OpenVPN
ssl_verify.c
Go to the documentation of this file.
1 /*
2  * OpenVPN -- An application to securely tunnel IP networks
3  * over a single TCP/UDP port, with support for SSL/TLS-based
4  * session authentication and key exchange,
5  * packet encryption, packet authentication, and
6  * packet compression.
7  *
8  * Copyright (C) 2002-2021 OpenVPN Inc <sales@openvpn.net>
9  * Copyright (C) 2010-2021 Fox Crypto B.V. <openvpn@foxcrypto.com>
10  *
11  * This program is free software; you can redistribute it and/or modify
12  * it under the terms of the GNU General Public License version 2
13  * as published by the Free Software Foundation.
14  *
15  * This program is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18  * GNU General Public License for more details.
19  *
20  * You should have received a copy of the GNU General Public License along
21  * with this program; if not, write to the Free Software Foundation, Inc.,
22  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23  */
24 
29 #ifdef HAVE_CONFIG_H
30 #include "config.h"
31 #elif defined(_MSC_VER)
32 #include "config-msvc.h"
33 #endif
34 
35 #include "syshead.h"
36 
37 #include "base64.h"
38 #include "manage.h"
39 #include "otime.h"
40 #include "run_command.h"
41 #include "ssl_verify.h"
42 #include "ssl_verify_backend.h"
43 
44 #ifdef ENABLE_CRYPTO_OPENSSL
45 #include "ssl_verify_openssl.h"
46 #endif
47 #include "auth_token.h"
48 #include "push.h"
49 #include "ssl_util.h"
50 
52 #define TLS_USERNAME_LEN 64
53 
54 static void
56 {
57  string_mod(str, CC_PRINT, CC_CRLF, '_');
58 }
59 
60 /*
61  * Export the untrusted IP address and port to the environment
62  */
63 static void
65 {
66  setenv_link_socket_actual(session->opt->es, "untrusted", &session->untrusted_addr, SA_IP_PORT);
67 }
68 
69 /*
70  * Remove authenticated state from all sessions in the given tunnel
71  */
72 static void
74 {
75  if (multi)
76  {
77  wipe_auth_token(multi);
78  for (int i = 0; i < TM_SIZE; ++i)
79  {
80  for (int j = 0; j < KS_SIZE; ++j)
81  {
82  multi->session[i].key[j].authenticated = KS_AUTH_FALSE;
83  }
84  }
85  }
86 }
87 
88 /*
89  * Set the given session's common_name
90  */
91 static void
92 set_common_name(struct tls_session *session, const char *common_name)
93 {
94  if (session->common_name)
95  {
96  free(session->common_name);
97  session->common_name = NULL;
98  }
99  if (common_name)
100  {
101  /* FIXME: Last alloc will never be freed */
102  session->common_name = string_alloc(common_name, NULL);
103  }
104 }
105 
106 /*
107  * Retrieve the common name for the given tunnel's active session. If the
108  * common name is NULL or empty, return NULL if null is true, or "UNDEF" if
109  * null is false.
110  */
111 const char *
112 tls_common_name(const struct tls_multi *multi, const bool null)
113 {
114  const char *ret = NULL;
115  if (multi)
116  {
117  ret = multi->session[TM_ACTIVE].common_name;
118  }
119  if (ret && strlen(ret))
120  {
121  return ret;
122  }
123  else if (null)
124  {
125  return NULL;
126  }
127  else
128  {
129  return "UNDEF";
130  }
131 }
132 
133 /*
134  * Lock the common name for the given tunnel.
135  */
136 void
138 {
139  const char *cn = multi->session[TM_ACTIVE].common_name;
140  if (cn && !multi->locked_cn)
141  {
142  multi->locked_cn = string_alloc(cn, NULL);
143  }
144 }
145 
146 /*
147  * Lock the username for the given tunnel
148  */
149 static bool
150 tls_lock_username(struct tls_multi *multi, const char *username)
151 {
152  if (multi->locked_username)
153  {
154  if (!username || strcmp(username, multi->locked_username))
155  {
156  msg(D_TLS_ERRORS, "TLS Auth Error: username attempted to change from '%s' to '%s' -- tunnel disabled",
157  multi->locked_username,
158  np(username));
159 
160  /* disable the tunnel */
161  tls_deauthenticate(multi);
162  return false;
163  }
164  }
165  else
166  {
167  if (username)
168  {
169  multi->locked_username = string_alloc(username, NULL);
170  }
171  }
172  return true;
173 }
174 
175 const char *
176 tls_username(const struct tls_multi *multi, const bool null)
177 {
178  const char *ret = NULL;
179  if (multi)
180  {
181  ret = multi->locked_username;
182  }
183  if (ret && strlen(ret))
184  {
185  return ret;
186  }
187  else if (null)
188  {
189  return NULL;
190  }
191  else
192  {
193  return "UNDEF";
194  }
195 }
196 
197 void
198 cert_hash_remember(struct tls_session *session, const int error_depth,
199  const struct buffer *cert_hash)
200 {
201  if (error_depth >= 0 && error_depth < MAX_CERT_DEPTH)
202  {
203  if (!session->cert_hash_set)
204  {
205  ALLOC_OBJ_CLEAR(session->cert_hash_set, struct cert_hash_set);
206  }
207  if (!session->cert_hash_set->ch[error_depth])
208  {
209  ALLOC_OBJ(session->cert_hash_set->ch[error_depth], struct cert_hash);
210  }
211 
212  struct cert_hash *ch = session->cert_hash_set->ch[error_depth];
213  ASSERT(sizeof(ch->sha256_hash) == BLEN(cert_hash));
214  memcpy(ch->sha256_hash, BPTR(cert_hash), sizeof(ch->sha256_hash));
215  }
216 }
217 
218 void
220 {
221  if (chs)
222  {
223  int i;
224  for (i = 0; i < MAX_CERT_DEPTH; ++i)
225  {
226  free(chs->ch[i]);
227  }
228  free(chs);
229  }
230 }
231 
232 bool
233 cert_hash_compare(const struct cert_hash_set *chs1, const struct cert_hash_set *chs2)
234 {
235  if (chs1 && chs2)
236  {
237  int i;
238  for (i = 0; i < MAX_CERT_DEPTH; ++i)
239  {
240  const struct cert_hash *ch1 = chs1->ch[i];
241  const struct cert_hash *ch2 = chs2->ch[i];
242 
243  if (!ch1 && !ch2)
244  {
245  continue;
246  }
247  else if (ch1 && ch2 && !memcmp(ch1->sha256_hash, ch2->sha256_hash,
248  sizeof(ch1->sha256_hash)))
249  {
250  continue;
251  }
252  else
253  {
254  return false;
255  }
256  }
257  return true;
258  }
259  else if (!chs1 && !chs2)
260  {
261  return true;
262  }
263  else
264  {
265  return false;
266  }
267 }
268 
269 static struct cert_hash_set *
270 cert_hash_copy(const struct cert_hash_set *chs)
271 {
272  struct cert_hash_set *dest = NULL;
273  if (chs)
274  {
275  int i;
276  ALLOC_OBJ_CLEAR(dest, struct cert_hash_set);
277  for (i = 0; i < MAX_CERT_DEPTH; ++i)
278  {
279  const struct cert_hash *ch = chs->ch[i];
280  if (ch)
281  {
282  ALLOC_OBJ(dest->ch[i], struct cert_hash);
283  memcpy(dest->ch[i]->sha256_hash, ch->sha256_hash,
284  sizeof(dest->ch[i]->sha256_hash));
285  }
286  }
287  }
288  return dest;
289 }
290 void
292 {
293  const struct cert_hash_set *chs = multi->session[TM_ACTIVE].cert_hash_set;
294  if (chs && !multi->locked_cert_hash_set)
295  {
296  multi->locked_cert_hash_set = cert_hash_copy(chs);
297  }
298 }
299 
300 /*
301  * Returns the string associated with the given certificate type.
302  */
303 static const char *
305 {
306  switch (type)
307  {
309  return "SERVER";
310 
312  return "CLIENT";
313 
314  default:
315  return "?";
316  }
317 }
318 
319 /*
320  * Verify the peer's certificate fields.
321  *
322  * @param opt the tls options to verify against
323  * @param peer_cert the peer's certificate
324  * @param subject the peer's extracted subject name
325  * @param subject the peer's extracted common name
326  */
327 static result_t
328 verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert,
329  const char *subject, const char *common_name)
330 {
331  /* verify certificate nsCertType */
332  if (opt->ns_cert_type != NS_CERT_CHECK_NONE)
333  {
334  if (SUCCESS == x509_verify_ns_cert_type(peer_cert, opt->ns_cert_type))
335  {
336  msg(D_HANDSHAKE, "VERIFY OK: nsCertType=%s",
338  }
339  else
340  {
341  msg(D_HANDSHAKE, "VERIFY nsCertType ERROR: %s, require nsCertType=%s",
342  subject, print_nsCertType(opt->ns_cert_type));
343  return FAILURE; /* Reject connection */
344  }
345  }
346 
347  /* verify certificate ku */
348  if (opt->remote_cert_ku[0] != 0)
349  {
350  if (SUCCESS == x509_verify_cert_ku(peer_cert, opt->remote_cert_ku, MAX_PARMS))
351  {
352  msg(D_HANDSHAKE, "VERIFY KU OK");
353  }
354  else
355  {
356  msg(D_HANDSHAKE, "VERIFY KU ERROR");
357  return FAILURE; /* Reject connection */
358  }
359  }
360 
361  /* verify certificate eku */
362  if (opt->remote_cert_eku != NULL)
363  {
364  if (SUCCESS == x509_verify_cert_eku(peer_cert, opt->remote_cert_eku))
365  {
366  msg(D_HANDSHAKE, "VERIFY EKU OK");
367  }
368  else
369  {
370  msg(D_HANDSHAKE, "VERIFY EKU ERROR");
371  return FAILURE; /* Reject connection */
372  }
373  }
374 
375  /* verify X509 name or username against --verify-x509-[user]name */
377  {
379  && strcmp(opt->verify_x509_name, subject) == 0)
381  && strcmp(opt->verify_x509_name, common_name) == 0)
383  && strncmp(opt->verify_x509_name, common_name,
384  strlen(opt->verify_x509_name)) == 0) )
385  {
386  msg(D_HANDSHAKE, "VERIFY X509NAME OK: %s", subject);
387  }
388  else
389  {
390  msg(D_HANDSHAKE, "VERIFY X509NAME ERROR: %s, must be %s",
391  subject, opt->verify_x509_name);
392  return FAILURE; /* Reject connection */
393  }
394  }
395 
396  return SUCCESS;
397 }
398 
399 /*
400  * Export the subject, common_name, and raw certificate fields to the
401  * environment for later verification by scripts and plugins.
402  */
403 static void
404 verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth,
405  const char *subject, const char *common_name,
406  const struct x509_track *x509_track)
407 {
408  char envname[64];
409  char *serial = NULL;
410  struct gc_arena gc = gc_new();
411 
412  /* Save X509 fields in environment */
413  if (x509_track)
414  {
415  x509_setenv_track(x509_track, es, cert_depth, peer_cert);
416  }
417  else
418  {
419  x509_setenv(es, cert_depth, peer_cert);
420  }
421 
422  /* export subject name string as environmental variable */
423  openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth);
424  setenv_str(es, envname, subject);
425 
426 #if 0
427  /* export common name string as environmental variable */
428  openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth);
429  setenv_str(es, envname, common_name);
430 #endif
431 
432  /* export X509 cert fingerprints */
433  {
434  struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc);
435  struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc);
436 
437  openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth);
438  setenv_str(es, envname,
439  format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc));
440 
441  openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d",
442  cert_depth);
443  setenv_str(es, envname,
444  format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc));
445  }
446 
447  /* export serial number as environmental variable */
448  serial = backend_x509_get_serial(peer_cert, &gc);
449  openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth);
450  setenv_str(es, envname, serial);
451 
452  /* export serial number in hex as environmental variable */
453  serial = backend_x509_get_serial_hex(peer_cert, &gc);
454  openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth);
455  setenv_str(es, envname, serial);
456 
457  gc_free(&gc);
458 }
459 
460 /*
461  * call --tls-verify plug-in(s)
462  */
463 static result_t
464 verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es,
465  int cert_depth, openvpn_x509_cert_t *cert, char *subject)
466 {
468  {
469  int ret;
470  struct argv argv = argv_new();
471 
472  argv_printf(&argv, "%d %s", cert_depth, subject);
473 
474  ret = plugin_call_ssl(plugins, OPENVPN_PLUGIN_TLS_VERIFY, &argv, NULL, es, cert_depth, cert);
475 
476  argv_free(&argv);
477 
478  if (ret == OPENVPN_PLUGIN_FUNC_SUCCESS)
479  {
480  msg(D_HANDSHAKE, "VERIFY PLUGIN OK: depth=%d, %s",
481  cert_depth, subject);
482  }
483  else
484  {
485  msg(D_HANDSHAKE, "VERIFY PLUGIN ERROR: depth=%d, %s",
486  cert_depth, subject);
487  return FAILURE; /* Reject connection */
488  }
489  }
490  return SUCCESS;
491 }
492 
493 static const char *
494 verify_cert_export_cert(openvpn_x509_cert_t *peercert, const char *tmp_dir, struct gc_arena *gc)
495 {
496  FILE *peercert_file;
497  const char *peercert_filename = "";
498 
499  /* create tmp file to store peer cert */
500  if (!tmp_dir
501  || !(peercert_filename = platform_create_temp_file(tmp_dir, "pcf", gc)))
502  {
503  msg(M_NONFATAL, "Failed to create peer cert file");
504  return NULL;
505  }
506 
507  /* write peer-cert in tmp-file */
508  peercert_file = fopen(peercert_filename, "w+");
509  if (!peercert_file)
510  {
511  msg(M_NONFATAL|M_ERRNO, "Failed to open temporary file: %s",
512  peercert_filename);
513  return NULL;
514  }
515 
516  if (SUCCESS != x509_write_pem(peercert_file, peercert))
517  {
518  msg(M_NONFATAL, "Error writing PEM file containing certificate");
519  (void) platform_unlink(peercert_filename);
520  peercert_filename = NULL;
521  }
522 
523  fclose(peercert_file);
524  return peercert_filename;
525 }
526 
527 
528 /*
529  * run --tls-verify script
530  */
531 static result_t
532 verify_cert_call_command(const char *verify_command, struct env_set *es,
533  int cert_depth, openvpn_x509_cert_t *cert, char *subject, const char *verify_export_cert)
534 {
535  const char *tmp_file = NULL;
536  int ret;
537  struct gc_arena gc = gc_new();
538  struct argv argv = argv_new();
539 
540  setenv_str(es, "script_type", "tls-verify");
541 
542  if (verify_export_cert)
543  {
544  tmp_file = verify_cert_export_cert(cert, verify_export_cert, &gc);
545  if (!tmp_file)
546  {
547  ret = false;
548  goto cleanup;
549  }
550  setenv_str(es, "peer_cert", tmp_file);
551  }
552 
553  argv_parse_cmd(&argv, verify_command);
554  argv_printf_cat(&argv, "%d %s", cert_depth, subject);
555 
556  argv_msg_prefix(D_TLS_DEBUG, &argv, "TLS: executing verify command");
557  ret = openvpn_run_script(&argv, es, 0, "--tls-verify script");
558 
559  if (verify_export_cert)
560  {
561  if (tmp_file)
562  {
563  platform_unlink(tmp_file);
564  }
565  }
566 
567 cleanup:
568  gc_free(&gc);
569  argv_free(&argv);
570 
571  if (ret)
572  {
573  msg(D_HANDSHAKE, "VERIFY SCRIPT OK: depth=%d, %s",
574  cert_depth, subject);
575  return SUCCESS;
576  }
577 
578  msg(D_HANDSHAKE, "VERIFY SCRIPT ERROR: depth=%d, %s",
579  cert_depth, subject);
580  return FAILURE; /* Reject connection */
581 }
582 
583 /*
584  * check peer cert against CRL directory
585  */
586 static result_t
587 verify_check_crl_dir(const char *crl_dir, openvpn_x509_cert_t *cert,
588  const char *subject, int cert_depth)
589 {
590  result_t ret = FAILURE;
591  char fn[256];
592  int fd = -1;
593  struct gc_arena gc = gc_new();
594 
595  char *serial = backend_x509_get_serial(cert, &gc);
596  if (!serial)
597  {
598  msg(D_HANDSHAKE, "VERIFY CRL: depth=%d, %s, serial number is not available",
599  cert_depth, subject);
600  goto cleanup;
601  }
602 
603  if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, PATH_SEPARATOR, serial))
604  {
605  msg(D_HANDSHAKE, "VERIFY CRL: filename overflow");
606  goto cleanup;
607  }
608  fd = platform_open(fn, O_RDONLY, 0);
609  if (fd >= 0)
610  {
611  msg(D_HANDSHAKE, "VERIFY CRL: depth=%d, %s, serial=%s is revoked",
612  cert_depth, subject, serial);
613  goto cleanup;
614  }
615 
616  ret = SUCCESS;
617 
618 cleanup:
619 
620  if (fd != -1)
621  {
622  close(fd);
623  }
624  gc_free(&gc);
625  return ret;
626 }
627 
628 result_t
629 verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
630 {
631  result_t ret = FAILURE;
632  char *subject = NULL;
633  const struct tls_options *opt;
634  struct gc_arena gc = gc_new();
635 
636  opt = session->opt;
637  ASSERT(opt);
638 
639  session->verified = false;
640 
641  /* get the X509 name */
642  subject = x509_get_subject(cert, &gc);
643  if (!subject)
644  {
645  msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, could not extract X509 "
646  "subject string from certificate", cert_depth);
647  goto cleanup;
648  }
649 
650  /* enforce character class restrictions in X509 name */
651  string_mod_remap_name(subject);
652  string_replace_leading(subject, '-', '_');
653 
654  /* extract the username (default is CN) */
655  struct buffer buf = alloc_buf_gc(256, &gc);
656  for (int i = 0; opt->x509_username_field[i] != NULL; i++)
657  {
658  char username[TLS_USERNAME_LEN+1] = {0}; /* null-terminated */
659 
660  if (SUCCESS != backend_x509_get_username(username, sizeof(username),
661  opt->x509_username_field[i], cert))
662  {
663  if (!cert_depth)
664  {
665  msg(D_TLS_ERRORS, "VERIFY ERROR: could not extract %s from X509 "
666  "subject string ('%s') -- note that the field length is "
667  "limited to %d characters",
668  opt->x509_username_field[i],
669  subject,
671  goto cleanup;
672  }
673  break;
674  }
675  if (!buf_printf(&buf, i ? "_%s" : "%s", username))
676  {
677  if (!cert_depth)
678  {
679  msg(D_TLS_ERRORS, "VERIFY ERROR: could not append %s from X509 "
680  "certificate -- note that the username length is "
681  "limited to %d characters",
682  opt->x509_username_field[i],
683  buf.capacity - 1);
684  goto cleanup;
685  }
686  break;
687  }
688  }
689 
690  char *common_name = BSTR(&buf);
691  if (!common_name)
692  {
693  msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, could not extract X509 "
694  "username string from certificate", cert_depth);
695  goto cleanup;
696  }
697 
698  /* enforce character class restrictions in common name */
699  string_mod_remap_name(common_name);
700 
701  /* warn if cert chain is too deep */
702  if (cert_depth >= MAX_CERT_DEPTH)
703  {
704  msg(D_TLS_ERRORS, "TLS Error: Convoluted certificate chain detected with depth [%d] greater than %d", cert_depth, MAX_CERT_DEPTH);
705  goto cleanup; /* Reject connection */
706  }
707 
708  if (cert_depth == opt->verify_hash_depth && opt->verify_hash)
709  {
710  struct buffer cert_fp = {0};
711 
712  switch (opt->verify_hash_algo)
713  {
714  case MD_SHA1:
715  cert_fp = x509_get_sha1_fingerprint(cert, &gc);
716  break;
717 
718  case MD_SHA256:
719  cert_fp = x509_get_sha256_fingerprint(cert, &gc);
720  break;
721 
722  default:
723  /* This should normally not happen at all; the algorithm used
724  * is parsed by add_option() [options.c] and set to a predefined
725  * value in an enumerated type. So if this unlikely scenario
726  * happens, consider this a failure
727  */
728  msg(M_WARN, "Unexpected invalid algorithm used with "
729  "--verify-hash (%i)", opt->verify_hash_algo);
730  ret = FAILURE;
731  goto cleanup;
732  }
733 
734  struct verify_hash_list *current_hash = opt->verify_hash;
735 
736  while (current_hash)
737  {
738  if (memcmp_constant_time(BPTR(&cert_fp), current_hash->hash,
739  BLEN(&cert_fp)) == 0)
740  {
741  break;
742  }
743  current_hash = current_hash->next;
744  }
745 
746  if (!current_hash)
747  {
748  const char *hex_fp = format_hex_ex(BPTR(&cert_fp), BLEN(&cert_fp),
749  0, 1, ":", &gc);
750  msg(D_TLS_ERRORS, "TLS Error: --tls-verify/--peer-fingerprint"
751  "certificate hash verification failed. (got "
752  "fingerprint: %s", hex_fp);
753  goto cleanup;
754  }
755  }
756 
757  /* save common name in session object */
758  if (cert_depth == 0)
759  {
760  set_common_name(session, common_name);
761  }
762 
763  session->verify_maxlevel = max_int(session->verify_maxlevel, cert_depth);
764 
765  /* export certificate values to the environment */
766  verify_cert_set_env(opt->es, cert, cert_depth, subject, common_name,
767  opt->x509_track);
768 
769  /* export current untrusted IP */
770  setenv_untrusted(session);
771 
772  /* If this is the peer's own certificate, verify it */
773  if (cert_depth == 0 && SUCCESS != verify_peer_cert(opt, cert, subject, common_name))
774  {
775  goto cleanup;
776  }
777 
778  /* call --tls-verify plug-in(s), if registered */
779  if (SUCCESS != verify_cert_call_plugin(opt->plugins, opt->es, cert_depth, cert, subject))
780  {
781  goto cleanup;
782  }
783 
784  /* run --tls-verify script */
786  opt->es, cert_depth, cert, subject, opt->verify_export_cert))
787  {
788  goto cleanup;
789  }
790 
791  /* check peer cert against CRL */
792  if (opt->crl_file)
793  {
794  if (opt->ssl_flags & SSLF_CRL_VERIFY_DIR)
795  {
796  if (SUCCESS != verify_check_crl_dir(opt->crl_file, cert, subject, cert_depth))
797  {
798  goto cleanup;
799  }
800  }
801  else
802  {
803  if (tls_verify_crl_missing(opt))
804  {
805  msg(D_TLS_ERRORS, "VERIFY ERROR: CRL not loaded");
806  goto cleanup;
807  }
808  }
809  }
810 
811  msg(D_HANDSHAKE, "VERIFY OK: depth=%d, %s", cert_depth, subject);
812  session->verified = true;
813  ret = SUCCESS;
814 
815 cleanup:
816 
817  if (ret != SUCCESS)
818  {
819  tls_clear_error(); /* always? */
820  session->verified = false; /* double sure? */
821  }
822  gc_free(&gc);
823 
824  return ret;
825 }
826 
827 /* ***************************************************************************
828 * Functions for the management of deferred authentication when using
829 * user/password authentication.
830 *************************************************************************** */
831 
832 void
833 auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
834 {
835  free(multi->client_reason);
836  multi->client_reason = NULL;
837 
838  if (client_reason && strlen(client_reason))
839  {
840  multi->client_reason = string_alloc(client_reason, NULL);
841  }
842 }
843 
844 #ifdef ENABLE_MANAGEMENT
845 
846 static inline enum auth_deferred_result
847 man_def_auth_test(const struct key_state *ks)
848 {
850  {
851  return ks->mda_status;
852  }
853  else
854  {
855  return ACF_DISABLED;
856  }
857 }
858 #endif /* ifdef ENABLE_MANAGEMENT */
859 
864 static void
866 {
867  if (ads && ads->auth_pending_file)
868  {
870  free(ads->auth_pending_file);
871  ads->auth_pending_file = NULL;
872  }
873 }
874 
878 static bool
879 check_auth_pending_method(const char *peer_info, const char *method)
880 {
881  struct gc_arena gc = gc_new();
882 
883  char *iv_sso = extract_var_peer_info(peer_info, "IV_SSO=", &gc);
884  if (!iv_sso)
885  {
886  gc_free(&gc);
887  return false;
888  }
889 
890  const char *client_method = strtok(iv_sso, ",");
891  bool supported = false;
892 
893  while (client_method)
894  {
895  if (0 == strcmp(client_method, method))
896  {
897  supported = true;
898  break;
899  }
900  client_method = strtok(NULL, ",");
901  }
902 
903  gc_free(&gc);
904  return supported;
905 }
906 
915 static bool
917  struct tls_multi *multi)
918 {
919  bool ret = true;
920  if (ads->auth_pending_file)
921  {
922  struct buffer_list *lines = buffer_list_file(ads->auth_pending_file,
923  1024);
924  if (lines && lines->head)
925  {
926  /* Must have at least three lines. further lines are ignored for
927  * forward compatibility */
928  if (!lines->head || !lines->head->next || !lines->head->next->next)
929  {
930  msg(M_WARN, "auth pending control file is not at least "
931  "three lines long.");
932  buffer_list_free(lines);
933  return false;
934  }
935  struct buffer *timeout_buf = &lines->head->buf;
936  struct buffer *iv_buf = &lines->head->next->buf;
937  struct buffer *extra_buf = &lines->head->next->next->buf;
938 
939  /* Remove newline chars at the end of the lines */
940  buf_chomp(timeout_buf);
941  buf_chomp(iv_buf);
942  buf_chomp(extra_buf);
943 
944  long timeout = strtol(BSTR(timeout_buf), NULL, 10);
945  if (timeout == 0)
946  {
947  msg(M_WARN, "could not parse auth pending file timeout");
948  buffer_list_free(lines);
949  return false;
950  }
951 
952  const char* pending_method = BSTR(iv_buf);
953  if (!check_auth_pending_method(multi->peer_info, pending_method))
954  {
955  char buf[128];
956  openvpn_snprintf(buf, sizeof(buf),
957  "Authentication failed, required pending auth "
958  "method '%s' not supported", pending_method);
959  auth_set_client_reason(multi, buf);
960  msg(M_INFO, "Client does not supported auth pending method "
961  "'%s'", pending_method);
962  ret = false;
963  }
964  else
965  {
966  send_auth_pending_messages(multi, BSTR(extra_buf), timeout);
967  }
968  }
969 
970  buffer_list_free(lines);
971  }
973  return ret;
974 }
975 
976 
981 void
983 {
984  if (ads->auth_control_file)
985  {
987  free(ads->auth_control_file);
988  ads->auth_control_file = NULL;
989  }
991 }
992 
999 static bool
1001  const struct tls_options *opt)
1002 {
1003  struct gc_arena gc = gc_new();
1004 
1006  const char *acf = platform_create_temp_file(opt->tmp_dir, "acf", &gc);
1007  const char *apf = platform_create_temp_file(opt->tmp_dir, "apf", &gc);
1008 
1009  if (acf && apf)
1010  {
1011  ads->auth_control_file = string_alloc(acf, NULL);
1012  ads->auth_pending_file = string_alloc(apf, NULL);
1013  setenv_str(opt->es, "auth_control_file", ads->auth_control_file);
1014  setenv_str(opt->es, "auth_pending_file", ads->auth_pending_file);
1015  }
1016 
1017  gc_free(&gc);
1018  return (acf && apf);
1019 }
1020 
1031 static enum auth_deferred_result
1033 {
1034  if (ads->auth_control_file)
1035  {
1036  unsigned int ret = ads->auth_control_status;
1037  if (ret == ACF_PENDING && !cached)
1038  {
1039  FILE *fp = fopen(ads->auth_control_file, "r");
1040  if (fp)
1041  {
1042  const int c = fgetc(fp);
1043  if (c == '1')
1044  {
1045  ret = ACF_SUCCEEDED;
1046  }
1047  else if (c == '0')
1048  {
1049  ret = ACF_FAILED;
1050  }
1051  fclose(fp);
1052  ads->auth_control_status = ret;
1053  }
1054  }
1055  return ret;
1056  }
1057  return ACF_DISABLED;
1058 }
1059 
1067 static void
1068 update_key_auth_status(bool cached, struct key_state *ks)
1069 {
1070  if (ks->authenticated == KS_AUTH_FALSE)
1071  {
1072  return;
1073  }
1074  else
1075  {
1076  enum auth_deferred_result auth_plugin = ACF_DISABLED;
1077  enum auth_deferred_result auth_script = ACF_DISABLED;
1078  enum auth_deferred_result auth_man = ACF_DISABLED;
1079  auth_plugin = key_state_test_auth_control_file(&ks->plugin_auth, cached);
1080  auth_script = key_state_test_auth_control_file(&ks->script_auth, cached);
1081 #ifdef ENABLE_MANAGEMENT
1082  auth_man = man_def_auth_test(ks);
1083 #endif
1084  ASSERT(auth_plugin < 4 && auth_script < 4 && auth_man < 4);
1085 
1086  if (auth_plugin == ACF_FAILED || auth_script == ACF_FAILED
1087  || auth_man == ACF_FAILED)
1088  {
1090  return;
1091  }
1092  else if (auth_plugin == ACF_PENDING || auth_script == ACF_PENDING
1093  || auth_man == ACF_PENDING)
1094  {
1095  if (now >= ks->auth_deferred_expire)
1096  {
1097  /* Window to authenticate the key has expired, mark
1098  * the key as unauthenticated */
1100  }
1101  }
1102  else
1103  {
1104  /* all auth states (auth_plugin, auth_script, auth_man)
1105  * are either ACF_DISABLED or ACF_SUCCEDED now, which
1106  * translates to "not checked" or "auth succeeded"
1107  */
1109  }
1110  }
1111 }
1112 
1113 
1120 static time_t cache_intervals[] = {0, 0, 0, 0, 0, 1, 1, 2, 2, 4, 8};
1121 
1126 static bool
1128 {
1129  unsigned int idx = min_uint(multi->tas_cache_num_updates, SIZE(cache_intervals) - 1);
1130  time_t latency = cache_intervals[idx];
1131  return multi->tas_cache_last_update + latency >= now;
1132 }
1133 
1134 enum tls_auth_status
1136 {
1137  bool deferred = false;
1138 
1139  /* at least one valid key has successfully completed authentication */
1140  bool success = false;
1141 
1142  /* at least one key is enabled for decryption */
1143  int active = 0;
1144 
1145  /* at least one key already failed authentication */
1146  bool failed_auth = false;
1147 
1148  bool cached = tls_authentication_status_use_cache(multi);
1149 
1150  for (int i = 0; i < KEY_SCAN_SIZE; ++i)
1151  {
1152  struct key_state *ks = get_key_scan(multi, i);
1153  if (TLS_AUTHENTICATED(multi, ks))
1154  {
1155  active++;
1156  update_key_auth_status(cached, ks);
1157 
1158  if (ks->authenticated == KS_AUTH_FALSE)
1159  {
1160  failed_auth = true;
1161  }
1162  else if (ks->authenticated == KS_AUTH_DEFERRED)
1163  {
1164  deferred = true;
1165  }
1166  else if (ks->authenticated == KS_AUTH_TRUE)
1167  {
1168  success = true;
1169  }
1170  }
1171  }
1172 
1173  /* we did not rely on a cached result, remember the cache update time */
1174  if (!cached)
1175  {
1176  multi->tas_cache_last_update = now;
1177  multi->tas_cache_num_updates++;
1178  }
1179 
1180 #if 0
1181  dmsg(D_TLS_ERRORS, "TAS: a=%d s=%d d=%d f=%d", active, success, deferred, failed_auth);
1182 #endif
1183  if (failed_auth)
1184  {
1185  /* We have at least one session that failed authentication. There
1186  * might be still another session with valid keys.
1187  * Although our protocol allows keeping the VPN session alive
1188  * with the other session (and we actually did that in earlier
1189  * version, this behaviour is really strange from a user (admin)
1190  * experience */
1192  }
1193  else if (success)
1194  {
1196  }
1197  else if (active == 0 || deferred)
1198  {
1199  /* We have a deferred authentication and no currently active key
1200  * (first auth, no renegotiation) */
1202  }
1203  else
1204  {
1205  /* at least one key is active but none is fully authenticated (!success)
1206  * and all active are either failed authed or expired deferred auth */
1208  }
1209 }
1210 
1211 #ifdef ENABLE_MANAGEMENT
1212 /*
1213  * For deferred auth, this is where the management interface calls (on server)
1214  * to indicate auth failure/success.
1215  */
1216 bool
1217 tls_authenticate_key(struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason)
1218 {
1219  bool ret = false;
1220  if (multi)
1221  {
1222  int i;
1223  auth_set_client_reason(multi, client_reason);
1224  for (i = 0; i < KEY_SCAN_SIZE; ++i)
1225  {
1226  struct key_state *ks = get_key_scan(multi, i);
1227  if (ks->mda_key_id == mda_key_id)
1228  {
1229  ks->mda_status = auth ? ACF_SUCCEEDED : ACF_FAILED;
1230  ret = true;
1231  }
1232  }
1233  }
1234  return ret;
1235 }
1236 #endif /* ifdef ENABLE_MANAGEMENT */
1237 
1238 
1239 /* ****************************************************************************
1240  * Functions to verify username and password
1241  *
1242  * Authenticate a client using username/password.
1243  * Runs on server.
1244  *
1245  * If you want to add new authentication methods,
1246  * this is the place to start.
1247  *************************************************************************** */
1248 
1249 /*
1250  * Verify the user name and password using a script
1251  */
1252 static int
1254  const struct user_pass *up)
1255 {
1256  struct gc_arena gc = gc_new();
1257  struct argv argv = argv_new();
1258  const char *tmp_file = "";
1259  int retval = OPENVPN_PLUGIN_FUNC_ERROR;
1260  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1261 
1262  /* Set environmental variables prior to calling script */
1263  setenv_str(session->opt->es, "script_type", "user-pass-verify");
1264 
1265  /* format command line */
1267 
1269  {
1270  struct status_output *so;
1271 
1272  tmp_file = platform_create_temp_file(session->opt->tmp_dir, "up",
1273  &gc);
1274  if (tmp_file)
1275  {
1276  so = status_open(tmp_file, 0, -1, NULL, STATUS_OUTPUT_WRITE);
1277  status_printf(so, "%s", up->username);
1278  status_printf(so, "%s", up->password);
1279  if (!status_close(so))
1280  {
1281  msg(D_TLS_ERRORS, "TLS Auth Error: could not write username/password to file: %s",
1282  tmp_file);
1283  goto done;
1284  }
1285  /* pass temp file name to script */
1286  argv_printf_cat(&argv, "%s", tmp_file);
1287  }
1288  }
1289  else
1290  {
1291  setenv_str(session->opt->es, "username", up->username);
1292  setenv_str(session->opt->es, "password", up->password);
1293  }
1294 
1295  /* generate filename for deferred auth control file */
1296  if (!key_state_gen_auth_control_files(&ks->script_auth, session->opt))
1297  {
1298  msg(D_TLS_ERRORS, "TLS Auth Error (%s): "
1299  "could not create deferred auth control file", __func__);
1301  }
1302 
1303  /* call command */
1304  int script_ret = openvpn_run_script(&argv, session->opt->es, S_EXITCODE,
1305  "--auth-user-pass-verify");
1306  switch (script_ret)
1307  {
1308  case 0:
1309  retval = OPENVPN_PLUGIN_FUNC_SUCCESS;
1310  break;
1311  case 2:
1313  break;
1314  default:
1315  retval = OPENVPN_PLUGIN_FUNC_ERROR;
1316  break;
1317  }
1318  if (retval == OPENVPN_PLUGIN_FUNC_DEFERRED)
1319  {
1320  /* Check if we the plugin has written the pending auth control
1321  * file and send the pending auth to the client */
1323  multi))
1324  {
1325  retval = OPENVPN_PLUGIN_FUNC_ERROR;
1327  }
1328 
1329  }
1330  else
1331  {
1332  /* purge auth control filename (and file itself) for non-deferred returns */
1334  }
1336  {
1337  setenv_del(session->opt->es, "password");
1338  }
1339 
1340 done:
1341  if (tmp_file && strlen(tmp_file) > 0)
1342  {
1343  platform_unlink(tmp_file);
1344  }
1345 
1346  argv_free(&argv);
1347  gc_free(&gc);
1348  return retval;
1349 }
1350 
1351 /*
1352  * Verify the username and password using a plugin
1353  */
1354 static int
1356  const struct user_pass *up)
1357 {
1358  int retval = OPENVPN_PLUGIN_FUNC_ERROR;
1359  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1360 
1361  /* set password in private env space */
1362  setenv_str(session->opt->es, "password", up->password);
1363 
1364  /* generate filename for deferred auth control file */
1365  if (!key_state_gen_auth_control_files(&ks->plugin_auth, session->opt))
1366  {
1367  msg(D_TLS_ERRORS, "TLS Auth Error (%s): "
1368  "could not create deferred auth control file", __func__);
1369  return retval;
1370  }
1371 
1372  /* call command */
1373  retval = plugin_call(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, NULL, NULL, session->opt->es);
1374 
1375  if (retval == OPENVPN_PLUGIN_FUNC_DEFERRED)
1376  {
1377  /* Check if the plugin has written the pending auth control
1378  * file and send the pending auth to the client */
1380  {
1381  retval = OPENVPN_PLUGIN_FUNC_ERROR;
1383  }
1384  }
1385  else
1386  {
1387  /* purge auth control filename (and file itself) for non-deferred returns */
1389  }
1390 
1391  setenv_del(session->opt->es, "password");
1392 
1393  return retval;
1394 }
1395 
1396 
1397 #ifdef ENABLE_MANAGEMENT
1398 /*
1399  * management deferred internal ssl_verify.c status codes
1400  */
1401 #define KMDA_ERROR 0
1402 #define KMDA_SUCCESS 1
1403 #define KMDA_UNDEF 2
1404 #define KMDA_DEF 3
1405 
1406 static int
1408  struct tls_multi *multi,
1409  const struct user_pass *up)
1410 {
1411  int retval = KMDA_ERROR;
1412  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1413 
1414  /* set username/password in private env space */
1415  setenv_str(session->opt->es, "password", up->password);
1416 
1417  if (management)
1418  {
1420  }
1421 
1422  setenv_del(session->opt->es, "password");
1423 
1424  retval = KMDA_SUCCESS;
1425 
1426  return retval;
1427 }
1428 #endif /* ifdef ENABLE_MANAGEMENT */
1429 
1430 static bool
1432  struct tls_session *session)
1433 {
1434  /* Is username defined? */
1435  if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
1436  {
1437  setenv_str(session->opt->es, "username", up->username);
1438 
1439  /* setenv incoming cert common name for script */
1440  setenv_str(session->opt->es, "common_name", session->common_name);
1441 
1442  /* setenv client real IP address */
1443  setenv_untrusted(session);
1444 
1445  /*
1446  * if we are using auth-gen-token, send also the session id of auth gen token to
1447  * allow the management to figure out if it is a new session or a continued one
1448  */
1449  add_session_token_env(session, multi, up);
1450  return true;
1451  }
1452  else
1453  {
1454  msg(D_TLS_ERRORS, "TLS Auth Error: peer provided a blank username");
1455  return false;
1456  }
1457 }
1458 
1465 void
1466 verify_user_pass(struct user_pass *up, struct tls_multi *multi,
1467  struct tls_session *session)
1468 {
1469  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1470 
1471 #ifdef ENABLE_MANAGEMENT
1472  int man_def_auth = KMDA_UNDEF;
1473 
1475  {
1476  man_def_auth = KMDA_DEF;
1477  }
1478 #endif
1479 
1480  /* enforce character class restrictions in username/password */
1482  string_mod(up->password, CC_PRINT, CC_CRLF, '_');
1483 
1484  /*
1485  * If auth token succeeds we skip the auth
1486  * methods unless otherwise specified
1487  */
1488  bool skip_auth = false;
1489 
1490  /*
1491  * If server is configured with --auth-gen-token and the client sends
1492  * something that looks like an authentication token, this
1493  * round will be done internally using the token instead of
1494  * calling any external authentication modules.
1495  */
1496  if (session->opt->auth_token_generate && is_auth_token(up->password))
1497  {
1498  ks->auth_token_state_flags = verify_auth_token(up, multi, session);
1499 
1500  /* If this is the first time we see an auth-token in this multi session,
1501  * save it as initial auth token. This ensures using the
1502  * same session ID and initial timestamp in new tokens */
1503  if (!multi->auth_token_initial)
1504  {
1505  multi->auth_token_initial = strdup(up->password);
1506  }
1507 
1508  if (session->opt->auth_token_call_auth)
1509  {
1510  /*
1511  * we do not care about the result here because it is
1512  * the responsibility of the external authentication to
1513  * decide what to do with the result
1514  */
1515  }
1517  {
1518  /*
1519  * We do not want the EXPIRED or EMPTY USER flags here so check
1520  * for equality with AUTH_TOKEN_HMAC_OK
1521  */
1522  msg(M_WARN, "TLS: Username/auth-token authentication "
1523  "succeeded for username '%s'",
1524  up->username);
1525  skip_auth = true;
1526  }
1527  else
1528  {
1529  wipe_auth_token(multi);
1531  msg(M_WARN, "TLS: Username/auth-token authentication "
1532  "failed for username '%s'", up->username);
1533  return;
1534  }
1535  }
1536 
1537  int plugin_status = OPENVPN_PLUGIN_FUNC_SUCCESS;
1538  int script_status = OPENVPN_PLUGIN_FUNC_SUCCESS;
1539  /* Set the environment variables used by all auth variants */
1540  if (!set_verify_user_pass_env(up, multi, session))
1541  {
1542  skip_auth = true;
1543  plugin_status = OPENVPN_PLUGIN_FUNC_ERROR;
1544  }
1545 
1546  /* call plugin(s) and/or script */
1547  if (!skip_auth)
1548  {
1549 #ifdef ENABLE_MANAGEMENT
1550  if (man_def_auth == KMDA_DEF)
1551  {
1552  man_def_auth = verify_user_pass_management(session, multi, up);
1553  }
1554 #endif
1556  {
1557  plugin_status = verify_user_pass_plugin(session, multi, up);
1558  }
1559 
1560  if (session->opt->auth_user_pass_verify_script)
1561  {
1562  script_status = verify_user_pass_script(session, multi, up);
1563  }
1564  }
1565 
1566  /* check sizing of username if it will become our common name */
1567  if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME)
1568  && strlen(up->username)>TLS_USERNAME_LEN)
1569  {
1570  msg(D_TLS_ERRORS,
1571  "TLS Auth Error: --username-as-common name specified and username is longer than the maximum permitted Common Name length of %d characters",
1573  plugin_status = OPENVPN_PLUGIN_FUNC_ERROR;
1574  script_status = OPENVPN_PLUGIN_FUNC_ERROR;
1575  }
1576  /* auth succeeded? */
1577  bool plugin_ok = plugin_status == OPENVPN_PLUGIN_FUNC_SUCCESS
1578  || plugin_status == OPENVPN_PLUGIN_FUNC_DEFERRED;
1579 
1580  bool script_ok = script_status == OPENVPN_PLUGIN_FUNC_SUCCESS
1581  || script_status == OPENVPN_PLUGIN_FUNC_DEFERRED;
1582 
1583  if (script_ok && plugin_ok && tls_lock_username(multi, up->username)
1584 #ifdef ENABLE_MANAGEMENT
1585  && man_def_auth != KMDA_ERROR
1586 #endif
1587  )
1588  {
1590  if (plugin_status == OPENVPN_PLUGIN_FUNC_DEFERRED
1591  || script_status == OPENVPN_PLUGIN_FUNC_DEFERRED)
1592  {
1594  }
1595 #ifdef ENABLE_MANAGEMENT
1596  if (man_def_auth != KMDA_UNDEF)
1597  {
1599  }
1600 #endif
1601  if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME))
1602  {
1603  set_common_name(session, up->username);
1604  }
1605 
1606  if ((session->opt->auth_token_generate))
1607  {
1608  /*
1609  * If we accepted a (not expired) token, i.e.
1610  * initial auth via token on new connection, we need
1611  * to store the auth-token in multi->auth_token, so
1612  * the initial timestamp and session id can be extracted from it
1613  */
1614  if (!multi->auth_token
1617  {
1618  multi->auth_token = strdup(up->password);
1619  }
1620 
1621  /*
1622  * Server is configured with --auth-gen-token. Generate or renew
1623  * the token.
1624  */
1625  generate_auth_token(up, multi);
1626  }
1627 
1628  msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
1629  (ks->authenticated == KS_AUTH_DEFERRED) ? "deferred" : "succeeded",
1630  up->username,
1631  (session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
1632  }
1633  else
1634  {
1636  msg(D_TLS_ERRORS, "TLS Auth Error: Auth Username/Password verification failed for peer");
1637  }
1638 }
1639 
1640 void
1642 {
1643  struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
1644 
1645  /* While it shouldn't really happen, don't allow the common name to be NULL */
1646  if (!session->common_name)
1647  {
1648  set_common_name(session, "");
1649  }
1650 
1651  /* Don't allow the CN to change once it's been locked */
1652  if (ks->authenticated > KS_AUTH_FALSE && multi->locked_cn)
1653  {
1654  const char *cn = session->common_name;
1655  if (cn && strcmp(cn, multi->locked_cn))
1656  {
1657  msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN attempted to change from '%s' to '%s' -- tunnel disabled",
1658  multi->locked_cn,
1659  cn);
1660 
1661  /* change the common name back to its original value and disable the tunnel */
1662  set_common_name(session, multi->locked_cn);
1663  tls_deauthenticate(multi);
1664  }
1665  }
1666 
1667  /* Don't allow the cert hashes to change once they have been locked */
1668  if (ks->authenticated > KS_AUTH_FALSE && multi->locked_cert_hash_set)
1669  {
1670  const struct cert_hash_set *chs = session->cert_hash_set;
1671  if (chs && !cert_hash_compare(chs, multi->locked_cert_hash_set))
1672  {
1673  msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN=%s client-provided SSL certs unexpectedly changed during mid-session reauth",
1674  session->common_name);
1675 
1676  /* disable the tunnel */
1677  tls_deauthenticate(multi);
1678  }
1679  }
1680 
1681  /* verify --client-config-dir based authentication */
1683  {
1684  struct gc_arena gc = gc_new();
1685 
1686  const char *cn = session->common_name;
1687  const char *path = platform_gen_path(session->opt->client_config_dir_exclusive,
1688  cn, &gc);
1689  if (!cn || !strcmp(cn, CCD_DEFAULT) || !platform_test_file(path))
1690  {
1692  wipe_auth_token(multi);
1693  msg(D_TLS_ERRORS, "TLS Auth Error: --client-config-dir authentication failed for common name '%s' file='%s'",
1694  session->common_name,
1695  path ? path : "UNDEF");
1696  }
1697 
1698  gc_free(&gc);
1699  }
1700 }
1701 
1702 void
1704 {
1705  struct env_item *item = es->list;
1706  while (item)
1707  {
1708  struct env_item *next = item->next;
1709  if (item->string
1710  && 0 == strncmp("X509_", item->string, strlen("X509_")))
1711  {
1712  env_set_del(es, item->string);
1713  }
1714  item = next;
1715  }
1716 }
#define M_NONFATAL
Definition: error.h:99
static bool tls_lock_username(struct tls_multi *multi, const char *username)
Definition: ssl_verify.c:150
bool argv_printf_cat(struct argv *argres, const char *format,...)
printf() inspired argv concatenation.
Definition: argv.c:466
uint8_t hash[SHA256_DIGEST_LENGTH]
Definition: options.h:208
void add_session_token_env(struct tls_session *session, struct tls_multi *multi, const struct user_pass *up)
Put the session id, and auth token status into the environment if auth-token is enabled.
Definition: auth_token.c:54
#define VERIFY_X509_SUBJECT_RDN
Definition: ssl_verify.h:65
#define TM_ACTIVE
Active tls_session.
Definition: ssl_common.h:508
const char * tmp_dir
Definition: ssl_common.h:366
Security parameter state of one TLS and data channel key session.
Definition: ssl_common.h:203
struct key_state key[KS_SIZE]
Definition: ssl_common.h:488
const char * crl_file
Definition: ssl_common.h:330
#define SSLF_CRL_VERIFY_DIR
Definition: ssl_common.h:396
static void verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth, const char *subject, const char *common_name, const struct x509_track *x509_track)
Definition: ssl_verify.c:404
#define ALLOC_OBJ(dptr, type)
Definition: buffer.h:1045
void generate_auth_token(const struct user_pass *up, struct tls_multi *multi)
Generate an auth token based on username and timestamp.
Definition: auth_token.c:177
char * string_alloc(const char *str, struct gc_arena *gc)
Definition: buffer.c:685
struct buffer_list * buffer_list_file(const char *fn, int max_line_len)
Definition: buffer.c:1375
#define D_TLS_DEBUG
Definition: errlevel.h:159
struct argv argv_new(void)
Allocates a new struct argv and ensures it is initialised.
Definition: argv.c:90
#define STATUS_OUTPUT_WRITE
Definition: status.h:51
#define SSLF_USERNAME_AS_COMMON_NAME
Definition: ssl_common.h:393
#define VERIFY_X509_SUBJECT_DN
Definition: ssl_verify.h:64
#define M_INFO
Definition: errlevel.h:55
unsigned int auth_control_status
Definition: ssl_common.h:173
struct buffer_entry * head
Definition: buffer.h:1112
#define AUTH_TOKEN_EXPIRED
Auth-token sent from client has expired.
Definition: ssl_common.h:630
enum ks_auth_state authenticated
Definition: ssl_common.h:247
struct tls_options * opt
Definition: ssl_common.h:457
int verify_maxlevel
Definition: ssl_common.h:477
#define SSLF_AUTH_USER_PASS_OPTIONAL
Definition: ssl_common.h:394
char * peer_info
Definition: ssl_common.h:619
#define SA_IP_PORT
Definition: socket.h:365
char * auth_token_initial
The first auth-token we sent to a client.
Definition: ssl_common.h:624
static void gc_free(struct gc_arena *a)
Definition: buffer.h:1023
bool verified
Definition: ssl_common.h:483
static int plugin_call(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es)
Definition: plugin.h:202
const char * auth_user_pass_verify_script
Definition: ssl_common.h:364
#define KMDA_SUCCESS
Definition: ssl_verify.c:1402
Security parameter state for a single VPN tunnel.
Definition: ssl_common.h:566
#define NS_CERT_CHECK_CLIENT
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:208
#define D_TLS_ERRORS
Definition: errlevel.h:59
#define CC_PRINT
Definition: buffer.h:915
X509 openvpn_x509_cert_t
const char * client_config_dir_exclusive
Definition: ssl_common.h:378
int verify_x509_type
Definition: ssl_common.h:328
void buffer_list_free(struct buffer_list *ol)
Frees a buffer list and all the buffers in it.
Definition: buffer.c:1207
result_t x509_verify_cert_ku(openvpn_x509_cert_t *x509, const unsigned *const expected_ku, int expected_len)
struct cert_hash_set * cert_hash_set
Definition: ssl_common.h:481
int plugin_call_ssl(const struct plugin_list *pl, const int type, const struct argv *av, struct plugin_return *pr, struct env_set *es, int certdepth, openvpn_x509_cert_t *current_cert)
Definition: plugin.c:784
Key state is authenticated.
Definition: ssl_common.h:162
char * x509_username_field[2]
Definition: ssl_common.h:342
bool buf_printf(struct buffer *buf, const char *format,...)
Definition: buffer.c:242
void cert_hash_remember(struct tls_session *session, const int error_depth, const struct buffer *cert_hash)
Definition: ssl_verify.c:198
struct man_def_auth_context * mda_context
Definition: ssl_common.h:405
static const char * verify_cert_export_cert(openvpn_x509_cert_t *peercert, const char *tmp_dir, struct gc_arena *gc)
Definition: ssl_verify.c:494
static void tls_deauthenticate(struct tls_multi *multi)
Definition: ssl_verify.c:73
char * backend_x509_get_serial_hex(openvpn_x509_cert_t *cert, struct gc_arena *gc)
void setenv_str(struct env_set *es, const char *name, const char *value)
Definition: env_set.c:285
#define SIZE(x)
Definition: basic.h:30
#define TLS_AUTHENTICATED(multi, ks)
Check whether the ks key_state has finished the key exchange part of the OpenVPN hand shake...
Definition: ssl_verify.h:109
#define dmsg(flags,...)
Definition: error.h:157
static enum auth_deferred_result key_state_test_auth_control_file(struct auth_deferred_status *ads, bool cached)
Checks the auth control status from a file.
Definition: ssl_verify.c:1032
#define MAX_PARMS
Definition: options.h:51
#define TLS_USERNAME_LEN
Maximum length of common name.
Definition: ssl_verify.c:52
bool auth_token_generate
Generate auth-tokens on successful user/pass auth,seet via options->auth_token_generate.
Definition: ssl_common.h:369
static void string_mod_remap_name(char *str)
Definition: ssl_verify.c:55
static enum auth_deferred_result man_def_auth_test(const struct key_state *ks)
Definition: ssl_verify.c:847
static int verify_user_pass_management(struct tls_session *session, struct tls_multi *multi, const struct user_pass *up)
Definition: ssl_verify.c:1407
static result_t verify_check_crl_dir(const char *crl_dir, openvpn_x509_cert_t *cert, const char *subject, int cert_depth)
Definition: ssl_verify.c:587
#define ASSERT(x)
Definition: error.h:204
Structure containing the hash for a single certificate.
Definition: ssl_verify.h:54
int auth_token_state_flags
The state of the auth-token sent from the client.
Definition: ssl_common.h:207
#define OPENVPN_PLUGIN_FUNC_SUCCESS
struct tls_session session[TM_SIZE]
Array of tls_session objects representing control channel sessions with the remote peer...
Definition: ssl_common.h:651
Structure containing the hashes for a full certificate chain.
Definition: ssl_verify.h:59
bool platform_unlink(const char *filename)
Definition: platform.c:350
void status_printf(struct status_output *so, const char *format,...)
Definition: status.c:224
char username[USER_PASS_LEN]
Definition: misc.h:70
static void update_key_auth_status(bool cached, struct key_state *ks)
This method takes a key_state and if updates the state of the key if it is deferred.
Definition: ssl_verify.c:1068
result_t verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
Definition: ssl_verify.c:629
int capacity
Size in bytes of memory allocated by malloc().
Definition: buffer.h:62
void setenv_del(struct env_set *es, const char *name)
Definition: env_set.c:330
struct status_output * status_open(const char *filename, const int refresh_freq, const int msglevel, const struct virtual_output *vout, const unsigned int flags)
Definition: status.c:63
#define VERIFY_X509_NONE
Definition: ssl_verify.h:63
unsigned int tas_cache_num_updates
The number of times we updated the cache.
Definition: ssl_common.h:608
bool status_close(struct status_output *so)
Definition: status.c:190
#define BPTR(buf)
Definition: buffer.h:124
#define AUTH_TOKEN_HMAC_OK
Auth-token sent from client has valid hmac.
Definition: ssl_common.h:628
static const char * print_nsCertType(int type)
Definition: ssl_verify.c:304
static time_t cache_intervals[]
The minimum times to have passed to update the cache.
Definition: ssl_verify.c:1120
#define KEY_SCAN_SIZE
Definition: ssl_common.h:530
deferred auth still pending
Definition: ssl_common.h:179
static int verify_user_pass_script(struct tls_session *session, struct tls_multi *multi, const struct user_pass *up)
Definition: ssl_verify.c:1253
bool openvpn_snprintf(char *str, size_t size, const char *format,...)
Definition: buffer.c:296
#define OPENVPN_PLUGIN_FUNC_DEFERRED
Key state authentication is being deferred, by async auth.
Definition: ssl_common.h:160
#define PATH_SEPARATOR
Definition: config.h:745
#define KS_SIZE
Size of the tls_session.key array.
Definition: ssl_common.h:434
struct env_item * list
Definition: env_set.h:44
bool auth_user_pass_verify_script_via_file
Definition: ssl_common.h:365
int platform_open(const char *path, int flags, int mode)
Definition: platform.c:376
#define OPENVPN_PLUGIN_TLS_VERIFY
void setenv_link_socket_actual(struct env_set *es, const char *name_prefix, const struct link_socket_actual *act, const unsigned int flags)
Definition: socket.c:3023
#define OPENVPN_PLUGIN_FUNC_ERROR
static const char * np(const char *str)
Definition: simple.c:128
static struct gc_arena gc_new(void)
Definition: buffer.h:1015
#define KS_PRIMARY
Primary key state index.
Definition: ssl_common.h:430
struct gc_arena gc
Definition: argv.h:36
Key state is not authenticated.
Definition: ssl_common.h:159
unsigned remote_cert_ku[MAX_PARMS]
Definition: ssl_common.h:333
time_t now
Definition: otime.c:36
int memcmp_constant_time(const void *a, const void *b, size_t size)
As memcmp(), but constant-time.
static int verify_user_pass_plugin(struct tls_session *session, struct tls_multi *multi, const struct user_pass *up)
Definition: ssl_verify.c:1355
deferred auth has failed
Definition: ssl_common.h:182
enum auth_deferred_result mda_status
Definition: ssl_common.h:252
void x509_setenv_track(const struct x509_track *xt, struct env_set *es, const int depth, openvpn_x509_cert_t *x509)
#define ALLOC_OBJ_CLEAR(dptr, type)
Definition: buffer.h:1050
unsigned int mda_key_id
Definition: ssl_common.h:251
#define ENABLE_MANAGEMENT
Definition: config-msvc.h:12
char * locked_cn
Definition: ssl_common.h:599
#define S_EXITCODE
Instead of returning 1/0 for success/fail, return exit code when between 0 and 255 and -1 otherwise...
Definition: run_command.h:49
bool platform_test_file(const char *filename)
Return true if filename can be opened for read.
Definition: platform.c:522
bool env_set_del(struct env_set *es, const char *str)
Definition: env_set.c:185
void auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
Sets the reason why authentication of a client failed.
Definition: ssl_verify.c:833
int ns_cert_type
Definition: ssl_common.h:332
#define MAX_CERT_DEPTH
Maximum certificate depth we will allow.
Definition: ssl_verify.h:51
enum tls_auth_status tls_authentication_status(struct tls_multi *multi)
Return current session authentication state of the tls_multi structure This will return TLS_AUTHENTIC...
Definition: ssl_verify.c:1135
result_t x509_verify_cert_eku(openvpn_x509_cert_t *x509, const char *const expected_oid)
hash_algo_type verify_hash_algo
Definition: ssl_common.h:338
void wipe_auth_token(struct tls_multi *multi)
Wipes the authentication token out of the memory, frees and cleans up related buffers and flags...
Definition: auth_token.c:411
#define NS_CERT_CHECK_NONE
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:204
void argv_msg_prefix(const int msglev, const struct argv *a, const char *prefix)
Similar to argv_msg() but prefixes the messages being written with a given string.
Definition: argv.c:262
unsigned int verify_auth_token(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Verifies the auth token to be in the format that generate_auth_token create and checks if the token i...
Definition: auth_token.c:313
static int openvpn_run_script(const struct argv *a, const struct env_set *es, const unsigned int flags, const char *hook)
Will run a script and return the exit code of the script if between 0 and 255, -1 otherwise...
Definition: run_command.h:64
struct cert_hash_set * locked_cert_hash_set
Definition: ssl_common.h:601
struct buffer buf
Definition: buffer.h:1106
const char * verify_x509_name
Definition: ssl_common.h:329
char * x509_get_subject(openvpn_x509_cert_t *cert, struct gc_arena *gc)
bool cert_hash_compare(const struct cert_hash_set *chs1, const struct cert_hash_set *chs2)
Compares certificates hashes, returns true if hashes are equal.
Definition: ssl_verify.c:233
struct verify_hash_list * verify_hash
Definition: ssl_common.h:335
static result_t verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert, const char *subject, const char *common_name)
Definition: ssl_verify.c:328
static bool key_state_gen_auth_control_files(struct auth_deferred_status *ads, const struct tls_options *opt)
Generates and creates the control files used for deferred authentification in the temporary directory...
Definition: ssl_verify.c:1000
const char * platform_gen_path(const char *directory, const char *filename, struct gc_arena *gc)
Put a directory and filename together.
Definition: platform.c:456
static struct key_state * get_key_scan(struct tls_multi *multi, int index)
gets an item of key_state objects in the order they should be scanned by data channel modules...
Definition: ssl_common.h:661
const struct plugin_list * plugins
Definition: ssl_common.h:383
struct env_item * next
Definition: env_set.h:39
struct link_socket_actual untrusted_addr
Definition: ssl_common.h:486
#define M_ERRNO
Definition: error.h:103
char * string
Definition: env_set.h:38
char * format_hex_ex(const uint8_t *data, int size, int maxoutput, unsigned int space_break_flags, const char *separator, struct gc_arena *gc)
Definition: buffer.c:519
void management_notify_client_needing_auth(struct management *management, const unsigned int mda_key_id, struct man_def_auth_context *mdac, const struct env_set *es)
Definition: manage.c:2855
struct auth_deferred_status script_auth
Definition: ssl_common.h:257
const char * verify_export_cert
Definition: ssl_common.h:327
char * client_reason
Definition: ssl_common.h:613
#define VERIFY_X509_SUBJECT_RDN_PREFIX
Definition: ssl_verify.h:66
bool auth_token_call_auth
always call normal authentication
Definition: ssl_common.h:372
char * backend_x509_get_serial(openvpn_x509_cert_t *cert, struct gc_arena *gc)
#define TM_SIZE
Size of the tls_multi.session array.
Definition: ssl_common.h:513
static void set_common_name(struct tls_session *session, const char *common_name)
Definition: ssl_verify.c:92
#define KMDA_DEF
Definition: ssl_verify.c:1404
void buf_chomp(struct buffer *buf)
Definition: buffer.c:590
#define CCD_DEFAULT
Definition: common.h:62
static void setenv_untrusted(struct tls_session *session)
Definition: ssl_verify.c:64
#define BLEN(buf)
Definition: buffer.h:127
time_t auth_deferred_expire
Definition: ssl_common.h:248
int verify_hash_depth
Definition: ssl_common.h:336
void key_state_rm_auth_control_files(struct auth_deferred_status *ads)
Removes auth_pending and auth_control files from file system and key_state structure.
Definition: ssl_verify.c:982
void verify_user_pass(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Main username/password verification entry point.
Definition: ssl_verify.c:1466
#define msg(flags,...)
Definition: error.h:153
time_t tas_cache_last_update
Time of last when we updated the cached state of tls_authentication_status deferred files...
Definition: ssl_common.h:605
struct buffer_entry * next
Definition: buffer.h:1107
#define D_HANDSHAKE
Definition: errlevel.h:72
static int max_int(int x, int y)
Definition: integer.h:69
bool tls_authenticate_key(struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason)
Definition: ssl_verify.c:1217
deferred auth is not used
Definition: ssl_common.h:181
#define KMDA_UNDEF
Definition: ssl_verify.c:1403
bool string_mod(char *str, const unsigned int inclusive, const unsigned int exclusive, const char replace)
Definition: buffer.c:1077
result_t x509_verify_ns_cert_type(openvpn_x509_cert_t *cert, const int usage)
struct buffer x509_get_sha1_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate&#39;s SHA1 fingerprint.
static bool tls_authentication_status_use_cache(struct tls_multi *multi)
uses cache_intervals times to determine if we should update the cache.
Definition: ssl_verify.c:1127
char * auth_token
If server sends a generated auth-token, this is the token to use for future user/pass authentications...
Definition: ssl_common.h:620
#define OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY
bool plugin_defined(const struct plugin_list *pl, const int type)
Definition: plugin.c:892
bool tls_verify_crl_missing(const struct tls_options *opt)
Return true iff a CRL is configured, but is not loaded.
void string_replace_leading(char *str, const char match, const char replace)
Definition: buffer.c:1128
const char * verify_command
Definition: ssl_common.h:326
Security parameter state of a single session within a VPN tunnel.
Definition: ssl_common.h:454
Definition: misc.h:56
Wrapper structure for dynamically allocated memory.
Definition: buffer.h:60
static result_t verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert, char *subject)
Definition: ssl_verify.c:464
static bool set_verify_user_pass_env(struct user_pass *up, struct tls_multi *multi, struct tls_session *session)
Definition: ssl_verify.c:1431
static bool management_enable_def_auth(const struct management *man)
Definition: manage.h:458
deferred auth has suceeded
Definition: ssl_common.h:180
result_t x509_write_pem(FILE *peercert_file, openvpn_x509_cert_t *peercert)
char * locked_username
Definition: ssl_common.h:600
char * common_name
Definition: ssl_common.h:479
static void key_state_rm_auth_pending_file(struct auth_deferred_status *ads)
Removes auth_pending file from the file system and key_state structure.
Definition: ssl_verify.c:865
const char * tls_common_name(const struct tls_multi *multi, const bool null)
Returns the common name field for the given tunnel.
Definition: ssl_verify.c:112
struct auth_deferred_status plugin_auth
Definition: ssl_common.h:256
struct buffer alloc_buf_gc(size_t size, struct gc_arena *gc)
Definition: buffer.c:90
#define M_WARN
Definition: error.h:100
void tls_clear_error(void)
Clear the underlying SSL library&#39;s error state.
Definition: ssl_openssl.c:102
const char * tls_username(const struct tls_multi *multi, const bool null)
Returns the username field for the given tunnel.
Definition: ssl_verify.c:176
#define free
Definition: cmocka.c:1850
void tls_x509_clear_env(struct env_set *es)
Remove any X509_ env variables from env_set es.
Definition: ssl_verify.c:1703
static bool key_state_check_auth_pending_file(struct auth_deferred_status *ads, struct tls_multi *multi)
Checks if the deferred state should also send auth pending request to the client. ...
Definition: ssl_verify.c:916
tls_auth_status
Definition: ssl_verify.h:68
void argv_parse_cmd(struct argv *argres, const char *cmdstr)
Parses a command string, tokenizes it and puts each element into a separate struct argv argument slot...
Definition: argv.c:485
Garbage collection arena used to keep track of dynamically allocated memory.
Definition: buffer.h:116
void tls_lock_common_name(struct tls_multi *multi)
Locks the common name field for the given tunnel.
Definition: ssl_verify.c:137
void tls_lock_cert_hash_set(struct tls_multi *multi)
Locks the certificate hash set used in the given tunnel.
Definition: ssl_verify.c:291
const char * platform_create_temp_file(const char *directory, const char *prefix, struct gc_arena *gc)
Create a temporary file in directory, returns the filename of the created file.
Definition: platform.c:403
void cert_hash_free(struct cert_hash_set *chs)
Frees the given set of certificate hashes.
Definition: ssl_verify.c:219
static unsigned int min_uint(unsigned int x, unsigned int y)
Definition: integer.h:56
char * extract_var_peer_info(const char *peer_info, const char *var, struct gc_arena *gc)
Extracts a variable from peer info, the returned string will be allocated using the supplied gc_arena...
Definition: ssl_util.c:34
#define BSTR(buf)
Definition: buffer.h:129
void argv_free(struct argv *a)
Frees all memory allocations allocated by the struct argv related functions.
Definition: argv.c:104
struct buffer x509_get_sha256_fingerprint(openvpn_x509_cert_t *cert, struct gc_arena *gc)
Retrieve the certificate&#39;s SHA256 fingerprint.
char password[USER_PASS_LEN]
Definition: misc.h:71
static struct cert_hash_set * cert_hash_copy(const struct cert_hash_set *chs)
Definition: ssl_verify.c:270
void verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
Perform final authentication checks, including locking of the cn, the allowed certificate hashes...
Definition: ssl_verify.c:1641
Definition: argv.h:35
bool send_auth_pending_messages(struct tls_multi *tls_multi, const char *extra, unsigned int timeout)
Sends the auth pending control messages to a client.
Definition: push.c:373
#define CC_CRLF
Definition: buffer.h:944
#define KMDA_ERROR
Definition: ssl_verify.c:1401
struct verify_hash_list * next
Definition: options.h:209
const struct x509_track * x509_track
Definition: ssl_common.h:408
unsigned int ssl_flags
Definition: ssl_common.h:402
static result_t verify_cert_call_command(const char *verify_command, struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert, char *subject, const char *verify_export_cert)
Definition: ssl_verify.c:532
struct env_set * es
Definition: ssl_common.h:381
struct cert_hash * ch[MAX_CERT_DEPTH]
Array of certificate hashes.
Definition: ssl_verify.h:60
auth_deferred_result
Definition: ssl_common.h:178
static bool check_auth_pending_method(const char *peer_info, const char *method)
Check peer_info if the client supports the requested pending auth method.
Definition: ssl_verify.c:879
void x509_setenv(struct env_set *es, int cert_depth, openvpn_x509_cert_t *cert)
result_t
Result of verification function.
const char * remote_cert_eku
Definition: ssl_common.h:334
result_t backend_x509_get_username(char *common_name, int cn_len, char *x509_username_field, openvpn_x509_cert_t *peer_cert)
unsigned char sha256_hash[256/8]
Definition: ssl_verify.h:55
bool argv_printf(struct argv *argres, const char *format,...)
printf() variant which populates a struct argv.
Definition: argv.c:442
#define NS_CERT_CHECK_SERVER
Do not perform Netscape certificate type verification.
Definition: ssl_verify.h:206
static bool is_auth_token(const char *password)
Return if the password string has the format of a password.
Definition: auth_token.h:127