OpenVPN
Macros | Functions
ssl.h File Reference
#include "basic.h"
#include "common.h"
#include "crypto.h"
#include "packet_id.h"
#include "session_id.h"
#include "reliable.h"
#include "socket.h"
#include "mtu.h"
#include "options.h"
#include "plugin.h"
#include "ssl_common.h"
#include "ssl_backend.h"
#include "ssl_pkt.h"
#include "tls_crypt.h"
Include dependency graph for ssl.h:
This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Macros

#define KEY_EXPANSION_ID   "OpenVPN"
 
#define CONTROL_SEND_ACK_MAX   4
 
#define TLS_MULTI_REFRESH   15 /* call tls_multi_process once every n seconds */
 
#define TLS_MULTI_HORIZON
 
#define TLS_OPTIONS_LEN   512
 
#define IV_PROTO_DATA_V2   (1<<1)
 Support P_DATA_V2. More...
 
#define IV_PROTO_REQUEST_PUSH   (1<<2)
 Assume client will send a push request and server does not need to wait for a push-request to send a push-reply. More...
 
#define IV_PROTO_TLS_KEY_EXPORT   (1<<3)
 Supports key derivation via TLS key material exporter [RFC5705]. More...
 
#define IV_PROTO_AUTH_PENDING_KW   (1<<4)
 Supports signaling keywords with AUTH_PENDING, e.g. More...
 
#define IV_PROTO_NCP_P2P   (1<<5)
 Support doing NCP in P2P mode. More...
 
#define IV_PROTO_DNS_OPTION   (1<<6)
 Supports the –dns option introduced in version 2.6. More...
 
#define IV_PROTO_CC_EXIT_NOTIFY   (1<<7)
 Support for explicit exit notify via control channel This also includes support for the protocol-flags pushed option. More...
 
#define IV_PROTO_AUTH_FAIL_TEMP   (1<<8)
 Support for AUTH_FAIL,TEMP messages. More...
 
#define IV_PROTO_DYN_TLS_CRYPT   (1<<9)
 Support to dynamic tls-crypt (renegotiation with TLS-EKM derived tls-crypt key) More...
 
#define X509_USERNAME_FIELD_DEFAULT   "CN"
 
#define KEY_METHOD_2   2
 
#define KEY_METHOD_MASK   0x0F
 
#define TLSMP_INACTIVE   0
 
#define TLSMP_ACTIVE   1
 
#define TLSMP_KILL   2
 
#define TLSMP_RECONNECT   3
 
#define PD_TLS_AUTH_HMAC_SIZE_MASK   0xFF
 
#define PD_SHOW_DATA   (1<<8)
 
#define PD_TLS   (1<<9)
 
#define PD_VERBOSE   (1<<10)
 
#define PD_TLS_CRYPT   (1<<11)
 

Functions

void init_ssl_lib (void)
 
void free_ssl_lib (void)
 
void init_ssl (const struct options *options, struct tls_root_ctx *ctx, bool in_chroot)
 Build master SSL context object that serves for the whole of OpenVPN instantiation. More...
 
int tls_multi_process (struct tls_multi *multi, struct buffer *to_link, struct link_socket_actual **to_link_addr, struct link_socket_info *to_link_socket_info, interval_t *wakeup)
 
bool tls_pre_decrypt (struct tls_multi *multi, const struct link_socket_actual *from, struct buffer *buf, struct crypto_options **opt, bool floated, const uint8_t **ad_start)
 Determine whether an incoming packet is a data channel or control channel packet, and process accordingly. More...
 
void pem_password_setup (const char *auth_file)
 
void enable_auth_user_pass (void)
 
void auth_user_pass_setup (const char *auth_file, bool is_inline, const struct static_challenge_info *sc_info)
 
void ssl_set_auth_nocache (void)
 
bool ssl_get_auth_nocache (void)
 
void ssl_purge_auth (const bool auth_user_pass_only)
 
void ssl_set_auth_token (const char *token)
 
void ssl_set_auth_token_user (const char *username)
 
bool ssl_clean_auth_token (void)
 
void ssl_purge_auth_challenge (void)
 
void ssl_put_auth_challenge (const char *cr_str)
 
bool tls_send_payload (struct key_state *ks, const uint8_t *data, int size)
 
bool tls_rec_payload (struct tls_multi *multi, struct buffer *buf)
 
void tls_update_remote_addr (struct tls_multi *multi, const struct link_socket_actual *addr)
 Updates remote address in TLS sessions. More...
 
bool tls_session_update_crypto_params (struct tls_multi *multi, struct tls_session *session, struct options *options, struct frame *frame, struct frame *frame_fragment, struct link_socket_info *lsi)
 Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options. More...
 
static void tls_wrap_free (struct tls_wrap_ctx *tls_wrap)
 Free the elements of a tls_wrap_ctx structure. More...
 
static bool tls_initial_packet_received (const struct tls_multi *multi)
 
static int tls_test_payload_len (const struct tls_multi *multi)
 
static void tls_set_single_session (struct tls_multi *multi)
 
const char * protocol_dump (struct buffer *buffer, unsigned int flags, struct gc_arena *gc)
 
bool is_hard_reset_method2 (int op)
 Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-method 2. More...
 
void show_available_tls_ciphers (const char *cipher_list, const char *cipher_list_tls13, const char *tls_cert_profile)
 
bool tls_session_generate_data_channel_keys (struct tls_multi *multi, struct tls_session *session)
 Generate data channel keys for the supplied TLS session. More...
 
void tls_session_soft_reset (struct tls_multi *multi)
 
void load_xkey_provider (void)
 Load ovpn.xkey provider used for external key signing. More...
 
bool session_skip_to_pre_start (struct tls_session *session, struct tls_pre_decrypt_state *state, struct link_socket_actual *from)
 
Functions for initialization and cleanup of tls_multi structures
struct tls_multitls_multi_init (struct tls_options *tls_options)
 Allocate and initialize a tls_multi structure. More...
 
void tls_multi_init_finalize (struct tls_multi *multi, int tls_mtu)
 Finalize initialization of a tls_multi structure. More...
 
struct tls_auth_standalonetls_auth_standalone_init (struct tls_options *tls_options, struct gc_arena *gc)
 
void tls_auth_standalone_free (struct tls_auth_standalone *tas)
 Frees a standalone tls-auth verification object. More...
 
void tls_init_control_channel_frame_parameters (struct frame *frame, int tls_mtu)
 
void tls_multi_init_set_options (struct tls_multi *multi, const char *local, const char *remote)
 
void tls_multi_free (struct tls_multi *multi, bool clear)
 Cleanup a tls_multi structure and free associated memory allocations. More...
 
Functions for managing security parameter state for data channel packets
void tls_pre_encrypt (struct tls_multi *multi, struct buffer *buf, struct crypto_options **opt)
 Choose the appropriate security parameters with which to process an outgoing packet. More...
 
struct key_statetls_select_encryption_key (struct tls_multi *multi)
 Selects the primary encryption that should be used to encrypt data of an outgoing packet. More...
 
void tls_prepend_opcode_v1 (const struct tls_multi *multi, struct buffer *buf)
 Prepend a one-byte OpenVPN data channel P_DATA_V1 opcode to the packet. More...
 
void tls_prepend_opcode_v2 (const struct tls_multi *multi, struct buffer *buf)
 Prepend an OpenVPN data channel P_DATA_V2 header to the packet. More...
 
void tls_post_encrypt (struct tls_multi *multi, struct buffer *buf)
 Perform some accounting for the key state used. More...
 

Macro Definition Documentation

◆ CONTROL_SEND_ACK_MAX

#define CONTROL_SEND_ACK_MAX   4

Definition at line 55 of file ssl.h.

◆ IV_PROTO_AUTH_FAIL_TEMP

#define IV_PROTO_AUTH_FAIL_TEMP   (1<<8)

Support for AUTH_FAIL,TEMP messages.

Definition at line 104 of file ssl.h.

◆ IV_PROTO_AUTH_PENDING_KW

#define IV_PROTO_AUTH_PENDING_KW   (1<<4)

Supports signaling keywords with AUTH_PENDING, e.g.

timeout=xy

Definition at line 89 of file ssl.h.

◆ IV_PROTO_CC_EXIT_NOTIFY

#define IV_PROTO_CC_EXIT_NOTIFY   (1<<7)

Support for explicit exit notify via control channel This also includes support for the protocol-flags pushed option.

Definition at line 101 of file ssl.h.

◆ IV_PROTO_DATA_V2

#define IV_PROTO_DATA_V2   (1<<1)

Support P_DATA_V2.

Definition at line 79 of file ssl.h.

◆ IV_PROTO_DNS_OPTION

#define IV_PROTO_DNS_OPTION   (1<<6)

Supports the –dns option introduced in version 2.6.

Definition at line 97 of file ssl.h.

◆ IV_PROTO_DYN_TLS_CRYPT

#define IV_PROTO_DYN_TLS_CRYPT   (1<<9)

Support to dynamic tls-crypt (renegotiation with TLS-EKM derived tls-crypt key)

Definition at line 107 of file ssl.h.

◆ IV_PROTO_NCP_P2P

#define IV_PROTO_NCP_P2P   (1<<5)

Support doing NCP in P2P mode.

This mode works by both peers looking at each other's IV_ variables and deterministically deciding both on the same result.

Definition at line 94 of file ssl.h.

◆ IV_PROTO_REQUEST_PUSH

#define IV_PROTO_REQUEST_PUSH   (1<<2)

Assume client will send a push request and server does not need to wait for a push-request to send a push-reply.

Definition at line 83 of file ssl.h.

◆ IV_PROTO_TLS_KEY_EXPORT

#define IV_PROTO_TLS_KEY_EXPORT   (1<<3)

Supports key derivation via TLS key material exporter [RFC5705].

Definition at line 86 of file ssl.h.

◆ KEY_EXPANSION_ID

#define KEY_EXPANSION_ID   "OpenVPN"

Definition at line 49 of file ssl.h.

◆ KEY_METHOD_2

#define KEY_METHOD_2   2

Definition at line 112 of file ssl.h.

◆ KEY_METHOD_MASK

#define KEY_METHOD_MASK   0x0F

Definition at line 115 of file ssl.h.

◆ PD_SHOW_DATA

#define PD_SHOW_DATA   (1<<8)

Definition at line 525 of file ssl.h.

◆ PD_TLS

#define PD_TLS   (1<<9)

Definition at line 526 of file ssl.h.

◆ PD_TLS_AUTH_HMAC_SIZE_MASK

#define PD_TLS_AUTH_HMAC_SIZE_MASK   0xFF

Definition at line 524 of file ssl.h.

◆ PD_TLS_CRYPT

#define PD_TLS_CRYPT   (1<<11)

Definition at line 528 of file ssl.h.

◆ PD_VERBOSE

#define PD_VERBOSE   (1<<10)

Definition at line 527 of file ssl.h.

◆ TLS_MULTI_HORIZON

#define TLS_MULTI_HORIZON
Value:
2 /* call tls_multi_process frequently for n seconds after
* every packet sent/received action */

Definition at line 61 of file ssl.h.

◆ TLS_MULTI_REFRESH

#define TLS_MULTI_REFRESH   15 /* call tls_multi_process once every n seconds */

Definition at line 60 of file ssl.h.

◆ TLS_OPTIONS_LEN

#define TLS_OPTIONS_LEN   512

Definition at line 68 of file ssl.h.

◆ TLSMP_ACTIVE

#define TLSMP_ACTIVE   1

Definition at line 222 of file ssl.h.

◆ TLSMP_INACTIVE

#define TLSMP_INACTIVE   0

Definition at line 221 of file ssl.h.

◆ TLSMP_KILL

#define TLSMP_KILL   2

Definition at line 223 of file ssl.h.

◆ TLSMP_RECONNECT

#define TLSMP_RECONNECT   3

Definition at line 224 of file ssl.h.

◆ X509_USERNAME_FIELD_DEFAULT

#define X509_USERNAME_FIELD_DEFAULT   "CN"

Definition at line 110 of file ssl.h.

Function Documentation

◆ auth_user_pass_setup()

void auth_user_pass_setup ( const char *  auth_file,
bool  is_inline,
const struct static_challenge_info sc_info 
)

◆ enable_auth_user_pass()

void enable_auth_user_pass ( void  )

Definition at line 280 of file ssl.c.

References auth_user_pass_enabled.

Referenced by init_query_passwords().

◆ free_ssl_lib()

void free_ssl_lib ( void  )

Definition at line 229 of file ssl.c.

References crypto_uninit_lib(), and tls_free_lib().

Referenced by uninit_static().

◆ init_ssl()

void init_ssl ( const struct options options,
struct tls_root_ctx ctx,
bool  in_chroot 
)

◆ init_ssl_lib()

void init_ssl_lib ( void  )

Definition at line 221 of file ssl.c.

References crypto_init_lib(), and tls_init_lib().

Referenced by init_static().

◆ is_hard_reset_method2()

bool is_hard_reset_method2 ( int  op)

Given a key_method, return true if opcode represents the one of the hard_reset op codes for key-method 2.

Definition at line 772 of file ssl.c.

References P_CONTROL_HARD_RESET_CLIENT_V2, P_CONTROL_HARD_RESET_CLIENT_V3, and P_CONTROL_HARD_RESET_SERVER_V2.

Referenced by tls_pre_decrypt(), and tls_process_state().

◆ load_xkey_provider()

void load_xkey_provider ( void  )

Load ovpn.xkey provider used for external key signing.

Load ovpn.xkey provider used for external key signing.

Setup ovpn.xey provider for signing with external keys. It is loaded into a custom library context so as not to pollute the default context. Alternatively we could override any system-wide property query set on the default context. But we want to avoid that.

Definition at line 2442 of file ssl_openssl.c.

References check_malloc_return(), M_NONFATAL, msg, and tls_libctx.

Referenced by init_ssl().

◆ pem_password_setup()

void pem_password_setup ( const char *  auth_file)

◆ protocol_dump()

const char* protocol_dump ( struct buffer buffer,
unsigned int  flags,
struct gc_arena gc 
)

◆ session_skip_to_pre_start()

bool session_skip_to_pre_start ( struct tls_session session,
struct tls_pre_decrypt_state state,
struct link_socket_actual from 
)

◆ show_available_tls_ciphers()

void show_available_tls_ciphers ( const char *  cipher_list,
const char *  cipher_list_tls13,
const char *  tls_cert_profile 
)

Definition at line 4061 of file ssl.c.

References show_available_tls_ciphers_list(), TLS_VER_1_3, and tls_version_max().

Referenced by print_openssl_info().

◆ ssl_clean_auth_token()

bool ssl_clean_auth_token ( void  )

◆ ssl_get_auth_nocache()

bool ssl_get_auth_nocache ( void  )

Definition at line 341 of file ssl.c.

References user_pass::nocache, and passbuf.

Referenced by options_postprocess_mutate_ce().

◆ ssl_purge_auth()

void ssl_purge_auth ( const bool  auth_user_pass_only)

◆ ssl_purge_auth_challenge()

void ssl_purge_auth_challenge ( void  )

Definition at line 394 of file ssl.c.

References auth_challenge.

Referenced by ssl_purge_auth(), and ssl_put_auth_challenge().

◆ ssl_put_auth_challenge()

void ssl_put_auth_challenge ( const char *  cr_str)

Definition at line 401 of file ssl.c.

References auth_challenge, ssl_purge_auth_challenge(), and string_alloc().

Referenced by receive_auth_failed().

◆ ssl_set_auth_nocache()

void ssl_set_auth_nocache ( void  )

Definition at line 331 of file ssl.c.

References auth_user_pass, user_pass::nocache, and passbuf.

Referenced by add_option().

◆ ssl_set_auth_token()

void ssl_set_auth_token ( const char *  token)

Definition at line 350 of file ssl.c.

References auth_token, and set_auth_token().

Referenced by add_option().

◆ ssl_set_auth_token_user()

void ssl_set_auth_token_user ( const char *  username)

Definition at line 356 of file ssl.c.

References auth_token, set_auth_token_user(), and user_pass::username.

Referenced by add_option().

◆ tls_initial_packet_received()

static bool tls_initial_packet_received ( const struct tls_multi multi)
inlinestatic

Definition at line 493 of file ssl.h.

References tls_multi::n_sessions.

Referenced by check_server_poll_timeout(), and process_outgoing_link().

◆ tls_multi_process()

int tls_multi_process ( struct tls_multi multi,
struct buffer to_link,
struct link_socket_actual **  to_link_addr,
struct link_socket_info to_link_socket_info,
interval_t wakeup 
)

◆ tls_rec_payload()

bool tls_rec_payload ( struct tls_multi multi,
struct buffer buf 
)

◆ tls_send_payload()

bool tls_send_payload ( struct key_state ks,
const uint8_t *  data,
int  size 
)

◆ tls_session_generate_data_channel_keys()

bool tls_session_generate_data_channel_keys ( struct tls_multi multi,
struct tls_session session 
)

Generate data channel keys for the supplied TLS session.

This erases the source material used to generate the data channel keys, and can thus be called only once per session.

Definition at line 1550 of file ssl.c.

References key_state::authenticated, cleanup(), key_state::crypto_options, D_TLS_ERRORS, crypto_options::flags, generate_key_expansion(), session::key, key_state::key_src, KS_AUTH_FALSE, KS_PRIMARY, msg, S_GENERATED_KEYS, secure_memzero(), key_state::state, and tls_limit_reneg_bytes().

Referenced by tls_multi_process(), and tls_session_update_crypto_params_do_work().

◆ tls_session_soft_reset()

void tls_session_soft_reset ( struct tls_multi multi)

Definition at line 1772 of file ssl.c.

References key_state_soft_reset(), tls_multi::session, and TM_ACTIVE.

Referenced by process_incoming_dco().

◆ tls_session_update_crypto_params()

bool tls_session_update_crypto_params ( struct tls_multi multi,
struct tls_session session,
struct options options,
struct frame frame,
struct frame frame_fragment,
struct link_socket_info lsi 
)

Update TLS session crypto parameters (cipher and auth) and derive data channel keys based on the supplied options.

Does nothing if keys are already generated.

Parameters
multiThe TLS object for this instance.
sessionThe TLS session to update.
optionsThe options to use when updating session.
frameThe frame options for this session (frame overhead is adjusted based on the selected cipher/auth).
frame_fragmentThe fragment frame options.
lsilink socket info to adjust MTU related options depending on the current protocol
Returns
true if updating succeeded or keys are already generated, false otherwise.

Definition at line 1638 of file ssl.c.

References check_session_cipher(), options::imported_protocol_flags, and tls_session_update_crypto_params_do_work().

Referenced by do_deferred_options_part2(), do_deferred_p2p_ncp(), and multi_client_generate_tls_keys().

◆ tls_set_single_session()

static void tls_set_single_session ( struct tls_multi multi)
inlinestatic

Definition at line 513 of file ssl.h.

References tls_multi::opt, and tls_options::single_session.

Referenced by schedule_exit().

◆ tls_test_payload_len()

static int tls_test_payload_len ( const struct tls_multi multi)
inlinestatic

◆ tls_update_remote_addr()

void tls_update_remote_addr ( struct tls_multi multi,
const struct link_socket_actual addr 
)

Updates remote address in TLS sessions.

Parameters
multi- Tunnel to update
addr- new address

Definition at line 4033 of file ssl.c.

References D_TLS_KEYSELECT, dmsg, gc_free(), gc_new(), session::key, KS_SIZE, link_socket_actual_defined(), link_socket_actual_match(), print_link_socket_actual(), key_state::remote_addr, tls_multi::session, and TM_SIZE.

Referenced by multi_process_float().

◆ tls_wrap_free()

static void tls_wrap_free ( struct tls_wrap_ctx tls_wrap)
inlinestatic