fixed identation
[strongswan.git] / src / charon / network / receiver.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <stdlib.h>
19 #include <unistd.h>
20 #include <pthread.h>
21
22 #include "receiver.h"
23
24 #include <daemon.h>
25 #include <network/socket.h>
26 #include <network/packet.h>
27 #include <processing/jobs/job.h>
28 #include <processing/jobs/process_message_job.h>
29 #include <processing/jobs/callback_job.h>
30 #include <crypto/hashers/hasher.h>
31
32 /** lifetime of a cookie, in seconds */
33 #define COOKIE_LIFETIME 10
34 /** how many times to reuse the secret */
35 #define COOKIE_REUSE 10000
36 /** default value for private_receiver_t.cookie_threshold */
37 #define COOKIE_THRESHOLD_DEFAULT 10
38 /** default value for private_receiver_t.block_threshold */
39 #define BLOCK_THRESHOLD_DEFAULT 5
40 /** length of the secret to use for cookie calculation */
41 #define SECRET_LENGTH 16
42
43 typedef struct private_receiver_t private_receiver_t;
44
45 /**
46 * Private data of a receiver_t object.
47 */
48 struct private_receiver_t {
49 /**
50 * Public part of a receiver_t object.
51 */
52 receiver_t public;
53
54 /**
55 * Threads job receiving packets
56 */
57 callback_job_t *job;
58
59 /**
60 * Assigned thread.
61 */
62 pthread_t assigned_thread;
63
64 /**
65 * current secret to use for cookie calculation
66 */
67 char secret[SECRET_LENGTH];
68
69 /**
70 * previous secret used to verify older cookies
71 */
72 char secret_old[SECRET_LENGTH];
73
74 /**
75 * how many times we have used "secret" so far
76 */
77 u_int32_t secret_used;
78
79 /**
80 * time we did the cookie switch
81 */
82 u_int32_t secret_switch;
83
84 /**
85 * time offset to use, hides our system time
86 */
87 u_int32_t secret_offset;
88
89 /**
90 * the RNG to use for secret generation
91 */
92 rng_t *rng;
93
94 /**
95 * hasher to use for cookie calculation
96 */
97 hasher_t *hasher;
98
99 /**
100 * require cookies after this many half open IKE_SAs
101 */
102 u_int32_t cookie_threshold;
103
104 /**
105 * how many half open IKE_SAs per peer before blocking
106 */
107 u_int32_t block_threshold;
108 };
109
110 /**
111 * send a notify back to the sender
112 */
113 static void send_notify(message_t *request, notify_type_t type, chunk_t data)
114 {
115 if (request->get_request(request) &&
116 request->get_exchange_type(request) == IKE_SA_INIT)
117 {
118 message_t *response;
119 host_t *src, *dst;
120 packet_t *packet;
121 ike_sa_id_t *ike_sa_id;
122
123 response = message_create();
124 dst = request->get_source(request);
125 src = request->get_destination(request);
126 response->set_source(response, src->clone(src));
127 response->set_destination(response, dst->clone(dst));
128 response->set_exchange_type(response, request->get_exchange_type(request));
129 response->set_request(response, FALSE);
130 response->set_message_id(response, 0);
131 ike_sa_id = request->get_ike_sa_id(request);
132 ike_sa_id->switch_initiator(ike_sa_id);
133 response->set_ike_sa_id(response, ike_sa_id);
134 response->add_notify(response, FALSE, type, data);
135 if (response->generate(response, NULL, NULL, &packet) == SUCCESS)
136 {
137 charon->sender->send(charon->sender, packet);
138 response->destroy(response);
139 }
140 }
141 }
142
143 /**
144 * build a cookie
145 */
146 static chunk_t cookie_build(private_receiver_t *this, message_t *message,
147 u_int32_t t, chunk_t secret)
148 {
149 u_int64_t spi = message->get_initiator_spi(message);
150 host_t *ip = message->get_source(message);
151 chunk_t input, hash;
152
153 /* COOKIE = t | sha1( IPi | SPIi | t | secret ) */
154 input = chunk_cata("cccc", ip->get_address(ip), chunk_from_thing(spi),
155 chunk_from_thing(t), secret);
156 hash = chunk_alloca(this->hasher->get_hash_size(this->hasher));
157 this->hasher->get_hash(this->hasher, input, hash.ptr);
158 return chunk_cat("cc", chunk_from_thing(t), hash);
159 }
160
161 /**
162 * verify a received cookie
163 */
164 static bool cookie_verify(private_receiver_t *this, message_t *message,
165 chunk_t cookie)
166 {
167 u_int32_t t, now;
168 chunk_t reference;
169 chunk_t secret;
170
171 now = time(NULL);
172 t = *(u_int32_t*)cookie.ptr;
173
174 if (cookie.len != sizeof(u_int32_t) +
175 this->hasher->get_hash_size(this->hasher) ||
176 t < now - this->secret_offset - COOKIE_LIFETIME)
177 {
178 DBG2(DBG_NET, "received cookie lifetime expired, rejecting");
179 return FALSE;
180 }
181
182 /* check if cookie is derived from old_secret */
183 if (t + this->secret_offset > this->secret_switch)
184 {
185 secret = chunk_from_thing(this->secret);
186 }
187 else
188 {
189 secret = chunk_from_thing(this->secret_old);
190 }
191
192 /* compare own calculation against received */
193 reference = cookie_build(this, message, t, secret);
194 if (chunk_equals(reference, cookie))
195 {
196 chunk_free(&reference);
197 return TRUE;
198 }
199 chunk_free(&reference);
200 return FALSE;
201 }
202
203 /**
204 * check if cookies are required, and if so, a valid cookie is included
205 */
206 static bool cookie_required(private_receiver_t *this, message_t *message)
207 {
208 bool failed = FALSE;
209
210 if (charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,
211 NULL) >= this->cookie_threshold)
212 {
213 /* check for a cookie. We don't use our parser here and do it
214 * quick and dirty for performance reasons.
215 * we assume the cookie is the first payload (which is a MUST), and
216 * the cookie's SPI length is zero. */
217 packet_t *packet = message->get_packet(message);
218 chunk_t data = packet->get_data(packet);
219 if (data.len <
220 IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
221 sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
222 *(data.ptr + 16) != NOTIFY ||
223 *(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
224 {
225 /* no cookie found */
226 failed = TRUE;
227 }
228 else
229 {
230 data.ptr += IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH;
231 data.len = sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher);
232 if (!cookie_verify(this, message, data))
233 {
234 DBG2(DBG_NET, "found cookie, but content invalid");
235 failed = TRUE;
236 }
237 }
238 packet->destroy(packet);
239 }
240 return failed;
241 }
242
243 /**
244 * check if peer has to many half open IKE_SAs
245 */
246 static bool peer_to_aggressive(private_receiver_t *this, message_t *message)
247 {
248 if (charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,
249 message->get_source(message)) >= this->block_threshold)
250 {
251 return TRUE;
252 }
253 return FALSE;
254 }
255
256 /**
257 * Implementation of receiver_t.receive_packets.
258 */
259 static job_requeue_t receive_packets(private_receiver_t *this)
260 {
261 packet_t *packet;
262 message_t *message;
263 job_t *job;
264
265 /* read in a packet */
266 if (charon->socket->receive(charon->socket, &packet) != SUCCESS)
267 {
268 DBG2(DBG_NET, "receiving from socket failed!");
269 return JOB_REQUEUE_FAIR;
270 }
271
272 /* parse message header */
273 message = message_create_from_packet(packet);
274 if (message->parse_header(message) != SUCCESS)
275 {
276 DBG1(DBG_NET, "received invalid IKE header from %H - ignored",
277 packet->get_source(packet));
278 message->destroy(message);
279 return JOB_REQUEUE_DIRECT;
280 }
281
282 /* check IKE major version */
283 if (message->get_major_version(message) != IKE_MAJOR_VERSION)
284 {
285 DBG1(DBG_NET, "received unsupported IKE version %d.%d from %H, "
286 "sending INVALID_MAJOR_VERSION", message->get_major_version(message),
287 message->get_minor_version(message), packet->get_source(packet));
288 send_notify(message, INVALID_MAJOR_VERSION, chunk_empty);
289 message->destroy(message);
290 return JOB_REQUEUE_DIRECT;
291 }
292
293 if (message->get_request(message) &&
294 message->get_exchange_type(message) == IKE_SA_INIT)
295 {
296 /* check for cookies */
297 if (this->cookie_threshold && cookie_required(this, message))
298 {
299 u_int32_t now = time(NULL);
300 chunk_t cookie = cookie_build(this, message, now - this->secret_offset,
301 chunk_from_thing(this->secret));
302
303 DBG2(DBG_NET, "received packet from: %#H to %#H",
304 message->get_source(message),
305 message->get_destination(message));
306 DBG2(DBG_NET, "sending COOKIE notify to %H",
307 message->get_source(message));
308 send_notify(message, COOKIE, cookie);
309 chunk_free(&cookie);
310 if (++this->secret_used > COOKIE_REUSE)
311 {
312 /* create new cookie */
313 DBG1(DBG_NET, "generating new cookie secret after %d uses",
314 this->secret_used);
315 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
316 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
317 this->secret_switch = now;
318 this->secret_used = 0;
319 }
320 message->destroy(message);
321 return JOB_REQUEUE_DIRECT;
322 }
323
324 /* check if peer has not too many IKE_SAs half open */
325 if (this->block_threshold && peer_to_aggressive(this, message))
326 {
327 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
328 "peer too aggressive", message->get_source(message));
329 message->destroy(message);
330 return JOB_REQUEUE_DIRECT;
331 }
332 }
333 job = (job_t*)process_message_job_create(message);
334 charon->processor->queue_job(charon->processor, job);
335 return JOB_REQUEUE_DIRECT;
336 }
337
338 /**
339 * Implementation of receiver_t.destroy.
340 */
341 static void destroy(private_receiver_t *this)
342 {
343 this->job->cancel(this->job);
344 this->rng->destroy(this->rng);
345 this->hasher->destroy(this->hasher);
346 free(this);
347 }
348
349 /*
350 * Described in header.
351 */
352 receiver_t *receiver_create()
353 {
354 private_receiver_t *this = malloc_thing(private_receiver_t);
355 u_int32_t now = time(NULL);
356
357 this->public.destroy = (void(*)(receiver_t*)) destroy;
358
359 this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_PREFERRED);
360 if (this->hasher == NULL)
361 {
362 DBG1(DBG_NET, "creating cookie hasher failed, no hashers supported");
363 free(this);
364 return NULL;
365 }
366 this->rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
367 if (this->rng == NULL)
368 {
369 DBG1(DBG_NET, "creating cookie RNG failed, no RNG supported");
370 this->hasher->destroy(this->hasher);
371 free(this);
372 return NULL;
373 }
374 this->secret_switch = now;
375 this->secret_offset = random() % now;
376 this->secret_used = 0;
377 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
378 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
379 this->cookie_threshold = lib->settings->get_int(lib->settings,
380 "charon.cookie_threshold", COOKIE_THRESHOLD_DEFAULT);
381 this->block_threshold = lib->settings->get_int(lib->settings,
382 "charon.block_threshold", BLOCK_THRESHOLD_DEFAULT);
383 if (!lib->settings->get_bool(lib->settings, "charon.dos_protection", TRUE))
384 {
385 this->cookie_threshold = 0;
386 this->block_threshold = 0;
387 }
388
389 this->job = callback_job_create((callback_job_cb_t)receive_packets,
390 this, NULL, NULL);
391 charon->processor->queue_job(charon->processor, (job_t*)this->job);
392
393 return &this->public;
394 }
395