5 files changed, 177 insertions, 40 deletions

diff --git a/src/libcharon/sa/ikev2/keymat_v2.c b/src/libcharon/sa/ikev2/keymat_v2.c
index 8c7ba8d55..88ad14faf 100644
--- a/src/libcharon/sa/ikev2/keymat_v2.c
+++ b/src/libcharon/sa/ikev2/keymat_v2.c
@@ -97,10 +97,35 @@ static bool derive_ike_aead(private_keymat_v2_t *this, u_int16_t alg,
 {
 	aead_t *aead_i, *aead_r;
 	chunk_t key = chunk_empty;
+	u_int salt_size;
+
+	switch (alg)
+	{
+		case ENCR_AES_GCM_ICV8:
+		case ENCR_AES_GCM_ICV12:
+		case ENCR_AES_GCM_ICV16:
+			/* RFC 4106 */
+			salt_size = 4;
+			break;
+		case ENCR_AES_CCM_ICV8:
+		case ENCR_AES_CCM_ICV12:
+		case ENCR_AES_CCM_ICV16:
+			/* RFC 4309 */
+		case ENCR_CAMELLIA_CCM_ICV8:
+		case ENCR_CAMELLIA_CCM_ICV12:
+		case ENCR_CAMELLIA_CCM_ICV16:
+			/* RFC 5529 */
+			salt_size = 3;
+			break;
+		default:
+			DBG1(DBG_IKE, "nonce size for %N unknown!",
+				 encryption_algorithm_names, alg);
+			return FALSE;
+	}
 
 	/* SK_ei/SK_er used for encryption */
-	aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
-	aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8);
+	aead_i = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
+	aead_r = lib->crypto->create_aead(lib->crypto, alg, key_size / 8, salt_size);
 	if (aead_i == NULL || aead_r == NULL)
 	{
 		DBG1(DBG_IKE, "%N %N (key size %d) not supported!",
diff --git a/src/libcharon/sa/ikev2/task_manager_v2.c b/src/libcharon/sa/ikev2/task_manager_v2.c
index ac3be900f..a5252ab70 100644
--- a/src/libcharon/sa/ikev2/task_manager_v2.c
+++ b/src/libcharon/sa/ikev2/task_manager_v2.c
@@ -778,6 +778,15 @@ static status_t process_request(private_task_manager_t *this,
 			case CREATE_CHILD_SA:
 			{	/* FIXME: we should prevent this on mediation connections */
 				bool notify_found = FALSE, ts_found = FALSE;
+
+				if (this->ike_sa->get_state(this->ike_sa) == IKE_CREATED ||
+					this->ike_sa->get_state(this->ike_sa) == IKE_CONNECTING)
+				{
+					DBG1(DBG_IKE, "received CREATE_CHILD_SA request for "
+						 "unestablished IKE_SA, rejected");
+					return FAILED;
+				}
+
 				enumerator = message->create_payload_enumerator(message);
 				while (enumerator->enumerate(enumerator, &payload))
 				{
diff --git a/src/libcharon/sa/ikev2/tasks/child_delete.c b/src/libcharon/sa/ikev2/tasks/child_delete.c
index e898efc88..88b032c8b 100644
--- a/src/libcharon/sa/ikev2/tasks/child_delete.c
+++ b/src/libcharon/sa/ikev2/tasks/child_delete.c
@@ -17,6 +17,7 @@
 
 #include <daemon.h>
 #include <encoding/payloads/delete_payload.h>
+#include <sa/ikev2/tasks/child_create.h>
 
 
 typedef struct private_child_delete_t private_child_delete_t;
@@ -313,6 +314,17 @@ METHOD(task_t, build_i, status_t,
 	}
 	log_children(this);
 	build_payloads(this, message);
+
+	if (!this->rekeyed && this->expired)
+	{
+		child_cfg_t *child_cfg;
+
+		DBG1(DBG_IKE, "scheduling CHILD_SA recreate after hard expire");
+		child_cfg = child_sa->get_config(child_sa);
+		this->ike_sa->queue_task(this->ike_sa, (task_t*)
+				child_create_create(this->ike_sa, child_cfg->get_ref(child_cfg),
+									FALSE, NULL, NULL));
+	}
 	return NEED_MORE;
 }
 
diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
index a93e5137e..6dbc4dec3 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_cert_post.c
@@ -22,6 +22,7 @@
 #include <encoding/payloads/certreq_payload.h>
 #include <encoding/payloads/auth_payload.h>
 #include <credentials/certificates/x509.h>
+#include <credentials/certificates/ac.h>
 
 
 typedef struct private_ike_cert_post_t private_ike_cert_post_t;
@@ -105,12 +106,109 @@ static cert_payload_t *build_cert_payload(private_ike_cert_post_t *this,
 }
 
 /**
+ * Add subject certificate to message
+ */
+static bool add_subject_cert(private_ike_cert_post_t *this, auth_cfg_t *auth,
+							 message_t *message)
+{
+	cert_payload_t *payload;
+	certificate_t *cert;
+
+	cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+	if (!cert)
+	{
+		return FALSE;
+	}
+	payload = build_cert_payload(this, cert);
+	if (!payload)
+	{
+		return FALSE;
+	}
+	DBG1(DBG_IKE, "sending end entity cert \"%Y\"", cert->get_subject(cert));
+	message->add_payload(message, (payload_t*)payload);
+	return TRUE;
+}
+
+/**
+ * Add intermediate CA certificates to message
+ */
+static void add_im_certs(private_ike_cert_post_t *this, auth_cfg_t *auth,
+						 message_t *message)
+{
+	cert_payload_t *payload;
+	enumerator_t *enumerator;
+	certificate_t *cert;
+	auth_rule_t type;
+
+	enumerator = auth->create_enumerator(auth);
+	while (enumerator->enumerate(enumerator, &type, &cert))
+	{
+		if (type == AUTH_RULE_IM_CERT)
+		{
+			payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+			if (payload)
+			{
+				DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
+					 cert->get_subject(cert));
+				message->add_payload(message, (payload_t*)payload);
+			}
+		}
+	}
+	enumerator->destroy(enumerator);
+}
+
+/**
+ * Add any valid attribute certificates of subject to message
+ */
+static void add_attribute_certs(private_ike_cert_post_t *this,
+								auth_cfg_t *auth, message_t *message)
+{
+	certificate_t *subject, *cert;
+
+	subject = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
+	if (subject && subject->get_type(subject) == CERT_X509)
+	{
+		x509_t *x509 = (x509_t*)subject;
+		identification_t *id, *serial;
+		enumerator_t *enumerator;
+		cert_payload_t *payload;
+		ac_t *ac;
+
+		/* we look for attribute certs having our serial and holder issuer,
+		 * which is recommended by RFC 5755 */
+		serial = identification_create_from_encoding(ID_KEY_ID,
+													 x509->get_serial(x509));
+		enumerator = lib->credmgr->create_cert_enumerator(lib->credmgr,
+										CERT_X509_AC, KEY_ANY, serial, FALSE);
+		while (enumerator->enumerate(enumerator, &ac))
+		{
+			cert = &ac->certificate;
+			id = ac->get_holderIssuer(ac);
+			if (id && id->equals(id, subject->get_issuer(subject)) &&
+				cert->get_validity(cert, NULL, NULL, NULL))
+			{
+				payload = cert_payload_create_from_cert(CERTIFICATE, cert);
+				if (payload)
+				{
+					DBG1(DBG_IKE, "sending attribute certificate "
+						 "issued by \"%Y\"", cert->get_issuer(cert));
+					message->add_payload(message, (payload_t*)payload);
+				}
+			}
+		}
+		enumerator->destroy(enumerator);
+		serial->destroy(serial);
+	}
+}
+
+/**
  * add certificates to message
  */
 static void build_certs(private_ike_cert_post_t *this, message_t *message)
 {
 	peer_cfg_t *peer_cfg;
 	auth_payload_t *payload;
+	auth_cfg_t *auth;
 
 	payload = (auth_payload_t*)message->get_payload(message, AUTHENTICATION);
 	peer_cfg = this->ike_sa->get_peer_cfg(this->ike_sa);
@@ -130,46 +228,13 @@ static void build_certs(private_ike_cert_post_t *this, message_t *message)
 			}
 			/* FALL */
 		case CERT_ALWAYS_SEND:
-		{
-			cert_payload_t *payload;
-			enumerator_t *enumerator;
-			certificate_t *cert;
-			auth_rule_t type;
-			auth_cfg_t *auth;
-
 			auth = this->ike_sa->get_auth_cfg(this->ike_sa, TRUE);
-
-			/* get subject cert first, then issuing certificates */
-			cert = auth->get(auth, AUTH_RULE_SUBJECT_CERT);
-			if (!cert)
+			if (add_subject_cert(this, auth, message))
 			{
-				break;
+				add_im_certs(this, auth, message);
+				add_attribute_certs(this, auth, message);
 			}
-			payload = build_cert_payload(this, cert);
-			if (!payload)
-			{
-				break;
-			}
-			DBG1(DBG_IKE, "sending end entity cert \"%Y\"",
-				 cert->get_subject(cert));
-			message->add_payload(message, (payload_t*)payload);
-
-			enumerator = auth->create_enumerator(auth);
-			while (enumerator->enumerate(enumerator, &type, &cert))
-			{
-				if (type == AUTH_RULE_IM_CERT)
-				{
-					payload = cert_payload_create_from_cert(CERTIFICATE, cert);
-					if (payload)
-					{
-						DBG1(DBG_IKE, "sending issuer cert \"%Y\"",
-							 cert->get_subject(cert));
-						message->add_payload(message, (payload_t*)payload);
-					}
-				}
-			}
-			enumerator->destroy(enumerator);
-		}
+			break;
 	}
 }
 
diff --git a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
index bd28b29d7..558b1e914 100644
--- a/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
+++ b/src/libcharon/sa/ikev2/tasks/ike_cert_pre.c
@@ -260,6 +260,30 @@ static void process_crl(cert_payload_t *payload, auth_cfg_t *auth)
 }
 
 /**
+ * Process an attribute certificate payload
+ */
+static void process_ac(cert_payload_t *payload, auth_cfg_t *auth)
+{
+	certificate_t *cert;
+
+	cert = payload->get_cert(payload);
+	if (cert)
+	{
+		if (cert->get_issuer(cert))
+		{
+			DBG1(DBG_IKE, "received attribute certificate issued by \"%Y\"",
+				 cert->get_issuer(cert));
+		}
+		else if (cert->get_subject(cert))
+		{
+			DBG1(DBG_IKE, "received attribute certificate for \"%Y\"",
+				 cert->get_subject(cert));
+		}
+		auth->add(auth, AUTH_HELPER_AC_CERT, cert);
+	}
+}
+
+/**
  * Process certificate payloads
  */
 static void process_certs(private_ike_cert_pre_t *this, message_t *message)
@@ -298,13 +322,15 @@ static void process_certs(private_ike_cert_pre_t *this, message_t *message)
 				case ENC_CRL:
 					process_crl(cert_payload, auth);
 					break;
+				case ENC_X509_ATTRIBUTE:
+					process_ac(cert_payload, auth);
+					break;
 				case ENC_PKCS7_WRAPPED_X509:
 				case ENC_PGP:
 				case ENC_DNS_SIGNED_KEY:
 				case ENC_KERBEROS_TOKEN:
 				case ENC_ARL:
 				case ENC_SPKI:
-				case ENC_X509_ATTRIBUTE:
 				case ENC_RAW_RSA_KEY:
 				case ENC_X509_HASH_AND_URL_BUNDLE:
 				case ENC_OCSP_CONTENT: