Sync usage with man page.
[netbsd-mini2440.git] / crypto / dist / ipsec-tools / src / racoon / isakmp_frag.c
blobf44dd2968bd4cde1dc767524d1918c9e30bb0388
1 /* $NetBSD: isakmp_frag.c,v 1.4 2006/09/09 16:22:09 manu Exp $ */
3 /* Id: isakmp_frag.c,v 1.4 2004/11/13 17:31:36 manubsd Exp */
5 /*
6 * Copyright (C) 2004 Emmanuel Dreyfus
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 * 3. Neither the name of the project nor the names of its contributors
18 * may be used to endorse or promote products derived from this software
19 * without specific prior written permission.
21 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
22 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
25 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31 * SUCH DAMAGE.
34 #include "config.h"
36 #include <sys/types.h>
37 #include <sys/param.h>
38 #include <sys/socket.h>
39 #include <sys/queue.h>
41 #include <netinet/in.h>
42 #include <arpa/inet.h>
44 #include <openssl/md5.h>
46 #include <stdlib.h>
47 #include <stdio.h>
48 #include <fcntl.h>
49 #include <string.h>
50 #include <errno.h>
51 #if TIME_WITH_SYS_TIME
52 # include <sys/time.h>
53 # include <time.h>
54 #else
55 # if HAVE_SYS_TIME_H
56 # include <sys/time.h>
57 # else
58 # include <time.h>
59 # endif
60 #endif
61 #include <netdb.h>
62 #ifdef HAVE_UNISTD_H
63 #include <unistd.h>
64 #endif
65 #include <ctype.h>
67 #include "var.h"
68 #include "misc.h"
69 #include "vmbuf.h"
70 #include "plog.h"
71 #include "sockmisc.h"
72 #include "schedule.h"
73 #include "debug.h"
75 #include "isakmp_var.h"
76 #include "isakmp.h"
77 #include "handler.h"
78 #include "isakmp_frag.h"
79 #include "strnames.h"
81 int
82 isakmp_sendfrags(iph1, buf)
83 struct ph1handle *iph1;
84 vchar_t *buf;
86 struct isakmp *hdr;
87 struct isakmp_frag *fraghdr;
88 caddr_t data;
89 caddr_t sdata;
90 size_t datalen;
91 size_t max_datalen;
92 size_t fraglen;
93 vchar_t *frag;
94 unsigned int trailer;
95 unsigned int fragnum = 0;
96 size_t len;
97 int etype;
100 * Catch the exchange type for later: the fragments and the
101 * fragmented packet must have the same exchange type.
103 hdr = (struct isakmp *)buf->v;
104 etype = hdr->etype;
107 * We want to send a a packet smaller than ISAKMP_FRAG_MAXLEN
108 * First compute the maximum data length that will fit in it
110 max_datalen = ISAKMP_FRAG_MAXLEN -
111 (sizeof(*hdr) + sizeof(*fraghdr) + sizeof(trailer));
113 sdata = buf->v;
114 len = buf->l;
116 while (len > 0) {
117 fragnum++;
119 if (len > max_datalen)
120 datalen = max_datalen;
121 else
122 datalen = len;
124 fraglen = sizeof(*hdr)
125 + sizeof(*fraghdr)
126 + datalen;
128 if ((frag = vmalloc(fraglen)) == NULL) {
129 plog(LLV_ERROR, LOCATION, NULL,
130 "Cannot allocate memory\n");
131 return -1;
134 set_isakmp_header1(frag, iph1, ISAKMP_NPTYPE_FRAG);
135 hdr = (struct isakmp *)frag->v;
136 hdr->etype = etype;
138 fraghdr = (struct isakmp_frag *)(hdr + 1);
139 fraghdr->unknown0 = htons(0);
140 fraghdr->len = htons(fraglen - sizeof(*hdr));
141 fraghdr->unknown1 = htons(1);
142 fraghdr->index = fragnum;
143 if (len == datalen)
144 fraghdr->flags = ISAKMP_FRAG_LAST;
145 else
146 fraghdr->flags = 0;
148 data = (caddr_t)(fraghdr + 1);
149 memcpy(data, sdata, datalen);
151 if (isakmp_send(iph1, frag) < 0) {
152 plog(LLV_ERROR, LOCATION, NULL, "isakmp_send failed\n");
153 return -1;
156 vfree(frag);
158 len -= datalen;
159 sdata += datalen;
162 return fragnum;
165 unsigned int
166 vendorid_frag_cap(gen)
167 struct isakmp_gen *gen;
169 int *hp;
171 hp = (int *)(gen + 1);
173 return ntohl(hp[MD5_DIGEST_LENGTH / sizeof(*hp)]);
176 int
177 isakmp_frag_extract(iph1, msg)
178 struct ph1handle *iph1;
179 vchar_t *msg;
181 struct isakmp *isakmp;
182 struct isakmp_frag *frag;
183 struct isakmp_frag_item *item;
184 vchar_t *buf;
185 size_t len;
186 int last_frag = 0;
187 char *data;
188 int i;
190 if (msg->l < sizeof(*isakmp) + sizeof(*frag)) {
191 plog(LLV_ERROR, LOCATION, NULL, "Message too short\n");
192 return -1;
195 isakmp = (struct isakmp *)msg->v;
196 frag = (struct isakmp_frag *)(isakmp + 1);
199 * frag->len is the frag payload data plus the frag payload header,
200 * whose size is sizeof(*frag)
202 if (msg->l < sizeof(*isakmp) + ntohs(frag->len) ||
203 ntohs(frag->len) < sizeof(*frag) + 1) {
204 plog(LLV_ERROR, LOCATION, NULL, "Fragment too short\n");
205 return -1;
208 if ((buf = vmalloc(ntohs(frag->len) - sizeof(*frag))) == NULL) {
209 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
210 return -1;
213 if ((item = racoon_malloc(sizeof(*item))) == NULL) {
214 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
215 vfree(buf);
216 return -1;
219 data = (char *)(frag + 1);
220 memcpy(buf->v, data, buf->l);
222 item->frag_num = frag->index;
223 item->frag_last = (frag->flags & ISAKMP_FRAG_LAST);
224 item->frag_next = NULL;
225 item->frag_packet = buf;
227 /* Look for the last frag while inserting the new item in the chain */
228 if (item->frag_last)
229 last_frag = item->frag_num;
231 if (iph1->frag_chain == NULL) {
232 iph1->frag_chain = item;
233 } else {
234 struct isakmp_frag_item *current;
236 current = iph1->frag_chain;
237 while (current->frag_next) {
238 if (current->frag_last)
239 last_frag = item->frag_num;
240 current = current->frag_next;
242 current->frag_next = item;
245 /* If we saw the last frag, check if the chain is complete */
246 if (last_frag != 0) {
247 for (i = 1; i <= last_frag; i++) {
248 item = iph1->frag_chain;
249 do {
250 if (item->frag_num == i)
251 break;
252 item = item->frag_next;
253 } while (item != NULL);
255 if (item == NULL) /* Not found */
256 break;
259 if (item != NULL) /* It is complete */
260 return 1;
263 return 0;
266 vchar_t *
267 isakmp_frag_reassembly(iph1)
268 struct ph1handle *iph1;
270 struct isakmp_frag_item *item;
271 size_t len = 0;
272 vchar_t *buf = NULL;
273 int frag_count = 0;
274 int i;
275 char *data;
277 if ((item = iph1->frag_chain) == NULL) {
278 plog(LLV_ERROR, LOCATION, NULL, "No fragment to reassemble\n");
279 goto out;
282 do {
283 frag_count++;
284 len += item->frag_packet->l;
285 item = item->frag_next;
286 } while (item != NULL);
288 if ((buf = vmalloc(len)) == NULL) {
289 plog(LLV_ERROR, LOCATION, NULL, "Cannot allocate memory\n");
290 goto out;
292 data = buf->v;
294 for (i = 1; i <= frag_count; i++) {
295 item = iph1->frag_chain;
296 do {
297 if (item->frag_num == i)
298 break;
299 item = item->frag_next;
300 } while (item != NULL);
302 if (item == NULL) {
303 plog(LLV_ERROR, LOCATION, NULL,
304 "Missing fragment #%d\n", i);
305 vfree(buf);
306 buf = NULL;
307 goto out;
309 memcpy(data, item->frag_packet->v, item->frag_packet->l);
310 data += item->frag_packet->l;
313 out:
314 item = iph1->frag_chain;
315 do {
316 struct isakmp_frag_item *next_item;
318 next_item = item->frag_next;
320 vfree(item->frag_packet);
321 racoon_free(item);
323 item = next_item;
324 } while (item != NULL);
326 iph1->frag_chain = NULL;
328 return buf;
331 vchar_t *
332 isakmp_frag_addcap(buf, cap)
333 vchar_t *buf;
334 int cap;
336 int *capp;
337 size_t len;
339 /* If the capability has not been added, add room now */
340 len = buf->l;
341 if (len == MD5_DIGEST_LENGTH) {
342 if ((buf = vrealloc(buf, len + sizeof(cap))) == NULL) {
343 plog(LLV_ERROR, LOCATION, NULL,
344 "Cannot allocate memory\n");
345 return NULL;
347 capp = (int *)(buf->v + len);
348 *capp = htonl(0);
351 capp = (int *)(buf->v + MD5_DIGEST_LENGTH);
352 *capp |= htonl(cap);
354 return buf;