1 /* state and event objects
2 * Copyright (C) 1997 Angelos D. Keromytis.
3 * Copyright (C) 1998-2001 D. Hugh Redelmeier.
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
15 * RCSID $Id: state.h,v 1.56 2002/03/23 20:15:34 dhr Exp $
18 #include <sys/types.h>
19 #include <sys/socket.h>
20 #include <netinet/in.h>
22 #include <gmp.h> /* GNU MP library */
24 /* Message ID mechanism.
26 * A Message ID is contained in each IKE message header.
27 * For Phase 1 exchanges (Main and Aggressive), it will be zero.
28 * For other exchanges, which must be under the protection of an
29 * ISAKMP SA, the Message ID must be unique within that ISAKMP SA.
30 * Effectively, this labels the message as belonging to a particular
33 * RFC2408 "ISAKMP" 3.1 "ISAKMP Header Format" (near end) states that
34 * the Message ID must be unique. We interpret this to be "unique within
37 * BTW, we feel this uniqueness allows rekeying to be somewhat simpler
38 * than specified by draft-jenkins-ipsec-rekeying-06.txt.
41 typedef u_int32_t msgid_t; /* Network order! */
43 struct state; /* forward declaration of tag */
44 extern bool reserve_msgid(struct state *isakmp_sa, msgid_t msgid);
45 extern msgid_t generate_msgid(struct state *isakmp_sa);
48 /* Oakley (Phase 1 / Main Mode) transform and attributes
49 * This is a flattened/decoded version of what is represented
50 * in the Transaction Payload.
51 * Names are chosen to match corresponding names in state.
53 struct oakley_trans_attrs {
54 u_int16_t encrypt; /* Encryption algorithm */
55 u_int16_t enckeylen; /* encryption key len (bits) */
56 const struct encrypt_desc *encrypter; /* package of encryption routines */
57 u_int16_t hash; /* Hash algorithm */
58 const struct hash_desc *hasher; /* package of hashing routines */
59 u_int16_t auth; /* Authentication method */
60 const struct oakley_group_desc *group; /* Oakley group */
61 time_t life_seconds; /* When this SA expires (seconds) */
62 u_int32_t life_kilobytes; /* When this SA is exhausted (kilobytes) */
64 u_int16_t prf; /* Pseudo Random Function */
69 /* IPsec (Phase 2 / Quick Mode) transform and attributes
70 * This is a flattened/decoded version of what is represented
71 * by a Transaction Payload. There may be one for AH, one
72 * for ESP, and a funny one for IPCOMP.
74 struct ipsec_trans_attrs {
75 u_int8_t transid; /* transform id */
76 ipsec_spi_t spi; /* his SPI */
77 time_t life_seconds; /* When this SA expires */
78 u_int32_t life_kilobytes; /* When this SA expires */
79 u_int16_t encapsulation;
83 #if 0 /* not implemented yet */
84 u_int16_t cmprs_dict_sz;
90 /* IPsec per protocol state information */
91 struct ipsec_proto_info {
92 bool present; /* was this transform specified? */
93 struct ipsec_trans_attrs attrs;
95 u_int16_t keymat_len; /* same for both */
100 /* state object: record the state of a (possibly nascent) SA
102 * Invariants (violated only during short transitions):
103 * - each state object will be in statetable exactly once.
104 * - each state object will always have a pending event.
105 * This prevents leaks.
109 so_serial_t st_serialno; /* serial number (for seniority) */
111 struct connection *st_connection; /* connection for this SA */
112 struct state *st_connection_next; /* siblings sharing connection */
114 int st_whack_sock; /* fd for our Whack TCP socket.
115 * Single copy: close when freeing struct.
117 struct msg_digest *st_suspended_md; /* suspended state-transition */
119 struct oakley_trans_attrs st_oakley;
121 struct ipsec_proto_info st_ah;
122 struct ipsec_proto_info st_esp;
123 struct ipsec_proto_info st_ipcomp;
125 ipsec_spi_t st_tunnel_in_spi; /* KLUDGE */
126 ipsec_spi_t st_tunnel_out_spi; /* KLUDGE */
129 const struct oakley_group_desc *st_pfs_group; /* group for Phase 2 PFS */
131 u_int32_t st_doi; /* Domain of Interpretation */
132 u_int32_t st_situation;
134 bool st_pending_quick; /* need to build IPsec SA after ISAKMP SA */
135 lset_t st_policy; /* policy for IPsec SA */
137 msgid_t st_msgid; /* MSG-ID from header. Network Order! */
139 /* only for a state representing an ISAKMP SA */
140 struct msgid_list *st_used_msgids; /* used-up msgids */
142 /* symmetric stuff */
144 /* initiator stuff */
145 chunk_t st_gi; /* Initiator public value */
146 u_int8_t st_icookie[COOKIE_SIZE];/* Initiator Cookie */
147 chunk_t st_ni; /* Ni nonce */
149 /* responder stuff */
150 chunk_t st_gr; /* Responder public value */
151 u_int8_t st_rcookie[COOKIE_SIZE];/* Responder Cookie */
152 chunk_t st_nr; /* Nr nonce */
157 chunk_t st_tpacket; /* Transmitted packet */
159 /* Phase 2 ID payload info about my user */
160 u_int8_t st_myuserprotoid; /* IDcx.protoid */
161 u_int16_t st_myuserport;
165 chunk_t st_rpacket; /* Received packet */
167 /* Phase 2 ID payload info about peer's user */
168 u_int8_t st_peeruserprotoid; /* IDcx.protoid */
169 u_int16_t st_peeruserport;
171 /* end of symmetric stuff */
173 /* Support quirky feature of Phase 1 ID payload for peer
174 * We don't support this wart for ourselves.
176 u_int8_t st_peeridentity_protocol;
177 u_int16_t st_peeridentity_port;
179 u_int8_t st_sec_in_use; /* bool: does st_sec hold a value */
180 MP_INT st_sec; /* Our local secret value */
182 chunk_t st_shared; /* Derived shared secret
183 * Note: during Quick Mode,
184 * presence indicates PFS
188 /* In a Phase 1 state, preserve peer's public key after authentication */
189 struct pubkeyrec *st_peer_pubkey;
191 enum state_kind st_state; /* State of exchange */
192 u_int8_t st_retransmit; /* Number of retransmits */
193 unsigned long st_try; /* number of times rekeying attempted */
194 /* 0 means the only time */
195 time_t st_margin; /* life after EVENT_SA_REPLACE */
196 chunk_t st_p1isa; /* Phase 1 initiator SA (Payload) for HASH */
197 chunk_t st_skeyid; /* Key material */
198 chunk_t st_skeyid_d; /* KM for non-ISAKMP key derivation */
199 chunk_t st_skeyid_a; /* KM for ISAKMP authentication */
200 chunk_t st_skeyid_e; /* KM for ISAKMP encryption */
201 u_char st_iv[MAX_DIGEST_LEN]; /* IV for encryption */
202 u_char st_new_iv[MAX_DIGEST_LEN];
203 unsigned int st_iv_len;
204 unsigned int st_new_iv_len;
205 chunk_t st_enc_key; /* Oakley Encryption key */
207 struct event *st_event; /* backpointer for certain events */
209 bool st_dpd; /* Peer supports DPD */
210 time_t st_last_dpd; /* Time of last DPD transmit */
211 u_int32_t st_dpd_seqno; /* Next R_U_THERE to send */
212 u_int32_t st_dpd_expectseqno; /* Next R_U_THERE_ACK to receive */
213 u_int32_t st_dpd_peerseqno; /* Last R_U_THERE received */
214 struct event *st_dpd_event; /* backpointer for DPD events */
216 struct state *st_hashchain_next; /* Next in list */
217 struct state *st_hashchain_prev; /* Previous in list */
219 u_int32_t nat_traversal;
224 /* global variables */
226 extern u_int16_t pluto_port; /* Pluto's port */
227 extern bool states_use_connection(struct connection *c);
229 /* state functions */
231 extern struct state *new_state(void);
232 extern void init_states(void);
233 extern void insert_state(struct state *st);
234 extern void state_rehash(struct connection *c);
235 extern void unhash_state(struct state *st);
236 extern void release_whack(struct state *st);
237 extern void delete_state(struct state *st);
238 struct connection; /* forward declaration of tag */
239 extern void delete_states_by_connection(struct connection *c);
242 *duplicate_state(const struct state *st),
244 const u_char *icookie,
245 const u_char *rcookie,
246 const ip_address *peer,
248 *state_with_serialno(so_serial_t sn),
249 *find_phase2_state_to_delete(const struct state *p1st, u_int8_t protoid,
250 ipsec_spi_t spi, bool *bogus),
251 *find_phase1_state_to_delete(const struct state *p1st,
252 const u_char *icookie, const u_char *rcookie),
253 *find_phase1_state(const struct connection *c, bool established),
254 *find_sender(size_t packet_len, u_char *packet);
256 extern void show_states_status(void);
259 void for_each_state(void *(f)(struct state *, void *data), void *data);
262 extern void find_my_cpi_gap(cpi_t *latest_cpi, cpi_t *first_busy_cpi);
263 extern ipsec_spi_t uniquify_his_cpi(ipsec_spi_t cpi, struct state *st);