diff options
Diffstat (limited to 'src/pluto/state.h')
| -rw-r--r-- | src/pluto/state.h | 273 |
1 files changed, 273 insertions, 0 deletions
diff --git a/src/pluto/state.h b/src/pluto/state.h new file mode 100644 index 000000000..d3a980564 --- /dev/null +++ b/src/pluto/state.h @@ -0,0 +1,273 @@ +/* state and event objects + * Copyright (C) 1997 Angelos D. Keromytis. + * Copyright (C) 1998-2001 D. Hugh Redelmeier. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY + * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License + * for more details. + * + * RCSID $Id: state.h,v 1.11 2006/03/08 22:12:37 as Exp $ + */ + +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <time.h> +#include <gmp.h> /* GNU MP library */ + +#include "connections.h" + +/* Message ID mechanism. + * + * A Message ID is contained in each IKE message header. + * For Phase 1 exchanges (Main and Aggressive), it will be zero. + * For other exchanges, which must be under the protection of an + * ISAKMP SA, the Message ID must be unique within that ISAKMP SA. + * Effectively, this labels the message as belonging to a particular + * exchange. + * + * RFC2408 "ISAKMP" 3.1 "ISAKMP Header Format" (near end) states that + * the Message ID must be unique. We interpret this to be "unique within + * one ISAKMP SA". + * + * BTW, we feel this uniqueness allows rekeying to be somewhat simpler + * than specified by draft-jenkins-ipsec-rekeying-06.txt. + */ + +typedef u_int32_t msgid_t; /* Network order! */ +#define MAINMODE_MSGID ((msgid_t) 0) + +struct state; /* forward declaration of tag */ +extern bool reserve_msgid(struct state *isakmp_sa, msgid_t msgid); +extern msgid_t generate_msgid(struct state *isakmp_sa); + + +/* Oakley (Phase 1 / Main Mode) transform and attributes + * This is a flattened/decoded version of what is represented + * in the Transaction Payload. + * Names are chosen to match corresponding names in state. + */ +struct oakley_trans_attrs { + u_int16_t encrypt; /* Encryption algorithm */ + u_int16_t enckeylen; /* encryption key len (bits) */ + const struct encrypt_desc *encrypter; /* package of encryption routines */ + u_int16_t hash; /* Hash algorithm */ + const struct hash_desc *hasher; /* package of hashing routines */ + u_int16_t auth; /* Authentication method */ + const struct oakley_group_desc *group; /* Oakley group */ + time_t life_seconds; /* When this SA expires (seconds) */ + u_int32_t life_kilobytes; /* When this SA is exhausted (kilobytes) */ +#if 0 /* not yet */ + u_int16_t prf; /* Pseudo Random Function */ +#endif +}; + +/* IPsec (Phase 2 / Quick Mode) transform and attributes + * This is a flattened/decoded version of what is represented + * by a Transaction Payload. There may be one for AH, one + * for ESP, and a funny one for IPCOMP. + */ +struct ipsec_trans_attrs { + u_int8_t transid; /* transform id */ + ipsec_spi_t spi; /* his SPI */ + time_t life_seconds; /* When this SA expires */ + u_int32_t life_kilobytes; /* When this SA expires */ + u_int16_t encapsulation; + u_int16_t auth; + u_int16_t key_len; + u_int16_t key_rounds; +#if 0 /* not implemented yet */ + u_int16_t cmprs_dict_sz; + u_int32_t cmprs_alg; +#endif +}; + +/* IPsec per protocol state information */ +struct ipsec_proto_info { + bool present; /* was this transform specified? */ + struct ipsec_trans_attrs attrs; + ipsec_spi_t our_spi; + u_int16_t keymat_len; /* same for both */ + u_char *our_keymat; + u_char *peer_keymat; +}; + +/* state object: record the state of a (possibly nascent) SA + * + * Invariants (violated only during short transitions): + * - each state object will be in statetable exactly once. + * - each state object will always have a pending event. + * This prevents leaks. + */ +struct state +{ + so_serial_t st_serialno; /* serial number (for seniority) */ + so_serial_t st_clonedfrom; /* serial number of parent */ + + struct connection *st_connection; /* connection for this SA */ + + int st_whack_sock; /* fd for our Whack TCP socket. + * Single copy: close when freeing struct. + */ + + struct msg_digest *st_suspended_md; /* suspended state-transition */ + + struct oakley_trans_attrs st_oakley; + + struct ipsec_proto_info st_ah; + struct ipsec_proto_info st_esp; + struct ipsec_proto_info st_ipcomp; +#ifdef KLIPS + ipsec_spi_t st_tunnel_in_spi; /* KLUDGE */ + ipsec_spi_t st_tunnel_out_spi; /* KLUDGE */ +#endif + + const struct oakley_group_desc *st_pfs_group; /* group for Phase 2 PFS */ + + u_int32_t st_doi; /* Domain of Interpretation */ + u_int32_t st_situation; + + lset_t st_policy; /* policy for IPsec SA */ + + msgid_t st_msgid; /* MSG-ID from header. Network Order! */ + + /* only for a state representing an ISAKMP SA */ + struct msgid_list *st_used_msgids; /* used-up msgids */ + +/* symmetric stuff */ + + /* initiator stuff */ + chunk_t st_gi; /* Initiator public value */ + u_int8_t st_icookie[COOKIE_SIZE];/* Initiator Cookie */ + chunk_t st_ni; /* Ni nonce */ + + /* responder stuff */ + chunk_t st_gr; /* Responder public value */ + u_int8_t st_rcookie[COOKIE_SIZE];/* Responder Cookie */ + chunk_t st_nr; /* Nr nonce */ + + + /* my stuff */ + + chunk_t st_tpacket; /* Transmitted packet */ + + /* Phase 2 ID payload info about my user */ + u_int8_t st_myuserprotoid; /* IDcx.protoid */ + u_int16_t st_myuserport; + + /* his stuff */ + + chunk_t st_rpacket; /* Received packet */ + + /* Phase 2 ID payload info about peer's user */ + u_int8_t st_peeruserprotoid; /* IDcx.protoid */ + u_int16_t st_peeruserport; + +/* end of symmetric stuff */ + + u_int8_t st_sec_in_use; /* bool: does st_sec hold a value */ + MP_INT st_sec; /* Our local secret value */ + + chunk_t st_shared; /* Derived shared secret + * Note: during Quick Mode, + * presence indicates PFS + * selected. + */ + + /* In a Phase 1 state, preserve peer's public key after authentication */ + struct pubkey *st_peer_pubkey; + + enum state_kind st_state; /* State of exchange */ + u_int8_t st_retransmit; /* Number of retransmits */ + unsigned long st_try; /* number of times rekeying attempted */ + /* 0 means the only time */ + time_t st_margin; /* life after EVENT_SA_REPLACE */ + unsigned long st_outbound_count; /* traffic through eroute */ + time_t st_outbound_time; /* time of last change to st_outbound_count */ + chunk_t st_p1isa; /* Phase 1 initiator SA (Payload) for HASH */ + chunk_t st_skeyid; /* Key material */ + chunk_t st_skeyid_d; /* KM for non-ISAKMP key derivation */ + chunk_t st_skeyid_a; /* KM for ISAKMP authentication */ + chunk_t st_skeyid_e; /* KM for ISAKMP encryption */ + u_char st_iv[MAX_DIGEST_LEN]; /* IV for encryption */ + u_char st_new_iv[MAX_DIGEST_LEN]; + u_char st_ph1_iv[MAX_DIGEST_LEN]; /* IV at end if phase 1 */ + unsigned int st_iv_len; + unsigned int st_new_iv_len; + unsigned int st_ph1_iv_len; + + chunk_t st_enc_key; /* Oakley Encryption key */ + + struct event *st_event; /* backpointer for certain events */ + struct state *st_hashchain_next; /* Next in list */ + struct state *st_hashchain_prev; /* Previous in list */ + + struct { + bool vars_set; + bool started; + } st_modecfg; + + struct { + int attempt; + bool started; + bool status; + } st_xauth; + + u_int32_t nat_traversal; + ip_address nat_oa; + + /* RFC 3706 Dead Peer Detection */ + bool st_dpd; /* Peer supports DPD */ + time_t st_last_dpd; /* Time of last DPD transmit */ + u_int32_t st_dpd_seqno; /* Next R_U_THERE to send */ + u_int32_t st_dpd_expectseqno; /* Next R_U_THERE_ACK to receive */ + u_int32_t st_dpd_peerseqno; /* global variables */ + struct event *st_dpd_event; /* backpointer for DPD events */ + + u_int32_t st_seen_vendorid; /* Bit field about recognized Vendor ID */ +}; + +/* global variables */ + +extern u_int16_t pluto_port; /* Pluto's port */ + +extern bool states_use_connection(struct connection *c); + +/* state functions */ + +extern struct state *new_state(void); +extern void init_states(void); +extern void insert_state(struct state *st); +extern void unhash_state(struct state *st); +extern void release_whack(struct state *st); +extern void state_eroute_usage(ip_subnet *ours, ip_subnet *his + , unsigned long count, time_t nw); +extern void delete_state(struct state *st); +extern void delete_states_by_connection(struct connection *c, bool relations); + +extern struct state + *duplicate_state(struct state *st), + *find_state(const u_char *icookie + , const u_char *rcookie + , const ip_address *peer + , msgid_t msgid), + *state_with_serialno(so_serial_t sn), + *find_phase2_state_to_delete(const struct state *p1st, u_int8_t protoid + , ipsec_spi_t spi, bool *bogus), + *find_phase1_state(const struct connection *c, lset_t ok_states), + *find_sender(size_t packet_len, u_char *packet); + +extern void show_states_status(bool all, const char *name); +extern void for_each_state(void *(f)(struct state *, void *data), void *data); +extern void find_my_cpi_gap(cpi_t *latest_cpi, cpi_t *first_busy_cpi); +extern ipsec_spi_t uniquify_his_cpi(ipsec_spi_t cpi, struct state *st); +extern void fmt_state(bool all, struct state *st, time_t n + , char *state_buf, size_t state_buf_len + , char *state_buf2, size_t state_buf_len2); +extern void delete_states_by_peer(ip_address *peer); |