search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
No empty .Rs/.Re
[netbsd-mini2440.git] / sys / netinet6 / esp_input.c
blob9c381d5006e32a9403a5799031eb718cb7ca54db
1 /* $NetBSD: esp_input.c,v 1.48 2009/03/18 15:14:31 cegger Exp $ */
2 /* $KAME: esp_input.c,v 1.60 2001/09/04 08:43:19 itojun Exp $ */
3
4 /*
5 * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
6 * All rights reserved.
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 * 1. Redistributions of source code must retain the above copyright
12 * notice, this list of conditions and the following disclaimer.
13 * 2. Redistributions in binary form must reproduce the above copyright
14 * notice, this list of conditions and the following disclaimer in the
15 * documentation and/or other materials provided with the distribution.
16 * 3. Neither the name of the project nor the names of its contributors
17 * may be used to endorse or promote products derived from this software
18 * without specific prior written permission.
19 *
20 * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND
21 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
22 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
23 * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE
24 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
25 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
26 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
27 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
28 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
29 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
30 * SUCH DAMAGE.
31 */
32
33 /*
34 * RFC1827/2406 Encapsulated Security Payload.
35 */
36
37 #include <sys/cdefs.h>
38 __KERNEL_RCSID(0, "$NetBSD: esp_input.c,v 1.48 2009/03/18 15:14:31 cegger Exp $");
39
40 #include "opt_inet.h"
41 #include "opt_ipsec.h"
42
43 #include <sys/param.h>
44 #include <sys/systm.h>
45 #include <sys/malloc.h>
46 #include <sys/mbuf.h>
47 #include <sys/domain.h>
48 #include <sys/protosw.h>
49 #include <sys/socket.h>
50 #include <sys/errno.h>
51 #include <sys/time.h>
52 #include <sys/kernel.h>
53 #include <sys/syslog.h>
54
55 #include <net/if.h>
56 #include <net/route.h>
57 #include <net/netisr.h>
58 #include <sys/cpu.h>
59
60 #include <netinet/in.h>
61 #include <netinet/in_systm.h>
62 #include <netinet/ip.h>
63 #include <netinet/ip_var.h>
64 #include <netinet/in_var.h>
65 #include <netinet/in_proto.h>
66 #include <netinet/ip_ecn.h>
67 #include <netinet/ip_icmp.h>
68
69 #ifdef INET6
70 #include <netinet/ip6.h>
71 #include <netinet6/ip6_var.h>
72 #include <netinet/icmp6.h>
73 #include <netinet6/ip6protosw.h>
74 #endif
75
76 #include <netinet6/ipsec.h>
77 #include <netinet6/ipsec_private.h>
78 #include <netinet6/ah.h>
79 #include <netinet6/esp.h>
80 #include <netkey/key.h>
81 #include <netkey/keydb.h>
82 #include <netkey/key_debug.h>
83
84 #include <machine/stdarg.h>
85
86 #include <net/net_osdep.h>
87
88 /*#define IPLEN_FLIPPED*/
89
90 #define ESPMAXLEN \
91 (sizeof(struct esp) < sizeof(struct newesp) \
92 ? sizeof(struct newesp) : sizeof(struct esp))
93
94 #ifdef INET
95 void
96 esp4_init(void)
97 {
98
99 ipsec4_init();
100 }
101
102 void
103 #if __STDC__
104 esp4_input(struct mbuf *m, ...)
105 #else
106 esp4_input(m, va_alist)
107 struct mbuf *m;
108 va_dcl
109 #endif
110 {
111 struct ip *ip;
112 struct esp *esp;
113 struct esptail esptail;
114 u_int32_t spi;
115 struct secasvar *sav = NULL;
116 size_t taillen;
117 u_int16_t nxt;
118 const struct esp_algorithm *algo;
119 int ivlen;
120 size_t hlen;
121 size_t esplen;
122 int s;
123 va_list ap;
124 int off;
125 u_int16_t sport = 0;
126 u_int16_t dport = 0;
127 #ifdef IPSEC_NAT_T
128 struct m_tag *tag = NULL;
129 #endif
130
131 va_start(ap, m);
132 off = va_arg(ap, int);
133 (void)va_arg(ap, int); /* ignore value, advance ap */
134 va_end(ap);
135
136 /* sanity check for alignment. */
137 if (off % 4 != 0 || m->m_pkthdr.len % 4 != 0) {
138 ipseclog((LOG_ERR, "IPv4 ESP input: packet alignment problem "
139 "(off=%d, pktlen=%d)\n", off, m->m_pkthdr.len));
140 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
141 goto bad;
142 }
143
144 if (m->m_len < off + ESPMAXLEN) {
145 m = m_pullup(m, off + ESPMAXLEN);
146 if (!m) {
147 ipseclog((LOG_DEBUG,
148 "IPv4 ESP input: can't pullup in esp4_input\n"));
149 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
150 goto bad;
151 }
152 }
153
154 #ifdef IPSEC_NAT_T
155 /* find the source port for NAT_T */
156 if ((tag = m_tag_find(m, PACKET_TAG_IPSEC_NAT_T_PORTS, NULL)) != NULL) {
157 sport = ((u_int16_t *)(tag + 1))[0];
158 dport = ((u_int16_t *)(tag + 1))[1];
159 }
160 #endif
161
162 ip = mtod(m, struct ip *);
163 esp = (struct esp *)(((u_int8_t *)ip) + off);
164 hlen = ip->ip_hl << 2;
165
166 /* find the sassoc. */
167 spi = esp->esp_spi;
168
169 if ((sav = key_allocsa(AF_INET,
170 (void *)&ip->ip_src, (void *)&ip->ip_dst,
171 IPPROTO_ESP, spi, sport, dport)) == 0) {
172 ipseclog((LOG_WARNING,
173 "IPv4 ESP input: no key association found for spi %u\n",
174 (u_int32_t)ntohl(spi)));
175 IPSEC_STATINC(IPSEC_STAT_IN_NOSA);
176 goto bad;
177 }
178 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
179 printf("DP esp4_input called to allocate SA:%p\n", sav));
180 if (sav->state != SADB_SASTATE_MATURE &&
181 sav->state != SADB_SASTATE_DYING) {
182 ipseclog((LOG_DEBUG,
183 "IPv4 ESP input: non-mature/dying SA found for spi %u\n",
184 (u_int32_t)ntohl(spi)));
185 IPSEC_STATINC(IPSEC_STAT_IN_BADSPI);
186 goto bad;
187 }
188 algo = esp_algorithm_lookup(sav->alg_enc);
189 if (!algo) {
190 ipseclog((LOG_DEBUG, "IPv4 ESP input: "
191 "unsupported encryption algorithm for spi %u\n",
192 (u_int32_t)ntohl(spi)));
193 IPSEC_STATINC(IPSEC_STAT_IN_BADSPI);
194 goto bad;
195 }
196
197 /* check if we have proper ivlen information */
198 ivlen = sav->ivlen;
199 if (ivlen < 0) {
200 ipseclog((LOG_ERR, "inproper ivlen in IPv4 ESP input: %s %s\n",
201 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
202 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
203 goto bad;
204 }
205
206 if (!((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay &&
207 sav->alg_auth && sav->key_auth))
208 goto noreplaycheck;
209
210 if (sav->alg_auth == SADB_X_AALG_NULL ||
211 sav->alg_auth == SADB_AALG_NONE)
212 goto noreplaycheck;
213
214 /*
215 * check for sequence number.
216 */
217 if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav))
218 ; /* okey */
219 else {
220 IPSEC_STATINC(IPSEC_STAT_IN_ESPREPLAY);
221 ipseclog((LOG_WARNING,
222 "replay packet in IPv4 ESP input: %s %s\n",
223 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
224 goto bad;
225 }
226
227 /* check ICV */
228 {
229 u_int8_t sum0[AH_MAXSUMSIZE];
230 u_int8_t sum[AH_MAXSUMSIZE];
231 const struct ah_algorithm *sumalgo;
232 size_t siz;
233
234 sumalgo = ah_algorithm_lookup(sav->alg_auth);
235 if (!sumalgo)
236 goto noreplaycheck;
237 siz = (((*sumalgo->sumsiz)(sav) + 3) & ~(4 - 1));
238 if (m->m_pkthdr.len < off + ESPMAXLEN + siz) {
239 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
240 goto bad;
241 }
242 if (AH_MAXSUMSIZE < siz) {
243 ipseclog((LOG_DEBUG,
244 "internal error: AH_MAXSUMSIZE must be larger than %lu\n",
245 (u_long)siz));
246 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
247 goto bad;
248 }
249
250 m_copydata(m, m->m_pkthdr.len - siz, siz, (void *)&sum0[0]);
251
252 if (esp_auth(m, off, m->m_pkthdr.len - off - siz, sav, sum)) {
253 ipseclog((LOG_WARNING, "auth fail in IPv4 ESP input: %s %s\n",
254 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
255 IPSEC_STATINC(IPSEC_STAT_IN_ESPAUTHFAIL);
256 goto bad;
257 }
258
259 if (memcmp(sum0, sum, siz) != 0) {
260 ipseclog((LOG_WARNING, "auth fail in IPv4 ESP input: %s %s\n",
261 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
262 IPSEC_STATINC(IPSEC_STAT_IN_ESPAUTHFAIL);
263 goto bad;
264 }
265
266 /* strip off the authentication data */
267 m_adj(m, -siz);
268 ip = mtod(m, struct ip *);
269 #ifdef IPLEN_FLIPPED
270 ip->ip_len = ip->ip_len - siz;
271 #else
272 ip->ip_len = htons(ntohs(ip->ip_len) - siz);
273 #endif
274 m->m_flags |= M_AUTHIPDGM;
275 IPSEC_STATINC(IPSEC_STAT_IN_ESPAUTHSUCC);
276 }
277
278 /*
279 * update sequence number.
280 */
281 if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) {
282 if (ipsec_updatereplay(ntohl(((struct newesp *)esp)->esp_seq), sav)) {
283 IPSEC_STATINC(IPSEC_STAT_IN_ESPREPLAY);
284 goto bad;
285 }
286 }
287
288 noreplaycheck:
289
290 /* process main esp header. */
291 if (sav->flags & SADB_X_EXT_OLD) {
292 /* RFC 1827 */
293 esplen = sizeof(struct esp);
294 } else {
295 /* RFC 2406 */
296 if (sav->flags & SADB_X_EXT_DERIV)
297 esplen = sizeof(struct esp);
298 else
299 esplen = sizeof(struct newesp);
300 }
301
302 if (m->m_pkthdr.len < off + esplen + ivlen + sizeof(esptail)) {
303 ipseclog((LOG_WARNING,
304 "IPv4 ESP input: packet too short\n"));
305 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
306 goto bad;
307 }
308
309 if (m->m_len < off + esplen + ivlen) {
310 m = m_pullup(m, off + esplen + ivlen);
311 if (!m) {
312 ipseclog((LOG_DEBUG,
313 "IPv4 ESP input: can't pullup in esp4_input\n"));
314 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
315 goto bad;
316 }
317 }
318
319 /*
320 * pre-compute and cache intermediate key
321 */
322 if (esp_schedule(algo, sav) != 0) {
323 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
324 goto bad;
325 }
326
327 /*
328 * decrypt the packet.
329 */
330 if (!algo->decrypt)
331 panic("internal error: no decrypt function");
332 if ((*algo->decrypt)(m, off, sav, algo, ivlen)) {
333 /* m is already freed */
334 m = NULL;
335 ipseclog((LOG_ERR, "decrypt fail in IPv4 ESP input: %s\n",
336 ipsec_logsastr(sav)));
337 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
338 goto bad;
339 }
340 IPSEC_STATINC(IPSEC_STAT_IN_ESPHIST + sav->alg_enc);
341
342 m->m_flags |= M_DECRYPTED;
343
344 /*
345 * find the trailer of the ESP.
346 */
347 m_copydata(m, m->m_pkthdr.len - sizeof(esptail), sizeof(esptail),
348 (void *)&esptail);
349 nxt = esptail.esp_nxt;
350 taillen = esptail.esp_padlen + sizeof(esptail);
351
352 if (m->m_pkthdr.len < taillen ||
353 m->m_pkthdr.len - taillen < off + esplen + ivlen + sizeof(esptail)) {
354 ipseclog((LOG_WARNING,
355 "bad pad length in IPv4 ESP input: %s %s\n",
356 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
357 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
358 goto bad;
359 }
360
361 /* strip off the trailing pad area. */
362 m_adj(m, -taillen);
363
364 #ifdef IPLEN_FLIPPED
365 ip->ip_len = ip->ip_len - taillen;
366 #else
367 ip->ip_len = htons(ntohs(ip->ip_len) - taillen);
368 #endif
369
370 /* was it transmitted over the IPsec tunnel SA? */
371 if (ipsec4_tunnel_validate(ip, nxt, sav)) {
372 /*
373 * strip off all the headers that precedes ESP header.
374 * IP4 xx ESP IP4' payload -> IP4' payload
375 *
376 * XXX more sanity checks
377 * XXX relationship with gif?
378 */
379 u_int8_t tos;
380
381 tos = ip->ip_tos;
382 m_adj(m, off + esplen + ivlen);
383 if (m->m_len < sizeof(*ip)) {
384 m = m_pullup(m, sizeof(*ip));
385 if (!m) {
386 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
387 goto bad;
388 }
389 }
390 ip = mtod(m, struct ip *);
391 /* ECN consideration. */
392 ip_ecn_egress(ip4_ipsec_ecn, &tos, &ip->ip_tos);
393 if (!key_checktunnelsanity(sav, AF_INET,
394 (void *)&ip->ip_src, (void *)&ip->ip_dst)) {
395 ipseclog((LOG_ERR, "ipsec tunnel address mismatch "
396 "in IPv4 ESP input: %s %s\n",
397 ipsec4_logpacketstr(ip, spi), ipsec_logsastr(sav)));
398 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
399 goto bad;
400 }
401
402 key_sa_recordxfer(sav, m);
403 if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 ||
404 ipsec_addhist(m, IPPROTO_IPV4, 0) != 0) {
405 IPSEC_STATINC(IPSEC_STAT_IN_NOMEM);
406 goto bad;
407 }
408
409 s = splnet();
410 if (IF_QFULL(&ipintrq)) {
411 IPSEC_STATINC(IPSEC_STAT_IN_INVAL);
412 splx(s);
413 goto bad;
414 }
415 IF_ENQUEUE(&ipintrq, m);
416 m = NULL;
417 schednetisr(NETISR_IP); /* can be skipped but to make sure */
418 splx(s);
419 nxt = IPPROTO_DONE;
420 } else {
421 /*
422 * strip off ESP header and IV.
423 * even in m_pulldown case, we need to strip off ESP so that
424 * we can always compute checksum for AH correctly.
425 */
426 size_t stripsiz;
427
428 stripsiz = esplen + ivlen;
429
430 ip = mtod(m, struct ip *);
431 ovbcopy((void *)ip, (void *)(((u_char *)ip) + stripsiz), off);
432 m->m_data += stripsiz;
433 m->m_len -= stripsiz;
434 m->m_pkthdr.len -= stripsiz;
435
436 ip = mtod(m, struct ip *);
437 #ifdef IPLEN_FLIPPED
438 ip->ip_len = ip->ip_len - stripsiz;
439 #else
440 ip->ip_len = htons(ntohs(ip->ip_len) - stripsiz);
441 #endif
442 ip->ip_p = nxt;
443
444 key_sa_recordxfer(sav, m);
445 if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0) {
446 IPSEC_STATINC(IPSEC_STAT_IN_NOMEM);
447 goto bad;
448 }
449
450 if (nxt != IPPROTO_DONE) {
451 if ((inetsw[ip_protox[nxt]].pr_flags & PR_LASTHDR) != 0 &&
452 ipsec4_in_reject(m, NULL)) {
453 IPSEC_STATINC(IPSEC_STAT_IN_POLVIO);
454 goto bad;
455 }
456 (*inetsw[ip_protox[nxt]].pr_input)(m, off, nxt);
457 } else
458 m_freem(m);
459 m = NULL;
460 }
461
462 if (sav) {
463 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
464 printf("DP esp4_input call free SA:%p\n", sav));
465 key_freesav(sav);
466 }
467 IPSEC_STATINC(IPSEC_STAT_IN_SUCCESS);
468 return;
469
470 bad:
471 if (sav) {
472 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
473 printf("DP esp4_input call free SA:%p\n", sav));
474 key_freesav(sav);
475 }
476 if (m)
477 m_freem(m);
478 return;
479 }
480
481 /* assumes that ip header and esp header are contiguous on mbuf */
482 void *
483 esp4_ctlinput(int cmd, const struct sockaddr *sa, void *v)
484 {
485 struct ip *ip = v;
486 struct esp *esp;
487 struct icmp *icp;
488 struct secasvar *sav;
489
490 if (sa->sa_family != AF_INET ||
491 sa->sa_len != sizeof(struct sockaddr_in))
492 return NULL;
493 if ((unsigned)cmd >= PRC_NCMDS)
494 return NULL;
495 if (cmd == PRC_MSGSIZE && ip_mtudisc && ip && ip->ip_v == 4) {
496 /*
497 * Check to see if we have a valid SA corresponding to
498 * the address in the ICMP message payload.
499 */
500 esp = (struct esp *)((char *)ip + (ip->ip_hl << 2));
501 if ((sav = key_allocsa(AF_INET,
502 (void *) &ip->ip_src,
503 (void *) &ip->ip_dst,
504 IPPROTO_ESP, esp->esp_spi,
505 0, 0)) == NULL)
506 return NULL;
507 if (sav->state != SADB_SASTATE_MATURE &&
508 sav->state != SADB_SASTATE_DYING) {
509 key_freesav(sav);
510 return NULL;
511 }
512
513 /* XXX Further validation? */
514
515 key_freesav(sav);
516
517 /*
518 * Now that we've validated that we are actually communicating
519 * with the host indicated in the ICMP message, locate the
520 * ICMP header, recalculate the new MTU, and create the
521 * corresponding routing entry.
522 */
523 icp = (struct icmp *)((char *)ip -
524 offsetof(struct icmp, icmp_ip));
525 icmp_mtudisc(icp, ip->ip_dst);
526
527 return NULL;
528 }
529
530 return NULL;
531 }
532
533 #endif /* INET */
534
535 #ifdef INET6
536 void
537 esp6_init(void)
538 {
539
540 ipsec6_init();
541 }
542
543 int
544 esp6_input(struct mbuf **mp, int *offp, int proto)
545 {
546 struct mbuf *m = *mp;
547 int off = *offp;
548 struct ip6_hdr *ip6;
549 struct esp *esp;
550 struct esptail esptail;
551 u_int32_t spi;
552 struct secasvar *sav = NULL;
553 size_t taillen;
554 u_int16_t nxt;
555 const struct esp_algorithm *algo;
556 int ivlen;
557 size_t esplen;
558 int s;
559
560 /* sanity check for alignment. */
561 if (off % 4 != 0 || m->m_pkthdr.len % 4 != 0) {
562 ipseclog((LOG_ERR, "IPv6 ESP input: packet alignment problem "
563 "(off=%d, pktlen=%d)\n", off, m->m_pkthdr.len));
564 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
565 goto bad;
566 }
567
568 IP6_EXTHDR_GET(esp, struct esp *, m, off, ESPMAXLEN);
569 if (esp == NULL) {
570 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
571 return IPPROTO_DONE;
572 }
573 ip6 = mtod(m, struct ip6_hdr *);
574
575 if (ntohs(ip6->ip6_plen) == 0) {
576 ipseclog((LOG_ERR, "IPv6 ESP input: "
577 "ESP with IPv6 jumbogram is not supported.\n"));
578 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
579 goto bad;
580 }
581
582 /* find the sassoc. */
583 spi = esp->esp_spi;
584
585 if ((sav = key_allocsa(AF_INET6,
586 (void *)&ip6->ip6_src, (void *)&ip6->ip6_dst,
587 IPPROTO_ESP, spi, 0, 0)) == 0) {
588 ipseclog((LOG_WARNING,
589 "IPv6 ESP input: no key association found for spi %u\n",
590 (u_int32_t)ntohl(spi)));
591 IPSEC6_STATINC(IPSEC_STAT_IN_NOSA);
592 goto bad;
593 }
594 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
595 printf("DP esp6_input called to allocate SA:%p\n", sav));
596 if (sav->state != SADB_SASTATE_MATURE &&
597 sav->state != SADB_SASTATE_DYING) {
598 ipseclog((LOG_DEBUG,
599 "IPv6 ESP input: non-mature/dying SA found for spi %u\n",
600 (u_int32_t)ntohl(spi)));
601 IPSEC6_STATINC(IPSEC_STAT_IN_BADSPI);
602 goto bad;
603 }
604 algo = esp_algorithm_lookup(sav->alg_enc);
605 if (!algo) {
606 ipseclog((LOG_DEBUG, "IPv6 ESP input: "
607 "unsupported encryption algorithm for spi %u\n",
608 (u_int32_t)ntohl(spi)));
609 IPSEC6_STATINC(IPSEC_STAT_IN_BADSPI);
610 goto bad;
611 }
612
613 /* check if we have proper ivlen information */
614 ivlen = sav->ivlen;
615 if (ivlen < 0) {
616 ipseclog((LOG_ERR, "inproper ivlen in IPv6 ESP input: %s %s\n",
617 ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
618 IPSEC6_STATINC(IPSEC_STAT_IN_BADSPI);
619 goto bad;
620 }
621
622 if (!((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay &&
623 sav->alg_auth && sav->key_auth))
624 goto noreplaycheck;
625
626 if (sav->alg_auth == SADB_X_AALG_NULL ||
627 sav->alg_auth == SADB_AALG_NONE)
628 goto noreplaycheck;
629
630 /*
631 * check for sequence number.
632 */
633 if (ipsec_chkreplay(ntohl(((struct newesp *)esp)->esp_seq), sav))
634 ; /* okey */
635 else {
636 IPSEC6_STATINC(IPSEC_STAT_IN_ESPREPLAY);
637 ipseclog((LOG_WARNING,
638 "replay packet in IPv6 ESP input: %s %s\n",
639 ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
640 goto bad;
641 }
642
643 /* check ICV */
644 {
645 u_char sum0[AH_MAXSUMSIZE];
646 u_char sum[AH_MAXSUMSIZE];
647 const struct ah_algorithm *sumalgo;
648 size_t siz;
649
650 sumalgo = ah_algorithm_lookup(sav->alg_auth);
651 if (!sumalgo)
652 goto noreplaycheck;
653 siz = (((*sumalgo->sumsiz)(sav) + 3) & ~(4 - 1));
654 if (m->m_pkthdr.len < off + ESPMAXLEN + siz) {
655 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
656 goto bad;
657 }
658 if (AH_MAXSUMSIZE < siz) {
659 ipseclog((LOG_DEBUG,
660 "internal error: AH_MAXSUMSIZE must be larger than %lu\n",
661 (u_long)siz));
662 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
663 goto bad;
664 }
665
666 m_copydata(m, m->m_pkthdr.len - siz, siz, (void *)&sum0[0]);
667
668 if (esp_auth(m, off, m->m_pkthdr.len - off - siz, sav, sum)) {
669 ipseclog((LOG_WARNING, "auth fail in IPv6 ESP input: %s %s\n",
670 ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
671 IPSEC6_STATINC(IPSEC_STAT_IN_ESPAUTHFAIL);
672 goto bad;
673 }
674
675 if (memcmp(sum0, sum, siz) != 0) {
676 ipseclog((LOG_WARNING, "auth fail in IPv6 ESP input: %s %s\n",
677 ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
678 IPSEC6_STATINC(IPSEC_STAT_IN_ESPAUTHFAIL);
679 goto bad;
680 }
681
682 /* strip off the authentication data */
683 m_adj(m, -siz);
684 ip6 = mtod(m, struct ip6_hdr *);
685 ip6->ip6_plen = htons(ntohs(ip6->ip6_plen) - siz);
686
687 m->m_flags |= M_AUTHIPDGM;
688 IPSEC6_STATINC(IPSEC_STAT_IN_ESPAUTHSUCC);
689 }
690
691 /*
692 * update sequence number.
693 */
694 if ((sav->flags & SADB_X_EXT_OLD) == 0 && sav->replay) {
695 if (ipsec_updatereplay(ntohl(((struct newesp *)esp)->esp_seq), sav)) {
696 IPSEC6_STATINC(IPSEC_STAT_IN_ESPREPLAY);
697 goto bad;
698 }
699 }
700
701 noreplaycheck:
702
703 /* process main esp header. */
704 if (sav->flags & SADB_X_EXT_OLD) {
705 /* RFC 1827 */
706 esplen = sizeof(struct esp);
707 } else {
708 /* RFC 2406 */
709 if (sav->flags & SADB_X_EXT_DERIV)
710 esplen = sizeof(struct esp);
711 else
712 esplen = sizeof(struct newesp);
713 }
714
715 if (m->m_pkthdr.len < off + esplen + ivlen + sizeof(esptail)) {
716 ipseclog((LOG_WARNING,
717 "IPv6 ESP input: packet too short\n"));
718 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
719 goto bad;
720 }
721
722 IP6_EXTHDR_GET(esp, struct esp *, m, off, esplen + ivlen);
723 if (esp == NULL) {
724 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
725 m = NULL;
726 goto bad;
727 }
728 ip6 = mtod(m, struct ip6_hdr *); /* set it again just in case */
729
730 /*
731 * pre-compute and cache intermediate key
732 */
733 if (esp_schedule(algo, sav) != 0) {
734 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
735 goto bad;
736 }
737
738 /*
739 * decrypt the packet.
740 */
741 if (!algo->decrypt)
742 panic("internal error: no decrypt function");
743 if ((*algo->decrypt)(m, off, sav, algo, ivlen)) {
744 /* m is already freed */
745 m = NULL;
746 ipseclog((LOG_ERR, "decrypt fail in IPv6 ESP input: %s\n",
747 ipsec_logsastr(sav)));
748 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
749 goto bad;
750 }
751 IPSEC6_STATINC(IPSEC_STAT_IN_ESPHIST + sav->alg_enc);
752
753 m->m_flags |= M_DECRYPTED;
754
755 /*
756 * find the trailer of the ESP.
757 */
758 m_copydata(m, m->m_pkthdr.len - sizeof(esptail), sizeof(esptail),
759 (void *)&esptail);
760 nxt = esptail.esp_nxt;
761 taillen = esptail.esp_padlen + sizeof(esptail);
762
763 if (m->m_pkthdr.len < taillen
764 || m->m_pkthdr.len - taillen < sizeof(struct ip6_hdr)) { /* ? */
765 ipseclog((LOG_WARNING,
766 "bad pad length in IPv6 ESP input: %s %s\n",
767 ipsec6_logpacketstr(ip6, spi), ipsec_logsastr(sav)));
768 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
769 goto bad;
770 }
771
772 /* strip off the trailing pad area. */
773 m_adj(m, -taillen);
774
775 ip6->ip6_plen = htons(ntohs(ip6->ip6_plen) - taillen);
776
777 /* was it transmitted over the IPsec tunnel SA? */
778 if (ipsec6_tunnel_validate(ip6, nxt, sav)) {
779 /*
780 * strip off all the headers that precedes ESP header.
781 * IP6 xx ESP IP6' payload -> IP6' payload
782 *
783 * XXX more sanity checks
784 * XXX relationship with gif?
785 */
786 u_int32_t flowinfo; /* net endian */
787 flowinfo = ip6->ip6_flow;
788 m_adj(m, off + esplen + ivlen);
789 if (m->m_len < sizeof(*ip6)) {
790 m = m_pullup(m, sizeof(*ip6));
791 if (!m) {
792 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
793 goto bad;
794 }
795 }
796 ip6 = mtod(m, struct ip6_hdr *);
797 /* ECN consideration. */
798 ip6_ecn_egress(ip6_ipsec_ecn, &flowinfo, &ip6->ip6_flow);
799 if (!key_checktunnelsanity(sav, AF_INET6,
800 (void *)&ip6->ip6_src, (void *)&ip6->ip6_dst)) {
801 ipseclog((LOG_ERR, "ipsec tunnel address mismatch "
802 "in IPv6 ESP input: %s %s\n",
803 ipsec6_logpacketstr(ip6, spi),
804 ipsec_logsastr(sav)));
805 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
806 goto bad;
807 }
808
809 key_sa_recordxfer(sav, m);
810 if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0 ||
811 ipsec_addhist(m, IPPROTO_IPV6, 0) != 0) {
812 IPSEC6_STATINC(IPSEC_STAT_IN_NOMEM);
813 goto bad;
814 }
815
816 s = splnet();
817 if (IF_QFULL(&ip6intrq)) {
818 IPSEC6_STATINC(IPSEC_STAT_IN_INVAL);
819 splx(s);
820 goto bad;
821 }
822 IF_ENQUEUE(&ip6intrq, m);
823 m = NULL;
824 schednetisr(NETISR_IPV6); /* can be skipped but to make sure */
825 splx(s);
826 nxt = IPPROTO_DONE;
827 } else {
828 /*
829 * strip off ESP header and IV.
830 * even in m_pulldown case, we need to strip off ESP so that
831 * we can always compute checksum for AH correctly.
832 */
833 size_t stripsiz;
834 u_int8_t *prvnxtp;
835
836 /*
837 * Set the next header field of the previous header correctly.
838 */
839 prvnxtp = ip6_get_prevhdr(m, off); /* XXX */
840 *prvnxtp = nxt;
841
842 stripsiz = esplen + ivlen;
843
844 ip6 = mtod(m, struct ip6_hdr *);
845 if (m->m_len >= stripsiz + off) {
846 (void)memmove((char *)ip6 + stripsiz, ip6, off);
847 m->m_data += stripsiz;
848 m->m_len -= stripsiz;
849 m->m_pkthdr.len -= stripsiz;
850 } else {
851 /*
852 * this comes with no copy if the boundary is on
853 * cluster
854 */
855 struct mbuf *n;
856
857 n = m_split(m, off, M_DONTWAIT);
858 if (n == NULL) {
859 /* m is retained by m_split */
860 goto bad;
861 }
862 m_adj(n, stripsiz);
863 /* m_cat does not update m_pkthdr.len */
864 m->m_pkthdr.len += n->m_pkthdr.len;
865 m_cat(m, n);
866 }
867
868 ip6 = mtod(m, struct ip6_hdr *);
869 ip6->ip6_plen = htons(ntohs(ip6->ip6_plen) - stripsiz);
870
871 key_sa_recordxfer(sav, m);
872 if (ipsec_addhist(m, IPPROTO_ESP, spi) != 0) {
873 IPSEC6_STATINC(IPSEC_STAT_IN_NOMEM);
874 goto bad;
875 }
876 }
877
878 *offp = off;
879 *mp = m;
880
881 if (sav) {
882 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
883 printf("DP esp6_input call free SA:%p\n", sav));
884 key_freesav(sav);
885 }
886 IPSEC6_STATINC(IPSEC_STAT_IN_SUCCESS);
887 return nxt;
888
889 bad:
890 if (sav) {
891 KEYDEBUG(KEYDEBUG_IPSEC_STAMP,
892 printf("DP esp6_input call free SA:%p\n", sav));
893 key_freesav(sav);
894 }
895 if (m)
896 m_freem(m);
897 return IPPROTO_DONE;
898 }
899
900 void *
901 esp6_ctlinput(int cmd, const struct sockaddr *sa, void *d)
902 {
903 const struct newesp *espp;
904 struct newesp esp;
905 struct ip6ctlparam *ip6cp = NULL, ip6cp1;
906 struct secasvar *sav;
907 struct ip6_hdr *ip6;
908 struct mbuf *m;
909 int off;
910 const struct sockaddr_in6 *sa6_src, *sa6_dst;
911
912 if (sa->sa_family != AF_INET6 ||
913 sa->sa_len != sizeof(struct sockaddr_in6))
914 return NULL;
915 if ((unsigned)cmd >= PRC_NCMDS)
916 return NULL;
917
918 /* if the parameter is from icmp6, decode it. */
919 if (d != NULL) {
920 ip6cp = (struct ip6ctlparam *)d;
921 m = ip6cp->ip6c_m;
922 ip6 = ip6cp->ip6c_ip6;
923 off = ip6cp->ip6c_off;
924 } else {
925 m = NULL;
926 ip6 = NULL;
927 off = 0;
928 }
929
930 if (ip6) {
931 /*
932 * Notify the error to all possible sockets via pfctlinput2.
933 * Since the upper layer information (such as protocol type,
934 * source and destination ports) is embedded in the encrypted
935 * data and might have been cut, we can't directly call
936 * an upper layer ctlinput function. However, the pcbnotify
937 * function will consider source and destination addresses
938 * as well as the flow info value, and may be able to find
939 * some PCB that should be notified.
940 * Although pfctlinput2 will call esp6_ctlinput(), there is
941 * no possibility of an infinite loop of function calls,
942 * because we don't pass the inner IPv6 header.
943 */
944 memset(&ip6cp1, 0, sizeof(ip6cp1));
945 ip6cp1.ip6c_src = ip6cp->ip6c_src;
946 pfctlinput2(cmd, sa, (void *)&ip6cp1);
947
948 /*
949 * Then go to special cases that need ESP header information.
950 * XXX: We assume that when ip6 is non NULL,
951 * M and OFF are valid.
952 */
953
954 /* check if we can safely examine src and dst ports */
955 if (m->m_pkthdr.len < off + sizeof(esp))
956 return NULL;
957
958 if (m->m_len < off + sizeof(esp)) {
959 /*
960 * this should be rare case,
961 * so we compromise on this copy...
962 */
963 m_copydata(m, off, sizeof(esp), (void *)&esp);
964 espp = &esp;
965 } else
966 espp = (struct newesp*)(mtod(m, char *) + off);
967
968 if (cmd == PRC_MSGSIZE) {
969 int valid = 0;
970
971 /*
972 * Check to see if we have a valid SA corresponding to
973 * the address in the ICMP message payload.
974 */
975 sa6_src = ip6cp->ip6c_src;
976 sa6_dst = (const struct sockaddr_in6 *)sa;
977 sav = key_allocsa(AF_INET6,
978 (const void *)&sa6_src->sin6_addr,
979 (const void *)&sa6_dst->sin6_addr,
980 IPPROTO_ESP, espp->esp_spi, 0, 0);
981 if (sav) {
982 if (sav->state == SADB_SASTATE_MATURE ||
983 sav->state == SADB_SASTATE_DYING)
984 valid++;
985 key_freesav(sav);
986 }
987
988 /* XXX Further validation? */
989
990 /*
991 * Depending on the value of "valid" and routing table
992 * size (mtudisc_{hi,lo}wat), we will:
993 * - recalcurate the new MTU and create the
994 * corresponding routing entry, or
995 * - ignore the MTU change notification.
996 */
997 icmp6_mtudisc_update((struct ip6ctlparam *)d, valid);
998 }
999 } else {
1000 /* we normally notify any pcb here */
1001 }
1002
1003 return NULL;
1004 }
1005 #endif /* INET6 */
NetBSD on the FriendlyARM MINI2440