cd53c5eb9a7c885f663f75a49cc68b9ee0b939d5
[strongswan.git] / src / charon / sa / transactions / create_child_sa.c
1 /**
2 * @file create_child_sa.c
3 *
4 * @brief Implementation of create_child_sa_t transaction.
5 *
6 */
7
8 /*
9 * Copyright (C) 2006 Martin Willi
10 * Hochschule fuer Technik Rapperswil
11 *
12 * This program is free software; you can redistribute it and/or modify it
13 * under the terms of the GNU General Public License as published by the
14 * Free Software Foundation; either version 2 of the License, or (at your
15 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
16 *
17 * This program is distributed in the hope that it will be useful, but
18 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
19 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
20 * for more details.
21 */
22
23 #include "create_child_sa.h"
24
25 #include <string.h>
26
27 #include <daemon.h>
28 #include <encoding/payloads/sa_payload.h>
29 #include <encoding/payloads/nonce_payload.h>
30 #include <encoding/payloads/ts_payload.h>
31 #include <sa/transactions/delete_child_sa.h>
32 #include <utils/randomizer.h>
33
34
35 typedef struct private_create_child_sa_t private_create_child_sa_t;
36
37 /**
38 * Private members of a create_child_sa_t object..
39 */
40 struct private_create_child_sa_t {
41
42 /**
43 * Public methods and transaction_t interface.
44 */
45 create_child_sa_t public;
46
47 /**
48 * Assigned IKE_SA.
49 */
50 ike_sa_t *ike_sa;
51
52 /**
53 * Message sent by our peer, if already generated
54 */
55 message_t *message;
56
57 /**
58 * Message ID this transaction uses
59 */
60 u_int32_t message_id;
61
62 /**
63 * Times we did send the request
64 */
65 u_int32_t requested;
66
67 /**
68 * initiators inbound SPI of the CHILD_SA which gets rekeyed
69 */
70 u_int32_t rekey_spi;
71
72 /**
73 * reqid to use for new CHILD_SA
74 */
75 u_int32_t reqid;
76
77 /**
78 * policy definition used
79 */
80 policy_t *policy;
81
82 /**
83 * Negotiated proposal used for CHILD_SA
84 */
85 proposal_t *proposal;
86
87 /**
88 * initiator chosen nonce
89 */
90 chunk_t nonce_i;
91
92 /**
93 * responder chosen nonce
94 */
95 chunk_t nonce_r;
96
97 /**
98 * lower of the nonces of a simultaneus rekeying request
99 */
100 chunk_t nonce_s;
101
102 /**
103 * Negotiated traffic selectors for initiator
104 */
105 linked_list_t *tsi;
106
107 /**
108 * Negotiated traffic selectors for responder
109 */
110 linked_list_t *tsr;
111
112 /**
113 * CHILD_SA created by this transaction
114 */
115 child_sa_t *child_sa;
116
117 /**
118 * CHILD_SA rekeyed if we are rekeying
119 */
120 child_sa_t *rekeyed_sa;
121
122 /**
123 * Have we lost the simultaneous rekeying nonce compare?
124 */
125 bool lost;
126
127 /**
128 * source of randomness
129 */
130 randomizer_t *randomizer;
131
132 /**
133 * signal to emit when transaction fails. As this transaction is used
134 * for CHILD_SA creation AND rekeying, we must emit different signals.
135 */
136 signal_t failsig;
137 };
138
139 /**
140 * Implementation of transaction_t.get_message_id.
141 */
142 static u_int32_t get_message_id(private_create_child_sa_t *this)
143 {
144 return this->message_id;
145 }
146
147 /**
148 * Implementation of transaction_t.requested.
149 */
150 static u_int32_t requested(private_create_child_sa_t *this)
151 {
152 return this->requested++;
153 }
154
155 /**
156 * Implementation of create_child_sa_t.set_policy.
157 */
158 static void set_policy(private_create_child_sa_t *this, policy_t *policy)
159 {
160 this->policy = policy;
161 }
162
163 /**
164 * Implementation of create_child_sa_t.set_reqid.
165 */
166 static void set_reqid(private_create_child_sa_t *this, u_int32_t reqid)
167 {
168 this->reqid = reqid;
169 }
170
171 /**
172 * Implementation of create_child_sa_t.rekeys_child.
173 */
174 static void rekeys_child(private_create_child_sa_t *this, child_sa_t *child_sa)
175 {
176 this->rekeyed_sa = child_sa;
177 this->failsig = CHILD_REKEY_FAILED;
178 }
179
180 /**
181 * Implementation of create_child_sa_t.cancel.
182 */
183 static void cancel(private_create_child_sa_t *this)
184 {
185 this->rekeyed_sa = NULL;
186 this->lost = TRUE;
187 }
188
189 /**
190 * Implementation of transaction_t.get_request.
191 */
192 static status_t get_request(private_create_child_sa_t *this, message_t **result)
193 {
194 message_t *request;
195 host_t *me, *other;
196 identification_t *my_id, *other_id;
197
198 /* check if we already have built a message (retransmission) */
199 if (this->message)
200 {
201 *result = this->message;
202 return SUCCESS;
203 }
204
205 /* check if we are not already rekeying */
206 if (this->rekeyed_sa)
207 {
208 SIG(CHILD_REKEY_START, "rekeying CHILD_SA");
209
210 switch (this->rekeyed_sa->get_state(this->rekeyed_sa))
211 {
212 case CHILD_REKEYING:
213 SIG(CHILD_REKEY_FAILED,
214 "rekeying a CHILD_SA which is already rekeying, aborted");
215 return FAILED;
216 case CHILD_DELETING:
217 SIG(CHILD_REKEY_FAILED,
218 "rekeying a CHILD_SA which is deleting, aborted");
219 return FAILED;
220 default:
221 break;
222 }
223 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
224 }
225 else
226 {
227 SIG(CHILD_UP_START, "creating CHILD_SA");
228 }
229
230 me = this->ike_sa->get_my_host(this->ike_sa);
231 other = this->ike_sa->get_other_host(this->ike_sa);
232 my_id = this->ike_sa->get_my_id(this->ike_sa);
233 other_id = this->ike_sa->get_other_id(this->ike_sa);
234
235 /* build the request */
236 request = message_create();
237 request->set_source(request, me->clone(me));
238 request->set_destination(request, other->clone(other));
239 request->set_exchange_type(request, CREATE_CHILD_SA);
240 request->set_request(request, TRUE);
241 request->set_ike_sa_id(request, this->ike_sa->get_id(this->ike_sa));
242 *result = request;
243 this->message = request;
244
245 { /* build SA payload */
246 sa_payload_t *sa_payload;
247 linked_list_t *proposals;
248 bool use_natt;
249
250 /* get a policy, if we are rekeying */
251 if (this->rekeyed_sa)
252 {
253 linked_list_t *my_ts, *other_ts;
254 identification_t *my_id, *other_id;
255
256 my_ts = this->rekeyed_sa->get_my_traffic_selectors(this->rekeyed_sa);
257 other_ts = this->rekeyed_sa->get_other_traffic_selectors(this->rekeyed_sa);
258 my_id = this->ike_sa->get_my_id(this->ike_sa);
259 other_id = this->ike_sa->get_other_id(this->ike_sa);
260
261 this->policy = charon->policies->get_policy(charon->policies,
262 my_id, other_id,
263 my_ts, other_ts,
264 me, other,
265 NULL);
266
267 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
268
269 if (this->policy == NULL)
270 {
271 SIG(IKE_REKEY_FAILED, "no policy found to rekey "
272 "CHILD_SA with reqid %d", this->reqid);
273 return FAILED;
274 }
275 }
276
277 proposals = this->policy->get_proposals(this->policy);
278 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
279 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
280 this->policy->get_soft_lifetime(this->policy),
281 this->policy->get_hard_lifetime(this->policy),
282 this->policy->get_updown(this->policy),
283 this->policy->get_hostaccess(this->policy),
284 use_natt);
285 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
286 if (this->child_sa->alloc(this->child_sa, proposals) != SUCCESS)
287 {
288 SIG(this->failsig, "could not install CHILD_SA, CHILD_SA creation failed");
289 return FAILED;
290 }
291 sa_payload = sa_payload_create_from_proposal_list(proposals);
292 proposals->destroy_offset(proposals, offsetof(proposal_t, destroy));
293 request->add_payload(request, (payload_t*)sa_payload);
294 }
295
296 { /* build the NONCE payload for us (initiator) */
297 nonce_payload_t *nonce_payload;
298
299 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
300 NONCE_SIZE, &this->nonce_i) != SUCCESS)
301 {
302 SIG(this->failsig, "could not create nonce, CHILD_SA creation failed");
303 return FAILED;
304 }
305 nonce_payload = nonce_payload_create();
306 nonce_payload->set_nonce(nonce_payload, this->nonce_i);
307 request->add_payload(request, (payload_t*)nonce_payload);
308 }
309
310 { /* build TSi payload */
311 linked_list_t *ts_list;
312 ts_payload_t *ts_payload;
313
314 ts_list = this->policy->get_my_traffic_selectors(this->policy, me);
315 ts_payload = ts_payload_create_from_traffic_selectors(TRUE, ts_list);
316 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
317 request->add_payload(request, (payload_t*)ts_payload);
318 }
319
320 { /* build TSr payload */
321 linked_list_t *ts_list;
322 ts_payload_t *ts_payload;
323
324 ts_list = this->policy->get_other_traffic_selectors(this->policy, other);
325 ts_payload = ts_payload_create_from_traffic_selectors(FALSE, ts_list);
326 ts_list->destroy_offset(ts_list, offsetof(traffic_selector_t, destroy));
327 request->add_payload(request, (payload_t*)ts_payload);
328 }
329
330 if (this->rekeyed_sa)
331 { /* add REKEY_SA notify if we are rekeying */
332 notify_payload_t *notify;
333 protocol_id_t protocol;
334
335 protocol = this->rekeyed_sa->get_protocol(this->rekeyed_sa);
336 notify = notify_payload_create_from_protocol_and_type(protocol, REKEY_SA);
337 notify->set_spi(notify, this->rekeyed_sa->get_spi(this->rekeyed_sa, TRUE));
338 request->add_payload(request, (payload_t*)notify);
339
340 /* register us as rekeying to detect multiple rekeying */
341 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa,
342 &this->public.transaction);
343 }
344
345 this->message_id = this->ike_sa->get_next_message_id(this->ike_sa);
346 request->set_message_id(request, this->message_id);
347
348 return SUCCESS;
349 }
350
351 /**
352 * Handle all kind of notifys
353 */
354 static status_t process_notifys(private_create_child_sa_t *this, notify_payload_t *notify_payload)
355 {
356 notify_type_t notify_type = notify_payload->get_notify_type(notify_payload);
357
358 DBG2(DBG_IKE, "process notify type %N", notify_type_names, notify_type);
359
360 switch (notify_type)
361 {
362 case SINGLE_PAIR_REQUIRED:
363 {
364 SIG(this->failsig, "received a SINGLE_PAIR_REQUIRED notify");
365 return FAILED;
366 }
367 case TS_UNACCEPTABLE:
368 {
369 SIG(this->failsig, "received TS_UNACCEPTABLE notify");
370 return FAILED;
371 }
372 case NO_PROPOSAL_CHOSEN:
373 {
374 SIG(this->failsig, "received NO_PROPOSAL_CHOSEN notify");
375 return FAILED;
376 }
377 case REKEY_SA:
378 {
379 u_int32_t spi;
380 protocol_id_t protocol;
381
382 protocol = notify_payload->get_protocol_id(notify_payload);
383 switch (protocol)
384 {
385 case PROTO_AH:
386 case PROTO_ESP:
387 spi = notify_payload->get_spi(notify_payload);
388 this->rekeyed_sa = this->ike_sa->get_child_sa(this->ike_sa,
389 protocol, spi,
390 FALSE);
391 this->failsig = CHILD_REKEY_FAILED;
392 break;
393 default:
394 break;
395 }
396 return SUCCESS;
397 }
398 default:
399 {
400 if (notify_type < 16383)
401 {
402 SIG(this->failsig, "received %N notify error, CHILD_SA "
403 "creation failed", notify_type_names, notify_type);
404 return FAILED;
405 }
406 else
407 {
408 DBG1(DBG_IKE, "received %N notify, ignored",
409 notify_type_names, notify_type);
410 return SUCCESS;
411 }
412 }
413 }
414 }
415
416 /**
417 * Build a notify message.
418 */
419 static void build_notify(notify_type_t type, chunk_t data, message_t *message, bool flush_message)
420 {
421 notify_payload_t *notify;
422
423 if (flush_message)
424 {
425 payload_t *payload;
426 iterator_t *iterator = message->get_payload_iterator(message);
427 while (iterator->iterate(iterator, (void**)&payload))
428 {
429 payload->destroy(payload);
430 iterator->remove(iterator);
431 }
432 iterator->destroy(iterator);
433 }
434
435 notify = notify_payload_create();
436 notify->set_notify_type(notify, type);
437 notify->set_notification_data(notify, data);
438 message->add_payload(message, (payload_t*)notify);
439 }
440
441 /**
442 * Install a CHILD_SA for usage
443 */
444 static status_t install_child_sa(private_create_child_sa_t *this, bool initiator)
445 {
446 prf_plus_t *prf_plus;
447 chunk_t seed;
448 status_t status;
449
450 seed = chunk_alloc(this->nonce_i.len + this->nonce_r.len);
451 memcpy(seed.ptr, this->nonce_i.ptr, this->nonce_i.len);
452 memcpy(seed.ptr + this->nonce_i.len, this->nonce_r.ptr, this->nonce_r.len);
453 prf_plus = prf_plus_create(this->ike_sa->get_child_prf(this->ike_sa), seed);
454 chunk_free(&seed);
455
456 if (initiator)
457 {
458 status = this->child_sa->update(this->child_sa, this->proposal, prf_plus);
459 }
460 else
461 {
462 status = this->child_sa->add(this->child_sa, this->proposal, prf_plus);
463 }
464 prf_plus->destroy(prf_plus);
465 if (status != SUCCESS)
466 {
467 return DESTROY_ME;
468 }
469 if (initiator)
470 {
471 status = this->child_sa->add_policies(this->child_sa, this->tsi, this->tsr);
472 }
473 else
474 {
475 status = this->child_sa->add_policies(this->child_sa, this->tsr, this->tsi);
476 }
477 if (status != SUCCESS)
478 {
479 return DESTROY_ME;
480 }
481
482 /* add to IKE_SA, and remove from transaction */
483 this->child_sa->set_state(this->child_sa, CHILD_INSTALLED);
484 this->ike_sa->add_child_sa(this->ike_sa, this->child_sa);
485 this->child_sa = NULL;
486 return SUCCESS;
487 }
488
489 /**
490 * Implementation of transaction_t.get_response.
491 */
492 static status_t get_response(private_create_child_sa_t *this, message_t *request,
493 message_t **result, transaction_t **next)
494 {
495 host_t *me, *other;
496 identification_t *my_id, *other_id;
497 message_t *response;
498 status_t status;
499 iterator_t *payloads;
500 payload_t *payload;
501 sa_payload_t *sa_request = NULL;
502 nonce_payload_t *nonce_request = NULL;
503 ts_payload_t *tsi_request = NULL;
504 ts_payload_t *tsr_request = NULL;
505 nonce_payload_t *nonce_response;
506
507 /* check if we already have built a response (retransmission) */
508 if (this->message)
509 {
510 *result = this->message;
511 return SUCCESS;
512 }
513
514 me = this->ike_sa->get_my_host(this->ike_sa);
515 other = this->ike_sa->get_other_host(this->ike_sa);
516 my_id = this->ike_sa->get_my_id(this->ike_sa);
517 other_id = this->ike_sa->get_other_id(this->ike_sa);
518 this->message_id = request->get_message_id(request);
519
520 /* set up response */
521 response = message_create();
522 response->set_source(response, me->clone(me));
523 response->set_destination(response, other->clone(other));
524 response->set_exchange_type(response, CREATE_CHILD_SA);
525 response->set_request(response, FALSE);
526 response->set_message_id(response, this->message_id);
527 response->set_ike_sa_id(response, this->ike_sa->get_id(this->ike_sa));
528 this->message = response;
529 *result = response;
530
531 /* check message type */
532 if (request->get_exchange_type(request) != CREATE_CHILD_SA)
533 {
534 DBG1(DBG_IKE, "CREATE_CHILD_SA response of invalid type, aborted");
535 return FAILED;
536 }
537
538 /* we do not allow the creation of new CHILDren/rekeying when IKE_SA is
539 * rekeying */
540 if (this->ike_sa->get_state(this->ike_sa) == IKE_REKEYING ||
541 this->ike_sa->get_state(this->ike_sa) == IKE_DELETING)
542 {
543 build_notify(NO_ADDITIONAL_SAS, chunk_empty, response, TRUE);
544 DBG1(DBG_IKE, "unable to create new CHILD_SAs, as rekeying in progress");
545 return FAILED;
546 }
547
548 /* Iterate over all payloads. */
549 payloads = request->get_payload_iterator(request);
550 while (payloads->iterate(payloads, (void**)&payload))
551 {
552 switch (payload->get_type(payload))
553 {
554 case SECURITY_ASSOCIATION:
555 sa_request = (sa_payload_t*)payload;
556 break;
557 case NONCE:
558 nonce_request = (nonce_payload_t*)payload;
559 break;
560 case TRAFFIC_SELECTOR_INITIATOR:
561 tsi_request = (ts_payload_t*)payload;
562 break;
563 case TRAFFIC_SELECTOR_RESPONDER:
564 tsr_request = (ts_payload_t*)payload;
565 break;
566 case KEY_EXCHANGE:
567 {
568 u_int8_t dh_buffer[] = {0x00, 0x00}; /* MODP_NONE */
569 chunk_t group = chunk_from_buf(dh_buffer);
570 build_notify(INVALID_KE_PAYLOAD, group, response, TRUE);
571 DBG1(DBG_IKE, "CREATE_CHILD_SA used PFS, sending INVALID_KE_PAYLOAD");
572 return FAILED;
573 }
574 case NOTIFY:
575 {
576 status = process_notifys(this, (notify_payload_t*)payload);
577 if (status != SUCCESS)
578 {
579 payloads->destroy(payloads);
580 return status;
581 }
582 break;
583 }
584 default:
585 {
586 DBG1(DBG_IKE, "ignoring %N payload",
587 payload_type_names, payload->get_type(payload));
588 break;
589 }
590 }
591 }
592 payloads->destroy(payloads);
593
594 /* after processing the notify payloads, we know if this transaction is
595 * for rekeying or for a new CHILD_SA. We can emit the signals now. */
596 if (this->rekeyed_sa)
597 {
598 SIG(CHILD_REKEY_START, "rekeying CHILD_SA");
599 }
600 else
601 {
602 SIG(CHILD_UP_START, "creating CHILD_SA");
603 }
604
605 /* check if we have all payloads */
606 if (!(sa_request && nonce_request && tsi_request && tsr_request))
607 {
608 build_notify(INVALID_SYNTAX, chunk_empty, response, TRUE);
609 SIG(this->failsig, "request message incomplete, no CHILD_SA created");
610 return FAILED;
611 }
612
613 { /* process nonce payload */
614 this->nonce_i = nonce_request->get_nonce(nonce_request);
615 if (this->randomizer->allocate_pseudo_random_bytes(this->randomizer,
616 NONCE_SIZE, &this->nonce_r) != SUCCESS)
617 {
618 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
619 SIG(this->failsig, "nonce generation failed, no CHILD_SA created");
620 return FAILED;
621 }
622 nonce_response = nonce_payload_create();
623 nonce_response->set_nonce(nonce_response, this->nonce_r);
624 }
625
626 { /* get a policy and process traffic selectors */
627 identification_t *my_id, *other_id;
628 linked_list_t *my_ts, *other_ts;
629
630 my_id = this->ike_sa->get_my_id(this->ike_sa);
631 other_id = this->ike_sa->get_other_id(this->ike_sa);
632
633 my_ts = tsr_request->get_traffic_selectors(tsr_request);
634 other_ts = tsi_request->get_traffic_selectors(tsi_request);
635
636 this->policy = charon->policies->get_policy(charon->policies,
637 my_id, other_id,
638 my_ts, other_ts,
639 me, other,
640 NULL);
641 if (this->policy)
642 {
643 this->tsr = this->policy->select_my_traffic_selectors(this->policy, my_ts, me);
644 this->tsi = this->policy->select_other_traffic_selectors(this->policy, other_ts, other);
645 }
646 my_ts->destroy_offset(my_ts, offsetof(traffic_selector_t, destroy));
647 other_ts->destroy_offset(other_ts, offsetof(traffic_selector_t, destroy));
648
649 if (this->policy == NULL)
650 {
651 SIG(this->failsig, "no acceptable policy found, sending TS_UNACCEPTABLE notify");
652 build_notify(TS_UNACCEPTABLE, chunk_empty, response, TRUE);
653 return FAILED;
654 }
655 }
656
657 { /* process SA payload */
658 linked_list_t *proposal_list;
659 sa_payload_t *sa_response;
660 ts_payload_t *ts_response;
661 bool use_natt;
662 u_int32_t soft_lifetime, hard_lifetime;
663
664 sa_response = sa_payload_create();
665 /* get proposals from request, and select one with ours */
666 proposal_list = sa_request->get_proposals(sa_request);
667 DBG2(DBG_IKE, "selecting proposals:");
668 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
669 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
670
671 /* do we have a proposal? */
672 if (this->proposal == NULL)
673 {
674 SIG(this->failsig, "CHILD_SA proposals unacceptable, sending NO_PROPOSAL_CHOSEN notify");
675 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
676 return FAILED;
677 }
678 /* do we have traffic selectors? */
679 else if (this->tsi->get_count(this->tsi) == 0 || this->tsr->get_count(this->tsr) == 0)
680 {
681 SIG(this->failsig, "CHILD_SA traffic selectors unacceptable, sending TS_UNACCEPTABLE notify");
682 build_notify(TS_UNACCEPTABLE, chunk_empty, response, TRUE);
683 return FAILED;
684 }
685 else
686 { /* create child sa */
687 if (this->rekeyed_sa)
688 {
689 this->reqid = this->rekeyed_sa->get_reqid(this->rekeyed_sa);
690 }
691 soft_lifetime = this->policy->get_soft_lifetime(this->policy);
692 hard_lifetime = this->policy->get_hard_lifetime(this->policy);
693 use_natt = this->ike_sa->is_natt_enabled(this->ike_sa);
694 this->child_sa = child_sa_create(this->reqid, me, other, my_id, other_id,
695 soft_lifetime, hard_lifetime,
696 this->policy->get_updown(this->policy),
697 this->policy->get_hostaccess(this->policy),
698 use_natt);
699 this->child_sa->set_name(this->child_sa, this->policy->get_name(this->policy));
700 if (install_child_sa(this, FALSE) != SUCCESS)
701 {
702 SIG(this->failsig, "installing CHILD_SA failed, sending NO_PROPOSAL_CHOSEN notify");
703 build_notify(NO_PROPOSAL_CHOSEN, chunk_empty, response, TRUE);
704 return FAILED;
705 }
706 /* add proposal to sa payload */
707 sa_response->add_proposal(sa_response, this->proposal);
708 }
709 response->add_payload(response, (payload_t*)sa_response);
710
711 /* add nonce/ts payload after sa payload */
712 response->add_payload(response, (payload_t *)nonce_response);
713 ts_response = ts_payload_create_from_traffic_selectors(TRUE, this->tsi);
714 response->add_payload(response, (payload_t*)ts_response);
715 ts_response = ts_payload_create_from_traffic_selectors(FALSE, this->tsr);
716 response->add_payload(response, (payload_t*)ts_response);
717 }
718 /* CHILD_SA successfully created. If another transaction is already rekeying
719 * this SA, our lower nonce must be registered for a later nonce compare. */
720 if (this->rekeyed_sa)
721 {
722 private_create_child_sa_t *other;
723
724 other = (private_create_child_sa_t*)
725 this->rekeyed_sa->get_rekeying_transaction(this->rekeyed_sa);
726 if (other)
727 {
728 /* store our lower nonce in the simultaneus transaction, it
729 * will later compare it against his nonces when it calls conclude().
730 */
731 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
732 min(this->nonce_i.len, this->nonce_r.len)) < 0)
733 {
734 other->nonce_s = chunk_clone(this->nonce_i);
735 }
736 else
737 {
738 other->nonce_s = chunk_clone(this->nonce_r);
739 }
740 }
741 else
742 {
743 /* we only signal when no other transaction is rekeying */
744 SIG(CHILD_REKEY_SUCCESS, "CHILD_SA rekeyed");
745 }
746 this->rekeyed_sa->set_state(this->rekeyed_sa, CHILD_REKEYING);
747 }
748 else
749 {
750 SIG(CHILD_UP_SUCCESS, "CHILD_SA created");
751 }
752 return SUCCESS;
753 }
754
755 /**
756 * Implementation of transaction_t.conclude
757 */
758 static status_t conclude(private_create_child_sa_t *this, message_t *response,
759 transaction_t **next)
760 {
761 iterator_t *payloads;
762 payload_t *payload;
763 host_t *me, *other;
764 sa_payload_t *sa_payload = NULL;
765 nonce_payload_t *nonce_payload = NULL;
766 ts_payload_t *tsi_payload = NULL;
767 ts_payload_t *tsr_payload = NULL;
768 status_t status;
769 child_sa_t *new_child = NULL;
770 delete_child_sa_t *delete_child_sa;
771
772 /* check message type */
773 if (response->get_exchange_type(response) != CREATE_CHILD_SA)
774 {
775 SIG(this->failsig, "CREATE_CHILD_SA response of invalid type, aborting");
776 return FAILED;
777 }
778
779 me = this->ike_sa->get_my_host(this->ike_sa);
780 other = this->ike_sa->get_other_host(this->ike_sa);
781
782 /* Iterate over all payloads to collect them */
783 payloads = response->get_payload_iterator(response);
784 while (payloads->iterate(payloads, (void**)&payload))
785 {
786 switch (payload->get_type(payload))
787 {
788 case SECURITY_ASSOCIATION:
789 sa_payload = (sa_payload_t*)payload;
790 break;
791 case NONCE:
792 nonce_payload = (nonce_payload_t*)payload;
793 break;
794 case TRAFFIC_SELECTOR_INITIATOR:
795 tsi_payload = (ts_payload_t*)payload;
796 break;
797 case TRAFFIC_SELECTOR_RESPONDER:
798 tsr_payload = (ts_payload_t*)payload;
799 break;
800 case NOTIFY:
801 {
802 status = process_notifys(this, (notify_payload_t*)payload);
803 if (status != SUCCESS)
804 {
805 payloads->destroy(payloads);
806 return status;
807 }
808 break;
809 }
810 default:
811 {
812 DBG1(DBG_IKE, "ignoring %N payload",
813 payload_type_names, payload->get_type(payload));
814 break;
815 }
816 }
817 }
818 payloads->destroy(payloads);
819
820 if (!(sa_payload && nonce_payload && tsi_payload && tsr_payload))
821 {
822 SIG(this->failsig, "response message incomplete, no CHILD_SA built");
823 return FAILED;
824 }
825
826 { /* process NONCE payload */
827 this->nonce_r = nonce_payload->get_nonce(nonce_payload);
828 }
829
830 { /* process traffic selectors for us */
831 linked_list_t *ts_received = tsi_payload->get_traffic_selectors(tsi_payload);
832 this->tsi = this->policy->select_my_traffic_selectors(this->policy, ts_received, me);
833 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
834 }
835
836 { /* process traffic selectors for other */
837 linked_list_t *ts_received = tsr_payload->get_traffic_selectors(tsr_payload);
838 this->tsr = this->policy->select_other_traffic_selectors(this->policy, ts_received, other);
839 ts_received->destroy_offset(ts_received, offsetof(traffic_selector_t, destroy));
840 }
841
842 { /* process sa payload */
843 linked_list_t *proposal_list;
844
845 proposal_list = sa_payload->get_proposals(sa_payload);
846 /* we have to re-check here if other's selection is valid */
847 this->proposal = this->policy->select_proposal(this->policy, proposal_list);
848 proposal_list->destroy_offset(proposal_list, offsetof(proposal_t, destroy));
849
850 /* everything fine to create CHILD? */
851 if (this->proposal == NULL ||
852 this->tsi->get_count(this->tsi) == 0 ||
853 this->tsr->get_count(this->tsr) == 0)
854 {
855 SIG(this->failsig, "CHILD_SA negotiation failed, no CHILD_SA built");
856 return FAILED;
857 }
858 new_child = this->child_sa;
859 if (install_child_sa(this, TRUE) != SUCCESS)
860 {
861 SIG(this->failsig, "installing CHILD_SA failed, no CHILD_SA built");
862 return FAILED;
863 }
864 }
865 /* CHILD_SA successfully created. If the other peer initiated rekeying
866 * in the meantime, we detect this by comparing the rekeying_transaction
867 * of the SA. If it changed, we are not alone. Then we must compare the nonces.
868 * If no simultaneous rekeying is going on, we just initiate the delete of
869 * the superseded SA. */
870 if (this->rekeyed_sa)
871 {
872 /* rekeying finished, update SA status */
873 this->rekeyed_sa->set_rekeying_transaction(this->rekeyed_sa, NULL);
874
875 if (this->nonce_s.ptr)
876 { /* simlutaneous rekeying is going on, not so good */
877 chunk_t this_lowest;
878
879 /* first get our lowest nonce */
880 if (memcmp(this->nonce_i.ptr, this->nonce_r.ptr,
881 min(this->nonce_i.len, this->nonce_r.len)) < 0)
882 {
883 this_lowest = this->nonce_i;
884 }
885 else
886 {
887 this_lowest = this->nonce_r;
888 }
889 /* then compare against other lowest nonce */
890 if (memcmp(this_lowest.ptr, this->nonce_s.ptr,
891 min(this_lowest.len, this->nonce_s.len)) < 0)
892 {
893 DBG1(DBG_IKE, "detected simultaneous CHILD_SA rekeying, deleting ours");
894 this->lost = TRUE;
895 }
896 else
897 {
898 DBG1(DBG_IKE, "detected simultaneous CHILD_SA rekeying, but ours is preferred");
899 }
900 }
901 /* delete the old SA if we have won the rekeying nonce compare*/
902 if (!this->lost)
903 {
904 delete_child_sa = delete_child_sa_create(this->ike_sa);
905 delete_child_sa->set_child_sa(delete_child_sa, this->rekeyed_sa);
906 *next = (transaction_t*)delete_child_sa;
907 }
908 /* we send a rekey SUCCESS signal in any case. If the other transaction
909 * detected our transaction, it did not send a signal. We do it for it. */
910 SIG(CHILD_REKEY_SUCCESS, "CHILD_SA rekeyed");
911 }
912 else
913 {
914 SIG(CHILD_UP_SUCCESS, "CHILD_SA created");
915 }
916 if (this->lost)
917 {
918 /* we have lost simlutaneous rekeying, delete the CHILD_SA we just have created */
919 delete_child_sa = delete_child_sa_create(this->ike_sa);
920 delete_child_sa->set_child_sa(delete_child_sa, new_child);
921 *next = (transaction_t*)delete_child_sa;
922 }
923 return SUCCESS;
924 }
925
926 /**
927 * implements transaction_t.destroy
928 */
929 static void destroy(private_create_child_sa_t *this)
930 {
931 DESTROY_IF(this->message);
932 DESTROY_IF(this->proposal);
933 DESTROY_IF(this->child_sa);
934 DESTROY_IF(this->policy);
935 if (this->tsi)
936 {
937 this->tsi->destroy_offset(this->tsi, offsetof(traffic_selector_t, destroy));
938 }
939 if (this->tsr)
940 {
941 this->tsr->destroy_offset(this->tsr, offsetof(traffic_selector_t, destroy));
942 }
943 chunk_free(&this->nonce_i);
944 chunk_free(&this->nonce_r);
945 chunk_free(&this->nonce_s);
946 this->randomizer->destroy(this->randomizer);
947 free(this);
948 }
949
950 /*
951 * Described in header.
952 */
953 create_child_sa_t *create_child_sa_create(ike_sa_t *ike_sa)
954 {
955 private_create_child_sa_t *this = malloc_thing(private_create_child_sa_t);
956
957 /* transaction interface functions */
958 this->public.transaction.get_request = (status_t(*)(transaction_t*,message_t**))get_request;
959 this->public.transaction.get_response = (status_t(*)(transaction_t*,message_t*,message_t**,transaction_t**))get_response;
960 this->public.transaction.conclude = (status_t(*)(transaction_t*,message_t*,transaction_t**))conclude;
961 this->public.transaction.get_message_id = (u_int32_t(*)(transaction_t*))get_message_id;
962 this->public.transaction.requested = (u_int32_t(*)(transaction_t*))requested;
963 this->public.transaction.destroy = (void(*)(transaction_t*))destroy;
964
965 /* public functions */
966 this->public.set_policy = (void(*)(create_child_sa_t*,policy_t*))set_policy;
967 this->public.set_reqid = (void(*)(create_child_sa_t*,u_int32_t))set_reqid;
968 this->public.rekeys_child = (void(*)(create_child_sa_t*,child_sa_t*))rekeys_child;
969 this->public.cancel = (void(*)(create_child_sa_t*))cancel;
970
971 /* private data */
972 this->ike_sa = ike_sa;
973 this->message_id = 0;
974 this->message = NULL;
975 this->requested = 0;
976 this->rekey_spi = 0;
977 this->reqid = 0;
978 this->nonce_i = chunk_empty;
979 this->nonce_r = chunk_empty;
980 this->nonce_s = chunk_empty;
981 this->child_sa = NULL;
982 this->rekeyed_sa = NULL;
983 this->lost = FALSE;
984 this->proposal = NULL;
985 this->policy = NULL;
986 this->tsi = NULL;
987 this->tsr = NULL;
988 this->randomizer = randomizer_create();
989 this->failsig = CHILD_UP_FAILED;
990
991 return &this->public;
992 }