From patchwork Sat Dec 30 00:02:39 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Steffan Karger X-Patchwork-Id: 160 X-Patchwork-Delegate: selva.nair@gmail.com Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director3.mail.ord1d.rsapps.net ([172.27.255.53]) by backend31.mail.ord1d.rsapps.net (Dovecot) with LMTP id kwRUDX8wTloTJQAAgoeIoA for ; Thu, 04 Jan 2018 08:47:43 -0500 Received: from proxy12.mail.iad3a.rsapps.net ([172.27.255.53]) by director3.mail.ord1d.rsapps.net (Dovecot) with LMTP id azXzBX8wTlrNQgAAkXNnRw ; Thu, 04 Jan 2018 08:47:43 -0500 Received: from smtp35.gate.iad3a ([172.27.255.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy12.mail.iad3a.rsapps.net (Dovecot) with LMTP id mbspAH8wTlpDbAAAh9K5Vw ; Thu, 04 Jan 2018 08:47:43 -0500 X-Spam-Exception: WHITELISTED X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: patchwork@openvpn.net X-Originating-Ip: [173.203.187.69] Authentication-Results: smtp35.gate.iad3a.rsapps.net; iprev=pass policy.iprev="173.203.187.69"; spf=pass smtp.mailfrom="samuli@openvpn.net" smtp.helo="smtp69.iad3a.emailsrvr.com"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=karger-me.20150623.gappssmtp.com; dmarc=none (p=nil; dis=none) header.from=karger.me X-Classification-ID: d62423de-f155-11e7-ae90-bc305bf5a7c0-1-1 Received: from [173.203.187.69] ([173.203.187.69:52068] helo=smtp69.iad3a.emailsrvr.com) by smtp35.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 88/FA-03932-E703E4A5; Thu, 04 Jan 2018 08:47:42 -0500 Received: from smtp1.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp1.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id 7FE505C1D for ; Thu, 4 Jan 2018 08:47:42 -0500 (EST) X-Auth-ID: samuli@openvpn.net Received: by smtp1.relay.iad3a.emailsrvr.com (Authenticated sender: samuli-AT-openvpn.net) with ESMTPSA id DA1D55B65 for ; Thu, 4 Jan 2018 08:47:41 -0500 (EST) X-Sender-Id: samuli@openvpn.net Received: from [192.168.15.45] (91-159-32-223.elisa-laajakaista.fi [91.159.32.223]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA) by 0.0.0.0:465 (trex/5.7.12); Thu, 04 Jan 2018 08:47:42 -0500 Resent-From: =?utf-8?q?Samuli_Sepp=C3=A4nen?= Resent-To: patchwork@openvpn.net Resent-Date: Thu, 4 Jan 2018 15:47:40 +0200 Resent-Message-ID: <39f8318d-e593-fd11-f772-e4e169dfcf93@openvpn.net> Resent-User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 Received: from MBX10C-ORD1.mex06.mlsrvr.com (172.29.1.28) by MBX10C-ORD1.mex06.mlsrvr.com (172.29.1.28) with Microsoft SMTP Server (TLS) id 15.0.1293.2 via Mailbox Transport; Sat, 30 Dec 2017 05:03:38 -0600 Received: from MBX15D-ORD1.mex06.mlsrvr.com (172.29.1.44) by MBX10C-ORD1.mex06.mlsrvr.com (172.29.1.28) with Microsoft SMTP Server (TLS) id 15.0.1293.2; Sat, 30 Dec 2017 05:03:38 -0600 Received: from gate.forward.smtp.ord1c.emailsrvr.com (108.166.43.128) by MBX15D-ORD1.mex06.mlsrvr.com (172.29.1.44) with Microsoft SMTP Server (TLS) id 15.0.1293.2 via Frontend Transport; Sat, 30 Dec 2017 05:03:38 -0600 Received: from [216.34.181.88] ([216.34.181.88:39635] helo=lists.sourceforge.net) by smtp15.gate.ord1c.rsapps.net (envelope-from ) (ecelerity 4.2.1.56364 r(Core:4.2.1.14)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 52/36-18552-A82774A5; Sat, 30 Dec 2017 06:03:38 -0500 Received: from localhost ([127.0.0.1] helo=sfs-ml-3.v29.ch3.sourceforge.com) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.89) (envelope-from ) id 1eVEuf-0002Z0-VW; Sat, 30 Dec 2017 11:02:49 +0000 Received: from sfi-mx-2.v28.ch3.sourceforge.com ([172.29.28.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from ) id 1eVEuf-0002Yu-5O for openvpn-devel@lists.sourceforge.net; Sat, 30 Dec 2017 11:02:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:Cc: To:From:Sender:Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=VGVVyEq7zJidi8++d8cnjdd5TS5Mk/2uwDwRJJ/VQTY=; b=ECWR1aBVGs5TvqHvFO3GNPl87F bFCpHw/s+TVknTZeD8La5tu/G7X2hoV1XxzFKxdD65WQxNb+Kfj9VdarlkptpNbo/h8BQxISU9KIe FrtugCn9T2bJ8xAaGWRtz2lr3jhjpbPc/9MGlypOdnI62J1RhmOkkqxQSvHEbsE/2C1o=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=VGVVyEq7zJidi8++d8cnjdd5TS5Mk/2uwDwRJJ/VQTY=; b=F8U6hs/QppEDTyWo0ewtjyTWeI tHkNGQofYAcYhjgNuGmQnyTjNmUdUWFsYZqd/w1rUQ5801JYj6a9d82o0W11GFo3mOsvbUC1zuAln eoReftVsl8I0d5NUZyPqrLqzqTQuMrYXJJ1w4HPZ3BMlI76hfVLmGNBBNpcI4UyRZ2l8=; Received: from mail-wm0-f67.google.com ([74.125.82.67]) by sfi-mx-2.v28.ch3.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.89) id 1eVEue-0002cy-1Q for openvpn-devel@lists.sourceforge.net; Sat, 30 Dec 2017 11:02:49 +0000 Received: by mail-wm0-f67.google.com with SMTP id a79so12359301wma.0 for ; Sat, 30 Dec 2017 03:02:47 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=karger-me.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=VGVVyEq7zJidi8++d8cnjdd5TS5Mk/2uwDwRJJ/VQTY=; b=GeRMK4Af/rraZ6ggsiOKJ4HmU8wjSD+IPOeGNal8qw/+dhZMEl01rWvtAtxEGoLZZy kahTaKMT8Q6+6Pen8CK22TTqJI5wYinVyxef08So7SwhXb++p5WP9U+8xygKQ/X2DeXw IuOw6eKWzvVNtWz9Fy/3azZ4YmMWTfA8UWjunv7BgiIOikdwt1IohdANSFUYteID7Xjh /iJ/Ev5SlVwG8LqA40K8ONrzaMo5I3qZ4vNtzzhEf3ZGp/unAK3t3/4AVgJbNn7z+w+b rzyd55zsMW99Kd/uzWMWwXiaLtJllk+4kb1CcsExphYER5RLwzfFKGQyLQFl/V6Qo74x 8+XA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=VGVVyEq7zJidi8++d8cnjdd5TS5Mk/2uwDwRJJ/VQTY=; b=PRn01zkeCKP/X9AnqZJmWJJ0HdD25rZehpFmob4K4Kzzo+cdrei2KkPvnGGK7Unsyi /F7lVLPp/K1ToDTWj26dYDEK/XDA3Ew6PPUmlpG9fHYGiNRuugQXw9B4LwXoSmkvc6mT en+qM/di09Pv1mUQUcJzxu2Ue0gcIrLFJI4jN8526p61ie1wyoSj7YeF+S/sP36WXtZz M1FCrfwYALEk/ypg4OYn1Ca0xOT/6M9bwzkE/vQiVuCukElJGfGfh4DXavqmaQCzOIQn R509U72e2J4UNFL4L6xdWhKTnfw/j1nzI6+nig5OEDCMwiRm3Fhi5oOtTKKhRW48s6Lo KpTA== X-Gm-Message-State: AKGB3mISQVH4ydBHV0kWyad4m8JCidnBgu4/rBSaNykw5BtplVLoCkEC kqDEReiwTjuUtMw0N1BVVZO2pV0/voU= X-Google-Smtp-Source: ACJfBossfTfaho2/cenJentURC4fBcLWXAeePMciIvjFRLG3ZwpftT8jAbGe5aBIJu40kdaG+ZQIJg== X-Received: by 10.80.149.253 with SMTP id x58mr49016114eda.152.1514631761712; Sat, 30 Dec 2017 03:02:41 -0800 (PST) Received: from vesta.fritz.box ([2001:985:e54:1:354d:9bc6:d811:1234]) by smtp.gmail.com with ESMTPSA id o42sm33299855edo.91.2017.12.30.03.02.40 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Sat, 30 Dec 2017 03:02:41 -0800 (PST) From: Steffan Karger To: openvpn-devel@lists.sourceforge.net Date: Sat, 30 Dec 2017 12:02:39 +0100 Message-ID: <20171230110239.12382-1-steffan@karger.me> X-Mailer: git-send-email 2.14.1 In-Reply-To: <20171130085330.mftz2f3vnx53vrz6@fliwatuet.svr02.mucip.net> References: <20171130085330.mftz2f3vnx53vrz6@fliwatuet.svr02.mucip.net> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [74.125.82.67 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1eVEue-0002cy-1Q Subject: [Openvpn-devel] [PATCH 1/3 v2] Fix --tls-version-min and --tls-version-max for OpenSSL 1.1+ X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-MS-Exchange-Organization-Network-Message-Id: 59ab5658-1aaf-415a-2120-08d54f74fab6 X-MS-Exchange-Organization-AVStamp-Mailbox: SMEXzs^g;1387300;0;This mail has been scanned by Trend Micro ScanMail for Microsoft Exchange; X-MS-Exchange-Organization-AuthSource: MBX15D-ORD1.mex06.mlsrvr.com X-MS-Exchange-Organization-AuthAs: Anonymous MIME-Version: 1.0 X-getmail-retrieved-from-mailbox: Inbox As described in <80e6b449-c536-dc87-7215-3693872bce5a@birkenwald.de> on the openvpn-devel mailing list, --tls-version-min no longer works with OpenSSL 1.1. Kurt Roeckx posted in a debian bug report: "This is marked as important because if you switch to openssl 1.1.0 the defaults minimum version in Debian is currently TLS 1.2 and you can't override it with the options that you're currently using (and are deprecated)." This patch is loosely based on the original patch by Kurt, but solves the issue by adding functions to openssl-compat.h, like we also did for all other openssl 1.1. breakage. This results in not having to add more ifdefs in ssl_openssl.c and thus cleaner code. Signed-off-by: Steffan Karger --- v2: fix define name, obey system lib default minimum version Note: this patch does not cherry-pick to release/2.4 nicely. Once the one for master has been accepted, I'll send a backport for release/2.4. src/openvpn/openssl_compat.h | 63 ++++++++++++++++++++++++++++++++ src/openvpn/ssl_openssl.c | 86 +++++++++++++++++++++++++------------------- 2 files changed, 113 insertions(+), 36 deletions(-) diff --git a/src/openvpn/openssl_compat.h b/src/openvpn/openssl_compat.h index 70b19aea..2a6c98d9 100644 --- a/src/openvpn/openssl_compat.h +++ b/src/openvpn/openssl_compat.h @@ -647,4 +647,67 @@ EC_GROUP_order_bits(const EC_GROUP *group) #define RSA_F_RSA_OSSL_PRIVATE_ENCRYPT RSA_F_RSA_EAY_PRIVATE_ENCRYPT #endif +#ifndef SSL_CTX_get_min_proto_version +/** Dummy SSL_CTX_get_min_proto_version for OpenSSL < 1.1 (not really needed) */ +static inline int +SSL_CTX_get_min_proto_version(SSL_CTX *ctx) +{ + return 0; +} +#endif /* SSL_CTX_get_min_proto_version */ + +#ifndef SSL_CTX_set_min_proto_version +/** Mimics SSL_CTX_set_min_proto_version for OpenSSL < 1.1 */ +static inline void +SSL_CTX_set_min_proto_version(SSL_CTX *ctx, long tls_ver_min) +{ + long sslopt = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; /* Never do < TLS 1.0 */ + + if (tls_ver_min > TLS1_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1; + } +#ifdef SSL_OP_NO_TLSv1_1 + if (tls_ver_min > TLS1_1_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1_1; + } +#endif +#ifdef SSL_OP_NO_TLSv1_2 + if (tls_ver_min > TLS1_2_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1_2; + } +#endif + SSL_CTX_set_options(ctx, sslopt); +} +#endif /* SSL_CTX_set_min_proto_version */ + +#ifndef SSL_CTX_set_max_proto_version +/** Mimics SSL_CTX_set_max_proto_version for OpenSSL < 1.1 */ +static inline void +SSL_CTX_set_max_proto_version(SSL_CTX *ctx, long tls_ver_max) +{ + long sslopt = 0; + + if (tls_ver_max < TLS1_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1; + } +#ifdef SSL_OP_NO_TLSv1_1 + if (tls_ver_max < TLS1_1_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1_1; + } +#endif +#ifdef SSL_OP_NO_TLSv1_2 + if (tls_ver_max < TLS1_2_VERSION) + { + sslopt |= SSL_OP_NO_TLSv1_2; + } +#endif + SSL_CTX_set_options(ctx, sslopt); +} +#endif /* SSL_CTX_set_max_proto_version */ + #endif /* OPENSSL_COMPAT_H_ */ diff --git a/src/openvpn/ssl_openssl.c b/src/openvpn/ssl_openssl.c index 34c31b9d..9d5cd5ec 100644 --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c @@ -206,15 +206,56 @@ info_callback(INFO_CALLBACK_SSL_CONST SSL *s, int where, int ret) int tls_version_max(void) { -#if defined(SSL_OP_NO_TLSv1_2) +#if defined(TLS1_2_VERSION) || defined(SSL_OP_NO_TLSv1_2) return TLS_VER_1_2; -#elif defined(SSL_OP_NO_TLSv1_1) +#elif defined(TLS1_1_VERSION) || defined(SSL_OP_NO_TLSv1_1) return TLS_VER_1_1; #else return TLS_VER_1_0; #endif } +/** Convert internal version number to openssl version number */ +static int +openssl_tls_version(int ver) +{ + if (ver == TLS_VER_1_0) + { + return TLS1_VERSION; + } + else if (ver == TLS_VER_1_1) + { + return TLS1_1_VERSION; + } + else if (ver == TLS_VER_1_2) + { + return TLS1_2_VERSION; + } + return 0; +} + +static void +tls_ctx_set_tls_versions(struct tls_root_ctx *ctx, unsigned int ssl_flags) +{ + int tls_ver_min = openssl_tls_version( + (ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) & SSLF_TLS_VERSION_MIN_MASK); + int tls_ver_max = openssl_tls_version( + (ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK); + + if (!tls_ver_min) + { + /* Enforce at least TLS 1.0 */ + int cur_min = SSL_CTX_get_min_proto_version(ctx->ctx); + tls_ver_min = cur_min < TLS1_VERSION ? TLS_VER_1_0 : cur_min; + } + SSL_CTX_set_min_proto_version(ctx->ctx, tls_ver_min); + + if (tls_ver_max) + { + SSL_CTX_set_max_proto_version(ctx->ctx, tls_ver_max); + } +} + void tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags) { @@ -223,42 +264,15 @@ tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags) /* default certificate verification flags */ int flags = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT; - /* process SSL options including minimum TLS version we will accept from peer */ - { - long sslopt = SSL_OP_SINGLE_DH_USE | SSL_OP_NO_TICKET | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3; - int tls_ver_max = TLS_VER_UNSPEC; - const int tls_ver_min = - (ssl_flags >> SSLF_TLS_VERSION_MIN_SHIFT) & SSLF_TLS_VERSION_MIN_MASK; - - tls_ver_max = - (ssl_flags >> SSLF_TLS_VERSION_MAX_SHIFT) & SSLF_TLS_VERSION_MAX_MASK; - if (tls_ver_max <= TLS_VER_UNSPEC) - { - tls_ver_max = tls_version_max(); - } - - if (tls_ver_min > TLS_VER_1_0 || tls_ver_max < TLS_VER_1_0) - { - sslopt |= SSL_OP_NO_TLSv1; - } -#ifdef SSL_OP_NO_TLSv1_1 - if (tls_ver_min > TLS_VER_1_1 || tls_ver_max < TLS_VER_1_1) - { - sslopt |= SSL_OP_NO_TLSv1_1; - } -#endif -#ifdef SSL_OP_NO_TLSv1_2 - if (tls_ver_min > TLS_VER_1_2 || tls_ver_max < TLS_VER_1_2) - { - sslopt |= SSL_OP_NO_TLSv1_2; - } -#endif + /* process SSL options */ + long sslopt = SSL_OP_SINGLE_DH_USE | SSL_OP_NO_TICKET; #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE - sslopt |= SSL_OP_CIPHER_SERVER_PREFERENCE; + sslopt |= SSL_OP_CIPHER_SERVER_PREFERENCE; #endif - sslopt |= SSL_OP_NO_COMPRESSION; - SSL_CTX_set_options(ctx->ctx, sslopt); - } + sslopt |= SSL_OP_NO_COMPRESSION; + SSL_CTX_set_options(ctx->ctx, sslopt); + + tls_ctx_set_tls_versions(ctx, ssl_flags); #ifdef SSL_MODE_RELEASE_BUFFERS SSL_CTX_set_mode(ctx->ctx, SSL_MODE_RELEASE_BUFFERS);