c0618c8003f275f5db3f34ac52606da3010ce9cd
[strongswan.git] / Source / charon / message.c
1 /**
2 * @file message.c
3 *
4 * @brief Class message_t. Object of this type represents an IKEv2-Message.
5 *
6 */
7
8 /*
9 * Copyright (C) 2005 Jan Hutter, Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include <stdlib.h>
24
25 #include "message.h"
26
27 #include "types.h"
28 #include "globals.h"
29 #include "ike_sa_id.h"
30 #include "generator.h"
31 #include "utils/linked_list.h"
32 #include "utils/allocator.h"
33 #include "utils/logger_manager.h"
34 #include "payloads/encodings.h"
35 #include "payloads/payload.h"
36 #include "parser.h"
37
38
39 /**
40 * Supported payload entry used in message_rule_t
41 *
42 */
43 typedef struct supported_payload_entry_s supported_payload_entry_t;
44
45 struct supported_payload_entry_s {
46 /**
47 * Payload type
48 */
49 payload_type_t payload_type;
50
51 /**
52 * Minimal occurence of this payload
53 */
54 size_t min_occurence;
55
56 /**
57 * Max occurence of this payload
58 */
59 size_t max_occurence;
60 };
61
62 /**
63 * Message Rule used to find out which payloads are supported by each message type
64 *
65 */
66 typedef struct message_rule_s message_rule_t;
67
68 struct message_rule_s {
69 /**
70 * Type of message
71 */
72 exchange_type_t exchange_type;
73
74 /**
75 * Is message a request or response
76 */
77 bool is_request;
78 /**
79 * Number of supported payloads
80 */
81 size_t supported_payloads_count;
82 /**
83 * Pointer to first supported payload entry
84 */
85 supported_payload_entry_t *supported_payloads;
86 };
87
88
89 static supported_payload_entry_t supported_ike_sa_init_i_payloads[] =
90 {
91 {SECURITY_ASSOCIATION,1,1},
92 {KEY_EXCHANGE,1,1},
93 {NONCE,1,1},
94 };
95
96 static supported_payload_entry_t supported_ike_sa_init_r_payloads[] =
97 {
98 {SECURITY_ASSOCIATION,1,1},
99 {KEY_EXCHANGE,1,1},
100 {NONCE,1,1},
101 };
102
103 static message_rule_t message_rules[] = {
104 {IKE_SA_INIT,TRUE,(sizeof(supported_ike_sa_init_i_payloads)/sizeof(supported_payload_entry_t)),supported_ike_sa_init_i_payloads},
105 {IKE_SA_INIT,FALSE,(sizeof(supported_ike_sa_init_r_payloads)/sizeof(supported_payload_entry_t)),supported_ike_sa_init_r_payloads}
106 };
107
108 /**
109 * Entry for a payload in the internal used linked list
110 *
111 */
112 typedef struct payload_entry_s payload_entry_t;
113
114 struct payload_entry_s {
115 /**
116 * Type of payload
117 */
118 payload_type_t payload_type;
119 /**
120 * Data struct holding the data of given payload
121 */
122 void *data_struct;
123 };
124
125
126 /**
127 * Private data of an message_t object
128 */
129 typedef struct private_message_s private_message_t;
130
131 struct private_message_s {
132
133 /**
134 * Public part of a message_t object
135 */
136 message_t public;
137
138
139 /**
140 * Minor version of message
141 */
142 u_int8_t major_version;
143
144 /**
145 * Major version of message
146 */
147 u_int8_t minor_version;
148
149 /**
150 * First Payload in message
151 */
152 payload_type_t first_payload;
153
154 /**
155 * Assigned exchange type
156 */
157 exchange_type_t exchange_type;
158
159
160 /**
161 * TRUE if message is request.
162 * FALSE if message is reply.
163 */
164 bool is_request;
165
166 /**
167 * Message ID of this message
168 */
169 u_int32_t message_id;
170
171 /**
172 * ID of assigned IKE_SA
173 */
174 ike_sa_id_t *ike_sa_id;
175
176 /**
177 * Assigned UDP packet.
178 *
179 * Stores incoming packet or last generated one.
180 */
181 packet_t *packet;
182
183 /**
184 * Linked List where payload data are stored in
185 */
186 linked_list_t *payloads;
187
188 /**
189 * Assigned parser to parse Header and Body of this message
190 */
191 parser_t *parser;
192
193 /**
194 * logger for this message
195 */
196 logger_t *logger;
197
198 /**
199 * Gets a list of supported payloads of this message type
200 *
201 * @param this calling object
202 * @param[out] supported_payloads first entry of supported payloads
203 * @param[out] supported_payloads_count number of supported payload entries
204 *
205 * @return SUCCESS
206 * NOT_FOUND if no supported payload definition could be found
207 */
208 status_t (*get_supported_payloads) (private_message_t *this, supported_payload_entry_t **supported_payloads,size_t *supported_payloads_count);
209
210 };
211
212 /**
213 * Implements private_message_t's get_supported_payloads function.
214 * See #private_message_t.get_supported_payloads.
215 */
216 status_t get_supported_payloads (private_message_t *this, supported_payload_entry_t **supported_payloads,size_t *supported_payloads_count)
217 {
218 int i;
219 exchange_type_t exchange_type = this->public.get_exchange_type(&(this->public));
220 bool is_request = this->public.get_request(&(this->public));
221
222
223 for (i = 0; i < (sizeof(message_rules) / sizeof(message_rule_t)); i++)
224 {
225 if ((exchange_type == message_rules[i].exchange_type) &&
226 (is_request == message_rules[i].is_request))
227 {
228 /* found rule for given exchange_type*/
229 *supported_payloads = message_rules[i].supported_payloads;
230 *supported_payloads_count = message_rules[i].supported_payloads_count;
231
232 return SUCCESS;
233 }
234
235
236 }
237 *supported_payloads = NULL;
238 *supported_payloads_count = 0;
239 return NOT_FOUND;
240 }
241
242 /**
243 * Implements message_t's set_ike_sa_id function.
244 * See #message_s.set_ike_sa_id.
245 */
246 static status_t set_ike_sa_id (private_message_t *this,ike_sa_id_t *ike_sa_id)
247 {
248 status_t status;
249 status = ike_sa_id->clone(ike_sa_id,&(this->ike_sa_id));
250 return status;
251 }
252
253 /**
254 * Implements message_t's get_ike_sa_id function.
255 * See #message_s.get_ike_sa_id.
256 */
257 static status_t get_ike_sa_id (private_message_t *this,ike_sa_id_t **ike_sa_id)
258 {
259 status_t status;
260 if (this->ike_sa_id == NULL)
261 {
262 return FAILED;
263 }
264 status = this->ike_sa_id->clone(this->ike_sa_id,ike_sa_id);
265 return status;
266 }
267
268
269 /**
270 * Implements message_t's set_message_id function.
271 * See #message_s.set_message_id.
272 */
273 static status_t set_message_id (private_message_t *this,u_int32_t message_id)
274 {
275 this->message_id = message_id;
276 return SUCCESS;
277 }
278
279
280 /**
281 * Implements message_t's set_message_id function.
282 * See #message_s.set_message_id.
283 */
284 static u_int32_t get_message_id (private_message_t *this)
285 {
286 return this->message_id;
287 }
288
289 /**
290 * Implements message_t's set_major_version function.
291 * See #message_s.set_major_version.
292 */
293 static status_t set_major_version (private_message_t *this,u_int8_t major_version)
294 {
295 this->major_version = major_version;
296 return SUCCESS;
297 }
298
299
300 /**
301 * Implements message_t's get_major_version function.
302 * See #message_s.get_major_version.
303 */
304 static u_int8_t get_major_version (private_message_t *this)
305 {
306 return this->major_version;
307 }
308
309 /**
310 * Implements message_t's set_minor_version function.
311 * See #message_s.set_minor_version.
312 */
313 static status_t set_minor_version (private_message_t *this,u_int8_t minor_version)
314 {
315 this->minor_version = minor_version;
316 return SUCCESS;
317 }
318
319
320 /**
321 * Implements message_t's get_minor_version function.
322 * See #message_s.get_minor_version.
323 */
324 static u_int8_t get_minor_version (private_message_t *this)
325 {
326 return this->minor_version;
327 }
328
329 /**
330 * Implements message_t's set_exchange_type function.
331 * See #message_s.set_exchange_type.
332 */
333 static status_t set_exchange_type (private_message_t *this,exchange_type_t exchange_type)
334 {
335 this->exchange_type = exchange_type;
336 return SUCCESS;
337 }
338
339
340 /**
341 * Implements message_t's get_exchange_type function.
342 * See #message_s.get_exchange_type.
343 */
344 static exchange_type_t get_exchange_type (private_message_t *this)
345 {
346 return this->exchange_type;
347 }
348
349
350 /**
351 * Implements message_t's set_request function.
352 * See #message_s.set_request.
353 */
354 static status_t set_request (private_message_t *this,bool request)
355 {
356 this->is_request = request;
357 return SUCCESS;
358 }
359
360 /**
361 * Implements message_t's get_request function.
362 * See #message_s.get_request.
363 */
364 static exchange_type_t get_request (private_message_t *this)
365 {
366 return this->is_request;
367 }
368
369 static status_t add_payload(private_message_t *this, payload_t *payload)
370 {
371 payload_t *last_payload;
372 if (this->payloads->get_last(this->payloads,(void **) &last_payload) != SUCCESS)
373 {
374 return OUT_OF_RES;
375 }
376
377 if (this->payloads->insert_last(this->payloads, payload) != SUCCESS)
378 {
379 return OUT_OF_RES;
380 }
381 if (this->payloads->get_count(this->payloads) == 1)
382 {
383 this->first_payload = payload->get_type(payload);
384 }
385 else
386 {
387 last_payload->set_next_type(last_payload,payload->get_type(payload));
388 }
389
390 return SUCCESS;
391 }
392
393 static status_t set_source(private_message_t *this, host_t *host)
394 {
395 if (this->packet->source != NULL)
396 {
397 this->packet->source->destroy(this->packet->source);
398 }
399 this->packet->source = host;
400 return SUCCESS;
401 }
402
403 static status_t set_destination(private_message_t *this, host_t *host)
404 {
405 if (this->packet->destination != NULL)
406 {
407 this->packet->destination->destroy(this->packet->destination);
408 }
409 this->packet->destination = host;
410 return SUCCESS;
411 }
412
413 static status_t get_source(private_message_t *this, host_t **host)
414 {
415 *host = this->packet->source;
416 return SUCCESS;
417 }
418
419 static status_t get_destination(private_message_t *this, host_t **host)
420 {
421 *host = this->packet->destination;
422 return SUCCESS;
423 }
424
425
426 static status_t get_payload_iterator(private_message_t *this, linked_list_iterator_t **iterator)
427 {
428 return this->payloads->create_iterator(this->payloads, iterator, TRUE);
429 }
430
431
432 /**
433 * Implements message_t's generate function.
434 * See #message_s.generate.
435 */
436 static status_t generate(private_message_t *this, packet_t **packet)
437 {
438 generator_t *generator;
439 ike_header_t *ike_header;
440 payload_t *payload, *next_payload;
441 linked_list_iterator_t *iterator;
442 status_t status;
443
444 if (this->exchange_type == EXCHANGE_TYPE_UNDEFINED)
445 {
446 return INVALID_STATE;
447 }
448
449 if (this->packet->source == NULL ||
450 this->packet->destination == NULL)
451 {
452 return INVALID_STATE;
453 }
454
455 ike_header = ike_header_create();
456 if (ike_header == NULL)
457 {
458 return OUT_OF_RES;
459 }
460
461
462 ike_header->set_exchange_type(ike_header, this->exchange_type);
463 ike_header->set_message_id(ike_header, this->message_id);
464 ike_header->set_response_flag(ike_header, !this->is_request);
465 ike_header->set_initiator_flag(ike_header, this->ike_sa_id->is_initiator(this->ike_sa_id));
466 ike_header->set_initiator_spi(ike_header, this->ike_sa_id->get_initiator_spi(this->ike_sa_id));
467 ike_header->set_responder_spi(ike_header, this->ike_sa_id->get_responder_spi(this->ike_sa_id));
468
469 generator = generator_create();
470 if (generator == NULL)
471 {
472 return OUT_OF_RES;
473 }
474
475 payload = (payload_t*)ike_header;
476
477 if (this->payloads->create_iterator(this->payloads, &iterator, TRUE) != SUCCESS)
478 {
479 generator->destroy(generator);
480 ike_header->destroy(ike_header);
481 return OUT_OF_RES;
482 }
483 while(iterator->has_next(iterator))
484 {
485 iterator->current(iterator, (void**)&next_payload);
486 payload->set_next_type(payload, next_payload->get_type(next_payload));
487 status = generator->generate_payload(generator, payload);
488 if (status != SUCCESS)
489 {
490 generator->destroy(generator);
491 ike_header->destroy(ike_header);
492 return status;
493 }
494 payload = next_payload;
495 }
496 iterator->destroy(iterator);
497
498 payload->set_next_type(payload, NO_PAYLOAD);
499 status = generator->generate_payload(generator, payload);
500 if (status != SUCCESS)
501 {
502 generator->destroy(generator);
503 ike_header->destroy(ike_header);
504 return status;
505 }
506
507 ike_header->destroy(ike_header);
508
509
510
511 if (this->packet->data.ptr != NULL)
512 {
513 allocator_free(this->packet->data.ptr);
514 }
515
516 status = generator->write_to_chunk(generator, &(this->packet->data));
517 if (status != SUCCESS)
518 {
519 generator->destroy(generator);
520 return status;
521 }
522
523 this->packet->clone(this->packet, packet);
524
525 generator->destroy(generator);
526 return SUCCESS;
527 }
528
529 /**
530 * Implements message_t's parse_header function.
531 * See #message_s.parse_header.
532 */
533 static status_t parse_header (private_message_t *this)
534 {
535 ike_header_t *ike_header;
536 status_t status;
537
538 this->parser->reset_context(this->parser);
539 status = this->parser->parse_payload(this->parser,HEADER,(payload_t **) &ike_header);
540 if (status != SUCCESS)
541 {
542 this->logger->log(this->logger, ERROR, "Header could not be parsed");
543 return status;
544
545 }
546
547 /* verify payload */
548 status = ike_header->payload_interface.verify(&(ike_header->payload_interface));
549 if (status != SUCCESS)
550 {
551 this->logger->log(this->logger, ERROR, "Header could not be verified");
552 return status;
553 }
554
555 if (this->ike_sa_id != NULL)
556 {
557 this->ike_sa_id->destroy(this->ike_sa_id);
558 }
559
560 this->ike_sa_id = ike_sa_id_create(ike_header->get_initiator_spi(ike_header),
561 ike_header->get_responder_spi(ike_header),
562 !ike_header->get_initiator_flag(ike_header));
563 if (this->ike_sa_id == NULL)
564 {
565 this->logger->log(this->logger, ERROR, "Could not creaee ike_sa_id object");
566 ike_header->destroy(ike_header);
567 return OUT_OF_RES;
568 }
569 this->exchange_type = ike_header->get_exchange_type(ike_header);
570 this->message_id = ike_header->get_message_id(ike_header);
571 this->is_request = (!(ike_header->get_response_flag(ike_header)));
572 this->major_version = ike_header->get_maj_version(ike_header);
573 this->minor_version = ike_header->get_min_version(ike_header);
574 this->first_payload = ike_header->payload_interface.get_next_type(&(ike_header->payload_interface));
575
576 ike_header->destroy(ike_header);
577 return SUCCESS;
578 }
579
580 /**
581 * Implements message_t's parse_body function.
582 * See #message_s.parse_body.
583 */
584 static status_t parse_body (private_message_t *this)
585 {
586 status_t status;
587 int i;
588 payload_type_t current_payload_type = this->first_payload;
589 supported_payload_entry_t *supported_payloads;
590 size_t supported_payloads_count;
591
592 if (this->get_supported_payloads (this,&supported_payloads,&supported_payloads_count) != SUCCESS)
593 {
594 /* message type is not supported */
595 return FAILED;
596 }
597
598 while (current_payload_type != NO_PAYLOAD)
599 {
600 payload_t *current_payload;
601
602 bool supported = FALSE;
603 for (i = 0; i < supported_payloads_count;i++)
604 {
605 if (supported_payloads[i].payload_type == current_payload_type)
606 {
607 supported = TRUE;
608 break;
609 }
610 }
611 if (!supported && (current_payload_type != NO_PAYLOAD))
612 {
613 /* type not supported */
614 status = NOT_SUPPORTED;
615 this->logger->log(this->logger, ERROR, "Payload type %s not supported",mapping_find(payload_type_m,current_payload_type));
616 break;
617 }
618
619 status = this->parser->parse_payload(this->parser,current_payload_type,(payload_t **) &current_payload);
620 if (status != SUCCESS)
621 {
622 this->logger->log(this->logger, ERROR, "Payload type %s could not be parsed",mapping_find(payload_type_m,current_payload_type));
623 break;
624 }
625
626 current_payload_type = current_payload->get_next_type(current_payload);
627
628 status = current_payload->verify(current_payload);
629 if (status != SUCCESS)
630 {
631 this->logger->log(this->logger, ERROR, "Payload type %s could not be verified",mapping_find(payload_type_m,current_payload_type));
632 status = VERIFY_ERROR;
633 break;
634 }
635
636 status = this->payloads->insert_last(this->payloads,current_payload);
637 if (status != SUCCESS)
638 {
639 this->logger->log(this->logger, ERROR, "Could not insert current payload to internal list cause of ressource exhausting");
640 break;
641 }
642
643 }
644 if (status != SUCCESS)
645 {
646 /* already parsed payload is destroyed later in destroy call from outside this object */
647 }
648 else
649 {
650 linked_list_iterator_t *iterator;
651
652 status = this->payloads->create_iterator(this->payloads,&iterator,TRUE);
653 if (status != SUCCESS)
654 {
655 this->logger->log(this->logger, ERROR, "Could not create iterator to check supported payloads");
656 return status;
657 }
658
659
660 /* check for payloads with wrong count*/
661 for (i = 0; i < supported_payloads_count;i++)
662 {
663 size_t min_occurence = supported_payloads[i].min_occurence;
664 size_t max_occurence = supported_payloads[i].max_occurence;
665 payload_type_t payload_type = supported_payloads[i].payload_type;
666 size_t found_payloads = 0;
667
668 iterator->reset(iterator);
669
670 while(iterator->has_next(iterator))
671 {
672 payload_t *current_payload;
673 status = iterator->current(iterator,(void **)&current_payload);
674 if (status != SUCCESS)
675 {
676 this->logger->log(this->logger, CONTROL|MORE, "Could not get payload from internal list");
677 iterator->destroy(iterator);
678 return status;
679 }
680 if (current_payload->get_type(current_payload) == payload_type)
681 {
682 found_payloads++;
683 if (found_payloads > max_occurence)
684 {
685 this->logger->log(this->logger, CONTROL|MORE, "Payload of type %s more than %d times (%d) occured in current message",
686 mapping_find(payload_type_m,current_payload->get_type(current_payload)),max_occurence,found_payloads);
687 iterator->destroy(iterator);
688 return NOT_SUPPORTED;
689 }
690 }
691
692 }
693 if (found_payloads < min_occurence)
694 {
695 this->logger->log(this->logger, CONTROL|MORE, "Payload of type %s not occured %d times",
696 mapping_find(payload_type_m,payload_type),min_occurence);
697 iterator->destroy(iterator);
698 return NOT_SUPPORTED;
699 }
700
701 }
702 iterator->destroy(iterator);
703 }
704 return status;
705 }
706
707
708
709 /**
710 * Implements message_t's destroy function.
711 * See #message_s.destroy.
712 */
713 static status_t destroy (private_message_t *this)
714 {
715 linked_list_iterator_t *iterator;
716
717 if (this->packet != NULL)
718 {
719 this->packet->destroy(this->packet);
720 }
721 if (this->ike_sa_id != NULL)
722 {
723 this->ike_sa_id->destroy(this->ike_sa_id);
724 }
725
726 this->payloads->create_iterator(this->payloads, &iterator, TRUE);
727 while (iterator->has_next(iterator))
728 {
729 payload_t *payload;
730 iterator->current(iterator, (void**)&payload);
731 this->logger->log(this->logger, CONTROL|MORE, "Destroying payload of type %s",
732 mapping_find(payload_type_m, payload->get_type(payload)));
733 payload->destroy(payload);
734 }
735 iterator->destroy(iterator);
736 this->payloads->destroy(this->payloads);
737 this->parser->destroy(this->parser);
738
739 allocator_free(this);
740 return SUCCESS;
741 }
742
743 /*
744 * Described in Header-File
745 */
746 message_t *message_create_from_packet(packet_t *packet)
747 {
748 private_message_t *this = allocator_alloc_thing(private_message_t);
749 if (this == NULL)
750 {
751 return NULL;
752 }
753
754 /* public functions */
755 this->public.set_major_version = (status_t(*)(message_t*, u_int8_t))set_major_version;
756 this->public.get_major_version = (u_int8_t(*)(message_t*))get_major_version;
757 this->public.set_minor_version = (status_t(*)(message_t*, u_int8_t))set_minor_version;
758 this->public.get_minor_version = (u_int8_t(*)(message_t*))get_minor_version;
759 this->public.set_message_id = (status_t(*)(message_t*, u_int32_t))set_message_id;
760 this->public.get_message_id = (u_int32_t(*)(message_t*))get_message_id;
761 this->public.set_ike_sa_id = (status_t(*)(message_t*, ike_sa_id_t *))set_ike_sa_id;
762 this->public.get_ike_sa_id = (status_t(*)(message_t*, ike_sa_id_t **))get_ike_sa_id;
763 this->public.set_exchange_type = (status_t(*)(message_t*, exchange_type_t))set_exchange_type;
764 this->public.get_exchange_type = (exchange_type_t(*)(message_t*))get_exchange_type;
765 this->public.set_request = (status_t(*)(message_t*, bool))set_request;
766 this->public.get_request = (bool(*)(message_t*))get_request;
767 this->public.add_payload = (status_t(*)(message_t*,payload_t*))add_payload;
768 this->public.generate = (status_t (*) (message_t *, packet_t**)) generate;
769 this->public.set_source = (status_t (*) (message_t*,host_t*)) set_source;
770 this->public.get_source = (status_t (*) (message_t*,host_t**)) get_source;
771 this->public.set_destination = (status_t (*) (message_t*,host_t*)) set_destination;
772 this->public.get_destination = (status_t (*) (message_t*,host_t**)) get_destination;
773 this->public.get_payload_iterator = (status_t (*) (message_t *, linked_list_iterator_t **)) get_payload_iterator;
774 this->public.parse_header = (status_t (*) (message_t *)) parse_header;
775 this->public.parse_body = (status_t (*) (message_t *)) parse_body;
776 this->public.destroy = (status_t(*)(message_t*))destroy;
777
778 /* public values */
779 this->exchange_type = EXCHANGE_TYPE_UNDEFINED;
780 this->is_request = TRUE;
781 this->ike_sa_id = NULL;
782 this->first_payload = NO_PAYLOAD;
783 this->message_id = 0;
784
785 /* private functions */
786 this->get_supported_payloads = get_supported_payloads;
787
788 /* private values */
789 if (packet == NULL)
790 {
791 packet = packet_create();
792 }
793 if (packet == NULL)
794 {
795 allocator_free(this);
796 return NULL;
797 }
798 this->packet = packet;
799 this->payloads = linked_list_create();
800 if (this->payloads == NULL)
801 {
802 allocator_free(this);
803 return NULL;
804 }
805
806 /* parser is created from data of packet */
807 this->parser = parser_create(this->packet->data);
808 if (this->parser == NULL)
809 {
810 this->payloads->destroy(this->payloads);
811 allocator_free(this);
812 return NULL;
813 }
814
815 this->logger = global_logger_manager->create_logger(global_logger_manager, MESSAGE, NULL);
816 if (this->logger == NULL)
817 {
818 this->parser->destroy(this->parser);
819 this->payloads->destroy(this->payloads);
820 allocator_free(this);
821 return NULL;
822 }
823
824 return (&this->public);
825 }
826
827 /*
828 * Described in Header-File
829 */
830 message_t *message_create()
831 {
832 return message_create_from_packet(NULL);
833 }