unit-tests: Add test for rekey collision if one CREATE_CHILD_SA response is delayed
authorTobias Brunner <tobias@strongswan.org>
Tue, 31 May 2016 16:19:17 +0000 (18:19 +0200)
committerTobias Brunner <tobias@strongswan.org>
Fri, 17 Jun 2016 16:48:06 +0000 (18:48 +0200)
src/libcharon/tests/suites/test_ike_rekey.c

index 2ec06aa..8cbff27 100644 (file)
@@ -258,6 +258,226 @@ START_TEST(test_collision)
 END_TEST
 
 /**
+ * This is like the rekey collision above, but one peer deletes the
+ * redundant/old SA before the other peer receives the CREATE_CHILD_SA
+ * response:
+ *           Peer A                   Peer B
+ *            rekey ----\       /---- rekey
+ *                       \-----/----> detect collision
+ * detect collision <---------/ /----
+ *                  -----------/---->
+ *    handle delete <---------/------ delete redundant/old SA
+ *                  ---------/------>
+ *     handle rekey <-------/
+ *        delete SA ---------------->
+ *                  <----------------
+ *
+ * If peer B won the collision it deletes the old IKE_SA, in which case
+ * this situation is handled as if peer B was not aware of the collision (see
+ * below).  That is, peer A finalizes the rekeying initiated by the peer and
+ * deletes the IKE_SA (it has no way of knowing whether the peer was aware of
+ * the collision or not).  Peer B will expect the redundant IKE_SA to get
+ * deleted, but that will never happen if the response arrives after the SA is
+ * already gone.  So a job should be queued that deletes it after a while.
+ *
+ * If peer B lost it will switch to the new IKE_SA and delete the redundant
+ * IKE_SA and expect a delete for the old IKE_SA.  In this case peer A will
+ * simply retransmit until it receives a response to the rekey request, all the
+ * while ignoring the delete requests for the unknown IKE_SA.  Afterwards,
+ * everything works as in a regular collision (however, until peer A receives
+ * the response it will not be able to receive any messages on the new IKE_SA).
+ */
+START_TEST(test_collision_delayed_response)
+{
+       ike_sa_t *a, *b, *sa;
+       message_t *msg, *d;
+       status_t s;
+
+       exchange_test_helper->establish_sa(exchange_test_helper,
+                                                                          &a, &b, NULL);
+
+       /* Four nonces and SPIs are needed (SPI 1 and 2 are used for the initial
+        * IKE_SA):
+        *   N1/3 -----\    /----- N2/4
+        *              \--/-----> N3/5
+        *   N4/6 <-------/ /----- ...
+        *   ...  -----\
+        * We test this four times, each time a different nonce is the lowest.
+        */
+       struct {
+               /* Nonces used at each point */
+               u_char nonces[4];
+               /* SPIs of the deleted IKE_SAs (either redundant or replaced) */
+               uint32_t del_a_i, del_a_r;
+               uint32_t del_b_i, del_b_r;
+               /* SPIs of the kept IKE_SA */
+               uint32_t spi_i, spi_r;
+       } data[] = {
+               { { 0x00, 0xFF, 0xFF, 0xFF }, 3, 5, 1, 2, 4, 6 },
+               { { 0xFF, 0x00, 0xFF, 0xFF }, 1, 2, 4, 6, 3, 5 },
+               { { 0xFF, 0xFF, 0x00, 0xFF }, 3, 5, 1, 2, 4, 6 },
+               { { 0xFF, 0xFF, 0xFF, 0x00 }, 1, 2, 4, 6, 3, 5 },
+       };
+       /* these should never get called as this results in a successful rekeying */
+       assert_hook_not_called(ike_updown);
+       assert_hook_not_called(child_updown);
+
+       exchange_test_helper->nonce_first_byte = data[_i].nonces[0];
+       initiate_rekey(a);
+       exchange_test_helper->nonce_first_byte = data[_i].nonces[1];
+       initiate_rekey(b);
+
+       /* CREATE_CHILD_SA { SA, Ni, KEi } --> */
+       exchange_test_helper->nonce_first_byte = data[_i].nonces[2];
+       assert_hook_not_called(ike_rekey);
+       exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+       assert_ike_sa_state(b, IKE_REKEYING);
+       assert_child_sa_count(b, 1);
+       assert_ike_sa_count(0);
+       assert_hook();
+
+       /* <-- CREATE_CHILD_SA { SA, Ni, KEi } */
+       exchange_test_helper->nonce_first_byte = data[_i].nonces[3];
+       assert_hook_not_called(ike_rekey);
+       exchange_test_helper->process_message(exchange_test_helper, a, NULL);
+       assert_ike_sa_state(a, IKE_REKEYING);
+       assert_child_sa_count(a, 1);
+       assert_ike_sa_count(0);
+       assert_hook();
+
+       /* delay the CREATE_CHILD_SA response from b to a */
+       msg = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+       /* simplify next steps by checking in original IKE_SAs */
+       charon->ike_sa_manager->checkin(charon->ike_sa_manager, a);
+       charon->ike_sa_manager->checkin(charon->ike_sa_manager, b);
+       assert_ike_sa_count(2);
+
+       /* CREATE_CHILD_SA { SA, Nr, KEr } --> */
+       assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+       /* besides the job that retransmits the delete, we expect a job that
+        * deletes the redundant IKE_SA if we expect the other to delete it */
+       assert_jobs_scheduled(data[_i].del_b_i == 1 ? 2 : 1);
+       exchange_test_helper->process_message(exchange_test_helper, b, NULL);
+       /* if b wins it deletes the SA originally initiated by a */
+       sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r,
+                                                               data[_i].del_b_i != 1);
+       assert_ike_sa_state(sa, IKE_DELETING);
+       assert_child_sa_count(sa, 0);
+       /* a only deletes SAs for which b is responder */
+       sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+       assert_ike_sa_state(sa, IKE_REKEYED);
+       assert_child_sa_count(sa, 0);
+       sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+                                                               data[_i].del_b_i == 1);
+       assert_ike_sa_state(sa, IKE_ESTABLISHED);
+       assert_child_sa_count(sa, 1);
+       assert_ike_sa_count(4);
+       assert_scheduler();
+       assert_hook();
+
+       /* <-- INFORMATIONAL { D } */
+       if (data[_i].del_b_i == 1)
+       {       /* b won, it deletes the replaced IKE_SA */
+               assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+               assert_single_payload(IN, PLV2_DELETE);
+               s = exchange_test_helper->process_message(exchange_test_helper, a,
+                                                                                                 NULL);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, a);
+               sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r, FALSE);
+               assert_ike_sa_state(sa, IKE_ESTABLISHED);
+               assert_child_sa_count(sa, 1);
+               assert_ike_sa_count(4);
+               assert_hook();
+
+               /* INFORMATIONAL { } --> */
+               assert_hook_not_called(ike_rekey);
+               assert_message_empty(IN);
+               s = exchange_test_helper->process_message(exchange_test_helper, b,
+                                                                                                 NULL);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, b);
+               assert_ike_sa_count(3);
+               assert_hook();
+               /* the job will later remove this redundant IKE_SA on b */
+               sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+               assert_ike_sa_state(sa, IKE_REKEYED);
+               assert_sa_idle(sa);
+               /* <-- CREATE_CHILD_SA { SA, Nr, KEr } (delayed) */
+               /* the IKE_SA (a) does not exist anymore */
+               msg->destroy(msg);
+       }
+       else
+       {       /* b lost, the delete is for the non-existing redundant IKE_SA */
+               d = exchange_test_helper->sender->dequeue(exchange_test_helper->sender);
+
+               /* <-- CREATE_CHILD_SA { SA, Nr, KEr } (delayed) */
+               assert_hook_rekey(ike_rekey, 1, data[_i].spi_i);
+               exchange_test_helper->process_message(exchange_test_helper, a, msg);
+               /* as original initiator a is initiator of both SAs it could delete */
+               sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+               assert_ike_sa_state(sa, IKE_DELETING);
+               assert_child_sa_count(sa, 0);
+               /* this is the redundant SA b is trying to delete */
+               sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, FALSE);
+               assert_ike_sa_state(sa, IKE_REKEYED);
+               assert_child_sa_count(sa, 0);
+               sa = assert_ike_sa_checkout(data[_i].spi_i, data[_i].spi_r,
+                                                                       data[_i].del_a_i == 1);
+               assert_ike_sa_state(sa, IKE_ESTABLISHED);
+               assert_child_sa_count(sa, 1);
+               assert_ike_sa_count(6);
+               assert_hook();
+
+               /* we don't expect this hook to get called anymore */
+               assert_hook_not_called(ike_rekey);
+
+               /* INFORMATIONAL { D } --> */
+               assert_single_payload(IN, PLV2_DELETE);
+               sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, FALSE);
+               s = exchange_test_helper->process_message(exchange_test_helper, sa,
+                                                                                                 NULL);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+               assert_ike_sa_count(5);
+               /* <-- INFORMATIONAL { } */
+               assert_message_empty(IN);
+               sa = assert_ike_sa_checkout(data[_i].del_a_i, data[_i].del_a_r, TRUE);
+               s = exchange_test_helper->process_message(exchange_test_helper, sa,
+                                                                                                 NULL);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+               assert_ike_sa_count(4);
+
+               /* <-- INFORMATIONAL { D } (retransmit/delayed) */
+               assert_single_payload(IN, PLV2_DELETE);
+               sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, FALSE);
+               s = exchange_test_helper->process_message(exchange_test_helper, sa, d);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+               assert_ike_sa_count(3);
+               /* INFORMATIONAL { } --> */
+               assert_message_empty(IN);
+               sa = assert_ike_sa_checkout(data[_i].del_b_i, data[_i].del_b_r, TRUE);
+               s = exchange_test_helper->process_message(exchange_test_helper, sa,
+                                                                                                 NULL);
+               ck_assert_int_eq(DESTROY_ME, s);
+               charon->ike_sa_manager->checkin_and_destroy(charon->ike_sa_manager, sa);
+               assert_ike_sa_count(2);
+               /* ike_rekey */
+               assert_hook();
+       }
+
+       /* ike_updown/child_updown */
+       assert_hook();
+       assert_hook();
+
+       charon->ike_sa_manager->flush(charon->ike_sa_manager);
+}
+END_TEST
+
+/**
  * In this scenario one of the peers does not notice that there is a rekey
  * collision because the other request is dropped:
  *
@@ -775,6 +995,7 @@ Suite *ike_rekey_suite_create()
 
        tc = tcase_create("collisions rekey");
        tcase_add_loop_test(tc, test_collision, 0, 4);
+       tcase_add_loop_test(tc, test_collision_delayed_response, 0, 4);
        tcase_add_loop_test(tc, test_collision_dropped_request, 0, 3);
        tcase_add_loop_test(tc, test_collision_delayed_request, 0, 3);
        tcase_add_loop_test(tc, test_collision_delayed_request_and_delete, 0, 3);