71#ifdef MEASURE_TLS_HANDSHAKE_STATS
73static int tls_handshake_success;
74static int tls_handshake_error;
75static int tls_packets_generated;
76static int tls_packets_sent;
78#define INCR_SENT ++tls_packets_sent
79#define INCR_GENERATED ++tls_packets_generated
80#define INCR_SUCCESS ++tls_handshake_success
81#define INCR_ERROR ++tls_handshake_error
84show_tls_performance_stats(
void)
86 msg(
D_TLS_DEBUG_LOW,
"TLS Handshakes, success=%f%% (good=%d, bad=%d), retransmits=%f%%",
87 (
double) tls_handshake_success / (tls_handshake_success + tls_handshake_error) * 100.0,
88 tls_handshake_success, tls_handshake_error,
89 (
double) (tls_packets_sent - tls_packets_generated) / tls_packets_generated * 100.0);
112 if (*reneg_bytes == -1)
114 msg(
M_WARN,
"WARNING: cipher with small block size in use, "
115 "reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.");
116 *reneg_bytes = 64 * 1024 * 1024;
135 msg(
D_SHOW_KEYS,
"Note: AEAD cipher %s will trigger a renegotiation"
136 " at a sum of %" PRIi64
" blocks and packets.",
208 if (
session->tls_wrap.mode == TLS_WRAP_CRYPT)
212 else if (
session->tls_wrap.mode == TLS_WRAP_AUTH)
284#ifdef ENABLE_MANAGEMENT
308#ifdef ENABLE_MANAGEMENT
394 if (!auth_user_pass_only)
402#ifdef ENABLE_MANAGEMENT
407#ifdef ENABLE_MANAGEMENT
434 if (!strcmp(vstr,
"1.0") &&
TLS_VER_1_0 <= max_version)
438 else if (!strcmp(vstr,
"1.1") &&
TLS_VER_1_1 <= max_version)
442 else if (!strcmp(vstr,
"1.2") &&
TLS_VER_1_2 <= max_version)
446 else if (!strcmp(vstr,
"1.3") &&
TLS_VER_1_3 <= max_version)
450 else if (extra && !strcmp(extra,
"or-highest"))
473 bool crl_file_inline)
486 crl_stat.st_mtime = 1;
493 msg(
M_FATAL,
"ERROR: Failed to stat CRL file during initialization, exiting.");
497 msg(
M_WARN,
"WARNING: Failed to stat CRL file, not reloading CRL.");
578 else if (
options->pkcs11_providers[0])
580 if (!tls_ctx_use_pkcs11(new_ctx,
options->pkcs11_id_management,
options->pkcs11_id))
582 msg(
M_WARN,
"Cannot load certificate \"%s\" using PKCS#11 interface",
588#ifdef ENABLE_CRYPTOAPI
594#ifdef ENABLE_MANAGEMENT
616#ifdef ENABLE_MANAGEMENT
621 msg(
M_WARN,
"Cannot initialize mamagement-external-key");
672#ifdef ENABLE_CRYPTO_MBEDTLS
701 return "S_PRE_START_SKIP";
704 return "S_PRE_START";
722 return "S_ERROR_PRE";
725 return "S_GENERATED_KEYS";
738 return "KS_AUTH_TRUE";
741 return "KS_AUTH_DEFERRED";
744 return "KS_AUTH_FALSE";
763 return "TM_LAME_DUCK";
781 buf_printf(&out,
" [key#%d state=%s auth=%s id=%d sid=%s]", i,
884#ifdef ENABLE_MANAGEMENT
962 return (
session->opt->auth_user_pass_verify_script
1032 if (
session->opt->tls_crypt_v2)
1034 session->tls_wrap.opt.packet_id.send.time =
now;
1040 &
session->tls_wrap.opt.packet_id);
1044 dmsg(
D_TLS_DEBUG,
"TLS: tls_session_init: new session object, sid=%s",
1071 for (
size_t i = 0; i <
KS_SIZE; ++i)
1133 if (seconds_from_now < *earliest)
1135 *earliest = seconds_from_now;
1276 for (
int i = 0; i <
TM_SIZE; ++i)
1304 "%s pre_master: %s",
1330 const uint8_t *client_seed,
1331 int client_seed_len,
1332 const uint8_t *server_seed,
1333 int server_seed_len,
1429 msg(
M_FATAL,
"FATAL: DCO does not support --auth");
1436 msg(
M_FATAL,
"Impossible to install key material in DCO: %s",
1443 key->initialized =
true;
1450 "required for epoch data format.",
1478 uint8_t master[48] = { 0 };
1541 if (
key->initialized)
1547 bool server =
session->opt->server;
1562 "might not support the old TLS 1.0 PRF calculation anymore or "
1563 "the policy does not allow it (e.g. running in FIPS mode). "
1564 "The peer did not announce support for the modern TLS Export "
1565 "feature that replaces the TLS 1.0 PRF (requires OpenVPN "
1566 "2.6.x or higher)");
1572 "Master Encrypt",
"Master Decrypt");
1575 for (
int i = 0; i < 2; ++i)
1621 &
session->opt->renegotiate_bytes);
1639 struct frame *frame_fragment,
1655 if (packet_id_long_form)
1701 msg(
D_DCO,
"Cannot set DCO peer parameters for peer (id=%u): %s",
1714 struct frame *frame_fragment,
1727 frame, frame_fragment, lsi, dco);
1738 msg(
M_FATAL,
"ERROR: Random number generator cannot obtain entropy for key generation [SSL]");
1868 const int len = strlen(str) + 1;
1869 if (len < 1 || (maxlen >= 0 && len > maxlen))
1898 if (len < 1 || len > (
int)capacity)
1923 str = (
char *) malloc(len);
1956 if (
session->opt->push_peer_info_detail > 1)
1962#if defined(TARGET_LINUX)
1964#elif defined(TARGET_SOLARIS)
1966#elif defined(TARGET_OPENBSD)
1968#elif defined(TARGET_DARWIN)
1970#elif defined(TARGET_NETBSD)
1972#elif defined(TARGET_FREEBSD)
1974#elif defined(TARGET_ANDROID)
1976#elif defined(_WIN32)
1985 if (
session->opt->push_peer_info_detail > 0)
2030 if (
session->opt->data_epoch_supported)
2042 if (
session->opt->push_peer_info_detail > 1)
2050 if (
session->opt->push_peer_info_detail > 2)
2065 buf_printf(&out,
"IV_PLAT_VER=%s\n", u.release);
2069 if (
session->opt->push_peer_info_detail > 1)
2077 if ((((strncmp(e->string,
"UV_", 3) == 0
2078 || strncmp(e->string,
"IV_PLAT_VER=",
sizeof(
"IV_PLAT_VER=") - 1) == 0)
2079 &&
session->opt->push_peer_info_detail > 2)
2080 || (strncmp(e->string,
"IV_GUI_VER=",
sizeof(
"IV_GUI_VER=") - 1) == 0)
2081 || (strncmp(e->string,
"IV_SSO=",
sizeof(
"IV_SSO=") - 1) == 0)
2083 &&
buf_safe(&out, strlen(e->string) + 1))
2112write_compat_local_options(
struct buffer *buf,
const char *
options)
2157 if (!write_compat_local_options(buf,
session->opt->local_options))
2173#ifdef ENABLE_MANAGEMENT
2175 session->opt->auth_user_pass_file_inline,
2179 session->opt->auth_user_pass_file_inline, NULL);
2248 if (
session->opt->ekm_size > 0)
2250 unsigned int size =
session->opt->ekm_size;
2259 unsigned int len = (size * 2) + 2;
2270 msg(
M_WARN,
"WARNING: Export keying material failed!");
2296 msg(
D_TLS_ERRORS,
"TLS ERROR: Plaintext buffer too short (%d bytes).",
2306 "TLS ERROR: Unknown key_method/flags=%d received from remote host",
2314 msg(
D_TLS_ERRORS,
"TLS Error: Error reading remote data channel key source entropy from plaintext buffer");
2321 msg(
D_TLS_ERRORS,
"TLS Error: Failed to read required OCC options string");
2356 if (username_len < 0 || password_len < 0)
2358 msg(
D_TLS_ERRORS,
"TLS Error: Username (%d) or password (%d) too long",
2359 abs(username_len), abs(password_len));
2361 "Maximum length is 128 bytes");
2370 if (!username_len || !password_len)
2375 msg(
D_TLS_ERRORS,
"TLS Error: Auth Username/Password was not provided by peer");
2388 "TLS Error: Certificate verification failed (key-method 2)");
2406 const char *remote_options =
session->opt->remote_options;
2410 msg(
D_PUSH,
"Note: 'compress migrate' detected remote peer "
2411 "with compression enabled.");
2420 msg(
D_TLS_ERRORS,
"Option inconsistency warnings triggering disconnect due to --opt-verify");
2487 struct key_state *ks,
bool skip_initial_send)
2517#ifdef ENABLE_MANAGEMENT
2576#ifdef MEASURE_TLS_HANDSHAKE_STATS
2577 show_tls_performance_stats();
2590 session->untrusted_addr = *from;
2600 session->tls_wrap.opt.packet_id.send.id = 1;
2610 while (buf->
len > 0)
2627 if (len !=
sizeof(uint16_t))
2658 bool *continue_tls_process)
2667 "TLS Error: Incoming Ciphertext -> TLS object write error");
2678 *continue_tls_process =
true;
2694 interval_t *wakeup,
bool *continue_tls_process)
2703 msg(
D_TLS_ERRORS,
"TLS Error: TLS object -> incoming plaintext read error");
2708 *continue_tls_process =
true;
2736 int maxlen = max_pkt_len * rel_avail;
2750 "Sending minimum sized packet.",
2767 "TLS Error: Ciphertext -> reliable TCP/UDP transport read error");
2849 "TLS Error: TLS key negotiation failed to occur within %d seconds (check your network connectivity)",
2850 session->opt->handshake_window);
2860 continue_tls_process =
true;
2873 continue_tls_process =
true;
2981 "TLS ERROR: Outgoing Plaintext -> TLS object write error");
3021 if (
session->opt->renegotiate_seconds
3028 if (
session->opt->renegotiate_bytes > 0
3035 if (
session->opt->renegotiate_packets
3076 const uint64_t usage_limit =
session->opt->aead_usage_limit;
3124 " aead_limit_send=%" PRIu64
"/%" PRIu64
3125 " aead_limit_recv=%" PRIu64
"/%" PRIu64,
3130 session->opt->aead_usage_limit,
3132 session->opt->aead_usage_limit
3144 bool continue_tls_process =
true;
3145 while (continue_tls_process)
3149 dmsg(
D_TLS_DEBUG,
"TLS: tls_process: chg=%d ks=%s lame=%s to_link->len=%d wakeup=%d",
3150 continue_tls_process,
3156 to_link_socket_info, wakeup);
3260 msg(
M_INFO,
"Warning buffer of freed TLS session is "
3261 "still in use (tls_wrap.work.data)");
3279 msg(
M_FATAL,
"ERROR: session->key[%d]->send_reliable is NULL "
3280 "while key state is %s. Exiting.",
3288 msg(
M_INFO,
"Warning buffer of freed TLS session is still in"
3289 " use (session->key[%d].send_reliable->array[%d])",
3330 for (
int i = 0; i <
TM_SIZE; ++i)
3347 "TLS: tls_multi_process: i=%d state=%s, mysid=%s, stored-sid=%s, stored-ip=%s",
3361 to_link_socket_info, wakeup))
3473 "session promoted to %strusted",
3503 const int throw_level = GREMLIN_CONNECTION_FLOOD_LEVEL(multi->
opt.
gremlin);
3549 "Key %s [%d] not initialized (yet), dropping packet.",
3557 "Key %s [%d] not authorized%s, dropping packet.",
3566 "TLS Error: local/remote TLS keys are out of sync: %s "
3567 "(received key id: %d, known key ids: %s)",
3586 const uint8_t **ad_start)
3590 uint8_t c = *
BPTR(buf);
3620 *ad_start =
BPTR(buf);
3625 *ad_start =
BPTR(buf);
3631 msg(
D_TLS_ERRORS,
"Protocol error: received P_DATA_V2 from %s but length is < 4",
3642 "TLS: tls_pre_decrypt, key_id=%d, IP=%s",
3689 const uint8_t **ad_start)
3703 uint8_t pkt_firstbyte = *
BPTR(buf);
3716 bool do_burst =
false;
3717 bool new_link =
false;
3729 "TLS Error: unknown opcode received from %s op=%d",
3743 "TLS Error: client->client or server->server connection attempted from %s",
3762 "TLS Error: session-id not found in packet from %s",
3776 "TLS: initial packet test, i=%d state=%s, mysid=%s, rec-sid=%s, rec-ip=%s, stored-sid=%s, stored-ip=%s",
3791 "TLS ERROR: received control packet with stale session-id=%s",
3796 "TLS: found match, session[%d], sid=%s",
3822 "TLS Error: Cannot accept new session request from %s due "
3823 "to session context expire or --single-session",
3834#ifdef ENABLE_MANAGEMENT
3854 "TLS: Initial packet from %s, sid=%s",
3861 session->untrusted_addr = *from;
3874 "TLS Error: Unroutable control packet received from %s (si=%d op=%s)",
3886 msg(
D_TLS_ERRORS,
"TLS Error: Received control packet from unexpected IP addr: %s",
3907 "TLS: received P_CONTROL_SOFT_RESET_V1 s=%d sid=%s",
3912 bool initial_packet =
false;
3918 initial_packet =
true;
3930 from,
session->opt, initial_packet))
3942 "TLS: received control channel packet s#=%d sid=%s",
3976 "TLS Error: Existing session control channel packet from unknown IP address: %s",
3986 if (do_burst && !
session->burst)
3996 "TLS ERROR: local/remote key IDs out of sync (%d/%d) ID: %s",
4012 "TLS Error: reading acknowledgement record from packet");
4036 "Incoming control channel packet too big, dropping.");
4148 | (multi->
peer_id & 0xFFFFFF));
4174 const uint8_t *data,
4236 for (
int i = 0; i <
TM_SIZE; ++i)
4240 for (
int j = 0; j <
KS_SIZE; ++j)
4262 const char *cipher_list_tls13,
4263 const char *tls_cert_profile)
4265 printf(
"Available TLS Ciphers, listed in order of preference:\n");
4269 printf(
"\nFor TLS 1.3 and newer (--tls-ciphersuites):\n\n");
4273 printf(
"\nFor TLS 1.2 and older (--tls-cipher):\n\n");
4277 "Be aware that that whether a cipher suite in this list can actually work\n"
4278 "depends on the specific setup of both peers. See the man page entries of\n"
4279 "--tls-cipher and --show-tls for more details.\n\n"
4345 if (tls_auth_hmac_size)
4352 if (!
buf_read(&buf, tls_auth_hmac, tls_auth_hmac_size))
4409 if (!
buf_read(&buf, &l,
sizeof(l)))
void wipe_auth_token(struct tls_multi *multi)
Wipes the authentication token out of the memory, frees and cleans up related buffers and flags.
void resend_auth_token_renegotiation(struct tls_multi *multi, struct tls_session *session)
Checks if a client should be sent a new auth token to update its current auth-token.
struct buffer_entry * buffer_list_push_data(struct buffer_list *ol, const void *data, size_t size)
Allocates and appends a new buffer containing data of length size.
void free_buf(struct buffer *buf)
void buf_clear(struct buffer *buf)
void buffer_list_pop(struct buffer_list *ol)
bool buf_printf(struct buffer *buf, const char *format,...)
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
struct buffer_list * buffer_list_new(void)
Allocate an empty buffer list of capacity max_size.
struct buffer * buffer_list_peek(struct buffer_list *ol)
Retrieve the head buffer.
void buffer_list_free(struct buffer_list *ol)
Frees a buffer list and all the buffers in it.
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
struct buffer alloc_buf(size_t size)
char * string_alloc(const char *str, struct gc_arena *gc)
static bool buf_write_u16(struct buffer *dest, uint16_t data)
static char * format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc)
static bool buf_copy(struct buffer *dest, const struct buffer *src)
static bool buf_write_u32(struct buffer *dest, uint32_t data)
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
static int buf_read_u16(struct buffer *buf)
static bool buf_copy_n(struct buffer *dest, struct buffer *src, int n)
#define ALLOC_ARRAY_CLEAR_GC(dptr, type, n, gc)
static bool buf_safe(const struct buffer *buf, size_t len)
static bool buf_read(struct buffer *src, void *dest, int size)
static bool buf_advance(struct buffer *buf, int size)
static int buf_len(const struct buffer *buf)
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
static bool buf_write(struct buffer *dest, const void *src, size_t size)
static bool buf_write_u8(struct buffer *dest, uint8_t data)
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
static int buf_read_u8(struct buffer *buf)
static void strncpynt(char *dest, const char *src, size_t maxlen)
static void check_malloc_return(void *p)
static void gc_free(struct gc_arena *a)
#define ALLOC_OBJ_CLEAR(dptr, type)
#define buf_init(buf, offset)
static struct gc_arena gc_new(void)
#define TLS_CHANNEL_BUF_SIZE
#define TLS_CHANNEL_MTU_MIN
#define COMP_F_MIGRATE
push stub-v2 or comp-lzo no when we see a client with comp-lzo in occ
#define ENABLE_MANAGEMENT
void free_key_ctx_bi(struct key_ctx_bi *ctx)
void key2_print(const struct key2 *k, const struct key_type *kt, const char *prefix0, const char *prefix1)
Prints the keys in a key2 structure.
void init_key_type(struct key_type *kt, const char *ciphername, const char *authname, bool tls_mode, bool warn)
Initialize a key_type structure with.
bool check_key(struct key *key, const struct key_type *kt)
uint64_t cipher_get_aead_limits(const char *ciphername)
Check if the cipher is an AEAD cipher and needs to be limited to a certain number of number of blocks...
void init_key_ctx_bi(struct key_ctx_bi *ctx, const struct key2 *key2, int key_direction, const struct key_type *kt, const char *name)
void key_direction_state_init(struct key_direction_state *kds, int key_direction)
#define KEY_DIRECTION_NORMAL
#define CO_PACKET_ID_LONG_FORM
Bit-flag indicating whether to use OpenVPN's long packet ID format.
#define CO_USE_TLS_KEY_MATERIAL_EXPORT
Bit-flag indicating that data channel key derivation is done using TLS keying material export [RFC570...
#define CO_USE_DYNAMIC_TLS_CRYPT
Bit-flag indicating that renegotiations are using tls-crypt with a TLS-EKM derived key.
#define CO_IGNORE_PACKET_ID
Bit-flag indicating whether to ignore the packet ID of a received packet.
#define CO_RESEND_WKC
Bit-flag indicating that the client is expected to resend the wrapped client key with the 2nd packet ...
#define CO_EPOCH_DATA_KEY_FORMAT
Bit-flag indicating the epoch the data format.
static bool cipher_decrypt_verify_fail_warn(const struct key_ctx *ctx)
Check if the number of failed decryption is approaching the limit and we should try to move to a new ...
#define KEY_DIRECTION_INVERSE
static bool aead_usage_limit_reached(const uint64_t limit, const struct key_ctx *key_ctx, int64_t higest_pid)
Checks if the usage limit for an AEAD cipher is reached.
bool ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret, int secret_len, uint8_t *output, int output_len)
Calculates the TLS 1.0-1.1 PRF function.
void crypto_uninit_lib(void)
bool cipher_kt_mode_aead(const char *ciphername)
Check if the supplied cipher is a supported AEAD mode cipher.
void crypto_init_lib(void)
bool cipher_kt_mode_ofb_cfb(const char *ciphername)
Check if the supplied cipher is a supported OFB or CFB mode cipher.
int hmac_ctx_size(hmac_ctx_t *ctx)
bool cipher_kt_insecure(const char *ciphername)
Returns true if we consider this cipher to be insecure.
int rand_bytes(uint8_t *output, int len)
Wrapper for secure random number generator.
const char * cipher_kt_name(const char *ciphername)
Retrieve a normalised string describing the cipher (e.g.
#define MAX_HMAC_KEY_LENGTH
#define OPENVPN_MAX_HMAC_SIZE
void free_epoch_key_ctx(struct crypto_options *co)
Frees the extra data structures used by epoch keys in crypto_options.
void epoch_init_key_ctx(struct crypto_options *co, const struct key_type *key_type, const struct epoch_key *e1_send, const struct epoch_key *e1_recv, uint16_t future_key_count)
Initialises data channel keys and internal structures for epoch data keys using the provided E0 epoch...
static int dco_set_peer(dco_context_t *dco, unsigned int peerid, int keepalive_interval, int keepalive_timeout, int mss)
static int init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, const struct key2 *key2, int key_direction, const char *ciphername, bool server)
void setenv_str(struct env_set *es, const char *name, const char *value)
void setenv_del(struct env_set *es, const char *name)
#define D_SHOW_KEY_SOURCE
#define S_ACTIVE
Operational key_state state immediately after negotiation has completed while still within the handsh...
struct tls_auth_standalone * tls_auth_standalone_init(struct tls_options *tls_options, struct gc_arena *gc)
#define TM_INITIAL
As yet un-trusted tls_session being negotiated.
#define KS_SIZE
Size of the tls_session.key array.
static void key_state_free(struct key_state *ks, bool clear)
Cleanup a key_state structure.
static void tls_session_free(struct tls_session *session, bool clear)
Clean up a tls_session structure.
void tls_init_control_channel_frame_parameters(struct frame *frame, int tls_mtu)
void tls_multi_free(struct tls_multi *multi, bool clear)
Cleanup a tls_multi structure and free associated memory allocations.
#define S_ERROR_PRE
Error state but try to send out alerts before killing the keystore and moving it to S_ERROR.
#define KS_PRIMARY
Primary key state index.
#define S_PRE_START_SKIP
Waiting for the remote OpenVPN peer to acknowledge during the initial three-way handshake.
#define S_UNDEF
Undefined state, used after a key_state is cleaned up.
#define S_START
Three-way handshake is complete, start of key exchange.
#define S_GOT_KEY
Local OpenVPN process has received the remote's part of the key material.
#define S_PRE_START
Waiting for the remote OpenVPN peer to acknowledge during the initial three-way handshake.
struct tls_multi * tls_multi_init(struct tls_options *tls_options)
Allocate and initialize a tls_multi structure.
void tls_multi_init_finalize(struct tls_multi *multi, int tls_mtu)
Finalize initialization of a tls_multi structure.
#define TM_LAME_DUCK
Old tls_session.
static void tls_session_init(struct tls_multi *multi, struct tls_session *session)
Initialize a tls_session structure.
#define TM_SIZE
Size of the tls_multi.session array.
void tls_auth_standalone_free(struct tls_auth_standalone *tas)
Frees a standalone tls-auth verification object.
#define TM_ACTIVE
Active tls_session.
#define S_GENERATED_KEYS
The data channel keys have been generated The TLS session is fully authenticated when reaching this s...
#define KS_LAME_DUCK
Key state index that will retire soon.
#define S_SENT_KEY
Local OpenVPN process has sent its part of the key material.
#define S_ERROR
Error state.
#define S_INITIAL
Initial key_state state after initialization by key_state_init() before start of three-way handshake.
static void key_state_init(struct tls_session *session, struct key_state *ks)
Initialize a key_state structure.
void tls_multi_init_set_options(struct tls_multi *multi, const char *local, const char *remote)
int key_state_read_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Extract plaintext data from the TLS module.
int key_state_write_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a ciphertext buffer into the TLS module.
int key_state_read_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Extract ciphertext data from the TLS module.
int key_state_write_plaintext_const(struct key_state_ssl *ks_ssl, const uint8_t *data, int len)
Insert plaintext data into the TLS module.
int key_state_write_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a plaintext buffer into the TLS module.
void tls_post_encrypt(struct tls_multi *multi, struct buffer *buf)
Perform some accounting for the key state used.
struct key_state * tls_select_encryption_key(struct tls_multi *multi)
Selects the primary encryption that should be used to encrypt data of an outgoing packet.
#define TLS_AUTHENTICATED(multi, ks)
Check whether the ks key_state has finished the key exchange part of the OpenVPN hand shake.
void tls_prepend_opcode_v1(const struct tls_multi *multi, struct buffer *buf)
Prepend a one-byte OpenVPN data channel P_DATA_V1 opcode to the packet.
void tls_pre_encrypt(struct tls_multi *multi, struct buffer *buf, struct crypto_options **opt)
Choose the appropriate security parameters with which to process an outgoing packet.
void tls_prepend_opcode_v2(const struct tls_multi *multi, struct buffer *buf)
Prepend an OpenVPN data channel P_DATA_V2 header to the packet.
bool tls_pre_decrypt(struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
Determine whether an incoming packet is a data channel or control channel packet, and process accordi...
void reliable_free(struct reliable *rel)
Free allocated memory associated with a reliable structure and the pointer itself.
bool reliable_ack_read(struct reliable_ack *ack, struct buffer *buf, const struct session_id *sid)
Read an acknowledgment record from a received packet.
struct buffer * reliable_get_buf_output_sequenced(struct reliable *rel)
Get the buffer of free reliable entry and check whether the outgoing acknowledgment sequence is still...
void reliable_schedule_now(struct reliable *rel)
Reschedule all entries of a reliable structure to be ready for (re)sending immediately.
bool reliable_ack_read_packet_id(struct buffer *buf, packet_id_type *pid)
Read the packet ID of a received packet.
static int reliable_ack_outstanding(struct reliable_ack *ack)
Returns the number of packets that need to be acked.
void reliable_mark_active_incoming(struct reliable *rel, struct buffer *buf, packet_id_type pid, int opcode)
Mark the reliable entry associated with the given buffer as active incoming.
void reliable_mark_active_outgoing(struct reliable *rel, struct buffer *buf, int opcode)
Mark the reliable entry associated with the given buffer as active outgoing.
const char * reliable_ack_print(struct buffer *buf, bool verbose, struct gc_arena *gc)
bool reliable_ack_acknowledge_packet_id(struct reliable_ack *ack, packet_id_type pid)
Record a packet ID for later acknowledgment.
static void reliable_set_timeout(struct reliable *rel, interval_t timeout)
bool reliable_can_get(const struct reliable *rel)
Check whether a reliable structure has any free buffers available for use.
void reliable_send_purge(struct reliable *rel, const struct reliable_ack *ack)
Remove acknowledged packets from a reliable structure.
struct buffer * reliable_get_buf(struct reliable *rel)
Get the buffer of a free reliable entry in which to store a packet.
struct buffer * reliable_send(struct reliable *rel, int *opcode)
Get the next packet to send to the remote peer.
bool reliable_can_send(const struct reliable *rel)
Check whether a reliable structure has any active entries ready to be (re)sent.
bool reliable_empty(const struct reliable *rel)
Check whether a reliable structure is empty.
bool reliable_not_replay(const struct reliable *rel, packet_id_type id)
Check that a received packet's ID is not a replay.
#define RELIABLE_ACK_SIZE
The maximum number of packet IDs waiting to be acknowledged which can be stored in one reliable_ack s...
interval_t reliable_send_timeout(const struct reliable *rel)
Determined how many seconds until the earliest resend should be attempted.
struct reliable_entry * reliable_get_entry_sequenced(struct reliable *rel)
Get the buffer of the next sequential and active entry.
void reliable_init(struct reliable *rel, int buf_size, int offset, int array_size, bool hold)
Initialize a reliable structure.
void reliable_mark_deleted(struct reliable *rel, struct buffer *buf)
Remove an entry from a reliable structure.
int reliable_get_num_output_sequenced_available(struct reliable *rel)
Counts the number of free buffers in output that can be potentially used for sending.
bool reliable_wont_break_sequentiality(const struct reliable *rel, packet_id_type id)
Check that a received packet's ID can safely be stored in the reliable structure's processing window.
static bool reliable_ack_empty(struct reliable_ack *ack)
Check whether an acknowledgment structure contains any packet IDs to be acknowledged.
#define TLS_CRYPT_TAG_SIZE
bool tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session)
Generates a TLS-Crypt key to be used with dynamic tls-crypt using the TLS EKM exporter function.
int tls_crypt_buf_overhead(void)
Returns the maximum overhead (in bytes) added to the destination buffer by tls_crypt_wrap().
static int min_int(int x, int y)
static int max_int(int x, int y)
static SERVICE_STATUS status
char * management_query_cert(struct management *man, const char *cert_name)
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
#define OPENVPN_STATE_AUTH
#define OPENVPN_STATE_WAIT
static bool management_enable_def_auth(const struct management *man)
#define VALGRIND_MAKE_READABLE(addr, len)
void unprotect_user_pass(struct user_pass *up)
Decrypt username and password buffers in user_pass.
bool get_user_pass_cr(struct user_pass *up, const char *auth_file, const char *prefix, const unsigned int flags, const char *auth_challenge)
Retrieves the user credentials from various sources depending on the flags.
void purge_user_pass(struct user_pass *up, const bool force)
void set_auth_token_user(struct user_pass *tk, const char *username)
Sets the auth-token username by base64 decoding the passed username.
void output_peer_info_env(struct env_set *es, const char *peer_info)
struct buffer prepend_dir(const char *dir, const char *path, struct gc_arena *gc)
Prepend a directory to a path.
void protect_user_pass(struct user_pass *up)
Encrypt username and password buffers in user_pass.
void set_auth_token(struct user_pass *tk, const char *token)
Sets the auth-token to token.
#define GET_USER_PASS_STATIC_CHALLENGE_CONCAT
indicates password and response should be concatenated
#define GET_USER_PASS_MANAGEMENT
#define GET_USER_PASS_PASSWORD_ONLY
#define GET_USER_PASS_STATIC_CHALLENGE_ECHO
SCRV1 protocol – echo response.
#define GET_USER_PASS_INLINE_CREDS
indicates that auth_file is actually inline creds
#define GET_USER_PASS_STATIC_CHALLENGE
SCRV1 protocol – static challenge.
static bool get_user_pass(struct user_pass *up, const char *auth_file, const char *prefix, const unsigned int flags)
Retrieves the user credentials from various sources depending on the flags.
#define GET_USER_PASS_DYNAMIC_CHALLENGE
CRV1 protocol – dynamic challenge.
void frame_calculate_dynamic(struct frame *frame, struct key_type *kt, const struct options *options, struct link_socket_info *lsi)
Set the –mssfix option.
void frame_print(const struct frame *frame, int level, const char *prefix)
#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
#define OPENVPN_PLUGIN_TLS_FINAL
#define OPENVPN_PLUGIN_FUNC_SUCCESS
static bool check_debug_level(unsigned int level)
bool options_cmp_equal(char *actual, const char *expected)
bool key_is_external(const struct options *options)
char * options_string_extract_option(const char *options_string, const char *opt_name, struct gc_arena *gc)
Given an OpenVPN options string, extract the value of an option.
void options_warning(char *actual, const char *expected)
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
static void update_time(void)
void packet_id_persist_load_obj(const struct packet_id_persist *p, struct packet_id *pid)
void packet_id_init(struct packet_id *p, int seq_backtrack, int time_backtrack, const char *name, int unit)
void packet_id_free(struct packet_id *p)
bool packet_id_read(struct packet_id_net *pin, struct buffer *buf, bool long_form)
const char * packet_id_net_print(const struct packet_id_net *pin, bool print_timestamp, struct gc_arena *gc)
uint64_t packet_id_print_type
static bool packet_id_close_to_wrapping(const struct packet_id_send *p)
static int packet_id_size(bool long_form)
static void perf_push(int type)
#define PERF_TLS_MULTI_PROCESS
static void perf_pop(void)
bool plugin_defined(const struct plugin_list *pl, const int type)
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
void get_default_gateway(struct route_gateway_info *rgi, in_addr_t dest, openvpn_net_ctx_t *ctx)
Retrieves the best gateway for a given destination based on the routing table.
#define RGI_HWADDR_DEFINED
void session_id_random(struct session_id *sid)
const char * session_id_print(const struct session_id *sid, struct gc_arena *gc)
static bool session_id_equal(const struct session_id *sid1, const struct session_id *sid2)
static bool session_id_defined(const struct session_id *sid1)
static bool session_id_read(struct session_id *sid, struct buffer *buf)
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
static bool link_socket_actual_defined(const struct link_socket_actual *act)
static int datagram_overhead(sa_family_t af, int proto)
static bool link_socket_actual_match(const struct link_socket_actual *a1, const struct link_socket_actual *a2)
static void link_socket_set_outgoing_addr(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
void ssl_purge_auth(const bool auth_user_pass_only)
void ssl_set_auth_token_user(const char *username)
static bool generate_key_expansion(struct tls_multi *multi, struct key_state *ks, struct tls_session *session)
static bool tls_process(struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
static bool tls_session_user_pass_enabled(struct tls_session *session)
Returns whether or not the server should check for username/password.
static int auth_deferred_expire_window(const struct tls_options *o)
static struct user_pass passbuf
static const char * print_key_id(struct tls_multi *multi, struct gc_arena *gc)
static struct user_pass auth_token
static void init_epoch_keys(struct key_state *ks, struct tls_multi *multi, const struct key_type *key_type, bool server, struct key2 *key2)
static bool lame_duck_must_die(const struct tls_session *session, interval_t *wakeup)
void ssl_set_auth_nocache(void)
static const char * ks_auth_name(enum ks_auth_state auth)
static int key_source2_read(struct key_source2 *k2, struct buffer *buf, bool server)
static void move_session(struct tls_multi *multi, int dest, int src, bool reinit_src)
static void handle_data_channel_packet(struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
Check the keyid of the an incoming data channel packet and return the matching crypto parameters in o...
static void export_user_keying_material(struct tls_session *session)
void ssl_put_auth_challenge(const char *cr_str)
int pem_password_callback(char *buf, int size, int rwflag, void *u)
Callback to retrieve the user's password.
static bool control_packet_needs_wkc(const struct key_state *ks)
void tls_update_remote_addr(struct tls_multi *multi, const struct link_socket_actual *addr)
Updates remote address in TLS sessions.
static bool read_incoming_tls_ciphertext(struct buffer *buf, struct key_state *ks, bool *continue_tls_process)
Read incoming ciphertext and passes it to the buffer of the SSL library.
bool tls_send_payload(struct key_state *ks, const uint8_t *data, int size)
static void key_source2_print(const struct key_source2 *k)
static struct user_pass auth_user_pass
static void compute_earliest_wakeup(interval_t *earliest, interval_t seconds_from_now)
bool tls_rec_payload(struct tls_multi *multi, struct buffer *buf)
static bool write_outgoing_tls_ciphertext(struct tls_session *session, bool *continue_tls_process)
static bool check_outgoing_ciphertext(struct key_state *ks, struct tls_session *session, bool *continue_tls_process)
static void check_session_buf_not_used(struct buffer *to_link, struct tls_session *session)
This is a safe guard function to double check that a buffer from a session is not used in a session t...
static int calc_control_channel_frame_overhead(const struct tls_session *session)
calculate the maximum overhead that control channel frames have This includes header,...
bool tls_session_generate_data_channel_keys(struct tls_multi *multi, struct tls_session *session)
Generate data channel keys for the supplied TLS session.
static void flush_payload_buffer(struct key_state *ks)
static void init_key_contexts(struct key_state *ks, struct tls_multi *multi, const struct key_type *key_type, bool server, struct key2 *key2, bool dco_enabled)
static void print_key_id_not_found_reason(struct tls_multi *multi, const struct link_socket_actual *from, int key_id)
We have not found a matching key to decrypt data channel packet, try to generate a sensible error mes...
bool tls_session_update_crypto_params_do_work(struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi, dco_context_t *dco)
void tls_session_soft_reset(struct tls_multi *tls_multi)
static bool openvpn_PRF(const uint8_t *secret, int secret_len, const char *label, const uint8_t *client_seed, int client_seed_len, const uint8_t *server_seed, int server_seed_len, const struct session_id *client_sid, const struct session_id *server_sid, uint8_t *output, int output_len)
void init_ssl(const struct options *options, struct tls_root_ctx *new_ctx, bool in_chroot)
Build master SSL context object that serves for the whole of OpenVPN instantiation.
bool is_hard_reset_method2(int op)
Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-metho...
static char * read_string_alloc(struct buffer *buf)
static bool should_trigger_renegotiation(const struct tls_session *session, const struct key_state *ks)
Determines if a renegotiation should be triggerred based on the various factors that can trigger one.
int tls_version_parse(const char *vstr, const char *extra)
static int read_string(struct buffer *buf, char *str, const unsigned int capacity)
Read a string that is encoded as a 2 byte header with the length from the buffer buf.
bool session_skip_to_pre_start(struct tls_session *session, struct tls_pre_decrypt_state *state, struct link_socket_actual *from)
static const char * session_index_name(int index)
static void session_move_active(struct tls_multi *multi, struct tls_session *session, struct link_socket_info *to_link_socket_info, struct key_state *ks)
Moves the key to state to S_ACTIVE and also advances the multi_state state machine if this is the ini...
static uint64_t tls_get_limit_aead(const char *ciphername)
static bool random_bytes_to_buf(struct buffer *buf, uint8_t *out, int outlen)
void ssl_set_auth_token(const char *token)
int tls_multi_process(struct tls_multi *multi, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
static bool tls_process_state(struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
bool ssl_get_auth_nocache(void)
static bool key_method_2_write(struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
Handle the writing of key data, peer-info, username/password, OCC to the TLS control channel (clearte...
void pem_password_setup(const char *auth_file)
static void key_source_print(const struct key_source *k, const char *prefix)
bool tls_session_update_crypto_params(struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi, dco_context_t *dco)
Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supp...
static bool write_empty_string(struct buffer *buf)
static void tls_limit_reneg_bytes(const char *ciphername, int64_t *reneg_bytes)
Limit the reneg_bytes value when using a small-block (<128 bytes) cipher.
static void key_state_soft_reset(struct tls_session *session)
static bool parse_early_negotiation_tlvs(struct buffer *buf, struct key_state *ks)
Parses the TLVs (type, length, value) in the early negotiation.
static bool auth_user_pass_enabled
static char * auth_challenge
static bool key_source2_randomize_write(struct key_source2 *k2, struct buffer *buf, bool server)
static const char * state_name(int state)
static bool generate_key_expansion_openvpn_prf(const struct tls_session *session, struct key2 *key2)
static void reset_session(struct tls_multi *multi, struct tls_session *session)
static void tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_file_inline)
Load (or possibly reload) the CRL file into the SSL context.
void auth_user_pass_setup(const char *auth_file, bool is_inline, const struct static_challenge_info *sci)
static bool generate_key_expansion_tls_export(struct tls_session *session, struct key2 *key2)
bool ssl_clean_auth_token(void)
static bool push_peer_info(struct buffer *buf, struct tls_session *session)
Prepares the IV_ and UV_ variables that are part of the exchange to signal the peer's capabilities.
static bool write_string(struct buffer *buf, const char *str, const int maxlen)
void enable_auth_user_pass(void)
void ssl_purge_auth_challenge(void)
void show_available_tls_ciphers(const char *cipher_list, const char *cipher_list_tls13, const char *tls_cert_profile)
static bool read_incoming_tls_plaintext(struct key_state *ks, struct buffer *buf, interval_t *wakeup, bool *continue_tls_process)
static bool key_method_2_read(struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
Handle reading key data, peer-info, username/password, OCC from the TLS control channel (cleartext).
static bool session_move_pre_start(const struct tls_session *session, struct key_state *ks, bool skip_initial_send)
Move the session from S_INITIAL to S_PRE_START.
const char * protocol_dump(struct buffer *buffer, unsigned int flags, struct gc_arena *gc)
Control Channel SSL/Data channel negotiation module.
#define IV_PROTO_CC_EXIT_NOTIFY
Support for explicit exit notify via control channel This also includes support for the protocol-flag...
#define IV_PROTO_DATA_EPOCH
Support the extended packet id and epoch format for data channel packets.
void load_xkey_provider(void)
Load ovpn.xkey provider used for external key signing.
static void tls_wrap_free(struct tls_wrap_ctx *tls_wrap)
Free the elements of a tls_wrap_ctx structure.
#define IV_PROTO_AUTH_FAIL_TEMP
Support for AUTH_FAIL,TEMP messages.
#define IV_PROTO_DATA_V2
Support P_DATA_V2.
#define CONTROL_SEND_ACK_MAX
#define IV_PROTO_TLS_KEY_EXPORT
Supports key derivation via TLS key material exporter [RFC5705].
#define IV_PROTO_AUTH_PENDING_KW
Supports signaling keywords with AUTH_PENDING, e.g.
#define IV_PROTO_DYN_TLS_CRYPT
Support to dynamic tls-crypt (renegotiation with TLS-EKM derived tls-crypt key)
#define IV_PROTO_REQUEST_PUSH
Assume client will send a push request and server does not need to wait for a push-request to send a ...
#define IV_PROTO_DNS_OPTION_V2
Supports the –dns option after all the incompatible changes.
#define PD_TLS_AUTH_HMAC_SIZE_MASK
#define IV_PROTO_NCP_P2P
Support doing NCP in P2P mode.
Control Channel SSL library backend module.
void tls_ctx_set_tls_groups(struct tls_root_ctx *ctx, const char *groups)
Set the (elliptic curve) group allowed for signatures and key exchange.
void tls_ctx_free(struct tls_root_ctx *ctx)
Frees the library-specific TLSv1 context.
const char * get_ssl_library_version(void)
return a pointer to a static memory area containing the name and version number of the SSL library in...
void tls_clear_error(void)
Clear the underlying SSL library's error state.
bool key_state_export_keying_material(struct tls_session *session, const char *label, size_t label_size, void *ekm, size_t ekm_size)
Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TL...
#define TLS_VER_BAD
Parse a TLS version specifier.
void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, bool tls13)
Show the TLS ciphers that are available for us to use in the library depending on the TLS version.
void tls_ctx_server_new(struct tls_root_ctx *ctx)
Initialise a library-specific TLS context for a server.
#define EXPORT_KEY_DATA_LABEL
void key_state_ssl_free(struct key_state_ssl *ks_ssl)
Free the SSL channel part of the given key state.
int tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, bool priv_key_file_inline)
Load private key file into the given TLS context.
void key_state_ssl_shutdown(struct key_state_ssl *ks_ssl)
Sets a TLS session to be shutdown state, so the TLS library will generate a shutdown alert.
void tls_ctx_load_extra_certs(struct tls_root_ctx *ctx, const char *extra_certs_file, bool extra_certs_file_inline)
Load extra certificate authority certificates from the given file or path.
void tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
Check our certificate notBefore and notAfter fields, and warn if the cert is either not yet valid or ...
void tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.3 and higher.
int tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, bool pkcs12_file_inline, bool load_ca_file)
Load PKCS #12 file for key, cert and (optionally) CA certs, and add to library-specific TLS context.
void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, struct tls_session *session)
Initialise the SSL channel part of the given key state.
void tls_free_lib(void)
Free any global SSL library-specific data structures.
void tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name)
Load Elliptic Curve Parameters, and load them into the library-specific TLS context.
void tls_init_lib(void)
Perform any static initialisation necessary by the library.
void print_details(struct key_state_ssl *ks_ssl, const char *prefix)
Print a one line summary of SSL/TLS session handshake.
int tls_version_max(void)
Return the maximum TLS version (as a TLS_VER_x constant) supported by current SSL implementation.
void backend_tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_inline)
Reload the Certificate Revocation List for the SSL channel.
void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.2 and below.
void tls_ctx_load_ca(struct tls_root_ctx *ctx, const char *ca_file, bool ca_file_inline, const char *ca_path, bool tls_server)
Load certificate authority certificates from the given file or path.
void tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const char *profile)
Set the TLS certificate profile.
int tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
Tell the management interface to load the given certificate and the external private key matching the...
void tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert)
Use Windows cryptoapi for key and cert, and add to library-specific TLS context.
bool tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags)
Set any library specific options.
void tls_ctx_load_dh_params(struct tls_root_ctx *ctx, const char *dh_file, bool dh_file_inline)
Load Diffie Hellman Parameters, and load them into the library-specific TLS context.
void tls_ctx_client_new(struct tls_root_ctx *ctx)
Initialises a library-specific TLS context for a client.
void tls_ctx_load_cert_file(struct tls_root_ctx *ctx, const char *cert_file, bool cert_file_inline)
Load certificate file into the given TLS context.
static struct key_state * get_key_scan(struct tls_multi *multi, int index)
gets an item of key_state objects in the order they should be scanned by data channel modules.
#define UP_TYPE_PRIVATE_KEY
#define SSLF_AUTH_USER_PASS_OPTIONAL
@ CAS_WAITING_AUTH
Initial TLS connection established but deferred auth is not yet finished.
@ CAS_PENDING
Options import (Connect script/plugin, ccd,...)
@ CAS_WAITING_OPTIONS_IMPORT
client with pull or p2p waiting for first time options import
@ CAS_RECONNECT_PENDING
session has already successful established (CAS_CONNECT_DONE) but has a reconnect and needs to redo s...
ks_auth_state
This reflects the (server side) authentication state after the TLS session has been established and k...
@ KS_AUTH_TRUE
Key state is authenticated.
@ KS_AUTH_FALSE
Key state is not authenticated
@ KS_AUTH_DEFERRED
Key state authentication is being deferred, by async auth.
#define SSLF_CRL_VERIFY_DIR
static const struct key_state * get_primary_key(const struct tls_multi *multi)
gets an item of key_state objects in the order they should be scanned by data channel modules.
bool check_session_cipher(struct tls_session *session, struct options *options)
Checks if the cipher is allowed, otherwise returns false and reset the cipher to the config cipher.
void p2p_mode_ncp(struct tls_multi *multi, struct tls_session *session)
Determines if there is common cipher of both peer by looking at the IV_CIPHER peer info.
bool tls_item_in_cipher_list(const char *item, const char *list)
Return true iff item is present in the colon-separated zero-terminated cipher list.
Control Channel SSL/Data dynamic negotiation Module This file is split from ssl.h to be able to unit ...
void write_control_auth(struct tls_session *session, struct key_state *ks, struct buffer *buf, struct link_socket_actual **to_link_addr, int opcode, int max_ack, bool prepend_ack)
bool read_control_auth(struct buffer *buf, struct tls_wrap_ctx *ctx, const struct link_socket_actual *from, const struct tls_options *opt, bool initial_packet)
Read a control channel authentication record.
#define EARLY_NEG_FLAG_RESEND_WKC
#define TLV_TYPE_EARLY_NEG_FLAGS
#define P_CONTROL_HARD_RESET_CLIENT_V1
#define TLS_RELIABLE_N_REC_BUFFERS
static const char * packet_opcode_name(int op)
#define P_CONTROL_HARD_RESET_SERVER_V2
#define P_CONTROL_SOFT_RESET_V1
#define P_CONTROL_HARD_RESET_CLIENT_V2
#define P_CONTROL_HARD_RESET_SERVER_V1
static struct tls_wrap_ctx * tls_session_get_tls_wrap(struct tls_session *session, int key_id)
Determines if the current session should use the renegotiation tls wrap struct instead the normal one...
#define P_CONTROL_HARD_RESET_CLIENT_V3
#define TLS_RELIABLE_N_SEND_BUFFERS
const char * options_string_compat_lzo(const char *options, struct gc_arena *gc)
Takes a locally produced OCC string for TLS server mode and modifies as if the option comp-lzo was en...
void key_state_rm_auth_control_files(struct auth_deferred_status *ads)
Removes auth_pending and auth_control files from file system and key_state structure.
void tls_x509_clear_env(struct env_set *es)
Remove any X509_ env variables from env_set es.
void verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
Perform final authentication checks, including locking of the cn, the allowed certificate hashes,...
void auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
Sets the reason why authentication of a client failed.
enum tls_auth_status tls_authentication_status(struct tls_multi *multi)
Return current session authentication state of the tls_multi structure This will return TLS_AUTHENTIC...
void verify_user_pass(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Main username/password verification entry point.
void cert_hash_free(struct cert_hash_set *chs)
Frees the given set of certificate hashes.
Control Channel Verification Module.
@ TLS_AUTHENTICATION_SUCCEEDED
@ TLS_AUTHENTICATION_FAILED
Wrapper structure for dynamically allocated memory.
uint8_t * data
Pointer to the allocated memory.
int len
Length in bytes of the actual content within the allocated memory.
Security parameter state for processing data channel packets.
struct epoch_key epoch_key_send
last epoch_key used for generation of the current send data keys.
unsigned int flags
Bit-flags determining behavior of security operation functions.
struct packet_id_persist * pid_persist
Persistent packet ID state for keeping state between successive OpenVPN process startups.
struct key_ctx_bi key_ctx_bi
OpenSSL cipher and HMAC contexts for both sending and receiving directions.
struct packet_id packet_id
Current packet ID state for both sending and receiving directions.
uint8_t epoch_key[SHA256_DIGEST_LENGTH]
Packet geometry parameters.
int tun_mtu
the (user) configured tun-mtu.
int payload_size
the maximum size that a payload that our buffers can hold from either tun device or network link.
int headroom
the headroom in the buffer, this is choosen to allow all potential header to be added before the pack...
uint16_t mss_fix
The actual MSS value that should be written to the payload packets.
int tailroom
the tailroom in the buffer.
Garbage collection arena used to keep track of dynamically allocated memory.
Container for bidirectional cipher and HMAC key material.
int n
The number of key objects stored in the key2.keys array.
struct key keys[2]
Two unidirectional sets of key material.
Container for two sets of OpenSSL cipher and/or HMAC contexts for both sending and receiving directio...
struct key_ctx decrypt
cipher and/or HMAC contexts for receiving direction.
struct key_ctx encrypt
Cipher and/or HMAC contexts for sending direction.
uint64_t plaintext_blocks
Counter for the number of plaintext block encrypted using this cipher with the current key in number ...
Key ordering of the key2.keys array.
int in_key
Index into the key2.keys array for the receiving direction.
int out_key
Index into the key2.keys array for the sending direction.
Container for both halves of random material to be used in key method 2 data channel key generation.
struct key_source client
Random provided by client.
struct key_source server
Random provided by server.
Container for one half of random material to be used in key method 2 data channel key generation.
uint8_t random1[32]
Seed used for master secret generation, provided by both client and server.
uint8_t pre_master[48]
Random used for master secret generation, provided only by client OpenVPN peer.
uint8_t random2[32]
Seed used for key expansion, provided by both client and server.
Security parameter state of one TLS and data channel key session.
struct buffer_list * paybuf
Holds outgoing message for the control channel until ks->state reaches S_ACTIVE.
struct crypto_options crypto_options
struct buffer ack_write_buf
struct buffer plaintext_read_buf
struct auth_deferred_status plugin_auth
struct buffer plaintext_write_buf
struct link_socket_actual remote_addr
struct key_state_ssl ks_ssl
struct reliable_ack * rec_ack
struct reliable * rec_reliable
struct session_id session_id_remote
struct auth_deferred_status script_auth
enum ks_auth_state authenticated
int key_id
Key id for this key_state, inherited from struct tls_session.
struct reliable * send_reliable
time_t auth_deferred_expire
struct reliable_ack * lru_acks
struct key_source2 * key_src
const char * cipher
const name of the cipher
Container for unidirectional cipher and HMAC key material.
uint8_t cipher[MAX_CIPHER_KEY_LENGTH]
Key material for cipher operations.
uint8_t hmac[MAX_HMAC_KEY_LENGTH]
Key material for HMAC operations.
struct link_socket_actual actual
struct link_socket_addr * lsa
unsigned int imported_protocol_flags
const char * cryptoapi_cert
const char * tls_cert_profile
unsigned int management_flags
const char * extra_certs_file
bool priv_key_file_inline
bool extra_certs_file_inline
const char * cipher_list_tls13
const char * management_certificate
const char * priv_key_file
Data structure for describing the packet id that is received/send to the network.
struct packet_id_send send
The acknowledgment structure in which packet IDs are stored for later acknowledgment.
The structure in which the reliability layer stores a single incoming or outgoing packet.
The reliability layer storage structure for one VPN tunnel's control channel in one direction.
struct reliable_entry array[RELIABLE_CAPACITY]
const char * challenge_text
struct tls_wrap_ctx tls_wrap
Security parameter state for a single VPN tunnel.
bool remote_usescomp
remote announced comp-lzo in OCC string
struct link_socket_actual to_link_addr
char * peer_info
A multi-line string of general-purpose info received from peer over control channel.
struct key_state * save_ks
char * remote_ciphername
cipher specified in peer's config file
char * locked_username
The locked username is the username we assume the client is using.
enum multi_status multi_state
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer.
struct cert_hash_set * locked_cert_hash_set
char * locked_cn
Our locked common name, username, and cert hashes (cannot change during the life of this tls_multi ob...
char * locked_original_username
The username that client initially used before being overridden by –override-user.
int n_sessions
Number of sessions negotiated thus far.
int dco_peer_id
This is the handle that DCO uses to identify this session with the kernel.
struct tls_wrap_ctx tls_wrap
TLS handshake wrapping state.
unsigned int crypto_flags
interval_t renegotiate_seconds
const char * remote_options
const char * local_options
struct that stores the temporary data for the tls lite decrypt functions
Structure that wraps the TLS context.
off_t crl_last_size
size of last loaded CRL
time_t crl_last_mtime
CRL last modification time.
Security parameter state of a single session within a VPN tunnel.
int key_id
The current active key id, used to keep track of renegotiations.
struct key_state key[KS_SIZE]
struct crypto_options opt
Crypto state.
char password[USER_PASS_LEN]
char username[USER_PASS_LEN]
static int cleanup(void **state)
const char * win32_version_string(struct gc_arena *gc)
Get Windows version string with architecture info.
