From patchwork Thu Jan 21 02:39:29 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Gert Doering X-Patchwork-Id: 1564 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id qBb3DRuICWAUPQAAIUCqbw (envelope-from ) for ; Thu, 21 Jan 2021 08:56:43 -0500 Received: from proxy6.mail.iad3b.rsapps.net ([172.31.255.6]) by director9.mail.ord1d.rsapps.net with LMTP id yE1pDRuICWBhFAAAalYnBA (envelope-from ) for ; Thu, 21 Jan 2021 08:56:43 -0500 Received: from smtp22.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy6.mail.iad3b.rsapps.net with LMTPS id gLvWBhuICWAqbwAARawThA (envelope-from ) for ; Thu, 21 Jan 2021 08:56:43 -0500 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp22.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=greenie.muc.de X-Suspicious-Flag: YES X-Classification-ID: 7d593fce-5bf0-11eb-ba67-52540041dff8-1-1 Received: from [216.105.38.7] ([216.105.38.7:57576] helo=lists.sourceforge.net) by smtp22.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 46/43-26206-A1889006; Thu, 21 Jan 2021 08:56:42 -0500 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1l2aRK-0006jn-KT; Thu, 21 Jan 2021 13:55:58 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1l2aRB-0006jC-QF for openvpn-devel@lists.sourceforge.net; Thu, 21 Jan 2021 13:55:49 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:To:From:Sender:Reply-To:Cc:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=TdWdZgCBoaIlk7Bi44hF5ITu6465rph0rbzPNretUjU=; b=D5bBj+qmR8FagRo4A5Y3V7rPe4 DBhwqcxxVra3F1p/+7zeBJCMyKi8Rr7OIJmtA+Bo8EiN7moXMdPQpaAACkTOEe1QAtDThEH9C3Cmj 9Tsb07E28RpIhtrtj7gTP4sOhhf6AqYYfe6aYHMX1ccv8x6/7GKufjd7Xm0nNGIqkvRw=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:To:From: Sender:Reply-To:Cc:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=TdWdZgCBoaIlk7Bi44hF5ITu6465rph0rbzPNretUjU=; b=I 3+bUlr0p5hQ6C/WMSLp5yjzf55C5HjDSXSXk533+UIZJFdUwcwpc49YCc+C96q26qJVOxqCmBDen5 uSMOj3uhf1huX7EJs1EoB6Da0DNTMCT7kh+uTzeeN6GS+MjytY+3xpjkRVAKEZnxDZkMYalebDuhi Qa9laAcaJw0F5Nrw=; Received: from vmail1.greenie.net ([195.30.8.66]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1l2aQq-00316v-MA for openvpn-devel@lists.sourceforge.net; Thu, 21 Jan 2021 13:55:45 +0000 Received: from gentoo.ov.greenie.net (gentoo.ov.greenie.net [IPv6:2001:608:0:814:0:0:f000:11]) by vmail1.greenie.net (8.16.1/8.12.11) with SMTP id 10LDdTO0041518 for ; Thu, 21 Jan 2021 14:39:29 +0100 (CET) Received: (nullmailer pid 20232 invoked by uid 1000); Thu, 21 Jan 2021 13:39:29 -0000 From: Gert Doering To: openvpn-devel@lists.sourceforge.net Date: Thu, 21 Jan 2021 14:39:29 +0100 Message-Id: <20210121133929.20186-1-gert@greenie.muc.de> X-Mailer: git-send-email 2.26.2 MIME-Version: 1.0 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.6.2 (vmail1.greenie.net [IPv6:2001:608:1:995a:20c:29ff:feb8:10eb]); Thu, 21 Jan 2021 14:39:29 +0100 (CET) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: muc.de] 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1l2aQq-00316v-MA Subject: [Openvpn-devel] [PATCH] Make OPENVPN_PLUGIN_ENABLE_PF failures FATAL X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Without this patch, if openpn is using a plugin that provides OPENVPN_PLUGIN_ENABLE_PF but then fails (returns OPENVPN_PLUGIN_FUNC_ERROR), OpenVPN will crash on a NULL pointer reference. The underlying cause is (likely) the refactoring work regarding CAS_SUCCEEDED etc., and that nobody adjusted the pf.c code accordingly (it tries to sent itself a SIGUSR1, which tries to tear down the client MI instance, but since it is not fully set up yet at this point, things explode). Full details on the call chain in Trac... Since we intend to remove pf in 2.6, but we still do not want OpenVPN to ever SIGSEGV, change the requirements for the plugins to "MUST SUCCEED", so if the plugin ENABLE_PF call fails, abort openvpn with a M_FATAL message. Trac: #1377 Signed-off-by: Gert Doering Acked-By: Arne Schwabe --- src/openvpn/pf.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/src/openvpn/pf.c b/src/openvpn/pf.c index f9bbfb50..3f472ef4 100644 --- a/src/openvpn/pf.c +++ b/src/openvpn/pf.c @@ -639,8 +639,17 @@ pf_init_context(struct context *c) } if (!c->c2.pf.enabled) { - msg(M_WARN, "WARNING: failed to init PF plugin, rejecting client."); - register_signal(c, SIGUSR1, "plugin-pf-init-failed"); + /* At some point in openvpn history, this code just printed a + * warning and signalled itself (SIGUSR1, "plugin-pf-init-failed") + * to terminate the client instance. This got broken at one of + * the client auth state refactorings (leading to SIGSEGV crashes) + * and due to "pf will be removed anyway" reasons the easiest way + * to prevent crashes is to REQUIRE that plugins succeed - so if + * the plugin fails, we cleanly abort OpenVPN + * + * see also: https://community.openvpn.net/openvpn/ticket/1377 + */ + msg(M_FATAL, "FATAL: failed to init PF plugin, must succeed."); return; } }