]> git.saurik.com Git - apple/xnu.git/blob - bsd/netinet6/esp_output.c
projects / apple / xnu.git / blob
? search:


c867a5ce9dd99020179a15ee191e415afdd923aa
[apple/xnu.git] / bsd / netinet6 / esp_output.c
1 /*
2 * Copyright (c) 2008-2017 Apple Inc. All rights reserved.
3 *
4 * @APPLE_OSREFERENCE_LICENSE_HEADER_START@
5 *
6 * This file contains Original Code and/or Modifications of Original Code
7 * as defined in and that are subject to the Apple Public Source License
8 * Version 2.0 (the 'License'). You may not use this file except in
9 * compliance with the License. The rights granted to you under the License
10 * may not be used to create, or enable the creation or redistribution of,
11 * unlawful or unlicensed copies of an Apple operating system, or to
12 * circumvent, violate, or enable the circumvention or violation of, any
13 * terms of an Apple operating system software license agreement.
14 *
15 * Please obtain a copy of the License at
16 * http://www.opensource.apple.com/apsl/ and read it before using this file.
17 *
18 * The Original Code and all software distributed under the License are
19 * distributed on an 'AS IS' basis, WITHOUT WARRANTY OF ANY KIND, EITHER
20 * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
21 * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
22 * FITNESS FOR A PARTICULAR PURPOSE, QUIET ENJOYMENT OR NON-INFRINGEMENT.
23 * Please see the License for the specific language governing rights and
24 * limitations under the License.
25 *
26 * @APPLE_OSREFERENCE_LICENSE_HEADER_END@
27 */
28
29 /* $FreeBSD: src/sys/netinet6/esp_output.c,v 1.1.2.3 2002/04/28 05:40:26 suz Exp $ */
30 /* $KAME: esp_output.c,v 1.44 2001/07/26 06:53:15 jinmei Exp $ */
31
32 /*
33 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
34 * All rights reserved.
35 *
36 * Redistribution and use in source and binary forms, with or without
37 * modification, are permitted provided that the following conditions
38 * are met:
39 * 1. Redistributions of source code must retain the above copyright
40 * notice, this list of conditions and the following disclaimer.
41 * 2. Redistributions in binary form must reproduce the above copyright
42 * notice, this list of conditions and the following disclaimer in the
43 * documentation and/or other materials provided with the distribution.
44 * 3. Neither the name of the project nor the names of its contributors
45 * may be used to endorse or promote products derived from this software
46 * without specific prior written permission.
47 *
48 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
49 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
50 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
51 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
52 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
53 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
54 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
55 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
56 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
57 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
58 * SUCH DAMAGE.
59 */
60
61 #define _IP_VHL
62
63 /*
64 * RFC1827/2406 Encapsulated Security Payload.
65 */
66
67 #include <sys/param.h>
68 #include <sys/systm.h>
69 #include <sys/malloc.h>
70 #include <sys/mbuf.h>
71 #include <sys/domain.h>
72 #include <sys/protosw.h>
73 #include <sys/socket.h>
74 #include <sys/socketvar.h>
75 #include <sys/errno.h>
76 #include <sys/time.h>
77 #include <sys/kernel.h>
78 #include <sys/syslog.h>
79
80 #include <net/if.h>
81 #include <net/route.h>
82 #include <net/multi_layer_pkt_log.h>
83
84 #include <netinet/in.h>
85 #include <netinet/in_systm.h>
86 #include <netinet/ip.h>
87 #include <netinet/in_var.h>
88 #include <netinet/udp.h> /* for nat traversal */
89 #include <netinet/tcp.h>
90 #include <netinet/in_tclass.h>
91
92 #include <netinet/ip6.h>
93 #include <netinet6/ip6_var.h>
94 #include <netinet/icmp6.h>
95
96 #include <netinet6/ipsec.h>
97 #include <netinet6/ipsec6.h>
98 #include <netinet6/ah.h>
99 #include <netinet6/ah6.h>
100 #include <netinet6/esp.h>
101 #include <netinet6/esp6.h>
102 #include <netkey/key.h>
103 #include <netkey/keydb.h>
104
105 #include <net/net_osdep.h>
106
107 #include <sys/kdebug.h>
108 #define DBG_LAYER_BEG NETDBG_CODE(DBG_NETIPSEC, 1)
109 #define DBG_LAYER_END NETDBG_CODE(DBG_NETIPSEC, 3)
110 #define DBG_FNC_ESPOUT NETDBG_CODE(DBG_NETIPSEC, (4 << 8))
111 #define DBG_FNC_ENCRYPT NETDBG_CODE(DBG_NETIPSEC, (5 << 8))
112
113 static int esp_output(struct mbuf *, u_char *, struct mbuf *,
114 int, struct secasvar *sav);
115
116 extern int esp_udp_encap_port;
117 extern u_int64_t natt_now;
118
119 extern lck_mtx_t *sadb_mutex;
120
121 /*
122 * compute ESP header size.
123 */
124 size_t
125 esp_hdrsiz(__unused struct ipsecrequest *isr)
126 {
127 #if 0
128 /* sanity check */
129 if (isr == NULL) {
130 panic("esp_hdrsiz: NULL was passed.\n");
131 }
132
133
134 lck_mtx_lock(sadb_mutex);
135 {
136 struct secasvar *sav;
137 const struct esp_algorithm *algo;
138 const struct ah_algorithm *aalgo;
139 size_t ivlen;
140 size_t authlen;
141 size_t hdrsiz;
142 size_t maxpad;
143
144 /*%%%% this needs to change - no sav in ipsecrequest any more */
145 sav = isr->sav;
146
147 if (isr->saidx.proto != IPPROTO_ESP) {
148 panic("unsupported mode passed to esp_hdrsiz");
149 }
150
151 if (sav == NULL) {
152 goto estimate;
153 }
154 if (sav->state != SADB_SASTATE_MATURE
155 && sav->state != SADB_SASTATE_DYING) {
156 goto estimate;
157 }
158
159 /* we need transport mode ESP. */
160 algo = esp_algorithm_lookup(sav->alg_enc);
161 if (!algo) {
162 goto estimate;
163 }
164 ivlen = sav->ivlen;
165 if (ivlen < 0) {
166 goto estimate;
167 }
168
169 if (algo->padbound) {
170 maxpad = algo->padbound;
171 } else {
172 maxpad = 4;
173 }
174 maxpad += 1; /* maximum 'extendsiz' is padbound + 1, see esp_output */
175
176 if (sav->flags & SADB_X_EXT_OLD) {
177 /* RFC 1827 */
178 hdrsiz = sizeof(struct esp) + ivlen + maxpad;
179 } else {
180 /* RFC 2406 */
181 aalgo = ah_algorithm_lookup(sav->alg_auth);
182 if (aalgo && sav->replay[0] != NULL && sav->key_auth) {
183 authlen = (aalgo->sumsiz)(sav);
184 } else {
185 authlen = 0;
186 }
187 hdrsiz = sizeof(struct newesp) + ivlen + maxpad + authlen;
188 }
189
190 /*
191 * If the security association indicates that NATT is required,
192 * add the size of the NATT encapsulation header:
193 */
194 if ((sav->flags & SADB_X_EXT_NATT) != 0) {
195 hdrsiz += sizeof(struct udphdr) + 4;
196 }
197
198 lck_mtx_unlock(sadb_mutex);
199 return hdrsiz;
200 }
201 estimate:
202 lck_mtx_unlock(sadb_mutex);
203 #endif
204 /*
205 * ASSUMING:
206 * sizeof(struct newesp) > sizeof(struct esp). (8)
207 * esp_max_ivlen() = max ivlen for CBC mode
208 * 17 = (maximum padding length without random padding length)
209 * + (Pad Length field) + (Next Header field).
210 * 64 = maximum ICV we support.
211 * sizeof(struct udphdr) in case NAT traversal is used
212 */
213 return sizeof(struct newesp) + esp_max_ivlen() + 17 + AH_MAXSUMSIZE + sizeof(struct udphdr);
214 }
215
216 /*
217 * Modify the packet so that the payload is encrypted.
218 * The mbuf (m) must start with IPv4 or IPv6 header.
219 * On failure, free the given mbuf and return NULL.
220 *
221 * on invocation:
222 * m nexthdrp md
223 * v v v
224 * IP ......... payload
225 * during the encryption:
226 * m nexthdrp mprev md
227 * v v v v
228 * IP ............... esp iv payload pad padlen nxthdr
229 * <--><-><------><--------------->
230 * esplen plen extendsiz
231 * ivlen
232 * <-----> esphlen
233 * <-> hlen
234 * <-----------------> espoff
235 */
236 static int
237 esp_output(
238 struct mbuf *m,
239 u_char *nexthdrp,
240 struct mbuf *md,
241 int af,
242 struct secasvar *sav)
243 {
244 struct mbuf *n;
245 struct mbuf *mprev;
246 struct esp *esp;
247 struct esptail *esptail;
248 const struct esp_algorithm *algo;
249 struct tcphdr th = {};
250 u_int32_t spi;
251 u_int32_t seq;
252 size_t inner_payload_len = 0;
253 u_int8_t inner_protocol = 0;
254 u_int8_t nxt = 0;
255 size_t plen; /*payload length to be encrypted*/
256 size_t espoff;
257 size_t esphlen; /* sizeof(struct esp/newesp) + ivlen */
258 int ivlen;
259 int afnumber;
260 size_t extendsiz;
261 int error = 0;
262 struct ipsecstat *stat;
263 struct udphdr *udp = NULL;
264 int udp_encapsulate = (sav->flags & SADB_X_EXT_NATT && (af == AF_INET || af == AF_INET6) &&
265 ((esp_udp_encap_port & 0xFFFF) != 0 || sav->natt_encapsulated_src_port != 0));
266
267 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_START, sav->ivlen, 0, 0, 0, 0);
268 switch (af) {
269 case AF_INET:
270 afnumber = 4;
271 stat = &ipsecstat;
272 break;
273 case AF_INET6:
274 afnumber = 6;
275 stat = &ipsec6stat;
276 break;
277 default:
278 ipseclog((LOG_ERR, "esp_output: unsupported af %d\n", af));
279 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 1, 0, 0, 0, 0);
280 return 0; /* no change at all */
281 }
282
283 mbuf_traffic_class_t traffic_class = 0;
284 if ((sav->flags2 & SADB_X_EXT_SA2_SEQ_PER_TRAFFIC_CLASS) ==
285 SADB_X_EXT_SA2_SEQ_PER_TRAFFIC_CLASS) {
286 u_int8_t dscp = 0;
287 switch (af) {
288 case AF_INET:
289 {
290 struct ip *ip = mtod(m, struct ip *);
291 dscp = ip->ip_tos >> IPTOS_DSCP_SHIFT;
292 break;
293 }
294 case AF_INET6:
295 {
296 struct ip6_hdr *ip6 = mtod(m, struct ip6_hdr *);
297 dscp = (ntohl(ip6->ip6_flow) & IP6FLOW_DSCP_MASK) >> IP6FLOW_DSCP_SHIFT;
298 break;
299 }
300 default:
301 panic("esp_output: should not reach here");
302 }
303 traffic_class = rfc4594_dscp_to_tc(dscp);
304 }
305
306 /* some sanity check */
307 if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay[traffic_class] == NULL) {
308 switch (af) {
309 case AF_INET:
310 {
311 struct ip *ip;
312
313 ip = mtod(m, struct ip *);
314 ipseclog((LOG_DEBUG, "esp4_output: internal error: "
315 "sav->replay is null: %x->%x, SPI=%u\n",
316 (u_int32_t)ntohl(ip->ip_src.s_addr),
317 (u_int32_t)ntohl(ip->ip_dst.s_addr),
318 (u_int32_t)ntohl(sav->spi)));
319 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
320 break;
321 }
322 case AF_INET6:
323 ipseclog((LOG_DEBUG, "esp6_output: internal error: "
324 "sav->replay is null: SPI=%u\n",
325 (u_int32_t)ntohl(sav->spi)));
326 IPSEC_STAT_INCREMENT(ipsec6stat.out_inval);
327 break;
328 default:
329 panic("esp_output: should not reach here");
330 }
331 m_freem(m);
332 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 2, 0, 0, 0, 0);
333 return EINVAL;
334 }
335
336 algo = esp_algorithm_lookup(sav->alg_enc);
337 if (!algo) {
338 ipseclog((LOG_ERR, "esp_output: unsupported algorithm: "
339 "SPI=%u\n", (u_int32_t)ntohl(sav->spi)));
340 m_freem(m);
341 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 3, 0, 0, 0, 0);
342 return EINVAL;
343 }
344 spi = sav->spi;
345 ivlen = sav->ivlen;
346 /* should be okey */
347 if (ivlen < 0) {
348 panic("invalid ivlen");
349 }
350
351 {
352 /*
353 * insert ESP header.
354 * XXX inserts ESP header right after IPv4 header. should
355 * chase the header chain.
356 * XXX sequential number
357 */
358 struct ip *ip = NULL;
359 struct ip6_hdr *ip6 = NULL;
360 size_t esplen; /* sizeof(struct esp/newesp) */
361 size_t hlen = 0; /* ip header len */
362
363 if (sav->flags & SADB_X_EXT_OLD) {
364 /* RFC 1827 */
365 esplen = sizeof(struct esp);
366 } else {
367 /* RFC 2406 */
368 if (sav->flags & SADB_X_EXT_DERIV) {
369 esplen = sizeof(struct esp);
370 } else {
371 esplen = sizeof(struct newesp);
372 }
373 }
374 esphlen = esplen + ivlen;
375
376 for (mprev = m; mprev && mprev->m_next != md; mprev = mprev->m_next) {
377 ;
378 }
379 if (mprev == NULL || mprev->m_next != md) {
380 ipseclog((LOG_DEBUG, "esp%d_output: md is not in chain\n",
381 afnumber));
382 m_freem(m);
383 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 4, 0, 0, 0, 0);
384 return EINVAL;
385 }
386
387 plen = 0;
388 for (n = md; n; n = n->m_next) {
389 plen += n->m_len;
390 }
391
392 switch (af) {
393 case AF_INET:
394 ip = mtod(m, struct ip *);
395 #ifdef _IP_VHL
396 hlen = IP_VHL_HL(ip->ip_vhl) << 2;
397 #else
398 hlen = ip->ip_hl << 2;
399 #endif
400 break;
401 case AF_INET6:
402 ip6 = mtod(m, struct ip6_hdr *);
403 hlen = sizeof(*ip6);
404 break;
405 }
406
407 /* grab info for packet logging */
408 struct secashead *sah = sav->sah;
409 if (net_mpklog_enabled &&
410 sah != NULL && sah->ipsec_if != NULL) {
411 ifnet_t ifp = sah->ipsec_if;
412
413 if ((ifp->if_xflags & IFXF_MPK_LOG) == IFXF_MPK_LOG) {
414 size_t iphlen = 0;
415
416 if (sav->sah->saidx.mode == IPSEC_MODE_TUNNEL) {
417 struct ip *inner_ip = mtod(md, struct ip *);
418 if (IP_VHL_V(inner_ip->ip_vhl) == IPVERSION) {
419 #ifdef _IP_VHL
420 iphlen = IP_VHL_HL(inner_ip->ip_vhl) << 2;
421 #else
422 iphlen = inner_ip->ip_hl << 2;
423 #endif
424 inner_protocol = inner_ip->ip_p;
425 } else if (IP_VHL_V(inner_ip->ip_vhl) == IPV6_VERSION) {
426 struct ip6_hdr *inner_ip6 = mtod(md, struct ip6_hdr *);
427 iphlen = sizeof(struct ip6_hdr);
428 inner_protocol = inner_ip6->ip6_nxt;
429 }
430
431 if (inner_protocol == IPPROTO_TCP) {
432 if ((int)(iphlen + sizeof(th)) <=
433 (m->m_pkthdr.len - m->m_len)) {
434 m_copydata(md, (int)iphlen, sizeof(th), (u_int8_t *)&th);
435 }
436
437 inner_payload_len = m->m_pkthdr.len - m->m_len - iphlen - (th.th_off << 2);
438 }
439 } else {
440 iphlen = hlen;
441 if (af == AF_INET) {
442 inner_protocol = ip->ip_p;
443 } else if (af == AF_INET6) {
444 inner_protocol = ip6->ip6_nxt;
445 }
446
447 if (inner_protocol == IPPROTO_TCP) {
448 if ((int)(iphlen + sizeof(th)) <=
449 m->m_pkthdr.len) {
450 m_copydata(m, (int)iphlen, sizeof(th), (u_int8_t *)&th);
451 }
452
453 inner_payload_len = m->m_pkthdr.len - iphlen - (th.th_off << 2);
454 }
455 }
456 }
457 }
458
459 /* make the packet over-writable */
460 mprev->m_next = NULL;
461 if ((md = ipsec_copypkt(md)) == NULL) {
462 m_freem(m);
463 error = ENOBUFS;
464 goto fail;
465 }
466 mprev->m_next = md;
467
468 /*
469 * Translate UDP source port back to its original value.
470 * SADB_X_EXT_NATT_MULTIPLEUSERS is only set for transort mode.
471 */
472 if ((sav->flags & SADB_X_EXT_NATT_MULTIPLEUSERS) != 0) {
473 /* if not UDP - drop it */
474 if (ip->ip_p != IPPROTO_UDP) {
475 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
476 m_freem(m);
477 error = EINVAL;
478 goto fail;
479 }
480
481 udp = mtod(md, struct udphdr *);
482
483 /* if src port not set in sav - find it */
484 if (sav->natt_encapsulated_src_port == 0) {
485 if (key_natt_get_translated_port(sav) == 0) {
486 m_freem(m);
487 error = EINVAL;
488 goto fail;
489 }
490 }
491 if (sav->remote_ike_port == htons(udp->uh_dport)) {
492 /* translate UDP port */
493 udp->uh_dport = sav->natt_encapsulated_src_port;
494 udp->uh_sum = 0; /* don't need checksum with ESP auth */
495 } else {
496 /* drop the packet - can't translate the port */
497 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
498 m_freem(m);
499 error = EINVAL;
500 goto fail;
501 }
502 }
503
504
505 espoff = m->m_pkthdr.len - plen;
506
507 if (udp_encapsulate) {
508 esphlen += sizeof(struct udphdr);
509 espoff += sizeof(struct udphdr);
510 }
511
512 /*
513 * grow the mbuf to accomodate ESP header.
514 * before: IP ... payload
515 * after: IP ... [UDP] ESP IV payload
516 */
517 if (M_LEADINGSPACE(md) < esphlen || (md->m_flags & M_EXT) != 0) {
518 MGET(n, M_DONTWAIT, MT_DATA);
519 if (!n) {
520 m_freem(m);
521 error = ENOBUFS;
522 goto fail;
523 }
524 VERIFY(esphlen <= INT32_MAX);
525 n->m_len = (int)esphlen;
526 mprev->m_next = n;
527 n->m_next = md;
528 m->m_pkthdr.len += esphlen;
529 if (udp_encapsulate) {
530 udp = mtod(n, struct udphdr *);
531 esp = (struct esp *)(void *)((caddr_t)udp + sizeof(struct udphdr));
532 } else {
533 esp = mtod(n, struct esp *);
534 }
535 } else {
536 md->m_len += esphlen;
537 md->m_data -= esphlen;
538 m->m_pkthdr.len += esphlen;
539 esp = mtod(md, struct esp *);
540 if (udp_encapsulate) {
541 udp = mtod(md, struct udphdr *);
542 esp = (struct esp *)(void *)((caddr_t)udp + sizeof(struct udphdr));
543 } else {
544 esp = mtod(md, struct esp *);
545 }
546 }
547
548 switch (af) {
549 case AF_INET:
550 if (esphlen < (IP_MAXPACKET - ntohs(ip->ip_len))) {
551 ip->ip_len = htons(ntohs(ip->ip_len) + (u_short)esphlen);
552 } else {
553 ipseclog((LOG_ERR,
554 "IPv4 ESP output: size exceeds limit\n"));
555 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
556 m_freem(m);
557 error = EMSGSIZE;
558 goto fail;
559 }
560 break;
561 case AF_INET6:
562 /* total packet length will be computed in ip6_output() */
563 break;
564 }
565 }
566
567 /* initialize esp header. */
568 esp->esp_spi = spi;
569 if ((sav->flags & SADB_X_EXT_OLD) == 0) {
570 struct newesp *nesp;
571 nesp = (struct newesp *)esp;
572 if (sav->replay[traffic_class]->count == sav->replay[traffic_class]->lastseq) {
573 if ((sav->flags & SADB_X_EXT_CYCSEQ) == 0) {
574 /* XXX Is it noisy ? */
575 ipseclog((LOG_WARNING,
576 "replay counter overflowed. %s\n",
577 ipsec_logsastr(sav)));
578 IPSEC_STAT_INCREMENT(stat->out_inval);
579 m_freem(m);
580 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 5, 0, 0, 0, 0);
581 return EINVAL;
582 }
583 }
584 lck_mtx_lock(sadb_mutex);
585 sav->replay[traffic_class]->count++;
586 lck_mtx_unlock(sadb_mutex);
587 /*
588 * XXX sequence number must not be cycled, if the SA is
589 * installed by IKE daemon.
590 */
591 nesp->esp_seq = htonl(sav->replay[traffic_class]->count);
592 seq = sav->replay[traffic_class]->count;
593 }
594
595 {
596 /*
597 * find the last mbuf. make some room for ESP trailer.
598 */
599 struct ip *ip = NULL;
600 size_t padbound;
601 u_char *extend;
602 int i;
603 int randpadmax;
604
605 if (algo->padbound) {
606 padbound = algo->padbound;
607 } else {
608 padbound = 4;
609 }
610 /* ESP packet, including nxthdr field, must be length of 4n */
611 if (padbound < 4) {
612 padbound = 4;
613 }
614
615 extendsiz = padbound - (plen % padbound);
616 if (extendsiz == 1) {
617 extendsiz = padbound + 1;
618 }
619
620 /* random padding */
621 switch (af) {
622 case AF_INET:
623 randpadmax = ip4_esp_randpad;
624 break;
625 case AF_INET6:
626 randpadmax = ip6_esp_randpad;
627 break;
628 default:
629 randpadmax = -1;
630 break;
631 }
632 if (randpadmax < 0 || plen + extendsiz >= randpadmax) {
633 ;
634 } else {
635 size_t pad;
636
637 /* round */
638 randpadmax = (int)((randpadmax / padbound) * padbound);
639 pad = (randpadmax - plen + extendsiz) / padbound;
640
641 if (pad > 0) {
642 pad = (random() % pad) * padbound;
643 } else {
644 pad = 0;
645 }
646
647 /*
648 * make sure we do not pad too much.
649 * MLEN limitation comes from the trailer attachment
650 * code below.
651 * 256 limitation comes from sequential padding.
652 * also, the 1-octet length field in ESP trailer imposes
653 * limitation (but is less strict than sequential padding
654 * as length field do not count the last 2 octets).
655 */
656 if (extendsiz + pad <= MLEN && extendsiz + pad < 256) {
657 extendsiz += pad;
658 }
659 }
660
661 n = m;
662 while (n->m_next) {
663 n = n->m_next;
664 }
665
666 /*
667 * if M_EXT, the external mbuf data may be shared among
668 * two consequtive TCP packets, and it may be unsafe to use the
669 * trailing space.
670 */
671 if (!(n->m_flags & M_EXT) && extendsiz < M_TRAILINGSPACE(n)) {
672 extend = mtod(n, u_char *) + n->m_len;
673 n->m_len += (int)extendsiz;
674 m->m_pkthdr.len += extendsiz;
675 } else {
676 struct mbuf *nn;
677
678 MGET(nn, M_DONTWAIT, MT_DATA);
679 if (!nn) {
680 ipseclog((LOG_DEBUG, "esp%d_output: can't alloc mbuf",
681 afnumber));
682 m_freem(m);
683 error = ENOBUFS;
684 goto fail;
685 }
686 extend = mtod(nn, u_char *);
687 VERIFY(extendsiz <= INT_MAX);
688 nn->m_len = (int)extendsiz;
689 nn->m_next = NULL;
690 n->m_next = nn;
691 n = nn;
692 m->m_pkthdr.len += extendsiz;
693 }
694 switch (sav->flags & SADB_X_EXT_PMASK) {
695 case SADB_X_EXT_PRAND:
696 key_randomfill(extend, extendsiz);
697 break;
698 case SADB_X_EXT_PZERO:
699 bzero(extend, extendsiz);
700 break;
701 case SADB_X_EXT_PSEQ:
702 for (i = 0; i < extendsiz; i++) {
703 extend[i] = (i + 1) & 0xff;
704 }
705 break;
706 }
707
708 nxt = *nexthdrp;
709 if (udp_encapsulate) {
710 *nexthdrp = IPPROTO_UDP;
711
712 /* Fill out the UDP header */
713 if (sav->natt_encapsulated_src_port != 0) {
714 udp->uh_sport = (u_short)sav->natt_encapsulated_src_port;
715 } else {
716 udp->uh_sport = htons((u_short)esp_udp_encap_port);
717 }
718 udp->uh_dport = htons(sav->remote_ike_port);
719 // udp->uh_len set later, after all length tweaks are complete
720 udp->uh_sum = 0;
721
722 /* Update last sent so we know if we need to send keepalive */
723 sav->natt_last_activity = natt_now;
724 } else {
725 *nexthdrp = IPPROTO_ESP;
726 }
727
728 /* initialize esp trailer. */
729 esptail = (struct esptail *)
730 (mtod(n, u_int8_t *) + n->m_len - sizeof(struct esptail));
731 esptail->esp_nxt = nxt;
732 VERIFY((extendsiz - 2) <= UINT8_MAX);
733 esptail->esp_padlen = (u_int8_t)(extendsiz - 2);
734
735 /* modify IP header (for ESP header part only) */
736 switch (af) {
737 case AF_INET:
738 ip = mtod(m, struct ip *);
739 if (extendsiz < (IP_MAXPACKET - ntohs(ip->ip_len))) {
740 ip->ip_len = htons(ntohs(ip->ip_len) + (u_short)extendsiz);
741 } else {
742 ipseclog((LOG_ERR,
743 "IPv4 ESP output: size exceeds limit\n"));
744 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
745 m_freem(m);
746 error = EMSGSIZE;
747 goto fail;
748 }
749 break;
750 case AF_INET6:
751 /* total packet length will be computed in ip6_output() */
752 break;
753 }
754 }
755
756 /*
757 * pre-compute and cache intermediate key
758 */
759 error = esp_schedule(algo, sav);
760 if (error) {
761 m_freem(m);
762 IPSEC_STAT_INCREMENT(stat->out_inval);
763 goto fail;
764 }
765
766 /*
767 * encrypt the packet, based on security association
768 * and the algorithm specified.
769 */
770 if (!algo->encrypt) {
771 panic("internal error: no encrypt function");
772 }
773 KERNEL_DEBUG(DBG_FNC_ENCRYPT | DBG_FUNC_START, 0, 0, 0, 0, 0);
774 if ((*algo->encrypt)(m, espoff, plen + extendsiz, sav, algo, ivlen)) {
775 /* m is already freed */
776 ipseclog((LOG_ERR, "packet encryption failure\n"));
777 IPSEC_STAT_INCREMENT(stat->out_inval);
778 error = EINVAL;
779 KERNEL_DEBUG(DBG_FNC_ENCRYPT | DBG_FUNC_END, 1, error, 0, 0, 0);
780 goto fail;
781 }
782 KERNEL_DEBUG(DBG_FNC_ENCRYPT | DBG_FUNC_END, 2, 0, 0, 0, 0);
783
784 /*
785 * calculate ICV if required.
786 */
787 size_t siz = 0;
788 u_char authbuf[AH_MAXSUMSIZE] __attribute__((aligned(4)));
789
790 if (algo->finalizeencrypt) {
791 siz = algo->icvlen;
792 if ((*algo->finalizeencrypt)(sav, authbuf, siz)) {
793 ipseclog((LOG_ERR, "packet encryption ICV failure\n"));
794 IPSEC_STAT_INCREMENT(stat->out_inval);
795 error = EINVAL;
796 KERNEL_DEBUG(DBG_FNC_ENCRYPT | DBG_FUNC_END, 1, error, 0, 0, 0);
797 goto fail;
798 }
799 goto fill_icv;
800 }
801
802 if (!sav->replay[traffic_class]) {
803 goto noantireplay;
804 }
805 if (!sav->key_auth) {
806 goto noantireplay;
807 }
808 if (sav->key_auth == SADB_AALG_NONE) {
809 goto noantireplay;
810 }
811
812 {
813 const struct ah_algorithm *aalgo;
814
815 aalgo = ah_algorithm_lookup(sav->alg_auth);
816 if (!aalgo) {
817 goto noantireplay;
818 }
819 siz = ((aalgo->sumsiz)(sav) + 3) & ~(4 - 1);
820 if (AH_MAXSUMSIZE < siz) {
821 panic("assertion failed for AH_MAXSUMSIZE");
822 }
823
824 if (esp_auth(m, espoff, m->m_pkthdr.len - espoff, sav, authbuf)) {
825 ipseclog((LOG_ERR, "ESP checksum generation failure\n"));
826 m_freem(m);
827 error = EINVAL;
828 IPSEC_STAT_INCREMENT(stat->out_inval);
829 goto fail;
830 }
831 }
832
833 fill_icv:
834 {
835 struct ip *ip;
836 u_char *p;
837
838 n = m;
839 while (n->m_next) {
840 n = n->m_next;
841 }
842
843 if (!(n->m_flags & M_EXT) && siz < M_TRAILINGSPACE(n)) { /* XXX */
844 n->m_len += siz;
845 m->m_pkthdr.len += siz;
846 p = mtod(n, u_char *) + n->m_len - siz;
847 } else {
848 struct mbuf *nn;
849
850 MGET(nn, M_DONTWAIT, MT_DATA);
851 if (!nn) {
852 ipseclog((LOG_DEBUG, "can't alloc mbuf in esp%d_output",
853 afnumber));
854 m_freem(m);
855 error = ENOBUFS;
856 goto fail;
857 }
858 nn->m_len = (int)siz;
859 nn->m_next = NULL;
860 n->m_next = nn;
861 n = nn;
862 m->m_pkthdr.len += siz;
863 p = mtod(nn, u_char *);
864 }
865 bcopy(authbuf, p, siz);
866
867 /* modify IP header (for ESP header part only) */
868 switch (af) {
869 case AF_INET:
870 ip = mtod(m, struct ip *);
871 if (siz < (IP_MAXPACKET - ntohs(ip->ip_len))) {
872 ip->ip_len = htons(ntohs(ip->ip_len) + (u_short)siz);
873 } else {
874 ipseclog((LOG_ERR,
875 "IPv4 ESP output: size exceeds limit\n"));
876 IPSEC_STAT_INCREMENT(ipsecstat.out_inval);
877 m_freem(m);
878 error = EMSGSIZE;
879 goto fail;
880 }
881 break;
882 case AF_INET6:
883 /* total packet length will be computed in ip6_output() */
884 break;
885 }
886 }
887
888 if (udp_encapsulate) {
889 struct ip *ip;
890 struct ip6_hdr *ip6;
891
892 switch (af) {
893 case AF_INET:
894 ip = mtod(m, struct ip *);
895 udp->uh_ulen = htons((u_int16_t)(ntohs(ip->ip_len) - (IP_VHL_HL(ip->ip_vhl) << 2)));
896 break;
897 case AF_INET6:
898 ip6 = mtod(m, struct ip6_hdr *);
899 VERIFY((plen + siz + extendsiz + esphlen) <= UINT16_MAX);
900 udp->uh_ulen = htons((u_int16_t)(plen + siz + extendsiz + esphlen));
901 udp->uh_sum = in6_pseudo(&ip6->ip6_src, &ip6->ip6_dst, htonl(ntohs(udp->uh_ulen) + IPPROTO_UDP));
902 m->m_pkthdr.csum_flags = (CSUM_UDPIPV6 | CSUM_ZERO_INVERT);
903 m->m_pkthdr.csum_data = offsetof(struct udphdr, uh_sum);
904 break;
905 }
906 }
907
908 noantireplay:
909 if (net_mpklog_enabled && sav->sah != NULL &&
910 sav->sah->ipsec_if != NULL &&
911 (sav->sah->ipsec_if->if_xflags & IFXF_MPK_LOG) &&
912 inner_protocol == IPPROTO_TCP) {
913 MPKL_ESP_OUTPUT_TCP(esp_mpkl_log_object,
914 ntohl(spi), seq,
915 ntohs(th.th_sport), ntohs(th.th_dport),
916 ntohl(th.th_seq), ntohl(th.th_ack),
917 inner_payload_len, th.th_flags);
918 }
919
920 lck_mtx_lock(sadb_mutex);
921 if (!m) {
922 ipseclog((LOG_ERR,
923 "NULL mbuf after encryption in esp%d_output", afnumber));
924 } else {
925 stat->out_success++;
926 }
927 stat->out_esphist[sav->alg_enc]++;
928 lck_mtx_unlock(sadb_mutex);
929 key_sa_recordxfer(sav, m);
930 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 6, 0, 0, 0, 0);
931 return 0;
932
933 fail:
934 KERNEL_DEBUG(DBG_FNC_ESPOUT | DBG_FUNC_END, 7, error, 0, 0, 0);
935 return error;
936 }
937
938 int
939 esp4_output(
940 struct mbuf *m,
941 struct secasvar *sav)
942 {
943 struct ip *ip;
944 if (m->m_len < sizeof(struct ip)) {
945 ipseclog((LOG_DEBUG, "esp4_output: first mbuf too short\n"));
946 m_freem(m);
947 return EINVAL;
948 }
949 ip = mtod(m, struct ip *);
950 /* XXX assumes that m->m_next points to payload */
951 return esp_output(m, &ip->ip_p, m->m_next, AF_INET, sav);
952 }
953
954 int
955 esp6_output(
956 struct mbuf *m,
957 u_char *nexthdrp,
958 struct mbuf *md,
959 struct secasvar *sav)
960 {
961 if (m->m_len < sizeof(struct ip6_hdr)) {
962 ipseclog((LOG_DEBUG, "esp6_output: first mbuf too short\n"));
963 m_freem(m);
964 return EINVAL;
965 }
966 return esp_output(m, nexthdrp, md, AF_INET6, sav);
967 }
mirror of XNU