$Id: kinkd-impl.ja.txt,v 1.29 2005/07/20 09:30:51 inoue Exp $
KINKd 

1. 
===========
  * åե
	TGT  (Kerberos)
		ok	AS_REQ -- AS_REP

	service Ticket  (Kerberos (+ KINK))
		ok	TGS_REQ -- TGS_REP
		NG	GETTGT -- REPLY -- TGS_REQ (with peer's TGT) -- TGS_REP

			Heimdal ˤ KRB_AP_ERR_USER_TO_USER_REQUIRED
			Ȥ顼ƤΤǡCREATE Ф
			REPLY (KRB_AP_ERR_USER_TO_USER_REQUIRED)
			äƤˡGETTGT Ȥư
			ǽ⡣
			褯 clarifications ˤƤ

	KINK
		ok	CREATE -- REPLY
		ok	CREATE -- REPLY -- ACK   (i.e. 3-way handshake)
		ok	DELETE -- REPLY
		ok	STATUS -- REPLY

		<memo>
		CREATE ϺΤȤSADB_ACQUIRE  satype 䡢
		SPD 򸫤Ƥʤᤦ

		 DELETE Ǥϡkink_handle ˤ֤鲼äƤ SPI 
		äƤޤ

		rekeying ϡSADB_EXPIRE  CREATE Ƥ롣
		θ DELETE ϤƤʤ
		</memo>

  * 顼ϥɥ
	KINK_ERROR				
	------------------------------------------
		KINK_OK			never	ok
		KINK_PROTOERR		ok	ok
		KINK_INVDOI		ok	ok
		KINK_INVMAJ		ok	ok
		KINK_INVMIN		ok	ok
		KINK_INTERR		..	ok
		KINK_BADQMVERS		ok	ok
		̤			never	ok

	KINK_KRB_ERROR					
	--------------------------------------------------
		KRB_AP_ERR_BAD_INTEGRITY	ok	ok?
		KRB_AP_ERR_TKT_EXPIRED		ok	ok
		KRB_AP_ERR_SKEW			ok	ok?
		KRB_AP_ERR_NOKEY		ok	ok?
		KRB_AP_ERR_BADKEYVER		ok	ok?
		¾				TBD	TBD

		TKT_EXPIRED Υȥ󥶥ľ	ok

		ERR_SKEW ν
		[kink-05 5.1.4 (page 18), 7.1 (page 27)]
		    ctime ˻֤			ok
		    ctime ǼȤä򸵤˥եå	ok

  * SAD, SPD
					
	----------------------------------
	SADB_GETSPI		ok	ok
	SADB_UPDATE		ok	NG
	SADB_ADD		ok	NG
	SADB_DELETE		ok?	ok?
	SADB_ACQUIRE		NG	ok	# XXX satype Ƥʤ
	SADB_REGISTER		ok	NG
	SADB_EXPIRE		never	ok
	SADB_FLUSH
	SADB_DUMP

	PF_KEY åκϤޤƤʤॢȤ
	ȥ󥶥󤬼Ԥ롣

	ACQUIRE ˼Ԥˡerrno ֤Ƥʤ

  * ISAKMP
	with CREATE, REPLY-to-CREATE
		SA			ok
		Nonce (Ni)		ok
		Nonce (Nr, 3-way)	ok
		[KE]			NG
		[ID]			BROKEN (*1)
		[Notification]		NG

		/*
		 * [kink-05 4.3 (page 7), 4.4 (page 9),...]
		 */
		/*
		 * (*1) ID ˤ tunnel ΤȤ selector 롣
		 * transport λɬפʤȻפ
		 */

	with DELETE, REPLY-to-DELETE
		Delete			ok
		[Notification]		IN PROGRESS

		/*
		 * Ƥ Delete ǻꤵ줿 SPI ʤä
		 * Notification ֤褦ˤʤä
		 * initiator ʤ Notification 
		 * ꤨ뤫?
		 */

	with STATUS, REPLY-to-STATUS
		[Notification]		NG

  * KINK misc
	handle epoch change (DPD)			ok
	[kink-05 4.4.2 (page 10)]

	aggressive? DPD					NO IDEA

	multiple KINK_ISAKMP				NG
	[kink-05 5.1.7 (page 21)]

	randomized rekeying time			NG
	[kink-05 4.4.1 (page 9)]

	replay protection (by krb)			ok

	DELETE grace timer				ok

  * spmd
	LOGIN		ok
	NS		never?
	POLICY		IN PROGRESS
	FQDN		ok (only QUERY subcommand)
	SLID		ok
	STAT		never
	QUIT		ok

  * libracoonify
	cf		IN PROGRESS
	if_pfkeyv2	done
	rc_type		IN PROGRESS
		Ȥ rc_type  8 ӥåȤʤΤ (struct rcpfk_msg)
		⤷ rcpfk_msg Ǥ PF_KEY type Ȥ٤?
	vmbuf		done
	plog		IN PROGRESS

  * IANA considerations
	ݡֹ: TBD (ǥեȤǤ 4174 )
		registered ΰ򾡼˻ȤäƤ롣

	ISAKMP ڥɥ: TBD (ǥեȤǤ BASE = 14)
		 -04 ޤǤ i-d ˽񤫤Ƥֹ档
		Ǥ GDOI ˤȤ줿Τǡѹɬפꡣ
		private ˰ư٤


2. ưĶ
===========

2-1. OS
=======
	NetBSD 2.0
	FreeBSD 4.10, 5.3
	Debian/GNU Linux 3.0 with kernel 2.6.x

2-2. 饤֥
===============
	Kerberos 饤֥
		Heimdal-0.6.x ޤ MIT krb5-1.3.x
	Ź饤֥
		OpenSSL-0.9.[67]
	libracoon

	- Heimdal-current Ǥ bbkk_heimdal.c ѹʤ
	  ưʤ
	- MIT krb5 ϤޤƥȤƤʤ


3. spec 䴰
============
  * PRF
	draft-ietf-krb-wg-crypto-07.txt
	draft-raeburn-krb-rijndael-krb-06.txt
	Ƥ prf

  * KRB-ERROR checksum [kink-06 7.1 and 5.1.4]
	KRB-ERROR ˤϤĤʤ(⤽ RFC 1510 Ǥ checksum 
	դʤ)
	KINK  checksum Ĥ롣


4. KRB5KRB_AP_ERR_SKEW μ갷μ
=======================================

4-1. 
=========

  a. Kerberos 饤֥ˤϼ줺kinkd ¦Ǵĥ롣

      
	- ɥ桼 libkrb5 ֤Ƥ餦֤ʤΤǡ
	  ڤ˻Ȥ롣
      
	- private ʹ¤/ؿ˼Фɬפ롣
	   饤֥ΥС礭¸

  b. ľ˥饤֥˥ѥåƤ롣

      
	- 餯ľ˼Ǥ롣
      
	- kinkd Ȥͤ libkrb5 ֤ or
	  ̤Υѥ kinkd ѤΤ֤ or ƥå󥯤
	  ȸʤ㤤ʤ
	- äѤ饤֥ΥС˰¸

  c. ѥåƤ饤֥ۤ롣
	

	¤ϰֳμ?
	lisence ?
	ɤĤ? mit, heimdal, shishi, ...

4-2. ߤμ
===============

	a. Kerberos 饤֥ˤϼ줺kinkd ¦Ǵĥ롣
	

  4-2-1. ERR_SKEW ν

	krb5_rd_req Υ֥åȤεǽĴؿ
	krb5e_force_get_key ˤäơʤɤФ auth_context 
	롣

  4-2-1. AP_REQ ݤλĴ

    Heimdal
	krb5_context  kdc_sec_offset, kdc_usec_offset Ȥ
	Ф롣
	Ѥkrb5_mk_req_extended() ִ֤Τ߻򤺤餹

    MIT
	krb5_get_time_offsets(), krb5_set_time_offset() Ȥ
	(private) ؿꡢkrb5_context ФƻΥեåȤ
	Ǥ롣
	Ѥkrb5_mk_req_extended() ִ֤Τ߻򤺤餹

4-3. ޤ
===========
	clarifications-06 3.1.5 AS ѤĴˤĤƽ񤤤Ƥ롣

	MIT: ǥեȤǤ롣
	Heimdal: [libdefaults] kdc_timesync ץ
	( nonce ȤäƤ뤫ɤ̤ǧ)

	4-2 ǽҤ٤ĴμϡεǽѤƤ롣


5. Υ
=============

5-1. ե빽
=================
	ȥåסեΥ
		main.c
	ᥤ롼, signal, pfkey.c  callback
		session.c
	KINK Υåϥɥ, ٥ȥϥɥ
		base.c
	塼饭塼δ
		scheduler.c
	KINK ѥå/ڥɤ encode/decode
		kink_fmt.c
	KINK ΰŹ (KEYMAT , PRF, checksum)
		kink_crypto.c
		oakley.c
	KINK peer δ
		peer.c
		dpd.c
	ISAKMP ڥɤ encode/decode
		isakmp.c (*)
		isakmp_quick.c (*)
		isakmp_inf.c (*)
	proposal å
		ipsec_doi.c (*)
		proposal.c (*)
	ե
		kink_conf.c
	Kerberos5 饤֥
		bbkk_heimdal.c
		bbkk_mit.c
	OpenSSL 
		crypto_openssl.c (*)
	PF_KEY 
		pfkey.c (*)
	¾
		algorithm.c (*)
		etchosts.c
		handle.c
		sockmisc.c (*)
		strnames.c (*)
		utils.c
		rct_ipsecdoi.c

	(*) ޡΥե racoon1 
	scheduler  racoon1 Ȥʪ
	pfkey.c ϤȤälibracoon ȼѹΤᡢ
	ޤ긶ϤȤɤƤʤ

	checksum η׻ libkrb5 򤽤Τޤ޻ѡ
	OpenSSL  KINK_ENCRYPT  prf η׻˻ѡ
	Ź/HMAC 르ꥺθĹμˤѡ
	(KEYMAT ׻ˡESP_3DES 鲿ӥåȤȤ)

5-2. ǡ¤
===============
	struct kink_global (@handle.h)
		KINK daemon ΥХʾ (ʬ principal name,
		krb5_context, ߻ TGT, epoch ʤ) ݻ롣
		ץ 1 Ĥ롣

	struct kink_handle (@handle.h)
		1 Ĥ KINK transaction ˤĤ 1 졢֤ݻ롣
		㳰ϡ
		- responder 饨顼֤äƤľ˺ƻԤϡ
		   transaction ǤϤ뤬kink_handle ϻȤ󤹡
		  (åȤͭ¤ڤƤ硢SKEW ξ)
		- ACK åѡȤϡƱ transaction
		  ǤϤ뤬ѡƤߤޤʬʤΤǡ
		  kink_handle ϿΤƤƤ롣

		٤Ƥ kink_handle ϥ塼ѤñΥ塼
		(kink_global->schedq) ˤĤʤ롣

	struct ph2handle (@handle.h)
		kink_handle ȰабISAKMP payload Ƥݻ롣
		̤ι¤ΤˤʤäƤΤϡracoon1 ΥɤȤ󤹤ᡣ

	struct kink_state (@handle.h)
		KINK transaction ξ (GETSPI ԤǤ, REPLY Ԥ
		, ...) 򼨤
		Х˸Ŀ state ѰդƤơ
		kink_handle ؤ롣

		ְ
		 - Initiator ξ
			I_GETSPI	SADB_GETSPI ȯԸ塢ֻԤ
			I_CREATE	CREATE 塢REPLY Ԥ
			I_AGING		3-way  ACK äξˡ
					REPLY κ뤫⤷ʤΤǡ
					֤ݻ
			I_STALE		transaction λ
					SADB_EXPIRE Ե
			I_DELETE	DELETE 塢REPLY Ԥ
			I_DELETE_HALF	REPLY 塢inbound SA äޤǤ
					grace timer Ԥ
			I_STATUS	STATUS 塢REPLY Ԥ
		 - Responder ξ
			R_GETSPI	SADB_GETSPI ȯԸ塢ֻԤ
			R_REPLY		REPLY 塢ACK Ԥ (when 3-way)
			R_AGING		REPLY 塢command κ뤫
					ʤΤǾ֤ݻ
			R_STALE		transaction λ
			R_DELETE_RECV	DELETE ľ塣ä˲Ԥ
					櫓ǤϤʤ¨¤ R_DELETE_HALF 
					ܤ롣rekeying κݤˡŤ handle
					 CREATE Ѥ handle ȡ
					DELETE Ѥ handle िᡢ
					 (DELETE ) 򥭥塼Ȥ
					˻Ȥ
			R_DELETE_HALF	REPLY 塢inbound SA äޤǤ
					grace timer Ԥ
			I_REKEYED	rekey κݤθŤ handle 
					Ǿä˻Ȥ롣
		 - ¾ξ
			NONE		kink_handle 줿ľ塣

	struct kink_addr (@handle.h)
		ΡɤäƤ륢ɥ쥹

		Ū˥ɥ쥹åɥ쥹/Ƥ顢
		˱ kink_addr ΥꥹȤ⹹롣
		kink_addr  struct kink_handle 黲Ȥ뤿ᡢ
		ɥ쥹äƤ kink_addr 򤹤˾äʤȤ롣
		Τᡢȥ (kink_addr->ref_cnt) ǴƤ롣

	struct kink_peer (@peer.h)
		¾ KINK Ρɤξ (ΥΡɤФ륵ӥåȡ
		epoch ʤ) ݻ롣
		principal name 򥭡Ȥ identify 롣

		٤Ƥ kink_peer ϡkink_global->peerlist ޤ
		kink_global->deadpeerlist Τɤ餫ˤĤʤ롣



****************************************************************
¿ʬʲϸŤ
****************************************************************

3.3. ؿ
=================

 KINK åΥ󥳡/ǥ (kink_fmt.c)

  * CREATE åΥ󥳡
    ldata *kink_encode_create(struct kink_handle *kh);

    ѥ᡼
	kh                KINK transaction ξ
	kh->krb_ap_req    Kerberos  AP_REQ ѥå
	kh->in_isakmp     ISAKMP ڥ
	kh->auth_context  ѥåȰŹ沽Ѥ authentication context
    ֤
	줿ѥå

  * REPLY åΥ󥳡
    ldata *kink_encode_reply(struct kink_handle *kh);

  * CREATE/REPLY åΥǥ
    int kink_decode_generic(struct kink_handle *kh, ldata *packet);

    ѥ᡼
	kh
	packet            ѥå
    
	kh->xid            XID
	kh->flags          flags
	kh->error_code    KINK_ERROR Υ顼 (Ԥ)
	kh->ap_req, kh->ap_rep, kh->krb_error,
	kh->isakmp, kh->encrypt, kh->error
	                  ǥɷ
    ֤
	0=, non-0=

  * KINK_ENCRYPT ڥɤΥǥ
    int kink_decode_kink_encrypt(struct kink_handle *kh);

    ѥ᡼
	kh
	kh->encrypt       ǥоݤ KINK_ENCRYPT ڥ
	kh->auth_context  ǥѤ authentication context
    
	kh->ap_req, kh->ap_rep, kh->krb_error,
	kh->isakmp, kh->encrypt, kh->error
	                  ǥɷ
	kh->error_code    KINK_ERROR Υ顼 (Ԥ)
	                  (XXX FIX ME: ԤƤ⥻åȤʤȤ⤢)
    ֤
	0=, non-0=
    
	㤨 CREATE åϡ
	 1. kink_decode_generic() ǥǥɤ
	 2. KRB_AP_REQ ǤΤǡchecksum ΥåԤʤ
	 3. KRB_AP_REQ Ѥơ
	    kink_decode_kink_encrypt() Ǵ˥ǥɤ

 KINK ڥɤΥ󥳡/ǥ (kink_fmt.c)

  * make_kink_*
  * read_kink_*

 塼 (scheduler.c)
	(racoon1 Υ塼Ȥʪ)

  * ॢȤ kink_handle  callback ȡ󥿥ॢȤη׻
    struct timeval *scheduler(struct kink_global *kg, struct timeval *tv);

    ѥ᡼
	kg                KINK daemon ΥХ
	tv                ֤ͤǼ뤿ΥХåե
    ֤
	󥿥ॢȻ

  * Ͽ
    void sched_register(struct kink_handle *kh);

  * Ͽ
    void sched_unregister(struct kink_handle *kh);

  * ॢȤ kink_handle ΡΥॢȤԤġ
    2 ܤ exponential backoff
    void sched_waitnext(struct kink_handle *kh);

  * ॢȻΥꥻå
    void sched_resettimer(struct kink_handle *kh);


3.4. ưΤʤ
=================

 ᥤ롼 @session.c
	Ƽ諒åȤȡ塼餬׻󥿥ॢȤ
	Фƥ٥Ԥ
		PF_KEYv2 å
		racoond å (TCP)
		ΡɤΥɥ쥹 1 ĤŤĤѰդå (UDP, bound)
		+ ॢȤλ

	ॢȤ
		塼֤
		塼餫饿ॢȥϥɥ餬ƤФ롣

		scheduler() @scheduler.c
		 (*kink_handle->state->timeout)() @schduler.c
		   = timeout_i_getspi() @base.c
		or = timeout_r_create() @base.c
		...
		or = periodic_update_addrs() @session.c

	PF_KEYv2 åȤǥ٥Ȥȯ
		handle_pfkey() @pfkey.c
		 (*callback_acquire)() @pfkey.c
		   = callback_acquire() @session.c
		      acquire() @base.c
		           initiate1() @base.c
		 (*callback_expire)() @pfkey.c
		   = callback_expire() @session.c
		      expire() @base.c
		           initiate1() @base.c
		 (*job->callback)() @pfkey.c
		   = callback_i_getspi() @base.c
		or = callback_r_getspi() @base.c

	racoond åȤǥ٥Ȥȯ
	(ΤȤ FQDN QUERY ФֻΤ)
		racoond_handler() @racoond_if.c
		 racoond_read() @racoond_if.c
		      parse_rep_fqdn_query() @racoond_if.c
		           (*job->callback)() @racoond_if.c
		             = callback_i_racoond() @base.c

	ͥåȥåȤǥ٥Ȥȯ
		receive() @base.c
		 handle_create() @base.c
		 handle_reply() @base.c

 SADB_ACQUIRE 
	ᥤ롼
	 handle_pfkey() @pfkey.c
	     pk_recvacquire() @pfkey.c
	         (*callback_acquire)() @pfkey.c
	           = callback_acquire @session.c
	             acquire() @base.c
	                 initiate1() @base.c
	                    kink_handle 
	                    SADB_ACQUIRE ɬפʾФ
	                    (ΤȤɥ쥹Ƥʤ)
	                    responder  principal name 뤿ᡢ
	                    FQDN QUERY  racoond ꤲơä롣
	ᥤ롼
	 racoond_handler() @racoond_if.c
	     (*job->callback)() @racoond_if.c
	       = callback_i_racoond() @base.c
	         initiate2() @base.c
	            proposal 
	            SADB_GETSPI 򥫡ͥä롣
	ᥤ롼
	 handle_pfkey() @pfkey.c
	     pk_recvgetspi() @pfkey.c
	         (*job->callback)() @pfkey.c
	           = callback_i_getspi() @base.c
	             initiate3() @base.c
	                ISAKMP ڥɤ
	                KRB_AP_REQ 
	                    Service Ticket ʤм
	                    TGT ʤм
			KEYMAT η׻
	                inbound SA 
	                CREATE ޥɤä롣
	ᥤ롼
	 receive() @base.c
	     read_udp_pacet() @base.c
	     handle_reply() @base.c
	         XID  kink_handle ä롣
	        REPLY Υǥ

	        Kerberos ŪƤСAP_REP ֤äƤϤʤΤǡ
		 initate4() @base.c
	            epoch Υå
	            ISAKMP ڥɤΥǥɡ
	            1st proposal ǧ줿ǧ
	            KEYMAT η׻
	            outbound SA 
	            򴹴λ롣
	rekeying 줺֤줿顢쥿ॢȤ
	 scheduler() @scheduler.c
	     timeout_i_stale() @base.c
	         initiate6() @base.c
	            krb authentication contexts 
	            kink_handle ǡ

 CREATE å
	ᥤ롼
	 receive() @base.c
	     read_udp_packet() @base.c
	     handle_create( @base.c
	         respond_to_auth_command()
	            CREATE Υǥɡ
	            KRB_AP_REQ դƤϤʤΤǡФƥå
	                authentication context Ϥǽ롣
	            KINK_ENCRYPT ǥɡ
	            åȤդƤ cname 顢
	            initiator  principal name 
	            epoch Υå
	             respond1() @base.c
	                ISAKMP ڥɤΥǥɡ
	                proposal å
	                SADB_GETSPIä롣
	ᥤ롼
	 handle_pfkey() @pfkey.c
	     pk_recvgetspi() @pfkey.c
	         (*job->callback)() @pfkey.c
	           = callback_r_getspi() @base.c
	             resopnd2() @base.c
	                ISAKMP ڥɤ
	                KEYMAT η׻
	                inbound SA 
	                outbound SA 
	                REPLY å
	                򴹤Ȥꤢλ롣
	REPLY åơCREATE κ뤫⤷ʤΤǡ
	Ф餯 R_AGING ֤Ե

	(: responder ξ硢򴹤λ餹ˡ
	 initiator ξ硢βǽΤ᤮
	 (I_STALE ˤʤä)auth context ϾäƤɤ
	 μϡkink_handle äޤǾäƤʤ)

3.5. socket 
================
	PF_KEYv2 å
		session()@session.c Υѿ fd_pfkey 
		kink_global->fd_pfkey ˥Хݻ롣
	racoond å
		localhost Ф PF_UNSPEC/SOCK_STREAM ʥåȡ

		session()@session.c Υѿ fd_rcnd 
		kink_global->fd_rcnd ˥Хݻ롣
	KINK å
		ʬλäƤ륢ɥ쥹 1 ĤˤĤ 1 ĺ
		Υɥ쥹 bind 롣
		SOCK_DGRAM ʥåȡ
		PF_INET6 ξϡIPV6_V6ONLY åȥץ򥻥åȤ롣
		ΤȤ per-socket policy ꤷƤʤ
		( äơSPD  KINK ΥݡȤ IPsec ʤ褦
		ƤʤȡϤޤ)

		struct kink_addr ˳Ǽ
		session.c  static ѿ addrlist ˤĤʤ롣

	åȤФ륤٥Ԥˤ select ȤƤ뤬
	poll Ǥ kqueue Ǥ /dev/poll Ǥ epoll Ǥ⤤Ϥ
