2005-11-14 10:14:22 +00:00
|
|
|
/*
|
2010-10-28 12:21:02 +00:00
|
|
|
* Copyright (C) 2005-2010 Martin Willi
|
2006-07-07 08:49:06 +00:00
|
|
|
* Copyright (C) 2005 Jan Hutter
|
2005-11-14 10:14:22 +00:00
|
|
|
* Hochschule fuer Technik Rapperswil
|
|
|
|
*
|
|
|
|
* This program is free software; you can redistribute it and/or modify it
|
|
|
|
* under the terms of the GNU General Public License as published by the
|
|
|
|
* Free Software Foundation; either version 2 of the License, or (at your
|
|
|
|
* option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful, but
|
|
|
|
* WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
|
|
|
|
* or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
|
|
|
|
* for more details.
|
|
|
|
*/
|
2006-04-10 08:07:38 +00:00
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
#include <stddef.h>
|
|
|
|
|
|
|
|
#include "sa_payload.h"
|
|
|
|
|
2005-11-23 09:57:18 +00:00
|
|
|
#include <encoding/payloads/encodings.h>
|
2005-11-23 09:08:45 +00:00
|
|
|
#include <utils/linked_list.h>
|
2006-10-18 11:46:13 +00:00
|
|
|
#include <daemon.h>
|
2005-11-14 10:14:22 +00:00
|
|
|
|
|
|
|
|
2005-11-24 09:17:51 +00:00
|
|
|
typedef struct private_sa_payload_t private_sa_payload_t;
|
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Private data of an sa_payload_t object.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
2005-11-24 09:17:51 +00:00
|
|
|
struct private_sa_payload_t {
|
2010-10-28 12:21:02 +00:00
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Public sa_payload_t interface.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
sa_payload_t public;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Next payload type.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
u_int8_t next_payload;
|
|
|
|
|
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Critical flag.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
bool critical;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Length of this payload.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
u_int16_t payload_length;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/**
|
2005-11-28 18:24:10 +00:00
|
|
|
* Proposals in this payload are stored in a linked_list_t.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
linked_list_t * proposals;
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
2005-11-15 14:59:47 +00:00
|
|
|
* Encoding rules to parse or generate a IKEv2-SA Payload
|
2009-09-04 11:46:09 +00:00
|
|
|
*
|
|
|
|
* The defined offsets are the positions in a object of type
|
2005-11-14 10:14:22 +00:00
|
|
|
* private_sa_payload_t.
|
|
|
|
*/
|
|
|
|
encoding_rule_t sa_payload_encodings[] = {
|
2009-09-04 13:02:11 +00:00
|
|
|
/* 1 Byte next payload type, stored in the field next_payload */
|
2010-10-28 12:21:02 +00:00
|
|
|
{ U_INT_8, offsetof(private_sa_payload_t, next_payload) },
|
2005-11-14 10:14:22 +00:00
|
|
|
/* the critical bit */
|
2010-10-28 12:21:02 +00:00
|
|
|
{ FLAG, offsetof(private_sa_payload_t, critical) },
|
2009-09-04 13:02:11 +00:00
|
|
|
/* 7 Bit reserved bits, nowhere stored */
|
2010-10-28 12:21:02 +00:00
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
|
|
|
{ RESERVED_BIT, 0 },
|
2005-11-14 10:14:22 +00:00
|
|
|
/* Length of the whole SA payload*/
|
2010-10-28 12:21:02 +00:00
|
|
|
{ PAYLOAD_LENGTH, offsetof(private_sa_payload_t, payload_length) },
|
2009-09-04 11:46:09 +00:00
|
|
|
/* Proposals are stored in a proposal substructure,
|
2005-11-14 10:14:22 +00:00
|
|
|
offset points to a linked_list_t pointer */
|
2010-10-28 12:21:02 +00:00
|
|
|
{ PROPOSALS, offsetof(private_sa_payload_t, proposals) },
|
2005-11-14 10:14:22 +00:00
|
|
|
};
|
|
|
|
|
2005-11-17 12:49:35 +00:00
|
|
|
/*
|
|
|
|
1 2 3
|
|
|
|
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
|
|
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
! Next Payload !C! RESERVED ! Payload Length !
|
|
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
! !
|
|
|
|
~ <Proposals> ~
|
|
|
|
! !
|
|
|
|
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
|
|
*/
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, verify, status_t,
|
|
|
|
private_sa_payload_t *this)
|
2005-11-17 12:49:35 +00:00
|
|
|
{
|
2006-06-15 11:09:11 +00:00
|
|
|
int expected_number = 1, current_number;
|
2005-11-29 12:23:40 +00:00
|
|
|
status_t status = SUCCESS;
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator_t *enumerator;
|
|
|
|
proposal_substructure_t *substruct;
|
2005-11-17 12:49:35 +00:00
|
|
|
bool first = TRUE;
|
|
|
|
|
2006-10-24 14:20:45 +00:00
|
|
|
/* check proposal numbering */
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator = this->proposals->create_enumerator(this->proposals);
|
|
|
|
while (enumerator->enumerate(enumerator, (void**)&substruct))
|
2005-11-17 12:49:35 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
current_number = substruct->get_proposal_number(substruct);
|
2007-03-05 22:02:14 +00:00
|
|
|
if (current_number < expected_number)
|
2009-09-04 11:46:09 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
if (current_number != expected_number + 1)
|
2005-11-17 12:49:35 +00:00
|
|
|
{
|
2007-09-27 10:36:03 +00:00
|
|
|
DBG1(DBG_ENC, "proposal number is %d, expected %d or %d",
|
2006-10-18 11:46:13 +00:00
|
|
|
current_number, expected_number, expected_number + 1);
|
2005-11-17 12:49:35 +00:00
|
|
|
status = FAILED;
|
|
|
|
break;
|
|
|
|
}
|
|
|
|
}
|
2006-06-15 11:09:11 +00:00
|
|
|
else if (current_number < expected_number)
|
2005-11-17 12:49:35 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
DBG1(DBG_ENC, "proposal number smaller than previous");
|
2005-11-17 12:49:35 +00:00
|
|
|
status = FAILED;
|
|
|
|
break;
|
|
|
|
}
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
status = substruct->payload_interface.verify(&substruct->payload_interface);
|
2005-11-29 12:23:40 +00:00
|
|
|
if (status != SUCCESS)
|
|
|
|
{
|
2006-10-26 09:46:56 +00:00
|
|
|
DBG1(DBG_ENC, "PROPOSAL_SUBSTRUCTURE verification failed");
|
2005-11-29 12:23:40 +00:00
|
|
|
break;
|
|
|
|
}
|
2005-11-17 12:49:35 +00:00
|
|
|
first = FALSE;
|
2006-06-15 11:09:11 +00:00
|
|
|
expected_number = current_number;
|
2005-11-17 12:49:35 +00:00
|
|
|
}
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator->destroy(enumerator);
|
2005-11-17 12:49:35 +00:00
|
|
|
return status;
|
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, get_encoding_rules, void,
|
|
|
|
private_sa_payload_t *this, encoding_rule_t **rules, size_t *rule_count)
|
2005-11-14 10:14:22 +00:00
|
|
|
{
|
|
|
|
*rules = sa_payload_encodings;
|
2010-10-28 12:21:02 +00:00
|
|
|
*rule_count = countof(sa_payload_encodings);
|
2005-11-14 10:14:22 +00:00
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, get_type, payload_type_t,
|
|
|
|
private_sa_payload_t *this)
|
2005-11-14 10:14:22 +00:00
|
|
|
{
|
|
|
|
return SECURITY_ASSOCIATION;
|
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, get_next_type, payload_type_t,
|
|
|
|
private_sa_payload_t *this)
|
2005-11-14 10:14:22 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
return this->next_payload;
|
2005-11-14 10:14:22 +00:00
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, set_next_type, void,
|
|
|
|
private_sa_payload_t *this,payload_type_t type)
|
2005-11-15 09:14:45 +00:00
|
|
|
{
|
|
|
|
this->next_payload = type;
|
|
|
|
}
|
|
|
|
|
2006-10-18 11:46:13 +00:00
|
|
|
/**
|
|
|
|
* recompute length of the payload.
|
|
|
|
*/
|
2010-10-28 12:21:02 +00:00
|
|
|
static void compute_length(private_sa_payload_t *this)
|
2006-10-18 11:46:13 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator_t *enumerator;
|
|
|
|
payload_t *current;
|
2006-10-18 11:46:13 +00:00
|
|
|
size_t length = SA_PAYLOAD_HEADER_LENGTH;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator = this->proposals->create_enumerator(this->proposals);
|
|
|
|
while (enumerator->enumerate(enumerator, (void **)¤t))
|
2006-10-18 11:46:13 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
length += current->get_length(current);
|
2006-10-18 11:46:13 +00:00
|
|
|
}
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator->destroy(enumerator);
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2006-10-18 11:46:13 +00:00
|
|
|
this->payload_length = length;
|
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(payload_t, get_length, size_t,
|
|
|
|
private_sa_payload_t *this)
|
2005-11-14 10:14:22 +00:00
|
|
|
{
|
|
|
|
return this->payload_length;
|
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(sa_payload_t, add_proposal, void,
|
|
|
|
private_sa_payload_t *this, proposal_t *proposal)
|
2005-11-14 12:04:06 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
proposal_substructure_t *substruct, *last;
|
|
|
|
u_int count;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
count = this->proposals->get_count(this->proposals);
|
|
|
|
substruct = proposal_substructure_create_from_proposal(proposal);
|
|
|
|
if (count > 0)
|
2005-12-01 08:48:57 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
this->proposals->get_last(this->proposals, (void**)&last);
|
2005-12-01 08:48:57 +00:00
|
|
|
/* last transform is now not anymore last one */
|
2010-10-28 12:21:02 +00:00
|
|
|
last->set_is_last_proposal(last, FALSE);
|
2005-12-01 08:48:57 +00:00
|
|
|
}
|
2010-10-28 12:21:02 +00:00
|
|
|
substruct->set_is_last_proposal(substruct, TRUE);
|
2010-10-28 12:40:54 +00:00
|
|
|
if (proposal->get_number(proposal))
|
|
|
|
{ /* use the selected proposals number, if any */
|
|
|
|
substruct->set_proposal_number(substruct, proposal->get_number(proposal));
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
substruct->set_proposal_number(substruct, count + 1);
|
|
|
|
}
|
|
|
|
this->proposals->insert_last(this->proposals, substruct);
|
2006-10-18 11:46:13 +00:00
|
|
|
compute_length(this);
|
2005-11-15 09:14:45 +00:00
|
|
|
}
|
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
METHOD(sa_payload_t, get_proposals, linked_list_t*,
|
|
|
|
private_sa_payload_t *this)
|
2005-12-01 12:18:20 +00:00
|
|
|
{
|
2006-06-07 13:26:23 +00:00
|
|
|
int struct_number = 0;
|
|
|
|
int ignore_struct_number = 0;
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator_t *enumerator;
|
|
|
|
proposal_substructure_t *substruct;
|
|
|
|
linked_list_t *list;
|
|
|
|
proposal_t *proposal;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
list = linked_list_create();
|
2006-06-07 13:26:23 +00:00
|
|
|
/* we do not support proposals split up to two proposal substructures, as
|
|
|
|
* AH+ESP bundles are not supported in RFC4301 anymore.
|
|
|
|
* To handle such structures safely, we just skip proposals with multiple
|
|
|
|
* protocols.
|
|
|
|
*/
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator = this->proposals->create_enumerator(this->proposals);
|
|
|
|
while (enumerator->enumerate(enumerator, &substruct))
|
2005-12-01 12:18:20 +00:00
|
|
|
{
|
2006-06-07 13:26:23 +00:00
|
|
|
/* check if a proposal has a single protocol */
|
2010-10-28 12:21:02 +00:00
|
|
|
if (substruct->get_proposal_number(substruct) == struct_number)
|
2006-06-07 13:26:23 +00:00
|
|
|
{
|
|
|
|
if (ignore_struct_number < struct_number)
|
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
/* remove an already added, if first of series */
|
|
|
|
list->remove_last(list, (void**)&proposal);
|
2006-06-07 13:26:23 +00:00
|
|
|
proposal->destroy(proposal);
|
|
|
|
ignore_struct_number = struct_number;
|
|
|
|
}
|
|
|
|
continue;
|
|
|
|
}
|
|
|
|
struct_number++;
|
2010-10-28 12:21:02 +00:00
|
|
|
proposal = substruct->get_proposal(substruct);
|
2006-06-07 13:26:23 +00:00
|
|
|
if (proposal)
|
2005-12-01 12:18:20 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
list->insert_last(list, proposal);
|
2005-12-01 12:18:20 +00:00
|
|
|
}
|
|
|
|
}
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator->destroy(enumerator);
|
|
|
|
return list;
|
|
|
|
}
|
|
|
|
|
|
|
|
METHOD2(payload_t, sa_payload_t, destroy, void,
|
|
|
|
private_sa_payload_t *this)
|
|
|
|
{
|
|
|
|
this->proposals->destroy_offset(this->proposals,
|
|
|
|
offsetof(proposal_substructure_t, destroy));
|
|
|
|
free(this);
|
2005-12-01 12:18:20 +00:00
|
|
|
}
|
|
|
|
|
2005-11-14 10:14:22 +00:00
|
|
|
/*
|
2005-11-28 18:24:10 +00:00
|
|
|
* Described in header.
|
2005-11-14 10:14:22 +00:00
|
|
|
*/
|
|
|
|
sa_payload_t *sa_payload_create()
|
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
private_sa_payload_t *this;
|
|
|
|
|
|
|
|
INIT(this,
|
|
|
|
.public = {
|
|
|
|
.payload_interface = {
|
|
|
|
.verify = _verify,
|
|
|
|
.get_encoding_rules = _get_encoding_rules,
|
|
|
|
.get_length = _get_length,
|
|
|
|
.get_next_type = _get_next_type,
|
|
|
|
.set_next_type = _set_next_type,
|
|
|
|
.get_type = _get_type,
|
|
|
|
.destroy = _destroy,
|
|
|
|
},
|
|
|
|
.add_proposal = _add_proposal,
|
|
|
|
.get_proposals = _get_proposals,
|
|
|
|
.destroy = _destroy,
|
|
|
|
},
|
|
|
|
.next_payload = NO_PAYLOAD,
|
|
|
|
.payload_length = SA_PAYLOAD_HEADER_LENGTH,
|
|
|
|
.proposals = linked_list_create(),
|
|
|
|
);
|
2006-06-07 13:26:23 +00:00
|
|
|
return &this->public;
|
2005-11-14 10:14:22 +00:00
|
|
|
}
|
|
|
|
|
2005-12-01 08:48:57 +00:00
|
|
|
/*
|
|
|
|
* Described in header.
|
|
|
|
*/
|
2006-02-14 14:52:00 +00:00
|
|
|
sa_payload_t *sa_payload_create_from_proposal_list(linked_list_t *proposals)
|
2006-02-08 15:25:34 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
private_sa_payload_t *this;
|
|
|
|
enumerator_t *enumerator;
|
2006-02-14 14:52:00 +00:00
|
|
|
proposal_t *proposal;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
this = (private_sa_payload_t*)sa_payload_create();
|
|
|
|
enumerator = proposals->create_enumerator(proposals);
|
|
|
|
while (enumerator->enumerate(enumerator, &proposal))
|
2005-12-01 12:18:20 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
add_proposal(this, proposal);
|
2005-12-01 12:18:20 +00:00
|
|
|
}
|
2010-10-28 12:21:02 +00:00
|
|
|
enumerator->destroy(enumerator);
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
return &this->public;
|
2005-12-01 12:18:20 +00:00
|
|
|
}
|
2006-02-09 10:16:20 +00:00
|
|
|
|
|
|
|
/*
|
|
|
|
* Described in header.
|
|
|
|
*/
|
2006-02-14 14:52:00 +00:00
|
|
|
sa_payload_t *sa_payload_create_from_proposal(proposal_t *proposal)
|
2006-02-09 10:16:20 +00:00
|
|
|
{
|
2010-10-28 12:21:02 +00:00
|
|
|
private_sa_payload_t *this;
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
this = (private_sa_payload_t*)sa_payload_create();
|
|
|
|
add_proposal(this, proposal);
|
2009-09-04 11:46:09 +00:00
|
|
|
|
2010-10-28 12:21:02 +00:00
|
|
|
return &this->public;
|
2006-02-09 10:16:20 +00:00
|
|
|
}
|