projects / strongswan.git / blob
? search:


cc7b4c95e6ccfb9939f008fa80d3cf0cbf4cde8c
[strongswan.git] / src / charon / sa / transactions / create_child_sa.c
1 /**
2 * @file create_child_sa.c
3 *
4 * @brief Implementation of create_child_sa_t transaction.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include "create_child_sa.h"
24
25 #include <string.h>
26
27 #include <daemon.h>
28 #include <encoding/payloads/sa_payload.h>
29 #include <encoding/payloads/nonce_payload.h>
30 #include <encoding/payloads/ts_payload.h>
31 #include <sa/transactions/delete_child_sa.h>
32 #include <utils/randomizer.h>
33
34
35 typedef struct private_create_child_sa_t private_create_child_sa_t;
36
37 /**
38 * Private members of a create_child_sa_t object..
39 */
40 struct private_create_child_sa_t {
41
42 /**
43 * Public methods and transaction_t interface.
44 */
45 create_child_sa_t public;
46
47 /**
48 * Assigned IKE_SA.
49 */
50 ike_sa_t *ike_sa;
51
52 /**
53 * Message sent by our peer, if already generated
54 */
55 message_t *message;
56
57 /**
58 * Message ID this transaction uses
59 */
60 u_int32_t message_id;
61
62 /**
63 * Times we did send the request
64 */
65 u_int32_t requested;
66
67 /**
68 * initiators inbound SPI of the CHILD_SA which gets rekeyed
69 */
70 u_int32_t rekey_spi;
71
72 /**
73 * reqid to use for new CHILD_SA
74 */
75 u_int32_t reqid;
76
77 /**
78 * policy definition used
79 */
80 policy_t *policy;
81
82 /**
83 * Negotiated proposal used for CHILD_SA
84 */
85 proposal_t *proposal;
86
87 /**
88 * initiator chosen nonce
89 */
90 chunk_t nonce_i;
91
92 /**
93 * responder chosen nonce
94 */
95 chunk_t nonce_r;
96
97 /**
98 * lower of the nonces of a simultaneus rekeying request
99 */
100 chunk_t nonce_s;
101
102 /**
103 * Negotiated traffic selectors for initiator
104 */
105 linked_list_t *tsi;
106
107 /**
108 * Negotiated traffic selectors for responder
109 */
110 linked_list_t *tsr;
111
112 /**
113 * CHILD_SA created by this transaction
114 */
115 child_sa_t *child_sa;
116
117 /**
118 * CHILD_SA rekeyed if we are rekeying
119 */
120 child_sa_t *rekeyed_sa;
121
122 /**
123 * Have we lost the simultaneous rekeying nonce compare?
124 */
125 bool lost;
126
127 /**
128 * source of randomness
129 */
130 randomizer_t *randomizer;
131 };
132
133 /**
134 * Implementation of transaction_t.get_message_id.
135 */
136 static u_int32_t get_message_id(private_create_child_sa_t *this)
137 {
138 return this->message_id;
139 }
140
141 /**
142 * Implementation of transaction_t.requested.
143 */
144 static u_int32_t requested(private_create_child_sa_t *this)
145 {
146 return this->requested++;
147 }
148
149 /**
150 * Implementation of create_child_sa_t.set_policy.
151 */
152 static void set_policy(private_create_child_sa_t *this, policy_t *policy)
153 {
154 this->policy = policy;
155 }
156
157 /**
158 * Implementation of create_child_sa_t.set_reqid.
159 */
160 static void set_reqid(private_create_child_sa_t *this, u_int32_t reqid)
161 {
162 this->reqid = reqid;
163 }
164
165 /**
166 * Implementation of create_child_sa_t.rekeys_child.
167 */
168 static void rekeys_child(private_create_child_sa_t *this, child_sa_t *child_sa)
169 {
170 this->rekeyed_sa = child_sa;
171 }
172
173 /**
174 * Implementation of create_child_sa_t.cancel.
175 */
176 static void cancel(private_create_child_sa_t *this)
177 {
178 this->rekeyed_sa = NULL;
179 this->lost = TRUE;
180 }
181
182 /**
183 * Implementation of transaction_t.get_request.
184 */
185 static status_t get_request(private_create_child_sa_t *this, message_t **result)
186 {
187 message_t *request;
188 host_t *me, *other;
189 identification_t *my_id, *other_id;
190
191 /* check if we already have built a message (retransmission) */
192 if (this->message)
193 {
194 *result = this->message;
195 return SUCCESS;
196 }
197
198 /* check if we are not already rekeying */
199 if (this->rekeyed_sa)
200 {
201 switch (this->rekeyed_sa->get_state(this->rekeyed_sa))
202 {
203 case CHILD_REKEYING:
204 DBG1(SIG_DBG_IKE,
205 "rekeying a CHILD_SA which is already rekeying, aborted");
206 return FAILED;
207 case CHILD_DELETING:
208 DBG1(SIG_DBG_IKE,
209 "rekeying a CHILD_SA which is deleting, aborted");
210 return FAILED;
211 default:
212 break;
213 }
214 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
215 }
216
217 me = this->ike_sa->get_my_host(this->ike_sa);
218 other = this->ike_sa->get_other_host(this->ike_sa);
219 my_id = this->ike_sa->get_my_id(this->ike_sa);
220 other_id = this->ike_sa->get_other_id(this->ike_sa);
221
222 /* build the request */
223 request = message_create();
224 request->set_source(request, me->clone(me));
225 request->set_destination(request, other->clone(other));
226 request->set_exchange_type(request, CREATE_CHILD_SA);
227 request->set_request(request, TRUE);
228 request->set_ike_sa_id(request, this->ike_sa->get_id(this->ike_sa));
229 *result = request;
230 this->message = request;
231
232 { /* build SA payload */
233 sa_payload_t *sa_payload;
234 linked_list_t *proposals;
235 bool use_natt;
236
237 /* get a policy, if we are rekeying */
238 if (this->rekeyed_sa)
239 {
240 linked_list_t *my_ts, *other_ts;
241 identification_t *my_id, *other_id;
242
243 my_ts = this->rekeyed_sa->get_my_traffic_selectors(this->rekeyed_sa);
244 other_ts = this->rekeyed_sa->get_other_traffic_selectors(this->rekeyed_sa);
245 my_id = this->ike_sa->get_my_id(this->ike_sa);
246 other_id = this->ike_sa->get_other_id(this->ike_sa);
247
248 this->policy = charon->policies->get_policy(charon->policies,
249 my_id, other_id,
250 my_ts, other_ts,
251 me, other);
252
253 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
254
255 if (this->policy == NULL)
256 {
257 DBG1(SIG_DBG_IKE, "no policy found to rekey "
258 "CHILD_SA with reqid %d", this->reqid);
259 return FAILED;
260 }
261 }
262
263 proposals = this->policy->get_proposals(this->policy);
264 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
265 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
266 this->policy->get_soft_lifetime(this->policy),
267 this->policy->get_hard_lifetime(this->policy),
268 this->policy->get_updown(this->policy),
269 this->policy->get_hostaccess(this->policy),
270 use_natt);
271 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
272 if (this->child_sa->alloc(this->child_sa, proposals) != SUCCESS)
273 {
274 SIG(SIG_CHILD_FAILED, "could not install CHILD_SA, CHILD_SA creation aborted");
275 return FAILED;
276 }
277 sa_payload = sa_payload_create_from_proposal_list(proposals);
278 proposals->destroy_offset(proposals, offsetof(proposal_t, destroy));
279 request->add_payload(request, (payload_t*)sa_payload);
280 }
281
282 { /* build the NONCE payload for us (initiator) */
283 nonce_payload_t *nonce_payload;
284
285 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
286 NONCE_SIZE, &this->nonce_i) != SUCCESS)
287 {
288 SIG(SIG_CHILD_FAILED, "could not create nonce");
289 return FAILED;
290 }
291 nonce_payload = nonce_payload_create();
292 nonce_payload->set_nonce(nonce_payload, this->nonce_i);
293 request->add_payload(request, (payload_t*)nonce_payload);
294 }
295
296 { /* build TSi payload */
297 linked_list_t *ts_list;
298 ts_payload_t *ts_payload;
299
300 ts_list = this->policy->get_my_traffic_selectors(this->policy, me);
301 ts_payload = ts_payload_create_from_traffic_selectors(TRUE, ts_list);
302 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
303 request->add_payload(request, (payload_t*)ts_payload);
304 }
305
306 { /* build TSr payload */
307 linked_list_t *ts_list;
308 ts_payload_t *ts_payload;
309
310 ts_list = this->policy->get_other_traffic_selectors(this->policy, other);
311 ts_payload = ts_payload_create_from_traffic_selectors(FALSE, ts_list);
312 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
313 request->add_payload(request, (payload_t*)ts_payload);
314 }
315
316 if (this->rekeyed_sa)
317 { /* add REKEY_SA notify if we are rekeying */
318 notify_payload_t *notify;
319 protocol_id_t protocol;
320
321 protocol = this->rekeyed_sa->get_protocol(this->rekeyed_sa);
322 notify = notify_payload_create_from_protocol_and_type(protocol, REKEY_SA);
323 notify->set_spi(notify, this->rekeyed_sa->get_spi(this->rekeyed_sa, TRUE));
324 request->add_payload(request, (payload_t*)notify);
325
326 /* register us as rekeying to detect multiple rekeying */
327 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, &this->public);
328 }
329
330 this->message_id = this->ike_sa->get_next_message_id(this->ike_sa);
331 request->set_message_id(request, this->message_id);
332
333 return SUCCESS;
334 }
335
336 /**
337 * Handle all kind of notifys
338 */
339 static status_t process_notifys(private_create_child_sa_t *this, notify_payload_t *notify_payload)
340 {
341 notify_type_t notify_type = notify_payload->get_notify_type(notify_payload);
342
343 DBG2(SIG_DBG_IKE, "process notify type %N", notify_type_names, notify_type);
344
345 switch (notify_type)
346 {
347 case SINGLE_PAIR_REQUIRED:
348 {
349 SIG(SIG_CHILD_FAILED, "received a SINGLE_PAIR_REQUIRED notify");
350 return FAILED;
351 }
352 case TS_UNACCEPTABLE:
353 {
354 SIG(SIG_CHILD_FAILED, "received TS_UNACCEPTABLE notify");
355 return FAILED;
356 }
357 case NO_PROPOSAL_CHOSEN:
358 {
359 SIG(SIG_CHILD_FAILED, "received NO_PROPOSAL_CHOSEN notify");
360 return FAILED;
361 }
362 case REKEY_SA:
363 {
364 u_int32_t spi;
365 protocol_id_t protocol;
366
367 protocol = notify_payload->get_protocol_id(notify_payload);
368 switch (protocol)
369 {
370 case PROTO_AH:
371 case PROTO_ESP:
372 spi = notify_payload->get_spi(notify_payload);
373 this->rekeyed_sa = this->ike_sa->get_child_sa(this->ike_sa,
374 protocol, spi,
375 FALSE);
376 break;
377 default:
378 break;
379 }
380 return SUCCESS;
381 }
382 default:
383 {
384 if (notify_type < 16383)
385 {
386 SIG(SIG_CHILD_FAILED, "received %N notify error, CHILD_SA "
387 "creation failed", notify_type_names, notify_type);
388 return FAILED;
389 }
390 else
391 {
392 DBG1(SIG_DBG_IKE, "received %N notify, ignored",
393 notify_type_names, notify_type);
394 return SUCCESS;
395 }
396 }
397 }
398 }
399
400 /**
401 * Build a notify message.
402 */
403 static void build_notify(notify_type_t type, chunk_t data, message_t *message, bool flush_message)
404 {
405 notify_payload_t *notify;
406
407 if (flush_message)
408 {
409 payload_t *payload;
410 iterator_t *iterator = message->get_payload_iterator(message);
411 while (iterator->iterate(iterator, (void**)&payload))
412 {
413 payload->destroy(payload);
414 iterator->remove(iterator);
415 }
416 iterator->destroy(iterator);
417 }
418
419 notify = notify_payload_create();
420 notify->set_notify_type(notify, type);
421 notify->set_notification_data(notify, data);
422 message->add_payload(message, (payload_t*)notify);
423 }
424
425 /**
426 * Install a CHILD_SA for usage
427 */
428 static status_t install_child_sa(private_create_child_sa_t *this, bool initiator)
429 {
430 prf_plus_t *prf_plus;
431 chunk_t seed;
432 status_t status;
433
434 seed = chunk_alloc(this->nonce_i.len + this->nonce_r.len);
435 memcpy(seed.ptr, this->nonce_i.ptr, this->nonce_i.len);
436 memcpy(seed.ptr + this->nonce_i.len, this->nonce_r.ptr, this->nonce_r.len);
437 prf_plus = prf_plus_create(this->ike_sa->get_child_prf(this->ike_sa), seed);
438 chunk_free(&seed);
439
440 if (initiator)
441 {
442 status = this->child_sa->update(this->child_sa, this->proposal, prf_plus);
443 }
444 else
445 {
446 status = this->child_sa->add(this->child_sa, this->proposal, prf_plus);
447 }
448 prf_plus->destroy(prf_plus);
449 if (status != SUCCESS)
450 {
451 return DESTROY_ME;
452 }
453 if (initiator)
454 {
455 status = this->child_sa->add_policies(this->child_sa, this->tsi, this->tsr);
456 }
457 else
458 {
459 status = this->child_sa->add_policies(this->child_sa, this->tsr, this->tsi);
460 }
461 if (status != SUCCESS)
462 {
463 return DESTROY_ME;
464 }
465
466 /* add to IKE_SA, and remove from transaction */
467 this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
468 this->ike_sa->add_child_sa(this->ike_sa, this->child_sa);
469 this->child_sa = NULL;
470 return SUCCESS;
471 }
472
473 /**
474 * Implementation of transaction_t.get_response.
475 */
476 static status_t get_response(private_create_child_sa_t *this, message_t *request,
477 message_t **result, transaction_t **next)
478 {
479 host_t *me, *other;
480 identification_t *my_id, *other_id;
481 message_t *response;
482 status_t status;
483 iterator_t *payloads;
484 payload_t *payload;
485 sa_payload_t *sa_request = NULL;
486 nonce_payload_t *nonce_request = NULL;
487 ts_payload_t *tsi_request = NULL;
488 ts_payload_t *tsr_request = NULL;
489 nonce_payload_t *nonce_response;
490
491 /* check if we already have built a response (retransmission) */
492 if (this->message)
493 {
494 *result = this->message;
495 return SUCCESS;
496 }
497
498 me = this->ike_sa->get_my_host(this->ike_sa);
499 other = this->ike_sa->get_other_host(this->ike_sa);
500 my_id = this->ike_sa->get_my_id(this->ike_sa);
501 other_id = this->ike_sa->get_other_id(this->ike_sa);
502 this->message_id = request->get_message_id(request);
503
504 /* set up response */
505 response = message_create();
506 response->set_source(response, me->clone(me));
507 response->set_destination(response, other->clone(other));
508 response->set_exchange_type(response, CREATE_CHILD_SA);
509 response->set_request(response, FALSE);
510 response->set_message_id(response, this->message_id);
511 response->set_ike_sa_id(response, this->ike_sa->get_id(this->ike_sa));
512 this->message = response;
513 *result = response;
514
515 /* check message type */
516 if (request->get_exchange_type(request) != CREATE_CHILD_SA)
517 {
518 SIG(SIG_CHILD_FAILED, "CREATE_CHILD_SA response of invalid type, aborted");
519 return FAILED;
520 }
521
522 /* we do not allow the creation of new CHILDren/rekeying when IKE_SA is
523 * rekeying */
524 if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING ||
525 this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
526 {
527 build_notify(NO_ADDITIONAL_SAS, CHUNK_INITIALIZER, response, TRUE);
528 SIG(SIG_CHILD_FAILED, "unable to create new CHILD_SAs, as rekeying in progress");
529 return FAILED;
530 }
531
532 /* Iterate over all payloads. */
533 payloads = request->get_payload_iterator(request);
534 while (payloads->iterate(payloads, (void**)&payload))
535 {
536 switch (payload->get_type(payload))
537 {
538 case SECURITY_ASSOCIATION:
539 sa_request = (sa_payload_t*)payload;
540 break;
541 case NONCE:
542 nonce_request = (nonce_payload_t*)payload;
543 break;
544 case TRAFFIC_SELECTOR_INITIATOR:
545 tsi_request = (ts_payload_t*)payload;
546 break;
547 case TRAFFIC_SELECTOR_RESPONDER:
548 tsr_request = (ts_payload_t*)payload;
549 break;
550 case KEY_EXCHANGE:
551 {
552 u_int8_t dh_buffer[] = {0x00, 0x00}; /* MODP_NONE */
553 chunk_t group = chunk_from_buf(dh_buffer);
554 build_notify(INVALID_KE_PAYLOAD, group, response, TRUE);
555 SIG(SIG_CHILD_FAILED, "CREATE_CHILD_SA used PFS, sending INVALID_KE_PAYLOAD");
556 return FAILED;
557 }
558 case NOTIFY:
559 {
560 status = process_notifys(this, (notify_payload_t*)payload);
561 if (status != SUCCESS)
562 {
563 payloads->destroy(payloads);
564 return status;
565 }
566 break;
567 }
568 default:
569 {
570 DBG1(SIG_DBG_IKE, "ignoring %N payload",
571 payload_type_names, payload->get_type(payload));
572 break;
573 }
574 }
575 }
576 payloads->destroy(payloads);
577
578 /* check if we have all payloads */
579 if (!(sa_request && nonce_request && tsi_request && tsr_request))
580 {
581 build_notify(INVALID_SYNTAX, CHUNK_INITIALIZER, response, TRUE);
582 SIG(SIG_CHILD_FAILED, "request message incomplete, no CHILD_SA created");
583 return FAILED;
584 }
585
586 { /* process nonce payload */
587 this->nonce_i = nonce_request->get_nonce(nonce_request);
588 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
589 NONCE_SIZE, &this->nonce_r) != SUCCESS)
590 {
591 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
592 return FAILED;
593 }
594 nonce_response = nonce_payload_create();
595 nonce_response->set_nonce(nonce_response, this->nonce_r);
596 }
597
598 { /* get a policy and process traffic selectors */
599 identification_t *my_id, *other_id;
600 linked_list_t *my_ts, *other_ts;
601
602 my_id = this->ike_sa->get_my_id(this->ike_sa);
603 other_id = this->ike_sa->get_other_id(this->ike_sa);
604
605 my_ts = tsr_request->get_traffic_selectors(tsr_request);
606 other_ts = tsi_request->get_traffic_selectors(tsi_request);
607
608 this->policy = charon->policies->get_policy(charon->policies,
609 my_id, other_id,
610 my_ts, other_ts,
611 me, other);
612 if (this->policy)
613 {
614 this->tsr = this->policy->select_my_traffic_selectors(this->policy, my_ts, me);
615 this->tsi = this->policy->select_other_traffic_selectors(this->policy, other_ts, other);
616 }
617 my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
618 other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
619
620 if (this->policy == NULL)
621 {
622 SIG(SIG_CHILD_FAILED, "no acceptable policy found, sending TS_UNACCEPTABLE notify");
623 build_notify(TS_UNACCEPTABLE, CHUNK_INITIALIZER, response, TRUE);
624 return FAILED;
625 }
626 }
627
628 { /* process SA payload */
629 linked_list_t *proposal_list;
630 sa_payload_t *sa_response;
631 ts_payload_t *ts_response;
632 bool use_natt;
633 u_int32_t soft_lifetime, hard_lifetime;
634
635 sa_response = sa_payload_create();
636 /* get proposals from request, and select one with ours */
637 proposal_list = sa_request->get_proposals(sa_request);
638 DBG2(SIG_DBG_IKE, "selecting proposals:");
639 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
640 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
641
642 /* do we have a proposal? */
643 if (this->proposal == NULL)
644 {
645 SIG(SIG_CHILD_FAILED, "CHILD_SA proposals unacceptable, sending NO_PROPOSAL_CHOSEN notify");
646 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
647 return FAILED;
648 }
649 /* do we have traffic selectors? */
650 else if (this->tsi->get_count(this->tsi) == 0 || this->tsr->get_count(this->tsr) == 0)
651 {
652 SIG(SIG_CHILD_FAILED, "CHILD_SA traffic selectors unacceptable, sending TS_UNACCEPTABLE notify");
653 build_notify(TS_UNACCEPTABLE, CHUNK_INITIALIZER, response, TRUE);
654 return FAILED;
655 }
656 else
657 { /* create child sa */
658 if (this->rekeyed_sa)
659 {
660 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
661 }
662 soft_lifetime = this->policy->get_soft_lifetime(this->policy);
663 hard_lifetime = this->policy->get_hard_lifetime(this->policy);
664 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
665 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
666 soft_lifetime, hard_lifetime,
667 this->policy->get_updown(this->policy),
668 this->policy->get_hostaccess(this->policy),
669 use_natt);
670 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
671 if (install_child_sa(this, FALSE) != SUCCESS)
672 {
673 SIG(SIG_CHILD_FAILED, "installing CHILD_SA failed, sending NO_PROPOSAL_CHOSEN notify");
674 build_notify(NO_PROPOSAL_CHOSEN, CHUNK_INITIALIZER, response, TRUE);
675 return FAILED;
676 }
677 /* add proposal to sa payload */
678 sa_response->add_proposal(sa_response, this->proposal);
679 }
680 response->add_payload(response, (payload_t*)sa_response);
681
682 /* add nonce/ts payload after sa payload */
683 response->add_payload(response, (payload_t *)nonce_response);
684 ts_response = ts_payload_create_from_traffic_selectors(TRUE, this->tsi);
685 response->add_payload(response, (payload_t*)ts_response);
686 ts_response = ts_payload_create_from_traffic_selectors(FALSE, this->tsr);
687 response->add_payload(response, (payload_t*)ts_response);
688 }
689 /* CHILD_SA successfully created. If another transaction is already rekeying
690 * this SA, our lower nonce must be registered for a later nonce compare. */
691 if (this->rekeyed_sa)
692 {
693 private_create_child_sa_t *other;
694
695 other = this->rekeyed_sa->get_rekeying_transaction(this->rekeyed_sa);
696 if (other)
697 {
698 /* store our lower nonce in the simultaneus transaction, it
699 * will later compare it against his nonces when it calls conclude().
700 */
701 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
702 min(this->nonce_i.len, this->nonce_r.len)) < 0)
703 {
704 other->nonce_s = chunk_clone(this->nonce_i);
705 }
706 else
707 {
708 other->nonce_s = chunk_clone(this->nonce_r);
709 }
710 }
711 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
712 }
713 else
714 {
715 SIG(SIG_CHILD_UP, "CHILD_SA created");
716 }
717 return SUCCESS;
718 }
719
720 /**
721 * Implementation of transaction_t.conclude
722 */
723 static status_t conclude(private_create_child_sa_t *this, message_t *response,
724 transaction_t **next)
725 {
726 iterator_t *payloads;
727 payload_t *payload;
728 host_t *me, *other;
729 sa_payload_t *sa_payload = NULL;
730 nonce_payload_t *nonce_payload = NULL;
731 ts_payload_t *tsi_payload = NULL;
732 ts_payload_t *tsr_payload = NULL;
733 status_t status;
734 child_sa_t *new_child = NULL;
735 delete_child_sa_t *delete_child_sa;
736
737 /* check message type */
738 if (response->get_exchange_type(response) != CREATE_CHILD_SA)
739 {
740 SIG(SIG_CHILD_FAILED, "CREATE_CHILD_SA response of invalid type, aborting");
741 return FAILED;
742 }
743
744 me = this->ike_sa->get_my_host(this->ike_sa);
745 other = this->ike_sa->get_other_host(this->ike_sa);
746
747 /* Iterate over all payloads to collect them */
748 payloads = response->get_payload_iterator(response);
749 while (payloads->iterate(payloads, (void**)&payload))
750 {
751 switch (payload->get_type(payload))
752 {
753 case SECURITY_ASSOCIATION:
754 sa_payload = (sa_payload_t*)payload;
755 break;
756 case NONCE:
757 nonce_payload = (nonce_payload_t*)payload;
758 break;
759 case TRAFFIC_SELECTOR_INITIATOR:
760 tsi_payload = (ts_payload_t*)payload;
761 break;
762 case TRAFFIC_SELECTOR_RESPONDER:
763 tsr_payload = (ts_payload_t*)payload;
764 break;
765 case NOTIFY:
766 {
767 status = process_notifys(this, (notify_payload_t*)payload);
768 if (status != SUCCESS)
769 {
770 payloads->destroy(payloads);
771 return status;
772 }
773 break;
774 }
775 default:
776 {
777 DBG1(SIG_DBG_IKE, "ignoring %N payload",
778 payload_type_names, payload->get_type(payload));
779 break;
780 }
781 }
782 }
783 payloads->destroy(payloads);
784
785 if (!(sa_payload && nonce_payload && tsi_payload && tsr_payload))
786 {
787 SIG(SIG_CHILD_FAILED, "response message incomplete, no CHILD_SA built");
788 return FAILED;
789 }
790
791 { /* process NONCE payload */
792 this->nonce_r = nonce_payload->get_nonce(nonce_payload);
793 }
794
795 { /* process traffic selectors for us */
796 linked_list_t *ts_received = tsi_payload->get_traffic_selectors(tsi_payload);
797 this->tsi = this->policy->select_my_traffic_selectors(this->policy, ts_received, me);
798 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
799 }
800
801 { /* process traffic selectors for other */
802 linked_list_t *ts_received = tsr_payload->get_traffic_selectors(tsr_payload);
803 this->tsr = this->policy->select_other_traffic_selectors(this->policy, ts_received, other);
804 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
805 }
806
807 { /* process sa payload */
808 linked_list_t *proposal_list;
809
810 proposal_list = sa_payload->get_proposals(sa_payload);
811 /* we have to re-check here if other's selection is valid */
812 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
813 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
814
815 /* everything fine to create CHILD? */
816 if (this->proposal == NULL ||
817 this->tsi->get_count(this->tsi) == 0 ||
818 this->tsr->get_count(this->tsr) == 0)
819 {
820 SIG(SIG_CHILD_FAILED, "CHILD_SA negotiation failed, no CHILD_SA built");
821 return FAILED;
822 }
823 new_child = this->child_sa;
824 if (install_child_sa(this, TRUE) != SUCCESS)
825 {
826 SIG(SIG_CHILD_FAILED, "installing CHILD_SA failed, no CHILD_SA built");
827 return FAILED;
828 }
829 SIG(SIG_CHILD_UP, "CHILD_SA created");
830 }
831 /* CHILD_SA successfully created. If the other peer initiated rekeying
832 * in the meantime, we detect this by comparing the rekeying_transaction
833 * of the SA. If it changed, we are not alone. Then we must compare the nonces.
834 * If no simultaneous rekeying is going on, we just initiate the delete of
835 * the superseded SA. */
836 if (this->rekeyed_sa)
837 {
838 /* rekeying finished, update SA status */
839 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, NULL);
840
841 if (this->nonce_s.ptr)
842 { /* simlutaneous rekeying is going on, not so good */
843 chunk_t this_lowest;
844
845 /* first get our lowest nonce */
846 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
847 min(this->nonce_i.len, this->nonce_r.len)) < 0)
848 {
849 this_lowest = this->nonce_i;
850 }
851 else
852 {
853 this_lowest = this->nonce_r;
854 }
855 /* then compare against other lowest nonce */
856 if (memcmp(this_lowest.ptr, this->nonce_s.ptr,
857 min(this_lowest.len, this->nonce_s.len)) < 0)
858 {
859 DBG1(SIG_DBG_IKE, "detected simultaneous CHILD_SA rekeying, deleting ours");
860 this->lost = TRUE;
861 }
862 else
863 {
864 DBG1(SIG_DBG_IKE, "detected simultaneous CHILD_SA rekeying, but ours is preferred");
865 }
866 }
867 /* delete the old SA if we have won the rekeying nonce compare*/
868 if (!this->lost)
869 {
870 delete_child_sa = delete_child_sa_create(this->ike_sa);
871 delete_child_sa->set_child_sa(delete_child_sa, this->rekeyed_sa);
872 *next = (transaction_t*)delete_child_sa;
873 }
874 }
875 else
876 {
877 SIG(SIG_CHILD_UP, "CHILD_SA created");
878 }
879 if (this->lost)
880 {
881 /* we have lost simlutaneous rekeying, delete the CHILD_SA we just have created */
882 delete_child_sa = delete_child_sa_create(this->ike_sa);
883 delete_child_sa->set_child_sa(delete_child_sa, new_child);
884 *next = (transaction_t*)delete_child_sa;
885 }
886 return SUCCESS;
887 }
888
889 /**
890 * implements transaction_t.destroy
891 */
892 static void destroy(private_create_child_sa_t *this)
893 {
894 DESTROY_IF(this->message);
895 DESTROY_IF(this->proposal);
896 DESTROY_IF(this->child_sa);
897 DESTROY_IF(this->policy);
898 this->tsi->destroy_offset(this->tsi, offsetof(traffic_selector_t, destroy));
899 this->tsr->destroy_offset(this->tsr, offsetof(traffic_selector_t, destroy));
900 chunk_free(&this->nonce_i);
901 chunk_free(&this->nonce_r);
902 chunk_free(&this->nonce_s);
903 this->randomizer->destroy(this->randomizer);
904 free(this);
905 }
906
907 /*
908 * Described in header.
909 */
910 create_child_sa_t *create_child_sa_create(ike_sa_t *ike_sa)
911 {
912 private_create_child_sa_t *this = malloc_thing(private_create_child_sa_t);
913
914 /* transaction interface functions */
915 this->public.transaction.get_request = (status_t(*)(transaction_t*,message_t**))get_request;
916 this->public.transaction.get_response = (status_t(*)(transaction_t*,message_t*,message_t**,transaction_t**))get_response;
917 this->public.transaction.conclude = (status_t(*)(transaction_t*,message_t*,transaction_t**))conclude;
918 this->public.transaction.get_message_id = (u_int32_t(*)(transaction_t*))get_message_id;
919 this->public.transaction.requested = (u_int32_t(*)(transaction_t*))requested;
920 this->public.transaction.destroy = (void(*)(transaction_t*))destroy;
921
922 /* public functions */
923 this->public.set_policy = (void(*)(create_child_sa_t*,policy_t*))set_policy;
924 this->public.set_reqid = (void(*)(create_child_sa_t*,u_int32_t))set_reqid;
925 this->public.rekeys_child = (void(*)(create_child_sa_t*,child_sa_t*))rekeys_child;
926 this->public.cancel = (void(*)(create_child_sa_t*))cancel;
927
928 /* private data */
929 this->ike_sa = ike_sa;
930 this->message_id = 0;
931 this->message = NULL;
932 this->requested = 0;
933 this->rekey_spi = 0;
934 this->reqid = 0;
935 this->nonce_i = CHUNK_INITIALIZER;
936 this->nonce_r = CHUNK_INITIALIZER;
937 this->nonce_s = CHUNK_INITIALIZER;
938 this->child_sa = NULL;
939 this->rekeyed_sa = NULL;
940 this->lost = FALSE;
941 this->proposal = NULL;
942 this->policy = NULL;
943 this->tsi = NULL;
944 this->tsr = NULL;
945 this->randomizer = randomizer_create();
946
947 return &this->public;
948 }
strongSwan - IPsec VPN