]> git.saurik.com Git - apple/ipsec.git/blob - ipsec-tools/racoon/isakmp_frag.c
ipsec-34.0.3.tar.gz
[apple/ipsec.git] / ipsec-tools / racoon / isakmp_frag.c
1 /* $Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp $ */
2
3 /*
4 * Copyright (C) 2004 Emmanuel Dreyfus
5 * All rights reserved.
6 *
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
9 * are met:
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
15 * 3. Neither the name of the project nor the names of its contributors
16 * may be used to endorse or promote products derived from this software
17 * without specific prior written permission.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include "config.h"
33
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/socket.h>
37 #include <sys/queue.h>
38
39 #include <netinet/in.h>
40 #include <arpa/inet.h>
41
42 #include <openssl/md5.h>
43
44 #include <stdlib.h>
45 #include <stdio.h>
46 #include <fcntl.h>
47 #include <string.h>
48 #include <errno.h>
49 #if TIME_WITH_SYS_TIME
50 # include <sys/time.h>
51 # include <time.h>
52 #else
53 # if HAVE_SYS_TIME_H
54 # include <sys/time.h>
55 # else
56 # include <time.h>
57 # endif
58 #endif
59 #include <netdb.h>
60 #ifdef HAVE_UNISTD_H
61 #include <unistd.h>
62 #endif
63 #include <ctype.h>
64
65 #include "var.h"
66 #include "misc.h"
67 #include "vmbuf.h"
68 #include "plog.h"
69 #include "sockmisc.h"
70 #include "schedule.h"
71 #include "debug.h"
72
73 #include "isakmp_var.h"
74 #include "isakmp.h"
75 #include "handler.h"
76 #include "isakmp_frag.h"
77 #include "strnames.h"
78
79 int
80 isakmp_sendfrags(iph1, buf)
81 struct ph1handle *iph1;
82 vchar_t *buf;
83 {
84 struct isakmp *hdr;
85 struct isakmp_frag *fraghdr;
86 caddr_t data;
87 caddr_t sdata;
88 size_t datalen;
89 size_t max_datalen;
90 size_t fraglen;
91 vchar_t *frag;
92 unsigned int trailer;
93 unsigned int fragnum = 0;
94 size_t len;
95 int etype;
96
97 /*
98 * Catch the exchange type for later: the fragments and the
99 * fragmented packet must have the same exchange type.
100 */
101 hdr = (struct isakmp *)buf->v;
102 etype = hdr->etype;
103
104 /*
105 * We want to send a a packet smaller than ISAKMP_FRAG_MAXLEN
106 * First compute the maximum data length that will fit in it
107 */
108 max_datalen = ISAKMP_FRAG_MAXLEN -
109 (sizeof(*hdr) + sizeof(*fraghdr) + sizeof(trailer));
110
111 sdata = buf->v;
112 len = buf->l;
113
114 while (len > 0) {
115 fragnum++;
116
117 if (len > max_datalen)
118 datalen = max_datalen;
119 else
120 datalen = len;
121
122 fraglen = sizeof(*hdr)
123 + sizeof(*fraghdr)
124 + datalen;
125
126 if ((frag = vmalloc(fraglen)) == NULL) {
127 plog(LLV_ERROR, LOCATION, NULL,
128 "Cannot allocate memory\n");
129 return -1;
130 }
131
132 set_isakmp_header1(frag, iph1, ISAKMP_NPTYPE_FRAG);
133 hdr = (struct isakmp *)frag->v;
134 hdr->etype = etype;
135
136 fraghdr = (struct isakmp_frag *)(hdr + 1);
137 fraghdr->unknown0 = htons(0);
138 fraghdr->len = htons(fraglen - sizeof(*hdr));
139 fraghdr->unknown1 = htons(1);
140 fraghdr->index = fragnum;
141 if (len == datalen)
142 fraghdr->flags = ISAKMP_FRAG_LAST;
143 else
144 fraghdr->flags = 0;
145
146 data = (caddr_t)(fraghdr + 1);
147 memcpy(data, sdata, datalen);
148
149 if (isakmp_send(iph1, frag) < 0) {
150 plog(LLV_ERROR, LOCATION, NULL, "isakmp_send failed\n");
151 return -1;
152 }
153
154 vfree(frag);
155
156 len -= datalen;
157 sdata += datalen;
158 }
159
160 return fragnum;
161 }
162
163 unsigned int
164 vendorid_frag_cap(gen)
165 struct isakmp_gen *gen;
166 {
167 int *hp;
168
169 hp = (int *)(gen + 1);
170
171 return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]);
172 }
173
174 int
175 isakmp_frag_extract(iph1, msg)
176 struct ph1handle *iph1;
177 vchar_t *msg;
178 {
179 struct isakmp *isakmp;
180 struct isakmp_frag *frag;
181 struct isakmp_frag_item *item;
182 vchar_t *buf;
183 size_t len;
184 int last_frag = 0;
185 char *data;
186 int i;
187
188 if (msg->l < sizeof(*isakmp) + sizeof(*frag)) {
189 plog(LLV_ERROR, LOCATION, NULL, "Message too short\n");
190 return -1;
191 }
192
193 isakmp = (struct isakmp *)msg->v;
194 frag = (struct isakmp_frag *)(isakmp + 1);
195
196 /*
197 * frag->len is the frag payload data plus the frag payload header,
198 * whose size is sizeof(*frag)
199 */
200 if (msg->l < sizeof(*isakmp) + ntohs(frag->len)) {
201 plog(LLV_ERROR, LOCATION, NULL, "Fragment too short\n");
202 return -1;
203 }
204
205 if ((buf = vmalloc(ntohs(frag->len) - sizeof(*frag))) == NULL) {
206 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
207 return -1;
208 }
209
210 if ((item = racoon_malloc(sizeof(*item))) == NULL) {
211 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
212 vfree(buf);
213 return -1;
214 }
215
216 data = (char *)(frag + 1);
217 memcpy(buf->v, data, buf->l);
218
219 item->frag_num = frag->index;
220 item->frag_last = (frag->flags & ISAKMP_FRAG_LAST);
221 item->frag_next = NULL;
222 item->frag_packet = buf;
223
224 /* Look for the last frag while inserting the new item in the chain */
225 if (item->frag_last)
226 last_frag = item->frag_num;
227
228 if (iph1->frag_chain == NULL) {
229 iph1->frag_chain = item;
230 } else {
231 struct isakmp_frag_item *current;
232
233 current = iph1->frag_chain;
234 while (current->frag_next) {
235 if (current->frag_last)
236 last_frag = item->frag_num;
237 current = current->frag_next;
238 }
239 current->frag_next = item;
240 }
241
242 /* If we saw the last frag, check if the chain is complete */
243 if (last_frag != 0) {
244 for (i = 1; i <= last_frag; i++) {
245 item = iph1->frag_chain;
246 do {
247 if (item->frag_num == i)
248 break;
249 item = item->frag_next;
250 } while (item != NULL);
251
252 if (item == NULL) /* Not found */
253 break;
254 }
255
256 if (item != NULL) /* It is complete */
257 return 1;
258 }
259
260 return 0;
261 }
262
263 vchar_t *
264 isakmp_frag_reassembly(iph1)
265 struct ph1handle *iph1;
266 {
267 struct isakmp_frag_item *item;
268 size_t len = 0;
269 vchar_t *buf = NULL;
270 int frag_count = 0;
271 int i;
272 char *data;
273
274 if ((item = iph1->frag_chain) == NULL) {
275 plog(LLV_ERROR, LOCATION, NULL, "No fragment to reassemble\n");
276 goto out;
277 }
278
279 do {
280 frag_count++;
281 len += item->frag_packet->l;
282 item = item->frag_next;
283 } while (item != NULL);
284
285 if ((buf = vmalloc(len)) == NULL) {
286 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
287 goto out;
288 }
289 data = buf->v;
290
291 for (i = 1; i <= frag_count; i++) {
292 item = iph1->frag_chain;
293 do {
294 if (item->frag_num == i)
295 break;
296 item = item->frag_next;
297 } while (item != NULL);
298
299 if (item == NULL) {
300 plog(LLV_ERROR, LOCATION, NULL,
301 "Missing fragment #%d\n", i);
302 vfree(buf);
303 buf = NULL;
304 goto out;
305 }
306 memcpy(data, item->frag_packet->v, item->frag_packet->l);
307 data += item->frag_packet->l;
308 }
309
310 out:
311 item = iph1->frag_chain;
312 do {
313 struct isakmp_frag_item *next_item;
314
315 next_item = item->frag_next;
316
317 vfree(item->frag_packet);
318 racoon_free(item);
319
320 item = next_item;
321 } while (item != NULL);
322
323 iph1->frag_chain = NULL;
324
325 return buf;
326 }
327
328 vchar_t *
329 isakmp_frag_addcap(buf, cap)
330 vchar_t *buf;
331 int cap;
332 {
333 int *capp;
334 size_t len;
335
336 /* If the capability has not been added, add room now */
337 len = buf->l;
338 if (len == MD5_DIGEST_LENGTH) {
339 if ((buf = vrealloc(buf, len + sizeof(cap))) == NULL) {
340 plog(LLV_ERROR, LOCATION, NULL,
341 "Cannot allocate memory\n");
342 return NULL;
343 }
344 capp = (int *)(buf->v + len);
345 *capp = htonl(0);
346 }
347
348 capp = (int *)(buf->v + MD5_DIGEST_LENGTH);
349 *capp |= htonl(cap);
350
351 return buf;
352 }
353