David Sommerseth [Wed, 19 Jan 2022 18:21:26 +0000 (19:21 +0100)]
crypto: Fix OPENSSL_FIPS enabled builds
On Fedora and RHEL/CentOS, the standard OpenSSL library has the FIPS
module enabled by default. On these platforms, the OPENSSL_FIPS macro
is always defined via /usr/include/openssl/opensslconf-*.h.
Without this fix, the following compilation error appears:
./src/openvpn/crypto.c: In function ‘print_cipher’:
./src/openvpn/crypto.c:1707:43: error: ‘cipher’ undeclared (first use in
this function); did you mean ‘iphdr’?
if (FIPS_mode() && !(EVP_CIPHER_flags(cipher) & EVP_CIPH_FLAG_FIPS))
^~~~~~
The EVP_CIPHER_fetch() and EVP_CIPHER_free() methods are also provided
via the openssl_compat.h for older than OpenSSL 3.0.
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220119182126.56880-1-openvpn@sf.lists.topphemmelig.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23570.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Thu, 20 Jan 2022 16:16:16 +0000 (11:16 -0500)]
Add a unit test for external key provider
Tests:
- Check SIGNATURE and KEYMGMT methods can be fetched
from the provider
- Load sample RSA and EC keys as management-external-key
and check that their sign callbacks are correctly exercised:
with and without digest support mocked in the client
capability flag.
-Test generic key load and signature
v4: 16/18 and 17/18 of v3 squashed into one patch
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220120161616.13447-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23608.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:24 +0000 (11:59 -0500)]
pkcs11: Interface the xkey provider with pkcs11-helper
- Load the 'private key' handle through the provider and set it in
SSL_CTX
- Add a sign op function to interface provider with pkcs11-helper.
Previously we used its "OpenSSL Session" which internally sets up
callbacks in RSA and EC key methods. Not useful for the provider
interface, so, we directly call the PKCS#11 sign operation
as done with mbedTLS.
- tls_libctx is made global for accessing from pkcs11_openssl.c
Supports ECDSA and RSA_PKCS1_PADDING signatures. PSS support
will be added when pkcs11-helper with our PR for specifying
CK_MECHANISM variable in sign operations is released.
(i.e., next release of pkcs11-helper).
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-15-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23442.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:22 +0000 (11:59 -0500)]
Increase ERR_BUF_SIZE when management interface support is enabled
Sending largish messages to the management interface errors due to
the limited size used for the "error" buffer in x_msg_va(). Although
all intermediate steps allocate required space for the data to
send, it gets truncated at the last step.
This really requires a smarter fix. As a quick relief, we just increase
the buffer size to 10240 when management support is compiled in. Should
be enough for PK_SIGN with undigested message.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-13-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23440.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:21 +0000 (11:59 -0500)]
Support sending DigestSign request to management client
To receive undigested message for signing, indicate support
for handling message digesting in the client using an argument
"digest" to --management-external-key.
For example, to announce pkcs1 padding and digesting support use:
--management-external-key pkcs1 pss digest
In PK_SIGN, the algorithm string will get data=message
in addition to other relevant options.
Note that it is not guaranteed that the client will be prompted
with undigested message. This is possible only when OpenSSL
calls our provider for DigestSign() as opposed to Sign(). In
practice, signature operation always appears to result in
a DigestSign() call through the provider interface.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-12-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23435.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:20 +0000 (11:59 -0500)]
Respect algorithm support announced by management client
Support for padding algorithms in management-client is indicated
in the optional argument to --management-external-key as "pkcs1",
"pss" etc. We currently use it only for an early exit based on heuristics
that a required algorithm may not be handled by the client. When
signature is requested we do not check whether the padding is indeed
supported by the client. This leads to situations like the client
announcing "nopadding" support but we request "pss" signature.
Here we add a check while requesting signature as well. If the padding
treat it as an error instead of submitting the request to the
management-interface regardless.
This change is made only when xkey provider is in use, though such a check
would be appropriate always.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-11-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23441.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:19 +0000 (11:59 -0500)]
Allow management client to announce pss padding support
The --management-external-key option can currently indicate support
for 'nopadding' or 'pkcs1' signatures in the client. Add 'pss' as an
option to announce that PSS signing requests are accepted.
To match, extend the algorithm string in PK_SIGN request to
include the following format:
Selva Nair [Tue, 14 Dec 2021 16:59:18 +0000 (11:59 -0500)]
Add a function to encode digests with PKCS1 DigestInfo wrapper
The EVP_PKEY interface as well as provider passes the raw
digest to the sign() function. In case of RSA_PKCS1,
our management interface expects an encoded hash, which
has the DigestInfo header added as per PKCSv1.5 specs,
unless the hash algorithm is legacy MD5_SHA1.
Fix this by
- add a function to perform the pkcs1 encoding before passing the
data to sign to the management interface. The implementation
is not pretty, but should work.
(Unfortunately OpenSSL does not expose a function for this).
Note:
1. cryptoki interface used by pkcs11-helper also requires this to be
done before calling the Sign op. This will come handy there too.
2. We have a similar function in ssl_mbedtls.c but its not prettier,
and require porting.
v2 changes: Use hard-coded headers for known hash algorithms instead
of assembling it from the ASN.1 objects.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-9-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23433.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:17 +0000 (11:59 -0500)]
Enable signing via provider for management-external-key
- Add a function to set as sign_op during key import. The
function passes the signature request to management interface,
and returns the result to the provider.
v2 changes: Method to do digest added to match the changes in
the provider signature callback.
TODO:
- Allow passing the undigested message to management interface
- Add pkcs1 DigestInfo header when required
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-8-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23428.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:14 +0000 (11:59 -0500)]
Implement import of custom external keys
Our key object retains info about the external
key as an opaque handle to the backend. We also
need the public key as an EVP_PKEY *.
For native keys we use OpenSSL API to import
data into the key. The 'handle' representing the
private key in that case is the OpenSSL EVP_PKEY
object itself.
For importing custom keys, we define custom
parameters describing the key using OSSL_PARAM
structure. We define 4 required and 1 optional
parameters for loading the key:
Note: data_size = 0 refer to NUL terminated string in OpenSSL.
This parameter is only used to identify that the key as non-native
with an opaque handle. We really do not check the content of
the string. Should not be NULL.
The 'handle' is opaque to us and is retained. The caller
should not free it. We will free it when no longer required
by calling 'free_op()', if provided. The 'handle' should
not be NULL as that indicates missing private key.
The 'pubkey' must be an 'EVP_PKEY *' variable, and is duplicated
by us. The caller may free it after return from import.
The 'sign_op' and 'free_op' function pointers should be of type
'XKEY_EXTERNAL_SIGN_fn' and 'XKEY_PRIVKEY_FREE_fn' defined
in xkey_common.h
For example, for management-external-key, we really do not
need any 'handle'. Pass anything that will live long and
won't dereference to NULL. We do not use it for any other
purpose. Pointer to a const string could be a choice.
In this case, free_op = NULL is the safest choice.
For a usage of keymgmt_import(), see the helper function
implemented using it to load the management key in the next commit.
v2 changes: "origin" --> "xkey-origin"
This was 5/9 in v1
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-5-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23439.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:13 +0000 (11:59 -0500)]
Implement SIGNATURE operations in xkey provider
- Basic frame work for announcing support for signature
operations
- DigestSign and Sign functions for native keys are also
implemented. Though strictly not needed, these functions
for native keys sets up the framework for signature operations.
They also help loading an exportable key from a file through
the provider for testing.
Subsequent commits will add support for signing with
external keys.
v2 changes:
- Remove verify operations which are no longer
required with proposed changes in OpenSSL 3.0.1 that we target.
- Undigested message is passed to the backend sign operation when
possible. This would allow more flexibility as some backends
prefer to do the hash operation internally.
This was 4/9 in v1
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-4-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23437.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:12 +0000 (11:59 -0500)]
Implement KEYMGMT in the xkey provider
A minimal set of functions for keymgmt are implemented.
No support for external key import as yet, only native
keys. Support for native keys is required as keys may
get imported into us for some operations as well as
for comparison with unexportable external keys that we hold.
Implementation of signature callbacks is in the next commit.
v2 changes: This was commit 3/9 in v1
v3 changes: When OpenSSL native key is imported instead of duplicating
the whole key, use only the public components for public key.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-3-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23438.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 14 Dec 2021 16:59:11 +0000 (11:59 -0500)]
A built-in provider for using external key with OpenSSL 3.0
Hooking into callbacks in RSA_METHOD and EVP_PKEY_METHOD
structures is deprecated in OpenSSL 3.0. For signing with
external keys that are not exportable (tokens, stores, etc.)
requires a custom provider interface so that key operations
are done under its context.
A single provider is enough for handling all external keys
we support -- management-external-key, cryptoapicert(CNG) and
pkcs11-helper. The series of patches starting with this implement
such a provider.
This patch implements only the provider_init function so
that it can be loaded, but has no capabilities. The required
interfaces are added in following commits.
v2 changes:
- Require OpenSSL 3.0.1 or newer: 3.0.0 is "buggy" as it
does not preferentially fetch operations from the keymgmt
of the key. This causes either an unsuccessful attempt at
exporting unexportable keys or an onerous requirement that
the external key's KEYMGMT should support a whole lot
of unrelated functionalities including key generation and
key exchange.
Fixed by PR #16725 in OpenSSL.
- Use a child libctx for internal use in the provider
v3 changes:
- Move OpenSSL version check for 3.0.1+ from configure to
xkey_common.h
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211214165928.30676-2-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23446.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
There are 2 occurrences where the order 'inline static' is used when
defining a function, while the rest of the code uses the definitely
more common form 'static inline'.
Convert those 2 occurrences to the common format.
Reported-by: Lev Stipakov <lev@openvpn.net> Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Lev Stipakov <lstipakov@gmail.com>
Message-Id: <20220117093508.17681-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23554.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
GitHub Actions: ensure Ubuntu builds are made with the chosen SSL library
The configure parameter was appended to the stage name but not to the
actual command. Fix this.
Cc: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220114122538.24662-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23539.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
PF (Packet Filter) has been dropped from the OpenVPN code base, however
some bits and pieces are left in the documentation.
Erase them all.
Reported-by: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20220113200030.18656-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23531.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Fri, 7 Jan 2022 12:35:50 +0000 (14:35 +0200)]
auth_token.c: add NULL initialization
This fixes
error C4703: potentially uninitialized local pointer variable
'b64output' used
found by arm64 msvc compiler with SDL enabled.
Not sure why this is not triggered on x86/x64.
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Antonio Quartulli <antonio@openvpn.net> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20220107123550.188-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23511.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 14 Dec 2021 15:09:01 +0000 (16:09 +0100)]
Decouple MSS fix calculation from frame calculation
This consolidates the MSS fix calculation into a single function
instead having it distributed all over the code. It also calculates
the real wire overhead without extra sizes for buffer etc.
Patch v2: improve comment
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20211214150901.4118886-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23423.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
options.c: fix version reported in --cipher warning message
BF-CBC is the default value for the --cipher option in OpenVPN <2.5
and not <2.6. However, the warning printed to screen talks about
"OpenVPN before 2.6", which is wrong and needs to be fixed.
Fix message by saying ".. before 2.5"
Cc: Arne Schwabe <arne@rfc2549.org> Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211229172714.6424-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23477.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 7 Dec 2021 17:01:56 +0000 (18:01 +0100)]
Remove post_open_mtu code
This code is probably from a time when we could not set the MTU on
the Windows tap6 driver. Nowadays we can set the MTU on this device,
so this code is a noop now.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211207170211.3275837-7-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23327.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 7 Dec 2021 17:01:54 +0000 (18:01 +0100)]
Fix triggering assertion of ks->authenticated after tls_deauthenticate
When tls_deauthenticate is called (e.g. by management kicking of a client)
the key auth state is changed to KS_AUTH_FALSE while the key state is
still in S_GENERATED_KEYS. This triggers the assertion.
Remove the assertions and instead check that the auth state is KS_AUTH_TRUE
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211207170211.3275837-5-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23340.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 7 Dec 2021 17:01:53 +0000 (18:01 +0100)]
Remove align_adjust frame code
The align_adjust variable was only set to a non-zero value when
no cipher was used for the data channel. Since we no longer want to
optimise non encrypted data channel traffic, remove this optimisation
and simplify the code.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211207170211.3275837-4-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23331.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Mon, 13 Dec 2021 15:09:50 +0000 (16:09 +0100)]
Move deprecation of SWEET32/64bit block size ciphers to 2.7
We originally wanted to deprecated these ciphers (especially BF-CBC) with
2.6 but currently these ciphers are still too widespread to make this
transition for 2.6.
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211213150950.3993881-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23402.html
Arne Schwabe [Mon, 13 Dec 2021 15:06:53 +0000 (16:06 +0100)]
Remove cipher_kt_t and change type to const char* in API
Make the external crypto consumer oblivious to the internal cipher
type that both mbed TLS and OpenSSL use. This change is mainly done
so the cipher type that is used can be stay a const type but instead
of an SSL library type, we now use a simple string to identify a
cipher. This has the disadvantages that we do a cipher lookup every
time a function is called that needs to query properties of a cipher.
But none of these queries are in a critical path.
This patch also fixes the memory leaks introduced by the
EVP_fetch_cipher commit by always freeing the EVP_CIPHER.
This also changes kt->cipher to be always defined with the name of
the cipher. This only affects the "none" cipher cipher which was
previously represented by kt->cipher to be NULL.
Patch v2: rebase on master
Patch v3: fix errors with mbed TLS without having md_kt to const char *
patch also applied, fix logic inversion in tls_crypt_tk
Patch v4: fix issue if cipher does not get changed by NCP that null cipher
is then used
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211213150654.3993358-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20211213150654.3993358-1-arne@rfc2549.org Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Mon, 13 Dec 2021 13:52:53 +0000 (15:52 +0200)]
config-msvc.h: indicate key material export support
MSVC build uses OpenSSL from vcpkg, which at the moment
is 1.1.1l. Key material export was added to 1.1.1, so it is safe
to indicate its support unconditionally.
This enables Windows releases to benefit from tls-ekm
data channel keys derivation.
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211213135253.212-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23394.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Tue, 7 Dec 2021 13:04:36 +0000 (14:04 +0100)]
Move '--push-peer-info' documentation from 'server' to 'client options'
While --push-peer-info can be configured on the server, it's not really
intended for that, and it ended in the "SERVER OPTIONS" section by
mishap. Fix that.
Reported-by: Stella Ashburne <rewefie@gmx.com> Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20211207130436.22187-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23325.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Mon, 6 Dec 2021 01:00:07 +0000 (02:00 +0100)]
Make --nobind default for --pull
Currently we default to local binding with udp. But the majority of
configuration files actually uses --nobind in the configuration to
change the default for --client. And client protocols should normally
use a random source port. This changes the default. Local binding with
--client can still be done using --bind.
This commit refactors the current code to be more easy to add to understand
and adds the the o->pull condition as additional option to opt into setting
local binding to false.
Patch v2: add more commments
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Frank Lichtenheld <frank@lichtenheld.com>
Message-Id: <20211206010007.3072528-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23303.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Mon, 6 Dec 2021 15:08:52 +0000 (16:08 +0100)]
Fix handling an optional invalid cipher at the end of data-ciphers
If an optional cipher was found at the end of --data-cipher that was
not available, it would reset the error and allow non optional ciphers
to be ignored.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211206150852.3142891-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20211206150852.3142891-1-arne@rfc2549.org Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Mon, 6 Dec 2021 01:01:51 +0000 (02:01 +0100)]
Remove key_type->cipher_length field
This field is only set once to cipher_kt_key_size(kt.cipher) at the same
time that kt.cipher is set and therefore completely redundant.
This field was useful in the past when we supported cipher with variable
key length as this field would then store the key length that we would use.
Now that we do not support this anymore, we can simplify the code.
Patch v2: correct print message that would print bytes instead bits.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211206010151.3072787-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23304.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Wed, 1 Dec 2021 18:07:21 +0000 (19:07 +0100)]
Remove cipher_ctx_get_cipher_kt and replace with direct context calls
We currently have a number of calls that fetch the cipher_kt from a
cipher_ctx to then do a query on the cipher_kt. Directly fetching the
desired property from the context is cleaner and helps for using the
proper APIs with OpenSSL 3.0 and mbed TLS 3.0
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211201180727.2496903-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23278.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Wed, 24 Nov 2021 10:08:38 +0000 (12:08 +0200)]
vcpkg/pkcs11-helper: compatibility with latest vcpkg
Starting from commit 21b2dbd3 "[scripts-audit] nmake buildsystem"
vcpkg has removed NO_DEBUG support from nmake buildsystem
and now builds debug variant unconditionally. Debug flags contradict
build options hardcoded in pkcs11 nmake script (like /O2).
Remove hardcoded release options and other options which
are (also) set by vcpkg nmake buildsystem.
Bump vcpkg commit in GitHub actions.
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211124100838.861-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23253.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
doc/protocol-options.rst: Correct default for --allow-compression
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211129165538.2948077-1-tincantech@protonmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23268.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Wed, 1 Dec 2021 18:07:22 +0000 (19:07 +0100)]
Remove cipher_kt_var_key_size and remaining --keysize documentation
Remove --keysize from the manual page and also remove mentioning
variable key size in output of ciphers as there is no longer a way to
change the keysize.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211201180727.2496903-4-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23275.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Wed, 24 Nov 2021 16:03:47 +0000 (18:03 +0200)]
ring_buffer.h: fix GCC warning about unused function
With register_ring_buffers() being declared as "static" in header file,
all translation units, which include that header, got a copy of that
function.
This causes GCC warning
warning: "register_ring_buffers" defined but not used [-Wunused-function]
when compiling C files which include header, but don't use function.
Add "inline" keyword to silence this warning.
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211124160347.1245-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23260.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Fri, 19 Nov 2021 01:55:48 +0000 (03:55 +0200)]
Load OpenSSL config on Windows from trusted location
Commits
- 92535b6 ("contrib/vcpkg-ports: add openssl port with
--no-autoload-config option set (CVE-2121-3606)")
- 447cfb4 ("crypto_openssl.c: disable explicit initialization on Windows
(CVE-2121-3606)")
disabled OpenSSL config loading functionality, which could be
exploited by loading config from untrusted locations.
This feature might be useful for some users. This brings it back
and sets OpenSSL enviroment variables
OPENSSL_CONF, OPENSSL_ENGINES, OPENSSL_MODULES
which are used to load config, engines and modules, to a trusted location.
The location is constructed based on installation path, read from registry
on startup.
If installation path cannot be read, Windows\System32 is used as a
fallback.
While on it, remove unused "bool impersonate_as_system();" declaration.
Trac: #1296
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20211119015548.687-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23248.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
In 2da29362 (Improve the documentation for --dhcp-option, 2020-08-16),
`foreign_option_{n}` became plural between the first and second versions
of the patch. Correct it.
Signed-off-by: Todd Zullinger <tmz@pobox.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211122114104.4814-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23217.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
doc link-options.rst: Use free open-source dynamic-DNS provider URL
Trac: #1417
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211103202014.1121244-2-tincantech@protonmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23095.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Wed, 17 Nov 2021 06:44:42 +0000 (07:44 +0100)]
Include --push-remove in the output of --help.
"push-remove" has been in OpenVPN since 2.4, but managed to stay hidden
from the "--help" output. Add.
Reported-by: mike tancsa <mike@sentex.net> Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <20211117064442.15899-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23194.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Log messages: Replace NCP with --data-ciphers (NFC)
Signed-off-by: Richard T Bonhomme <tincantech@protonmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211116150823.631970-1-tincantech@protonmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23191.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Sun, 14 Nov 2021 13:03:11 +0000 (14:03 +0100)]
Move IV_TCPNL from comp_generate_peer_info_string to push_peer_info
This IV variable has nothing to do with compression and should not
depend if OpenVPN is compiled with USE_COMP. So move it to the
other generic IV variables.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211114130311.4043536-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23182.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
For subnet topology use "offset 0" as default for
calculating DHCP server address, which makes it equal
to the network address.
There is no know reason why non-zero default offset
is needed. Besides, offset -1 breaks subnet /30 case,
which in some cases is pushed by OpenVPN Cloud product.
Signed-off-by: Lev Stipakov <lev@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211109015927.311-1-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23156.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Fri, 12 Nov 2021 13:02:31 +0000 (14:02 +0100)]
Allow loading of non default providers
This allows OpenVPN to load non-default providers. This is mainly
useful for loading the legacy provider with --providers legacy default
Patch v4: use spaces to seperate providers, unload providers.
Patch v5: General cleanup, rename option to --providers, add
option to usage() and add an entry to Changes.rst
Patch v6: allow --providers also to be used (and be ignored) with mbed TLS
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211112130231.3799480-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/search?l=mid&q=20211112130231.3799480-1-arne@rfc2549.org Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Sun, 7 Nov 2021 09:01:47 +0000 (10:01 +0100)]
Remove custom PRNG function
Remove the custom PRNG from OpenVPN and instead rely always on the random
number generator from the SSL library. The only place that this is in a
performance critical place is the CBC IV generation. Even with that in mind
a micro benchmark shows no significant enough change with OpenSSL 3.0:
Selva Nair [Tue, 2 Nov 2021 04:23:14 +0000 (00:23 -0400)]
Fix tls-version-min default once again
commit 51be733ba236610dff6a1c361cf59172db97473a
claimed to correct this but did not do it properly.
(my fault). The check whether tls-version-min is set
by the user or not was still wrong.
Hope this fixes it for good.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211102042314.19113-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23091.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Fri, 29 Oct 2021 11:24:07 +0000 (13:24 +0200)]
Add insecure tls-cert-profile options
The recent deprecation of SHA1 certificates in OpenSSL 3.0 makes it
necessary to reallow them in certain deployments. Currently this works
by using the hack of using tls-cipher "DEFAULT:@SECLEVEL=0".
Add "insecure" as option to tls-cert-profile to allow setting a seclevel of 0.
Patch v4: fix default accidentially changed to insecure
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211029112407.2004234-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23076.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sat, 30 Oct 2021 18:57:56 +0000 (14:57 -0400)]
Avoid memory leak in hmac_ctx_new (OpenSSL 3.0 only)
In OpenSSL 3.0, fetched algorithms must be freed
(down referenced). In this case, though EVP_MAC_CTX_new()
keeps a reference to 'hmac', it up-refs it. So we have to free
it here before return.
(Tested using an enable-asan build).
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <20211030185756.1831-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23080.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Fri, 29 Oct 2021 11:11:08 +0000 (13:11 +0200)]
Implement DES ECB encrypt via EVP_CIPHER api
Even though DES is super outdated and also NTLM is super outdated,
eliminating the warnings for OpenSSL 3.0 is still a step in the right
direction and using the correct APIs. We cheat a bit by using 3DES instead
of DES to avoid needing legacy provider for DES encryption for now.
Patch v4: add unit test, use 3DES to avoid legacy provider for now
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211029111109.2003101-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23078.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:19 +0000 (20:31 +0200)]
Remove dependency on BF-CBC existance from test_ncp
The test_check_ncp_ciphers_list test assumed that BF-CBC is always
available, which is no longer the case with OpenSSL 3.0. Rewrite the
test to not rely on BF-CBC to be available.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-14-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23003.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:16 +0000 (20:31 +0200)]
Replace EVP_get_cipherbyname with EVP_CIPHER_fetch
In OpenSSL 3.0 EVP_get_cipherbyname return a non NULL algorithm
even if the algorithm is not available with the currently available
provider. Luckily EVP_get_cipherbyname can be used here as drop
in replacement and returns only non NULL if the algorithm is actually
currently supported.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-11-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23005.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Fri, 29 Oct 2021 11:11:09 +0000 (13:11 +0200)]
Use EVP_PKEY_get_group_name to query group name
EC_Key methods are deprecated in OpenSSL 3.0. Use
EVP_PKEY_get_group_name instead to query the EC group name from an
EVP_PKEY and add a compatibility function for older OpenSSL versions.
Patch v4: adjust compatibility function and remove accidently included
fragment of unrelated patch.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20211029111109.2003101-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23077.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
This allows to select engine support at configure time. For OpenSSL 1.1 the
default is not changed and we detect if engine support is available.
Engine support is deprecated in OpenSSL 3.0 and for OpenSSL 3.0 the default
is to disable engine support as engine support is deprecated and generates
compiler warnings which in turn also break -Werror.
By using --with-openssl-engine=no or --with-openssl-engine=yes engine
support can be forced on or off. If it is enabled but not detected an
error will be thown.
This commit cleans up the configure logic a bit and removes the
ENGINE_cleanup checks as we can just assume that it will be also
available as macro or function if the other engine functions are
available. Before the cleanup we would only check for the existance
of engine.h if ENGINE_cleanup was not found.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-3-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23000.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:07 +0000 (20:31 +0200)]
Use new EVP_MAC API for HMAC implementation
The old API is deprecated in OpenSSL 3.0 and the new API does not yet
exist in OpenSSL 1.1. Emulating the new API would be more complex than
just having two implementations. So this switches to a new hmac
implementation for OpenSSL 3.0.
Unfortunately the new API does not have an easy to reset an HMAC,
so we need to keep the key around to emulate a reset functionality.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-2-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23013.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Max Fillinger [Mon, 25 Oct 2021 14:53:14 +0000 (16:53 +0200)]
Don't manually free DH params in OpenSSL 3
When the EVP_PKEY object with the Diffie-Hellman parameters is passed
to SSL_CTX_set0_tmp_dh_pkey, it does not create a copy but stores the
pointer in the SSL_CTX. Therefore, we should not free it.
The EVP_PKEY will be freed automatically when we free the SSL_CTX.
Trac: #1436
Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Acked-by:
Message-Id: <20211025145314.23009-1-maximilian.fillinger@foxcrypto.com>
URL: https://www.mail-archive.com/search?l=mid&q=20211025145314.23009-1-maximilian.fillinger@foxcrypto.com Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sat, 23 Oct 2021 00:07:05 +0000 (20:07 -0400)]
Ensure the current common_name is in the environment for scripts
When username-as-common-name is in effect, the common_name
is "CN" from the certificate for auth-user-pass-verify. It gets
changed to "username" after successful authentication. This
changed value gets into the env when client-connect script is
called.
However, "common_name" goes through the cycle of being
"CN", then "username" during every reauth (renegotiation).
As the client-connect script is not called during reneg, the changed
value never gets back into the env. The end result is that the
disconnect script gets "common_name=<CN>" instead of the username.
Unless no reneg steps have happened before disconnect.
(For a more detailed analysis see
https://community.openvpn.net/openvpn/ticket/1434#comment:12)
Fix by adding common_name to env whenever it changes.
Trac: #1434
Very likely applies to #160 as well, but that's too old and
some of the relevant code path has evolved since then.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211023000706.25016-1-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23051.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:13 +0000 (20:31 +0200)]
Remove DES key fixup code
This code mainly sets the parity bits in the DES keys. As mbed TLS and
OpenSSL already ignore these bits in the DES key and since DES is
deprecated, remove this special DES code that is not even needed by
the libraries.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-8-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23014.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Max Fillinger [Thu, 21 Oct 2021 11:50:37 +0000 (13:50 +0200)]
Fix build with compression disabled
When building with both --disable-lz4 and --disable-lzo, the function
comp_non_stub_enabled and various flags are not defined. One of the
places where it is used in options.c was not put behind an #ifdef, which
caused compilation to fail.
Trac: #1435 Signed-off-by: Max Fillinger <maximilian.fillinger@foxcrypto.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211021115037.27056-1-maximilian.fillinger@foxcrypto.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23035.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:10 +0000 (20:31 +0200)]
Remove DES check with OpenSSL 3.0
DES is very deprecated and accidently getting on the of the 16 insecure
keys that OpenSSL checks is extremely unlikely so we no longer use the
deprecated functions without replacement in OpenSSL 3.0.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20211019183127.614175-5-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg23004.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Tue, 19 Oct 2021 18:31:12 +0000 (20:31 +0200)]
Deprecate --ecdh-curve with OpenSSL 3.0 and adjust mbed TLS message
OpenSSL 3.0 deprecates SSL_CTX_set_tmp_ecdh() in favour of
SSL_CTX_set1_groups(3). We already support the SSL_CTX_set1_groups
using the --tls-groups. Adjust both mbed TLS and OpenSSL 3.0 to
say that --ecdh-curve is ingored and --tls-groups should be used.
Signed-off-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Max Fillinger <maximilian.fillinger@foxcrypto.com>
Message-Id: <20211019183127.614175-7-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22999.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
projects / thirdparty / openvpn.git / log
