OpenVPN
Data Structures | Macros | Functions
ssl.h File Reference
#include "basic.h"
#include "common.h"
#include "crypto.h"
#include "packet_id.h"
#include "session_id.h"
#include "reliable.h"
#include "socket.h"
#include "mtu.h"
#include "options.h"
#include "plugin.h"
#include "ssl_common.h"
#include "ssl_backend.h"
Include dependency graph for ssl.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Data Structures

struct  tls_auth_standalone
 

Macros

#define KEY_EXPANSION_ID   "OpenVPN"
 
#define P_KEY_ID_MASK   0x07
 
#define P_OPCODE_SHIFT   3
 
#define P_CONTROL_HARD_RESET_CLIENT_V1   1 /* initial key from client, forget previous state */
 
#define P_CONTROL_HARD_RESET_SERVER_V1   2 /* initial key from server, forget previous state */
 
#define P_CONTROL_SOFT_RESET_V1   3 /* new key, graceful transition from old to new key */
 
#define P_CONTROL_V1   4 /* control channel packet (usually TLS ciphertext) */
 
#define P_ACK_V1   5 /* acknowledgement for packets received */
 
#define P_DATA_V1   6 /* data channel packet */
 
#define P_DATA_V2   9 /* data channel packet with peer-id */
 
#define P_CONTROL_HARD_RESET_CLIENT_V2   7 /* initial key from client, forget previous state */
 
#define P_CONTROL_HARD_RESET_SERVER_V2   8 /* initial key from server, forget previous state */
 
#define P_FIRST_OPCODE   1
 
#define P_LAST_OPCODE   9
 
#define CONTROL_SEND_ACK_MAX   4
 
#define TLS_RELIABLE_N_SEND_BUFFERS   4 /* also window size for reliability layer */
 
#define TLS_RELIABLE_N_REC_BUFFERS   8
 
#define TLS_MULTI_REFRESH   15 /* call tls_multi_process once every n seconds */
 
#define TLS_MULTI_HORIZON
 
#define TLS_MULTI_THREAD_SEND_TIMEOUT   5
 
#define TLS_MULTI_AUTH_STATUS_INTERVAL   10
 
#define TLS_OPTIONS_LEN   512
 
#define X509_USERNAME_FIELD_DEFAULT   "CN"
 
#define KEY_METHOD_MIN   1
 
#define KEY_METHOD_MAX   2
 
#define KEY_METHOD_MASK   0x0F
 
#define TLSMP_INACTIVE   0
 
#define TLSMP_ACTIVE   1
 
#define TLSMP_KILL   2
 
#define PD_TLS_AUTH_HMAC_SIZE_MASK   0xFF
 
#define PD_SHOW_DATA   (1<<8)
 
#define PD_TLS   (1<<9)
 
#define PD_VERBOSE   (1<<10)
 

Functions

void init_ssl_lib (void)
 
void free_ssl_lib (void)
 
void init_ssl (const struct options *options, struct tls_root_ctx *ctx)
 Build master SSL context object that serves for the whole of OpenVPN instantiation. More...
 
int tls_multi_process (struct tls_multi *multi, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
 
bool tls_pre_decrypt (struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
 Determine whether an incoming packet is a data channel or control channel packet, and process accordingly. More...
 
void pem_password_setup (const char *auth_file)
 
void auth_user_pass_setup (const char *auth_file, const struct static_challenge_info *sc_info)
 
void ssl_set_auth_nocache (void)
 
void ssl_purge_auth (const bool auth_user_pass_only)
 
void ssl_set_auth_token (const char *token)
 
void ssl_purge_auth_challenge (void)
 
void ssl_put_auth_challenge (const char *cr_str)
 
void tls_adjust_frame_parameters (struct frame *frame)
 
bool tls_send_payload (struct tls_multi *multi, const uint8_t *data, int size)
 
bool tls_rec_payload (struct tls_multi *multi, struct buffer *buf)
 
void tls_update_remote_addr (struct tls_multi *multi, const struct link_socket_actual *addr)
 Updates remote address in TLS sessions. More...
 
bool tls_session_update_crypto_params (struct tls_session *session, struct options *options, struct frame *frame)
 Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options. More...
 
void tls_poor_mans_ncp (struct options *o, const char *remote_ciphername)
 "Poor man's NCP": Use peer cipher if it is an allowed (NCP) cipher. More...
 
int tls_peer_info_ncp_ver (const char *peer_info)
 Return the Negotiable Crypto Parameters version advertised in the peer info string, or 0 if none specified. More...
 
bool tls_check_ncp_cipher_list (const char *list)
 Check whether the ciphers in the supplied list are supported. More...
 
bool tls_item_in_cipher_list (const char *item, const char *list)
 Return true iff item is present in the colon-separated zero-terminated cipher list. More...
 
static bool tls_initial_packet_received (const struct tls_multi *multi)
 
static bool tls_test_auth_deferred_interval (const struct tls_multi *multi)
 
static int tls_test_payload_len (const struct tls_multi *multi)
 
static void tls_set_single_session (struct tls_multi *multi)
 
const char * protocol_dump (struct buffer *buffer, unsigned int flags, struct gc_arena *gc)
 
void extract_x509_field_test (void)
 
bool is_hard_reset (int op, int key_method)
 Given a key_method, return true if opcode represents the required form of hard_reset. More...
 
void delayed_auth_pass_purge (void)
 
void show_available_tls_ciphers (const char *cipher_list, const char *cipher_list_tls13, const char *tls_cert_profile)
 
Functions for initialization and cleanup of tls_multi structures
struct tls_multitls_multi_init (struct tls_options *tls_options)
 Allocate and initialize a tls_multi structure. More...
 
void tls_multi_init_finalize (struct tls_multi *multi, const struct frame *frame)
 Finalize initialization of a tls_multi structure. More...
 
struct tls_auth_standalonetls_auth_standalone_init (struct tls_options *tls_options, struct gc_arena *gc)
 
void tls_auth_standalone_finalize (struct tls_auth_standalone *tas, const struct frame *frame)
 
void tls_multi_init_set_options (struct tls_multi *multi, const char *local, const char *remote)
 
void tls_multi_free (struct tls_multi *multi, bool clear)
 Cleanup a tls_multi structure and free associated memory allocations. More...
 
Functions for managing security parameter state for data channel packets
bool tls_pre_decrypt_lite (const struct tls_auth_standalone *tas, const struct link_socket_actual *from, const struct buffer *buf)
 Inspect an incoming packet for which no VPN tunnel is active, and determine whether a new VPN tunnel should be created. More...
 
void tls_pre_encrypt (struct tls_multi *multi, struct buffer *buf, struct crypto_options **opt)
 Choose the appropriate security parameters with which to process an outgoing packet. More...
 
void tls_prepend_opcode_v1 (const struct tls_multi *multi, struct buffer *buf)
 Prepend a one-byte OpenVPN data channel P_DATA_V1 opcode to the packet. More...
 
void tls_prepend_opcode_v2 (const struct tls_multi *multi, struct buffer *buf)
 Prepend an OpenVPN data channel P_DATA_V2 header to the packet. More...
 
void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf)
 Perform some accounting for the key state used. More...
 

Macro Definition Documentation

◆ CONTROL_SEND_ACK_MAX

#define CONTROL_SEND_ACK_MAX   4

Definition at line 74 of file ssl.h.

Referenced by tls_init_control_channel_frame_parameters(), and tls_process().

◆ KEY_EXPANSION_ID

#define KEY_EXPANSION_ID   "OpenVPN"

Definition at line 47 of file ssl.h.

Referenced by generate_key_expansion().

◆ KEY_METHOD_MASK

#define KEY_METHOD_MASK   0x0F

Definition at line 116 of file ssl.h.

Referenced by key_method_2_read(), and key_method_2_write().

◆ KEY_METHOD_MAX

#define KEY_METHOD_MAX   2

Definition at line 113 of file ssl.h.

Referenced by add_option().

◆ KEY_METHOD_MIN

#define KEY_METHOD_MIN   1

Definition at line 112 of file ssl.h.

Referenced by add_option().

◆ P_ACK_V1

#define P_ACK_V1   5 /* acknowledgement for packets received */

Definition at line 58 of file ssl.h.

Referenced by packet_opcode_name(), protocol_dump(), tls_pre_decrypt(), and tls_process().

◆ P_CONTROL_HARD_RESET_CLIENT_V1

#define P_CONTROL_HARD_RESET_CLIENT_V1   1 /* initial key from client, forget previous state */

Definition at line 54 of file ssl.h.

Referenced by is_hard_reset(), packet_opcode_name(), tls_pre_decrypt(), and tls_session_init().

◆ P_CONTROL_HARD_RESET_CLIENT_V2

#define P_CONTROL_HARD_RESET_CLIENT_V2   7 /* initial key from client, forget previous state */

◆ P_CONTROL_HARD_RESET_SERVER_V1

#define P_CONTROL_HARD_RESET_SERVER_V1   2 /* initial key from server, forget previous state */

Definition at line 55 of file ssl.h.

Referenced by is_hard_reset(), packet_opcode_name(), tls_pre_decrypt(), and tls_session_init().

◆ P_CONTROL_HARD_RESET_SERVER_V2

#define P_CONTROL_HARD_RESET_SERVER_V2   8 /* initial key from server, forget previous state */

Definition at line 64 of file ssl.h.

Referenced by is_hard_reset(), packet_opcode_name(), tls_pre_decrypt(), and tls_session_init().

◆ P_CONTROL_SOFT_RESET_V1

#define P_CONTROL_SOFT_RESET_V1   3 /* new key, graceful transition from old to new key */

Definition at line 56 of file ssl.h.

Referenced by key_state_init(), packet_opcode_name(), tls_pre_decrypt(), and tls_process().

◆ P_CONTROL_V1

#define P_CONTROL_V1   4 /* control channel packet (usually TLS ciphertext) */

Definition at line 57 of file ssl.h.

Referenced by packet_opcode_name(), and tls_process().

◆ P_DATA_V1

#define P_DATA_V1   6 /* data channel packet */

Definition at line 59 of file ssl.h.

Referenced by packet_opcode_name(), protocol_dump(), tls_pre_decrypt(), and tls_prepend_opcode_v1().

◆ P_DATA_V2

#define P_DATA_V2   9 /* data channel packet with peer-id */

◆ P_FIRST_OPCODE

#define P_FIRST_OPCODE   1

Definition at line 67 of file ssl.h.

◆ P_KEY_ID_MASK

#define P_KEY_ID_MASK   0x07

Definition at line 50 of file ssl.h.

Referenced by key_state_init(), protocol_dump(), tls_pre_decrypt(), and tls_pre_decrypt_lite().

◆ P_LAST_OPCODE

#define P_LAST_OPCODE   9

Definition at line 68 of file ssl.h.

Referenced by tls_pre_decrypt().

◆ P_OPCODE_SHIFT

#define P_OPCODE_SHIFT   3

◆ PD_SHOW_DATA

#define PD_SHOW_DATA   (1<<8)

Definition at line 571 of file ssl.h.

Referenced by protocol_dump().

◆ PD_TLS

#define PD_TLS   (1<<9)

Definition at line 572 of file ssl.h.

Referenced by protocol_dump().

◆ PD_TLS_AUTH_HMAC_SIZE_MASK

#define PD_TLS_AUTH_HMAC_SIZE_MASK   0xFF

Definition at line 570 of file ssl.h.

Referenced by protocol_dump().

◆ PD_VERBOSE

#define PD_VERBOSE   (1<<10)

Definition at line 573 of file ssl.h.

Referenced by protocol_dump().

◆ TLS_MULTI_AUTH_STATUS_INTERVAL

#define TLS_MULTI_AUTH_STATUS_INTERVAL   10

Definition at line 97 of file ssl.h.

Referenced by tls_multi_process().

◆ TLS_MULTI_HORIZON

#define TLS_MULTI_HORIZON
Value:
2 /* call tls_multi_process frequently for n seconds after
* every packet sent/received action */

Definition at line 86 of file ssl.h.

Referenced by do_init_timers().

◆ TLS_MULTI_REFRESH

#define TLS_MULTI_REFRESH   15 /* call tls_multi_process once every n seconds */

Definition at line 85 of file ssl.h.

Referenced by do_init_timers().

◆ TLS_MULTI_THREAD_SEND_TIMEOUT

#define TLS_MULTI_THREAD_SEND_TIMEOUT   5

Definition at line 94 of file ssl.h.

◆ TLS_OPTIONS_LEN

#define TLS_OPTIONS_LEN   512

Definition at line 104 of file ssl.h.

Referenced by key_method_2_read(), and key_method_2_write().

◆ TLS_RELIABLE_N_REC_BUFFERS

#define TLS_RELIABLE_N_REC_BUFFERS   8

Definition at line 80 of file ssl.h.

Referenced by key_state_init().

◆ TLS_RELIABLE_N_SEND_BUFFERS

#define TLS_RELIABLE_N_SEND_BUFFERS   4 /* also window size for reliability layer */

Definition at line 79 of file ssl.h.

Referenced by key_state_init().

◆ TLSMP_ACTIVE

#define TLSMP_ACTIVE   1

Definition at line 228 of file ssl.h.

Referenced by check_tls_dowork(), and tls_multi_process().

◆ TLSMP_INACTIVE

#define TLSMP_INACTIVE   0

Definition at line 227 of file ssl.h.

Referenced by tls_multi_process().

◆ TLSMP_KILL

#define TLSMP_KILL   2

Definition at line 229 of file ssl.h.

Referenced by check_tls_dowork(), and tls_multi_process().

◆ X509_USERNAME_FIELD_DEFAULT

#define X509_USERNAME_FIELD_DEFAULT   "CN"

Definition at line 107 of file ssl.h.

Referenced by do_init_crypto_tls(), and init_options().

Function Documentation

◆ auth_user_pass_setup()

void auth_user_pass_setup ( const char *  auth_file,
const struct static_challenge_info sc_info 
)

◆ delayed_auth_pass_purge()

void delayed_auth_pass_purge ( void  )

Definition at line 4266 of file ssl.c.

References auth_user_pass, purge_user_pass(), and user_pass::wait_for_push.

Referenced by initialization_sequence_completed().

◆ extract_x509_field_test()

void extract_x509_field_test ( void  )

Referenced by init_static().

◆ free_ssl_lib()

void free_ssl_lib ( void  )

Definition at line 356 of file ssl.c.

References crypto_uninit_lib(), prng_uninit(), and tls_free_lib().

Referenced by uninit_static().

◆ init_ssl()

void init_ssl ( const struct options options,
struct tls_root_ctx ctx 
)

◆ init_ssl_lib()

void init_ssl_lib ( void  )

Definition at line 348 of file ssl.c.

References crypto_init_lib(), and tls_init_lib().

Referenced by init_static().

◆ is_hard_reset()

bool is_hard_reset ( int  op,
int  key_method 
)

Given a key_method, return true if opcode represents the required form of hard_reset.

If key_method == 0, return true if any form of hard reset is used.

Definition at line 848 of file ssl.c.

References P_CONTROL_HARD_RESET_CLIENT_V1, P_CONTROL_HARD_RESET_CLIENT_V2, P_CONTROL_HARD_RESET_SERVER_V1, and P_CONTROL_HARD_RESET_SERVER_V2.

Referenced by process_incoming_link_part1(), and tls_pre_decrypt().

◆ pem_password_setup()

void pem_password_setup ( const char *  auth_file)

◆ protocol_dump()

const char* protocol_dump ( struct buffer buffer,
unsigned int  flags,
struct gc_arena gc 
)

◆ show_available_tls_ciphers()

void show_available_tls_ciphers ( const char *  cipher_list,
const char *  cipher_list_tls13,
const char *  tls_cert_profile 
)

Definition at line 4120 of file ssl.c.

References show_available_tls_ciphers_list().

Referenced by print_openssl_info().

◆ ssl_purge_auth()

void ssl_purge_auth ( const bool  auth_user_pass_only)

◆ ssl_purge_auth_challenge()

void ssl_purge_auth_challenge ( void  )

Definition at line 491 of file ssl.c.

References auth_challenge, and free.

Referenced by ssl_purge_auth(), and ssl_put_auth_challenge().

◆ ssl_put_auth_challenge()

void ssl_put_auth_challenge ( const char *  cr_str)

Definition at line 498 of file ssl.c.

References auth_challenge, ssl_purge_auth_challenge(), and string_alloc().

Referenced by receive_auth_failed().

◆ ssl_set_auth_nocache()

void ssl_set_auth_nocache ( void  )

Definition at line 444 of file ssl.c.

References auth_user_pass, user_pass::nocache, passbuf, and user_pass::wait_for_push.

Referenced by add_option().

◆ ssl_set_auth_token()

void ssl_set_auth_token ( const char *  token)

Definition at line 456 of file ssl.c.

References auth_user_pass, M_INFO, msg, user_pass::nocache, and set_auth_token().

Referenced by add_option().

◆ tls_adjust_frame_parameters()

void tls_adjust_frame_parameters ( struct frame frame)

Definition at line 315 of file ssl.c.

References frame_add_to_extra_frame().

Referenced by do_init_crypto_tls(), and tls_init_control_channel_frame_parameters().

◆ tls_check_ncp_cipher_list()

bool tls_check_ncp_cipher_list ( const char *  list)

Check whether the ciphers in the supplied list are supported.

Parameters
listColon-separated list of ciphers
Returns
true iff all ciphers in list are supported.

Definition at line 4097 of file ssl.c.

References ASSERT, cipher_kt_get(), free, M_WARN, msg, string_alloc(), and translate_cipher_name_from_openvpn().

Referenced by options_postprocess_verify_ce().

◆ tls_initial_packet_received()

static bool tls_initial_packet_received ( const struct tls_multi multi)
inlinestatic

Definition at line 528 of file ssl.h.

References tls_multi::n_sessions.

Referenced by check_server_poll_timeout_dowork(), and process_outgoing_link().

◆ tls_item_in_cipher_list()

bool tls_item_in_cipher_list ( const char *  item,
const char *  list 
)

Return true iff item is present in the colon-separated zero-terminated cipher list.

Definition at line 1881 of file ssl.c.

References free, and string_alloc().

Referenced by tls_poor_mans_ncp(), and tls_session_update_crypto_params().

◆ tls_multi_process()

int tls_multi_process ( struct tls_multi multi,
struct buffer to_link,
struct link_socket_actual **  to_link_addr,
struct link_socket_info to_link_socket_info,
interval_t wakeup 
)

◆ tls_peer_info_ncp_ver()

int tls_peer_info_ncp_ver ( const char *  peer_info)

Return the Negotiable Crypto Parameters version advertised in the peer info string, or 0 if none specified.

Definition at line 4081 of file ssl.c.

Referenced by key_method_2_read(), and prepare_push_reply().

◆ tls_poor_mans_ncp()

void tls_poor_mans_ncp ( struct options o,
const char *  remote_ciphername 
)

"Poor man's NCP": Use peer cipher if it is an allowed (NCP) cipher.

Allows non-NCP peers to upgrade their cipher individually.

Make sure to call tls_session_update_crypto_params() after calling this function.

Definition at line 1901 of file ssl.c.

References options::ciphername, D_TLS_DEBUG_LOW, options::gc, msg, options::ncp_ciphers, options::ncp_enabled, string_alloc(), and tls_item_in_cipher_list().

Referenced by do_deferred_options(), and prepare_push_reply().

◆ tls_rec_payload()

bool tls_rec_payload ( struct tls_multi multi,
struct buffer buf 
)

◆ tls_send_payload()

bool tls_send_payload ( struct tls_multi multi,
const uint8_t data,
int  size 
)

◆ tls_session_update_crypto_params()

bool tls_session_update_crypto_params ( struct tls_session session,
struct options options,
struct frame frame 
)

Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options.

Parameters
sessionThe TLS session to update.
optionsThe options to use when updating session.
frameThe frame options for this session (frame overhead is adjusted based on the selected cipher/auth).
Returns
true if updating succeeded, false otherwise.

Definition at line 1950 of file ssl.c.

References options::authname, options::ce, key_type::cipher, cipher_kt_mode_ofb_cfb(), options::ciphername, CO_PACKET_ID_LONG_FORM, tls_options::config_ciphername, crypto_adjust_frame_parameters(), tls_options::crypto_flags, crypto_max_overhead(), D_HANDSHAKE, D_MTU_INFO, D_TLS_ERRORS, frame_finalize(), frame_init_mssfix(), frame_print(), frame_remove_from_extra_frame(), init_key_type(), tls_options::key_type, options::keysize, connection_entry::link_mtu, connection_entry::link_mtu_defined, msg, options::ncp_ciphers, tls_session::opt, options::replay, tls_options::server, tls_item_in_cipher_list(), tls_session_generate_data_channel_keys(), connection_entry::tun_mtu, and connection_entry::tun_mtu_defined.

Referenced by do_deferred_options(), and incoming_push_message().

◆ tls_set_single_session()

static void tls_set_single_session ( struct tls_multi multi)
inlinestatic

Definition at line 559 of file ssl.h.

References tls_multi::opt, and tls_options::single_session.

Referenced by schedule_exit().

◆ tls_test_auth_deferred_interval()

static bool tls_test_auth_deferred_interval ( const struct tls_multi multi)
inlinestatic

◆ tls_test_payload_len()

static int tls_test_payload_len ( const struct tls_multi multi)
inlinestatic

◆ tls_update_remote_addr()

void tls_update_remote_addr ( struct tls_multi multi,
const struct link_socket_actual addr 
)

Updates remote address in TLS sessions.

Parameters
multi- Tunnel to update
addr- new address

Definition at line 4051 of file ssl.c.

References D_TLS_KEYSELECT, dmsg, gc_free(), gc_new(), tls_session::key, KS_SIZE, link_socket_actual_defined(), link_socket_actual_match(), print_link_socket_actual(), key_state::remote_addr, tls_multi::session, and TM_SIZE.

Referenced by multi_process_float().