David Sommerseth [Wed, 14 Dec 2016 21:05:00 +0000 (22:05 +0100)]
dev-tools: Add reformat-all.sh for code style unification
This script will run all files related to the currently checked out
git branch through uncrustify using a standardized style configuration.
Due to a bug in uncrustify 0.64, it is needed to add a special treatment
to one of the files at the moment. So this both pre- and post-patched
before/after uncrustify is run. This is to simply to assure that all
file processing will happen consistently each time.
Also added doc/doxygen/doc_key_generation.h to an ignore list, as
it carries some specific Doxygen formatting we should be careful with.
This file is anyhow not so critical and can be managed manually.
The src/compat/compat-lz4.[ch] files are also not touched, as they
are based on upstream formatting. This makes it easier to update
to a newer LZ4 version later on and even see what the differences
are.
v2 - Include updated config from CodeStyle wiki page
Remove line lenght restriction for The Great Reformatting
Update the script with improvements by krzee
v3 - Update with a fixed config from the CodeStyle wiki page
Corrected a typo in the commit message (0.63->0.64)
Minor changes to the reformat script (no pushd/popd,
some new lines moved around, bash->sh)
David Sommerseth [Tue, 13 Dec 2016 12:16:56 +0000 (13:16 +0100)]
Changes.rst: Mainatiner update on C99
Mention for maintainers that we've moved to build with -std=c99 by
default. Also document that 32-bit RHEL5 builds will need -std=gnu99
to be buildable.
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1481631416-15377-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13518.html Signed-off-by: David Sommerseth <davids@openvpn.net>
systemd: Intermediate --chroot fix with the new sd_notify() implementation
Commit c5931897ae8d663e7e introduced support for talking directly
to the systemd service manager about the situation for the OpenVPN
tunnel. This approach makes a lot of sense and is mostly the proper
way to do it. But it was discovered that it breaks OpenVPN
configurations using --chroot.
The reason sd_notify() calls fails when using chroot() is that
sd_notify() expects to have access to a file as declared in the
$NOTIFY_SOCKET environment variable. It is the main systemd
instance which is responsible to provide both the environment variable
as well as the socket file sd_nodify() should use. When --chroot
comes into play, the $NOTIFY_SOCKET file will not be available
for OpenVPN any more.
As things are getting close to the 2.4_rc2 release we will not dare
to bring a too invasive fix. As well we need some time to discuss
an approrpriate solution. So this intermediate fix will only
provide a "successful start" message to the systemd service manager
right before chroot() happens. This will at least resolve the issue
in a safe and non-intrusive way.
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Christian Hesse <mail@eworm.de>
Message-Id: <1481079112-22990-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13416.html
Changes: Further improve systemd unit file updates
There were some reports that the directories mentioned should
have trailing /, to make it clearer they are directories and not
files. Also rephrased that sentence slightly to be even clearer
in this aspect.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Magnus Kroken [Fri, 9 Dec 2016 09:07:35 +0000 (10:07 +0100)]
mbedtls: include correct net/net_sockets header according to version
<mbedtls/net.h> is deprecated as of mbedTLS 2.4.0, it is renamed
<mbedtls/net_sockets.h>. OpenVPN will fail to build with
mbedTLS 2.4.0 with MBEDTLS_DEPRECATED_REMOVED defined.
Check MBEDTLS_VERSION_NUMBER, and include net.h for < 2.4.0 and
net_sockets.h for >= 2.4.0.
Signed-off-by: Magnus Kroken <mkroken@gmail.com> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1481274455-657-1-git-send-email-mkroken@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13451.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Wed, 7 Dec 2016 19:20:47 +0000 (20:20 +0100)]
Deprecate --no-iv
This fixes the bug of supporting --no-iv (since we're only accepting
bugfixes in the current release phase ;) ).
The --no-iv function decreases security if used (CBC *requires*
unpredictable IVs, other modes don't allow --no-iv at all), and even
marginally decreases other user's security by adding unwanted
complexity to our code.
Let's get rid of this.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1481138447-6292-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13430.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Wed, 7 Dec 2016 18:01:24 +0000 (19:01 +0100)]
Fix (and cleanup) crypto flags in combination with NCP
tls_session_update_crypto_params() did not properly set crypto_flags_or,
but instead set crypto_flags_and twice if a OFB/CFB mode was selected.
Also, the crypto flags in ks->crypto_options.flags were set before
tls_session_update_crypto_params() was called, causing those to not be
adjusted. To fix this, set the crypto flags in
tls_session_generate_data_channel_keys() instead of key_state_init().
While touching that code, remove the to _or and _and variables, which are
not needed at all.
Finally, refuse to accept --no-iv if NCP is enabled (we might otherwise
negotiate invalid combinations and ASSERT out later, and using --no-iv is
a bad idea anyway).
Trac: #784
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1481133684-5325-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13428.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Tue, 6 Dec 2016 12:26:02 +0000 (13:26 +0100)]
Refactor setting close-on-exec for socket FDs
The existing code can leak socket FDs to the "--up" script, which is
not desired. Brought up by Alberto Gonzalez Iniesta, based on debian
bug 367716.
Since different sockets get create at different times, just moving the
set_cloexec() to link_socket_init_phase1() is not good enough - so move
the call into create_socket_<family>(), so we will catch ALL socket
creations, no matter when or under which conditions they will be
created (SOCKS proxy socket, listening socket, ...).
--inetd gets an extra fd_cloexec() call, as socket FD is inherited.
Christian Hesse [Thu, 1 Dec 2016 21:31:04 +0000 (22:31 +0100)]
Refuse to daemonize when running from systemd
We start with systemd Type=notify, so refuse to daemonize. This does not
affect starting openvpn from script or command line.
v2: Update commit message about script and command line.
Signed-off-by: Christian Hesse <mail@eworm.de> Tested-By: Richard Bonhomme <fragmentux@gmail.com> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20161201213104.5667-2-list@eworm.de>
URL: http://www.mail-archive.com/search?l=mid&q=20161201213104.5667-2-list@eworm.de Signed-off-by: David Sommerseth <davids@openvpn.net>
Christian Hesse [Thu, 1 Dec 2016 21:31:03 +0000 (22:31 +0100)]
Use systemd service manager notification
Notify systemd service manager when our initialization sequence
completed. This helps ordering services as dependencies can rely on vpn
being available.
v2: Add curly brackets (and indention) to block the else-part, msg()
call was non-conditional before.
v3: Move systemd header include from init.h to init.c.
Signed-off-by: Christian Hesse <mail@eworm.de> Tested-By: Richard Bonhomme <fragmentux@gmail.com> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20161201213104.5667-1-list@eworm.de>
URL: http://www.mail-archive.com/search?l=mid&q=20161201213104.5667-1-list@eworm.de Signed-off-by: David Sommerseth <davids@openvpn.net>
In order to prevent annoying delays upon client connection,
reload the CRL file only if it was modified since the last
reload operation.
If not, keep on using the already stored CRL.
This change will boost client connection time in instances
where the CRL file is quite large (dropping from several
seconds to few milliseconds).
Cc: Steffan Karger <steffan.karger@fox-it.com> Signed-off-by: Antonio Quartulli <a@unstable.cc> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20161201104145.23821-1-a@unstable.cc>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13345.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Wed, 30 Nov 2016 21:51:36 +0000 (16:51 -0500)]
Do not restart dns client service as a part of --register-dns processing
As reported and discussed on Trac #775, restarting dns service has
unwanted side effects when there are dependent services. And it
appears unnecessary to restart this service to get DNS registered
on Windows.
Resolve by removing two actions from --register-dns:
'net stop dnscache' and 'net start dnscache' run through the service
or directly.
Trac: #775
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480542696-7123-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13331.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Wed, 30 Nov 2016 00:39:32 +0000 (19:39 -0500)]
Force 'def1' method when --redirect-gateway is done through service
The service deletes all added routes when the client process (openvpn)
exits, causing the re-instated default route to disappear.
Fix by rewriting "--redirect-gateway" to "--redirect-gateway def1" when
routes are set using interactive service.
Only the behaviour on Windows with intereactive service is affected.
Trac: #778
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480466372-2396-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13307.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Wed, 30 Nov 2016 01:53:14 +0000 (20:53 -0500)]
When parsing '--setenv opt xx ..' make sure a third parameter is present
When no parameters are present, set it to "setenv opt" to trigger a
descriptive error message. And, thus get rid of the pesky NULL pointer
dereferencing.
Trac: #779
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480470794-6349-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13311.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 28 Nov 2016 22:14:12 +0000 (23:14 +0100)]
Introduce and use secure_memzero() to erase secrets
As described in trac #751, and shortly after reported by Zhaomo Yang, of
the University of California, San Diego, we use memset() (often through
the CLEAR() macro) to erase secrets after use. In some cases however, the
compiler might optimize these calls away.
This patch replaces these memset() calls on secrets by calls to a new
secure_memzero() function, that will not be optimized away.
Since we use CLEAR() a LOT of times, I'm not changing that to use
secure_memzero() to prevent performance impact. I did annotate the macro
to point people at secure_memzero().
This patch also replaces some CLEAR() or memset() calls with a zero-
initialization using "= { 0 }" if that has the same effect, because that
better captures the intend of that code.
Trac: #751
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480371252-3880-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13278.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 29 Nov 2016 02:27:04 +0000 (21:27 -0500)]
Map restart signals from event loop to SIGTERM during exit-notification wait
Commit 63b3e000c9.. fixed SIGTERM getting lost during exit notification
by ignoring any restart signals triggered during this interval. However,
as reported in Trac 777, this could result in repeated triggering of
restart signals when the event loop cannot continue without restart due
to IO errors or timeout.
Avoid by converting soft SIGUSR1 and SIGHUP signals received during
exit-notify wait period to SIGTERM.
Trac #777
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480386424-30876-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13284.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 28 Nov 2016 14:26:40 +0000 (15:26 +0100)]
Clean up format_hex_ex()
Fix a potential null-pointer dereference, and make the code a bit more
readable while doing so.
The NULL dereference could not be triggered, because the current code
never called format_hex_ex() with maxouput == 0 and separator == NULL.
But it's nicer to not depend on that.
Our use of int vs size_t for lengths needs some attention too, but I'm
not pulling that into this patch. Instead I decided to just make the
(previously existing) assumption that INT_MAX <= SIZE_MAX explicit by
adding a static_assert().
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480343200-25908-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13259.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 28 Nov 2016 14:53:20 +0000 (15:53 +0100)]
tls_process: don't set variable that's never read
Found by the clang static analyzer: the state_change variable is set,
but never read afterwards. This code has been like this since 2005,
makes sense without setting state_change to true, and has worked fine
for the past 11 years.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1480344801-27855-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13260.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Wed, 23 Nov 2016 20:02:05 +0000 (21:02 +0100)]
Refactor data channel key generation API
Originally for "poor man's NCP", I introduced a simpler API for generating
data channel keys. That refactoring is no longer needed for that patch,
but I believe still worth a patch on it's own.
This patch should not change any functionality.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479931325-25919-2-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13216.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Wed, 23 Nov 2016 21:21:44 +0000 (22:21 +0100)]
Poor man's NCP for non-NCP peers
Allows non-NCP peers (<= 2.3, or 2.4+ with --ncp-disable) to specify a
--cipher that is different from the one in our config, as long as the new
cipher value is allowed (i.e. in --ncp-ciphers at our side).
This works both client-to-server and server-to-client. I.e. a 2.4 client
with "cipher BF-CBC" and "ncp-ciphers AES-256-GCM:AES-256-CBC" can connect
to both a 2.3 server with "cipher BF-CBC" as well as a server with
"cipher AES-256-CBC" in its config. The other way around, a 2.3 client
with either "cipher BF-CBC" or "cipher AES-256-CBC" can connect to a 2.4
server with e.g. "cipher BF-CBC" and "ncp-ciphers AES-256-GCM:AES-256-CBC"
in its config.
This patch was inspired by Gert's "Poor man's NCP for 2.3 clients" patch,
but takes a different approach to avoid the need for server-side scripts
or client-side 'setenv UV_*' tricks.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479936104-4045-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13218.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
David Sommerseth [Sat, 17 Sep 2016 13:20:15 +0000 (16:20 +0300)]
Document the --auth-token option
This isn't an option to be used directly in any configuration files,
but to be used via --client-connect scripts or --plugin making use of
OPENVPN_PLUGIN_CLIENT_CONNECT or OPENVPN_PLUGIN_CLIENT_CONNECT_V2.
[v2 - Added lacking .B styling of options
- Clarified the token life time ]
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1474118415-14666-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12506.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 22 Nov 2016 20:09:26 +0000 (21:09 +0100)]
generate_key_expansion: make assumption explicit, use C99 features
This function potentially allocates memory, and can therefor not be run
again on an initialized key_ctx_bi. Make this explicit by adding an error
if someone tries do to this anyway.
While touching the function, cleanup it up a bit to make up for the added
lines of code.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479845366-15774-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13202.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 22 Nov 2016 20:41:26 +0000 (21:41 +0100)]
--tls-crypt fixes
* Check return value of buf_init() (found by coverity)
* Use the TLS frame to determine the buffer size, as is done for the
reliability buffers used for tls-auth. (We previously incorrectly used
the TLS *plaintext* buffer size, which is bigger for typical setups
with tun-mtu <= 1500. Using the frame to calculate the size saves some
bytes for typical setups, and doesn't break setups with big tun-mtu.)
* More carefully handle errors in tls_crypt_wrap() - just drop the packet
instead of ASSERT()ing out (should not happen in the first place, but
this is a bit more friendly if it happens somehow anyway).
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479847286-17518-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13204.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Selva Nair [Tue, 22 Nov 2016 03:12:12 +0000 (22:12 -0500)]
Handle --dhcp-option DNS6 on Windows using netsh
v2: On closing tun delete the ipv6 dns addresses (if any were set).
Also use "validate=no" only in Windows 7 and higher where it is
supported. Its used to skip the time consuming automatic address
validation which is on by default on those platforms.
Tested on Windows Server 2008 (i686), Win 7 (x64) and Win 10 (x64)
TODO: set dns servers using the interactive service
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479784332-21680-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13193.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Arne Schwabe [Sat, 19 Nov 2016 15:42:44 +0000 (16:42 +0100)]
Fix various compiler warnings
- move p2mp only push_option_fmt to p2mp only section to avoid warning
that struct push_list being defined in the argument list
- incoming_push_message not declared on client without server by putting
it into the right define block
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479570164-23522-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13124.html
Arne Schwabe [Sat, 19 Nov 2016 15:35:56 +0000 (16:35 +0100)]
Remove compat-stdbool.h.
Since we use C99, we are guaranteed to have stdbool.h available Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479569756-23302-1-git-send-email-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13123.html
Commit c14c4a9e merged the hash_remove() and hash_add() calls in
multi_process_float(), but didn't notice that the hash key (mi->real) was
updated between these calls. So we now try to remove the *new* address
instead of the *old* address from the hash table. This leaks memory and
might break stuff when a different client floats to the old address/port of
this client. Restore that.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479575566-21198-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13128.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
David Sommerseth [Tue, 15 Nov 2016 13:40:56 +0000 (14:40 +0100)]
options: Remove --tls-remote
In OpenVPN 2.3 --tls-remote got deprecated in favour of --verify-x509-name.
The new option solves the same task as --tls-remote but in a more flexible
and improved way. This new option was introduced in commit 9f0fc745664fd0
(release/2.3: f6e12862cefd054eb1). Removing --tls-remote will only require
a minor configuration file change.
The removal of this option has been documented in the man pages since the
release of OpenVPN v2.3, where also the deprecation of --compat-names and
--no-name-remapping was included. However, those two will first be removed
in OpenVPN v2.5.
The reason not to remove --compat-names and --no-name-remapping now is that
such a change will require TLS verification scripts and plug-ins to be
updated to support the new X.509 subject formatting; which
--verify-x509-name already uses.
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479217256-21298-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13070.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 8 Nov 2016 20:18:22 +0000 (21:18 +0100)]
Add --tls-crypt unit tests
These help verify the tls-crypt functionality - they already caught a
bug during development. We should however probably also add some
t_client tests once this feature is in.
To test --tls-crypt with as few dependencies as possible, this adds a
mock implementation of msg() (or actually x_msg()). For debugging
purposes, the mock implementation can be made to really log by calling
mock_set_debug_level(), but defaults to (almost) no logging.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478636302-9678-6-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12973.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 15 Nov 2016 13:29:46 +0000 (14:29 +0100)]
Add control channel encryption (--tls-crypt)
This adds a --tls-crypt option, which uses a pre-shared static key (like
the --tls-auth key) to encrypt control channel packets.
Encrypting control channel packets has three main advantages:
* It provides more privacy by hiding the certificate used for the TLS
connection.
* It is harder to identify OpenVPN traffic as such.
* It provides "poor-man's" post-quantum security, against attackers who
will never know the pre-shared key (i.e. no forward secrecy).
Control channel packet encryption
---------------------------------
We propose to use the following encryption method, based on the SIV
construction [0], to achieve nonce misuse-resistant authenticated
encryption:
msg = control channel plaintext
header = opcode (1 byte) || session_id (8 bytes) || packet_id (8
bytes)
Ka = authentication key (256 bits)
Ke = encryption key (256 bits)
(Ka and Ke are pre-shared keys, like with --tls-auth)
auth_tag = HMAC-SHA256(Ka, header || msg)
IV = 128 most-significant bits of auth_tag
ciph = AES256-CTR(Ke, IV, msg)
output = Header || Tag || Ciph
This boils down to the following on-the-wire packet format:
Where
- XXX - means authenticated, and
* XXX * means authenticated and encrypted.
Which is very similar to the current tls-auth packet format, and has the
same overhead as "--tls-auth" with "--auth SHA256".
The use of a nonce misuse-resistant authenticated encryption scheme
allows us to worry less about the risks of nonce collisions. This is
important, because in contrast with the data channel in TLS mode, we
will not be able to rotate tls-crypt keys often or fully guarantee nonce
uniqueness. For non misuse-resistant modes such as GCM [1], [2], the
data channel in TLS mode only has to ensure that the packet counter
never rolls over, while tls-crypt would have to provide nonce uniqueness
over all control channel packets sent by all clients, for the lifetime
of the tls-crypt key.
Unlike with tls-auth, no --key-direction has to be specified for
tls-crypt. TLS servers always use key direction 1, and TLS clients
always use key direction 2, which means that client->server traffic and
server->client traffic always use different keys, without requiring
configuration.
Using fixed, secure, encryption and authentication algorithms makes both
implementation and configuration easier. If we ever want to, we can
extend this to support other crypto primitives. Since tls-crypt should
provide privacy as well as DoS protection, these should not be made
negotiable.
Security considerations:
------------------------
tls-crypt is a best-effort mechanism that aims to provide as much
privacy and security as possible, while staying as simple as possible.
The following are some security considerations for this scheme.
1. The same tls-crypt key is potentially shared by a lot of peers, so it
is quite likely to get compromised. Once an attacker acquires the
tls-crypt key, this mechanism no longer provides any security against
the attacker.
2. Since many peers potentially use the tls-crypt key for a long time, a
lot of data might be encrypted under the tls-crypt key. This leads
to two potential problems:
* The "opcode || session id || packet id" combination might collide.
This might happen in larger setups, because the session id contains
just 64 bits or random. Using the uniqueness requirement from the
GCM spec [3] (a collision probability of less than 2^(-32)),
uniqueness is achieved when using the tls-crypt key for at most
2^16 (65536) connections per process start. (The packet id
includes the daemon start time in the packet ID, which should be
different after stopping and (re)starting OpenPVN.)
And if a collision happens, an attacker can *only* learn whether
colliding packets contain the same plaintext. Attackers will not
be able to learn anything else about the plaintext (unless the
attacker knows the plaintext of one of these packets, of course).
Since the impact is limited, I consider this an acceptable
remaining risk.
* The IVs used in encryption might collide. When two IVs collide, an
attacker can learn the xor of the two plaintexts by xorring the
ciphertexts. This is a serious loss of confidentiality. The IVs
are 128-bit, so when HMAC-SHA256 is a secure PRF (an assumption
that must also hold for TLS), and we use the same uniqueness
requirement from [3], this limits the total amount of control
channel messages for all peers in the setup to 2^48. Assuming a
large setup of 2^16 (65536) clients, and a (conservative) number of
2^16 control channel packets per connection on average, this means
that clients may set up 2^16 connections on average. I think these
numbers are reasonable.
(I have a follow-up proposal to use client-specific tls-auth/tls-crypt
keys to partially mitigate these issues, but let's tackle this patch
first.)
References:
-----------
[0] Rogaway & Shrimpton, A Provable-Security Treatment of the Key-Wrap
Problem, 2006
(https://www.iacr.org/archive/eurocrypt2006/40040377/40040377.pdf)
[1] Ferguson, Authentication weaknesses in GCM, 2005
[3] Dworking, Recommendation for Block Cipher Modes of Operation:
Galois/Counter Mode (GCM) and GMAC, 2007
(http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf)
Patch history:
--------------
v2 - processed Arne's review comments:
* Error out early with a clear error message when AES-256-CTR or
HMAC-SHA-256 are not supported by the crypto library.
* Clarify that cipher_ctx_reset() sets the IV.
v3 - actually add error messages promised in v2...
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1479216586-20078-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13069.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
David Sommerseth [Mon, 14 Nov 2016 22:45:08 +0000 (23:45 +0100)]
file checks: Merge warn_if_group_others_accessible() into check_file_access()
Commit 825e2ec1f358f2e8 cleaned up the usage of
warn_if_group_others_accessible()
and moved it into options.c. At this point there is only one caller of
this
function, check_file_access().
This takes that clean-up one step further and merges everything into
check_file_access(). In addition it removes some no longer needed #ifdefs
and uses platform_stat() to allow a similar check to happen on the Windows
platform as well.
Steffan Karger [Tue, 1 Nov 2016 19:06:47 +0000 (20:06 +0100)]
Restore pre-NCP cipher options on SIGUSR1
As reported by debbie10t on the openvpn-devel list (Message-ID:
<326b8ff7-39a6-1974-c0b0-82fd2abdc7b7@gmail.com>), an NCP client will
attempt to reconnect with the previously pushed cipher, instead of the
cipher from the config file, after a sigusr1 restart. This can be a
problem when the server is reconfigured (as debbie10t explainted), or when
roaming to a differently-configured server. Fix this by restoring the
cipher options from the config file after a sigusr1 restart.
This makes the cipher options behaviour different from other pushable
options, because those are also cached until a sighup restart. We might
want to change this behaviour in general, but for now let's just fix the
issue at hand.
v2: also cache and restore keysize, as that parameter is relevant too.
v3: inherit cached cipher options from parent context.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478027207-28651-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12869.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger [Tue, 8 Nov 2016 20:07:43 +0000 (21:07 +0100)]
Fix missing return value checks in multi_process_float()
Fix the missing return value checks on hash_remove() and hash_add() by
replacing the calls with an single hash_add() call with the replace
parameters set to true so that is can't fail. Then just ASSERT() that
this is indeed the case.
This also replaces the other add/remove combinations with a single
add-replace, because that should be slightly faster (and this is in the
'hot path').
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1478635663-5837-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12968.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger [Tue, 8 Nov 2016 21:28:27 +0000 (22:28 +0100)]
Remove unneeded check for extra_certs_file_inline
As with all the file/file_inline variable, the _inline variable is only
relevant if the file variable is equal to INLINE_FILE_TAG. The
tls_ctx_load_extra_certs() function nicely follows this mantra.
Removing this unneeded check silences a coverity 'dereference after null
check' warning (tls_ctx_load_extra_certs() always dereferences
options->extra_cert_file, and the check implies it might be null). In
reality, this cannot occur, because if options->extra_cert_file_inline is
non-null, so is options->extra_cert_file. Still, coverity is correct this
this check is a bit weird, so let's fix it and make coverity happy.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1478640507-14415-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12978.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger [Fri, 28 Oct 2016 15:54:47 +0000 (17:54 +0200)]
Refactor CRL handling
This patch refactors the CRL handling to rely more on the implementation
of the crypto library. It will insert the CRL at the correct time to keep
it up to date, but all additional verification logic is removed from
ssl_verify_<backend>.c. "Less code of our own, less bugs of our own."
In practice, this means extra checks will be performed on the CRL, such as
checking it validBefore and validAfter fields.
This patch was originally written by Ivo Manca, and then molded by Steffan
before sending to the list. All bugs are Steffan's fault.
Thanks also go to Antonio Quartulli for useful feedback. He'll send
follow-up patches to improve CRL handling performance.
Signed-off-by: Ivo Manca <ivo.manca@fox-it.com> Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1477670087-30063-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12809.html Signed-off-by: David Sommerseth <davids@openvpn.net>
David Sommerseth [Mon, 14 Nov 2016 11:20:08 +0000 (12:20 +0100)]
systemd: Improve the systemd unit files
There are several changes which allows systemd to take care of several
aspects of hardening the execution of OpenVPN.
- Let systemd take care of the process tracking directly, instead
of doing that via PID files
- Make systemd prepare proper runtime directories for the OpenVPN
process.
- Let systemd do the chdir() before starting OpenVPN. This allows
us to avoid using the --cd option when executing openvpn.
- CAP_DAC_OVERRIDE was needed when using --chroot. Otherwise
the root user would not be allowed to access files/directories
not owned by root. This will change in the future, when we
find better ways to avoid calling chroot() in OpenVPN and
rather let systemd prepare a more isolated namespace.
- Client configurations are now started with --nobind and
the OpenVPN client process have lost the CAP_NET_BIND_SERVICE
capability which allows binding to port < 1024.
- Documentation URL now points at the OpenVPN 2.4 man page URL
The majority of these changes have been proposed by Elias Probst
(eliasp) in the GitHub PR #22.
v3 - Add ExecPreStart= to check if OpenVPN configuration contains
'daemon'. That can break the process tracking as we now use
Type=simple (default)
v2 - Change RuntimeDirectory= to a profile specific (client, server)
directory to avoid clashing with older distro unit files
Commit note: As this is not a critical security change, we apply this
without any formal ACKs. It has been thoroghly tested by
several users. See mailing list for details.
Contribution-by: Elias Probst <mail@eliasprobst.eu> Signed-off-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1479122408-6867-1-git-send-email-davids@openvpn.net>
URL: http://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13039.html
Gert Doering [Sun, 13 Nov 2016 19:52:28 +0000 (20:52 +0100)]
Replace WIN32 by _WIN32
With c99, "WIN32" is no longer automatically defined when (cross-)building
for Windows, and proper compilation relies on including <windefs.h>,
before checking the macro. "_WIN32" is the official define that is
guaranteed to be defined by the compiler itself, no includes are needed.
So, mechanically change all occurrances of "WIN32" to "_WIN32".
While at it, get rid of unused WIN32_0_1 #define in syshead.h
See also:
http://nadeausoftware.com/articles/2012/01/c_c_tip_how_use_compiler_predefi
ned_macros_detect_operating_system#WindowsCygwinnonPOSIXandMinGW
Trac #746
v2: rebased to master, merge the console[_builtin].c changes
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20161113195228.74090-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13035.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Mon, 14 Nov 2016 20:06:07 +0000 (21:06 +0100)]
Deprecate key-method 1
Key method 2 has been the default since OpenVPN 2.0, and is both more
functional and secure. Also, key method 1 was only ever supported for
peer-to-peer connections (i.e. not for client-server).
Let's get rid of some legacy and phase out key method 1.
v2: add Changes.rst entry, and update man page
[ DS: Slightly modified patch, rewored the warning message and the
Changes.rst note to encourage not to set --key-method at all ]
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1479153967-6788-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13054.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger [Sun, 13 Nov 2016 14:02:31 +0000 (15:02 +0100)]
Move private file access checks to options_postprocess_filechecks()
This removes the dependency of crypto.c on misc.c, which makes testing
(stuff that needs) crypto.c functionality easier.
Apart from that, testing file access really belongs in
options_postprocess_filechecks(), and moving it there enables us to
perform the same check for other private files too.
v2: change indenting, remove remaining warn_if_group_others_accessible()
calls and move function to options.c.
[ DS: This patch is a slightly modified version of the one sent to the
mailing list. It removes all references to --tls-crypt, so it
can be applied eariler to the tree as it contains a good clean-up
as well ]
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <1479045751-22297-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13019.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Steffan Karger [Mon, 14 Nov 2016 19:43:23 +0000 (20:43 +0100)]
Make argv unit tests obey {MBEDTLS, OPENSSL}_{LIBS, CFLAGS}
Fixes builds that use MBEDTLS_CFLAGS and friends to tell the build where
the header files and libraries are. Also alphabetically orders some of
the listed files in relates Makefile.am files.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479152603-5103-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13050.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Heiko Hund [Fri, 28 Oct 2016 16:42:37 +0000 (18:42 +0200)]
put argv_* functions into own file, add unit tests
misc.c is too crowded with different things to perform any
sane unit testing due to its dependencies. So, in order to re-write
the #ifdef'ed tests for the argv_* family of functions into unit
tests I moved them into a dedicated file.
Signed-off-by: Heiko Hund <heiko.hund@sophos.com> Acked-by: David Sommerseth <davids@redhat.com>
Message-Id: <1477672963-5724-2-git-send-email-heiko.hund@sophos.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12811.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 8 Nov 2016 20:18:20 +0000 (21:18 +0100)]
Add missing includes in error.h
error.h depends on these, but is apparently never used by files that do
not include them. When implementing the --tls-crypt unit tests, I ran
into this.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: David Sommerseth <davids@redhat.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1478636302-9678-4-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12972.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Tue, 8 Nov 2016 20:18:18 +0000 (21:18 +0100)]
Refactor static/tls-auth key loading
Remove duplicate code, in preparation for adding --tls-crypt, which
otherwise would have to duplicate this code again.
This should be equivalent to the old code, except for two things:
* The log lines for static key initialization change slightly, from
"Static Encrypt/Decrypt" to "Incoming/Outgoing Static Key Encryption"
* We also 'check and fix highly unlikely key problems' for tls-auth
keys (boils down to a sanity-check for an all-zero key).
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com> Acked-by: Arne Schwabe <arne@rfc2549.org>
Message-Id: <1478636302-9678-2-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12969.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Sun, 13 Nov 2016 19:36:45 +0000 (20:36 +0100)]
Fix compilation on MinGW with -std=c99
commit 9223336a88bc moved the CFLAGS="-std=c99" bit in configure.ac
before the "socklen_t" test, which relies on #ifdef WIN32 to decide
whether to include <ws2tcpip.h> or <sys/socket.h> - which is no longer
defined then, and things explode in interesting ways.
Change to _WIN32, which is the "always defined on all compilers" define
for this.
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <20161113193645.73523-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13032.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 13 Nov 2016 18:03:23 +0000 (19:03 +0100)]
Fix builds on compilers without anonymous union support
The "Don't dereference type-punned pointers" patch introduced an anonymous
union, which older compilers do not support (or refuse to support when
-std=c99 is defined). Add a configure check, and some wrapper defines to
repair builds on those compilers.
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479060203-4472-1-git-send-email-steffan@karger.me>
URL: http://www.mail-archive.com/search?l=mid&q=1479060203-4472-1-git-send-email-steffan@karger.me Signed-off-by: Gert Doering <gert@greenie.muc.de>
Currently each instance of openvpn adds WFP filters into an independent
sublayer. As a block in one sublayer can over-ride a permit in another,
this causes all DNS traffic to block when --block-outside-dns is used
in multiple tunnels.
Fix using a common sublayer for adding firewall rules (filters) from all
instances of openvpn and interactive service.
- The sublayer is added in a persistent session so that it could be
accessed from multiple sessions.
- The sublayer is identified by a fixed UUID defined in block_dns.c
shared between openvpn.exe and openvpnserv.exe.
- Permit filters for tun/tap interfaces are added with higher priority
than filters that block all DNS traffic. This is not strictly
necessary as WFP assigns higher priority to specific filters over generic
ones, but it may be safer not to rely on that feature.
- All filters are added in dynamic sessions as before. They get
automatically removed when the process exits. The sublayer will,
however, persist until reboot.
Resolves Trac 718
Tested on Windows 7, 10 with/without interactive service
Signed-off-by: Selva Nair <selva.nair@gmail.com> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1474085439-28766-1-git-send-email-selva.nair@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12465.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Steffan Karger [Sun, 13 Nov 2016 13:17:27 +0000 (14:17 +0100)]
Don't deference type-punned pointers
Dereferencing type-punned pointers is undefined behaviour according to the
C standard. We should either obey the standard, or ensure that all
supported compilers deal with dereferencing type-punned pointers as we
want them to. I think just obeying the standard is the easiest solution.
See e.g. http://blog.regehr.org/archives/959.
This commit refactors the offending code to use unions or memcpy() to
comply to strict aliasing rules.
Note that this also slightly changes mroute_addr_mask_host_bits(), to
behave as it was probably intended to: only mask the address part, not
also the port part of IPv6 adresses if MR_WITH_PORT is used (ie ma->len
is sizeof(struct in6_addr)+2).
v2: fix all strict aliasing occurrences, not just those in mroute.h
v3: add missing ntohs() in mroute_addr_print_ex()
Signed-off-by: Steffan Karger <steffan@karger.me> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1479043047-25883-1-git-send-email-steffan@karger.me>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13017.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
David Sommerseth [Fri, 11 Nov 2016 13:30:07 +0000 (14:30 +0100)]
console: Fix compiler warning
Building with -O2, the compiler warned about query_user_SINGLE() being
declared and not used in console.c. This function, defined in console.h,
should have been declared as 'static inline'. This also removes that
warning.
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478871007-25998-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg13005.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Wed, 9 Nov 2016 20:19:32 +0000 (21:19 +0100)]
Repair topology subnet on OpenBSD
Turns out that "topology subnet" never worked totally right on
OpenBSD - the "netmask" parameter to ifconfig is ignored, and one
needs to add a subnet route (and this issue is hidden if an
encompassing route is pushed, like, by using --redirect-gateway).
While add it, apply the hack used for FreeBSD where "an arbitrary
address from the subnet" is used to set the "remote" end of the
tunnel, and point the route to that - so if OpenBSD decides to
change their kernel routing structure the same way, our code still
works (copying from commit 433b3813d8c38b4, trac #425 and commit 60fd44e501f2002, trac #481).
Tested on OpenBSD 6.0 and 4.9
Trac: #710 Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: David Sommerseth <davids@openvpn.net>
Message-Id: <20161109201932.80991-1-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12983.html Signed-off-by: David Sommerseth <davids@openvpn.net>
Gert Doering [Tue, 8 Nov 2016 12:45:06 +0000 (13:45 +0100)]
Repair topology subnet on FreeBSD 11
We used to add "route for this subnet" by using our own address as
the gateway address, which used to mean "connected to the interface,
no gateway". FreeBSD commit 293159 changed the kernel side of that
assumption so "my address" is now always bound to "lo0" - thus, our
subnet route also ended up pointing to "lo0", breaking connectivity
for all hosts in the subnet except the one we used as "remote".
commit 60fd44e501f200 already introduced a "remote address" we use
for the "ifconfig tunX <us> <remote>" part - extend that to be used
as gateway address for the "tunX subnet" as well, and things will
work more robustly.
Tested on FreeBSD 11.0-RELEASE and 7.4-RELEASE (client and server)
(this particular issue is not present before 11.0, but "adding the
subnet route" never worked right, not even in 7.4 - 11.0 just made
the problem manifest more clearly)
Samuli Seppänen [Wed, 9 Nov 2016 12:42:05 +0000 (14:42 +0200)]
Fix a logic problem in handling of --up scripts in t_client.sh
Previously the $up variable was never reset after being set. This mean that
"--up update_t_client_ips.sh" was appended to all subsequent openvpn
command-lines, even if cached IPs existed.
Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478695325-18038-1-git-send-email-samuli@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12979.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Samuli Seppänen [Tue, 8 Nov 2016 14:06:03 +0000 (16:06 +0200)]
Prevent generation of duplicate EXPECT_IFCONFIG entries
Previously, if t_client.rc did not source t_client_ips.rc,
update_t_client_ips.sh would add (the same) EXPECT_IFCONFIG entries to
t_client_ips.rc on every run. This patch makes update_t_client_ips.sh
check if
the entry exists before trying to add it.
v2: prevent partial matches of the EXCEPT_IFCONFIG variable name
Signed-off-by: Samuli Seppänen <samuli@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478613963-28077-1-git-send-email-samuli@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12965.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Tue, 8 Nov 2016 09:44:02 +0000 (10:44 +0100)]
Fix potential division by zero in shaper_reset()
shaper_reset() is only ever called with "bytes_per_second" set to
a non-zero value - so the whole check "is it zero? if not, use
constrain_int() to make sure it is within bounds" is not needed ->
reduce check to just constrain_int() so even if somebody would
call shaper_reset(..., 0) it would not lead to a div-by-zero.
Found by Coverity.
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1478598242-23514-1-git-send-email-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12942.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Tue, 8 Nov 2016 08:39:23 +0000 (09:39 +0100)]
check c->c2.link_socket before calling do_init_route_ipv6_list()
There was an asymmetry in checks before calling do_init_route*_list(),
checking c2.link_socket for IPv4 but not for IPv6 - mainly an oversight
from the time when do_init_route_ipv6_list() did not yet look at the
remote address to determine v6-over-v6 overlaps (2.3 code).
c2.link_socket should never be NULL here, so remove the "silently not
call stuff" condition and replace with ASSERT(c2.link_socket) so we
will notice if the assumption is ever wrong.
Tested in client UDP/TCP mode and server UDP/TCP/P2P and --inetd mode.
Found by Coverity.
While at it, remove "fatal" argument to do_init_route*_list(), which
was "false" in all cases (single invocation each), and remove the
error exit code related to it.
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1478594363-12752-1-git-send-email-gert@greenie.muc.de>
URL: http://www.mail-archive.com/search?l=mid&q=1478594363-12752-1-git-send-email-gert@greenie.muc.de Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Mon, 7 Nov 2016 21:44:02 +0000 (22:44 +0100)]
clean up *sig_info handling in link_socket_init_phase2()
The code was a mix of "assume that it is not NULL" and "check that
it is not NULL before using" - it cannot be NULL (due to the single
call graph, referencing c->sig with the global context), but for
good measure, add an ASSERT() upon function entry and get rid of
all the individual checks.
Found by Coverity.
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1478555042-31299-1-git-send-email-gert@greenie.muc.de>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12931.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
Gert Doering [Mon, 7 Nov 2016 10:50:52 +0000 (11:50 +0100)]
openvpn version line: remove [IPv6], add [AEAD] if available
Printing [IPv6] is no longer relevant information, as IPv6 support
is always build in. So, "2.4 = has IPv6, always".
[AEAD] is relevant information, as the underlying SSL library might
be too old to have support for it (OpenSSL 0.9.x) and this eases
figuring out why NCP is not upgrading a connection to AES-256-GCM.
Trac #762
Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Steffan Karger <steffan.karger@fox-it.com>
Message-Id: <1478515852-17381-1-git-send-email-gert@greenie.muc.de>
URL: http://www.mail-archive.com/search?l=mid&q=1478515852-17381-1-git-send-email-gert@greenie.muc.de Signed-off-by: Gert Doering <gert@greenie.muc.de>
Lev Stipakov [Thu, 3 Nov 2016 21:28:23 +0000 (23:28 +0200)]
Drop recursively routed packets
v4:
- Account for IP header offset in TAP mode
- Correct handle of non-IP protocols in TAP mode
v3: Use better way of figuring out IP proto version which
does not break TAP mode. Add an option to allow recursive
routing, could be useful when packets sent by openvpn itself
are not subject to the routing tables that would move packets
into the tunnel.
v2: better method naming
On certain OSes (Windows, OS X) when network adapter is
disabled (ethernet cable pulled off, Wi-Fi hardware switch disabled),
operating system starts to use tun as an external interface.
Outgoing packets are routed to tun, UDP encapsulated, given to
routing table and sent to.. tun.
As a consequence, system starts talking to itself on full power,
traffic counters skyrocket and user is not happy.
To prevent that, drop packets which have gateway IP as
destination address.
Tested on Win7/10, OS X, Linux.
Trac #642
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1478208503-25929-1-git-send-email-lstipakov@gmail.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12894.html
David Sommerseth [Mon, 31 Oct 2016 23:07:09 +0000 (00:07 +0100)]
Fix builds with --disable-crypto
When building with --disable-crypto the P2MP_SERVER is not defined,
thus breaking one place where the struct options auth_token_generate
was provided with a default value.
Also remove a lot of compiler warnings from ssl_backend.h due to
various undefined structs when doing the same build type.
Signed-off-by: David Sommerseth <davids@openvpn.net> Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1477955229-20164-1-git-send-email-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12857.html Signed-off-by: Gert Doering <gert@greenie.muc.de>
David Sommerseth [Fri, 28 Oct 2016 19:48:44 +0000 (21:48 +0200)]
auth-gen-token: Authenticate generated auth-tokens when client re-authenticates
On a server with --auth-gen-token enabled, the server will have created
a random token and pushed it to the client. When the client needs to
renegotiate the connection or otherwise reconnect, it will at this point
use the auth-token as password.
Here we check if we have a token generated and that it has been pushed
to the client, if so, then we check if the token matches the locally
stored token. If everything matches, we're done and the connection
is still authenticated.
If the auth-token authentication fails, we delete our local copy of
the token and changes the connection to not being authenticated. From
this moment of, the client needs to do a full reconnect providing
the users password again.
This token authentication also considers the token lifetime, if that
have been set via --auth-gen-token. If the token have expired, the
client is rejected and needs to do a full reconnect with a new
authentication using the users password.
v2 - Rename auth_generate_token to auth_token_generate
- Wrap lines exceeding 80 chars
- Improved several comments (rephrasing, grammar)
David Sommerseth [Fri, 28 Oct 2016 19:48:42 +0000 (21:48 +0200)]
auth-gen-token: Generate an auth-token per client
When --auth-gen-token is used a random token key is generated for
each client after a successful user/password authentication. This
token is expected to be returned in the password field on the
following authentications.
The token is 256 bits long and BASE64 encoded before it is stored.
projects / thirdparty / openvpn.git / log
