improved logging on verify errors for some payloads
[strongswan.git] / src / charon / sa / transactions / create_child_sa.c
1 /**
2 * @file create_child_sa.c
3 *
4 * @brief Implementation of create_child_sa_t transaction.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include "create_child_sa.h"
24
25 #include <string.h>
26
27 #include <daemon.h>
28 #include <encoding/payloads/sa_payload.h>
29 #include <encoding/payloads/nonce_payload.h>
30 #include <encoding/payloads/ts_payload.h>
31 #include <sa/transactions/delete_child_sa.h>
32 #include <utils/randomizer.h>
33
34
35 typedef struct private_create_child_sa_t private_create_child_sa_t;
36
37 /**
38 * Private members of a create_child_sa_t object..
39 */
40 struct private_create_child_sa_t {
41
42 /**
43 * Public methods and transaction_t interface.
44 */
45 create_child_sa_t public;
46
47 /**
48 * Assigned IKE_SA.
49 */
50 ike_sa_t *ike_sa;
51
52 /**
53 * Message sent by our peer, if already generated
54 */
55 message_t *message;
56
57 /**
58 * Message ID this transaction uses
59 */
60 u_int32_t message_id;
61
62 /**
63 * Times we did send the request
64 */
65 u_int32_t requested;
66
67 /**
68 * initiators inbound SPI of the CHILD_SA which gets rekeyed
69 */
70 u_int32_t rekey_spi;
71
72 /**
73 * connection of IKE_SA
74 */
75 connection_t *connection;
76
77 /**
78 * policy definition used
79 */
80 policy_t *policy;
81
82 /**
83 * Negotiated proposal used for CHILD_SA
84 */
85 proposal_t *proposal;
86
87 /**
88 * initiator chosen nonce
89 */
90 chunk_t nonce_i;
91
92 /**
93 * responder chosen nonce
94 */
95 chunk_t nonce_r;
96
97 /**
98 * lower of the nonces of a simultaneus rekeying request
99 */
100 chunk_t nonce_s;
101
102 /**
103 * Negotiated traffic selectors for initiator
104 */
105 linked_list_t *tsi;
106
107 /**
108 * Negotiated traffic selectors for responder
109 */
110 linked_list_t *tsr;
111
112 /**
113 * CHILD_SA created by this transaction
114 */
115 child_sa_t *child_sa;
116
117 /**
118 * CHILD_SA rekeyed if we are rekeying
119 */
120 child_sa_t *rekeyed_sa;
121
122 /**
123 * Have we lost the simultaneous rekeying nonce compare?
124 */
125 bool lost;
126
127 /**
128 * source of randomness
129 */
130 randomizer_t *randomizer;
131
132 /**
133 * Assigned logger.
134 */
135 logger_t *logger;
136 };
137
138 /**
139 * Implementation of transaction_t.get_message_id.
140 */
141 static u_int32_t get_message_id(private_create_child_sa_t *this)
142 {
143 return this->message_id;
144 }
145
146 /**
147 * Implementation of transaction_t.requested.
148 */
149 static u_int32_t requested(private_create_child_sa_t *this)
150 {
151 return this->requested++;
152 }
153
154 /**
155 * Implementation of create_child_sa_t.rekeys_child.
156 */
157 static void rekeys_child(private_create_child_sa_t *this, child_sa_t *child_sa)
158 {
159 this->rekeyed_sa = child_sa;
160 }
161
162 /**
163 * Implementation of create_child_sa_t.cancel.
164 */
165 static void cancel(private_create_child_sa_t *this)
166 {
167 this->rekeyed_sa = NULL;
168 this->lost = TRUE;
169 }
170
171 /**
172 * Implementation of transaction_t.get_request.
173 */
174 static status_t get_request(private_create_child_sa_t *this, message_t **result)
175 {
176 message_t *request;
177 host_t *me, *other;
178
179 /* check if we are not already rekeying */
180 if (this->rekeyed_sa)
181 {
182 switch (this->rekeyed_sa->get_state(this->rekeyed_sa))
183 {
184 case CHILD_REKEYING:
185 this->logger->log(this->logger, ERROR,
186 "rekeying a CHILD_SA which is already rekeying, aborted");
187 return FAILED;
188 case CHILD_DELETING:
189 this->logger->log(this->logger, ERROR,
190 "rekeying a CHILD_SA which is deleting, aborted");
191 return FAILED;
192 default:
193 break;
194 }
195 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
196 }
197
198 /* check if we already have built a message (retransmission) */
199 if (this->message)
200 {
201 *result = this->message;
202 return SUCCESS;
203 }
204
205 this->connection = this->ike_sa->get_connection(this->ike_sa);
206 me = this->connection->get_my_host(this->connection);
207 other = this->connection->get_other_host(this->connection);
208 this->policy = this->ike_sa->get_policy(this->ike_sa);
209
210 /* build the request */
211 request = message_create();
212 request->set_source(request, me->clone(me));
213 request->set_destination(request, other->clone(other));
214 request->set_exchange_type(request, CREATE_CHILD_SA);
215 request->set_request(request, TRUE);
216 request->set_ike_sa_id(request, this->ike_sa->get_id(this->ike_sa));
217 *result = request;
218 this->message = request;
219
220 { /* build SA payload */
221 sa_payload_t *sa_payload;
222 linked_list_t *proposals;
223 bool use_natt;
224 u_int32_t reqid = 0;
225
226 if (this->rekeyed_sa)
227 {
228 reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
229 }
230
231 proposals = this->policy->get_proposals(this->policy);
232 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
233 this->child_sa = child_sa_create(reqid, me, other,
234 this->policy->get_soft_lifetime(this->policy),
235 this->policy->get_hard_lifetime(this->policy),
236 use_natt);
237 if (this->child_sa->alloc(this->child_sa, proposals) != SUCCESS)
238 {
239 this->logger->log(this->logger, ERROR,
240 "could not install CHILD_SA, CHILD_SA creation aborted");
241 return FAILED;
242 }
243 sa_payload = sa_payload_create_from_proposal_list(proposals);
244 request->add_payload(request, (payload_t*)sa_payload);
245 }
246
247 { /* build the NONCE payload for us (initiator) */
248 nonce_payload_t *nonce_payload;
249
250 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
251 NONCE_SIZE, &this->nonce_i) != SUCCESS)
252 {
253 return FAILED;
254 }
255 nonce_payload = nonce_payload_create();
256 nonce_payload->set_nonce(nonce_payload, this->nonce_i);
257 request->add_payload(request, (payload_t*)nonce_payload);
258 }
259
260 { /* build TSi payload */
261 linked_list_t *ts_list;
262 ts_payload_t *ts_payload;
263
264 ts_list = this->policy->get_my_traffic_selectors(this->policy);
265 ts_payload = ts_payload_create_from_traffic_selectors(TRUE, ts_list);
266 request->add_payload(request, (payload_t*)ts_payload);
267 }
268
269 { /* build TSr payload */
270 linked_list_t *ts_list;
271 ts_payload_t *ts_payload;
272
273 ts_list = this->policy->get_other_traffic_selectors(this->policy);
274 ts_payload = ts_payload_create_from_traffic_selectors(FALSE, ts_list);
275 request->add_payload(request, (payload_t*)ts_payload);
276 }
277
278 if (this->rekeyed_sa)
279 { /* add REKEY_SA notify if we are rekeying */
280 notify_payload_t *notify;
281 protocol_id_t protocol;
282
283 protocol = this->rekeyed_sa->get_protocol(this->rekeyed_sa);
284 notify = notify_payload_create_from_protocol_and_type(protocol, REKEY_SA);
285 notify->set_spi(notify, this->rekeyed_sa->get_spi(this->rekeyed_sa, TRUE));
286 request->add_payload(request, (payload_t*)notify);
287
288 /* register us as rekeying to detect multiple rekeying */
289 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, &this->public);
290 }
291
292 this->message_id = this->ike_sa->get_next_message_id(this->ike_sa);
293 request->set_message_id(request, this->message_id);
294
295 return SUCCESS;
296 }
297
298 /**
299 * Handle all kind of notifys
300 */
301 static status_t process_notifys(private_create_child_sa_t *this, notify_payload_t *notify_payload)
302 {
303 notify_type_t notify_type = notify_payload->get_notify_type(notify_payload);
304
305 this->logger->log(this->logger, CONTROL|LEVEL1, "process notify type %s",
306 mapping_find(notify_type_m, notify_type));
307
308 switch (notify_type)
309 {
310 case SINGLE_PAIR_REQUIRED:
311 {
312 this->logger->log(this->logger, AUDIT,
313 "received a SINGLE_PAIR_REQUIRED notify");
314 return FAILED;
315 }
316 case TS_UNACCEPTABLE:
317 {
318 this->logger->log(this->logger, CONTROL,
319 "received TS_UNACCEPTABLE notify");
320 return FAILED;
321 }
322 case NO_PROPOSAL_CHOSEN:
323 {
324 this->logger->log(this->logger, CONTROL,
325 "received NO_PROPOSAL_CHOSEN notify");
326 return FAILED;
327 }
328 case REKEY_SA:
329 {
330 u_int32_t spi;
331 protocol_id_t protocol;
332
333 protocol = notify_payload->get_protocol_id(notify_payload);
334 switch (protocol)
335 {
336 case PROTO_AH:
337 case PROTO_ESP:
338 spi = notify_payload->get_spi(notify_payload);
339 this->rekeyed_sa = this->ike_sa->get_child_sa(this->ike_sa,
340 protocol, spi,
341 FALSE);
342 break;
343 default:
344 break;
345 }
346 return SUCCESS;
347 }
348 default:
349 {
350 if (notify_type < 16383)
351 {
352 this->logger->log(this->logger, AUDIT,
353 "received %s notify error (%d), deleting IKE_SA",
354 mapping_find(notify_type_m, notify_type),
355 notify_type);
356 return FAILED;
357 }
358 else
359 {
360 this->logger->log(this->logger, CONTROL,
361 "received %s notify (%d), ignored",
362 mapping_find(notify_type_m, notify_type),
363 notify_type);
364 return SUCCESS;
365 }
366 }
367 }
368 }
369
370 /**
371 * Build a notify message.
372 */
373 static void build_notify(notify_type_t type, chunk_t data, message_t *message, bool flush_message)
374 {
375 notify_payload_t *notify;
376
377 if (flush_message)
378 {
379 payload_t *payload;
380 iterator_t *iterator = message->get_payload_iterator(message);
381 while (iterator->iterate(iterator, (void**)&payload))
382 {
383 payload->destroy(payload);
384 iterator->remove(iterator);
385 }
386 iterator->destroy(iterator);
387 }
388
389 notify = notify_payload_create();
390 notify->set_notify_type(notify, type);
391 notify->set_notification_data(notify, data);
392 message->add_payload(message, (payload_t*)notify);
393 }
394
395 /**
396 * Install a CHILD_SA for usage
397 */
398 static status_t install_child_sa(private_create_child_sa_t *this, bool initiator)
399 {
400 prf_plus_t *prf_plus;
401 chunk_t seed;
402 status_t status;
403
404 seed = chunk_alloc(this->nonce_i.len + this->nonce_r.len);
405 memcpy(seed.ptr, this->nonce_i.ptr, this->nonce_i.len);
406 memcpy(seed.ptr + this->nonce_i.len, this->nonce_r.ptr, this->nonce_r.len);
407 prf_plus = prf_plus_create(this->ike_sa->get_child_prf(this->ike_sa), seed);
408 chunk_free(&seed);
409
410 if (initiator)
411 {
412 status = this->child_sa->update(this->child_sa, this->proposal, prf_plus);
413 }
414 else
415 {
416 status = this->child_sa->add(this->child_sa, this->proposal, prf_plus);
417 }
418 prf_plus->destroy(prf_plus);
419 if (status != SUCCESS)
420 {
421 return DESTROY_ME;
422 }
423 if (initiator)
424 {
425 status = this->child_sa->add_policies(this->child_sa, this->tsi, this->tsr);
426 }
427 else
428 {
429 status = this->child_sa->add_policies(this->child_sa, this->tsr, this->tsi);
430 }
431 if (status != SUCCESS)
432 {
433 return DESTROY_ME;
434 }
435 /* add to IKE_SA, and remove from transaction */
436 this->ike_sa->add_child_sa(this->ike_sa, this->child_sa);
437 this->child_sa = NULL;
438 return SUCCESS;
439 }
440
441 /**
442 * destroy a list of traffic selectors
443 */
444 static void destroy_ts_list(linked_list_t *list)
445 {
446 if (list)
447 {
448 traffic_selector_t *ts;
449 while (list->remove_last(list, (void**)&ts) == SUCCESS)
450 {
451 ts->destroy(ts);
452 }
453 list->destroy(list);
454 }
455 }
456
457 /**
458 * Implementation of transaction_t.get_response.
459 */
460 static status_t get_response(private_create_child_sa_t *this, message_t *request,
461 message_t **result, transaction_t **next)
462 {
463 host_t *me, *other;
464 message_t *response;
465 status_t status;
466 iterator_t *payloads;
467 sa_payload_t *sa_request = NULL;
468 nonce_payload_t *nonce_request = NULL;
469 ts_payload_t *tsi_request = NULL;
470 ts_payload_t *tsr_request = NULL;
471 nonce_payload_t *nonce_response;
472
473 /* check if we already have built a response (retransmission) */
474 if (this->message)
475 {
476 *result = this->message;
477 return SUCCESS;
478 }
479
480 this->connection = this->ike_sa->get_connection(this->ike_sa);
481 me = this->connection->get_my_host(this->connection);
482 other = this->connection->get_other_host(this->connection);
483 this->policy = this->ike_sa->get_policy(this->ike_sa);
484 this->message_id = request->get_message_id(request);
485
486 /* set up response */
487 response = message_create();
488 response->set_source(response, me->clone(me));
489 response->set_destination(response, other->clone(other));
490 response->set_exchange_type(response, CREATE_CHILD_SA);
491 response->set_request(response, FALSE);
492 response->set_message_id(response, this->message_id);
493 response->set_ike_sa_id(response, this->ike_sa->get_id(this->ike_sa));
494 this->message = response;
495 *result = response;
496
497 /* check message type */
498 if (request->get_exchange_type(request) != CREATE_CHILD_SA)
499 {
500 this->logger->log(this->logger, ERROR,
501 "CREATE_CHILD_SA response of invalid type, aborted");
502 return FAILED;
503 }
504
505 /* Iterate over all payloads. */
506 payloads = request->get_payload_iterator(request);
507 while (payloads->has_next(payloads))
508 {
509 payload_t *payload;
510 payloads->current(payloads, (void**)&payload);
511 switch (payload->get_type(payload))
512 {
513 case SECURITY_ASSOCIATION:
514 sa_request = (sa_payload_t*)payload;
515 break;
516 case NONCE:
517 nonce_request = (nonce_payload_t*)payload;
518 break;
519 case TRAFFIC_SELECTOR_INITIATOR:
520 tsi_request = (ts_payload_t*)payload;
521 break;
522 case TRAFFIC_SELECTOR_RESPONDER:
523 tsr_request = (ts_payload_t*)payload;
524 case KEY_EXCHANGE:
525 {
526 u_int8_t dh_buffer[] = {0x00, 0x00}; /* MODP_NONE */
527 chunk_t group = chunk_from_buf(dh_buffer);
528 build_notify(INVALID_KE_PAYLOAD, group, response, TRUE);
529 this->logger->log(this->logger, CONTROL,
530 "CREATE_CHILD_SA used PFS, sending INVALID_KE_PAYLOAD");
531 return FAILED;
532 }
533 case NOTIFY:
534 {
535 status = process_notifys(this, (notify_payload_t*)payload);
536 if (status != SUCCESS)
537 {
538 payloads->destroy(payloads);
539 return status;
540 }
541 break;
542 }
543 default:
544 {
545 this->logger->log(this->logger, ERROR, "ignoring %s payload (%d)",
546 mapping_find(payload_type_m, payload->get_type(payload)),
547 payload->get_type(payload));
548 break;
549 }
550 }
551 }
552 payloads->destroy(payloads);
553
554 /* check if we have all payloads */
555 if (!(sa_request && nonce_request && tsi_request && tsr_request))
556 {
557 build_notify(INVALID_SYNTAX, CHUNK_INITIALIZER, response, TRUE);
558 this->logger->log(this->logger, AUDIT,
559 "request message incomplete, no CHILD_SA created");
560 return FAILED;
561 }
562
563 { /* process nonce payload */
564 this->nonce_i = nonce_request->get_nonce(nonce_request);
565 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
566 NONCE_SIZE, &this->nonce_r) != SUCCESS)
567 {
568 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
569 return FAILED;
570 }
571 nonce_response = nonce_payload_create();
572 nonce_response->set_nonce(nonce_response, this->nonce_r);
573 }
574
575 { /* process traffic selectors for other */
576 linked_list_t *ts_received = tsi_request->get_traffic_selectors(tsi_request);
577 this->tsi = this->policy->select_other_traffic_selectors(this->policy, ts_received);
578 destroy_ts_list(ts_received);
579 }
580
581 { /* process traffic selectors for us */
582 linked_list_t *ts_received = ts_received = tsr_request->get_traffic_selectors(tsr_request);
583 this->tsr = this->policy->select_my_traffic_selectors(this->policy, ts_received);
584 destroy_ts_list(ts_received);
585 }
586
587 { /* process SA payload */
588 proposal_t *proposal;
589 linked_list_t *proposal_list;
590 sa_payload_t *sa_response;
591 ts_payload_t *ts_response;
592 bool use_natt;
593 u_int32_t soft_lifetime, hard_lifetime;
594
595 sa_response = sa_payload_create();
596 /* get proposals from request, and select one with ours */
597 proposal_list = sa_request->get_proposals(sa_request);
598 this->logger->log(this->logger, CONTROL|LEVEL1, "selecting proposals:");
599 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
600 /* list is not needed anymore */
601 while (proposal_list->remove_last(proposal_list, (void**)&proposal) == SUCCESS)
602 {
603 proposal->destroy(proposal);
604 }
605 proposal_list->destroy(proposal_list);
606
607 /* do we have a proposal? */
608 if (this->proposal == NULL)
609 {
610 this->logger->log(this->logger, AUDIT,
611 "CHILD_SA proposals unacceptable, adding NO_PROPOSAL_CHOSEN notify");
612 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
613 return FAILED;
614 }
615 /* do we have traffic selectors? */
616 else if (this->tsi->get_count(this->tsi) == 0 || this->tsr->get_count(this->tsr) == 0)
617 {
618 this->logger->log(this->logger, AUDIT,
619 "CHILD_SA traffic selectors unacceptable, adding TS_UNACCEPTABLE notify");
620 build_notify(TS_UNACCEPTABLE, CHUNK_INITIALIZER, response, TRUE);
621 return FAILED;
622 }
623 else
624 { /* create child sa */
625 u_int32_t reqid = 0;
626
627 if (this->rekeyed_sa)
628 {
629 reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
630 }
631 soft_lifetime = this->policy->get_soft_lifetime(this->policy);
632 hard_lifetime = this->policy->get_hard_lifetime(this->policy);
633 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
634 this->child_sa = child_sa_create(reqid, me, other,
635 soft_lifetime, hard_lifetime,
636 use_natt);
637 if (install_child_sa(this, FALSE) != SUCCESS)
638 {
639 this->logger->log(this->logger, ERROR,
640 "installing CHILD_SA failed, adding NO_PROPOSAL_CHOSEN notify");
641 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
642 return FAILED;
643 }
644 /* add proposal to sa payload */
645 sa_response->add_proposal(sa_response, this->proposal);
646 }
647 response->add_payload(response, (payload_t*)sa_response);
648
649 /* add nonce/ts payload after sa payload */
650 response->add_payload(response, (payload_t *)nonce_response);
651 ts_response = ts_payload_create_from_traffic_selectors(TRUE, this->tsi);
652 response->add_payload(response, (payload_t*)ts_response);
653 ts_response = ts_payload_create_from_traffic_selectors(FALSE, this->tsr);
654 response->add_payload(response, (payload_t*)ts_response);
655 }
656 /* CHILD_SA successfully created. If another transaction is already rekeying
657 * this SA, our lower nonce must be registered for a later nonce compare. */
658 if (this->rekeyed_sa)
659 {
660 private_create_child_sa_t *other;
661
662 other = this->rekeyed_sa->get_rekeying_transaction(this->rekeyed_sa);
663 if (other)
664 {
665 /* store our lower nonce in the simultaneus transaction, it
666 * will later compare it against his nonces when it calls conclude().
667 */
668 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
669 min(this->nonce_i.len, this->nonce_r.len)) < 0)
670 {
671 other->nonce_s = chunk_clone(this->nonce_i);
672 }
673 else
674 {
675 other->nonce_s = chunk_clone(this->nonce_r);
676 }
677 }
678 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
679 }
680 return SUCCESS;
681 }
682
683 /**
684 * Implementation of transaction_t.conclude
685 */
686 static status_t conclude(private_create_child_sa_t *this, message_t *response,
687 transaction_t **next)
688 {
689 iterator_t *payloads;
690 host_t *me, *other;
691 sa_payload_t *sa_payload = NULL;
692 nonce_payload_t *nonce_payload = NULL;
693 ts_payload_t *tsi_payload = NULL;
694 ts_payload_t *tsr_payload = NULL;
695 status_t status;
696 child_sa_t *new_child = NULL;
697 delete_child_sa_t *delete_child_sa;
698
699 /* check message type */
700 if (response->get_exchange_type(response) != CREATE_CHILD_SA)
701 {
702 this->logger->log(this->logger, ERROR,
703 "CREATE_CHILD_SA response of invalid type, aborting");
704 return FAILED;
705 }
706
707 me = this->connection->get_my_host(this->connection);
708 other = this->connection->get_other_host(this->connection);
709
710 /* Iterate over all payloads to collect them */
711 payloads = response->get_payload_iterator(response);
712 while (payloads->has_next(payloads))
713 {
714 payload_t *payload;
715 payloads->current(payloads, (void**)&payload);
716 switch (payload->get_type(payload))
717 {
718 case SECURITY_ASSOCIATION:
719 sa_payload = (sa_payload_t*)payload;
720 break;
721 case NONCE:
722 nonce_payload = (nonce_payload_t*)payload;
723 break;
724 case TRAFFIC_SELECTOR_INITIATOR:
725 tsi_payload = (ts_payload_t*)payload;
726 break;
727 case TRAFFIC_SELECTOR_RESPONDER:
728 tsr_payload = (ts_payload_t*)payload;
729 break;
730 case NOTIFY:
731 {
732 status = process_notifys(this, (notify_payload_t*)payload);
733 if (status != SUCCESS)
734 {
735 payloads->destroy(payloads);
736 return status;
737 }
738 break;
739 }
740 default:
741 {
742 this->logger->log(this->logger, ERROR, "ignoring %s payload (%d)",
743 mapping_find(payload_type_m, payload->get_type(payload)),
744 payload->get_type(payload));
745 break;
746 }
747 }
748 }
749 payloads->destroy(payloads);
750
751 if (!(sa_payload && nonce_payload && tsi_payload && tsr_payload))
752 {
753 this->logger->log(this->logger, AUDIT, "response message incomplete, no CHILD_SA built");
754 return FAILED;
755 }
756
757 { /* process NONCE payload */
758 this->nonce_r = nonce_payload->get_nonce(nonce_payload);
759 }
760
761 { /* process traffic selectors for us */
762 linked_list_t *ts_received = tsi_payload->get_traffic_selectors(tsi_payload);
763 this->tsi = this->policy->select_my_traffic_selectors(this->policy, ts_received);
764 destroy_ts_list(ts_received);
765 }
766
767 { /* process traffic selectors for other */
768 linked_list_t *ts_received = tsr_payload->get_traffic_selectors(tsr_payload);
769 this->tsr = this->policy->select_other_traffic_selectors(this->policy, ts_received);
770 destroy_ts_list(ts_received);
771 }
772
773 { /* process sa payload */
774 proposal_t *proposal;
775 linked_list_t *proposal_list;
776
777 proposal_list = sa_payload->get_proposals(sa_payload);
778 /* we have to re-check here if other's selection is valid */
779 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
780 /* list not needed anymore */
781 while (proposal_list->remove_last(proposal_list, (void**)&proposal) == SUCCESS)
782 {
783 proposal->destroy(proposal);
784 }
785 proposal_list->destroy(proposal_list);
786
787 /* everything fine to create CHILD? */
788 if (this->proposal == NULL ||
789 this->tsi->get_count(this->tsi) == 0 ||
790 this->tsr->get_count(this->tsr) == 0)
791 {
792 this->logger->log(this->logger, AUDIT,
793 "CHILD_SA creation failed");
794 return FAILED;
795 }
796 new_child = this->child_sa;
797 if (install_child_sa(this, TRUE) != SUCCESS)
798 {
799 this->logger->log(this->logger, ERROR,
800 "installing CHILD_SA failed, no CHILD_SA built");
801 return FAILED;
802 }
803 }
804 /* CHILD_SA successfully created. If the other peer initiated rekeying
805 * in the meantime, we detect this by comparing the rekeying_transaction
806 * of the SA. If it changed, we are not alone. Then we must compare the nonces.
807 * If no simultaneous rekeying is going on, we just initiate the delete of
808 * the superseded SA. */
809 if (this->rekeyed_sa)
810 {
811 /* rekeying finished, update SA status */
812 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, NULL);
813
814 if (this->nonce_s.ptr)
815 { /* simlutaneous rekeying is going on, not so good */
816 chunk_t this_lowest;
817
818 /* first get our lowest nonce */
819 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
820 min(this->nonce_i.len, this->nonce_r.len)) < 0)
821 {
822 this_lowest = this->nonce_i;
823 }
824 else
825 {
826 this_lowest = this->nonce_r;
827 }
828 /* then compare against other lowest nonce */
829 if (memcmp(this_lowest.ptr, this->nonce_s.ptr,
830 min(this_lowest.len, this->nonce_s.len)) < 0)
831 {
832 this->logger->log(this->logger, ERROR,
833 "detected simultaneous CHILD_SA rekeying, deleting ours");
834 this->lost = TRUE;
835 }
836 else
837 {
838 this->logger->log(this->logger, ERROR,
839 "detected simultaneous CHILD_SA rekeying, but ours is preferred");
840 }
841 }
842 /* delete the old SA if we have won the rekeying nonce compare*/
843 if (!this->lost)
844 {
845 delete_child_sa = delete_child_sa_create(this->ike_sa);
846 delete_child_sa->set_child_sa(delete_child_sa, this->rekeyed_sa);
847 *next = (transaction_t*)delete_child_sa;
848 }
849 }
850 if (this->lost)
851 {
852 /* we have lost simlutaneous rekeying, delete the CHILD_SA we just have created */
853 delete_child_sa = delete_child_sa_create(this->ike_sa);
854 delete_child_sa->set_child_sa(delete_child_sa, new_child);
855 *next = (transaction_t*)delete_child_sa;
856 }
857 return SUCCESS;
858 }
859
860 /**
861 * implements transaction_t.destroy
862 */
863 static void destroy(private_create_child_sa_t *this)
864 {
865 if (this->message)
866 {
867 this->message->destroy(this->message);
868 }
869 if (this->proposal)
870 {
871 this->proposal->destroy(this->proposal);
872 }
873 if (this->child_sa)
874 {
875 this->child_sa->destroy(this->child_sa);
876 }
877 destroy_ts_list(this->tsi);
878 destroy_ts_list(this->tsr);
879 chunk_free(&this->nonce_i);
880 chunk_free(&this->nonce_r);
881 chunk_free(&this->nonce_s);
882 this->randomizer->destroy(this->randomizer);
883 free(this);
884 }
885
886 /*
887 * Described in header.
888 */
889 create_child_sa_t *create_child_sa_create(ike_sa_t *ike_sa)
890 {
891 private_create_child_sa_t *this = malloc_thing(private_create_child_sa_t);
892
893 /* transaction interface functions */
894 this->public.transaction.get_request = (status_t(*)(transaction_t*,message_t**))get_request;
895 this->public.transaction.get_response = (status_t(*)(transaction_t*,message_t*,message_t**,transaction_t**))get_response;
896 this->public.transaction.conclude = (status_t(*)(transaction_t*,message_t*,transaction_t**))conclude;
897 this->public.transaction.get_message_id = (u_int32_t(*)(transaction_t*))get_message_id;
898 this->public.transaction.requested = (u_int32_t(*)(transaction_t*))requested;
899 this->public.transaction.destroy = (void(*)(transaction_t*))destroy;
900
901 /* public functions */
902 this->public.rekeys_child = (void(*)(create_child_sa_t*,child_sa_t*))rekeys_child;
903 this->public.cancel = (void(*)(create_child_sa_t*))cancel;
904
905 /* private data */
906 this->ike_sa = ike_sa;
907 this->message_id = 0;
908 this->message = NULL;
909 this->requested = 0;
910 this->rekey_spi = 0;
911 this->nonce_i = CHUNK_INITIALIZER;
912 this->nonce_r = CHUNK_INITIALIZER;
913 this->nonce_s = CHUNK_INITIALIZER;
914 this->child_sa = NULL;
915 this->rekeyed_sa = NULL;
916 this->lost = FALSE;
917 this->proposal = NULL;
918 this->tsi = NULL;
919 this->tsr = NULL;
920 this->randomizer = randomizer_create();
921 this->logger = logger_manager->get_logger(logger_manager, IKE_SA);
922
923 return &this->public;
924 }