diff options
| -rw-r--r-- | sbin/iked/config.c | 28 | ||||
| -rw-r--r-- | sbin/iked/iked.h | 6 | ||||
| -rw-r--r-- | sbin/iked/ikev2.c | 4 | ||||
| -rw-r--r-- | sbin/iked/ikev2_pld.c | 36 | ||||
| -rw-r--r-- | sbin/iked/policy.c | 4 |
5 files changed, 51 insertions, 27 deletions
diff --git a/sbin/iked/config.c b/sbin/iked/config.c index 5985c5303fa..ecf03e64cd3 100644 --- a/sbin/iked/config.c +++ b/sbin/iked/config.c @@ -1,4 +1,4 @@ -/* $OpenBSD: config.c,v 1.72 2020/10/29 21:49:58 tobhe Exp $ */ +/* $OpenBSD: config.c,v 1.73 2020/11/25 22:17:13 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -259,6 +259,15 @@ config_add_proposal(struct iked_proposals *head, unsigned int id, } void +config_free_proposal(struct iked_proposals *head, struct iked_proposal *prop) +{ + TAILQ_REMOVE(head, prop, prop_entry); + if (prop->prop_nxforms) + free(prop->prop_xforms); + free(prop); +} + +void config_free_proposals(struct iked_proposals *head, unsigned int proto) { struct iked_proposal *prop, *proptmp; @@ -270,10 +279,7 @@ config_free_proposals(struct iked_proposals *head, unsigned int proto) log_debug("%s: free %p", __func__, prop); - TAILQ_REMOVE(head, prop, prop_entry); - if (prop->prop_nxforms) - free(prop->prop_xforms); - free(prop); + config_free_proposal(head, prop); } } @@ -326,7 +332,7 @@ config_free_childsas(struct iked *env, struct iked_childsas *head, } } -struct iked_transform * +int config_add_transform(struct iked_proposal *prop, unsigned int type, unsigned int id, unsigned int length, unsigned int keylength) { @@ -353,7 +359,7 @@ config_add_transform(struct iked_proposal *prop, unsigned int type, break; default: log_debug("%s: invalid transform type %d", __func__, type); - return (NULL); + return (-2); } for (i = 0; i < prop->prop_nxforms; i++) { @@ -361,7 +367,7 @@ config_add_transform(struct iked_proposal *prop, unsigned int type, if (xform->xform_type == type && xform->xform_id == id && xform->xform_length == length) - return (xform); + return (0); } for (i = 0; i < prop->prop_nxforms; i++) { @@ -384,7 +390,7 @@ config_add_transform(struct iked_proposal *prop, unsigned int type, if ((xform = reallocarray(prop->prop_xforms, prop->prop_nxforms + 1, sizeof(*xform))) == NULL) { - return (NULL); + return (-1); } prop->prop_xforms = xform; @@ -398,7 +404,7 @@ config_add_transform(struct iked_proposal *prop, unsigned int type, xform->xform_score = score; xform->xform_map = map; - return (xform); + return (0); } struct iked_transform * @@ -772,7 +778,7 @@ config_getpolicy(struct iked *env, struct imsg *imsg) if (config_add_transform(prop, xf.xform_type, xf.xform_id, xf.xform_length, - xf.xform_keylength) == NULL) + xf.xform_keylength) != 0) fatal("config_getpolicy: add transform"); } } diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index f533db8f7fe..7bf73d65ae2 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.173 2020/11/21 19:23:53 tobhe Exp $ */ +/* $OpenBSD: iked.h,v 1.174 2020/11/25 22:17:13 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -802,12 +802,12 @@ void config_free_policy(struct iked *, struct iked_policy *); struct iked_proposal * config_add_proposal(struct iked_proposals *, unsigned int, unsigned int); +void config_free_proposal(struct iked_proposals *, struct iked_proposal *); void config_free_proposals(struct iked_proposals *, unsigned int); void config_free_flows(struct iked *, struct iked_flows *); void config_free_childsas(struct iked *, struct iked_childsas *, struct iked_spi *, struct iked_spi *); -struct iked_transform * - config_add_transform(struct iked_proposal *, +int config_add_transform(struct iked_proposal *, unsigned int, unsigned int, unsigned int, unsigned int); int config_setcoupled(struct iked *, unsigned int); int config_getcoupled(struct iked *, unsigned int); diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index 0b9087e1630..13d00e50524 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.286 2020/11/24 22:14:31 tobhe Exp $ */ +/* $OpenBSD: ikev2.c,v 1.287 2020/11/25 22:17:13 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -3680,7 +3680,7 @@ ikev2_set_sa_proposal(struct iked_sa *sa, struct iked_policy *pol, xform = &prop->prop_xforms[i]; if (config_add_transform(copy, xform->xform_type, xform->xform_id, xform->xform_length, - xform->xform_keylength) == NULL) + xform->xform_keylength) != 0) return (-1); } } diff --git a/sbin/iked/ikev2_pld.c b/sbin/iked/ikev2_pld.c index 47c7d68af92..f91b4cefa2c 100644 --- a/sbin/iked/ikev2_pld.c +++ b/sbin/iked/ikev2_pld.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_pld.c,v 1.113 2020/11/23 19:20:08 tobhe Exp $ */ +/* $OpenBSD: ikev2_pld.c,v 1.114 2020/11/25 22:17:14 tobhe Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -345,6 +345,7 @@ ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, uint32_t spi32; uint64_t spi = 0, spi64; uint8_t *msgbuf = ibuf_data(msg->msg_data); + int r; struct iked_proposals *props; size_t total; @@ -430,10 +431,20 @@ ikev2_pld_sa(struct iked *env, struct ikev2_payload *pld, /* * Parse the attached transforms */ - if (sap.sap_transforms && - ikev2_pld_xform(env, msg, offset, total) != 0) { - log_debug("%s: invalid proposal transforms", __func__); - return (-1); + if (sap.sap_transforms) { + r = ikev2_pld_xform(env, msg, offset, total); + if ((r == -2) && ikev2_msg_frompeer(msg)) { + log_debug("%s: invalid proposal transform", + __func__); + + /* cleanup and ignore proposal */ + config_free_proposal(props, prop); + prop = msg->msg_parent->msg_prop = NULL; + } else if (r != 0) { + log_debug("%s: invalid proposal transforms", + __func__); + return (-1); + } } offset += total; @@ -479,6 +490,7 @@ ikev2_pld_xform(struct iked *env, struct iked_message *msg, struct ikev2_transform xfrm; char id[BUFSIZ]; int ret = 0; + int r; size_t xfrm_length; if (ikev2_validate_xform(msg, offset, total, &xfrm)) @@ -529,11 +541,17 @@ ikev2_pld_xform(struct iked *env, struct iked_message *msg, } if (ikev2_msg_frompeer(msg)) { - if (config_add_transform(msg->msg_parent->msg_prop, + r = config_add_transform(msg->msg_parent->msg_prop, xfrm.xfrm_type, betoh16(xfrm.xfrm_id), - msg->msg_attrlength, msg->msg_attrlength) == NULL) { - log_debug("%s: failed to add transform", __func__); - return (-1); + msg->msg_attrlength, msg->msg_attrlength); + if (r == -1) { + log_debug("%s: failed to add transform: alloc error", + __func__); + return (r); + } else if (r == -2) { + log_debug("%s: failed to add transform: unknown type", + __func__); + return (r); } } diff --git a/sbin/iked/policy.c b/sbin/iked/policy.c index 0b86540787b..430833ed3b7 100644 --- a/sbin/iked/policy.c +++ b/sbin/iked/policy.c @@ -1,4 +1,4 @@ -/* $OpenBSD: policy.c,v 1.71 2020/11/18 22:24:03 tobhe Exp $ */ +/* $OpenBSD: policy.c,v 1.72 2020/11/25 22:17:14 tobhe Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -862,7 +862,7 @@ proposals_negotiate(struct iked_proposals *result, struct iked_proposals *local, if (config_add_transform(prop, chosen[i].xform_type, chosen[i].xform_id, chosen[i].xform_length, - chosen[i].xform_keylength) == NULL) + chosen[i].xform_keylength) != 0) break; } |