summaryrefslogtreecommitdiff
path: root/sbin/isakmpd
diff options
context:
space:
mode:
authorHakan Olsson <ho@cvs.openbsd.org>2002-07-04 22:23:50 +0000
committerHakan Olsson <ho@cvs.openbsd.org>2002-07-04 22:23:50 +0000
commitecd1d355a936dee799dcd6128ab4e069937fbe2c (patch)
treedc6a9351934a87169c75f6592796f3f2df40fcdd /sbin/isakmpd
parent165ad59573b5750a357c06a3a30a81d7a27ff514 (diff)
Do not assume we have an active exchange during payload validation.
Diffstat (limited to 'sbin/isakmpd')
-rw-r--r--sbin/isakmpd/message.c66
1 files changed, 65 insertions, 1 deletions
diff --git a/sbin/isakmpd/message.c b/sbin/isakmpd/message.c
index e2bdeeca760..722a5d7deeb 100644
--- a/sbin/isakmpd/message.c
+++ b/sbin/isakmpd/message.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: message.c,v 1.54 2002/06/09 08:13:06 todd Exp $ */
+/* $OpenBSD: message.c,v 1.55 2002/07/04 22:23:49 ho Exp $ */
/* $EOM: message.c,v 1.156 2000/10/10 12:36:39 provos Exp $ */
/*
@@ -486,6 +486,14 @@ message_validate_delete (struct message *msg, struct payload *p)
static int
message_validate_hash (struct message *msg, struct payload *p)
{
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_hash: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
/* XXX Not implemented yet. */
return 0;
}
@@ -497,6 +505,14 @@ message_validate_id (struct message *msg, struct payload *p)
struct exchange *exchange = msg->exchange;
size_t len = GET_ISAKMP_GEN_LENGTH (p->p);
+ if (!exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_id: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
if (exchange->doi
&& exchange->doi->validate_id_information (GET_ISAKMP_ID_TYPE (p->p),
p->p + ISAKMP_ID_DOI_DATA_OFF,
@@ -517,6 +533,14 @@ message_validate_key_exch (struct message *msg, struct payload *p)
struct exchange *exchange = msg->exchange;
size_t len = GET_ISAKMP_GEN_LENGTH (p->p);
+ if (!exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_key_exch: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
if (exchange->doi
&& exchange->doi->validate_key_information (p->p + ISAKMP_KE_DATA_OFF,
len - ISAKMP_KE_DATA_OFF))
@@ -531,6 +555,14 @@ message_validate_key_exch (struct message *msg, struct payload *p)
static int
message_validate_nonce (struct message *msg, struct payload *p)
{
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_nonce: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
/* Nonces require no specific validation. */
return 0;
}
@@ -603,6 +635,14 @@ message_validate_proposal (struct message *msg, struct payload *p)
u_int8_t proto = GET_ISAKMP_PROP_PROTO (p->p);
u_int8_t *sa = p->context->p;
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_proposal: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
if (proto != ISAKMP_PROTO_ISAKMP
&& msg->exchange->doi->validate_proto (proto))
{
@@ -732,6 +772,14 @@ message_validate_sa (struct message *msg, struct payload *p)
static int
message_validate_sig (struct message *msg, struct payload *p)
{
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_sig: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
/* XXX Not implemented yet. */
return 0;
}
@@ -743,6 +791,14 @@ message_validate_transform (struct message *msg, struct payload *p)
u_int8_t proto = GET_ISAKMP_PROP_PROTO (p->context->p);
u_int8_t *prop = p->context->p;
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_transform: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
if (msg->exchange->doi
->validate_transform_id (proto, GET_ISAKMP_TRANSFORM_ID (p->p)))
{
@@ -787,6 +843,14 @@ message_validate_transform (struct message *msg, struct payload *p)
static int
message_validate_vendor (struct message *msg, struct payload *p)
{
+ if (!msg->exchange)
+ {
+ /* We should have an exchange at this point. */
+ log_print ("message_validate_vendor: payload out of sequence");
+ message_drop (msg, ISAKMP_NOTIFY_PAYLOAD_MALFORMED, 0, 1, 1);
+ return -1;
+ }
+
/* Vendor IDs are only allowed in phase 1. */
if (msg->exchange->phase != 1)
{