bcb3ced38a3156279ff10f1a4035b4ee33cd2a9d
[strongswan.git] / src / charon / sa / transactions / create_child_sa.c
1 /**
2 * @file create_child_sa.c
3 *
4 * @brief Implementation of create_child_sa_t transaction.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include "create_child_sa.h"
24
25 #include <string.h>
26
27 #include <daemon.h>
28 #include <encoding/payloads/sa_payload.h>
29 #include <encoding/payloads/nonce_payload.h>
30 #include <encoding/payloads/ts_payload.h>
31 #include <sa/transactions/delete_child_sa.h>
32 #include <utils/randomizer.h>
33
34
35 typedef struct private_create_child_sa_t private_create_child_sa_t;
36
37 /**
38 * Private members of a create_child_sa_t object..
39 */
40 struct private_create_child_sa_t {
41
42 /**
43 * Public methods and transaction_t interface.
44 */
45 create_child_sa_t public;
46
47 /**
48 * Assigned IKE_SA.
49 */
50 ike_sa_t *ike_sa;
51
52 /**
53 * Message sent by our peer, if already generated
54 */
55 message_t *message;
56
57 /**
58 * Message ID this transaction uses
59 */
60 u_int32_t message_id;
61
62 /**
63 * Times we did send the request
64 */
65 u_int32_t requested;
66
67 /**
68 * initiators inbound SPI of the CHILD_SA which gets rekeyed
69 */
70 u_int32_t rekey_spi;
71
72 /**
73 * reqid to use for new CHILD_SA
74 */
75 u_int32_t reqid;
76
77 /**
78 * policy definition used
79 */
80 policy_t *policy;
81
82 /**
83 * Negotiated proposal used for CHILD_SA
84 */
85 proposal_t *proposal;
86
87 /**
88 * initiator chosen nonce
89 */
90 chunk_t nonce_i;
91
92 /**
93 * responder chosen nonce
94 */
95 chunk_t nonce_r;
96
97 /**
98 * lower of the nonces of a simultaneus rekeying request
99 */
100 chunk_t nonce_s;
101
102 /**
103 * Negotiated traffic selectors for initiator
104 */
105 linked_list_t *tsi;
106
107 /**
108 * Negotiated traffic selectors for responder
109 */
110 linked_list_t *tsr;
111
112 /**
113 * CHILD_SA created by this transaction
114 */
115 child_sa_t *child_sa;
116
117 /**
118 * CHILD_SA rekeyed if we are rekeying
119 */
120 child_sa_t *rekeyed_sa;
121
122 /**
123 * mode of the CHILD_SA to create: transport/tunnel
124 */
125 mode_t mode;
126
127 /**
128 * Have we lost the simultaneous rekeying nonce compare?
129 */
130 bool lost;
131
132 /**
133 * source of randomness
134 */
135 randomizer_t *randomizer;
136
137 /**
138 * signal to emit when transaction fails. As this transaction is used
139 * for CHILD_SA creation AND rekeying, we must emit different signals.
140 */
141 signal_t failsig;
142 };
143
144 /**
145 * Implementation of transaction_t.get_message_id.
146 */
147 static u_int32_t get_message_id(private_create_child_sa_t *this)
148 {
149 return this->message_id;
150 }
151
152 /**
153 * Implementation of transaction_t.requested.
154 */
155 static u_int32_t requested(private_create_child_sa_t *this)
156 {
157 return this->requested++;
158 }
159
160 /**
161 * Implementation of create_child_sa_t.set_policy.
162 */
163 static void set_policy(private_create_child_sa_t *this, policy_t *policy)
164 {
165 this->policy = policy;
166 }
167
168 /**
169 * Implementation of create_child_sa_t.set_reqid.
170 */
171 static void set_reqid(private_create_child_sa_t *this, u_int32_t reqid)
172 {
173 this->reqid = reqid;
174 }
175
176 /**
177 * Implementation of create_child_sa_t.rekeys_child.
178 */
179 static void rekeys_child(private_create_child_sa_t *this, child_sa_t *child_sa)
180 {
181 this->rekeyed_sa = child_sa;
182 this->failsig = CHILD_REKEY_FAILED;
183 }
184
185 /**
186 * Implementation of create_child_sa_t.cancel.
187 */
188 static void cancel(private_create_child_sa_t *this)
189 {
190 this->rekeyed_sa = NULL;
191 this->lost = TRUE;
192 }
193
194 /**
195 * Build a notify message.
196 */
197 static void build_notify(notify_type_t type, chunk_t data, message_t *message, bool flush_message)
198 {
199 notify_payload_t *notify;
200
201 if (flush_message)
202 {
203 payload_t *payload;
204 iterator_t *iterator = message->get_payload_iterator(message);
205 while (iterator->iterate(iterator, (void**)&payload))
206 {
207 payload->destroy(payload);
208 iterator->remove(iterator);
209 }
210 iterator->destroy(iterator);
211 }
212
213 notify = notify_payload_create();
214 notify->set_notify_type(notify, type);
215 notify->set_notification_data(notify, data);
216 message->add_payload(message, (payload_t*)notify);
217 }
218
219 /**
220 * Implementation of transaction_t.get_request.
221 */
222 static status_t get_request(private_create_child_sa_t *this, message_t **result)
223 {
224 message_t *request;
225 host_t *me, *other;
226 identification_t *my_id, *other_id;
227
228 /* check if we already have built a message (retransmission) */
229 if (this->message)
230 {
231 *result = this->message;
232 return SUCCESS;
233 }
234
235 /* check if we are not already rekeying */
236 if (this->rekeyed_sa)
237 {
238 SIG(CHILD_REKEY_START, "rekeying CHILD_SA");
239
240 switch (this->rekeyed_sa->get_state(this->rekeyed_sa))
241 {
242 case CHILD_REKEYING:
243 SIG(CHILD_REKEY_FAILED,
244 "rekeying a CHILD_SA which is already rekeying, aborted");
245 return FAILED;
246 case CHILD_DELETING:
247 SIG(CHILD_REKEY_FAILED,
248 "rekeying a CHILD_SA which is deleting, aborted");
249 return FAILED;
250 default:
251 break;
252 }
253 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
254 }
255 else
256 {
257 SIG(CHILD_UP_START, "creating CHILD_SA");
258 }
259
260 me = this->ike_sa->get_my_host(this->ike_sa);
261 other = this->ike_sa->get_other_host(this->ike_sa);
262 my_id = this->ike_sa->get_my_id(this->ike_sa);
263 other_id = this->ike_sa->get_other_id(this->ike_sa);
264
265 /* build the request */
266 request = message_create();
267 request->set_source(request, me->clone(me));
268 request->set_destination(request, other->clone(other));
269 request->set_exchange_type(request, CREATE_CHILD_SA);
270 request->set_request(request, TRUE);
271 request->set_ike_sa_id(request, this->ike_sa->get_id(this->ike_sa));
272 *result = request;
273 this->message = request;
274
275 { /* build SA payload */
276 sa_payload_t *sa_payload;
277 linked_list_t *proposals;
278 bool use_natt;
279
280 /* get a policy, if we are rekeying */
281 if (this->rekeyed_sa)
282 {
283 linked_list_t *my_ts, *other_ts;
284 identification_t *my_id, *other_id;
285
286 my_ts = this->rekeyed_sa->get_my_traffic_selectors(this->rekeyed_sa);
287 other_ts = this->rekeyed_sa->get_other_traffic_selectors(this->rekeyed_sa);
288 my_id = this->ike_sa->get_my_id(this->ike_sa);
289 other_id = this->ike_sa->get_other_id(this->ike_sa);
290
291 this->policy = charon->policies->get_policy(charon->policies,
292 my_id, other_id,
293 my_ts, other_ts,
294 me, other,
295 NULL);
296
297 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
298
299 if (this->policy == NULL)
300 {
301 SIG(IKE_REKEY_FAILED, "no policy found to rekey "
302 "CHILD_SA with reqid %d", this->reqid);
303 return FAILED;
304 }
305 }
306
307 proposals = this->policy->get_proposals(this->policy);
308 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
309 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
310 this->policy->get_soft_lifetime(this->policy),
311 this->policy->get_hard_lifetime(this->policy),
312 this->policy->get_updown(this->policy),
313 this->policy->get_hostaccess(this->policy),
314 use_natt);
315 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
316 if (this->child_sa->alloc(this->child_sa, proposals) != SUCCESS)
317 {
318 SIG(this->failsig, "could not install CHILD_SA, CHILD_SA creation failed");
319 return FAILED;
320 }
321 sa_payload = sa_payload_create_from_proposal_list(proposals);
322 proposals->destroy_offset(proposals, offsetof(proposal_t, destroy));
323 request->add_payload(request, (payload_t*)sa_payload);
324 }
325
326 /* notify for transport/BEET mode, we propose it
327 * independent of the traffic selectors */
328 switch (this->policy->get_mode(this->policy))
329 {
330 case MODE_TUNNEL:
331 /* is the default */
332 break;
333 case MODE_TRANSPORT:
334 if (this->ike_sa->is_natt_enabled(this->ike_sa))
335 {
336 DBG1(DBG_IKE, "not using tranport mode, as connection NATed");
337 }
338 else
339 {
340 build_notify(USE_TRANSPORT_MODE, chunk_empty, request, FALSE);
341 }
342 break;
343 case MODE_BEET:
344 build_notify(USE_BEET_MODE, chunk_empty, request, FALSE);
345 break;
346 }
347
348 { /* build the NONCE payload for us (initiator) */
349 nonce_payload_t *nonce_payload;
350
351 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
352 NONCE_SIZE, &this->nonce_i) != SUCCESS)
353 {
354 SIG(this->failsig, "could not create nonce, CHILD_SA creation failed");
355 return FAILED;
356 }
357 nonce_payload = nonce_payload_create();
358 nonce_payload->set_nonce(nonce_payload, this->nonce_i);
359 request->add_payload(request, (payload_t*)nonce_payload);
360 }
361
362 { /* build TSi payload */
363 linked_list_t *ts_list;
364 ts_payload_t *ts_payload;
365
366 ts_list = this->policy->get_my_traffic_selectors(this->policy, me);
367 ts_payload = ts_payload_create_from_traffic_selectors(TRUE, ts_list);
368 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
369 request->add_payload(request, (payload_t*)ts_payload);
370 }
371
372 { /* build TSr payload */
373 linked_list_t *ts_list;
374 ts_payload_t *ts_payload;
375
376 ts_list = this->policy->get_other_traffic_selectors(this->policy, other);
377 ts_payload = ts_payload_create_from_traffic_selectors(FALSE, ts_list);
378 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
379 request->add_payload(request, (payload_t*)ts_payload);
380 }
381
382 if (this->rekeyed_sa)
383 { /* add REKEY_SA notify if we are rekeying */
384 notify_payload_t *notify;
385 protocol_id_t protocol;
386
387 protocol = this->rekeyed_sa->get_protocol(this->rekeyed_sa);
388 notify = notify_payload_create_from_protocol_and_type(protocol, REKEY_SA);
389 notify->set_spi(notify, this->rekeyed_sa->get_spi(this->rekeyed_sa, TRUE));
390 request->add_payload(request, (payload_t*)notify);
391
392 /* register us as rekeying to detect multiple rekeying */
393 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa,
394 &this->public.transaction);
395 }
396
397 this->message_id = this->ike_sa->get_next_message_id(this->ike_sa);
398 request->set_message_id(request, this->message_id);
399
400 return SUCCESS;
401 }
402
403 /**
404 * Handle all kind of notifys
405 */
406 static status_t process_notifys(private_create_child_sa_t *this, notify_payload_t *notify_payload)
407 {
408 notify_type_t notify_type = notify_payload->get_notify_type(notify_payload);
409
410 DBG2(DBG_IKE, "process notify type %N", notify_type_names, notify_type);
411
412 switch (notify_type)
413 {
414 case SINGLE_PAIR_REQUIRED:
415 {
416 SIG(this->failsig, "received a SINGLE_PAIR_REQUIRED notify");
417 return FAILED;
418 }
419 case TS_UNACCEPTABLE:
420 {
421 SIG(this->failsig, "received TS_UNACCEPTABLE notify");
422 return FAILED;
423 }
424 case NO_PROPOSAL_CHOSEN:
425 {
426 SIG(this->failsig, "received NO_PROPOSAL_CHOSEN notify");
427 return FAILED;
428 }
429 case USE_TRANSPORT_MODE:
430 {
431 this->mode = MODE_TRANSPORT;
432 return SUCCESS;
433 }
434 case USE_BEET_MODE:
435 {
436 this->mode = MODE_BEET;
437 return SUCCESS;
438 }
439 case REKEY_SA:
440 {
441 u_int32_t spi;
442 protocol_id_t protocol;
443
444 protocol = notify_payload->get_protocol_id(notify_payload);
445 switch (protocol)
446 {
447 case PROTO_AH:
448 case PROTO_ESP:
449 spi = notify_payload->get_spi(notify_payload);
450 this->rekeyed_sa = this->ike_sa->get_child_sa(this->ike_sa,
451 protocol, spi,
452 FALSE);
453 this->failsig = CHILD_REKEY_FAILED;
454 break;
455 default:
456 break;
457 }
458 return SUCCESS;
459 }
460 default:
461 {
462 if (notify_type < 16383)
463 {
464 SIG(this->failsig, "received %N notify error, CHILD_SA "
465 "creation failed", notify_type_names, notify_type);
466 return FAILED;
467 }
468 else
469 {
470 DBG1(DBG_IKE, "received %N notify, ignored",
471 notify_type_names, notify_type);
472 return SUCCESS;
473 }
474 }
475 }
476 }
477
478 /**
479 * Check a list of traffic selectors if any selector belongs to host
480 */
481 static bool ts_list_is_host(linked_list_t *list, host_t *host)
482 {
483 traffic_selector_t *ts;
484 bool is_host = TRUE;
485 iterator_t *iterator = list->create_iterator(list, TRUE);
486
487 while (is_host && iterator->iterate(iterator, (void**)&ts))
488 {
489 is_host = is_host && ts->is_host(ts, host);
490 }
491 iterator->destroy(iterator);
492 return is_host;
493 }
494
495 /**
496 * Install a CHILD_SA for usage
497 */
498 static status_t install_child_sa(private_create_child_sa_t *this, bool initiator)
499 {
500 prf_plus_t *prf_plus;
501 chunk_t seed;
502 status_t status;
503
504 seed = chunk_alloc(this->nonce_i.len + this->nonce_r.len);
505 memcpy(seed.ptr, this->nonce_i.ptr, this->nonce_i.len);
506 memcpy(seed.ptr + this->nonce_i.len, this->nonce_r.ptr, this->nonce_r.len);
507 prf_plus = prf_plus_create(this->ike_sa->get_child_prf(this->ike_sa), seed);
508 chunk_free(&seed);
509
510 if (initiator)
511 {
512 status = this->child_sa->update(this->child_sa, this->proposal,
513 this->mode, prf_plus);
514 }
515 else
516 {
517 status = this->child_sa->add(this->child_sa, this->proposal,
518 this->mode, prf_plus);
519 }
520 prf_plus->destroy(prf_plus);
521 if (status != SUCCESS)
522 {
523 return DESTROY_ME;
524 }
525 if (initiator)
526 {
527 status = this->child_sa->add_policies(this->child_sa, this->tsi,
528 this->tsr, this->mode);
529 }
530 else
531 {
532 status = this->child_sa->add_policies(this->child_sa, this->tsr,
533 this->tsi, this->mode);
534 }
535 if (status != SUCCESS)
536 {
537 return DESTROY_ME;
538 }
539
540 /* add to IKE_SA, and remove from transaction */
541 this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
542 this->ike_sa->add_child_sa(this->ike_sa, this->child_sa);
543 this->child_sa = NULL;
544 return SUCCESS;
545 }
546
547 /**
548 * Implementation of transaction_t.get_response.
549 */
550 static status_t get_response(private_create_child_sa_t *this, message_t *request,
551 message_t **result, transaction_t **next)
552 {
553 host_t *me, *other;
554 identification_t *my_id, *other_id;
555 message_t *response;
556 status_t status;
557 iterator_t *payloads;
558 payload_t *payload;
559 sa_payload_t *sa_request = NULL;
560 nonce_payload_t *nonce_request = NULL;
561 ts_payload_t *tsi_request = NULL;
562 ts_payload_t *tsr_request = NULL;
563 nonce_payload_t *nonce_response;
564
565 /* check if we already have built a response (retransmission) */
566 if (this->message)
567 {
568 *result = this->message;
569 return SUCCESS;
570 }
571
572 me = this->ike_sa->get_my_host(this->ike_sa);
573 other = this->ike_sa->get_other_host(this->ike_sa);
574 my_id = this->ike_sa->get_my_id(this->ike_sa);
575 other_id = this->ike_sa->get_other_id(this->ike_sa);
576 this->message_id = request->get_message_id(request);
577
578 /* set up response */
579 response = message_create();
580 response->set_source(response, me->clone(me));
581 response->set_destination(response, other->clone(other));
582 response->set_exchange_type(response, CREATE_CHILD_SA);
583 response->set_request(response, FALSE);
584 response->set_message_id(response, this->message_id);
585 response->set_ike_sa_id(response, this->ike_sa->get_id(this->ike_sa));
586 this->message = response;
587 *result = response;
588
589 /* check message type */
590 if (request->get_exchange_type(request) != CREATE_CHILD_SA)
591 {
592 DBG1(DBG_IKE, "CREATE_CHILD_SA response of invalid type, aborted");
593 return FAILED;
594 }
595
596 /* we do not allow the creation of new CHILDren/rekeying when IKE_SA is
597 * rekeying */
598 if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING ||
599 this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
600 {
601 build_notify(NO_ADDITIONAL_SAS, chunk_empty, response, TRUE);
602 DBG1(DBG_IKE, "unable to create new CHILD_SAs, as rekeying in progress");
603 return FAILED;
604 }
605
606 /* Iterate over all payloads. */
607 payloads = request->get_payload_iterator(request);
608 while (payloads->iterate(payloads, (void**)&payload))
609 {
610 switch (payload->get_type(payload))
611 {
612 case SECURITY_ASSOCIATION:
613 sa_request = (sa_payload_t*)payload;
614 break;
615 case NONCE:
616 nonce_request = (nonce_payload_t*)payload;
617 break;
618 case TRAFFIC_SELECTOR_INITIATOR:
619 tsi_request = (ts_payload_t*)payload;
620 break;
621 case TRAFFIC_SELECTOR_RESPONDER:
622 tsr_request = (ts_payload_t*)payload;
623 break;
624 case KEY_EXCHANGE:
625 {
626 u_int8_t dh_buffer[] = {0x00, 0x00}; /* MODP_NONE */
627 chunk_t group = chunk_from_buf(dh_buffer);
628 build_notify(INVALID_KE_PAYLOAD, group, response, TRUE);
629 DBG1(DBG_IKE, "CREATE_CHILD_SA used PFS, sending INVALID_KE_PAYLOAD");
630 return FAILED;
631 }
632 case NOTIFY:
633 {
634 status = process_notifys(this, (notify_payload_t*)payload);
635 if (status != SUCCESS)
636 {
637 payloads->destroy(payloads);
638 return status;
639 }
640 break;
641 }
642 default:
643 {
644 DBG1(DBG_IKE, "ignoring %N payload",
645 payload_type_names, payload->get_type(payload));
646 break;
647 }
648 }
649 }
650 payloads->destroy(payloads);
651
652 /* after processing the notify payloads, we know if this transaction is
653 * for rekeying or for a new CHILD_SA. We can emit the signals now. */
654 if (this->rekeyed_sa)
655 {
656 SIG(CHILD_REKEY_START, "rekeying CHILD_SA");
657 }
658 else
659 {
660 SIG(CHILD_UP_START, "creating CHILD_SA");
661 }
662
663 /* check if we have all payloads */
664 if (!(sa_request && nonce_request && tsi_request && tsr_request))
665 {
666 build_notify(INVALID_SYNTAX, chunk_empty, response, TRUE);
667 SIG(this->failsig, "request message incomplete, no CHILD_SA created");
668 return FAILED;
669 }
670
671 { /* process nonce payload */
672 this->nonce_i = nonce_request->get_nonce(nonce_request);
673 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
674 NONCE_SIZE, &this->nonce_r) != SUCCESS)
675 {
676 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
677 SIG(this->failsig, "nonce generation failed, no CHILD_SA created");
678 return FAILED;
679 }
680 nonce_response = nonce_payload_create();
681 nonce_response->set_nonce(nonce_response, this->nonce_r);
682 }
683
684 { /* get a policy and process traffic selectors */
685 identification_t *my_id, *other_id;
686 linked_list_t *my_ts, *other_ts;
687
688 my_id = this->ike_sa->get_my_id(this->ike_sa);
689 other_id = this->ike_sa->get_other_id(this->ike_sa);
690
691 my_ts = tsr_request->get_traffic_selectors(tsr_request);
692 other_ts = tsi_request->get_traffic_selectors(tsi_request);
693
694 this->policy = charon->policies->get_policy(charon->policies,
695 my_id, other_id,
696 my_ts, other_ts,
697 me, other,
698 NULL);
699 if (this->policy)
700 {
701 this->tsr = this->policy->select_my_traffic_selectors(this->policy, my_ts, me);
702 this->tsi = this->policy->select_other_traffic_selectors(this->policy, other_ts, other);
703 }
704 my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
705 other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
706
707 if (this->policy == NULL)
708 {
709 SIG(this->failsig, "no acceptable policy found, sending TS_UNACCEPTABLE notify");
710 build_notify(TS_UNACCEPTABLE, chunk_empty, response, TRUE);
711 return FAILED;
712 }
713 }
714
715 { /* process SA payload */
716 linked_list_t *proposal_list;
717 sa_payload_t *sa_response;
718 ts_payload_t *ts_response;
719 bool use_natt;
720 u_int32_t soft_lifetime, hard_lifetime;
721
722 sa_response = sa_payload_create();
723 /* get proposals from request, and select one with ours */
724 proposal_list = sa_request->get_proposals(sa_request);
725 DBG2(DBG_IKE, "selecting proposals:");
726 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
727 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
728
729 /* do we have a proposal? */
730 if (this->proposal == NULL)
731 {
732 SIG(this->failsig, "CHILD_SA proposals unacceptable, sending NO_PROPOSAL_CHOSEN notify");
733 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
734 return FAILED;
735 }
736 /* do we have traffic selectors? */
737 else if (this->tsi->get_count(this->tsi) == 0 || this->tsr->get_count(this->tsr) == 0)
738 {
739 SIG(this->failsig, "CHILD_SA traffic selectors unacceptable, sending TS_UNACCEPTABLE notify");
740 build_notify(TS_UNACCEPTABLE, chunk_empty, response, TRUE);
741 return FAILED;
742 }
743 else
744 { /* create child sa */
745 if (this->rekeyed_sa)
746 {
747 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
748 }
749 soft_lifetime = this->policy->get_soft_lifetime(this->policy);
750 hard_lifetime = this->policy->get_hard_lifetime(this->policy);
751 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
752 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
753 soft_lifetime, hard_lifetime,
754 this->policy->get_updown(this->policy),
755 this->policy->get_hostaccess(this->policy),
756 use_natt);
757 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
758
759 /* check mode, and include notify into reply */
760 switch (this->mode)
761 {
762 case MODE_TUNNEL:
763 /* is the default */
764 break;
765 case MODE_TRANSPORT:
766 if (!ts_list_is_host(this->tsi, other) ||
767 !ts_list_is_host(this->tsr, me))
768 {
769 this->mode = MODE_TUNNEL;
770 DBG1(DBG_IKE, "not using tranport mode, not host-to-host");
771 }
772 else if (this->ike_sa->is_natt_enabled(this->ike_sa))
773 {
774 this->mode = MODE_TUNNEL;
775 DBG1(DBG_IKE, "not using tranport mode, as connection NATed");
776 }
777 else
778 {
779 build_notify(USE_TRANSPORT_MODE, chunk_empty, response, FALSE);
780 }
781 break;
782 case MODE_BEET:
783 if (!ts_list_is_host(this->tsi, NULL) ||
784 !ts_list_is_host(this->tsr, NULL))
785 {
786 this->mode = MODE_TUNNEL;
787 DBG1(DBG_IKE, "not using BEET mode, not host-to-host");
788 }
789 else
790 {
791 build_notify(USE_BEET_MODE, chunk_empty, response, FALSE);
792 }
793 break;
794 }
795
796 if (install_child_sa(this, FALSE) != SUCCESS)
797 {
798 SIG(this->failsig, "installing CHILD_SA failed, sending NO_PROPOSAL_CHOSEN notify");
799 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
800 return FAILED;
801 }
802 /* add proposal to sa payload */
803 sa_response->add_proposal(sa_response, this->proposal);
804 }
805 response->add_payload(response, (payload_t*)sa_response);
806
807 /* add nonce/ts payload after sa payload */
808 response->add_payload(response, (payload_t *)nonce_response);
809 ts_response = ts_payload_create_from_traffic_selectors(TRUE, this->tsi);
810 response->add_payload(response, (payload_t*)ts_response);
811 ts_response = ts_payload_create_from_traffic_selectors(FALSE, this->tsr);
812 response->add_payload(response, (payload_t*)ts_response);
813 }
814 /* CHILD_SA successfully created. If another transaction is already rekeying
815 * this SA, our lower nonce must be registered for a later nonce compare. */
816 if (this->rekeyed_sa)
817 {
818 private_create_child_sa_t *other;
819
820 other = (private_create_child_sa_t*)
821 this->rekeyed_sa->get_rekeying_transaction(this->rekeyed_sa);
822 if (other)
823 {
824 /* store our lower nonce in the simultaneus transaction, it
825 * will later compare it against its nonces when it calls conclude().
826 */
827 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
828 min(this->nonce_i.len, this->nonce_r.len)) < 0)
829 {
830 other->nonce_s = chunk_clone(this->nonce_i);
831 }
832 else
833 {
834 other->nonce_s = chunk_clone(this->nonce_r);
835 }
836 }
837 else
838 {
839 /* we only signal when no other transaction is rekeying */
840 SIG(CHILD_REKEY_SUCCESS, "CHILD_SA rekeyed");
841 }
842 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
843 }
844 else
845 {
846 SIG(CHILD_UP_SUCCESS, "CHILD_SA created");
847 }
848 return SUCCESS;
849 }
850
851 /**
852 * Implementation of transaction_t.conclude
853 */
854 static status_t conclude(private_create_child_sa_t *this, message_t *response,
855 transaction_t **next)
856 {
857 iterator_t *payloads;
858 payload_t *payload;
859 host_t *me, *other;
860 sa_payload_t *sa_payload = NULL;
861 nonce_payload_t *nonce_payload = NULL;
862 ts_payload_t *tsi_payload = NULL;
863 ts_payload_t *tsr_payload = NULL;
864 status_t status;
865 child_sa_t *new_child = NULL;
866 delete_child_sa_t *delete_child_sa;
867
868 /* check message type */
869 if (response->get_exchange_type(response) != CREATE_CHILD_SA)
870 {
871 SIG(this->failsig, "CREATE_CHILD_SA response of invalid type, aborting");
872 return FAILED;
873 }
874
875 me = this->ike_sa->get_my_host(this->ike_sa);
876 other = this->ike_sa->get_other_host(this->ike_sa);
877
878 /* Iterate over all payloads to collect them */
879 payloads = response->get_payload_iterator(response);
880 while (payloads->iterate(payloads, (void**)&payload))
881 {
882 switch (payload->get_type(payload))
883 {
884 case SECURITY_ASSOCIATION:
885 sa_payload = (sa_payload_t*)payload;
886 break;
887 case NONCE:
888 nonce_payload = (nonce_payload_t*)payload;
889 break;
890 case TRAFFIC_SELECTOR_INITIATOR:
891 tsi_payload = (ts_payload_t*)payload;
892 break;
893 case TRAFFIC_SELECTOR_RESPONDER:
894 tsr_payload = (ts_payload_t*)payload;
895 break;
896 case NOTIFY:
897 {
898 status = process_notifys(this, (notify_payload_t*)payload);
899 if (status != SUCCESS)
900 {
901 payloads->destroy(payloads);
902 return status;
903 }
904 break;
905 }
906 default:
907 {
908 DBG1(DBG_IKE, "ignoring %N payload",
909 payload_type_names, payload->get_type(payload));
910 break;
911 }
912 }
913 }
914 payloads->destroy(payloads);
915
916 if (!(sa_payload && nonce_payload && tsi_payload && tsr_payload))
917 {
918 SIG(this->failsig, "response message incomplete, no CHILD_SA built");
919 return FAILED;
920 }
921
922 { /* process NONCE payload */
923 this->nonce_r = nonce_payload->get_nonce(nonce_payload);
924 }
925
926 { /* process traffic selectors for us */
927 linked_list_t *ts_received = tsi_payload->get_traffic_selectors(tsi_payload);
928 this->tsi = this->policy->select_my_traffic_selectors(this->policy, ts_received, me);
929 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
930 }
931
932 { /* process traffic selectors for other */
933 linked_list_t *ts_received = tsr_payload->get_traffic_selectors(tsr_payload);
934 this->tsr = this->policy->select_other_traffic_selectors(this->policy, ts_received, other);
935 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
936 }
937
938 { /* process sa payload */
939 linked_list_t *proposal_list;
940
941 proposal_list = sa_payload->get_proposals(sa_payload);
942 /* we have to re-check here if other's selection is valid */
943 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
944 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
945
946 /* everything fine to create CHILD? */
947 if (this->proposal == NULL ||
948 this->tsi->get_count(this->tsi) == 0 ||
949 this->tsr->get_count(this->tsr) == 0)
950 {
951 SIG(this->failsig, "CHILD_SA negotiation failed, no CHILD_SA built");
952 return FAILED;
953 }
954
955 /* check mode if it is acceptable */
956 switch (this->mode)
957 {
958 case MODE_TUNNEL:
959 /* is the default */
960 break;
961 case MODE_TRANSPORT:
962 /* TODO: we should close the CHILD_SA if negotiated
963 * mode is not acceptable for us */
964 if (!ts_list_is_host(this->tsi, me) ||
965 !ts_list_is_host(this->tsr, other))
966 {
967 this->mode = MODE_TUNNEL;
968 DBG1(DBG_IKE, "not using tranport mode, not host-to-host");
969 }
970 else if (this->ike_sa->is_natt_enabled(this->ike_sa))
971 {
972 this->mode = MODE_TUNNEL;
973 DBG1(DBG_IKE, "not using tranport mode, as connection NATed");
974 }
975 break;
976 case MODE_BEET:
977 if (!ts_list_is_host(this->tsi, NULL) ||
978 !ts_list_is_host(this->tsr, NULL))
979 {
980 this->mode = MODE_TUNNEL;
981 DBG1(DBG_IKE, "not using BEET mode, not host-to-host");
982 }
983 break;
984 }
985
986 new_child = this->child_sa;
987 if (install_child_sa(this, TRUE) != SUCCESS)
988 {
989 SIG(this->failsig, "installing CHILD_SA failed, no CHILD_SA built");
990 return FAILED;
991 }
992 }
993 /* CHILD_SA successfully created. If the other peer initiated rekeying
994 * in the meantime, we detect this by comparing the rekeying_transaction
995 * of the SA. If it changed, we are not alone. Then we must compare the nonces.
996 * If no simultaneous rekeying is going on, we just initiate the delete of
997 * the superseded SA. */
998 if (this->rekeyed_sa)
999 {
1000 /* rekeying finished, update SA status */
1001 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, NULL);
1002
1003 if (this->nonce_s.ptr)
1004 { /* simlutaneous rekeying is going on, not so good */
1005 chunk_t this_lowest;
1006
1007 /* first get our lowest nonce */
1008 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
1009 min(this->nonce_i.len, this->nonce_r.len)) < 0)
1010 {
1011 this_lowest = this->nonce_i;
1012 }
1013 else
1014 {
1015 this_lowest = this->nonce_r;
1016 }
1017 /* then compare against other lowest nonce */
1018 if (memcmp(this_lowest.ptr, this->nonce_s.ptr,
1019 min(this_lowest.len, this->nonce_s.len)) < 0)
1020 {
1021 DBG1(DBG_IKE, "detected simultaneous CHILD_SA rekeying, deleting ours");
1022 this->lost = TRUE;
1023 }
1024 else
1025 {
1026 DBG1(DBG_IKE, "detected simultaneous CHILD_SA rekeying, but ours is preferred");
1027 }
1028 }
1029 /* delete the old SA if we have won the rekeying nonce compare*/
1030 if (!this->lost)
1031 {
1032 delete_child_sa = delete_child_sa_create(this->ike_sa);
1033 delete_child_sa->set_child_sa(delete_child_sa, this->rekeyed_sa);
1034 *next = (transaction_t*)delete_child_sa;
1035 }
1036 /* we send a rekey SUCCESS signal in any case. If the other transaction
1037 * detected our transaction, it did not send a signal. We do it for it. */
1038 SIG(CHILD_REKEY_SUCCESS, "CHILD_SA rekeyed");
1039 }
1040 else
1041 {
1042 SIG(CHILD_UP_SUCCESS, "CHILD_SA created");
1043 }
1044 if (this->lost)
1045 {
1046 /* we have lost simlutaneous rekeying, delete the CHILD_SA we just have created */
1047 delete_child_sa = delete_child_sa_create(this->ike_sa);
1048 delete_child_sa->set_child_sa(delete_child_sa, new_child);
1049 *next = (transaction_t*)delete_child_sa;
1050 }
1051 return SUCCESS;
1052 }
1053
1054 /**
1055 * implements transaction_t.destroy
1056 */
1057 static void destroy(private_create_child_sa_t *this)
1058 {
1059 DESTROY_IF(this->message);
1060 DESTROY_IF(this->proposal);
1061 DESTROY_IF(this->child_sa);
1062 DESTROY_IF(this->policy);
1063 if (this->tsi)
1064 {
1065 this->tsi->destroy_offset(this->tsi, offsetof(traffic_selector_t, destroy));
1066 }
1067 if (this->tsr)
1068 {
1069 this->tsr->destroy_offset(this->tsr, offsetof(traffic_selector_t, destroy));
1070 }
1071 chunk_free(&this->nonce_i);
1072 chunk_free(&this->nonce_r);
1073 chunk_free(&this->nonce_s);
1074 this->randomizer->destroy(this->randomizer);
1075 free(this);
1076 }
1077
1078 /*
1079 * Described in header.
1080 */
1081 create_child_sa_t *create_child_sa_create(ike_sa_t *ike_sa)
1082 {
1083 private_create_child_sa_t *this = malloc_thing(private_create_child_sa_t);
1084
1085 /* transaction interface functions */
1086 this->public.transaction.get_request = (status_t(*)(transaction_t*,message_t**))get_request;
1087 this->public.transaction.get_response = (status_t(*)(transaction_t*,message_t*,message_t**,transaction_t**))get_response;
1088 this->public.transaction.conclude = (status_t(*)(transaction_t*,message_t*,transaction_t**))conclude;
1089 this->public.transaction.get_message_id = (u_int32_t(*)(transaction_t*))get_message_id;
1090 this->public.transaction.requested = (u_int32_t(*)(transaction_t*))requested;
1091 this->public.transaction.destroy = (void(*)(transaction_t*))destroy;
1092
1093 /* public functions */
1094 this->public.set_policy = (void(*)(create_child_sa_t*,policy_t*))set_policy;
1095 this->public.set_reqid = (void(*)(create_child_sa_t*,u_int32_t))set_reqid;
1096 this->public.rekeys_child = (void(*)(create_child_sa_t*,child_sa_t*))rekeys_child;
1097 this->public.cancel = (void(*)(create_child_sa_t*))cancel;
1098
1099 /* private data */
1100 this->ike_sa = ike_sa;
1101 this->message_id = 0;
1102 this->message = NULL;
1103 this->requested = 0;
1104 this->rekey_spi = 0;
1105 this->reqid = 0;
1106 this->nonce_i = chunk_empty;
1107 this->nonce_r = chunk_empty;
1108 this->nonce_s = chunk_empty;
1109 this->child_sa = NULL;
1110 this->rekeyed_sa = NULL;
1111 this->lost = FALSE;
1112 this->proposal = NULL;
1113 this->policy = NULL;
1114 this->tsi = NULL;
1115 this->tsr = NULL;
1116 this->mode = MODE_TUNNEL;
1117 this->randomizer = randomizer_create();
1118 this->failsig = CHILD_UP_FAILED;
1119
1120 return &this->public;
1121 }