Head

GCC Code Coverage Report

Directory:	./		Exec	Total	Coverage
File:	usr.sbin/ldpd/pfkey.c	Lines:	0	243	0.0 %
Date:	2017-11-07	Branches:	0	118	0.0 %


/*	$OpenBSD: pfkey.c,v 1.11 2017/04/18 02:29:56 deraadt Exp $ */

/*
 * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
 * Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org>
 *
 * Permission to use, copy, modify, and distribute this software for any
 * purpose with or without fee is hereby granted, provided that the above
 * copyright notice and this permission notice appear in all copies.
 *
 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 */

#include <sys/types.h>
#include <errno.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>

#include "ldpd.h"
#include "ldpe.h"
#include "log.h"

static int	 pfkey_send(int, uint8_t, uint8_t, uint8_t,
		    int, union ldpd_addr *, union ldpd_addr *,
		    uint32_t, uint8_t, int, char *, uint8_t, int, char *,
		    uint16_t, uint16_t);
static int	 pfkey_reply(int, uint32_t *);
static int	 pfkey_sa_add(int, union ldpd_addr *, union ldpd_addr *,
		    uint8_t, char *, uint32_t *);
static int	 pfkey_sa_remove(int, union ldpd_addr *, union ldpd_addr *,
		    uint32_t *);
static int	 pfkey_md5sig_establish(struct nbr *, struct nbr_params *nbrp);
static int	 pfkey_md5sig_remove(struct nbr *);

#define	PFKEY2_CHUNK sizeof(uint64_t)
#define	ROUNDUP(x) (((x) + (PFKEY2_CHUNK - 1)) & ~(PFKEY2_CHUNK - 1))
#define	IOV_CNT	20

static uint32_t	 sadb_msg_seq;
static uint32_t	 pid; /* should pid_t but pfkey needs uint32_t */
static int	 fd;

static int
pfkey_send(int sd, uint8_t satype, uint8_t mtype, uint8_t dir,
    int af, union ldpd_addr *src, union ldpd_addr *dst, uint32_t spi,
    uint8_t aalg, int alen, char *akey, uint8_t ealg, int elen, char *ekey,
    uint16_t sport, uint16_t dport)
{
	struct sadb_msg		smsg;
	struct sadb_sa		sa;
	struct sadb_address	sa_src, sa_dst;
	struct sadb_key		sa_akey, sa_ekey;
	struct sadb_spirange	sa_spirange;
	struct iovec		iov[IOV_CNT];
	ssize_t			n;
	int			len = 0;
	int			iov_cnt;
	struct sockaddr_storage	ssrc, sdst, smask, dmask;
	struct sockaddr		*saptr;

	if (!pid)
		pid = getpid();

	/* we need clean sockaddr... no ports set */
	memset(&ssrc, 0, sizeof(ssrc));
	memset(&smask, 0, sizeof(smask));
	if ((saptr = addr2sa(af, src, 0)))
		memcpy(&ssrc, saptr, sizeof(ssrc));
	switch (af) {
	case AF_INET:
		memset(&((struct sockaddr_in *)&smask)->sin_addr, 0xff, 32/8);
		break;
	case AF_INET6:
		memset(&((struct sockaddr_in6 *)&smask)->sin6_addr, 0xff,
		    128/8);
		break;
	default:
		return (-1);
	}
	smask.ss_family = ssrc.ss_family;
	smask.ss_len = ssrc.ss_len;

	memset(&sdst, 0, sizeof(sdst));
	memset(&dmask, 0, sizeof(dmask));
	if ((saptr = addr2sa(af, dst, 0)))
		memcpy(&sdst, saptr, sizeof(sdst));
	switch (af) {
	case AF_INET:
		memset(&((struct sockaddr_in *)&dmask)->sin_addr, 0xff, 32/8);
		break;
	case AF_INET6:
		memset(&((struct sockaddr_in6 *)&dmask)->sin6_addr, 0xff,
		    128/8);
		break;
	default:
		return (-1);
	}
	dmask.ss_family = sdst.ss_family;
	dmask.ss_len = sdst.ss_len;

	memset(&smsg, 0, sizeof(smsg));
	smsg.sadb_msg_version = PF_KEY_V2;
	smsg.sadb_msg_seq = ++sadb_msg_seq;
	smsg.sadb_msg_pid = pid;
	smsg.sadb_msg_len = sizeof(smsg) / 8;
	smsg.sadb_msg_type = mtype;
	smsg.sadb_msg_satype = satype;

	switch (mtype) {
	case SADB_GETSPI:
		memset(&sa_spirange, 0, sizeof(sa_spirange));
		sa_spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
		sa_spirange.sadb_spirange_len = sizeof(sa_spirange) / 8;
		sa_spirange.sadb_spirange_min = 0x100;
		sa_spirange.sadb_spirange_max = 0xffffffff;
		sa_spirange.sadb_spirange_reserved = 0;
		break;
	case SADB_ADD:
	case SADB_UPDATE:
	case SADB_DELETE:
		memset(&sa, 0, sizeof(sa));
		sa.sadb_sa_exttype = SADB_EXT_SA;
		sa.sadb_sa_len = sizeof(sa) / 8;
		sa.sadb_sa_replay = 0;
		sa.sadb_sa_spi = spi;
		sa.sadb_sa_state = SADB_SASTATE_MATURE;
		break;
	}

	memset(&sa_src, 0, sizeof(sa_src));
	sa_src.sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
	sa_src.sadb_address_len = (sizeof(sa_src) + ROUNDUP(ssrc.ss_len)) / 8;

	memset(&sa_dst, 0, sizeof(sa_dst));
	sa_dst.sadb_address_exttype = SADB_EXT_ADDRESS_DST;
	sa_dst.sadb_address_len = (sizeof(sa_dst) + ROUNDUP(sdst.ss_len)) / 8;

	sa.sadb_sa_auth = aalg;
	sa.sadb_sa_encrypt = SADB_X_EALG_AES; /* XXX */

	switch (mtype) {
	case SADB_ADD:
	case SADB_UPDATE:
		memset(&sa_akey, 0, sizeof(sa_akey));
		sa_akey.sadb_key_exttype = SADB_EXT_KEY_AUTH;
		sa_akey.sadb_key_len = (sizeof(sa_akey) +
		    ((alen + 7) / 8) * 8) / 8;
		sa_akey.sadb_key_bits = 8 * alen;

		memset(&sa_ekey, 0, sizeof(sa_ekey));
		sa_ekey.sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
		sa_ekey.sadb_key_len = (sizeof(sa_ekey) +
		    ((elen + 7) / 8) * 8) / 8;
		sa_ekey.sadb_key_bits = 8 * elen;

		break;
	}

	iov_cnt = 0;

	/* msghdr */
	iov[iov_cnt].iov_base = &smsg;
	iov[iov_cnt].iov_len = sizeof(smsg);
	iov_cnt++;

	switch (mtype) {
	case SADB_ADD:
	case SADB_UPDATE:
	case SADB_DELETE:
		/* SA hdr */
		iov[iov_cnt].iov_base = &sa;
		iov[iov_cnt].iov_len = sizeof(sa);
		smsg.sadb_msg_len += sa.sadb_sa_len;
		iov_cnt++;
		break;
	case SADB_GETSPI:
		/* SPI range */
		iov[iov_cnt].iov_base = &sa_spirange;
		iov[iov_cnt].iov_len = sizeof(sa_spirange);
		smsg.sadb_msg_len += sa_spirange.sadb_spirange_len;
		iov_cnt++;
		break;
	}

	/* dest addr */
	iov[iov_cnt].iov_base = &sa_dst;
	iov[iov_cnt].iov_len = sizeof(sa_dst);
	iov_cnt++;
	iov[iov_cnt].iov_base = &sdst;
	iov[iov_cnt].iov_len = ROUNDUP(sdst.ss_len);
	smsg.sadb_msg_len += sa_dst.sadb_address_len;
	iov_cnt++;

	/* src addr */
	iov[iov_cnt].iov_base = &sa_src;
	iov[iov_cnt].iov_len = sizeof(sa_src);
	iov_cnt++;
	iov[iov_cnt].iov_base = &ssrc;
	iov[iov_cnt].iov_len = ROUNDUP(ssrc.ss_len);
	smsg.sadb_msg_len += sa_src.sadb_address_len;
	iov_cnt++;

	switch (mtype) {
	case SADB_ADD:
	case SADB_UPDATE:
		if (alen) {
			/* auth key */
			iov[iov_cnt].iov_base = &sa_akey;
			iov[iov_cnt].iov_len = sizeof(sa_akey);
			iov_cnt++;
			iov[iov_cnt].iov_base = akey;
			iov[iov_cnt].iov_len = ((alen + 7) / 8) * 8;
			smsg.sadb_msg_len += sa_akey.sadb_key_len;
			iov_cnt++;
		}
		if (elen) {
			/* encryption key */
			iov[iov_cnt].iov_base = &sa_ekey;
			iov[iov_cnt].iov_len = sizeof(sa_ekey);
			iov_cnt++;
			iov[iov_cnt].iov_base = ekey;
			iov[iov_cnt].iov_len = ((elen + 7) / 8) * 8;
			smsg.sadb_msg_len += sa_ekey.sadb_key_len;
			iov_cnt++;
		}
		break;
	}

	len = smsg.sadb_msg_len * 8;
	do {
		n = writev(sd, iov, iov_cnt);
	} while (n == -1 && (errno == EAGAIN || errno == EINTR));

	if (n == -1) {
		log_warn("writev (%d/%d)", iov_cnt, len);
		return (-1);
	}

	return (0);
}

int
pfkey_read(int sd, struct sadb_msg *h)
{
	struct sadb_msg hdr;

	if (recv(sd, &hdr, sizeof(hdr), MSG_PEEK) != sizeof(hdr)) {
		if (errno == EAGAIN || errno == EINTR)
			return (0);
		log_warn("pfkey peek");
		return (-1);
	}

	/* XXX: Only one message can be outstanding. */
	if (hdr.sadb_msg_seq == sadb_msg_seq &&
	    hdr.sadb_msg_pid == pid) {
		if (h)
			*h = hdr;
		return (0);
	}

	/* not ours, discard */
	if (read(sd, &hdr, sizeof(hdr)) == -1) {
		if (errno == EAGAIN || errno == EINTR)
			return (0);
		log_warn("pfkey read");
		return (-1);
	}

	return (1);
}

static int
pfkey_reply(int sd, uint32_t *spip)
{
	struct sadb_msg hdr, *msg;
	struct sadb_ext *ext;
	struct sadb_sa *sa;
	uint8_t *data;
	ssize_t len;
	int rv;

	do {
		rv = pfkey_read(sd, &hdr);
		if (rv == -1)
			return (-1);
	} while (rv);

	if (hdr.sadb_msg_errno != 0) {
		errno = hdr.sadb_msg_errno;
		if (errno == ESRCH)
			return (0);
		else {
			log_warn("pfkey");
			return (-1);
		}
	}
	if ((data = reallocarray(NULL, hdr.sadb_msg_len, PFKEY2_CHUNK)) == NULL) {
		log_warn("pfkey malloc");
		return (-1);
	}
	len = hdr.sadb_msg_len * PFKEY2_CHUNK;
	if (read(sd, data, len) != len) {
		log_warn("pfkey read");
		freezero(data, len);
		return (-1);
	}

	if (hdr.sadb_msg_type == SADB_GETSPI) {
		if (spip == NULL) {
			freezero(data, len);
			return (0);
		}

		msg = (struct sadb_msg *)data;
		for (ext = (struct sadb_ext *)(msg + 1);
		    (size_t)((uint8_t *)ext - (uint8_t *)msg) <
		    msg->sadb_msg_len * PFKEY2_CHUNK;
		    ext = (struct sadb_ext *)((uint8_t *)ext +
		    ext->sadb_ext_len * PFKEY2_CHUNK)) {
			if (ext->sadb_ext_type == SADB_EXT_SA) {
				sa = (struct sadb_sa *) ext;
				*spip = sa->sadb_sa_spi;
				break;
			}
		}
	}
	freezero(data, len);
	return (0);
}

static int
pfkey_sa_add(int af, union ldpd_addr *src, union ldpd_addr *dst, uint8_t keylen,
    char *key, uint32_t *spi)
{
	if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_GETSPI, 0,
	    af, src, dst, 0, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0)
		return (-1);
	if (pfkey_reply(fd, spi) < 0)
		return (-1);
	if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_UPDATE, 0,
	    af, src, dst, *spi, 0, keylen, key, 0, 0, NULL, 0, 0) < 0)
		return (-1);
	if (pfkey_reply(fd, NULL) < 0)
		return (-1);
	return (0);
}

static int
pfkey_sa_remove(int af, union ldpd_addr *src, union ldpd_addr *dst,
    uint32_t *spi)
{
	if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_DELETE, 0,
	    af, src, dst, *spi, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0)
		return (-1);
	if (pfkey_reply(fd, NULL) < 0)
		return (-1);
	*spi = 0;
	return (0);
}

static int
pfkey_md5sig_establish(struct nbr *nbr, struct nbr_params *nbrp)
{
	sleep(1);

	if (!nbr->auth.spi_out)
		if (pfkey_sa_add(nbr->af, &nbr->laddr, &nbr->raddr,
		    nbrp->auth.md5key_len, nbrp->auth.md5key,
		    &nbr->auth.spi_out) == -1)
			return (-1);
	if (!nbr->auth.spi_in)
		if (pfkey_sa_add(nbr->af, &nbr->raddr, &nbr->laddr,
		    nbrp->auth.md5key_len, nbrp->auth.md5key,
		    &nbr->auth.spi_in) == -1)
			return (-1);

	nbr->auth.established = 1;
	return (0);
}

static int
pfkey_md5sig_remove(struct nbr *nbr)
{
	if (nbr->auth.spi_out)
		if (pfkey_sa_remove(nbr->af, &nbr->laddr, &nbr->raddr,
		    &nbr->auth.spi_out) == -1)
			return (-1);
	if (nbr->auth.spi_in)
		if (pfkey_sa_remove(nbr->af, &nbr->raddr, &nbr->laddr,
		    &nbr->auth.spi_in) == -1)
			return (-1);

	nbr->auth.established = 0;
	nbr->auth.spi_in = 0;
	nbr->auth.spi_out = 0;
	nbr->auth.method = AUTH_NONE;
	memset(nbr->auth.md5key, 0, sizeof(nbr->auth.md5key));

	return (0);
}

int
pfkey_establish(struct nbr *nbr, struct nbr_params *nbrp)
{
	if (nbrp->auth.method == AUTH_NONE)
		return (0);

	/*
	 * make sure we keep copies of everything we need to
	 * remove SAs and flows later again.
	 */
	nbr->auth.method = nbrp->auth.method;

	switch (nbr->auth.method) {
	case AUTH_MD5SIG:
		strlcpy(nbr->auth.md5key, nbrp->auth.md5key,
		    sizeof(nbr->auth.md5key));
		return (pfkey_md5sig_establish(nbr, nbrp));
	default:
		break;
	}

	return (0);
}

int
pfkey_remove(struct nbr *nbr)
{
	if (nbr->auth.method == AUTH_NONE || !nbr->auth.established)
		return (0);

	switch (nbr->auth.method) {
	case AUTH_MD5SIG:
		return (pfkey_md5sig_remove(nbr));
	default:
		break;
	}

	return (0);
}

int
pfkey_init(void)
{
	if ((fd = socket(PF_KEY, SOCK_RAW | SOCK_CLOEXEC | SOCK_NONBLOCK,
	    PF_KEY_V2)) == -1) {
		if (errno == EPROTONOSUPPORT) {
			log_warnx("PF_KEY not available");
			sysdep.no_pfkey = 1;
			return (-1);
		} else
			fatal("pfkey setup failed");
	}
	return (fd);
}


Generated by: GCOVR (Version 3.3)

Line	Branch	Exec	Source
1			/* $OpenBSD: pfkey.c,v 1.11 2017/04/18 02:29:56 deraadt Exp $ */
2
3			/*
4			* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
5			* Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org>
6			*
7			* Permission to use, copy, modify, and distribute this software for any
8			* purpose with or without fee is hereby granted, provided that the above
9			* copyright notice and this permission notice appear in all copies.
10			*
11			* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
12			* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
13			* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
14			* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
15			* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
16			* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
17			* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
18			*/
19
20			#include <sys/types.h>
21			#include <errno.h>
22			#include <stdlib.h>
23			#include <string.h>
24			#include <unistd.h>
25
26			#include "ldpd.h"
27			#include "ldpe.h"
28			#include "log.h"
29
30			static int pfkey_send(int, uint8_t, uint8_t, uint8_t,
31			int, union ldpd_addr , union ldpd_addr ,
32			uint32_t, uint8_t, int, char , uint8_t, int, char ,
33			uint16_t, uint16_t);
34			static int pfkey_reply(int, uint32_t *);
35			static int pfkey_sa_add(int, union ldpd_addr , union ldpd_addr ,
36			uint8_t, char , uint32_t );
37			static int pfkey_sa_remove(int, union ldpd_addr , union ldpd_addr ,
38			uint32_t *);
39			static int pfkey_md5sig_establish(struct nbr , struct nbr_params nbrp);
40			static int pfkey_md5sig_remove(struct nbr *);
41
42			#define PFKEY2_CHUNK sizeof(uint64_t)
43			#define ROUNDUP(x) (((x) + (PFKEY2_CHUNK - 1)) & ~(PFKEY2_CHUNK - 1))
44			#define IOV_CNT 20
45
46			static uint32_t sadb_msg_seq;
47			static uint32_t pid; /* should pid_t but pfkey needs uint32_t */
48			static int fd;
49
50			static int
51			pfkey_send(int sd, uint8_t satype, uint8_t mtype, uint8_t dir,
52			int af, union ldpd_addr src, union ldpd_addr dst, uint32_t spi,
53			uint8_t aalg, int alen, char akey, uint8_t ealg, int elen, char ekey,
54			uint16_t sport, uint16_t dport)
55			{
56			struct sadb_msg smsg;
57			struct sadb_sa sa;
58			struct sadb_address sa_src, sa_dst;
59			struct sadb_key sa_akey, sa_ekey;
60			struct sadb_spirange sa_spirange;
61			struct iovec iov[IOV_CNT];
62			ssize_t n;
63			int len = 0;
64			int iov_cnt;
65			struct sockaddr_storage ssrc, sdst, smask, dmask;
66			struct sockaddr *saptr;
67
68			if (!pid)
69			pid = getpid();
70
71			/* we need clean sockaddr... no ports set */
72			memset(&ssrc, 0, sizeof(ssrc));
73			memset(&smask, 0, sizeof(smask));
74			if ((saptr = addr2sa(af, src, 0)))
75			memcpy(&ssrc, saptr, sizeof(ssrc));
76			switch (af) {
77			case AF_INET:
78			memset(&((struct sockaddr_in *)&smask)->sin_addr, 0xff, 32/8);
79			break;
80			case AF_INET6:
81			memset(&((struct sockaddr_in6 *)&smask)->sin6_addr, 0xff,
82			128/8);
83			break;
84			default:
85			return (-1);
86			}
87			smask.ss_family = ssrc.ss_family;
88			smask.ss_len = ssrc.ss_len;
89
90			memset(&sdst, 0, sizeof(sdst));
91			memset(&dmask, 0, sizeof(dmask));
92			if ((saptr = addr2sa(af, dst, 0)))
93			memcpy(&sdst, saptr, sizeof(sdst));
94			switch (af) {
95			case AF_INET:
96			memset(&((struct sockaddr_in *)&dmask)->sin_addr, 0xff, 32/8);
97			break;
98			case AF_INET6:
99			memset(&((struct sockaddr_in6 *)&dmask)->sin6_addr, 0xff,
100			128/8);
101			break;
102			default:
103			return (-1);
104			}
105			dmask.ss_family = sdst.ss_family;
106			dmask.ss_len = sdst.ss_len;
107
108			memset(&smsg, 0, sizeof(smsg));
109			smsg.sadb_msg_version = PF_KEY_V2;
110			smsg.sadb_msg_seq = ++sadb_msg_seq;
111			smsg.sadb_msg_pid = pid;
112			smsg.sadb_msg_len = sizeof(smsg) / 8;
113			smsg.sadb_msg_type = mtype;
114			smsg.sadb_msg_satype = satype;
115
116			switch (mtype) {
117			case SADB_GETSPI:
118			memset(&sa_spirange, 0, sizeof(sa_spirange));
119			sa_spirange.sadb_spirange_exttype = SADB_EXT_SPIRANGE;
120			sa_spirange.sadb_spirange_len = sizeof(sa_spirange) / 8;
121			sa_spirange.sadb_spirange_min = 0x100;
122			sa_spirange.sadb_spirange_max = 0xffffffff;
123			sa_spirange.sadb_spirange_reserved = 0;
124			break;
125			case SADB_ADD:
126			case SADB_UPDATE:
127			case SADB_DELETE:
128			memset(&sa, 0, sizeof(sa));
129			sa.sadb_sa_exttype = SADB_EXT_SA;
130			sa.sadb_sa_len = sizeof(sa) / 8;
131			sa.sadb_sa_replay = 0;
132			sa.sadb_sa_spi = spi;
133			sa.sadb_sa_state = SADB_SASTATE_MATURE;
134			break;
135			}
136
137			memset(&sa_src, 0, sizeof(sa_src));
138			sa_src.sadb_address_exttype = SADB_EXT_ADDRESS_SRC;
139			sa_src.sadb_address_len = (sizeof(sa_src) + ROUNDUP(ssrc.ss_len)) / 8;
140
141			memset(&sa_dst, 0, sizeof(sa_dst));
142			sa_dst.sadb_address_exttype = SADB_EXT_ADDRESS_DST;
143			sa_dst.sadb_address_len = (sizeof(sa_dst) + ROUNDUP(sdst.ss_len)) / 8;
144
145			sa.sadb_sa_auth = aalg;
146			sa.sadb_sa_encrypt = SADB_X_EALG_AES; /* XXX */
147
148			switch (mtype) {
149			case SADB_ADD:
150			case SADB_UPDATE:
151			memset(&sa_akey, 0, sizeof(sa_akey));
152			sa_akey.sadb_key_exttype = SADB_EXT_KEY_AUTH;
153			sa_akey.sadb_key_len = (sizeof(sa_akey) +
154			((alen + 7) / 8) * 8) / 8;
155			sa_akey.sadb_key_bits = 8 * alen;
156
157			memset(&sa_ekey, 0, sizeof(sa_ekey));
158			sa_ekey.sadb_key_exttype = SADB_EXT_KEY_ENCRYPT;
159			sa_ekey.sadb_key_len = (sizeof(sa_ekey) +
160			((elen + 7) / 8) * 8) / 8;
161			sa_ekey.sadb_key_bits = 8 * elen;
162
163			break;
164			}
165
166			iov_cnt = 0;
167
168			/* msghdr */
169			iov[iov_cnt].iov_base = &smsg;
170			iov[iov_cnt].iov_len = sizeof(smsg);
171			iov_cnt++;
172
173			switch (mtype) {
174			case SADB_ADD:
175			case SADB_UPDATE:
176			case SADB_DELETE:
177			/* SA hdr */
178			iov[iov_cnt].iov_base = &sa;
179			iov[iov_cnt].iov_len = sizeof(sa);
180			smsg.sadb_msg_len += sa.sadb_sa_len;
181			iov_cnt++;
182			break;
183			case SADB_GETSPI:
184			/* SPI range */
185			iov[iov_cnt].iov_base = &sa_spirange;
186			iov[iov_cnt].iov_len = sizeof(sa_spirange);
187			smsg.sadb_msg_len += sa_spirange.sadb_spirange_len;
188			iov_cnt++;
189			break;
190			}
191
192			/* dest addr */
193			iov[iov_cnt].iov_base = &sa_dst;
194			iov[iov_cnt].iov_len = sizeof(sa_dst);
195			iov_cnt++;
196			iov[iov_cnt].iov_base = &sdst;
197			iov[iov_cnt].iov_len = ROUNDUP(sdst.ss_len);
198			smsg.sadb_msg_len += sa_dst.sadb_address_len;
199			iov_cnt++;
200
201			/* src addr */
202			iov[iov_cnt].iov_base = &sa_src;
203			iov[iov_cnt].iov_len = sizeof(sa_src);
204			iov_cnt++;
205			iov[iov_cnt].iov_base = &ssrc;
206			iov[iov_cnt].iov_len = ROUNDUP(ssrc.ss_len);
207			smsg.sadb_msg_len += sa_src.sadb_address_len;
208			iov_cnt++;
209
210			switch (mtype) {
211			case SADB_ADD:
212			case SADB_UPDATE:
213			if (alen) {
214			/* auth key */
215			iov[iov_cnt].iov_base = &sa_akey;
216			iov[iov_cnt].iov_len = sizeof(sa_akey);
217			iov_cnt++;
218			iov[iov_cnt].iov_base = akey;
219			iov[iov_cnt].iov_len = ((alen + 7) / 8) * 8;
220			smsg.sadb_msg_len += sa_akey.sadb_key_len;
221			iov_cnt++;
222			}
223			if (elen) {
224			/* encryption key */
225			iov[iov_cnt].iov_base = &sa_ekey;
226			iov[iov_cnt].iov_len = sizeof(sa_ekey);
227			iov_cnt++;
228			iov[iov_cnt].iov_base = ekey;
229			iov[iov_cnt].iov_len = ((elen + 7) / 8) * 8;
230			smsg.sadb_msg_len += sa_ekey.sadb_key_len;
231			iov_cnt++;
232			}
233			break;
234			}
235
236			len = smsg.sadb_msg_len * 8;
237			do {
238			n = writev(sd, iov, iov_cnt);
239			} while (n == -1 && (errno == EAGAIN \|\| errno == EINTR));
240
241			if (n == -1) {
242			log_warn("writev (%d/%d)", iov_cnt, len);
243			return (-1);
244			}
245
246			return (0);
247			}
248
249			int
250			pfkey_read(int sd, struct sadb_msg *h)
251			{
252			struct sadb_msg hdr;
253
254			if (recv(sd, &hdr, sizeof(hdr), MSG_PEEK) != sizeof(hdr)) {
255			if (errno == EAGAIN \|\| errno == EINTR)
256			return (0);
257			log_warn("pfkey peek");
258			return (-1);
259			}
260
261			/* XXX: Only one message can be outstanding. */
262			if (hdr.sadb_msg_seq == sadb_msg_seq &&
263			hdr.sadb_msg_pid == pid) {
264			if (h)
265			*h = hdr;
266			return (0);
267			}
268
269			/* not ours, discard */
270			if (read(sd, &hdr, sizeof(hdr)) == -1) {
271			if (errno == EAGAIN \|\| errno == EINTR)
272			return (0);
273			log_warn("pfkey read");
274			return (-1);
275			}
276
277			return (1);
278			}
279
280			static int
281			pfkey_reply(int sd, uint32_t *spip)
282			{
283			struct sadb_msg hdr, *msg;
284			struct sadb_ext *ext;
285			struct sadb_sa *sa;
286			uint8_t *data;
287			ssize_t len;
288			int rv;
289
290			do {
291			rv = pfkey_read(sd, &hdr);
292			if (rv == -1)
293			return (-1);
294			} while (rv);
295
296			if (hdr.sadb_msg_errno != 0) {
297			errno = hdr.sadb_msg_errno;
298			if (errno == ESRCH)
299			return (0);
300			else {
301			log_warn("pfkey");
302			return (-1);
303			}
304			}
305			if ((data = reallocarray(NULL, hdr.sadb_msg_len, PFKEY2_CHUNK)) == NULL) {
306			log_warn("pfkey malloc");
307			return (-1);
308			}
309			len = hdr.sadb_msg_len * PFKEY2_CHUNK;
310			if (read(sd, data, len) != len) {
311			log_warn("pfkey read");
312			freezero(data, len);
313			return (-1);
314			}
315
316			if (hdr.sadb_msg_type == SADB_GETSPI) {
317			if (spip == NULL) {
318			freezero(data, len);
319			return (0);
320			}
321
322			msg = (struct sadb_msg *)data;
323			for (ext = (struct sadb_ext *)(msg + 1);
324			(size_t)((uint8_t )ext - (uint8_t )msg) <
325			msg->sadb_msg_len * PFKEY2_CHUNK;
326			ext = (struct sadb_ext )((uint8_t )ext +
327			ext->sadb_ext_len * PFKEY2_CHUNK)) {
328			if (ext->sadb_ext_type == SADB_EXT_SA) {
329			sa = (struct sadb_sa *) ext;
330			*spip = sa->sadb_sa_spi;
331			break;
332			}
333			}
334			}
335			freezero(data, len);
336			return (0);
337			}
338
339			static int
340			pfkey_sa_add(int af, union ldpd_addr src, union ldpd_addr dst, uint8_t keylen,
341			char key, uint32_t spi)
342			{
343			if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_GETSPI, 0,
344			af, src, dst, 0, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0)
345			return (-1);
346			if (pfkey_reply(fd, spi) < 0)
347			return (-1);
348			if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_UPDATE, 0,
349			af, src, dst, *spi, 0, keylen, key, 0, 0, NULL, 0, 0) < 0)
350			return (-1);
351			if (pfkey_reply(fd, NULL) < 0)
352			return (-1);
353			return (0);
354			}
355
356			static int
357			pfkey_sa_remove(int af, union ldpd_addr src, union ldpd_addr dst,
358			uint32_t *spi)
359			{
360			if (pfkey_send(fd, SADB_X_SATYPE_TCPSIGNATURE, SADB_DELETE, 0,
361			af, src, dst, *spi, 0, 0, NULL, 0, 0, NULL, 0, 0) < 0)
362			return (-1);
363			if (pfkey_reply(fd, NULL) < 0)
364			return (-1);
365			*spi = 0;
366			return (0);
367			}
368
369			static int
370			pfkey_md5sig_establish(struct nbr nbr, struct nbr_params nbrp)
371			{
372			sleep(1);
373
374			if (!nbr->auth.spi_out)
375			if (pfkey_sa_add(nbr->af, &nbr->laddr, &nbr->raddr,
376			nbrp->auth.md5key_len, nbrp->auth.md5key,
377			&nbr->auth.spi_out) == -1)
378			return (-1);
379			if (!nbr->auth.spi_in)
380			if (pfkey_sa_add(nbr->af, &nbr->raddr, &nbr->laddr,
381			nbrp->auth.md5key_len, nbrp->auth.md5key,
382			&nbr->auth.spi_in) == -1)
383			return (-1);
384
385			nbr->auth.established = 1;
386			return (0);
387			}
388
389			static int
390			pfkey_md5sig_remove(struct nbr *nbr)
391			{
392			if (nbr->auth.spi_out)
393			if (pfkey_sa_remove(nbr->af, &nbr->laddr, &nbr->raddr,
394			&nbr->auth.spi_out) == -1)
395			return (-1);
396			if (nbr->auth.spi_in)
397			if (pfkey_sa_remove(nbr->af, &nbr->raddr, &nbr->laddr,
398			&nbr->auth.spi_in) == -1)
399			return (-1);
400
401			nbr->auth.established = 0;
402			nbr->auth.spi_in = 0;
403			nbr->auth.spi_out = 0;
404			nbr->auth.method = AUTH_NONE;
405			memset(nbr->auth.md5key, 0, sizeof(nbr->auth.md5key));
406
407			return (0);
408			}
409
410			int
411			pfkey_establish(struct nbr nbr, struct nbr_params nbrp)
412			{
413			if (nbrp->auth.method == AUTH_NONE)
414			return (0);
415
416			/*
417			* make sure we keep copies of everything we need to
418			* remove SAs and flows later again.
419			*/
420			nbr->auth.method = nbrp->auth.method;
421
422			switch (nbr->auth.method) {
423			case AUTH_MD5SIG:
424			strlcpy(nbr->auth.md5key, nbrp->auth.md5key,
425			sizeof(nbr->auth.md5key));
426			return (pfkey_md5sig_establish(nbr, nbrp));
427			default:
428			break;
429			}
430
431			return (0);
432			}
433
434			int
435			pfkey_remove(struct nbr *nbr)
436			{
437			if (nbr->auth.method == AUTH_NONE \|\| !nbr->auth.established)
438			return (0);
439
440			switch (nbr->auth.method) {
441			case AUTH_MD5SIG:
442			return (pfkey_md5sig_remove(nbr));
443			default:
444			break;
445			}
446
447			return (0);
448			}
449
450			int
451			pfkey_init(void)
452			{
453			if ((fd = socket(PF_KEY, SOCK_RAW \| SOCK_CLOEXEC \| SOCK_NONBLOCK,
454			PF_KEY_V2)) == -1) {
455			if (errno == EPROTONOSUPPORT) {
456			log_warnx("PF_KEY not available");
457			sysdep.no_pfkey = 1;
458			return (-1);
459			} else
460			fatal("pfkey setup failed");
461			}
462			return (fd);
463			}