1c91307af2622f6625525f3c1f9c954376df950adChia-chi Yeh/* $NetBSD: vendorid.c,v 1.4 2006/09/09 16:22:10 manu Exp $ */ 20a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 30a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Id: vendorid.c,v 1.10 2006/02/22 16:10:21 vanhu Exp */ 40a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 50a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 60a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. 70a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * All rights reserved. 80a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 90a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Redistribution and use in source and binary forms, with or without 100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * modification, are permitted provided that the following conditions 110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * are met: 120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 1. Redistributions of source code must retain the above copyright 130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer. 140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2. Redistributions in binary form must reproduce the above copyright 150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * notice, this list of conditions and the following disclaimer in the 160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * documentation and/or other materials provided with the distribution. 170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 3. Neither the name of the project nor the names of its contributors 180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * may be used to endorse or promote products derived from this software 190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * without specific prior written permission. 200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND 220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE 250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * SUCH DAMAGE. 320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "config.h" 350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/types.h> 370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <sys/param.h> 380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <stdlib.h> 400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <stdio.h> 410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <string.h> 420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <errno.h> 430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include <ctype.h> 440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "var.h" 460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "misc.h" 470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "vmbuf.h" 480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "plog.h" 490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "debug.h" 500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "localconf.h" 520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp_var.h" 530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "isakmp.h" 540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "vendorid.h" 550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#include "crypto_openssl.h" 56adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#include "handler.h" 57adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#include "remoteconf.h" 58adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#ifdef ENABLE_NATT 59adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#include "nattraversal.h" 60adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#endif 61adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#ifdef ENABLE_HYBRID 62adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#include "isakmp_xauth.h" 63adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#include "isakmp_cfg.h" 64adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#endif 650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstatic struct vendor_id all_vendor_ids[] = { 670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_IPSEC_TOOLS, "IPSec-Tools" }, 680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_GSSAPI_LONG, "A GSS-API Authentication Method for IKE" }, 690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_GSSAPI , "GSSAPI" }, 700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_MS_NT5 , "MS NT5 ISAKMPOAKLEY" }, 710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_00 , "draft-ietf-ipsec-nat-t-ike-00" }, 720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_01 , "draft-ietf-ipsec-nat-t-ike-01" }, 730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_02 , "draft-ietf-ipsec-nat-t-ike-02" }, 740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_02_N , "draft-ietf-ipsec-nat-t-ike-02\n" }, 750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_03 , "draft-ietf-ipsec-nat-t-ike-03" }, 760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_04 , "draft-ietf-ipsec-nat-t-ike-04" }, 770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_05 , "draft-ietf-ipsec-nat-t-ike-05" }, 780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_06 , "draft-ietf-ipsec-nat-t-ike-06" }, 790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_07 , "draft-ietf-ipsec-nat-t-ike-07" }, 800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_08 , "draft-ietf-ipsec-nat-t-ike-08" }, 810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_NATT_RFC , "RFC 3947" }, 820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_XAUTH , "draft-ietf-ipsra-isakmp-xauth-06.txt" }, 830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_UNITY , "CISCO-UNITY" }, 840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_FRAG , "FRAGMENTATION" }, 850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Just a readable string for DPD ... */ 860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_DPD , "DPD" }, 870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* Other known Vendor IDs */ 880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ VENDORID_KAME , "KAME/racoon" }, 890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang}; 900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define NUMVENDORIDS (sizeof(all_vendor_ids)/sizeof(all_vendor_ids[0])) 920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define DPD_MAJOR_VERSION 0x01 940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang#define DPD_MINOR_VERSION 0x00 950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangconst char vendorid_dpd_hash[] = { 970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0xAF, 0xCA, 0xD7, 0x13, 980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0x68, 0xA1, 0xF1, 0xC9, 990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0x6B, 0x86, 0x96, 0xFC, 1000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 0x77, 0x57, DPD_MAJOR_VERSION, DPD_MINOR_VERSION 1010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang}; 1020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstatic vchar_t *vendorid_fixup(int, vchar_t *t); 1050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstatic struct vendor_id * 1070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wanglookup_vendor_id_by_id (int id) 1080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int i; 1100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (i = 0; i < NUMVENDORIDS; i++) 1120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (all_vendor_ids[i].id == id) 1130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return &all_vendor_ids[i]; 1140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return NULL; 1160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 1170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangconst char * 1190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvid_string_by_id (int id) 1200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct vendor_id *current; 1220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (id == VENDORID_DPD) 1240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return vendorid_dpd_hash; 1250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang current = lookup_vendor_id_by_id(id); 1270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return current ? current->string : NULL; 1290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 1300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstatic struct vendor_id * 1320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wanglookup_vendor_id_by_hash (const char *hash) 1330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int i; 1350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang unsigned char *h = (unsigned char *)hash; 1360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (i = 0; i < NUMVENDORIDS; i++) 1380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (strncmp(all_vendor_ids[i].hash->v, hash, 1390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang all_vendor_ids[i].hash->l) == 0) 1400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return &all_vendor_ids[i]; 1410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return NULL; 1430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 1440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvoid 1460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangcompute_vendorids (void) 1470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int i; 1490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t vid; 1500a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1510a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang for (i = 0; i < NUMVENDORIDS; i++) { 1520a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* VENDORID_DPD is not a MD5 sum... */ 1530a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if(all_vendor_ids[i].id == VENDORID_DPD){ 1540a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang all_vendor_ids[i].hash = vmalloc(sizeof(vendorid_dpd_hash)); 1550a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (all_vendor_ids[i].hash == NULL) { 1560a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_ERROR, LOCATION, NULL, 1570a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "unable to get memory for VID hash\n"); 1580a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang exit(1); /* this really shouldn't happen */ 1590a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1600a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang memcpy(all_vendor_ids[i].hash->v, vendorid_dpd_hash, 1610a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang sizeof(vendorid_dpd_hash)); 1620a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang continue; 1630a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1640a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1650a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vid.v = (char *) all_vendor_ids[i].string; 1660a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vid.l = strlen(vid.v); 1670a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1680a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang all_vendor_ids[i].hash = eay_md5_one(&vid); 1690a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (all_vendor_ids[i].hash == NULL) 1700a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_ERROR, LOCATION, NULL, 1710a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "unable to hash vendor ID string\n"); 1720a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1730a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* Special cases */ 1740a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang all_vendor_ids[i].hash = 1750a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vendorid_fixup(all_vendor_ids[i].id, 1760a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang all_vendor_ids[i].hash); 1770a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1780a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 1790a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1800a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 1810a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * set hashed vendor id. 1820a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * hash function is always MD5. 1830a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 1840a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvchar_t * 1850a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangset_vendorid(int vendorid) 1860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 1870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct vendor_id *current; 1880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t vid, *new; 1890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (vendorid == VENDORID_UNKNOWN) { 1910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* 1920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * The default unknown ID gets translated to 1930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * KAME/racoon. 1940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 1950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vendorid = VENDORID_DEFAULT; 1960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 1970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 1980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang current = lookup_vendor_id_by_id(vendorid); 1990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (current == NULL) { 2000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_ERROR, LOCATION, NULL, 2010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "invalid vendor ID index: %d\n", vendorid); 2020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return (NULL); 2030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 2040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang /* The rest of racoon expects a private copy 2060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * of the VID that could be free'd after use. 2070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * That's why we don't return the original pointer. */ 2080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return vdup(current->hash); 2090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 2100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang/* 2120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * Check the vendor ID payload -- return the vendor ID index 2130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * if we find a recognized one, or UNKNOWN if we don't. 2140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * 2150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang * gen ... points to Vendor ID payload. 2160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang */ 217c91307af2622f6625525f3c1f9c954376df950adChia-chi Yehint 2180a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangcheck_vendorid(struct isakmp_gen *gen) 2190a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 2200a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t vid, *vidhash; 2210a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int i, vidlen; 2220a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang struct vendor_id *current; 2230a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2240a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (gen == NULL) 2250a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return (VENDORID_UNKNOWN); 2260a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2270a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vidlen = ntohs(gen->len) - sizeof(*gen); 2280a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2290a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang current = lookup_vendor_id_by_hash((char *)(gen + 1)); 2300a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (!current) 2310a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang goto unknown; 2320a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2330a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if (current->hash->l < vidlen) 2340a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_INFO, LOCATION, NULL, 2350a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "received broken Microsoft ID: %s\n", 2360a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang current->string); 2370a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang else 2380a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_INFO, LOCATION, NULL, 2390a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "received Vendor ID: %s\n", 2400a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang current->string); 2410a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2420a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return current->id; 2430a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2440a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangunknown: 2450a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_DEBUG, LOCATION, NULL, "received unknown Vendor ID\n"); 2460a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plogdump(LLV_DEBUG, (char *)(gen + 1), vidlen); 2470a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return (VENDORID_UNKNOWN); 2480a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 2490a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 250adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yehint 251adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yehhandle_vendorid(struct ph1handle *iph1, struct isakmp_gen *gen) 252adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh{ 253adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh int vid_numeric; 254adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh 255adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh vid_numeric = check_vendorid(gen); 256adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh if (vid_numeric == VENDORID_UNKNOWN) 257adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh return vid_numeric; 258adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh 259adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#ifdef ENABLE_NATT 260adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh if (natt_vendorid(vid_numeric)) 261adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh natt_handle_vendorid(iph1, vid_numeric); 262adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#endif 263adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#ifdef ENABLE_HYBRID 264adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh switch (vid_numeric) { 265adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh case VENDORID_XAUTH: 266adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh iph1->mode_cfg->flags |= ISAKMP_CFG_VENDORID_XAUTH; 267adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh break; 268adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh case VENDORID_UNITY: 269adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh iph1->mode_cfg->flags |= ISAKMP_CFG_VENDORID_UNITY; 270adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh break; 271adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh default: 272adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh break; 273adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh } 274adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#endif 275adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#ifdef ENABLE_DPD 276adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh if (vid_numeric == VENDORID_DPD && 277adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh (iph1->rmconf == NULL || iph1->rmconf->dpd)) { 278adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh iph1->dpd_support = 1; 279adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh plog(LLV_DEBUG, LOCATION, NULL, "remote supports DPD\n"); 280adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh } 281adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh#endif 282adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh 283adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh return vid_numeric; 284adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh} 285adfbc90a9f63d1e0c87b4b17689c07cd3c781a0eChia-chi Yeh 2860a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangstatic vchar_t * 2870a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wangvendorid_fixup(vendorid, vidhash) 2880a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang int vendorid; 2890a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t *vidhash; 2900a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang{ 2910a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang switch(vendorid) { 2920a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang case VENDORID_XAUTH: { /* The vendor Id is truncated */ 2930a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vchar_t *tmp; 2940a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 2950a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang if ((tmp = vmalloc(8)) == NULL) { 2960a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang plog(LLV_ERROR, LOCATION, NULL, 2970a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang "unable to hash vendor ID string\n"); 2980a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return NULL; 2990a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 3000a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3010a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang memcpy(tmp->v, vidhash->v, 8); 3020a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vfree(vidhash); 3030a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vidhash = tmp; 3040a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3050a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang break; 3060a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 3070a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang case VENDORID_UNITY: /* Two bytes tweak */ 3080a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vidhash->v[14] = 0x01; 3090a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang vidhash->v[15] = 0x00; 3100a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang break; 3110a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3120a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang default: 3130a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang break; 3140a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang } 3150a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang 3160a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang return vidhash; 3170a1907d434839af6a9cb6329bbde60b237bf53dcChung-yih Wang} 318