OpenVPN
ssl_verify.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2017 OpenVPN Technologies, Inc. <sales@openvpn.net>
9  * Copyright (C) 2010-2017 Fox Crypto B.V. <openvpn@fox-it.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License version 2
13  * as published by the Free Software Foundation.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  */
24 
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #elif defined(_MSC_VER)
32 #include "config-msvc.h"
33 #endif
34 
35 #include "syshead.h"
36 
37 #ifdef ENABLE_CRYPTO
38 
39 #include "misc.h"
40 #include "manage.h"
41 #include "otime.h"
42 #include "base64.h"
43 #include "ssl_verify.h"
44 #include "ssl_verify_backend.h"
45 
46 #ifdef ENABLE_CRYPTO_OPENSSL
47 #include "ssl_verify_openssl.h"
48 #endif
49 
51 #define TLS_USERNAME_LEN 64
52 
54 #define X509_NAME_CHAR_CLASS (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_SLASH|CC_COLON|CC_EQUAL)
55 
57 #define COMMON_NAME_CHAR_CLASS (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_SLASH)
58 
59 static void
60 string_mod_remap_name(char *str, const unsigned int restrictive_flags)
61 {
64  {
65  string_mod(str, restrictive_flags, 0, '_');
66  }
67  else
68  {
69  string_mod(str, CC_PRINT, CC_CRLF, '_');
70  }
71 }
72 
73 /*
74  * Export the untrusted IP address and port to the environment
75  */
76 static void
78 {
79  setenv_link_socket_actual(session->opt->es, "untrusted", &session->untrusted_addr, SA_IP_PORT);
80 }
81 
82 
88 static void
89 wipe_auth_token(struct tls_multi *multi)
90 {
91  if(multi)
92  {
93  if (multi->auth_token)
94  {
96  free(multi->auth_token);
97  }
98  multi->auth_token = NULL;
99  multi->auth_token_sent = false;
100  }
101 }
102 
103 
104 /*
105  * Remove authenticated state from all sessions in the given tunnel
106  */
107 static void
109 {
110  if (multi)
111  {
112  wipe_auth_token(multi);
113  for (int i = 0; i < TM_SIZE; ++i)
114  {
115  for (int j = 0; j < KS_SIZE; ++j)
116  {
117  multi->session[i].key[j].authenticated = false;
118  }
119  }
120  }
121 }
122 
123 /*
124  * Set the given session's common_name
125  */
126 static void
127 set_common_name(struct tls_session *session, const char *common_name)
128 {
129  if (session->common_name)
130  {
131  free(session->common_name);
132  session->common_name = NULL;
133 #ifdef ENABLE_PF
134  session->common_name_hashval = 0;
135 #endif
136  }
137  if (common_name)
138  {
139  /* FIXME: Last alloc will never be freed */
140  session->common_name = string_alloc(common_name, NULL);
141 #ifdef ENABLE_PF
142  {
143  const uint32_t len = (uint32_t) strlen(common_name);
144  if (len)
145  {
146  session->common_name_hashval = hash_func((const uint8_t *)common_name, len+1, 0);
147  }
148  else
149  {
150  session->common_name_hashval = 0;
151  }
152  }
153 #endif
154  }
155 }
156 
157 /*
158  * Retrieve the common name for the given tunnel's active session. If the
159  * common name is NULL or empty, return NULL if null is true, or "UNDEF" if
160  * null is false.
161  */
162 const char *
163 tls_common_name(const struct tls_multi *multi, const bool null)
164 {
165  const char *ret = NULL;
166  if (multi)
167  {
168  ret = multi->session[TM_ACTIVE].common_name;
169  }
170  if (ret && strlen(ret))
171  {
172  return ret;
173  }
174  else if (null)
175  {
176  return NULL;
177  }
178  else
179  {
180  return "UNDEF";
181  }
182 }
183 
184 /*
185  * Lock the common name for the given tunnel.
186  */
187 void
189 {
190  const char *cn = multi->session[TM_ACTIVE].common_name;
191  if (cn && !multi->locked_cn)
192  {
193  multi->locked_cn = string_alloc(cn, NULL);
194  }
195 }
196 
197 /*
198  * Lock the username for the given tunnel
199  */
200 static bool
201 tls_lock_username(struct tls_multi *multi, const char *username)
202 {
203  if (multi->locked_username)
204  {
205  if (!username || strcmp(username, multi->locked_username))
206  {
207  msg(D_TLS_ERRORS, "TLS Auth Error: username attempted to change from '%s' to '%s' -- tunnel disabled",
208  multi->locked_username,
209  np(username));
210 
211  /* disable the tunnel */
212  tls_deauthenticate(multi);
213  return false;
214  }
215  }
216  else
217  {
218  if (username)
219  {
220  multi->locked_username = string_alloc(username, NULL);
221  }
222  }
223  return true;
224 }
225 
226 const char *
227 tls_username(const struct tls_multi *multi, const bool null)
228 {
229  const char *ret = NULL;
230  if (multi)
231  {
232  ret = multi->locked_username;
233  }
234  if (ret && strlen(ret))
235  {
236  return ret;
237  }
238  else if (null)
239  {
240  return NULL;
241  }
242  else
243  {
244  return "UNDEF";
245  }
246 }
247 
248 void
249 cert_hash_remember(struct tls_session *session, const int error_depth,
250  const struct buffer *cert_hash)
251 {
252  if (error_depth >= 0 && error_depth < MAX_CERT_DEPTH)
253  {
254  if (!session->cert_hash_set)
255  {
256  ALLOC_OBJ_CLEAR(session->cert_hash_set, struct cert_hash_set);
257  }
258  if (!session->cert_hash_set->ch[error_depth])
259  {
260  ALLOC_OBJ(session->cert_hash_set->ch[error_depth], struct cert_hash);
261  }
262 
263  struct cert_hash *ch = session->cert_hash_set->ch[error_depth];
264  ASSERT(sizeof(ch->sha256_hash) == BLEN(cert_hash));
265  memcpy(ch->sha256_hash, BPTR(cert_hash), sizeof(ch->sha256_hash));
266  }
267 }
268 
269 void
271 {
272  if (chs)
273  {
274  int i;
275  for (i = 0; i < MAX_CERT_DEPTH; ++i)
276  {
277  free(chs->ch[i]);
278  }
279  free(chs);
280  }
281 }
282 
283 bool
284 cert_hash_compare(const struct cert_hash_set *chs1, const struct cert_hash_set *chs2)
285 {
286  if (chs1 && chs2)
287  {
288  int i;
289  for (i = 0; i < MAX_CERT_DEPTH; ++i)
290  {
291  const struct cert_hash *ch1 = chs1->ch[i];
292  const struct cert_hash *ch2 = chs2->ch[i];
293 
294  if (!ch1 && !ch2)
295  {
296  continue;
297  }
298  else if (ch1 && ch2 && !memcmp(ch1->sha256_hash, ch2->sha256_hash,
299  sizeof(ch1->sha256_hash)))
300  {
301  continue;
302  }
303  else
304  {
305  return false;
306  }
307  }
308  return true;
309  }
310  else if (!chs1 && !chs2)
311  {
312  return true;
313  }
314  else
315  {
316  return false;
317  }
318 }
319 
320 static struct cert_hash_set *
321 cert_hash_copy(const struct cert_hash_set *chs)
322 {
323  struct cert_hash_set *dest = NULL;
324  if (chs)
325  {
326  int i;
327  ALLOC_OBJ_CLEAR(dest, struct cert_hash_set);
328  for (i = 0; i < MAX_CERT_DEPTH; ++i)
329  {
330  const struct cert_hash *ch = chs->ch[i];
331  if (ch)
332  {
333  ALLOC_OBJ(dest->ch[i], struct cert_hash);
334  memcpy(dest->ch[i]->sha256_hash, ch->sha256_hash,
335  sizeof(dest->ch[i]->sha256_hash));
336  }
337  }
338  }
339  return dest;
340 }
341 void
343 {
344  const struct cert_hash_set *chs = multi->session[TM_ACTIVE].cert_hash_set;
345  if (chs && !multi->locked_cert_hash_set)
346  {
347  multi->locked_cert_hash_set = cert_hash_copy(chs);
348  }
349 }
350 
351 /*
352  * Returns the string associated with the given certificate type.
353  */
354 static const char *
356 {
357  switch (type)
358  {
360  return "SERVER";
361 
363  return "CLIENT";
364 
365  default:
366  return "?";
367  }
368 }
369 
370 /*
371  * Verify the peer's certificate fields.
372  *
373  * @param opt the tls options to verify against
374  * @param peer_cert the peer's certificate
375  * @param subject the peer's extracted subject name
376  * @param subject the peer's extracted common name
377  */
378 static result_t
379 verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert,
380  const char *subject, const char *common_name)
381 {
382  /* verify certificate nsCertType */
383  if (opt->ns_cert_type != NS_CERT_CHECK_NONE)
384  {
385  if (SUCCESS == x509_verify_ns_cert_type(peer_cert, opt->ns_cert_type))
386  {
387  msg(D_HANDSHAKE, "VERIFY OK: nsCertType=%s",
389  }
390  else
391  {
392  msg(D_HANDSHAKE, "VERIFY nsCertType ERROR: %s, require nsCertType=%s",
393  subject, print_nsCertType(opt->ns_cert_type));
394  return FAILURE; /* Reject connection */
395  }
396  }
397 
398  /* verify certificate ku */
399  if (opt->remote_cert_ku[0] != 0)
400  {
401  if (SUCCESS == x509_verify_cert_ku(peer_cert, opt->remote_cert_ku, MAX_PARMS))
402  {
403  msg(D_HANDSHAKE, "VERIFY KU OK");
404  }
405  else
406  {
407  msg(D_HANDSHAKE, "VERIFY KU ERROR");
408  return FAILURE; /* Reject connection */
409  }
410  }
411 
412  /* verify certificate eku */
413  if (opt->remote_cert_eku != NULL)
414  {
415  if (SUCCESS == x509_verify_cert_eku(peer_cert, opt->remote_cert_eku))
416  {
417  msg(D_HANDSHAKE, "VERIFY EKU OK");
418  }
419  else
420  {
421  msg(D_HANDSHAKE, "VERIFY EKU ERROR");
422  return FAILURE; /* Reject connection */
423  }
424  }
425 
426  /* verify X509 name or username against --verify-x509-[user]name */
428  {
430  && strcmp(opt->verify_x509_name, subject) == 0)
432  && strcmp(opt->verify_x509_name, common_name) == 0)
434  && strncmp(opt->verify_x509_name, common_name,
435  strlen(opt->verify_x509_name)) == 0) )
436  {
437  msg(D_HANDSHAKE, "VERIFY X509NAME OK: %s", subject);
438  }
439  else
440  {
441  msg(D_HANDSHAKE, "VERIFY X509NAME ERROR: %s, must be %s",
442  subject, opt->verify_x509_name);
443  return FAILURE; /* Reject connection */
444  }
445  }
446 
447  return SUCCESS;
448 }
449 
450 /*
451  * Export the subject, common_name, and raw certificate fields to the
452  * environment for later verification by scripts and plugins.
453  */
454 static void
455 verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth,
456  const char *subject, const char *common_name,
457  const struct x509_track *x509_track)
458 {
459  char envname[64];
460  char *serial = NULL;
461  struct gc_arena gc = gc_new();
462 
463  /* Save X509 fields in environment */
464  if (x509_track)
465  {
466  x509_setenv_track(x509_track, es, cert_depth, peer_cert);
467  }
468  else
469  {
470  x509_setenv(es, cert_depth, peer_cert);
471  }
472 
473  /* export subject name string as environmental variable */
474  openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth);
475  setenv_str(es, envname, subject);
476 
477 #if 0
478  /* export common name string as environmental variable */
479  openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth);
480  setenv_str(es, envname, common_name);
481 #endif
482 
483  /* export X509 cert fingerprints */
484  {
485  struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc);
486  struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc);
487 
488  openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth);
489  setenv_str(es, envname,
490  format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc));
491 
492  openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d",
493  cert_depth);
494  setenv_str(es, envname,
495  format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc));
496  }
497 
498  /* export serial number as environmental variable */
499  serial = backend_x509_get_serial(peer_cert, &gc);
500  openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth);
501  setenv_str(es, envname, serial);
502 
503  /* export serial number in hex as environmental variable */
504  serial = backend_x509_get_serial_hex(peer_cert, &gc);
505  openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth);
506  setenv_str(es, envname, serial);
507 
508  gc_free(&gc);
509 }
510 
511 /*
512  * call --tls-verify plug-in(s)
513  */
514 static result_t
515 verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es,
516  int cert_depth, openvpn_x509_cert_t *cert, char *subject)
517 {
518  if (plugin_defined(plugins, OPENVPN_PLUGIN_TLS_VERIFY))
519  {
520  int ret;
521  struct argv argv = argv_new();
522 
523  argv_printf(&argv, "%d %s", cert_depth, subject);
524 
525  ret = plugin_call_ssl(plugins, OPENVPN_PLUGIN_TLS_VERIFY, &argv, NULL, es, cert_depth, cert);
526 
527  argv_reset(&argv);
528 
529  if (ret == OPENVPN_PLUGIN_FUNC_SUCCESS)
530  {
531  msg(D_HANDSHAKE, "VERIFY PLUGIN OK: depth=%d, %s",
532  cert_depth, subject);
533  }
534  else
535  {
536  msg(D_HANDSHAKE, "VERIFY PLUGIN ERROR: depth=%d, %s",
537  cert_depth, subject);
538  return FAILURE; /* Reject connection */
539  }
540  }
541  return SUCCESS;
542 }
543 
544 static const char *
545 verify_cert_export_cert(openvpn_x509_cert_t *peercert, const char *tmp_dir, struct gc_arena *gc)
546 {
547  FILE *peercert_file;
548  const char *peercert_filename = "";
549 
550  if (!tmp_dir)
551  {
552  return NULL;
553  }
554 
555  /* create tmp file to store peer cert */
556  peercert_filename = create_temp_file(tmp_dir, "pcf", gc);
557 
558  /* write peer-cert in tmp-file */
559  peercert_file = fopen(peercert_filename, "w+");
560  if (!peercert_file)
561  {
562  msg(M_ERR, "Failed to open temporary file : %s", peercert_filename);
563  return NULL;
564  }
565 
566  if (SUCCESS != x509_write_pem(peercert_file, peercert))
567  {
568  msg(M_ERR, "Error writing PEM file containing certificate");
569  }
570 
571  fclose(peercert_file);
572  return peercert_filename;
573 }
574 
575 
576 /*
577  * run --tls-verify script
578  */
579 static result_t
580 verify_cert_call_command(const char *verify_command, struct env_set *es,
581  int cert_depth, openvpn_x509_cert_t *cert, char *subject, const char *verify_export_cert)
582 {
583  const char *tmp_file = NULL;
584  int ret;
585  struct gc_arena gc = gc_new();
586  struct argv argv = argv_new();
587 
588  setenv_str(es, "script_type", "tls-verify");
589 
590  if (verify_export_cert)
591  {
592  if ((tmp_file = verify_cert_export_cert(cert, verify_export_cert, &gc)))
593  {
594  setenv_str(es, "peer_cert", tmp_file);
595  }
596  }
597 
598  argv_parse_cmd(&argv, verify_command);
599  argv_printf_cat(&argv, "%d %s", cert_depth, subject);
600 
601  argv_msg_prefix(D_TLS_DEBUG, &argv, "TLS: executing verify command");
602  ret = openvpn_run_script(&argv, es, 0, "--tls-verify script");
603 
604  if (verify_export_cert)
605  {
606  if (tmp_file)
607  {
608  platform_unlink(tmp_file);
609  }
610  }
611 
612  gc_free(&gc);
613  argv_reset(&argv);
614 
615  if (ret)
616  {
617  msg(D_HANDSHAKE, "VERIFY SCRIPT OK: depth=%d, %s",
618  cert_depth, subject);
619  return SUCCESS;
620  }
621 
622  msg(D_HANDSHAKE, "VERIFY SCRIPT ERROR: depth=%d, %s",
623  cert_depth, subject);
624  return FAILURE; /* Reject connection */
625 }
626 
627 /*
628  * check peer cert against CRL directory
629  */
630 static result_t
631 verify_check_crl_dir(const char *crl_dir, openvpn_x509_cert_t *cert)
632 {
633  result_t ret = FAILURE;
634  char fn[256];
635  int fd = -1;
636  struct gc_arena gc = gc_new();
637 
638  char *serial = backend_x509_get_serial(cert, &gc);
639 
640  if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, OS_SPECIFIC_DIRSEP, serial))
641  {
642  msg(D_HANDSHAKE, "VERIFY CRL: filename overflow");
643  goto cleanup;
644  }
645  fd = platform_open(fn, O_RDONLY, 0);
646  if (fd >= 0)
647  {
648  msg(D_HANDSHAKE, "VERIFY CRL: certificate serial number %s is revoked", serial);
649  goto cleanup;
650  }
651 
652  ret = SUCCESS;
653 
654 cleanup:
655 
656  if (fd != -1)
657  {
658  close(fd);
659  }
660  gc_free(&gc);
661  return ret;
662 }
663 
664 result_t
665 verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
666 {
667  result_t ret = FAILURE;
668  char *subject = NULL;
669  char common_name[TLS_USERNAME_LEN+1] = {0}; /* null-terminated */
670  const struct tls_options *opt;
671  struct gc_arena gc = gc_new();
672 
673  opt = session->opt;
674  ASSERT(opt);
675 
676  session->verified = false;
677 
678  /* get the X509 name */
679  subject = x509_get_subject(cert, &gc);
680  if (!subject)
681  {
682  msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, could not extract X509 "
683  "subject string from certificate", cert_depth);
684  goto cleanup;
685  }
686 
687  /* enforce character class restrictions in X509 name */
689  string_replace_leading(subject, '-', '_');
690 
691  /* extract the username (default is CN) */
692  if (SUCCESS != backend_x509_get_username(common_name, sizeof(common_name),
693  opt->x509_username_field, cert))
694  {
695  if (!cert_depth)
696  {
697  msg(D_TLS_ERRORS, "VERIFY ERROR: could not extract %s from X509 "
698  "subject string ('%s') -- note that the username length is "
699  "limited to %d characters",
700  opt->x509_username_field,
701  subject,
703  goto cleanup;
704  }
705  }
706 
707  /* enforce character class restrictions in common name */
709 
710  /* warn if cert chain is too deep */
711  if (cert_depth >= MAX_CERT_DEPTH)
712  {
713  msg(D_TLS_ERRORS, "TLS Error: Convoluted certificate chain detected with depth [%d] greater than %d", cert_depth, MAX_CERT_DEPTH);
714  goto cleanup; /* Reject connection */
715  }
716 
717  /* verify level 1 cert, i.e. the CA that signed our leaf cert */
718  if (cert_depth == 1 && opt->verify_hash)
719  {
720  struct buffer ca_hash = {0};
721 
722  switch (opt->verify_hash_algo)
723  {
724  case MD_SHA1:
725  ca_hash = x509_get_sha1_fingerprint(cert, &gc);
726  break;
727 
728  case MD_SHA256:
729  ca_hash = x509_get_sha256_fingerprint(cert, &gc);
730  break;
731 
732  default:
733  /* This should normally not happen at all; the algorithm used
734  * is parsed by add_option() [options.c] and set to a predefined
735  * value in an enumerated type. So if this unlikely scenario
736  * happens, consider this a failure
737  */
738  msg(M_WARN, "Unexpected invalid algorithm used with "
739  "--verify-hash (%i)", opt->verify_hash_algo);
740  ret = FAILURE;
741  goto cleanup;
742  }
743 
744  if (memcmp(BPTR(&ca_hash), opt->verify_hash, BLEN(&ca_hash)))
745  {
746  msg(D_TLS_ERRORS, "TLS Error: level-1 certificate hash verification failed");
747  goto cleanup;
748  }
749  }
750 
751  /* save common name in session object */
752  if (cert_depth == 0)
753  {
754  set_common_name(session, common_name);
755  }
756 
757  session->verify_maxlevel = max_int(session->verify_maxlevel, cert_depth);
758 
759  /* export certificate values to the environment */
760  verify_cert_set_env(opt->es, cert, cert_depth, subject, common_name,
761  opt->x509_track);
762 
763  /* export current untrusted IP */
764  setenv_untrusted(session);
765 
766  /* If this is the peer's own certificate, verify it */
767  if (cert_depth == 0 && SUCCESS != verify_peer_cert(opt, cert, subject, common_name))
768  {
769  goto cleanup;
770  }
771 
772  /* call --tls-verify plug-in(s), if registered */
773  if (SUCCESS != verify_cert_call_plugin(opt->plugins, opt->es, cert_depth, cert, subject))
774  {
775  goto cleanup;
776  }
777 
778  /* run --tls-verify script */
780  opt->es, cert_depth, cert, subject, opt->verify_export_cert))
781  {
782  goto cleanup;
783  }
784 
785  /* check peer cert against CRL */
786  if (opt->crl_file)
787  {
788  if (opt->ssl_flags & SSLF_CRL_VERIFY_DIR)
789  {
790  if (SUCCESS != verify_check_crl_dir(opt->crl_file, cert))
791  {
792  goto cleanup;
793  }
794  }
795  else
796  {
797  if (tls_verify_crl_missing(opt))
798  {
799  msg(D_TLS_ERRORS, "VERIFY ERROR: CRL not loaded");
800  goto cleanup;
801  }
802  }
803  }
804 
805  msg(D_HANDSHAKE, "VERIFY OK: depth=%d, %s", cert_depth, subject);
806  session->verified = true;
807  ret = SUCCESS;
808 
809 cleanup:
810 
811  if (ret != SUCCESS)
812  {
813  tls_clear_error(); /* always? */
814  session->verified = false; /* double sure? */
815  }
816  gc_free(&gc);
817 
818  return ret;
819 }
820 
821 /* ***************************************************************************
822 * Functions for the management of deferred authentication when using
823 * user/password authentication.
824 *************************************************************************** */
825 
826 #ifdef ENABLE_DEF_AUTH
827 /* key_state_test_auth_control_file return values,
828  * NOTE: acf_merge indexing depends on these values */
829 #define ACF_UNDEFINED 0
830 #define ACF_SUCCEEDED 1
831 #define ACF_DISABLED 2
832 #define ACF_FAILED 3
833 #endif
834 
835 #ifdef MANAGEMENT_DEF_AUTH
836 void
837 man_def_auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
838 {
839  if (multi->client_reason)
840  {
841  free(multi->client_reason);
842  multi->client_reason = NULL;
843  }
844  if (client_reason && strlen(client_reason))
845  {
846  /* FIXME: Last alloc will never be freed */
847  multi->client_reason = string_alloc(client_reason, NULL);
848  }
849 }
850 
851 static inline unsigned int
852 man_def_auth_test(const struct key_state *ks)
853 {
854  if (management_enable_def_auth(management))
855  {
856  return ks->mda_status;
857  }
858  else
859  {
860  return ACF_DISABLED;
861  }
862 }
863 #endif /* ifdef MANAGEMENT_DEF_AUTH */
864 
865 #ifdef PLUGIN_DEF_AUTH
866 
867 /*
868  * auth_control_file functions
869  */
870 
871 void
873 {
874  if (ks && ks->auth_control_file)
875  {
876  platform_unlink(ks->auth_control_file);
877  free(ks->auth_control_file);
878  ks->auth_control_file = NULL;
879  }
880 }
881 
882 static void
883 key_state_gen_auth_control_file(struct key_state *ks, const struct tls_options *opt)
884 {
885  struct gc_arena gc = gc_new();
886  const char *acf;
887 
889  acf = create_temp_file(opt->tmp_dir, "acf", &gc);
890  if (acf)
891  {
892  ks->auth_control_file = string_alloc(acf, NULL);
893  setenv_str(opt->es, "auth_control_file", ks->auth_control_file);
894  } /* FIXME: Should have better error handling? */
895 
896  gc_free(&gc);
897 }
898 
899 static unsigned int
900 key_state_test_auth_control_file(struct key_state *ks)
901 {
902  if (ks && ks->auth_control_file)
903  {
904  unsigned int ret = ks->auth_control_status;
905  if (ret == ACF_UNDEFINED)
906  {
907  FILE *fp = fopen(ks->auth_control_file, "r");
908  if (fp)
909  {
910  const int c = fgetc(fp);
911  if (c == '1')
912  {
913  ret = ACF_SUCCEEDED;
914  }
915  else if (c == '0')
916  {
917  ret = ACF_FAILED;
918  }
919  fclose(fp);
920  ks->auth_control_status = ret;
921  }
922  }
923  return ret;
924  }
925  return ACF_DISABLED;
926 }
927 
928 #endif /* ifdef PLUGIN_DEF_AUTH */
929 
930 /*
931  * Return current session authentication state. Return
932  * value is TLS_AUTHENTICATION_x.
933  */
934 
935 int
936 tls_authentication_status(struct tls_multi *multi, const int latency)
937 {
938  bool deferred = false;
939  bool success = false;
940  bool active = false;
941 
942 #ifdef ENABLE_DEF_AUTH
943  static const unsigned char acf_merge[] =
944  {
945  ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_UNDEFINED */
946  ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_SUCCEEDED */
947  ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_DISABLED */
948  ACF_FAILED, /* s1=ACF_UNDEFINED s2=ACF_FAILED */
949  ACF_UNDEFINED, /* s1=ACF_SUCCEEDED s2=ACF_UNDEFINED */
950  ACF_SUCCEEDED, /* s1=ACF_SUCCEEDED s2=ACF_SUCCEEDED */
951  ACF_SUCCEEDED, /* s1=ACF_SUCCEEDED s2=ACF_DISABLED */
952  ACF_FAILED, /* s1=ACF_SUCCEEDED s2=ACF_FAILED */
953  ACF_UNDEFINED, /* s1=ACF_DISABLED s2=ACF_UNDEFINED */
954  ACF_SUCCEEDED, /* s1=ACF_DISABLED s2=ACF_SUCCEEDED */
955  ACF_DISABLED, /* s1=ACF_DISABLED s2=ACF_DISABLED */
956  ACF_FAILED, /* s1=ACF_DISABLED s2=ACF_FAILED */
957  ACF_FAILED, /* s1=ACF_FAILED s2=ACF_UNDEFINED */
958  ACF_FAILED, /* s1=ACF_FAILED s2=ACF_SUCCEEDED */
959  ACF_FAILED, /* s1=ACF_FAILED s2=ACF_DISABLED */
960  ACF_FAILED /* s1=ACF_FAILED s2=ACF_FAILED */
961  };
962 #endif /* ENABLE_DEF_AUTH */
963 
964  if (multi)
965  {
966  int i;
967 
968 #ifdef ENABLE_DEF_AUTH
969  if (latency && multi->tas_last && multi->tas_last + latency >= now)
970  {
972  }
973  multi->tas_last = now;
974 #endif /* ENABLE_DEF_AUTH */
975 
976  for (i = 0; i < KEY_SCAN_SIZE; ++i)
977  {
978  struct key_state *ks = multi->key_scan[i];
979  if (DECRYPT_KEY_ENABLED(multi, ks))
980  {
981  active = true;
982  if (ks->authenticated)
983  {
984 #ifdef ENABLE_DEF_AUTH
985  unsigned int s1 = ACF_DISABLED;
986  unsigned int s2 = ACF_DISABLED;
987 #ifdef PLUGIN_DEF_AUTH
988  s1 = key_state_test_auth_control_file(ks);
989 #endif /* PLUGIN_DEF_AUTH */
990 #ifdef MANAGEMENT_DEF_AUTH
991  s2 = man_def_auth_test(ks);
992 #endif /* MANAGEMENT_DEF_AUTH */
993  ASSERT(s1 < 4 && s2 < 4);
994  switch (acf_merge[(s1<<2) + s2])
995  {
996  case ACF_SUCCEEDED:
997  case ACF_DISABLED:
998  success = true;
999  ks->auth_deferred = false;
1000  break;
1001 
1002  case ACF_UNDEFINED:
1003  if (now < ks->auth_deferred_expire)
1004  {
1005  deferred = true;
1006  }
1007  break;
1008 
1009  case ACF_FAILED:
1010  ks->authenticated = false;
1011  break;
1012 
1013  default:
1014  ASSERT(0);
1015  }
1016 #else /* !ENABLE_DEF_AUTH */
1017  success = true;
1018 #endif /* ENABLE_DEF_AUTH */
1019  }
1020  }
1021  }
1022  }
1023 
1024 #if 0
1025  dmsg(D_TLS_ERRORS, "TAS: a=%d s=%d d=%d", active, success, deferred);
1026 #endif
1027 
1028  if (success)
1029  {
1031  }
1032  else if (!active || deferred)
1033  {
1035  }
1036  else
1037  {
1039  }
1040 }
1041 
1042 #ifdef MANAGEMENT_DEF_AUTH
1043 /*
1044  * For deferred auth, this is where the management interface calls (on server)
1045  * to indicate auth failure/success.
1046  */
1047 bool
1048 tls_authenticate_key(struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason)
1049 {
1050  bool ret = false;
1051  if (multi)
1052  {
1053  int i;
1054  man_def_auth_set_client_reason(multi, client_reason);
1055  for (i = 0; i < KEY_SCAN_SIZE; ++i)
1056  {
1057  struct key_state *ks = multi->key_scan[i];
1058  if (ks->mda_key_id == mda_key_id)
1059  {
1060  ks->mda_status = auth ? ACF_SUCCEEDED : ACF_FAILED;
1061  ret = true;
1062  }
1063  }
1064  }
1065  return ret;
1066 }
1067 #endif /* ifdef MANAGEMENT_DEF_AUTH */
1068 
1069 
1070 /* ****************************************************************************
1071  * Functions to verify username and password
1072  *
1073  * Authenticate a client using username/password.
1074  * Runs on server.
1075  *
1076  * If you want to add new authentication methods,
1077  * this is the place to start.
1078  *************************************************************************** */
1079 
1080 /*
1081  * Verify the user name and password using a script
1082  */
1083 static bool
1085 {
1086  struct gc_arena gc = gc_new();
1087  struct argv argv = argv_new();
1088  const char *tmp_file = "";
1089  bool ret = false;
1090 
1091  /* Is username defined? */
1092  if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
1093  {
1094  /* Set environmental variables prior to calling script */
1095  setenv_str(session->opt->es, "script_type", "user-pass-verify");
1096 
1098  {
1099  struct status_output *so;
1100 
1101  tmp_file = create_temp_file(session->opt->tmp_dir, "up", &gc);
1102  if (tmp_file)
1103  {
1104  so = status_open(tmp_file, 0, -1, NULL, STATUS_OUTPUT_WRITE);
1105  status_printf(so, "%s", up->username);
1106  status_printf(so, "%s", up->password);
1107  if (!status_close(so))
1108  {
1109  msg(D_TLS_ERRORS, "TLS Auth Error: could not write username/password to file: %s",
1110  tmp_file);
1111  goto done;
1112  }
1113  }
1114  else
1115  {
1116  msg(D_TLS_ERRORS, "TLS Auth Error: could not create write "
1117  "username/password to temp file");
1118  }
1119  }
1120  else
1121  {
1122  setenv_str(session->opt->es, "username", up->username);
1123  setenv_str(session->opt->es, "password", up->password);
1124  }
1125 
1126  /* setenv incoming cert common name for script */
1127  setenv_str(session->opt->es, "common_name", session->common_name);
1128 
1129  /* setenv client real IP address */
1130  setenv_untrusted(session);
1131 
1132  /* format command line */
1134  argv_printf_cat(&argv, "%s", tmp_file);
1135 
1136  /* call command */
1137  ret = openvpn_run_script(&argv, session->opt->es, 0,
1138  "--auth-user-pass-verify");
1139 
1141  {
1142  setenv_del(session->opt->es, "password");
1143  }
1144  }
1145  else
1146  {
1147  msg(D_TLS_ERRORS, "TLS Auth Error: peer provided a blank username");
1148  }
1149 
1150 done:
1151  if (tmp_file && strlen(tmp_file) > 0)
1152  {
1153  platform_unlink(tmp_file);
1154  }
1155 
1156  argv_reset(&argv);
1157  gc_free(&gc);
1158  return ret;
1159 }
1160 
1161 /*
1162  * Verify the username and password using a plugin
1163  */
1164 static int
1165 verify_user_pass_plugin(struct tls_session *session, const struct user_pass *up, const char *raw_username)
1166 {
1167  int retval = OPENVPN_PLUGIN_FUNC_ERROR;
1168 #ifdef PLUGIN_DEF_AUTH
1169  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1170 #endif
1171 
1172  /* Is username defined? */
1173  if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
1174  {
1175  /* set username/password in private env space */
1176  setenv_str(session->opt->es, "username", (raw_username ? raw_username : up->username));
1177  setenv_str(session->opt->es, "password", up->password);
1178 
1179  /* setenv incoming cert common name for script */
1180  setenv_str(session->opt->es, "common_name", session->common_name);
1181 
1182  /* setenv client real IP address */
1183  setenv_untrusted(session);
1184 
1185 #ifdef PLUGIN_DEF_AUTH
1186  /* generate filename for deferred auth control file */
1187  key_state_gen_auth_control_file(ks, session->opt);
1188 #endif
1189 
1190  /* call command */
1191  retval = plugin_call(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, NULL, NULL, session->opt->es);
1192 
1193 #ifdef PLUGIN_DEF_AUTH
1194  /* purge auth control filename (and file itself) for non-deferred returns */
1195  if (retval != OPENVPN_PLUGIN_FUNC_DEFERRED)
1196  {
1198  }
1199 #endif
1200 
1201  setenv_del(session->opt->es, "password");
1202  if (raw_username)
1203  {
1204  setenv_str(session->opt->es, "username", up->username);
1205  }
1206  }
1207  else
1208  {
1209  msg(D_TLS_ERRORS, "TLS Auth Error (verify_user_pass_plugin): peer provided a blank username");
1210  }
1211 
1212  return retval;
1213 }
1214 
1215 
1216 #ifdef MANAGEMENT_DEF_AUTH
1217 /*
1218  * MANAGEMENT_DEF_AUTH internal ssl_verify.c status codes
1219  */
1220 #define KMDA_ERROR 0
1221 #define KMDA_SUCCESS 1
1222 #define KMDA_UNDEF 2
1223 #define KMDA_DEF 3
1224 
1225 static int
1226 verify_user_pass_management(struct tls_session *session, const struct user_pass *up, const char *raw_username)
1227 {
1228  int retval = KMDA_ERROR;
1229  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1230 
1231  /* Is username defined? */
1232  if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
1233  {
1234  /* set username/password in private env space */
1235  setenv_str(session->opt->es, "username", (raw_username ? raw_username : up->username));
1236  setenv_str(session->opt->es, "password", up->password);
1237 
1238  /* setenv incoming cert common name for script */
1239  setenv_str(session->opt->es, "common_name", session->common_name);
1240 
1241  /* setenv client real IP address */
1242  setenv_untrusted(session);
1243 
1244  if (management)
1245  {
1246  management_notify_client_needing_auth(management, ks->mda_key_id, session->opt->mda_context, session->opt->es);
1247  }
1248 
1249  setenv_del(session->opt->es, "password");
1250  if (raw_username)
1251  {
1252  setenv_str(session->opt->es, "username", up->username);
1253  }
1254 
1255  retval = KMDA_SUCCESS;
1256  }
1257  else
1258  {
1259  msg(D_TLS_ERRORS, "TLS Auth Error (verify_user_pass_management): peer provided a blank username");
1260  }
1261 
1262  return retval;
1263 }
1264 #endif /* ifdef MANAGEMENT_DEF_AUTH */
1265 
1266 /*
1267  * Main username/password verification entry point
1268  */
1269 void
1270 verify_user_pass(struct user_pass *up, struct tls_multi *multi,
1271  struct tls_session *session)
1272 {
1273  int s1 = OPENVPN_PLUGIN_FUNC_SUCCESS;
1274  bool s2 = true;
1275  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1276 
1277  struct gc_arena gc = gc_new();
1278  char *raw_username = NULL;
1279 
1280 #ifdef MANAGEMENT_DEF_AUTH
1281  int man_def_auth = KMDA_UNDEF;
1282 
1283  if (management_enable_def_auth(management))
1284  {
1285  man_def_auth = KMDA_DEF;
1286  }
1287 #endif
1288 
1289  /*
1290  * Preserve the raw username before string_mod remapping, for plugins
1291  * and management clients when in --compat-names mode
1292  */
1294  {
1295  ALLOC_ARRAY_CLEAR_GC(raw_username, char, USER_PASS_LEN, &gc);
1296  strcpy(raw_username, up->username);
1297  string_mod(raw_username, CC_PRINT, CC_CRLF, '_');
1298  }
1299 
1300  /* enforce character class restrictions in username/password */
1302  string_mod(up->password, CC_PRINT, CC_CRLF, '_');
1303 
1304  /* If server is configured with --auth-gen-token and we have an
1305  * authentication token for this client, this authentication
1306  * round will be done internally using the token instead of
1307  * calling any external authentication modules.
1308  */
1309  if (session->opt->auth_token_generate && multi->auth_token_sent
1310  && NULL != multi->auth_token)
1311  {
1312  unsigned int ssl_flags = session->opt->ssl_flags;
1313 
1314  /* Ensure that the username has not changed */
1315  if (!tls_lock_username(multi, up->username))
1316  {
1317  /* auth-token cleared in tls_lock_username() on failure */
1318  ks->authenticated = false;
1319  goto done;
1320  }
1321 
1322  /* If auth-token lifetime has been enabled,
1323  * ensure the token has not expired
1324  */
1325  if (session->opt->auth_token_lifetime > 0
1326  && (multi->auth_token_tstamp + session->opt->auth_token_lifetime) < now)
1327  {
1328  msg(D_HANDSHAKE, "Auth-token for client expired\n");
1329  wipe_auth_token(multi);
1330  ks->authenticated = false;
1331  goto done;
1332  }
1333 
1334  /* The core authentication of the token itself */
1335  if (memcmp_constant_time(multi->auth_token, up->password,
1336  strlen(multi->auth_token)) != 0)
1337  {
1338  ks->authenticated = false;
1339  tls_deauthenticate(multi);
1340 
1341  msg(D_TLS_ERRORS, "TLS Auth Error: Auth-token verification "
1342  "failed for username '%s' %s", up->username,
1343  (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
1344  }
1345  else
1346  {
1347  ks->authenticated = true;
1348 
1349  if (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME)
1350  {
1351  set_common_name(session, up->username);
1352  }
1353  msg(D_HANDSHAKE, "TLS: Username/auth-token authentication "
1354  "succeeded for username '%s' %s",
1355  up->username,
1356  (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
1357  }
1358  goto done;
1359  }
1360 
1361  /* call plugin(s) and/or script */
1362 #ifdef MANAGEMENT_DEF_AUTH
1363  if (man_def_auth == KMDA_DEF)
1364  {
1365  man_def_auth = verify_user_pass_management(session, up, raw_username);
1366  }
1367 #endif
1368  if (plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY))
1369  {
1370  s1 = verify_user_pass_plugin(session, up, raw_username);
1371  }
1372  if (session->opt->auth_user_pass_verify_script)
1373  {
1374  s2 = verify_user_pass_script(session, up);
1375  }
1376 
1377  /* check sizing of username if it will become our common name */
1378  if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) && strlen(up->username) > TLS_USERNAME_LEN)
1379  {
1380  msg(D_TLS_ERRORS, "TLS Auth Error: --username-as-common name specified and username is longer than the maximum permitted Common Name length of %d characters", TLS_USERNAME_LEN);
1381  s1 = OPENVPN_PLUGIN_FUNC_ERROR;
1382  }
1383 
1384  /* auth succeeded? */
1385  if ((s1 == OPENVPN_PLUGIN_FUNC_SUCCESS
1386 #ifdef PLUGIN_DEF_AUTH
1387  || s1 == OPENVPN_PLUGIN_FUNC_DEFERRED
1388 #endif
1389  ) && s2
1390 #ifdef MANAGEMENT_DEF_AUTH
1391  && man_def_auth != KMDA_ERROR
1392 #endif
1393  && tls_lock_username(multi, up->username))
1394  {
1395  ks->authenticated = true;
1396 #ifdef PLUGIN_DEF_AUTH
1397  if (s1 == OPENVPN_PLUGIN_FUNC_DEFERRED)
1398  {
1399  ks->auth_deferred = true;
1400  }
1401 #endif
1402 #ifdef MANAGEMENT_DEF_AUTH
1403  if (man_def_auth != KMDA_UNDEF)
1404  {
1405  ks->auth_deferred = true;
1406  }
1407 #endif
1408 
1409  if ((session->opt->auth_token_generate) && (NULL == multi->auth_token))
1410  {
1411  /* Server is configured with --auth-gen-token but no token has yet
1412  * been generated for this client. Generate one and save it.
1413  */
1414  uint8_t tok[AUTH_TOKEN_SIZE];
1415 
1416  if (!rand_bytes(tok, AUTH_TOKEN_SIZE))
1417  {
1418  msg( M_FATAL, "Failed to get enough randomness for "
1419  "authentication token");
1420  }
1421 
1422  /* The token should be longer than the input when
1423  * being base64 encoded
1424  */
1426  &multi->auth_token) > AUTH_TOKEN_SIZE);
1427  multi->auth_token_tstamp = now;
1428  dmsg(D_SHOW_KEYS, "Generated token for client: %s",
1429  multi->auth_token);
1430  }
1431 
1432  if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME))
1433  {
1434  set_common_name(session, up->username);
1435  }
1436 
1437 #ifdef ENABLE_DEF_AUTH
1438  msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
1439  ks->auth_deferred ? "deferred" : "succeeded",
1440  up->username,
1441  (session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
1442 #else
1443  msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
1444  "succeeded",
1445  up->username,
1446  (session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
1447 #endif
1448  }
1449  else
1450  {
1451  msg(D_TLS_ERRORS, "TLS Auth Error: Auth Username/Password verification failed for peer");
1452  }
1453 
1454 done:
1455  gc_free(&gc);
1456 }
1457 
1458 void
1459 verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
1460 {
1461  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1462 
1463  /* While it shouldn't really happen, don't allow the common name to be NULL */
1464  if (!session->common_name)
1465  {
1466  set_common_name(session, "");
1467  }
1468 
1469  /* Don't allow the CN to change once it's been locked */
1470  if (ks->authenticated && multi->locked_cn)
1471  {
1472  const char *cn = session->common_name;
1473  if (cn && strcmp(cn, multi->locked_cn))
1474  {
1475  msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN attempted to change from '%s' to '%s' -- tunnel disabled",
1476  multi->locked_cn,
1477  cn);
1478 
1479  /* change the common name back to its original value and disable the tunnel */
1480  set_common_name(session, multi->locked_cn);
1481  tls_deauthenticate(multi);
1482  }
1483  }
1484 
1485  /* Don't allow the cert hashes to change once they have been locked */
1486  if (ks->authenticated && multi->locked_cert_hash_set)
1487  {
1488  const struct cert_hash_set *chs = session->cert_hash_set;
1489  if (chs && !cert_hash_compare(chs, multi->locked_cert_hash_set))
1490  {
1491  msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN=%s client-provided SSL certs unexpectedly changed during mid-session reauth",
1492  session->common_name);
1493 
1494  /* disable the tunnel */
1495  tls_deauthenticate(multi);
1496  }
1497  }
1498 
1499  /* verify --client-config-dir based authentication */
1500  if (ks->authenticated && session->opt->client_config_dir_exclusive)
1501  {
1502  struct gc_arena gc = gc_new();
1503 
1504  const char *cn = session->common_name;
1505  const char *path = gen_path(session->opt->client_config_dir_exclusive, cn, &gc);
1506  if (!cn || !strcmp(cn, CCD_DEFAULT) || !test_file(path))
1507  {
1508  ks->authenticated = false;
1509  wipe_auth_token(multi);
1510  msg(D_TLS_ERRORS, "TLS Auth Error: --client-config-dir authentication failed for common name '%s' file='%s'",
1511  session->common_name,
1512  path ? path : "UNDEF");
1513  }
1514 
1515  gc_free(&gc);
1516  }
1517 }
1518 
1519 void
1521 {
1522  struct env_item *item = es->list;
1523  while (item)
1524  {
1525  struct env_item *next = item->next;
1526  if (item->string
1527  && 0 == strncmp("X509_", item->string, strlen("X509_")))
1528  {
1529  env_set_del(es, item->string);
1530  }
1531  item = next;
1532  }
1533 }
1534 
1535 #endif /* ENABLE_CRYPTO */
static bool tls_lock_username(struct tls_multi *multi, const char *username)
Definition: ssl_verify.c:201
#define VERIFY_X509_SUBJECT_RDN
Definition: ssl_verify.h:67
#define TM_ACTIVE
Active tls_session.
Definition: ssl_common.h:458
const char * tmp_dir
Definition: ssl_common.h:313
Security parameter state of one TLS and data channel key session.
Definition: ssl_common.h:161
struct key_state key[KS_SIZE]
Definition: ssl_common.h:438
const char * crl_file
Definition: ssl_common.h:280
#define SSLF_CRL_VERIFY_DIR
Definition: ssl_common.h:337
static void verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth, const char *subject, const char *common_name, const struct x509_track *x509_track)
Definition: ssl_verify.c:455
#define ALLOC_OBJ(dptr, type)
Definition: buffer.h:1012
static bool openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Definition: misc.h:70
char * string_alloc(const char *str, struct gc_arena *gc)
Definition: buffer.c:626
#define D_TLS_DEBUG
Definition: errlevel.h:160
#define USER_PASS_LEN
Definition: misc.h:183
struct argv argv_new(void)
Definition: argv.c:51
unsigned int auth_token_lifetime
Definition: ssl_common.h:317
#define STATUS_OUTPUT_WRITE
Definition: status.h:51
#define SSLF_USERNAME_AS_COMMON_NAME
Definition: ssl_common.h:334
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
Definition: buffer.h:396
#define VERIFY_X509_SUBJECT_DN
Definition: ssl_verify.h:66
int openvpn_base64_encode(const void *data, int size, char **str)
Definition: base64.c:54
#define OS_SPECIFIC_DIRSEP
Definition: syshead.h:477
time_t auth_token_tstamp
timestamp of the generated token
Definition: ssl_common.h:565
struct tls_options * opt
Definition: ssl_common.h:403
int verify_maxlevel
Definition: ssl_common.h:423
#define SSLF_AUTH_USER_PASS_OPTIONAL
Definition: ssl_common.h:335
#define SA_IP_PORT
Definition: socket.h:401
static void gc_free(struct gc_arena *a)
Definition: buffer.h:990
bool verified
Definition: ssl_common.h:433
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition: plugin.h:205
const char * auth_user_pass_verify_script
Definition: ssl_common.h:311
Security parameter state for a single VPN tunnel.
Definition: ssl_common.h:496
#define NS_CERT_CHECK_CLIENT
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:218
#define D_TLS_ERRORS
Definition: errlevel.h:59
#define CC_PRINT
Definition: buffer.h:882
#define ASSERT(x)
Definition: error.h:221
int tls_authentication_status(struct tls_multi *multi, const int latency)
Definition: ssl_verify.c:936
const char * client_config_dir_exclusive
Definition: ssl_common.h:320
int verify_x509_type
Definition: ssl_common.h:278
result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const expected_ku, int expected_len)
struct cert_hash_set * cert_hash_set
Definition: ssl_common.h:427
int plugin_call_ssl(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es, int certdepth, openvpn_x509_cert_t *current_cert)
Definition: plugin.c:785
#define M_FATAL
Definition: error.h:94
void cert_hash_remember(struct tls_session *session, const int error_depth, const struct buffer *cert_hash)
Definition: ssl_verify.c:249
static const char * verify_cert_export_cert(openvpn_x509_cert_t *peercert, const char *tmp_dir, struct gc_arena *gc)
Definition: ssl_verify.c:545
static void tls_deauthenticate(struct tls_multi *multi)
Definition: ssl_verify.c:108
char * backend_x509_get_serial_hex(openvpn_x509_cert_t *cert, struct gc_arena *gc)
const char * gen_path(const char *directory, const char *filename, struct gc_arena *gc)
Definition: misc.c:807
#define MAX_PARMS
Definition: options.h:53
#define TLS_USERNAME_LEN
Maximum length of common name.
Definition: ssl_verify.c:51
#define DECRYPT_KEY_ENABLED(multi, ks)
Check whether the ks key_state is ready to receive data channel packets.
Definition: ssl_verify.h:91
#define X509_NAME_CHAR_CLASS
Legal characters in an X509 name with –compat-names.
Definition: ssl_verify.c:54
bool auth_token_generate
Generate auth-tokens on successful user/pass auth, set via options->auth_token_generate.
Definition: ssl_common.h:315
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition: misc.c:564
Structure containing the hash for a single certificate.
Definition: ssl_verify.h:56
bool authenticated
Definition: ssl_common.h:201
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer...
Definition: ssl_common.h:571
Structure containing the hashes for a full certificate chain.
Definition: ssl_verify.h:61
bool platform_unlink(const char *filename)
Definition: platform.c:285
void status_printf(struct status_output *so, const char *format,...)
Definition: status.c:239
char username[USER_PASS_LEN]
Definition: misc.h:185
result_t verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
Definition: ssl_verify.c:665
Definition: misc.h:44
char * x509_username_field
Definition: ssl_common.h:287
struct status_output * status_open(const char *filename, const int refresh_freq, const int msglevel, const struct virtual_output *vout, const unsigned int flags)
Definition: status.c:63
#define VERIFY_X509_NONE
Definition: ssl_verify.h:65
#define TLS_AUTHENTICATION_UNDEFINED
Definition: ssl_verify.h:73
bool status_close(struct status_output *so)
Definition: status.c:203
struct key_state * key_scan[KEY_SCAN_SIZE]
List of key_state objects in the order they should be scanned by data channel modules.
Definition: ssl_common.h:504
bool test_file(const char *filename)
Definition: misc.c:695
#define BPTR(buf)
Definition: buffer.h:124
static const char * print_nsCertType(int type)
Definition: ssl_verify.c:355
#define KEY_SCAN_SIZE
Definition: ssl_common.h:480
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
Definition: buffer.c:277
static result_t verify_check_crl_dir(const char *crl_dir, openvpn_x509_cert_t *cert)
Definition: ssl_verify.c:631
#define KS_SIZE
Size of the tls_session.key array.
Definition: ssl_common.h:374
struct env_item * list
Definition: misc.h:51
bool auth_user_pass_verify_script_via_file
Definition: ssl_common.h:312
int platform_open(const char *path, int flags, int mode)
Definition: platform.c:313
#define AUTH_TOKEN_SIZE
Size of server side generated auth tokens.
Definition: ssl_common.h:378
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
Definition: socket.c:2982
int rand_bytes(uint8_t *output, int len)
Wrapper for secure random number generator.
static const char * np(const char *str)
Definition: simple.c:108
static struct gc_arena gc_new(void)
Definition: buffer.h:982
#define KS_PRIMARY
Primary key state index.
Definition: ssl_common.h:370
#define COMPAT_NAMES
Definition: misc.h:299
unsigned remote_cert_ku[MAX_PARMS]
Definition: ssl_common.h:283
time_t now
Definition: otime.c:36
void key_state_rm_auth_control_file(struct key_state *ks)
Remove the given key state&#39;s auth control file, if it exists.
void x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth, openvpn_x509_cert_t *x509)
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition: buffer.h:1017
char * locked_cn
Definition: ssl_common.h:533
static void wipe_auth_token(struct tls_multi *multi)
Wipes the authentication token out of the memory, frees and cleans up related buffers and flags...
Definition: ssl_verify.c:89
int ns_cert_type
Definition: ssl_common.h:282
#define MAX_CERT_DEPTH
Maximum certificate depth we will allow.
Definition: ssl_verify.h:53
#define M_ERR
Definition: error.h:110
result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid)
hash_algo_type verify_hash_algo
Definition: ssl_common.h:286
unsigned __int32 uint32_t
Definition: config-msvc.h:121
#define NS_CERT_CHECK_NONE
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:214
static void string_mod_remap_name(char *str, const unsigned int restrictive_flags)
Definition: ssl_verify.c:60
#define COMPAT_FLAG_QUERY
Definition: misc.h:297
void argv_msg_prefix(const int msglev, const struct argv *a, const char *prefix)
Definition: argv.c:213
struct cert_hash_set * locked_cert_hash_set
Definition: ssl_common.h:535
const char * verify_x509_name
Definition: ssl_common.h:279
char * x509_get_subject(openvpn_x509_cert_t *cert, struct gc_arena *gc)
bool cert_hash_compare(const struct cert_hash_set *chs1, const struct cert_hash_set *chs2)
Compares certificates hashes, returns true if hashes are equal.
Definition: ssl_verify.c:284
static result_t verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert, const char *subject, const char *common_name)
Definition: ssl_verify.c:379
const struct plugin_list * plugins
Definition: ssl_common.h:324
void argv_parse_cmd(struct argv *a, const char *s)
Definition: argv.c:329
struct env_item * next
Definition: misc.h:46
struct link_socket_actual untrusted_addr
Definition: ssl_common.h:436
char * string
Definition: misc.h:45
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
Definition: buffer.c:460
const char * verify_export_cert
Definition: ssl_common.h:277
#define COMPAT_NO_NAME_REMAPPING
Definition: misc.h:300
#define VERIFY_X509_SUBJECT_RDN_PREFIX
Definition: ssl_verify.h:68
#define dmsg
Definition: error.h:174
char * backend_x509_get_serial(openvpn_x509_cert_t *cert, struct gc_arena *gc)
#define TM_SIZE
Size of the tls_multi.session array.
Definition: ssl_common.h:463
#define TLS_AUTHENTICATION_FAILED
Definition: ssl_verify.h:71
static void set_common_name(struct tls_session *session, const char *common_name)
Definition: ssl_verify.c:127
const char * create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc)
Definition: misc.c:724
#define CCD_DEFAULT
Definition: common.h:71
static void setenv_untrusted(struct tls_session *session)
Definition: ssl_verify.c:77
#define BLEN(buf)
Definition: buffer.h:127
time_t auth_deferred_expire
Definition: ssl_common.h:202
void verify_user_pass(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Verify the given username and password, using either an external script, a plugin, or the management interface.
Definition: ssl_verify.c:1270
#define D_HANDSHAKE
Definition: errlevel.h:72
static int max_int(int x, int y)
Definition: integer.h:34
uint32_t hash_func(const uint8_t *k, uint32_t length, uint32_t initval)
Definition: list.c:602
unsigned __int8 uint8_t
Definition: config-msvc.h:123
bool string_mod(char *str, const unsigned int inclusive, const unsigned int exclusive, const char replace)
Definition: buffer.c:1019
#define ALLOC_ARRAY_CLEAR_GC(dptr, type, n, gc)
Definition: buffer.h:1039
result_t x509_verify_ns_cert_type(openvpn_x509_cert_t *cert, const int usage)
struct buffer x509_get_sha1_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate&#39;s SHA1 fingerprint.
char * auth_token
If server sends a generated auth-token, this is the token to use for future user/pass authentications...
Definition: ssl_common.h:561
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition: plugin.c:903
bool tls_verify_crl_missing(const struct tls_options *opt)
Return true iff a CRL is configured, but is not loaded.
void string_replace_leading(char *str, const char match, const char replace)
Definition: buffer.c:1070
void argv_printf_cat(struct argv *a, const char *format,...)
Definition: argv.c:320
const char * verify_command
Definition: ssl_common.h:276
Security parameter state of a single session within a VPN tunnel.
Definition: ssl_common.h:400
static int verify_user_pass_plugin(struct tls_session *session, const struct user_pass *up, const char *raw_username)
Definition: ssl_verify.c:1165
#define msg
Definition: error.h:173
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
static result_t verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert, char *subject)
Definition: ssl_verify.c:515
#define TLS_AUTHENTICATION_SUCCEEDED
Definition: ssl_verify.h:70
#define D_SHOW_KEYS
Definition: errlevel.h:117
result_t x509_write_pem(FILE *peercert_file, openvpn_x509_cert_t *peercert)
char * locked_username
Definition: ssl_common.h:534
char * common_name
Definition: ssl_common.h:425
const char * tls_common_name(const struct tls_multi *multi, const bool null)
Returns the common name field for the given tunnel.
Definition: ssl_verify.c:163
static int memcmp_constant_time(const void *a, const void *b, size_t size)
As memcmp(), but constant-time.
Definition: crypto.h:496
uint8_t * verify_hash
Definition: ssl_common.h:285
Definition: misc.h:49
void tls_clear_error(void)
Clear the underlying SSL library&#39;s error state.
Definition: ssl_openssl.c:94
static bool verify_user_pass_script(struct tls_session *session, const struct user_pass *up)
Definition: ssl_verify.c:1084
const char * tls_username(const struct tls_multi *multi, const bool null)
Returns the username field for the given tunnel.
Definition: ssl_verify.c:227
void tls_x509_clear_env(struct env_set *es)
Remove any X509_ env variables from env_set es.
Definition: ssl_verify.c:1520
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
void tls_lock_common_name(struct tls_multi *multi)
Locks the common name field for the given tunnel.
Definition: ssl_verify.c:188
void tls_lock_cert_hash_set(struct tls_multi *multi)
Locks the certificate hash set used in the given tunnel.
Definition: ssl_verify.c:342
#define TLS_AUTHENTICATION_DEFERRED
Definition: ssl_verify.h:72
void cert_hash_free(struct cert_hash_set *chs)
Frees the given set of certificate hashes.
Definition: ssl_verify.c:270
void argv_reset(struct argv *a)
Definition: argv.c:59
struct buffer x509_get_sha256_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate&#39;s SHA256 fingerprint.
mbedtls_x509_crt openvpn_x509_cert_t
char password[USER_PASS_LEN]
Definition: misc.h:186
static struct cert_hash_set * cert_hash_copy(const struct cert_hash_set *chs)
Definition: ssl_verify.c:321
void verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
Perform final authentication checks, including locking of the cn, the allowed certificate hashes...
Definition: ssl_verify.c:1459
bool env_set_del(struct env_set *es, const char *str)
Definition: misc.c:464
Definition: argv.h:35
#define CC_CRLF
Definition: buffer.h:911
char * dest
Definition: compat-lz4.h:431
const struct x509_track * x509_track
Definition: ssl_common.h:348
void setenv_del(struct env_set *es, const char *name)
Definition: misc.c:609
bool auth_token_sent
If server uses –auth-gen-token and token has been sent to client.
Definition: ssl_common.h:566
bool compat_flag(unsigned int flag)
Will set or query for a global compat flag.
Definition: misc.c:1536
#define COMMON_NAME_CHAR_CLASS
Legal characters in a common name with –compat-names.
Definition: ssl_verify.c:57
unsigned int ssl_flags
Definition: ssl_common.h:342
static result_t verify_cert_call_command(const char *verify_command, struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert, char *subject, const char *verify_export_cert)
Definition: ssl_verify.c:580
void argv_printf(struct argv *a, const char *format,...)
Definition: argv.c:310
#define M_WARN
Definition: error.h:96
struct env_set * es
Definition: ssl_common.h:323
struct cert_hash * ch[MAX_CERT_DEPTH]
Array of certificate hashes.
Definition: ssl_verify.h:62
void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert)
result_t
Result of verification function.
const char * remote_cert_eku
Definition: ssl_common.h:284
result_t backend_x509_get_username(char *common_name, int cn_len, char *x509_username_field, openvpn_x509_cert_t *peer_cert)
unsigned char sha256_hash[256/8]
Definition: ssl_verify.h:57
#define NS_CERT_CHECK_SERVER
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:216