From patchwork Mon Mar 30 20:14:37 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Tom van Leeuwen X-Patchwork-Id: 1062 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id AOyRBKH0gl7BeAAAIUCqbw for ; Tue, 31 Mar 2020 03:43:29 -0400 Received: from proxy18.mail.ord1d.rsapps.net ([172.30.191.6]) by director9.mail.ord1d.rsapps.net with LMTP id MOV8BKH0gl7YOgAAalYnBA ; Tue, 31 Mar 2020 03:43:29 -0400 Received: from smtp26.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy18.mail.ord1d.rsapps.net with LMTP id iJ45BKH0gl4eTAAATCaURg ; Tue, 31 Mar 2020 03:43:29 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp26.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=technolution.nl; dmarc=none (p=nil; dis=none) header.from=technolution.nl X-Suspicious-Flag: YES X-Classification-ID: 4f591024-7323-11ea-b8e4-525400c5b129-1-1 Received: from [216.105.38.7] ([216.105.38.7:57968] helo=lists.sourceforge.net) by smtp26.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B9/E0-25958-0A4F28E5; Tue, 31 Mar 2020 03:43:28 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jJBXc-00067d-O2; Tue, 31 Mar 2020 07:42:32 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jJBXb-00067M-GG for openvpn-devel@lists.sourceforge.net; Tue, 31 Mar 2020 07:42:31 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=m5gpKRbzXs9RclI5sRngMp/nPdSg/QmEa42lFF2P6x4=; b=CrEUc2xSWpEFRKoa+ry4zgIqtK GNkrTGnfdQ+lrFt4r2TKS89AIgSbT6JbZxcy1l+lQIbLGHNYSJY/t/lqYh5A1ZHPeWnuExoNHbxZM yOilBzotJvP3vvrcIO38LG8Uxl0b2Bo2J2oMSaCaAdjrodBjreMpYywNO5AUc219dUTE=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=m5gpKRbzXs9RclI5sRngMp/nPdSg/QmEa42lFF2P6x4=; b=mMVguXaeATNz76vnawAzh8UtZn D+HKBp9AIBhEX1FGtDhyKx48QAwZbuaAyufdtAgdtfMGQ5jPuzMexbykDRP6B12YzMKEUH7ukUmJp NLqxfI4QcgaoOymvx5k2fukjE90A3FGvm2fkvUO5Tib9WUGyrxht80OE54m3q5J3/G60=; Received: from mail-ed1-f97.google.com ([209.85.208.97]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.92.2) id 1jJBXV-002bta-BB for openvpn-devel@lists.sourceforge.net; Tue, 31 Mar 2020 07:42:31 +0000 Received: by mail-ed1-f97.google.com with SMTP id u59so23894307edc.12 for ; Tue, 31 Mar 2020 00:42:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=technolution.nl; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=m5gpKRbzXs9RclI5sRngMp/nPdSg/QmEa42lFF2P6x4=; b=GlN+ie9+aQ3TArMGU2hpyX5gSwoB0deuDo7aAUu93ng2Huwl0oa3mJjviEjNaXuLeR kFeeWuHR1dYh7bJ4HAXta2d/Lw9SphOIxwHFkvvMV66dw2+CXt0i06Mts+XEi3Uiqdee kRq2Vmo5r074n9a+Wt+kUS/DgxKBYp2pA86jk= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=m5gpKRbzXs9RclI5sRngMp/nPdSg/QmEa42lFF2P6x4=; b=ejOvCNxC5GL/Snv9zOIGREosDYoXx9eMgZMmqMGjw8anaLCrYFK3uBHewd8An/o3ae 6URy1IaUsq8t21Zgh8HxGwIXVt+w060X5q7E1sY95DhhmHMse/FtSirNWmgM9PczYA/N KkHn6EqgLUWrPltdcWeBvzbbDMCAo8+vmrZoQWX/zflHrM9uxcRyfBc0tb7NVQSAjdgX j6x5riA+McvJSAkWfwlAVFVKQtnQe+sL7j4BcpSxOslRvJjXpb5sZQ2/KZ8MvNNutnK9 /oNF13Tr7hnBvGxi+yafjnuuABDYpXFwCS/ptiyKFCt+PcX3zbR1fU9kTaM8XA4g4+3t LGAw== X-Gm-Message-State: AGi0PuZEg9Tg+Ti/aVClbDxR+ghiOJOe1M2Fc/N/I2Nes0kFUUC8rtM3 83ebRrhTINbu34ooHUl/g+Sbs3RX79UxmbMvTeFkU6DE049VbQ== X-Google-Smtp-Source: ADFU+vscBd5R4dEEeQRsts67OdPQExN02oWiowlccFJrpHJCLcY6Q/PXl+rnyRo5UCKDoY8Oiyxy7NkMMQOf X-Received: by 2002:a5d:6a4e:: with SMTP id t14mr13644661wrw.101.1585638929156; Tue, 31 Mar 2020 00:15:29 -0700 (PDT) Received: from techmail.intranet.technolution.nl ([90.145.31.218]) by smtp-relay.gmail.com with ESMTP id n13sm250432wro.3.2020.03.31.00.15.29; Tue, 31 Mar 2020 00:15:29 -0700 (PDT) X-Relaying-Domain: technolution.nl Received: from spike.intranet.technolution.nl (spike.intranet.technolution.nl [172.16.1.40]) by techmail.intranet.technolution.nl (Postfix) with ESMTP id F1A8A2099800; Tue, 31 Mar 2020 09:15:28 +0200 (CEST) Received: by spike.intranet.technolution.nl (Postfix, from userid 750005778) id E7950A2C45; Tue, 31 Mar 2020 09:15:28 +0200 (CEST) From: Tom van Leeuwen To: openvpn-devel@lists.sourceforge.net Date: Tue, 31 Mar 2020 09:14:37 +0200 Message-Id: <20200331071437.12708-1-tom.van.leeuwen@technolution.nl> X-Mailer: git-send-email 2.21.0 In-Reply-To: <660664bc-d745-0786-6857-a08b722af6ba@unstable.cc> References: <660664bc-d745-0786-6857-a08b722af6ba@unstable.cc> MIME-Version: 1.0 X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.208.97 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.208.97 listed in wl.mailspike.net] 0.4 NO_DNS_FOR_FROM DNS: Envelope sender has no MX or A DNS records 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid X-Headers-End: 1jJBXV-002bta-BB Subject: [Openvpn-devel] [PATCH] mbedTLS: Make sure TLS session survives move X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Tom van Leeuwen Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox From: Tom van Leeuwen When a client disconnects from a server compiled with mbedTLS, the server cannot process the PUSH_REQUEST from a new connection with the same client IP and port number. This is the case when the client binds to a static port. This behavior is initiated by move_session(), which copies the content of the tls_session to a new session and re-initializes the old session once the new session is authenticated. This tls_session contains, among other things, an mbedtls_ssl_config and bio_ctx structure. However, the mbedtls context has internal pointers to the mbedtls_ssl_config and bio_ctx. When the session is moved, these internal pointers point to the reinitialized session and as a result all received packets that are stored in the bio_ctx of the moved session can never be read by the mbedtls session. The PUSH_REQUEST is therefore never seen by the server. Since there is no public method to update these internal pointers, this patch dynamically allocates the mbedtls_ssl_config and bio_ctx and stores the pointers to those structures in the tls_session instead. Trac #880 Signed-off-by: Tom van Leeuwen Acked-By: Arne Schwabe diff --git a/src/openvpn/ssl_mbedtls.c b/src/openvpn/ssl_mbedtls.c index 0f0b035b..4f194ad7 100644 --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c @@ -1036,21 +1036,22 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, CLEAR(*ks_ssl); /* Initialise SSL config */ - mbedtls_ssl_config_init(&ks_ssl->ssl_config); - mbedtls_ssl_config_defaults(&ks_ssl->ssl_config, ssl_ctx->endpoint, + ALLOC_OBJ_CLEAR(ks_ssl->ssl_config, mbedtls_ssl_config); + mbedtls_ssl_config_init(ks_ssl->ssl_config); + mbedtls_ssl_config_defaults(ks_ssl->ssl_config, ssl_ctx->endpoint, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); #ifdef MBEDTLS_DEBUG_C mbedtls_debug_set_threshold(3); #endif - mbedtls_ssl_conf_dbg(&ks_ssl->ssl_config, my_debug, NULL); - mbedtls_ssl_conf_rng(&ks_ssl->ssl_config, mbedtls_ctr_drbg_random, + mbedtls_ssl_conf_dbg(ks_ssl->ssl_config, my_debug, NULL); + mbedtls_ssl_conf_rng(ks_ssl->ssl_config, mbedtls_ctr_drbg_random, rand_ctx_get()); - mbedtls_ssl_conf_cert_profile(&ks_ssl->ssl_config, &ssl_ctx->cert_profile); + mbedtls_ssl_conf_cert_profile(ks_ssl->ssl_config, &ssl_ctx->cert_profile); if (ssl_ctx->allowed_ciphers) { - mbedtls_ssl_conf_ciphersuites(&ks_ssl->ssl_config, ssl_ctx->allowed_ciphers); + mbedtls_ssl_conf_ciphersuites(ks_ssl->ssl_config, ssl_ctx->allowed_ciphers); } /* Disable record splitting (for now). OpenVPN assumes records are sent @@ -1058,35 +1059,35 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, * testing. Since OpenVPN is not susceptible to BEAST, we can just * disable record splitting as a quick fix. */ #if defined(MBEDTLS_SSL_CBC_RECORD_SPLITTING) - mbedtls_ssl_conf_cbc_record_splitting(&ks_ssl->ssl_config, + mbedtls_ssl_conf_cbc_record_splitting(ks_ssl->ssl_config, MBEDTLS_SSL_CBC_RECORD_SPLITTING_DISABLED); #endif /* MBEDTLS_SSL_CBC_RECORD_SPLITTING */ /* Initialise authentication information */ if (is_server) { - mbed_ok(mbedtls_ssl_conf_dh_param_ctx(&ks_ssl->ssl_config, + mbed_ok(mbedtls_ssl_conf_dh_param_ctx(ks_ssl->ssl_config, ssl_ctx->dhm_ctx)); } - mbed_ok(mbedtls_ssl_conf_own_cert(&ks_ssl->ssl_config, ssl_ctx->crt_chain, + mbed_ok(mbedtls_ssl_conf_own_cert(ks_ssl->ssl_config, ssl_ctx->crt_chain, ssl_ctx->priv_key)); /* Initialise SSL verification */ #if P2MP_SERVER if (session->opt->ssl_flags & SSLF_CLIENT_CERT_OPTIONAL) { - mbedtls_ssl_conf_authmode(&ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_OPTIONAL); + mbedtls_ssl_conf_authmode(ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_OPTIONAL); } else if (!(session->opt->ssl_flags & SSLF_CLIENT_CERT_NOT_REQUIRED)) #endif { - mbedtls_ssl_conf_authmode(&ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_REQUIRED); + mbedtls_ssl_conf_authmode(ks_ssl->ssl_config, MBEDTLS_SSL_VERIFY_REQUIRED); } - mbedtls_ssl_conf_verify(&ks_ssl->ssl_config, verify_callback, session); + mbedtls_ssl_conf_verify(ks_ssl->ssl_config, verify_callback, session); /* TODO: mbed TLS does not currently support sending the CA chain to the client */ - mbedtls_ssl_conf_ca_chain(&ks_ssl->ssl_config, ssl_ctx->ca_chain, ssl_ctx->crl); + mbedtls_ssl_conf_ca_chain(ks_ssl->ssl_config, ssl_ctx->ca_chain, ssl_ctx->crl); /* Initialize minimum TLS version */ { @@ -1103,7 +1104,7 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, tls_version_to_major_minor(tls_version_min, &major, &minor); } - mbedtls_ssl_conf_min_version(&ks_ssl->ssl_config, major, minor); + mbedtls_ssl_conf_min_version(ks_ssl->ssl_config, major, minor); } /* Initialize maximum TLS version */ @@ -1116,7 +1117,7 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, { int major, minor; tls_version_to_major_minor(tls_version_max, &major, &minor); - mbedtls_ssl_conf_max_version(&ks_ssl->ssl_config, major, minor); + mbedtls_ssl_conf_max_version(ks_ssl->ssl_config, major, minor); } } @@ -1124,7 +1125,7 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialize keying material exporter */ if (session->opt->ekm_size) { - mbedtls_ssl_conf_export_keys_ext_cb(&ks_ssl->ssl_config, + mbedtls_ssl_conf_export_keys_ext_cb(ks_ssl->ssl_config, mbedtls_ssl_export_keys_cb, session); } #endif @@ -1132,11 +1133,11 @@ key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialise SSL context */ ALLOC_OBJ_CLEAR(ks_ssl->ctx, mbedtls_ssl_context); mbedtls_ssl_init(ks_ssl->ctx); - mbedtls_ssl_setup(ks_ssl->ctx, &ks_ssl->ssl_config); + mbedtls_ssl_setup(ks_ssl->ctx, ks_ssl->ssl_config); /* Initialise BIOs */ - CLEAR(ks_ssl->bio_ctx); - mbedtls_ssl_set_bio(ks_ssl->ctx, &ks_ssl->bio_ctx, ssl_bio_write, + ALLOC_OBJ_CLEAR(ks_ssl->bio_ctx, bio_ctx); + mbedtls_ssl_set_bio(ks_ssl->ctx, ks_ssl->bio_ctx, ssl_bio_write, ssl_bio_read, NULL); } @@ -1152,9 +1153,17 @@ key_state_ssl_free(struct key_state_ssl *ks_ssl) mbedtls_ssl_free(ks_ssl->ctx); free(ks_ssl->ctx); } - mbedtls_ssl_config_free(&ks_ssl->ssl_config); - buf_free_entries(&ks_ssl->bio_ctx.in); - buf_free_entries(&ks_ssl->bio_ctx.out); + if (ks_ssl->ssl_config) + { + mbedtls_ssl_config_free(ks_ssl->ssl_config); + free(ks_ssl->ssl_config); + } + if (ks_ssl->bio_ctx) + { + buf_free_entries(&ks_ssl->bio_ctx->in); + buf_free_entries(&ks_ssl->bio_ctx->out); + free(ks_ssl->bio_ctx); + } CLEAR(*ks_ssl); } } @@ -1249,7 +1258,7 @@ key_state_read_ciphertext(struct key_state_ssl *ks, struct buffer *buf, len = maxlen; } - retval = endless_buf_read(&ks->bio_ctx.out, BPTR(buf), len); + retval = endless_buf_read(&ks->bio_ctx->out, BPTR(buf), len); /* Error during read, check for retry error */ if (retval < 0) @@ -1294,7 +1303,7 @@ key_state_write_ciphertext(struct key_state_ssl *ks, struct buffer *buf) return 0; } - retval = endless_buf_write(&ks->bio_ctx.in, BPTR(buf), buf->len); + retval = endless_buf_write(&ks->bio_ctx->in, BPTR(buf), buf->len); if (retval < 0) { diff --git a/src/openvpn/ssl_mbedtls.h b/src/openvpn/ssl_mbedtls.h index c1c676dc..92381f1a 100644 --- a/src/openvpn/ssl_mbedtls.h +++ b/src/openvpn/ssl_mbedtls.h @@ -109,9 +109,9 @@ struct tls_root_ctx { }; struct key_state_ssl { - mbedtls_ssl_config ssl_config; /**< mbedTLS global ssl config */ + mbedtls_ssl_config *ssl_config; /**< mbedTLS global ssl config */ mbedtls_ssl_context *ctx; /**< mbedTLS connection context */ - bio_ctx bio_ctx; + bio_ctx *bio_ctx; /** Keying material exporter cache (RFC 5705). */ uint8_t *exported_key_material;