1 /* site.c - manage communication with a remote network site */
5 /* MBM asserts the next one is needed for compilation under BSD. */
6 #include <sys/socket.h>
10 #include "unaligned.h"
12 #define SETUP_BUFFER_LEN 2048
14 #define DEFAULT_KEY_LIFETIME 3600000 /* One hour */
15 #define DEFAULT_KEY_RENEGOTIATE_GAP 300000 /* Five minutes */
16 #define DEFAULT_SETUP_RETRIES 5
17 #define DEFAULT_SETUP_TIMEOUT 1000
18 #define DEFAULT_WAIT_TIME 20000
20 /* Each site can be in one of several possible states. */
23 SITE_STOP - nothing is allowed to happen; tunnel is down;
24 all session keys have been erased
25 -> SITE_RUN upon external instruction
26 SITE_RUN - site up, maybe with valid key
27 -> SITE_RESOLVE upon outgoing packet and no valid key
28 we start name resolution for the other end of the tunnel
29 -> SITE_SENTMSG2 upon valid incoming message 1 and suitable time
30 we send an appropriate message 2
31 SITE_RESOLVE - waiting for name resolution
32 -> SITE_SENTMSG1 upon successful resolution
33 we send an appropriate message 1
34 -> SITE_SENTMSG2 upon valid incoming message 1 (then abort resolution)
35 we abort resolution and
36 -> SITE_WAIT on timeout or resolution failure
38 -> SITE_SENTMSG2 upon valid incoming message 1 from higher priority end
39 -> SITE_SENTMSG3 upon valid incoming message 2
40 -> SITE_WAIT on timeout
42 -> SITE_SENTMSG4 upon valid incoming message 3
43 -> SITE_WAIT on timeout
45 -> SITE_SENTMSG5 upon valid incoming message 4
46 -> SITE_WAIT on timeout
48 -> SITE_RUN upon valid incoming message 5
49 -> SITE_WAIT on timeout
51 -> SITE_RUN upon valid incoming message 6
52 -> SITE_WAIT on timeout
53 SITE_WAIT - failed to establish key; do nothing for a while
54 -> SITE_RUN on timeout
59 #define SITE_RESOLVE 2
60 #define SITE_SENTMSG1 3
61 #define SITE_SENTMSG2 4
62 #define SITE_SENTMSG3 5
63 #define SITE_SENTMSG4 6
64 #define SITE_SENTMSG5 7
67 static string_t state_name(uint32_t state)
70 case 0: return "STOP";
72 case 2: return "RESOLVE";
73 case 3: return "SENTMSG1";
74 case 4: return "SENTMSG2";
75 case 5: return "SENTMSG3";
76 case 6: return "SENTMSG4";
77 case 7: return "SENTMSG5";
78 case 8: return "WAIT";
79 default: return "*bad state*";
83 #define LABEL_MSG0 0x00020200
84 #define LABEL_MSG1 0x01010101
85 #define LABEL_MSG2 0x02020202
86 #define LABEL_MSG3 0x03030303
87 #define LABEL_MSG4 0x04040404
88 #define LABEL_MSG5 0x05050505
89 #define LABEL_MSG6 0x06060606
90 #define LABEL_MSG7 0x07070707
91 #define LABEL_MSG8 0x08080808
92 #define LABEL_MSG9 0x09090909
96 #define LOG_UNEXPECTED 0x00000001
97 #define LOG_SETUP_INIT 0x00000002
98 #define LOG_SETUP_TIMEOUT 0x00000004
99 #define LOG_ACTIVATE_KEY 0x00000008
100 #define LOG_TIMEOUT_KEY 0x00000010
101 #define LOG_SEC 0x00000020
102 #define LOG_STATE 0x00000040
103 #define LOG_DROP 0x00000080
104 #define LOG_DUMP 0x00000100
105 #define LOG_ERROR 0x00000400
107 static struct flagstr log_event_table[]={
108 { "unexpected", LOG_UNEXPECTED },
109 { "setup-init", LOG_SETUP_INIT },
110 { "setup-timeout", LOG_SETUP_TIMEOUT },
111 { "activate-key", LOG_ACTIVATE_KEY },
112 { "timeout-key", LOG_TIMEOUT_KEY },
113 { "security", LOG_SEC },
114 { "state-change", LOG_STATE },
115 { "packet-drop", LOG_DROP },
116 { "dump-packets", LOG_DUMP },
117 { "errors", LOG_ERROR },
118 { "all", 0xffffffff },
122 static struct flagstr netlink_option_table[]={
123 { "soft", NETLINK_OPTION_SOFTROUTE },
124 { "allow-route", NETLINK_OPTION_ALLOW_ROUTE },
131 /* configuration information */
134 string_t tunname; /* localname<->remotename by default */
135 string_t address; /* DNS name for bootstrapping, optional */
137 struct netlink_if *netlink;
138 struct comm_if *comm;
139 struct resolver_if *resolver;
141 struct random_if *random;
142 struct rsaprivkey_if *privkey;
143 struct subnet_list remotenets;
144 struct rsapubkey_if *pubkey;
145 struct transform_if *transform;
147 struct hash_if *hash;
149 uint32_t setup_retries; /* How many times to send setup packets */
150 uint32_t setup_timeout; /* Initial timeout for setup packets */
151 uint32_t wait_timeout; /* How long to wait if setup unsuccessful */
152 uint32_t key_lifetime; /* How long a key lasts once set up */
153 uint32_t key_renegotiate_time; /* If we see traffic (or a keepalive)
154 after this time, initiate a new
157 bool_t keepalive; /* Always keep the tunnel up */
159 uint8_t *setupsig; /* Expected signature of incoming MSG1 packets */
160 uint32_t setupsiglen; /* Allows us to discard packets quickly if
161 they are not for us */
162 bool_t setup_priority; /* Do we have precedence if both sites emit
163 message 1 simultaneously? */
166 /* runtime information */
168 uint64_t now; /* Most recently seen time */
172 uint32_t remote_session_id;
173 struct transform_inst_if *current_transform;
174 bool_t current_valid;
175 uint64_t current_key_timeout; /* End of life of current key */
176 struct sockaddr_in peer; /* Current address of peer */
177 bool_t peer_valid; /* Peer address becomes invalid when key times out,
178 but only if we have a DNS name for our peer */
180 uint32_t setup_session_id;
181 struct sockaddr_in setup_peer;
182 uint8_t localN[NONCELEN]; /* Nonces for key exchange */
183 uint8_t remoteN[NONCELEN];
184 struct buffer_if buffer; /* Current outgoing key exchange packet */
185 uint32_t retries; /* Number of retries remaining */
186 uint64_t timeout; /* Timeout for current state */
188 uint8_t *sharedsecret;
190 struct transform_inst_if *new_transform; /* For key setup/verify */
193 static void slog(struct site *st, uint32_t event, string_t msg, ...)
200 if (event&st->log_events) {
201 vsnprintf(buf,240,msg,ap);
202 st->log->log(st->log->st,0,"%s: %s",st->tunname,buf);
207 static void set_link_quality(struct site *st);
208 static bool_t initiate_key_setup(struct site *st);
209 static void enter_state_run(struct site *st);
210 static bool_t enter_state_resolve(struct site *st);
211 static bool_t enter_state_sentmsg1(struct site *st);
212 static bool_t enter_state_sentmsg2(struct site *st);
213 static bool_t enter_state_sentmsg3(struct site *st);
214 static bool_t enter_state_sentmsg4(struct site *st);
215 static bool_t enter_state_sentmsg5(struct site *st);
216 static void enter_state_wait(struct site *st);
218 #define CHECK_AVAIL(b,l) do { if ((b)->size<(l)) return False; } while(0)
219 #define CHECK_EMPTY(b) do { if ((b)->size!=0) return False; } while(0)
220 #define CHECK_TYPE(b,t) do { uint32_t type; \
221 CHECK_AVAIL((b),4); \
222 type=buf_unprepend_uint32((b)); \
223 if (type!=(t)) return False; } while(0)
242 /* Build any of msg1 to msg4. msg5 and msg6 are built from the inside out
243 using a transform. */
244 static bool_t generate_msg(struct site *st, uint32_t type, string_t what)
247 uint8_t *hash=alloca(st->hash->len);
250 st->retries=st->setup_retries;
251 BUF_ALLOC(&st->buffer,what);
252 buffer_init(&st->buffer,0);
253 buf_append_uint32(&st->buffer,
254 (type==LABEL_MSG1?0:st->setup_session_id));
255 buf_append_uint32(&st->buffer,(uint32_t)st);
256 buf_append_uint32(&st->buffer,type);
257 buf_append_string(&st->buffer,st->localname);
258 buf_append_string(&st->buffer,st->remotename);
259 memcpy(buf_append(&st->buffer,NONCELEN),st->localN,NONCELEN);
260 if (type==LABEL_MSG1) return True;
261 memcpy(buf_append(&st->buffer,NONCELEN),st->remoteN,NONCELEN);
262 if (type==LABEL_MSG2) return True;
263 dhpub=st->dh->makepublic(st->dh->st,st->dhsecret,st->dh->len);
264 buf_append_string(&st->buffer,dhpub);
266 hst=st->hash->init();
267 st->hash->update(hst,st->buffer.start,st->buffer.size);
268 st->hash->final(hst,hash);
269 sig=st->privkey->sign(st->privkey->st,hash,st->hash->len);
270 buf_append_string(&st->buffer,sig);
275 static bool_t unpick_msg(struct site *st, uint32_t type,
276 struct buffer_if *msg, struct msg *m)
278 m->hashstart=msg->start;
280 m->dest=buf_unprepend_uint32(msg);
282 m->source=buf_unprepend_uint32(msg);
283 CHECK_TYPE(msg,type);
285 m->remlen=buf_unprepend_uint16(msg);
286 CHECK_AVAIL(msg,m->remlen);
287 m->remote=buf_unprepend(msg,m->remlen);
289 m->loclen=buf_unprepend_uint16(msg);
290 CHECK_AVAIL(msg,m->loclen);
291 m->local=buf_unprepend(msg,m->loclen);
292 CHECK_AVAIL(msg,NONCELEN);
293 m->nR=buf_unprepend(msg,NONCELEN);
294 if (type==LABEL_MSG1) {
298 CHECK_AVAIL(msg,NONCELEN);
299 m->nL=buf_unprepend(msg,NONCELEN);
300 if (type==LABEL_MSG2) {
305 m->pklen=buf_unprepend_uint16(msg);
306 CHECK_AVAIL(msg,m->pklen);
307 m->pk=buf_unprepend(msg,m->pklen);
308 m->hashlen=msg->start-m->hashstart;
310 m->siglen=buf_unprepend_uint16(msg);
311 CHECK_AVAIL(msg,m->siglen);
312 m->sig=buf_unprepend(msg,m->siglen);
317 static bool_t generate_msg1(struct site *st)
319 st->random->generate(st->random->st,NONCELEN,st->localN);
320 return generate_msg(st,LABEL_MSG1,"site:MSG1");
323 static bool_t process_msg1(struct site *st, struct buffer_if *msg1,
324 struct sockaddr_in *src)
328 /* We've already determined we're in an appropriate state to
329 process an incoming MSG1, and that the MSG1 has correct values
332 if (!unpick_msg(st,LABEL_MSG1,msg1,&m)) return False;
334 /* XXX save src as our peer address here? */
337 st->setup_session_id=m.source;
338 memcpy(st->remoteN,m.nR,NONCELEN);
342 static bool_t generate_msg2(struct site *st)
344 st->random->generate(st->random->st,NONCELEN,st->localN);
345 return generate_msg(st,LABEL_MSG2,"site:MSG2");
348 static bool_t process_msg2(struct site *st, struct buffer_if *msg2,
349 struct sockaddr_in *src)
353 if (!unpick_msg(st,LABEL_MSG2,msg2,&m)) return False;
355 /* Check that the site names and our nonce have been sent
356 back correctly, and then store our peer's nonce. */
357 if (memcmp(m.remote,st->remotename,strlen(st->remotename)!=0)) {
358 slog(st,LOG_SEC,"msg2: bad B (remote site name)");
361 if (memcmp(m.local,st->localname,strlen(st->localname)!=0)) {
362 slog(st,LOG_SEC,"msg2: bad A (local site name)");
365 if (memcmp(m.nL,st->localN,NONCELEN)!=0) {
366 slog(st,LOG_SEC,"msg2: bad nA (locally generated nonce)");
369 st->setup_session_id=m.source;
370 memcpy(st->remoteN,m.nR,NONCELEN);
374 static bool_t generate_msg3(struct site *st)
376 /* Now we have our nonce and their nonce. Think of a secret key,
377 and create message number 3. */
378 st->random->generate(st->random->st,st->dh->len,st->dhsecret);
379 return generate_msg(st,LABEL_MSG3,"site:MSG3");
382 static bool_t process_msg3(struct site *st, struct buffer_if *msg3,
383 struct sockaddr_in *src)
386 uint8_t *hash=alloca(st->hash->len);
389 if (!unpick_msg(st,LABEL_MSG3,msg3,&m)) return False;
391 /* Check that the site names and nonces have been sent back
393 if (memcmp(m.remote,st->remotename,strlen(st->remotename)!=0)) {
394 slog(st,LOG_SEC,"msg3: bad A (remote site name)");
397 if (memcmp(m.local,st->localname,strlen(st->localname)!=0)) {
398 slog(st,LOG_SEC,"msg3: bad B (local site name)");
401 if (memcmp(m.nR,st->remoteN,NONCELEN)!=0) {
402 slog(st,LOG_SEC,"msg3: bad nA (remotely generated nonce)");
405 if (memcmp(m.nL,st->localN,NONCELEN)!=0) {
406 slog(st,LOG_SEC,"msg3: bad nB (locally generated nonce)");
410 /* Check signature and store g^x mod m */
411 hst=st->hash->init();
412 st->hash->update(hst,m.hashstart,m.hashlen);
413 st->hash->final(hst,hash);
414 /* Terminate signature with a '0' - cheating, but should be ok */
416 if (!st->pubkey->check(st->pubkey->st,hash,st->hash->len,m.sig)) {
417 slog(st,LOG_SEC,"msg3 signature failed check!");
421 /* Terminate their DH public key with a '0' */
423 /* Invent our DH secret key */
424 st->random->generate(st->random->st,st->dh->len,st->dhsecret);
426 /* Generate the shared key */
427 st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,m.pk,
428 st->sharedsecret,st->transform->keylen);
430 /* Set up the transform */
431 st->new_transform->setkey(st->new_transform->st,st->sharedsecret,
432 st->transform->keylen);
437 static bool_t generate_msg4(struct site *st)
439 /* We have both nonces, their public key and our private key. Generate
440 our public key, sign it and send it to them. */
441 return generate_msg(st,LABEL_MSG4,"site:MSG4");
444 static bool_t process_msg4(struct site *st, struct buffer_if *msg4,
445 struct sockaddr_in *src)
448 uint8_t *hash=alloca(st->hash->len);
451 if (!unpick_msg(st,LABEL_MSG4,msg4,&m)) return False;
453 /* Check that the site names and nonces have been sent back
455 if (memcmp(m.remote,st->remotename,strlen(st->remotename)!=0)) {
456 slog(st,LOG_SEC,"msg4: bad B (remote site name)");
459 if (memcmp(m.local,st->localname,strlen(st->localname)!=0)) {
460 slog(st,LOG_SEC,"msg4: bad A (local site name)");
463 if (memcmp(m.nR,st->remoteN,NONCELEN)!=0) {
464 slog(st,LOG_SEC,"msg4: bad nB (remotely generated nonce)");
467 if (memcmp(m.nL,st->localN,NONCELEN)!=0) {
468 slog(st,LOG_SEC,"msg4: bad nA (locally generated nonce)");
472 /* Check signature and store g^x mod m */
473 hst=st->hash->init();
474 st->hash->update(hst,m.hashstart,m.hashlen);
475 st->hash->final(hst,hash);
476 /* Terminate signature with a '0' - cheating, but should be ok */
478 if (!st->pubkey->check(st->pubkey->st,hash,st->hash->len,m.sig)) {
479 slog(st,LOG_SEC,"msg4 signature failed check!");
483 /* Terminate their DH public key with a '0' */
485 /* Generate the shared key */
486 st->dh->makeshared(st->dh->st,st->dhsecret,st->dh->len,m.pk,
487 st->sharedsecret,st->transform->keylen);
488 /* Set up the transform */
489 st->new_transform->setkey(st->new_transform->st,st->sharedsecret,
490 st->transform->keylen);
495 static bool_t generate_msg5(struct site *st)
497 string_t transform_err;
499 BUF_ALLOC(&st->buffer,"site:MSG5");
500 /* We are going to add three words to the transformed message */
501 buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
502 buf_append_uint32(&st->buffer,LABEL_MSG5);
503 st->new_transform->forwards(st->new_transform->st,&st->buffer,
505 buf_prepend_uint32(&st->buffer,LABEL_MSG5);
506 buf_prepend_uint32(&st->buffer,(uint32_t)st);
507 buf_prepend_uint32(&st->buffer,st->setup_session_id);
509 st->retries=st->setup_retries;
519 static bool_t unpick_msg0(struct site *st, struct buffer_if *msg0,
523 m->dest=buf_unprepend_uint32(msg0);
525 m->source=buf_unprepend_uint32(msg0);
527 m->type=buf_unprepend_uint32(msg0);
529 /* Leaves transformed part of buffer untouched */
532 static bool_t process_msg5(struct site *st, struct buffer_if *msg5,
533 struct sockaddr_in *src)
536 string_t transform_err;
538 if (!unpick_msg0(st,msg5,&m)) return False;
540 if (st->new_transform->reverse(st->new_transform->st,
541 msg5,&transform_err)) {
542 /* There's a problem */
543 slog(st,LOG_SEC,"process_msg5: transform: %s",transform_err);
546 /* Buffer should now contain untransformed PING packet data */
548 if (buf_unprepend_uint32(msg5)!=LABEL_MSG5) {
549 slog(st,LOG_SEC,"MSG5/PING packet contained invalid data");
556 static bool_t generate_msg6(struct site *st)
558 string_t transform_err;
560 BUF_ALLOC(&st->buffer,"site:MSG6");
561 /* We are going to add three words to the transformed message */
562 buffer_init(&st->buffer,st->transform->max_start_pad+(4*3));
563 buf_append_uint32(&st->buffer,LABEL_MSG6);
564 st->new_transform->forwards(st->new_transform->st,&st->buffer,
566 buf_prepend_uint32(&st->buffer,LABEL_MSG6);
567 buf_prepend_uint32(&st->buffer,(uint32_t)st);
568 buf_prepend_uint32(&st->buffer,st->setup_session_id);
570 st->retries=1; /* Peer will retransmit MSG5 if necessary */
574 static bool_t process_msg6(struct site *st, struct buffer_if *msg6,
575 struct sockaddr_in *src)
578 string_t transform_err;
580 if (!unpick_msg0(st,msg6,&m)) return False;
582 if (st->new_transform->reverse(st->new_transform->st,
583 msg6,&transform_err)) {
584 /* There's a problem */
585 slog(st,LOG_SEC,"process_msg6: transform: %s",transform_err);
588 /* Buffer should now contain untransformed PING packet data */
590 if (buf_unprepend_uint32(msg6)!=LABEL_MSG6) {
591 slog(st,LOG_SEC,"MSG6/PONG packet contained invalid data");
598 static bool_t process_msg0(struct site *st, struct buffer_if *msg0,
599 struct sockaddr_in *src)
602 string_t transform_err;
605 if (!st->current_valid) {
606 slog(st,LOG_DROP,"incoming message but no current key -> dropping");
607 return initiate_key_setup(st);
610 if (!unpick_msg0(st,msg0,&m)) return False;
612 if (st->current_transform->reverse(st->current_transform->st,
613 msg0,&transform_err)) {
614 /* There's a problem */
615 slog(st,LOG_SEC,"transform: %s",transform_err);
619 type=buf_unprepend_uint32(msg0);
622 /* Deliver to netlink layer */
623 st->netlink->deliver(st->netlink->st,st->netlink_cid,msg0);
627 slog(st,LOG_SEC,"incoming message of type %08x (unknown)",type);
633 static void dump_packet(struct site *st, struct buffer_if *buf,
634 struct sockaddr_in *addr, bool_t incoming)
636 uint32_t dest=ntohl(*(uint32_t *)buf->start);
637 uint32_t source=ntohl(*(uint32_t *)(buf->start+4));
638 uint32_t msgtype=ntohl(*(uint32_t *)(buf->start+8));
640 if (st->log_events & LOG_DUMP)
641 log(st->log,0,"%s: %s: %08x<-%08x: %08x:",
642 st->tunname,incoming?"incoming":"outgoing",
643 dest,source,msgtype);
646 static uint32_t site_status(void *st)
651 static bool_t send_msg(struct site *st)
654 dump_packet(st,&st->buffer,&st->setup_peer,False);
655 st->comm->sendmsg(st->comm->st,&st->buffer,&st->setup_peer);
656 st->timeout=st->now+st->setup_timeout;
660 slog(st,LOG_SETUP_TIMEOUT,"timed out sending key setup packet "
661 "(in state %s)",state_name(st->state));
662 enter_state_wait(st);
667 static void site_resolve_callback(void *sst, struct in_addr *address)
671 if (st->state!=SITE_RESOLVE) {
672 slog(st,LOG_UNEXPECTED,"site_resolve_callback called unexpectedly");
676 memset(&st->setup_peer,0,sizeof(st->setup_peer));
677 st->setup_peer.sin_family=AF_INET;
678 st->setup_peer.sin_port=htons(st->remoteport);
679 st->setup_peer.sin_addr=*address;
680 enter_state_sentmsg1(st);
682 /* Resolution failed */
683 slog(st,LOG_ERROR,"resolution of %s failed",st->address);
688 static bool_t initiate_key_setup(struct site *st)
690 if (st->state!=SITE_RUN) return False;
692 slog(st,LOG_SETUP_INIT,"initiating key exchange; resolving address");
693 return enter_state_resolve(st);
694 } else if (st->peer_valid) {
695 slog(st,LOG_SETUP_INIT,"initiating key exchange using old "
697 st->setup_peer=st->peer;
698 return enter_state_sentmsg1(st);
703 static void activate_new_key(struct site *st)
705 struct transform_inst_if *t;
707 t=st->current_transform;
708 st->current_transform=st->new_transform;
713 st->current_valid=True;
714 st->current_key_timeout=st->now+st->key_lifetime;
715 st->peer=st->setup_peer;
717 st->remote_session_id=st->setup_session_id;
719 slog(st,LOG_ACTIVATE_KEY,"new key activated");
723 static void state_assert(struct site *st, bool_t ok)
725 if (!ok) fatal("state_assert\n");
728 static void enter_state_stop(struct site *st)
732 st->current_transform->delkey(st->current_transform->st);
733 st->current_valid=False;
734 st->current_key_timeout=0;
736 st->peer_valid=False;
738 set_link_quality(st);
740 st->new_transform->delkey(st->new_transform->st);
743 static void set_link_quality(struct site *st)
746 if (st->current_valid)
747 quality=LINK_QUALITY_UP;
748 else if (st->state==SITE_WAIT || st->state==SITE_STOP)
749 quality=LINK_QUALITY_DOWN;
750 else if (st->address)
751 quality=LINK_QUALITY_DOWN_CURRENT_ADDRESS;
752 else if (st->peer_valid)
753 quality=LINK_QUALITY_DOWN_STALE_ADDRESS;
755 quality=LINK_QUALITY_DOWN;
757 st->netlink->set_quality(st->netlink->st,st->netlink_cid,quality);
760 static void enter_state_run(struct site *st)
762 slog(st,LOG_STATE,"entering state RUN");
766 set_link_quality(st);
767 /* XXX get rid of key setup data */
770 static bool_t enter_state_resolve(struct site *st)
772 state_assert(st,st->state==SITE_RUN);
773 slog(st,LOG_STATE,"entering state RESOLVE");
774 st->state=SITE_RESOLVE;
775 st->resolver->request(st->resolver->st,st->address,
776 site_resolve_callback,st);
780 static bool_t enter_state_sentmsg1(struct site *st)
782 state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE);
783 slog(st,LOG_STATE,"entering state SENTMSG1");
784 if (generate_msg1(st) && send_msg(st)) {
785 st->state=SITE_SENTMSG1;
788 slog(st,LOG_ERROR,"error entering state SENTMSG1");
789 st->buffer.free=False; /* Can't tell which it was, but enter_state_wait()
790 will do a BUF_FREE() */
791 enter_state_wait(st);
795 static bool_t enter_state_sentmsg2(struct site *st)
797 state_assert(st,st->state==SITE_RUN || st->state==SITE_RESOLVE ||
798 st->state==SITE_SENTMSG1 || st->state==SITE_WAIT);
799 slog(st,LOG_STATE,"entering state SENTMSG2");
800 if (generate_msg2(st) && send_msg(st)) {
801 st->state=SITE_SENTMSG2;
804 slog(st,LOG_ERROR,"error entering state SENTMSG2");
805 st->buffer.free=False;
806 enter_state_wait(st);
810 static bool_t enter_state_sentmsg3(struct site *st)
812 state_assert(st,st->state==SITE_SENTMSG1);
813 slog(st,LOG_STATE,"entering state SENTMSG3");
814 BUF_FREE(&st->buffer); /* Free message 1 */
815 if (generate_msg3(st) && send_msg(st)) {
816 st->state=SITE_SENTMSG3;
819 slog(st,LOG_ERROR,"error entering state SENTMSG3");
820 st->buffer.free=False;
821 enter_state_wait(st);
825 static bool_t enter_state_sentmsg4(struct site *st)
827 state_assert(st,st->state==SITE_SENTMSG2);
828 slog(st,LOG_STATE,"entering state SENTMSG4");
829 BUF_FREE(&st->buffer); /* Free message 2 */
830 if (generate_msg4(st) && send_msg(st)) {
831 st->state=SITE_SENTMSG4;
834 slog(st,LOG_ERROR,"error entering state SENTMSG4");
835 st->buffer.free=False;
836 enter_state_wait(st);
840 static bool_t enter_state_sentmsg5(struct site *st)
842 state_assert(st,st->state==SITE_SENTMSG3);
843 slog(st,LOG_STATE,"entering state SENTMSG5");
844 BUF_FREE(&st->buffer); /* Free message 3 */
846 if (generate_msg5(st) && send_msg(st)) {
847 st->state=SITE_SENTMSG5;
850 slog(st,LOG_ERROR,"error entering state SENTMSG5");
851 st->buffer.free=False;
852 enter_state_wait(st);
857 static bool_t send_msg6(struct site *st)
859 state_assert(st,st->state==SITE_SENTMSG4);
860 slog(st,LOG_STATE,"entering state RUN after sending msg6");
861 BUF_FREE(&st->buffer); /* Free message 4 */
862 if (generate_msg6(st) && send_msg(st)) {
863 BUF_FREE(&st->buffer); /* Never reused */
864 st->timeout=0; /* Never retransmit */
865 activate_new_key(st);
868 slog(st,LOG_ERROR,"error entering state RUN after sending msg6");
869 st->buffer.free=False;
870 enter_state_wait(st);
874 /* We go into this state if our peer becomes uncommunicative. Similar to
875 the "stop" state, we forget all session keys for a while, before
876 re-entering the "run" state. */
877 static void enter_state_wait(struct site *st)
879 slog(st,LOG_STATE,"entering state WAIT");
880 st->timeout=st->now+st->wait_timeout;
882 st->peer_valid=False;
883 set_link_quality(st);
884 BUF_FREE(&st->buffer); /* will have had an outgoing packet in it */
885 /* XXX Erase keys etc. */
888 static int site_beforepoll(void *sst, struct pollfd *fds, int *nfds_io,
889 int *timeout_io, const struct timeval *tv_now,
894 *nfds_io=0; /* We don't use any file descriptors */
897 /* Work out when our next timeout is. The earlier of 'timeout' or
898 'current_key_timeout'. A stored value of '0' indicates no timeout
900 if (st->timeout && st->timeout-*now < *timeout_io) {
901 *timeout_io=st->timeout-*now;
904 if (st->current_key_timeout && st->current_key_timeout-*now < *timeout_io)
905 *timeout_io=st->current_key_timeout-*now;
907 return 0; /* success */
910 /* NB site_afterpoll will be called before site_beforepoll is ever called */
911 static void site_afterpoll(void *sst, struct pollfd *fds, int nfds,
912 const struct timeval *tv_now, uint64_t *now)
917 if (st->timeout && *now>st->timeout) {
920 if (st->state>=SITE_SENTMSG1 && st->state<=SITE_SENTMSG5)
922 else if (st->state==SITE_WAIT) {
925 slog(st,LOG_ERROR,"site_afterpoll: unexpected timeout, state=%d",
929 if (st->current_key_timeout && *now>st->current_key_timeout) {
930 slog(st,LOG_TIMEOUT_KEY,"maximum key life exceeded; session closed");
931 st->current_valid=False;
932 st->current_transform->delkey(st->current_transform->st);
933 st->current_key_timeout=0;
934 set_link_quality(st);
938 /* This function is called by the netlink device to deliver packets
939 intended for the remote network. The packet is in "raw" wire
940 format, but is guaranteed to be word-aligned. */
941 static void site_outgoing(void *sst, void *cid, struct buffer_if *buf)
944 string_t transform_err;
946 if (st->state==SITE_STOP) {
951 /* In all other states we consider delivering the packet if we have
952 a valid key and a valid address to send it to. */
953 if (st->current_valid && st->peer_valid) {
954 /* Transform it and send it */
956 buf_prepend_uint32(buf,LABEL_MSG9);
957 st->current_transform->forwards(st->current_transform->st,
958 buf, &transform_err);
959 buf_prepend_uint32(buf,LABEL_MSG0);
960 buf_prepend_uint32(buf,(uint32_t)st);
961 buf_prepend_uint32(buf,st->remote_session_id);
962 st->comm->sendmsg(st->comm->st,buf,&st->peer);
968 slog(st,LOG_DROP,"discarding outgoing packet of size %d",buf->size);
970 initiate_key_setup(st);
973 /* This function is called by the communication device to deliver
974 packets from our peers. */
975 static bool_t site_incoming(void *sst, struct buffer_if *buf,
976 struct sockaddr_in *source)
979 uint32_t dest=ntohl(*(uint32_t *)buf->start);
982 if (buf->size<(st->setupsiglen+8+NONCELEN)) return False;
983 /* It could be for any site - it should have LABEL_MSG1 and
984 might have our name and our peer's name in it */
985 if (memcmp(buf->start+8,st->setupsig,st->setupsiglen)==0) {
986 dump_packet(st,buf,source,True);
987 /* It's addressed to us. Decide what to do about it. */
988 if (st->state==SITE_RUN || st->state==SITE_RESOLVE ||
989 st->state==SITE_WAIT) {
990 /* We should definitely process it */
991 if (process_msg1(st,buf,source)) {
992 slog(st,LOG_SETUP_INIT,"key setup initiated by peer");
993 enter_state_sentmsg2(st);
995 slog(st,LOG_ERROR,"failed to process incoming msg1");
1000 if (st->state==SITE_SENTMSG1) {
1001 /* We've just sent a message 1! They may have crossed on
1002 the wire. If we have priority then we ignore the
1003 incoming one, otherwise we process it as usual. */
1004 if (st->setup_priority) {
1006 slog(st,LOG_DUMP,"crossed msg1s; we are higher "
1007 "priority => ignore incoming msg1");
1010 slog(st,LOG_DUMP,"crossed msg1s; we are lower "
1011 "priority => use incoming msg1");
1012 if (process_msg1(st,buf,source)) {
1013 BUF_FREE(&st->buffer); /* Free our old message 1 */
1014 enter_state_sentmsg2(st);
1016 slog(st,LOG_ERROR,"failed to process an incoming "
1017 "crossed msg1 (we have low priority)");
1023 /* The message 1 was received at an unexpected stage of the
1024 key setup. XXX POLICY - what do we do? */
1025 slog(st,LOG_UNEXPECTED,"unexpected incoming message 1");
1029 return False; /* Not for us. */
1031 if (dest==(uint32_t)st) {
1032 uint32_t msgtype=ntohl(*(uint32_t *)(buf->start+8));
1033 /* Explicitly addressed to us */
1034 if (msgtype!=LABEL_MSG0) dump_packet(st,buf,source,True);
1037 process_msg0(st,buf,source);
1040 /* Setup packet: should not have been explicitly addressed
1042 slog(st,LOG_SEC,"incoming explicitly addressed msg1");
1045 /* Setup packet: expected only in state SENTMSG1 */
1046 if (st->state!=SITE_SENTMSG1) {
1047 slog(st,LOG_UNEXPECTED,"unexpected MSG2");
1048 } else if (process_msg2(st,buf,source))
1049 enter_state_sentmsg3(st);
1051 slog(st,LOG_SEC,"invalid MSG2");
1055 /* Setup packet: expected only in state SENTMSG2 */
1056 if (st->state!=SITE_SENTMSG2) {
1057 slog(st,LOG_UNEXPECTED,"unexpected MSG3");
1058 } else if (process_msg3(st,buf,source))
1059 enter_state_sentmsg4(st);
1061 slog(st,LOG_SEC,"invalid MSG3");
1065 /* Setup packet: expected only in state SENTMSG3 */
1066 if (st->state!=SITE_SENTMSG3) {
1067 slog(st,LOG_UNEXPECTED,"unexpected MSG4");
1068 } else if (process_msg4(st,buf,source))
1069 enter_state_sentmsg5(st);
1071 slog(st,LOG_SEC,"invalid MSG4");
1075 /* Setup packet: expected only in state SENTMSG4 */
1076 /* (may turn up in state RUN if our return MSG6 was lost
1077 and the new key has already been activated. In that
1078 case we should treat it as an ordinary PING packet. We
1079 can't pass it to process_msg5() because the
1080 new_transform will now be null. XXX) */
1081 if (st->state!=SITE_SENTMSG4) {
1082 slog(st,LOG_UNEXPECTED,"unexpected MSG5");
1083 } else if (process_msg5(st,buf,source)) {
1086 slog(st,LOG_SEC,"invalid MSG5");
1090 /* Setup packet: expected only in state SENTMSG5 */
1091 if (st->state!=SITE_SENTMSG5) {
1092 slog(st,LOG_UNEXPECTED,"unexpected MSG6");
1093 } else if (process_msg6(st,buf,source)) {
1094 BUF_FREE(&st->buffer); /* Free message 5 */
1095 activate_new_key(st);
1097 slog(st,LOG_SEC,"invalid MSG6");
1101 /* NAK packet: enter state where we ping and check for response */
1102 slog(st,LOG_ERROR,"received a NAK");
1105 slog(st,LOG_SEC,"received message of unknown type 0x%08x",
1116 static void site_control(void *vst, bool_t run)
1118 struct site *st=vst;
1119 if (run) enter_state_run(st);
1120 else enter_state_stop(st);
1123 static list_t *site_apply(closure_t *self, struct cloc loc, dict_t *context,
1129 uint32_t netlink_options;
1131 st=safe_malloc(sizeof(*st),"site_apply");
1133 st->cl.description="site";
1134 st->cl.type=CL_SITE;
1136 st->cl.interface=&st->ops;
1138 st->ops.control=site_control;
1139 st->ops.status=site_status;
1141 /* First parameter must be a dict */
1142 item=list_elem(args,0);
1143 if (!item || item->type!=t_dict)
1144 cfgfatal(loc,"site","parameter must be a dictionary\n");
1146 dict=item->data.dict;
1147 st->localname=dict_read_string(dict, "local-name", True, "site", loc);
1148 st->remotename=dict_read_string(dict, "name", True, "site", loc);
1149 /* Sanity check (which also allows the 'sites' file to include
1150 site() closures for all sites including our own): refuse to
1151 talk to ourselves */
1152 if (strcmp(st->localname,st->remotename)==0) {
1153 Message(M_INFO,"site %s: local-name==name -> ignoring this site\n",
1158 st->netlink=find_cl_if(dict,"netlink",CL_NETLINK,True,"site",loc);
1159 st->comm=find_cl_if(dict,"comm",CL_COMM,True,"site",loc);
1160 st->resolver=find_cl_if(dict,"resolver",CL_RESOLVER,True,"site",loc);
1161 st->log=find_cl_if(dict,"log",CL_LOG,True,"site",loc);
1162 st->random=find_cl_if(dict,"random",CL_RANDOMSRC,True,"site",loc);
1164 st->privkey=find_cl_if(dict,"local-key",CL_RSAPRIVKEY,True,"site",loc);
1165 st->address=dict_read_string(dict, "address", False, "site", loc);
1167 st->remoteport=dict_read_number(dict,"port",True,"site",loc,0);
1168 else st->remoteport=0;
1169 dict_read_subnet_list(dict, "networks", True, "site", loc,
1171 st->pubkey=find_cl_if(dict,"key",CL_RSAPUBKEY,True,"site",loc);
1174 find_cl_if(dict,"transform",CL_TRANSFORM,True,"site",loc);
1176 st->dh=find_cl_if(dict,"dh",CL_DH,True,"site",loc);
1177 st->hash=find_cl_if(dict,"hash",CL_HASH,True,"site",loc);
1179 st->key_lifetime=dict_read_number(
1180 dict,"key-lifetime",False,"site",loc,DEFAULT_KEY_LIFETIME);
1181 if (st->key_lifetime < DEFAULT_KEY_RENEGOTIATE_GAP)
1182 st->key_renegotiate_time=st->key_lifetime/2;
1184 st->key_renegotiate_time=st->key_lifetime-DEFAULT_KEY_RENEGOTIATE_GAP;
1185 st->setup_retries=dict_read_number(
1186 dict,"setup-retries",False,"site",loc,DEFAULT_SETUP_RETRIES);
1187 st->setup_timeout=dict_read_number(
1188 dict,"setup-timeout",False,"site",loc,DEFAULT_SETUP_TIMEOUT);
1189 st->wait_timeout=dict_read_number(
1190 dict,"wait-time",False,"site",loc,DEFAULT_WAIT_TIME);
1191 st->key_renegotiate_time=dict_read_number(
1192 dict,"renegotiate-time",False,"site",loc,st->key_lifetime);
1193 if (st->key_renegotiate_time > st->key_lifetime) {
1194 cfgfatal(loc,"site",
1195 "renegotiate-time must be less than key-lifetime\n");
1197 /* XXX keepalive will eventually default to True */
1198 st->keepalive=dict_read_bool(dict,"keepalive",False,"site",loc,False);
1200 st->log_events=string_list_to_word(dict_lookup(dict,"log-events"),
1201 log_event_table,"site");
1203 netlink_options=string_list_to_word(dict_lookup(dict,"netlink-options"),
1204 netlink_option_table,"site");
1206 st->tunname=safe_malloc(strlen(st->localname)+strlen(st->remotename)+5,
1208 sprintf(st->tunname,"%s<->%s",st->localname,st->remotename);
1210 /* The information we expect to see in incoming messages of type 1 */
1211 st->setupsiglen=strlen(st->remotename)+strlen(st->localname)+8;
1212 st->setupsig=safe_malloc(st->setupsiglen,"site_apply");
1213 put_uint32(st->setupsig+0,LABEL_MSG1);
1214 put_uint16(st->setupsig+4,strlen(st->remotename));
1215 memcpy(&st->setupsig[6],st->remotename,strlen(st->remotename));
1216 put_uint16(st->setupsig+(6+strlen(st->remotename)),strlen(st->localname));
1217 memcpy(&st->setupsig[8+strlen(st->remotename)],st->localname,
1218 strlen(st->localname));
1219 st->setup_priority=(strcmp(st->localname,st->remotename)>0);
1221 buffer_new(&st->buffer,SETUP_BUFFER_LEN);
1223 /* We are interested in poll(), but only for timeouts. We don't have
1224 any fds of our own. */
1225 register_for_poll(st, site_beforepoll, site_afterpoll, 0, "site");
1228 st->current_valid=False;
1229 st->current_key_timeout=0;
1230 st->peer_valid=False;
1231 /* XXX mlock these */
1232 st->dhsecret=safe_malloc(st->dh->len,"site:dhsecret");
1233 st->sharedsecret=safe_malloc(st->transform->keylen,"site:sharedsecret");
1235 /* We need to register the remote networks with the netlink device */
1236 st->netlink_cid=st->netlink->regnets(st->netlink->st, &st->remotenets,
1238 st->transform->max_start_pad+(4*4),
1239 st->transform->max_end_pad,
1240 netlink_options, st->tunname);
1241 if (!st->netlink_cid) {
1242 Message(M_WARNING,"%s: netlink device did not let us register "
1243 "our remote networks. This site will not start.\n",
1245 return NULL; /* XXX should free site first */
1248 st->comm->request_notify(st->comm->st, st, site_incoming);
1250 st->current_transform=st->transform->create(st->transform->st);
1251 st->new_transform=st->transform->create(st->transform->st);
1253 enter_state_stop(st);
1255 return new_closure(&st->cl);
1258 init_module site_module;
1259 void site_module(dict_t *dict)
1261 add_closure(dict,"site",site_apply);