeof(uint32_t)); |
5142 |
|
|
break; |
5143 |
|
|
} |
5144 |
|
|
if ((addr.addr_af == AF_INET && |
5145 |
|
|
!RB_FIND(iked_addrpool, &env->sc_addrpool, &key)) || |
5146 |
|
|
(addr.addr_af == AF_INET6 && |
5147 |
|
|
!RB_FIND(iked_addrpool6, &env->sc_addrpool6, &key))) |
5148 |
|
|
break; |
5149 |
|
|
/* try next address */ |
5150 |
|
|
host++; |
5151 |
|
|
/* but skip broadcast and network address */ |
5152 |
|
|
if (host >= upper || host < lower) |
5153 |
|
|
host = lower; |
5154 |
|
|
if (host == start) |
5155 |
|
|
return (-1); /* exhausted */ |
5156 |
|
|
} |
5157 |
|
|
|
5158 |
|
|
switch (addr.addr_af) { |
5159 |
|
|
case AF_INET: |
5160 |
|
|
if (!key.sa_addrpool) |
5161 |
|
|
return (-1); /* cannot happen? */ |
5162 |
|
|
if ((sa->sa_addrpool = calloc(1, sizeof(addr))) == NULL) |
5163 |
|
|
return (-1); |
5164 |
|
|
memcpy(sa->sa_addrpool, &addr, sizeof(addr)); |
5165 |
|
|
RB_INSERT(iked_addrpool, &env->sc_addrpool, sa); |
5166 |
|
|
break; |
5167 |
|
|
case AF_INET6: |
5168 |
|
|
if (!key.sa_addrpool6) |
5169 |
|
|
return (-1); /* cannot happen? */ |
5170 |
|
|
if ((sa->sa_addrpool6 = calloc(1, sizeof(addr))) == NULL) |
5171 |
|
|
return (-1); |
5172 |
|
|
memcpy(sa->sa_addrpool6, &addr, sizeof(addr)); |
5173 |
|
|
RB_INSERT(iked_addrpool6, &env->sc_addrpool6, sa); |
5174 |
|
|
break; |
5175 |
|
|
default: |
5176 |
|
|
return (-1); |
5177 |
|
|
} |
5178 |
|
|
return (0); |
5179 |
|
|
} |
5180 |
|
|
|
5181 |
|
|
/* |
5182 |
|
|
* if 'addr' is 'UNSPECIFIED' replace it with sa_addrpool from |
5183 |
|
|
* the ip-pool and store the result in 'patched'. |
5184 |
|
|
*/ |
5185 |
|
|
int |
5186 |
|
|
ikev2_cp_fixaddr(struct iked_sa *sa, struct iked_addr *addr, |
5187 |
|
|
struct iked_addr *patched) |
5188 |
|
|
{ |
5189 |
|
|
struct sockaddr_in *in4; |
5190 |
|
|
struct sockaddr_in6 *in6; |
5191 |
|
|
|
5192 |
|
|
switch (addr->addr_af) { |
5193 |
|
|
case AF_INET: |
5194 |
|
|
if (sa->sa_addrpool == NULL) |
5195 |
|
|
return (-1); |
5196 |
|
|
in4 = (struct sockaddr_in *)&addr->addr; |
5197 |
|
|
if (in4->sin_addr.s_addr) |
5198 |
|
|
return (-1); |
5199 |
|
|
memcpy(patched, sa->sa_addrpool, sizeof(*patched)); |
5200 |
|
|
break; |
5201 |
|
|
case AF_INET6: |
5202 |
|
|
if (sa->sa_addrpool6 == NULL) |
5203 |
|
|
return (-1); |
5204 |
|
|
in6 = (struct sockaddr_in6 *)&addr->addr; |
5205 |
|
|
if (!IN6_IS_ADDR_UNSPECIFIED(&in6->sin6_addr)) |
5206 |
|
|
return (-1); |
5207 |
|
|
memcpy(patched, sa->sa_addrpool6, sizeof(*patched)); |
5208 |
|
|
break; |
5209 |
|
|
} |
5210 |
|
|
return (0); |
5211 |
|
|
} |