From patchwork Wed Oct 31 02:07:16 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 583 X-Patchwork-Delegate: a@unstable.cc Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director10.mail.ord1d.rsapps.net ([172.27.255.52]) by backend30.mail.ord1d.rsapps.net with LMTP id CMtUAG6p2VugUgAAIUCqbw for ; Wed, 31 Oct 2018 09:09:02 -0400 Received: from proxy17.mail.iad3a.rsapps.net ([172.27.255.52]) by director10.mail.ord1d.rsapps.net with LMTP id 6J4cOW2p2VsrCwAApN4f7A ; Wed, 31 Oct 2018 09:09:02 -0400 Received: from smtp28.gate.iad3a ([172.27.255.52]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.iad3a.rsapps.net with LMTP id WI0yM22p2VtNYwAAR4KW9A ; Wed, 31 Oct 2018 09:09:01 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp28.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=fox-it.com X-Suspicious-Flag: YES X-Classification-ID: 223a0064-dd0e-11e8-b758-52540000591c-1-1 Received: from [216.105.38.7] ([216.105.38.7:43323] helo=lists.sourceforge.net) by smtp28.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id DF/66-31924-D69A9DB5; Wed, 31 Oct 2018 09:09:01 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1gHqE1-0006Kj-So; Wed, 31 Oct 2018 13:07:57 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1gHqE0-0006KT-Tt for openvpn-devel@lists.sourceforge.net; Wed, 31 Oct 2018 13:07:56 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:MIME-Version:Message-ID:Date:Subject: CC:To:From:Sender:Reply-To:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=f7DJmTWeXDJQCE7RmpcjZx12033k047ydXriacQvYrk=; b=BJylF2K4/jFjNq3JLJKvUfrKdv 675Tfro7wJOJ+vqq54NEOHMurWa0SQSvPOPK9jjNBlB4pIi6yeBWApcGpmouBshzIIaZbcv2rBMDm aRnA4oR0fgZAAsiQhM16EZgN5Cxw9wwOnt8zrRRYaR1zZ+5y8n5QPBAD2LeHQ3SC3mjU=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:MIME-Version:Message-ID:Date:Subject:CC:To:From:Sender: Reply-To:Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=f7DJmTWeXDJQCE7RmpcjZx12033k047ydXriacQvYrk=; b=V QvW7YsfkkHu8Gg7RRd7fRlB3vSFGOAd2xY/Ctix/KZsGQYBaN8YW2c6luMbOf2FFVikAzCMipxhZe WmW+1kJr9SyQZXRHFyTv4ng9aLM0IhgtS3q79cHQ8lyqewnEmZK2xgQuEmq2ev7AWEyOw/o+bP4YX E8PZwrmQm+mJTMwg=; Received: from ns2.fox-it.com ([178.250.144.131]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLSv1:ECDHE-RSA-AES256-SHA:256) (Exim 4.90_1) id 1gHqDy-003jGj-RA for openvpn-devel@lists.sourceforge.net; Wed, 31 Oct 2018 13:07:56 +0000 Received: from FOXDFT52.FOX.local (unknown [10.0.0.129]) by ns2.fox-it.com (Postfix) with ESMTPS id 508AE1AF94B for ; Wed, 31 Oct 2018 14:07:48 +0100 (CET) Received: from steffan-fox.fox.local (10.0.3.178) by FOXDFT52.FOX.local (10.0.0.129) with Microsoft SMTP Server (TLS) id 15.0.1395.4; Wed, 31 Oct 2018 14:07:48 +0100 From: Steffan Karger To: Date: Wed, 31 Oct 2018 14:07:16 +0100 Message-ID: <1540991236-4016-1-git-send-email-steffan.karger@fox-it.com> X-Mailer: git-send-email 2.7.4 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT52.FOX.local (10.0.0.129) To FOXDFT52.FOX.local (10.0.0.129) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1gHqDy-003jGj-RA Subject: [Openvpn-devel] [PATCH] tls-crypt-v2: fix client reconnect bug X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox As reported by tincantech on the openvpn-devel IRC channel, a tls-crypt-v2 client could be caused to trigger an assert in tls_crypt_wrap() because the client key might not be correctly initialized after a reconnect attempt. This was caused by code that was written before the connection-block tls-auth/tls-crypt logic was integrated (57d6f103), rebased on that change, but not sufficiently changed to be compatible with the new logic. This commit fixes that bug. Note that I also moved the violating hunk of code to the same function where the tls-auth and tls-crypt (v1) keys are initialized. Once moved there, it is immediately clear that v2 didn't follow the same (new) logic. Signed-off-by: Steffan Karger Tested-by: Richard Bonhomme Acked-by: Antonio Quartulli --- src/openvpn/init.c | 44 +++++++++++++++++++++++--------------------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 39e8ca5..2a1b38e 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2594,6 +2594,26 @@ do_init_tls_wrap_key(struct context *c) options->ce.tls_crypt_file, options->ce.tls_crypt_inline, options->tls_server); } + + /* tls-crypt with client-specific keys (--tls-crypt-v2) */ + if (options->ce.tls_crypt_v2_file) + { + if (options->tls_server) + { + tls_crypt_v2_init_server_key(&c->c1.ks.tls_crypt_v2_server_key, + true, options->ce.tls_crypt_v2_file, + options->ce.tls_crypt_v2_inline); + } + else + { + tls_crypt_v2_init_client_key(&c->c1.ks.tls_wrap_key, + &c->c1.ks.tls_crypt_v2_wkc, + options->ce.tls_crypt_v2_file, + options->ce.tls_crypt_v2_inline); + } + } + + } /* @@ -2645,27 +2665,9 @@ do_init_crypto_tls_c1(struct context *c) /* Initialize PRNG with config-specified digest */ prng_init(options->prng_hash, options->prng_nonce_secret_len); - /* initialize tls-auth/crypt key */ + /* initialize tls-auth/crypt/crypt-v2 key */ do_init_tls_wrap_key(c); - /* tls-crypt with client-specific keys (--tls-crypt-v2) */ - if (options->tls_crypt_v2_file) - { - if (options->tls_server) - { - tls_crypt_v2_init_server_key(&c->c1.ks.tls_crypt_v2_server_key, - true, options->tls_crypt_v2_file, - options->tls_crypt_v2_inline); - } - else - { - tls_crypt_v2_init_client_key(&c->c1.ks.tls_wrap_key, - &c->c1.ks.tls_crypt_v2_wkc, - options->tls_crypt_v2_file, - options->tls_crypt_v2_inline); - } - } - #if 0 /* was: #if ENABLE_INLINE_FILES -- Note that enabling this code will break restarts */ if (options->priv_key_file_inline) { @@ -2891,13 +2893,13 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) to.tls_wrap.opt.flags |= CO_PACKET_ID_LONG_FORM; tls_crypt_adjust_frame_parameters(&to.frame); - if (options->tls_crypt_v2_file) + if (options->ce.tls_crypt_v2_file) { to.tls_wrap.tls_crypt_v2_wkc = &c->c1.ks.tls_crypt_v2_wkc; } } - if (options->tls_crypt_v2_file) + if (options->ce.tls_crypt_v2_file) { to.tls_crypt_v2 = true; if (options->tls_server)