From patchwork Fri Apr 22 04:29:36 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2393 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director15.mail.ord1d.rsapps.net ([172.30.191.6]) by backend41.mail.ord1d.rsapps.net with LMTP id YLr6Kz68YmJsRAAAqwncew (envelope-from ) for ; Fri, 22 Apr 2022 10:31:26 -0400 Received: from proxy7.mail.ord1d.rsapps.net ([172.30.191.6]) by director15.mail.ord1d.rsapps.net with LMTP id GIZCBj+8YmI0QgAAIcMcQg (envelope-from ) for ; Fri, 22 Apr 2022 10:31:27 -0400 Received: from smtp1.gate.ord1d ([172.30.191.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy7.mail.ord1d.rsapps.net with LMTPS id 6M3kBT+8YmIZLQAAMe1Fpw (envelope-from ) for ; Fri, 22 Apr 2022 10:31:27 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp1.gate.ord1d.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: e4082e78-c248-11ec-b483-5254002d775b-1-1 Received: from [216.105.38.7] ([216.105.38.7:54396] helo=lists.sourceforge.net) by smtp1.gate.ord1d.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 89/DE-09579-E3CB2626; Fri, 22 Apr 2022 10:31:26 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nhuIg-0002df-ML; Fri, 22 Apr 2022 14:30:21 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nhuIM-0002bb-13 for openvpn-devel@lists.sourceforge.net; Fri, 22 Apr 2022 14:30:01 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+Md+5SHAtgRVX59f91A3MjcYEtNut7IlwBsEJwEuxTQ=; b=MtzrVkpQ8JnKx7Up7fAw+4jnG1 S5TTkpYZS2U2A4ineizGaan3ruOV7+Gi4Gm4QI1JGwoWgH+DaBXZ7ChLiMBLoEjQwuaP1pSIMQhlK R/IPOyJX9/Zwwn9NzX0TQXulEdgAgLVcaVsyb6J3r9flJtBYBbC3VHq0YQqAJduXnyCo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=+Md+5SHAtgRVX59f91A3MjcYEtNut7IlwBsEJwEuxTQ=; b=GkpgioSwilafjyDUE0qRXi9kLg +xa0spAhIZ04MghOJq2/wMZW31h8TfW191rLmQOOxEXAqtuT08F4j84+7wOAwWqGeo8aGILoR1lKp jSrADGWNf3q0hvfkRKkOEhC0Fq6J55F7/7Yrpg2V42L1lnvIjlOIRd0DnK/5yfMjQtvc=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1nhuIJ-0005dd-Sp for openvpn-devel@lists.sourceforge.net; Fri, 22 Apr 2022 14:30:00 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1nhuID-00096M-Af for openvpn-devel@lists.sourceforge.net; Fri, 22 Apr 2022 16:29:53 +0200 Received: (nullmailer pid 3805414 invoked by uid 10006); Fri, 22 Apr 2022 14:29:53 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 22 Apr 2022 16:29:36 +0200 Message-Id: <20220422142953.3805364-2-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220422142953.3805364-1-arne@rfc2549.org> References: <20220422134038.3801239-1-arne@rfc2549.org> <20220422142953.3805364-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This allows the the wrapping to be easier reused by a function that does not have access to a full TLS session. --- src/openvpn/ssl_pkt.c | 82 ++++++++++++++++++++++++++ 1 file change [...] Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1nhuIJ-0005dd-Sp Subject: [Openvpn-devel] [PATCH 11/28] Refactor tls-auth/tls-crypt wrapping into into own function X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox This allows the the wrapping to be easier reused by a function that does not have access to a full TLS session. Acked-By: Frank Lichtenheld --- src/openvpn/ssl_pkt.c | 82 ++++++++++++++++++++++++++----------------- 1 file changed, 50 insertions(+), 32 deletions(-) diff --git a/src/openvpn/ssl_pkt.c b/src/openvpn/ssl_pkt.c index e8cc7dee9..86c1f0e29 100644 --- a/src/openvpn/ssl_pkt.c +++ b/src/openvpn/ssl_pkt.c @@ -110,51 +110,48 @@ swap_hmac(struct buffer *buf, const struct crypto_options *co, bool incoming) #undef SWAP_BUF_SIZE -void -write_control_auth(struct tls_session *session, - struct key_state *ks, - struct buffer *buf, - struct link_socket_actual **to_link_addr, - int opcode, - int max_ack, - bool prepend_ack) +/** + * Wraps a TLS control packet by adding tls-auth HMAC or tls-crypt(-v2) + * encryption and opcode header including session id. + * + * @param ctx tls wrapping context + * @param header first byte of the packet (opcode and key id) + * @param buf buffer to write the resulting packet to + * @param session_id session id to use as our session id + */ +static void +tls_wrap_control(struct tls_wrap_ctx *ctx, uint8_t header, struct buffer *buf, + struct session_id *session_id) { - uint8_t header = ks->key_id | (opcode << P_OPCODE_SHIFT); - struct buffer null = clear_buf(); - - ASSERT(link_socket_actual_defined(&ks->remote_addr)); - ASSERT(reliable_ack_write - (ks->rec_ack, buf, &ks->session_id_remote, max_ack, prepend_ack)); - - msg(D_TLS_DEBUG, "%s(): %s", __func__, packet_opcode_name(opcode)); - - if (session->tls_wrap.mode == TLS_WRAP_AUTH - || session->tls_wrap.mode == TLS_WRAP_NONE) + if (ctx->mode == TLS_WRAP_AUTH + || ctx->mode == TLS_WRAP_NONE) { - ASSERT(session_id_write_prepend(&session->session_id, buf)); + ASSERT(session_id_write_prepend(session_id, buf)); ASSERT(buf_write_prepend(buf, &header, sizeof(header))); } - if (session->tls_wrap.mode == TLS_WRAP_AUTH) + if (ctx->mode == TLS_WRAP_AUTH) { + struct buffer null = clear_buf(); + /* no encryption, only write hmac */ - openvpn_encrypt(buf, null, &session->tls_wrap.opt); - ASSERT(swap_hmac(buf, &session->tls_wrap.opt, false)); + openvpn_encrypt(buf, null, &ctx->opt); + ASSERT(swap_hmac(buf, &ctx->opt, false)); } - else if (session->tls_wrap.mode == TLS_WRAP_CRYPT) + else if (ctx->mode == TLS_WRAP_CRYPT) { - ASSERT(buf_init(&session->tls_wrap.work, buf->offset)); - ASSERT(buf_write(&session->tls_wrap.work, &header, sizeof(header))); - ASSERT(session_id_write(&session->session_id, &session->tls_wrap.work)); - if (!tls_crypt_wrap(buf, &session->tls_wrap.work, &session->tls_wrap.opt)) + ASSERT(buf_init(&ctx->work, buf->offset)); + ASSERT(buf_write(&ctx->work, &header, sizeof(header))); + ASSERT(session_id_write(session_id, &ctx->work)); + if (!tls_crypt_wrap(buf, &ctx->work, &ctx->opt)) { buf->len = 0; return; } - if (opcode == P_CONTROL_HARD_RESET_CLIENT_V3) + if ((header >> P_OPCODE_SHIFT) == P_CONTROL_HARD_RESET_CLIENT_V3) { - if (!buf_copy(&session->tls_wrap.work, - session->tls_wrap.tls_crypt_v2_wkc)) + if (!buf_copy(&ctx->work, + ctx->tls_crypt_v2_wkc)) { msg(D_TLS_ERRORS, "Could not append tls-crypt-v2 client key"); buf->len = 0; @@ -164,8 +161,29 @@ write_control_auth(struct tls_session *session, /* Don't change the original data in buf, it's used by the reliability * layer to resend on failure. */ - *buf = session->tls_wrap.work; + *buf = ctx->work; } +} + +void +write_control_auth(struct tls_session *session, + struct key_state *ks, + struct buffer *buf, + struct link_socket_actual **to_link_addr, + int opcode, + int max_ack, + bool prepend_ack) +{ + uint8_t header = ks->key_id | (opcode << P_OPCODE_SHIFT); + + ASSERT(link_socket_actual_defined(&ks->remote_addr)); + ASSERT(reliable_ack_write + (ks->rec_ack, buf, &ks->session_id_remote, max_ack, prepend_ack)); + + msg(D_TLS_DEBUG, "%s(): %s", __func__, packet_opcode_name(opcode)); + + tls_wrap_control(&session->tls_wrap, header, buf, &session->session_id); + *to_link_addr = &ks->remote_addr; }