Rewrite auth-token-gen to be based on HMAC based tokens
The previous auth-token implementation had a serious problem, especially
when paired with an unpatched OpenVPN client that keeps trying the
auth-token (commit
e61b401a).
The auth-token-gen implementation forgot the auth-token on reconnect, this
lead to reconnect with auth-token never working.
This new implementation implements the auth-token in a stateles variant. By
using HMAC to sign the auth-token the server can verify if a token has been
authenticated and by checking the embedded timestamp in the token it can
also verify that the auth-token is still valid.
Using the new config directive auth-gen-token-secret instead of
extending auth-gen-token (--auth-gen-token [lifetime] [secret-key]) was
chosen to allow inlining the secret key.
Patch V2: cleaned up code, use refactored read_pem_key_file function
Patch V3: clarify some design decision in the commit message
Patch V4: Use ephermal_generate_key
Patch V5: Use C99 PRIu64 instead of %lld int printf like statement,
fix strict aliasing
Patch V6: Rebase on master
Patch V7: fix compiling with --disable-server
Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <
20190917121004.13685-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg18818.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>