OpenVPN
Macros | Functions | Variables
ssl.c File Reference
#include "syshead.h"
#include "win32.h"
#include "error.h"
#include "common.h"
#include "socket.h"
#include "misc.h"
#include "fdmisc.h"
#include "interval.h"
#include "perf.h"
#include "status.h"
#include "gremlin.h"
#include "pkcs11.h"
#include "route.h"
#include "tls_crypt.h"
#include "ssl.h"
#include "ssl_verify.h"
#include "ssl_backend.h"
#include "ssl_ncp.h"
#include "ssl_util.h"
#include "auth_token.h"
#include "mss.h"
#include "dco.h"
#include "memdbg.h"
Include dependency graph for ssl.c:

Go to the source code of this file.

Macros

#define INCR_SENT
 
#define INCR_GENERATED
 
#define INCR_SUCCESS
 
#define INCR_ERROR
 

Functions

static void key_ctx_update_implicit_iv (struct key_ctx *ctx, uint8_t *key, size_t key_len)
 Update the implicit IV for a key_ctx_bi based on TLS session ids and cipher used. More...
 
const tls_cipher_name_pairtls_get_cipher_name_pair (const char *cipher_name, size_t len)
 
static void tls_limit_reneg_bytes (const char *ciphername, int *reneg_bytes)
 Limit the reneg_bytes value when using a small-block (<128 bytes) cipher. More...
 
void tls_init_control_channel_frame_parameters (struct frame *frame, int tls_mtu)
 
static int calc_control_channel_frame_overhead (const struct tls_session *session)
 calculate the maximum overhead that control channel frames have This includes header, op code and everything apart from the payload itself. More...
 
void init_ssl_lib (void)
 
void free_ssl_lib (void)
 
void pem_password_setup (const char *auth_file)
 
int pem_password_callback (char *buf, int size, int rwflag, void *u)
 Callback to retrieve the user's password. More...
 
void enable_auth_user_pass ()
 
void auth_user_pass_setup (const char *auth_file, bool is_inline, const struct static_challenge_info *sci)
 
void ssl_set_auth_nocache (void)
 
void ssl_set_auth_token (const char *token)
 
void ssl_set_auth_token_user (const char *username)
 
bool ssl_clean_auth_token (void)
 
void ssl_purge_auth (const bool auth_user_pass_only)
 
void ssl_purge_auth_challenge (void)
 
void ssl_put_auth_challenge (const char *cr_str)
 
int tls_version_parse (const char *vstr, const char *extra)
 
static void tls_ctx_reload_crl (struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_file_inline)
 Load (or possibly reload) the CRL file into the SSL context. More...
 
void init_ssl (const struct options *options, struct tls_root_ctx *new_ctx, bool in_chroot)
 Build master SSL context object that serves for the whole of OpenVPN instantiation. More...
 
static const char * state_name (int state)
 
static const char * ks_auth_name (enum ks_auth_state auth)
 
static const char * session_index_name (int index)
 
static const char * print_key_id (struct tls_multi *multi, struct gc_arena *gc)
 
bool is_hard_reset_method2 (int op)
 Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-method 2. More...
 
static bool tls_session_user_pass_enabled (struct tls_session *session)
 Returns whether or not the server should check for username/password. More...
 
static void move_session (struct tls_multi *multi, int dest, int src, bool reinit_src)
 
static void reset_session (struct tls_multi *multi, struct tls_session *session)
 
static void compute_earliest_wakeup (interval_t *earliest, interval_t seconds_from_now)
 
static bool lame_duck_must_die (const struct tls_session *session, interval_t *wakeup)
 
struct tls_multitls_multi_init (struct tls_options *tls_options)
 Allocate and initialize a tls_multi structure. More...
 
void tls_multi_init_finalize (struct tls_multi *multi, int tls_mtu)
 Finalize initialization of a tls_multi structure. More...
 
struct tls_auth_standalonetls_auth_standalone_init (struct tls_options *tls_options, struct gc_arena *gc)
 
void tls_auth_standalone_free (struct tls_auth_standalone *tas)
 Frees a standalone tls-auth verification object. More...
 
void tls_multi_init_set_options (struct tls_multi *multi, const char *local, const char *remote)
 
void tls_multi_free (struct tls_multi *multi, bool clear)
 Cleanup a tls_multi structure and free associated memory allocations. More...
 
static void key_source_print (const struct key_source *k, const char *prefix)
 
static void key_source2_print (const struct key_source2 *k)
 
static bool openvpn_PRF (const uint8_t *secret, int secret_len, const char *label, const uint8_t *client_seed, int client_seed_len, const uint8_t *server_seed, int server_seed_len, const struct session_id *client_sid, const struct session_id *server_sid, uint8_t *output, int output_len)
 
static void init_key_contexts (struct key_state *ks, struct tls_multi *multi, const struct key_type *key_type, bool server, struct key2 *key2, bool dco_enabled)
 
static bool generate_key_expansion_tls_export (struct tls_session *session, struct key2 *key2)
 
static bool generate_key_expansion_openvpn_prf (const struct tls_session *session, struct key2 *key2)
 
static bool generate_key_expansion (struct tls_multi *multi, struct key_state *ks, struct tls_session *session)
 
bool tls_session_generate_data_channel_keys (struct tls_multi *multi, struct tls_session *session)
 Generate data channel keys for the supplied TLS session. More...
 
bool tls_session_update_crypto_params_do_work (struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi)
 
bool tls_session_update_crypto_params (struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi)
 Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options. More...
 
static bool random_bytes_to_buf (struct buffer *buf, uint8_t *out, int outlen)
 
static bool key_source2_randomize_write (struct key_source2 *k2, struct buffer *buf, bool server)
 
static int key_source2_read (struct key_source2 *k2, struct buffer *buf, bool server)
 
static void flush_payload_buffer (struct key_state *ks)
 
static void key_state_soft_reset (struct tls_session *session)
 
void tls_session_soft_reset (struct tls_multi *tls_multi)
 
static bool write_empty_string (struct buffer *buf)
 
static bool write_string (struct buffer *buf, const char *str, const int maxlen)
 
static bool read_string (struct buffer *buf, char *str, const unsigned int capacity)
 
static char * read_string_alloc (struct buffer *buf)
 
static bool push_peer_info (struct buffer *buf, struct tls_session *session)
 Prepares the IV_ and UV_ variables that are part of the exchange to signal the peer's capabilities. More...
 
static bool key_method_2_write (struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
 Handle the writing of key data, peer-info, username/password, OCC to the TLS control channel (cleartext). More...
 
static void export_user_keying_material (struct key_state_ssl *ssl, struct tls_session *session)
 
static bool key_method_2_read (struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
 Handle reading key data, peer-info, username/password, OCC from the TLS control channel (cleartext). More...
 
static int auth_deferred_expire_window (const struct tls_options *o)
 
static bool session_move_pre_start (const struct tls_session *session, struct key_state *ks, bool skip_initial_send)
 Move the session from S_INITIAL to S_PRE_START. More...
 
static void session_move_active (struct tls_multi *multi, struct tls_session *session, struct link_socket_info *to_link_socket_info, struct key_state *ks)
 Moves the key to state to S_ACTIVE and also advances the multi_state state machine if this is the initial connection. More...
 
bool session_skip_to_pre_start (struct tls_session *session, struct tls_pre_decrypt_state *state, struct link_socket_actual *from)
 
static bool parse_early_negotiation_tlvs (struct buffer *buf, struct key_state *ks)
 Parses the TLVs (type, length, value) in the early negotiation. More...
 
static bool read_incoming_tls_ciphertext (struct buffer *buf, struct key_state *ks, bool *state_change)
 Read incoming ciphertext and passes it to the buffer of the SSL library. More...
 
static bool control_packet_needs_wkc (const struct key_state *ks)
 
static bool read_incoming_tls_plaintext (struct key_state *ks, struct buffer *buf, interval_t *wakeup, bool *state_change)
 
static bool write_outgoing_tls_ciphertext (struct tls_session *session, bool *state_change)
 
static bool tls_process_state (struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
 
static bool tls_process (struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
 
static void check_session_buf_not_used (struct buffer *to_link, struct tls_session *session)
 This is a safe guard function to double check that a buffer from a session is not used in a session to avoid a use after free. More...
 
int tls_multi_process (struct tls_multi *multi, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
 
static void print_key_id_not_found_reason (struct tls_multi *multi, const struct link_socket_actual *from, int key_id)
 We have not found a matching key to decrypt data channel packet, try to generate a sensible error message and print it. More...
 
static void handle_data_channel_packet (struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
 Check the keyid of the an incoming data channel packet and return the matching crypto parameters in opt if found. More...
 
bool tls_pre_decrypt (struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
 Determine whether an incoming packet is a data channel or control channel packet, and process accordingly. More...
 
struct key_statetls_select_encryption_key (struct tls_multi *multi)
 Selects the primary encryption that should be used to encrypt data of an outgoing packet. More...
 
void tls_pre_encrypt (struct tls_multi *multi, struct buffer *buf, struct crypto_options **opt)
 Choose the appropriate security parameters with which to process an outgoing packet. More...
 
void tls_prepend_opcode_v1 (const struct tls_multi *multi, struct buffer *buf)
 Prepend a one-byte OpenVPN data channel P_DATA_V1 opcode to the packet. More...
 
void tls_prepend_opcode_v2 (const struct tls_multi *multi, struct buffer *buf)
 Prepend an OpenVPN data channel P_DATA_V2 header to the packet. More...
 
void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf)
 Perform some accounting for the key state used. More...
 
bool tls_send_payload (struct key_state *ks, const uint8_t *data, int size)
 
bool tls_rec_payload (struct tls_multi *multi, struct buffer *buf)
 
void tls_update_remote_addr (struct tls_multi *multi, const struct link_socket_actual *addr)
 Updates remote address in TLS sessions. More...
 
void show_available_tls_ciphers (const char *cipher_list, const char *cipher_list_tls13, const char *tls_cert_profile)
 
const char * protocol_dump (struct buffer *buffer, unsigned int flags, struct gc_arena *gc)
 
Functions for initialization and cleanup of key_state structures
static void key_state_init (struct tls_session *session, struct key_state *ks)
 Initialize a key_state structure. More...
 
static void key_state_free (struct key_state *ks, bool clear)
 Cleanup a key_state structure. More...
 
Functions for initialization and cleanup of tls_session structures
static void tls_session_init (struct tls_multi *multi, struct tls_session *session)
 Initialize a tls_session structure. More...
 
static void tls_session_free (struct tls_session *session, bool clear)
 Clean up a tls_session structure. More...
 

Variables

static const tls_cipher_name_pair tls_cipher_name_translation_table []
 SSL/TLS Cipher suite name translation table. More...
 
static struct user_pass passbuf
 
static bool auth_user_pass_enabled
 
static struct user_pass auth_user_pass
 
static struct user_pass auth_token
 
static char * auth_challenge
 

Macro Definition Documentation

◆ INCR_ERROR

#define INCR_ERROR

Definition at line 93 of file ssl.c.

◆ INCR_GENERATED

#define INCR_GENERATED

Definition at line 91 of file ssl.c.

◆ INCR_SENT

#define INCR_SENT

Definition at line 90 of file ssl.c.

◆ INCR_SUCCESS

#define INCR_SUCCESS

Definition at line 92 of file ssl.c.

Function Documentation

◆ auth_deferred_expire_window()

static int auth_deferred_expire_window ( const struct tls_options o)
static

Definition at line 2506 of file ssl.c.

References tls_options::handshake_window, and tls_options::renegotiate_seconds.

Referenced by session_move_pre_start().

◆ auth_user_pass_setup()

void auth_user_pass_setup ( const char *  auth_file,
bool  is_inline,
const struct static_challenge_info sci 
)

◆ calc_control_channel_frame_overhead()

static int calc_control_channel_frame_overhead ( const struct tls_session session)
static

calculate the maximum overhead that control channel frames have This includes header, op code and everything apart from the payload itself.

This method is a bit pessimistic and might give higher overhead than we actually have

Definition at line 346 of file ssl.c.

References ACK_SIZE, CONTROL_SEND_ACK_MAX, datagram_overhead(), hmac_ctx_size(), session::key, KS_PRIMARY, reliable_ack::len, key_state::lru_acks, min_int(), packet_id_size(), PROTO_UDP, key_state::rec_ack, reliable_ack_outstanding(), SID_SIZE, and tls_crypt_buf_overhead().

Referenced by write_outgoing_tls_ciphertext().

◆ check_session_buf_not_used()

static void check_session_buf_not_used ( struct buffer to_link,
struct tls_session session 
)
static

This is a safe guard function to double check that a buffer from a session is not used in a session to avoid a use after free.

Parameters
to_link
session

Definition at line 3173 of file ssl.c.

References reliable::array, reliable_entry::buf, buffer::data, session::key, KS_SIZE, buffer::len, M_FATAL, M_INFO, msg, S_UNDEF, key_state::send_reliable, reliable::size, key_state::state, and state_name().

Referenced by tls_multi_process().

◆ compute_earliest_wakeup()

static void compute_earliest_wakeup ( interval_t earliest,
interval_t  seconds_from_now 
)
inlinestatic

Definition at line 1262 of file ssl.c.

Referenced by lame_duck_must_die(), and tls_process().

◆ control_packet_needs_wkc()

static bool control_packet_needs_wkc ( const struct key_state ks)
static

◆ enable_auth_user_pass()

void enable_auth_user_pass ( )

Definition at line 443 of file ssl.c.

References auth_user_pass_enabled.

Referenced by init_query_passwords().

◆ export_user_keying_material()

static void export_user_keying_material ( struct key_state_ssl ssl,
struct tls_session session 
)
static

◆ flush_payload_buffer()

static void flush_payload_buffer ( struct key_state ks)
static

◆ free_ssl_lib()

void free_ssl_lib ( void  )

Definition at line 392 of file ssl.c.

References crypto_uninit_lib(), and tls_free_lib().

Referenced by uninit_static().

◆ generate_key_expansion()

static bool generate_key_expansion ( struct tls_multi multi,
struct key_state ks,
struct tls_session session 
)
static

◆ generate_key_expansion_openvpn_prf()

static bool generate_key_expansion_openvpn_prf ( const struct tls_session session,
struct key2 key2 
)
static

◆ generate_key_expansion_tls_export()

static bool generate_key_expansion_tls_export ( struct tls_session session,
struct key2 key2 
)
static

Definition at line 1545 of file ssl.c.

References EXPORT_KEY_DATA_LABEL, key_state_export_keying_material(), key2::keys, and key2::n.

Referenced by generate_key_expansion().

◆ handle_data_channel_packet()

static void handle_data_channel_packet ( struct tls_multi multi,
const struct link_socket_actual from,
struct buffer buf,
struct crypto_options **  opt,
bool  floated,
const uint8_t **  ad_start 
)
inlinestatic

Check the keyid of the an incoming data channel packet and return the matching crypto parameters in opt if found.

Also move the buf to the start of the encrypted data, skipping the opcode and peer id header and setting also set ad_start for AEAD ciphers to the start of the authenticated data.

Definition at line 3504 of file ssl.c.

References ASSERT, key_state::authenticated, BPTR, buf_advance(), key_state::crypto_options, D_TLS_ERRORS, D_TLS_KEYSELECT, dmsg, gc_free(), gc_new(), get_key_scan(), key_ctx_bi::initialized, crypto_options::key_ctx_bi, key_state::key_id, KEY_SCAN_SIZE, KS_AUTH_TRUE, buffer::len, link_socket_actual_match(), msg, key_state::n_bytes, key_state::n_packets, tls_multi::n_soft_errors, P_DATA_V1, P_DATA_V2, P_KEY_ID_MASK, P_OPCODE_SHIFT, print_key_id_not_found_reason(), print_link_socket_actual(), key_state::remote_addr, S_GENERATED_KEYS, key_state::state, and tls_clear_error().

Referenced by tls_pre_decrypt().

◆ init_key_contexts()

static void init_key_contexts ( struct key_state ks,
struct tls_multi multi,
const struct key_type key_type,
bool  server,
struct key2 key2,
bool  dco_enabled 
)
static

◆ init_ssl()

void init_ssl ( const struct options options,
struct tls_root_ctx new_ctx,
bool  in_chroot 
)

◆ init_ssl_lib()

void init_ssl_lib ( void  )

Definition at line 384 of file ssl.c.

References crypto_init_lib(), and tls_init_lib().

Referenced by init_static().

◆ is_hard_reset_method2()

bool is_hard_reset_method2 ( int  op)

Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-method 2.

Definition at line 923 of file ssl.c.

References P_CONTROL_HARD_RESET_CLIENT_V2, P_CONTROL_HARD_RESET_CLIENT_V3, and P_CONTROL_HARD_RESET_SERVER_V2.

Referenced by tls_pre_decrypt(), and tls_process_state().

◆ key_ctx_update_implicit_iv()

static void key_ctx_update_implicit_iv ( struct key_ctx ctx,
uint8_t *  key,
size_t  key_len 
)
static

Update the implicit IV for a key_ctx_bi based on TLS session ids and cipher used.

Note that the implicit IV is based on the HMAC key, but only in AEAD modes where the HMAC key is not used for an actual HMAC.

Parameters
ctxEncrypt/decrypt key context
keyHMAC key, used to calculate implicit IV
key_lenHMAC key length

Definition at line 1673 of file ssl.c.

References ASSERT, key_ctx::cipher, cipher_ctx_iv_length(), cipher_ctx_mode_aead(), key_ctx::implicit_iv, key_ctx::implicit_iv_len, OPENVPN_AEAD_MIN_IV_LEN, and OPENVPN_MAX_IV_LENGTH.

Referenced by init_key_contexts().

◆ key_method_2_read()

static bool key_method_2_read ( struct buffer buf,
struct tls_multi multi,
struct tls_session session 
)
static

◆ key_method_2_write()

static bool key_method_2_write ( struct buffer buf,
struct tls_multi multi,
struct tls_session session 
)
static

◆ key_source2_print()

static void key_source2_print ( const struct key_source2 k)
static

Definition at line 1449 of file ssl.c.

References key_source2::client, key_source_print(), and key_source2::server.

Referenced by generate_key_expansion_openvpn_prf().

◆ key_source2_randomize_write()

static bool key_source2_randomize_write ( struct key_source2 k2,
struct buffer buf,
bool  server 
)
static

◆ key_source2_read()

static int key_source2_read ( struct key_source2 k2,
struct buffer buf,
bool  server 
)
static

◆ key_source_print()

static void key_source_print ( const struct key_source k,
const char *  prefix 
)
static

◆ key_state_soft_reset()

static void key_state_soft_reset ( struct tls_session session)
static

◆ ks_auth_name()

static const char* ks_auth_name ( enum ks_auth_state  auth)
static

Definition at line 865 of file ssl.c.

References KS_AUTH_DEFERRED, KS_AUTH_FALSE, and KS_AUTH_TRUE.

Referenced by print_key_id().

◆ lame_duck_must_die()

static bool lame_duck_must_die ( const struct tls_session session,
interval_t wakeup 
)
inlinestatic

◆ move_session()

static void move_session ( struct tls_multi multi,
int  dest,
int  src,
bool  reinit_src 
)
static

◆ openvpn_PRF()

static bool openvpn_PRF ( const uint8_t *  secret,
int  secret_len,
const char *  label,
const uint8_t *  client_seed,
int  client_seed_len,
const uint8_t *  server_seed,
int  server_seed_len,
const struct session_id client_sid,
const struct session_id server_sid,
uint8_t *  output,
int  output_len 
)
static

◆ parse_early_negotiation_tlvs()

static bool parse_early_negotiation_tlvs ( struct buffer buf,
struct key_state ks 
)
static

◆ pem_password_callback()

int pem_password_callback ( char *  buf,
int  size,
int  rwflag,
void *  u 
)

Callback to retrieve the user's password.

Parameters
bufBuffer to return the password in
sizeSize of the buffer
rwflagUnused, needed for OpenSSL compatibility
uUnused, needed for OpenSSL compatibility

Definition at line 416 of file ssl.c.

References passbuf, user_pass::password, pem_password_setup(), purge_user_pass(), and strncpynt().

Referenced by tls_ctx_load_pkcs12(), and tls_ctx_set_options().

◆ pem_password_setup()

void pem_password_setup ( const char *  auth_file)

◆ print_key_id()

static const char* print_key_id ( struct tls_multi multi,
struct gc_arena gc 
)
static

◆ print_key_id_not_found_reason()

static void print_key_id_not_found_reason ( struct tls_multi multi,
const struct link_socket_actual from,
int  key_id 
)
static

We have not found a matching key to decrypt data channel packet, try to generate a sensible error message and print it.

Definition at line 3452 of file ssl.c.

References key_state::authenticated, D_MULTI_DROPPED, D_TLS_ERRORS, gc_free(), gc_new(), get_key_scan(), key_state::key_id, KEY_SCAN_SIZE, KS_AUTH_DEFERRED, KS_AUTH_TRUE, msg, print_key_id(), print_link_socket_actual(), S_ACTIVE, S_GENERATED_KEYS, S_INITIAL, and key_state::state.

Referenced by handle_data_channel_packet().

◆ protocol_dump()

const char* protocol_dump ( struct buffer buffer,
unsigned int  flags,
struct gc_arena gc 
)

◆ push_peer_info()

static bool push_peer_info ( struct buffer buf,
struct tls_session session 
)
static

Prepares the IV_ and UV_ variables that are part of the exchange to signal the peer's capabilities.

The amount of variables is determined by session->opt->push_peer_info_detail

0     nothing. Used on a TLS P2MP server side to send no information
      to the client
1     minimal info needed for NCP in P2P mode
2     when --pull is enabled, the "default" set of variables
3     all information including MAC address and library versions
Parameters
bufthe buffer to write these variables to
sessionthe TLS session object
Returns
true if no error was encountered

Definition at line 2008 of file ssl.c.

References alloc_buf_gc(), BSTR, buf_printf(), buf_safe(), es, route_gateway_info::flags, format_hex_ex(), env_set::gc, gc_free(), gc_new(), get_default_gateway(), get_ssl_library_version(), route_gateway_info::hwaddr, IV_PROTO_AUTH_FAIL_TEMP, IV_PROTO_AUTH_PENDING_KW, IV_PROTO_CC_EXIT_NOTIFY, IV_PROTO_DATA_V2, IV_PROTO_DNS_OPTION, IV_PROTO_DYN_TLS_CRYPT, IV_PROTO_NCP_P2P, IV_PROTO_REQUEST_PUSH, IV_PROTO_TLS_KEY_EXPORT, env_set::list, MODE_SERVER, env_item::next, PACKAGE_VERSION, RGI_HWADDR_DEFINED, tls_item_in_cipher_list(), win32_version_string(), write_empty_string(), and write_string().

Referenced by key_method_2_write(), options_postprocess_verify_ce(), and show_settings().

◆ random_bytes_to_buf()

static bool random_bytes_to_buf ( struct buffer buf,
uint8_t *  out,
int  outlen 
)
static

Definition at line 1803 of file ssl.c.

References buf_write(), M_FATAL, msg, and rand_bytes().

Referenced by key_source2_randomize_write().

◆ read_incoming_tls_ciphertext()

static bool read_incoming_tls_ciphertext ( struct buffer buf,
struct key_state ks,
bool *  state_change 
)
static

Read incoming ciphertext and passes it to the buffer of the SSL library.

Returns false if an error is encountered that should abort the session.

Definition at line 2696 of file ssl.c.

References D_TLS_DEBUG, D_TLS_ERRORS, dmsg, key_state_write_ciphertext(), key_state::ks_ssl, buffer::len, msg, key_state::rec_reliable, reliable_mark_deleted(), and status.

Referenced by tls_process_state().

◆ read_incoming_tls_plaintext()

static bool read_incoming_tls_plaintext ( struct key_state ks,
struct buffer buf,
interval_t wakeup,
bool *  state_change 
)
static

◆ read_string()

static bool read_string ( struct buffer buf,
char *  str,
const unsigned int  capacity 
)
static

Definition at line 1956 of file ssl.c.

References buf_read(), and buf_read_u16().

Referenced by key_method_2_read().

◆ read_string_alloc()

static char* read_string_alloc ( struct buffer buf)
static

Definition at line 1972 of file ssl.c.

References buf_read(), buf_read_u16(), and check_malloc_return().

Referenced by key_method_2_read().

◆ reset_session()

static void reset_session ( struct tls_multi multi,
struct tls_session session 
)
static

Definition at line 1251 of file ssl.c.

References tls_session_free(), and tls_session_init().

Referenced by tls_multi_process().

◆ session_index_name()

static const char* session_index_name ( int  index)
static

Definition at line 884 of file ssl.c.

References TM_ACTIVE, TM_INITIAL, and TM_LAME_DUCK.

Referenced by move_session().

◆ session_move_active()

static void session_move_active ( struct tls_multi multi,
struct tls_session session,
struct link_socket_info to_link_socket_info,
struct key_state ks 
)
static

◆ session_move_pre_start()

static bool session_move_pre_start ( const struct tls_session session,
struct key_state ks,
bool  skip_initial_send 
)
static

◆ session_skip_to_pre_start()

bool session_skip_to_pre_start ( struct tls_session session,
struct tls_pre_decrypt_state state,
struct link_socket_actual from 
)

◆ show_available_tls_ciphers()

void show_available_tls_ciphers ( const char *  cipher_list,
const char *  cipher_list_tls13,
const char *  tls_cert_profile 
)

Definition at line 4169 of file ssl.c.

References show_available_tls_ciphers_list(), TLS_VER_1_3, and tls_version_max().

Referenced by print_openssl_info().

◆ ssl_clean_auth_token()

bool ssl_clean_auth_token ( void  )

◆ ssl_purge_auth()

void ssl_purge_auth ( const bool  auth_user_pass_only)

◆ ssl_purge_auth_challenge()

void ssl_purge_auth_challenge ( void  )

Definition at line 548 of file ssl.c.

References auth_challenge.

Referenced by ssl_purge_auth(), and ssl_put_auth_challenge().

◆ ssl_put_auth_challenge()

void ssl_put_auth_challenge ( const char *  cr_str)

Definition at line 555 of file ssl.c.

References auth_challenge, ssl_purge_auth_challenge(), and string_alloc().

Referenced by receive_auth_failed().

◆ ssl_set_auth_nocache()

void ssl_set_auth_nocache ( void  )

Definition at line 494 of file ssl.c.

References auth_user_pass, user_pass::nocache, and passbuf.

Referenced by add_option().

◆ ssl_set_auth_token()

void ssl_set_auth_token ( const char *  token)

Definition at line 504 of file ssl.c.

References auth_token, auth_user_pass, and set_auth_token().

Referenced by add_option().

◆ ssl_set_auth_token_user()

void ssl_set_auth_token_user ( const char *  username)

Definition at line 510 of file ssl.c.

References auth_token, set_auth_token_user(), and user_pass::username.

Referenced by add_option().

◆ state_name()

static const char* state_name ( int  state)
static

◆ tls_ctx_reload_crl()

static void tls_ctx_reload_crl ( struct tls_root_ctx ssl_ctx,
const char *  crl_file,
bool  crl_file_inline 
)
static

Load (or possibly reload) the CRL file into the SSL context.

No reload is performed under the following conditions:

  • the CRL file was passed inline
  • the CRL file was not modified since the last (re)load
Parameters
ssl_ctxThe TLS context to use when reloading the CRL
crl_fileThe file name to load the CRL from, or "[[INLINE]]" in the case of inline files.
crl_inlineA string containing the CRL

Definition at line 610 of file ssl.c.

References backend_tls_ctx_reload_crl(), tls_root_ctx::crl_last_mtime, tls_root_ctx::crl_last_size, M_FATAL, M_WARN, msg, and platform_stat().

Referenced by init_ssl(), and key_state_init().

◆ tls_get_cipher_name_pair()

const tls_cipher_name_pair* tls_get_cipher_name_pair ( const char *  cipher_name,
size_t  len 
)

◆ tls_limit_reneg_bytes()

static void tls_limit_reneg_bytes ( const char *  ciphername,
int *  reneg_bytes 
)
static

Limit the reneg_bytes value when using a small-block (<128 bytes) cipher.

Parameters
cipherThe current cipher (may be NULL).
reneg_bytesPointer to the current reneg_bytes, updated if needed. May not be NULL.

Definition at line 284 of file ssl.c.

References cipher_kt_insecure(), M_WARN, and msg.

Referenced by tls_session_generate_data_channel_keys().

◆ tls_multi_process()

int tls_multi_process ( struct tls_multi multi,
struct buffer to_link,
struct link_socket_actual **  to_link_addr,
struct link_socket_info to_link_socket_info,
interval_t wakeup 
)

◆ tls_process()

static bool tls_process ( struct tls_multi multi,
struct tls_session session,
struct buffer to_link,
struct link_socket_actual **  to_link_addr,
struct link_socket_info to_link_socket_info,
interval_t wakeup 
)
static

◆ tls_process_state()

static bool tls_process_state ( struct tls_multi multi,
struct tls_session session,
struct buffer to_link,
struct link_socket_actual **  to_link_addr,
struct link_socket_info to_link_socket_info,
interval_t wakeup 
)
static

◆ tls_rec_payload()

bool tls_rec_payload ( struct tls_multi multi,
struct buffer buf 
)

◆ tls_send_payload()

bool tls_send_payload ( struct key_state ks,
const uint8_t *  data,
int  size 
)

◆ tls_session_generate_data_channel_keys()

bool tls_session_generate_data_channel_keys ( struct tls_multi multi,
struct tls_session session 
)

Generate data channel keys for the supplied TLS session.

This erases the source material used to generate the data channel keys, and can thus be called only once per session.

Definition at line 1695 of file ssl.c.

References key_state::authenticated, cleanup(), key_state::crypto_options, D_TLS_ERRORS, crypto_options::flags, generate_key_expansion(), session::key, key_state::key_src, KS_AUTH_FALSE, KS_PRIMARY, msg, S_GENERATED_KEYS, secure_memzero(), key_state::state, and tls_limit_reneg_bytes().

Referenced by tls_multi_process(), and tls_session_update_crypto_params_do_work().

◆ tls_session_soft_reset()

void tls_session_soft_reset ( struct tls_multi tls_multi)

Definition at line 1917 of file ssl.c.

References key_state_soft_reset(), tls_multi::session, and TM_ACTIVE.

Referenced by process_incoming_dco().

◆ tls_session_update_crypto_params()

bool tls_session_update_crypto_params ( struct tls_multi multi,
struct tls_session session,
struct options options,
struct frame frame,
struct frame frame_fragment,
struct link_socket_info lsi 
)

Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options.

Does nothing if keys are already generated.

Parameters
multiThe TLS object for this instance.
sessionThe TLS session to update.
optionsThe options to use when updating session.
frameThe frame options for this session (frame overhead is adjusted based on the selected cipher/auth).
frame_fragmentThe fragment frame options.
lsilink socket info to adjust MTU related options depending on the current protocol
Returns
true if updating succeeded or keys are already generated, false otherwise.

Definition at line 1783 of file ssl.c.

References check_session_cipher(), options::imported_protocol_flags, and tls_session_update_crypto_params_do_work().

Referenced by do_deferred_options_part2(), do_deferred_p2p_ncp(), and multi_client_generate_tls_keys().

◆ tls_session_update_crypto_params_do_work()

bool tls_session_update_crypto_params_do_work ( struct tls_multi multi,
struct tls_session session,
struct options options,
struct frame frame,
struct frame frame_fragment,
struct link_socket_info lsi 
)

◆ tls_session_user_pass_enabled()

static bool tls_session_user_pass_enabled ( struct tls_session session)
inlinestatic

Returns whether or not the server should check for username/password.

Parameters
sessionThe current TLS session
Returns
true if username and password verification is enabled, false if not.

Definition at line 1091 of file ssl.c.

References ENABLE_MANAGEMENT, management_enable_def_auth(), OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, and plugin_defined().

Referenced by key_method_2_read().

◆ tls_update_remote_addr()

void tls_update_remote_addr ( struct tls_multi multi,
const struct link_socket_actual addr 
)

Updates remote address in TLS sessions.

Parameters
multi- Tunnel to update
addr- new address

Definition at line 4141 of file ssl.c.

References D_TLS_KEYSELECT, dmsg, gc_free(), gc_new(), session::key, KS_SIZE, link_socket_actual_defined(), link_socket_actual_match(), print_link_socket_actual(), key_state::remote_addr, tls_multi::session, and TM_SIZE.

Referenced by multi_process_float().

◆ tls_version_parse()

int tls_version_parse ( const char *  vstr,
const char *  extra 
)

Definition at line 569 of file ssl.c.

References TLS_VER_1_0, TLS_VER_1_1, TLS_VER_1_2, TLS_VER_1_3, TLS_VER_BAD, and tls_version_max().

Referenced by add_option().

◆ write_empty_string()

static bool write_empty_string ( struct buffer buf)
static

Definition at line 1927 of file ssl.c.

References buf_write_u16().

Referenced by key_method_2_write(), and push_peer_info().

◆ write_outgoing_tls_ciphertext()

static bool write_outgoing_tls_ciphertext ( struct tls_session session,
bool *  state_change 
)
static

◆ write_string()

static bool write_string ( struct buffer buf,
const char *  str,
const int  maxlen 
)
static

Definition at line 1937 of file ssl.c.

References buf_write(), and buf_write_u16().

Referenced by key_method_2_write(), and push_peer_info().

Variable Documentation

◆ auth_challenge

char* auth_challenge
static

◆ auth_token

struct user_pass auth_token
static

◆ auth_user_pass

struct user_pass auth_user_pass
static

◆ auth_user_pass_enabled

bool auth_user_pass_enabled
static

Definition at line 434 of file ssl.c.

Referenced by enable_auth_user_pass(), and key_method_2_write().

◆ passbuf

struct user_pass passbuf
static

◆ tls_cipher_name_translation_table

const tls_cipher_name_pair tls_cipher_name_translation_table[]
static

SSL/TLS Cipher suite name translation table.

Definition at line 100 of file ssl.c.

Referenced by tls_get_cipher_name_pair().