2 * Copyright (c) 2015 Cisco and/or its affiliates.
3 * Licensed under the Apache License, Version 2.0 (the "License");
4 * you may not use this file except in compliance with the License.
5 * You may obtain a copy of the License at:
7 * http://www.apache.org/licenses/LICENSE-2.0
9 * Unless required by applicable law or agreed to in writing, software
10 * distributed under the License is distributed on an "AS IS" BASIS,
11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 * See the License for the specific language governing permissions and
13 * limitations under the License.
16 #include <vlib/vlib.h>
17 #include <vlib/unix/plugin.h>
18 #include <vlibmemory/api.h>
19 #include <vpp/app/version.h>
20 #include <vnet/vnet.h>
21 #include <vppinfra/error.h>
22 #include <vppinfra/random.h>
23 #include <vnet/udp/udp.h>
24 #include <vnet/ipsec/ipsec.h>
25 #include <vnet/ipsec/ipsec_tun.h>
26 #include <vnet/ipip/ipip.h>
27 #include <plugins/ikev2/ikev2.h>
28 #include <plugins/ikev2/ikev2_priv.h>
29 #include <plugins/dns/dns.h>
30 #include <openssl/sha.h>
31 #include <vnet/ipsec/ipsec_punt.h>
32 #include <plugins/ikev2/ikev2.api_enum.h>
34 #define IKEV2_LIVENESS_RETRIES 3
35 #define IKEV2_LIVENESS_PERIOD_CHECK 30
37 ikev2_main_t ikev2_main;
39 static int ikev2_delete_tunnel_interface (vnet_main_t * vnm,
41 ikev2_child_sa_t * child);
43 #define ikev2_set_state(sa, v, ...) do { \
45 ikev2_elog_sa_state("ispi %lx SA state changed to " #v __VA_ARGS__, sa->ispi); \
55 format_ikev2_trace (u8 * s, va_list * args)
57 CLIB_UNUSED (vlib_main_t * vm) = va_arg (*args, vlib_main_t *);
58 CLIB_UNUSED (vlib_node_t * node) = va_arg (*args, vlib_node_t *);
59 ikev2_trace_t *t = va_arg (*args, ikev2_trace_t *);
61 s = format (s, "ikev2: sw_if_index %d, next index %d",
62 t->sw_if_index, t->next_index);
66 #define IKEV2_GENERATE_SA_INIT_OK_str ""
67 #define IKEV2_GENERATE_SA_INIT_OK_ERR_NO_DH_STR \
68 "no DH group configured for IKE proposals!"
69 #define IKEV2_GENERATE_SA_INIT_OK_ERR_UNSUPP_STR \
70 "DH group not supported!"
74 IKEV2_GENERATE_SA_INIT_OK,
75 IKEV2_GENERATE_SA_INIT_ERR_NO_DH,
76 IKEV2_GENERATE_SA_INIT_ERR_UNSUPPORTED_DH,
77 } ikev2_generate_sa_error_t;
80 format_ikev2_gen_sa_error (u8 * s, va_list * args)
82 ikev2_generate_sa_error_t e = va_arg (*args, ikev2_generate_sa_error_t);
85 case IKEV2_GENERATE_SA_INIT_OK:
87 case IKEV2_GENERATE_SA_INIT_ERR_NO_DH:
88 s = format (s, IKEV2_GENERATE_SA_INIT_OK_ERR_NO_DH_STR);
90 case IKEV2_GENERATE_SA_INIT_ERR_UNSUPPORTED_DH:
91 s = format (s, IKEV2_GENERATE_SA_INIT_OK_ERR_UNSUPP_STR);
99 IKEV2_NEXT_IP4_LOOKUP,
100 IKEV2_NEXT_IP4_ERROR_DROP,
106 IKEV2_NEXT_IP6_LOOKUP,
107 IKEV2_NEXT_IP6_ERROR_DROP,
111 typedef u32 ikev2_non_esp_marker;
114 ikev2_get_port (ikev2_sa_t *sa)
116 return ikev2_natt_active (sa) ? IKEV2_PORT_NATT : IKEV2_PORT;
120 ikev2_insert_non_esp_marker (ike_header_t *ike, int len)
122 memmove ((u8 *) ike + sizeof (ikev2_non_esp_marker), ike, len);
123 clib_memset (ike, 0, sizeof (ikev2_non_esp_marker));
124 return len + sizeof (ikev2_non_esp_marker);
127 static ikev2_sa_transform_t *
128 ikev2_find_transform_data (ikev2_sa_transform_t * t)
130 ikev2_main_t *km = &ikev2_main;
131 ikev2_sa_transform_t *td;
133 vec_foreach (td, km->supported_transforms)
135 if (td->type != t->type)
138 if (td->transform_id != t->transform_id)
141 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR)
143 if (vec_len (t->attrs) != 4 || t->attrs[0] != 0x80
144 || t->attrs[1] != 14)
147 if (((t->attrs[2] << 8 | t->attrs[3]) / 8) != td->key_len)
155 static ikev2_sa_proposal_t *
156 ikev2_select_proposal (ikev2_sa_proposal_t * proposals,
157 ikev2_protocol_id_t prot_id)
159 ikev2_sa_proposal_t *rv = 0;
160 ikev2_sa_proposal_t *proposal;
161 ikev2_sa_transform_t *transform, *new_t;
162 u8 mandatory_bitmap, optional_bitmap;
164 if (prot_id == IKEV2_PROTOCOL_IKE)
166 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
167 (1 << IKEV2_TRANSFORM_TYPE_PRF) | (1 << IKEV2_TRANSFORM_TYPE_DH);
168 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_INTEG);
170 else if (prot_id == IKEV2_PROTOCOL_ESP)
172 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_ENCR) |
173 (1 << IKEV2_TRANSFORM_TYPE_ESN);
174 optional_bitmap = mandatory_bitmap |
175 (1 << IKEV2_TRANSFORM_TYPE_INTEG) | (1 << IKEV2_TRANSFORM_TYPE_DH);
177 else if (prot_id == IKEV2_PROTOCOL_AH)
179 mandatory_bitmap = (1 << IKEV2_TRANSFORM_TYPE_INTEG) |
180 (1 << IKEV2_TRANSFORM_TYPE_ESN);
181 optional_bitmap = mandatory_bitmap | (1 << IKEV2_TRANSFORM_TYPE_DH);
186 vec_add2 (rv, proposal, 1);
188 vec_foreach (proposal, proposals)
191 if (proposal->protocol_id != prot_id)
194 vec_foreach (transform, proposal->transforms)
196 if ((1 << transform->type) & bitmap)
199 if (ikev2_find_transform_data (transform))
201 bitmap |= 1 << transform->type;
202 vec_add2 (rv->transforms, new_t, 1);
203 clib_memcpy_fast (new_t, transform, sizeof (*new_t));
204 new_t->attrs = vec_dup (transform->attrs);
208 if ((bitmap & mandatory_bitmap) == mandatory_bitmap &&
209 (bitmap & ~optional_bitmap) == 0)
211 rv->proposal_num = proposal->proposal_num;
212 rv->protocol_id = proposal->protocol_id;
213 RAND_bytes ((u8 *) & rv->spi, sizeof (rv->spi));
218 vec_free (rv->transforms);
227 ikev2_sa_transform_t *
228 ikev2_sa_get_td_for_type (ikev2_sa_proposal_t * p,
229 ikev2_transform_type_t type)
231 ikev2_sa_transform_t *t;
236 vec_foreach (t, p->transforms)
239 return ikev2_find_transform_data (t);
245 ikev2_sa_get_child (ikev2_sa_t * sa, u32 spi, ikev2_protocol_id_t prot_id,
249 vec_foreach (c, sa->childs)
251 ikev2_sa_proposal_t *proposal =
252 by_initiator ? &c->i_proposals[0] : &c->r_proposals[0];
253 if (proposal && proposal->spi == spi && proposal->protocol_id == prot_id)
261 ikev2_sa_free_proposal_vector (ikev2_sa_proposal_t ** v)
263 ikev2_sa_proposal_t *p;
264 ikev2_sa_transform_t *t;
271 vec_foreach (t, p->transforms)
275 vec_free (p->transforms);
281 ikev2_sa_free_child_sa (ikev2_child_sa_t * c)
283 ikev2_sa_free_proposal_vector (&c->r_proposals);
284 ikev2_sa_free_proposal_vector (&c->i_proposals);
294 ikev2_sa_free_all_child_sa (ikev2_child_sa_t ** childs)
297 vec_foreach (c, *childs) ikev2_sa_free_child_sa (c);
303 ikev2_sa_del_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * child)
305 ikev2_sa_free_child_sa (child);
306 vec_del1 (sa->childs, child - sa->childs);
310 ikev2_sa_free_all_vec (ikev2_sa_t * sa)
312 vec_free (sa->i_nonce);
313 vec_free (sa->r_nonce);
315 vec_free (sa->dh_shared_key);
316 vec_free (sa->dh_private_key);
317 vec_free (sa->i_dh_data);
318 vec_free (sa->r_dh_data);
320 ikev2_sa_free_proposal_vector (&sa->r_proposals);
321 ikev2_sa_free_proposal_vector (&sa->i_proposals);
324 vec_free (sa->sk_ai);
325 vec_free (sa->sk_ar);
326 vec_free (sa->sk_ei);
327 vec_free (sa->sk_er);
328 vec_free (sa->sk_pi);
329 vec_free (sa->sk_pr);
331 vec_free (sa->i_id.data);
332 vec_free (sa->r_id.data);
334 vec_free (sa->i_auth.data);
336 EVP_PKEY_free (sa->i_auth.key);
337 vec_free (sa->r_auth.data);
339 EVP_PKEY_free (sa->r_auth.key);
343 vec_free (sa->rekey);
345 vec_free (sa->last_sa_init_req_packet_data);
346 vec_free (sa->last_sa_init_res_packet_data);
348 vec_free (sa->last_res_packet_data);
350 ikev2_sa_free_all_child_sa (&sa->childs);
354 ikev2_delete_sa (ikev2_main_per_thread_data_t * ptd, ikev2_sa_t * sa)
358 ikev2_sa_free_all_vec (sa);
360 p = hash_get (ptd->sa_by_rspi, sa->rspi);
363 hash_unset (ptd->sa_by_rspi, sa->rspi);
364 pool_put (ptd->sas, sa);
368 static ikev2_generate_sa_error_t
369 ikev2_generate_sa_init_data (ikev2_sa_t * sa)
371 ikev2_sa_transform_t *t = 0, *t2;
372 ikev2_main_t *km = &ikev2_main;
374 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
375 return IKEV2_GENERATE_SA_INIT_ERR_NO_DH;
377 /* check if received DH group is on our list of supported groups */
378 vec_foreach (t2, km->supported_transforms)
380 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
389 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
390 return IKEV2_GENERATE_SA_INIT_ERR_UNSUPPORTED_DH;
393 if (sa->is_initiator)
396 RAND_bytes ((u8 *) & sa->ispi, 8);
399 sa->i_nonce = vec_new (u8, IKEV2_NONCE_SIZE);
400 RAND_bytes ((u8 *) sa->i_nonce, IKEV2_NONCE_SIZE);
405 RAND_bytes ((u8 *) & sa->rspi, 8);
408 sa->r_nonce = vec_new (u8, vec_len (sa->i_nonce));
409 RAND_bytes ((u8 *) sa->r_nonce, vec_len (sa->i_nonce));
412 /* generate dh keys */
413 ikev2_generate_dh (sa, t);
415 return IKEV2_GENERATE_SA_INIT_OK;
419 ikev2_complete_sa_data (ikev2_sa_t * sa, ikev2_sa_t * sai)
421 ikev2_sa_transform_t *t = 0, *t2;
422 ikev2_main_t *km = &ikev2_main;
424 /*move some data to the new SA */
425 #define _(A) ({void* __tmp__ = (A); (A) = 0; __tmp__;})
426 sa->i_nonce = _(sai->i_nonce);
427 sa->i_dh_data = _(sai->i_dh_data);
428 sa->dh_private_key = _(sai->dh_private_key);
429 ip_address_copy (&sa->iaddr, &sai->iaddr);
430 ip_address_copy (&sa->raddr, &sai->raddr);
431 sa->is_initiator = sai->is_initiator;
432 sa->i_id.type = sai->i_id.type;
433 sa->r_id.type = sai->r_id.type;
434 sa->profile_index = sai->profile_index;
435 sa->tun_itf = sai->tun_itf;
436 sa->is_tun_itf_set = sai->is_tun_itf_set;
437 if (sai->natt_state == IKEV2_NATT_DISABLED)
438 sa->natt_state = IKEV2_NATT_DISABLED;
439 sa->i_id.data = _(sai->i_id.data);
440 sa->r_id.data = _(sai->r_id.data);
441 sa->i_auth.method = sai->i_auth.method;
442 sa->i_auth.hex = sai->i_auth.hex;
443 sa->i_auth.data = _(sai->i_auth.data);
444 sa->i_auth.key = _(sai->i_auth.key);
445 sa->last_sa_init_req_packet_data = _(sai->last_sa_init_req_packet_data);
446 sa->last_init_msg_id = sai->last_init_msg_id;
447 sa->childs = _(sai->childs);
448 sa->udp_encap = sai->udp_encap;
449 sa->ipsec_over_udp_port = sai->ipsec_over_udp_port;
450 sa->dst_port = sai->dst_port;
451 sa->sw_if_index = sai->sw_if_index;
455 if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
460 /* check if received DH group is on our list of supported groups */
461 vec_foreach (t2, km->supported_transforms)
463 if (t2->type == IKEV2_TRANSFORM_TYPE_DH && sa->dh_group == t2->dh_type)
472 sa->dh_group = IKEV2_TRANSFORM_DH_TYPE_NONE;
477 /* generate dh keys */
478 ikev2_complete_dh (sa, t);
483 ikev2_calc_keys (ikev2_sa_t * sa)
486 /* calculate SKEYSEED = prf(Ni | Nr, g^ir) */
489 u16 integ_key_len = 0, salt_len = 0;
490 ikev2_sa_transform_t *tr_encr, *tr_prf, *tr_integ;
492 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
494 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
496 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
499 integ_key_len = tr_integ->key_len;
501 salt_len = sizeof (u32);
503 vec_append (s, sa->i_nonce);
504 vec_append (s, sa->r_nonce);
505 skeyseed = ikev2_calc_prf (tr_prf, s, sa->dh_shared_key);
507 /* Calculate S = Ni | Nr | SPIi | SPIr */
509 vec_add2 (s, tmp, 2 * sizeof (*spi));
511 spi[0] = clib_host_to_net_u64 (sa->ispi);
512 spi[1] = clib_host_to_net_u64 (sa->rspi);
514 /* calculate PRFplus */
516 int len = tr_prf->key_trunc + /* SK_d */
517 integ_key_len * 2 + /* SK_ai, SK_ar */
518 tr_encr->key_len * 2 + /* SK_ei, SK_er */
519 tr_prf->key_len * 2 + /* SK_pi, SK_pr */
522 keymat = ikev2_calc_prfplus (tr_prf, skeyseed, s, len);
529 sa->sk_d = vec_new (u8, tr_prf->key_trunc);
530 clib_memcpy_fast (sa->sk_d, keymat + pos, tr_prf->key_trunc);
531 pos += tr_prf->key_trunc;
536 sa->sk_ai = vec_new (u8, integ_key_len);
537 clib_memcpy_fast (sa->sk_ai, keymat + pos, integ_key_len);
538 pos += integ_key_len;
541 sa->sk_ar = vec_new (u8, integ_key_len);
542 clib_memcpy_fast (sa->sk_ar, keymat + pos, integ_key_len);
543 pos += integ_key_len;
547 sa->sk_ei = vec_new (u8, tr_encr->key_len + salt_len);
548 clib_memcpy_fast (sa->sk_ei, keymat + pos, tr_encr->key_len + salt_len);
549 pos += tr_encr->key_len + salt_len;
552 sa->sk_er = vec_new (u8, tr_encr->key_len + salt_len);
553 clib_memcpy_fast (sa->sk_er, keymat + pos, tr_encr->key_len + salt_len);
554 pos += tr_encr->key_len + salt_len;
557 sa->sk_pi = vec_new (u8, tr_prf->key_len);
558 clib_memcpy_fast (sa->sk_pi, keymat + pos, tr_prf->key_len);
559 pos += tr_prf->key_len;
562 sa->sk_pr = vec_new (u8, tr_prf->key_len);
563 clib_memcpy_fast (sa->sk_pr, keymat + pos, tr_prf->key_len);
564 pos += tr_prf->key_len;
567 sa->keys_generated = 1;
571 ikev2_calc_child_keys (ikev2_sa_t * sa, ikev2_child_sa_t * child)
574 u16 integ_key_len = 0;
577 ikev2_sa_transform_t *tr_prf, *ctr_encr, *ctr_integ;
579 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
581 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
583 ikev2_sa_get_td_for_type (child->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
586 integ_key_len = ctr_integ->key_len;
588 salt_len = sizeof (u32);
590 vec_append (s, sa->i_nonce);
591 vec_append (s, sa->r_nonce);
592 /* calculate PRFplus */
594 int len = ctr_encr->key_len * 2 + integ_key_len * 2 + salt_len * 2;
596 keymat = ikev2_calc_prfplus (tr_prf, sa->sk_d, s, len);
601 child->sk_ei = vec_new (u8, ctr_encr->key_len);
602 clib_memcpy_fast (child->sk_ei, keymat + pos, ctr_encr->key_len);
603 pos += ctr_encr->key_len;
608 child->sk_ai = vec_new (u8, ctr_integ->key_len);
609 clib_memcpy_fast (child->sk_ai, keymat + pos, ctr_integ->key_len);
610 pos += ctr_integ->key_len;
614 clib_memcpy (&child->salt_ei, keymat + pos, salt_len);
619 child->sk_er = vec_new (u8, ctr_encr->key_len);
620 clib_memcpy_fast (child->sk_er, keymat + pos, ctr_encr->key_len);
621 pos += ctr_encr->key_len;
626 child->sk_ar = vec_new (u8, integ_key_len);
627 clib_memcpy_fast (child->sk_ar, keymat + pos, integ_key_len);
628 pos += integ_key_len;
632 clib_memcpy (&child->salt_er, keymat + pos, salt_len);
642 ikev2_compute_nat_sha1 (u64 ispi, u64 rspi, ip_address_t *ia, u16 port)
644 const u32 max_buf_size =
645 sizeof (ispi) + sizeof (rspi) + sizeof (ip6_address_t) + sizeof (u16);
646 u8 buf[max_buf_size];
647 u8 *res = vec_new (u8, 20);
649 clib_memcpy_fast (&buf[0], &ispi, sizeof (ispi));
650 clib_memcpy_fast (&buf[8], &rspi, sizeof (rspi));
651 clib_memcpy_fast (&buf[8 + 8], ip_addr_bytes (ia), ip_address_size (ia));
652 clib_memcpy_fast (&buf[8 + 8 + ip_address_size (ia)], &port, sizeof (port));
653 SHA1 (buf, 2 * sizeof (ispi) + sizeof (port) + ip_address_size (ia), res);
658 ikev2_parse_ke_payload (const void *p, u32 rlen, ikev2_sa_t * sa,
661 const ike_ke_payload_header_t *ke = p;
662 u16 plen = clib_net_to_host_u16 (ke->length);
663 ASSERT (plen >= sizeof (*ke) && plen <= rlen);
664 if (sizeof (*ke) > rlen)
666 ikev2_elog_error ("KE: packet too small");
670 sa->dh_group = clib_net_to_host_u16 (ke->dh_group);
671 vec_reset_length (ke_data[0]);
672 vec_add (ke_data[0], ke->payload, plen - sizeof (*ke));
677 ikev2_parse_nonce_payload (const void *p, u32 rlen, const u8 **nonce)
679 const ike_payload_header_t *ikep = p;
680 u16 plen = clib_net_to_host_u16 (ikep->length);
681 ASSERT (plen >= sizeof (*ikep) && plen <= rlen);
682 int len = plen - sizeof (*ikep);
683 ASSERT (len >= 16 && len <= 256);
684 if (PREDICT_FALSE (len < 16 || len > 256))
686 ikev2_elog_error ("NONCE: bad size");
689 *nonce = ikep->payload;
694 ikev2_check_payload_length (const ike_payload_header_t * ikep, int rlen,
697 if (sizeof (*ikep) > rlen)
699 ikev2_elog_error ("payload: packet too small");
702 *plen = clib_net_to_host_u16 (ikep->length);
703 if (*plen < sizeof (*ikep) || *plen > rlen)
705 ikev2_elog_error ("payload: bad size");
712 ikev2_process_sa_init_req (vlib_main_t *vm, ikev2_sa_t *sa, ike_header_t *ike,
713 udp_header_t *udp, u32 len, u32 sw_if_index)
716 u8 payload = ike->nextpayload;
717 ike_payload_header_t *ikep;
720 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT request received "
721 "from ", clib_net_to_host_u64 (ike->ispi),
722 clib_net_to_host_u64 (ike->rspi),
723 ip_addr_v4 (&sa->iaddr).as_u32,
724 ip_addr_version (&sa->iaddr) == AF_IP4);
726 sa->ispi = clib_net_to_host_u64 (ike->ispi);
727 sa->sw_if_index = sw_if_index;
729 /* store whole IKE payload - needed for PSK auth */
730 vec_reset_length (sa->last_sa_init_req_packet_data);
731 vec_add (sa->last_sa_init_req_packet_data, ike, len);
733 if (len < sizeof (*ike))
735 ikev2_elog_error ("IKE_INIT request too small");
739 len -= sizeof (*ike);
740 while (p < len && payload != IKEV2_PAYLOAD_NONE)
742 ikep = (ike_payload_header_t *) & ike->payload[p];
743 int current_length = len - p;
744 if (!ikev2_check_payload_length (ikep, current_length, &plen))
747 if (payload == IKEV2_PAYLOAD_SA)
749 ikev2_sa_free_proposal_vector (&sa->i_proposals);
750 sa->i_proposals = ikev2_parse_sa_payload (ikep, current_length);
752 else if (payload == IKEV2_PAYLOAD_KE)
754 if (!ikev2_parse_ke_payload (ikep, current_length, sa,
758 else if (payload == IKEV2_PAYLOAD_NONCE)
762 vec_reset_length (sa->i_nonce);
763 if ((nonce_len = ikev2_parse_nonce_payload (ikep, current_length,
766 vec_add (sa->i_nonce, nonce, nonce_len);
768 else if (payload == IKEV2_PAYLOAD_NOTIFY)
771 ikev2_parse_notify_payload (ikep, current_length);
772 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
774 u8 *src_sha = ikev2_compute_nat_sha1 (ike->ispi, 0, &sa->iaddr,
776 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
778 if (sa->natt_state == IKEV2_NATT_ENABLED)
779 sa->natt_state = IKEV2_NATT_ACTIVE;
780 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
781 " behind NAT", sa->ispi);
785 else if (n->msg_type ==
786 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
788 u8 *dst_sha = ikev2_compute_nat_sha1 (ike->ispi, 0, &sa->raddr,
790 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
792 if (sa->natt_state == IKEV2_NATT_ENABLED)
793 sa->natt_state = IKEV2_NATT_ACTIVE;
794 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
795 " (self) behind NAT", sa->ispi);
801 else if (payload == IKEV2_PAYLOAD_VENDOR)
803 ikev2_parse_vendor_payload (ikep);
807 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
809 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
811 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
812 sa->unsupported_cp = payload;
817 payload = ikep->nextpayload;
821 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
826 ikev2_process_sa_init_resp (vlib_main_t * vm,
827 ikev2_sa_t * sa, ike_header_t * ike,
828 udp_header_t * udp, u32 len)
831 u8 payload = ike->nextpayload;
832 ike_payload_header_t *ikep;
835 sa->ispi = clib_net_to_host_u64 (ike->ispi);
836 sa->rspi = clib_net_to_host_u64 (ike->rspi);
838 ikev2_elog_exchange ("ispi %lx rspi %lx IKE_INIT response received "
839 "from ", sa->ispi, sa->rspi,
840 ip_addr_v4 (&sa->raddr).as_u32,
841 ip_addr_version (&sa->raddr) == AF_IP4);
843 /* store whole IKE payload - needed for PSK auth */
844 vec_reset_length (sa->last_sa_init_res_packet_data);
845 vec_add (sa->last_sa_init_res_packet_data, ike, len);
847 if (sizeof (*ike) > len)
849 ikev2_elog_error ("IKE_INIT response too small");
853 len -= sizeof (*ike);
854 while (p < len && payload != IKEV2_PAYLOAD_NONE)
856 int current_length = len - p;
857 ikep = (ike_payload_header_t *) & ike->payload[p];
858 if (!ikev2_check_payload_length (ikep, current_length, &plen))
861 if (payload == IKEV2_PAYLOAD_SA)
863 ikev2_sa_free_proposal_vector (&sa->r_proposals);
864 sa->r_proposals = ikev2_parse_sa_payload (ikep, current_length);
867 ikev2_set_state (sa, IKEV2_STATE_SA_INIT);
869 clib_host_to_net_u32 (clib_net_to_host_u32 (ike->msgid) + 1);
872 else if (payload == IKEV2_PAYLOAD_KE)
874 if (!ikev2_parse_ke_payload (ikep, current_length, sa,
878 else if (payload == IKEV2_PAYLOAD_NONCE)
882 vec_reset_length (sa->r_nonce);
883 if ((nonce_len = ikev2_parse_nonce_payload (ikep, current_length,
886 vec_add (sa->r_nonce, nonce, nonce_len);
888 else if (payload == IKEV2_PAYLOAD_NOTIFY)
891 ikev2_parse_notify_payload (ikep, current_length);
892 if (n->msg_type == IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP)
894 u8 *src_sha = ikev2_compute_nat_sha1 (ike->ispi, ike->rspi,
897 if (clib_memcmp (src_sha, n->data, vec_len (src_sha)))
899 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx responder"
900 " behind NAT, unsupported", sa->ispi);
904 else if (n->msg_type ==
905 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP)
907 u8 *dst_sha = ikev2_compute_nat_sha1 (ike->ispi, ike->rspi,
910 if (clib_memcmp (dst_sha, n->data, vec_len (dst_sha)))
912 if (sa->natt_state == IKEV2_NATT_ENABLED)
913 sa->natt_state = IKEV2_NATT_ACTIVE;
914 ikev2_elog_uint (IKEV2_LOG_DEBUG, "ispi %lx initiator"
915 " (self) behind NAT", sa->ispi);
921 else if (payload == IKEV2_PAYLOAD_VENDOR)
923 ikev2_parse_vendor_payload (ikep);
927 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
929 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
931 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
932 sa->unsupported_cp = payload;
937 payload = ikep->nextpayload;
943 ikev2_decrypt_sk_payload (ikev2_sa_t * sa, ike_header_t * ike,
944 u8 * payload, u32 rlen, u32 * out_len)
946 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
948 u8 last_payload = 0, *hmac = 0, *plaintext = 0;
949 ike_payload_header_t *ikep = 0;
952 ikev2_sa_transform_t *tr_integ;
953 ikev2_sa_transform_t *tr_encr;
955 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
957 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
958 int is_aead = tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
960 if (((!sa->sk_ar || !sa->sk_ai) && !is_aead) || (!sa->sk_ei || !sa->sk_er))
963 if (rlen <= sizeof (*ike))
966 int len = rlen - sizeof (*ike);
968 *payload != IKEV2_PAYLOAD_NONE && last_payload != IKEV2_PAYLOAD_SK)
970 ikep = (ike_payload_header_t *) & ike->payload[p];
971 int current_length = len - p;
972 if (!ikev2_check_payload_length (ikep, current_length, &plen))
975 if (*payload == IKEV2_PAYLOAD_SK)
977 last_payload = *payload;
981 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
983 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
985 sa->unsupported_cp = *payload;
990 *payload = ikep->nextpayload;
994 if (last_payload != IKEV2_PAYLOAD_SK)
996 ikev2_elog_error ("Last payload must be SK");
1002 if (plen < sizeof (*ikep) + IKEV2_GCM_ICV_SIZE)
1005 plen -= sizeof (*ikep) + IKEV2_GCM_ICV_SIZE;
1006 u8 *aad = (u8 *) ike;
1007 u32 aad_len = ikep->payload - aad;
1008 u8 *tag = ikep->payload + plen;
1010 int rc = ikev2_decrypt_aead_data (ptd, sa, tr_encr, ikep->payload,
1011 plen, aad, aad_len, tag, &dlen);
1015 plaintext = ikep->payload + IKEV2_GCM_IV_SIZE;
1020 if (rlen < tr_integ->key_trunc)
1024 ikev2_calc_integr (tr_integ, sa->is_initiator ? sa->sk_ar : sa->sk_ai,
1025 (u8 *) ike, rlen - tr_integ->key_trunc);
1027 if (plen < sizeof (*ikep) + tr_integ->key_trunc)
1030 plen = plen - sizeof (*ikep) - tr_integ->key_trunc;
1032 if (clib_memcmp (hmac, &ikep->payload[plen], tr_integ->key_trunc))
1034 ikev2_elog_error ("message integrity check failed");
1040 int rc = ikev2_decrypt_data (ptd, sa, tr_encr, ikep->payload, plen,
1045 plaintext = ikep->payload + tr_encr->block_size;
1053 ikev2_is_id_equal (const ikev2_id_t *i1, const ikev2_id_t *i2)
1055 if (i1->type != i2->type)
1058 if (vec_len (i1->data) != vec_len (i2->data))
1061 if (clib_memcmp (i1->data, i2->data, vec_len (i1->data)))
1068 ikev2_initial_contact_cleanup_internal (ikev2_main_per_thread_data_t * ptd,
1071 ikev2_main_t *km = &ikev2_main;
1074 ikev2_child_sa_t *c;
1076 /* find old IKE SAs with the same authenticated identity */
1078 pool_foreach (tmp, ptd->sas) {
1079 if (!ikev2_is_id_equal (&tmp->i_id, &sa->i_id)
1080 || !ikev2_is_id_equal(&tmp->r_id, &sa->r_id))
1083 if (sa->rspi != tmp->rspi)
1084 vec_add1(delete, tmp - ptd->sas);
1088 for (i = 0; i < vec_len (delete); i++)
1090 tmp = pool_elt_at_index (ptd->sas, delete[i]);
1091 vec_foreach (c, tmp->childs)
1093 ikev2_delete_tunnel_interface (km->vnet_main, tmp, c);
1095 ikev2_delete_sa (ptd, tmp);
1099 sa->initial_contact = 0;
1103 ikev2_initial_contact_cleanup (ikev2_main_per_thread_data_t * ptd,
1106 ikev2_main_t *km = &ikev2_main;
1108 if (!sa->initial_contact)
1113 ikev2_initial_contact_cleanup_internal (ptd, sa);
1117 vec_foreach (ptd, km->per_thread_data)
1118 ikev2_initial_contact_cleanup_internal (ptd, sa);
1120 sa->initial_contact = 0;
1124 ikev2_parse_id_payload (const void *p, u16 rlen, ikev2_id_t * sa_id)
1126 const ike_id_payload_header_t *id = p;
1127 u16 plen = clib_net_to_host_u16 (id->length);
1128 if (plen < sizeof (*id) || plen > rlen)
1131 sa_id->type = id->id_type;
1132 vec_reset_length (sa_id->data);
1133 vec_add (sa_id->data, id->payload, plen - sizeof (*id));
1139 ikev2_parse_auth_payload (const void *p, u32 rlen, ikev2_auth_t * a)
1141 const ike_auth_payload_header_t *ah = p;
1142 u16 plen = clib_net_to_host_u16 (ah->length);
1144 a->method = ah->auth_method;
1145 vec_reset_length (a->data);
1146 vec_add (a->data, ah->payload, plen - sizeof (*ah));
1151 ikev2_process_auth_req (vlib_main_t * vm, ikev2_sa_t * sa,
1152 ike_header_t * ike, u32 len)
1155 ikev2_child_sa_t *first_child_sa;
1156 u8 payload = ike->nextpayload;
1158 ike_payload_header_t *ikep;
1162 ikev2_elog_exchange ("ispi %lx rspi %lx EXCHANGE_IKE_AUTH received "
1163 "from ", clib_host_to_net_u64 (ike->ispi),
1164 clib_host_to_net_u64 (ike->rspi),
1166 ip_addr_v4 (&sa->raddr).as_u32 :
1167 ip_addr_v4 (&sa->iaddr).as_u32,
1168 ip_addr_version (&sa->raddr) == AF_IP4);
1170 ikev2_calc_keys (sa);
1172 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1176 if (sa->unsupported_cp)
1178 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1184 /* select or create 1st child SA */
1185 if (sa->is_initiator)
1187 first_child_sa = &sa->childs[0];
1191 ikev2_sa_free_all_child_sa (&sa->childs);
1192 vec_add2 (sa->childs, first_child_sa, 1);
1196 /* process encrypted payload */
1197 while (p < dlen && payload != IKEV2_PAYLOAD_NONE)
1199 ikep = (ike_payload_header_t *) & plaintext[p];
1200 int current_length = dlen - p;
1201 if (!ikev2_check_payload_length (ikep, current_length, &plen))
1204 if (payload == IKEV2_PAYLOAD_SA) /* 33 */
1206 if (sa->is_initiator)
1208 ikev2_sa_free_proposal_vector (&first_child_sa->r_proposals);
1209 first_child_sa->r_proposals = ikev2_parse_sa_payload (ikep,
1214 ikev2_sa_free_proposal_vector (&first_child_sa->i_proposals);
1215 first_child_sa->i_proposals = ikev2_parse_sa_payload (ikep,
1219 else if (payload == IKEV2_PAYLOAD_IDI) /* 35 */
1221 if (!ikev2_parse_id_payload (ikep, current_length, &sa->i_id))
1224 else if (payload == IKEV2_PAYLOAD_IDR) /* 36 */
1226 if (!ikev2_parse_id_payload (ikep, current_length, &sa->r_id))
1229 else if (payload == IKEV2_PAYLOAD_AUTH) /* 39 */
1231 if (sa->is_initiator)
1233 if (!ikev2_parse_auth_payload (ikep, current_length,
1239 if (!ikev2_parse_auth_payload (ikep, current_length,
1244 else if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1247 ikev2_parse_notify_payload (ikep, current_length);
1248 if (n->msg_type == IKEV2_NOTIFY_MSG_INITIAL_CONTACT)
1250 sa->initial_contact = 1;
1254 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1256 ikev2_parse_vendor_payload (ikep);
1258 else if (payload == IKEV2_PAYLOAD_TSI) /* 44 */
1260 vec_free (first_child_sa->tsi);
1261 first_child_sa->tsi = ikev2_parse_ts_payload (ikep, current_length);
1263 else if (payload == IKEV2_PAYLOAD_TSR) /* 45 */
1265 vec_free (first_child_sa->tsr);
1266 first_child_sa->tsr = ikev2_parse_ts_payload (ikep, current_length);
1270 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1273 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1275 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
1276 sa->unsupported_cp = payload;
1281 payload = ikep->nextpayload;
1288 ikev2_set_state (sa, IKEV2_STATE_DELETED, ": malformed IKE_AUTH");
1293 ikev2_process_informational_req (vlib_main_t * vm,
1294 ikev2_sa_t * sa, ike_header_t * ike, u32 len)
1297 u8 payload = ike->nextpayload;
1299 ike_payload_header_t *ikep;
1301 ikev2_notify_t *n = 0;
1303 sa->liveness_retries = 0;
1304 ikev2_elog_exchange ("ispi %lx rspi %lx INFORMATIONAL received "
1305 "from ", clib_host_to_net_u64 (ike->ispi),
1306 clib_host_to_net_u64 (ike->rspi),
1307 ip_addr_v4 (&sa->iaddr).as_u32,
1308 ip_addr_version (&sa->iaddr) == AF_IP4);
1310 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1315 /* process encrypted payload */
1317 while (p < dlen && payload != IKEV2_PAYLOAD_NONE)
1319 u32 current_length = dlen - p;
1320 if (p + sizeof (*ikep) > dlen)
1323 ikep = (ike_payload_header_t *) & plaintext[p];
1324 u16 plen = clib_net_to_host_u16 (ikep->length);
1326 if (plen < sizeof (*ikep) || plen > current_length)
1329 if (payload == IKEV2_PAYLOAD_NOTIFY) /* 41 */
1331 n = ikev2_parse_notify_payload (ikep, current_length);
1334 if (n->msg_type == IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED)
1335 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1338 else if (payload == IKEV2_PAYLOAD_DELETE) /* 42 */
1340 sa->del = ikev2_parse_delete_payload (ikep, current_length);
1342 else if (payload == IKEV2_PAYLOAD_VENDOR) /* 43 */
1344 ikev2_parse_vendor_payload (ikep);
1348 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1350 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1352 sa->unsupported_cp = payload;
1356 payload = ikep->nextpayload;
1363 ikev2_process_create_child_sa_req (vlib_main_t * vm,
1364 ikev2_sa_t * sa, ike_header_t * ike,
1368 u8 payload = ike->nextpayload;
1370 ikev2_rekey_t *rekey;
1371 ike_payload_header_t *ikep;
1372 ikev2_notify_t *n = 0;
1373 ikev2_ts_t *tsi = 0;
1374 ikev2_ts_t *tsr = 0;
1375 ikev2_sa_proposal_t *proposal = 0;
1376 ikev2_child_sa_t *child_sa;
1379 const u8 *nonce = 0;
1382 if (sa->is_initiator)
1383 src = ip_addr_v4 (&sa->raddr).as_u32;
1385 src = ip_addr_v4 (&sa->iaddr).as_u32;
1387 ikev2_elog_exchange ("ispi %lx rspi %lx CREATE_CHILD_SA received from",
1388 clib_host_to_net_u64 (ike->ispi),
1389 clib_host_to_net_u64 (ike->rspi), src,
1390 ip_addr_version (&sa->raddr) == AF_IP4);
1392 plaintext = ikev2_decrypt_sk_payload (sa, ike, &payload, len, &dlen);
1395 goto cleanup_and_exit;
1397 /* process encrypted payload */
1399 while (payload != IKEV2_PAYLOAD_NONE)
1401 ikep = (ike_payload_header_t *) & plaintext[p];
1402 int current_length = dlen - p;
1403 if (!ikev2_check_payload_length (ikep, current_length, &plen))
1404 goto cleanup_and_exit;
1406 if (payload == IKEV2_PAYLOAD_SA)
1408 proposal = ikev2_parse_sa_payload (ikep, current_length);
1410 else if (payload == IKEV2_PAYLOAD_NOTIFY)
1413 n0 = ikev2_parse_notify_payload (ikep, current_length);
1414 if (n0->msg_type == IKEV2_NOTIFY_MSG_REKEY_SA)
1422 else if (payload == IKEV2_PAYLOAD_DELETE)
1424 sa->del = ikev2_parse_delete_payload (ikep, current_length);
1426 else if (payload == IKEV2_PAYLOAD_VENDOR)
1428 ikev2_parse_vendor_payload (ikep);
1430 else if (payload == IKEV2_PAYLOAD_NONCE)
1432 nonce_len = ikev2_parse_nonce_payload (ikep, current_length, &nonce);
1434 goto cleanup_and_exit;
1436 else if (payload == IKEV2_PAYLOAD_TSI)
1438 tsi = ikev2_parse_ts_payload (ikep, current_length);
1440 else if (payload == IKEV2_PAYLOAD_TSR)
1442 tsr = ikev2_parse_ts_payload (ikep, current_length);
1446 ikev2_elog_uint (IKEV2_LOG_ERROR, "Unknown payload! type=%d",
1448 if (ikep->flags & IKEV2_PAYLOAD_FLAG_CRITICAL)
1450 sa->unsupported_cp = payload;
1451 goto cleanup_and_exit;
1454 payload = ikep->nextpayload;
1458 if (!proposal || proposal->protocol_id != IKEV2_PROTOCOL_ESP || !nonce)
1459 goto cleanup_and_exit;
1461 if (sa->is_initiator)
1464 if (vec_len (rekey) == 0)
1465 goto cleanup_and_exit;
1466 rekey->protocol_id = proposal->protocol_id;
1468 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1469 rekey->i_proposal->spi = rekey->spi;
1470 rekey->r_proposal = proposal;
1474 vec_reset_length (sa->r_nonce);
1475 vec_add (sa->r_nonce, nonce, nonce_len);
1476 child_sa = ikev2_sa_get_child (sa, rekey->ispi, IKEV2_PROTOCOL_ESP, 1);
1479 child_sa->rekey_retries = 0;
1486 child_sa = ikev2_sa_get_child (sa, n->spi, n->protocol_id, 1);
1489 ikev2_elog_uint (IKEV2_LOG_ERROR, "child SA spi %lx not found",
1491 goto cleanup_and_exit;
1493 vec_add2 (sa->rekey, rekey, 1);
1494 rekey->protocol_id = n->protocol_id;
1495 rekey->spi = n->spi;
1496 rekey->i_proposal = proposal;
1498 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1500 vec_reset_length (sa->i_nonce);
1501 vec_add (sa->i_nonce, nonce, nonce_len);
1502 /* generate new Nr */
1503 vec_validate (sa->r_nonce, nonce_len - 1);
1504 RAND_bytes ((u8 *) sa->r_nonce, nonce_len);
1508 /* create new child SA */
1509 vec_add2 (sa->new_child, rekey, 1);
1510 rekey->i_proposal = proposal;
1512 ikev2_select_proposal (proposal, IKEV2_PROTOCOL_ESP);
1514 vec_reset_length (sa->i_nonce);
1515 vec_add (sa->i_nonce, nonce, nonce_len);
1516 /* generate new Nr */
1517 vec_validate (sa->r_nonce, nonce_len - 1);
1518 RAND_bytes ((u8 *) sa->r_nonce, nonce_len);
1528 vec_free (proposal);
1535 ikev2_sa_generate_authmsg (ikev2_sa_t * sa, int is_responder)
1543 ikev2_sa_transform_t *tr_prf;
1546 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1552 nonce = sa->i_nonce;
1553 packet_data = sa->last_sa_init_res_packet_data;
1559 nonce = sa->r_nonce;
1560 packet_data = sa->last_sa_init_req_packet_data;
1563 data = vec_new (u8, 4);
1565 vec_append (data, id->data);
1567 u8 *id_hash = ikev2_calc_prf (tr_prf, key, data);
1568 vec_append (authmsg, packet_data);
1569 vec_append (authmsg, nonce);
1570 vec_append (authmsg, id_hash);
1578 ikev2_match_profile (const ikev2_profile_t *p, const ikev2_id_t *id_loc,
1579 const ikev2_id_t *id_rem, int is_initiator)
1581 /* on the initiator, IDi is always present and must match
1582 * however on the responder, IDr (which is our local id) is optional */
1583 if ((is_initiator || id_loc->type != 0) &&
1584 !ikev2_is_id_equal (&p->loc_id, id_loc))
1587 /* on the initiator, we might not have configured a specific remote id
1588 * however on the responder, the remote id should always be configured */
1589 if ((!is_initiator || p->rem_id.type != 0) &&
1590 !ikev2_is_id_equal (&p->rem_id, id_rem))
1597 ikev2_ts_cmp (ikev2_ts_t * ts1, ikev2_ts_t * ts2)
1599 if (ts1->ts_type == ts2->ts_type && ts1->protocol_id == ts2->protocol_id &&
1600 ts1->start_port == ts2->start_port && ts1->end_port == ts2->end_port &&
1601 !ip_address_cmp (&ts1->start_addr, &ts2->start_addr) &&
1602 !ip_address_cmp (&ts1->end_addr, &ts2->end_addr))
1609 ikev2_sa_match_ts (ikev2_sa_t * sa)
1611 ikev2_main_t *km = &ikev2_main;
1613 ikev2_ts_t *ts, *p_tsi, *p_tsr, *tsi = 0, *tsr = 0;
1614 ikev2_id_t *id_rem, *id_loc;
1617 pool_foreach (p, km->profiles) {
1619 if (sa->is_initiator)
1634 if (!ikev2_match_profile (p, id_loc, id_rem, sa->is_initiator))
1637 sa->profile_index = p - km->profiles;
1639 vec_foreach(ts, sa->childs[0].tsi)
1641 if (ikev2_ts_cmp(p_tsi, ts))
1643 vec_add1 (tsi, ts[0]);
1648 vec_foreach(ts, sa->childs[0].tsr)
1650 if (ikev2_ts_cmp(p_tsr, ts))
1652 vec_add1 (tsr, ts[0]);
1663 vec_free (sa->childs[0].tsi);
1664 vec_free (sa->childs[0].tsr);
1665 sa->childs[0].tsi = tsi;
1666 sa->childs[0].tsr = tsr;
1672 ikev2_set_state (sa, IKEV2_STATE_TS_UNACCEPTABLE);
1676 static ikev2_profile_t *
1677 ikev2_select_profile (ikev2_main_t *km, ikev2_sa_t *sa,
1678 ikev2_sa_transform_t *tr_prf, u8 *key_pad)
1680 ikev2_profile_t *ret = 0, *p;
1681 ikev2_id_t *id_rem, *id_loc;
1682 ikev2_auth_t *sa_auth;
1683 u8 *authmsg, *psk = 0, *auth = 0;
1685 authmsg = ikev2_sa_generate_authmsg (sa, sa->is_initiator);
1687 if (sa->is_initiator)
1691 sa_auth = &sa->r_auth;
1697 sa_auth = &sa->i_auth;
1700 pool_foreach (p, km->profiles)
1702 if (!ikev2_match_profile (p, id_loc, id_rem, sa->is_initiator))
1705 if (sa_auth->method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1707 if (!p->auth.data ||
1708 p->auth.method != IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1711 psk = ikev2_calc_prf (tr_prf, p->auth.data, key_pad);
1712 auth = ikev2_calc_prf (tr_prf, psk, authmsg);
1714 if (!clib_memcmp (auth, sa_auth->data, vec_len (sa_auth->data)))
1716 ikev2_set_state (sa, IKEV2_STATE_AUTHENTICATED);
1723 ikev2_elog_uint (IKEV2_LOG_ERROR,
1724 "shared key mismatch! ispi %lx", sa->ispi);
1727 else if (sa_auth->method == IKEV2_AUTH_METHOD_RSA_SIG)
1729 if (p->auth.method != IKEV2_AUTH_METHOD_RSA_SIG)
1732 if (ikev2_verify_sign (p->auth.key, sa_auth->data, authmsg) == 1)
1734 ikev2_set_state (sa, IKEV2_STATE_AUTHENTICATED);
1740 ikev2_elog_uint (IKEV2_LOG_ERROR,
1741 "cert verification failed! ispi %lx", sa->ispi);
1750 ikev2_sa_auth (ikev2_sa_t *sa)
1752 ikev2_main_t *km = &ikev2_main;
1753 ikev2_profile_t *sel_p = 0;
1754 ikev2_sa_transform_t *tr_prf;
1755 u8 *psk, *authmsg, *key_pad;
1758 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1760 /* only shared key and rsa signature */
1761 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1762 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1764 ikev2_elog_uint (IKEV2_LOG_ERROR, "unsupported authentication method %u",
1766 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1770 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1771 sel_p = ikev2_select_profile (km, sa, tr_prf, key_pad);
1775 ASSERT (sa->state == IKEV2_STATE_AUTHENTICATED);
1776 sa->udp_encap = sel_p->udp_encap;
1777 sa->ipsec_over_udp_port = sel_p->ipsec_over_udp_port;
1779 if (!sa->is_initiator)
1781 vec_free (sa->r_id.data);
1782 sa->r_id.data = vec_dup (sel_p->loc_id.data);
1783 sa->r_id.type = sel_p->loc_id.type;
1784 sa->i_id.data = vec_dup (sel_p->rem_id.data);
1785 sa->i_id.type = sel_p->rem_id.type;
1787 /* generate our auth data */
1788 authmsg = ikev2_sa_generate_authmsg (sa, 1);
1789 if (sel_p->auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1791 vec_free (sa->r_auth.data);
1792 psk = ikev2_calc_prf (tr_prf, sel_p->auth.data, key_pad);
1793 sa->r_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1794 sa->r_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1797 else if (sel_p->auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1799 vec_free (sa->r_auth.data);
1800 sa->r_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1801 sa->r_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1805 /* select transforms for 1st child sa */
1806 ikev2_sa_free_proposal_vector (&sa->childs[0].r_proposals);
1807 sa->childs[0].r_proposals =
1808 ikev2_select_proposal (sa->childs[0].i_proposals,
1809 IKEV2_PROTOCOL_ESP);
1811 if (~0 != sel_p->tun_itf)
1813 sa->is_tun_itf_set = 1;
1814 sa->tun_itf = sel_p->tun_itf;
1820 ikev2_elog_uint (IKEV2_LOG_ERROR, "authentication failed, no matching "
1821 "profile found! ispi %lx", sa->ispi);
1822 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1828 ikev2_sa_auth_init (ikev2_sa_t * sa)
1830 ikev2_main_t *km = &ikev2_main;
1831 u8 *authmsg, *key_pad, *psk = 0;
1832 ikev2_sa_transform_t *tr_prf;
1835 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_PRF);
1837 /* only shared key and rsa signature */
1838 if (!(sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC ||
1839 sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG))
1841 ikev2_elog_uint (IKEV2_LOG_ERROR,
1842 "unsupported authentication method %u",
1844 ikev2_set_state (sa, IKEV2_STATE_AUTH_FAILED);
1848 authmsg = ikev2_sa_generate_authmsg (sa, 0);
1850 if (sa->i_auth.method == IKEV2_AUTH_METHOD_SHARED_KEY_MIC)
1852 key_pad = format (0, "%s", IKEV2_KEY_PAD);
1853 psk = ikev2_calc_prf (tr_prf, sa->i_auth.data, key_pad);
1854 vec_free (sa->i_auth.data);
1855 sa->i_auth.data = ikev2_calc_prf (tr_prf, psk, authmsg);
1856 sa->i_auth.method = IKEV2_AUTH_METHOD_SHARED_KEY_MIC;
1860 else if (sa->i_auth.method == IKEV2_AUTH_METHOD_RSA_SIG)
1862 vec_free (sa->i_auth.data);
1863 sa->i_auth.data = ikev2_calc_sign (km->pkey, authmsg);
1864 sa->i_auth.method = IKEV2_AUTH_METHOD_RSA_SIG;
1870 ikev2_mk_local_sa_id (u32 sai, u32 ci, u32 ti)
1872 return (0x80000000 | (ti << 24) | (sai << 12) | ci);
1876 ikev2_mk_remote_sa_id (u32 sai, u32 ci, u32 ti)
1878 return (0xc0000000 | (ti << 24) | (sai << 12) | ci);
1888 ipsec_sa_flags_t flags;
1891 ipsec_crypto_alg_t encr_type;
1892 ipsec_integ_alg_t integ_type;
1893 ip_address_t local_ip;
1894 ip_address_t remote_ip;
1895 ipsec_key_t loc_ckey, rem_ckey, loc_ikey, rem_ikey;
1897 u32 old_remote_sa_id;
1898 u16 ipsec_over_udp_port;
1901 } ikev2_add_ipsec_tunnel_args_t;
1904 ikev2_add_tunnel_from_main (ikev2_add_ipsec_tunnel_args_t * a)
1906 ikev2_main_t *km = &ikev2_main;
1910 .t_flags = TUNNEL_FLAG_NONE,
1911 .t_encap_decap_flags = TUNNEL_ENCAP_DECAP_FLAG_NONE,
1913 .t_mode = TUNNEL_MODE_P2P,
1916 .t_src = a->remote_ip,
1917 .t_dst = a->local_ip,
1919 tunnel_t tun_out = {
1920 .t_flags = TUNNEL_FLAG_NONE,
1921 .t_encap_decap_flags = TUNNEL_ENCAP_DECAP_FLAG_NONE,
1923 .t_mode = TUNNEL_MODE_P2P,
1926 .t_src = a->local_ip,
1927 .t_dst = a->remote_ip,
1930 if (~0 == a->sw_if_index)
1932 /* no tunnel associated with the SA/profile - create a new one */
1933 rv = ipip_add_tunnel (IPIP_TRANSPORT_IP4, ~0, &ip_addr_46 (&a->local_ip),
1934 &ip_addr_46 (&a->remote_ip), 0,
1935 TUNNEL_ENCAP_DECAP_FLAG_NONE, IP_DSCP_CS0,
1936 TUNNEL_MODE_P2P, &sw_if_index);
1938 if (rv == VNET_API_ERROR_IF_ALREADY_EXISTS)
1940 if (hash_get (km->sw_if_indices, sw_if_index))
1941 /* interface is managed by IKE; proceed with updating SAs */
1944 hash_set1 (km->sw_if_indices, sw_if_index);
1948 sw_if_index = a->sw_if_index;
1949 vnet_sw_interface_admin_up (vnet_get_main (), sw_if_index);
1954 ikev2_elog_uint (IKEV2_LOG_ERROR,
1955 "installing ipip tunnel failed! local spi: %x",
1961 vec_add1 (sas_in, a->remote_sa_id);
1964 ipsec_tun_protect_del (sw_if_index, NULL);
1966 /* replace local SA immediately */
1967 ipsec_sa_unlock_id (a->local_sa_id);
1969 /* keep the old sa */
1970 vec_add1 (sas_in, a->old_remote_sa_id);
1973 rv = ipsec_sa_add_and_lock (a->local_sa_id, a->local_spi, IPSEC_PROTOCOL_ESP,
1974 a->encr_type, &a->loc_ckey, a->integ_type,
1975 &a->loc_ikey, a->flags, a->salt_local,
1976 a->src_port, a->dst_port, &tun_out, NULL);
1980 rv = ipsec_sa_add_and_lock (
1981 a->remote_sa_id, a->remote_spi, IPSEC_PROTOCOL_ESP, a->encr_type,
1982 &a->rem_ckey, a->integ_type, &a->rem_ikey,
1983 (a->flags | IPSEC_SA_FLAG_IS_INBOUND), a->salt_remote,
1984 a->ipsec_over_udp_port, a->ipsec_over_udp_port, &tun_in, NULL);
1988 rv = ipsec_tun_protect_update (sw_if_index, NULL, a->local_sa_id, sas_in);
1995 ipsec_sa_unlock_id (a->remote_sa_id);
1997 ipsec_sa_unlock_id (a->local_sa_id);
2003 ikev2_create_tunnel_interface (vlib_main_t * vm,
2005 ikev2_child_sa_t * child, u32 sa_index,
2006 u32 child_index, u8 is_rekey)
2008 u32 thread_index = vlib_get_thread_index ();
2009 ikev2_main_t *km = &ikev2_main;
2010 ipsec_crypto_alg_t encr_type;
2011 ipsec_integ_alg_t integ_type;
2012 ikev2_profile_t *p = 0;
2013 ikev2_sa_transform_t *tr;
2014 ikev2_sa_proposal_t *proposals;
2016 ikev2_add_ipsec_tunnel_args_t a;
2018 clib_memset (&a, 0, sizeof (a));
2020 if (!child->r_proposals)
2022 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2026 if (sa->is_initiator)
2028 ip_address_copy (&a.local_ip, &sa->iaddr);
2029 ip_address_copy (&a.remote_ip, &sa->raddr);
2030 proposals = child->r_proposals;
2031 a.local_spi = child->r_proposals[0].spi;
2032 a.remote_spi = child->i_proposals[0].spi;
2036 ip_address_copy (&a.local_ip, &sa->raddr);
2037 ip_address_copy (&a.remote_ip, &sa->iaddr);
2038 proposals = child->i_proposals;
2039 a.local_spi = child->i_proposals[0].spi;
2040 a.remote_spi = child->r_proposals[0].spi;
2043 a.flags = IPSEC_SA_FLAG_USE_ANTI_REPLAY;
2046 a.flags |= IPSEC_SA_FLAG_IS_TUNNEL;
2047 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
2049 if (ikev2_natt_active (sa))
2050 a.flags |= IPSEC_SA_FLAG_UDP_ENCAP;
2051 a.is_rekey = is_rekey;
2053 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ESN);
2054 if (tr && tr->esn_type)
2055 a.flags |= IPSEC_SA_FLAG_USE_ESN;
2057 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_ENCR);
2060 if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_CBC && tr->key_len)
2062 switch (tr->key_len)
2065 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_128;
2068 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_192;
2071 encr_type = IPSEC_CRYPTO_ALG_AES_CBC_256;
2074 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2079 else if (tr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16
2082 switch (tr->key_len)
2085 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_128;
2088 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_192;
2091 encr_type = IPSEC_CRYPTO_ALG_AES_GCM_256;
2094 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2102 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2108 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2111 a.encr_type = encr_type;
2115 tr = ikev2_sa_get_td_for_type (proposals, IKEV2_TRANSFORM_TYPE_INTEG);
2118 switch (tr->integ_type)
2120 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_256_128:
2121 integ_type = IPSEC_INTEG_ALG_SHA_256_128;
2123 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_384_192:
2124 integ_type = IPSEC_INTEG_ALG_SHA_384_192;
2126 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA2_512_256:
2127 integ_type = IPSEC_INTEG_ALG_SHA_512_256;
2129 case IKEV2_TRANSFORM_INTEG_TYPE_AUTH_HMAC_SHA1_96:
2130 integ_type = IPSEC_INTEG_ALG_SHA1_96;
2133 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2139 ikev2_set_state (sa, IKEV2_STATE_NO_PROPOSAL_CHOSEN);
2145 integ_type = IPSEC_INTEG_ALG_NONE;
2148 a.integ_type = integ_type;
2149 ikev2_calc_child_keys (sa, child);
2151 if (sa->is_initiator)
2153 ipsec_mk_key (&a.loc_ikey, child->sk_ai, vec_len (child->sk_ai));
2154 ipsec_mk_key (&a.rem_ikey, child->sk_ar, vec_len (child->sk_ar));
2155 ipsec_mk_key (&a.loc_ckey, child->sk_ei, vec_len (child->sk_ei));
2156 ipsec_mk_key (&a.rem_ckey, child->sk_er, vec_len (child->sk_er));
2159 a.salt_remote = child->salt_er;
2160 a.salt_local = child->salt_ei;
2162 a.dst_port = a.src_port = sa->ipsec_over_udp_port;
2166 ipsec_mk_key (&a.loc_ikey, child->sk_ar, vec_len (child->sk_ar));
2167 ipsec_mk_key (&a.rem_ikey, child->sk_ai, vec_len (child->sk_ai));
2168 ipsec_mk_key (&a.loc_ckey, child->sk_er, vec_len (child->sk_er));
2169 ipsec_mk_key (&a.rem_ckey, child->sk_ei, vec_len (child->sk_ei));
2172 a.salt_remote = child->salt_ei;
2173 a.salt_local = child->salt_er;
2176 ikev2_natt_active (sa) ? sa->dst_port : sa->ipsec_over_udp_port;
2177 a.src_port = sa->ipsec_over_udp_port;
2180 if (sa->is_initiator && sa->profile_index != ~0)
2181 p = pool_elt_at_index (km->profiles, sa->profile_index);
2183 if (p && p->lifetime)
2185 child->time_to_expiration = vlib_time_now (vm) + p->lifetime;
2186 if (p->lifetime_jitter)
2188 // This is not much better than rand(3), which Coverity warns
2189 // is unsuitable for security applications; random_u32 is
2190 // however fast. If this perturbance to the expiration time
2191 // needs to use a better RNG then we may need to use something
2192 // like /dev/urandom which has significant overhead.
2193 u32 rnd = (u32) (vlib_time_now (vm) * 1e6);
2194 rnd = random_u32 (&rnd);
2196 child->time_to_expiration += 1 + (rnd % p->lifetime_jitter);
2200 if (thread_index & 0xffffffc0)
2201 ikev2_elog_error ("error: thread index exceeds max range 0x3f!");
2203 if (child_index & 0xfffff000 || sa_index & 0xfffff000)
2204 ikev2_elog_error ("error: sa/child index exceeds max range 0xfff!");
2206 child->local_sa_id =
2208 ikev2_mk_local_sa_id (sa_index, child_index, thread_index);
2210 u32 remote_sa_id = ikev2_mk_remote_sa_id (sa_index, child_index,
2215 /* create a new remote SA ID to keep the old SA for a bit longer
2216 * so the peer has some time to swap their SAs */
2218 /* use most significat bit of child index part in id */
2220 if (sa->current_remote_id_mask)
2222 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id | mask;
2223 sa->current_remote_id_mask = 0;
2227 sa->old_remote_id = a.old_remote_sa_id = remote_sa_id;
2228 sa->current_remote_id_mask = mask;
2229 remote_sa_id |= mask;
2231 sa->old_id_expiration = 3.0;
2232 sa->old_remote_id_present = 1;
2235 child->remote_sa_id = a.remote_sa_id = remote_sa_id;
2237 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
2238 a.ipsec_over_udp_port = sa->ipsec_over_udp_port;
2240 vl_api_rpc_call_main_thread (ikev2_add_tunnel_from_main,
2241 (u8 *) & a, sizeof (a));
2247 ip46_address_t local_ip;
2248 ip46_address_t remote_ip;
2252 } ikev2_del_ipsec_tunnel_args_t;
2255 ikev2_flip_alternate_sa_bit (u32 id)
2264 ikev2_del_tunnel_from_main (ikev2_del_ipsec_tunnel_args_t * a)
2266 ikev2_main_t *km = &ikev2_main;
2267 ipip_tunnel_t *ipip = NULL;
2270 if (~0 == a->sw_if_index)
2273 ipip_tunnel_key_t key = {
2275 .dst = a->remote_ip,
2276 .transport = IPIP_TRANSPORT_IP4,
2281 ipip = ipip_tunnel_db_find (&key);
2285 sw_if_index = ipip->sw_if_index;
2286 hash_unset (km->sw_if_indices, ipip->sw_if_index);
2293 sw_if_index = a->sw_if_index;
2294 vnet_sw_interface_admin_down (vnet_get_main (), sw_if_index);
2297 if (~0 != sw_if_index)
2298 ipsec_tun_protect_del (sw_if_index, NULL);
2300 ipsec_sa_unlock_id (a->remote_sa_id);
2301 ipsec_sa_unlock_id (a->local_sa_id);
2302 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (a->remote_sa_id));
2305 ipip_del_tunnel (ipip->sw_if_index);
2309 ikev2_delete_tunnel_interface (vnet_main_t * vnm, ikev2_sa_t * sa,
2310 ikev2_child_sa_t * child)
2312 ikev2_del_ipsec_tunnel_args_t a;
2314 clib_memset (&a, 0, sizeof (a));
2316 if (sa->is_initiator)
2318 ip_address_to_46 (&sa->iaddr, &a.local_ip);
2319 ip_address_to_46 (&sa->raddr, &a.remote_ip);
2323 ip_address_to_46 (&sa->raddr, &a.local_ip);
2324 ip_address_to_46 (&sa->iaddr, &a.remote_ip);
2327 a.remote_sa_id = child->remote_sa_id;
2328 a.local_sa_id = child->local_sa_id;
2329 a.sw_if_index = (sa->is_tun_itf_set ? sa->tun_itf : ~0);
2331 vl_api_rpc_call_main_thread (ikev2_del_tunnel_from_main, (u8 *) & a,
2337 ikev2_generate_message (vlib_buffer_t *b, ikev2_sa_t *sa, ike_header_t *ike,
2338 void *user, udp_header_t *udp, ikev2_stats_t *stats)
2340 ikev2_main_t *km = &ikev2_main;
2341 u16 buffer_data_size = vlib_buffer_get_default_data_size (km->vlib_main);
2343 ike_payload_header_t *ph;
2347 ikev2_sa_transform_t *tr_encr, *tr_integ;
2349 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_ENCR);
2351 ikev2_sa_get_td_for_type (sa->r_proposals, IKEV2_TRANSFORM_TYPE_INTEG);
2353 ikev2_payload_chain_t *chain = 0;
2354 ikev2_payload_new_chain (chain);
2356 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2358 if (sa->r_proposals == 0)
2360 ikev2_payload_add_notify (chain,
2361 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2362 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2364 else if (sa->dh_group == IKEV2_TRANSFORM_DH_TYPE_NONE)
2366 u8 *data = vec_new (u8, 2);
2367 ikev2_sa_transform_t *tr_dh;
2369 ikev2_sa_get_td_for_type (sa->r_proposals,
2370 IKEV2_TRANSFORM_TYPE_DH);
2371 ASSERT (tr_dh && tr_dh->dh_type);
2373 data[0] = (tr_dh->dh_type >> 8) & 0xff;
2374 data[1] = (tr_dh->dh_type) & 0xff;
2376 ikev2_payload_add_notify (chain,
2377 IKEV2_NOTIFY_MSG_INVALID_KE_PAYLOAD,
2380 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2382 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2384 u8 *data = vec_new (u8, 1);
2386 data[0] = sa->unsupported_cp;
2387 ikev2_payload_add_notify (chain,
2388 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2396 ike->rspi = clib_host_to_net_u64 (sa->rspi);
2397 ikev2_payload_add_sa (chain, sa->r_proposals);
2398 ikev2_payload_add_ke (chain, sa->dh_group, sa->r_dh_data);
2399 ikev2_payload_add_nonce (chain, sa->r_nonce);
2401 u8 *nat_detection_sha1 =
2402 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2403 clib_host_to_net_u64 (sa->rspi),
2404 &sa->raddr, udp->dst_port);
2405 ikev2_payload_add_notify (chain,
2406 IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
2407 nat_detection_sha1);
2408 vec_free (nat_detection_sha1);
2409 nat_detection_sha1 =
2410 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
2411 clib_host_to_net_u64 (sa->rspi),
2412 &sa->iaddr, udp->src_port);
2413 ikev2_payload_add_notify (chain,
2414 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
2415 nat_detection_sha1);
2416 vec_free (nat_detection_sha1);
2419 else if (ike->exchange == IKEV2_EXCHANGE_IKE_AUTH)
2421 if (sa->state == IKEV2_STATE_AUTHENTICATED)
2423 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2424 ikev2_payload_add_auth (chain, &sa->r_auth);
2425 ikev2_payload_add_sa (chain, sa->childs[0].r_proposals);
2426 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2427 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2429 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2431 ikev2_payload_add_notify (chain,
2432 IKEV2_NOTIFY_MSG_AUTHENTICATION_FAILED,
2434 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2436 else if (sa->state == IKEV2_STATE_TS_UNACCEPTABLE)
2438 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_TS_UNACCEPTABLE,
2440 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2441 ikev2_payload_add_auth (chain, &sa->r_auth);
2443 else if (sa->state == IKEV2_STATE_NO_PROPOSAL_CHOSEN)
2445 ikev2_payload_add_notify (chain,
2446 IKEV2_NOTIFY_MSG_NO_PROPOSAL_CHOSEN, 0);
2447 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2448 ikev2_payload_add_auth (chain, &sa->r_auth);
2449 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2450 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2452 else if (sa->state == IKEV2_STATE_NOTIFY_AND_DELETE)
2454 u8 *data = vec_new (u8, 1);
2456 data[0] = sa->unsupported_cp;
2457 ikev2_payload_add_notify (chain,
2458 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2462 else if (sa->state == IKEV2_STATE_SA_INIT)
2464 ikev2_payload_add_id (chain, &sa->i_id, IKEV2_PAYLOAD_IDI);
2465 /* IDr is optional when sending INIT from the initiator */
2466 ASSERT (sa->r_id.type != 0 || sa->is_initiator);
2467 if (sa->r_id.type != 0)
2468 ikev2_payload_add_id (chain, &sa->r_id, IKEV2_PAYLOAD_IDR);
2469 ikev2_payload_add_auth (chain, &sa->i_auth);
2470 ikev2_payload_add_sa (chain, sa->childs[0].i_proposals);
2471 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2472 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2473 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_INITIAL_CONTACT,
2478 ikev2_set_state (sa, IKEV2_STATE_DELETED, ": unexpected IKE_AUTH");
2482 else if (ike->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
2484 /* if pending delete */
2487 if (sa->del[0].protocol_id == IKEV2_PROTOCOL_IKE)
2489 if (ike_hdr_is_request (ike))
2490 ikev2_payload_add_delete (chain, sa->del);
2492 /* The response to a request that deletes the IKE SA is an empty
2493 INFORMATIONAL response. */
2494 ikev2_set_state (sa, IKEV2_STATE_NOTIFY_AND_DELETE);
2496 /* The response to a request that deletes ESP or AH SAs will contain
2497 delete payloads for the paired SAs going in the other direction. */
2500 ikev2_payload_add_delete (chain, sa->del);
2505 /* received N(AUTHENTICATION_FAILED) */
2506 else if (sa->state == IKEV2_STATE_AUTH_FAILED)
2508 ikev2_set_state (sa, IKEV2_STATE_DELETED, ": auth failed");
2511 /* received unsupported critical payload */
2512 else if (sa->unsupported_cp)
2514 u8 *data = vec_new (u8, 1);
2516 data[0] = sa->unsupported_cp;
2517 ikev2_payload_add_notify (chain,
2518 IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD,
2521 sa->unsupported_cp = 0;
2524 /* else send empty response */
2526 if (ike_hdr_is_response (ike))
2528 ASSERT (stats != 0);
2529 stats->n_keepalives++;
2530 sa->stats.n_keepalives++;
2534 else if (ike->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
2536 if (sa->is_initiator)
2539 ikev2_sa_proposal_t *proposals = (ikev2_sa_proposal_t *) user;
2540 ikev2_notify_t notify;
2541 u8 *data = vec_new (u8, 4);
2542 clib_memset (¬ify, 0, sizeof (notify));
2543 notify.protocol_id = IKEV2_PROTOCOL_ESP;
2544 notify.spi = sa->childs[0].i_proposals->spi;
2545 *(u32 *) data = clib_host_to_net_u32 (notify.spi);
2547 ikev2_payload_add_sa (chain, proposals);
2548 ikev2_payload_add_nonce (chain, sa->i_nonce);
2549 ikev2_payload_add_ts (chain, sa->childs[0].tsi, IKEV2_PAYLOAD_TSI);
2550 ikev2_payload_add_ts (chain, sa->childs[0].tsr, IKEV2_PAYLOAD_TSR);
2551 ikev2_payload_add_notify_2 (chain, IKEV2_NOTIFY_MSG_REKEY_SA, data,
2556 else if (vec_len (sa->rekey) > 0)
2558 ikev2_payload_add_sa (chain, sa->rekey[0].r_proposal);
2559 ikev2_payload_add_nonce (chain, sa->r_nonce);
2560 ikev2_payload_add_ts (chain, sa->rekey[0].tsi, IKEV2_PAYLOAD_TSI);
2561 ikev2_payload_add_ts (chain, sa->rekey[0].tsr, IKEV2_PAYLOAD_TSR);
2562 vec_del1 (sa->rekey, 0);
2564 else if (vec_len (sa->new_child) > 0)
2566 ikev2_payload_add_sa (chain, sa->new_child[0].r_proposal);
2567 ikev2_payload_add_nonce (chain, sa->r_nonce);
2568 ikev2_payload_add_ts (chain, sa->new_child[0].tsi,
2570 ikev2_payload_add_ts (chain, sa->new_child[0].tsr,
2572 vec_del1 (sa->new_child, 0);
2574 else if (sa->unsupported_cp)
2576 u8 *data = vec_new (u8, 1);
2578 data[0] = sa->unsupported_cp;
2579 ikev2_payload_add_notify (
2580 chain, IKEV2_NOTIFY_MSG_UNSUPPORTED_CRITICAL_PAYLOAD, data);
2582 sa->unsupported_cp = 0;
2586 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NO_ADDITIONAL_SAS,
2592 ike->version = IKE_VERSION_2;
2593 ike->nextpayload = IKEV2_PAYLOAD_SK;
2594 tlen = sizeof (*ike);
2596 if (sa->is_initiator)
2597 ike->flags |= IKEV2_HDR_FLAG_INITIATOR;
2599 if (ike->exchange == IKEV2_EXCHANGE_SA_INIT)
2601 tlen += vec_len (chain->data);
2602 ike->nextpayload = chain->first_payload_type;
2603 ike->length = clib_host_to_net_u32 (tlen);
2605 if (tlen + b->current_length + b->current_data > buffer_data_size)
2611 clib_memcpy_fast (ike->payload, chain->data, vec_len (chain->data));
2613 /* store whole IKE payload - needed for PSK auth */
2614 vec_reset_length (sa->last_sa_init_res_packet_data);
2615 vec_add (sa->last_sa_init_res_packet_data, ike, tlen);
2619 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
2620 ikev2_payload_chain_add_padding (chain, tr_encr->block_size);
2623 plen = sizeof (*ph);
2624 ph = (ike_payload_header_t *) & ike->payload[0];
2625 ph->nextpayload = chain->first_payload_type;
2628 tr_encr->encr_type == IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16;
2629 int iv_len = is_aead ? IKEV2_GCM_IV_SIZE : tr_encr->block_size;
2630 plen += vec_len (chain->data) + iv_len;
2632 /* add space for hmac/tag */
2634 plen += tr_integ->key_trunc;
2636 plen += IKEV2_GCM_ICV_SIZE;
2639 if (tlen + b->current_length + b->current_data > buffer_data_size)
2645 /* payload and total length */
2646 ph->length = clib_host_to_net_u16 (plen);
2647 ike->length = clib_host_to_net_u32 (tlen);
2651 if (!ikev2_encrypt_aead_data (ptd, sa, tr_encr, chain->data,
2652 ph->payload, (u8 *) ike,
2653 sizeof (*ike) + sizeof (*ph),
2654 ph->payload + plen - sizeof (*ph) -
2655 IKEV2_GCM_ICV_SIZE))
2663 if (!ikev2_encrypt_data
2664 (ptd, sa, tr_encr, chain->data, ph->payload))
2670 ikev2_calc_integr (tr_integ,
2671 sa->is_initiator ? sa->sk_ai : sa->sk_ar,
2672 (u8 *) ike, tlen - tr_integ->key_trunc);
2673 clib_memcpy_fast (ike->payload + tlen - tr_integ->key_trunc -
2674 sizeof (*ike), integ, tr_integ->key_trunc);
2677 /* store whole IKE payload - needed for retransmit */
2678 vec_reset_length (sa->last_res_packet_data);
2679 vec_add (sa->last_res_packet_data, ike, tlen);
2683 ikev2_payload_destroy_chain (chain);
2689 ikev2_retransmit_sa_init_one (ikev2_sa_t * sa, ike_header_t * ike,
2690 ip_address_t iaddr, ip_address_t raddr,
2695 u8 payload = ike->nextpayload;
2697 if (sa->ispi != clib_net_to_host_u64 (ike->ispi) ||
2698 ip_address_cmp (&sa->iaddr, &iaddr) ||
2699 ip_address_cmp (&sa->raddr, &raddr))
2704 while (p < rlen && payload != IKEV2_PAYLOAD_NONE)
2706 ike_payload_header_t *ikep = (ike_payload_header_t *) & ike->payload[p];
2707 u32 plen = clib_net_to_host_u16 (ikep->length);
2709 if (plen < sizeof (ike_payload_header_t))
2712 if (payload == IKEV2_PAYLOAD_NONCE &&
2713 !clib_memcmp (sa->i_nonce, ikep->payload, plen - sizeof (*ikep)))
2715 /* req is retransmit */
2716 if (sa->state == IKEV2_STATE_SA_INIT)
2718 sa->stats.n_init_retransmit++;
2719 tmp = (ike_header_t *) sa->last_sa_init_res_packet_data;
2720 u32 slen = clib_net_to_host_u32 (tmp->length);
2721 ike->ispi = tmp->ispi;
2722 ike->rspi = tmp->rspi;
2723 ike->nextpayload = tmp->nextpayload;
2724 ike->version = tmp->version;
2725 ike->exchange = tmp->exchange;
2726 ike->flags = tmp->flags;
2727 ike->msgid = tmp->msgid;
2728 ike->length = tmp->length;
2729 clib_memcpy_fast (ike->payload, tmp->payload,
2730 slen - sizeof (*ike));
2731 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2732 "ispi %lx IKE_SA_INIT retransmit "
2733 "from %d.%d.%d.%d to %d.%d.%d.%d",
2735 ip_addr_v4 (&raddr).as_u32,
2736 ip_addr_v4 (&iaddr).as_u32);
2739 /* else ignore req */
2742 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG,
2743 "ispi %lx IKE_SA_INIT ignore "
2744 "from %d.%d.%d.%d to %d.%d.%d.%d",
2746 ip_addr_v4 (&raddr).as_u32,
2747 ip_addr_v4 (&iaddr).as_u32);
2751 payload = ikep->nextpayload;
2759 ikev2_retransmit_sa_init (ike_header_t * ike, ip_address_t iaddr,
2760 ip_address_t raddr, u32 rlen)
2764 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
2767 pool_foreach (sa, ptd->sas) {
2768 res = ikev2_retransmit_sa_init_one (sa, ike, iaddr, raddr, rlen);
2774 /* req is not retransmit */
2779 ikev2_retransmit_resp (ikev2_sa_t * sa, ike_header_t * ike)
2781 if (ike_hdr_is_response (ike))
2784 u32 msg_id = clib_net_to_host_u32 (ike->msgid);
2787 if (msg_id > sa->last_msg_id || sa->last_msg_id == ~0)
2789 sa->last_msg_id = msg_id;
2793 /* retransmitted req */
2794 if (msg_id == sa->last_msg_id)
2796 sa->stats.n_retransmit++;
2797 ike_header_t *tmp = (ike_header_t *) sa->last_res_packet_data;
2798 u32 slen = clib_net_to_host_u32 (tmp->length);
2799 ike->ispi = tmp->ispi;
2800 ike->rspi = tmp->rspi;
2801 ike->nextpayload = tmp->nextpayload;
2802 ike->version = tmp->version;
2803 ike->exchange = tmp->exchange;
2804 ike->flags = tmp->flags;
2805 ike->msgid = tmp->msgid;
2806 ike->length = tmp->length;
2807 clib_memcpy_fast (ike->payload, tmp->payload, slen - sizeof (*ike));
2808 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE retransmit msgid %d",
2809 msg_id, ip_addr_v4 (&sa->raddr).as_u32,
2810 ip_addr_v4 (&sa->iaddr).as_u32);
2814 /* old req ignore */
2815 ikev2_elog_uint_peers (IKEV2_LOG_DEBUG, "IKE req ignore msgid %d",
2816 msg_id, ip_addr_v4 (&sa->raddr).as_u32,
2817 ip_addr_v4 (&sa->iaddr).as_u32);
2822 ikev2_init_sa (vlib_main_t * vm, ikev2_sa_t * sa)
2824 ikev2_main_t *km = &ikev2_main;
2825 sa->liveness_period_check = vlib_time_now (vm) + km->liveness_period;
2826 sa->profile_index = ~0;
2830 ikev2_del_sa_init_from_main (u64 * ispi)
2832 ikev2_main_t *km = &ikev2_main;
2833 uword *p = hash_get (km->sa_by_ispi, *ispi);
2836 ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]);
2837 hash_unset (km->sa_by_ispi, sai->ispi);
2838 ikev2_sa_free_all_vec (sai);
2839 pool_put (km->sais, sai);
2844 ikev2_del_sa_init (u64 ispi)
2846 vl_api_rpc_call_main_thread (ikev2_del_sa_init_from_main, (u8 *) & ispi,
2851 ikev2_rewrite_v6_addrs (ikev2_sa_t *sa, ip6_header_t *ih)
2853 if (sa->is_initiator)
2855 ip_address_copy_addr (&ih->dst_address, &sa->raddr);
2856 ip_address_copy_addr (&ih->src_address, &sa->iaddr);
2860 ip_address_copy_addr (&ih->dst_address, &sa->iaddr);
2861 ip_address_copy_addr (&ih->src_address, &sa->raddr);
2866 ikev2_rewrite_v4_addrs (ikev2_sa_t *sa, ip4_header_t *ih)
2868 if (sa->is_initiator)
2870 ip_address_copy_addr (&ih->dst_address, &sa->raddr);
2871 ip_address_copy_addr (&ih->src_address, &sa->iaddr);
2875 ip_address_copy_addr (&ih->dst_address, &sa->iaddr);
2876 ip_address_copy_addr (&ih->src_address, &sa->raddr);
2881 ikev2_set_ip_address (ikev2_sa_t *sa, const void *iaddr, const void *raddr,
2882 const ip_address_family_t af)
2884 ip_address_set (&sa->raddr, raddr, af);
2885 ip_address_set (&sa->iaddr, iaddr, af);
2889 ikev2_elog_uint_peers_addr (u32 exchange, ip4_header_t * ip4,
2890 ip6_header_t * ip6, u8 is_ip4)
2895 src = ip4->src_address.as_u32;
2896 dst = ip4->dst_address.as_u32;
2900 src = ip6->src_address.as_u32[3];
2901 dst = ip6->dst_address.as_u32[3];
2903 ikev2_elog_uint_peers (IKEV2_LOG_WARNING, "IKEv2 exchange %d "
2904 "received from %d.%d.%d.%d to %d.%d.%d.%d",
2905 exchange, src, dst);
2909 ikev2_generate_sa_init_data_and_log (ikev2_sa_t * sa)
2911 ikev2_generate_sa_error_t rc = ikev2_generate_sa_init_data (sa);
2913 if (PREDICT_TRUE (rc == IKEV2_GENERATE_SA_INIT_OK))
2916 if (rc == IKEV2_GENERATE_SA_INIT_ERR_NO_DH)
2917 ikev2_elog_error (IKEV2_GENERATE_SA_INIT_OK_ERR_NO_DH_STR);
2918 else if (rc == IKEV2_GENERATE_SA_INIT_ERR_UNSUPPORTED_DH)
2919 ikev2_elog_error (IKEV2_GENERATE_SA_INIT_OK_ERR_UNSUPP_STR);
2923 ikev2_update_stats (vlib_main_t *vm, u32 node_index, ikev2_stats_t *s)
2925 vlib_node_increment_counter (vm, node_index, IKEV2_ERROR_KEEPALIVE,
2927 vlib_node_increment_counter (vm, node_index, IKEV2_ERROR_REKEY_REQ,
2929 vlib_node_increment_counter (vm, node_index, IKEV2_ERROR_INIT_SA_REQ,
2931 vlib_node_increment_counter (vm, node_index, IKEV2_ERROR_IKE_AUTH_REQ,
2936 ikev2_node_internal (vlib_main_t *vm, vlib_node_runtime_t *node,
2937 vlib_frame_t *frame, u8 is_ip4, u8 natt)
2939 u32 n_left = frame->n_vectors, *from;
2940 ikev2_main_t *km = &ikev2_main;
2941 vlib_buffer_t *bufs[VLIB_FRAME_SIZE], **b;
2942 u16 nexts[VLIB_FRAME_SIZE], *next = nexts;
2943 ikev2_main_per_thread_data_t *ptd = ikev2_get_per_thread_data ();
2944 ikev2_stats_t _stats, *stats = &_stats;
2947 /* no NAT traversal for ip6 */
2948 ASSERT (!natt || is_ip4);
2950 clib_memset_u16 (stats, 0, sizeof (stats[0]) / sizeof (u16));
2951 from = vlib_frame_vector_args (frame);
2952 vlib_get_buffers (vm, from, bufs, n_left);
2957 vlib_buffer_t *b0 = b[0];
2958 next[0] = is_ip4 ? IKEV2_NEXT_IP4_ERROR_DROP
2959 : IKEV2_NEXT_IP6_ERROR_DROP;
2960 ip4_header_t *ip40 = 0;
2961 ip6_header_t *ip60 = 0;
2964 ikev2_sa_t *sa0 = 0;
2965 ikev2_sa_t sa; /* temporary store for SA */
2972 u8 *ptr = vlib_buffer_get_current (b0);
2973 ip40 = (ip4_header_t *) ptr;
2974 ptr += sizeof (*ip40);
2975 udp0 = (udp_header_t *) ptr;
2976 ptr += sizeof (*udp0);
2977 ike0 = (ike_header_t *) ptr;
2978 ip_hdr_sz = sizeof (*ip40);
2982 u8 *ipx_hdr = b0->data + vnet_buffer (b0)->l3_hdr_offset;
2983 ike0 = vlib_buffer_get_current (b0);
2984 vlib_buffer_advance (b0, -sizeof (*udp0));
2985 udp0 = vlib_buffer_get_current (b0);
2989 ip40 = (ip4_header_t *) ipx_hdr;
2990 ip_hdr_sz = sizeof (*ip40);
2994 ip60 = (ip6_header_t *) ipx_hdr;
2995 ip_hdr_sz = sizeof (*ip60);
2997 vlib_buffer_advance (b0, -ip_hdr_sz);
3000 rlen = b0->current_length - ip_hdr_sz - sizeof (*udp0);
3002 /* check for non-esp marker */
3005 ASSERT (*((u32 *) ike0) == 0);
3007 (ike_header_t *) ((u8 *) ike0 + sizeof (ikev2_non_esp_marker));
3008 rlen -= sizeof (ikev2_non_esp_marker);
3011 if (clib_net_to_host_u32 (ike0->length) != rlen)
3013 vlib_node_increment_counter (vm, node->node_index,
3014 IKEV2_ERROR_BAD_LENGTH, 1);
3018 if (ike0->version != IKE_VERSION_2)
3020 vlib_node_increment_counter (vm, node->node_index,
3021 IKEV2_ERROR_NOT_IKEV2, 1);
3025 if (ike0->exchange == IKEV2_EXCHANGE_SA_INIT)
3028 clib_memset (sa0, 0, sizeof (*sa0));
3030 if (ike_hdr_is_initiator (ike0))
3032 sa0->stats.n_sa_init_req++;
3033 stats->n_sa_init_req++;
3034 if (ike0->rspi == 0)
3037 ikev2_set_ip_address (sa0, &ip40->src_address,
3038 &ip40->dst_address, AF_IP4);
3040 ikev2_set_ip_address (sa0, &ip60->src_address,
3041 &ip60->dst_address, AF_IP6);
3043 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
3046 ikev2_retransmit_sa_init (ike0, sa0->iaddr,
3050 vlib_node_increment_counter (vm, node->node_index,
3053 IKEV2_ERROR_IKE_SA_INIT_IGNORE
3055 IKEV2_ERROR_IKE_SA_INIT_RETRANSMIT,
3060 res = ikev2_process_sa_init_req (
3061 vm, sa0, ike0, udp0, rlen,
3062 vnet_buffer (b0)->sw_if_index[VLIB_RX]);
3064 vlib_node_increment_counter (vm, node->node_index,
3065 IKEV2_ERROR_MALFORMED_PACKET,
3068 if (sa0->state == IKEV2_STATE_SA_INIT)
3070 ikev2_sa_free_proposal_vector (&sa0->r_proposals);
3072 ikev2_select_proposal (sa0->i_proposals,
3073 IKEV2_PROTOCOL_IKE);
3074 ikev2_generate_sa_init_data_and_log (sa0);
3077 if (sa0->state == IKEV2_STATE_SA_INIT
3078 || sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE)
3080 ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
3082 ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats);
3084 vlib_node_increment_counter (vm, node->node_index,
3085 IKEV2_ERROR_NO_BUFF_SPACE,
3089 if (sa0->state == IKEV2_STATE_SA_INIT)
3091 /* add SA to the pool */
3092 pool_get (ptd->sas, sa0);
3093 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
3094 ikev2_init_sa (vm, sa0);
3095 hash_set (ptd->sa_by_rspi, sa0->rspi, sa0 - ptd->sas);
3099 ikev2_sa_free_all_vec (sa0);
3103 else //received sa_init without initiator flag
3106 ikev2_set_ip_address (sa0, &ip40->dst_address,
3107 &ip40->src_address, AF_IP4);
3109 ikev2_set_ip_address (sa0, &ip60->dst_address,
3110 &ip60->src_address, AF_IP6);
3112 ikev2_process_sa_init_resp (vm, sa0, ike0, udp0, rlen);
3114 if (sa0->state == IKEV2_STATE_SA_INIT)
3117 ike0->exchange = IKEV2_EXCHANGE_IKE_AUTH;
3118 uword *p = hash_get (km->sa_by_ispi, sa0->ispi);
3121 ikev2_sa_t *sai = pool_elt_at_index (km->sais, p[0]);
3123 if (clib_atomic_bool_cmp_and_swap
3124 (&sai->init_response_received, 0, 1))
3126 ikev2_complete_sa_data (sa0, sai);
3127 ikev2_calc_keys (sa0);
3128 ikev2_sa_auth_init (sa0);
3129 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
3131 clib_net_to_host_u32 (sai->last_init_msg_id);
3132 sa0->last_init_msg_id = sai->last_init_msg_id + 1;
3133 slen = ikev2_generate_message (b0, sa0, ike0, 0,
3136 vlib_node_increment_counter (vm,
3138 IKEV2_ERROR_NO_BUFF_SPACE,
3143 /* we've already processed sa-init response */
3144 sa0->state = IKEV2_STATE_UNKNOWN;
3149 if (sa0->state == IKEV2_STATE_SA_INIT)
3151 /* add SA to the pool */
3152 pool_get (ptd->sas, sa0);
3153 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
3154 hash_set (ptd->sa_by_rspi, sa0->rspi, sa0 - ptd->sas);
3158 ikev2_sa_free_all_vec (sa0);
3162 else if (ike0->exchange == IKEV2_EXCHANGE_IKE_AUTH)
3165 p = hash_get (ptd->sa_by_rspi, clib_net_to_host_u64 (ike0->rspi));
3168 sa0 = pool_elt_at_index (ptd->sas, p[0]);
3169 slen = ikev2_retransmit_resp (sa0, ike0);
3172 vlib_node_increment_counter (vm, node->node_index,
3175 IKEV2_ERROR_IKE_REQ_IGNORE
3177 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
3182 sa0->dst_port = clib_net_to_host_u16 (udp0->src_port);
3183 res = ikev2_process_auth_req (vm, sa0, ike0, rlen);
3185 ikev2_sa_auth (sa0);
3187 vlib_node_increment_counter (vm, node->node_index,
3188 IKEV2_ERROR_MALFORMED_PACKET, 1);
3189 if (sa0->state == IKEV2_STATE_AUTHENTICATED)
3191 ikev2_initial_contact_cleanup (ptd, sa0);
3192 ikev2_sa_match_ts (sa0);
3193 if (sa0->state != IKEV2_STATE_TS_UNACCEPTABLE)
3194 ikev2_create_tunnel_interface (vm, sa0,
3199 if (sa0->is_initiator)
3201 sa0->last_msg_id = ~0;
3202 ikev2_del_sa_init (sa0->ispi);
3206 sa0->stats.n_sa_auth_req++;
3207 stats->n_sa_auth_req++;
3208 ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
3210 ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats);
3212 vlib_node_increment_counter (vm, node->node_index,
3213 IKEV2_ERROR_NO_BUFF_SPACE,
3218 else if (ike0->exchange == IKEV2_EXCHANGE_INFORMATIONAL)
3221 p = hash_get (ptd->sa_by_rspi, clib_net_to_host_u64 (ike0->rspi));
3224 sa0 = pool_elt_at_index (ptd->sas, p[0]);
3225 slen = ikev2_retransmit_resp (sa0, ike0);
3228 vlib_node_increment_counter (vm, node->node_index,
3231 IKEV2_ERROR_IKE_REQ_IGNORE
3233 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
3238 res = ikev2_process_informational_req (vm, sa0, ike0, rlen);
3241 vlib_node_increment_counter (vm, node->node_index,
3242 IKEV2_ERROR_MALFORMED_PACKET,
3250 if (sa0->del[0].protocol_id != IKEV2_PROTOCOL_IKE)
3252 ikev2_delete_t *d, *tmp, *resp = 0;
3253 vec_foreach (d, sa0->del)
3255 ikev2_child_sa_t *ch_sa;
3256 ch_sa = ikev2_sa_get_child (sa0, d->spi,
3258 !sa0->is_initiator);
3261 ikev2_delete_tunnel_interface (km->vnet_main,
3263 if (!sa0->is_initiator)
3265 vec_add2 (resp, tmp, 1);
3266 tmp->protocol_id = d->protocol_id;
3267 tmp->spi = ch_sa->r_proposals[0].spi;
3269 ikev2_sa_del_child_sa (sa0, ch_sa);
3272 if (!sa0->is_initiator)
3274 vec_free (sa0->del);
3279 if (ike_hdr_is_request (ike0))
3281 ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
3283 ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats);
3285 vlib_node_increment_counter (vm, node->node_index,
3286 IKEV2_ERROR_NO_BUFF_SPACE,
3291 else if (ike0->exchange == IKEV2_EXCHANGE_CREATE_CHILD_SA)
3294 p = hash_get (ptd->sa_by_rspi, clib_net_to_host_u64 (ike0->rspi));
3297 sa0 = pool_elt_at_index (ptd->sas, p[0]);
3298 slen = ikev2_retransmit_resp (sa0, ike0);
3301 vlib_node_increment_counter (vm, node->node_index,
3304 IKEV2_ERROR_IKE_REQ_IGNORE
3306 IKEV2_ERROR_IKE_REQ_RETRANSMIT,
3311 res = ikev2_process_create_child_sa_req (vm, sa0, ike0, rlen);
3314 vlib_node_increment_counter (vm, node->node_index,
3315 IKEV2_ERROR_MALFORMED_PACKET,
3323 if (sa0->rekey[0].protocol_id != IKEV2_PROTOCOL_IKE)
3326 ikev2_sa_free_all_child_sa (&sa0->childs);
3327 ikev2_child_sa_t *child;
3328 vec_add2 (sa0->childs, child, 1);
3329 clib_memset (child, 0, sizeof (*child));
3330 child->r_proposals = sa0->rekey[0].r_proposal;
3331 child->i_proposals = sa0->rekey[0].i_proposal;
3332 child->tsi = sa0->rekey[0].tsi;
3333 child->tsr = sa0->rekey[0].tsr;
3334 ikev2_create_tunnel_interface (vm, sa0, child, p[0],
3335 child - sa0->childs, 1);
3337 if (ike_hdr_is_response (ike0))
3339 vec_free (sa0->rekey);
3343 stats->n_rekey_req++;
3344 sa0->stats.n_rekey_req++;
3345 ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
3347 ikev2_generate_message (b0, sa0, ike0, 0, udp0, stats);
3349 vlib_node_increment_counter (vm, node->node_index,
3350 IKEV2_ERROR_NO_BUFF_SPACE,
3354 else if (sa0->new_child)
3356 ikev2_child_sa_t *c;
3357 vec_add2 (sa0->childs, c, 1);
3358 memset (c, 0, sizeof (*c));
3359 c->r_proposals = sa0->new_child[0].r_proposal;
3360 c->i_proposals = sa0->new_child[0].i_proposal;
3361 c->tsi = sa0->new_child[0].tsi;
3362 c->tsr = sa0->new_child[0].tsr;
3363 ikev2_create_tunnel_interface (vm, sa0, c, p[0],
3364 c - sa0->childs, 0);
3365 if (ike_hdr_is_request (ike0))
3367 ike0->flags = IKEV2_HDR_FLAG_RESPONSE;
3369 ikev2_generate_message (b0, sa0, ike0, 0, udp0, 0);
3371 vlib_node_increment_counter (
3372 vm, node->node_index, IKEV2_ERROR_NO_BUFF_SPACE, 1);
3379 ikev2_elog_uint_peers_addr (ike0->exchange, ip40, ip60, is_ip4);
3383 /* if we are sending packet back, rewrite headers */
3384 if (slen && ~0 != slen)
3388 next[0] = IKEV2_NEXT_IP4_LOOKUP;
3389 ikev2_rewrite_v4_addrs (sa0, ip40);
3393 next[0] = IKEV2_NEXT_IP6_LOOKUP;
3394 ikev2_rewrite_v6_addrs (sa0, ip60);
3399 udp0->dst_port = udp0->src_port =
3400 clib_net_to_host_u16 (ikev2_get_port (sa0));
3402 if (udp0->dst_port == clib_net_to_host_u16 (IKEV2_PORT_NATT)
3403 && ikev2_natt_active (sa0))
3406 slen = ikev2_insert_non_esp_marker (ike0, slen);
3412 slen += sizeof (ikev2_non_esp_marker);
3414 u16 tp = udp0->dst_port;
3415 udp0->dst_port = udp0->src_port;
3416 udp0->src_port = tp;
3419 udp0->length = clib_host_to_net_u16 (slen + sizeof (udp_header_t));
3421 b0->current_length = slen + ip_hdr_sz + sizeof (udp_header_t);
3424 ip40->length = clib_host_to_net_u16 (b0->current_length);
3425 ip40->checksum = ip4_header_checksum (ip40);
3429 ip60->payload_length =
3430 clib_host_to_net_u16 (b0->current_length - sizeof (*ip60));
3434 if (sa0 && (sa0->state == IKEV2_STATE_DELETED ||
3435 sa0->state == IKEV2_STATE_NOTIFY_AND_DELETE))
3437 ikev2_child_sa_t *c;
3439 vec_foreach (c, sa0->childs)
3440 ikev2_delete_tunnel_interface (km->vnet_main, sa0, c);
3442 ikev2_delete_sa (ptd, sa0);
3444 if (PREDICT_FALSE ((node->flags & VLIB_NODE_FLAG_TRACE)
3445 && (b0->flags & VLIB_BUFFER_IS_TRACED)))
3448 ikev2_trace_t *t = vlib_add_trace (vm, node, b0, sizeof (*t));
3449 t->sw_if_index = vnet_buffer (b0)->sw_if_index[VLIB_RX];
3450 t->next_index = next[0];
3457 ikev2_update_stats (vm, node->node_index, stats);
3458 vlib_node_increment_counter (vm, node->node_index,
3459 IKEV2_ERROR_PROCESSED, frame->n_vectors);
3460 vlib_buffer_enqueue_to_next (vm, node, from, nexts, frame->n_vectors);
3461 return frame->n_vectors;
3465 ikev2_ip4 (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
3467 return ikev2_node_internal (vm, node, frame, 1 /* is_ip4 */, 0);
3471 ikev2_ip4_natt (vlib_main_t *vm, vlib_node_runtime_t *node,
3472 vlib_frame_t *frame)
3474 return ikev2_node_internal (vm, node, frame, 1 /* is_ip4 */, 1 /* natt */);
3478 ikev2_ip6 (vlib_main_t * vm, vlib_node_runtime_t * node, vlib_frame_t * frame)
3480 return ikev2_node_internal (vm, node, frame, 0 /* is_ip4 */, 0);
3484 VLIB_REGISTER_NODE (ikev2_node_ip4,static) = {
3485 .function = ikev2_ip4,
3486 .name = "ikev2-ip4",
3487 .vector_size = sizeof (u32),
3488 .format_trace = format_ikev2_trace,
3489 .type = VLIB_NODE_TYPE_INTERNAL,
3491 .n_errors = IKEV2_N_ERROR,
3492 .error_counters = ikev2_error_counters,
3494 .n_next_nodes = IKEV2_IP4_N_NEXT,
3496 [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
3497 [IKEV2_NEXT_IP4_ERROR_DROP] = "error-drop",
3501 VLIB_REGISTER_NODE (ikev2_node_ip4_natt,static) = {
3502 .function = ikev2_ip4_natt,
3503 .name = "ikev2-ip4-natt",
3504 .vector_size = sizeof (u32),
3505 .format_trace = format_ikev2_trace,
3506 .type = VLIB_NODE_TYPE_INTERNAL,
3508 .n_errors = IKEV2_N_ERROR,
3509 .error_counters = ikev2_error_counters,
3511 .n_next_nodes = IKEV2_IP4_N_NEXT,
3513 [IKEV2_NEXT_IP4_LOOKUP] = "ip4-lookup",
3514 [IKEV2_NEXT_IP4_ERROR_DROP] = "error-drop",
3518 VLIB_REGISTER_NODE (ikev2_node_ip6,static) = {
3519 .function = ikev2_ip6,
3520 .name = "ikev2-ip6",
3521 .vector_size = sizeof (u32),
3522 .format_trace = format_ikev2_trace,
3523 .type = VLIB_NODE_TYPE_INTERNAL,
3525 .n_errors = IKEV2_N_ERROR,
3526 .error_counters = ikev2_error_counters,
3528 .n_next_nodes = IKEV2_IP6_N_NEXT,
3530 [IKEV2_NEXT_IP6_LOOKUP] = "ip6-lookup",
3531 [IKEV2_NEXT_IP6_ERROR_DROP] = "error-drop",
3536 // set ikev2 proposals when vpp is used as initiator
3537 static clib_error_t *
3538 ikev2_set_initiator_proposals (vlib_main_t * vm, ikev2_sa_t * sa,
3539 ikev2_transforms_set * ts,
3540 ikev2_sa_proposal_t ** proposals, int is_ike)
3543 ikev2_main_t *km = &ikev2_main;
3544 ikev2_sa_proposal_t *proposal;
3545 vec_add2 (*proposals, proposal, 1);
3546 ikev2_sa_transform_t *td;
3551 vec_foreach (td, km->supported_transforms)
3553 if (td->type == IKEV2_TRANSFORM_TYPE_ENCR
3554 && td->encr_type == ts->crypto_alg
3555 && td->key_len == ts->crypto_key_size / 8)
3558 attr[0] = clib_host_to_net_u16 (14 | (1 << 15));
3559 attr[1] = clib_host_to_net_u16 (td->key_len << 3);
3560 vec_add (td->attrs, (u8 *) attr, 4);
3561 vec_add1 (proposal->transforms, *td);
3570 r = clib_error_return (0, "Unsupported algorithm");
3574 if (IKEV2_TRANSFORM_INTEG_TYPE_NONE != ts->integ_alg)
3578 vec_foreach (td, km->supported_transforms)
3580 if (td->type == IKEV2_TRANSFORM_TYPE_INTEG
3581 && td->integ_type == ts->integ_alg)
3583 vec_add1 (proposal->transforms, *td);
3591 ("Didn't find any supported algorithm for IKEV2_TRANSFORM_TYPE_INTEG");
3592 r = clib_error_return (0, "Unsupported algorithm");
3601 vec_foreach (td, km->supported_transforms)
3603 if (td->type == IKEV2_TRANSFORM_TYPE_PRF
3604 && td->prf_type == IKEV2_TRANSFORM_PRF_TYPE_PRF_HMAC_SHA2_256)
3606 vec_add1 (proposal->transforms, *td);
3613 r = clib_error_return (0, "Unsupported algorithm");
3622 vec_foreach (td, km->supported_transforms)
3624 if (td->type == IKEV2_TRANSFORM_TYPE_DH && td->dh_type == ts->dh_type)
3626 vec_add1 (proposal->transforms, *td);
3629 sa->dh_group = td->dh_type;
3637 r = clib_error_return (0, "Unsupported algorithm");
3645 vec_foreach (td, km->supported_transforms)
3647 if (td->type == IKEV2_TRANSFORM_TYPE_ESN)
3649 vec_add1 (proposal->transforms, *td);
3655 r = clib_error_return (0, "Unsupported algorithm");
3664 static ikev2_profile_t *
3665 ikev2_profile_index_by_name (u8 * name)
3667 ikev2_main_t *km = &ikev2_main;
3670 p = mhash_get (&km->profile_index_by_name, name);
3674 return pool_elt_at_index (km->profiles, p[0]);
3679 ikev2_send_ike (vlib_main_t * vm, ip_address_t * src, ip_address_t * dst,
3680 u32 bi0, u32 len, u16 src_port, u16 dst_port, u32 sw_if_index)
3689 b0 = vlib_get_buffer (vm, bi0);
3690 vlib_buffer_advance (b0, -sizeof (udp_header_t));
3691 udp0 = vlib_buffer_get_current (b0);
3692 udp0->dst_port = clib_host_to_net_u16 (dst_port);
3693 udp0->src_port = clib_host_to_net_u16 (src_port);
3694 udp0->length = clib_host_to_net_u16 (len + sizeof (udp_header_t));
3697 if (ip_addr_version (dst) == AF_IP4)
3699 vlib_buffer_advance (b0, -sizeof (ip4_header_t));
3700 ip40 = vlib_buffer_get_current (b0);
3701 ip40->ip_version_and_header_length = 0x45;
3703 ip40->fragment_id = 0;
3704 ip40->flags_and_fragment_offset = 0;
3706 ip40->protocol = IP_PROTOCOL_UDP;
3707 ip40->dst_address.as_u32 = ip_addr_v4 (dst).as_u32;
3708 ip40->src_address.as_u32 = ip_addr_v4 (src).as_u32;
3709 b0->current_length =
3710 len + sizeof (ip4_header_t) + sizeof (udp_header_t);
3711 ip40->length = clib_host_to_net_u16 (b0->current_length);
3712 ip40->checksum = ip4_header_checksum (ip40);
3716 vlib_buffer_advance (b0, -sizeof (ip6_header_t));
3717 ip60 = vlib_buffer_get_current (b0);
3719 b0->current_length = len + sizeof (*ip60) + sizeof (udp_header_t);
3720 ip60->ip_version_traffic_class_and_flow_label =
3721 clib_host_to_net_u32 (0x6 << 28);
3722 ip60->payload_length =
3723 clib_host_to_net_u16 (b0->current_length - sizeof (*ip60));
3724 ip60->protocol = IP_PROTOCOL_UDP;
3725 ip60->hop_limit = 0xff;
3726 clib_memcpy_fast (ip60->src_address.as_u8, ip_addr_v6 (src).as_u8,
3727 sizeof (ip60->src_address));
3728 clib_memcpy_fast (ip60->dst_address.as_u8, ip_addr_v6 (dst).as_u8,
3729 sizeof (ip60->src_address));
3732 b0->flags |= VNET_BUFFER_F_LOCALLY_ORIGINATED;
3733 vnet_buffer (b0)->sw_if_index[VLIB_RX] = sw_if_index;
3734 vnet_buffer (b0)->sw_if_index[VLIB_TX] = ~0;
3736 u32 next_index = (ip_addr_version (dst) == AF_IP4) ?
3737 ip4_lookup_node.index : ip6_lookup_node.index;
3739 /* send the request */
3740 f = vlib_get_frame_to_node (vm, next_index);
3741 to_next = vlib_frame_vector_args (f);
3744 vlib_put_frame_to_node (vm, next_index, f);
3749 ikev2_get_new_ike_header_buff (vlib_main_t * vm, vlib_buffer_t ** b)
3752 if (vlib_buffer_alloc (vm, &bi0, 1) != 1)
3757 *b = vlib_get_buffer (vm, bi0);
3762 ikev2_set_local_key (vlib_main_t * vm, u8 * file)
3764 ikev2_main_t *km = &ikev2_main;
3767 EVP_PKEY_free (km->pkey);
3768 km->pkey = ikev2_load_key_file (file);
3769 if (km->pkey == NULL)
3770 return clib_error_return (0, "load key '%s' failed", file);
3775 static vnet_api_error_t
3776 ikev2_register_udp_port (ikev2_profile_t *p, u16 port)
3778 ipsec_register_udp_port (port);
3779 p->ipsec_over_udp_port = port;
3784 ikev2_unregister_udp_port (ikev2_profile_t *p)
3786 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
3789 ipsec_unregister_udp_port (p->ipsec_over_udp_port);
3790 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3794 ikev2_initiate_delete_ike_sa_internal (vlib_main_t * vm,
3795 ikev2_main_per_thread_data_t * tkm,
3796 ikev2_sa_t * sa, u8 send_notification)
3798 ikev2_main_t *km = &ikev2_main;
3799 ip_address_t *src, *dst;
3801 ikev2_child_sa_t *c;
3803 /* Create the Initiator notification for IKE SA removal */
3808 vec_resize (sa->del, 1);
3809 sa->del->protocol_id = IKEV2_PROTOCOL_IKE;
3810 sa->del->spi = sa->ispi;
3812 if (send_notification)
3814 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
3817 ikev2_log_error ("buffer alloc failure");
3821 ike0 = vlib_buffer_get_current (b0);
3822 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
3823 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
3824 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
3826 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id);
3827 sa->last_init_msg_id += 1;
3828 len = ikev2_generate_message (b0, sa, ike0, 0, 0, 0);
3832 if (ikev2_natt_active (sa))
3833 len = ikev2_insert_non_esp_marker (ike0, len);
3835 if (sa->is_initiator)
3846 ikev2_send_ike (vm, src, dst, bi0, len,
3847 ikev2_get_port (sa), sa->dst_port, 0);
3851 /* delete local SA */
3852 vec_foreach (c, sa->childs)
3853 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
3855 u64 rspi = sa->rspi;
3856 ikev2_sa_free_all_vec (sa);
3857 uword *p = hash_get (tkm->sa_by_rspi, rspi);
3860 hash_unset (tkm->sa_by_rspi, rspi);
3861 pool_put (tkm->sas, sa);
3866 ikev2_cleanup_profile_sessions (ikev2_main_t * km, ikev2_profile_t * p)
3868 ikev2_main_per_thread_data_t *tkm;
3870 u32 pi = p - km->profiles;
3875 pool_foreach (sa, km->sais) {
3876 if (pi == sa->profile_index)
3877 vec_add1 (del_sai, sa - km->sais);
3881 vec_foreach (sai, del_sai)
3883 sa = pool_elt_at_index (km->sais, sai[0]);
3884 ikev2_sa_free_all_vec (sa);
3885 hash_unset (km->sa_by_ispi, sa->ispi);
3886 pool_put (km->sais, sa);
3888 vec_reset_length (del_sai);
3890 vec_foreach (tkm, km->per_thread_data)
3893 pool_foreach (sa, tkm->sas) {
3894 if (sa->profile_index != ~0 && pi == sa->profile_index)
3895 vec_add1 (del_sai, sa - tkm->sas);
3899 vec_foreach (sai, del_sai)
3901 sa = pool_elt_at_index (tkm->sas, sai[0]);
3902 ikev2_initiate_delete_ike_sa_internal (km->vlib_main, tkm, sa, 1);
3905 vec_reset_length (del_sai);
3912 ikev2_profile_responder_free (ikev2_responder_t *r)
3914 vec_free (r->hostname);
3918 ikev2_profile_free (ikev2_profile_t * p)
3922 vec_free (p->auth.data);
3924 EVP_PKEY_free (p->auth.key);
3926 ikev2_profile_responder_free (&p->responder);
3928 vec_free (p->loc_id.data);
3929 vec_free (p->rem_id.data);
3933 ikev2_bind (vlib_main_t *vm, ikev2_main_t *km)
3935 if (0 == km->bind_refcount)
3937 udp_register_dst_port (vm, IKEV2_PORT, ikev2_node_ip4.index, 1);
3938 udp_register_dst_port (vm, IKEV2_PORT, ikev2_node_ip6.index, 0);
3939 udp_register_dst_port (vm, IKEV2_PORT_NATT, ikev2_node_ip4.index, 1);
3940 udp_register_dst_port (vm, IKEV2_PORT_NATT, ikev2_node_ip6.index, 0);
3942 vlib_punt_register (km->punt_hdl,
3943 ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0],
3947 km->bind_refcount++;
3951 ikev2_unbind (vlib_main_t *vm, ikev2_main_t *km)
3953 km->bind_refcount--;
3954 if (0 == km->bind_refcount)
3956 vlib_punt_unregister (km->punt_hdl,
3957 ipsec_punt_reason[IPSEC_PUNT_IP4_SPI_UDP_0],
3960 udp_unregister_dst_port (vm, IKEV2_PORT_NATT, 0);
3961 udp_unregister_dst_port (vm, IKEV2_PORT_NATT, 1);
3962 udp_unregister_dst_port (vm, IKEV2_PORT, 0);
3963 udp_unregister_dst_port (vm, IKEV2_PORT, 1);
3967 static void ikev2_lazy_init (ikev2_main_t *km);
3970 ikev2_add_del_profile (vlib_main_t * vm, u8 * name, int is_add)
3972 ikev2_main_t *km = &ikev2_main;
3975 ikev2_lazy_init (km);
3979 if (ikev2_profile_index_by_name (name))
3980 return clib_error_return (0, "policy %v already exists", name);
3982 pool_get (km->profiles, p);
3983 clib_memset (p, 0, sizeof (*p));
3984 p->name = vec_dup (name);
3985 p->ipsec_over_udp_port = IPSEC_UDP_PORT_NONE;
3986 p->responder.sw_if_index = ~0;
3988 uword index = p - km->profiles;
3989 mhash_set_mem (&km->profile_index_by_name, name, &index, 0);
3991 ikev2_bind (vm, km);
3995 p = ikev2_profile_index_by_name (name);
3997 return clib_error_return (0, "policy %v does not exists", name);
3999 ikev2_unbind (vm, km);
4001 ikev2_unregister_udp_port (p);
4002 ikev2_cleanup_profile_sessions (km, p);
4004 ikev2_profile_free (p);
4005 pool_put (km->profiles, p);
4006 mhash_unset (&km->profile_index_by_name, name, 0);
4012 ikev2_set_profile_auth (vlib_main_t * vm, u8 * name, u8 auth_method,
4013 u8 * auth_data, u8 data_hex_format)
4018 p = ikev2_profile_index_by_name (name);
4022 r = clib_error_return (0, "unknown profile %v", name);
4027 EVP_PKEY_free (p->auth.key);
4028 vec_free (p->auth.data);
4030 p->auth.method = auth_method;
4031 p->auth.data = vec_dup (auth_data);
4032 p->auth.hex = data_hex_format;
4034 if (auth_method == IKEV2_AUTH_METHOD_RSA_SIG)
4036 vec_add1 (p->auth.data, 0);
4037 p->auth.key = ikev2_load_cert_file (p->auth.data);
4038 if (p->auth.key == NULL)
4039 return clib_error_return (0, "load cert '%s' failed", p->auth.data);
4046 ikev2_is_id_supported (u8 id_type)
4048 return (id_type == IKEV2_ID_TYPE_ID_IPV4_ADDR ||
4049 id_type == IKEV2_ID_TYPE_ID_IPV6_ADDR ||
4050 id_type == IKEV2_ID_TYPE_ID_RFC822_ADDR ||
4051 id_type == IKEV2_ID_TYPE_ID_FQDN);
4055 ikev2_set_profile_id (vlib_main_t * vm, u8 * name, u8 id_type, u8 * data,
4061 if (!ikev2_is_id_supported (id_type))
4063 r = clib_error_return (0, "unsupported identity type %U",
4064 format_ikev2_id_type, id_type);
4068 p = ikev2_profile_index_by_name (name);
4072 r = clib_error_return (0, "unknown profile %v", name);
4078 vec_free (p->loc_id.data);
4079 p->loc_id.type = id_type;
4080 p->loc_id.data = vec_dup (data);
4084 vec_free (p->rem_id.data);
4085 p->rem_id.type = id_type;
4086 p->rem_id.data = vec_dup (data);
4093 ikev2_set_ts_type (ikev2_ts_t *ts, const ip_address_t *addr)
4095 if (ip_addr_version (addr) == AF_IP4)
4096 ts->ts_type = TS_IPV4_ADDR_RANGE;
4098 ts->ts_type = TS_IPV6_ADDR_RANGE;
4102 ikev2_set_ts_addrs (ikev2_ts_t *ts, const ip_address_t *start,
4103 const ip_address_t *end)
4105 ip_address_copy (&ts->start_addr, start);
4106 ip_address_copy (&ts->end_addr, end);
4110 ikev2_set_profile_ts (vlib_main_t * vm, u8 * name, u8 protocol_id,
4111 u16 start_port, u16 end_port, ip_address_t start_addr,
4112 ip_address_t end_addr, int is_local)
4117 p = ikev2_profile_index_by_name (name);
4121 r = clib_error_return (0, "unknown profile %v", name);
4125 if (ip_addr_version (&start_addr) != ip_addr_version (&end_addr))
4126 return clib_error_return (0, "IP address version mismatch!");
4130 ikev2_set_ts_addrs (&p->loc_ts, &start_addr, &end_addr);
4131 p->loc_ts.start_port = start_port;
4132 p->loc_ts.end_port = end_port;
4133 p->loc_ts.protocol_id = protocol_id;
4134 ikev2_set_ts_type (&p->loc_ts, &start_addr);
4138 ikev2_set_ts_addrs (&p->rem_ts, &start_addr, &end_addr);
4139 p->rem_ts.start_port = start_port;
4140 p->rem_ts.end_port = end_port;
4141 p->rem_ts.protocol_id = protocol_id;
4142 ikev2_set_ts_type (&p->rem_ts, &start_addr);
4149 ikev2_set_profile_responder_hostname (vlib_main_t *vm, u8 *name, u8 *hostname,
4155 p = ikev2_profile_index_by_name (name);
4159 r = clib_error_return (0, "unknown profile %v", name);
4163 p->responder.is_resolved = 0;
4164 p->responder.sw_if_index = sw_if_index;
4165 p->responder.hostname = vec_dup (hostname);
4171 ikev2_set_profile_responder (vlib_main_t * vm, u8 * name,
4172 u32 sw_if_index, ip_address_t addr)
4177 p = ikev2_profile_index_by_name (name);
4181 r = clib_error_return (0, "unknown profile %v", name);
4185 p->responder.is_resolved = 1;
4186 p->responder.sw_if_index = sw_if_index;
4187 ip_address_copy (&p->responder.addr, &addr);
4193 ikev2_set_profile_ike_transforms (vlib_main_t * vm, u8 * name,
4194 ikev2_transform_encr_type_t crypto_alg,
4195 ikev2_transform_integ_type_t integ_alg,
4196 ikev2_transform_dh_type_t dh_type,
4197 u32 crypto_key_size)
4201 p = ikev2_profile_index_by_name (name);
4203 return clib_error_return (0, "unknown profile %v", name);
4205 if ((IKEV2_TRANSFORM_INTEG_TYPE_NONE != integ_alg) +
4206 (IKEV2_TRANSFORM_ENCR_TYPE_AES_GCM_16 == crypto_alg) !=
4208 return clib_error_return (0, "invalid cipher + integrity algorithm");
4210 p->ike_ts.crypto_alg = crypto_alg;
4211 p->ike_ts.integ_alg = integ_alg;
4212 p->ike_ts.dh_type = dh_type;
4213 p->ike_ts.crypto_key_size = crypto_key_size;
4218 ikev2_set_profile_esp_transforms (vlib_main_t * vm, u8 * name,
4219 ikev2_transform_encr_type_t crypto_alg,
4220 ikev2_transform_integ_type_t integ_alg,
4221 u32 crypto_key_size)
4226 p = ikev2_profile_index_by_name (name);
4230 r = clib_error_return (0, "unknown profile %v", name);
4234 p->esp_ts.crypto_alg = crypto_alg;
4235 p->esp_ts.integ_alg = integ_alg;
4236 p->esp_ts.crypto_key_size = crypto_key_size;
4241 ikev2_set_profile_tunnel_interface (vlib_main_t * vm,
4242 u8 * name, u32 sw_if_index)
4247 p = ikev2_profile_index_by_name (name);
4251 r = clib_error_return (0, "unknown profile %v", name);
4255 p->tun_itf = sw_if_index;
4261 ikev2_set_profile_ipsec_udp_port (vlib_main_t * vm, u8 * name, u16 port,
4264 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
4265 vnet_api_error_t rv = 0;
4268 return VNET_API_ERROR_INVALID_VALUE;
4272 if (p->ipsec_over_udp_port != IPSEC_UDP_PORT_NONE)
4273 return VNET_API_ERROR_VALUE_EXIST;
4275 rv = ikev2_register_udp_port (p, port);
4279 if (p->ipsec_over_udp_port == IPSEC_UDP_PORT_NONE)
4280 return VNET_API_ERROR_INVALID_VALUE;
4282 ikev2_unregister_udp_port (p);
4288 ikev2_set_profile_udp_encap (vlib_main_t * vm, u8 * name)
4290 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
4295 r = clib_error_return (0, "unknown profile %v", name);
4304 ikev2_set_profile_sa_lifetime (vlib_main_t * vm, u8 * name,
4305 u64 lifetime, u32 jitter, u32 handover,
4311 p = ikev2_profile_index_by_name (name);
4315 r = clib_error_return (0, "unknown profile %v", name);
4319 p->lifetime = lifetime;
4320 p->lifetime_jitter = jitter;
4321 p->handover = handover;
4322 p->lifetime_maxdata = maxdata;
4327 ikev2_get_if_address (u32 sw_if_index, ip_address_family_t af,
4328 ip_address_t * out_addr)
4330 ip4_address_t *if_ip4;
4331 ip6_address_t *if_ip6;
4335 if_ip4 = ip4_interface_first_address (&ip4_main, sw_if_index, 0);
4338 ip_address_set (out_addr, if_ip4, AF_IP4);
4344 if_ip6 = ip6_interface_first_address (&ip6_main, sw_if_index);
4347 ip_address_set (out_addr, if_ip6, AF_IP6);
4354 static clib_error_t *
4355 ikev2_resolve_responder_hostname (vlib_main_t *vm, ikev2_responder_t *r)
4357 ikev2_main_t *km = &ikev2_main;
4358 dns_cache_entry_t *ep = 0;
4359 dns_pending_request_t _t0, *t0 = &_t0;
4360 dns_resolve_name_t _rn, *rn = &_rn;
4364 if (!km->dns_resolve_name)
4365 return clib_error_return (0, "cannot load symbols from dns plugin");
4367 t0->request_type = DNS_API_PENDING_NAME_TO_IP;
4368 /* VPP main curse: IKEv2 uses only non-NULL terminated vectors internally
4369 * whereas DNS resolver expects a NULL-terminated C-string */
4370 name = vec_dup (r->hostname);
4371 vec_terminate_c_string (name);
4372 rv = km->dns_resolve_name (name, &ep, t0, rn);
4375 return clib_error_return (0, "dns lookup failure");
4380 ip_address_copy (&r->addr, &rn->address);
4386 ikev2_initiate_sa_init (vlib_main_t * vm, u8 * name)
4390 ikev2_main_t *km = &ikev2_main;
4394 int len = sizeof (ike_header_t), valid_ip = 0;
4395 ip_address_t src_if_ip = ip_address_initializer;
4397 p = ikev2_profile_index_by_name (name);
4401 r = clib_error_return (0, "unknown profile %v", name);
4405 if (p->responder.sw_if_index == ~0 ||
4406 (ip_address_is_zero (&p->responder.addr) &&
4407 vec_len (p->responder.hostname) == 0))
4409 r = clib_error_return (0, "responder not set for profile %v", name);
4413 if (!p->responder.is_resolved)
4415 /* try to resolve using dns plugin
4416 * success does not mean we have resolved the name */
4417 r = ikev2_resolve_responder_hostname (vm, &p->responder);
4422 if (p->responder.is_resolved &&
4423 ikev2_get_if_address (p->responder.sw_if_index,
4424 ip_addr_version (&p->responder.addr), &src_if_ip))
4429 /* Prepare the SA and the IKE payload */
4431 clib_memset (&sa, 0, sizeof (ikev2_sa_t));
4432 ikev2_payload_chain_t *chain = 0;
4433 ikev2_payload_new_chain (chain);
4435 /* Build the IKE proposal payload */
4436 ikev2_sa_proposal_t *proposals = 0;
4437 ikev2_set_initiator_proposals (vm, &sa, &p->ike_ts, &proposals, 1);
4438 proposals[0].proposal_num = 1;
4439 proposals[0].protocol_id = IKEV2_PROTOCOL_IKE;
4441 /* Add and then cleanup proposal data */
4442 ikev2_payload_add_sa (chain, proposals);
4443 ikev2_sa_free_proposal_vector (&proposals);
4445 sa.is_initiator = 1;
4446 sa.profile_index = p - km->profiles;
4447 sa.state = IKEV2_STATE_SA_INIT;
4448 sa.tun_itf = p->tun_itf;
4449 sa.udp_encap = p->udp_encap;
4450 if (p->natt_disabled)
4451 sa.natt_state = IKEV2_NATT_DISABLED;
4452 sa.ipsec_over_udp_port = p->ipsec_over_udp_port;
4453 sa.is_tun_itf_set = 1;
4454 sa.initial_contact = 1;
4455 sa.dst_port = IKEV2_PORT;
4457 ikev2_generate_sa_error_t rc = ikev2_generate_sa_init_data (&sa);
4458 if (rc != IKEV2_GENERATE_SA_INIT_OK)
4460 ikev2_sa_free_all_vec (&sa);
4461 ikev2_payload_destroy_chain (chain);
4462 return clib_error_return (0, "%U", format_ikev2_gen_sa_error, rc);
4465 ikev2_payload_add_ke (chain, sa.dh_group, sa.i_dh_data);
4466 ikev2_payload_add_nonce (chain, sa.i_nonce);
4468 /* Build the child SA proposal */
4469 vec_resize (sa.childs, 1);
4470 ikev2_set_initiator_proposals (vm, &sa, &p->esp_ts,
4471 &sa.childs[0].i_proposals, 0);
4472 sa.childs[0].i_proposals[0].proposal_num = 1;
4473 sa.childs[0].i_proposals[0].protocol_id = IKEV2_PROTOCOL_ESP;
4474 RAND_bytes ((u8 *) & sa.childs[0].i_proposals[0].spi,
4475 sizeof (sa.childs[0].i_proposals[0].spi));
4477 /* Add NAT detection notification messages (mandatory) */
4478 u8 *nat_detection_sha1 = ikev2_compute_nat_sha1 (
4479 clib_host_to_net_u64 (sa.ispi), clib_host_to_net_u64 (sa.rspi), &src_if_ip,
4480 clib_host_to_net_u16 (IKEV2_PORT));
4482 ikev2_payload_add_notify (chain, IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP,
4483 nat_detection_sha1);
4484 vec_free (nat_detection_sha1);
4485 nat_detection_sha1 =
4486 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa.ispi),
4487 clib_host_to_net_u64 (sa.rspi),
4489 clib_host_to_net_u16 (sa.dst_port));
4490 ikev2_payload_add_notify (chain,
4491 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP,
4492 nat_detection_sha1);
4493 vec_free (nat_detection_sha1);
4495 u8 *sig_hash_algo = vec_new (u8, 8);
4496 u64 tmpsig = clib_host_to_net_u64 (0x0001000200030004);
4497 clib_memcpy_fast (sig_hash_algo, &tmpsig, sizeof (tmpsig));
4498 ikev2_payload_add_notify (chain,
4499 IKEV2_NOTIFY_MSG_SIGNATURE_HASH_ALGORITHMS,
4501 vec_free (sig_hash_algo);
4503 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
4506 ikev2_sa_free_all_vec (&sa);
4507 ikev2_payload_destroy_chain (chain);
4508 char *errmsg = "buffer alloc failure";
4509 ikev2_log_error (errmsg);
4510 return clib_error_return (0, errmsg);
4512 ike0 = vlib_buffer_get_current (b0);
4514 /* Buffer update and boilerplate */
4515 len += vec_len (chain->data);
4516 ike0->nextpayload = chain->first_payload_type;
4517 ike0->length = clib_host_to_net_u32 (len);
4518 clib_memcpy_fast (ike0->payload, chain->data, vec_len (chain->data));
4519 ikev2_payload_destroy_chain (chain);
4521 ike0->version = IKE_VERSION_2;
4522 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
4523 ike0->exchange = IKEV2_EXCHANGE_SA_INIT;
4524 ike0->ispi = clib_host_to_net_u64 (sa.ispi);
4527 sa.last_init_msg_id += 1;
4529 /* store whole IKE payload - needed for PSK auth */
4530 vec_reset_length (sa.last_sa_init_req_packet_data);
4531 vec_add (sa.last_sa_init_req_packet_data, ike0, len);
4533 /* add data to the SA then add it to the pool */
4534 ip_address_copy (&sa.iaddr, &src_if_ip);
4535 ip_address_copy (&sa.raddr, &p->responder.addr);
4536 sa.i_id.type = p->loc_id.type;
4537 sa.i_id.data = vec_dup (p->loc_id.data);
4538 sa.r_id.type = p->rem_id.type;
4539 sa.r_id.data = vec_dup (p->rem_id.data);
4540 sa.i_auth.method = p->auth.method;
4541 sa.i_auth.hex = p->auth.hex;
4542 sa.i_auth.data = vec_dup (p->auth.data);
4543 sa.sw_if_index = p->responder.sw_if_index;
4544 vec_add (sa.childs[0].tsi, &p->loc_ts, 1);
4545 vec_add (sa.childs[0].tsr, &p->rem_ts, 1);
4547 ikev2_initial_contact_cleanup (0, &sa);
4549 /* add SA to the pool */
4550 ikev2_sa_t *sa0 = 0;
4551 pool_get (km->sais, sa0);
4552 clib_memcpy_fast (sa0, &sa, sizeof (*sa0));
4553 hash_set (km->sa_by_ispi, sa0->ispi, sa0 - km->sais);
4557 ikev2_send_ike (vm, &src_if_ip, &p->responder.addr, bi0, len, IKEV2_PORT,
4558 sa.dst_port, sa.sw_if_index);
4561 ("ispi %lx rspi %lx IKEV2_EXCHANGE_SA_INIT sent to ",
4562 clib_host_to_net_u64 (sa0->ispi), 0,
4563 ip_addr_v4 (&p->responder.addr).as_u32,
4564 ip_addr_version (&p->responder.addr) == AF_IP4);
4571 ikev2_delete_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
4572 ikev2_child_sa_t * csa)
4574 /* Create the Initiator notification for child SA removal */
4575 ikev2_main_t *km = &ikev2_main;
4581 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
4584 ikev2_log_error ("buffer alloc failure");
4588 ike0 = vlib_buffer_get_current (b0);
4589 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
4590 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4591 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4593 vec_resize (sa->del, 1);
4594 sa->del->protocol_id = IKEV2_PROTOCOL_ESP;
4595 sa->del->spi = csa->i_proposals->spi;
4596 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id);
4597 sa->last_init_msg_id += 1;
4598 len = ikev2_generate_message (b0, sa, ike0, 0, 0, 0);
4602 if (ikev2_natt_active (sa))
4603 len = ikev2_insert_non_esp_marker (ike0, len);
4604 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
4605 ikev2_get_port (sa), sa->dst_port, sa->sw_if_index);
4607 /* delete local child SA */
4608 ikev2_delete_tunnel_interface (km->vnet_main, sa, csa);
4609 ikev2_sa_del_child_sa (sa, csa);
4613 ikev2_initiate_delete_child_sa (vlib_main_t * vm, u32 ispi)
4616 ikev2_main_t *km = &ikev2_main;
4617 ikev2_main_per_thread_data_t *tkm;
4618 ikev2_sa_t *fsa = 0;
4619 ikev2_child_sa_t *fchild = 0;
4621 /* Search for the child SA */
4622 vec_foreach (tkm, km->per_thread_data)
4628 pool_foreach (sa, tkm->sas) {
4629 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
4639 if (!fchild || !fsa)
4641 r = clib_error_return (0, "Child SA not found");
4646 ikev2_delete_child_sa_internal (vm, fsa, fchild);
4653 ikev2_initiate_delete_ike_sa (vlib_main_t * vm, u64 ispi)
4656 ikev2_main_t *km = &ikev2_main;
4657 ikev2_main_per_thread_data_t *tkm;
4658 ikev2_sa_t *fsa = 0;
4659 ikev2_main_per_thread_data_t *ftkm = 0;
4661 /* Search for the IKE SA */
4662 vec_foreach (tkm, km->per_thread_data)
4668 pool_foreach (sa, tkm->sas) {
4669 if (sa->ispi == ispi)
4681 r = clib_error_return (0, "IKE SA not found");
4685 ikev2_initiate_delete_ike_sa_internal (vm, ftkm, fsa, 1);
4690 ikev2_rekey_child_sa_internal (vlib_main_t * vm, ikev2_sa_t * sa,
4691 ikev2_child_sa_t * csa)
4693 /* Create the Initiator request for create child SA */
4699 bi0 = ikev2_get_new_ike_header_buff (vm, &b0);
4702 ikev2_log_error ("buffer alloc failure");
4706 ike0 = vlib_buffer_get_current (b0);
4707 ike0->version = IKE_VERSION_2;
4708 ike0->flags = IKEV2_HDR_FLAG_INITIATOR;
4709 ike0->exchange = IKEV2_EXCHANGE_CREATE_CHILD_SA;
4710 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
4711 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
4712 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id);
4713 sa->last_init_msg_id += 1;
4715 ikev2_rekey_t *rekey;
4716 vec_reset_length (sa->rekey);
4717 vec_add2 (sa->rekey, rekey, 1);
4718 ikev2_sa_proposal_t *proposals = vec_dup (csa->i_proposals);
4721 RAND_bytes ((u8 *) & proposals[0].spi, sizeof (proposals[0].spi));
4722 rekey->spi = proposals[0].spi;
4723 rekey->ispi = csa->i_proposals->spi;
4724 len = ikev2_generate_message (b0, sa, ike0, proposals, 0, 0);
4728 if (ikev2_natt_active (sa))
4729 len = ikev2_insert_non_esp_marker (ike0, len);
4730 ikev2_send_ike (vm, &sa->iaddr, &sa->raddr, bi0, len,
4731 ikev2_get_port (sa), ikev2_get_port (sa), sa->sw_if_index);
4732 vec_free (proposals);
4736 ikev2_initiate_rekey_child_sa (vlib_main_t * vm, u32 ispi)
4739 ikev2_main_t *km = &ikev2_main;
4740 ikev2_main_per_thread_data_t *tkm;
4741 ikev2_sa_t *fsa = 0;
4742 ikev2_child_sa_t *fchild = 0;
4744 /* Search for the child SA */
4745 vec_foreach (tkm, km->per_thread_data)
4751 pool_foreach (sa, tkm->sas) {
4752 fchild = ikev2_sa_get_child(sa, ispi, IKEV2_PROTOCOL_ESP, 1);
4762 if (!fchild || !fsa)
4764 r = clib_error_return (0, "Child SA not found");
4769 ikev2_rekey_child_sa_internal (vm, fsa, fchild);
4776 ikev2_sa_sw_if_match (ikev2_sa_t * sa, u32 sw_if_index)
4778 return (sa->sw_if_index == sw_if_index) && sa->is_initiator;
4782 ikev2_sa_del (ikev2_profile_t * p, u32 sw_if_index)
4784 u64 *ispi, *ispi_vec = 0;
4785 ikev2_sa_t *sa, **sap, **sa_vec = 0;
4786 ikev2_main_t *km = &ikev2_main;
4787 ikev2_main_per_thread_data_t *tkm;
4788 p->responder.sw_if_index = ~0;
4790 vec_foreach (tkm, km->per_thread_data)
4793 pool_foreach (sa, tkm->sas) {
4794 if (ikev2_sa_sw_if_match (sa, sw_if_index))
4795 vec_add1 (sa_vec, sa);
4799 vec_foreach (sap, sa_vec)
4801 ikev2_initiate_delete_ike_sa_internal (km->vlib_main, tkm, *sap, 0);
4803 vec_reset_length (sa_vec);
4808 pool_foreach (sa, km->sais) {
4809 if (ikev2_sa_sw_if_match (sa, sw_if_index))
4810 vec_add1 (ispi_vec, sa->ispi);
4814 vec_foreach (ispi, ispi_vec)
4816 ikev2_del_sa_init_from_main (ispi);
4819 vec_free (ispi_vec);
4822 static clib_error_t *
4823 ikev2_sw_interface_add_del (vnet_main_t * vnm, u32 sw_if_index, u32 is_add)
4825 ikev2_main_t *km = &ikev2_main;
4832 pool_foreach (p, km->profiles) {
4833 if (p->responder.sw_if_index == sw_if_index)
4834 ikev2_sa_del (p, sw_if_index);
4841 VNET_SW_INTERFACE_ADD_DEL_FUNCTION (ikev2_sw_interface_add_del);
4844 ikev2_init (vlib_main_t * vm)
4846 ikev2_main_t *km = &ikev2_main;
4848 clib_memset (km, 0, sizeof (ikev2_main_t));
4850 km->log_level = IKEV2_LOG_ERROR;
4851 km->log_class = vlib_log_register_class ("ikev2", 0);
4853 km->vnet_main = vnet_get_main ();
4856 km->liveness_period = IKEV2_LIVENESS_PERIOD_CHECK;
4857 km->liveness_max_retries = IKEV2_LIVENESS_RETRIES;
4863 VLIB_INIT_FUNCTION (ikev2_init) = {
4864 .runs_after = VLIB_INITS ("ipsec_init", "ipsec_punt_init"),
4869 ikev2_mngr_process_child_sa (ikev2_sa_t * sa, ikev2_child_sa_t * csa,
4872 ikev2_main_t *km = &ikev2_main;
4873 ikev2_profile_t *p = 0;
4874 vlib_main_t *vm = km->vlib_main;
4875 f64 now = vlib_time_now (vm);
4878 if (sa->profile_index != ~0)
4879 p = pool_elt_at_index (km->profiles, sa->profile_index);
4881 if (sa->is_initiator && p && csa->time_to_expiration
4882 && now > csa->time_to_expiration)
4884 if (!csa->is_expired || csa->rekey_retries > 0)
4886 ikev2_rekey_child_sa_internal (vm, sa, csa);
4887 csa->time_to_expiration = now + p->handover;
4888 csa->is_expired = 1;
4889 if (csa->rekey_retries == 0)
4891 csa->rekey_retries = 5;
4893 else if (csa->rekey_retries > 0)
4895 csa->rekey_retries--;
4896 ikev2_log_debug ("Rekeying Child SA 0x%x, retries left %d",
4897 csa->i_proposals->spi, csa->rekey_retries);
4898 if (csa->rekey_retries == 0)
4900 csa->rekey_retries = -1;
4907 csa->time_to_expiration = 0;
4908 ikev2_delete_child_sa_internal (vm, sa, csa);
4916 ipip_tunnel_t *ipip = NULL;
4917 u32 sw_if_index = sa->is_tun_itf_set ? sa->tun_itf : ~0;
4918 if (~0 == sw_if_index)
4920 ip46_address_t local_ip;
4921 ip46_address_t remote_ip;
4922 if (sa->is_initiator)
4924 local_ip = to_ip46 (ip_addr_version (&sa->iaddr),
4925 ip_addr_bytes (&sa->iaddr));
4926 remote_ip = to_ip46 (ip_addr_version (&sa->raddr),
4927 ip_addr_bytes (&sa->raddr));
4931 local_ip = to_ip46 (ip_addr_version (&sa->raddr),
4932 ip_addr_bytes (&sa->raddr));
4933 remote_ip = to_ip46 (ip_addr_version (&sa->iaddr),
4934 ip_addr_bytes (&sa->iaddr));
4938 ipip_tunnel_key_t key = {
4941 .transport = IPIP_TRANSPORT_IP4,
4946 ipip = ipip_tunnel_db_find (&key);
4949 sw_if_index = ipip->sw_if_index;
4955 vec_add1 (sas_in, csa->remote_sa_id);
4956 vlib_worker_thread_barrier_sync (vm);
4957 int rv = ipsec_tun_protect_update (sw_if_index, NULL,
4958 csa->local_sa_id, sas_in);
4961 ipsec_sa_unlock_id (ikev2_flip_alternate_sa_bit (csa->remote_sa_id));
4962 vlib_worker_thread_barrier_release (vm);
4969 ikev2_set_log_level (ikev2_log_level_t log_level)
4971 ikev2_main_t *km = &ikev2_main;
4973 if (log_level >= IKEV2_LOG_MAX)
4975 ikev2_log_error ("unknown logging level %d", log_level);
4979 km->log_level = log_level;
4984 ikev2_set_liveness_params (u32 period, u32 max_retries)
4986 ikev2_main_t *km = &ikev2_main;
4988 if (period == 0 || max_retries == 0)
4989 return clib_error_return (0, "invalid args");
4991 km->liveness_period = period;
4992 km->liveness_max_retries = max_retries;
4997 ikev2_profile_natt_disable (u8 * name)
4999 ikev2_profile_t *p = ikev2_profile_index_by_name (name);
5001 return clib_error_return (0, "unknown profile %v", name);
5003 p->natt_disabled = 1;
5008 ikev2_mngr_process_ipsec_sa (ipsec_sa_t * ipsec_sa)
5010 ikev2_main_t *km = &ikev2_main;
5011 vlib_main_t *vm = km->vlib_main;
5012 ikev2_main_per_thread_data_t *tkm;
5013 ikev2_sa_t *fsa = 0;
5014 ikev2_profile_t *p = 0;
5015 ikev2_child_sa_t *fchild = 0;
5016 f64 now = vlib_time_now (vm);
5017 vlib_counter_t counts;
5019 /* Search for the SA and child SA */
5020 vec_foreach (tkm, km->per_thread_data)
5026 pool_foreach (sa, tkm->sas) {
5027 fchild = ikev2_sa_get_child(sa, ipsec_sa->spi, IKEV2_PROTOCOL_ESP, 1);
5036 vlib_get_combined_counter (&ipsec_sa_counters,
5037 ipsec_sa->stat_index, &counts);
5039 if (fsa && fsa->profile_index != ~0 && fsa->is_initiator)
5040 p = pool_elt_at_index (km->profiles, fsa->profile_index);
5042 if (fchild && p && p->lifetime_maxdata)
5044 if (!fchild->is_expired && counts.bytes > p->lifetime_maxdata)
5046 fchild->time_to_expiration = now;
5052 ikev2_process_pending_sa_init_one (vlib_main_t *vm, ikev2_main_t *km,
5058 p = pool_elt_at_index (km->profiles, sa->profile_index);
5060 if (!p->responder.is_resolved)
5062 clib_error_t *r = ikev2_resolve_responder_hostname (vm, &p->responder);
5065 clib_error_free (r);
5069 if (!p->responder.is_resolved)
5072 ip_address_copy (&sa->raddr, &p->responder.addr);
5074 /* update nat detection destination hash */
5075 np = ikev2_find_ike_notify_payload (
5076 (ike_header_t *) sa->last_sa_init_req_packet_data,
5077 IKEV2_NOTIFY_MSG_NAT_DETECTION_DESTINATION_IP);
5080 nat_sha = ikev2_compute_nat_sha1 (
5081 clib_host_to_net_u64 (sa->ispi), clib_host_to_net_u64 (sa->rspi),
5082 &sa->raddr, clib_host_to_net_u16 (sa->dst_port));
5083 clib_memcpy_fast (np, nat_sha, vec_len (nat_sha));
5088 if (ip_address_is_zero (&sa->iaddr))
5090 if (!ikev2_get_if_address (p->responder.sw_if_index,
5091 ip_addr_version (&p->responder.addr),
5095 /* update NAT detection payload */
5097 ikev2_find_ike_notify_payload
5098 ((ike_header_t *) sa->last_sa_init_req_packet_data,
5099 IKEV2_NOTIFY_MSG_NAT_DETECTION_SOURCE_IP);
5103 ikev2_compute_nat_sha1 (clib_host_to_net_u64 (sa->ispi),
5104 clib_host_to_net_u64 (sa->rspi),
5106 clib_host_to_net_u16 (IKEV2_PORT));
5107 clib_memcpy_fast (np, nat_sha, vec_len (nat_sha));
5112 if (vlib_buffer_alloc (km->vlib_main, &bi0, 1) != 1)
5115 vlib_buffer_t *b = vlib_get_buffer (km->vlib_main, bi0);
5116 clib_memcpy_fast (vlib_buffer_get_current (b),
5117 sa->last_sa_init_req_packet_data,
5118 vec_len (sa->last_sa_init_req_packet_data));
5120 ikev2_send_ike (km->vlib_main, &sa->iaddr, &sa->raddr, bi0,
5121 vec_len (sa->last_sa_init_req_packet_data),
5122 ikev2_get_port (sa), IKEV2_PORT, sa->sw_if_index);
5126 ikev2_process_pending_sa_init (vlib_main_t *vm, ikev2_main_t *km)
5133 hash_foreach (ispi, sai, km->sa_by_ispi,
5135 sa = pool_elt_at_index (km->sais, sai);
5136 if (sa->init_response_received)
5139 ikev2_process_pending_sa_init_one (vm, km, sa);
5145 ikev2_send_informational_request (ikev2_sa_t * sa)
5147 ikev2_main_t *km = &ikev2_main;
5148 ip_address_t *src, *dst;
5155 bi0 = ikev2_get_new_ike_header_buff (km->vlib_main, &b0);
5158 ikev2_log_error ("buffer alloc failure");
5162 ike0 = vlib_buffer_get_current (b0);
5163 ike0->exchange = IKEV2_EXCHANGE_INFORMATIONAL;
5164 ike0->ispi = clib_host_to_net_u64 (sa->ispi);
5165 ike0->rspi = clib_host_to_net_u64 (sa->rspi);
5166 ike0->msgid = clib_host_to_net_u32 (sa->last_init_msg_id);
5168 sa->last_init_msg_id += 1;
5169 len = ikev2_generate_message (b0, sa, ike0, 0, 0, 0);
5173 if (ikev2_natt_active (sa))
5174 len = ikev2_insert_non_esp_marker (ike0, len);
5176 if (sa->is_initiator)
5187 dp = sa->dst_port ? sa->dst_port : ikev2_get_port (sa);
5188 ikev2_send_ike (km->vlib_main, src, dst, bi0, len, ikev2_get_port (sa), dp,
5193 ikev2_disable_dpd (void)
5195 ikev2_main_t *km = &ikev2_main;
5196 km->dpd_disabled = 1;
5200 ikev2_mngr_process_responder_sas (ikev2_sa_t *sa)
5202 ikev2_main_t *km = &ikev2_main;
5203 vlib_main_t *vm = km->vlib_main;
5205 if (!sa->keys_generated)
5208 if (sa->liveness_retries >= km->liveness_max_retries)
5211 f64 now = vlib_time_now (vm);
5213 if (sa->liveness_period_check < now)
5215 sa->liveness_retries++;
5216 sa->liveness_period_check = now + km->liveness_period;
5217 ikev2_send_informational_request (sa);
5223 ikev2_mngr_process_fn (vlib_main_t * vm, vlib_node_runtime_t * rt,
5226 ikev2_main_t *km = &ikev2_main;
5228 ikev2_child_sa_t *c;
5231 /* lazy init will wake it up */
5232 vlib_process_wait_for_event (vm);
5236 vlib_process_wait_for_event_or_clock (vm, 2);
5237 vlib_process_get_events (vm, NULL);
5239 /* process ike child sas */
5240 ikev2_main_per_thread_data_t *tkm;
5241 vec_foreach (tkm, km->per_thread_data)
5244 u32 *to_be_deleted = 0;
5247 pool_foreach (sa, tkm->sas) {
5248 ikev2_child_sa_t *c;
5251 if (sa->state != IKEV2_STATE_AUTHENTICATED)
5254 if (sa->old_remote_id_present && 0 > sa->old_id_expiration)
5256 sa->old_remote_id_present = 0;
5260 sa->old_id_expiration -= 1;
5262 vec_foreach (c, sa->childs)
5263 ikev2_mngr_process_child_sa(sa, c, del_old_ids);
5265 if (!km->dpd_disabled && ikev2_mngr_process_responder_sas (sa))
5266 vec_add1 (to_be_deleted, sa - tkm->sas);
5270 vec_foreach (sai, to_be_deleted)
5272 sa = pool_elt_at_index (tkm->sas, sai[0]);
5273 const u32 profile_index = sa->profile_index;
5274 const int reinitiate = (sa->is_initiator && profile_index != ~0);
5275 vec_foreach (c, sa->childs)
5277 ikev2_delete_tunnel_interface (km->vnet_main, sa, c);
5278 ikev2_sa_del_child_sa (sa, c);
5280 ikev2_sa_free_all_vec (sa);
5281 hash_unset (tkm->sa_by_rspi, sa->rspi);
5282 pool_put (tkm->sas, sa);
5286 p = pool_elt_at_index (km->profiles, profile_index);
5289 clib_error_t *e = ikev2_initiate_sa_init (vm, p->name);
5292 ikev2_log_error ("%U", format_clib_error, e);
5293 clib_error_free (e);
5298 vec_free (to_be_deleted);
5301 /* process ipsec sas */
5304 pool_foreach (sa, ipsec_sa_pool)
5306 ikev2_mngr_process_ipsec_sa (sa);
5310 ikev2_process_pending_sa_init (vm, km);
5316 VLIB_REGISTER_NODE (ikev2_mngr_process_node, static) = {
5317 .function = ikev2_mngr_process_fn,
5318 .type = VLIB_NODE_TYPE_PROCESS,
5320 "ikev2-manager-process",
5324 ikev2_lazy_init (ikev2_main_t *km)
5326 vlib_thread_main_t *tm = vlib_get_thread_main ();
5329 if (km->lazy_init_done)
5332 ikev2_crypto_init (km);
5334 mhash_init_vec_string (&km->profile_index_by_name, sizeof (uword));
5336 vec_validate_aligned (km->per_thread_data, tm->n_vlib_mains - 1,
5337 CLIB_CACHE_LINE_BYTES);
5338 for (thread_id = 0; thread_id < tm->n_vlib_mains; thread_id++)
5340 ikev2_main_per_thread_data_t *ptd =
5341 vec_elt_at_index (km->per_thread_data, thread_id);
5343 ptd->sa_by_rspi = hash_create (0, sizeof (uword));
5345 #if OPENSSL_VERSION_NUMBER >= 0x10100000L
5346 ptd->evp_ctx = EVP_CIPHER_CTX_new ();
5347 ptd->hmac_ctx = HMAC_CTX_new ();
5349 EVP_CIPHER_CTX_init (&ptd->_evp_ctx);
5350 ptd->evp_ctx = &ptd->_evp_ctx;
5351 HMAC_CTX_init (&(ptd->_hmac_ctx));
5352 ptd->hmac_ctx = &ptd->_hmac_ctx;
5356 km->sa_by_ispi = hash_create (0, sizeof (uword));
5357 km->sw_if_indices = hash_create (0, 0);
5359 km->punt_hdl = vlib_punt_client_register ("ikev2");
5361 km->dns_resolve_name =
5362 vlib_get_plugin_symbol ("dns_plugin.so", "dns_resolve_name");
5363 if (!km->dns_resolve_name)
5364 ikev2_log_error ("cannot load symbols from dns plugin");
5366 /* wake up ikev2 process */
5367 vlib_process_signal_event (vlib_get_first_main (),
5368 ikev2_mngr_process_node.index, 0, 0);
5370 km->lazy_init_done = 1;
5373 VLIB_PLUGIN_REGISTER () = {
5374 .version = VPP_BUILD_VER,
5375 .description = "Internet Key Exchange (IKEv2) Protocol",
5380 * fd.io coding-style-patch-verification: ON
5383 * eval: (c-set-style "gnu")
Code Review / vpp.git / blob