Accept and process IKEv1 messages in receiver
[strongswan.git] / src / libcharon / network / receiver.c
1 /*
2 * Copyright (C) 2008 Tobias Brunner
3 * Copyright (C) 2005-2006 Martin Willi
4 * Copyright (C) 2005 Jan Hutter
5 * Hochschule fuer Technik Rapperswil
6 *
7 * This program is free software; you can redistribute it and/or modify it
8 * under the terms of the GNU General Public License as published by the
9 * Free Software Foundation; either version 2 of the License, or (at your
10 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
11 *
12 * This program is distributed in the hope that it will be useful, but
13 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
14 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * for more details.
16 */
17
18 #include <stdlib.h>
19 #include <unistd.h>
20
21 #include "receiver.h"
22
23 #include <daemon.h>
24 #include <network/socket.h>
25 #include <network/packet.h>
26 #include <processing/jobs/job.h>
27 #include <processing/jobs/process_message_job.h>
28 #include <processing/jobs/callback_job.h>
29 #include <crypto/hashers/hasher.h>
30
31 /** lifetime of a cookie, in seconds */
32 #define COOKIE_LIFETIME 10
33 /** how many times to reuse the secret */
34 #define COOKIE_REUSE 10000
35 /** default value for private_receiver_t.cookie_threshold */
36 #define COOKIE_THRESHOLD_DEFAULT 10
37 /** default value for private_receiver_t.block_threshold */
38 #define BLOCK_THRESHOLD_DEFAULT 5
39 /** length of the secret to use for cookie calculation */
40 #define SECRET_LENGTH 16
41
42 typedef struct private_receiver_t private_receiver_t;
43
44 /**
45 * Private data of a receiver_t object.
46 */
47 struct private_receiver_t {
48 /**
49 * Public part of a receiver_t object.
50 */
51 receiver_t public;
52
53 /**
54 * Threads job receiving packets
55 */
56 callback_job_t *job;
57
58 /**
59 * current secret to use for cookie calculation
60 */
61 char secret[SECRET_LENGTH];
62
63 /**
64 * previous secret used to verify older cookies
65 */
66 char secret_old[SECRET_LENGTH];
67
68 /**
69 * how many times we have used "secret" so far
70 */
71 u_int32_t secret_used;
72
73 /**
74 * time we did the cookie switch
75 */
76 u_int32_t secret_switch;
77
78 /**
79 * time offset to use, hides our system time
80 */
81 u_int32_t secret_offset;
82
83 /**
84 * the RNG to use for secret generation
85 */
86 rng_t *rng;
87
88 /**
89 * hasher to use for cookie calculation
90 */
91 hasher_t *hasher;
92
93 /**
94 * require cookies after this many half open IKE_SAs
95 */
96 u_int32_t cookie_threshold;
97
98 /**
99 * how many half open IKE_SAs per peer before blocking
100 */
101 u_int32_t block_threshold;
102
103 /**
104 * Drop IKE_SA_INIT requests if processor job load exceeds this limit
105 */
106 u_int init_limit_job_load;
107
108 /**
109 * Drop IKE_SA_INIT requests if half open IKE_SA count exceeds this limit
110 */
111 u_int init_limit_half_open;
112
113 /**
114 * Delay for receiving incoming packets, to simulate larger RTT
115 */
116 int receive_delay;
117
118 /**
119 * Specific message type to delay, 0 for any
120 */
121 int receive_delay_type;
122
123 /**
124 * Delay request messages?
125 */
126 bool receive_delay_request;
127
128 /**
129 * Delay response messages?
130 */
131 bool receive_delay_response;
132 };
133
134 /**
135 * send a notify back to the sender
136 */
137 static void send_notify(message_t *request, notify_type_t type, chunk_t data)
138 {
139 if (request->get_request(request) &&
140 request->get_exchange_type(request) == IKE_SA_INIT)
141 {
142 message_t *response;
143 host_t *src, *dst;
144 packet_t *packet;
145 ike_sa_id_t *ike_sa_id;
146
147 response = message_create();
148 dst = request->get_source(request);
149 src = request->get_destination(request);
150 response->set_source(response, src->clone(src));
151 response->set_destination(response, dst->clone(dst));
152 response->set_exchange_type(response, request->get_exchange_type(request));
153 response->set_request(response, FALSE);
154 response->set_message_id(response, 0);
155 ike_sa_id = request->get_ike_sa_id(request);
156 ike_sa_id->switch_initiator(ike_sa_id);
157 response->set_ike_sa_id(response, ike_sa_id);
158 response->add_notify(response, FALSE, type, data);
159 if (response->generate(response, NULL, &packet) == SUCCESS)
160 {
161 charon->sender->send(charon->sender, packet);
162 response->destroy(response);
163 }
164 }
165 /* TODO-IKEv1: send IKEv1 specific notifies */
166 }
167
168 /**
169 * build a cookie
170 */
171 static chunk_t cookie_build(private_receiver_t *this, message_t *message,
172 u_int32_t t, chunk_t secret)
173 {
174 u_int64_t spi = message->get_initiator_spi(message);
175 host_t *ip = message->get_source(message);
176 chunk_t input, hash;
177
178 /* COOKIE = t | sha1( IPi | SPIi | t | secret ) */
179 input = chunk_cata("cccc", ip->get_address(ip), chunk_from_thing(spi),
180 chunk_from_thing(t), secret);
181 hash = chunk_alloca(this->hasher->get_hash_size(this->hasher));
182 this->hasher->get_hash(this->hasher, input, hash.ptr);
183 return chunk_cat("cc", chunk_from_thing(t), hash);
184 }
185
186 /**
187 * verify a received cookie
188 */
189 static bool cookie_verify(private_receiver_t *this, message_t *message,
190 chunk_t cookie)
191 {
192 u_int32_t t, now;
193 chunk_t reference;
194 chunk_t secret;
195
196 now = time_monotonic(NULL);
197 t = *(u_int32_t*)cookie.ptr;
198
199 if (cookie.len != sizeof(u_int32_t) +
200 this->hasher->get_hash_size(this->hasher) ||
201 t < now - this->secret_offset - COOKIE_LIFETIME)
202 {
203 DBG2(DBG_NET, "received cookie lifetime expired, rejecting");
204 return FALSE;
205 }
206
207 /* check if cookie is derived from old_secret */
208 if (t + this->secret_offset > this->secret_switch)
209 {
210 secret = chunk_from_thing(this->secret);
211 }
212 else
213 {
214 secret = chunk_from_thing(this->secret_old);
215 }
216
217 /* compare own calculation against received */
218 reference = cookie_build(this, message, t, secret);
219 if (chunk_equals(reference, cookie))
220 {
221 chunk_free(&reference);
222 return TRUE;
223 }
224 chunk_free(&reference);
225 return FALSE;
226 }
227
228 /**
229 * Check if a valid cookie found
230 */
231 static bool check_cookie(private_receiver_t *this, message_t *message)
232 {
233 packet_t *packet;
234 chunk_t data;
235
236 /* check for a cookie. We don't use our parser here and do it
237 * quick and dirty for performance reasons.
238 * we assume the cookie is the first payload (which is a MUST), and
239 * the cookie's SPI length is zero. */
240 packet = message->get_packet(message);
241 data = packet->get_data(packet);
242 if (data.len <
243 IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH +
244 sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher) ||
245 *(data.ptr + 16) != NOTIFY ||
246 *(u_int16_t*)(data.ptr + IKE_HEADER_LENGTH + 6) != htons(COOKIE))
247 {
248 /* no cookie found */
249 packet->destroy(packet);
250 return FALSE;
251 }
252 data.ptr += IKE_HEADER_LENGTH + NOTIFY_PAYLOAD_HEADER_LENGTH;
253 data.len = sizeof(u_int32_t) + this->hasher->get_hash_size(this->hasher);
254 if (!cookie_verify(this, message, data))
255 {
256 DBG2(DBG_NET, "found cookie, but content invalid");
257 packet->destroy(packet);
258 return FALSE;
259 }
260 return TRUE;
261 }
262
263 /**
264 * Check if we should drop IKE_SA_INIT because of cookie/overload checking
265 */
266 static bool drop_ike_sa_init(private_receiver_t *this, message_t *message)
267 {
268 u_int half_open;
269
270 half_open = charon->ike_sa_manager->get_half_open_count(
271 charon->ike_sa_manager, NULL);
272
273 /* check for cookies */
274 if (this->cookie_threshold && half_open >= this->cookie_threshold &&
275 !check_cookie(this, message))
276 {
277 u_int32_t now = time_monotonic(NULL);
278 chunk_t cookie = cookie_build(this, message, now - this->secret_offset,
279 chunk_from_thing(this->secret));
280
281 DBG2(DBG_NET, "received packet from: %#H to %#H",
282 message->get_source(message),
283 message->get_destination(message));
284 DBG2(DBG_NET, "sending COOKIE notify to %H",
285 message->get_source(message));
286 send_notify(message, COOKIE, cookie);
287 chunk_free(&cookie);
288 if (++this->secret_used > COOKIE_REUSE)
289 {
290 /* create new cookie */
291 DBG1(DBG_NET, "generating new cookie secret after %d uses",
292 this->secret_used);
293 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
294 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
295 this->secret_switch = now;
296 this->secret_used = 0;
297 }
298 return TRUE;
299 }
300
301 /* check if peer has too many IKE_SAs half open */
302 if (this->block_threshold &&
303 charon->ike_sa_manager->get_half_open_count(charon->ike_sa_manager,
304 message->get_source(message)) >= this->block_threshold)
305 {
306 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, "
307 "peer too aggressive", message->get_source(message));
308 return TRUE;
309 }
310
311 /* check if global half open IKE_SA limit reached */
312 if (this->init_limit_half_open &&
313 half_open >= this->init_limit_half_open)
314 {
315 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, half open IKE_SA "
316 "count of %d exceeds limit of %d", message->get_source(message),
317 half_open, this->init_limit_half_open);
318 return TRUE;
319 }
320
321 /* check if job load acceptable */
322 if (this->init_limit_job_load)
323 {
324 u_int jobs = 0, i;
325
326 for (i = 0; i < JOB_PRIO_MAX; i++)
327 {
328 jobs += lib->processor->get_job_load(lib->processor, i);
329 }
330 if (jobs > this->init_limit_job_load)
331 {
332 DBG1(DBG_NET, "ignoring IKE_SA setup from %H, job load of %d "
333 "exceeds limit of %d", message->get_source(message),
334 jobs, this->init_limit_job_load);
335 return TRUE;
336 }
337 }
338 return FALSE;
339 }
340
341 /**
342 * Job callback to receive packets
343 */
344 static job_requeue_t receive_packets(private_receiver_t *this)
345 {
346 packet_t *packet;
347 message_t *message;
348 status_t status;
349
350 /* read in a packet */
351 status = charon->socket->receive(charon->socket, &packet);
352 if (status == NOT_SUPPORTED)
353 {
354 /* the processor destroys this job */
355 this->job = NULL;
356 return JOB_REQUEUE_NONE;
357 }
358 else if (status != SUCCESS)
359 {
360 DBG2(DBG_NET, "receiving from socket failed!");
361 return JOB_REQUEUE_FAIR;
362 }
363
364 /* parse message header */
365 message = message_create_from_packet(packet);
366 if (message->parse_header(message) != SUCCESS)
367 {
368 DBG1(DBG_NET, "received invalid IKE header from %H - ignored",
369 packet->get_source(packet));
370 message->destroy(message);
371 return JOB_REQUEUE_DIRECT;
372 }
373
374 /* check IKE major version */
375 switch (message->get_major_version(message))
376 {
377 case IKEV2_MAJOR_VERSION:
378 break;
379 #ifdef USE_IKEV1
380 case IKEV1_MAJOR_VERSION:
381 break;
382 #endif /* USE_IKEV1 */
383 default:
384 DBG1(DBG_NET, "received unsupported IKE version %d.%d from %H, "
385 "sending INVALID_MAJOR_VERSION",
386 message->get_major_version(message),
387 message->get_minor_version(message),
388 packet->get_source(packet));
389 send_notify(message, INVALID_MAJOR_VERSION, chunk_empty);
390 message->destroy(message);
391 return JOB_REQUEUE_DIRECT;
392 }
393
394 /* TODO-IKEv1: drop too agressive mainmodes */
395 if (message->get_request(message) &&
396 message->get_exchange_type(message) == IKE_SA_INIT)
397 {
398 if (drop_ike_sa_init(this, message))
399 {
400 message->destroy(message);
401 return JOB_REQUEUE_DIRECT;
402 }
403 }
404 if (this->receive_delay)
405 {
406 if (this->receive_delay_type == 0 ||
407 this->receive_delay_type == message->get_exchange_type(message))
408 {
409 if ((message->get_request(message) && this->receive_delay_request) ||
410 (!message->get_request(message) && this->receive_delay_response))
411 {
412 DBG1(DBG_NET, "using receive delay: %dms",
413 this->receive_delay);
414 lib->scheduler->schedule_job_ms(lib->scheduler,
415 (job_t*)process_message_job_create(message),
416 this->receive_delay);
417 return JOB_REQUEUE_DIRECT;
418 }
419 }
420 }
421 lib->processor->queue_job(lib->processor,
422 (job_t*)process_message_job_create(message));
423 return JOB_REQUEUE_DIRECT;
424 }
425
426 METHOD(receiver_t, destroy, void,
427 private_receiver_t *this)
428 {
429 if (this->job)
430 {
431 this->job->cancel(this->job);
432 }
433 this->rng->destroy(this->rng);
434 this->hasher->destroy(this->hasher);
435 free(this);
436 }
437
438 /*
439 * Described in header.
440 */
441 receiver_t *receiver_create()
442 {
443 private_receiver_t *this;
444 u_int32_t now = time_monotonic(NULL);
445
446 INIT(this,
447 .public = {
448 .destroy = _destroy,
449 },
450 .secret_switch = now,
451 .secret_offset = random() % now,
452 );
453
454 if (lib->settings->get_bool(lib->settings, "charon.dos_protection", TRUE))
455 {
456 this->cookie_threshold = lib->settings->get_int(lib->settings,
457 "charon.cookie_threshold", COOKIE_THRESHOLD_DEFAULT);
458 this->block_threshold = lib->settings->get_int(lib->settings,
459 "charon.block_threshold", BLOCK_THRESHOLD_DEFAULT);
460 }
461 this->init_limit_job_load = lib->settings->get_int(lib->settings,
462 "charon.init_limit_job_load", 0);
463 this->init_limit_half_open = lib->settings->get_int(lib->settings,
464 "charon.init_limit_half_open", 0);
465 this->receive_delay = lib->settings->get_int(lib->settings,
466 "charon.receive_delay", 0);
467 this->receive_delay_type = lib->settings->get_int(lib->settings,
468 "charon.receive_delay_type", 0),
469 this->receive_delay_request = lib->settings->get_bool(lib->settings,
470 "charon.receive_delay_request", TRUE),
471 this->receive_delay_response = lib->settings->get_int(lib->settings,
472 "charon.receive_delay_response", TRUE),
473
474 this->hasher = lib->crypto->create_hasher(lib->crypto, HASH_PREFERRED);
475 if (this->hasher == NULL)
476 {
477 DBG1(DBG_NET, "creating cookie hasher failed, no hashers supported");
478 free(this);
479 return NULL;
480 }
481 this->rng = lib->crypto->create_rng(lib->crypto, RNG_STRONG);
482 if (this->rng == NULL)
483 {
484 DBG1(DBG_NET, "creating cookie RNG failed, no RNG supported");
485 this->hasher->destroy(this->hasher);
486 free(this);
487 return NULL;
488 }
489 this->rng->get_bytes(this->rng, SECRET_LENGTH, this->secret);
490 memcpy(this->secret_old, this->secret, SECRET_LENGTH);
491
492 this->job = callback_job_create_with_prio((callback_job_cb_t)receive_packets,
493 this, NULL, NULL, JOB_PRIO_CRITICAL);
494 lib->processor->queue_job(lib->processor, (job_t*)this->job);
495
496 return &this->public;
497 }
498