summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-01-14 23:09:12 +0000
committerAngelos D. Keromytis <angelos@cvs.openbsd.org>2001-01-14 23:09:12 +0000
commit117672889671a231c985ce574f7511a6cde40476 (patch)
tree27054159a12fae2df142b8e6ee5d818b875c76f3
parentc77fa51aab8312bed8825f57f27b3fba45113958 (diff)
Do the HASH verification before handling the SA payload.
-rw-r--r--sbin/isakmpd/ike_quick_mode.c70
1 files changed, 35 insertions, 35 deletions
diff --git a/sbin/isakmpd/ike_quick_mode.c b/sbin/isakmpd/ike_quick_mode.c
index 7cab347e027..00c432aee4c 100644
--- a/sbin/isakmpd/ike_quick_mode.c
+++ b/sbin/isakmpd/ike_quick_mode.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ike_quick_mode.c,v 1.39 2001/01/10 18:16:26 angelos Exp $ */
+/* $OpenBSD: ike_quick_mode.c,v 1.40 2001/01/14 23:09:11 angelos Exp $ */
/* $EOM: ike_quick_mode.c,v 1.135 2000/10/16 18:16:59 provos Exp $ */
/*
@@ -992,6 +992,40 @@ initiator_recv_HASH_SA_NONCE (struct message *msg)
struct sockaddr *src, *dst;
socklen_t srclen, dstlen;
+ /* Allocate the prf and start calculating our HASH(1). XXX Share? */
+ LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: SKEYID_a",
+ isa->skeyid_a, isa->skeyid_len));
+ prf = prf_alloc (isa->prf_type, hash->type, isa->skeyid_a, isa->skeyid_len);
+ if (!prf)
+ return -1;
+
+ prf->Init (prf->prfctx);
+ LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: message_id",
+ exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
+ prf->Update (prf->prfctx, exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
+ LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: NONCE_I_b",
+ exchange->nonce_i, exchange->nonce_i_len));
+ prf->Update (prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
+ rest = hashp->p + GET_ISAKMP_GEN_LENGTH (hashp->p);
+ rest_len = (GET_ISAKMP_HDR_LENGTH (msg->iov[0].iov_base)
+ - (rest - (u_int8_t*)msg->iov[0].iov_base));
+ LOG_DBG_BUF ((LOG_MISC, 90,
+ "initiator_recv_HASH_SA_NONCE: payloads after HASH(2)", rest,
+ rest_len));
+ prf->Update (prf->prfctx, rest, rest_len);
+ prf->Final (hash->digest, prf->prfctx);
+ prf_free (prf);
+ LOG_DBG_BUF ((LOG_MISC, 80,
+ "initiator_recv_HASH_SA_NONCE: computed HASH(2)",
+ hash->digest, hashsize));
+ if (memcmp (hashp->p + ISAKMP_HASH_DATA_OFF, hash->digest, hashsize) != 0)
+ {
+ message_drop (msg, ISAKMP_NOTIFY_INVALID_HASH_INFORMATION, 0, 1, 0);
+ return -1;
+ }
+ /* Mark the HASH as handled. */
+ hashp->flags |= PL_MARK;
+
/*
* As we are getting an answer on our transform offer, only one transform
* should be given.
@@ -1142,40 +1176,6 @@ initiator_recv_HASH_SA_NONCE (struct message *msg)
/* Mark the SA as handled. */
sa_p->flags |= PL_MARK;
- /* Allocate the prf and start calculating our HASH(1). XXX Share? */
- LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: SKEYID_a",
- isa->skeyid_a, isa->skeyid_len));
- prf = prf_alloc (isa->prf_type, hash->type, isa->skeyid_a, isa->skeyid_len);
- if (!prf)
- return -1;
-
- prf->Init (prf->prfctx);
- LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: message_id",
- exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN));
- prf->Update (prf->prfctx, exchange->message_id, ISAKMP_HDR_MESSAGE_ID_LEN);
- LOG_DBG_BUF ((LOG_MISC, 90, "initiator_recv_HASH_SA_NONCE: NONCE_I_b",
- exchange->nonce_i, exchange->nonce_i_len));
- prf->Update (prf->prfctx, exchange->nonce_i, exchange->nonce_i_len);
- rest = hashp->p + GET_ISAKMP_GEN_LENGTH (hashp->p);
- rest_len = (GET_ISAKMP_HDR_LENGTH (msg->iov[0].iov_base)
- - (rest - (u_int8_t*)msg->iov[0].iov_base));
- LOG_DBG_BUF ((LOG_MISC, 90,
- "initiator_recv_HASH_SA_NONCE: payloads after HASH(2)", rest,
- rest_len));
- prf->Update (prf->prfctx, rest, rest_len);
- prf->Final (hash->digest, prf->prfctx);
- prf_free (prf);
- LOG_DBG_BUF ((LOG_MISC, 80,
- "initiator_recv_HASH_SA_NONCE: computed HASH(2)",
- hash->digest, hashsize));
- if (memcmp (hashp->p + ISAKMP_HASH_DATA_OFF, hash->digest, hashsize) != 0)
- {
- message_drop (msg, ISAKMP_NOTIFY_INVALID_HASH_INFORMATION, 0, 1, 0);
- return -1;
- }
- /* Mark the HASH as handled. */
- hashp->flags |= PL_MARK;
-
isa = sa->data;
if ((isa->group_desc && (!ie->group || ie->group->id != isa->group_desc))
|| (!isa->group_desc && ie->group))