From 3d54881bc78b893ab286681338dd7b9b69d871b3 Mon Sep 17 00:00:00 2001 From: Arne Schwabe Date: Tue, 1 May 2012 15:33:00 +0200 Subject: Support strange certificate + passsword authentication types --- openvpn/Makefile.am | 1 + openvpn/README.polarssl | 4 +-- openvpn/config.h | 6 ++-- openvpn/configure.ac | 38 ++++++++++++-------- openvpn/doc/openvpn.8 | 14 ++++++++ openvpn/include/openvpn-plugin.h | 8 +++++ openvpn/src/compat/Makefile.am | 1 + openvpn/src/openvpn/basic.h | 13 ------- openvpn/src/openvpn/crypto_polarssl.c | 67 +++++++++++++++++++++++++++-------- openvpn/src/openvpn/crypto_polarssl.h | 21 +++++++++++ openvpn/src/openvpn/init.c | 8 ++++- openvpn/src/openvpn/jniglue.c | 7 ---- openvpn/src/openvpn/manage.c | 11 +++--- openvpn/src/openvpn/options.c | 31 +++++++++++++--- openvpn/src/openvpn/options.h | 3 ++ openvpn/src/openvpn/packet_id.c | 16 +++++---- openvpn/src/openvpn/ssl.c | 5 +++ openvpn/src/openvpn/ssl_backend.h | 10 ++++++ openvpn/src/openvpn/ssl_polarssl.c | 38 ++++++++++++++------ openvpn/src/openvpn/ssl_polarssl.h | 2 -- openvpn/src/openvpn/syshead.h | 6 ++++ openvpn/src/openvpn/tun.c | 24 ++----------- openvpn/src/openvpnserv/openvpnserv.c | 6 ++-- 23 files changed, 230 insertions(+), 110 deletions(-) (limited to 'openvpn') diff --git a/openvpn/Makefile.am b/openvpn/Makefile.am index 68aa0a87..ab3e3d2e 100644 --- a/openvpn/Makefile.am +++ b/openvpn/Makefile.am @@ -52,6 +52,7 @@ dist_doc_DATA = \ dist_noinst_DATA = \ .gitignore \ + .gitattributes \ PORTS \ README.IPv6 TODO.IPv6 \ README.polarssl \ diff --git a/openvpn/README.polarssl b/openvpn/README.polarssl index 77a95750..ab7c2d78 100644 --- a/openvpn/README.polarssl +++ b/openvpn/README.polarssl @@ -3,11 +3,11 @@ instructions: To Build and Install, - ./configure --with-ssl-type=polarssl + ./configure --with-crypto-library=polarssl make make install -This version depends on at least PolarSSL v0.99. +This version depends on at least PolarSSL v1.1. ************************************************************************* diff --git a/openvpn/config.h b/openvpn/config.h index 3e713081..3dfeffc2 100644 --- a/openvpn/config.h +++ b/openvpn/config.h @@ -450,13 +450,13 @@ #define PACKAGE_NAME "OpenVPN" /* Define to the full name and version of this package. */ -#define PACKAGE_STRING "OpenVPN 2.1.4" +#define PACKAGE_STRING "OpenVPN 2.3_alpha1" /* Define to the one symbol short name of this package. */ #define PACKAGE_TARNAME "openvpn" /* Define to the version of this package. */ -#define PACKAGE_VERSION "2.1.4" +#define PACKAGE_VERSION "2.3_alpha1" /* Define to the necessary symbol if this constant uses a non-standard name on your system. */ @@ -490,7 +490,7 @@ #define TAP_WIN32_MIN_MINOR 1 /* A string representing our target */ -#define TARGET_ALIAS "i686-pc-linux-gnu" +#define TARGET_ALIAS "arm-linux-androideabi" /* Are we running on Mac OS X? */ /* #undef TARGET_DARWIN */ diff --git a/openvpn/configure.ac b/openvpn/configure.ac index e962323f..399b4e78 100644 --- a/openvpn/configure.ac +++ b/openvpn/configure.ac @@ -168,6 +168,7 @@ AC_ARG_ENABLE( AC_ARG_ENABLE( [password-save], [AS_HELP_STRING([--enable-password-save], [allow --askpass and --auth-user-pass passwords to be read from a file @<:@default=yes@:>@])], + , [enable_password_save="no"] ) @@ -354,7 +355,7 @@ AX_EMPTY_ARRAY AC_CHECK_SIZEOF([unsigned int]) AC_CHECK_SIZEOF([unsigned long]) AC_CHECK_HEADERS([ \ - stdio.h stdarg.h limits.h \ + stdio.h stdarg.h stdbool.h limits.h \ time.h errno.h fcntl.h io.h direct.h \ ctype.h sys/types.h sys/socket.h \ signal.h unistd.h dlfcn.h \ @@ -363,7 +364,7 @@ AC_CHECK_HEADERS([ \ windows.h winsock2.h ws2tcpip.h \ ]) AC_CHECK_HEADERS([ \ - sys/time.h sys/un.h sys/ioctl.h sys/stat.h \ + sys/time.h sys/ioctl.h sys/stat.h \ sys/mman.h sys/file.h \ unistd.h signal.h libgen.h stropts.h \ syslog.h pwd.h grp.h \ @@ -396,10 +397,13 @@ SOCKET_INCLUDES=" #ifdef HAVE_NETINET_IN_SYSTM_H #include #endif +#ifdef HAVE_NETINET_IP_H +#include +#endif " AC_CHECK_HEADERS( - [net/if.h netinet/ip.h netinet/if_ether.h resolv.h], + [net/if.h netinet/ip.h netinet/if_ether.h resolv.h sys/un.h], , , [[${SOCKET_INCLUDES}]] @@ -411,39 +415,33 @@ AC_CHECK_TYPES( [AC_DEFINE([in_addr_t], [uint32_t], [Workaround missing in_addr_t])], [[${SOCKET_INCLUDES}]] ) -AC_CHECK_TYPE( - [struct tun_pi], - [AC_DEFINE(HAVE_TUN_PI, 1, [struct tun_pi needed for IPv6 support])], - , - [[${SOCKET_INCLUDES}]] -) AC_CHECK_TYPE( [struct iphdr], - [AC_DEFINE(HAVE_IPHDR, 1, [struct iphdr needed for IPv6 support])], + [AC_DEFINE([HAVE_IPHDR], [1], [struct iphdr needed for IPv6 support])], , [[${SOCKET_INCLUDES}]] ) AC_CHECK_TYPE( [struct sock_extended_err], - [AC_DEFINE(HAVE_SOCK_EXTENDED_ERR, 1, [struct sock_extended_err needed for extended socket error support])], + [AC_DEFINE([HAVE_SOCK_EXTENDED_ERR], [1], [struct sock_extended_err needed for extended socket error support])], , [[${SOCKET_INCLUDES}]] ) AC_CHECK_TYPE( [struct msghdr], - [AC_DEFINE(HAVE_MSGHDR, 1, [struct msghdr needed for extended socket error support])], + [AC_DEFINE([HAVE_MSGHDR], [1], [struct msghdr needed for extended socket error support])], , [[${SOCKET_INCLUDES}]] ) AC_CHECK_TYPE( [struct cmsghdr], - [AC_DEFINE(HAVE_CMSGHDR, 1, [struct cmsghdr needed for extended socket error support])], + [AC_DEFINE([HAVE_CMSGHDR], [1], [struct cmsghdr needed for extended socket error support])], , [[${SOCKET_INCLUDES}]] ) AC_CHECK_TYPE( [struct in_pktinfo], - [AC_DEFINE(HAVE_IN_PKTINFO, 1, [struct in_pktinfo needed for IP_PKTINFO support])], + [AC_DEFINE([HAVE_IN_PKTINFO], [1], [struct in_pktinfo needed for IP_PKTINFO support])], , [[${SOCKET_INCLUDES}]] ) @@ -595,6 +593,16 @@ AC_CHECK_HEADERS( ], [have_tap_header="yes"] ) +AC_CHECK_DECLS( + [TUNSETPERSIST], + [AC_DEFINE([ENABLE_FEATURE_TUN_PERSIST], [1], [We have persist tun capability])], + , + [[ + #ifdef HAVE_LINUX_IF_TUN_H + #include + #endif + ]] +) CFLAGS="${old_CFLAGS}" test "${have_tap_header}" = "yes" || AC_MSG_ERROR([no tap header could be found]) @@ -821,7 +829,7 @@ case "${with_crypto_library}" in polarssl) have_crypto_crypto="${have_polarssl_crypto}" have_crypto_ssl="${have_polarssl_ssl}" - CRYPTO_CRYPTO_CFLAGS="${POLARSSL_CRYPTO_CFLAGS}" + CRYPTO_CRYPTO_CFLAGS="${POLARSSL_CFLAGS}" CRYPTO_CRYPTO_LIBS="${POLARSSL_LIBS}" AC_DEFINE([ENABLE_CRYPTO_POLARSSL], [1], [Use PolarSSL library]) ;; diff --git a/openvpn/doc/openvpn.8 b/openvpn/doc/openvpn.8 index 53d6bdb2..ee46de62 100644 --- a/openvpn/doc/openvpn.8 +++ b/openvpn/doc/openvpn.8 @@ -3846,6 +3846,20 @@ space-saving optimization that uses the unique identifier for datagram replay protection as the IV. .\"********************************************************* .TP +.B \-\-use-prediction-resistance +Enable prediction resistance on PolarSSL's RNG. + +Enabling prediction resistance causes the RNG to reseed in each +call for random. Reseeding this often can quickly deplete the kernel +entropy pool. + +If you need this option, please consider running a daemon that adds +entropy to the kernel pool. + +Note that this option only works with PolarSSL versions greater +than 1.1. +.\"********************************************************* +.TP .B \-\-test-crypto Do a self-test of OpenVPN's crypto options by encrypting and decrypting test packets using the data channel encryption options diff --git a/openvpn/include/openvpn-plugin.h b/openvpn/include/openvpn-plugin.h index f82f61fa..1c80eec3 100644 --- a/openvpn/include/openvpn-plugin.h +++ b/openvpn/include/openvpn-plugin.h @@ -43,6 +43,10 @@ typedef X509 openvpn_x509_cert_t; #endif #endif +#ifdef __cplusplus +extern "C" { +#endif + /* * Plug-in types. These types correspond to the set of script callbacks * supported by OpenVPN. @@ -724,4 +728,8 @@ OPENVPN_PLUGIN_DEF openvpn_plugin_handle_t OPENVPN_PLUGIN_FUNC(openvpn_plugin_op OPENVPN_PLUGIN_DEF int OPENVPN_PLUGIN_FUNC(openvpn_plugin_func_v1) (openvpn_plugin_handle_t handle, const int type, const char *argv[], const char *envp[]); +#ifdef __cplusplus +} +#endif + #endif /* OPENVPN_PLUGIN_H_ */ diff --git a/openvpn/src/compat/Makefile.am b/openvpn/src/compat/Makefile.am index 5ee35f72..7ad44525 100644 --- a/openvpn/src/compat/Makefile.am +++ b/openvpn/src/compat/Makefile.am @@ -20,6 +20,7 @@ noinst_LTLIBRARIES = libcompat.la libcompat_la_SOURCES = \ compat.h \ + compat-stdbool.h \ compat-dirname.c \ compat-basename.c \ compat-gettimeofday.c \ diff --git a/openvpn/src/openvpn/basic.h b/openvpn/src/openvpn/basic.h index 7c13e221..298cf103 100644 --- a/openvpn/src/openvpn/basic.h +++ b/openvpn/src/openvpn/basic.h @@ -25,19 +25,6 @@ #ifndef BASIC_H #define BASIC_H -/* bool definitions */ -#ifndef bool -#define bool int -#endif - -#ifndef true -#define true 1 -#endif - -#ifndef false -#define false 0 -#endif - #define BOOL_CAST(x) ((x) ? (true) : (false)) /* size of an array */ diff --git a/openvpn/src/openvpn/crypto_polarssl.c b/openvpn/src/openvpn/crypto_polarssl.c index 0e6728c8..3978a3c6 100644 --- a/openvpn/src/openvpn/crypto_polarssl.c +++ b/openvpn/src/openvpn/crypto_polarssl.c @@ -42,12 +42,16 @@ #include "buffer.h" #include "integer.h" #include "crypto_backend.h" +#include "otime.h" +#include "misc.h" #include #include #include #include +#include + /* * * Hardware engine support. Allows loading/unloading of engines. @@ -149,7 +153,6 @@ show_available_engines () "available\n"); } - /* * * Random number functions, used in cases where we want @@ -159,29 +162,65 @@ show_available_engines () * */ -int -rand_bytes (uint8_t *output, int len) +/* + * Initialise the given ctr_drbg context, using a personalisation string and an + * entropy gathering function. + */ +ctr_drbg_context * rand_ctx_get() { - static havege_state hs = {0}; - static bool hs_initialised = false; - const int int_size = sizeof(int); + static entropy_context ec = {0}; + static ctr_drbg_context cd_ctx = {0}; + static bool rand_initialised = false; - if (!hs_initialised) + if (!rand_initialised) { - /* Initialise PolarSSL RNG */ - havege_init(&hs); - hs_initialised = true; - } + struct gc_arena gc = gc_new(); + struct buffer pers_string = alloc_buf_gc(100, &gc); + + /* + * Personalisation string, should be as unique as possible (see NIST + * 800-90 section 8.7.1). We have very little information at this stage. + * Include Program Name, memory address of the context and PID. + */ + buf_printf(&pers_string, "OpenVPN %0u %p %s", platform_getpid(), &cd_ctx, time_string(0, 0, 0, &gc)); + + /* Initialise PolarSSL RNG, and built-in entropy sources */ + entropy_init(&ec); + + if (0 != ctr_drbg_init(&cd_ctx, entropy_func, &ec, BPTR(&pers_string), BLEN(&pers_string))) + msg (M_FATAL, "Failed to initialize random generator"); + + gc_free(&gc); + rand_initialised = true; + } + + return &cd_ctx; +} + +#ifdef ENABLE_PREDICTION_RESISTANCE +void rand_ctx_enable_prediction_resistance() +{ + ctr_drbg_context *cd_ctx = rand_ctx_get(); + + ctr_drbg_set_prediction_resistance(cd_ctx, 1); +} +#endif /* ENABLE_PREDICTION_RESISTANCE */ + +int +rand_bytes (uint8_t *output, int len) +{ + ctr_drbg_context *rng_ctx = rand_ctx_get(); while (len > 0) { - const int blen = min_int (len, int_size); - const int rand_int = havege_rand(&hs); + const size_t blen = min_int (len, CTR_DRBG_MAX_REQUEST); + if (0 != ctr_drbg_random(rng_ctx, output, blen)) + return 0; - memcpy (output, &rand_int, blen); output += blen; len -= blen; } + return 1; } diff --git a/openvpn/src/openvpn/crypto_polarssl.h b/openvpn/src/openvpn/crypto_polarssl.h index 358483a9..bfabb91b 100644 --- a/openvpn/src/openvpn/crypto_polarssl.h +++ b/openvpn/src/openvpn/crypto_polarssl.h @@ -30,8 +30,10 @@ #ifndef CRYPTO_POLARSSL_H_ #define CRYPTO_POLARSSL_H_ +#include #include #include +#include /** Generic cipher key type %context. */ typedef cipher_info_t cipher_kt_t; @@ -71,4 +73,23 @@ typedef md_context_t hmac_ctx_t; #define SHA_DIGEST_LENGTH 20 #define DES_KEY_LENGTH 8 +/** + * Returns a singleton instance of the PolarSSL random number generator. + * + * For PolarSSL 1.1+, this is the CTR_DRBG random number generator. If it + * hasn't been initialised yet, the RNG will be initialised using the default + * entropy sources. Aside from the default platform entropy sources, an + * additional entropy source, the HAVEGE random number generator will also be + * added. During initialisation, a personalisation string will be added based + * on the time, the PID, and a pointer to the random context. + */ +ctr_drbg_context * rand_ctx_get(); + +#ifdef ENABLE_PREDICTION_RESISTANCE +/** + * Enable prediction resistance on the random number generator. + */ +void rand_ctx_enable_prediction_resistance(); +#endif + #endif /* CRYPTO_POLARSSL_H_ */ diff --git a/openvpn/src/openvpn/init.c b/openvpn/src/openvpn/init.c index 88d621a4..cc94b818 100644 --- a/openvpn/src/openvpn/init.c +++ b/openvpn/src/openvpn/init.c @@ -954,7 +954,7 @@ do_genkey (const struct options * options) bool do_persist_tuntap (const struct options *options) { -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST if (options->persist_config) { /* sanity check on options for --mktun or --rmtun */ @@ -2016,6 +2016,12 @@ init_crypto_pre (struct context *c, const unsigned int flags) if (c->options.mute_replay_warnings) c->c2.crypto_options.flags |= CO_MUTE_REPLAY_WARNINGS; + +#ifdef ENABLE_PREDICTION_RESISTANCE + if (c->options.use_prediction_resistance) + rand_ctx_enable_prediction_resistance(); +#endif + } /* diff --git a/openvpn/src/openvpn/jniglue.c b/openvpn/src/openvpn/jniglue.c index 686092bc..c0fff12b 100644 --- a/openvpn/src/openvpn/jniglue.c +++ b/openvpn/src/openvpn/jniglue.c @@ -129,13 +129,6 @@ void android_openvpn_log(int level,const char* prefix,const char* prefix_sep,con } - -unsigned char android_protect_socket(int sockfd) { - jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "protectSocket", - "(I)Z"); - return (*openvpnjenv)->CallStaticBooleanMethod(openvpnjenv,openvpnclass,aMethodID,sockfd); - -} int android_open_tun () { jmethodID aMethodID = (*openvpnjenv)->GetStaticMethodID(openvpnjenv, openvpnclass, "openTunDevice", "()I"); diff --git a/openvpn/src/openvpn/manage.c b/openvpn/src/openvpn/manage.c index 1a6c0869..1dddd41d 100644 --- a/openvpn/src/openvpn/manage.c +++ b/openvpn/src/openvpn/manage.c @@ -1479,14 +1479,13 @@ man_new_connection_post (struct management *man, const char *description) #if UNIX_SOCK_SUPPORT if (man->settings.flags & MF_UNIX_SOCK) { - msg (D_MANAGEMENT, "MANAGEMENT(unix): %s %s", - description, - sockaddr_unix_name (&man->settings.local_unix, "NULL")); - + msg (D_MANAGEMENT, "MANAGEMENT: %s %s", + description, + sockaddr_unix_name (&man->settings.local_unix, "NULL")); } else #endif - msg (D_MANAGEMENT, "MANAGEMENT(tcp): %s %s", + msg (D_MANAGEMENT, "MANAGEMENT: %s %s", description, print_sockaddr (&man->settings.local, &gc)); @@ -2691,7 +2690,6 @@ management_socket_set (struct management *man, void management_io (struct management *man) { - msg(D_MANAGEMENT,"M I/O State %d in",man->connection.state); switch (man->connection.state) { case MS_LISTEN: @@ -2708,7 +2706,6 @@ management_io (struct management *man) default: ASSERT (0); } - msg(D_MANAGEMENT,"M I/O State %d out",man->connection.state); } #endif diff --git a/openvpn/src/openvpn/options.c b/openvpn/src/openvpn/options.c index b74e559b..c48d7be9 100644 --- a/openvpn/src/openvpn/options.c +++ b/openvpn/src/openvpn/options.c @@ -545,6 +545,10 @@ static const char usage_message[] = " using file.\n" "--test-crypto : Run a self-test of crypto features enabled.\n" " For debugging only.\n" +#ifdef ENABLE_PREDICTION_RESISTANCE + "--use-prediction-resistance: Enable prediction resistance on the random\n" + " number generator.\n" +#endif #ifdef ENABLE_SSL "\n" "TLS Key Negotiation Options:\n" @@ -560,7 +564,6 @@ static const char usage_message[] = #if OPENSSL_VERSION_NUMBER >= 0x00907000L " and CRLs).\n" #else /* OPENSSL_VERSION_NUMBER >= 0x00907000L */ -#error WTF! ").\n" " WARNING: no support of CRL available with this version.\n" #endif /* OPENSSL_VERSION_NUMBER >= 0x00907000L */ @@ -726,7 +729,7 @@ static const char usage_message[] = " for use with the --secret option.\n" "--secret file : Write key to file.\n" #endif /* ENABLE_CRYPTO */ -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST "\n" "Tun/tap config mode (available with linux 2.4+):\n" "--mktun : Create a persistent tunnel.\n" @@ -792,7 +795,7 @@ init_options (struct options *o, const bool init_gc) o->management_echo_buffer_size = 100; o->management_state_buffer_size = 100; #endif -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST o->persist_mode = 1; #endif #ifndef WIN32 @@ -838,6 +841,9 @@ init_options (struct options *o, const bool init_gc) o->replay_time = DEFAULT_TIME_BACKTRACK; o->use_iv = true; o->key_direction = KEY_DIRECTION_BIDIRECTIONAL; +#ifdef ENABLE_PREDICTION_RESISTANCE + o->use_prediction_resistance = false; +#endif #ifdef ENABLE_SSL o->key_method = 2; o->tls_timeout = 2; @@ -1423,7 +1429,7 @@ show_settings (const struct options *o) SHOW_INT (mode); -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST SHOW_BOOL (persist_config); SHOW_INT (persist_mode); #endif @@ -1584,6 +1590,9 @@ show_settings (const struct options *o) SHOW_STR (packet_id_file); SHOW_BOOL (use_iv); SHOW_BOOL (test_crypto); +#ifdef ENABLE_PREDICTION_RESISTANCE + SHOW_BOOL (use_prediction_resistance); +#endif #ifdef ENABLE_SSL SHOW_BOOL (tls_server); @@ -3021,6 +3030,11 @@ options_string (const struct options *o, buf_printf (&out, ",no-replay"); if (!o->use_iv) buf_printf (&out, ",no-iv"); + +#ifdef ENABLE_PREDICTION_RESISTANCE + if (o->use_prediction_resistance) + buf_printf (&out, ",use-prediction-resistance"); +#endif } #ifdef ENABLE_SSL @@ -6423,6 +6437,13 @@ add_option (struct options *options, options->keysize = keysize; } #endif +#ifdef ENABLE_PREDICTION_RESISTANCE + else if (streq (p[0], "use-prediction-resistance")) + { + VERIFY_PERMISSION (OPT_P_GENERAL); + options->use_prediction_resistance = true; + } +#endif #ifdef ENABLE_SSL else if (streq (p[0], "show-tls")) { @@ -6795,7 +6816,7 @@ add_option (struct options *options, options->pkcs11_id_management = true; } #endif -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST else if (streq (p[0], "rmtun")) { VERIFY_PERMISSION (OPT_P_GENERAL); diff --git a/openvpn/src/openvpn/options.h b/openvpn/src/openvpn/options.h index 9e78d00b..1be3dfaf 100644 --- a/openvpn/src/openvpn/options.h +++ b/openvpn/src/openvpn/options.h @@ -520,6 +520,9 @@ struct options const char *packet_id_file; bool use_iv; bool test_crypto; +#ifdef ENABLE_PREDICTION_RESISTANCE + bool use_prediction_resistance; +#endif #ifdef ENABLE_SSL /* TLS (control channel) parms */ diff --git a/openvpn/src/openvpn/packet_id.c b/openvpn/src/openvpn/packet_id.c index 0102129f..baa49664 100644 --- a/openvpn/src/openvpn/packet_id.c +++ b/openvpn/src/openvpn/packet_id.c @@ -501,7 +501,7 @@ packet_id_debug_print (int msglevel, buf_printf (&out, "%s [%d]", message, value); buf_printf (&out, " [%s-%d] [", p->name, p->unit); - for (i = 0; i < sl->x_size; ++i) + for (i = 0; sl != NULL && i < sl->x_size; ++i) { char c; time_t v; @@ -538,11 +538,15 @@ packet_id_debug_print (int msglevel, p->time_backtrack, p->max_backtrack_stat, (int)p->initialized); - buf_printf (&out, " sl=[%d,%d,%d,%d]", - sl->x_head, - sl->x_size, - sl->x_cap, - sl->x_sizeof); + if (sl != NULL) + { + buf_printf (&out, " sl=[%d,%d,%d,%d]", + sl->x_head, + sl->x_size, + sl->x_cap, + sl->x_sizeof); + } + msg (msglevel, "%s", BSTR(&out)); gc_free (&gc); diff --git a/openvpn/src/openvpn/ssl.c b/openvpn/src/openvpn/ssl.c index 537fc12f..9f570b9d 100644 --- a/openvpn/src/openvpn/ssl.c +++ b/openvpn/src/openvpn/ssl.c @@ -391,6 +391,11 @@ init_ssl (const struct options *options, struct tls_root_ctx *new_ctx) tls_ctx_restrict_ciphers(new_ctx, options->cipher_list); } +#ifdef ENABLE_CRYPTO_POLARSSL + /* Personalise the random by mixing in the certificate */ + tls_ctx_personalise_random (new_ctx); +#endif + tls_clear_error (); return; diff --git a/openvpn/src/openvpn/ssl_backend.h b/openvpn/src/openvpn/ssl_backend.h index 5ea6a06b..f3e69dd3 100644 --- a/openvpn/src/openvpn/ssl_backend.h +++ b/openvpn/src/openvpn/ssl_backend.h @@ -272,6 +272,16 @@ void tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs #endif ); +#ifdef ENABLE_CRYPTO_POLARSSL +/** + * Add a personalisation string to the PolarSSL RNG, based on the certificate + * loaded into the given context. + * + * @param ctx TLS context to use + */ +void tls_ctx_personalise_random(struct tls_root_ctx *ctx); +#endif + /* ************************************** * * Key-state specific functions diff --git a/openvpn/src/openvpn/ssl_polarssl.c b/openvpn/src/openvpn/ssl_polarssl.c index d4d85c8e..fc8fa6e9 100644 --- a/openvpn/src/openvpn/ssl_polarssl.c +++ b/openvpn/src/openvpn/ssl_polarssl.c @@ -44,6 +44,9 @@ #include "manage.h" #include "ssl_common.h" +#include +#include + #include "ssl_verify_polarssl.h" #include @@ -85,9 +88,6 @@ tls_ctx_server_new(struct tls_root_ctx *ctx) ASSERT(NULL != ctx); CLEAR(*ctx); - ALLOC_OBJ_CLEAR(ctx->hs, havege_state); - havege_init(ctx->hs); - ALLOC_OBJ_CLEAR(ctx->dhm_ctx, dhm_context); ALLOC_OBJ_CLEAR(ctx->priv_key, rsa_context); @@ -103,12 +103,8 @@ void tls_ctx_client_new(struct tls_root_ctx *ctx) { ASSERT(NULL != ctx); - CLEAR(*ctx); - ALLOC_OBJ_CLEAR(ctx->hs, havege_state); - havege_init(ctx->hs); - ALLOC_OBJ_CLEAR(ctx->dhm_ctx, dhm_context); ALLOC_OBJ_CLEAR(ctx->priv_key, rsa_context); @@ -143,8 +139,6 @@ tls_ctx_free(struct tls_root_ctx *ctx) } #endif - free(ctx->hs); - if (ctx->allowed_ciphers) free(ctx->allowed_ciphers); @@ -504,6 +498,28 @@ static void my_debug( void *ctx, int level, const char *str ) } } +/* + * Further personalise the RNG using a hash of the public key + */ +void tls_ctx_personalise_random(struct tls_root_ctx *ctx) +{ + static char old_sha256_hash[32] = {0}; + char sha256_hash[32] = {0}; + ctr_drbg_context *cd_ctx = rand_ctx_get(); + + if (NULL != ctx->crt_chain) + { + x509_cert *cert = ctx->crt_chain; + + sha2(cert->tbs.p, cert->tbs.len, sha256_hash, false); + if ( 0 != memcmp(old_sha256_hash, sha256_hash, sizeof(sha256_hash))) + { + ctr_drbg_update(cd_ctx, sha256_hash, 32); + memcpy(old_sha256_hash, sha256_hash, sizeof(old_sha256_hash)); + } + } +} + void key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, void *session) { @@ -517,7 +533,9 @@ void key_state_ssl_init(struct key_state_ssl *ks_ssl, /* Initialise SSL context */ ssl_set_dbg (ks_ssl->ctx, my_debug, NULL); ssl_set_endpoint (ks_ssl->ctx, ssl_ctx->endpoint); - ssl_set_rng (ks_ssl->ctx, havege_rand, ssl_ctx->hs); + + ssl_set_rng (ks_ssl->ctx, ctr_drbg_random, rand_ctx_get()); + ALLOC_OBJ_CLEAR (ks_ssl->ssn, ssl_session); ssl_set_session (ks_ssl->ctx, 0, 0, ks_ssl->ssn ); if (ssl_ctx->allowed_ciphers) diff --git a/openvpn/src/openvpn/ssl_polarssl.h b/openvpn/src/openvpn/ssl_polarssl.h index e6149b60..2b02a6fd 100644 --- a/openvpn/src/openvpn/ssl_polarssl.h +++ b/openvpn/src/openvpn/ssl_polarssl.h @@ -30,7 +30,6 @@ #ifndef SSL_POLARSSL_H_ #define SSL_POLARSSL_H_ -#include #include #include "config.h" @@ -63,7 +62,6 @@ struct tls_root_ctx { int endpoint; /**< Whether or not this is a server or a client */ - havege_state *hs; /**< HAVEGE random number state */ dhm_context *dhm_ctx; /**< Diffie-Helmann-Merkle context */ x509_cert *crt_chain; /**< Local Certificate chain */ x509_cert *ca_chain; /**< CA chain for remote verification */ diff --git a/openvpn/src/openvpn/syshead.h b/openvpn/src/openvpn/syshead.h index 56a54290..8ce40f7e 100644 --- a/openvpn/src/openvpn/syshead.h +++ b/openvpn/src/openvpn/syshead.h @@ -26,6 +26,7 @@ #define SYSHEAD_H #include "compat.h" +#include "compat-stdbool.h" /* branch prediction hints */ #if defined(__GNUC__) @@ -538,6 +539,11 @@ socket_defined (const socket_descriptor_t sd) #define MANAGMENT_EXTERNAL_KEY #endif +/* Enable PolarSSL RNG prediction resistance support */ +#ifdef ENABLE_CRYPTO_POLARSSL +#define ENABLE_PREDICTION_RESISTANCE +#endif /* ENABLE_CRYPTO_POLARSSL */ + /* * MANAGEMENT_IN_EXTRA allows the management interface to * read multi-line inputs from clients. diff --git a/openvpn/src/openvpn/tun.c b/openvpn/src/openvpn/tun.c index ae372e48..7aa8627d 100644 --- a/openvpn/src/openvpn/tun.c +++ b/openvpn/src/openvpn/tun.c @@ -1397,15 +1397,6 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tu #error header file linux/sockios.h required #endif - -#if defined(HAVE_TUN_PI) && defined(HAVE_IPHDR) && defined(HAVE_IOVEC) && defined(ETH_P_IPV6) && defined(ETH_P_IP) && defined(HAVE_READV) && defined(HAVE_WRITEV) -#define LINUX_IPV6 1 -/* #warning IPv6 ON */ -#else -#define LINUX_IPV6 0 -/* #warning IPv6 OFF */ -#endif - #if !PEDANTIC void @@ -1413,13 +1404,6 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tu { struct ifreq ifr; - /* warn if a very old linux version is used & --tun-ipv6 set - */ -#if LINUX_IPV6 == 0 - if ( tt->ipv6 ) - msg (M_WARN, "NOTE: explicit support for IPv6 tun devices is not provided for this OS"); -#endif - /* * We handle --dev null specially, we do not open /dev/null for this. */ @@ -1543,7 +1527,7 @@ open_tun (const char *dev, const char *dev_type, const char *dev_node, struct tu #endif /* HAVE_LINUX_IF_TUN_H */ #endif /* TARGET_ANDROID */ -#ifdef TUNSETPERSIST +#ifdef ENABLE_FEATURE_TUN_PERSIST /* * This can be removed in future @@ -1593,7 +1577,7 @@ tuncfg (const char *dev, const char *dev_type, const char *dev_node, int persist msg (M_INFO, "Persist state set to: %s", (persist_mode ? "ON" : "OFF")); } -#endif /* TUNSETPERSIST */ +#endif /* ENABLE_FEATURE_TUN_PERSIST */ void close_tun (struct tuntap *tt) @@ -1649,7 +1633,6 @@ close_tun (struct tuntap *tt) int write_tun (struct tuntap* tt, uint8_t *buf, int len) { -#if LINUX_IPV6 if (tt->ipv6) { struct tun_pi pi; @@ -1675,14 +1658,12 @@ write_tun (struct tuntap* tt, uint8_t *buf, int len) return(ret - sizeof(pi)); } else -#endif return write (tt->fd, buf, len); } int read_tun (struct tuntap* tt, uint8_t *buf, int len) { -#if LINUX_IPV6 if (tt->ipv6) { struct iovec vect[2]; @@ -1698,7 +1679,6 @@ read_tun (struct tuntap* tt, uint8_t *buf, int len) return(ret - sizeof(pi)); } else -#endif return read (tt->fd, buf, len); } diff --git a/openvpn/src/openvpnserv/openvpnserv.c b/openvpn/src/openvpnserv/openvpnserv.c index a9a9441e..56f5a025 100755 --- a/openvpn/src/openvpnserv/openvpnserv.c +++ b/openvpn/src/openvpnserv/openvpnserv.c @@ -87,9 +87,9 @@ static HANDLE exit_event = NULL; /* * Message handling */ -#define M_INFO (0) // informational -#define M_SYSERR (MSG_FLAGS_ERROR|MSG_FLAGS_SYS_CODE) // error + system code -#define M_ERR (MSG_FLAGS_ERROR) // error +#define M_INFO (0) /* informational */ +#define M_SYSERR (MSG_FLAGS_ERROR|MSG_FLAGS_SYS_CODE) /* error + system code */ +#define M_ERR (MSG_FLAGS_ERROR) /* error */ /* write error to event log */ #define MSG(flags, ...) \ -- cgit v1.2.3