From patchwork Fri Feb 10 14:27:08 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 3076 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7300:c95:b0:82:e4b3:40a0 with SMTP id p21csp1312989dyk; Fri, 10 Feb 2023 06:28:16 -0800 (PST) X-Google-Smtp-Source: AK7set+lsAOhz4nbo92DRigxOFnykaQN4He3ca7FT9x1TdMoUXqsuwmPtsp4z9p5hVx/GjxIMm2w X-Received: by 2002:a17:903:11d0:b0:194:a531:4b39 with SMTP id q16-20020a17090311d000b00194a5314b39mr18260959plh.67.1676039296710; Fri, 10 Feb 2023 06:28:16 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1676039296; cv=none; d=google.com; s=arc-20160816; b=UhWGj+H+7MuYphwEj30pviW8Ot16gS8Agz54ex2jv1m84g6k0Wu/LrO5X5mcmmy1zk gcrmyCp+urVOm9sUuDPI8LSdLUlq8FxFz68K59RHMm0Ftg40En4lQC1R61na186WrAS9 QuOOlt0HmQtV8HkD/yq5GQzTKkMeIPmPAcCLWXvShf8wWjljot1HT1GwS8xeX3WlfYuC us+wujXKHEPNj8gBzESFYKhpKQDNM6UJSd7HptT1fb0d6ZWaavu6PFo65r64cm2M2pbM PId0TtWErHJF887VEzAUzr/Vdy+kwZ9xnpvuI42LzsKEnCLwDrsFDh/kjnYbFRCkVx7h z4uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :mime-version:references:in-reply-to:message-id:date:to:from :dkim-signature:dkim-signature; bh=nHI1mhW8mLu5wCbIaME+hdbeS4uwUMrYA/66tlO4QFs=; b=rTSNlugJgNvfR2NrojpU9FxaI1AChHVE9JK+XocI6fz8RXNhfXEBTQ9CaaE/FLTteG sbHjQd1y4HMtgdUHPLv759boR1EOMtm7XvtkQtIHT1LVop+7DYGakO1YOKcRp4dcSOw3 lZf3CuC7vW34N2K9j9WNi6cQnJatdwoaZSwmRHk0vM60MwNYDfeWHkzTor932tGXXXKJ 8bs/4OANHyAJ2WzCkRZm407I4Bxqqt2wEP5ChZv2SF8rCWcDh8YSmQOHzGOoT5wlXc1w CWRV1ATPbXLqHij/KPaz1zWjZxTD1c59BGuaTr3MQu6UIQlM0jSptoC1e4jXEmNkS23l fang== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=SrK2buGu; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Nr4a3CX8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id d17-20020a170902ced100b001992f45149esi5128991plg.190.2023.02.10.06.28.16 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Fri, 10 Feb 2023 06:28:16 -0800 (PST) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=SrK2buGu; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=Nr4a3CX8; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1pQUNC-0006zH-Mo; Fri, 10 Feb 2023 14:27:33 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1pQUN6-0006yG-PX for openvpn-devel@lists.sourceforge.net; Fri, 10 Feb 2023 14:27:28 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=+wY1T9r3O9w2b/fM8OFKJfDHhrK2yF32XhI8j1z//8E=; b=SrK2buGufSqfvhFeJdf5fnRP9K 5GJWcw33raJHwzPHz8iF2HdwnW01CSjCObQVIkh/G4k7iPfD3Ge5oUp6phRsmh8hbqMOVhCaaeGe9 qI4rofOXdN3g+hwo11XyLsVlTigOYuZApHJQgwDxUENAqWMinPaoLxZfXsdcfsZM/gU4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=+wY1T9r3O9w2b/fM8OFKJfDHhrK2yF32XhI8j1z//8E=; b=Nr4a3CX8fkWd+PC7/dpzr4FQHM 5+1AFcVldbX503aGuYPLaN7haEINFkKQzAZWZD9NYmOHnPcRpQVX8zXiwhqRqXjtLpGP+xI3L59Ur fwnnZ1pERSN9r25Yhl6B61pISAGkPzh5iCX7EwMxwzBVg4pbTmZmTcWnz5LslkKV8t5M=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.95) id 1pQUN1-0007Eh-8B for openvpn-devel@lists.sourceforge.net; Fri, 10 Feb 2023 14:27:27 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.95 (FreeBSD)) (envelope-from ) id 1pQUMq-00051g-8A for openvpn-devel@lists.sourceforge.net; Fri, 10 Feb 2023 15:27:12 +0100 Received: (nullmailer pid 572360 invoked by uid 10006); Fri, 10 Feb 2023 14:27:12 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Fri, 10 Feb 2023 15:27:08 +0100 Message-Id: <20230210142712.572303-5-arne@rfc2549.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20230210142712.572303-1-arne@rfc2549.org> References: <20230210142712.572303-1-arne@rfc2549.org> MIME-Version: 1.0 X-Spam-Score: 0.3 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-1.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: This helps debugging what information a client is sending without having to use a debugger or to look at the server log. Signed-off-by: Arne Schwabe --- src/openvpn/ssl.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) Content analysis details: (0.3 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.0 SPF_NONE SPF: sender does not publish an SPF Record X-Headers-End: 1pQUN1-0007Eh-8B Subject: [Openvpn-devel] [PATCH 2/2] Add debug output for sent IV variables in client mode with verb 7 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1757454581907248756?= X-GMAIL-MSGID: =?utf-8?q?1757454581907248756?= This helps debugging what information a client is sending without having to use a debugger or to look at the server log. Signed-off-by: Arne Schwabe --- src/openvpn/ssl.c | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 016bdc57f..1138dc4e7 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -1970,6 +1970,20 @@ read_string_alloc(struct buffer *buf) return str; } +static void +print_client_peer_info(struct buffer *out, struct gc_arena *gc) +{ + struct buffer buf = alloc_buf_gc(buf_len(out), gc); + buf_copy(&buf, out); + + char line[256]; + + while (buf_parse(&buf, '\n', line, sizeof(line))) + { + chomp(line); + msg(D_PUSH_DEBUG, "sending peer info: %s", line); + } +} /** * Prepares the IV_ and UV_ variables that are part of the * exchange to signal the peer's capabilities. The amount @@ -2119,6 +2133,11 @@ push_peer_info(struct buffer *buf, struct tls_session *session) } } + if (check_debug_level(D_PUSH_DEBUG)) + { + print_client_peer_info(&out, &gc); + } + if (!write_string(buf, BSTR(&out), -1)) { goto error;