From patchwork Wed Dec 14 15:34:14 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Maximilian Fillinger X-Patchwork-Id: 2909 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:622a:418d:b0:3a5:7962:c21f with SMTP id cd13csp358225qtb; Wed, 14 Dec 2022 07:35:33 -0800 (PST) X-Google-Smtp-Source: AA0mqf5Zb+kHk1pfNWCig8NAKiSzV+UVBCimI92yZh4aknIblvDNHADLQb0+4+dvJCdgUaXLw5aF X-Received: by 2002:a17:90a:9484:b0:219:ba3d:7ee2 with SMTP id s4-20020a17090a948400b00219ba3d7ee2mr28390842pjo.30.1671032132849; Wed, 14 Dec 2022 07:35:32 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671032132; cv=none; d=google.com; s=arc-20160816; b=aYFX3ioKyKkQoqHr+0wzo/8RJeDERRgJgZFdSwSVjQFj+FEhCdxPL+9dhbw9Fbep6N /Ff4I+talGsEyAtrVhZViHAUZHpXnipoUUYo/DdrQY49XUgboHSfld7bc2T5mKx/8FWi XgymnhpE0SggS/6YvPZ+X4sTSTkxpH6RF3hixkg9W2ce5qg5V20hQyzC6Of70kp/K7Ky 17jm5Ap0adnNse00BS16vGLvFF67ofL/fsbwfXK6PLvxC2+ga8AlmBPj3qxK++NtYHej QRnxkuSA8jMuKb3iJEHFru8b8/tAwBJ05/CmNQ+WJ1W2y183bWD/RvJpRcwObBzOmIbv 09Iw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :dkim-signature:mime-version:message-id:date:to:from:dkim-signature :dkim-signature; bh=7aGYeCmT0CpNzid99QTeW9xsQ69Brg2UClZ2DfHUBUE=; b=HpUQboQohUsSlmU0auxKJL+/K5Lkfr+KP+sTADXD+932Fxfka+dqKebE8u/RHUVOpE zdZC0O0Ed/vBVxvP7pVb3+/gujnB4vrg2NYmOviytbXYoUs2rFNLqNNReDQ/YX6ZuSOR KoBks9RehOyC1154JQG11KA8Qh1gGEzd7538pJ2b0jV/CggV4S+g8ViZQ3ljrUcVxznY f0xQJ8JxYXKMWMWIDeAK3qdWdMXyCnQ9tEJc5ZDWQYvrP+an1PHS342DPa0iJxPP1Uql gwt9eP//ZngqboFEvN/TvEllzTUSD8/liBPmN1KpFQyS0y5q2iaXqYuB6cOXH/V60iz5 oCZw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fHZD9j6x; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=mMxLtSaF; dkim=neutral (body hash did not verify) header.i=@foxcrypto.com header.s=NL-DFT-MX-01 header.b=lXE6tPFc; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxcrypto.com Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id pw2-20020a17090b278200b002196e1485efsi2295289pjb.55.2022.12.14.07.35.32 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Dec 2022 07:35:32 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=fHZD9j6x; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=mMxLtSaF; dkim=neutral (body hash did not verify) header.i=@foxcrypto.com header.s=NL-DFT-MX-01 header.b=lXE6tPFc; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=foxcrypto.com Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p5TmO-000896-L0; Wed, 14 Dec 2022 15:34:44 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p5TmN-00088z-J2 for openvpn-devel@lists.sourceforge.net; Wed, 14 Dec 2022 15:34:43 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Date:Subject:CC:To:From:Sender:Reply-To:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=2yaHScwL8fzbb2LGOiO1kRQOa78x3FQ6fA4ogp4p+6U=; b=fHZD9j6xLV1qYgrbFthFmL7jlC f1GYPch6Ah+rf13UpG92R7AmqXyCGl8K+0q8GLN1siUjYuSQt77kn3VYT377qE2QvOuFOj+9RZj5Y qk4l3FFYLnwsIvG1L3zJof7Cku7CW7ISSYF+LoT5L60SN+tPI0KpQ66zTC8d2LL7Os14=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Date: Subject:CC:To:From:Sender:Reply-To:Content-ID:Content-Description:Resent-Date :Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=2yaHScwL8fzbb2LGOiO1kRQOa78x3FQ6fA4ogp4p+6U=; b=m MxLtSaFDdMBFeH4gvOyljz2c3X/XdOodFjQN99IKqT/5zN5OuQoKF4CxfA5LdpiEJmTNRaADPTe0O qHN41QETpuDXuQhkEHfwRMMz0q3blcXUpzACOXARURWMTMKGFMT6KqcBS3MZD7eempVO3oXWFuywB tRNPxFCjJPAV6p98=; Received: from nl-dft-mx-01.fox-it.com ([178.250.144.135]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1p5TmG-0002wP-Or for openvpn-devel@lists.sourceforge.net; Wed, 14 Dec 2022 15:34:42 +0000 From: Max Fillinger To: Date: Wed, 14 Dec 2022 16:34:14 +0100 Message-ID: <20221214153414.12671-1-maximilian.fillinger@foxcrypto.com> X-Mailer: git-send-email 2.30.2 MIME-Version: 1.0 X-ClientProxiedBy: FOXDFT1EX01.FOX.local (10.0.0.129) To FOXDFT1EX01.FOX.local (10.0.0.129) X-FE-Policy-ID: 13:3:2:SYSTEM DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; d=foxcrypto.com; s=NL-DFT-MX-01; c=relaxed/relaxed; h=from:to:cc:subject:date:message-id:mime-version:content-type; bh=2yaHScwL8fzbb2LGOiO1kRQOa78x3FQ6fA4ogp4p+6U=; b=lXE6tPFcPKvkgEkXNA5Z6pj3Yj1KxY0ryaOQQXLSWvIIYyZpYhWz5Um7pr2zU4w/Tr8Sknd3+vBq MUSxQwIPlVTXzYqXviYyaG2qN/ifL76veYWzJQ1Ikbz0dnRNqLXgCJ40nl4gMis+tQ+7dK7ZKeBV zGhNLfXGj3jKz96kE6CNfFOIQ2PoORWE9v5Y9WQIvl4wcIL0SGYa/jIG4JTA/9Xo0iXq8ZHp1jwA zLavCC9BpnOXCz/QSW12SdbN1LW/4lwNLM36IHYDk0oLQaZbNlLgjgTBBcmNO1s0Ypy/cS3o1/XB h2Au1S7U5IVZ/JrgJwGjK/yK9ftXrwD43AEYdg== X-Spam-Score: 0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The current code only checks if the base64-encoded metadata is at most 980 character. However, that can encode up to 735 bytes of data, while only up to 733 bytes are allowed. When passing 734 or 735 [...] Content analysis details: (0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid 0.1 DKIM_INVALID DKIM or DK signature exists, but is not valid X-Headers-End: 1p5TmG-0002wP-Or Subject: [Openvpn-devel] [Patch v2] Fix message for too long tls-crypt-v2 metadata X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1752204189490667004?= X-GMAIL-MSGID: =?utf-8?q?1752204189490667004?= The current code only checks if the base64-encoded metadata is at most 980 character. However, that can encode up to 735 bytes of data, while only up to 733 bytes are allowed. When passing 734 or 735 bytes, openvpn prints a misleading error message saying that the base64 cannot be decoded. This patch checks the decoded length to show an accurate error message. v2: Remove now-unused macro and fix an off-by-one error. Signed-off-by: Max Fillinger Acked-by: Arne Schwabe --- src/openvpn/base64.h | 4 ++++ src/openvpn/tls_crypt.c | 18 +++++++++++------- src/openvpn/tls_crypt.h | 2 -- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/openvpn/base64.h b/src/openvpn/base64.h index f49860fc..7b4224a5 100644 --- a/src/openvpn/base64.h +++ b/src/openvpn/base64.h @@ -38,6 +38,10 @@ #define OPENVPN_BASE64_LENGTH(binary_length) \ ((((8 * binary_length) / 6) + 3) & ~3) +/** Compute the maximal number of bytes encoded in a base64 string. */ +#define OPENVPN_BASE64_DECODED_LENGTH(base64_length) \ + ((base64_length / 4) * 3) + int openvpn_base64_encode(const void *data, int size, char **str); int openvpn_base64_decode(const char *str, void *data, int size); diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index 2fc79111..1e461fcf 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -627,15 +627,11 @@ tls_crypt_v2_write_client_key_file(const char *filename, } ASSERT(buf_write(&dst, client_key.keys, sizeof(client_key.keys))); - struct buffer metadata = alloc_buf_gc(TLS_CRYPT_V2_MAX_METADATA_LEN, &gc); + struct buffer metadata; if (b64_metadata) { - if (TLS_CRYPT_V2_MAX_B64_METADATA_LEN < strlen(b64_metadata)) - { - msg(M_FATAL, - "ERROR: metadata too long (%d bytes, max %u bytes)", - (int)strlen(b64_metadata), TLS_CRYPT_V2_MAX_B64_METADATA_LEN); - } + size_t b64_length = strlen(b64_metadata); + metadata = alloc_buf_gc(OPENVPN_BASE64_DECODED_LENGTH(b64_length) + 1, &gc); ASSERT(buf_write(&metadata, &TLS_CRYPT_METADATA_TYPE_USER, 1)); int decoded_len = openvpn_base64_decode(b64_metadata, BEND(&metadata), BCAP(&metadata)); @@ -644,10 +640,18 @@ tls_crypt_v2_write_client_key_file(const char *filename, msg(M_FATAL, "ERROR: failed to base64 decode provided metadata"); goto cleanup; } + if (decoded_len > TLS_CRYPT_V2_MAX_METADATA_LEN - 1) + { + msg(M_FATAL, + "ERROR: metadata too long (%d bytes, max %u bytes)", + decoded_len, TLS_CRYPT_V2_MAX_METADATA_LEN - 1); + goto cleanup; + } ASSERT(buf_inc_len(&metadata, decoded_len)); } else { + metadata = alloc_buf_gc(1 + sizeof(int64_t), &gc); int64_t timestamp = htonll((uint64_t)now); ASSERT(buf_write(&metadata, &TLS_CRYPT_METADATA_TYPE_TIMESTAMP, 1)); ASSERT(buf_write(&metadata, ×tamp, sizeof(timestamp))); diff --git a/src/openvpn/tls_crypt.h b/src/openvpn/tls_crypt.h index 928ff547..d5c73752 100644 --- a/src/openvpn/tls_crypt.h +++ b/src/openvpn/tls_crypt.h @@ -101,8 +101,6 @@ #define TLS_CRYPT_V2_MAX_METADATA_LEN (unsigned)(TLS_CRYPT_V2_MAX_WKC_LEN \ - (TLS_CRYPT_V2_CLIENT_KEY_LEN + TLS_CRYPT_V2_TAG_SIZE \ + sizeof(uint16_t))) -#define TLS_CRYPT_V2_MAX_B64_METADATA_LEN \ - OPENVPN_BASE64_LENGTH(TLS_CRYPT_V2_MAX_METADATA_LEN - 1) /** * Initialize a key_ctx_bi structure for use with --tls-crypt.