From patchwork Thu May 7 03:25:34 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Arne Schwabe X-Patchwork-Id: 1102 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.27.255.59]) by backend30.mail.ord1d.rsapps.net with LMTP id mDo1DKAMtF6YAQAAIUCqbw for ; Thu, 07 May 2020 09:26:56 -0400 Received: from proxy4.mail.iad3a.rsapps.net ([172.27.255.59]) by director7.mail.ord1d.rsapps.net with LMTP id eP5DCaAMtF6fJAAAovjBpQ ; Thu, 07 May 2020 09:26:56 -0400 Received: from smtp21.gate.iad3a ([172.27.255.59]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy4.mail.iad3a.rsapps.net with LMTP id UI9QAqAMtF6lRQAA8Zvu4w ; Thu, 07 May 2020 09:26:56 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp21.gate.iad3a.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dmarc=none (p=nil; dis=none) header.from=rfc2549.org X-Suspicious-Flag: YES X-Classification-ID: 6b07eefc-9066-11ea-8c86-525400e75841-1-1 Received: from [216.105.38.7] ([216.105.38.7:53454] helo=lists.sourceforge.net) by smtp21.gate.iad3a.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 0F/9F-23431-F9C04BE5; Thu, 07 May 2020 09:26:55 -0400 Received: from [127.0.0.1] (helo=sfs-ml-1.v29.lw.sourceforge.com) by sfs-ml-1.v29.lw.sourceforge.com with esmtp (Exim 4.90_1) (envelope-from ) id 1jWgXI-0004A0-K7; Thu, 07 May 2020 13:26:00 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-1.v29.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.90_1) (envelope-from ) id 1jWgXH-00049b-1X for openvpn-devel@lists.sourceforge.net; Thu, 07 May 2020 13:25:59 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=References:In-Reply-To:Message-Id:Date:Subject:To: From:Sender:Reply-To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=C8qxK472a9u95oxeV+Sb5Do0fedWmH1Em+K8N9IRMt4=; b=AVvUw528NcqoNnfuqAOFEcI2hU KFK8qK8bvJ3N7MZK/KmFWrV3mnoRX/8JCml+miI+bvnZS2e9PcQWjZECz5f5J+BpY3Egk41tPzqpB TY2rdprCKn2lccvpZZumqUJdlz2LOJOh0/kuy9F46XL1yXdJm97CdbLc1FwX3MfY+5yY=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=References:In-Reply-To:Message-Id:Date:Subject:To:From:Sender:Reply-To:Cc :MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=C8qxK472a9u95oxeV+Sb5Do0fedWmH1Em+K8N9IRMt4=; b=klrivdUbGk1wx2HoxnkEBxWNfd bj+eRWuN9VY6IEURg51KCyk0yeC4GRYdoTFY+zWiwbF36S7EFWCy8CJuuWiXtooxbVohNS03ms8s3 8Hc/grhcRK55rvvJHGfOnY9OZ12m9q54VzgTzqf328uLbXD0sMLrnQCt+rfgOLUWR0ns=; Received: from mail.blinkt.de ([192.26.174.232]) by sfi-mx-4.v28.lw.sourceforge.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.92.2) id 1jWgXE-00EEov-Nt for openvpn-devel@lists.sourceforge.net; Thu, 07 May 2020 13:25:58 +0000 Received: from kamera.blinkt.de ([2001:638:502:390:20c:29ff:fec8:535c]) by mail.blinkt.de with smtp (Exim 4.92.3 (FreeBSD)) (envelope-from ) id 1jWgWt-0002vP-2H for openvpn-devel@lists.sourceforge.net; Thu, 07 May 2020 15:25:35 +0200 Received: (nullmailer pid 6425 invoked by uid 10006); Thu, 07 May 2020 13:25:34 -0000 From: Arne Schwabe To: openvpn-devel@lists.sourceforge.net Date: Thu, 7 May 2020 15:25:34 +0200 Message-Id: <20200507132534.6380-1-arne@rfc2549.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <5e8d7dc1-b8da-49ca-e757-4e45b7267d42@karger.me> References: <5e8d7dc1-b8da-49ca-e757-4e45b7267d42@karger.me> X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.2 HEADER_FROM_DIFFERENT_DOMAINS From and EnvelopeFrom 2nd level mail domains are different 0.0 SPF_NONE SPF: sender does not publish an SPF Record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-Headers-End: 1jWgXE-00EEov-Nt Subject: [Openvpn-devel] [PATCH v4] Do not write extra 0 byte for --gen-key with auth-token/tls-crypt-v2 X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox Change crypto_pem_encode to not put a nul-terminated terminated string into the buffer. This was useful for printf but should not be written into the file. Instead do not assume that the buffer is null terminated and print only the number of bytes in the buffer. Also fix a similar case in printing static key where the 0 byte was never added to the buffer Patch V2: make pem_encode behave more like other similar functions in OpenVPN and do not null terminate. Patch V3: also make the mbed TLS variant of pem_decode behave like other similar functions in OpeNVPN and accept a not null-terminated buffer. Patch V4: The newly introduced unit test test_tls_crypt_v2_write_client_key_file_metadata was added after the V3 version of the patch and now misses the strlen with memcmp replacment that were added to test_tls_crypt_v2_write_client_key_file. Also add the modifictions to this function. Unconditionally allocate buffer in mbed TLS path as requested by Steffan. Signed-off-by: Arne Schwabe Acked-by: Steffan Karger --- src/openvpn/crypto.c | 4 ++-- src/openvpn/crypto_mbedtls.c | 19 ++++++++++++------- src/openvpn/crypto_openssl.c | 3 +-- src/openvpn/tls_crypt.c | 2 +- tests/unit_tests/openvpn/test_tls_crypt.c | 9 ++++++--- 5 files changed, 22 insertions(+), 15 deletions(-) diff --git a/src/openvpn/crypto.c b/src/openvpn/crypto.c index 1678cba8..b05262e1 100644 --- a/src/openvpn/crypto.c +++ b/src/openvpn/crypto.c @@ -1478,7 +1478,7 @@ write_key_file(const int nkeys, const char *filename) /* write key file to stdout if no filename given */ if (!filename || strcmp(filename, "")==0) { - printf("%s\n", BPTR(&out)); + printf("%.*s\n", BLEN(&out), BPTR(&out)); } /* write key file, now formatted in out, to file */ else if (!buffer_write_file(filename, &out)) @@ -1887,7 +1887,7 @@ write_pem_key_file(const char *filename, const char *pem_name) if (!filename || strcmp(filename, "")==0) { - printf("%s\n", BPTR(&server_key_pem)); + printf("%.*s", BLEN(&server_key_pem), BPTR(&server_key_pem)); } else if (!buffer_write_file(filename, &server_key_pem)) { diff --git a/src/openvpn/crypto_mbedtls.c b/src/openvpn/crypto_mbedtls.c index 3e77fa9e..b6458abf 100644 --- a/src/openvpn/crypto_mbedtls.c +++ b/src/openvpn/crypto_mbedtls.c @@ -239,10 +239,12 @@ crypto_pem_encode(const char *name, struct buffer *dst, return false; } + /* We set the size buf to out_len-1 to NOT include the 0 byte that + * mbedtls_pem_write_buffer in its length calculation */ *dst = alloc_buf_gc(out_len, gc); if (!mbed_ok(mbedtls_pem_write_buffer(header, footer, BPTR(src), BLEN(src), BPTR(dst), BCAP(dst), &out_len)) - || !buf_inc_len(dst, out_len)) + || !buf_inc_len(dst, out_len-1)) { CLEAR(*dst); return false; @@ -259,11 +261,6 @@ crypto_pem_decode(const char *name, struct buffer *dst, char header[1000+1] = { 0 }; char footer[1000+1] = { 0 }; - if (*(BLAST(src)) != '\0') - { - msg(M_WARN, "PEM decode error: source buffer not null-terminated"); - return false; - } if (!openvpn_snprintf(header, sizeof(header), "-----BEGIN %s-----", name)) { return false; @@ -273,9 +270,16 @@ crypto_pem_decode(const char *name, struct buffer *dst, return false; } + /* mbed TLS requires the src to be null-terminated */ + /* allocate a new buffer to avoid modifying the src buffer */ + struct gc_arena gc = gc_new(); + struct buffer input = alloc_buf_gc(BLEN(src) + 1, &gc); + buf_copy(&input, src); + buf_null_terminate(&input); + size_t use_len = 0; mbedtls_pem_context ctx = { 0 }; - bool ret = mbed_ok(mbedtls_pem_read_buffer(&ctx, header, footer, BPTR(src), + bool ret = mbed_ok(mbedtls_pem_read_buffer(&ctx, header, footer, BPTR(&input), NULL, 0, &use_len)); if (ret && !buf_write(dst, ctx.buf, ctx.buflen)) { @@ -284,6 +288,7 @@ crypto_pem_decode(const char *name, struct buffer *dst, } mbedtls_pem_free(&ctx); + gc_free(&gc); return ret; } diff --git a/src/openvpn/crypto_openssl.c b/src/openvpn/crypto_openssl.c index a81dcfd8..4fa65ba8 100644 --- a/src/openvpn/crypto_openssl.c +++ b/src/openvpn/crypto_openssl.c @@ -400,9 +400,8 @@ crypto_pem_encode(const char *name, struct buffer *dst, BUF_MEM *bptr; BIO_get_mem_ptr(bio, &bptr); - *dst = alloc_buf_gc(bptr->length + 1, gc); + *dst = alloc_buf_gc(bptr->length, gc); ASSERT(buf_write(dst, bptr->data, bptr->length)); - buf_null_terminate(dst); ret = true; cleanup: diff --git a/src/openvpn/tls_crypt.c b/src/openvpn/tls_crypt.c index e9f9cc2a..3018c18e 100644 --- a/src/openvpn/tls_crypt.c +++ b/src/openvpn/tls_crypt.c @@ -702,7 +702,7 @@ tls_crypt_v2_write_client_key_file(const char *filename, if (!filename || streq(filename, "")) { - printf("%s\n", BPTR(&client_key_pem)); + printf("%.*s\n", BLEN(&client_key_pem), BPTR(&client_key_pem)); client_filename = INLINE_FILE_TAG; client_inline = (const char *)BPTR(&client_key_pem); } diff --git a/tests/unit_tests/openvpn/test_tls_crypt.c b/tests/unit_tests/openvpn/test_tls_crypt.c index 8406d89d..28bebb6e 100644 --- a/tests/unit_tests/openvpn/test_tls_crypt.c +++ b/tests/unit_tests/openvpn/test_tls_crypt.c @@ -548,7 +548,8 @@ test_tls_crypt_v2_write_server_key_file(void **state) const char *filename = "testfilename.key"; expect_string(__wrap_buffer_write_file, filename, filename); - expect_string(__wrap_buffer_write_file, pem, test_server_key); + expect_memory(__wrap_buffer_write_file, pem, test_server_key, + strlen(test_server_key)); will_return(__wrap_buffer_write_file, true); tls_crypt_v2_write_server_key_file(filename); @@ -561,7 +562,8 @@ test_tls_crypt_v2_write_client_key_file(void **state) /* Test writing the client key */ expect_string(__wrap_buffer_write_file, filename, filename); - expect_string(__wrap_buffer_write_file, pem, test_client_key); + expect_memory(__wrap_buffer_write_file, pem, test_client_key, + strlen(test_client_key)); will_return(__wrap_buffer_write_file, true); /* Key generation re-reads the created file as a sanity check */ @@ -580,7 +582,8 @@ test_tls_crypt_v2_write_client_key_file_metadata(void **state) /* Test writing the client key */ expect_string(__wrap_buffer_write_file, filename, filename); - expect_string(__wrap_buffer_write_file, pem, test_client_key_metadata); + expect_memory(__wrap_buffer_write_file, pem, test_client_key_metadata, + strlen(test_client_key_metadata)); will_return(__wrap_buffer_write_file, true); /* Key generation re-reads the created file as a sanity check */