From patchwork Fri Mar 19 10:54:48 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Max Fillinger X-Patchwork-Id: 1639 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director14.mail.ord1d.rsapps.net ([172.30.191.6]) by backend30.mail.ord1d.rsapps.net with LMTP id CIeTKPQdVWAtdAAAIUCqbw (envelope-from ) for ; Fri, 19 Mar 2021 17:56:04 -0400 Received: from proxy5.mail.ord1d.rsapps.net ([172.30.191.6]) by director14.mail.ord1d.rsapps.net with LMTP id YJlWKPQdVWDUIAAAeJ7fFg (envelope-from ) for ; Fri, 19 Mar 2021 17:56:04 -0400 Received: from smtp4.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy5.mail.ord1d.rsapps.net with LMTPS id wGe1J/QdVWCYfgAA8Zzt7w (envelope-from ) for ; Fri, 19 Mar 2021 17:56:04 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp4.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=max-fillinger.net X-Suspicious-Flag: YES X-Classification-ID: e626c6b8-88fd-11eb-b1e3-525400760ffc-1-1 Received: from [216.105.38.7] ([216.105.38.7:52278] helo=lists.sourceforge.net) by smtp4.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id B5/93-10941-3FD15506; Fri, 19 Mar 2021 17:56:04 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1lNN5R-0000V5-Ao; Fri, 19 Mar 2021 21:55:17 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lNN5P-0000Un-DV for openvpn-devel@lists.sourceforge.net; Fri, 19 Mar 2021 21:55:15 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=qlPMEB9cvb9UVu1HhvKMy7mSXbGg2TJUz3C8uNe+FVg=; b=Bh6wL9MqInbLspInCuSu1IdcHy MZXUyAt/csxobOgPJcdZ8jFsEIK5Vs9DMIBONnw9tYl1AsCXyKmWBhUl8wZDRMNVEuPD2eIrimKmY WPn5lpwuBKkau84c88LSVHmx4sTZ08efp09CKHC8A7cYQIc0IAZEiSGaGfQiR5AO+N+U=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=qlPMEB9cvb9UVu1HhvKMy7mSXbGg2TJUz3C8uNe+FVg=; b=l m6CVCj9dqqOBZcFmYo3r6uyckllrJk3jHCKD4b7+coRiPN/A7Pev4JmDCIyrEcI2AK0eMFg7fu3bv tvtBGJ0/5LNAWdsYB5e0tcxYOkEpjXmkaKmEz0/ri/VNJ9YWOypQ86s26E3FalnFXIDYRduvtWpmp WSsvNCIqNW9SkukU=; Received: from smarthost1.greenhost.nl ([195.190.28.88]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1lNN5G-003GqI-7M for openvpn-devel@lists.sourceforge.net; Fri, 19 Mar 2021 21:55:15 +0000 From: Max Fillinger To: openvpn-devel@lists.sourceforge.net Date: Fri, 19 Mar 2021 22:54:48 +0100 Message-Id: <20210319215448.38350-1-max@max-fillinger.net> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 X-Authenticated-As-Hash: 9097cd8c93a965a2d9e9459ee830b96298bf6202 X-Spam-Level: / X-Spam-Status: No, score=0.8 required=5.0 tests=BAYES_50, UNPARSEABLE_RELAY autolearn=disabled version=3.4.2 X-Scan-Signature: d9b0ae15ee993d77aea4f0208a5c5b8c X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [195.190.28.88 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H4 RBL: Very Good reputation (+4) [195.190.28.88 listed in wl.mailspike.net] -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Headers-End: 1lNN5G-003GqI-7M Subject: [Openvpn-devel] [PATCH] Wipe Socks5 credentials after use X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Plaintext authentication is not exactly high security, but we might as well memzero the credentials before leaving the function. Acked-by: Gert Doering --- src/openvpn/socks.c | 23 ++++++++++++++--------- 1 file changed, 14 insertions(+), 9 deletions(-) diff --git a/src/openvpn/socks.c b/src/openvpn/socks.c index 36df7470..add7a6d4 100644 --- a/src/openvpn/socks.c +++ b/src/openvpn/socks.c @@ -104,12 +104,13 @@ socks_username_password_auth(struct socks_proxy_info *p, const int timeout_sec = 5; struct user_pass creds; ssize_t size; + bool ret = false; creds.defined = 0; if (!get_user_pass(&creds, p->authfile, UP_TYPE_SOCKS, GET_USER_PASS_MANAGEMENT)) { msg(M_NONFATAL, "SOCKS failed to get username/password."); - return false; + goto cleanup; } if ( (strlen(creds.username) > 255) || (strlen(creds.password) > 255) ) @@ -117,7 +118,7 @@ socks_username_password_auth(struct socks_proxy_info *p, msg(M_NONFATAL, "SOCKS username and/or password exceeds 255 characters. " "Authentication not possible."); - return false; + goto cleanup; } openvpn_snprintf(to_send, sizeof(to_send), "\x01%c%s%c%s", (int) strlen(creds.username), creds.username, (int) strlen(creds.password), creds.password); @@ -126,7 +127,7 @@ socks_username_password_auth(struct socks_proxy_info *p, if (size != strlen(to_send)) { msg(D_LINK_ERRORS | M_ERRNO, "socks_username_password_auth: TCP port write failed on send()"); - return false; + goto cleanup; } while (len < 2) @@ -147,21 +148,21 @@ socks_username_password_auth(struct socks_proxy_info *p, get_signal(signal_received); if (*signal_received) { - return false; + goto cleanup; } /* timeout? */ if (status == 0) { msg(D_LINK_ERRORS | M_ERRNO, "socks_username_password_auth: TCP port read timeout expired"); - return false; + goto cleanup; } /* error */ if (status < 0) { msg(D_LINK_ERRORS | M_ERRNO, "socks_username_password_auth: TCP port read failed on select()"); - return false; + goto cleanup; } /* read single char */ @@ -171,7 +172,7 @@ socks_username_password_auth(struct socks_proxy_info *p, if (size != 1) { msg(D_LINK_ERRORS | M_ERRNO, "socks_username_password_auth: TCP port read failed on recv()"); - return false; + goto cleanup; } /* store char in buffer */ @@ -182,10 +183,14 @@ socks_username_password_auth(struct socks_proxy_info *p, if (buf[0] != 5 && buf[1] != 0) { msg(D_LINK_ERRORS, "socks_username_password_auth: server refused the authentication"); - return false; + goto cleanup; } - return true; + ret = true; +cleanup: + secure_memzero(&creds, sizeof(creds)); + secure_memzero(to_send, sizeof(to_send)); + return ret; } static bool