From patchwork Thu Aug 15 03:19:31 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "cron2 (Code Review)" X-Patchwork-Id: 3788 Return-Path: Delivered-To: patchwork@openvpn.net Received: by 2002:a05:7000:77d2:b0:5a1:d4fc:4ac6 with SMTP id r18csp1162525mau; Wed, 14 Aug 2024 20:20:22 -0700 (PDT) X-Forwarded-Encrypted: i=2; AJvYcCXLcisTAzltRnw03jbD/bQ6qlNvPouNbfCCCFcsLNmFesWlhhxzF5jFkI3VcloBG+d5+ipjZezMn30rM2DoUGB3tVe2Tjc= X-Google-Smtp-Source: AGHT+IET+udhZ/FRfCHeuHKabdAPagPZXGM3hw3B5WxXLewtTJeQ0hVDHcplt3BDSLBmb9io/uIS X-Received: by 2002:a05:6a20:432b:b0:1c0:e263:77dd with SMTP id adf61e73a8af0-1c8f9f65503mr899035637.1.1723692022121; Wed, 14 Aug 2024 20:20:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1723692022; cv=none; d=google.com; s=arc-20160816; b=H3KSHY7L0qKt2nwjjeV1x+u/kyFwczj3HjLE66sM5Vlhe9Rim6nx2bKZVpKDOw0Zu3 qF8fbuWUMdhc/9ZlFEPlbrLTMA+zKeRb0P9/BMIIYd3BcyDcSdusIMSZrM6onwVMw0wW IvrKkzzQREYa8+5RvaIXBUNeyOCFBhyBm0DwUB+GG6aA+4k1ozB44xAJf7Vn10Jgscn6 4cF9mdSx25/O5LdSZ0XGN4ZAiVuBrSVlxyehAXZuhHKMy5LqVMzj39iR39Ij6R/gQn3w /WXe30cXM9OTwruFshJwS5RGHzCopm/S2h+YVS/mZVpOA9Wk8HKxj3L9MEfPKkLag7Im RFLQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:cc:reply-to:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence:subject:user-agent :mime-version:message-id:references:auto-submitted:to:date:from :dkim-signature:dkim-signature:dkim-signature; bh=UQavfsbfuUO41WhT4pgxCoIkIlm6oufx0OcT2zS94vU=; fh=U7wEyxtwz2o5+UdevFSA47vNeG9knhWH0KV//QhD5a0=; b=g7vK0uJ84vbHykFSny/Hx8k/wl6v/JbxEIa3iJeUMA3CCdeYcpM5KhsDh6FIA4r9l2 pY9jLA4Xr6xLO3/JuOs7aSklVLVzLm8Y5TvxYTPKm92FGoJDVYB+2ZAlYZ954Gj9e33r VGForBsKcLFtbwRXhLPCUwlsb1GXzzp2Hxx52HC4Qc9PZf2LWEnFx+MQHpOJv+dqGh92 RnHEyIdd+tboZewOqqpGCxxxRKNaWfGxayy/C8QUendSPHR2BnI9wecEOu0P6PDxkwgY 34EugA0g6jFFje/19k1ysYtu/6d41vAT+LH/qg078rtMD4PL8r+oE3z3snMJdX629fkU 552Q==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=XONWNuu6; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aGzex3xc; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=EXB7tc02; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from lists.sourceforge.net (lists.sourceforge.net. [216.105.38.7]) by mx.google.com with ESMTPS id 41be03b00d2f7-7c6b638b90bsi518980a12.633.2024.08.14.20.20.21 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Wed, 14 Aug 2024 20:20:22 -0700 (PDT) Received-SPF: pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) client-ip=216.105.38.7; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@sourceforge.net header.s=x header.b=XONWNuu6; dkim=neutral (body hash did not verify) header.i=@sf.net header.s=x header.b=aGzex3xc; dkim=neutral (body hash did not verify) header.i=@openvpn.net header.s=google header.b=EXB7tc02; spf=pass (google.com: domain of openvpn-devel-bounces@lists.sourceforge.net designates 216.105.38.7 as permitted sender) smtp.mailfrom=openvpn-devel-bounces@lists.sourceforge.net; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=openvpn.net; dara=fail header.i=@openvpn.net Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.95) (envelope-from ) id 1seR1h-0007B0-7n; Thu, 15 Aug 2024 03:19:49 +0000 Received: from [172.30.29.66] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from ) id 1seR1Y-0007AK-78 for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2024 03:19:40 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Type:Content-Transfer-Encoding:MIME-Version :Message-ID:Reply-To:References:Subject:List-Unsubscribe:List-Id:Cc:To:Date: From:Sender:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help: List-Subscribe:List-Post:List-Owner:List-Archive; bh=xwogmrqCVeTT9W+XUrwHnjLXmefxfblJNrCRWWw1zCs=; b=XONWNuu6lT5udlLlT8AJOMfgwn mdBwkepcMUhmYt1zYeAAglq6vIlC1AXiCloICieyNKJ0YhH1YXDWSMHOS0VQyvpxjWn9vPPl0k2Ej jkBRbly7/kVd6C+mMq/mqCQRve+KH9ZcQ3ntx32JHdC+GNaLG+T7pMf0VyJ9sYKonmXM=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Type:Content-Transfer-Encoding:MIME-Version:Message-ID:Reply-To: References:Subject:List-Unsubscribe:List-Id:Cc:To:Date:From:Sender:Content-ID :Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To: Resent-Cc:Resent-Message-ID:In-Reply-To:List-Help:List-Subscribe:List-Post: List-Owner:List-Archive; bh=xwogmrqCVeTT9W+XUrwHnjLXmefxfblJNrCRWWw1zCs=; b=a Gzex3xccyu4tKU0HmOGiDP9/C7fpb72Rsn5VzDj/FlkuTETz9B6u7fe9qt2+jso2VvTdUuzkFnyTA GmAI8Tgf3eIFg0HU0qKv9ywxy+yWnl6POgYdTyyIfzHG5wxPIhLjdJYso4T6J5Ko2x59NRYrWUMTz CtOXtgDaaTYFGdVk=; Received: from mail-wr1-f41.google.com ([209.85.221.41]) by sfi-mx-2.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.95) id 1seR1X-0000ao-7B for openvpn-devel@lists.sourceforge.net; Thu, 15 Aug 2024 03:19:40 +0000 Received: by mail-wr1-f41.google.com with SMTP id ffacd0b85a97d-36ba3b06186so284789f8f.2 for ; Wed, 14 Aug 2024 20:19:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=openvpn.net; s=google; t=1723691972; x=1724296772; darn=lists.sourceforge.net; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from:from:to:cc :subject:date:message-id:reply-to; bh=xwogmrqCVeTT9W+XUrwHnjLXmefxfblJNrCRWWw1zCs=; b=EXB7tc020yS1J+wxY520xS+1Gsbs2CT1krIxiFVVZr3/3AvPk7t5AzkqwMviYpp93b hzGTBo/6gOFx4NRHvTrLojmv7X+9pXd21pJeMMLSeeTPurJJPif6FitNGEyCh52Z580O EQK8n9Kt6gE8T7XqRz678DDCcb/QjZ338jo5tKevSKnoqzfJ2HdXkyTg691r5U6hhAJQ cPfvdgpxltnHSC+EguO2Rfhj+/KXQ+ZeWnNseH2/8Ga+H3Fz5aXNescsbokRQwmVG5PM TRLkZo0uqCrt5fLiY7f+lhkaf+v4ak844S615qxpYj7SBRpZHCGzxATdjX/dwFUTcalg RQRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1723691972; x=1724296772; h=user-agent:content-disposition:content-transfer-encoding :mime-version:message-id:reply-to:references:subject :list-unsubscribe:list-id:auto-submitted:cc:to:date:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=xwogmrqCVeTT9W+XUrwHnjLXmefxfblJNrCRWWw1zCs=; b=qcK/Le/dSXllCS5BE3zEDABLSnOjVELJIGG4E6N5zKuJ9K48ApwXLI50FNFZIc6tQA zRrCIyDjb0ue1rDvhGObn3jvptdvu4NykELdCSF48Zfw1YZ2zzo8nzae0EWMpIIhfQna 5CE1fUjsopZ8ZsCneNFoetLnnLtIANUMKzsR1CZdr3Vj08/5bRvHYesX+DExVFQufKbG TYCamwzkCLQptbwb6Xmng8PjRoReCJF6GRA3wgUKkw5Fx6jIRUaaO6AWS9vbjYLGsfUC mxU/nYtwX6U7sgCPd9nCcmwmWeCcooqGmxBU8hhXAy2MFu4Mo/i7oFIclj4O6ujTcRgQ RHzg== X-Gm-Message-State: AOJu0Yx/tARDBa/nPp4ITOB2UZbRTN2FEpcWFJjUUtmRW75zD01MJsSL dRg/jvhvIObIuhApluQBLCrJ5PONUAWFQvSnDcw5lH0tLyiFWe0Oy8VyYXteMRk= X-Received: by 2002:a5d:5847:0:b0:371:8a74:4170 with SMTP id ffacd0b85a97d-3718a744330mr448263f8f.24.1723691972343; Wed, 14 Aug 2024 20:19:32 -0700 (PDT) Received: from gerrit.openvpn.in (ec2-18-159-0-78.eu-central-1.compute.amazonaws.com. [18.159.0.78]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-429ded720eesm35934225e9.33.2024.08.14.20.19.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 14 Aug 2024 20:19:31 -0700 (PDT) From: "selvanair (Code Review)" X-Google-Original-From: "selvanair (Code Review)" X-Gerrit-PatchSet: 1 Date: Thu, 15 Aug 2024 03:19:31 +0000 To: plaisthos , flichtenheld Auto-Submitted: auto-generated X-Gerrit-MessageType: newchange X-Gerrit-Change-Id: Ic6d63a319d272a56ac0e278f1356bc5241b56a34 X-Gerrit-Change-Number: 727 X-Gerrit-Project: openvpn X-Gerrit-ChangeURL: X-Gerrit-Commit: ec298dd973b197dbb8aa31c51c9e41fc055e270a References: Message-ID: MIME-Version: 1.0 User-Agent: Gerrit/3.8.2 X-Spam-Score: -0.2 (/) X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit Content analysis details: (-0.2 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 RCVD_IN_VALIDITY_CERTIFIED_BLOCKED RBL: ADMINISTRATOR NOTICE: The query to Validity was blocked. See https://knowledge.validity.com/hc/en-us/articles/20961730681243 for more information. [209.85.221.41 listed in sa-trusted.bondedsender.org] 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: openvpn.net] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.221.41 listed in wl.mailspike.net] 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record -0.0 SPF_PASS SPF: sender matches SPF record 0.0 WEIRD_PORT URI: Uses non-standard port number for HTTP 0.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.0 T_KAM_HTML_FONT_INVALID Test for Invalidly Named or Formatted Colors in HTML -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1seR1X-0000ao-7B Subject: [Openvpn-devel] [S] Change in openvpn[master]: proxy.c: Clear sensitive data after use X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: selva.nair@gmail.com, arne-openvpn@rfc2549.org, openvpn-devel@lists.sourceforge.net, frank@lichtenheld.com Cc: openvpn-devel Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox X-GMAIL-THRID: =?utf-8?q?1807422085484541088?= X-GMAIL-MSGID: =?utf-8?q?1807422085484541088?= X-getmail-filter-classifier: gerrit message type newchange Attention is currently required from: flichtenheld, plaisthos. Hello plaisthos, flichtenheld, I'd like you to do a code review. Please visit http://gerrit.openvpn.net/c/openvpn/+/727?usp=email to review the following change. Change subject: proxy.c: Clear sensitive data after use ...................................................................... proxy.c: Clear sensitive data after use Usage of credentials is a bit odd in this file. Actually the copy of "struct user_pass" kept in p->up is not required at all. It just defeats the purpose of auth-nocahe as it never gets cleared. Removing it is beyond the scope of this patch -- we just ensure it's purged after use. Change-Id: Ic6d63a319d272a56ac0e278f1356bc5241b56a34 --- M src/openvpn/proxy.c 1 file changed, 10 insertions(+), 1 deletion(-) git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/27/727/1 diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c index 5de0da4..eddacc9 100644 --- a/src/openvpn/proxy.c +++ b/src/openvpn/proxy.c @@ -247,7 +247,9 @@ struct buffer out = alloc_buf_gc(strlen(p->up.username) + strlen(p->up.password) + 2, gc); ASSERT(strlen(p->up.username) > 0); buf_printf(&out, "%s:%s", p->up.username, p->up.password); - return (const char *)make_base64_string((const uint8_t *)BSTR(&out), gc); + char *ret = (char *)make_base64_string((const uint8_t *)BSTR(&out), gc); + secure_memzero(BSTR(&out), out.len); + return ret; } static void @@ -736,6 +738,9 @@ ASSERT(0); } + /* clear any sensitive content in buf */ + secure_memzero(buf, sizeof(buf)); + /* send empty CR, LF */ if (!send_crlf(sd)) { @@ -983,6 +988,8 @@ { goto error; } + /* clear any sensitive content in buf */ + secure_memzero(buf, sizeof(buf)); /* receive reply from proxy */ if (!recv_line(sd, buf, sizeof(buf), get_server_poll_remaining_time(server_poll_timeout), true, NULL, signal_received)) @@ -1086,10 +1093,12 @@ #endif done: + purge_user_pass(&p->up, true); gc_free(&gc); return ret; error: + purge_user_pass(&p->up, true); register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- HTTP proxy error */ gc_free(&gc); return ret;