From b74fabda470fd529f8a7b63d5445bebde82e9273 Mon Sep 17 00:00:00 2001 From: Patrick Wildt Date: Fri, 10 May 2019 15:02:18 +0000 Subject: Enforce messages after IKE_SA_INIT exchange to contain only encrypted payloads. Also increment message id only for valid messages. From Tobias Heider ok sthen@ --- sbin/iked/iked.h | 4 +++- sbin/iked/ikev2.c | 30 ++++++++++++++++++++---------- sbin/iked/ikev2_msg.c | 4 ++-- 3 files changed, 25 insertions(+), 13 deletions(-) (limited to 'sbin') diff --git a/sbin/iked/iked.h b/sbin/iked/iked.h index 9e2972c6ebf..ce55aec2aa5 100644 --- a/sbin/iked/iked.h +++ b/sbin/iked/iked.h @@ -1,4 +1,4 @@ -/* $OpenBSD: iked.h,v 1.119 2018/08/06 06:30:06 mestre Exp $ */ +/* $OpenBSD: iked.h,v 1.120 2019/05/10 15:02:17 patrick Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -366,6 +366,7 @@ struct iked_sa { struct iked_sahdr sa_hdr; uint32_t sa_msgid; /* Last request rcvd */ int sa_msgid_set; /* msgid initialized */ + uint32_t sa_msgid_current; /* Current requested rcvd */ uint32_t sa_reqid; /* Next request sent */ int sa_type; @@ -491,6 +492,7 @@ struct iked_message { int msg_fd; int msg_response; int msg_responded; + int msg_valid; int msg_natt; int msg_natt_rcvd; int msg_error; diff --git a/sbin/iked/ikev2.c b/sbin/iked/ikev2.c index c928267a682..f1573417be1 100644 --- a/sbin/iked/ikev2.c +++ b/sbin/iked/ikev2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2.c,v 1.168 2019/02/27 06:33:56 sthen Exp $ */ +/* $OpenBSD: ikev2.c,v 1.169 2019/05/10 15:02:17 patrick Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -438,6 +438,10 @@ ikev2_recv(struct iked *env, struct iked_message *msg) if (hdr->ike_exchange == IKEV2_EXCHANGE_INFORMATIONAL) flag = IKED_REQ_INF; + if (hdr->ike_exchange != IKEV2_EXCHANGE_IKE_SA_INIT && + hdr->ike_nextpayload != IKEV2_PAYLOAD_SK) + return; + if (msg->msg_response) { if (msg->msg_msgid > sa->sa_reqid) return; @@ -497,15 +501,7 @@ ikev2_recv(struct iked *env, struct iked_message *msg) */ return; } - /* - * If it's a new request, make sure to update the peer's - * message ID and dispose of all previous responses. - * We need to set sa_msgid_set in order to distinguish between - * "last msgid was 0" and "msgid not set yet". - */ - sa->sa_msgid = msg->msg_msgid; - sa->sa_msgid_set = 1; - ikev2_msg_prevail(env, &sa->sa_responses, msg); + sa->sa_msgid_current = msg->msg_msgid; } if (sa_address(sa, &sa->sa_peer, &msg->msg_peer) == -1 || @@ -524,6 +520,18 @@ done: else ikev2_resp_recv(env, msg, hdr); + if (sa != NULL && !msg->msg_response && msg->msg_valid) { + /* + * If it's a valid request, make sure to update the peer's + * message ID and dispose of all previous responses. + * We need to set sa_msgid_set in order to distinguish between + * "last msgid was 0" and "msgid not set yet". + */ + sa->sa_msgid = sa->sa_msgid_current; + sa->sa_msgid_set = 1; + ikev2_msg_prevail(env, &sa->sa_responses, msg); + } + if (sa != NULL && sa->sa_state == IKEV2_STATE_CLOSED) { log_debug("%s: closing SA", __func__); sa_free(env, sa); @@ -2283,6 +2291,8 @@ ikev2_resp_recv(struct iked *env, struct iked_message *msg, if ((sa = msg->msg_sa) == NULL) return; + msg->msg_valid = 1; + if (msg->msg_natt && sa->sa_natt == 0) { log_debug("%s: NAT-T message received, updated SA", __func__); sa->sa_natt = 1; diff --git a/sbin/iked/ikev2_msg.c b/sbin/iked/ikev2_msg.c index e94d699e6cf..b559990bec4 100644 --- a/sbin/iked/ikev2_msg.c +++ b/sbin/iked/ikev2_msg.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikev2_msg.c,v 1.53 2017/11/27 18:39:35 patrick Exp $ */ +/* $OpenBSD: ikev2_msg.c,v 1.54 2019/05/10 15:02:17 patrick Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter @@ -643,7 +643,7 @@ ikev2_msg_send_encrypt(struct iked *env, struct iked_sa *sa, struct ibuf **ep, sa->sa_local.addr.ss_len, response)) == NULL) goto done; - resp.msg_msgid = response ? sa->sa_msgid : ikev2_msg_id(env, sa); + resp.msg_msgid = response ? sa->sa_msgid_current : ikev2_msg_id(env, sa); /* IKE header */ if ((hdr = ikev2_add_header(buf, sa, resp.msg_msgid, IKEV2_PAYLOAD_SK, -- cgit v1.2.3