Go to the documentation of this file.
71 #ifdef MEASURE_TLS_HANDSHAKE_STATS
73 static int tls_handshake_success;
74 static int tls_handshake_error;
75 static int tls_packets_generated;
76 static int tls_packets_sent;
78 #define INCR_SENT ++tls_packets_sent
79 #define INCR_GENERATED ++tls_packets_generated
80 #define INCR_SUCCESS ++tls_handshake_success
81 #define INCR_ERROR ++tls_handshake_error
84 show_tls_performance_stats(
void)
86 msg(
D_TLS_DEBUG_LOW,
"TLS Handshakes, success=%f%% (good=%d, bad=%d), retransmits=%f%%",
87 (
double) tls_handshake_success / (tls_handshake_success + tls_handshake_error) * 100.0,
88 tls_handshake_success, tls_handshake_error,
89 (
double) (tls_packets_sent - tls_packets_generated) / tls_packets_generated * 100.0);
94 #define INCR_GENERATED
112 if (*reneg_bytes == -1)
114 msg(
M_WARN,
"WARNING: cipher with small block size in use, "
115 "reducing reneg-bytes to 64MB to mitigate SWEET32 attacks.");
116 *reneg_bytes = 64 * 1024 * 1024;
135 msg(
D_SHOW_KEYS,
"Note: AEAD cipher %s will trigger a renegotiation"
136 " at a sum of %" PRIi64
" blocks and packets.",
208 if (
session->tls_wrap.mode == TLS_WRAP_CRYPT)
212 else if (
session->tls_wrap.mode == TLS_WRAP_AUTH)
284 #ifdef ENABLE_MANAGEMENT
308 #ifdef ENABLE_MANAGEMENT
394 if (!auth_user_pass_only)
402 #ifdef ENABLE_MANAGEMENT
407 #ifdef ENABLE_MANAGEMENT
434 if (!strcmp(vstr,
"1.0") &&
TLS_VER_1_0 <= max_version)
438 else if (!strcmp(vstr,
"1.1") &&
TLS_VER_1_1 <= max_version)
442 else if (!strcmp(vstr,
"1.2") &&
TLS_VER_1_2 <= max_version)
446 else if (!strcmp(vstr,
"1.3") &&
TLS_VER_1_3 <= max_version)
450 else if (extra && !strcmp(extra,
"or-highest"))
473 bool crl_file_inline)
486 crl_stat.st_mtime = 1;
493 msg(
M_FATAL,
"ERROR: Failed to stat CRL file during initialization, exiting.");
497 msg(
M_WARN,
"WARNING: Failed to stat CRL file, not reloading CRL.");
578 else if (
options->pkcs11_providers[0])
580 if (!tls_ctx_use_pkcs11(new_ctx,
options->pkcs11_id_management,
options->pkcs11_id))
582 msg(
M_WARN,
"Cannot load certificate \"%s\" using PKCS#11 interface",
588 #ifdef ENABLE_CRYPTOAPI
594 #ifdef ENABLE_MANAGEMENT
616 #ifdef ENABLE_MANAGEMENT
621 msg(
M_WARN,
"Cannot initialize mamagement-external-key");
672 #ifdef ENABLE_CRYPTO_MBEDTLS
674 tls_ctx_personalise_random(new_ctx);
701 return "S_PRE_START";
719 return "S_ERROR_PRE";
722 return "S_GENERATED_KEYS";
735 return "KS_AUTH_TRUE";
738 return "KS_AUTH_DEFERRED";
741 return "KS_AUTH_FALSE";
760 return "TM_LAME_DUCK";
778 buf_printf(&out,
" [key#%d state=%s auth=%s id=%d sid=%s]", i,
881 #ifdef ENABLE_MANAGEMENT
959 return (
session->opt->auth_user_pass_verify_script
1029 if (
session->opt->tls_crypt_v2)
1031 session->tls_wrap.opt.packet_id.send.time =
now;
1037 &
session->tls_wrap.opt.packet_id);
1041 dmsg(
D_TLS_DEBUG,
"TLS: tls_session_init: new session object, sid=%s",
1068 for (
size_t i = 0; i <
KS_SIZE; ++i)
1130 if (seconds_from_now < *earliest)
1132 *earliest = seconds_from_now;
1273 for (
int i = 0; i <
TM_SIZE; ++i)
1301 "%s pre_master: %s",
1327 const uint8_t *client_seed,
1328 int client_seed_len,
1329 const uint8_t *server_seed,
1330 int server_seed_len,
1358 output, output_len);
1377 const int future_key_count = 16;
1426 msg(
M_FATAL,
"FATAL: DCO does not support --auth");
1433 msg(
M_FATAL,
"Impossible to install key material in DCO: %s",
1440 key->initialized =
true;
1447 "required for epoch data format.",
1475 uint8_t master[48] = { 0 };
1538 if (
key->initialized)
1544 bool server =
session->opt->server;
1559 "might not support the old TLS 1.0 PRF calculation anymore or "
1560 "the policy does not allow it (e.g. running in FIPS mode). "
1561 "The peer did not announce support for the modern TLS Export "
1562 "feature that replaces the TLS 1.0 PRF (requires OpenVPN "
1563 "2.6.x or higher)");
1569 "Master Encrypt",
"Master Decrypt");
1572 for (
int i = 0; i < 2; ++i)
1618 &
session->opt->renegotiate_bytes);
1636 struct frame *frame_fragment,
1652 if (packet_id_long_form)
1698 msg(
D_DCO,
"Cannot set DCO peer parameters for peer (id=%u): %s",
1711 struct frame *frame_fragment,
1724 frame, frame_fragment, lsi, dco);
1735 msg(
M_FATAL,
"ERROR: Random number generator cannot obtain entropy for key generation [SSL]");
1865 const int len = strlen(str) + 1;
1866 if (len < 1 || (maxlen >= 0 && len > maxlen))
1895 if (len < 1 || len > (
int)capacity)
1920 str = (
char *) malloc(len);
1953 if (
session->opt->push_peer_info_detail > 1)
1959 #if defined(TARGET_LINUX)
1961 #elif defined(TARGET_SOLARIS)
1963 #elif defined(TARGET_OPENBSD)
1965 #elif defined(TARGET_DARWIN)
1967 #elif defined(TARGET_NETBSD)
1969 #elif defined(TARGET_FREEBSD)
1971 #elif defined(TARGET_ANDROID)
1973 #elif defined(_WIN32)
1982 if (
session->opt->push_peer_info_detail > 0)
2027 if (
session->opt->data_epoch_supported)
2034 #ifdef HAVE_EXPORT_KEYING_MATERIAL
2041 if (
session->opt->push_peer_info_detail > 1)
2045 comp_generate_peer_info_string(&
session->opt->comp_options, &out);
2049 if (
session->opt->push_peer_info_detail > 2)
2064 buf_printf(&out,
"IV_PLAT_VER=%s\n", u.release);
2068 if (
session->opt->push_peer_info_detail > 1)
2076 if ((((strncmp(e->string,
"UV_", 3) == 0
2077 || strncmp(e->string,
"IV_PLAT_VER=",
sizeof(
"IV_PLAT_VER=") - 1) == 0)
2078 &&
session->opt->push_peer_info_detail > 2)
2079 || (strncmp(e->string,
"IV_GUI_VER=",
sizeof(
"IV_GUI_VER=") - 1) == 0)
2080 || (strncmp(e->string,
"IV_SSO=",
sizeof(
"IV_SSO=") - 1) == 0)
2082 &&
buf_safe(&out, strlen(e->string) + 1))
2111 write_compat_local_options(
struct buffer *buf,
const char *
options)
2156 if (!write_compat_local_options(buf,
session->opt->local_options))
2172 #ifdef ENABLE_MANAGEMENT
2174 session->opt->auth_user_pass_file_inline,
2178 session->opt->auth_user_pass_file_inline, NULL);
2247 if (
session->opt->ekm_size > 0)
2249 unsigned int size =
session->opt->ekm_size;
2258 unsigned int len = (size * 2) + 2;
2269 msg(
M_WARN,
"WARNING: Export keying material failed!");
2295 msg(
D_TLS_ERRORS,
"TLS ERROR: Plaintext buffer too short (%d bytes).",
2305 "TLS ERROR: Unknown key_method/flags=%d received from remote host",
2313 msg(
D_TLS_ERRORS,
"TLS Error: Error reading remote data channel key source entropy from plaintext buffer");
2320 msg(
D_TLS_ERRORS,
"TLS Error: Failed to read required OCC options string");
2355 if (username_len < 0 || password_len < 0)
2357 msg(
D_TLS_ERRORS,
"TLS Error: Username (%d) or password (%d) too long",
2358 abs(username_len), abs(password_len));
2360 "Maximum length is 128 bytes");
2369 if (!username_len || !password_len)
2374 msg(
D_TLS_ERRORS,
"TLS Error: Auth Username/Password was not provided by peer");
2387 "TLS Error: Certificate verification failed (key-method 2)");
2405 const char *remote_options =
session->opt->remote_options;
2409 msg(
D_PUSH,
"Note: 'compress migrate' detected remote peer "
2410 "with compression enabled.");
2419 msg(
D_TLS_ERRORS,
"Option inconsistency warnings triggering disconnect due to --opt-verify");
2486 struct key_state *ks,
bool skip_initial_send)
2503 if (skip_initial_send)
2516 #ifdef ENABLE_MANAGEMENT
2575 #ifdef MEASURE_TLS_HANDSHAKE_STATS
2576 show_tls_performance_stats();
2589 session->untrusted_addr = *from;
2599 session->tls_wrap.opt.packet_id.send.id = 1;
2609 while (buf->
len > 0)
2626 if (len !=
sizeof(uint16_t))
2657 bool *continue_tls_process)
2666 "TLS Error: Incoming Ciphertext -> TLS object write error");
2677 *continue_tls_process =
true;
2693 interval_t *wakeup,
bool *continue_tls_process)
2702 msg(
D_TLS_ERRORS,
"TLS Error: TLS object -> incoming plaintext read error");
2707 *continue_tls_process =
true;
2735 int maxlen = max_pkt_len * rel_avail;
2749 "Sending minimum sized packet.",
2766 "TLS Error: Ciphertext -> reliable TCP/UDP transport read error");
2776 int len = max_pkt_len;
2793 *continue_tls_process =
true;
2804 bool *continue_tls_process)
2835 bool continue_tls_process =
false;
2848 "TLS Error: TLS key negotiation failed to occur within %d seconds (check your network connectivity)",
2849 session->opt->handshake_window);
2859 continue_tls_process =
true;
2872 continue_tls_process =
true;
2951 continue_tls_process =
true;
2967 continue_tls_process =
true;
2980 "TLS ERROR: Outgoing Plaintext -> TLS object write error");
2985 continue_tls_process =
true;
2994 return continue_tls_process;
3020 if (
session->opt->renegotiate_seconds
3027 if (
session->opt->renegotiate_bytes > 0
3034 if (
session->opt->renegotiate_packets
3075 const uint64_t usage_limit =
session->opt->aead_usage_limit;
3123 " aead_limit_send=%" PRIu64
"/%" PRIu64
3124 " aead_limit_recv=%" PRIu64
"/%" PRIu64,
3129 session->opt->aead_usage_limit,
3131 session->opt->aead_usage_limit
3143 bool continue_tls_process =
true;
3144 while (continue_tls_process)
3148 dmsg(
D_TLS_DEBUG,
"TLS: tls_process: chg=%d ks=%s lame=%s to_link->len=%d wakeup=%d",
3149 continue_tls_process,
3155 to_link_socket_info, wakeup);
3250 uint8_t *dataptr = to_link->
data;
3257 if (
session->tls_wrap.work.data == dataptr)
3259 msg(
M_INFO,
"Warning buffer of freed TLS session is "
3260 "still in use (tls_wrap.work.data)");
3264 for (
int i = 0; i <
KS_SIZE; i++)
3278 msg(
M_FATAL,
"ERROR: session->key[%d]->send_reliable is NULL "
3279 "while key state is %s. Exiting.",
3287 msg(
M_INFO,
"Warning buffer of freed TLS session is still in"
3288 " use (session->key[%d].send_reliable->array[%d])",
3329 for (
int i = 0; i <
TM_SIZE; ++i)
3346 "TLS: tls_multi_process: i=%d state=%s, mysid=%s, stored-sid=%s, stored-ip=%s",
3360 to_link_socket_info, wakeup))
3472 "session promoted to %strusted",
3502 const int throw_level = GREMLIN_CONNECTION_FLOOD_LEVEL(multi->
opt.
gremlin);
3548 "Key %s [%d] not initialized (yet), dropping packet.",
3556 "Key %s [%d] not authorized%s, dropping packet.",
3565 "TLS Error: local/remote TLS keys are out of sync: %s "
3566 "(received key id: %d, known key ids: %s)",
3585 const uint8_t **ad_start)
3589 uint8_t c = *
BPTR(buf);
3619 *ad_start =
BPTR(buf);
3624 *ad_start =
BPTR(buf);
3630 msg(
D_TLS_ERRORS,
"Protocol error: received P_DATA_V2 from %s but length is < 4",
3641 "TLS: tls_pre_decrypt, key_id=%d, IP=%s",
3688 const uint8_t **ad_start)
3702 uint8_t pkt_firstbyte = *
BPTR(buf);
3715 bool do_burst =
false;
3716 bool new_link =
false;
3728 "TLS Error: unknown opcode received from %s op=%d",
3742 "TLS Error: client->client or server->server connection attempted from %s",
3756 struct buffer tmp = *buf;
3761 "TLS Error: session-id not found in packet from %s",
3775 "TLS: initial packet test, i=%d state=%s, mysid=%s, rec-sid=%s, rec-ip=%s, stored-sid=%s, stored-ip=%s",
3790 "TLS ERROR: received control packet with stale session-id=%s",
3795 "TLS: found match, session[%d], sid=%s",
3821 "TLS Error: Cannot accept new session request from %s due "
3822 "to session context expire or --single-session",
3833 #ifdef ENABLE_MANAGEMENT
3853 "TLS: Initial packet from %s, sid=%s",
3860 session->untrusted_addr = *from;
3873 "TLS Error: Unroutable control packet received from %s (si=%d op=%s)",
3885 msg(
D_TLS_ERRORS,
"TLS Error: Received control packet from unexpected IP addr: %s",
3906 "TLS: received P_CONTROL_SOFT_RESET_V1 s=%d sid=%s",
3926 "TLS: received control channel packet s#=%d sid=%s",
3960 "TLS Error: Existing session control channel packet from unknown IP address: %s",
3970 if (do_burst && !
session->burst)
3980 "TLS ERROR: local/remote key IDs out of sync (%d/%d) ID: %s",
3996 "TLS Error: reading acknowledgement record from packet");
4020 "Incoming control channel packet too big, dropping.");
4132 | (multi->
peer_id & 0xFFFFFF));
4158 const uint8_t *data,
4220 for (
int i = 0; i <
TM_SIZE; ++i)
4224 for (
int j = 0; j <
KS_SIZE; ++j)
4246 const char *cipher_list_tls13,
4247 const char *tls_cert_profile)
4249 printf(
"Available TLS Ciphers, listed in order of preference:\n");
4253 printf(
"\nFor TLS 1.3 and newer (--tls-ciphersuites):\n\n");
4257 printf(
"\nFor TLS 1.2 and older (--tls-cipher):\n\n");
4261 "Be aware that that whether a cipher suite in this list can actually work\n"
4262 "depends on the specific setup of both peers. See the man page entries of\n"
4263 "--tls-cipher and --show-tls for more details.\n\n"
4297 if (!
buf_read(&buf, &c,
sizeof(c)))
4329 if (tls_auth_hmac_size)
4336 if (!
buf_read(&buf, tls_auth_hmac, tls_auth_hmac_size))
4393 if (!
buf_read(&buf, &l,
sizeof(l)))
bool tls_session_update_crypto_params(struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi, dco_context_t *dco)
Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supp...
void output_peer_info_env(struct env_set *es, const char *peer_info)
void unprotect_user_pass(struct user_pass *up)
Decrypt username and password buffers in user_pass.
void load_xkey_provider(void)
Load ovpn.xkey provider used for external key signing.
static bool buf_safe(const struct buffer *buf, size_t len)
#define S_SENT_KEY
Local OpenVPN process has sent its part of the key material.
void free_epoch_key_ctx(struct crypto_options *co)
Frees the extra data structures used by epoch keys in crypto_options.
void reliable_schedule_now(struct reliable *rel)
Reschedule all entries of a reliable structure to be ready for (re)sending immediately.
#define S_GENERATED_KEYS
The data channel keys have been generated The TLS session is fully authenticated when reaching this s...
void key_state_ssl_free(struct key_state_ssl *ks_ssl)
Free the SSL channel part of the given key state.
void set_auth_token_user(struct user_pass *tk, const char *username)
Sets the auth-token username by base64 decoding the passed username.
void management_set_state(struct management *man, const int state, const char *detail, const in_addr_t *tun_local_ip, const struct in6_addr *tun_local_ip6, const struct openvpn_sockaddr *local, const struct openvpn_sockaddr *remote)
static bool push_peer_info(struct buffer *buf, struct tls_session *session)
Prepares the IV_ and UV_ variables that are part of the exchange to signal the peer's capabilities.
static uint64_t tls_get_limit_aead(const char *ciphername)
void tls_ctx_load_cert_file(struct tls_root_ctx *ctx, const char *cert_file, bool cert_file_inline)
Load certificate file into the given TLS context.
void crypto_uninit_lib(void)
int out_key
Index into the key2.keys array for the sending direction.
int n
The number of key objects stored in the key2.keys array.
bool reliable_ack_acknowledge_packet_id(struct reliable_ack *ack, packet_id_type pid)
Record a packet ID for later acknowledgment.
void epoch_init_key_ctx(struct crypto_options *co, const struct key_type *key_type, const struct epoch_key *e1_send, const struct epoch_key *e1_recv, uint16_t future_key_count)
Initialises data channel keys and internal structures for epoch data keys using the provided E0 epoch...
void tls_init_control_channel_frame_parameters(struct frame *frame, int tls_mtu)
bool options_cmp_equal(char *actual, const char *expected)
enum tls_auth_status tls_authentication_status(struct tls_multi *multi)
Return current session authentication state of the tls_multi structure This will return TLS_AUTHENTIC...
static bool generate_key_expansion(struct tls_multi *multi, struct key_state *ks, struct tls_session *session)
static bool buf_read(struct buffer *src, void *dest, int size)
static char * read_string_alloc(struct buffer *buf)
#define TLS_RELIABLE_N_REC_BUFFERS
#define GET_USER_PASS_STATIC_CHALLENGE_CONCAT
static bool random_bytes_to_buf(struct buffer *buf, uint8_t *out, int outlen)
static struct gc_arena gc_new(void)
#define IV_PROTO_DATA_V2
Support P_DATA_V2.
void tls_init_lib(void)
Perform any static initialisation necessary by the library.
static const char * print_key_id(struct tls_multi *multi, struct gc_arena *gc)
#define P_CONTROL_HARD_RESET_CLIENT_V1
#define RELIABLE_ACK_SIZE
The maximum number of packet IDs waiting to be acknowledged which can be stored in one reliable_ack s...
void ssl_set_auth_token_user(const char *username)
struct key_state_ssl ks_ssl
#define CO_RESEND_WKC
Bit-flag indicating that the client is expected to resend the wrapped client key with the 2nd packet ...
bool get_user_pass_cr(struct user_pass *up, const char *auth_file, const char *prefix, const unsigned int flags, const char *auth_challenge)
Retrieves the user credentials from various sources depending on the flags.
int tls_ctx_load_priv_file(struct tls_root_ctx *ctx, const char *priv_key_file, bool priv_key_file_inline)
Load private key file into the given TLS context.
int len
Length in bytes of the actual content within the allocated memory.
void frame_print(const struct frame *frame, int level, const char *prefix)
void protect_user_pass(struct user_pass *up)
Encrypt username and password buffers in user_pass.
struct buffer prepend_dir(const char *dir, const char *path, struct gc_arena *gc)
Prepend a directory to a path.
#define GET_USER_PASS_STATIC_CHALLENGE_ECHO
void packet_id_init(struct packet_id *p, int seq_backtrack, int time_backtrack, const char *name, int unit)
bool tls_item_in_cipher_list(const char *item, const char *list)
Return true iff item is present in the colon-separated zero-terminated cipher list.
uint8_t epoch_key[SHA256_DIGEST_LENGTH]
#define S_ERROR_PRE
Error state but try to send out alerts before killing the keystore and moving it to S_ERROR.
static int calc_control_channel_frame_overhead(const struct tls_session *session)
calculate the maximum overhead that control channel frames have This includes header,...
static bool session_move_pre_start(const struct tls_session *session, struct key_state *ks, bool skip_initial_send)
Move the session from S_INITIAL to S_PRE_START.
#define P_CONTROL_HARD_RESET_CLIENT_V2
#define TM_SIZE
Size of the tls_multi.session array.
#define TLS_AUTHENTICATED(multi, ks)
Check whether the ks key_state has finished the key exchange part of the OpenVPN hand shake.
ks_auth_state
This reflects the (server side) authentication state after the TLS session has been established and k...
#define KS_PRIMARY
Primary key state index.
#define KEY_DIRECTION_NORMAL
void set_auth_token(struct user_pass *tk, const char *token)
Sets the auth-token to token.
struct reliable_ack * rec_ack
struct cert_hash_set * locked_cert_hash_set
#define buf_init(buf, offset)
void tls_ctx_load_ecdh_params(struct tls_root_ctx *ctx, const char *curve_name)
Load Elliptic Curve Parameters, and load them into the library-specific TLS context.
static bool buf_write_u32(struct buffer *dest, uint32_t data)
void p2p_mode_ncp(struct tls_multi *multi, struct tls_session *session)
Determines if there is common cipher of both peer by looking at the IV_CIPHER peer info.
int key_id
The current active key id, used to keep track of renegotiations.
void resend_auth_token_renegotiation(struct tls_multi *multi, struct tls_session *session)
Checks if a client should be sent a new auth token to update its current auth-token.
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer.
#define S_START
Three-way handshake is complete, start of key exchange.
struct link_socket_addr * lsa
char username[USER_PASS_LEN]
struct key_source server
Random provided by server.
const char * get_ssl_library_version(void)
return a pointer to a static memory area containing the name and version number of the SSL library in...
void print_details(struct key_state_ssl *ks_ssl, const char *prefix)
Print a one line summary of SSL/TLS session handshake.
void tls_ctx_load_extra_certs(struct tls_root_ctx *ctx, const char *extra_certs_file, bool extra_certs_file_inline)
Load extra certificate authority certificates from the given file or path.
bool reliable_empty(const struct reliable *rel)
Check whether a reliable structure is empty.
void tls_ctx_client_new(struct tls_root_ctx *ctx)
Initialises a library-specific TLS context for a client.
@ TLS_AUTHENTICATION_SUCCEEDED
bool extra_certs_file_inline
void tls_ctx_server_new(struct tls_root_ctx *ctx)
Initialise a library-specific TLS context for a server.
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
struct reliable * rec_reliable
static bool should_trigger_renegotiation(const struct tls_session *session, const struct key_state *ks)
Determines if a renegotiation should be triggerred based on the various factors that can trigger one.
static void key_state_soft_reset(struct tls_session *session)
static bool session_id_equal(const struct session_id *sid1, const struct session_id *sid2)
void show_available_tls_ciphers_list(const char *cipher_list, const char *tls_cert_profile, bool tls13)
Show the TLS ciphers that are available for us to use in the library depending on the TLS version.
struct reliable_ack * lru_acks
#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
#define TLS_CHANNEL_MTU_MIN
#define CO_EPOCH_DATA_KEY_FORMAT
Bit-flag indicating the epoch the data format.
bool tls_ctx_set_options(struct tls_root_ctx *ctx, unsigned int ssl_flags)
Set any library specific options.
static void reset_session(struct tls_multi *multi, struct tls_session *session)
#define IV_PROTO_TLS_KEY_EXPORT
Supports key derivation via TLS key material exporter [RFC5705].
int tailroom
the tailroom in the buffer.
static void flush_payload_buffer(struct key_state *ks)
void verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
Perform final authentication checks, including locking of the cn, the allowed certificate hashes,...
struct buffer * buffer_list_peek(struct buffer_list *ol)
Retrieve the head buffer.
@ CAS_PENDING
Options import (Connect script/plugin, ccd,...)
#define VALGRIND_MAKE_READABLE(addr, len)
static const struct key_state * get_primary_key(const struct tls_multi *multi)
gets an item of key_state objects in the order they should be scanned by data channel modules.
void buf_clear(struct buffer *buf)
@ KS_AUTH_FALSE
Key state is not authenticated
const char * session_id_print(const struct session_id *sid, struct gc_arena *gc)
static bool aead_usage_limit_reached(const uint64_t limit, const struct key_ctx *key_ctx, int64_t higest_pid)
Checks if the usage limit for an AEAD cipher is reached.
struct key_ctx encrypt
Cipher and/or HMAC contexts for sending direction.
void key2_print(const struct key2 *k, const struct key_type *kt, const char *prefix0, const char *prefix1)
Prints the keys in a key2 structure.
void tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert)
Use Windows cryptoapi for key and cert, and add to library-specific TLS context.
struct buffer * reliable_get_buf(struct reliable *rel)
Get the buffer of a free reliable entry in which to store a packet.
#define ENABLE_MANAGEMENT
void tls_free_lib(void)
Free any global SSL library-specific data structures.
static bool cipher_decrypt_verify_fail_warn(const struct key_ctx *ctx)
Check if the number of failed decryption is approaching the limit and we should try to move to a new ...
#define KEY_DIRECTION_INVERSE
static int key_source2_read(struct key_source2 *k2, struct buffer *buf, bool server)
void backend_tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_inline)
Reload the Certificate Revocation List for the SSL channel.
static void init_epoch_keys(struct key_state *ks, struct tls_multi *multi, const struct key_type *key_type, bool server, struct key2 *key2)
static void init_key_contexts(struct key_state *ks, struct tls_multi *multi, const struct key_type *key_type, bool server, struct key2 *key2, bool dco_enabled)
int tls_ctx_use_management_external_key(struct tls_root_ctx *ctx)
Tell the management interface to load the given certificate and the external private key matching the...
#define KS_LAME_DUCK
Key state index that will retire soon.
static bool buf_copy(struct buffer *dest, const struct buffer *src)
static bool generate_key_expansion_openvpn_prf(const struct tls_session *session, struct key2 *key2)
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
#define SSLF_AUTH_USER_PASS_OPTIONAL
bool tls_session_generate_data_channel_keys(struct tls_multi *multi, struct tls_session *session)
Generate data channel keys for the supplied TLS session.
static bool tls_process_state(struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
int tls_multi_process(struct tls_multi *multi, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
static void move_session(struct tls_multi *multi, int dest, int src, bool reinit_src)
struct reliable_entry array[RELIABLE_CAPACITY]
#define IV_PROTO_DNS_OPTION_V2
Supports the –dns option after all the incompatible changes.
void key_direction_state_init(struct key_direction_state *kds, int key_direction)
struct tls_wrap_ctx tls_wrap
TLS handshake wrapping state.
#define RGI_HWADDR_DEFINED
const char * cipher_kt_name(const char *ciphername)
Retrieve a normalised string describing the cipher (e.g.
time_t crl_last_mtime
CRL last modification time.
uint8_t hmac[MAX_HMAC_KEY_LENGTH]
Key material for HMAC operations.
static bool lame_duck_must_die(const struct tls_session *session, interval_t *wakeup)
interval_t renegotiate_seconds
static void print_key_id_not_found_reason(struct tls_multi *multi, const struct link_socket_actual *from, int key_id)
We have not found a matching key to decrypt data channel packet, try to generate a sensible error mes...
int tls_crypt_buf_overhead(void)
Returns the maximum overhead (in bytes) added to the destination buffer by tls_crypt_wrap().
Packet geometry parameters.
bool read_control_auth(struct buffer *buf, struct tls_wrap_ctx *ctx, const struct link_socket_actual *from, const struct tls_options *opt)
Security parameter state for a single VPN tunnel.
Container for one half of random material to be used in key method 2 data channel key generation.
static void tls_wrap_free(struct tls_wrap_ctx *tls_wrap)
Free the elements of a tls_wrap_ctx structure.
static void compute_earliest_wakeup(interval_t *earliest, interval_t seconds_from_now)
#define GET_USER_PASS_MANAGEMENT
enum ks_auth_state authenticated
int key_state_write_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a ciphertext buffer into the TLS module.
Security parameter state of one TLS and data channel key session.
void init_key_ctx_bi(struct key_ctx_bi *ctx, const struct key2 *key2, int key_direction, const struct key_type *kt, const char *name)
Container for unidirectional cipher and HMAC key material.
@ CAS_WAITING_AUTH
Initial TLS connection established but deferred auth is not yet finished.
struct epoch_key epoch_key_send
last epoch_key used for generation of the current send data keys.
void show_available_tls_ciphers(const char *cipher_list, const char *cipher_list_tls13, const char *tls_cert_profile)
const char * tls_cert_profile
#define EARLY_NEG_FLAG_RESEND_WKC
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
static bool write_string(struct buffer *buf, const char *str, const int maxlen)
struct buffer_entry * buffer_list_push_data(struct buffer_list *ol, const void *data, size_t size)
Allocates and appends a new buffer containing data of length size.
static void reliable_set_timeout(struct reliable *rel, interval_t timeout)
int tls_version_parse(const char *vstr, const char *extra)
static const char * session_index_name(int index)
struct crypto_options crypto_options
#define IV_PROTO_REQUEST_PUSH
Assume client will send a push request and server does not need to wait for a push-request to send a ...
enum multi_status multi_state
bool check_session_cipher(struct tls_session *session, struct options *options)
Checks if the cipher is allowed, otherwise returns false and reset the cipher to the config cipher.
#define PD_TLS_AUTH_HMAC_SIZE_MASK
const char * cipher_list_tls13
static struct user_pass passbuf
struct reliable * send_reliable
void free_key_ctx_bi(struct key_ctx_bi *ctx)
#define OPENVPN_STATE_AUTH
static void session_move_active(struct tls_multi *multi, struct tls_session *session, struct link_socket_info *to_link_socket_info, struct key_state *ks)
Moves the key to state to S_ACTIVE and also advances the multi_state state machine if this is the ini...
int key_state_read_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Extract plaintext data from the TLS module.
Container for two sets of OpenSSL cipher and/or HMAC contexts for both sending and receiving directio...
#define TM_ACTIVE
Active tls_session.
char * string_alloc(const char *str, struct gc_arena *gc)
static void secure_memzero(void *data, size_t len)
Securely zeroise memory.
static bool write_outgoing_tls_ciphertext(struct tls_session *session, bool *continue_tls_process)
struct crypto_options opt
Crypto state.
void tls_update_remote_addr(struct tls_multi *multi, const struct link_socket_actual *addr)
Updates remote address in TLS sessions.
bool remote_usescomp
remote announced comp-lzo in OCC string
#define P_CONTROL_HARD_RESET_CLIENT_V3
static bool link_socket_actual_defined(const struct link_socket_actual *act)
@ CAS_RECONNECT_PENDING
session has already successful established (CAS_CONNECT_DONE) but has a reconnect and needs to redo s...
void tls_session_soft_reset(struct tls_multi *tls_multi)
static bool generate_key_expansion_tls_export(struct tls_session *session, struct key2 *key2)
const char * remote_options
#define MAX_HMAC_KEY_LENGTH
static void tls_limit_reneg_bytes(const char *ciphername, int64_t *reneg_bytes)
Limit the reneg_bytes value when using a small-block (<128 bytes) cipher.
#define P_CONTROL_SOFT_RESET_V1
static bool key_method_2_write(struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
Handle the writing of key data, peer-info, username/password, OCC to the TLS control channel (clearte...
static bool buf_advance(struct buffer *buf, int size)
void tls_x509_clear_env(struct env_set *es)
Remove any X509_ env variables from env_set es.
static bool control_packet_needs_wkc(const struct key_state *ks)
bool ssl_get_auth_nocache(void)
static struct key_state * get_key_scan(struct tls_multi *multi, int index)
gets an item of key_state objects in the order they should be scanned by data channel modules.
int reliable_get_num_output_sequenced_available(struct reliable *rel)
Counts the number of free buffers in output that can be potentially used for sending.
static bool buf_write_u16(struct buffer *dest, uint16_t data)
void reliable_mark_active_outgoing(struct reliable *rel, struct buffer *buf, int opcode)
Mark the reliable entry associated with the given buffer as active outgoing.
bool ssl_clean_auth_token(void)
off_t crl_last_size
size of last loaded CRL
static bool check_outgoing_ciphertext(struct key_state *ks, struct tls_session *session, bool *continue_tls_process)
static void tls_session_init(struct tls_multi *multi, struct tls_session *session)
Initialize a tls_session structure.
Key ordering of the key2.keys array.
#define PERF_TLS_MULTI_PROCESS
void ssl_put_auth_challenge(const char *cr_str)
struct buffer * reliable_get_buf_output_sequenced(struct reliable *rel)
Get the buffer of free reliable entry and check whether the outgoing acknowledgment sequence is still...
void purge_user_pass(struct user_pass *up, const bool force)
struct link_socket_actual to_link_addr
static bool buf_write_prepend(struct buffer *dest, const void *src, int size)
bool reliable_not_replay(const struct reliable *rel, packet_id_type id)
Check that a received packet's ID is not a replay.
#define S_ACTIVE
Operational key_state state immediately after negotiation has completed while still within the handsh...
static bool buf_write_u8(struct buffer *dest, uint8_t data)
#define OPENVPN_STATE_WAIT
int payload_size
the maximum size that a payload that our buffers can hold from either tun device or network link.
unsigned int imported_protocol_flags
static char * auth_challenge
static void export_user_keying_material(struct tls_session *session)
static bool key_source2_randomize_write(struct key_source2 *k2, struct buffer *buf, bool server)
#define GET_USER_PASS_DYNAMIC_CHALLENGE
struct key_state key[KS_SIZE]
struct link_socket_actual remote_addr
static void update_time(void)
uint8_t random1[32]
Seed used for master secret generation, provided by both client and server.
#define IV_PROTO_DATA_EPOCH
Support the extended packet id and epoch format for data channel packets.
#define SSLF_CRL_VERIFY_DIR
bool is_hard_reset_method2(int op)
Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-metho...
char * options_string_extract_option(const char *options_string, const char *opt_name, struct gc_arena *gc)
Given an OpenVPN options string, extract the value of an option.
#define ALLOC_ARRAY_CLEAR_GC(dptr, type, n, gc)
static bool session_id_read(struct session_id *sid, struct buffer *buf)
void ssl_set_auth_token(const char *token)
void frame_calculate_dynamic(struct frame *frame, struct key_type *kt, const struct options *options, struct link_socket_info *lsi)
Set the –mssfix option.
interval_t reliable_send_timeout(const struct reliable *rel)
Determined how many seconds until the earliest resend should be attempted.
static void perf_pop(void)
static void key_state_free(struct key_state *ks, bool clear)
Cleanup a key_state structure.
void enable_auth_user_pass(void)
bool tls_session_update_crypto_params_do_work(struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi, dco_context_t *dco)
#define OPENVPN_MAX_HMAC_SIZE
struct that stores the temporary data for the tls lite decrypt functions
bool tls_session_generate_dynamic_tls_crypt_key(struct tls_session *session)
Generates a TLS-Crypt key to be used with dynamic tls-crypt using the TLS EKM exporter function.
#define ALLOC_OBJ_CLEAR_GC(dptr, type, gc)
void reliable_mark_deleted(struct reliable *rel, struct buffer *buf)
Remove an entry from a reliable structure.
uint64_t packet_id_print_type
int tls_version_max(void)
Return the maximum TLS version (as a TLS_VER_x constant) supported by current SSL implementation.
bool tls_send_payload(struct key_state *ks, const uint8_t *data, int size)
void write_control_auth(struct tls_session *session, struct key_state *ks, struct buffer *buf, struct link_socket_actual **to_link_addr, int opcode, int max_ack, bool prepend_ack)
int in_key
Index into the key2.keys array for the receiving direction.
void crypto_init_lib(void)
void tls_ctx_free(struct tls_root_ctx *ctx)
Frees the library-specific TLSv1 context.
const char * local_options
struct session_id session_id_remote
int dco_peer_id
This is the handle that DCO uses to identify this session with the kernel.
@ TLS_AUTHENTICATION_FAILED
void tls_ctx_set_cert_profile(struct tls_root_ctx *ctx, const char *profile)
Set the TLS certificate profile.
#define S_UNDEF
Undefined state, used after a key_state is cleaned up.
uint8_t pre_master[48]
Random used for master secret generation, provided only by client OpenVPN peer.
static int buf_read_u16(struct buffer *buf)
#define TM_LAME_DUCK
Old tls_session.
void tls_prepend_opcode_v2(const struct tls_multi *multi, struct buffer *buf)
Prepend an OpenVPN data channel P_DATA_V2 header to the packet.
bool session_skip_to_pre_start(struct tls_session *session, struct tls_pre_decrypt_state *state, struct link_socket_actual *from)
static bool get_user_pass(struct user_pass *up, const char *auth_file, const char *prefix, const unsigned int flags)
Retrieves the user credentials from various sources depending on the flags.
bool check_key(struct key *key, const struct key_type *kt)
struct key_state * save_ks
static void key_source_print(const struct key_source *k, const char *prefix)
const char * reliable_ack_print(struct buffer *buf, bool verbose, struct gc_arena *gc)
static bool write_empty_string(struct buffer *buf)
bool cipher_kt_mode_aead(const char *ciphername)
Check if the supplied cipher is a supported AEAD mode cipher.
static void key_source2_print(const struct key_source2 *k)
@ KS_AUTH_TRUE
Key state is authenticated.
bool packet_id_read(struct packet_id_net *pin, struct buffer *buf, bool long_form)
const char * challenge_text
static bool management_enable_def_auth(const struct management *man)
void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, struct tls_session *session)
Initialise the SSL channel part of the given key state.
bool key_state_export_keying_material(struct tls_session *session, const char *label, size_t label_size, void *ekm, size_t ekm_size)
Keying Material Exporters [RFC 5705] allows additional keying material to be derived from existing TL...
Wrapper structure for dynamically allocated memory.
const char * packet_id_net_print(const struct packet_id_net *pin, bool print_timestamp, struct gc_arena *gc)
int key_state_write_plaintext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Insert a plaintext buffer into the TLS module.
#define TLS_RELIABLE_N_SEND_BUFFERS
int dco_set_peer(dco_context_t *dco, unsigned int peerid, int keepalive_interval, int keepalive_timeout, int mss)
const char * management_certificate
const char * protocol_dump(struct buffer *buffer, unsigned int flags, struct gc_arena *gc)
int rand_bytes(uint8_t *output, int len)
Wrapper for secure random number generator.
struct buffer_list * buffer_list_new(void)
Allocate an empty buffer list of capacity max_size.
#define CO_USE_DYNAMIC_TLS_CRYPT
Bit-flag indicating that renegotiations are using tls-crypt with a TLS-EKM derived key.
static int auth_deferred_expire_window(const struct tls_options *o)
static bool reliable_ack_empty(struct reliable_ack *ack)
Check whether an acknowledgment structure contains any packet IDs to be acknowledged.
void tls_ctx_set_tls_groups(struct tls_root_ctx *ctx, const char *groups)
Set the (elliptic curve) group allowed for signatures and key exchange.
static void tls_session_free(struct tls_session *session, bool clear)
Clean up a tls_session structure.
static bool buf_write(struct buffer *dest, const void *src, size_t size)
struct link_socket_actual actual
static void link_socket_set_outgoing_addr(struct link_socket_info *info, const struct link_socket_actual *act, const char *common_name, struct env_set *es)
static const char * ks_auth_name(enum ks_auth_state auth)
Security parameter state of a single session within a VPN tunnel.
#define CONTROL_SEND_ACK_MAX
unsigned int management_flags
static struct user_pass auth_user_pass
static bool session_id_defined(const struct session_id *sid1)
struct buffer * reliable_send(struct reliable *rel, int *opcode)
Get the next packet to send to the remote peer.
bool cipher_kt_mode_ofb_cfb(const char *ciphername)
Check if the supplied cipher is a supported OFB or CFB mode cipher.
#define IV_PROTO_AUTH_PENDING_KW
Supports signaling keywords with AUTH_PENDING, e.g.
char * locked_original_username
The username that client initially used before being overridden by –override-user.
static bool auth_user_pass_enabled
void tls_auth_standalone_free(struct tls_auth_standalone *tas)
Frees a standalone tls-auth verification object.
void tls_ctx_restrict_ciphers_tls13(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.3 and higher.
Container for both halves of random material to be used in key method 2 data channel key generation.
bool cipher_kt_insecure(const char *ciphername)
Returns true if we consider this cipher to be insecure.
Garbage collection arena used to keep track of dynamically allocated memory.
int key_id
Key id for this key_state, inherited from struct tls_session.
void key_state_rm_auth_control_files(struct auth_deferred_status *ads)
Removes auth_pending and auth_control files from file system and key_state structure.
bool key_is_external(const struct options *options)
void setenv_str(struct env_set *es, const char *name, const char *value)
uint64_t cipher_get_aead_limits(const char *ciphername)
Check if the cipher is an AEAD cipher and needs to be limited to a certain number of number of blocks...
const char * cipher
const name of the cipher
struct key_source2 * key_src
void pem_password_setup(const char *auth_file)
#define IV_PROTO_DYN_TLS_CRYPT
Support to dynamic tls-crypt (renegotiation with TLS-EKM derived tls-crypt key)
#define EXPORT_KEY_DATA_LABEL
struct tls_auth_standalone * tls_auth_standalone_init(struct tls_options *tls_options, struct gc_arena *gc)
static bool read_incoming_tls_ciphertext(struct buffer *buf, struct key_state *ks, bool *continue_tls_process)
Read incoming ciphertext and passes it to the buffer of the SSL library.
void tls_ctx_check_cert_time(const struct tls_root_ctx *ctx)
Check our certificate notBefore and notAfter fields, and warn if the cert is either not yet valid or ...
static void strncpynt(char *dest, const char *src, size_t maxlen)
const char * win32_version_string(struct gc_arena *gc, bool add_name)
static struct user_pass auth_token
The reliability layer storage structure for one VPN tunnel's control channel in one direction.
void tls_multi_free(struct tls_multi *multi, bool clear)
Cleanup a tls_multi structure and free associated memory allocations.
void buffer_list_pop(struct buffer_list *ol)
uint64_t plaintext_blocks
Counter for the number of plaintext block encrypted using this cipher with the current key in number ...
struct auth_deferred_status plugin_auth
struct buffer_list * paybuf
Holds outgoing message for the control channel until ks->state reaches S_ACTIVE.
bool priv_key_file_inline
static bool dco_enabled(const struct options *o)
Returns whether the current configuration has dco enabled.
struct tls_wrap_ctx tls_wrap
void free_buf(struct buffer *buf)
void ssl_set_auth_nocache(void)
static bool check_debug_level(unsigned int level)
int n_sessions
Number of sessions negotiated thus far.
bool reliable_ack_read_packet_id(struct buffer *buf, packet_id_type *pid)
Read the packet ID of a received packet.
struct key_state * tls_select_encryption_key(struct tls_multi *multi)
Selects the primary encryption that should be used to encrypt data of an outgoing packet.
struct buffer plaintext_write_buf
void tls_multi_init_finalize(struct tls_multi *multi, int tls_mtu)
Finalize initialization of a tls_multi structure.
bool reliable_wont_break_sequentiality(const struct reliable *rel, packet_id_type id)
Check that a received packet's ID can safely be stored in the reliable structure's processing window.
static void check_session_buf_not_used(struct buffer *to_link, struct tls_session *session)
This is a safe guard function to double check that a buffer from a session is not used in a session t...
struct tls_multi * tls_multi_init(struct tls_options *tls_options)
Allocate and initialize a tls_multi structure.
static int buf_len(const struct buffer *buf)
void tls_prepend_opcode_v1(const struct tls_multi *multi, struct buffer *buf)
Prepend a one-byte OpenVPN data channel P_DATA_V1 opcode to the packet.
uint16_t mss_fix
The actual MSS value that should be written to the payload packets.
void tls_ctx_load_ca(struct tls_root_ctx *ctx, const char *ca_file, bool ca_file_inline, const char *ca_path, bool tls_server)
Load certificate authority certificates from the given file or path.
#define IV_PROTO_NCP_P2P
Support doing NCP in P2P mode.
struct auth_deferred_status script_auth
void * gc_malloc(size_t size, bool clear, struct gc_arena *a)
static int max_int(int x, int y)
#define TLS_CRYPT_TAG_SIZE
Structure that wraps the TLS context.
void ssl_purge_auth(const bool auth_user_pass_only)
bool tls_rec_payload(struct tls_multi *multi, struct buffer *buf)
struct packet_id_send send
@ CAS_WAITING_OPTIONS_IMPORT
client with pull or p2p waiting for first time options import
struct key_source client
Random provided by client.
#define D_SHOW_KEY_SOURCE
void cert_hash_free(struct cert_hash_set *chs)
Frees the given set of certificate hashes.
static SERVICE_STATUS status
static int packet_id_size(bool long_form)
void auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
Sets the reason why authentication of a client failed.
#define CO_PACKET_ID_LONG_FORM
Bit-flag indicating whether to use OpenVPN's long packet ID format.
const char * print_link_socket_actual(const struct link_socket_actual *act, struct gc_arena *gc)
void packet_id_persist_load_obj(const struct packet_id_persist *p, struct packet_id *pid)
#define S_PRE_START
Waiting for the remote OpenVPN peer to acknowledge during the initial three-way handshake.
static int min_int(int x, int y)
static void gc_free(struct gc_arena *a)
bool reliable_can_get(const struct reliable *rel)
Check whether a reliable structure has any free buffers available for use.
#define GET_USER_PASS_PASSWORD_ONLY
static bool parse_early_negotiation_tlvs(struct buffer *buf, struct key_state *ks)
Parses the TLVs (type, length, value) in the early negotiation.
@ KS_AUTH_DEFERRED
Key state authentication is being deferred, by async auth.
const char * cryptoapi_cert
const char * options_string_compat_lzo(const char *options, struct gc_arena *gc)
Takes a locally produced OCC string for TLS server mode and modifies as if the option comp-lzo was en...
#define ALLOC_OBJ_CLEAR(dptr, type)
uint8_t cipher[MAX_CIPHER_KEY_LENGTH]
Key material for cipher operations.
struct key_ctx_bi key_ctx_bi
OpenSSL cipher and HMAC contexts for both sending and receiving directions.
static bool openvpn_PRF(const uint8_t *secret, int secret_len, const char *label, const uint8_t *client_seed, int client_seed_len, const uint8_t *server_seed, int server_seed_len, const struct session_id *client_sid, const struct session_id *server_sid, uint8_t *output, int output_len)
bool reliable_ack_read(struct reliable_ack *ack, struct buffer *buf, const struct session_id *sid)
Read an acknowledgment record from a received packet.
#define S_INITIAL
Initial key_state state after initialization by key_state_init() before start of three-way handshake.
void wipe_auth_token(struct tls_multi *multi)
Wipes the authentication token out of the memory, frees and cleans up related buffers and flags.
time_t auth_deferred_expire
#define OPENVPN_PLUGIN_FUNC_SUCCESS
static void handle_data_channel_packet(struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
Check the keyid of the an incoming data channel packet and return the matching crypto parameters in o...
void session_id_random(struct session_id *sid)
const char * extra_certs_file
int pem_password_callback(char *buf, int size, int rwflag, void *u)
Callback to retrieve the user's password.
#define OPENVPN_PLUGIN_TLS_FINAL
Data structure for describing the packet id that is received/send to the network.
unsigned int crypto_flags
void buffer_list_free(struct buffer_list *ol)
Frees a buffer list and all the buffers in it.
char * remote_ciphername
cipher specified in peer's config file
static struct tls_wrap_ctx * tls_session_get_tls_wrap(struct tls_session *session, int key_id)
Determines if the current session should use the renegotiation tls wrap struct instead the normal one...
static int init_key_dco_bi(struct tls_multi *multi, struct key_state *ks, const struct key2 *key2, int key_direction, const char *ciphername, bool server)
void get_default_gateway(struct route_gateway_info *rgi, in_addr_t dest, openvpn_net_ctx_t *ctx)
Retrieves the best gateway for a given destination based on the routing table.
Container for bidirectional cipher and HMAC key material.
void reliable_mark_active_incoming(struct reliable *rel, struct buffer *buf, packet_id_type pid, int opcode)
Mark the reliable entry associated with the given buffer as active incoming.
static int reliable_ack_outstanding(struct reliable_ack *ack)
Returns the number of packets that need to be acked.
struct reliable_entry * reliable_get_entry_sequenced(struct reliable *rel)
Get the buffer of the next sequential and active entry.
static char * format_hex(const uint8_t *data, int size, int maxoutput, struct gc_arena *gc)
void tls_post_encrypt(struct tls_multi *multi, struct buffer *buf)
Perform some accounting for the key state used.
#define CO_IGNORE_PACKET_ID
Bit-flag indicating whether to ignore the packet ID of a received packet.
bool reliable_can_send(const struct reliable *rel)
Check whether a reliable structure has any active entries ready to be (re)sent.
static void check_malloc_return(void *p)
char password[USER_PASS_LEN]
void reliable_init(struct reliable *rel, int buf_size, int offset, int array_size, bool hold)
Initialize a reliable structure.
#define TM_INITIAL
As yet un-trusted tls_session being negotiated.
const char * priv_key_file
#define GET_USER_PASS_INLINE_CREDS
void init_key_type(struct key_type *kt, const char *ciphername, const char *authname, bool tls_mode, bool warn)
Initialize a key_type structure with.
void tls_pre_encrypt(struct tls_multi *multi, struct buffer *buf, struct crypto_options **opt)
Choose the appropriate security parameters with which to process an outgoing packet.
static int datagram_overhead(sa_family_t af, int proto)
static int buf_read_u8(struct buffer *buf)
bool plugin_defined(const struct plugin_list *pl, const int type)
#define P_CONTROL_HARD_RESET_SERVER_V1
char * management_query_cert(struct management *man, const char *cert_name)
struct packet_id packet_id
Current packet ID state for both sending and receiving directions.
static void tls_ctx_reload_crl(struct tls_root_ctx *ssl_ctx, const char *crl_file, bool crl_file_inline)
Load (or possibly reload) the CRL file into the SSL context.
#define S_GOT_KEY
Local OpenVPN process has received the remote's part of the key material.
static bool tls_session_user_pass_enabled(struct tls_session *session)
Returns whether or not the server should check for username/password.
struct buffer plaintext_read_buf
char * locked_username
The locked username is the username we assume the client is using.
void reliable_send_purge(struct reliable *rel, const struct reliable_ack *ack)
Remove acknowledged packets from a reliable structure.
int key_state_write_plaintext_const(struct key_state_ssl *ks_ssl, const uint8_t *data, int len)
Insert plaintext data into the TLS module.
unsigned int flags
Bit-flags determining behavior of security operation functions.
void tls_multi_init_set_options(struct tls_multi *multi, const char *local, const char *remote)
#define S_ERROR
Error state.
void auth_user_pass_setup(const char *auth_file, bool is_inline, const struct static_challenge_info *sci)
#define KS_SIZE
Size of the tls_session.key array.
#define CO_USE_TLS_KEY_MATERIAL_EXPORT
Bit-flag indicating that data channel key derivation is done using TLS keying material export [RFC570...
struct key keys[2]
Two unidirectional sets of key material.
struct buffer alloc_buf(size_t size)
int tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, bool pkcs12_file_inline, bool load_ca_file)
Load PKCS #12 file for key, cert and (optionally) CA certs, and add to library-specific TLS context.
#define TLS_VER_BAD
Parse a TLS version specifier.
struct buffer ack_write_buf
struct packet_id_persist * pid_persist
Persistent packet ID state for keeping state between successive OpenVPN process startups.
void setenv_del(struct env_set *es, const char *name)
static bool packet_id_close_to_wrapping(const struct packet_id_send *p)
void packet_id_free(struct packet_id *p)
#define UP_TYPE_PRIVATE_KEY
static bool key_method_2_read(struct buffer *buf, struct tls_multi *multi, struct tls_session *session)
Handle reading key data, peer-info, username/password, OCC from the TLS control channel (cleartext).
uint8_t random2[32]
Seed used for key expansion, provided by both client and server.
static bool tls_process(struct tls_multi *multi, struct tls_session *session, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
#define IV_PROTO_AUTH_FAIL_TEMP
Support for AUTH_FAIL,TEMP messages.
#define GET_USER_PASS_STATIC_CHALLENGE
static int read_string(struct buffer *buf, char *str, const unsigned int capacity)
Read a string that is encoded as a 2 byte header with the length from the buffer buf.
The acknowledgment structure in which packet IDs are stored for later acknowledgment.
#define IV_PROTO_CC_EXIT_NOTIFY
Support for explicit exit notify via control channel This also includes support for the protocol-flag...
void verify_user_pass(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Main username/password verification entry point.
void tls_clear_error(void)
Clear the underlying SSL library's error state.
int tun_mtu
the (user) configured tun-mtu.
void reliable_free(struct reliable *rel)
Free allocated memory associated with a reliable structure and the pointer itself.
static void key_state_init(struct tls_session *session, struct key_state *ks)
Initialize a key_state structure.
void tls_ctx_load_dh_params(struct tls_root_ctx *ctx, const char *dh_file, bool dh_file_inline)
Load Diffie Hellman Parameters, and load them into the library-specific TLS context.
struct key_ctx decrypt
cipher and/or HMAC contexts for receiving direction.
#define TLS_CHANNEL_BUF_SIZE
static void perf_push(int type)
void tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers)
Restrict the list of ciphers that can be used within the TLS context for TLS 1.2 and below.
bool buf_printf(struct buffer *buf, const char *format,...)
bool ssl_tls1_PRF(const uint8_t *seed, int seed_len, const uint8_t *secret, int secret_len, uint8_t *output, int output_len)
Calculates the TLS 1.0-1.1 PRF function.
void init_ssl(const struct options *options, struct tls_root_ctx *new_ctx, bool in_chroot)
Build master SSL context object that serves for the whole of OpenVPN instantiation.
int key_state_read_ciphertext(struct key_state_ssl *ks_ssl, struct buffer *buf)
Extract ciphertext data from the TLS module.
void options_warning(char *actual, const char *expected)
int headroom
the headroom in the buffer, this is choosen to allow all potential header to be added before the pack...
static bool buf_copy_n(struct buffer *dest, struct buffer *src, int n)
static const char * state_name(int state)
int hmac_ctx_size(hmac_ctx_t *ctx)
Security parameter state for processing data channel packets.
static bool read_incoming_tls_plaintext(struct key_state *ks, struct buffer *buf, interval_t *wakeup, bool *continue_tls_process)
void ssl_purge_auth_challenge(void)
#define P_CONTROL_HARD_RESET_SERVER_V2
static bool link_socket_actual_match(const struct link_socket_actual *a1, const struct link_socket_actual *a2)
static const char * packet_opcode_name(int op)
void key_state_ssl_shutdown(struct key_state_ssl *ks_ssl)
Sets a TLS session to be shutdown state, so the TLS library will generate a shutdown alert.
uint8_t * data
Pointer to the allocated memory.
#define TLV_TYPE_EARLY_NEG_FLAGS
bool tls_pre_decrypt(struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
Determine whether an incoming packet is a data channel or control channel packet, and process accordi...
The structure in which the reliability layer stores a single incoming or outgoing packet.
static int cleanup(void **state)
