pulse.c 87 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973
  1. /*
  2. * OpenConnect (SSL + DTLS) VPN client
  3. *
  4. * Copyright © 2019 David Woodhouse.
  5. *
  6. * Author: David Woodhouse <dwmw2@infradead.org>
  7. *
  8. * This program is free software; you can redistribute it and/or
  9. * modify it under the terms of the GNU Lesser General Public License
  10. * version 2.1, as published by the Free Software Foundation.
  11. *
  12. * This program is distributed in the hope that it will be useful, but
  13. * WITHOUT ANY WARRANTY; without even the implied warranty of
  14. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  15. * Lesser General Public License for more details.
  16. */
  17. #include <config.h>
  18. #include "openconnect-internal.h"
  19. #include <unistd.h>
  20. #include <fcntl.h>
  21. #include <sys/types.h>
  22. #include <time.h>
  23. #include <string.h>
  24. #include <ctype.h>
  25. #include <errno.h>
  26. #include <stdlib.h>
  27. #include <stdio.h>
  28. #include <stdarg.h>
  29. #define VENDOR_JUNIPER 0xa4c
  30. #define VENDOR_JUNIPER2 0x583
  31. #define VENDOR_TCG 0x5597
  32. #define IFT_VERSION_REQUEST 1
  33. #define IFT_VERSION_RESPONSE 2
  34. #define IFT_CLIENT_AUTH_REQUEST 3
  35. #define IFT_CLIENT_AUTH_SELECTION 4
  36. #define IFT_CLIENT_AUTH_CHALLENGE 5
  37. #define IFT_CLIENT_AUTH_RESPONSE 6
  38. #define IFT_CLIENT_AUTH_SUCCESS 7
  39. /* IF-T/TLS v1 authentication messages all start
  40. * with the Auth Type Vendor (Juniper) + Type (1) */
  41. #define JUNIPER_1 ((VENDOR_JUNIPER << 8) | 1)
  42. #define AVP_VENDOR 0x80
  43. #define AVP_MANDATORY 0x40
  44. #define EAP_REQUEST 1
  45. #define EAP_RESPONSE 2
  46. #define EAP_SUCCESS 3
  47. #define EAP_FAILURE 4
  48. #define EAP_TYPE_IDENTITY 1
  49. #define EAP_TYPE_GTC 6
  50. #define EAP_TYPE_TLS 0x0d
  51. #define EAP_TYPE_TTLS 0x15
  52. #define EAP_TYPE_EXPANDED 0xfe
  53. #define EXPANDED_JUNIPER ((EAP_TYPE_EXPANDED << 24) | VENDOR_JUNIPER)
  54. #define AVP_CODE_EAP_MESSAGE 79
  55. #if defined(OPENCONNECT_OPENSSL)
  56. #define TTLS_SEND SSL_write
  57. #define TTLS_RECV SSL_read
  58. #elif defined(OPENCONNECT_GNUTLS)
  59. #define TTLS_SEND gnutls_record_send
  60. #define TTLS_RECV gnutls_record_recv
  61. #endif
  62. /* Flags for prompt handling during authentication, based on the contents of the 0xd73 AVP (qv). */
  63. #define PROMPT_PRIMARY 1
  64. #define PROMPT_USERNAME 2
  65. #define PROMPT_PASSWORD 4
  66. #define PROMPT_GTC_NEXT 0x10000
  67. /* Request codes for the Juniper Expanded/2 auth requests. */
  68. #define J2_PASSCHANGE 0x43
  69. #define J2_PASSREQ 0x01
  70. #define J2_PASSRETRY 0x81
  71. #define J2_PASSFAIL 0xc5
  72. /* Limit to TLS record size. */
  73. #define TLS_RECORD_MAX (16384)
  74. /* Outbound fragment size limit */
  75. #define TTLS_MAXFRAG (8192)
  76. #define TTLS_LENGTH (1<<7)
  77. #define TTLS_MOREFRAGS (1<<6)
  78. #define TTLS_START (1<<5)
  79. static void buf_append_ift_hdr(struct oc_text_buf *buf, uint32_t vendor, uint32_t type)
  80. {
  81. uint32_t b[4];
  82. store_be32(&b[0], vendor);
  83. store_be32(&b[1], type);
  84. b[2] = 0; /* Length will be filled in later. */
  85. b[3] = 0;
  86. buf_append_bytes(buf, b, 16);
  87. }
  88. /* Append EAP header, using VENDOR_JUNIPER and the given subtype if
  89. * the main type is EAP_TYPE_EXPANDED */
  90. static int buf_append_eap_hdr(struct oc_text_buf *buf, uint8_t code, uint8_t ident, uint8_t type,
  91. uint32_t subtype)
  92. {
  93. unsigned char b[24];
  94. int len_ofs = -1;
  95. if (!buf_error(buf))
  96. len_ofs = buf->pos;
  97. b[0] = code;
  98. b[1] = ident;
  99. b[2] = b[3] = 0; /* Length is filled in later. */
  100. if (type == EAP_TYPE_EXPANDED) {
  101. store_be32(b + 4, EXPANDED_JUNIPER);
  102. store_be32(b + 8, subtype);
  103. buf_append_bytes(buf, b, 12);
  104. } else {
  105. b[4] = type;
  106. buf_append_bytes(buf, b, 5);
  107. }
  108. return len_ofs;
  109. }
  110. /* For an IF-T/TLS auth frame containing the Juniper/1 Auth Type,
  111. * the EAP header is at offset 0x14. Fill in the length field,
  112. * based on the current length of the buf */
  113. static void buf_fill_eap_len(struct oc_text_buf *buf, int ofs)
  114. {
  115. /* EAP length word is always at 0x16, and counts bytes from 0x14 */
  116. if (ofs >= 0 && !buf_error(buf) && buf->pos >= ofs + 4)
  117. store_be16(buf->data + ofs + 2, buf->pos - ofs);
  118. }
  119. static void buf_append_avp(struct oc_text_buf *buf, uint32_t type, const void *bytes, int len)
  120. {
  121. buf_append_be32(buf, type);
  122. buf_append_be16(buf, 0x8000);
  123. buf_append_be16(buf, len + 12);
  124. buf_append_be32(buf, VENDOR_JUNIPER2);
  125. buf_append_bytes(buf, bytes, len);
  126. if (len & 3) {
  127. uint32_t pad = 0;
  128. buf_append_bytes(buf, &pad, 4 - ( len & 3 ));
  129. }
  130. }
  131. static void buf_append_avp_string(struct oc_text_buf *buf, uint32_t type, const char *str)
  132. {
  133. buf_append_avp(buf, type, str, strlen(str));
  134. }
  135. static void buf_append_avp_be32(struct oc_text_buf *buf, uint32_t type, uint32_t val)
  136. {
  137. uint32_t val_be;
  138. store_be32(&val_be, val);
  139. buf_append_avp(buf, type, &val_be, sizeof(val_be));
  140. }
  141. static int valid_ift_success(unsigned char *bytes, int len)
  142. {
  143. if (len != 0x18 || (load_be32(bytes) & 0xffffff) != VENDOR_TCG ||
  144. load_be32(bytes + 4) != IFT_CLIENT_AUTH_SUCCESS ||
  145. load_be32(bytes + 8) != len ||
  146. load_be32(bytes + 0x10) != JUNIPER_1 ||
  147. bytes[0x14] != EAP_SUCCESS ||
  148. load_be16(bytes + 0x16) != len - 0x14)
  149. return 0;
  150. return 1;
  151. }
  152. /* Check for a valid IF-T/TLS auth challenge of the Juniper/1 Auth Type */
  153. static int valid_ift_auth(unsigned char *bytes, int len)
  154. {
  155. if (len < 0x14 || (load_be32(bytes) & 0xffffff) != VENDOR_TCG ||
  156. load_be32(bytes + 4) != IFT_CLIENT_AUTH_CHALLENGE ||
  157. load_be32(bytes + 8) != len ||
  158. load_be32(bytes + 0x10) != JUNIPER_1)
  159. return 0;
  160. return 1;
  161. }
  162. static int valid_ift_auth_eap(unsigned char *bytes, int len)
  163. {
  164. /* Needs to be a valid IF-T/TLS auth challenge with the
  165. * expect Auth Type, *and* the payload has to be a valid
  166. * EAP request with correct length field. */
  167. if (!valid_ift_auth(bytes, len) || len < 0x19 ||
  168. bytes[0x14] != EAP_REQUEST ||
  169. load_be16(bytes + 0x16) != len - 0x14)
  170. return 0;
  171. return 1;
  172. }
  173. static int valid_ift_auth_eap_exj1(unsigned char *bytes, int len)
  174. {
  175. /* Also needs to be the Expanded Juniper/1 EAP Type */
  176. if (!valid_ift_auth_eap(bytes, len) || len < 0x20 ||
  177. load_be32(bytes + 0x18) != EXPANDED_JUNIPER ||
  178. load_be32(bytes + 0x1c) != 1)
  179. return 0;
  180. return 1;
  181. }
  182. static int process_attr(struct openconnect_info *vpninfo, struct oc_vpn_option **new_opts,
  183. struct oc_ip_info *new_ip_info, uint16_t type,
  184. unsigned char *data, int attrlen)
  185. {
  186. struct oc_split_include *xc;
  187. char buf[80];
  188. int i;
  189. switch (type) {
  190. case 0x0001:
  191. if (attrlen != 4)
  192. goto badlen;
  193. snprintf(buf, sizeof(buf), "%d.%d.%d.%d", data[0], data[1], data[2], data[3]);
  194. vpn_progress(vpninfo, PRG_DEBUG, _("Received internal Legacy IP address %s\n"), buf);
  195. new_ip_info->addr = add_option_dup(new_opts, "ipaddr", buf, -1);
  196. break;
  197. case 0x0002:
  198. if (attrlen != 4)
  199. goto badlen;
  200. snprintf(buf, sizeof(buf), "%d.%d.%d.%d", data[0], data[1], data[2], data[3]);
  201. vpn_progress(vpninfo, PRG_DEBUG, _("Received netmask %s\n"), buf);
  202. new_ip_info->netmask = add_option_dup(new_opts, "netmask", buf, -1);
  203. break;
  204. case 0x0003:
  205. if (attrlen != 4)
  206. goto badlen;
  207. snprintf(buf, sizeof(buf), "%d.%d.%d.%d", data[0], data[1], data[2], data[3]);
  208. vpn_progress(vpninfo, PRG_DEBUG, _("Received DNS server %s\n"), buf);
  209. for (i = 0; i < 3; i++) {
  210. if (!new_ip_info->dns[i]) {
  211. new_ip_info->dns[i] = add_option_dup(new_opts, "DNS", buf, -1);
  212. break;
  213. }
  214. }
  215. break;
  216. case 0x0004:
  217. if (attrlen != 4)
  218. goto badlen;
  219. snprintf(buf, sizeof(buf), "%d.%d.%d.%d", data[0], data[1], data[2], data[3]);
  220. vpn_progress(vpninfo, PRG_DEBUG, _("Received WINS server %s\n"), buf);
  221. for (i = 0; i < 3; i++) {
  222. if (!new_ip_info->nbns[i]) {
  223. new_ip_info->nbns[i] = add_option_dup(new_opts, "WINS", buf, -1);
  224. break;
  225. }
  226. }
  227. break;
  228. case 0x0008:
  229. if (attrlen != 17)
  230. goto badlen;
  231. if (!inet_ntop(AF_INET6, data, buf, sizeof(buf))) {
  232. vpn_progress(vpninfo, PRG_ERR,
  233. _("Failed to handle IPv6 address\n"));
  234. return -EINVAL;
  235. }
  236. if (!vpninfo->disable_ipv6) {
  237. new_ip_info->addr6 = add_option_dup(new_opts, "ip6addr", buf, -1);
  238. i = strlen(buf);
  239. snprintf(buf + i, sizeof(buf) - i, "/%d", data[16]);
  240. new_ip_info->netmask6 = add_option_dup(new_opts, "ip6netmask", buf, -1);
  241. }
  242. vpn_progress(vpninfo, PRG_DEBUG, _("Received internal IPv6 address %s\n"), buf);
  243. break;
  244. case 0x000a:
  245. if (attrlen != 16)
  246. goto badlen;
  247. if (!inet_ntop(AF_INET6, data, buf, sizeof(buf))) {
  248. vpn_progress(vpninfo, PRG_ERR,
  249. _("Failed to handle IPv6 address\n"));
  250. return -EINVAL;
  251. }
  252. for (i = 0; i < 3; i++) {
  253. if (!new_ip_info->dns[i]) {
  254. new_ip_info->dns[i] = add_option_dup(new_opts, "DNS", buf, -1);
  255. break;
  256. }
  257. }
  258. vpn_progress(vpninfo, PRG_DEBUG, _("Received DNS server %s\n"), buf);
  259. break;
  260. case 0x000f:
  261. if (attrlen != 17)
  262. goto badlen;
  263. if (!inet_ntop(AF_INET6, data, buf, sizeof(buf))) {
  264. vpn_progress(vpninfo, PRG_ERR,
  265. _("Failed to handle IPv6 address\n"));
  266. return -EINVAL;
  267. }
  268. i = strlen(buf);
  269. snprintf(buf + i, sizeof(buf) - i, "/%d", data[16]);
  270. xc = malloc(sizeof(*xc));
  271. if (xc) {
  272. xc->route = add_option_dup(new_opts, "split-include6", buf, -1);
  273. if (xc->route) {
  274. xc->next = new_ip_info->split_includes;
  275. new_ip_info->split_includes = xc;
  276. } else
  277. free(xc);
  278. }
  279. vpn_progress(vpninfo, PRG_DEBUG, _("Received IPv6 split include %s\n"), buf);
  280. break;
  281. case 0x0010:
  282. if (attrlen != 17)
  283. goto badlen;
  284. if (!inet_ntop(AF_INET6, data, buf, sizeof(buf))) {
  285. vpn_progress(vpninfo, PRG_ERR,
  286. _("Failed to handle IPv6 address\n"));
  287. return -EINVAL;
  288. }
  289. i = strlen(buf);
  290. snprintf(buf + i, sizeof(buf) - i, "/%d", data[16]);
  291. xc = malloc(sizeof(*xc));
  292. if (xc) {
  293. xc->route = add_option_dup(new_opts, "split-exclude6", buf, -1);
  294. if (xc->route) {
  295. xc->next = new_ip_info->split_excludes;
  296. new_ip_info->split_excludes = xc;
  297. } else
  298. free(xc);
  299. }
  300. vpn_progress(vpninfo, PRG_DEBUG, _("Received IPv6 split exclude %s\n"), buf);
  301. break;
  302. case 0x4005:
  303. if (attrlen != 4) {
  304. badlen:
  305. vpn_progress(vpninfo, PRG_ERR,
  306. _("Unexpected length %d for attr 0x%x\n"),
  307. attrlen, type);
  308. return -EINVAL;
  309. }
  310. new_ip_info->mtu = load_be32(data);
  311. vpn_progress(vpninfo, PRG_DEBUG,
  312. _("Received MTU %d from server\n"),
  313. new_ip_info->mtu);
  314. break;
  315. case 0x4006:
  316. if (!attrlen)
  317. goto badlen;
  318. if (!data[attrlen-1])
  319. attrlen--;
  320. vpn_progress(vpninfo, PRG_DEBUG, _("Received DNS search domain %.*s\n"),
  321. attrlen, (char *)data);
  322. new_ip_info->domain = add_option_dup(new_opts, "search", (char *)data, attrlen);
  323. break;
  324. case 0x400b:
  325. if (attrlen != 4)
  326. goto badlen;
  327. snprintf(buf, sizeof(buf), "%d.%d.%d.%d", data[0], data[1], data[2], data[3]);
  328. vpn_progress(vpninfo, PRG_DEBUG, _("Received internal gateway address %s\n"), buf);
  329. /* Hm, what are we supposed to do with this? It's a tunnel;
  330. having a gateway is meaningless. */
  331. add_option_dup(new_opts, "gateway", buf, -1);
  332. break;
  333. case 0x4010: {
  334. const char *enctype;
  335. uint16_t val;
  336. if (attrlen != 2)
  337. goto badlen;
  338. val = load_be16(data);
  339. if (val == ENC_AES_128_CBC) {
  340. enctype = "AES-128";
  341. vpninfo->enc_key_len = 16;
  342. } else if (val == ENC_AES_256_CBC) {
  343. enctype = "AES-256";
  344. vpninfo->enc_key_len = 32;
  345. } else
  346. enctype = "unknown";
  347. vpn_progress(vpninfo, PRG_DEBUG, _("ESP encryption: 0x%04x (%s)\n"),
  348. val, enctype);
  349. vpninfo->esp_enc = val;
  350. break;
  351. }
  352. case 0x4011: {
  353. const char *mactype;
  354. uint16_t val;
  355. if (attrlen != 2)
  356. goto badlen;
  357. val = load_be16(data);
  358. if (val == HMAC_MD5) {
  359. mactype = "MD5";
  360. vpninfo->hmac_key_len = 16;
  361. } else if (val == HMAC_SHA1) {
  362. mactype = "SHA1";
  363. vpninfo->hmac_key_len = 20;
  364. } else if (val == HMAC_SHA256) {
  365. mactype = "SHA256";
  366. vpninfo->hmac_key_len = 32;
  367. } else
  368. mactype = "unknown";
  369. vpn_progress(vpninfo, PRG_DEBUG, _("ESP HMAC: 0x%04x (%s)\n"),
  370. val, mactype);
  371. vpninfo->esp_hmac = val;
  372. break;
  373. }
  374. case 0x4012:
  375. if (attrlen != 4)
  376. goto badlen;
  377. vpninfo->esp_lifetime_seconds = load_be32(data);
  378. vpn_progress(vpninfo, PRG_DEBUG, _("ESP key lifetime: %u seconds\n"),
  379. vpninfo->esp_lifetime_seconds);
  380. break;
  381. case 0x4013:
  382. if (attrlen != 4)
  383. goto badlen;
  384. vpninfo->esp_lifetime_bytes = load_be32(data);
  385. vpn_progress(vpninfo, PRG_DEBUG, _("ESP key lifetime: %u bytes\n"),
  386. vpninfo->esp_lifetime_bytes);
  387. break;
  388. case 0x4014:
  389. if (attrlen != 4)
  390. goto badlen;
  391. vpninfo->esp_replay_protect = load_be32(data);
  392. vpn_progress(vpninfo, PRG_DEBUG, _("ESP replay protection: %d\n"),
  393. load_be32(data));
  394. break;
  395. case 0x4016:
  396. if (attrlen != 2)
  397. goto badlen;
  398. i = load_be16(data);
  399. udp_sockaddr(vpninfo, i);
  400. vpn_progress(vpninfo, PRG_DEBUG, _("ESP port: %d\n"), i);
  401. break;
  402. case 0x4017:
  403. if (attrlen != 4)
  404. goto badlen;
  405. vpninfo->esp_ssl_fallback = load_be32(data);
  406. vpn_progress(vpninfo, PRG_DEBUG, _("ESP to SSL fallback: %u seconds\n"),
  407. vpninfo->esp_ssl_fallback);
  408. break;
  409. case 0x401a:
  410. if (attrlen != 1)
  411. goto badlen;
  412. /* Amusingly, this isn't enforced. It's client-only */
  413. vpn_progress(vpninfo, PRG_DEBUG, _("ESP only: %d\n"),
  414. data[0]);
  415. break;
  416. case 0x401e:
  417. if (attrlen != 16)
  418. goto badlen;
  419. if (!inet_ntop(AF_INET6, data, buf, sizeof(buf))) {
  420. vpn_progress(vpninfo, PRG_ERR,
  421. _("Failed to handle IPv6 address\n"));
  422. return -EINVAL;
  423. }
  424. vpn_progress(vpninfo, PRG_DEBUG, _("Received internal gateway IPv6 address %s\n"), buf);
  425. /* Hm, what are we supposed to do with this? It's a tunnel;
  426. having a gateway is meaningless. */
  427. add_option_dup(new_opts, "gateway6", buf, -1);
  428. break;
  429. /* 0x4022: disable proxy
  430. 0x400a: preserve proxy
  431. 0x4008: proxy (string)
  432. 0x4000: disconnect when routes changed
  433. 0x4015: tos copy
  434. 0x4001: tunnel routes take precedence
  435. 0x401f: tunnel routes with subnet access (also 4001 set)
  436. 0x4020: Enforce IPv4
  437. 0x4021: Enforce IPv6
  438. */
  439. default:
  440. buf[0] = 0;
  441. for (i=0; i < 16 && i < attrlen; i++)
  442. sprintf(buf + strlen(buf), " %02x", data[i]);
  443. if (attrlen > 16)
  444. sprintf(buf + strlen(buf), "...");
  445. vpn_progress(vpninfo, PRG_DEBUG,
  446. _("Unknown attr 0x%x len %d:%s\n"),
  447. type, attrlen, buf);
  448. }
  449. return 0;
  450. }
  451. static int recv_ift_packet(struct openconnect_info *vpninfo, void *buf, int len)
  452. {
  453. int ret = vpninfo->ssl_read(vpninfo, buf, len);
  454. if (ret > 0 && vpninfo->dump_http_traffic) {
  455. vpn_progress(vpninfo, PRG_TRACE,
  456. _("Read %d bytes of IF-T/TLS record\n"), ret);
  457. dump_buf_hex(vpninfo, PRG_TRACE, '<', buf, ret);
  458. }
  459. return ret;
  460. }
  461. static int send_ift_bytes(struct openconnect_info *vpninfo, void *bytes, int len)
  462. {
  463. int ret;
  464. store_be32(((char *)bytes) + 12, vpninfo->ift_seq++);
  465. dump_buf_hex(vpninfo, PRG_DEBUG, '>', (void *)bytes, len);
  466. ret = vpninfo->ssl_write(vpninfo, bytes, len);
  467. if (ret != len) {
  468. if (ret >= 0) {
  469. vpn_progress(vpninfo, PRG_ERR,
  470. _("Short write to IF-T/TLS\n"));
  471. ret = -EIO;
  472. }
  473. return ret;
  474. }
  475. return 0;
  476. }
  477. static int send_ift_packet(struct openconnect_info *vpninfo, struct oc_text_buf *buf)
  478. {
  479. if (buf_error(buf) || buf->pos < 16) {
  480. vpn_progress(vpninfo, PRG_ERR,
  481. _("Error creating IF-T packet\n"));
  482. return buf_error(buf);
  483. }
  484. /* Fill in the length word in the header with the full length of the buffer.
  485. * Also populate the sequence number. */
  486. store_be32(buf->data + 8, buf->pos);
  487. return send_ift_bytes(vpninfo, buf->data, buf->pos);
  488. }
  489. /* We create packets with IF-T/TLS headers prepended because that's the
  490. * larger header. In the case where they need to be sent over EAP-TTLS,
  491. * convert the header to the EAP-Message AVP instead. */
  492. static int send_eap_packet(struct openconnect_info *vpninfo, void *ttls, struct oc_text_buf *buf)
  493. {
  494. int ret;
  495. if (buf_error(buf) || buf->pos < 16) {
  496. vpn_progress(vpninfo, PRG_ERR,
  497. _("Error creating EAP packet\n"));
  498. return buf_error(buf);
  499. }
  500. if (!ttls)
  501. return send_ift_packet(vpninfo, buf);
  502. /* AVP EAP-Message header */
  503. store_be32(buf->data + 0x0c, AVP_CODE_EAP_MESSAGE);
  504. store_be32(buf->data + 0x10, buf->pos - 0xc);
  505. dump_buf_hex(vpninfo, PRG_DEBUG, '.', (void *)(buf->data + 0x0c), buf->pos - 0x0c);
  506. ret = TTLS_SEND(ttls, buf->data + 0x0c, buf->pos - 0x0c);
  507. if (ret != buf->pos - 0x0c)
  508. return -EIO;
  509. return 0;
  510. }
  511. /*
  512. * Using the given buffer, receive and validate an EAP request of the
  513. * Expanded Juniper/1 type, either natively over IF-T/TLS or by EAP-TTLS
  514. * over IF-T/TLS. Return a pointer to the EAP header, with its length and
  515. * type already validated.
  516. */
  517. static void *recv_eap_packet(struct openconnect_info *vpninfo, void *ttls, void *buf, int len)
  518. {
  519. unsigned char *cbuf = buf;
  520. int ret;
  521. if (!ttls) {
  522. ret = recv_ift_packet(vpninfo, buf, len);
  523. if (ret < 0)
  524. return NULL;
  525. if (!valid_ift_auth_eap_exj1(buf, ret)) {
  526. vpn_progress(vpninfo, PRG_ERR,
  527. _("Unexpected IF-T/TLS authentication challenge:\n"));
  528. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)buf, ret);
  529. return NULL;
  530. }
  531. return cbuf + 0x14;
  532. } else {
  533. ret = TTLS_RECV(ttls, buf, len);
  534. if (ret <= 8)
  535. return NULL;
  536. if (/* EAP-Message AVP */
  537. load_be32(cbuf) != AVP_CODE_EAP_MESSAGE ||
  538. /* Ignore the mandatory bit */
  539. (load_be32(cbuf+0x04) & ~0x40000000) != ret ||
  540. cbuf[0x08] != EAP_REQUEST ||
  541. load_be16(cbuf+0x0a) != ret - 8 ||
  542. load_be32(cbuf+0x0c) != EXPANDED_JUNIPER ||
  543. load_be32(cbuf+0x10) != 1) {
  544. vpn_progress(vpninfo, PRG_ERR,
  545. _("Unexpected EAP-TTLS payload:\n"));
  546. dump_buf_hex(vpninfo, PRG_ERR, '<', buf, ret);
  547. return NULL;
  548. }
  549. return cbuf + 0x08;
  550. }
  551. }
  552. static void dump_avp(struct openconnect_info *vpninfo, uint8_t flags,
  553. uint32_t vendor, uint32_t code, void *p, int len)
  554. {
  555. struct oc_text_buf *buf = buf_alloc();
  556. const char *pretty;
  557. int i;
  558. for (i = 0; i < len; i++)
  559. if (!isprint( ((char *)p)[i] ))
  560. break;
  561. if (i == len) {
  562. buf_append(buf, " '");
  563. buf_append_bytes(buf, p, len);
  564. buf_append(buf, "'");
  565. } else {
  566. for (i = 0; i < len; i++)
  567. buf_append(buf, " %02x", ((unsigned char *)p)[i]);
  568. }
  569. if (buf_error(buf))
  570. pretty = " <error>";
  571. else
  572. pretty = buf->data;
  573. if (flags & AVP_VENDOR)
  574. vpn_progress(vpninfo, PRG_TRACE, _("AVP 0x%x/0x%x:%s\n"), vendor, code, pretty);
  575. else
  576. vpn_progress(vpninfo, PRG_TRACE, _("AVP %d:%s\n"), code, pretty);
  577. buf_free(buf);
  578. }
  579. /* RFC5281 §10 */
  580. static int parse_avp(struct openconnect_info *vpninfo, void **pkt, int *pkt_len,
  581. void **avp_out, int *avp_len, uint8_t *avp_flags,
  582. uint32_t *avp_vendor, uint32_t *avp_code)
  583. {
  584. unsigned char *p = *pkt;
  585. int l = *pkt_len;
  586. uint32_t code, len, vendor = 0;
  587. uint8_t flags;
  588. if (l < 8)
  589. return -EINVAL;
  590. code = load_be32(p);
  591. len = load_be32(p + 4) & 0xffffff;
  592. flags = p[4];
  593. if (len > l || len < 8)
  594. return -EINVAL;
  595. p += 8;
  596. l -= 8;
  597. len -= 8;
  598. /* Vendor field is optional. */
  599. if (flags & AVP_VENDOR) {
  600. if (l < 4)
  601. return -EINVAL;
  602. vendor = load_be32(p);
  603. p += 4;
  604. l -= 4;
  605. len -= 4;
  606. }
  607. *avp_vendor = vendor;
  608. *avp_flags = flags;
  609. *avp_code = code;
  610. *avp_out = p;
  611. *avp_len = len;
  612. /* Now set up packet pointer and length for next AVP,
  613. * aligned to 4 octets (if they exist in the packet) */
  614. len = (len + 3) & ~3;
  615. if (len > l)
  616. len = l;
  617. *pkt = p + len;
  618. *pkt_len = l - len;
  619. return 0;
  620. }
  621. static int pulse_request_realm_entry(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf)
  622. {
  623. struct oc_auth_form f;
  624. struct oc_form_opt o;
  625. int ret;
  626. memset(&f, 0, sizeof(f));
  627. memset(&o, 0, sizeof(o));
  628. f.auth_id = (char *)"pulse_realm_entry";
  629. f.opts = &o;
  630. f.message = _("Enter Pulse user realm:");
  631. o.next = NULL;
  632. o.type = OC_FORM_OPT_TEXT;
  633. o.name = (char *)"realm";
  634. o.label = (char *)_("Realm:");
  635. ret = process_auth_form(vpninfo, &f);
  636. if (ret)
  637. return ret;
  638. if (o._value) {
  639. buf_append_avp_string(reqbuf, 0xd50, o._value);
  640. free_pass(&o._value);
  641. return 0;
  642. }
  643. return -EINVAL;
  644. }
  645. static int pulse_request_realm_choice(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf,
  646. int realms, unsigned char *eap)
  647. {
  648. uint8_t avp_flags;
  649. uint32_t avp_code;
  650. uint32_t avp_vendor;
  651. int avp_len;
  652. void *avp_p;
  653. struct oc_auth_form f;
  654. struct oc_form_opt_select o;
  655. int i = 0, ret;
  656. void *p;
  657. int l;
  658. l = load_be16(eap + 2) - 0x0c; /* Already validated */
  659. p = eap + 0x0c;
  660. memset(&f, 0, sizeof(f));
  661. memset(&o, 0, sizeof(o));
  662. f.auth_id = (char *)"pulse_realm_choice";
  663. f.opts = &o.form;
  664. f.authgroup_opt = &o;
  665. f.authgroup_selection = 1;
  666. f.message = _("Choose Pulse user realm:");
  667. o.form.next = NULL;
  668. o.form.type = OC_FORM_OPT_SELECT;
  669. o.form.name = (char *)"realm_choice";
  670. o.form.label = (char *)_("Realm:");
  671. o.nr_choices = realms;
  672. o.choices = calloc(realms, sizeof(*o.choices));
  673. if (!o.choices)
  674. return -ENOMEM;
  675. while (l) {
  676. if (parse_avp(vpninfo, &p, &l, &avp_p, &avp_len, &avp_flags,
  677. &avp_vendor, &avp_code)) {
  678. vpn_progress(vpninfo, PRG_ERR,
  679. _("Failed to parse AVP\n"));
  680. ret = -EINVAL;
  681. goto out;
  682. }
  683. if (avp_vendor != VENDOR_JUNIPER2 || avp_code != 0xd4e)
  684. continue;
  685. o.choices[i] = malloc(sizeof(struct oc_choice));
  686. if (!o.choices[i]) {
  687. ret = -ENOMEM;
  688. goto out;
  689. }
  690. o.choices[i]->name = o.choices[i]->label = strndup(avp_p, avp_len);
  691. if (!o.choices[i]->name) {
  692. ret = -ENOMEM;
  693. goto out;
  694. }
  695. i++;
  696. }
  697. /* We don't need to do anything on group changes. */
  698. do {
  699. ret = process_auth_form(vpninfo, &f);
  700. } while (ret == OC_FORM_RESULT_NEWGROUP);
  701. if (!ret)
  702. buf_append_avp_string(reqbuf, 0xd50, o.form._value);
  703. out:
  704. if (o.choices) {
  705. for (i = 0; i < realms; i++) {
  706. if (o.choices[i]) {
  707. free(o.choices[i]->name);
  708. free(o.choices[i]);
  709. }
  710. }
  711. free(o.choices);
  712. }
  713. return ret;
  714. }
  715. static int pulse_request_session_kill(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf,
  716. int sessions, unsigned char *eap)
  717. {
  718. uint8_t avp_flags;
  719. uint32_t avp_code;
  720. uint32_t avp_vendor;
  721. int avp_len, avp_len2;
  722. void *avp_p, *avp_p2;
  723. struct oc_auth_form f;
  724. struct oc_form_opt_select o;
  725. int i = 0, ret;
  726. void *p;
  727. int l;
  728. struct oc_text_buf *form_msg = buf_alloc();
  729. char tmbuf[80];
  730. struct tm tm;
  731. l = load_be16(eap + 2) - 0x0c; /* Already validated */
  732. p = eap + 0x0c;
  733. memset(&f, 0, sizeof(f));
  734. memset(&o, 0, sizeof(o));
  735. f.auth_id = (char *)"pulse_session_kill";
  736. f.opts = &o.form;
  737. buf_append(form_msg, _("Session limit reached. Choose session to kill:\n"));
  738. o.form.next = NULL;
  739. o.form.type = OC_FORM_OPT_SELECT;
  740. o.form.name = (char *)"session_choice";
  741. o.form.label = (char *)_("Session:");
  742. o.nr_choices = sessions;
  743. o.choices = calloc(sessions, sizeof(*o.choices));
  744. if (!o.choices) {
  745. ret = -ENOMEM;
  746. goto out;
  747. }
  748. while (l) {
  749. char *from = NULL;
  750. time_t when = 0;
  751. char *sessid = NULL;
  752. if (parse_avp(vpninfo, &p, &l, &avp_p, &avp_len, &avp_flags,
  753. &avp_vendor, &avp_code)) {
  754. badlist:
  755. free(from);
  756. free(sessid);
  757. vpn_progress(vpninfo, PRG_ERR,
  758. _("Failed to parse session list\n"));
  759. ret = -EINVAL;
  760. goto out;
  761. }
  762. if (avp_vendor != VENDOR_JUNIPER2 || avp_code != 0xd65)
  763. continue;
  764. while (avp_len) {
  765. if (parse_avp(vpninfo, &avp_p, &avp_len, &avp_p2, &avp_len2,
  766. &avp_flags, &avp_vendor, &avp_code))
  767. goto badlist;
  768. dump_avp(vpninfo, avp_flags, avp_vendor, avp_code, avp_p2, avp_len2);
  769. if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd66) {
  770. free(sessid);
  771. sessid = strndup(avp_p2, avp_len2);
  772. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd67) {
  773. free(from);
  774. from = strndup(avp_p2, avp_len2);
  775. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd68 &&
  776. avp_len2 == 8) {
  777. when = load_be32((char *)avp_p2 + 4);
  778. if (sizeof(time_t) > 4)
  779. when |= ((uint64_t)load_be32(avp_p2)) << 32;
  780. }
  781. }
  782. if (!from || !sessid || !when)
  783. goto badlist;
  784. if (0
  785. #ifdef HAVE_LOCALTIME_S
  786. || !localtime_s(&tm, &when)
  787. #endif
  788. #ifdef HAVE_LOCALTIME_R
  789. || localtime_r(&when, &tm)
  790. #endif
  791. ) {
  792. strftime(tmbuf, sizeof(tmbuf), "%a, %d %b %Y %H:%M:%S %Z", &tm);
  793. } else
  794. snprintf(tmbuf, sizeof(tmbuf), "@%lu", (unsigned long)when);
  795. buf_append(form_msg, " - %s from %s at %s\n", sessid, from, tmbuf);
  796. free(from);
  797. from = NULL;
  798. o.choices[i] = malloc(sizeof(struct oc_choice));
  799. if (!o.choices[i]) {
  800. free(sessid);
  801. ret = -ENOMEM;
  802. goto out;
  803. }
  804. o.choices[i]->name = o.choices[i]->label = sessid;
  805. i++;
  806. }
  807. ret = buf_error(form_msg);
  808. if (ret)
  809. goto out;
  810. f.message = form_msg->data;
  811. ret = process_auth_form(vpninfo, &f);
  812. if (!ret)
  813. buf_append_avp_string(reqbuf, 0xd69, o.form._value);
  814. out:
  815. if (o.choices) {
  816. for (i = 0; i < sessions; i++) {
  817. if (o.choices[i]) {
  818. free(o.choices[i]->name);
  819. free(o.choices[i]);
  820. }
  821. }
  822. free(o.choices);
  823. }
  824. buf_free(form_msg);
  825. return ret;
  826. }
  827. static int pulse_request_user_auth(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf,
  828. uint8_t eap_ident, int prompt_flags, char *user_prompt, char *pass_prompt)
  829. {
  830. struct oc_auth_form f;
  831. struct oc_form_opt o[2];
  832. unsigned char eap_avp[23];
  833. int l;
  834. int ret;
  835. memset(&f, 0, sizeof(f));
  836. memset(o, 0, sizeof(o));
  837. f.auth_id = (char *) ((prompt_flags & PROMPT_PRIMARY) ? "pulse_user" : "pulse_secondary");
  838. f.opts = &o[1]; /* Point to password prompt in case that's all we use */
  839. f.message = (prompt_flags & PROMPT_PRIMARY) ? _("Enter user credentials:") : _("Enter secondary credentials:");
  840. if (prompt_flags & PROMPT_USERNAME) {
  841. f.opts = &o[0];
  842. o[0].next = NULL; /* Again, for now */
  843. o[0].type = OC_FORM_OPT_TEXT;
  844. o[0].name = (char *)"username";
  845. if (user_prompt)
  846. o[0].label = user_prompt;
  847. else
  848. o[0].label = (char *) ((prompt_flags & PROMPT_PRIMARY) ? _("Username:") : _("Secondary username:"));
  849. }
  850. if (prompt_flags & PROMPT_PASSWORD) {
  851. /* Might be referenced from o[0] or directly from f.opts */
  852. o[0].next = &o[1];
  853. o[1].type = OC_FORM_OPT_PASSWORD;
  854. o[1].name = (char *)"password";
  855. if (pass_prompt)
  856. o[1].label = pass_prompt;
  857. else
  858. o[1].label = (char *) ((prompt_flags & PROMPT_PRIMARY) ? _("Password:") : _("Secondary password:"));
  859. }
  860. ret = process_auth_form(vpninfo, &f);
  861. if (ret)
  862. goto out;
  863. if (o[0]._value) {
  864. buf_append_avp_string(reqbuf, 0xd6d, o[0]._value);
  865. free_pass(&o[0]._value);
  866. }
  867. if (o[1]._value) {
  868. l = strlen(o[1]._value);
  869. if (l > 253) {
  870. free_pass(&o[1]._value);
  871. return -EINVAL;
  872. }
  873. } else {
  874. /* Their client actually resubmits the primary password when
  875. * a secondary password is requested. But it doesn't seem to
  876. * be necessary; might even just be a bug. */
  877. l = 0;
  878. }
  879. /* AVP flags+mandatory+length */
  880. store_be32(eap_avp, AVP_CODE_EAP_MESSAGE);
  881. store_be32(eap_avp + 4, (AVP_MANDATORY << 24) + sizeof(eap_avp) + l);
  882. /* EAP header: code/ident/len */
  883. eap_avp[8] = EAP_RESPONSE;
  884. eap_avp[9] = eap_ident;
  885. store_be16(eap_avp + 10, l + 15); /* EAP length */
  886. store_be32(eap_avp + 12, EXPANDED_JUNIPER);
  887. store_be32(eap_avp + 16, 2);
  888. /* EAP Juniper/2 payload: 02 02 <len> <password> */
  889. eap_avp[20] = eap_avp[21] = 0x02;
  890. eap_avp[22] = l + 2; /* Why 2? */
  891. buf_append_bytes(reqbuf, eap_avp, sizeof(eap_avp));
  892. if (o[1]._value) {
  893. buf_append_bytes(reqbuf, o[1]._value, l);
  894. free_pass(&o[1]._value);
  895. }
  896. /* Padding */
  897. if ((sizeof(eap_avp) + l) & 3) {
  898. uint32_t pad = 0;
  899. buf_append_bytes(reqbuf, &pad,
  900. 4 - ((sizeof(eap_avp) + l) & 3));
  901. }
  902. ret = 0;
  903. out:
  904. return ret;
  905. }
  906. static int pulse_request_pass_change(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf,
  907. uint8_t eap_ident, int prompt_flags)
  908. {
  909. struct oc_auth_form f;
  910. struct oc_form_opt o[3];
  911. unsigned char eap_avp[23];
  912. int l1, l2;
  913. int ret;
  914. memset(&f, 0, sizeof(f));
  915. memset(o, 0, sizeof(o));
  916. f.auth_id = (char *) ((prompt_flags & PROMPT_PRIMARY) ? "pulse_user_change" : "pulse_secondary_change");
  917. f.opts = &o[0];
  918. f.message = _("Password expired. Please change password:");
  919. o[0].type = OC_FORM_OPT_PASSWORD;
  920. o[0].name = (char *)"oldpass";
  921. o[0].label = (char *) _("Current password:");
  922. o[0].next = &o[1];
  923. o[1].type = OC_FORM_OPT_PASSWORD;
  924. o[1].name = (char *)"newpass1";
  925. o[1].label = (char *) _("New password:");
  926. o[1].next = &o[2];
  927. o[2].type = OC_FORM_OPT_PASSWORD;
  928. o[2].name = (char *)"newpass1";
  929. o[2].label = (char *) _("Verify new password:");
  930. retry:
  931. free_pass(&o[0]._value);
  932. free_pass(&o[1]._value);
  933. free_pass(&o[2]._value);
  934. ret = process_auth_form(vpninfo, &f);
  935. if (ret)
  936. goto out;
  937. if (!o[0]._value || !o[1]._value || !o[2]._value) {
  938. vpn_progress(vpninfo, PRG_DEBUG, _("Passwords not provided.\n"));
  939. ret = -EINVAL;
  940. goto out;
  941. }
  942. if (strcmp(o[1]._value, o[2]._value)) {
  943. vpn_progress(vpninfo, PRG_ERR, _("Passwords do not match.\n"));
  944. goto retry;
  945. }
  946. l1 = strlen(o[0]._value);
  947. if (l1 > 253) {
  948. vpn_progress(vpninfo, PRG_ERR, _("Current password too long.\n"));
  949. goto retry;
  950. }
  951. l2 = strlen(o[1]._value);
  952. if (l2 > 253) {
  953. vpn_progress(vpninfo, PRG_ERR, _("New password too long.\n"));
  954. goto retry;
  955. }
  956. /* AVP flags+mandatory+length */
  957. store_be32(eap_avp, AVP_CODE_EAP_MESSAGE);
  958. store_be32(eap_avp + 4, (AVP_MANDATORY << 24) + sizeof(eap_avp) + l1 + 2 + l2);
  959. /* EAP header: code/ident/len */
  960. eap_avp[8] = EAP_RESPONSE;
  961. eap_avp[9] = eap_ident;
  962. store_be16(eap_avp + 10, l1 + l2 + 17); /* EAP length */
  963. store_be32(eap_avp + 12, EXPANDED_JUNIPER);
  964. store_be32(eap_avp + 16, 2);
  965. /* EAP Juniper/2 payload: 02 02 <len> <password> */
  966. eap_avp[20] = eap_avp[21] = 0x02;
  967. eap_avp[22] = l1 + 2; /* Why 2? */
  968. buf_append_bytes(reqbuf, eap_avp, sizeof(eap_avp));
  969. buf_append_bytes(reqbuf, o[0]._value, l1);
  970. /* Reuse eap_avp to append the new password */
  971. eap_avp[0] = 0x03;
  972. eap_avp[1] = l2 + 2;
  973. buf_append_bytes(reqbuf, eap_avp, 2);
  974. buf_append_bytes(reqbuf, o[1]._value, l2);
  975. /* Padding */
  976. if ((sizeof(eap_avp) + l1 + 2 + l2) & 3) {
  977. uint32_t pad = 0;
  978. buf_append_bytes(reqbuf, &pad,
  979. 4 - ((sizeof(eap_avp) + l1 + 2 + l2) & 3));
  980. }
  981. ret = 0;
  982. out:
  983. free_pass(&o[0]._value);
  984. free_pass(&o[1]._value);
  985. free_pass(&o[2]._value);
  986. return ret;
  987. }
  988. static int pulse_request_gtc(struct openconnect_info *vpninfo, struct oc_text_buf *reqbuf,
  989. uint8_t eap_ident, int prompt_flags, char *user_prompt, char *pass_prompt,
  990. char *gtc_prompt)
  991. {
  992. struct oc_auth_form f;
  993. struct oc_form_opt o[2];
  994. int ret;
  995. memset(&f, 0, sizeof(f));
  996. memset(o, 0, sizeof(o));
  997. f.auth_id = (char *)"pulse_gtc";
  998. /* The first prompt always seems to be 'Enter SecurID PASSCODE:' and is ignored. */
  999. if (gtc_prompt && (prompt_flags & PROMPT_GTC_NEXT))
  1000. f.message = gtc_prompt;
  1001. else
  1002. f.message = _("Token code request:");
  1003. if (prompt_flags & PROMPT_USERNAME) {
  1004. f.opts = &o[0];
  1005. o[0].next = &o[1];
  1006. o[0].type = OC_FORM_OPT_TEXT;
  1007. o[0].name = (char *)"username";
  1008. if (user_prompt)
  1009. o[0].label = user_prompt;
  1010. else
  1011. o[0].label = (char *) ((prompt_flags & PROMPT_PRIMARY) ? _("Username:") : _("Secondary username:"));
  1012. } else {
  1013. f.opts = &o[1];
  1014. }
  1015. o[1].type = OC_FORM_OPT_PASSWORD;
  1016. o[1].name = (char *)"tokencode";
  1017. /*
  1018. * For retries, we have a gtc_prompt and we just say 'Please enter response:'.
  1019. * Otherwise, use the pass_prompt if it exists, or create our own based
  1020. * on whether it's primary authentication or not.
  1021. */
  1022. if (prompt_flags & PROMPT_GTC_NEXT) {
  1023. o[1].label = _("Please enter response:");
  1024. } else if (pass_prompt) {
  1025. o[1].label = pass_prompt;
  1026. } else if (prompt_flags & PROMPT_PRIMARY) {
  1027. o[1].label = _("Please enter your passcode:");
  1028. } else {
  1029. o[1].label = _("Please enter your secondary token information:");
  1030. }
  1031. if (!can_gen_tokencode(vpninfo, &f, &o[1]))
  1032. o[1].type = OC_FORM_OPT_TOKEN;
  1033. ret = process_auth_form(vpninfo, &f);
  1034. if (ret)
  1035. goto out;
  1036. ret = do_gen_tokencode(vpninfo, &f);
  1037. if (ret)
  1038. goto out;
  1039. if (o[0]._value) {
  1040. buf_append_avp_string(reqbuf, 0xd6d, o[0]._value);
  1041. free_pass(&o[0]._value);
  1042. }
  1043. if (o[1]._value) {
  1044. unsigned char eap_avp[13];
  1045. int l = strlen(o[1]._value);
  1046. if (l > 253) {
  1047. free_pass(&o[1]._value);
  1048. ret = -EINVAL;
  1049. goto out;
  1050. }
  1051. /* AVP flags+mandatory+length */
  1052. store_be32(eap_avp, AVP_CODE_EAP_MESSAGE);
  1053. store_be32(eap_avp + 4, (AVP_MANDATORY << 24) + sizeof(eap_avp) + l);
  1054. /* EAP header: code/ident/len */
  1055. eap_avp[8] = EAP_RESPONSE;
  1056. eap_avp[9] = eap_ident;
  1057. store_be16(eap_avp + 10, l + 5); /* EAP length */
  1058. eap_avp[12] = EAP_TYPE_GTC;
  1059. buf_append_bytes(reqbuf, eap_avp, sizeof(eap_avp));
  1060. buf_append_bytes(reqbuf, o[1]._value, l);
  1061. /* Padding */
  1062. if ((sizeof(eap_avp) + l) & 3) {
  1063. uint32_t pad = 0;
  1064. buf_append_bytes(reqbuf, &pad,
  1065. 4 - ((sizeof(eap_avp) + l) & 3));
  1066. }
  1067. free_pass(&o[1]._value);
  1068. } else {
  1069. ret = -EINVAL;
  1070. goto out;
  1071. }
  1072. ret = 0;
  1073. out:
  1074. return ret;
  1075. }
  1076. static int dup_prompt(char **p, uint8_t *avp_p, int avp_len)
  1077. {
  1078. char *ret = NULL;
  1079. free(*p);
  1080. *p = NULL;
  1081. if (!avp_len) {
  1082. return 0;
  1083. } else if (avp_p[avp_len - 1] == ':') {
  1084. ret = strndup((char *)avp_p, avp_len);
  1085. } else {
  1086. ret = calloc(avp_len + 2, 1);
  1087. if (ret) {
  1088. memcpy(ret, avp_p, avp_len);
  1089. ret[avp_len] = ':';
  1090. ret[avp_len + 1] = 0;
  1091. }
  1092. }
  1093. if (ret) {
  1094. *p = ret;
  1095. return 0;
  1096. } else
  1097. return -ENOMEM;
  1098. }
  1099. /*
  1100. * There is complex client-side logic around when to (re)prompt for a password.
  1101. * The first prompt always needs it, whether it's a TokenCode request (EAP-06)
  1102. * or a normal password request (EAP-Expanded-Juniper/2). If a password request
  1103. * fails (0x81) then we prompt for username again in case that's what was wrong.
  1104. *
  1105. * If there's a secondary password request, it might need a *secondary* username.
  1106. * The first request comes with a 0xd73 AVP which has a single integer:
  1107. * 1: prompt for both username and password.
  1108. * 3: Prompt for password only.
  1109. * 5: Prompt for username only.
  1110. *
  1111. */
  1112. /* IF-T/TLS session establishment is the same for both pulse_obtain_cookie() and
  1113. * pulse_connect(). We have to go through the EAP phase of the connection either
  1114. * way; it's just that we might do it with just the cookie, or we might need to
  1115. * use the password/cert etc. */
  1116. static int pulse_authenticate(struct openconnect_info *vpninfo, int connecting)
  1117. {
  1118. int ret;
  1119. struct oc_text_buf *reqbuf;
  1120. unsigned char bytes[16384];
  1121. int eap_ofs;
  1122. uint8_t eap_ident, eap2_ident = 0;
  1123. uint8_t avp_flags;
  1124. uint32_t avp_code;
  1125. uint32_t avp_vendor;
  1126. int avp_len, l;
  1127. void *avp_p, *p;
  1128. unsigned char *eap;
  1129. int cookie_found = 0;
  1130. int j2_found = 0, realms_found = 0, realm_entry = 0, old_sessions = 0, gtc_found = 0;
  1131. uint8_t j2_code = 0;
  1132. void *ttls = NULL;
  1133. char *user_prompt = NULL, *pass_prompt = NULL, *gtc_prompt = NULL, *signin_prompt = NULL;
  1134. char *user2_prompt = NULL, *pass2_prompt = NULL;
  1135. int prompt_flags = PROMPT_PRIMARY | PROMPT_USERNAME | PROMPT_PASSWORD;
  1136. ret = openconnect_open_https(vpninfo);
  1137. if (ret)
  1138. return ret;
  1139. reqbuf = buf_alloc();
  1140. buf_append(reqbuf, "GET /%s HTTP/1.1\r\n", vpninfo->urlpath ?: "");
  1141. http_common_headers(vpninfo, reqbuf);
  1142. buf_append(reqbuf, "Content-Type: EAP\r\n");
  1143. buf_append(reqbuf, "Upgrade: IF-T/TLS 1.0\r\n");
  1144. buf_append(reqbuf, "Content-Length: 0\r\n");
  1145. buf_append(reqbuf, "\r\n");
  1146. if (buf_error(reqbuf)) {
  1147. vpn_progress(vpninfo, PRG_ERR,
  1148. _("Error creating Pulse connection request\n"));
  1149. ret = buf_error(reqbuf);
  1150. goto out;
  1151. }
  1152. if (vpninfo->dump_http_traffic)
  1153. dump_buf(vpninfo, '>', reqbuf->data);
  1154. ret = vpninfo->ssl_write(vpninfo, reqbuf->data, reqbuf->pos);
  1155. if (ret < 0)
  1156. goto out;
  1157. ret = process_http_response(vpninfo, 1, NULL, reqbuf);
  1158. if (ret < 0)
  1159. goto out;
  1160. if (ret != 101) {
  1161. vpn_progress(vpninfo, PRG_ERR,
  1162. _("Unexpected %d result from server\n"),
  1163. ret);
  1164. ret = -EINVAL;
  1165. goto out;
  1166. }
  1167. vpninfo->ift_seq = 0;
  1168. /* IF-T version request. */
  1169. buf_truncate(reqbuf);
  1170. buf_append_ift_hdr(reqbuf, VENDOR_TCG, IFT_VERSION_REQUEST);
  1171. /* Min version 1, max 2, preferred 2. Not that we actually do v2; the auth is
  1172. * still all IF-T/TLS v1. But the server won't offer us HMAC-SHA256 unless we
  1173. * advertise v2 */
  1174. buf_append_be32(reqbuf, 0x00010202);
  1175. ret = send_ift_packet(vpninfo, reqbuf);
  1176. if (ret)
  1177. goto out;
  1178. ret = recv_ift_packet(vpninfo, (void *)bytes, sizeof(bytes));
  1179. if (ret < 0)
  1180. goto out;
  1181. if (ret != 0x14 || (load_be32(bytes) & 0xffffff) != VENDOR_TCG ||
  1182. load_be32(bytes + 4) != IFT_VERSION_RESPONSE ||
  1183. load_be32(bytes + 8) != 0x14) {
  1184. vpn_progress(vpninfo, PRG_ERR,
  1185. _("Unexpected response to IF-T/TLS version negotiation:\n"));
  1186. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)bytes, ret);
  1187. ret = -EINVAL;
  1188. goto out;
  1189. }
  1190. vpn_progress(vpninfo, PRG_TRACE, _("IF-T/TLS version from server: %d\n"),
  1191. bytes[0x13]);
  1192. /* Client information packet over IF-T/TLS */
  1193. buf_truncate(reqbuf);
  1194. buf_append_ift_hdr(reqbuf, VENDOR_JUNIPER, 0x88);
  1195. buf_append(reqbuf, "clientHostName=%s", vpninfo->localname);
  1196. bytes[0] = 0;
  1197. if (vpninfo->peer_addr && vpninfo->peer_addr->sa_family == AF_INET6) {
  1198. struct sockaddr_in6 a;
  1199. socklen_t l = sizeof(a);
  1200. if (!getsockname(vpninfo->ssl_fd, (void *)&a, &l))
  1201. inet_ntop(AF_INET6, &a.sin6_addr, (void *)bytes, sizeof(bytes));
  1202. } else if (vpninfo->peer_addr && vpninfo->peer_addr->sa_family == AF_INET) {
  1203. struct sockaddr_in a;
  1204. socklen_t l = sizeof(a);
  1205. if (!getsockname(vpninfo->ssl_fd, (void *)&a, &l))
  1206. inet_ntop(AF_INET, &a.sin_addr, (void *)bytes, sizeof(bytes));
  1207. }
  1208. if (bytes[0])
  1209. buf_append(reqbuf, " clientIp=%s", bytes);
  1210. buf_append(reqbuf, "\n%c", 0);
  1211. ret = send_ift_packet(vpninfo, reqbuf);
  1212. if (ret)
  1213. goto out;
  1214. /* Await start of auth negotiations */
  1215. ret = recv_ift_packet(vpninfo, (void *)bytes, sizeof(bytes));
  1216. if (ret < 0)
  1217. goto out;
  1218. /* Basically an empty IF-T/TLS auth challenge packet of type Juniper/1,
  1219. * without even an EAP header in the payload. */
  1220. if (!valid_ift_auth(bytes, ret) || ret != 0x14) {
  1221. vpn_progress(vpninfo, PRG_ERR,
  1222. _("Unexpected IF-T/TLS authentication challenge:\n"));
  1223. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)bytes, ret);
  1224. ret = -EINVAL;
  1225. goto out;
  1226. }
  1227. /* Start by sending an EAP Identity of 'anonymous'. At this point we
  1228. * aren't yet very far down the rabbithole...
  1229. *
  1230. * --------------------------------------
  1231. * | TCP/IP |
  1232. * |------------------------------------|
  1233. * | TLS |
  1234. * |------------------------------------|
  1235. * | IF-T/TLS |
  1236. * |------------------------------------|
  1237. * | EAP (IF-T/TLS Auth Type Juniper/1) |
  1238. * |------------------------------------|
  1239. * | EAP-Identity |
  1240. * --------------------------------------
  1241. */
  1242. buf_truncate(reqbuf);
  1243. buf_append_ift_hdr(reqbuf, VENDOR_TCG, IFT_CLIENT_AUTH_RESPONSE);
  1244. buf_append_be32(reqbuf, JUNIPER_1); /* IF-T/TLS Auth Type */
  1245. eap_ofs = buf_append_eap_hdr(reqbuf, EAP_RESPONSE, 1, EAP_TYPE_IDENTITY, 0);
  1246. buf_append(reqbuf, "anonymous");
  1247. buf_fill_eap_len(reqbuf, eap_ofs);
  1248. ret = send_ift_packet(vpninfo, reqbuf);
  1249. if (ret)
  1250. goto out;
  1251. /*
  1252. * Phase 2 may continue directly with EAP within IF-T/TLS, or if certificate
  1253. * auth is enabled, the server may use EAP-TTLS. In that case, we end up
  1254. * with EAP within EAP-Message AVPs within EAP-TTLS within IF-T/TLS.
  1255. * The send_eap_packet() and recv_eap_packet() functions cope with both
  1256. * formats. The buffers have 0x14 bytes of header space, to allow for
  1257. * the IF-T/TLS header which is the larger of the two.
  1258. *
  1259. * --------------------------------------
  1260. * | TCP/IP |
  1261. * |------------------------------------|
  1262. * | TLS |
  1263. * |------------------------------------|
  1264. * | IF-T/TLS |
  1265. * |------------------------------------|
  1266. * | EAP (IF-T/TLS Auth Type Juniper/1) |
  1267. * |------------------ |
  1268. * | EAP-TTLS | |
  1269. * |-----------------| (or directly) |
  1270. * | EAP-Message AVP | |
  1271. * |-----------------|------------------|
  1272. * | EAP-Juniper-1 |
  1273. * --------------------------------------
  1274. */
  1275. ret = recv_ift_packet(vpninfo, (void *)bytes, sizeof(bytes));
  1276. if (ret < 0)
  1277. goto out;
  1278. /* Check EAP header and length */
  1279. if (!valid_ift_auth_eap(bytes, ret)) {
  1280. bad_ift:
  1281. vpn_progress(vpninfo, PRG_ERR,
  1282. _("Unexpected IF-T/TLS authentication challenge:\n"));
  1283. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)bytes, ret);
  1284. ret = -EINVAL;
  1285. goto out;
  1286. }
  1287. /*
  1288. * We know the packet is valid at least down to the first layer of
  1289. * EAP in the diagram above, directly within the IF-T/TLS Auth Type
  1290. * of Juniper/1. Now, disambiguate between the two cases where the
  1291. * diagram diverges. Is it EAP-TTLS or is it EAP-Juniper-1 directly?
  1292. */
  1293. if (valid_ift_auth_eap_exj1(bytes, ret)) {
  1294. eap = bytes + 0x14;
  1295. } else {
  1296. /* If it isn't that, it'd better be EAP-TTLS... */
  1297. if (bytes[0x18] != EAP_TYPE_TTLS)
  1298. goto bad_ift;
  1299. vpninfo->ttls_eap_ident = bytes[0x15];
  1300. vpninfo->ttls_recvbuf = malloc(TLS_RECORD_MAX);
  1301. if (!vpninfo->ttls_recvbuf)
  1302. return -ENOMEM;
  1303. vpninfo->ttls_recvlen = 0;
  1304. vpninfo->ttls_recvpos = 0;
  1305. vpninfo->ttls_msgleft = 0;
  1306. ttls = establish_eap_ttls(vpninfo);
  1307. if (!ttls) {
  1308. vpn_progress(vpninfo, PRG_ERR,
  1309. _("Failed to establish EAP-TTLS session\n"));
  1310. ret = -EINVAL;
  1311. goto out;
  1312. }
  1313. /* Resend the EAP Identity 'anonymous' packet within EAP-TTLS */
  1314. ret = send_eap_packet(vpninfo, ttls, reqbuf);
  1315. if (ret)
  1316. goto out;
  1317. /*
  1318. * The recv_eap_packet() function receives and validates the EAP
  1319. * packet of type Extended Juniper-1, either natively or within
  1320. * EAP-TTLS according to whether 'ttls' is set.
  1321. */
  1322. eap = recv_eap_packet(vpninfo, ttls, bytes, sizeof(bytes));
  1323. if (!eap) {
  1324. ret = -EIO;
  1325. goto out;
  1326. }
  1327. }
  1328. /* Now we (hopefully) have the server information packet, in an EAP request
  1329. * from the server. Either it was received directly in IF-T/TLS, or within
  1330. * an EAP-Message within EAP-TTLS. Either way, the EAP message we're
  1331. * interested in will be at offset 0x14 in the packet, its header will
  1332. * have been checked, and is Expanded Juniper/1, and its payload thus
  1333. * starts at 0x20. And its length is sufficient that we won't underflow */
  1334. eap_ident = eap[1];
  1335. l = load_be16(eap + 2) - 0x0c; /* Already validated */
  1336. p = eap + 0x0c;
  1337. /* We don't actually use anything we get here. Typically it
  1338. * contains Juniper/0xd49 and Juniper/0xd4a word AVPs, and
  1339. * a Juniper/0xd56 AVP with server licensing information. */
  1340. while (l) {
  1341. if (parse_avp(vpninfo, &p, &l, &avp_p, &avp_len, &avp_flags,
  1342. &avp_vendor, &avp_code)) {
  1343. vpn_progress(vpninfo, PRG_ERR,
  1344. _("Failed to parse AVP\n"));
  1345. bad_eap:
  1346. dump_buf_hex(vpninfo, PRG_ERR, 'E', eap, load_be16(eap + 2));
  1347. ret = -EINVAL;
  1348. goto out;
  1349. }
  1350. dump_avp(vpninfo, avp_flags, avp_vendor, avp_code, avp_p, avp_len);
  1351. }
  1352. /* Present the client information and auth cookie */
  1353. buf_truncate(reqbuf);
  1354. buf_append_ift_hdr(reqbuf, VENDOR_TCG, IFT_CLIENT_AUTH_RESPONSE);
  1355. buf_append_be32(reqbuf, JUNIPER_1); /* IF-T/TLS Auth Type */
  1356. eap_ofs = buf_append_eap_hdr(reqbuf, EAP_RESPONSE, eap_ident, EAP_TYPE_EXPANDED, 1);
  1357. #if 0
  1358. /* Their client sends a lot of other stuff here, which we don't
  1359. * understand and which doesn't appear to be mandatory. So leave
  1360. * it out for now until/unless it becomes necessary. It seems that
  1361. * sending Pulse-Secure/4.0.0.0 or anything newer makes it do
  1362. * EAP-TLS *within* the EAP-TTLS session if you don't actually
  1363. * present a certificate. */
  1364. buf_append_avp_be32(reqbuf, 0xd49, 3);
  1365. buf_append_avp_be32(reqbuf, 0xd61, 0);
  1366. buf_append_avp_string(reqbuf, 0xd5e, "Windows");
  1367. buf_append_avp_string(reqbuf, 0xd70, "Pulse-Secure/9.0.3.1667 (Windows Server 2016) Pulse/9.0.3.1667");
  1368. buf_append_avp_string(reqbuf, 0xd63, "\xac\x1e\x8a\x78\x2d\x96\x45\x69\xb7\x7b\x80\x0f\xb7\x39\x2e\x41");
  1369. buf_append_avp_string(reqbuf, 0xd64, "\x1a\x3d\x9f\xa4\x07\xd9\xcb\x40\x9d\x61\x6a\x7a\x89\x24\x9b\x15");
  1370. buf_append_avp_string(reqbuf, 0xd5f, "en-US");
  1371. buf_append_avp_string(reqbuf, 0xd6c, "\x02\xe9\xa7\x51\x92\x4e");
  1372. buf_append_avp_be32(reqbuf, 0xd84, 0);
  1373. #else
  1374. buf_append_avp_string(reqbuf, 0xd70, vpninfo->useragent);
  1375. #endif
  1376. if (vpninfo->cookie)
  1377. buf_append_avp_string(reqbuf, 0xd53, vpninfo->cookie);
  1378. buf_fill_eap_len(reqbuf, eap_ofs);
  1379. ret = send_eap_packet(vpninfo, ttls, reqbuf);
  1380. if (ret)
  1381. goto out;
  1382. /* Await start of auth negotiations */
  1383. auth_response:
  1384. free(signin_prompt);
  1385. signin_prompt = NULL;
  1386. /* If there's a follow-on GTC prompt, remember it's not the first */
  1387. if (gtc_found)
  1388. prompt_flags |= PROMPT_GTC_NEXT;
  1389. else
  1390. prompt_flags &= ~PROMPT_GTC_NEXT;
  1391. realm_entry = realms_found = j2_found = old_sessions = 0, gtc_found = 0;
  1392. eap = recv_eap_packet(vpninfo, ttls, (void *)bytes, sizeof(bytes));
  1393. if (!eap) {
  1394. ret = -EIO;
  1395. goto out;
  1396. }
  1397. eap_ident = eap[1];
  1398. l = load_be16(eap + 2) - 0x0c; /* Already validated */
  1399. p = eap + 0x0c;
  1400. while (l) {
  1401. if (parse_avp(vpninfo, &p, &l, &avp_p, &avp_len, &avp_flags,
  1402. &avp_vendor, &avp_code)) {
  1403. vpn_progress(vpninfo, PRG_ERR,
  1404. _("Failed to parse AVP\n"));
  1405. goto bad_eap;
  1406. }
  1407. dump_avp(vpninfo, avp_flags, avp_vendor, avp_code, avp_p, avp_len);
  1408. /* It's a bit late for this given that we don't get it until after
  1409. * we provide the password. */
  1410. if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd55) {
  1411. char md5buf[MD5_SIZE * 2 + 1];
  1412. get_cert_md5_fingerprint(vpninfo, vpninfo->peer_cert, md5buf);
  1413. if (avp_len != MD5_SIZE * 2 || strncasecmp(avp_p, md5buf, MD5_SIZE * 2)) {
  1414. /* This actually happens in the wild and the official clients don't seem to
  1415. * care. It's too late because we've already authenticated at this point,
  1416. * and it's only MD5 anyway. I find it hard to care. Just whine and continue
  1417. * anyway. */
  1418. vpn_progress(vpninfo, PRG_INFO,
  1419. _("WARNING: Server provided certificate MD5 does not match its actual certificate.\n"));
  1420. continue;
  1421. }
  1422. }
  1423. if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd65) {
  1424. old_sessions++;
  1425. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd60) {
  1426. uint32_t failcode;
  1427. if (avp_len != 4)
  1428. goto auth_unknown;
  1429. failcode = load_be32(avp_p);
  1430. if (failcode == 0x0d) {
  1431. vpn_progress(vpninfo, PRG_ERR,
  1432. _("Authentication failure: Account locked out\n"));
  1433. } else if (failcode == 0x0e) {
  1434. vpn_progress(vpninfo, PRG_ERR,
  1435. _("Authentication failure: Client certificate required\n"));
  1436. } else {
  1437. vpn_progress(vpninfo, PRG_ERR,
  1438. _("Authentication failure: Code 0x%02x\n"),
  1439. failcode);
  1440. }
  1441. ret = -EPERM;
  1442. goto out;
  1443. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd80) {
  1444. dup_prompt(&user_prompt, avp_p, avp_len);
  1445. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd81) {
  1446. dup_prompt(&pass_prompt, avp_p, avp_len);
  1447. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd82) {
  1448. dup_prompt(&user2_prompt, avp_p, avp_len);
  1449. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd83) {
  1450. dup_prompt(&pass2_prompt, avp_p, avp_len);
  1451. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd73) {
  1452. uint32_t val;
  1453. if (avp_len != 4)
  1454. goto auth_unknown;
  1455. val = load_be32(avp_p);
  1456. switch (val) {
  1457. case 1: /* Prompt for both username and password. */
  1458. prompt_flags = PROMPT_PASSWORD | PROMPT_USERNAME;
  1459. break;
  1460. case 3: /* Prompt for password.*/
  1461. case 15:
  1462. prompt_flags = PROMPT_PASSWORD;
  1463. break;
  1464. case 5: /* Prompt for username.*/
  1465. prompt_flags = PROMPT_USERNAME;
  1466. break;
  1467. default:
  1468. /* It does no harm to submit both, as anything unwanted is ignored. */
  1469. vpn_progress(vpninfo, PRG_ERR,
  1470. _("Unknown D73 prompt value 0x%x. Will prompt for both username and password.\n"),
  1471. val);
  1472. vpn_progress(vpninfo, PRG_ERR,
  1473. _("Please report this value and the behaviour of the official client.\n"));
  1474. prompt_flags = PROMPT_PASSWORD | PROMPT_USERNAME;
  1475. break;
  1476. }
  1477. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd7b) {
  1478. free(signin_prompt);
  1479. signin_prompt = strndup(avp_p, avp_len);
  1480. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd4e) {
  1481. realms_found++;
  1482. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd4f) {
  1483. realm_entry++;
  1484. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd5c) {
  1485. if (avp_len != 4)
  1486. goto auth_unknown;
  1487. uint32_t val = load_be32(avp_p);
  1488. if (val)
  1489. vpninfo->auth_expiration = time(NULL) + val;
  1490. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd75) {
  1491. if (avp_len != 4)
  1492. goto auth_unknown;
  1493. uint32_t val = load_be32(avp_p);
  1494. if (val)
  1495. vpninfo->idle_timeout = val;
  1496. } else if (avp_vendor == VENDOR_JUNIPER2 && avp_code == 0xd53) {
  1497. free(vpninfo->cookie);
  1498. vpninfo->cookie = strndup(avp_p, avp_len);
  1499. cookie_found = 1;
  1500. /* DSID cookie may be needed for fallback to oNCP/Juniper logout */
  1501. http_add_cookie(vpninfo, "DSID", vpninfo->cookie, 1 /* replace */);
  1502. } else if (!avp_vendor && avp_code == AVP_CODE_EAP_MESSAGE) {
  1503. char *avp_c = avp_p;
  1504. /* EAP within AVP within EAP within IF-T/TLS. Check EAP header. */
  1505. if (avp_len < 5 || avp_c[0] != EAP_REQUEST ||
  1506. load_be16(avp_c + 2) != avp_len)
  1507. goto auth_unknown;
  1508. eap2_ident = avp_c[1];
  1509. if (avp_c[4] == EAP_TYPE_GTC) {
  1510. gtc_found = 1;
  1511. free(gtc_prompt);
  1512. gtc_prompt = strndup(avp_c + 5, avp_len - 5);
  1513. } else if (avp_len >= 13 && load_be32(avp_c + 4) == EXPANDED_JUNIPER) {
  1514. switch (load_be32(avp_c + 8)) {
  1515. case 2: /* Expanded Juniper/2: password */
  1516. j2_found = 1;
  1517. j2_code = avp_c[12];
  1518. if (j2_code == J2_PASSREQ || j2_code == J2_PASSRETRY || j2_code == J2_PASSCHANGE) {
  1519. if (avp_len != 13)
  1520. goto auth_unknown;
  1521. /* Precisely one byte, which is j2_code. OK. */
  1522. } else if (j2_code == J2_PASSFAIL) {
  1523. /*
  1524. < 0000: 00 00 55 97 00 00 00 05 00 00 00 84 00 00 01 fa |..U.............|
  1525. < 0010: 00 0a 4c 01 01 05 00 70 fe 00 0a 4c 00 00 00 01 |..L....p...L....|
  1526. < 0020: 00 00 00 4f 40 00 00 62 01 02 00 5a fe 00 0a 4c |...O@..b...Z...L|
  1527. < 0030: 00 00 00 02 c5 01 4d 43 6f 75 6c 64 20 6e 6f 74 |......MCould not|
  1528. < 0040: 20 63 68 61 6e 67 65 20 70 61 73 73 77 6f 72 64 | change password|
  1529. < 0050: 2e 20 4e 65 77 20 70 61 73 73 77 6f 72 64 20 6d |. New password m|
  1530. < 0060: 75 73 74 20 62 65 20 61 74 20 6c 65 61 73 74 20 |ust be at least |
  1531. < 0070: 34 20 63 68 61 72 61 63 74 65 72 73 20 6c 6f 6e |4 characters lon|
  1532. < 0080: 67 2e 00 00 |g...|
  1533. */
  1534. if (avp_len > 15 && avp_c[13] == 0x01 && avp_c[14] == avp_len - 13) {
  1535. /* Failure message. */
  1536. vpn_progress(vpninfo, PRG_ERR,
  1537. _("Authentication failure: %.*s\n"), avp_len - 15, avp_c + 15);
  1538. ret = -EIO;
  1539. goto out;
  1540. } else
  1541. goto auth_unknown;
  1542. }
  1543. break;
  1544. case 3: /* TNCC */
  1545. vpn_progress(vpninfo, PRG_ERR,
  1546. _("Pulse server requested Host Checker; not yet supported\n"
  1547. "Try Juniper mode (--protocol=nc)\n"));
  1548. goto bad_eap;
  1549. default:
  1550. goto auth_unknown;
  1551. }
  1552. } else {
  1553. goto auth_unknown;
  1554. }
  1555. } else if (avp_flags & AVP_MANDATORY)
  1556. goto auth_unknown;
  1557. }
  1558. /* We want it to be precisely one type of request, not a mixture. */
  1559. if (realm_entry + !!realms_found + j2_found + gtc_found + cookie_found + !!old_sessions != 1 &&
  1560. !signin_prompt) {
  1561. auth_unknown:
  1562. vpn_progress(vpninfo, PRG_ERR,
  1563. _("Unhandled Pulse authentication packet, or authentication failure\n"));
  1564. goto bad_eap;
  1565. }
  1566. /* Prepare next response packet */
  1567. buf_truncate(reqbuf);
  1568. buf_append_ift_hdr(reqbuf, VENDOR_TCG, IFT_CLIENT_AUTH_RESPONSE);
  1569. buf_append_be32(reqbuf, JUNIPER_1); /* IF-T/TLS Auth Type */
  1570. eap_ofs = buf_append_eap_hdr(reqbuf, EAP_RESPONSE, eap_ident, EAP_TYPE_EXPANDED, 1);
  1571. if (!cookie_found) {
  1572. /* No user interaction when called from pulse_connect().
  1573. * We expect the cookie to work. */
  1574. if (connecting) {
  1575. vpn_progress(vpninfo, PRG_ERR,
  1576. _("Pulse authentication cookie not accepted\n"));
  1577. ret = -EPERM;
  1578. goto out;
  1579. }
  1580. if (realm_entry) {
  1581. vpn_progress(vpninfo, PRG_TRACE, _("Pulse realm entry\n"));
  1582. ret = pulse_request_realm_entry(vpninfo, reqbuf);
  1583. if (ret)
  1584. goto out;
  1585. } else if (realms_found) {
  1586. vpn_progress(vpninfo, PRG_TRACE, _("Pulse realm choice\n"));
  1587. ret = pulse_request_realm_choice(vpninfo, reqbuf, realms_found, eap);
  1588. if (ret)
  1589. goto out;
  1590. } else if (j2_found) {
  1591. vpn_progress(vpninfo, PRG_TRACE,
  1592. _("Pulse password auth request, code 0x%02x\n"),
  1593. j2_code);
  1594. if (j2_code == J2_PASSCHANGE) {
  1595. ret = pulse_request_pass_change(vpninfo, reqbuf, eap2_ident,
  1596. prompt_flags);
  1597. } else if (j2_code == J2_PASSREQ || j2_code == J2_PASSRETRY) {
  1598. /* Present user/password form to user */
  1599. ret = pulse_request_user_auth(vpninfo, reqbuf, eap2_ident, prompt_flags,
  1600. (prompt_flags & PROMPT_PRIMARY) ? user_prompt : user2_prompt,
  1601. (prompt_flags & PROMPT_PRIMARY) ? pass_prompt : pass2_prompt);
  1602. } else {
  1603. vpn_progress(vpninfo, PRG_ERR,
  1604. _("Pulse password request with unknown code 0x%02x. Please report.\n"),
  1605. j2_code);
  1606. ret = -EINVAL;
  1607. }
  1608. if (ret)
  1609. goto out;
  1610. } else if (gtc_found) {
  1611. vpn_progress(vpninfo, PRG_TRACE,
  1612. _("Pulse password general token code request\n"));
  1613. /* Present user/password form to user */
  1614. ret = pulse_request_gtc(vpninfo, reqbuf, eap2_ident, prompt_flags,
  1615. (prompt_flags & PROMPT_PRIMARY) ? user_prompt : user2_prompt,
  1616. (prompt_flags & PROMPT_PRIMARY) ? pass_prompt : pass2_prompt,
  1617. gtc_prompt);
  1618. if (ret)
  1619. goto out;
  1620. } else if (old_sessions) {
  1621. vpn_progress(vpninfo, PRG_TRACE,
  1622. _("Pulse session limit, %d sessions\n"),
  1623. old_sessions);
  1624. ret = pulse_request_session_kill(vpninfo, reqbuf, old_sessions, eap);
  1625. if (ret)
  1626. goto out;
  1627. } else if (signin_prompt) {
  1628. buf_append_avp_be32(reqbuf, 0xd7c, 1);
  1629. } else {
  1630. vpn_progress(vpninfo, PRG_ERR,
  1631. _("Unhandled Pulse auth request\n"));
  1632. goto bad_eap;
  1633. }
  1634. /* If we get here, something has filled in the next response */
  1635. buf_fill_eap_len(reqbuf, eap_ofs);
  1636. ret = send_eap_packet(vpninfo, ttls, reqbuf);
  1637. if (ret)
  1638. goto out;
  1639. goto auth_response;
  1640. }
  1641. /* We're done, but need to send an empty response to the above information
  1642. * in order that the EAP session can complete with 'success'. Not quite
  1643. * sure why they didn't send it as payload on the success frame, mind you. */
  1644. buf_fill_eap_len(reqbuf, eap_ofs);
  1645. ret = send_eap_packet(vpninfo, ttls, reqbuf);
  1646. if (ret)
  1647. goto out;
  1648. if (ttls) {
  1649. /* Normally we don't actually send the EAP-TTLS frame until
  1650. * we're waiting for a response, which allows us to coalesce.
  1651. * This time, we need to flush the outbound frames. The empty
  1652. * EAP response (within EAP-TTLS) causes the server to close
  1653. * the EAP-TTLS session and the next response is plain IF-T/TLS
  1654. * IFT_CLIENT_AUTH_SUCCESS just like the non-certificate mode. */
  1655. pulse_eap_ttls_recv(vpninfo, NULL, 0);
  1656. }
  1657. ret = recv_ift_packet(vpninfo, (void *)bytes, sizeof(bytes));
  1658. if (ret < 0)
  1659. goto out;
  1660. if (!valid_ift_success(bytes, ret)) {
  1661. vpn_progress(vpninfo, PRG_ERR,
  1662. _("Unexpected response instead of IF-T/TLS auth success:\n"));
  1663. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)bytes, ret);
  1664. ret = -EINVAL;
  1665. goto out;
  1666. }
  1667. ret = 0;
  1668. out:
  1669. if (ret)
  1670. openconnect_close_https(vpninfo, 0);
  1671. buf_free(reqbuf);
  1672. if (ttls)
  1673. destroy_eap_ttls(vpninfo, ttls);
  1674. buf_free(vpninfo->ttls_pushbuf);
  1675. vpninfo->ttls_pushbuf = NULL;
  1676. free(vpninfo->ttls_recvbuf);
  1677. vpninfo->ttls_recvbuf = NULL;
  1678. free(user_prompt);
  1679. free(pass_prompt);
  1680. free(user2_prompt);
  1681. free(pass2_prompt);
  1682. free(gtc_prompt);
  1683. free(signin_prompt);
  1684. return ret;
  1685. }
  1686. static void buf_append_ttls_headers(struct openconnect_info *vpninfo, struct oc_text_buf *buf, uint8_t flags)
  1687. {
  1688. buf_append_ift_hdr(buf, VENDOR_TCG, IFT_CLIENT_AUTH_RESPONSE);
  1689. buf_append_be32(buf, JUNIPER_1); /* IF-T/TLS Auth Type */
  1690. buf_append_eap_hdr(buf, EAP_RESPONSE, 0 /*vpninfo->ttls_eap_ident*/,
  1691. EAP_TYPE_TTLS, 0);
  1692. /* Flags byte for EAP-TTLS */
  1693. buf_append_bytes(buf, &flags, 1);
  1694. }
  1695. int pulse_eap_ttls_send(struct openconnect_info *vpninfo, const void *data, int len)
  1696. {
  1697. struct oc_text_buf *buf = vpninfo->ttls_pushbuf;
  1698. if (!buf) {
  1699. buf = vpninfo->ttls_pushbuf = buf_alloc();
  1700. if (!buf)
  1701. return -ENOMEM;
  1702. }
  1703. /* We concatenate sent data into a single EAP-TTLS frame which is
  1704. * sent just before we actually need to read something. */
  1705. if (!buf->pos)
  1706. buf_append_ttls_headers(vpninfo, buf, 0);
  1707. buf_append_bytes(buf, data, len);
  1708. return len;
  1709. }
  1710. int pulse_eap_ttls_recv(struct openconnect_info *vpninfo, void *data, int len)
  1711. {
  1712. struct oc_text_buf *pushbuf;
  1713. int ret;
  1714. if (!len && (vpninfo->ttls_recvlen || vpninfo->ttls_msgleft)) {
  1715. vpn_progress(vpninfo, PRG_ERR,
  1716. _("EAP-TTLS failure: Flushing output with pending input bytes\n"));
  1717. return -EIO;
  1718. }
  1719. if (!vpninfo->ttls_recvlen) {
  1720. uint8_t flags;
  1721. if (vpninfo->ttls_msgleft) {
  1722. /* Fragments left to receive of current message.
  1723. * Send an Acknowledge frame */
  1724. pushbuf = buf_alloc();
  1725. buf_append_ttls_headers(vpninfo, pushbuf, 0);
  1726. } else {
  1727. /* Send the pending outbound bytes as a single message */
  1728. pushbuf = vpninfo->ttls_pushbuf;
  1729. vpninfo->ttls_pushbuf = NULL;
  1730. }
  1731. if (buf_error(pushbuf))
  1732. return buf_free(pushbuf);
  1733. /* This can never happen. We *always* put the header in. */
  1734. if (pushbuf->pos < 0x1a) {
  1735. vpn_progress(vpninfo, PRG_ERR,
  1736. _("Error creating EAP-TTLS buffer\n"));
  1737. buf_free(pushbuf);
  1738. return -EIO;
  1739. }
  1740. /* Handle outbound fragmentation if necessary */
  1741. if (pushbuf->pos > TTLS_MAXFRAG + 0x1a) {
  1742. struct oc_text_buf *frag = buf_alloc();
  1743. uint8_t flags = TTLS_MOREFRAGS | TTLS_LENGTH;
  1744. uint32_t remaining;
  1745. char *msg;
  1746. if (buf_error(frag)) {
  1747. buf_free(pushbuf);
  1748. return buf_free(frag);
  1749. }
  1750. remaining = pushbuf->pos - 0x1a;
  1751. msg = pushbuf->data + 0x1a;
  1752. do {
  1753. buf_append_ttls_headers(vpninfo, frag, flags);
  1754. if (flags & TTLS_LENGTH) {
  1755. buf_append_be32(frag, remaining);
  1756. flags &= ~TTLS_LENGTH;
  1757. }
  1758. buf_append_bytes(frag, msg, TTLS_MAXFRAG);
  1759. msg += TTLS_MAXFRAG;
  1760. remaining -= TTLS_MAXFRAG;
  1761. if (buf_error(frag)) {
  1762. buf_free(pushbuf);
  1763. return buf_free(frag);
  1764. }
  1765. frag->data[0x15] = vpninfo->ttls_eap_ident;
  1766. buf_fill_eap_len(frag, 0x14);
  1767. ret = send_ift_packet(vpninfo, frag);
  1768. if (ret) {
  1769. buf_free(pushbuf);
  1770. buf_free(frag);
  1771. return ret;
  1772. }
  1773. buf_truncate(frag);
  1774. ret = vpninfo->ssl_read(vpninfo, (void *)vpninfo->ttls_recvbuf,
  1775. TLS_RECORD_MAX);
  1776. if (ret < 0) {
  1777. vpn_progress(vpninfo, PRG_ERR,
  1778. _("Failed to read EAP-TTLS Acknowledge: %s\n"),
  1779. strerror(-ret));
  1780. buf_free(pushbuf);
  1781. buf_free(frag);
  1782. return ret;
  1783. }
  1784. if (ret > 0 && vpninfo->dump_http_traffic) {
  1785. vpn_progress(vpninfo, PRG_TRACE,
  1786. _("Read %d bytes of IF-T/TLS EAP-TTLS record\n"),
  1787. ret);
  1788. dump_buf_hex(vpninfo, PRG_TRACE, '<',
  1789. (void *)vpninfo->ttls_recvbuf,
  1790. ret);
  1791. }
  1792. if (!valid_ift_auth_eap(vpninfo->ttls_recvbuf, ret) ||
  1793. ret != 0x1a ||
  1794. vpninfo->ttls_recvbuf[0x18] != EAP_TYPE_TTLS ||
  1795. vpninfo->ttls_recvbuf[0x19] != 0) {
  1796. vpn_progress(vpninfo, PRG_ERR,
  1797. _("Bad EAP-TTLS Acknowledge packet\n"));
  1798. buf_free(pushbuf);
  1799. buf_free(frag);
  1800. return -EIO;
  1801. }
  1802. vpninfo->ttls_eap_ident = vpninfo->ttls_recvbuf[0x15];
  1803. } while (remaining > TTLS_MAXFRAG);
  1804. buf_free(frag);
  1805. memmove(pushbuf->data + 0x1a, msg, remaining);
  1806. pushbuf->pos = remaining + 0x1a;
  1807. }
  1808. /* Fill in the EAP header ident and length */
  1809. pushbuf->data[0x15] = vpninfo->ttls_eap_ident;
  1810. buf_fill_eap_len(pushbuf, 0x14);
  1811. ret = send_ift_packet(vpninfo, pushbuf);
  1812. buf_free(pushbuf);
  1813. if (ret)
  1814. return ret;
  1815. /* If called just to flush outbound, return now. */
  1816. if (!len)
  1817. return 0;
  1818. vpninfo->ttls_recvlen = vpninfo->ssl_read(vpninfo, (void *)vpninfo->ttls_recvbuf,
  1819. TLS_RECORD_MAX);
  1820. if (vpninfo->ttls_recvlen > 0 && vpninfo->dump_http_traffic) {
  1821. vpn_progress(vpninfo, PRG_TRACE,
  1822. _("Read %d bytes of IF-T/TLS EAP-TTLS record\n"),
  1823. vpninfo->ttls_recvlen);
  1824. dump_buf_hex(vpninfo, PRG_TRACE, '<',
  1825. (void *)vpninfo->ttls_recvbuf,
  1826. vpninfo->ttls_recvlen);
  1827. }
  1828. if (!valid_ift_auth_eap(vpninfo->ttls_recvbuf, vpninfo->ttls_recvlen) ||
  1829. vpninfo->ttls_recvlen < 0x1a ||
  1830. vpninfo->ttls_recvbuf[0x18] != EAP_TYPE_TTLS) {
  1831. bad_pkt:
  1832. vpn_progress(vpninfo, PRG_ERR,
  1833. _("Bad EAP-TTLS packet (len %d, left %d)\n"),
  1834. vpninfo->ttls_recvlen, vpninfo->ttls_msgleft);
  1835. return -EIO;
  1836. }
  1837. vpninfo->ttls_eap_ident = vpninfo->ttls_recvbuf[0x15];
  1838. flags = vpninfo->ttls_recvbuf[0x19];
  1839. /* Start, Reserved bits and version (we only support version zero) */
  1840. if (flags & 0x3f)
  1841. goto bad_pkt;
  1842. if (vpninfo->ttls_msgleft) {
  1843. /* Second and subsequent fragments MUST NOT have L bit set */
  1844. if (flags & TTLS_LENGTH)
  1845. goto bad_pkt;
  1846. /* The header doesn't contain a length word. Just IF-T/TLS, EAP, TTLS */
  1847. vpninfo->ttls_recvpos = 0x1a;
  1848. vpninfo->ttls_recvlen -= 0x1a;
  1849. if (flags & TTLS_MOREFRAGS) {
  1850. /* If the More Fragments bit is set, this packet
  1851. * must contain fewer bytes than are left. */
  1852. if (vpninfo->ttls_recvlen >= vpninfo->ttls_msgleft)
  1853. goto bad_pkt;
  1854. } else {
  1855. /* If the More Fragments bit is set, this packet
  1856. must contain precisely the number of bytes left. */
  1857. if (vpninfo->ttls_recvlen != vpninfo->ttls_msgleft)
  1858. goto bad_pkt;
  1859. }
  1860. vpninfo->ttls_msgleft -= vpninfo->ttls_recvlen;
  1861. } else if (flags & TTLS_MOREFRAGS) {
  1862. /* First fragment MUST have Length */
  1863. if (!(flags & TTLS_LENGTH) || vpninfo->ttls_recvlen < 0x1e)
  1864. goto bad_pkt;
  1865. vpninfo->ttls_recvpos = 0x1e;
  1866. vpninfo->ttls_recvlen -= 0x1e;
  1867. vpninfo->ttls_msgleft = load_be32(vpninfo->ttls_recvbuf + 0x1a);
  1868. if (vpninfo->ttls_msgleft <= vpninfo->ttls_recvlen || !vpninfo->ttls_recvlen)
  1869. goto bad_pkt;
  1870. vpninfo->ttls_msgleft -= vpninfo->ttls_recvlen;
  1871. } else {
  1872. /* Unfragmented message */
  1873. if (flags & TTLS_LENGTH) {
  1874. /* Length bit. */
  1875. if (vpninfo->ttls_recvlen < 0x1e ||
  1876. load_be32(vpninfo->ttls_recvbuf + 0x1a) != vpninfo->ttls_recvlen - 0x1e)
  1877. goto bad_pkt;
  1878. vpninfo->ttls_recvpos = 0x1e;
  1879. vpninfo->ttls_recvlen -= 0x1e;
  1880. } else {
  1881. vpninfo->ttls_recvpos = 0x1a;
  1882. vpninfo->ttls_recvlen -= 0x1a;
  1883. }
  1884. vpninfo->ttls_msgleft = 0;
  1885. if (!vpninfo->ttls_recvlen)
  1886. goto bad_pkt;
  1887. }
  1888. }
  1889. if (len > vpninfo->ttls_recvlen) {
  1890. memcpy(data, vpninfo->ttls_recvbuf + vpninfo->ttls_recvpos,
  1891. vpninfo->ttls_recvlen);
  1892. len = vpninfo->ttls_recvlen;
  1893. vpninfo->ttls_recvlen = 0;
  1894. return len;
  1895. }
  1896. memcpy(data, vpninfo->ttls_recvbuf + vpninfo->ttls_recvpos, len);
  1897. vpninfo->ttls_recvpos += len;
  1898. vpninfo->ttls_recvlen -= len;
  1899. return len;
  1900. }
  1901. int pulse_obtain_cookie(struct openconnect_info *vpninfo)
  1902. {
  1903. return pulse_authenticate(vpninfo, 0);
  1904. }
  1905. /* Handler for config attributes, see handle_main_config_packet */
  1906. static int handle_attr_elements(struct openconnect_info *vpninfo,
  1907. unsigned char *bytes, int len,
  1908. struct oc_vpn_option **new_opts,
  1909. struct oc_ip_info *new_ip_info)
  1910. {
  1911. unsigned char *p = bytes;
  1912. int l = len;
  1913. /* No idea what this is */
  1914. if (l < 8 || load_be32(p + 4) != 0x03000000)
  1915. return -EINVAL;
  1916. p += 8;
  1917. l -= 8;
  1918. while (l) {
  1919. if (l < 4)
  1920. return -EINVAL;
  1921. uint16_t type = load_be16(p);
  1922. uint16_t attrlen = load_be16(p+2);
  1923. if (attrlen + 4 > l)
  1924. return -EINVAL;
  1925. p += 4;
  1926. l -= 4;
  1927. process_attr(vpninfo, new_opts, new_ip_info, type, p, attrlen);
  1928. p += attrlen;
  1929. l -= attrlen;
  1930. }
  1931. return 0;
  1932. }
  1933. /* Example config packet:
  1934. < 0000: 00 00 0a 4c 00 00 00 01 00 00 01 80 00 00 01 fb |...L............|
  1935. < 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
  1936. < 0020: 2c 20 f0 00 00 00 00 00 00 00 01 70 2e 00 00 78 |, .........p...x|
  1937. < 0030: 07 00 00 00 07 00 00 10 00 00 ff ff 05 05 00 00 |................|
  1938. < 0040: 05 05 ff ff 07 00 00 10 00 00 ff ff 07 00 00 00 |................|
  1939. < 0050: 07 00 00 ff 07 00 00 10 00 00 ff ff 08 08 08 08 |................|
  1940. < 0060: 08 08 08 08 f1 00 00 10 00 00 ff ff 06 06 06 06 |................|
  1941. < 0070: 06 06 06 07 f1 00 00 10 00 00 ff ff 09 09 09 09 |................|
  1942. < 0080: 09 09 09 09 f1 00 00 10 00 00 ff ff 0a 0a 0a 0a |................|
  1943. < 0090: 0a 0a 0a 0a f1 00 00 10 00 00 ff ff 0b 0b 0b 0b |................|
  1944. < 00a0: 0b 0b 0b 0b 00 00 00 dc 03 00 00 00 40 00 00 01 |............@...|
  1945. < 00b0: 00 40 01 00 01 00 40 1f 00 01 00 40 20 00 01 00 |.@....@....@ ...|
  1946. < 00c0: 40 21 00 01 00 40 05 00 04 00 00 05 78 00 03 00 |@!...@......x...|
  1947. < 00d0: 04 08 08 08 08 00 03 00 04 08 08 04 04 40 06 00 |.............@..|
  1948. < 00e0: 0c 70 73 65 63 75 72 65 2e 6e 65 74 00 40 07 00 |.psecure.net.@..|
  1949. < 00f0: 04 00 00 00 00 00 04 00 04 01 01 01 01 40 19 00 |.............@..|
  1950. < 0100: 01 01 40 1a 00 01 00 40 0f 00 02 00 00 40 10 00 |..@....@.....@..|
  1951. < 0110: 02 00 05 40 11 00 02 00 02 40 12 00 04 00 00 04 |...@.....@......|
  1952. < 0120: b0 40 13 00 04 00 00 00 00 40 14 00 04 00 00 00 |.@.......@......|
  1953. < 0130: 01 40 15 00 04 00 00 00 00 40 16 00 02 11 94 40 |.@.......@.....@|
  1954. < 0140: 17 00 04 00 00 00 0f 40 18 00 04 00 00 00 3c 00 |.......@......<.|
  1955. < 0150: 01 00 04 0a 14 03 01 00 02 00 04 ff ff ff ff 40 |...............@|
  1956. < 0160: 0b 00 04 0a c8 c8 c8 40 0c 00 01 00 40 0d 00 01 |.......@....@...|
  1957. < 0170: 00 40 0e 00 01 00 40 1b 00 01 00 40 1c 00 01 00 |.@....@....@....|
  1958. It starts as an IF-T/TLS packet of type Juniper/1.
  1959. Lots of zeroes at the start, and at 0x20 there is a distinctive 0x2c20f000
  1960. signature which appears to be in all config packets.
  1961. At 0x28 it has the payload length (0x10 less than the full IF-T length).
  1962. 0x2c is the start of the routing information. The 0x2e byte always
  1963. seems to be there, and in this example 0x78 is the length of the
  1964. routing information block. The number of entries is in byte 0x30.
  1965. In the absence of IPv6 perhaps, the length at 0x2c seems always to be
  1966. the number of entries (in 0x30) * 0x10 + 8.
  1967. Routing entries are 0x10 bytes each, starting at 0x34. The ones starting
  1968. with 0x07 are include, with 0xf1 are exclude. No idea what the following 7
  1969. bytes 0f 00 00 10 00 00 ff ff mean; perhaps the 0010 is a length? The IP
  1970. address range is in bytes 8-11 (starting address) and the highest address
  1971. of the range (traditionally a broadcast address) is in bytes 12-15.
  1972. After the routing inforamation (in this example at 0xa4) comes another
  1973. length field, this time for the information elements which comprise
  1974. the rest of the packet. Not sure what the 03 00 00 00 at 0xa8 means;
  1975. it *could* be an element type 0x3000 with payload length zero but if it
  1976. is, we don't know what it means. Following that, the elements all have
  1977. two bytes of type followed by two bytes length, then their payload.
  1978. There follows an attempt to parse the packet based on the above
  1979. understanding. Having more examples, especially with IPv6 split includes
  1980. and excludes, would be useful...
  1981. */
  1982. static int handle_main_config_packet(struct openconnect_info *vpninfo,
  1983. unsigned char *bytes, int len)
  1984. {
  1985. int routes_len = 0;
  1986. int l;
  1987. unsigned char *p;
  1988. int offset = 0x2c;
  1989. struct oc_vpn_option *new_opts = NULL;
  1990. struct oc_ip_info new_ip_info = {};
  1991. if (len < 0x31) {
  1992. bad_config:
  1993. vpn_progress(vpninfo, PRG_ERR,
  1994. _("Unexpected Pulse config packet:\n"));
  1995. dump_buf_hex(vpninfo, PRG_ERR, '<', (void *)bytes, len);
  1996. free_optlist(new_opts);
  1997. free_split_routes(&new_ip_info);
  1998. return -EINVAL;
  1999. }
  2000. /* On Pulse 9.1R14, we see packet type 0x2e20f0000, whereas earlier
  2001. * versions had 0x2c20f0000.
  2002. * With the newer packet type, we seem to have a leading set of
  2003. * attribute elements. Example:
  2004. * 2c 00 (fixed)
  2005. * 00 0d (length 13)
  2006. * 03 00 00 00 (fixed)
  2007. * 40 25 00 01 01 (unknown attr 0x4025, length 1, value 0x01)
  2008. */
  2009. if (bytes[0x20] == 0x2e) {
  2010. /* Length of attributes section */
  2011. int attr_len = load_be16(bytes + 0x2e);
  2012. /* Start of attributes */
  2013. if (load_be16(bytes + 0x2c) != 0x2c00 ||
  2014. len < 0x2c + attr_len + 4 ||
  2015. /* Process the attributes */
  2016. handle_attr_elements(vpninfo, bytes + 0x2c, attr_len,
  2017. &new_opts, &new_ip_info) < 0) {
  2018. goto bad_config;
  2019. }
  2020. offset += attr_len;
  2021. }
  2022. /* First part of header, similar to ESP, has already been checked */
  2023. if (len < offset + 5 ||
  2024. /* Start of routing information */
  2025. load_be16(bytes + offset) != 0x2e00 ||
  2026. /* Routing length at offset+2 makes sense */
  2027. (routes_len = load_be16(bytes + offset + 2)) != ((int)bytes[offset + 4] * 0x10 + 8) ||
  2028. /* Make sure the next length field (at 0xa4 in the above example) is present */
  2029. len < offset + routes_len + 4 ||
  2030. /* Another length field, must match to end of packet */
  2031. load_be32(bytes + offset + routes_len) + routes_len + offset != len) {
  2032. }
  2033. p = bytes + offset + 8;
  2034. routes_len -= 8; /* The header including length and number of routes */
  2035. /* We know it's a multiple of 0x10 now. We checked. */
  2036. while (routes_len) {
  2037. char buf[80];
  2038. /* Probably not a whole be32 but let's see if anything ever changes */
  2039. uint32_t type = load_be32(p);
  2040. uint32_t ffff = load_be32(p+4);
  2041. if (ffff != 0xffff)
  2042. goto bad_config;
  2043. /* Convert the range end into a netmask by xor. Mask out the
  2044. * bits in the network address, leaving only the low bits set,
  2045. * then invert what's left so that only the high bits are set
  2046. * as in a normal netmask.
  2047. *
  2048. * e.g.
  2049. * 10.0.0.0-10.0.63.255 becomes 0.0.63.255 becomes 255.255.192.0
  2050. */
  2051. snprintf(buf, sizeof(buf), "%d.%d.%d.%d/%d.%d.%d.%d",
  2052. p[8], p[9], p[10], p[11],
  2053. 255 ^ (p[8] ^ p[12]), 255 ^ (p[9] ^ p[13]),
  2054. 255 ^ (p[10] ^ p[14]), 255 ^ (p[11] ^ p[15]));
  2055. if (type == 0x07000010) {
  2056. struct oc_split_include *inc;
  2057. vpn_progress(vpninfo, PRG_DEBUG, _("Received split include route %s\n"), buf);
  2058. inc = malloc(sizeof(*inc));
  2059. if (inc) {
  2060. inc->route = add_option_dup(&new_opts, "split-include", buf, -1);
  2061. if (inc->route) {
  2062. inc->next = new_ip_info.split_includes;
  2063. new_ip_info.split_includes = inc;
  2064. } else
  2065. free(inc);
  2066. }
  2067. } else if (type == 0xf1000010) {
  2068. struct oc_split_include *exc;
  2069. vpn_progress(vpninfo, PRG_DEBUG, _("Received split exclude route %s\n"), buf);
  2070. exc = malloc(sizeof(*exc));
  2071. if (exc) {
  2072. exc->route = add_option_dup(&new_opts, "split-exclude", buf, -1);
  2073. if (exc->route) {
  2074. exc->next = new_ip_info.split_excludes;
  2075. new_ip_info.split_excludes = exc;
  2076. } else
  2077. free(exc);
  2078. }
  2079. } else {
  2080. vpn_progress(vpninfo, PRG_ERR, _("Receive route of unknown type 0x%08x\n"),
  2081. type);
  2082. goto bad_config;
  2083. }
  2084. p += 0x10;
  2085. routes_len -= 0x10;
  2086. }
  2087. /* p now points at the length field of the final elements, which
  2088. was already checked. */
  2089. l = load_be32(p);
  2090. if (handle_attr_elements(vpninfo, p, l, &new_opts, &new_ip_info) < 0)
  2091. goto bad_config;
  2092. int ret = install_vpn_opts(vpninfo, new_opts, &new_ip_info);
  2093. if (ret) {
  2094. free_optlist(new_opts);
  2095. free_split_routes(&new_ip_info);
  2096. }
  2097. return ret;
  2098. }
  2099. /* Example ESP config packet:
  2100. < 0000: 00 00 0a 4c 00 00 00 01 00 00 00 80 00 00 01 fc |...L............|
  2101. < 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
  2102. < 0020: 21 20 24 00 00 00 00 00 00 00 00 70 00 00 00 54 |! $........p...T|
  2103. < 0030: 01 00 00 00 ec 52 1b 6c 00 40 11 9d c5 f6 85 f3 |.....R.l.@......|
  2104. < 0040: 26 7d 70 75 44 45 63 eb 64 00 fb ba 89 4f 24 b2 |&}puDEc.d....O$.|
  2105. < 0050: 81 42 ce 24 b8 0a f8 b6 71 39 78 f8 5e 6f 5f d6 |.B.$....q9x.^o_.|
  2106. < 0060: 9e 5c 06 47 8d 1e f3 0e 5a 51 ae b2 3d 09 8d 27 |.\.G....ZQ..=..'|
  2107. < 0070: e0 50 76 6a 22 9a d1 20 86 78 00 00 00 00 00 00 |.Pvj".. .x......|
  2108. First 0x2c bytes are like the main config packet header.
  2109. At 0x2c there is another length field, covering the whole of the
  2110. rest of this packet. Then an unknown 0x01000000 at 0x30, followed
  2111. by the server->client SPI in little-endian(!) form at 0x34.
  2112. Then follows the secrets, with a 2-byte length field at 0x38 (which
  2113. is always 0x40), followed by the secrets themselves. As with
  2114. Juniper Network Connect, the HMAC secret immediately follows the
  2115. encryption key, however large the latter is.
  2116. */
  2117. static int handle_esp_config_packet(struct openconnect_info *vpninfo,
  2118. unsigned char *bytes, int len)
  2119. {
  2120. #ifdef HAVE_ESP
  2121. struct esp *esp;
  2122. int secretslen;
  2123. uint32_t spi;
  2124. int ret;
  2125. if (len < 0x6a ||
  2126. load_be32(bytes + 0x2c) != len - 0x2c ||
  2127. load_be32(bytes + 0x30) != 0x01000000 ||
  2128. load_be16(bytes + 0x38) != 0x40) {
  2129. vpn_progress(vpninfo, PRG_ERR,
  2130. _("Invalid ESP config packet:\n"));
  2131. dump_buf_hex(vpninfo, PRG_ERR, '<', bytes, len);
  2132. return -EINVAL;
  2133. }
  2134. /* We insist on this being 0x40 for now. But just in case it later changes... */
  2135. secretslen = load_be16(bytes + 0x38);
  2136. vpn_progress(vpninfo, PRG_DEBUG, _("%d bytes of ESP secrets\n"), secretslen);
  2137. if (!vpninfo->enc_key_len || !vpninfo->hmac_key_len ||
  2138. vpninfo->enc_key_len + vpninfo->hmac_key_len > secretslen) {
  2139. vpn_progress(vpninfo, PRG_ERR,
  2140. _("Invalid ESP setup\n"));
  2141. return -EINVAL;
  2142. }
  2143. /* Yes, bizarrely this is little-endian on the wire. I have no idea
  2144. * what made them do this. */
  2145. spi = load_le32(bytes + 0x34);
  2146. vpn_progress(vpninfo, PRG_DEBUG, _("ESP SPI (outbound): %x\n"), spi);
  2147. /* But we store it internally as big-endian because we never do any
  2148. * calculations on it; it's only set into outbound packets and matched
  2149. * on incoming ones... and we've NEVER had to see it in little-endian
  2150. * form ever before because that's insane! */
  2151. store_be32(&vpninfo->esp_out.spi, spi);
  2152. memcpy(vpninfo->esp_out.enc_key, bytes + 0x3a, vpninfo->enc_key_len);
  2153. memcpy(vpninfo->esp_out.hmac_key, bytes + 0x3a + vpninfo->enc_key_len,
  2154. vpninfo->hmac_key_len);
  2155. ret = openconnect_setup_esp_keys(vpninfo, 1);
  2156. if (ret)
  2157. return ret;
  2158. esp = &vpninfo->esp_in[vpninfo->current_esp_in];
  2159. /* Now, using the buffer in which we received the original packet (which
  2160. * we trust our caller made large enough), create an appropriate reply.
  2161. * A reply packet contains two sets of ESP information, as we are expected
  2162. * to send our own followed by a copy of what the server sent to us. */
  2163. /* Adjust the length in the IF-T/TLS header */
  2164. store_be32(bytes + 8, 0x40 + 2 * secretslen);
  2165. /* Copy the server's own ESP information into place */
  2166. memmove(bytes + secretslen + 0x3a, bytes + 0x34, secretslen + 0x06);
  2167. /* Adjust other length fields. */
  2168. store_be32(bytes + 0x28, 0x30 + 2 * secretslen);
  2169. store_be32(bytes + 0x2c, 0x14 + 2 * secretslen);
  2170. /* Store the SPI. Bizarrely little-endian again. */
  2171. store_le32(bytes + 0x34, load_be32(&esp->spi));
  2172. memcpy(bytes + 0x3a, esp->enc_key, vpninfo->enc_key_len);
  2173. memcpy(bytes + 0x3a + vpninfo->enc_key_len, esp->hmac_key, vpninfo->hmac_key_len);
  2174. memset(bytes + 0x3a + vpninfo->enc_key_len + vpninfo->hmac_key_len,
  2175. 0, 0x40 - vpninfo->enc_key_len - vpninfo->hmac_key_len);
  2176. return 0;
  2177. #else
  2178. return -EINVAL;
  2179. #endif
  2180. }
  2181. int pulse_connect(struct openconnect_info *vpninfo)
  2182. {
  2183. struct oc_text_buf *reqbuf;
  2184. unsigned char bytes[TLS_RECORD_MAX];
  2185. int ret;
  2186. /* If we already have a channel open, it's because we have just
  2187. * successfully authenticated on it from pulse_obtain_cookie(). */
  2188. if (vpninfo->ssl_fd == -1) {
  2189. ret = pulse_authenticate(vpninfo, 1);
  2190. if (ret)
  2191. return ret;
  2192. }
  2193. while (1) {
  2194. uint32_t pkt_type;
  2195. ret = recv_ift_packet(vpninfo, (void *)bytes, sizeof(bytes));
  2196. if (ret < 0)
  2197. return ret;
  2198. if (ret < 16 || load_be32(bytes + 8) != ret) {
  2199. vpn_progress(vpninfo, PRG_ERR,
  2200. _("Bad IF-T/TLS packet when expecting configuration:\n"));
  2201. dump_buf_hex(vpninfo, PRG_ERR, '<', bytes, ret);
  2202. return -EINVAL;
  2203. }
  2204. if (load_be32(bytes) != VENDOR_JUNIPER) {
  2205. bad_pkt:
  2206. vpn_progress(vpninfo, PRG_INFO,
  2207. _("Unexpected IF-T/TLS packet when expecting configuration.\n"));
  2208. dump_buf_hex(vpninfo, PRG_DEBUG, '<', bytes, ret);
  2209. continue;
  2210. }
  2211. pkt_type = load_be32(bytes + 4);
  2212. /* End of configuration? Seems to have a 4-byte payload of zeroes. */
  2213. if (pkt_type == 0x8f)
  2214. break;
  2215. /* The main and ESP config packets both start like this. The word at
  2216. * 0x20 is 0x2c20f000 for config and 0x0x21202400 for ESP, and the word
  2217. * at 0x2c is the length of the payload (0x10 less than the overall
  2218. * length including (and in) the IF-T/TLS header. e.g 0x170 here:
  2219. *
  2220. * < 0000: 00 00 0a 4c 00 00 00 01 00 00 01 80 00 00 01 fb |...L............|
  2221. * < 0010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|
  2222. * < 0020: 2c 20 f0 00 00 00 00 00 00 00 01 70 ... |, .........|
  2223. */
  2224. if (pkt_type != 1 || ret < 0x2c || load_be32(bytes + 0x10) ||
  2225. load_be32(bytes + 0x14) || load_be32(bytes + 0x18) ||
  2226. load_be32(bytes + 0x1c) || load_be32(bytes + 0x24) ||
  2227. load_be32(bytes + 0x28) != ret - 0x10)
  2228. goto bad_pkt;
  2229. switch(load_be32(bytes + 0x20)) {
  2230. case 0x2c20f000:
  2231. case 0x2e20f000: /* Variant seen on Pulse 9.1R14 */
  2232. ret = handle_main_config_packet(vpninfo, bytes, ret);
  2233. if (ret)
  2234. return ret;
  2235. break;
  2236. case 0x21202400:
  2237. ret = handle_esp_config_packet(vpninfo, bytes, ret);
  2238. if (ret) {
  2239. vpninfo->dtls_state = DTLS_DISABLED;
  2240. continue;
  2241. }
  2242. /* It has created a response packet to send. */
  2243. ret = send_ift_bytes(vpninfo, bytes, load_be32(bytes + 8));
  2244. if (ret)
  2245. return ret;
  2246. /* Tell server to enable ESP handling */
  2247. reqbuf = buf_alloc();
  2248. buf_append_ift_hdr(reqbuf, VENDOR_JUNIPER, 5);
  2249. buf_append(reqbuf, "ncmo=1\n%c", 0);
  2250. ret = send_ift_packet(vpninfo, reqbuf);
  2251. buf_free(reqbuf);
  2252. if (ret)
  2253. return ret;
  2254. break;
  2255. default:
  2256. goto bad_pkt;
  2257. }
  2258. }
  2259. if (!vpninfo->ip_info.mtu ||
  2260. (!vpninfo->ip_info.addr && !vpninfo->ip_info.addr6)) {
  2261. vpn_progress(vpninfo, PRG_ERR, _("Insufficient configuration found\n"));
  2262. return -EINVAL;
  2263. }
  2264. /* This should never happen, but be defensive and shut Coverity up */
  2265. if (vpninfo->ssl_fd == -1)
  2266. return -EIO;
  2267. ret = 0;
  2268. monitor_fd_new(vpninfo, ssl);
  2269. monitor_read_fd(vpninfo, ssl);
  2270. monitor_except_fd(vpninfo, ssl);
  2271. free_pkt(vpninfo, vpninfo->cstp_pkt);
  2272. vpninfo->cstp_pkt = NULL;
  2273. return ret;
  2274. }
  2275. int pulse_mainloop(struct openconnect_info *vpninfo, int *timeout, int readable)
  2276. {
  2277. int ret;
  2278. int work_done = 0;
  2279. if (vpninfo->ssl_fd == -1)
  2280. goto do_reconnect;
  2281. /* FIXME: The poll() handling here is fairly simplistic. Actually,
  2282. if the SSL connection stalls it could return a WANT_WRITE error
  2283. on _either_ of the SSL_read() or SSL_write() calls. In that case,
  2284. we should probably remove POLLIN from the events we're looking for,
  2285. and add POLLOUT. As it is, though, it'll just chew CPU time in that
  2286. fairly unlikely situation, until the write backlog clears. */
  2287. while (readable) {
  2288. /* Some servers send us packets that are larger than
  2289. negotiated MTU. We reserve some extra space to
  2290. handle that */
  2291. int receive_mtu = MAX(16384, vpninfo->deflate_pkt_size ? : vpninfo->ip_info.mtu);
  2292. struct pkt *pkt = vpninfo->cstp_pkt;
  2293. int len, payload_len;
  2294. if (!pkt) {
  2295. pkt = vpninfo->cstp_pkt = alloc_pkt(vpninfo, receive_mtu);
  2296. if (!pkt) {
  2297. vpn_progress(vpninfo, PRG_ERR, _("Allocation failed\n"));
  2298. break;
  2299. }
  2300. }
  2301. /* Receive packet header, if there's anything there... */
  2302. len = ssl_nonblock_read(vpninfo, 0, &pkt->pulse.vendor, 16);
  2303. if (!len)
  2304. break;
  2305. if (len < 0)
  2306. goto do_reconnect;
  2307. if (len < 16) {
  2308. vpn_progress(vpninfo, PRG_ERR, _("Short packet received (%d bytes)\n"), len);
  2309. vpninfo->quit_reason = "Short packet received";
  2310. return 1;
  2311. }
  2312. /* Packets shouldn't cross SSL record boundaries (we hope!), so if there
  2313. * was a header there, then rest of that packet should be there too. */
  2314. if (load_be32(&pkt->pulse.len) > receive_mtu + 0x10) {
  2315. /* This doesn't look right. Pull the rest of the SSL record
  2316. * and complain about it (which we will, since the length
  2317. * won't match the header */
  2318. len = receive_mtu;
  2319. } else
  2320. len = load_be32(&pkt->pulse.len) - 0x10;
  2321. payload_len = ssl_nonblock_read(vpninfo, 0, &pkt->data, len);
  2322. if (payload_len != load_be32(&pkt->pulse.len) - 0x10) {
  2323. if (payload_len < 0)
  2324. len = 0x10;
  2325. else
  2326. len = payload_len + 0x10;
  2327. goto unknown_pkt;
  2328. }
  2329. if (load_be32(&pkt->pulse.vendor) != VENDOR_JUNIPER)
  2330. goto unknown_pkt;
  2331. vpninfo->ssl_times.last_rx = time(NULL);
  2332. len = payload_len + 0x10;
  2333. switch(load_be32(&pkt->pulse.type)) {
  2334. case 4:
  2335. vpn_progress(vpninfo, PRG_TRACE,
  2336. _("Received data packet of %d bytes\n"),
  2337. payload_len);
  2338. dump_buf_hex(vpninfo, PRG_TRACE, '<', (void *)&vpninfo->cstp_pkt->pulse.vendor, len);
  2339. vpninfo->cstp_pkt->len = payload_len;
  2340. queue_packet(&vpninfo->incoming_queue, pkt);
  2341. vpninfo->cstp_pkt = pkt = NULL;
  2342. work_done = 1;
  2343. continue;
  2344. case 1:
  2345. if (payload_len < 0x6a ||
  2346. load_be32(pkt->data + 0x10) != 0x21202400 ||
  2347. load_be32(pkt->data + 0x18) != payload_len ||
  2348. load_be32(pkt->data + 0x1c) != payload_len - 0x1c ||
  2349. load_be32(pkt->data + 0x20) != 0x01000000 ||
  2350. load_be16(pkt->data + 0x28) != 0x40)
  2351. goto unknown_pkt;
  2352. dump_buf_hex(vpninfo, PRG_TRACE, '<', (void *)&vpninfo->cstp_pkt->pulse.vendor, len);
  2353. ret = handle_esp_config_packet(vpninfo, (void *)&pkt->pulse.vendor, len);
  2354. if (ret) {
  2355. vpn_progress(vpninfo, PRG_ERR,
  2356. _("ESP rekey failed\n"));
  2357. vpninfo->proto->udp_close(vpninfo);
  2358. continue;
  2359. }
  2360. vpninfo->cstp_pkt = NULL;
  2361. pkt->len = load_be32(&pkt->pulse.len) - 16;
  2362. queue_packet(&vpninfo->tcp_control_queue, pkt);
  2363. print_esp_keys(vpninfo, _("new incoming"), &vpninfo->esp_in[vpninfo->current_esp_in]);
  2364. print_esp_keys(vpninfo, _("new outgoing"), &vpninfo->esp_out);
  2365. continue;
  2366. case 0x93: {
  2367. /* Expected contents are "errorType=%d errorString=%s\n". Known values:
  2368. * 6: "agentd error" (another session started and kicked this one off)
  2369. * 7: "session has been terminated" (by client)
  2370. * 8: "session timed out" (idle timeout)
  2371. */
  2372. if (payload_len < 12 || strncmp("errorType=", (const char *)pkt->data, 10))
  2373. goto unknown_pkt;
  2374. pkt->data[payload_len - 1] = '\0'; /* overwrite final '\n' */
  2375. char *endp;
  2376. unsigned long reason = strtol((const char *)pkt->data + 10, &endp, 10);
  2377. if (strncmp(" errorString=", endp, 13))
  2378. goto unknown_pkt;
  2379. urldecode_inplace(endp+1);
  2380. vpn_progress(vpninfo, PRG_ERR, _("Pulse fatal error (reason: %ld): %s\n"),
  2381. reason, endp+13);
  2382. vpninfo->quit_reason = strdup(endp+13);
  2383. return -EPIPE;
  2384. }
  2385. case 0x96:
  2386. /* It sends the licence information once the connection is set up. For
  2387. * now, abuse this to deal with the race condition in ESP setup — it looks
  2388. * like the server doesn't process the ESP config until after we've sent
  2389. * the probes, in some cases. */
  2390. if (vpninfo->dtls_state == DTLS_SLEEPING)
  2391. vpninfo->proto->udp_send_probes(vpninfo);
  2392. break;
  2393. default:
  2394. unknown_pkt:
  2395. vpn_progress(vpninfo, PRG_ERR,
  2396. _("Unknown Pulse packet of %d bytes (vendor 0x%03x, type 0x%02x, hdr_len %d, ident %d)\n"),
  2397. len, load_be32(&pkt->pulse.vendor), load_be32(&pkt->pulse.type),
  2398. load_be32(&pkt->pulse.len), load_be32(&pkt->pulse.ident));
  2399. dump_buf_hex(vpninfo, PRG_TRACE, '<', (void *)&vpninfo->cstp_pkt->pulse.vendor, len);
  2400. continue;
  2401. }
  2402. }
  2403. /* If SSL_write() fails we are expected to try again. With exactly
  2404. the same data, at exactly the same location. So we keep the
  2405. packet we had before.... */
  2406. if (vpninfo->current_ssl_pkt) {
  2407. handle_outgoing:
  2408. vpninfo->ssl_times.last_tx = time(NULL);
  2409. unmonitor_write_fd(vpninfo, ssl);
  2410. vpn_progress(vpninfo, PRG_TRACE, _("Packet outgoing:\n"));
  2411. dump_buf_hex(vpninfo, PRG_TRACE, '>',
  2412. (void *)&vpninfo->current_ssl_pkt->pulse.vendor,
  2413. vpninfo->current_ssl_pkt->len + 16);
  2414. ret = ssl_nonblock_write(vpninfo, 0,
  2415. &vpninfo->current_ssl_pkt->pulse.vendor,
  2416. vpninfo->current_ssl_pkt->len + 16);
  2417. if (ret < 0) {
  2418. do_reconnect:
  2419. /* XXX: Do we have to do this or can we leave it open?
  2420. * Perhaps we could even reconnect asynchronously while
  2421. * the ESP is still running? */
  2422. #ifdef HAVE_ESP
  2423. esp_shutdown(vpninfo);
  2424. #endif
  2425. ret = ssl_reconnect(vpninfo);
  2426. if (ret) {
  2427. vpn_progress(vpninfo, PRG_ERR, _("Reconnect failed\n"));
  2428. vpninfo->quit_reason = "Pulse reconnect failed";
  2429. return ret;
  2430. }
  2431. vpninfo->dtls_need_reconnect = 1;
  2432. return 1;
  2433. } else if (!ret) {
  2434. #if 0 /* Not for Pulse yet */
  2435. /* -EAGAIN: ssl_nonblock_write() will have added the SSL
  2436. fd to ->select_wfds if appropriate, so we can just
  2437. return and wait. Unless it's been stalled for so long
  2438. that DPD kicks in and we kill the connection. */
  2439. switch (ka_stalled_action(&vpninfo->ssl_times, timeout)) {
  2440. case KA_DPD_DEAD:
  2441. goto peer_dead;
  2442. case KA_REKEY:
  2443. goto do_rekey;
  2444. case KA_NONE:
  2445. return work_done;
  2446. default:
  2447. /* This should never happen */
  2448. break;
  2449. }
  2450. #else
  2451. return work_done;
  2452. #endif
  2453. }
  2454. if (ret != vpninfo->current_ssl_pkt->len + 16) {
  2455. vpn_progress(vpninfo, PRG_ERR,
  2456. _("SSL wrote too few bytes! Asked for %d, sent %d\n"),
  2457. vpninfo->current_ssl_pkt->len + 8, ret);
  2458. vpninfo->quit_reason = "Internal error";
  2459. return 1;
  2460. }
  2461. /* Don't free the 'special' packets */
  2462. if (vpninfo->current_ssl_pkt == vpninfo->deflate_pkt) {
  2463. free_pkt(vpninfo, vpninfo->pending_deflated_pkt);
  2464. vpninfo->pending_deflated_pkt = NULL;
  2465. } else
  2466. free_pkt(vpninfo, vpninfo->current_ssl_pkt);
  2467. vpninfo->current_ssl_pkt = NULL;
  2468. }
  2469. #if 0 /* Not understood for Pulse yet */
  2470. if (vpninfo->owe_ssl_dpd_response) {
  2471. vpninfo->owe_ssl_dpd_response = 0;
  2472. vpninfo->current_ssl_pkt = (struct pkt *)&dpd_resp_pkt;
  2473. goto handle_outgoing;
  2474. }
  2475. switch (keepalive_action(&vpninfo->ssl_times, timeout)) {
  2476. case KA_REKEY:
  2477. do_rekey:
  2478. /* Not that this will ever happen; we don't even process
  2479. the setting when we're asked for it. */
  2480. vpn_progress(vpninfo, PRG_INFO, _("CSTP rekey due\n"));
  2481. if (vpninfo->ssl_times.rekey_method == REKEY_TUNNEL)
  2482. goto do_reconnect;
  2483. else if (vpninfo->ssl_times.rekey_method == REKEY_SSL) {
  2484. ret = cstp_handshake(vpninfo, 0);
  2485. if (ret) {
  2486. /* if we failed rehandshake try establishing a new-tunnel instead of failing */
  2487. vpn_progress(vpninfo, PRG_ERR, _("Rehandshake failed; attempting new-tunnel\n"));
  2488. goto do_reconnect;
  2489. }
  2490. goto do_dtls_reconnect;
  2491. }
  2492. break;
  2493. case KA_DPD_DEAD:
  2494. peer_dead:
  2495. vpn_progress(vpninfo, PRG_ERR,
  2496. _("CSTP Dead Peer Detection detected dead peer!\n"));
  2497. goto do_reconnect;
  2498. do_reconnect:
  2499. ret = cstp_reconnect(vpninfo);
  2500. if (ret) {
  2501. vpn_progress(vpninfo, PRG_ERR, _("Reconnect failed\n"));
  2502. vpninfo->quit_reason = "CSTP reconnect failed";
  2503. return ret;
  2504. }
  2505. do_dtls_reconnect:
  2506. /* succeeded, let's rekey DTLS, if it is not rekeying
  2507. * itself. */
  2508. if (vpninfo->dtls_state > DTLS_SLEEPING &&
  2509. vpninfo->dtls_times.rekey_method == REKEY_NONE) {
  2510. vpninfo->dtls_need_reconnect = 1;
  2511. }
  2512. return 1;
  2513. case KA_DPD:
  2514. vpn_progress(vpninfo, PRG_DEBUG, _("Send CSTP DPD\n"));
  2515. vpninfo->current_ssl_pkt = (struct pkt *)&dpd_pkt;
  2516. goto handle_outgoing;
  2517. case KA_KEEPALIVE:
  2518. /* No need to send an explicit keepalive
  2519. if we have real data to send */
  2520. if (vpninfo->dtls_state != DTLS_ESTABLISHED &&
  2521. vpninfo->outgoing_queue.head)
  2522. break;
  2523. vpn_progress(vpninfo, PRG_DEBUG, _("Send CSTP Keepalive\n"));
  2524. vpninfo->current_ssl_pkt = (struct pkt *)&keepalive_pkt;
  2525. goto handle_outgoing;
  2526. case KA_NONE:
  2527. ;
  2528. }
  2529. #endif
  2530. if (vpninfo->dtls_state == DTLS_CONNECTED) {
  2531. /* We don't currently do anything to make the server start sending
  2532. * data packets in ESP instead of over IF-T/TLS. Just go straight
  2533. * to CONNECTED mode. */
  2534. vpninfo->dtls_state = DTLS_ESTABLISHED;
  2535. work_done = 1;
  2536. }
  2537. vpninfo->current_ssl_pkt = dequeue_packet(&vpninfo->tcp_control_queue);
  2538. if (vpninfo->current_ssl_pkt) {
  2539. /* Anything on the control queue will have the rest of its
  2540. header filled in already. */
  2541. store_be32(&vpninfo->current_ssl_pkt->pulse.ident, vpninfo->ift_seq++);
  2542. goto handle_outgoing;
  2543. }
  2544. /* Service outgoing packet queue, if no DTLS */
  2545. while (vpninfo->dtls_state != DTLS_ESTABLISHED &&
  2546. (vpninfo->current_ssl_pkt = dequeue_packet(&vpninfo->outgoing_queue))) {
  2547. struct pkt *this = vpninfo->current_ssl_pkt;
  2548. store_be32(&this->pulse.vendor, VENDOR_JUNIPER);
  2549. store_be32(&this->pulse.type, 4);
  2550. store_be32(&this->pulse.len, this->len + 16);
  2551. store_be32(&this->pulse.ident, vpninfo->ift_seq++);
  2552. vpn_progress(vpninfo, PRG_TRACE,
  2553. _("Sending IF-T/TLS data packet of %d bytes\n"),
  2554. this->len);
  2555. vpninfo->current_ssl_pkt = this;
  2556. goto handle_outgoing;
  2557. }
  2558. /* Work is not done if we just got rid of packets off the queue */
  2559. return work_done;
  2560. }
  2561. int pulse_bye(struct openconnect_info *vpninfo, const char *reason)
  2562. {
  2563. int ret = -1;
  2564. if (vpninfo->ssl_fd != -1) {
  2565. struct oc_text_buf *buf = buf_alloc();
  2566. buf_append_ift_hdr(buf, VENDOR_JUNIPER, 0x89);
  2567. if (!buf_error(buf))
  2568. ret = send_ift_packet(vpninfo, buf);
  2569. buf_free(buf);
  2570. openconnect_close_https(vpninfo, 0);
  2571. }
  2572. /* Try Juniper logout if tunnel was already closed */
  2573. if (ret < 0)
  2574. ret = oncp_bye(vpninfo, reason);
  2575. return ret;
  2576. }