From patchwork Tue Dec 20 14:04:58 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 2932 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp3776053dyk; Tue, 20 Dec 2022 06:05:50 -0800 (PST) X-Google-Smtp-Source: AA0mqf7mUS52SdN20OoVZLUSKI3dQQfyNHkEBKaP4mzLO9N89Z+WjQQcuGGQ6mbIRfbcaj9xh5ZK X-Received: by 2002:a05:7500:3e01:b0:ea:db4c:fc6f with SMTP id lh1-20020a0575003e0100b000eadb4cfc6fmr4027503gab.37.1671545150489; Tue, 20 Dec 2022 06:05:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1671545150; cv=none; d=google.com; s=arc-20160816; b=xTpfwDAgxGDYyF6KDC5yJhKgbgZaocjokbrqZRGQ1xR+3aUlssC5U495J9J7d3rN3C vXqCym+2RXa87Z+98eQNXt8aTpJPz7QEWAgwzlE/8dOt4oxC41lo4L8CMbapx3q77UjE uhF9x+NJaN2tsoZ2z0P+FgpDhTqKvqCc9jkHOboBSweA5BYoI/kD5V66c+o+7FWAuwx3 OABA6QCOYMIHzF50RtwEgnLtlwdxoM17XmF9mwpixNP+z7osSvRfInCKkE3IwI8l7gtp y/+q4WwbBOYcQ54auU3/DhzKWOT+X1k+X/YuCxpoLiuqhZ1SHZWuQ34m+/iJNexcLyg0 Pg1g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:cc:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=gG1Z+9/lFy9Jm46q96HJmrPRILa/fU/RZ4yIyAk+i20=; b=cSvRW6po3hN9VCG0mX/H/szKLzBG2n9ujoxl6fGU5remIIULTXFj3luJI7XOr/WDKY QY7NRvXq2lHOGnP0QDXQw5MEMAodb3fg26tRLYs9v0oN3sCixNh3DtxRLJLMeKOEh7wi Bu5VTfX+GxDoqMI9id/hl2W8wJ2id7EVUGot1RhO1IjfHUJPgQIVTzqY9mynqr1/xqY8 Mha6rkgAYp1eZRNHvBlNSQ9quiYvNu4gAPMs5wKC7fLKkyTmtJYs4GzvOLOB7DoziRbW MxOoxhF6HgHvC/ADjXb4+wlhR7PYHuqUh5Wh+dabBxgE/EXIuERG4CI0VLSV4R7uKR0W M6Zw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=WyXbpdEl; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=J3RIcm7l; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id v14-20020ab0290e000000b00419147797dbsi2356090uap.196.2022.12.20.06.05.49 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 20 Dec 2022 06:05:50 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=WyXbpdEl; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=J3RIcm7l; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1p7dFB-0004Me-Nn; Tue, 20 Dec 2022 14:05:21 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1p7dF8-0004MU-Nf for openvpn-devel@lists.sourceforge.net; Tue, 20 Dec 2022 14:05:18 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=9Ilp1rNBlBYfmEQz6Z4Og+eTPozg1GDyy45zFnPQe/4=; b=WyXbpdElAIuIt3yS62v1R7haOs USvCGxs6ikLOqnmx0xNDHVT2pK9hCiL1PoWrJhZdz8OTK3Ufu/12Nxrq9j40JVb7QKHU2wknvvRok wqko3wUq5xg+NfI/5HmgruPjCtdaHgJZwdRvs4Jgl1BLSkSFNUHzve0z4blHF41v5TDo=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=9Ilp1rNBlBYfmEQz6Z4Og+eTPozg1GDyy45zFnPQe/4=; b=J3RIcm7lYLYk2IgVmf4Kpp3h8N +ucivpgNRrvT75l5UZNQP3q72GnDwH4sUSPaFXxWfOa6DvK1hglX8QAuWa5EI/Uw0Nnms3Q7C5Zu4 HIJNoftELgy7rPsp5N2aS+ucfrNsp8pJLgkBrD8H8vtMj6VDLaWjHO8VwGEhXNaaNOwY=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1p7dF4-005raQ-HS for openvpn-devel@lists.sourceforge.net; Tue, 20 Dec 2022 14:05:18 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1p7dEo-000K3S-QW; Tue, 20 Dec 2022 15:04:58 +0100 Received: (nullmailer pid 2666683 invoked by uid 10006); Tue, 20 Dec 2022 14:04:58 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Tue, 20 Dec 2022 15:04:58 +0100 Message-Id: <20221220140458.2666637-1-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20221215190143.2107896-1-arne@rfc2549.org> References: <20221215190143.2107896-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This changes the password check on the management interface to be constant time. Normally the management port should not be exposed in a way that allows an attacker to even interact with it but making [...] Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1p7dF4-005raQ-HS Subject: [Openvpn-devel] [PATCH v2 1/8] Make management password check constant time X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Connor Edwards Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1752307792184075091?= X-GMAIL-MSGID: =?utf-8?q?1752742127367372764?= This changes the password check on the management interface to be constant time. Normally the management port should not be exposed in a way that allows an attacker to even interact with it but making the check constant time as an additional layer of security is always good. Patch v2: include NUL byte in comparison Reported-by: Connor Edwards Signed-off-by: Arne Schwabe Acked-by: Gert Doering --- src/openvpn/manage.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/src/openvpn/manage.c b/src/openvpn/manage.c index b11de224d..5465b7e9b 100644 --- a/src/openvpn/manage.c +++ b/src/openvpn/manage.c @@ -198,7 +198,12 @@ man_check_password(struct management *man, const char *line) { if (man_password_needed(man)) { - if (streq(line, man->settings.up.password)) + /* This comparison is not fixed time but since strlen(time) is based on + * the attacker choice, it should not give any indication of the real + * password length, use + 1 to include the NUL byte that terminates the + * string*/ + size_t compare_len = min_uint(strlen(line) + 1, sizeof(man->settings.up.password)); + if (memcmp_constant_time(line, man->settings.up.password, compare_len) == 0) { man->connection.password_verified = true; msg(M_CLIENT, "SUCCESS: password is correct");