Exponentially back off on repeated connect retries
- When the number of retries per remote exceeds a limit
(hard coded to 5), double the restart pause interval
for each additional retry per remote.
- Trigger a SIGHUP to reset the retry count when the pause
interval exceeds 1024 times the base value of restart pause.
(removed in v2 of the patch)
The base value of restart pause is set using --connect-retry
(5 seconds by default).
v2 changes (based on suggestions from Arne Schwabe <arne@rfc2549.org>)
- Do not throw SIGHUP.
- Add an optional argument to "--connect-retry n [m]" where 'm'
specifies the max value of restart pause interval (default
300 sec).
E.g., "--connect-retry 5 1800" will cause the restart pause to
scale up starting at 5 until it exceeds 1800 seconds at which
point it gets capped at 1800.
- If n == m no slow down will occur.
- While at it, fix typos and clarify the description of connect-retry-max
in the man page and Changes.rst
v3 changes (on further feedback from arne@rfc2549.org):
- Limiting the base value of retry wait interval to 16 bits moved
to options.c
- Apply backoff only in the udp and tcp-client modes. Backing off on
tcp-server could be exploited by a client in p2p-mode to maliciously
slow it down (thanks to Arne Schwabe for pointing this out.
- Fix typo in Changes.rst: "third argument" -> "second argument"
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1467732770-19110-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/12050 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Fri, 24 Jun 2016 12:27:10 +0000 (14:27 +0200)]
Remove http-proxy-retry and socks-proxy-retry.
These options were probably introduced long before we had multiple
remote/connection entries. For all other connection entries, OpenVPN will
go on with the next connection if it fails. For proxies, if it fails in
some ways it works the same, for other failures it completely stops.
Removing the *-proxy-retry and defaulting to retry makes the behavior more
predictiable. Stopping after one try (regardless of reason) can be achieved
with --max-connect-retry 1
V2: Add reason for removing, remove from manpage, give a hint at
--max-connet-retry
V3: Collapse the two ifs in options.c to one block Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1466771230-5266-1-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11988
Selva Nair [Fri, 24 Jun 2016 02:50:56 +0000 (22:50 -0400)]
Return process id of openvpn from interactive service to client
- The process id is returned as a message formatted in the same manner
as error messages from the service to the client: i.e., a three-line
message with error number formatted as 0x%08x on line 1, followed by
the PID in format 0x%08x on line 2 and a description that reads as
"Process ID" on line 3. Error number is set to zero to indicate
this is an informational message.
This provides a way for service clients to check the status of openvpn
and terminate it without needing management interface or exit event.
Useful when the interactive service is used from a launch script, or
to force-terminate openvpn from the GUI if/when needed.
v2 changes: format of the message changed as described above.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1466736656-27501-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11984 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Fri, 17 Jun 2016 02:54:53 +0000 (22:54 -0400)]
Fix management-external-cert option parsing error
- Allow --management-external-cert as an alternative to --cert
- Also make sure --cert and --management-external-cert are not
both specified, and clarify in the man page that the latter
must be used with --management-external-key.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1466132093-1178-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11929 Signed-off-by: Gert Doering <gert@greenie.muc.de>
James Yonan [Thu, 3 Mar 2016 08:19:05 +0000 (01:19 -0700)]
Added directive to specify HTTP proxy credentials in config.
The inline directive http-proxy-user-pass can be used to
specify proxy credentials in config, e.g.:
http-proxy proxy.tld 3128 auto-nct
<http-proxy-user-pass>
foo
bar
</http-proxy-user-pass>
This usage is already supported by OpenVPN 3.
Signed-off-by: James Yonan <james@openvpn.net> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456993146-63968-9-git-send-email-james@openvpn.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11283 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 14 Jun 2016 20:00:03 +0000 (22:00 +0200)]
mbedtls: don't set debug threshold if compiled without MBEDTLS_DEBUG_C
For targets with space constraints, one might want to compile mbed TLS
without MBEDTLS_DEBUG_C defined, to save some tens of kilobytes. Make
sure OpenVPN still compiles if that is the case.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465934403-22226-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11922 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Thu, 9 Jun 2016 13:00:32 +0000 (15:00 +0200)]
Change --enable-pedantic to use -std=c99 and not -ansi (C90).
There's quite a bit of our code that fails compilation with
"gcc -pedantic -ansi" and should not be changed - like, LZ4 using
"long long" variables which C90 does not have. Be pragmatic.
trac #616
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465477232-25826-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11882 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Thu, 9 Jun 2016 11:51:29 +0000 (13:51 +0200)]
Upgrade bundled compat-lz4 to upstream release r131.
Take upstream release from https://github.com/Cyan4973/lz4/releases,
copy lz4-r131/lib/lz4.c to src/compat/compat-lz4.c
copy lz4-r131/lib/lz4.h to src/compat/compat-lz4.h
change #include line in compat-lz4.c to use "compat-lz4.h" not "lz4.h"
add "config.h" block and wrap in #ifdef NEED_COMPAT_LZ4 / #endif
No other changes to upstream code.
This commit is quite huge, but this is because we bundled a fairly old
version and upstream refactored quite a lot of code, changed // comments
to /* */ style, etc - to review, compare compat-lz4.* files to upstream.
v2: add missing #ifdef NEED_COMPAT_LZ4 wrapping
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1465473089-20754-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11879 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Wed, 8 Jun 2016 12:20:39 +0000 (14:20 +0200)]
Don't limit max incoming message size based on c2->frame
"Be conservative in what you send, be liberal in what you accept"
When receiving packets, the real limitation of how much data we can accept
is the size of our internal buffers, not the maximum size we expect
incoming packets to have.
I ran into this while working on cipher negotiation, which will need
separate bookkeeping for the required internal buffer size, and the
link/tun MTU. Basing this code on the buffer size instead of c2->frame
makes that easier. A nice side-effect of this change is that it
simplifies the code.
This should also reduce the impact of using asymmetric tun/link MTU's,
such as in trac ticket #647.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465388443-15484-2-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11850 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 7 Jun 2016 04:44:20 +0000 (00:44 -0400)]
Ignore SIGUSR1/SIGHUP during exit notification
This allows exit notification to complete and finally trigger SIGTERM.
The current practice of allowing a restart in this state clears
the exit notification timer data and thus loses the SIGTERM.
Trac #687
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465274660-11009-2-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11814 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sun, 5 Jun 2016 21:41:23 +0000 (17:41 -0400)]
Add an option to filter options received from server
v2 changes:
- Add the flag "ignore" and have "reject" trigger a restart.
- Unlimited number of filters: yes, going against the consensus,
but the code looks simpler and cleaner this way.
- New commit message to reflect the changes.
Permit a client to selectively accept, ignore or reject options
pushed by the server. May be used multiple times. The filters
are applied in the order specified to each pushed option received.
The filtering stops as soon as a match is found. The action "ignore"
removes the option and continues processing the next option, while
"reject" flags an error and restarts the connection with SIGUSR1.
Prefix matching is used so that all options starting with the
specified "option" string are filtered.
will ignore all pushed routes except those starting with "192.168."
and reject the assigned ip unless its in the "10.9.0.0/24"
range. A match of the reject filter will trigger a restart. SIGUSR1
restart is used instead of SIGHUP so as to try the next remote
for reconnection.
Note the space at the end of "route " to not reject "route-gateway",
for example. All options not matched by any filter are accepted.
Acknowledges shameless imitation of --push-remove.
Inspired by Trac #682.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465162884-32520-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11808 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sat, 4 Jun 2016 15:57:13 +0000 (11:57 -0400)]
Make block-outside-dns work with persist-tun
- Remove and recreate WFP filters during restart even when
tun/tap is not re-opened. This is needed for resolving the remote.
Patch same as for v2.3 except for passing 'msg_channel'.
See also: http://article.gmane.org/gmane.network.openvpn.user/36990
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465055833-13681-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11788 Signed-off-by: Gert Doering <gert@greenie.muc.de>
It seems it was a conflict in vendor/Makefile.am's distdir target,
confusing autotools so it wouldn't actually parse that directory
properly. The result was that 'make distcheck' would fail and
tarballs created would just ship with an empty vendor/ directory.
Also remove the 'foreign' AUTOMAKE_OPTIONS flag, as we don't use
that many places at all. Things work well without this flag.
The comment had to be moved to a single line, otherwise the
white spaces between the end of the variable assignment and the
hash character got added to the variable.
[v3 - Further improve white space issues, now 'make clean'
should work too]
[v2 - Fix white space issues in path variables]
Signed-off-by: David Sommerseth <dazo@privateinternetaccess.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1464976163-6162-1-git-send-email-openvpn@sf.lists.topphemmelig.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11778
David Sommerseth [Tue, 31 May 2016 10:28:46 +0000 (12:28 +0200)]
Only build and run cmocka unit tests if its submodule is initialized
Commit 40cb4cfc5d01110 added infrastructure to write unit tests using
cmocka. This was implemented using a git submodule to fetch an
up-to-date cmocka test framework.
The issue which appeared was that 'make check' stopped working if
the cmocka submodule was not initialized and updated. As we do not
want this to be a hard depenency, this patch makes running these
unit tests conditional. If cmocka has not been initialized, skip
them or if it has been initialized all unit tests will be run.
[v2 - Also check if cmake is available, as cmocka depends on that
to be built ]
Signed-off-by: David Sommerseth <dazo@privateinternetaccess.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1464703645-26640-1-git-send-email-openvpn@sf.lists.topphemmelig.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11758
Jeffrey Cutter [Fri, 20 May 2016 09:25:10 +0000 (12:25 +0300)]
Update contrib/pull-resolv-conf/client.up for no DOMAIN
When no DOMAIN is received from push/pull, do not add either domain or
search to the resolv.conf. Fix typo in comment resolv.con[f]. Only add
new line when using domain or search.
Jens Neuhalfen [Wed, 25 May 2016 17:57:56 +0000 (19:57 +0200)]
Add a test for auth-pam searchandreplace
No functional changes.
Utility functions of auth-pam are split into a dedicated file. This allows
the test programs to easily test these functions without adding
dependencies.
Add a minimal test for searchandreplace as a proof of concept.
[ Modified during commit: Enhanced documentation of functions in utils.h
to comply with doxygen standards ]
Jens Neuhalfen [Wed, 25 May 2016 17:57:55 +0000 (19:57 +0200)]
Add unit testing support via cmocka
cmocka [1,2] is a testing framework for C. Adding unit test
capabilities to the openvpn repository will greatly ease the
task of writing correct code.
cmocka source code is added as git submodule in ./vendor. A
submodule approach has been chosen over a classical library
dependency because libcmocka is not available, or only
available in very old versions (e.g. on Ubuntu).
cmocka is build during 'make check' and installed in vendor/dist/.
Selva Nair [Sun, 22 May 2016 18:39:32 +0000 (14:39 -0400)]
Fix handling of out of memory error in interactive service
Currently realloc failure in UpdateWaitHandles() is handled by
triggering exit_event and waiting for all active worker threads
to terminate. However, at this point the wait handles array
will contain an invalid value (handle of the latest thread that
is terminated), causing a cycle of WAIT_FAILED <-> continue and
trashing of the eventlog.
Fix:
- Update the wait handles again after removing the last thread:
this should not fail as no extra memory is needed. Do not set
the exit event; existing connections are not terminated.
- In case of WAIT_FAILED, break out of the while loop and exit
instead of continue. This usually happens when one or more
handles are invalid, which is hard to recover from.
Other changes:
- Use minimal initial allocation size so that the realloc code path
gets exercised (2 or more connections will cause realloc).
- Use a temp variable to check the return value of realloc().
- Initialize handles array pointer to NULL.
v2 changes:
- Increased initial allocation to 10 (warn: now 10 or more connections
needed to exercise the realloc code path).
- Moved up the declaration of "LPHANDLE tmp" to please stone-age MSVC.
Tested using a dummy realloc that returns NULL.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1463942372-26958-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11708 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Josh Cepek [Mon, 18 Aug 2014 10:51:01 +0000 (05:51 -0500)]
Push an IPv6 CIDR mask used by the server, not the pool's size
Correctly handle CIDR masks when pushing clients addressing from an IPv6
pool. This change ignores the incorrectly used `bits` argument to the
--ifconfig-ipv6-pool option.
The code to save any provided CIDR mask after the pool IP is left in;
this may someday become useful when we move to allow IPv6 pools without
relying on an IPv4 pool assignment.
Signed-off-by: Josh Cepek <josh.cepek@usa.net> Acked-by: Arne Schwabe <arne@rfc2549.org> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <53F1DA95.7020701@usa.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/8990 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Mon, 16 May 2016 10:13:04 +0000 (12:13 +0200)]
Implement push-remove option to selectively remove pushed options.
With this option, the server can remove individual options from the
set pushed to a client (call from --client-config-dir file, or from
--client-connect script or plugin). Options are removed at parse
time, so it is possible to do stuff like:
push-remove route-ipv6
push "route-ipv6 fd00::/8"
to first remove all IPv6 route options set so far, then add something
specific (what "push-reset" does to all the options).
Arguments to push-remove are strncmp()'ed to option string, so partial
matches like
push-remove "route-ipv6 2001:"
are possible ("remove all IPv6 routes starting with 2001:").
Implementation of remove_iroutes_from_push_route_list() had to be changed
slightly to stop it from re-enabling all disabled options again.
v3: correct quoting in commit message
only handle a single argument per push-remove statement - if multiple
options are to be removed, just use multiple push-remove statements
Trac #29, #614
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1463393584-8318-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11665 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Fri, 11 Mar 2016 04:47:26 +0000 (23:47 -0500)]
Add support for register-dns through interactive service
The call to the service returns promptly after delegating the job to
a thread, before the task is completed. In the thread, "net stop dnscache",
"net start dnscache", "ipconfig /flushdns" and "ipconfig /register-dns"
are executed in that order.
Parallel execution of these commands is prevented by a lock that is
common to all connections started by the service.
Note: "net stop .." is used instead of "sc stop.." as the latter can
return before the service has fully stopped (in STOP_PENDING state),
causing the subsequent start to fail.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1457671646-4322-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11354 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sat, 14 May 2016 00:31:24 +0000 (20:31 -0400)]
Make error non-fatal while deleting address using netsh
During windows power events such as sleep or suspend, the TUN/TAP
I/O aborts and openvpn signals SIGHUP so as to automatically reconnect
on resume (since commit ea66a2b5cdb2..). During the SIGHUP processing
operations such as address and route deletion are expected to fail. Such
failures should be treated as non-fatal to allow for this automatic
recovery logic to work. Currently, when the address deletion is handled
by netsh, errors are treated as M_FATAL. This patch changes the error
level to M_WARN.
Resolves Trac #71 (comments 37 to 43)
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1463185884-4355-2-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11656 Signed-off-by: Gert Doering <gert@greenie.muc.de>
James Yonan [Thu, 3 Mar 2016 07:48:12 +0000 (00:48 -0700)]
Fixed port-share bug with DoS potential
Fixed port-share bug that can cause segfault when the number
of concurrent connections is large.
The issue is that the port-share code calls openvpn_connect()
which in turn calls select(). When there are a high number
of concurrent port-share connections, the fd passed to select
can potentially exceed FD_SETSIZE, causing undefined behavior.
The fix is to use poll() (if available) instead of select().
Signed-off-by: James Yonan <james@openvpn.net> Acked-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <CAA1Abx+2E2FZN-y6P=mkKpSuZ7bOV5m6rUMTx3V7UP2qPMjZPg@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11626 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Jens Neuhalfen [Sun, 8 May 2016 16:17:48 +0000 (18:17 +0200)]
Prevent integration test timeout bc. of sudo
Integration tests run by t_client.sh use sudo to run openvpn as root.
If the t_client.sh script is configured to use sudo then the user
must enter the password quickly because t_client assumes a startup
failure if openvpn does not start quick enough.
If the user is not quick enough, then the tests fails.
This change will refresh the sudo timestamp at the start of the script.
Tested on MacOS X & Ubuntu Precise
Signed-off-by: Jens Neuhalfen <jens@neuhalfen.name> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <280154CA-9468-429B-BCAC-DB632C0AFB32@neuhalfen.name>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11622 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Thu, 5 May 2016 11:48:16 +0000 (13:48 +0200)]
Fix library order in -lmbedtls test.
-lmbedx509 needs to be before -lmbedcrypto, otherwise you end up with
unresolved symbols mbedtls_pk_load_file and mbedtls_pk_parse_subpubkey
on systems with static mbedtls libraries and a linker that only does
one left-to-right resolving pass through these.
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20160505115050.GA81579@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11605 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 1 May 2016 18:23:06 +0000 (20:23 +0200)]
configure.ac: link to all mbed TLS libs during library detection
When for some reason the dependencies of the compiled mbed TLS libaries
(libmbedtls, libmbedcrypto and libmbedx509) are not correct, the configure
script will fail to link against libmbedcrypto and/or libmbedx509. This
is reported to happen after using 'make install' to install mbedtls.
This patch makes sure the configure tests link to all three. The build
process itself already did.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1462126986-2686-1-git-send-email-steffan@karger.me> Signed-off-by: Gert Doering <gert@greenie.muc.de>
Rename files with 'polarssl' in the name to 'mbedtls'
The patch looks huge, but it's just file renames, and required changes in
includes / Makefiles. Use 'git diff -C' or a tool like gitk to easily
review this patch.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1460918143-408-2-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11459 Signed-off-by: Gert Doering <gert@greenie.muc.de>
PolarSSL / mbed TLS 1.3 is going end-of-life by 2016-12-31, so let's move
the master branch on to the 2.x series.
This patch purges all references to polarssl, except for file names and
some comments referring to 1.2 and earlier, which were never released as
'mbed TLS'. A separate patch for the file names follows, so the real
changes are easier to spot without git-fu.
This patch intends to not change any behaviour.
The vast majority of this patch is just renaming functions and structs.
There are some small changes in the implementation:
* In ssl_polarssl.c: the debug callback prototype changed, so our
implementation changed a bit too.
* in ssl_polarssl.c: the old polarssl ssl_context is now split into a
mbedtls_ssl_config and mbedtls_ssl_context. The intention is that
mbedtls_ssl_config is shared among connections, and mbedtls_ssl_context
contains the per-connection state. That doesn't work for us, because
we use per-connection verify callback data, while the verify callback
is registered on mbed_tls_config. Therefore we still need to init a
mbed_tls_config struct for each connection.
* in ssl_polarssl.c: the mbed bio handling changed, so our
implementation changed a bit too.
* in ssl_polarssl.c and ssl_verify_polarssl.c: the mbedtls x509 parse
functions now fail if we don't provide a NUL-terminated string, so use
strlen()+1 as the length argument to include the terminating NUL.
I tested this patch to work with:
* 'make check' (with 2.0.0 and 2.2.1, other tests just with 2.2.1)
* static key mode
* TLS mode with PEM key file
* TLS mode with password protected PEM key file
* TLS mode with management-external-key
* TLS mode with PKCS#11
* TLS mode with inline ca/key/cert/dh
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1460918143-408-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11458 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sat, 5 Mar 2016 16:08:22 +0000 (17:08 +0100)]
Implemented x509-track for PolarSSL.
This patch is a variant of the patch to implement x509-track for
PolarSSL that was sent to openvpn-devel@ by James Yonan
(<1456993146-63968-7-git-send-email-james@openvpn.net>). It still uses
some of the original code from James, but proposes a different
implementation.
This patch does the following things differently:
* Do not introduce NID_* defines that need to be maintained. Instead,
just use the short name of the attribute for identification. This
has the advantage that we automatically support everything that
PolarSSL supports, it is less code and we do not have maintain the
list. But the disadvantage is that this approach will not error out
when an unknown attribute name is supplied. PolarSSL (at least 1.3,
I didn't check 2.x) does not provide the functions required to do
that. Instead of erroring out, this implementation will just
silently ignore the unknown --x509-track attribute name.
* Remove the ENABLE_X509_TRACK define completely - it depended just on
ENABLE_CRYPTO anyway.
* Move the --x509-track option parsing out of ENABLE_MANAGEMENT, since
it does not depend on management functionality.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CAA1AbxL1w8e_o-GjS2jETZWxYdMbS2iKABPc6OZBA8bOVycjtA@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11350 Signed-off-by: Gert Doering <gert@greenie.muc.de>
PolarSSL x509_get_sha1_hash now returns correct SHA1 fingerprint.
509_get_sha1_hash() is supposed to return the certificate fingerprint,
which is the hash of the entire certificate - including the signature -
and not just the 'to be signed' data (cert->tbs in polarssl).
This changes externally visible behavior for polarssl builds: it will
change the value of the tls_digest_N values exported to the environment
for scripts.
v2 Steffan Karger: added commit message and Changes.rst entry.
Code unchanged from v1 by James.
Signed-off-by: James Yonan <james@openvpn.net> Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CAA1AbxL=QYUy6N+jKgxVVuftmF=75mSEz3rYUbisT245UfB5Dg@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11396 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Daniel Kubec [Wed, 27 Apr 2016 06:00:34 +0000 (08:00 +0200)]
Fix buffer size parameter for exported keying material.
Commit 41e4b67a229e774ebc57a882c386e10d80e10e7e broke the exported
keying material functionality while addressing lack of variable-length
arrays in MSVC compilers - turning an array into a gc_malloc()'ed
pointer, but still using "sizeof(ekm)" for buffer size - which is
now "4" (unsigned char *), not the actual buffer length...
Fixed!
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <49496.109.81.184.65.1461736834.squirrel@mail.actumg2.cz>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11509
Selva Nair [Sun, 20 Dec 2015 19:12:53 +0000 (14:12 -0500)]
Support reading the challenge-response from console
Trying to keep the footrpint small, this patch adds to the
convoluted code-flow in get_user_pass_cr(). Cleanup left for later.
-----8<-----
Currently prompting for a response to static-challenge
gets skipped when the username and passowrd are read
from a file. Further, dynamic challenge gets wrongly handled
as if its a username/password request.
The Fix:
- Add yet another flag in get_user_pass_cr() to
set when prompting of response from console is needed.
- In receive_auth_failed(), the challenge text received
from server _always_ copied to the auth_challenge
buffer: this is needed to trigger prompting from console
when required.
- Also show the challenge text instead of an opaque
"Response:" at the prompt.
While at it, also remove the special treatment of authfile ==
"management" in get_user_pass_cr(). The feature implied by that
test does not exist.
Tested:
- username and optionally password from file, rest from console
- the above with a static challenge
- the above with a dynamic challenge
- all of the above with systemd in place of console
- all from management with and without static/dynamic
challenge.
Thanks to Wayne Davison <wayne@opencoder.net> for pointing out the
issue with challenge-response, and an initial patch.
In the past years, the internet has been moving forward wrt deprecating
older and less secure ciphers. Let's follow this example in OpenVPN and
further restrict the default list of negotiable TLS ciphers.
Compared to earlier, this disables the following:
* Ciphers in the LOW and MEDIUM security cipher list of OpenSSL
The LOW suite will be completely removed from OpenSSL in 1.1.0,
the MEDIUM suite contains ciphers like RC4 and SEED.
* Ciphers that do not provide forward secrecy (static DH/ECDH keys)
* DSA private keys (rarely used, and usually restricted to 1024 bits)
v2: added Changes.rst entry.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1460917927-31645-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11457 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Make intend of the validation clear when validating utun parameter in
open_darwin_utun. The program logic remains unchanged.
Fixes the following compiler warning on Mac OS X:
tun.c:2847:19: warning: logical not is only applied to the left hand side
of this comparison [-Wlogical-not-parentheses]
if (dev_node && !strcmp ("utun", dev_node)==0)
^ ~~
tun.c:2847:19: note: add parentheses after the '!' to evaluate the
comparison first
if (dev_node && !strcmp ("utun", dev_node)==0)
^
( )
tun.c:2847:19: note: add parentheses around left hand side expression to
silence this warning
if (dev_node && !strcmp ("utun", dev_node)==0)
^
( )
tun.c:2849:11: warning: logical not is only applied to the left hand side
of this comparison [-Wlogical-not-parentheses]
if (!sscanf (dev_node, "utun%d", &utunnum)==1)
^ ~~
tun.c:2849:11: note: add parentheses after the '!' to evaluate the
comparison first
if (!sscanf (dev_node, "utun%d", &utunnum)==1)
^
( )
tun.c:2849:11: note: add parentheses around left hand side expression to
silence this warning
if (!sscanf (dev_node, "utun%d", &utunnum)==1)
^
( )
Signed-off-by: Jens Neuhalfen <jens@neuhalfen.name> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <3365AB24-33FD-4D9D-A57C-BF9240DC3D69@neuhalfen.name>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11440 Signed-off-by: Gert Doering <gert@greenie.muc.de>
fixup: change init_key_type() param name in declaration too
Commit 66407e11 changed the name of the cfb_ofb_allowed parameter of the
init_key_type() implementation to 'tls_mode', but forgot to do the same in
the function declaration.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1460886980-12925-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11445 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Sun, 6 Mar 2016 19:39:09 +0000 (20:39 +0100)]
Implement inlining of crl files
While crl files can change regulary and it is usually not a good idea to
statically include them into config files, handling multiple files and
updating files on mobile devices is tiresome/problematic. Inlining a static
version of the crl file is better in these use cases than to use no crl at
all.
OpenVPN 3 already supports inlining crl-verify, so <crl-verify> is already
used in config files.
V2: Fixed PolarSSL and made formatting respect the 80 column limit
V3: Accidentally reverted one change too much in V2 Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1457293149-10526-1-git-send-email-arne@rfc2549.org>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11337
James Yonan [Thu, 3 Mar 2016 08:19:00 +0000 (01:19 -0700)]
Added flags parameter to format_hex_ex.
We add the flags parameter without changing the signature of
the function by repurposing the space_break parameter into
space_break_flags where the lower 8 bits are used for the
previous space_break parameter and the higher bits are used
for flag values.
Added new flag FHE_CAPS that formats the generated hex string
in upper case.
Signed-off-by: James Yonan <james@openvpn.net> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1456993146-63968-4-git-send-email-james@openvpn.net>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11275 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 27 Mar 2016 14:18:16 +0000 (16:18 +0200)]
Replace MSG_TEST() macro for static inline msg_test()
Using a static inline function instead of a macro has the advantages that
(1) 'flags' is not evaluated twice and (2) coverity will stop complaining
that 'Macro compares unsigned to 0 (NO_EFFECT)' each time we use flags
with loglevel 0 (e.g. M_FATAL or M_WARN).
This has a performance impact when compiler optimizations are fully
disabled ('-O0'), but should otherwise be as fast as using a macro.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1459088296-5046-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11368 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 27 Mar 2016 15:22:10 +0000 (17:22 +0200)]
Fix memory leak in argv_extract_cmd_name()
Reported by coverity (in 2009!):
1648 static char *
1649 argv_extract_cmd_name (const char *path)
1650 {
1. Condition path, taking true branch
1651 if (path)
1652 {
1653 char *path_cp = string_alloc(path, NULL); /* POSIX basename()
implementaions may modify its arguments */
1654 const char *bn = basename (path_cp);
2. Condition bn, taking true branch
1655 if (bn)
1656 {
3. alloc_fn: Storage is returned from allocation function
string_alloc. [show details]
4. var_assign: Assigning: ret = storage returned from
string_alloc(bn, NULL).
1657 char *ret = string_alloc (bn, NULL);
5. noescape: Resource ret is not freed or pointed-to in strrchr.
1658 char *dot = strrchr (ret, '.');
6. Condition dot, taking false branch
1659 if (dot)
1660 *dot = '\0';
1661 free(path_cp);
7. Condition ret[0] != 0, taking false branch
1662 if (ret[0] != '\0')
1663 return ret;
CID 27023 (#2-1 of 2): Resource leak (RESOURCE_LEAK)8.
leaked_storage: Variable ret going out of scope leaks the storage it
points to.
1664 }
1665 }
1666 return NULL;
1667 }
This function is only used by argv_printf_arglist(), and in a very specific
case, so it might be that this leak can not even occur. But coverity is
clearly right that this is a bug, so let's just fix it.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1459092130-19905-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11369 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Commit a070f75b (master branch only) changed the openvpn_encrypt logic and
now prepends the contents of the work buffer to buf if no encryption is
used (which is the case for tls-auth packets). In that case, the code
would potentially dereference a null-pointer in a memcpy(some-dest, 0, 0)
call. Fortunately, memcpy() inplementations usually do not actually
derefence the src (or dst) pointer for zero-length copies.
And since I'm touching this code now anyway, remove a slightly confusing
jump back to a cleanup label in openvpn_encrypt_aead().
Issue spotted by Daniel Hirche.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1459528980-8304-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11372 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Fri, 26 Feb 2016 03:24:51 +0000 (22:24 -0500)]
Add support for block-outside-dns through the interactive service
- Add a new message type in openvpn-msg.h
- Pass msg_channel HANDLE to win_wfp_block_dns and win_wfp_uninit
- Add a handler in interactive.c for block_dns request
The service build now depends on block_dns.[ch] in src/openvpn
v2 changes:
- Make CmpEngine non-nested (be nice with non-gcc compilers)
- Print error code in hex
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456457091-3872-2-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11265 Signed-off-by: Gert Doering <gert@greenie.muc.de>
On many platforms (not Windows, for once), FD_SET() can write outside the
given fd_set if an fd >= FD_SETSIZE is given. To make sure we don't do
that, add an ASSERT() to error out with a clear error message when this
does happen.
This patch was inspired by remarks about FD_SET() from Sebastian Krahmer
of the SuSE Security Team.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456996968-29472-1-git-send-email-steffan.karger@fox-it.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11285 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 6 Mar 2016 09:31:55 +0000 (10:31 +0100)]
Make AEAD modes work with OpenSSL 1.0.1-1.0.1c
The 'nobody uses OpenSSL 1.0.1-1.0.1c'-gamble in commit 66407e11 (add AEAD
support) did not turn out well; apparently Ubuntu 12.04 LTS ships with a
broken OpenSSL 1.0.1. Since this is still a popular platform, re-add the
fixup code, now with a clear version check so it's easy to remove once we
drop support for OpenSSL 1.0.1.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1457256715-4467-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11322 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sat, 5 Mar 2016 19:39:56 +0000 (14:39 -0500)]
Handle localized Administrators group name in windows
Interactive service allows all configs and options if the user
is in "Administrators" group. This patch makes it work even if the
admin group is renamed or localized.
While at it, also remove two unused variables in validate.c.
Thanks to Leonardo Basilio <leobasilio@gmail.com> for testing
the patch on a localized version of windows and Samuli Seppänen
<samuli@openvpn.net> for pointing out this issue.
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1457206796-11863-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11316 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Fish [Thu, 25 Feb 2016 21:14:42 +0000 (16:14 -0500)]
Add lz4 support to MSVC.
- Include lz4 code and header in VC project files.
- Fix an issue in comp-lz4.h that prevents it from compiling under MSVC.
Signed-off-by: Fish <fish.thss@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456434882-6009-1-git-send-email-fish.thss@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11262 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Sun, 14 Feb 2016 17:28:01 +0000 (12:28 -0500)]
Send stdout and stderr of OpenVPN started by interactive service to NUL
Currently the service directs stdout/stderr of openvpn process to a pipe.
The
service never reads from it unless the process exits with an error. This
causes
the process to hang when large amount of log is written to stdout.
- Direct stdout/stderr to NUL
- Write the exit code (if nonzero) to the event log
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1455470881-32341-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11161 Signed-off-by: Gert Doering <gert@greenie.muc.de>
ValdikSS [Fri, 15 Jan 2016 23:35:38 +0000 (02:35 +0300)]
Update --block-outside-dns to work on Windows Vista
Windows Vista doesn't support non-equal matching of application name, it
is available only since Windows 7.
This commit splits 2 filtering conditions with non-equal matching to 2
filters each with 1 filtering condition: permit IPv4 (first filter)
and IPv6 (second filter) port 53 traffic from openvpn.exe instead
of blocking all non-openvpn.exe traffic on port 53 for both protocols.
Selva Nair [Sat, 20 Feb 2016 03:13:08 +0000 (22:13 -0500)]
Restrict options/configs for startup through interactive service
Windows only:
- Allow only a set of whitelisted options in the command line options
passed by
interactive service clients unless
(i) user is the local Adminsitrator group
AND/OR
(ii) in a predefined group (see below)
Only the group membership is checked, the client process need not be
running with
any elevated privileges available to those groups.
- Restrict config files to config_dir or it sub directories unless (i)
and/or (ii) above
is true (config_dir is as defined in HKLM\Software\OpenVPN\config_dir)
- The predefined group may be set in the registry
HKLM\Software\OpenVPN\ovpn_admin_group
(default: "OpenVPN Administrators")
- The white-list of options is a simple flat array of option strings
(without leading --)
defined in validate.c
- Further options may be added to the whitelist without breaking the GUI
-- the startup
data is passed from the GUI to the service the same way as before.
Notes to GUI developers:
(i) If the user is an administrator, the service will grant all privileges
even if
the GUI is not running elevated. This is practically equivalent to
'highestAvailable' without the risks of running the GUI elevated.
(ii) If the option checks fail, openvpn is not started, but an error
message
is passed back to the service pipe and written to event log. Currently the
GUI does
not read from the service pipe -- this needs fixing.
v2 changes:
- checked non-unicode build and fixed an error -- in case anyone builds
non-unicode
- added an info message to event log when user auth succeeds
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1455937988-12414-1-git-send-email-selva.nair@gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11225 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 22 Feb 2016 14:24:06 +0000 (15:24 +0100)]
Clean up get_tls_handhake_key()
This function has *much* more code than required. This commit cleans up
the function:
* Merge the handling of inline and non-inline code.
* Don't double-check key.2, since must_have_n_keys() already does that
(but keep the message about dropped passphrase support in 2.4).
* Remove stale references to 'passphrase' - we no longer support those
This commit should not change any behaviour except for log messages.
v2: Leave message about dropped passphrase support in place - this option
was dropped in 2.4, so it is indeed better to be clear about it.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1456151046-16047-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11238 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 21 Feb 2016 01:08:11 +0000 (02:08 +0100)]
Minor AEAD patch cleanup
* Remove stale function declaration.
This slipped into the AEAD cipher modes patch, but the function is
now implemented as a static function is ssl.c.
* Add ASSERT() to ensure frame is not NULL.
* Fix "ENCRYPT TO" log message in openvpn_encrypt_aead().
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1456016892-8671-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11233 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 15 Feb 2016 20:07:11 +0000 (21:07 +0100)]
Add preliminary server-side support for negotiable crypto parameters
Add preliminary support for Negotiable Crypto Parameters 'level 2'
(IV_NCP=2), as proposed by James Yonan on the openvpn-devel mailinglist:
http://comments.gmane.org/gmane.network.openvpn.devel/9385
This patch makes a server push a 'cipher XXX' directive to the client,
if the client advertises "IV_NCP=2", where XXX is the cipher set in the
server config file.
This enables clients that have support for IV_NCP to connect to a
server, even when the client does not have the correct cipher specified
in it's config file.
Since pushing the cipher directive is quite similar to pushing peer-id,
I moved peer-id pushing to the same prepare_push_reply() function I
created for pushing cipher. Adding these directives as regular push
options allows us to use the existing 'push-continuation'
infrastructure. Note that we should not reduce safe_cap in
send_push_reply, because it was never increased to account for peer-id.
This is a preliminary patch, which will be followed by more patches to
add client support, and configurability.
v2:
* Reword doxygen of push_options_fmt()
* No longer push IV_NCP as a server
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <CAA1Abx+gSgFH3=+xO6QN4NDAYwf8jctYhe8VyRxD8e1L=D6LWg@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11170 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sat, 24 Oct 2015 14:44:09 +0000 (16:44 +0200)]
Add AEAD cipher support (GCM)
Add Authenticated Encryption with Additional Data (AEAD) support for
ciphers, which removes the need for a separate HMAC step. The MAC is
integrated into the cipher and the MAC tag is prepended to the payload.
This patch is inspired by the patch originally submitted by Kenny Root
on the openvpn-devel mailinglist, but does a number things differently:
* Don't support XTS (makes no sense for VPN)
* Don't support CCM (needs extra code to make it actually work)
* Don't force the user to specify "auth none" (that would break
tls-auth)
* Add support for PolarSSL (and change internal API for this)
* Update openvpn frame size ('link mtu') calculation for AEAD modes
* Use the HMAC key as an implicit part of the IV to save 8 bytes per
data channel network packet.
* Also authenticate the opcode/peer-id as AD in P_DATA_V2 packets.
By using the negotiated HMAC key as an implicit part of the IV for
AEAD-mode ciphers in TLS mode, we can save (at least) 8 bytes on each
packet sent. This is particularly interesting for connections which
transfer many small packets, such as remote desktop or voip connections.
The current AEAD-mode ciphers (for now GCM) are based on CTR-mode cipher
operation, which requires the IV to be unique (but does not require
unpredictability).
IV uniqueness is guaranteed by using a combination of at least 64-bits
of the HMAC key (unique per TLS session), and a 32-bit packet counter.
The last 32-bit word of the 128-bit cipher block is not part of the IV,
but is used as a block counter.
AEAD cipher mode is not available for static key mode, since IV
uniqueness is harder the guarantee over sessions, and I believe
supporting AEAD in static key mode too is not worth the extra
complexity. Modern setups should simply use TLS mode.
OpenSSL 1.0.1-1.0.1c will not work with AEAD mode, because those
versions have an unnecessary check that fails to update the cipher if
the tag was not already set. 1.0.1d, which fixes that, was released in
February 2013. People should have updated, and distros should have
backported the fix by now.
Changes in v2:
* Remove extra code that was just for making OpenSSL 1.0.1-1.0.1c work
in AEAD mode.
* Do not make AEAD support configurable in ./configure.
* Get rid of '12' magic constant in openvpn_encrypt_aead().
* Update manpage to explain that --auth is ignored for the data channel
when using an AEAD cipher.
* Move setting the IV in AEAD cipher modes to the IV generation code.
This is a more natural place and now we can pull iv[] into the IV
generation scope.
* Read packet ID directly from packet buffer instead of from iv buffer,
to remove the need for an extra buffer.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CAA1AbxL_S4umZr5Nd0VTvUvXEHjoWmji18GqM6FgmWqntOKqaA@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11162 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Leonardo Basilio [Wed, 10 Feb 2016 10:19:39 +0000 (11:19 +0100)]
Correctly report TCP connection timeout on windows.
On nonblocking TCP connects, we set status = ETIMEOUT on failure.
On windows, depending on which header files are included, ETIMEOUT
is defined differently, and this leads to incomprehensible error
messages - so, always use WSAETIMEDOUT here.
Trac #651
Signed-off-by: Leonardo Basilio <leobasilio@gmail.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <CACqLfMnBXwSY=MXyc7B1oMKwYE2Z_49G3mpkEPxbSAuG61tgZA@mail.gmail.com>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11085 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 7 Feb 2016 19:47:14 +0000 (20:47 +0100)]
Change openvpn_encrypt() to append to work buffer only
Preparation for AEAD cipher modes, which also have to authenticate the
opcode and peer-id of packets. To supply that information to
openvpn_encrypt(), I want to simply write those to the work buffer
before calling openvpn_encrypt(). That however requires that
openvpn_encrypt() never prepends something to the work buffer.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1454874438-5081-7-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11074 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 7 Feb 2016 19:47:12 +0000 (20:47 +0100)]
Move key_ctx_bi into crypto_options
The encrypt and decrypt routines use struct crypto_options as their main
information source. A struct crypto_options would have a pointer to a
struct key_ctx_bi, which had to be updated at the correct moments to keep
them correct. Instead of doing this administration, just put the struct
key_ctx_bi inside crypto_options. Makes the code a little simpler too.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1454874438-5081-5-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11078 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 7 Feb 2016 19:47:11 +0000 (20:47 +0100)]
Move crypto_options into key_state and stop using context in SSL-mode.
Moving crypto_options into key_state enables us to stop using the global
context for each packet encrypt/decrypt operation. Decoupling the crypto
from the global context removes the need to copy the relevant parts of
crypto_options for each processed packet, but instead enables us to just
pass along a pointer to the related crypto_options.
This paves the way for an efficient GCM cipher mode implementation, but is
probably fruitful too for threading and/or cipher negotiation.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1454874438-5081-4-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11075 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 7 Feb 2016 19:47:10 +0000 (20:47 +0100)]
Remove reuse of key_type during init of data channel auth and tls-auth
Prepare for using AEAD cipher modes + tls-auth, as tls-auth might want to
use an HMAC, while the data channel uses e.g. GCM tags. This separates
the two initialisations. Also, error out (and give a clear error message)
if a user specifies tls-auth but no valid auth algorithm, which makes no
sense at all.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1454874438-5081-3-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11073 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Heiko Hund [Tue, 26 Jan 2016 19:11:48 +0000 (20:11 +0100)]
interactive service v3
v1: Heiko Hund
- Message-ID: <2215306.x9ci9DhAZ9@de-gn-40970>
- extend openvpn service to provide "automatic service" and "interactive
service" (which is used by GUI and OpenVPN to run openvpn non-privileged
and still be able to install routes and configure IPv6 addresses)
- add --msg-channel <n> option to openvpn to tell it which pipe to use
to talk to the interactive service (used in tun.c for ifconfig + ARP
flush, and route.c for routing)
- add openvpn-msg.h with message definitions for talking to interactive
service
- routing in openvpn uses message-pipe automatically if --msg-channel <n>
is configured, no other option needed
- today, the integration in route.c and tun.c is windows-only, but could
be adapted to other platforms
v2: Steffan Karger
- Message-ID: <548D9046.5000600@karger.me>
- include "openvpn-msg.h" not "include/openvpn-msg.h"
- add $(top_srcdir)/include to openvpnsrv build for out-of-tree builds
v3: Gert Doering, rebasing and integrating review feedback
- rebased to 417fe4a72c
- r->metric_defined is now r->flags & RT_METRIC_DEFINED (c3ef2d2333fb)
- move "openvpn-msg.h" include inside #ifdef WIN32 (windows-only right now)
- hide "msg_channel" extra option inside tt->tuntap_options, so we do not
need an extra argument to all the add/del_route...() functions
- do_route_ipv6_service(): use r->adapter index (if set) for RGI6 routes
Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Selva Nair <selva.nair@gmail.com> (Service changes) Acked-by: Arne Schwabe <arne@rfc2549.org> (OpenVPN changes)
Message-Id: <1453835508-26119-1-git-send-email-gert@greenie.muc.de>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11027 Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 18 Jan 2016 20:49:40 +0000 (21:49 +0100)]
configure.ac: fix polarssl autodetection
A missing , in the previous configure.ac patch caused the autodetection to
fail. While fixing that, I noticed I can simplify the check by using the
documented ${ac_cv_search_function} cache variable instead of the nested
AC_SEARCH_LIBS.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1453150181-21453-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11010 Signed-off-by: Gert Doering <gert@greenie.muc.de>
This reworks the crypto library configuration, to make it both simpler to
understand and more usable:
* Only check for OpenSSL when building against OpenSSL (and similar for
PolarSSL/mbed TLS).
* Bail out early if a problem with the library is detected.
* Set CRYPTO_{LIBS,FLAGS} immediately after the crypto library checks,
removing the need for an extra switch-case later on.
* We no longer support building openvpn with crypto but without ssl, so
we can also simplify the logic in configure.ac accordingly.
As a 'side effect' (this actually triggered me), this fixes a bug that
would cause a user-specified OPENSSL_{CRYPTO,SSL}_LIBS to be overwritten
by AC_CHECK_LIB if there are openssl headers available in the PATH.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1452436639-16838-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10978 Signed-off-by: Gert Doering <gert@greenie.muc.de>
ValdikSS [Sat, 9 Jan 2016 15:53:45 +0000 (18:53 +0300)]
Clarify mssfix documentation
Acked-by: Jan Just Keijser <janjust@nikhef.nl>
Message-Id: <1452354825-5096-1-git-send-email-iam@valdikss.org.ru>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10969
Steffan Karger [Wed, 13 Jan 2016 16:09:08 +0000 (17:09 +0100)]
socks.c: fix check on get_user_pass() return value(s)
My compiler rightfully complains that the checks on creds.username and
creds.password always evaluate to true, so remove those checks.
Judging from the code, they were meant to check the returned values by
get_user_pass(). So instead of these non-functioning checks, just check
the return value of get_user_pass().
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1452701348-9577-1-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/10993 Signed-off-by: Gert Doering <gert@greenie.muc.de>
projects / thirdparty / openvpn.git / log
