27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <config.h>
33
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/socket.h>
37
38 #include <netinet/in.h>
39 #include <sys/queue.h>
40
41 #ifdef HAVE_NETINET6_IPSEC_H
42 # include <netinet6/ipsec.h>
43 #else
44 # ifdef HAVE_NETIPSEC_IPSEC_H
45 # include <netipsec/ipsec.h>
46 # else
47 # include <linux/ipsec.h>
48 # endif
49 #endif
50
51 #include <stdlib.h>
52 #include <stdio.h>
53 #include <string.h>
54 #include <errno.h>
55 #if TIME_WITH_SYS_TIME
56 # include <sys/time.h>
57 # include <time.h>
58 #else
59 # if HAVE_SYS_TIME_H
60 # include <sys/time.h>
61 # else
62 # include <time.h>
63 # endif
64 #endif
65 #ifdef ENABLE_HYBRID
66 #include <resolv.h>
67 #endif
68
869 case ISAKMP_NTYPE_R_U_THERE_ACK:
870 isakmp_info_recv_r_u_ack(iph1, (struct isakmp_pl_ru *)n,
871 ((struct isakmp *)msg->v)->msgid);
872 break;
873
874 default:
875 {
876 uint32_t msgid = ((struct isakmp *)msg->v)->msgid;
877 struct ph2handle *iph2;
878
879 /* XXX there is a potential of dos attack. */
880 if (msgid == 0) {
881 /* delete ph1 */
882 plog(PLOG_PROTOERR, PLOGLOC, 0,
883 "delete phase1 handle.\n");
884 return -1;
885 } else {
886 iph2 = getph2bymsgid(iph1, msgid);
887 if (iph2 == NULL) {
888 plog(PLOG_PROTOERR, PLOGLOC, 0,
889 "unknown notify message, "
890 "no phase2 handle found.\n");
891 } else {
892 /* delete ph2 */
893 unbindph12(iph2);
894 remph2(iph2);
895 delph2(iph2);
896 }
897 }
898 }
899 break;
900 }
901
902 /* get spi and allocate */
903 if (get_uint16(&n->h.len) < sizeof(*n) + n->spi_size) {
904 plog(PLOG_PROTOERR, PLOGLOC, 0,
905 "invalid spi_size in notification payload.\n");
906 return -1;
907 }
908 spi = val2str((char *)(n + 1), n->spi_size);
909
910 plog(PLOG_DEBUG, PLOGLOC, 0,
|
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <config.h>
33
34 #include <sys/types.h>
35 #include <sys/param.h>
36 #include <sys/socket.h>
37
38 #include <netinet/in.h>
39 #include <sys/queue.h>
40
41 #ifdef HAVE_NETINET6_IPSEC_H
42 # include <netinet6/ipsec.h>
43 #else
44 # ifdef HAVE_NETIPSEC_IPSEC_H
45 # include <netipsec/ipsec.h>
46 # else
47 # ifndef sun /* XXX KEBE SAYS OpenSolaris */
48 # include <linux/ipsec.h>
49 # endif
50 # endif
51 #endif
52
53 #include <stdlib.h>
54 #include <stdio.h>
55 #include <string.h>
56 #include <errno.h>
57 #if TIME_WITH_SYS_TIME
58 # include <sys/time.h>
59 # include <time.h>
60 #else
61 # if HAVE_SYS_TIME_H
62 # include <sys/time.h>
63 # else
64 # include <time.h>
65 # endif
66 #endif
67 #ifdef ENABLE_HYBRID
68 #include <resolv.h>
69 #endif
70
871 case ISAKMP_NTYPE_R_U_THERE_ACK:
872 isakmp_info_recv_r_u_ack(iph1, (struct isakmp_pl_ru *)n,
873 ((struct isakmp *)msg->v)->msgid);
874 break;
875
876 default:
877 {
878 uint32_t msgid = ((struct isakmp *)msg->v)->msgid;
879 struct ph2handle *iph2;
880
881 /* XXX there is a potential of dos attack. */
882 if (msgid == 0) {
883 /* delete ph1 */
884 plog(PLOG_PROTOERR, PLOGLOC, 0,
885 "delete phase1 handle.\n");
886 return -1;
887 } else {
888 iph2 = getph2bymsgid(iph1, msgid);
889 if (iph2 == NULL) {
890 plog(PLOG_PROTOERR, PLOGLOC, 0,
891 "unknown notify message (%d), "
892 "no phase2 handle found.\n", type);
893 } else {
894 /* delete ph2 */
895 unbindph12(iph2);
896 remph2(iph2);
897 delph2(iph2);
898 }
899 }
900 }
901 break;
902 }
903
904 /* get spi and allocate */
905 if (get_uint16(&n->h.len) < sizeof(*n) + n->spi_size) {
906 plog(PLOG_PROTOERR, PLOGLOC, 0,
907 "invalid spi_size in notification payload.\n");
908 return -1;
909 }
910 spi = val2str((char *)(n + 1), n->spi_size);
911
912 plog(PLOG_DEBUG, PLOGLOC, 0,
|