From patchwork Wed Jul 20 02:30:21 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2595 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director9.mail.ord1d.rsapps.net ([172.27.255.53]) by backend30.mail.ord1d.rsapps.net with LMTP id IOsWM4v112LQXQAAIUCqbw (envelope-from ) for ; Wed, 20 Jul 2022 08:31:07 -0400 Received: from proxy9.mail.iad3a.rsapps.net ([172.27.255.53]) by director9.mail.ord1d.rsapps.net with LMTP id YPrvMov112L+DwAAalYnBA (envelope-from ) for ; Wed, 20 Jul 2022 08:31:07 -0400 Received: from smtp20.gate.iad3a ([172.27.255.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy9.mail.iad3a.rsapps.net with LMTPS id YNszLIv112JNPAAAGuSQww (envelope-from ) for ; Wed, 20 Jul 2022 08:31:07 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp20.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: d3b6d98c-0827-11ed-abcd-525400aab2f3-1-1 Received: from [216.105.38.7] ([216.105.38.7:60004] helo=lists.sourceforge.net) by smtp20.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 10/77-23965-B85F7D26; Wed, 20 Jul 2022 08:31:07 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1oE8py-0001qC-UD; Wed, 20 Jul 2022 12:29:59 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oE8pw-0001q6-Vk for openvpn-devel@lists.sourceforge.net; Wed, 20 Jul 2022 12:29:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=4JkCfUReGrVA+9JbEgQNi96WQWE/+aHtL2SPKLjeEFM=; b=J9lCR1i7VbMUzHZv+mJAZG+7Pg 8SuScQYnW7U7CWOtNIiKTXj1eSQjTpOaJMV/ZlvQPaqiPwG/53lKspe2nCGEDO/tJ8Ifh2mcYxwYO 3Of1VJ1L8wtqte/2Hul/HRsDg0BGFruGrE1VSYHEnFA945rj8hyxea+iDxpMayFNX2U4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=4JkCfUReGrVA+9JbEgQNi96WQWE/+aHtL2SPKLjeEFM=; b=hdg4FVJFSYbE6vWx6ngkz+XEpN iJzyR3hM8uyKiQ3KivGWQNjzgQrnfIsy5p9uKDdmJoebUiMDHM6SSWz3xQGxggi+h6CHVUOSUu2X1 LOV0wZ7g5FDgYWCx3v6C1Sa62obxHHSLGSWYc405vGCPjwpysyjnWnVUOYaamQ4P3USA=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1oE8pv-00034s-L3 for openvpn-devel@lists.sourceforge.net; Wed, 20 Jul 2022 12:29:57 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Wed, 20 Jul 2022 14:30:21 +0200 Message-Id: <20220720123021.24281-1-a@unstable.cc> In-Reply-To: <20220624083809.23487-7-a@unstable.cc> References: MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Signed-off-by: Antonio Quartulli --- Changes from v1: * renamed disable_dco to dco_enabled src/openvpn/init.c | 49 ++++++++++++++++++++++++++++++++-------- src/openvpn/ssl_common.h | 23 +++++++++++++++++++ 2 files changed, 63 insertions(+), 9 deletions(-) Content analysis details: (-0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 SPF_HELO_PASS SPF: HELO matches SPF record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1oE8pv-00034s-L3 Subject: [Openvpn-devel] [PATCH v2 06/25] dco: initialize context and save pointer in TLS object X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Signed-off-by: Antonio Quartulli Acked-by: Gert Doering --- Changes from v1: * renamed disable_dco to dco_enabled src/openvpn/init.c | 49 ++++++++++++++++++++++++++++++++-------- src/openvpn/ssl_common.h | 23 +++++++++++++++++++ 2 files changed, 63 insertions(+), 9 deletions(-) diff --git a/src/openvpn/init.c b/src/openvpn/init.c index 779fc4a5..b6e1707f 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -55,6 +55,7 @@ #include "auth_token.h" #include "mss.h" #include "mudp.h" +#include "dco.h" #include "memdbg.h" @@ -1315,15 +1316,23 @@ do_init_timers(struct context *c, bool deferred) } /* initialize pings */ - - if (c->options.ping_send_timeout) + if (dco_enabled(&c->options)) { - event_timeout_init(&c->c2.ping_send_interval, c->options.ping_send_timeout, 0); + /* The DCO kernel module will send the pings instead of user space */ + event_timeout_clear(&c->c2.ping_rec_interval); + event_timeout_clear(&c->c2.ping_send_interval); } - - if (c->options.ping_rec_timeout) + else { - event_timeout_init(&c->c2.ping_rec_interval, c->options.ping_rec_timeout, now); + if (c->options.ping_send_timeout) + { + event_timeout_init(&c->c2.ping_send_interval, c->options.ping_send_timeout, 0); + } + + if (c->options.ping_rec_timeout) + { + event_timeout_init(&c->c2.ping_rec_interval, c->options.ping_rec_timeout, now); + } } if (!deferred) @@ -1733,6 +1742,12 @@ do_open_tun(struct context *c) /* initialize (but do not open) tun/tap object */ do_init_tun(c); + /* inherit the dco context from the tuntap object */ + if (c->c2.tls_multi) + { + c->c2.tls_multi->dco = &c->c1.tuntap->dco; + } + #ifdef _WIN32 /* store (hide) interactive service handle in tuntap_options */ c->c1.tuntap->options.msg_channel = c->options.msg_channel; @@ -1781,6 +1796,11 @@ do_open_tun(struct context *c) /* Store the old fd inside the fd so open_tun can use it */ c->c1.tuntap->fd = oldtunfd; #endif + if (dco_enabled(&c->options)) + { + ovpn_dco_init(c->mode, &c->c1.tuntap->dco); + } + /* open the tun device */ open_tun(c->options.dev, c->options.dev_type, c->options.dev_node, c->c1.tuntap, &c->net_ctx); @@ -3004,12 +3024,20 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) } } + /* let the TLS engine know if keys have to be installed in DCO or not */ + to.dco_enabled = dco_enabled(options); + /* * Initialize OpenVPN's master TLS-mode object. */ if (flags & CF_INIT_TLS_MULTI) { c->c2.tls_multi = tls_multi_init(&to); + /* inherit the dco context from the tuntap object */ + if (c->c1.tuntap) + { + c->c2.tls_multi->dco = &c->c1.tuntap->dco; + } } if (flags & CF_INIT_TLS_AUTH_STANDALONE) @@ -4389,15 +4417,18 @@ inherit_context_child(struct context *dest, #endif /* context init */ + + /* inherit tun/tap interface object now as it may be required + * to initialize the DCO context in init_instance() + */ + dest->c1.tuntap = src->c1.tuntap; + init_instance(dest, src->c2.es, CC_NO_CLOSE | CC_USR1_TO_HUP); if (IS_SIG(dest)) { return; } - /* inherit tun/tap interface object */ - dest->c1.tuntap = src->c1.tuntap; - /* UDP inherits some extra things which TCP does not */ if (dest->mode == CM_CHILD_UDP) { diff --git a/src/openvpn/ssl_common.h b/src/openvpn/ssl_common.h index cef2611b..c565d78c 100644 --- a/src/openvpn/ssl_common.h +++ b/src/openvpn/ssl_common.h @@ -167,6 +167,12 @@ enum auth_deferred_result { ACF_FAILED /**< deferred auth has failed */ }; +enum dco_key_status { + DCO_NOT_INSTALLED, + DCO_INSTALLED_PRIMARY, + DCO_INSTALLED_SECONDARY +}; + /** * Security parameter state of one TLS and data channel %key session. * @ingroup control_processor @@ -197,6 +203,12 @@ struct key_state */ int key_id; + /** + * Key id for this key_state, inherited from struct tls_session. + * @see tls_multi::peer_id. + */ + uint32_t peer_id; + struct key_state_ssl ks_ssl; /* contains SSL object and BIOs for the control channel */ time_t initial; /* when we created this session */ @@ -241,6 +253,8 @@ struct key_state struct auth_deferred_status plugin_auth; struct auth_deferred_status script_auth; + + enum dco_key_status dco_status; }; /** Control channel wrapping (--tls-auth/--tls-crypt) context */ @@ -404,6 +418,8 @@ struct tls_options const char *ekm_label; size_t ekm_label_size; size_t ekm_size; + + bool dco_enabled; /**< Whether keys have to be installed in DCO or not */ }; /** @addtogroup control_processor @@ -636,6 +652,13 @@ struct tls_multi /**< Array of \c tls_session objects * representing control channel * sessions with the remote peer. */ + + /* Only used when DCO is used to remember how many keys we installed + * for this session */ + int dco_keys_installed; + bool dco_peer_added; + + dco_context_t *dco; }; /** gets an item of \c key_state objects in the From patchwork Wed Jul 20 02:32:49 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Antonio Quartulli X-Patchwork-Id: 2596 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director12.mail.ord1d.rsapps.net ([172.31.255.6]) by backend30.mail.ord1d.rsapps.net with LMTP id IGqVFxj212JnYQAAIUCqbw (envelope-from ) for ; Wed, 20 Jul 2022 08:33:28 -0400 Received: from proxy18.mail.iad3b.rsapps.net ([172.31.255.6]) by director12.mail.ord1d.rsapps.net with LMTP id MKxSFxj212IXGwAAIasKDg (envelope-from ) for ; Wed, 20 Jul 2022 08:33:28 -0400 Received: from smtp29.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy18.mail.iad3b.rsapps.net with LMTPS id OLPNDxj212JaDwAA3NpJmQ (envelope-from ) for ; Wed, 20 Jul 2022 08:33:28 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp29.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=unstable.cc X-Suspicious-Flag: YES X-Classification-ID: 274b357a-0828-11ed-9f5d-525400534f55-1-1 Received: from [216.105.38.7] ([216.105.38.7:40732] helo=lists.sourceforge.net) by smtp29.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 4B/94-01686-716F7D26; Wed, 20 Jul 2022 08:33:27 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1oE8sP-00053y-4b; Wed, 20 Jul 2022 12:32:29 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1oE8sN-00053k-Cg for openvpn-devel@lists.sourceforge.net; Wed, 20 Jul 2022 12:32:27 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:References: In-Reply-To:Message-Id:Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=URpBajGrQ01M9y2/P17H8GDMFkmaEqdOYvDGX8GlkZQ=; b=kRNp0IRQZSOoluUVCLc8m+ZjBB V9wfiwcLEkHBBMQgXhKe2yxUi2sXeAnFUEe5l9zXK4XFpMR7T16piFLFICZLeET1yyrpqCQI1OfMA wy3XAbDGTtNYNznsxNMAe51/NnYIg91+8/Vxgr/IpwVUEDs+lp+IBQUdhIZBexpeLQr4=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:References:In-Reply-To:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=URpBajGrQ01M9y2/P17H8GDMFkmaEqdOYvDGX8GlkZQ=; b=SKVw/+nujcSVO79MrOkmDYv24H exO8DttdZu3AT+HY6xcFiTivdCamSpQSmBm8n+0DV1E5/LquQGJXemJ0VQpIOod4LTUCYY3VxMk3x fesCgN60h2AFFNl/Y9vH85jawpYp0vQrTfaPQka9fFcWzdVZ9AuR1sgafu2RTvGw5yNs=; Received: from s2.neomailbox.net ([5.148.176.60]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.94.2) id 1oE8sL-004zug-FY for openvpn-devel@lists.sourceforge.net; Wed, 20 Jul 2022 12:32:27 +0000 From: Antonio Quartulli To: openvpn-devel@lists.sourceforge.net Date: Wed, 20 Jul 2022 14:32:49 +0200 Message-Id: <20220720123249.909-1-a@unstable.cc> In-Reply-To: <20220624083809.23487-10-a@unstable.cc> References: MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: The ovpn-dco kernel module needs to be informed about the keys to be used to encrypt/decrypt data traffic to/from a peer. Configure keys in DCO right afte they are generated by the SSL code, to avoid keeping them in memory longer than needed. Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1oE8sL-004zug-FY Subject: [Openvpn-devel] [PATCH v2 09/25] dco: configure keys in DCO right after generating them X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Antonio Quartulli Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox The ovpn-dco kernel module needs to be informed about the keys to be used to encrypt/decrypt data traffic to/from a peer. Configure keys in DCO right afte they are generated by the SSL code, to avoid keeping them in memory longer than needed. Signed-off-by: Antonio Quartulli --- Changes from v1: * adapt to new member name dco_enabled * invert if blocks and condition in init_key_contexts() [and use 'else'] * fix comment for init_key_contexts() * disable explicit-exit-notification in mutate_ce() when DCO is enabled src/openvpn/dco.c | 55 ++++++++++++++++++++++++++++++++ src/openvpn/dco.h | 29 +++++++++++++++++ src/openvpn/init.c | 11 ++++--- src/openvpn/multi.c | 2 +- src/openvpn/options.c | 10 ++++++ src/openvpn/ssl.c | 73 ++++++++++++++++++++++++++++++++----------- src/openvpn/ssl.h | 7 +++-- 7 files changed, 161 insertions(+), 26 deletions(-) diff --git a/src/openvpn/dco.c b/src/openvpn/dco.c index b3fd135f..0471e4d0 100644 --- a/src/openvpn/dco.c +++ b/src/openvpn/dco.c @@ -33,12 +33,67 @@ #if defined(ENABLE_DCO) #include "syshead.h" +#include "crypto.h" #include "dco.h" +#include "errlevel.h" #include "networking.h" +#include "openvpn.h" #include "options.h" +#include "ssl_common.h" #include "ssl_ncp.h" #include "tun.h" +static int +dco_install_key(struct tls_multi *multi, struct key_state *ks, + const uint8_t *encrypt_key, const uint8_t *encrypt_iv, + const uint8_t *decrypt_key, const uint8_t *decrypt_iv, + const char *ciphername) + +{ + msg(D_DCO_DEBUG, "%s: peer_id=%d keyid=%d", __func__, multi->peer_id, + ks->key_id); + + /* Install a key in the PRIMARY slot only when no other key exist. + * From that moment on, any new key will be installed in the SECONDARY + * slot and will be promoted to PRIMARY when userspace says so (a swap + * will be performed in that case) + */ + dco_key_slot_t slot = OVPN_KEY_SLOT_PRIMARY; + if (multi->dco_keys_installed > 0) + { + slot = OVPN_KEY_SLOT_SECONDARY; + } + + int ret = dco_new_key(multi->dco, multi->peer_id, ks->key_id, slot, + encrypt_key, encrypt_iv, + decrypt_key, decrypt_iv, + ciphername); + if ((ret == 0) && (multi->dco_keys_installed < 2)) + { + multi->dco_keys_installed++; + ks->dco_status = (slot == OVPN_KEY_SLOT_PRIMARY) ? DCO_INSTALLED_PRIMARY : + DCO_INSTALLED_SECONDARY; + } + + return ret; +} + +int +init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, + const struct key2 *key2, int key_direction, + const char *ciphername, bool server) +{ + struct key_direction_state kds; + key_direction_state_init(&kds, key_direction); + + return dco_install_key(multi, ks, + key2->keys[kds.out_key].cipher, + key2->keys[(int)server].hmac, + key2->keys[kds.in_key].cipher, + key2->keys[1 - (int)server].hmac, + ciphername); +} + static bool dco_check_option_conflict_platform(int msglevel, const struct options *o) { diff --git a/src/openvpn/dco.h b/src/openvpn/dco.h index 063e5028..1692f5c3 100644 --- a/src/openvpn/dco.h +++ b/src/openvpn/dco.h @@ -35,7 +35,10 @@ * order problems) */ struct event_set; +struct key2; +struct key_state; struct options; +struct tls_multi; struct tuntap; #define DCO_DEFAULT_METRIC 200 @@ -111,6 +114,24 @@ int dco_do_write(dco_context_t *dco, int peer_id, struct buffer *buf); */ void dco_event_set(dco_context_t *dco, struct event_set *es, void *arg); +/** + * Install the key material in DCO for the specified peer. + * The key is installed in the primary slot when no other key was yet installed. + * Any subsequent invocation will install the key in the secondary slot. + * + * @param multi the TLS context of the current instance + * @param ks the state of the key being installed + * @param key2 the container for the raw key material + * @param key_direction the key direction to be used to extract the material + * @param ciphername the name of the cipher to use the key with + * @param server whether we are running on a server instance or not + * + * @return 0 on success or a negative error code otherwise + */ +int init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, + const struct key2 *key2, int key_direction, + const char *ciphername, bool server); + #else /* if defined(ENABLE_DCO) */ typedef void *dco_context_t; @@ -163,5 +184,13 @@ dco_event_set(dco_context_t *dco, struct event_set *es, void *arg) { } +static inline int +init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, + const struct key2 *key2, int key_direction, + const char *ciphername, bool server) +{ + return 0; +} + #endif /* defined(ENABLE_DCO) */ #endif /* ifndef DCO_H */ diff --git a/src/openvpn/init.c b/src/openvpn/init.c index b6e1707f..338d797b 100644 --- a/src/openvpn/init.c +++ b/src/openvpn/init.c @@ -2226,8 +2226,9 @@ do_deferred_p2p_ncp(struct context *c) } #endif - if (!tls_session_update_crypto_params(session, &c->options, &c->c2.frame, - frame_fragment, get_link_socket_info(c))) + if (!tls_session_update_crypto_params(c->c2.tls_multi, session, &c->options, + &c->c2.frame, frame_fragment, + get_link_socket_info(c))) { msg(D_TLS_ERRORS, "ERROR: failed to set crypto cipher"); return false; @@ -2340,8 +2341,10 @@ do_deferred_options(struct context *c, const unsigned int found) #endif struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE]; - if (!tls_session_update_crypto_params(session, &c->options, &c->c2.frame, - frame_fragment, get_link_socket_info(c))) + if (!tls_session_update_crypto_params(c->c2.tls_multi, session, + &c->options, &c->c2.frame, + frame_fragment, + get_link_socket_info(c))) { msg(D_TLS_ERRORS, "OPTIONS ERROR: failed to import crypto options"); return false; diff --git a/src/openvpn/multi.c b/src/openvpn/multi.c index ba2f6d58..c72575ae 100644 --- a/src/openvpn/multi.c +++ b/src/openvpn/multi.c @@ -2286,7 +2286,7 @@ multi_client_generate_tls_keys(struct context *c) } #endif struct tls_session *session = &c->c2.tls_multi->session[TM_ACTIVE]; - if (!tls_session_update_crypto_params(session, &c->options, + if (!tls_session_update_crypto_params(c->c2.tls_multi, session, &c->options, &c->c2.frame, frame_fragment, get_link_socket_info(c))) { diff --git a/src/openvpn/options.c b/src/openvpn/options.c index 87d6fc31..dba9d02c 100644 --- a/src/openvpn/options.c +++ b/src/openvpn/options.c @@ -3194,6 +3194,16 @@ options_postprocess_mutate_ce(struct options *o, struct connection_entry *ce) ce->explicit_exit_notification = 0; } + /* when DCO is in use we can't send data channel packets. + * EEN needs to be re-implemented over the control channel in order + * to work. + */ + if (dco_enabled(o) && ce->explicit_exit_notification) + { + msg(M_WARN, "NOTICE: --explicit-exit-notify ignored when " + "data channel offload is in use"); + ce->explicit_exit_notification = 0; + } } #ifdef _WIN32 diff --git a/src/openvpn/ssl.c b/src/openvpn/ssl.c index 24d7f3f4..fc5a8587 100644 --- a/src/openvpn/ssl.c +++ b/src/openvpn/ssl.c @@ -63,6 +63,7 @@ #include "ssl_util.h" #include "auth_token.h" #include "mss.h" +#include "dco.h" #include "memdbg.h" @@ -1429,21 +1430,48 @@ openvpn_PRF(const uint8_t *secret, } static void -init_key_contexts(struct key_ctx_bi *key, +init_key_contexts(struct key_state *ks, + struct tls_multi *multi, const struct key_type *key_type, bool server, - struct key2 *key2) + struct key2 *key2, + bool dco_enabled) { + struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi; + /* Initialize key contexts */ int key_direction = server ? KEY_DIRECTION_INVERSE : KEY_DIRECTION_NORMAL; - init_key_ctx_bi(key, key2, key_direction, key_type, "Data Channel"); - /* Initialize implicit IVs */ - key_ctx_update_implicit_iv(&key->encrypt, key2->keys[(int)server].hmac, - MAX_HMAC_KEY_LENGTH); - key_ctx_update_implicit_iv(&key->decrypt, key2->keys[1 - (int)server].hmac, - MAX_HMAC_KEY_LENGTH); + if (dco_enabled) + { + if (key->encrypt.hmac) + { + msg(M_FATAL, "FATAL: DCO does not support --auth"); + } + + int ret = init_key_dco_bi(multi, ks, key2, key_direction, + key_type->cipher, server); + if (ret < 0) + { + msg(M_FATAL, "Impossible to install key material in DCO: %s", + strerror(-ret)); + } + /* encrypt/decrypt context are unused with DCO */ + CLEAR(key->encrypt); + CLEAR(key->decrypt); + key->initialized = true; + } + else + { + init_key_ctx_bi(key, key2, key_direction, key_type, "Data Channel"); + /* Initialize implicit IVs */ + key_ctx_update_implicit_iv(&key->encrypt, key2->keys[(int)server].hmac, + MAX_HMAC_KEY_LENGTH); + key_ctx_update_implicit_iv(&key->decrypt, + key2->keys[1 - (int)server].hmac, + MAX_HMAC_KEY_LENGTH); + } } static bool @@ -1519,9 +1547,10 @@ generate_key_expansion_openvpn_prf(const struct tls_session *session, struct key * master key. */ static bool -generate_key_expansion(struct key_ctx_bi *key, +generate_key_expansion(struct tls_multi *multi, struct key_state *ks, struct tls_session *session) { + struct key_ctx_bi *key = &ks->crypto_options.key_ctx_bi; bool ret = false; struct key2 key2; @@ -1562,7 +1591,9 @@ generate_key_expansion(struct key_ctx_bi *key, goto exit; } } - init_key_contexts(key, &session->opt->key_type, server, &key2); + + init_key_contexts(ks, multi, &session->opt->key_type, server, &key2, + session->opt->dco_enabled); ret = true; exit: @@ -1594,7 +1625,8 @@ key_ctx_update_implicit_iv(struct key_ctx *ctx, uint8_t *key, size_t key_len) * can thus be called only once per session. */ bool -tls_session_generate_data_channel_keys(struct tls_session *session) +tls_session_generate_data_channel_keys(struct tls_multi *multi, + struct tls_session *session) { bool ret = false; struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */ @@ -1607,7 +1639,7 @@ tls_session_generate_data_channel_keys(struct tls_session *session) ks->crypto_options.flags = session->opt->crypto_flags; - if (!generate_key_expansion(&ks->crypto_options.key_ctx_bi, session)) + if (!generate_key_expansion(multi, ks, session)) { msg(D_TLS_ERRORS, "TLS Error: generate_key_expansion failed"); goto cleanup; @@ -1625,8 +1657,10 @@ cleanup: } bool -tls_session_update_crypto_params_do_work(struct tls_session *session, - struct options *options, struct frame *frame, +tls_session_update_crypto_params_do_work(struct tls_multi *multi, + struct tls_session *session, + struct options *options, + struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi) { @@ -1669,11 +1703,12 @@ tls_session_update_crypto_params_do_work(struct tls_session *session, frame_print(frame_fragment, D_MTU_INFO, "Fragmentation MTU parms"); } - return tls_session_generate_data_channel_keys(session); + return tls_session_generate_data_channel_keys(multi, session); } bool -tls_session_update_crypto_params(struct tls_session *session, +tls_session_update_crypto_params(struct tls_multi *multi, + struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi) @@ -1695,8 +1730,8 @@ tls_session_update_crypto_params(struct tls_session *session, /* Import crypto settings that might be set by pull/push */ session->opt->crypto_flags |= options->data_channel_crypto_flags; - return tls_session_update_crypto_params_do_work(session, options, frame, - frame_fragment, lsi); + return tls_session_update_crypto_params_do_work(multi, session, options, + frame, frame_fragment, lsi); } @@ -3092,7 +3127,7 @@ tls_multi_process(struct tls_multi *multi, /* Session is now fully authenticated. * tls_session_generate_data_channel_keys will move ks->state * from S_ACTIVE to S_GENERATED_KEYS */ - if (!tls_session_generate_data_channel_keys(session)) + if (!tls_session_generate_data_channel_keys(multi, session)) { msg(D_TLS_ERRORS, "TLS Error: generate_key_expansion failed"); ks->authenticated = KS_AUTH_FALSE; diff --git a/src/openvpn/ssl.h b/src/openvpn/ssl.h index c8802707..76b1b674 100644 --- a/src/openvpn/ssl.h +++ b/src/openvpn/ssl.h @@ -426,6 +426,7 @@ void tls_update_remote_addr(struct tls_multi *multi, * channel keys based on the supplied options. Does nothing if keys are already * generated. * + * @param multi The TLS object for this instance. * @param session The TLS session to update. * @param options The options to use when updating session. * @param frame The frame options for this session (frame overhead is @@ -436,7 +437,8 @@ void tls_update_remote_addr(struct tls_multi *multi, * * @return true if updating succeeded or keys are already generated, false otherwise. */ -bool tls_session_update_crypto_params(struct tls_session *session, +bool tls_session_update_crypto_params(struct tls_multi *multi, + struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, @@ -551,7 +553,8 @@ show_available_tls_ciphers(const char *cipher_list, * can thus be called only once per session. */ bool -tls_session_generate_data_channel_keys(struct tls_session *session); +tls_session_generate_data_channel_keys(struct tls_multi *multi, + struct tls_session *session); /** * Load ovpn.xkey provider used for external key signing