/*!
* \brief Ensure that a nonce on an incoming request is sane.
*
* The nonce in an incoming Authorization header needs to pass some scrutiny in order
* for us to consider accepting it. What we do is re-build a nonce based on request
* data and a realm and see if it matches the nonce they sent us.
* \param candidate The nonce on an incoming request
* \param rdata The incoming request
* \param auth The auth credentials we are trying to match against.
* \retval 0 Nonce does not pass validity checks
* \retval 1 Nonce passes validity check
*/
static int check_nonce(const char *candidate, const pjsip_rx_data *rdata, const struct ast_sip_auth *auth)
{
char *copy = ast_strdupa(candidate);
char *timestamp = strsep(©, "/");
int timestamp_int;
time_t now = time(NULL);
struct ast_str *calculated = ast_str_alloca(64);
if (!copy) {
/* Clearly a bad nonce! */
return 0;
}
if (sscanf(timestamp, "%30d", ×tamp_int) != 1) {
return 0;
}
if ((int) now - timestamp_int > auth->nonce_lifetime) {
return 0;
}
build_nonce(&calculated, timestamp, rdata, auth->realm);
ast_debug(3, "Calculated nonce %s. Actual nonce is %s\n", ast_str_buffer(calculated), candidate);
if (strcmp(ast_str_buffer(calculated), candidate)) {
return 0;
}
return 1;
}
/*!
* \brief astobj2 callback for adding digest challenges to responses
*
* \param realm An auth's realm to build a challenge from
* \param tdata The response to add the challenge to
* \param rdata The request the challenge is in response to
* \param is_stale Indicates whether nonce on incoming request was stale
*/
static void challenge(const char *realm, pjsip_tx_data *tdata, const pjsip_rx_data *rdata, int is_stale)
{
pj_str_t qop;
pj_str_t pj_nonce;
pjsip_auth_srv auth_server;
struct ast_str *nonce = ast_str_alloca(256);
char time_buf[32];
time_t timestamp = time(NULL);
snprintf(time_buf, sizeof(time_buf), "%d", (int) timestamp);
build_nonce(&nonce, time_buf, rdata, realm);
setup_auth_srv(tdata->pool, &auth_server, realm);
pj_cstr(&pj_nonce, ast_str_buffer(nonce));
pj_cstr(&qop, "auth");
pjsip_auth_srv_challenge(&auth_server, &qop, &pj_nonce, NULL, is_stale ? PJ_TRUE : PJ_FALSE, tdata);
}
uint8_t *build_map_request_pkt(
lispd_mapping_elt *requested_mapping,
lisp_addr_t *src_eid,
uint8_t encap,
uint8_t probe,
uint8_t solicit_map_request,/* boolean really */
uint8_t smr_invoked,
int *len, /* return length here */
uint64_t *nonce) /* return nonce here */
{
uint8_t *packet = NULL;
uint8_t *mr_packet = NULL;
lispd_pkt_map_request_t *mrp = NULL;
lispd_pkt_mapping_record_t *rec = NULL;
lispd_pkt_map_request_itr_rloc_t *itr_rloc = NULL;
lispd_pkt_map_request_eid_prefix_record_t *request_eid_record = NULL;
uint8_t *cur_ptr = NULL;
int map_request_msg_len = 0;
int ctr = 0;
int cpy_len = 0;
int locators_ctr = 0;
lispd_mapping_elt *src_mapping = NULL;
lispd_locators_list *locators_list[2] = {NULL,NULL};
lispd_locator_elt *locator = NULL;
lisp_addr_t *ih_src_ip = NULL;
/*
* Lookup the local EID prefix from where we generate the message.
* src_eid is null for RLOC probing and refreshing map_cache -> Source-EID AFI = 0
*/
if (src_eid != NULL){
src_mapping = lookup_eid_in_db(*src_eid);
if (!src_mapping){
lispd_log_msg(LISP_LOG_DEBUG_2,"build_map_request_pkt: Source EID address not found in local data base - %s -",
get_char_from_lisp_addr_t(*src_eid));
return (NULL);
}
}
/* Calculate the packet size and reserve memory */
map_request_msg_len = get_map_request_length(requested_mapping,src_mapping);
*len = map_request_msg_len;
if ((packet = malloc(map_request_msg_len)) == NULL){
lispd_log_msg(LISP_LOG_WARNING,"build_map_request_pkt: Unable to allocate memory for Map Request (packet_len): %s", strerror(errno));
return (NULL);
}
memset(packet, 0, map_request_msg_len);
cur_ptr = packet;
mrp = (lispd_pkt_map_request_t *)cur_ptr;
mrp->type = LISP_MAP_REQUEST;
mrp->authoritative = 0;
if (src_eid != NULL)
mrp->map_data_present = 1;
else
mrp->map_data_present = 0;
if (probe)
mrp->rloc_probe = 1;
else
mrp->rloc_probe = 0;
if (solicit_map_request)
mrp->solicit_map_request = 1;
else
mrp->solicit_map_request = 0;
if (smr_invoked)
mrp->smr_invoked = 1;
else
mrp->smr_invoked = 0;
mrp->additional_itr_rloc_count = 0; /* To be filled later */
mrp->record_count = 1; /* XXX: assume 1 record */
mrp->nonce = build_nonce((unsigned int) time(NULL));
*nonce = mrp->nonce;
if (src_eid != NULL){
cur_ptr = pkt_fill_eid(&(mrp->source_eid_afi),src_mapping);
/* Add itr-rlocs */
locators_list[0] = src_mapping->head_v4_locators_list;
locators_list[1] = src_mapping->head_v6_locators_list;
for (ctr=0 ; ctr < 2 ; ctr++){
while (locators_list[ctr]){
locator = locators_list[ctr]->locator;
if (*(locator->state)==DOWN){
locators_list[ctr] = locators_list[ctr]->next;
continue;
}
/* Remove ITR locators behind NAT: No control message (4342) can be received in these interfaces */
if (((lcl_locator_extended_info *)locator->extended_info)->rtr_locators_list != NULL){
locators_list[ctr] = locators_list[ctr]->next;
continue;
}
itr_rloc = (lispd_pkt_map_request_itr_rloc_t *)cur_ptr;
itr_rloc->afi = htons(get_lisp_afi(locator->locator_addr->afi,NULL));
/* Add rloc address */
cur_ptr = CO(itr_rloc,sizeof(lispd_pkt_map_request_itr_rloc_t));
cpy_len = copy_addr((void *) cur_ptr ,locator->locator_addr, 0);
cur_ptr = CO(cur_ptr, cpy_len);
locators_ctr ++;
locators_list[ctr] = locators_list[ctr]->next;
}
}
}else {
// XXX If no source EID is used, then we only use one ITR-RLOC for IPv4 and one for IPv6-> Default control RLOC
mrp->source_eid_afi = 0;
cur_ptr = CO(mrp, sizeof(lispd_pkt_map_request_t));
if (default_ctrl_iface_v4 != NULL){
itr_rloc = (lispd_pkt_map_request_itr_rloc_t *)cur_ptr;
itr_rloc->afi = htons((uint16_t)LISP_AFI_IP);
cur_ptr = CO(itr_rloc,sizeof(lispd_pkt_map_request_itr_rloc_t));
cpy_len = copy_addr((void *) cur_ptr ,default_ctrl_iface_v4->ipv4_address, 0);
cur_ptr = CO(cur_ptr, cpy_len);
locators_ctr ++;
}
if (default_ctrl_iface_v6 != NULL){
itr_rloc = (lispd_pkt_map_request_itr_rloc_t *)cur_ptr;
itr_rloc->afi = htons(get_lisp_afi(AF_INET6,NULL));
cur_ptr = CO(itr_rloc,sizeof(lispd_pkt_map_request_itr_rloc_t));
cpy_len = copy_addr((void *) cur_ptr ,default_ctrl_iface_v6->ipv6_address, 0);
cur_ptr = CO(cur_ptr, cpy_len);
locators_ctr ++;
}
}
mrp->additional_itr_rloc_count = locators_ctr - 1; /* IRC = 0 --> 1 ITR-RLOC */
if (locators_ctr == 0){
lispd_log_msg(LISP_LOG_DEBUG_2,"build_map_request_pkt: No ITR RLOCs.");
free(packet);
return (NULL);
}
/* Requested EID record */
request_eid_record = (lispd_pkt_map_request_eid_prefix_record_t *)cur_ptr;
request_eid_record->eid_prefix_length = requested_mapping->eid_prefix_length;
cur_ptr = pkt_fill_eid(&(request_eid_record->eid_prefix_afi),requested_mapping);
if (mrp->map_data_present == 1){
/* Map-Reply Record */
rec = (lispd_pkt_mapping_record_t *)cur_ptr;
if ((pkt_fill_mapping_record(rec, src_mapping, NULL))== NULL) {
lispd_log_msg(LISP_LOG_DEBUG_2,"build_map_request_pkt: Couldn't buil map reply record for map request. "
"Map Request will not be send");
free(packet);
return(NULL);
}
}
/* Add Encapsulated (Inner) control header*/
if (encap){
/*
* If no source EID is included (Source-EID-AFI = 0), The default RLOC address is used for
* the source address in the inner IP header
*/
if (src_eid != NULL){
ih_src_ip = &(src_mapping->eid_prefix);;
}else{
if (requested_mapping->eid_prefix.afi == AF_INET){
ih_src_ip = get_main_eid (AF_INET);
}else{
ih_src_ip = get_main_eid (AF_INET6);
}
}
mr_packet = packet;
packet = build_control_encap_pkt(mr_packet, map_request_msg_len, ih_src_ip, &(requested_mapping->eid_prefix), LISP_CONTROL_PORT, LISP_CONTROL_PORT, len);
if (packet == NULL){
lispd_log_msg(LISP_LOG_DEBUG_1,"build_map_request_pkt: Couldn't encapsulate the map request");
free (mr_packet);
return (NULL);
}
}
return (packet);
}
