GCC Code Coverage Report | |||||||||||||||||||||
|
|||||||||||||||||||||
Line | Branch | Exec | Source |
1 |
/* $OpenBSD: ikev2_pld.c,v 1.62 2017/04/13 07:04:09 patrick Exp $ */ |
||
2 |
|||
3 |
/* |
||
4 |
* Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> |
||
5 |
* Copyright (c) 2014 Hans-Joerg Hoexer |
||
6 |
* |
||
7 |
* Permission to use, copy, modify, and distribute this software for any |
||
8 |
* purpose with or without fee is hereby granted, provided that the above |
||
9 |
* copyright notice and this permission notice appear in all copies. |
||
10 |
* |
||
11 |
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
||
12 |
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
||
13 |
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
||
14 |
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
||
15 |
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
||
16 |
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
||
17 |
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
||
18 |
*/ |
||
19 |
|||
20 |
#include <sys/queue.h> |
||
21 |
#include <sys/socket.h> |
||
22 |
#include <sys/wait.h> |
||
23 |
#include <sys/uio.h> |
||
24 |
|||
25 |
#include <netinet/in.h> |
||
26 |
#include <arpa/inet.h> |
||
27 |
|||
28 |
#include <stdlib.h> |
||
29 |
#include <stdio.h> |
||
30 |
#include <unistd.h> |
||
31 |
#include <string.h> |
||
32 |
#include <signal.h> |
||
33 |
#include <errno.h> |
||
34 |
#include <err.h> |
||
35 |
#include <pwd.h> |
||
36 |
#include <event.h> |
||
37 |
|||
38 |
#include <openssl/sha.h> |
||
39 |
#include <openssl/evp.h> |
||
40 |
|||
41 |
#include "iked.h" |
||
42 |
#include "ikev2.h" |
||
43 |
#include "eap.h" |
||
44 |
#include "dh.h" |
||
45 |
|||
46 |
int ikev2_validate_pld(struct iked_message *, size_t, size_t, |
||
47 |
struct ikev2_payload *); |
||
48 |
int ikev2_pld_payloads(struct iked *, struct iked_message *, |
||
49 |
size_t, size_t, unsigned int); |
||
50 |
int ikev2_validate_sa(struct iked_message *, size_t, size_t, |
||
51 |
struct ikev2_payload *, struct ikev2_sa_proposal *); |
||
52 |
int ikev2_pld_sa(struct iked *, struct ikev2_payload *, |
||
53 |
struct iked_message *, size_t, size_t); |
||
54 |
int ikev2_validate_xform(struct iked_message *, size_t, size_t, |
||
55 |
struct ikev2_transform *); |
||
56 |
int ikev2_pld_xform(struct iked *, struct ikev2_sa_proposal *, |
||
57 |
struct iked_message *, size_t, size_t); |
||
58 |
int ikev2_validate_attr(struct iked_message *, size_t, size_t, |
||
59 |
struct ikev2_attribute *); |
||
60 |
int ikev2_pld_attr(struct iked *, struct ikev2_transform *, |
||
61 |
struct iked_message *, size_t, size_t); |
||
62 |
int ikev2_validate_ke(struct iked_message *, size_t, size_t, |
||
63 |
struct ikev2_payload *, struct ikev2_keyexchange *); |
||
64 |
int ikev2_pld_ke(struct iked *, struct ikev2_payload *, |
||
65 |
struct iked_message *, size_t, size_t); |
||
66 |
int ikev2_validate_id(struct iked_message *, size_t, size_t, |
||
67 |
struct ikev2_payload *, struct ikev2_id *); |
||
68 |
int ikev2_pld_id(struct iked *, struct ikev2_payload *, |
||
69 |
struct iked_message *, size_t, size_t, unsigned int); |
||
70 |
int ikev2_validate_cert(struct iked_message *, size_t, size_t, |
||
71 |
struct ikev2_payload *, struct ikev2_cert *); |
||
72 |
int ikev2_pld_cert(struct iked *, struct ikev2_payload *, |
||
73 |
struct iked_message *, size_t, size_t); |
||
74 |
int ikev2_validate_certreq(struct iked_message *, size_t, size_t, |
||
75 |
struct ikev2_payload *, struct ikev2_cert *); |
||
76 |
int ikev2_pld_certreq(struct iked *, struct ikev2_payload *, |
||
77 |
struct iked_message *, size_t, size_t); |
||
78 |
int ikev2_validate_nonce(struct iked_message *, size_t, size_t, |
||
79 |
struct ikev2_payload *); |
||
80 |
int ikev2_pld_nonce(struct iked *, struct ikev2_payload *, |
||
81 |
struct iked_message *, size_t, size_t); |
||
82 |
int ikev2_validate_notify(struct iked_message *, size_t, size_t, |
||
83 |
struct ikev2_payload *, struct ikev2_notify *); |
||
84 |
int ikev2_pld_notify(struct iked *, struct ikev2_payload *, |
||
85 |
struct iked_message *, size_t, size_t); |
||
86 |
int ikev2_validate_delete(struct iked_message *, size_t, size_t, |
||
87 |
struct ikev2_payload *, struct ikev2_delete *); |
||
88 |
int ikev2_pld_delete(struct iked *, struct ikev2_payload *, |
||
89 |
struct iked_message *, size_t, size_t); |
||
90 |
int ikev2_validate_ts(struct iked_message *, size_t, size_t, |
||
91 |
struct ikev2_payload *, struct ikev2_tsp *); |
||
92 |
int ikev2_pld_ts(struct iked *, struct ikev2_payload *, |
||
93 |
struct iked_message *, size_t, size_t, unsigned int); |
||
94 |
int ikev2_validate_auth(struct iked_message *, size_t, size_t, |
||
95 |
struct ikev2_payload *, struct ikev2_auth *); |
||
96 |
int ikev2_pld_auth(struct iked *, struct ikev2_payload *, |
||
97 |
struct iked_message *, size_t, size_t); |
||
98 |
int ikev2_pld_e(struct iked *, struct ikev2_payload *, |
||
99 |
struct iked_message *, size_t); |
||
100 |
int ikev2_validate_cp(struct iked_message *, size_t, size_t, |
||
101 |
struct ikev2_payload *, struct ikev2_cp *); |
||
102 |
int ikev2_pld_cp(struct iked *, struct ikev2_payload *, |
||
103 |
struct iked_message *, size_t, size_t); |
||
104 |
int ikev2_validate_eap(struct iked_message *, size_t, size_t, |
||
105 |
struct ikev2_payload *, struct eap_header *); |
||
106 |
int ikev2_pld_eap(struct iked *, struct ikev2_payload *, |
||
107 |
struct iked_message *, size_t, size_t); |
||
108 |
|||
109 |
int |
||
110 |
ikev2_pld_parse(struct iked *env, struct ike_header *hdr, |
||
111 |
struct iked_message *msg, size_t offset) |
||
112 |
{ |
||
113 |
233350376 |
log_debug("%s: header ispi %s rspi %s" |
|
114 |
" nextpayload %s version 0x%02x exchange %s flags 0x%02x" |
||
115 |
" msgid %d length %u response %d", __func__, |
||
116 |
466700752 |
print_spi(betoh64(hdr->ike_ispi), 8), |
|
117 |
233350376 |
print_spi(betoh64(hdr->ike_rspi), 8), |
|
118 |
233350376 |
print_map(hdr->ike_nextpayload, ikev2_payload_map), |
|
119 |
233350376 |
hdr->ike_version, |
|
120 |
233350376 |
print_map(hdr->ike_exchange, ikev2_exchange_map), |
|
121 |
233350376 |
hdr->ike_flags, |
|
122 |
233350376 |
betoh32(hdr->ike_msgid), |
|
123 |
233350376 |
betoh32(hdr->ike_length), |
|
124 |
233350376 |
msg->msg_response); |
|
125 |
|||
126 |
✓✓ | 233350376 |
if (ibuf_size(msg->msg_data) < betoh32(hdr->ike_length)) { |
127 |
6732992 |
log_debug("%s: short message", __func__); |
|
128 |
6732992 |
return (-1); |
|
129 |
} |
||
130 |
|||
131 |
226617384 |
offset += sizeof(*hdr); |
|
132 |
|||
133 |
226617384 |
return (ikev2_pld_payloads(env, msg, offset, |
|
134 |
226617384 |
betoh32(hdr->ike_length), hdr->ike_nextpayload)); |
|
135 |
233350376 |
} |
|
136 |
|||
137 |
int |
||
138 |
ikev2_validate_pld(struct iked_message *msg, size_t offset, size_t left, |
||
139 |
struct ikev2_payload *pld) |
||
140 |
{ |
||
141 |
1183294798 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
142 |
size_t pld_length; |
||
143 |
|||
144 |
/* We need at least the generic header. */ |
||
145 |
✓✓ | 591647399 |
if (left < sizeof(*pld)) { |
146 |
483 |
log_debug("%s: malformed payload: too short for generic " |
|
147 |
"header (%zu < %zu)", __func__, left, sizeof(*pld)); |
||
148 |
483 |
return (-1); |
|
149 |
} |
||
150 |
591646916 |
memcpy(pld, msgbuf + offset, sizeof(*pld)); |
|
151 |
|||
152 |
/* |
||
153 |
* We need at least the specified number of bytes. |
||
154 |
* pld_length is the full size of the payload including |
||
155 |
* the generic payload header. |
||
156 |
*/ |
||
157 |
591646916 |
pld_length = betoh16(pld->pld_length); |
|
158 |
✓✓ | 591646916 |
if (left < pld_length) { |
159 |
7356034 |
log_debug("%s: malformed payload: shorter than specified " |
|
160 |
"(%zu < %zu)", __func__, left, pld_length); |
||
161 |
7356034 |
return (-1); |
|
162 |
} |
||
163 |
/* |
||
164 |
* Sanity check the specified payload size, it must |
||
165 |
* be at last the size of the generic payload header. |
||
166 |
*/ |
||
167 |
✓✓ | 584290882 |
if (pld_length < sizeof(*pld)) { |
168 |
305949 |
log_debug("%s: malformed payload: shorter than minimum " |
|
169 |
"header size (%zu < %zu)", __func__, pld_length, |
||
170 |
sizeof(*pld)); |
||
171 |
305949 |
return (-1); |
|
172 |
} |
||
173 |
|||
174 |
583984933 |
return (0); |
|
175 |
591647399 |
} |
|
176 |
|||
177 |
int |
||
178 |
ikev2_pld_payloads(struct iked *env, struct iked_message *msg, |
||
179 |
size_t offset, size_t length, unsigned int payload) |
||
180 |
{ |
||
181 |
453234768 |
struct ikev2_payload pld; |
|
182 |
unsigned int e; |
||
183 |
int ret; |
||
184 |
226617384 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
185 |
size_t left; |
||
186 |
|||
187 |
/* Check if message was decrypted in an E payload */ |
||
188 |
226617384 |
e = msg->msg_e ? IKED_E : 0; |
|
189 |
|||
190 |
✓✓✓✓ |
2214279130 |
while (payload != 0 && offset < length) { |
191 |
/* Bytes left in datagram. */ |
||
192 |
591647399 |
left = length - offset; |
|
193 |
|||
194 |
✓✓ | 591647399 |
if (ikev2_validate_pld(msg, offset, left, &pld)) |
195 |
7662466 |
return (-1); |
|
196 |
|||
197 |
583984933 |
log_debug("%s: %spayload %s" |
|
198 |
" nextpayload %s critical 0x%02x length %d", |
||
199 |
583984933 |
__func__, e ? "decrypted " : "", |
|
200 |
583984933 |
print_map(payload, ikev2_payload_map), |
|
201 |
583984933 |
print_map(pld.pld_nextpayload, ikev2_payload_map), |
|
202 |
583984933 |
pld.pld_reserved & IKEV2_CRITICAL_PAYLOAD, |
|
203 |
583984933 |
betoh16(pld.pld_length)); |
|
204 |
|||
205 |
/* Skip over generic payload header. */ |
||
206 |
583984933 |
offset += sizeof(pld); |
|
207 |
583984933 |
left -= sizeof(pld); |
|
208 |
ret = 0; |
||
209 |
|||
210 |
✗✓✗✓ ✗✗✗✗ ✓✗✗✓ ✗✓✗✗ ✗✓✗✗ ✓ |
583984933 |
switch (payload | e) { |
211 |
case IKEV2_PAYLOAD_SA: |
||
212 |
case IKEV2_PAYLOAD_SA | IKED_E: |
||
213 |
93267797 |
ret = ikev2_pld_sa(env, &pld, msg, offset, left); |
|
214 |
93267797 |
break; |
|
215 |
case IKEV2_PAYLOAD_KE: |
||
216 |
case IKEV2_PAYLOAD_KE | IKED_E: |
||
217 |
125592173 |
ret = ikev2_pld_ke(env, &pld, msg, offset, left); |
|
218 |
125592173 |
break; |
|
219 |
case IKEV2_PAYLOAD_IDi | IKED_E: |
||
220 |
case IKEV2_PAYLOAD_IDr | IKED_E: |
||
221 |
ret = ikev2_pld_id(env, &pld, msg, offset, left, |
||
222 |
payload); |
||
223 |
break; |
||
224 |
case IKEV2_PAYLOAD_CERT | IKED_E: |
||
225 |
ret = ikev2_pld_cert(env, &pld, msg, offset, left); |
||
226 |
break; |
||
227 |
case IKEV2_PAYLOAD_CERTREQ: |
||
228 |
case IKEV2_PAYLOAD_CERTREQ | IKED_E: |
||
229 |
437591 |
ret = ikev2_pld_certreq(env, &pld, msg, offset, left); |
|
230 |
437591 |
break; |
|
231 |
case IKEV2_PAYLOAD_AUTH | IKED_E: |
||
232 |
ret = ikev2_pld_auth(env, &pld, msg, offset, left); |
||
233 |
break; |
||
234 |
case IKEV2_PAYLOAD_NONCE: |
||
235 |
case IKEV2_PAYLOAD_NONCE | IKED_E: |
||
236 |
89101894 |
ret = ikev2_pld_nonce(env, &pld, msg, offset, left); |
|
237 |
89101894 |
break; |
|
238 |
case IKEV2_PAYLOAD_NOTIFY: |
||
239 |
case IKEV2_PAYLOAD_NOTIFY | IKED_E: |
||
240 |
175164983 |
ret = ikev2_pld_notify(env, &pld, msg, offset, left); |
|
241 |
175164983 |
break; |
|
242 |
case IKEV2_PAYLOAD_DELETE | IKED_E: |
||
243 |
ret = ikev2_pld_delete(env, &pld, msg, offset, left); |
||
244 |
break; |
||
245 |
case IKEV2_PAYLOAD_TSi | IKED_E: |
||
246 |
case IKEV2_PAYLOAD_TSr | IKED_E: |
||
247 |
ret = ikev2_pld_ts(env, &pld, msg, offset, left, |
||
248 |
payload); |
||
249 |
break; |
||
250 |
case IKEV2_PAYLOAD_SK: |
||
251 |
47838 |
ret = ikev2_pld_e(env, &pld, msg, offset); |
|
252 |
47838 |
break; |
|
253 |
case IKEV2_PAYLOAD_CP | IKED_E: |
||
254 |
ret = ikev2_pld_cp(env, &pld, msg, offset, left); |
||
255 |
break; |
||
256 |
case IKEV2_PAYLOAD_EAP | IKED_E: |
||
257 |
ret = ikev2_pld_eap(env, &pld, msg, offset, left); |
||
258 |
break; |
||
259 |
default: |
||
260 |
100372657 |
print_hex(msgbuf, offset, |
|
261 |
100372657 |
betoh16(pld.pld_length) - sizeof(pld)); |
|
262 |
100372657 |
break; |
|
263 |
} |
||
264 |
|||
265 |
✓✓✗✓ |
594443353 |
if (ret != 0 && ikev2_msg_frompeer(msg)) { |
266 |
(void)ikev2_send_informational(env, msg); |
||
267 |
return (-1); |
||
268 |
} |
||
269 |
|||
270 |
/* Encrypted payload must appear last */ |
||
271 |
✓✓ | 583984933 |
if (payload == IKEV2_PAYLOAD_SK) |
272 |
47838 |
return (0); |
|
273 |
|||
274 |
583937095 |
payload = pld.pld_nextpayload; |
|
275 |
583937095 |
offset += betoh16(pld.pld_length) - sizeof(pld); |
|
276 |
} |
||
277 |
|||
278 |
218907080 |
return (0); |
|
279 |
226617384 |
} |
|
280 |
|||
281 |
int |
||
282 |
ikev2_validate_sa(struct iked_message *msg, size_t offset, size_t left, |
||
283 |
struct ikev2_payload *pld, struct ikev2_sa_proposal *sap) |
||
284 |
{ |
||
285 |
186535594 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
286 |
size_t pld_length, sap_length; |
||
287 |
|||
288 |
93267797 |
pld_length = betoh16(pld->pld_length); |
|
289 |
✓✓ | 93267797 |
if (pld_length < sizeof(*pld) + sizeof(*sap)) { |
290 |
7616 |
log_debug("%s: malformed payload: specified length smaller " |
|
291 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
292 |
sizeof(*pld) + sizeof(*sap)); |
||
293 |
7616 |
return (-1); |
|
294 |
} |
||
295 |
|||
296 |
/* This will actually be caught by earlier checks. */ |
||
297 |
✗✓ | 93260181 |
if (left < sizeof(*sap)) { |
298 |
log_debug("%s: malformed payload: too short for header " |
||
299 |
"(%zu < %zu)", __func__, left, sizeof(*sap)); |
||
300 |
return (-1); |
||
301 |
} |
||
302 |
93260181 |
memcpy(sap, msgbuf + offset, sizeof(*sap)); |
|
303 |
|||
304 |
93260181 |
sap_length = betoh16(sap->sap_length); |
|
305 |
✓✓ | 93260181 |
if (sap_length < sizeof(*sap)) { |
306 |
40789 |
log_debug("%s: malformed payload: shorter than minimum header " |
|
307 |
"size (%zu < %zu)", __func__, sap_length, sizeof(*sap)); |
||
308 |
40789 |
return (-1); |
|
309 |
} |
||
310 |
✓✓ | 93219392 |
if (left < sap_length) { |
311 |
631414 |
log_debug("%s: malformed payload: too long for actual payload " |
|
312 |
"size (%zu < %zu)", __func__, left, sap_length); |
||
313 |
631414 |
return (-1); |
|
314 |
} |
||
315 |
/* |
||
316 |
* NB: There might be more proposals, we parse only the first one. |
||
317 |
* This condition must never be true. |
||
318 |
*/ |
||
319 |
✓✓ | 92587978 |
if (pld_length - sizeof(*pld) < sap_length) { |
320 |
253386 |
log_debug("%s: payload malformed: SA payload length mismatches " |
|
321 |
"proposal substructure length (%lu < %zu)", __func__, |
||
322 |
pld_length - sizeof(*pld), sap_length); |
||
323 |
253386 |
return (-1); |
|
324 |
} |
||
325 |
/* |
||
326 |
* If there is only one proposal, sap_length must be the |
||
327 |
* total payload size. |
||
328 |
*/ |
||
329 |
✓✓✓✓ |
184163721 |
if (!sap->sap_more && ((pld_length - sizeof(*pld)) != sap_length)) { |
330 |
634137 |
log_debug("%s: payload malformed: SA payload length mismatches " |
|
331 |
"single proposal substructure length (%lu != %zu)", |
||
332 |
__func__, pld_length - sizeof(*pld), sap_length); |
||
333 |
634137 |
return (-1); |
|
334 |
} |
||
335 |
/* |
||
336 |
* If there are more than one proposal, there must be bytes |
||
337 |
* left in the payload. |
||
338 |
*/ |
||
339 |
✓✓✓✓ |
92205918 |
if (sap->sap_more && ((pld_length - sizeof(*pld)) <= sap_length)) { |
340 |
503573 |
log_debug("%s: payload malformed: SA payload too small for " |
|
341 |
"further proposals (%zu <= %zu)", __func__, |
||
342 |
pld_length - sizeof(*pld), sap_length); |
||
343 |
503573 |
return (-1); |
|
344 |
} |
||
345 |
91196882 |
return (0); |
|
346 |
93267797 |
} |
|
347 |
|||
348 |
/* |
||
349 |
* NB: This function parses both the SA header and the first proposal. |
||
350 |
* Additional proposals are ignored. |
||
351 |
*/ |
||
352 |
int |
||
353 |
ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, |
||
354 |
struct iked_message *msg, size_t offset, size_t left) |
||
355 |
{ |
||
356 |
186535594 |
struct ikev2_sa_proposal sap; |
|
357 |
struct iked_proposal *prop = NULL; |
||
358 |
uint32_t spi32; |
||
359 |
uint64_t spi = 0, spi64; |
||
360 |
93267797 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
361 |
struct iked_proposals *props; |
||
362 |
size_t total; |
||
363 |
|||
364 |
✓✓ | 93267797 |
if (ikev2_validate_sa(msg, offset, left, pld, &sap)) |
365 |
2070915 |
return (-1); |
|
366 |
|||
367 |
✓✓ | 91196882 |
if (sap.sap_more) |
368 |
1890 |
log_debug("%s: more than one proposal specified", __func__); |
|
369 |
|||
370 |
/* Assumed size of the first proposals, including SPI if present. */ |
||
371 |
91196882 |
total = (betoh16(sap.sap_length) - sizeof(sap)); |
|
372 |
|||
373 |
91196882 |
props = &msg->msg_parent->msg_proposals; |
|
374 |
|||
375 |
91196882 |
offset += sizeof(sap); |
|
376 |
91196882 |
left -= sizeof(sap); |
|
377 |
|||
378 |
✓✓ | 91196882 |
if (sap.sap_spisize) { |
379 |
✓✓ | 500913 |
if (left < sap.sap_spisize) { |
380 |
47173 |
log_debug("%s: malformed payload: SPI larger than " |
|
381 |
"actual payload (%zu < %d)", __func__, left, |
||
382 |
47173 |
sap.sap_spisize); |
|
383 |
47173 |
return (-1); |
|
384 |
} |
||
385 |
✓✓ | 453740 |
if (total < sap.sap_spisize) { |
386 |
104720 |
log_debug("%s: malformed payload: SPI larger than " |
|
387 |
"proposal (%zu < %d)", __func__, total, |
||
388 |
104720 |
sap.sap_spisize); |
|
389 |
104720 |
return (-1); |
|
390 |
} |
||
391 |
✗✓ | 349020 |
if (total < sap.sap_spisize) { |
392 |
log_debug("%s: malformed payload: SPI too large " |
||
393 |
"(%zu < %d)", __func__, total, sap.sap_spisize); |
||
394 |
return (-1); |
||
395 |
} |
||
396 |
✓✓✓ | 349020 |
switch (sap.sap_spisize) { |
397 |
case 4: |
||
398 |
58072 |
memcpy(&spi32, msgbuf + offset, 4); |
|
399 |
58072 |
spi = betoh32(spi32); |
|
400 |
58072 |
break; |
|
401 |
case 8: |
||
402 |
58072 |
memcpy(&spi64, msgbuf + offset, 8); |
|
403 |
58072 |
spi = betoh64(spi64); |
|
404 |
58072 |
break; |
|
405 |
default: |
||
406 |
232876 |
log_debug("%s: unsupported SPI size %d", |
|
407 |
__func__, sap.sap_spisize); |
||
408 |
232876 |
return (-1); |
|
409 |
} |
||
410 |
|||
411 |
116144 |
offset += sap.sap_spisize; |
|
412 |
116144 |
left -= sap.sap_spisize; |
|
413 |
|||
414 |
/* Assumed size of the proposal, now without SPI. */ |
||
415 |
116144 |
total -= sap.sap_spisize; |
|
416 |
116144 |
} |
|
417 |
|||
418 |
/* |
||
419 |
* As we verified sanity of packet headers, this check will |
||
420 |
* be always false, but just to be sure we keep it. |
||
421 |
*/ |
||
422 |
✗✓ | 90812113 |
if (left < total) { |
423 |
log_debug("%s: payload malformed: too long for payload " |
||
424 |
"(%zu < %zu)", __func__, left, total); |
||
425 |
return (-1); |
||
426 |
} |
||
427 |
|||
428 |
90812113 |
log_debug("%s: more %d reserved %d length %d" |
|
429 |
" proposal #%d protoid %s spisize %d xforms %d spi %s", |
||
430 |
90812113 |
__func__, sap.sap_more, sap.sap_reserved, |
|
431 |
90812113 |
betoh16(sap.sap_length), sap.sap_proposalnr, |
|
432 |
90812113 |
print_map(sap.sap_protoid, ikev2_saproto_map), sap.sap_spisize, |
|
433 |
90812113 |
sap.sap_transforms, print_spi(spi, sap.sap_spisize)); |
|
434 |
|||
435 |
✗✓ | 90812113 |
if (ikev2_msg_frompeer(msg)) { |
436 |
if ((msg->msg_parent->msg_prop = config_add_proposal(props, |
||
437 |
sap.sap_proposalnr, sap.sap_protoid)) == NULL) { |
||
438 |
log_debug("%s: invalid proposal", __func__); |
||
439 |
return (-1); |
||
440 |
} |
||
441 |
prop = msg->msg_parent->msg_prop; |
||
442 |
prop->prop_peerspi.spi = spi; |
||
443 |
prop->prop_peerspi.spi_protoid = sap.sap_protoid; |
||
444 |
prop->prop_peerspi.spi_size = sap.sap_spisize; |
||
445 |
|||
446 |
prop->prop_localspi.spi_protoid = sap.sap_protoid; |
||
447 |
prop->prop_localspi.spi_size = sap.sap_spisize; |
||
448 |
} |
||
449 |
|||
450 |
/* |
||
451 |
* Parse the attached transforms |
||
452 |
*/ |
||
453 |
✓✓✓✓ |
181252407 |
if (sap.sap_transforms && |
454 |
90440294 |
ikev2_pld_xform(env, &sap, msg, offset, total) != 0) { |
|
455 |
7812224 |
log_debug("%s: invalid proposal transforms", __func__); |
|
456 |
7812224 |
return (-1); |
|
457 |
} |
||
458 |
|||
459 |
82999889 |
return (0); |
|
460 |
93267797 |
} |
|
461 |
|||
462 |
int |
||
463 |
ikev2_validate_xform(struct iked_message *msg, size_t offset, size_t total, |
||
464 |
struct ikev2_transform *xfrm) |
||
465 |
{ |
||
466 |
1042829284 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
467 |
size_t xfrm_length; |
||
468 |
|||
469 |
✓✓ | 521414642 |
if (total < sizeof(*xfrm)) { |
470 |
136710 |
log_debug("%s: payload malformed: too short for header " |
|
471 |
"(%zu < %zu)", __func__, total, sizeof(*xfrm)); |
||
472 |
136710 |
return (-1); |
|
473 |
} |
||
474 |
521277932 |
memcpy(xfrm, msgbuf + offset, sizeof(*xfrm)); |
|
475 |
|||
476 |
521277932 |
xfrm_length = betoh16(xfrm->xfrm_length); |
|
477 |
✓✓ | 521277932 |
if (xfrm_length < sizeof(*xfrm)) { |
478 |
336420 |
log_debug("%s: payload malformed: shorter than minimal header " |
|
479 |
"(%zu < %zu)", __func__, xfrm_length, sizeof(*xfrm)); |
||
480 |
336420 |
return (-1); |
|
481 |
} |
||
482 |
✓✓ | 520941512 |
if (total < xfrm_length) { |
483 |
4021668 |
log_debug("%s: malformed payload: too long for payload size " |
|
484 |
"(%zu < %zu)", __func__, total, xfrm_length); |
||
485 |
4021668 |
return (-1); |
|
486 |
} |
||
487 |
|||
488 |
516919844 |
return (0); |
|
489 |
521414642 |
} |
|
490 |
|||
491 |
int |
||
492 |
ikev2_pld_xform(struct iked *env, struct ikev2_sa_proposal *sap, |
||
493 |
struct iked_message *msg, size_t offset, size_t total) |
||
494 |
{ |
||
495 |
1042829284 |
struct ikev2_transform xfrm; |
|
496 |
521414642 |
char id[BUFSIZ]; |
|
497 |
int ret = 0; |
||
498 |
size_t xfrm_length; |
||
499 |
|||
500 |
✓✓ | 521414642 |
if (ikev2_validate_xform(msg, offset, total, &xfrm)) |
501 |
4494798 |
return (-1); |
|
502 |
|||
503 |
516919844 |
xfrm_length = betoh16(xfrm.xfrm_length); |
|
504 |
|||
505 |
✓✓✓✓ ✓✓ |
516919844 |
switch (xfrm.xfrm_type) { |
506 |
case IKEV2_XFORMTYPE_ENCR: |
||
507 |
87893904 |
strlcpy(id, print_map(betoh16(xfrm.xfrm_id), |
|
508 |
ikev2_xformencr_map), sizeof(id)); |
||
509 |
87893904 |
break; |
|
510 |
case IKEV2_XFORMTYPE_PRF: |
||
511 |
250840926 |
strlcpy(id, print_map(betoh16(xfrm.xfrm_id), |
|
512 |
ikev2_xformprf_map), sizeof(id)); |
||
513 |
250840926 |
break; |
|
514 |
case IKEV2_XFORMTYPE_INTEGR: |
||
515 |
89454428 |
strlcpy(id, print_map(betoh16(xfrm.xfrm_id), |
|
516 |
ikev2_xformauth_map), sizeof(id)); |
||
517 |
89454428 |
break; |
|
518 |
case IKEV2_XFORMTYPE_DH: |
||
519 |
86334962 |
strlcpy(id, print_map(betoh16(xfrm.xfrm_id), |
|
520 |
ikev2_xformdh_map), sizeof(id)); |
||
521 |
86334962 |
break; |
|
522 |
case IKEV2_XFORMTYPE_ESN: |
||
523 |
113092 |
strlcpy(id, print_map(betoh16(xfrm.xfrm_id), |
|
524 |
ikev2_xformesn_map), sizeof(id)); |
||
525 |
113092 |
break; |
|
526 |
default: |
||
527 |
2282532 |
snprintf(id, sizeof(id), "<%d>", betoh16(xfrm.xfrm_id)); |
|
528 |
2282532 |
break; |
|
529 |
} |
||
530 |
|||
531 |
516919844 |
log_debug("%s: more %d reserved %d length %zu" |
|
532 |
" type %s id %s", |
||
533 |
516919844 |
__func__, xfrm.xfrm_more, xfrm.xfrm_reserved, xfrm_length, |
|
534 |
516919844 |
print_map(xfrm.xfrm_type, ikev2_xformtype_map), id); |
|
535 |
|||
536 |
/* |
||
537 |
* Parse transform attributes, if available |
||
538 |
*/ |
||
539 |
516919844 |
msg->msg_attrlength = 0; |
|
540 |
✓✓ | 516919844 |
if (xfrm_length > sizeof(xfrm)) { |
541 |
✓✓ | 267607578 |
if (ikev2_pld_attr(env, &xfrm, msg, offset + sizeof(xfrm), |
542 |
178405052 |
xfrm_length - sizeof(xfrm)) != 0) { |
|
543 |
1030806 |
return (-1); |
|
544 |
} |
||
545 |
} |
||
546 |
|||
547 |
✗✓ | 515889038 |
if (ikev2_msg_frompeer(msg)) { |
548 |
if (config_add_transform(msg->msg_parent->msg_prop, |
||
549 |
xfrm.xfrm_type, betoh16(xfrm.xfrm_id), |
||
550 |
msg->msg_attrlength, msg->msg_attrlength) == NULL) { |
||
551 |
log_debug("%s: failed to add transform", __func__); |
||
552 |
return (-1); |
||
553 |
} |
||
554 |
} |
||
555 |
|||
556 |
/* Next transform */ |
||
557 |
515889038 |
offset += xfrm_length; |
|
558 |
515889038 |
total -= xfrm_length; |
|
559 |
✓✓ | 515889038 |
if (xfrm.xfrm_more == IKEV2_XFORM_MORE) |
560 |
430974348 |
ret = ikev2_pld_xform(env, sap, msg, offset, total); |
|
561 |
✓✓ | 84914690 |
else if (total != 0) { |
562 |
/* No more transforms but still some data left. */ |
||
563 |
2286620 |
log_debug("%s: less data than specified, %zu bytes left", |
|
564 |
__func__, total); |
||
565 |
ret = -1; |
||
566 |
2286620 |
} |
|
567 |
|||
568 |
515889038 |
return (ret); |
|
569 |
521414642 |
} |
|
570 |
|||
571 |
int |
||
572 |
ikev2_validate_attr(struct iked_message *msg, size_t offset, size_t total, |
||
573 |
struct ikev2_attribute *attr) |
||
574 |
{ |
||
575 |
179992680 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
576 |
|||
577 |
✓✓ | 89996340 |
if (total < sizeof(*attr)) { |
578 |
563514 |
log_debug("%s: payload malformed: too short for header " |
|
579 |
"(%zu < %zu)", __func__, total, sizeof(*attr)); |
||
580 |
563514 |
return (-1); |
|
581 |
} |
||
582 |
89432826 |
memcpy(attr, msgbuf + offset, sizeof(*attr)); |
|
583 |
|||
584 |
89432826 |
return (0); |
|
585 |
89996340 |
} |
|
586 |
|||
587 |
int |
||
588 |
ikev2_pld_attr(struct iked *env, struct ikev2_transform *xfrm, |
||
589 |
struct iked_message *msg, size_t offset, size_t total) |
||
590 |
{ |
||
591 |
179992680 |
struct ikev2_attribute attr; |
|
592 |
unsigned int type; |
||
593 |
89996340 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
594 |
int ret = 0; |
||
595 |
size_t attr_length; |
||
596 |
|||
597 |
✓✓ | 89996340 |
if (ikev2_validate_attr(msg, offset, total, &attr)) |
598 |
563514 |
return (-1); |
|
599 |
|||
600 |
89432826 |
type = betoh16(attr.attr_type) & ~IKEV2_ATTRAF_TV; |
|
601 |
|||
602 |
89432826 |
log_debug("%s: attribute type %s length %d total %zu", |
|
603 |
89432826 |
__func__, print_map(type, ikev2_attrtype_map), |
|
604 |
89432826 |
betoh16(attr.attr_length), total); |
|
605 |
|||
606 |
✓✓ | 89432826 |
if (betoh16(attr.attr_type) & IKEV2_ATTRAF_TV) { |
607 |
/* Type-Value attribute */ |
||
608 |
88178720 |
offset += sizeof(attr); |
|
609 |
88178720 |
total -= sizeof(attr); |
|
610 |
|||
611 |
✓✓ | 88178720 |
if (type == IKEV2_ATTRTYPE_KEY_LENGTH) |
612 |
87317552 |
msg->msg_attrlength = betoh16(attr.attr_length); |
|
613 |
} else { |
||
614 |
/* Type-Length-Value attribute */ |
||
615 |
1254106 |
attr_length = betoh16(attr.attr_length); |
|
616 |
✓✓ | 1254106 |
if (attr_length < sizeof(attr)) { |
617 |
728 |
log_debug("%s: payload malformed: shorter than " |
|
618 |
"minimal header (%zu < %zu)", __func__, |
||
619 |
attr_length, sizeof(attr)); |
||
620 |
728 |
return (-1); |
|
621 |
} |
||
622 |
✓✓ | 1253378 |
if (total < attr_length) { |
623 |
466564 |
log_debug("%s: payload malformed: attribute larger " |
|
624 |
"than actual payload (%zu < %zu)", __func__, |
||
625 |
total, attr_length); |
||
626 |
466564 |
return (-1); |
|
627 |
} |
||
628 |
1573628 |
print_hex(msgbuf, offset + sizeof(attr), |
|
629 |
786814 |
attr_length - sizeof(attr)); |
|
630 |
786814 |
offset += attr_length; |
|
631 |
786814 |
total -= attr_length; |
|
632 |
} |
||
633 |
|||
634 |
✓✓ | 88965534 |
if (total > 0) { |
635 |
/* Next attribute */ |
||
636 |
793814 |
ret = ikev2_pld_attr(env, xfrm, msg, offset, total); |
|
637 |
793814 |
} |
|
638 |
|||
639 |
88965534 |
return (ret); |
|
640 |
89996340 |
} |
|
641 |
|||
642 |
int |
||
643 |
ikev2_validate_ke(struct iked_message *msg, size_t offset, size_t left, |
||
644 |
struct ikev2_payload *pld, struct ikev2_keyexchange *kex) |
||
645 |
{ |
||
646 |
251184346 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
647 |
size_t pld_length; |
||
648 |
|||
649 |
125592173 |
pld_length = betoh16(pld->pld_length); |
|
650 |
✓✓ | 125592173 |
if (pld_length < sizeof(*pld) + sizeof(*kex)) { |
651 |
2989 |
log_debug("%s: malformed payload: specified length smaller " |
|
652 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
653 |
sizeof(*pld) + sizeof(*kex)); |
||
654 |
2989 |
return (-1); |
|
655 |
} |
||
656 |
|||
657 |
/* This will actually be caught by earlier checks. */ |
||
658 |
✗✓ | 125589184 |
if (left < sizeof(*kex)) { |
659 |
log_debug("%s: malformed payload: too short for header " |
||
660 |
"(%zu < %zu)", __func__, left, sizeof(*kex)); |
||
661 |
return (-1); |
||
662 |
} |
||
663 |
125589184 |
memcpy(kex, msgbuf + offset, sizeof(*kex)); |
|
664 |
|||
665 |
125589184 |
return (0); |
|
666 |
125592173 |
} |
|
667 |
|||
668 |
int |
||
669 |
ikev2_pld_ke(struct iked *env, struct ikev2_payload *pld, |
||
670 |
struct iked_message *msg, size_t offset, size_t left) |
||
671 |
{ |
||
672 |
251184346 |
struct ikev2_keyexchange kex; |
|
673 |
uint8_t *buf; |
||
674 |
size_t len; |
||
675 |
125592173 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
676 |
|||
677 |
✓✓ | 125592173 |
if (ikev2_validate_ke(msg, offset, left, pld, &kex)) |
678 |
2989 |
return (-1); |
|
679 |
|||
680 |
125589184 |
log_debug("%s: dh group %s reserved %d", __func__, |
|
681 |
125589184 |
print_map(betoh16(kex.kex_dhgroup), ikev2_xformdh_map), |
|
682 |
125589184 |
betoh16(kex.kex_reserved)); |
|
683 |
|||
684 |
125589184 |
buf = msgbuf + offset + sizeof(kex); |
|
685 |
125589184 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(kex); |
|
686 |
|||
687 |
✓✓ | 125589184 |
if (len == 0) { |
688 |
81284 |
log_debug("%s: malformed payload: no KE data given", __func__); |
|
689 |
81284 |
return (-1); |
|
690 |
} |
||
691 |
/* This will actually be caught by earlier checks. */ |
||
692 |
✗✓ | 125507900 |
if (left < len) { |
693 |
log_debug("%s: malformed payload: smaller than specified " |
||
694 |
"(%zu < %zu)", __func__, left, len); |
||
695 |
return (-1); |
||
696 |
} |
||
697 |
|||
698 |
125507900 |
print_hex(buf, 0, len); |
|
699 |
|||
700 |
✗✓ | 125507900 |
if (ikev2_msg_frompeer(msg)) { |
701 |
ibuf_release(msg->msg_parent->msg_ke); |
||
702 |
if ((msg->msg_parent->msg_ke = ibuf_new(buf, len)) == NULL) { |
||
703 |
log_debug("%s: failed to get exchange", __func__); |
||
704 |
return (-1); |
||
705 |
} |
||
706 |
} |
||
707 |
|||
708 |
125507900 |
return (0); |
|
709 |
125592173 |
} |
|
710 |
|||
711 |
int |
||
712 |
ikev2_validate_id(struct iked_message *msg, size_t offset, size_t left, |
||
713 |
struct ikev2_payload *pld, struct ikev2_id *id) |
||
714 |
{ |
||
715 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
716 |
size_t pld_length; |
||
717 |
|||
718 |
pld_length = betoh16(pld->pld_length); |
||
719 |
if (pld_length < sizeof(*pld) + sizeof(*id)) { |
||
720 |
log_debug("%s: malformed payload: specified length smaller " |
||
721 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
722 |
sizeof(*pld) + sizeof(*id)); |
||
723 |
return (-1); |
||
724 |
} |
||
725 |
|||
726 |
/* This will actually be caught by earlier checks. */ |
||
727 |
if (left < sizeof(*id)) { |
||
728 |
log_debug("%s: malformed payload: too short for header " |
||
729 |
"(%zu < %zu)", __func__, left, sizeof(*id)); |
||
730 |
return (-1); |
||
731 |
} |
||
732 |
memcpy(id, msgbuf + offset, sizeof(*id)); |
||
733 |
|||
734 |
return (0); |
||
735 |
} |
||
736 |
|||
737 |
int |
||
738 |
ikev2_pld_id(struct iked *env, struct ikev2_payload *pld, |
||
739 |
struct iked_message *msg, size_t offset, size_t left, unsigned int payload) |
||
740 |
{ |
||
741 |
uint8_t *ptr; |
||
742 |
struct ikev2_id id; |
||
743 |
size_t len; |
||
744 |
struct iked_id *idp, idb; |
||
745 |
struct iked_sa *sa = msg->msg_sa; |
||
746 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
747 |
char idstr[IKED_ID_SIZE]; |
||
748 |
|||
749 |
if (ikev2_validate_id(msg, offset, left, pld, &id)) |
||
750 |
return (-1); |
||
751 |
|||
752 |
bzero(&idb, sizeof(idb)); |
||
753 |
|||
754 |
/* Don't strip the Id payload header */ |
||
755 |
ptr = msgbuf + offset; |
||
756 |
len = betoh16(pld->pld_length) - sizeof(*pld); |
||
757 |
|||
758 |
idb.id_type = id.id_type; |
||
759 |
idb.id_offset = sizeof(id); |
||
760 |
if ((idb.id_buf = ibuf_new(ptr, len)) == NULL) |
||
761 |
return (-1); |
||
762 |
|||
763 |
if (ikev2_print_id(&idb, idstr, sizeof(idstr)) == -1) { |
||
764 |
log_debug("%s: malformed id", __func__); |
||
765 |
return (-1); |
||
766 |
} |
||
767 |
|||
768 |
log_debug("%s: id %s length %zu", __func__, idstr, len); |
||
769 |
|||
770 |
if (!ikev2_msg_frompeer(msg)) { |
||
771 |
ibuf_release(idb.id_buf); |
||
772 |
return (0); |
||
773 |
} |
||
774 |
|||
775 |
if (!((sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDr) || |
||
776 |
(!sa->sa_hdr.sh_initiator && payload == IKEV2_PAYLOAD_IDi))) { |
||
777 |
log_debug("%s: unexpected id payload", __func__); |
||
778 |
return (0); |
||
779 |
} |
||
780 |
|||
781 |
idp = &msg->msg_parent->msg_id; |
||
782 |
if (idp->id_type) { |
||
783 |
log_debug("%s: duplicate id payload", __func__); |
||
784 |
return (-1); |
||
785 |
} |
||
786 |
|||
787 |
idp->id_buf = idb.id_buf; |
||
788 |
idp->id_offset = idb.id_offset; |
||
789 |
idp->id_type = idb.id_type; |
||
790 |
|||
791 |
return (0); |
||
792 |
} |
||
793 |
|||
794 |
int |
||
795 |
ikev2_validate_cert(struct iked_message *msg, size_t offset, size_t left, |
||
796 |
struct ikev2_payload *pld, struct ikev2_cert *cert) |
||
797 |
{ |
||
798 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
799 |
size_t pld_length; |
||
800 |
|||
801 |
pld_length = betoh16(pld->pld_length); |
||
802 |
if (pld_length < sizeof(*pld) + sizeof(*cert)) { |
||
803 |
log_debug("%s: malformed payload: specified length smaller " |
||
804 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
805 |
sizeof(*pld) + sizeof(*cert)); |
||
806 |
return (-1); |
||
807 |
} |
||
808 |
|||
809 |
/* This will actually be caught by earlier checks. */ |
||
810 |
if (left < sizeof(*cert)) { |
||
811 |
log_debug("%s: malformed payload: too short for header " |
||
812 |
"(%zu < %zu)", __func__, left, sizeof(*cert)); |
||
813 |
return (-1); |
||
814 |
} |
||
815 |
memcpy(cert, msgbuf + offset, sizeof(*cert)); |
||
816 |
|||
817 |
return (0); |
||
818 |
} |
||
819 |
|||
820 |
int |
||
821 |
ikev2_pld_cert(struct iked *env, struct ikev2_payload *pld, |
||
822 |
struct iked_message *msg, size_t offset, size_t left) |
||
823 |
{ |
||
824 |
struct ikev2_cert cert; |
||
825 |
uint8_t *buf; |
||
826 |
size_t len; |
||
827 |
struct iked_id *certid; |
||
828 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
829 |
|||
830 |
if (ikev2_validate_cert(msg, offset, left, pld, &cert)) |
||
831 |
return (-1); |
||
832 |
offset += sizeof(cert); |
||
833 |
|||
834 |
buf = msgbuf + offset; |
||
835 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(cert); |
||
836 |
|||
837 |
log_debug("%s: type %s length %zu", |
||
838 |
__func__, print_map(cert.cert_type, ikev2_cert_map), len); |
||
839 |
|||
840 |
print_hex(buf, 0, len); |
||
841 |
|||
842 |
if (!ikev2_msg_frompeer(msg)) |
||
843 |
return (0); |
||
844 |
|||
845 |
certid = &msg->msg_parent->msg_cert; |
||
846 |
if (certid->id_type) { |
||
847 |
log_debug("%s: duplicate cert payload", __func__); |
||
848 |
return (-1); |
||
849 |
} |
||
850 |
|||
851 |
if ((certid->id_buf = ibuf_new(buf, len)) == NULL) { |
||
852 |
log_debug("%s: failed to save cert", __func__); |
||
853 |
return (-1); |
||
854 |
} |
||
855 |
certid->id_type = cert.cert_type; |
||
856 |
certid->id_offset = 0; |
||
857 |
|||
858 |
return (0); |
||
859 |
} |
||
860 |
|||
861 |
int |
||
862 |
ikev2_validate_certreq(struct iked_message *msg, size_t offset, size_t left, |
||
863 |
struct ikev2_payload *pld, struct ikev2_cert *cert) |
||
864 |
{ |
||
865 |
875182 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
866 |
size_t pld_length; |
||
867 |
|||
868 |
437591 |
pld_length = betoh16(pld->pld_length); |
|
869 |
✓✓ | 437591 |
if (pld_length < sizeof(*pld) + sizeof(*cert)) { |
870 |
2933 |
log_debug("%s: malformed payload: specified length smaller " |
|
871 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
872 |
sizeof(*pld) + sizeof(*cert)); |
||
873 |
2933 |
return (-1); |
|
874 |
} |
||
875 |
|||
876 |
/* This will actually be caught by earlier checks. */ |
||
877 |
✗✓ | 434658 |
if (left < sizeof(*cert)) { |
878 |
log_debug("%s: malformed payload: too short for header " |
||
879 |
"(%zu < %zu)", __func__, left, sizeof(*cert)); |
||
880 |
return (-1); |
||
881 |
} |
||
882 |
434658 |
memcpy(cert, msgbuf + offset, sizeof(*cert)); |
|
883 |
|||
884 |
434658 |
return (0); |
|
885 |
437591 |
} |
|
886 |
|||
887 |
int |
||
888 |
ikev2_pld_certreq(struct iked *env, struct ikev2_payload *pld, |
||
889 |
struct iked_message *msg, size_t offset, size_t left) |
||
890 |
{ |
||
891 |
875182 |
struct iked_sa *sa = msg->msg_sa; |
|
892 |
437591 |
struct ikev2_cert cert; |
|
893 |
uint8_t *buf; |
||
894 |
ssize_t len; |
||
895 |
437591 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
896 |
|||
897 |
✓✓ | 437591 |
if (ikev2_validate_certreq(msg, offset, left, pld, &cert)) |
898 |
2933 |
return (-1); |
|
899 |
434658 |
offset += sizeof(cert); |
|
900 |
|||
901 |
434658 |
buf = msgbuf + offset; |
|
902 |
434658 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(cert); |
|
903 |
|||
904 |
434658 |
log_debug("%s: type %s length %zd", |
|
905 |
434658 |
__func__, print_map(cert.cert_type, ikev2_cert_map), len); |
|
906 |
|||
907 |
/* This will actually be caught by earlier checks. */ |
||
908 |
✗✓ | 434658 |
if (len < 0) { |
909 |
log_debug("%s: invalid certificate request length", __func__); |
||
910 |
return (-1); |
||
911 |
} |
||
912 |
|||
913 |
434658 |
print_hex(buf, 0, len); |
|
914 |
|||
915 |
✓✗ | 434658 |
if (!ikev2_msg_frompeer(msg)) |
916 |
434658 |
return (0); |
|
917 |
|||
918 |
if (cert.cert_type == IKEV2_CERT_X509_CERT) { |
||
919 |
if (!len) |
||
920 |
return (0); |
||
921 |
if ((len % SHA_DIGEST_LENGTH) != 0) { |
||
922 |
log_debug("%s: invalid certificate request", __func__); |
||
923 |
return (-1); |
||
924 |
} |
||
925 |
} |
||
926 |
|||
927 |
if (msg->msg_sa == NULL) |
||
928 |
return (-1); |
||
929 |
|||
930 |
/* Optional certreq for PSK */ |
||
931 |
if (sa->sa_hdr.sh_initiator) |
||
932 |
sa->sa_stateinit |= IKED_REQ_CERT; |
||
933 |
else |
||
934 |
sa->sa_statevalid |= IKED_REQ_CERT; |
||
935 |
|||
936 |
ca_setreq(env, sa, &sa->sa_policy->pol_localid, |
||
937 |
cert.cert_type, buf, len, PROC_CERT); |
||
938 |
|||
939 |
return (0); |
||
940 |
437591 |
} |
|
941 |
|||
942 |
int |
||
943 |
ikev2_validate_auth(struct iked_message *msg, size_t offset, size_t left, |
||
944 |
struct ikev2_payload *pld, struct ikev2_auth *auth) |
||
945 |
{ |
||
946 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
947 |
size_t pld_length; |
||
948 |
|||
949 |
pld_length = betoh16(pld->pld_length); |
||
950 |
if (pld_length < sizeof(*pld) + sizeof(*auth)) { |
||
951 |
log_debug("%s: malformed payload: specified length smaller " |
||
952 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
953 |
sizeof(*pld) + sizeof(*auth)); |
||
954 |
return (-1); |
||
955 |
} |
||
956 |
|||
957 |
/* This will actually be caught by earlier checks. */ |
||
958 |
if (left < sizeof(*auth)) { |
||
959 |
log_debug("%s: malformed payload: too short for header " |
||
960 |
"(%zu < %zu)", __func__, left, sizeof(*auth)); |
||
961 |
return (-1); |
||
962 |
} |
||
963 |
memcpy(auth, msgbuf + offset, sizeof(*auth)); |
||
964 |
|||
965 |
return (0); |
||
966 |
} |
||
967 |
|||
968 |
int |
||
969 |
ikev2_pld_auth(struct iked *env, struct ikev2_payload *pld, |
||
970 |
struct iked_message *msg, size_t offset, size_t left) |
||
971 |
{ |
||
972 |
struct ikev2_auth auth; |
||
973 |
struct iked_id *idp; |
||
974 |
uint8_t *buf; |
||
975 |
size_t len; |
||
976 |
struct iked_sa *sa = msg->msg_sa; |
||
977 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
978 |
|||
979 |
if (ikev2_validate_auth(msg, offset, left, pld, &auth)) |
||
980 |
return (-1); |
||
981 |
offset += sizeof(auth); |
||
982 |
|||
983 |
buf = msgbuf + offset; |
||
984 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(auth); |
||
985 |
|||
986 |
log_debug("%s: method %s length %zu", |
||
987 |
__func__, print_map(auth.auth_method, ikev2_auth_map), len); |
||
988 |
|||
989 |
print_hex(buf, 0, len); |
||
990 |
|||
991 |
if (!ikev2_msg_frompeer(msg)) |
||
992 |
return (0); |
||
993 |
|||
994 |
/* The AUTH payload indicates if the responder wants EAP or not */ |
||
995 |
if (!sa_stateok(sa, IKEV2_STATE_EAP)) |
||
996 |
sa_state(env, sa, IKEV2_STATE_AUTH_REQUEST); |
||
997 |
|||
998 |
idp = &msg->msg_parent->msg_auth; |
||
999 |
if (idp->id_type) { |
||
1000 |
log_debug("%s: duplicate auth payload", __func__); |
||
1001 |
return (-1); |
||
1002 |
} |
||
1003 |
|||
1004 |
ibuf_release(idp->id_buf); |
||
1005 |
idp->id_type = auth.auth_method; |
||
1006 |
idp->id_offset = 0; |
||
1007 |
if ((idp->id_buf = ibuf_new(buf, len)) == NULL) |
||
1008 |
return (-1); |
||
1009 |
|||
1010 |
return (0); |
||
1011 |
} |
||
1012 |
|||
1013 |
int |
||
1014 |
ikev2_validate_nonce(struct iked_message *msg, size_t offset, size_t left, |
||
1015 |
struct ikev2_payload *pld) |
||
1016 |
{ |
||
1017 |
size_t pld_length; |
||
1018 |
|||
1019 |
/* This will actually be caught by earlier checks. */ |
||
1020 |
178203788 |
pld_length = betoh16(pld->pld_length); |
|
1021 |
✗✓ | 89101894 |
if (pld_length < sizeof(*pld)) { |
1022 |
log_debug("%s: malformed payload: specified length smaller " |
||
1023 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1024 |
sizeof(*pld)); |
||
1025 |
return (-1); |
||
1026 |
} |
||
1027 |
|||
1028 |
89101894 |
return (0); |
|
1029 |
89101894 |
} |
|
1030 |
|||
1031 |
int |
||
1032 |
ikev2_pld_nonce(struct iked *env, struct ikev2_payload *pld, |
||
1033 |
struct iked_message *msg, size_t offset, size_t left) |
||
1034 |
{ |
||
1035 |
size_t len; |
||
1036 |
uint8_t *buf; |
||
1037 |
178203788 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
1038 |
|||
1039 |
✗✓ | 89101894 |
if (ikev2_validate_nonce(msg, offset, left, pld)) |
1040 |
return (-1); |
||
1041 |
|||
1042 |
89101894 |
buf = msgbuf + offset; |
|
1043 |
89101894 |
len = betoh16(pld->pld_length) - sizeof(*pld); |
|
1044 |
|||
1045 |
✓✓ | 89101894 |
if (len == 0) { |
1046 |
55356 |
log_debug("%s: malformed payload: no NONCE given", __func__); |
|
1047 |
55356 |
return (-1); |
|
1048 |
} |
||
1049 |
/* This will actually be caught by earlier checks. */ |
||
1050 |
✗✓ | 89046538 |
if (left < len) { |
1051 |
log_debug("%s: malformed payload: smaller than specified " |
||
1052 |
"(%zu < %zu)", __func__, left, len); |
||
1053 |
return (-1); |
||
1054 |
} |
||
1055 |
|||
1056 |
89046538 |
print_hex(buf, 0, len); |
|
1057 |
|||
1058 |
✗✓ | 89046538 |
if (ikev2_msg_frompeer(msg)) { |
1059 |
ibuf_release(msg->msg_nonce); |
||
1060 |
if ((msg->msg_nonce = ibuf_new(buf, len)) == NULL) { |
||
1061 |
log_debug("%s: failed to get peer nonce", __func__); |
||
1062 |
return (-1); |
||
1063 |
} |
||
1064 |
msg->msg_parent->msg_nonce = msg->msg_nonce; |
||
1065 |
} |
||
1066 |
|||
1067 |
89046538 |
return (0); |
|
1068 |
89101894 |
} |
|
1069 |
|||
1070 |
int |
||
1071 |
ikev2_validate_notify(struct iked_message *msg, size_t offset, size_t left, |
||
1072 |
struct ikev2_payload *pld, struct ikev2_notify *n) |
||
1073 |
{ |
||
1074 |
350329966 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
1075 |
size_t pld_length; |
||
1076 |
|||
1077 |
175164983 |
pld_length = betoh16(pld->pld_length); |
|
1078 |
✓✓ | 175164983 |
if (pld_length < sizeof(*pld) + sizeof(*n)) { |
1079 |
112 |
log_debug("%s: malformed payload: specified length smaller " |
|
1080 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1081 |
sizeof(*pld) + sizeof(*n)); |
||
1082 |
112 |
return (-1); |
|
1083 |
} |
||
1084 |
|||
1085 |
/* This will actually be caught by earlier checks. */ |
||
1086 |
✗✓ | 175164871 |
if (left < sizeof(*n)) { |
1087 |
log_debug("%s: malformed payload: too short for header " |
||
1088 |
"(%zu < %zu)", __func__, left, sizeof(*n)); |
||
1089 |
return (-1); |
||
1090 |
} |
||
1091 |
175164871 |
memcpy(n, msgbuf + offset, sizeof(*n)); |
|
1092 |
|||
1093 |
175164871 |
return (0); |
|
1094 |
175164983 |
} |
|
1095 |
|||
1096 |
int |
||
1097 |
ikev2_pld_notify(struct iked *env, struct ikev2_payload *pld, |
||
1098 |
struct iked_message *msg, size_t offset, size_t left) |
||
1099 |
{ |
||
1100 |
350329966 |
struct ikev2_notify n; |
|
1101 |
175164983 |
uint8_t *buf, md[SHA_DIGEST_LENGTH]; |
|
1102 |
size_t len; |
||
1103 |
175164983 |
uint32_t spi32; |
|
1104 |
175164983 |
uint64_t spi64; |
|
1105 |
struct iked_spi *rekey; |
||
1106 |
uint16_t type; |
||
1107 |
175164983 |
uint16_t group; |
|
1108 |
uint16_t cpi; |
||
1109 |
uint16_t signature_hash; |
||
1110 |
uint8_t transform; |
||
1111 |
|||
1112 |
✓✓ | 175164983 |
if (ikev2_validate_notify(msg, offset, left, pld, &n)) |
1113 |
112 |
return (-1); |
|
1114 |
175164871 |
type = betoh16(n.n_type); |
|
1115 |
|||
1116 |
175164871 |
log_debug("%s: protoid %s spisize %d type %s", |
|
1117 |
__func__, |
||
1118 |
175164871 |
print_map(n.n_protoid, ikev2_saproto_map), n.n_spisize, |
|
1119 |
175164871 |
print_map(type, ikev2_n_map)); |
|
1120 |
|||
1121 |
175164871 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(n); |
|
1122 |
✗✓ | 175164871 |
if ((buf = ibuf_seek(msg->msg_data, offset + sizeof(n), len)) == NULL) |
1123 |
return (-1); |
||
1124 |
|||
1125 |
175164871 |
print_hex(buf, 0, len); |
|
1126 |
|||
1127 |
✓✗ | 175164871 |
if (!ikev2_msg_frompeer(msg)) |
1128 |
175164871 |
return (0); |
|
1129 |
|||
1130 |
switch (type) { |
||
1131 |
case IKEV2_N_NAT_DETECTION_SOURCE_IP: |
||
1132 |
case IKEV2_N_NAT_DETECTION_DESTINATION_IP: |
||
1133 |
if (len != sizeof(md)) { |
||
1134 |
log_debug("%s: malformed payload: hash size mismatch" |
||
1135 |
" (%zu != %zu)", __func__, len, sizeof(md)); |
||
1136 |
return (-1); |
||
1137 |
} |
||
1138 |
if (ikev2_nat_detection(env, msg, md, sizeof(md), type) == -1) |
||
1139 |
return (-1); |
||
1140 |
if (memcmp(buf, md, len) != 0) { |
||
1141 |
log_debug("%s: %s detected NAT, enabling " |
||
1142 |
"UDP encapsulation", __func__, |
||
1143 |
print_map(type, ikev2_n_map)); |
||
1144 |
|||
1145 |
/* |
||
1146 |
* Enable UDP encapsulation of ESP packages if |
||
1147 |
* the check detected NAT. |
||
1148 |
*/ |
||
1149 |
if (msg->msg_sa != NULL) |
||
1150 |
msg->msg_sa->sa_udpencap = 1; |
||
1151 |
/* Send keepalive, since we are behind a NAT-gw */ |
||
1152 |
if (type == IKEV2_N_NAT_DETECTION_DESTINATION_IP) |
||
1153 |
msg->msg_sa->sa_usekeepalive = 1; |
||
1154 |
} |
||
1155 |
print_hex(md, 0, sizeof(md)); |
||
1156 |
break; |
||
1157 |
case IKEV2_N_AUTHENTICATION_FAILED: |
||
1158 |
if (!msg->msg_e) { |
||
1159 |
log_debug("%s: AUTHENTICATION_FAILED not encrypted", |
||
1160 |
__func__); |
||
1161 |
return (-1); |
||
1162 |
} |
||
1163 |
/* |
||
1164 |
* If we are the responder, then we only accept |
||
1165 |
* AUTHENTICATION_FAILED from authenticated peers. |
||
1166 |
* If we are the initiator, the peer cannot be authenticated. |
||
1167 |
*/ |
||
1168 |
if (!msg->msg_sa->sa_hdr.sh_initiator) { |
||
1169 |
if (!sa_stateok(msg->msg_sa, IKEV2_STATE_VALID)) { |
||
1170 |
log_debug("%s: ignoring AUTHENTICATION_FAILED" |
||
1171 |
" from unauthenticated initiator", |
||
1172 |
__func__); |
||
1173 |
return (-1); |
||
1174 |
} |
||
1175 |
} else { |
||
1176 |
if (sa_stateok(msg->msg_sa, IKEV2_STATE_VALID)) { |
||
1177 |
log_debug("%s: ignoring AUTHENTICATION_FAILED" |
||
1178 |
" from authenticated responder", |
||
1179 |
__func__); |
||
1180 |
return (-1); |
||
1181 |
} |
||
1182 |
} |
||
1183 |
log_debug("%s: AUTHENTICATION_FAILED, closing SA", __func__); |
||
1184 |
sa_state(env, msg->msg_sa, IKEV2_STATE_CLOSED); |
||
1185 |
msg->msg_sa = NULL; |
||
1186 |
break; |
||
1187 |
case IKEV2_N_INVALID_KE_PAYLOAD: |
||
1188 |
if (sa_stateok(msg->msg_sa, IKEV2_STATE_VALID) && |
||
1189 |
!msg->msg_e) { |
||
1190 |
log_debug("%s: INVALID_KE_PAYLOAD not encrypted", |
||
1191 |
__func__); |
||
1192 |
return (-1); |
||
1193 |
} |
||
1194 |
if (len != sizeof(group)) { |
||
1195 |
log_debug("%s: malformed payload: group size mismatch" |
||
1196 |
" (%zu != %zu)", __func__, len, sizeof(group)); |
||
1197 |
return (-1); |
||
1198 |
} |
||
1199 |
/* XXX chould also happen for PFS */ |
||
1200 |
if (!msg->msg_sa->sa_hdr.sh_initiator) { |
||
1201 |
log_debug("%s: not an initiator", __func__); |
||
1202 |
sa_state(env, msg->msg_sa, IKEV2_STATE_CLOSED); |
||
1203 |
msg->msg_sa = NULL; |
||
1204 |
return (-1); |
||
1205 |
} |
||
1206 |
memcpy(&group, buf, len); |
||
1207 |
group = betoh16(group); |
||
1208 |
if (group_getid(group) == NULL) { |
||
1209 |
log_debug("%s: unable to select DH group %u", __func__, |
||
1210 |
group); |
||
1211 |
return (-1); |
||
1212 |
} |
||
1213 |
msg->msg_policy->pol_peerdh = group; |
||
1214 |
log_debug("%s: responder selected DH group %u", __func__, |
||
1215 |
group); |
||
1216 |
sa_state(env, msg->msg_sa, IKEV2_STATE_CLOSED); |
||
1217 |
msg->msg_sa = NULL; |
||
1218 |
|||
1219 |
/* |
||
1220 |
* XXX should also happen for PFS so we have to check state. |
||
1221 |
*/ |
||
1222 |
timer_set(env, &env->sc_inittmr, ikev2_init_ike_sa, NULL); |
||
1223 |
timer_add(env, &env->sc_inittmr, IKED_INITIATOR_INITIAL); |
||
1224 |
break; |
||
1225 |
case IKEV2_N_NO_ADDITIONAL_SAS: |
||
1226 |
if (!msg->msg_e) { |
||
1227 |
log_debug("%s: NO_ADDITIONAL_SAS not encrypted", |
||
1228 |
__func__); |
||
1229 |
return (-1); |
||
1230 |
} |
||
1231 |
/* This makes sense for Child SAs only atm */ |
||
1232 |
if (msg->msg_sa->sa_stateflags & IKED_REQ_CHILDSA) { |
||
1233 |
ikev2_disable_rekeying(env, msg->msg_sa); |
||
1234 |
msg->msg_sa->sa_stateflags &= ~IKED_REQ_CHILDSA; |
||
1235 |
} |
||
1236 |
break; |
||
1237 |
case IKEV2_N_REKEY_SA: |
||
1238 |
if (!msg->msg_e) { |
||
1239 |
log_debug("%s: N_REKEY_SA not encrypted", __func__); |
||
1240 |
return (-1); |
||
1241 |
} |
||
1242 |
if (len != n.n_spisize) { |
||
1243 |
log_debug("%s: malformed notification", __func__); |
||
1244 |
return (-1); |
||
1245 |
} |
||
1246 |
rekey = &msg->msg_parent->msg_rekey; |
||
1247 |
if (rekey->spi != 0) { |
||
1248 |
log_debug("%s: rekeying of multiple SAs not supported", |
||
1249 |
__func__); |
||
1250 |
return (-1); |
||
1251 |
} |
||
1252 |
switch (n.n_spisize) { |
||
1253 |
case 4: |
||
1254 |
memcpy(&spi32, buf, len); |
||
1255 |
rekey->spi = betoh32(spi32); |
||
1256 |
break; |
||
1257 |
case 8: |
||
1258 |
memcpy(&spi64, buf, len); |
||
1259 |
rekey->spi = betoh64(spi64); |
||
1260 |
break; |
||
1261 |
default: |
||
1262 |
log_debug("%s: invalid spi size %d", __func__, |
||
1263 |
n.n_spisize); |
||
1264 |
return (-1); |
||
1265 |
} |
||
1266 |
rekey->spi_size = n.n_spisize; |
||
1267 |
rekey->spi_protoid = n.n_protoid; |
||
1268 |
|||
1269 |
log_debug("%s: rekey %s spi %s", __func__, |
||
1270 |
print_map(n.n_protoid, ikev2_saproto_map), |
||
1271 |
print_spi(rekey->spi, n.n_spisize)); |
||
1272 |
break; |
||
1273 |
case IKEV2_N_IPCOMP_SUPPORTED: |
||
1274 |
if (!msg->msg_e) { |
||
1275 |
log_debug("%s: N_IPCOMP_SUPPORTED not encrypted", |
||
1276 |
__func__); |
||
1277 |
return (-1); |
||
1278 |
} |
||
1279 |
if (len < sizeof(cpi) + sizeof(transform)) { |
||
1280 |
log_debug("%s: ignoring malformed ipcomp notification", |
||
1281 |
__func__); |
||
1282 |
return (0); |
||
1283 |
} |
||
1284 |
memcpy(&cpi, buf, sizeof(cpi)); |
||
1285 |
memcpy(&transform, buf + sizeof(cpi), sizeof(transform)); |
||
1286 |
log_debug("%s: cpi 0x%x, transform %s, len %zu", __func__, |
||
1287 |
betoh16(cpi), print_map(transform, ikev2_ipcomp_map), len); |
||
1288 |
/* we only support deflate */ |
||
1289 |
if ((msg->msg_policy->pol_flags & IKED_POLICY_IPCOMP) && |
||
1290 |
(transform == IKEV2_IPCOMP_DEFLATE)) { |
||
1291 |
msg->msg_sa->sa_ipcomp = transform; |
||
1292 |
msg->msg_sa->sa_cpi_out = betoh16(cpi); |
||
1293 |
} |
||
1294 |
break; |
||
1295 |
case IKEV2_N_COOKIE: |
||
1296 |
if (msg->msg_e) { |
||
1297 |
log_debug("%s: N_COOKIE encrypted", |
||
1298 |
__func__); |
||
1299 |
return (-1); |
||
1300 |
} |
||
1301 |
if (len < IKED_COOKIE_MIN || len > IKED_COOKIE_MAX) { |
||
1302 |
log_debug("%s: ignoring malformed cookie" |
||
1303 |
" notification: %zu", __func__, len); |
||
1304 |
return (0); |
||
1305 |
} |
||
1306 |
log_debug("%s: received cookie, len %zu", __func__, len); |
||
1307 |
print_hex(buf, 0, len); |
||
1308 |
|||
1309 |
ibuf_release(msg->msg_cookie); |
||
1310 |
if ((msg->msg_cookie = ibuf_new(buf, len)) == NULL) { |
||
1311 |
log_debug("%s: failed to get peer cookie", __func__); |
||
1312 |
return (-1); |
||
1313 |
} |
||
1314 |
msg->msg_parent->msg_cookie = msg->msg_cookie; |
||
1315 |
break; |
||
1316 |
case IKEV2_N_SIGNATURE_HASH_ALGORITHMS: |
||
1317 |
if (msg->msg_e) { |
||
1318 |
log_debug("%s: SIGNATURE_HASH_ALGORITHMS: encrypted", |
||
1319 |
__func__); |
||
1320 |
return (-1); |
||
1321 |
} |
||
1322 |
if (msg->msg_sa == NULL || |
||
1323 |
msg->msg_sa->sa_sigsha2) { |
||
1324 |
log_debug("%s: SIGNATURE_HASH_ALGORITHMS: no SA or " |
||
1325 |
"duplicate notify", __func__); |
||
1326 |
return (-1); |
||
1327 |
} |
||
1328 |
if (len < sizeof(signature_hash) || |
||
1329 |
len % sizeof(signature_hash)) { |
||
1330 |
log_debug("%s: malformed signature hash notification" |
||
1331 |
"(%zu bytes)", __func__, len); |
||
1332 |
return (0); |
||
1333 |
} |
||
1334 |
while (len >= sizeof(signature_hash)) { |
||
1335 |
memcpy(&signature_hash, buf, sizeof(signature_hash)); |
||
1336 |
signature_hash = betoh16(signature_hash); |
||
1337 |
log_debug("%s: signature hash %s (%x)", __func__, |
||
1338 |
print_map(signature_hash, ikev2_sighash_map), |
||
1339 |
signature_hash); |
||
1340 |
len -= sizeof(signature_hash); |
||
1341 |
buf += sizeof(signature_hash); |
||
1342 |
if (signature_hash == IKEV2_SIGHASH_SHA2_256) |
||
1343 |
msg->msg_sa->sa_sigsha2 = 1; |
||
1344 |
} |
||
1345 |
break; |
||
1346 |
} |
||
1347 |
|||
1348 |
return (0); |
||
1349 |
175164983 |
} |
|
1350 |
|||
1351 |
int |
||
1352 |
ikev2_validate_delete(struct iked_message *msg, size_t offset, size_t left, |
||
1353 |
struct ikev2_payload *pld, struct ikev2_delete *del) |
||
1354 |
{ |
||
1355 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1356 |
size_t pld_length; |
||
1357 |
|||
1358 |
pld_length = betoh16(pld->pld_length); |
||
1359 |
if (pld_length < sizeof(*pld) + sizeof(*del)) { |
||
1360 |
log_debug("%s: malformed payload: specified length smaller " |
||
1361 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1362 |
sizeof(*pld) + sizeof(*del)); |
||
1363 |
return (-1); |
||
1364 |
} |
||
1365 |
|||
1366 |
/* This will actually be caught by earlier checks. */ |
||
1367 |
if (left < sizeof(*del)) { |
||
1368 |
log_debug("%s: malformed payload: too short for header " |
||
1369 |
"(%zu < %zu)", __func__, left, sizeof(*del)); |
||
1370 |
return (-1); |
||
1371 |
} |
||
1372 |
memcpy(del, msgbuf + offset, sizeof(*del)); |
||
1373 |
|||
1374 |
return (0); |
||
1375 |
} |
||
1376 |
|||
1377 |
int |
||
1378 |
ikev2_pld_delete(struct iked *env, struct ikev2_payload *pld, |
||
1379 |
struct iked_message *msg, size_t offset, size_t left) |
||
1380 |
{ |
||
1381 |
struct iked_childsa **peersas = NULL; |
||
1382 |
struct iked_sa *sa = msg->msg_sa; |
||
1383 |
struct ikev2_delete del, *localdel; |
||
1384 |
struct ibuf *resp = NULL; |
||
1385 |
uint64_t *localspi = NULL; |
||
1386 |
uint64_t spi64, spi = 0; |
||
1387 |
uint32_t spi32; |
||
1388 |
uint8_t *buf, *msgbuf = ibuf_data(msg->msg_data); |
||
1389 |
size_t found = 0, failed = 0; |
||
1390 |
int cnt, i, len, sz, ret = -1; |
||
1391 |
|||
1392 |
/* Skip if it's a response, then we don't have to deal with it */ |
||
1393 |
if (ikev2_msg_frompeer(msg) && |
||
1394 |
msg->msg_parent->msg_response) |
||
1395 |
return (0); |
||
1396 |
|||
1397 |
if (ikev2_validate_delete(msg, offset, left, pld, &del)) |
||
1398 |
return (-1); |
||
1399 |
cnt = betoh16(del.del_nspi); |
||
1400 |
sz = del.del_spisize; |
||
1401 |
|||
1402 |
log_debug("%s: proto %s spisize %d nspi %d", |
||
1403 |
__func__, print_map(del.del_protoid, ikev2_saproto_map), |
||
1404 |
sz, cnt); |
||
1405 |
|||
1406 |
buf = msgbuf + offset + sizeof(del); |
||
1407 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(del); |
||
1408 |
|||
1409 |
print_hex(buf, 0, len); |
||
1410 |
|||
1411 |
switch (sz) { |
||
1412 |
case 4: |
||
1413 |
case 8: |
||
1414 |
break; |
||
1415 |
default: |
||
1416 |
if (del.del_protoid != IKEV2_SAPROTO_IKE) { |
||
1417 |
log_debug("%s: invalid SPI size", __func__); |
||
1418 |
return (-1); |
||
1419 |
} |
||
1420 |
if (ikev2_msg_frompeer(msg)) { |
||
1421 |
/* Send an empty informational response */ |
||
1422 |
if ((resp = ibuf_static()) == NULL) |
||
1423 |
goto done; |
||
1424 |
ret = ikev2_send_ike_e(env, sa, resp, |
||
1425 |
IKEV2_PAYLOAD_NONE, |
||
1426 |
IKEV2_EXCHANGE_INFORMATIONAL, 1); |
||
1427 |
msg->msg_parent->msg_responded = 1; |
||
1428 |
ibuf_release(resp); |
||
1429 |
ikev2_ikesa_recv_delete(env, sa); |
||
1430 |
} else { |
||
1431 |
/* |
||
1432 |
* We're sending a delete message. Upper layer |
||
1433 |
* must deal with deletion of the IKE SA. |
||
1434 |
*/ |
||
1435 |
ret = 0; |
||
1436 |
} |
||
1437 |
return (ret); |
||
1438 |
} |
||
1439 |
|||
1440 |
if ((len / sz) != cnt) { |
||
1441 |
log_debug("%s: invalid payload length %d/%d != %d", |
||
1442 |
__func__, len, sz, cnt); |
||
1443 |
return (-1); |
||
1444 |
} |
||
1445 |
|||
1446 |
if (ikev2_msg_frompeer(msg) && |
||
1447 |
((peersas = calloc(cnt, sizeof(struct iked_childsa *))) == NULL || |
||
1448 |
(localspi = calloc(cnt, sizeof(uint64_t))) == NULL)) { |
||
1449 |
log_warn("%s", __func__); |
||
1450 |
goto done; |
||
1451 |
} |
||
1452 |
|||
1453 |
for (i = 0; i < cnt; i++) { |
||
1454 |
switch (sz) { |
||
1455 |
case 4: |
||
1456 |
memcpy(&spi32, buf + (i * sz), sizeof(spi32)); |
||
1457 |
spi = betoh32(spi32); |
||
1458 |
break; |
||
1459 |
case 8: |
||
1460 |
memcpy(&spi64, buf + (i * sz), sizeof(spi64)); |
||
1461 |
spi = betoh64(spi64); |
||
1462 |
break; |
||
1463 |
} |
||
1464 |
|||
1465 |
log_debug("%s: spi %s", __func__, print_spi(spi, sz)); |
||
1466 |
|||
1467 |
if (peersas == NULL || sa == NULL) |
||
1468 |
continue; |
||
1469 |
|||
1470 |
if ((peersas[i] = childsa_lookup(sa, spi, |
||
1471 |
del.del_protoid)) == NULL) { |
||
1472 |
log_warnx("%s: CHILD SA doesn't exist for spi %s", |
||
1473 |
__func__, print_spi(spi, del.del_spisize)); |
||
1474 |
continue; |
||
1475 |
} |
||
1476 |
|||
1477 |
if (ikev2_childsa_delete(env, sa, del.del_protoid, spi, |
||
1478 |
&localspi[i], 0) == -1) |
||
1479 |
failed++; |
||
1480 |
else |
||
1481 |
found++; |
||
1482 |
|||
1483 |
/* |
||
1484 |
* Flows are left in the require mode so that it would be |
||
1485 |
* possible to quickly negotiate a new Child SA |
||
1486 |
*/ |
||
1487 |
} |
||
1488 |
|||
1489 |
/* Parsed outgoing message? */ |
||
1490 |
if (!ikev2_msg_frompeer(msg)) |
||
1491 |
goto done; |
||
1492 |
|||
1493 |
if (msg->msg_parent->msg_response) { |
||
1494 |
ret = 0; |
||
1495 |
goto done; |
||
1496 |
} |
||
1497 |
|||
1498 |
/* Response to the INFORMATIONAL with Delete payload */ |
||
1499 |
|||
1500 |
if ((resp = ibuf_static()) == NULL) |
||
1501 |
goto done; |
||
1502 |
|||
1503 |
if (found) { |
||
1504 |
if ((localdel = ibuf_advance(resp, sizeof(*localdel))) == NULL) |
||
1505 |
goto done; |
||
1506 |
|||
1507 |
localdel->del_protoid = del.del_protoid; |
||
1508 |
localdel->del_spisize = del.del_spisize; |
||
1509 |
localdel->del_nspi = htobe16(found); |
||
1510 |
|||
1511 |
for (i = 0; i < cnt; i++) { |
||
1512 |
if (localspi[i] == 0) /* happens if found < cnt */ |
||
1513 |
continue; |
||
1514 |
switch (sz) { |
||
1515 |
case 4: |
||
1516 |
spi32 = htobe32(localspi[i]); |
||
1517 |
if (ibuf_add(resp, &spi32, sizeof(spi32)) != 0) |
||
1518 |
goto done; |
||
1519 |
break; |
||
1520 |
case 8: |
||
1521 |
spi64 = htobe64(localspi[i]); |
||
1522 |
if (ibuf_add(resp, &spi64, sizeof(spi64)) != 0) |
||
1523 |
goto done; |
||
1524 |
break; |
||
1525 |
} |
||
1526 |
} |
||
1527 |
|||
1528 |
log_warnx("%s: deleted %zu spis", __func__, found); |
||
1529 |
} |
||
1530 |
|||
1531 |
if (found) { |
||
1532 |
ret = ikev2_send_ike_e(env, sa, resp, IKEV2_PAYLOAD_DELETE, |
||
1533 |
IKEV2_EXCHANGE_INFORMATIONAL, 1); |
||
1534 |
msg->msg_parent->msg_responded = 1; |
||
1535 |
} else { |
||
1536 |
/* XXX should we send an INVALID_SPI notification? */ |
||
1537 |
ret = 0; |
||
1538 |
} |
||
1539 |
|||
1540 |
done: |
||
1541 |
free(localspi); |
||
1542 |
free(peersas); |
||
1543 |
ibuf_release(resp); |
||
1544 |
return (ret); |
||
1545 |
} |
||
1546 |
|||
1547 |
int |
||
1548 |
ikev2_validate_ts(struct iked_message *msg, size_t offset, size_t left, |
||
1549 |
struct ikev2_payload *pld, struct ikev2_tsp *tsp) |
||
1550 |
{ |
||
1551 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1552 |
size_t pld_length; |
||
1553 |
|||
1554 |
pld_length = betoh16(pld->pld_length); |
||
1555 |
if (pld_length < sizeof(*pld) + sizeof(*tsp)) { |
||
1556 |
log_debug("%s: malformed payload: specified length smaller " |
||
1557 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1558 |
sizeof(*pld) + sizeof(*tsp)); |
||
1559 |
return (-1); |
||
1560 |
} |
||
1561 |
|||
1562 |
/* This will actually be caught by earlier checks. */ |
||
1563 |
if (left < sizeof(*tsp)) { |
||
1564 |
log_debug("%s: malformed payload: too short for header " |
||
1565 |
"(%zu < %zu)", __func__, left, sizeof(*tsp)); |
||
1566 |
return (-1); |
||
1567 |
} |
||
1568 |
memcpy(tsp, msgbuf + offset, sizeof(*tsp)); |
||
1569 |
|||
1570 |
return (0); |
||
1571 |
} |
||
1572 |
|||
1573 |
int |
||
1574 |
ikev2_pld_ts(struct iked *env, struct ikev2_payload *pld, |
||
1575 |
struct iked_message *msg, size_t offset, size_t left, unsigned int payload) |
||
1576 |
{ |
||
1577 |
struct ikev2_tsp tsp; |
||
1578 |
struct ikev2_ts ts; |
||
1579 |
size_t len, i; |
||
1580 |
struct sockaddr_in s4; |
||
1581 |
struct sockaddr_in6 s6; |
||
1582 |
uint8_t buf[2][128]; |
||
1583 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1584 |
|||
1585 |
if (ikev2_validate_ts(msg, offset, left, pld, &tsp)) |
||
1586 |
return (-1); |
||
1587 |
offset += sizeof(tsp); |
||
1588 |
|||
1589 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(tsp); |
||
1590 |
|||
1591 |
log_debug("%s: count %d length %zu", __func__, |
||
1592 |
tsp.tsp_count, len); |
||
1593 |
|||
1594 |
for (i = 0; i < tsp.tsp_count; i++) { |
||
1595 |
memcpy(&ts, msgbuf + offset, sizeof(ts)); |
||
1596 |
|||
1597 |
log_debug("%s: type %s protoid %u length %d " |
||
1598 |
"startport %u endport %u", __func__, |
||
1599 |
print_map(ts.ts_type, ikev2_ts_map), |
||
1600 |
ts.ts_protoid, betoh16(ts.ts_length), |
||
1601 |
betoh16(ts.ts_startport), |
||
1602 |
betoh16(ts.ts_endport)); |
||
1603 |
|||
1604 |
switch (ts.ts_type) { |
||
1605 |
case IKEV2_TS_IPV4_ADDR_RANGE: |
||
1606 |
bzero(&s4, sizeof(s4)); |
||
1607 |
s4.sin_family = AF_INET; |
||
1608 |
s4.sin_len = sizeof(s4); |
||
1609 |
memcpy(&s4.sin_addr.s_addr, |
||
1610 |
msgbuf + offset + sizeof(ts), 4); |
||
1611 |
print_host((struct sockaddr *)&s4, |
||
1612 |
(char *)buf[0], sizeof(buf[0])); |
||
1613 |
memcpy(&s4.sin_addr.s_addr, |
||
1614 |
msgbuf + offset + sizeof(ts) + 4, 4); |
||
1615 |
print_host((struct sockaddr *)&s4, |
||
1616 |
(char *)buf[1], sizeof(buf[1])); |
||
1617 |
log_debug("%s: start %s end %s", __func__, |
||
1618 |
buf[0], buf[1]); |
||
1619 |
break; |
||
1620 |
case IKEV2_TS_IPV6_ADDR_RANGE: |
||
1621 |
bzero(&s6, sizeof(s6)); |
||
1622 |
s6.sin6_family = AF_INET6; |
||
1623 |
s6.sin6_len = sizeof(s6); |
||
1624 |
memcpy(&s6.sin6_addr, |
||
1625 |
msgbuf + offset + sizeof(ts), 16); |
||
1626 |
print_host((struct sockaddr *)&s6, |
||
1627 |
(char *)buf[0], sizeof(buf[0])); |
||
1628 |
memcpy(&s6.sin6_addr, |
||
1629 |
msgbuf + offset + sizeof(ts) + 16, 16); |
||
1630 |
print_host((struct sockaddr *)&s6, |
||
1631 |
(char *)buf[1], sizeof(buf[1])); |
||
1632 |
log_debug("%s: start %s end %s", __func__, |
||
1633 |
buf[0], buf[1]); |
||
1634 |
break; |
||
1635 |
default: |
||
1636 |
break; |
||
1637 |
} |
||
1638 |
|||
1639 |
offset += betoh16(ts.ts_length); |
||
1640 |
} |
||
1641 |
|||
1642 |
return (0); |
||
1643 |
} |
||
1644 |
|||
1645 |
int |
||
1646 |
ikev2_pld_e(struct iked *env, struct ikev2_payload *pld, |
||
1647 |
struct iked_message *msg, size_t offset) |
||
1648 |
{ |
||
1649 |
95676 |
struct iked_sa *sa = msg->msg_sa; |
|
1650 |
struct ibuf *e = NULL; |
||
1651 |
47838 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
|
1652 |
47838 |
struct iked_message emsg; |
|
1653 |
uint8_t *buf; |
||
1654 |
size_t len; |
||
1655 |
int ret = -1; |
||
1656 |
|||
1657 |
47838 |
buf = msgbuf + offset; |
|
1658 |
47838 |
len = betoh16(pld->pld_length) - sizeof(*pld); |
|
1659 |
|||
1660 |
✓✗ | 47838 |
if ((e = ibuf_new(buf, len)) == NULL) |
1661 |
goto done; |
||
1662 |
|||
1663 |
✗✓ | 47838 |
if (ikev2_msg_frompeer(msg)) { |
1664 |
e = ikev2_msg_decrypt(env, msg->msg_sa, msg->msg_data, e); |
||
1665 |
} else { |
||
1666 |
47838 |
sa->sa_hdr.sh_initiator = sa->sa_hdr.sh_initiator ? 0 : 1; |
|
1667 |
47838 |
e = ikev2_msg_decrypt(env, msg->msg_sa, msg->msg_data, e); |
|
1668 |
47838 |
sa->sa_hdr.sh_initiator = sa->sa_hdr.sh_initiator ? 0 : 1; |
|
1669 |
} |
||
1670 |
|||
1671 |
✗✓ | 47838 |
if (e == NULL) |
1672 |
goto done; |
||
1673 |
|||
1674 |
/* |
||
1675 |
* Parse decrypted payload |
||
1676 |
*/ |
||
1677 |
bzero(&emsg, sizeof(emsg)); |
||
1678 |
memcpy(&emsg, msg, sizeof(*msg)); |
||
1679 |
emsg.msg_data = e; |
||
1680 |
emsg.msg_e = 1; |
||
1681 |
emsg.msg_parent = msg; |
||
1682 |
TAILQ_INIT(&emsg.msg_proposals); |
||
1683 |
|||
1684 |
ret = ikev2_pld_payloads(env, &emsg, 0, ibuf_size(e), |
||
1685 |
pld->pld_nextpayload); |
||
1686 |
|||
1687 |
done: |
||
1688 |
47838 |
ibuf_release(e); |
|
1689 |
|||
1690 |
47838 |
return (ret); |
|
1691 |
47838 |
} |
|
1692 |
|||
1693 |
int |
||
1694 |
ikev2_validate_cp(struct iked_message *msg, size_t offset, size_t left, |
||
1695 |
struct ikev2_payload *pld, struct ikev2_cp *cp) |
||
1696 |
{ |
||
1697 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1698 |
size_t pld_length; |
||
1699 |
|||
1700 |
pld_length = betoh16(pld->pld_length); |
||
1701 |
if (pld_length < sizeof(*pld) + sizeof(*cp)) { |
||
1702 |
log_debug("%s: malformed payload: specified length smaller " |
||
1703 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1704 |
sizeof(*pld) + sizeof(*cp)); |
||
1705 |
return (-1); |
||
1706 |
} |
||
1707 |
|||
1708 |
/* This will actually be caught by earlier checks. */ |
||
1709 |
if (left < sizeof(*cp)) { |
||
1710 |
log_debug("%s: malformed payload: too short for header " |
||
1711 |
"(%zu < %zu)", __func__, left, sizeof(*cp)); |
||
1712 |
return (-1); |
||
1713 |
} |
||
1714 |
memcpy(cp, msgbuf + offset, sizeof(*cp)); |
||
1715 |
|||
1716 |
return (0); |
||
1717 |
} |
||
1718 |
|||
1719 |
int |
||
1720 |
ikev2_pld_cp(struct iked *env, struct ikev2_payload *pld, |
||
1721 |
struct iked_message *msg, size_t offset, size_t left) |
||
1722 |
{ |
||
1723 |
struct ikev2_cp cp; |
||
1724 |
struct ikev2_cfg *cfg; |
||
1725 |
uint8_t *buf; |
||
1726 |
size_t len, i; |
||
1727 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1728 |
struct iked_sa *sa = msg->msg_sa; |
||
1729 |
|||
1730 |
if (ikev2_validate_cp(msg, offset, left, pld, &cp)) |
||
1731 |
return (-1); |
||
1732 |
offset += sizeof(cp); |
||
1733 |
|||
1734 |
buf = msgbuf + offset; |
||
1735 |
len = betoh16(pld->pld_length) - sizeof(*pld) - sizeof(cp); |
||
1736 |
|||
1737 |
log_debug("%s: type %s length %zu", |
||
1738 |
__func__, print_map(cp.cp_type, ikev2_cp_map), len); |
||
1739 |
print_hex(buf, 0, len); |
||
1740 |
|||
1741 |
for (i = 0; i < len;) { |
||
1742 |
cfg = (struct ikev2_cfg *)(buf + i); |
||
1743 |
|||
1744 |
log_debug("%s: %s 0x%04x length %d", __func__, |
||
1745 |
print_map(betoh16(cfg->cfg_type), ikev2_cfg_map), |
||
1746 |
betoh16(cfg->cfg_type), |
||
1747 |
betoh16(cfg->cfg_length)); |
||
1748 |
|||
1749 |
i += betoh16(cfg->cfg_length) + sizeof(*cfg); |
||
1750 |
} |
||
1751 |
|||
1752 |
if (!ikev2_msg_frompeer(msg)) |
||
1753 |
return (0); |
||
1754 |
|||
1755 |
if (sa) |
||
1756 |
sa->sa_cp = cp.cp_type; |
||
1757 |
|||
1758 |
return (0); |
||
1759 |
} |
||
1760 |
|||
1761 |
int |
||
1762 |
ikev2_validate_eap(struct iked_message *msg, size_t offset, size_t left, |
||
1763 |
struct ikev2_payload *pld, struct eap_header *hdr) |
||
1764 |
{ |
||
1765 |
uint8_t *msgbuf = ibuf_data(msg->msg_data); |
||
1766 |
size_t pld_length; |
||
1767 |
|||
1768 |
pld_length = betoh16(pld->pld_length); |
||
1769 |
if (pld_length < sizeof(*pld) + sizeof(*hdr)) { |
||
1770 |
log_debug("%s: malformed payload: specified length smaller " |
||
1771 |
"than minimum size (%zu < %zu)", __func__, pld_length, |
||
1772 |
sizeof(*pld) + sizeof(*hdr)); |
||
1773 |
return (-1); |
||
1774 |
} |
||
1775 |
|||
1776 |
/* This will actually be caught by earlier checks. */ |
||
1777 |
if (left < sizeof(*hdr)) { |
||
1778 |
log_debug("%s: malformed payload: too short for header " |
||
1779 |
"(%zu < %zu)", __func__, left, sizeof(*hdr)); |
||
1780 |
return (-1); |
||
1781 |
} |
||
1782 |
memcpy(hdr, msgbuf + offset, sizeof(*hdr)); |
||
1783 |
|||
1784 |
return (0); |
||
1785 |
} |
||
1786 |
|||
1787 |
int |
||
1788 |
ikev2_pld_eap(struct iked *env, struct ikev2_payload *pld, |
||
1789 |
struct iked_message *msg, size_t offset, size_t left) |
||
1790 |
{ |
||
1791 |
struct eap_header hdr; |
||
1792 |
struct eap_message *eap = NULL; |
||
1793 |
struct iked_sa *sa = msg->msg_sa; |
||
1794 |
size_t len; |
||
1795 |
|||
1796 |
if (ikev2_validate_eap(msg, offset, left, pld, &hdr)) |
||
1797 |
return (-1); |
||
1798 |
len = betoh16(hdr.eap_length); |
||
1799 |
|||
1800 |
if (len < sizeof(*eap)) { |
||
1801 |
log_info("%s: %s id %d length %d", __func__, |
||
1802 |
print_map(hdr.eap_code, eap_code_map), |
||
1803 |
hdr.eap_id, betoh16(hdr.eap_length)); |
||
1804 |
} else { |
||
1805 |
/* Now try to get the indicated length */ |
||
1806 |
if ((eap = ibuf_seek(msg->msg_data, offset, len)) == NULL) { |
||
1807 |
log_debug("%s: invalid EAP length", __func__); |
||
1808 |
return (-1); |
||
1809 |
} |
||
1810 |
|||
1811 |
log_info("%s: %s id %d length %d EAP-%s", __func__, |
||
1812 |
print_map(eap->eap_code, eap_code_map), |
||
1813 |
eap->eap_id, betoh16(eap->eap_length), |
||
1814 |
print_map(eap->eap_type, eap_type_map)); |
||
1815 |
|||
1816 |
if (eap_parse(env, sa, eap, msg->msg_response) == -1) |
||
1817 |
return (-1); |
||
1818 |
} |
||
1819 |
|||
1820 |
return (0); |
||
1821 |
} |
Generated by: GCOVR (Version 3.3) |