PageRenderTime 60ms CodeModel.GetById 29ms RepoModel.GetById 0ms app.codeStats 1ms

/release/src-rt-6.x.4708/router/openvpn/src/openvpn/ssl_verify.c

https://bitbucket.org/oglop/tomato-arm-kille72
C | 1545 lines | 1164 code | 184 blank | 197 comment | 229 complexity | 4dd9a4d1bc016f5cefaf51d7f21aedda MD5 | raw file
Possible License(s): LGPL-2.0, LGPL-3.0, MPL-2.0-no-copyleft-exception, 0BSD, BSD-3-Clause, WTFPL, CC-BY-SA-3.0, LGPL-2.1, GPL-3.0, GPL-2.0
  1. /*
  2. * OpenVPN -- An application to securely tunnel IP networks
  3. * over a single TCP/UDP port, with support for SSL/TLS-based
  4. * session authentication and key exchange,
  5. * packet encryption, packet authentication, and
  6. * packet compression.
  7. *
  8. * Copyright (C) 2002-2018 OpenVPN Inc <sales@openvpn.net>
  9. * Copyright (C) 2010-2018 Fox Crypto B.V. <openvpn@fox-it.com>
  10. *
  11. * This program is free software; you can redistribute it and/or modify
  12. * it under the terms of the GNU General Public License version 2
  13. * as published by the Free Software Foundation.
  14. *
  15. * This program is distributed in the hope that it will be useful,
  16. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  18. * GNU General Public License for more details.
  19. *
  20. * You should have received a copy of the GNU General Public License along
  21. * with this program; if not, write to the Free Software Foundation, Inc.,
  22. * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
  23. */
  24. /**
  25. * @file Control Channel Verification Module
  26. */
  27. #ifdef HAVE_CONFIG_H
  28. #include "config.h"
  29. #elif defined(_MSC_VER)
  30. #include "config-msvc.h"
  31. #endif
  32. #include "syshead.h"
  33. #ifdef ENABLE_CRYPTO
  34. #include "misc.h"
  35. #include "manage.h"
  36. #include "otime.h"
  37. #include "base64.h"
  38. #include "ssl_verify.h"
  39. #include "ssl_verify_backend.h"
  40. #ifdef ENABLE_CRYPTO_OPENSSL
  41. #include "ssl_verify_openssl.h"
  42. #endif
  43. /** Maximum length of common name */
  44. #define TLS_USERNAME_LEN 64
  45. /** Legal characters in an X509 name with --compat-names */
  46. #define X509_NAME_CHAR_CLASS (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_SLASH|CC_COLON|CC_EQUAL)
  47. /** Legal characters in a common name with --compat-names */
  48. #define COMMON_NAME_CHAR_CLASS (CC_ALNUM|CC_UNDERBAR|CC_DASH|CC_DOT|CC_AT|CC_SLASH)
  49. static void
  50. string_mod_remap_name(char *str, const unsigned int restrictive_flags)
  51. {
  52. if (compat_flag(COMPAT_FLAG_QUERY | COMPAT_NAMES)
  53. && !compat_flag(COMPAT_FLAG_QUERY | COMPAT_NO_NAME_REMAPPING))
  54. {
  55. string_mod(str, restrictive_flags, 0, '_');
  56. }
  57. else
  58. {
  59. string_mod(str, CC_PRINT, CC_CRLF, '_');
  60. }
  61. }
  62. /*
  63. * Export the untrusted IP address and port to the environment
  64. */
  65. static void
  66. setenv_untrusted(struct tls_session *session)
  67. {
  68. setenv_link_socket_actual(session->opt->es, "untrusted", &session->untrusted_addr, SA_IP_PORT);
  69. }
  70. /**
  71. * Wipes the authentication token out of the memory, frees and cleans up related buffers and flags
  72. *
  73. * @param multi Pointer to a multi object holding the auth_token variables
  74. */
  75. static void
  76. wipe_auth_token(struct tls_multi *multi)
  77. {
  78. if(multi)
  79. {
  80. if (multi->auth_token)
  81. {
  82. secure_memzero(multi->auth_token, AUTH_TOKEN_SIZE);
  83. free(multi->auth_token);
  84. }
  85. multi->auth_token = NULL;
  86. multi->auth_token_sent = false;
  87. }
  88. }
  89. /*
  90. * Remove authenticated state from all sessions in the given tunnel
  91. */
  92. static void
  93. tls_deauthenticate(struct tls_multi *multi)
  94. {
  95. if (multi)
  96. {
  97. wipe_auth_token(multi);
  98. for (int i = 0; i < TM_SIZE; ++i)
  99. {
  100. for (int j = 0; j < KS_SIZE; ++j)
  101. {
  102. multi->session[i].key[j].authenticated = false;
  103. }
  104. }
  105. }
  106. }
  107. /*
  108. * Set the given session's common_name
  109. */
  110. static void
  111. set_common_name(struct tls_session *session, const char *common_name)
  112. {
  113. if (session->common_name)
  114. {
  115. free(session->common_name);
  116. session->common_name = NULL;
  117. #ifdef ENABLE_PF
  118. session->common_name_hashval = 0;
  119. #endif
  120. }
  121. if (common_name)
  122. {
  123. /* FIXME: Last alloc will never be freed */
  124. session->common_name = string_alloc(common_name, NULL);
  125. #ifdef ENABLE_PF
  126. {
  127. const uint32_t len = (uint32_t) strlen(common_name);
  128. if (len)
  129. {
  130. session->common_name_hashval = hash_func((const uint8_t *)common_name, len+1, 0);
  131. }
  132. else
  133. {
  134. session->common_name_hashval = 0;
  135. }
  136. }
  137. #endif
  138. }
  139. }
  140. /*
  141. * Retrieve the common name for the given tunnel's active session. If the
  142. * common name is NULL or empty, return NULL if null is true, or "UNDEF" if
  143. * null is false.
  144. */
  145. const char *
  146. tls_common_name(const struct tls_multi *multi, const bool null)
  147. {
  148. const char *ret = NULL;
  149. if (multi)
  150. {
  151. ret = multi->session[TM_ACTIVE].common_name;
  152. }
  153. if (ret && strlen(ret))
  154. {
  155. return ret;
  156. }
  157. else if (null)
  158. {
  159. return NULL;
  160. }
  161. else
  162. {
  163. return "UNDEF";
  164. }
  165. }
  166. /*
  167. * Lock the common name for the given tunnel.
  168. */
  169. void
  170. tls_lock_common_name(struct tls_multi *multi)
  171. {
  172. const char *cn = multi->session[TM_ACTIVE].common_name;
  173. if (cn && !multi->locked_cn)
  174. {
  175. multi->locked_cn = string_alloc(cn, NULL);
  176. }
  177. }
  178. /*
  179. * Lock the username for the given tunnel
  180. */
  181. static bool
  182. tls_lock_username(struct tls_multi *multi, const char *username)
  183. {
  184. if (multi->locked_username)
  185. {
  186. if (!username || strcmp(username, multi->locked_username))
  187. {
  188. msg(D_TLS_ERRORS, "TLS Auth Error: username attempted to change from '%s' to '%s' -- tunnel disabled",
  189. multi->locked_username,
  190. np(username));
  191. /* disable the tunnel */
  192. tls_deauthenticate(multi);
  193. return false;
  194. }
  195. }
  196. else
  197. {
  198. if (username)
  199. {
  200. multi->locked_username = string_alloc(username, NULL);
  201. }
  202. }
  203. return true;
  204. }
  205. const char *
  206. tls_username(const struct tls_multi *multi, const bool null)
  207. {
  208. const char *ret = NULL;
  209. if (multi)
  210. {
  211. ret = multi->locked_username;
  212. }
  213. if (ret && strlen(ret))
  214. {
  215. return ret;
  216. }
  217. else if (null)
  218. {
  219. return NULL;
  220. }
  221. else
  222. {
  223. return "UNDEF";
  224. }
  225. }
  226. void
  227. cert_hash_remember(struct tls_session *session, const int error_depth,
  228. const struct buffer *cert_hash)
  229. {
  230. if (error_depth >= 0 && error_depth < MAX_CERT_DEPTH)
  231. {
  232. if (!session->cert_hash_set)
  233. {
  234. ALLOC_OBJ_CLEAR(session->cert_hash_set, struct cert_hash_set);
  235. }
  236. if (!session->cert_hash_set->ch[error_depth])
  237. {
  238. ALLOC_OBJ(session->cert_hash_set->ch[error_depth], struct cert_hash);
  239. }
  240. struct cert_hash *ch = session->cert_hash_set->ch[error_depth];
  241. ASSERT(sizeof(ch->sha256_hash) == BLEN(cert_hash));
  242. memcpy(ch->sha256_hash, BPTR(cert_hash), sizeof(ch->sha256_hash));
  243. }
  244. }
  245. void
  246. cert_hash_free(struct cert_hash_set *chs)
  247. {
  248. if (chs)
  249. {
  250. int i;
  251. for (i = 0; i < MAX_CERT_DEPTH; ++i)
  252. {
  253. free(chs->ch[i]);
  254. }
  255. free(chs);
  256. }
  257. }
  258. bool
  259. cert_hash_compare(const struct cert_hash_set *chs1, const struct cert_hash_set *chs2)
  260. {
  261. if (chs1 && chs2)
  262. {
  263. int i;
  264. for (i = 0; i < MAX_CERT_DEPTH; ++i)
  265. {
  266. const struct cert_hash *ch1 = chs1->ch[i];
  267. const struct cert_hash *ch2 = chs2->ch[i];
  268. if (!ch1 && !ch2)
  269. {
  270. continue;
  271. }
  272. else if (ch1 && ch2 && !memcmp(ch1->sha256_hash, ch2->sha256_hash,
  273. sizeof(ch1->sha256_hash)))
  274. {
  275. continue;
  276. }
  277. else
  278. {
  279. return false;
  280. }
  281. }
  282. return true;
  283. }
  284. else if (!chs1 && !chs2)
  285. {
  286. return true;
  287. }
  288. else
  289. {
  290. return false;
  291. }
  292. }
  293. static struct cert_hash_set *
  294. cert_hash_copy(const struct cert_hash_set *chs)
  295. {
  296. struct cert_hash_set *dest = NULL;
  297. if (chs)
  298. {
  299. int i;
  300. ALLOC_OBJ_CLEAR(dest, struct cert_hash_set);
  301. for (i = 0; i < MAX_CERT_DEPTH; ++i)
  302. {
  303. const struct cert_hash *ch = chs->ch[i];
  304. if (ch)
  305. {
  306. ALLOC_OBJ(dest->ch[i], struct cert_hash);
  307. memcpy(dest->ch[i]->sha256_hash, ch->sha256_hash,
  308. sizeof(dest->ch[i]->sha256_hash));
  309. }
  310. }
  311. }
  312. return dest;
  313. }
  314. void
  315. tls_lock_cert_hash_set(struct tls_multi *multi)
  316. {
  317. const struct cert_hash_set *chs = multi->session[TM_ACTIVE].cert_hash_set;
  318. if (chs && !multi->locked_cert_hash_set)
  319. {
  320. multi->locked_cert_hash_set = cert_hash_copy(chs);
  321. }
  322. }
  323. /*
  324. * Returns the string associated with the given certificate type.
  325. */
  326. static const char *
  327. print_nsCertType(int type)
  328. {
  329. switch (type)
  330. {
  331. case NS_CERT_CHECK_SERVER:
  332. return "SERVER";
  333. case NS_CERT_CHECK_CLIENT:
  334. return "CLIENT";
  335. default:
  336. return "?";
  337. }
  338. }
  339. /*
  340. * Verify the peer's certificate fields.
  341. *
  342. * @param opt the tls options to verify against
  343. * @param peer_cert the peer's certificate
  344. * @param subject the peer's extracted subject name
  345. * @param subject the peer's extracted common name
  346. */
  347. static result_t
  348. verify_peer_cert(const struct tls_options *opt, openvpn_x509_cert_t *peer_cert,
  349. const char *subject, const char *common_name)
  350. {
  351. /* verify certificate nsCertType */
  352. if (opt->ns_cert_type != NS_CERT_CHECK_NONE)
  353. {
  354. if (SUCCESS == x509_verify_ns_cert_type(peer_cert, opt->ns_cert_type))
  355. {
  356. msg(D_HANDSHAKE, "VERIFY OK: nsCertType=%s",
  357. print_nsCertType(opt->ns_cert_type));
  358. }
  359. else
  360. {
  361. msg(D_HANDSHAKE, "VERIFY nsCertType ERROR: %s, require nsCertType=%s",
  362. subject, print_nsCertType(opt->ns_cert_type));
  363. return FAILURE; /* Reject connection */
  364. }
  365. }
  366. /* verify certificate ku */
  367. if (opt->remote_cert_ku[0] != 0)
  368. {
  369. if (SUCCESS == x509_verify_cert_ku(peer_cert, opt->remote_cert_ku, MAX_PARMS))
  370. {
  371. msg(D_HANDSHAKE, "VERIFY KU OK");
  372. }
  373. else
  374. {
  375. msg(D_HANDSHAKE, "VERIFY KU ERROR");
  376. return FAILURE; /* Reject connection */
  377. }
  378. }
  379. /* verify certificate eku */
  380. if (opt->remote_cert_eku != NULL)
  381. {
  382. if (SUCCESS == x509_verify_cert_eku(peer_cert, opt->remote_cert_eku))
  383. {
  384. msg(D_HANDSHAKE, "VERIFY EKU OK");
  385. }
  386. else
  387. {
  388. msg(D_HANDSHAKE, "VERIFY EKU ERROR");
  389. return FAILURE; /* Reject connection */
  390. }
  391. }
  392. /* verify X509 name or username against --verify-x509-[user]name */
  393. if (opt->verify_x509_type != VERIFY_X509_NONE)
  394. {
  395. if ( (opt->verify_x509_type == VERIFY_X509_SUBJECT_DN
  396. && strcmp(opt->verify_x509_name, subject) == 0)
  397. || (opt->verify_x509_type == VERIFY_X509_SUBJECT_RDN
  398. && strcmp(opt->verify_x509_name, common_name) == 0)
  399. || (opt->verify_x509_type == VERIFY_X509_SUBJECT_RDN_PREFIX
  400. && strncmp(opt->verify_x509_name, common_name,
  401. strlen(opt->verify_x509_name)) == 0) )
  402. {
  403. msg(D_HANDSHAKE, "VERIFY X509NAME OK: %s", subject);
  404. }
  405. else
  406. {
  407. msg(D_HANDSHAKE, "VERIFY X509NAME ERROR: %s, must be %s",
  408. subject, opt->verify_x509_name);
  409. return FAILURE; /* Reject connection */
  410. }
  411. }
  412. return SUCCESS;
  413. }
  414. /*
  415. * Export the subject, common_name, and raw certificate fields to the
  416. * environment for later verification by scripts and plugins.
  417. */
  418. static void
  419. verify_cert_set_env(struct env_set *es, openvpn_x509_cert_t *peer_cert, int cert_depth,
  420. const char *subject, const char *common_name,
  421. const struct x509_track *x509_track)
  422. {
  423. char envname[64];
  424. char *serial = NULL;
  425. struct gc_arena gc = gc_new();
  426. /* Save X509 fields in environment */
  427. if (x509_track)
  428. {
  429. x509_setenv_track(x509_track, es, cert_depth, peer_cert);
  430. }
  431. else
  432. {
  433. x509_setenv(es, cert_depth, peer_cert);
  434. }
  435. /* export subject name string as environmental variable */
  436. openvpn_snprintf(envname, sizeof(envname), "tls_id_%d", cert_depth);
  437. setenv_str(es, envname, subject);
  438. #if 0
  439. /* export common name string as environmental variable */
  440. openvpn_snprintf(envname, sizeof(envname), "tls_common_name_%d", cert_depth);
  441. setenv_str(es, envname, common_name);
  442. #endif
  443. /* export X509 cert fingerprints */
  444. {
  445. struct buffer sha1 = x509_get_sha1_fingerprint(peer_cert, &gc);
  446. struct buffer sha256 = x509_get_sha256_fingerprint(peer_cert, &gc);
  447. openvpn_snprintf(envname, sizeof(envname), "tls_digest_%d", cert_depth);
  448. setenv_str(es, envname,
  449. format_hex_ex(BPTR(&sha1), BLEN(&sha1), 0, 1, ":", &gc));
  450. openvpn_snprintf(envname, sizeof(envname), "tls_digest_sha256_%d",
  451. cert_depth);
  452. setenv_str(es, envname,
  453. format_hex_ex(BPTR(&sha256), BLEN(&sha256), 0, 1, ":", &gc));
  454. }
  455. /* export serial number as environmental variable */
  456. serial = backend_x509_get_serial(peer_cert, &gc);
  457. openvpn_snprintf(envname, sizeof(envname), "tls_serial_%d", cert_depth);
  458. setenv_str(es, envname, serial);
  459. /* export serial number in hex as environmental variable */
  460. serial = backend_x509_get_serial_hex(peer_cert, &gc);
  461. openvpn_snprintf(envname, sizeof(envname), "tls_serial_hex_%d", cert_depth);
  462. setenv_str(es, envname, serial);
  463. gc_free(&gc);
  464. }
  465. /*
  466. * call --tls-verify plug-in(s)
  467. */
  468. static result_t
  469. verify_cert_call_plugin(const struct plugin_list *plugins, struct env_set *es,
  470. int cert_depth, openvpn_x509_cert_t *cert, char *subject)
  471. {
  472. if (plugin_defined(plugins, OPENVPN_PLUGIN_TLS_VERIFY))
  473. {
  474. int ret;
  475. struct argv argv = argv_new();
  476. argv_printf(&argv, "%d %s", cert_depth, subject);
  477. ret = plugin_call_ssl(plugins, OPENVPN_PLUGIN_TLS_VERIFY, &argv, NULL, es, cert_depth, cert);
  478. argv_reset(&argv);
  479. if (ret == OPENVPN_PLUGIN_FUNC_SUCCESS)
  480. {
  481. msg(D_HANDSHAKE, "VERIFY PLUGIN OK: depth=%d, %s",
  482. cert_depth, subject);
  483. }
  484. else
  485. {
  486. msg(D_HANDSHAKE, "VERIFY PLUGIN ERROR: depth=%d, %s",
  487. cert_depth, subject);
  488. return FAILURE; /* Reject connection */
  489. }
  490. }
  491. return SUCCESS;
  492. }
  493. static const char *
  494. verify_cert_export_cert(openvpn_x509_cert_t *peercert, const char *tmp_dir, struct gc_arena *gc)
  495. {
  496. FILE *peercert_file;
  497. const char *peercert_filename = "";
  498. /* create tmp file to store peer cert */
  499. if (!tmp_dir
  500. || !(peercert_filename = create_temp_file(tmp_dir, "pcf", gc)))
  501. {
  502. msg (M_WARN, "Failed to create peer cert file");
  503. return NULL;
  504. }
  505. /* write peer-cert in tmp-file */
  506. peercert_file = fopen(peercert_filename, "w+");
  507. if (!peercert_file)
  508. {
  509. msg(M_ERR, "Failed to open temporary file : %s", peercert_filename);
  510. return NULL;
  511. }
  512. if (SUCCESS != x509_write_pem(peercert_file, peercert))
  513. {
  514. msg(M_ERR, "Error writing PEM file containing certificate");
  515. }
  516. fclose(peercert_file);
  517. return peercert_filename;
  518. }
  519. /*
  520. * run --tls-verify script
  521. */
  522. static result_t
  523. verify_cert_call_command(const char *verify_command, struct env_set *es,
  524. int cert_depth, openvpn_x509_cert_t *cert, char *subject, const char *verify_export_cert)
  525. {
  526. const char *tmp_file = NULL;
  527. int ret;
  528. struct gc_arena gc = gc_new();
  529. struct argv argv = argv_new();
  530. setenv_str(es, "script_type", "tls-verify");
  531. if (verify_export_cert)
  532. {
  533. tmp_file = verify_cert_export_cert(cert, verify_export_cert, &gc);
  534. if (!tmp_file)
  535. {
  536. ret = false;
  537. goto cleanup;
  538. }
  539. setenv_str(es, "peer_cert", tmp_file);
  540. }
  541. argv_parse_cmd(&argv, verify_command);
  542. argv_printf_cat(&argv, "%d %s", cert_depth, subject);
  543. argv_msg_prefix(D_TLS_DEBUG, &argv, "TLS: executing verify command");
  544. ret = openvpn_run_script(&argv, es, 0, "--tls-verify script");
  545. if (verify_export_cert)
  546. {
  547. if (tmp_file)
  548. {
  549. platform_unlink(tmp_file);
  550. }
  551. }
  552. cleanup:
  553. gc_free(&gc);
  554. argv_reset(&argv);
  555. if (ret)
  556. {
  557. msg(D_HANDSHAKE, "VERIFY SCRIPT OK: depth=%d, %s",
  558. cert_depth, subject);
  559. return SUCCESS;
  560. }
  561. msg(D_HANDSHAKE, "VERIFY SCRIPT ERROR: depth=%d, %s",
  562. cert_depth, subject);
  563. return FAILURE; /* Reject connection */
  564. }
  565. /*
  566. * check peer cert against CRL directory
  567. */
  568. static result_t
  569. verify_check_crl_dir(const char *crl_dir, openvpn_x509_cert_t *cert)
  570. {
  571. result_t ret = FAILURE;
  572. char fn[256];
  573. int fd = -1;
  574. struct gc_arena gc = gc_new();
  575. char *serial = backend_x509_get_serial(cert, &gc);
  576. if (!openvpn_snprintf(fn, sizeof(fn), "%s%c%s", crl_dir, OS_SPECIFIC_DIRSEP, serial))
  577. {
  578. msg(D_HANDSHAKE, "VERIFY CRL: filename overflow");
  579. goto cleanup;
  580. }
  581. fd = platform_open(fn, O_RDONLY, 0);
  582. if (fd >= 0)
  583. {
  584. msg(D_HANDSHAKE, "VERIFY CRL: certificate serial number %s is revoked", serial);
  585. goto cleanup;
  586. }
  587. ret = SUCCESS;
  588. cleanup:
  589. if (fd != -1)
  590. {
  591. close(fd);
  592. }
  593. gc_free(&gc);
  594. return ret;
  595. }
  596. result_t
  597. verify_cert(struct tls_session *session, openvpn_x509_cert_t *cert, int cert_depth)
  598. {
  599. result_t ret = FAILURE;
  600. char *subject = NULL;
  601. char common_name[TLS_USERNAME_LEN+1] = {0}; /* null-terminated */
  602. const struct tls_options *opt;
  603. struct gc_arena gc = gc_new();
  604. opt = session->opt;
  605. ASSERT(opt);
  606. session->verified = false;
  607. /* get the X509 name */
  608. subject = x509_get_subject(cert, &gc);
  609. if (!subject)
  610. {
  611. msg(D_TLS_ERRORS, "VERIFY ERROR: depth=%d, could not extract X509 "
  612. "subject string from certificate", cert_depth);
  613. goto cleanup;
  614. }
  615. /* enforce character class restrictions in X509 name */
  616. string_mod_remap_name(subject, X509_NAME_CHAR_CLASS);
  617. string_replace_leading(subject, '-', '_');
  618. /* extract the username (default is CN) */
  619. if (SUCCESS != backend_x509_get_username(common_name, sizeof(common_name),
  620. opt->x509_username_field, cert))
  621. {
  622. if (!cert_depth)
  623. {
  624. msg(D_TLS_ERRORS, "VERIFY ERROR: could not extract %s from X509 "
  625. "subject string ('%s') -- note that the username length is "
  626. "limited to %d characters",
  627. opt->x509_username_field,
  628. subject,
  629. TLS_USERNAME_LEN);
  630. goto cleanup;
  631. }
  632. }
  633. /* enforce character class restrictions in common name */
  634. string_mod_remap_name(common_name, COMMON_NAME_CHAR_CLASS);
  635. /* warn if cert chain is too deep */
  636. if (cert_depth >= MAX_CERT_DEPTH)
  637. {
  638. msg(D_TLS_ERRORS, "TLS Error: Convoluted certificate chain detected with depth [%d] greater than %d", cert_depth, MAX_CERT_DEPTH);
  639. goto cleanup; /* Reject connection */
  640. }
  641. /* verify level 1 cert, i.e. the CA that signed our leaf cert */
  642. if (cert_depth == 1 && opt->verify_hash)
  643. {
  644. struct buffer ca_hash = {0};
  645. switch (opt->verify_hash_algo)
  646. {
  647. case MD_SHA1:
  648. ca_hash = x509_get_sha1_fingerprint(cert, &gc);
  649. break;
  650. case MD_SHA256:
  651. ca_hash = x509_get_sha256_fingerprint(cert, &gc);
  652. break;
  653. default:
  654. /* This should normally not happen at all; the algorithm used
  655. * is parsed by add_option() [options.c] and set to a predefined
  656. * value in an enumerated type. So if this unlikely scenario
  657. * happens, consider this a failure
  658. */
  659. msg(M_WARN, "Unexpected invalid algorithm used with "
  660. "--verify-hash (%i)", opt->verify_hash_algo);
  661. ret = FAILURE;
  662. goto cleanup;
  663. }
  664. if (memcmp(BPTR(&ca_hash), opt->verify_hash, BLEN(&ca_hash)))
  665. {
  666. msg(D_TLS_ERRORS, "TLS Error: level-1 certificate hash verification failed");
  667. goto cleanup;
  668. }
  669. }
  670. /* save common name in session object */
  671. if (cert_depth == 0)
  672. {
  673. set_common_name(session, common_name);
  674. }
  675. session->verify_maxlevel = max_int(session->verify_maxlevel, cert_depth);
  676. /* export certificate values to the environment */
  677. verify_cert_set_env(opt->es, cert, cert_depth, subject, common_name,
  678. opt->x509_track);
  679. /* export current untrusted IP */
  680. setenv_untrusted(session);
  681. /* If this is the peer's own certificate, verify it */
  682. if (cert_depth == 0 && SUCCESS != verify_peer_cert(opt, cert, subject, common_name))
  683. {
  684. goto cleanup;
  685. }
  686. /* call --tls-verify plug-in(s), if registered */
  687. if (SUCCESS != verify_cert_call_plugin(opt->plugins, opt->es, cert_depth, cert, subject))
  688. {
  689. goto cleanup;
  690. }
  691. /* run --tls-verify script */
  692. if (opt->verify_command && SUCCESS != verify_cert_call_command(opt->verify_command,
  693. opt->es, cert_depth, cert, subject, opt->verify_export_cert))
  694. {
  695. goto cleanup;
  696. }
  697. /* check peer cert against CRL */
  698. if (opt->crl_file)
  699. {
  700. if (opt->ssl_flags & SSLF_CRL_VERIFY_DIR)
  701. {
  702. if (SUCCESS != verify_check_crl_dir(opt->crl_file, cert))
  703. {
  704. goto cleanup;
  705. }
  706. }
  707. else
  708. {
  709. if (tls_verify_crl_missing(opt))
  710. {
  711. msg(D_TLS_ERRORS, "VERIFY ERROR: CRL not loaded");
  712. goto cleanup;
  713. }
  714. }
  715. }
  716. msg(D_HANDSHAKE, "VERIFY OK: depth=%d, %s", cert_depth, subject);
  717. session->verified = true;
  718. ret = SUCCESS;
  719. cleanup:
  720. if (ret != SUCCESS)
  721. {
  722. tls_clear_error(); /* always? */
  723. session->verified = false; /* double sure? */
  724. }
  725. gc_free(&gc);
  726. return ret;
  727. }
  728. /* ***************************************************************************
  729. * Functions for the management of deferred authentication when using
  730. * user/password authentication.
  731. *************************************************************************** */
  732. #ifdef ENABLE_DEF_AUTH
  733. /* key_state_test_auth_control_file return values,
  734. * NOTE: acf_merge indexing depends on these values */
  735. #define ACF_UNDEFINED 0
  736. #define ACF_SUCCEEDED 1
  737. #define ACF_DISABLED 2
  738. #define ACF_FAILED 3
  739. #endif
  740. #ifdef MANAGEMENT_DEF_AUTH
  741. void
  742. man_def_auth_set_client_reason(struct tls_multi *multi, const char *client_reason)
  743. {
  744. if (multi->client_reason)
  745. {
  746. free(multi->client_reason);
  747. multi->client_reason = NULL;
  748. }
  749. if (client_reason && strlen(client_reason))
  750. {
  751. /* FIXME: Last alloc will never be freed */
  752. multi->client_reason = string_alloc(client_reason, NULL);
  753. }
  754. }
  755. static inline unsigned int
  756. man_def_auth_test(const struct key_state *ks)
  757. {
  758. if (management_enable_def_auth(management))
  759. {
  760. return ks->mda_status;
  761. }
  762. else
  763. {
  764. return ACF_DISABLED;
  765. }
  766. }
  767. #endif /* ifdef MANAGEMENT_DEF_AUTH */
  768. #ifdef PLUGIN_DEF_AUTH
  769. /*
  770. * auth_control_file functions
  771. */
  772. void
  773. key_state_rm_auth_control_file(struct key_state *ks)
  774. {
  775. if (ks && ks->auth_control_file)
  776. {
  777. platform_unlink(ks->auth_control_file);
  778. free(ks->auth_control_file);
  779. ks->auth_control_file = NULL;
  780. }
  781. }
  782. static bool
  783. key_state_gen_auth_control_file(struct key_state *ks, const struct tls_options *opt)
  784. {
  785. struct gc_arena gc = gc_new();
  786. key_state_rm_auth_control_file(ks);
  787. const char *acf = create_temp_file(opt->tmp_dir, "acf", &gc);
  788. if (acf)
  789. {
  790. ks->auth_control_file = string_alloc(acf, NULL);
  791. setenv_str(opt->es, "auth_control_file", ks->auth_control_file);
  792. }
  793. gc_free(&gc);
  794. return acf;
  795. }
  796. static unsigned int
  797. key_state_test_auth_control_file(struct key_state *ks)
  798. {
  799. if (ks && ks->auth_control_file)
  800. {
  801. unsigned int ret = ks->auth_control_status;
  802. if (ret == ACF_UNDEFINED)
  803. {
  804. FILE *fp = fopen(ks->auth_control_file, "r");
  805. if (fp)
  806. {
  807. const int c = fgetc(fp);
  808. if (c == '1')
  809. {
  810. ret = ACF_SUCCEEDED;
  811. }
  812. else if (c == '0')
  813. {
  814. ret = ACF_FAILED;
  815. }
  816. fclose(fp);
  817. ks->auth_control_status = ret;
  818. }
  819. }
  820. return ret;
  821. }
  822. return ACF_DISABLED;
  823. }
  824. #endif /* ifdef PLUGIN_DEF_AUTH */
  825. /*
  826. * Return current session authentication state. Return
  827. * value is TLS_AUTHENTICATION_x.
  828. */
  829. int
  830. tls_authentication_status(struct tls_multi *multi, const int latency)
  831. {
  832. bool deferred = false;
  833. bool success = false;
  834. bool active = false;
  835. #ifdef ENABLE_DEF_AUTH
  836. static const unsigned char acf_merge[] =
  837. {
  838. ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_UNDEFINED */
  839. ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_SUCCEEDED */
  840. ACF_UNDEFINED, /* s1=ACF_UNDEFINED s2=ACF_DISABLED */
  841. ACF_FAILED, /* s1=ACF_UNDEFINED s2=ACF_FAILED */
  842. ACF_UNDEFINED, /* s1=ACF_SUCCEEDED s2=ACF_UNDEFINED */
  843. ACF_SUCCEEDED, /* s1=ACF_SUCCEEDED s2=ACF_SUCCEEDED */
  844. ACF_SUCCEEDED, /* s1=ACF_SUCCEEDED s2=ACF_DISABLED */
  845. ACF_FAILED, /* s1=ACF_SUCCEEDED s2=ACF_FAILED */
  846. ACF_UNDEFINED, /* s1=ACF_DISABLED s2=ACF_UNDEFINED */
  847. ACF_SUCCEEDED, /* s1=ACF_DISABLED s2=ACF_SUCCEEDED */
  848. ACF_DISABLED, /* s1=ACF_DISABLED s2=ACF_DISABLED */
  849. ACF_FAILED, /* s1=ACF_DISABLED s2=ACF_FAILED */
  850. ACF_FAILED, /* s1=ACF_FAILED s2=ACF_UNDEFINED */
  851. ACF_FAILED, /* s1=ACF_FAILED s2=ACF_SUCCEEDED */
  852. ACF_FAILED, /* s1=ACF_FAILED s2=ACF_DISABLED */
  853. ACF_FAILED /* s1=ACF_FAILED s2=ACF_FAILED */
  854. };
  855. #endif /* ENABLE_DEF_AUTH */
  856. if (multi)
  857. {
  858. int i;
  859. #ifdef ENABLE_DEF_AUTH
  860. if (latency && multi->tas_last && multi->tas_last + latency >= now)
  861. {
  862. return TLS_AUTHENTICATION_UNDEFINED;
  863. }
  864. multi->tas_last = now;
  865. #endif /* ENABLE_DEF_AUTH */
  866. for (i = 0; i < KEY_SCAN_SIZE; ++i)
  867. {
  868. struct key_state *ks = multi->key_scan[i];
  869. if (DECRYPT_KEY_ENABLED(multi, ks))
  870. {
  871. active = true;
  872. if (ks->authenticated)
  873. {
  874. #ifdef ENABLE_DEF_AUTH
  875. unsigned int s1 = ACF_DISABLED;
  876. unsigned int s2 = ACF_DISABLED;
  877. #ifdef PLUGIN_DEF_AUTH
  878. s1 = key_state_test_auth_control_file(ks);
  879. #endif /* PLUGIN_DEF_AUTH */
  880. #ifdef MANAGEMENT_DEF_AUTH
  881. s2 = man_def_auth_test(ks);
  882. #endif /* MANAGEMENT_DEF_AUTH */
  883. ASSERT(s1 < 4 && s2 < 4);
  884. switch (acf_merge[(s1<<2) + s2])
  885. {
  886. case ACF_SUCCEEDED:
  887. case ACF_DISABLED:
  888. success = true;
  889. ks->auth_deferred = false;
  890. break;
  891. case ACF_UNDEFINED:
  892. if (now < ks->auth_deferred_expire)
  893. {
  894. deferred = true;
  895. }
  896. break;
  897. case ACF_FAILED:
  898. ks->authenticated = false;
  899. break;
  900. default:
  901. ASSERT(0);
  902. }
  903. #else /* !ENABLE_DEF_AUTH */
  904. success = true;
  905. #endif /* ENABLE_DEF_AUTH */
  906. }
  907. }
  908. }
  909. }
  910. #if 0
  911. dmsg(D_TLS_ERRORS, "TAS: a=%d s=%d d=%d", active, success, deferred);
  912. #endif
  913. if (success)
  914. {
  915. return TLS_AUTHENTICATION_SUCCEEDED;
  916. }
  917. else if (!active || deferred)
  918. {
  919. return TLS_AUTHENTICATION_DEFERRED;
  920. }
  921. else
  922. {
  923. return TLS_AUTHENTICATION_FAILED;
  924. }
  925. }
  926. #ifdef MANAGEMENT_DEF_AUTH
  927. /*
  928. * For deferred auth, this is where the management interface calls (on server)
  929. * to indicate auth failure/success.
  930. */
  931. bool
  932. tls_authenticate_key(struct tls_multi *multi, const unsigned int mda_key_id, const bool auth, const char *client_reason)
  933. {
  934. bool ret = false;
  935. if (multi)
  936. {
  937. int i;
  938. man_def_auth_set_client_reason(multi, client_reason);
  939. for (i = 0; i < KEY_SCAN_SIZE; ++i)
  940. {
  941. struct key_state *ks = multi->key_scan[i];
  942. if (ks->mda_key_id == mda_key_id)
  943. {
  944. ks->mda_status = auth ? ACF_SUCCEEDED : ACF_FAILED;
  945. ret = true;
  946. }
  947. }
  948. }
  949. return ret;
  950. }
  951. #endif /* ifdef MANAGEMENT_DEF_AUTH */
  952. /* ****************************************************************************
  953. * Functions to verify username and password
  954. *
  955. * Authenticate a client using username/password.
  956. * Runs on server.
  957. *
  958. * If you want to add new authentication methods,
  959. * this is the place to start.
  960. *************************************************************************** */
  961. /*
  962. * Verify the user name and password using a script
  963. */
  964. static bool
  965. verify_user_pass_script(struct tls_session *session, const struct user_pass *up)
  966. {
  967. struct gc_arena gc = gc_new();
  968. struct argv argv = argv_new();
  969. const char *tmp_file = "";
  970. bool ret = false;
  971. /* Is username defined? */
  972. if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
  973. {
  974. /* Set environmental variables prior to calling script */
  975. setenv_str(session->opt->es, "script_type", "user-pass-verify");
  976. if (session->opt->auth_user_pass_verify_script_via_file)
  977. {
  978. struct status_output *so;
  979. tmp_file = create_temp_file(session->opt->tmp_dir, "up", &gc);
  980. if (tmp_file)
  981. {
  982. so = status_open(tmp_file, 0, -1, NULL, STATUS_OUTPUT_WRITE);
  983. status_printf(so, "%s", up->username);
  984. status_printf(so, "%s", up->password);
  985. if (!status_close(so))
  986. {
  987. msg(D_TLS_ERRORS, "TLS Auth Error: could not write username/password to file: %s",
  988. tmp_file);
  989. goto done;
  990. }
  991. }
  992. else
  993. {
  994. msg(D_TLS_ERRORS, "TLS Auth Error: could not create write "
  995. "username/password to temp file");
  996. }
  997. }
  998. else
  999. {
  1000. setenv_str(session->opt->es, "username", up->username);
  1001. setenv_str(session->opt->es, "password", up->password);
  1002. }
  1003. /* setenv incoming cert common name for script */
  1004. setenv_str(session->opt->es, "common_name", session->common_name);
  1005. /* setenv client real IP address */
  1006. setenv_untrusted(session);
  1007. /* format command line */
  1008. argv_parse_cmd(&argv, session->opt->auth_user_pass_verify_script);
  1009. argv_printf_cat(&argv, "%s", tmp_file);
  1010. /* call command */
  1011. ret = openvpn_run_script(&argv, session->opt->es, 0,
  1012. "--auth-user-pass-verify");
  1013. if (!session->opt->auth_user_pass_verify_script_via_file)
  1014. {
  1015. setenv_del(session->opt->es, "password");
  1016. }
  1017. }
  1018. else
  1019. {
  1020. msg(D_TLS_ERRORS, "TLS Auth Error: peer provided a blank username");
  1021. }
  1022. done:
  1023. if (tmp_file && strlen(tmp_file) > 0)
  1024. {
  1025. platform_unlink(tmp_file);
  1026. }
  1027. argv_reset(&argv);
  1028. gc_free(&gc);
  1029. return ret;
  1030. }
  1031. /*
  1032. * Verify the username and password using a plugin
  1033. */
  1034. static int
  1035. verify_user_pass_plugin(struct tls_session *session, const struct user_pass *up, const char *raw_username)
  1036. {
  1037. int retval = OPENVPN_PLUGIN_FUNC_ERROR;
  1038. #ifdef PLUGIN_DEF_AUTH
  1039. struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
  1040. #endif
  1041. /* Is username defined? */
  1042. if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
  1043. {
  1044. /* set username/password in private env space */
  1045. setenv_str(session->opt->es, "username", (raw_username ? raw_username : up->username));
  1046. setenv_str(session->opt->es, "password", up->password);
  1047. /* setenv incoming cert common name for script */
  1048. setenv_str(session->opt->es, "common_name", session->common_name);
  1049. /* setenv client real IP address */
  1050. setenv_untrusted(session);
  1051. #ifdef PLUGIN_DEF_AUTH
  1052. /* generate filename for deferred auth control file */
  1053. if (!key_state_gen_auth_control_file(ks, session->opt))
  1054. {
  1055. msg (D_TLS_ERRORS, "TLS Auth Error (%s): "
  1056. "could not create deferred auth control file", __func__);
  1057. goto cleanup;
  1058. }
  1059. #endif
  1060. /* call command */
  1061. retval = plugin_call(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY, NULL, NULL, session->opt->es);
  1062. #ifdef PLUGIN_DEF_AUTH
  1063. /* purge auth control filename (and file itself) for non-deferred returns */
  1064. if (retval != OPENVPN_PLUGIN_FUNC_DEFERRED)
  1065. {
  1066. key_state_rm_auth_control_file(ks);
  1067. }
  1068. #endif
  1069. setenv_del(session->opt->es, "password");
  1070. if (raw_username)
  1071. {
  1072. setenv_str(session->opt->es, "username", up->username);
  1073. }
  1074. }
  1075. else
  1076. {
  1077. msg(D_TLS_ERRORS, "TLS Auth Error (verify_user_pass_plugin): peer provided a blank username");
  1078. }
  1079. cleanup:
  1080. return retval;
  1081. }
  1082. #ifdef MANAGEMENT_DEF_AUTH
  1083. /*
  1084. * MANAGEMENT_DEF_AUTH internal ssl_verify.c status codes
  1085. */
  1086. #define KMDA_ERROR 0
  1087. #define KMDA_SUCCESS 1
  1088. #define KMDA_UNDEF 2
  1089. #define KMDA_DEF 3
  1090. static int
  1091. verify_user_pass_management(struct tls_session *session, const struct user_pass *up, const char *raw_username)
  1092. {
  1093. int retval = KMDA_ERROR;
  1094. struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
  1095. /* Is username defined? */
  1096. if ((session->opt->ssl_flags & SSLF_AUTH_USER_PASS_OPTIONAL) || strlen(up->username))
  1097. {
  1098. /* set username/password in private env space */
  1099. setenv_str(session->opt->es, "username", (raw_username ? raw_username : up->username));
  1100. setenv_str(session->opt->es, "password", up->password);
  1101. /* setenv incoming cert common name for script */
  1102. setenv_str(session->opt->es, "common_name", session->common_name);
  1103. /* setenv client real IP address */
  1104. setenv_untrusted(session);
  1105. if (management)
  1106. {
  1107. management_notify_client_needing_auth(management, ks->mda_key_id, session->opt->mda_context, session->opt->es);
  1108. }
  1109. setenv_del(session->opt->es, "password");
  1110. if (raw_username)
  1111. {
  1112. setenv_str(session->opt->es, "username", up->username);
  1113. }
  1114. retval = KMDA_SUCCESS;
  1115. }
  1116. else
  1117. {
  1118. msg(D_TLS_ERRORS, "TLS Auth Error (verify_user_pass_management): peer provided a blank username");
  1119. }
  1120. return retval;
  1121. }
  1122. #endif /* ifdef MANAGEMENT_DEF_AUTH */
  1123. /*
  1124. * Main username/password verification entry point
  1125. */
  1126. void
  1127. verify_user_pass(struct user_pass *up, struct tls_multi *multi,
  1128. struct tls_session *session)
  1129. {
  1130. int s1 = OPENVPN_PLUGIN_FUNC_SUCCESS;
  1131. bool s2 = true;
  1132. struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
  1133. struct gc_arena gc = gc_new();
  1134. char *raw_username = NULL;
  1135. #ifdef MANAGEMENT_DEF_AUTH
  1136. int man_def_auth = KMDA_UNDEF;
  1137. if (management_enable_def_auth(management))
  1138. {
  1139. man_def_auth = KMDA_DEF;
  1140. }
  1141. #endif
  1142. /*
  1143. * Preserve the raw username before string_mod remapping, for plugins
  1144. * and management clients when in --compat-names mode
  1145. */
  1146. if (compat_flag(COMPAT_FLAG_QUERY | COMPAT_NAMES))
  1147. {
  1148. ALLOC_ARRAY_CLEAR_GC(raw_username, char, USER_PASS_LEN, &gc);
  1149. strcpy(raw_username, up->username);
  1150. string_mod(raw_username, CC_PRINT, CC_CRLF, '_');
  1151. }
  1152. /* enforce character class restrictions in username/password */
  1153. string_mod_remap_name(up->username, COMMON_NAME_CHAR_CLASS);
  1154. string_mod(up->password, CC_PRINT, CC_CRLF, '_');
  1155. /* If server is configured with --auth-gen-token and we have an
  1156. * authentication token for this client, this authentication
  1157. * round will be done internally using the token instead of
  1158. * calling any external authentication modules.
  1159. */
  1160. if (session->opt->auth_token_generate && multi->auth_token_sent
  1161. && NULL != multi->auth_token)
  1162. {
  1163. unsigned int ssl_flags = session->opt->ssl_flags;
  1164. /* Ensure that the username has not changed */
  1165. if (!tls_lock_username(multi, up->username))
  1166. {
  1167. /* auth-token cleared in tls_lock_username() on failure */
  1168. ks->authenticated = false;
  1169. goto done;
  1170. }
  1171. /* If auth-token lifetime has been enabled,
  1172. * ensure the token has not expired
  1173. */
  1174. if (session->opt->auth_token_lifetime > 0
  1175. && (multi->auth_token_tstamp + session->opt->auth_token_lifetime) < now)
  1176. {
  1177. msg(D_HANDSHAKE, "Auth-token for client expired\n");
  1178. wipe_auth_token(multi);
  1179. ks->authenticated = false;
  1180. goto done;
  1181. }
  1182. /* The core authentication of the token itself */
  1183. if (memcmp_constant_time(multi->auth_token, up->password,
  1184. strlen(multi->auth_token)) != 0)
  1185. {
  1186. ks->authenticated = false;
  1187. tls_deauthenticate(multi);
  1188. msg(D_TLS_ERRORS, "TLS Auth Error: Auth-token verification "
  1189. "failed for username '%s' %s", up->username,
  1190. (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
  1191. }
  1192. else
  1193. {
  1194. ks->authenticated = true;
  1195. if (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME)
  1196. {
  1197. set_common_name(session, up->username);
  1198. }
  1199. msg(D_HANDSHAKE, "TLS: Username/auth-token authentication "
  1200. "succeeded for username '%s' %s",
  1201. up->username,
  1202. (ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
  1203. }
  1204. goto done;
  1205. }
  1206. /* call plugin(s) and/or script */
  1207. #ifdef MANAGEMENT_DEF_AUTH
  1208. if (man_def_auth == KMDA_DEF)
  1209. {
  1210. man_def_auth = verify_user_pass_management(session, up, raw_username);
  1211. }
  1212. #endif
  1213. if (plugin_defined(session->opt->plugins, OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY))
  1214. {
  1215. s1 = verify_user_pass_plugin(session, up, raw_username);
  1216. }
  1217. if (session->opt->auth_user_pass_verify_script)
  1218. {
  1219. s2 = verify_user_pass_script(session, up);
  1220. }
  1221. /* check sizing of username if it will become our common name */
  1222. if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) && strlen(up->username) > TLS_USERNAME_LEN)
  1223. {
  1224. msg(D_TLS_ERRORS, "TLS Auth Error: --username-as-common name specified and username is longer than the maximum permitted Common Name length of %d characters", TLS_USERNAME_LEN);
  1225. s1 = OPENVPN_PLUGIN_FUNC_ERROR;
  1226. }
  1227. /* auth succeeded? */
  1228. if ((s1 == OPENVPN_PLUGIN_FUNC_SUCCESS
  1229. #ifdef PLUGIN_DEF_AUTH
  1230. || s1 == OPENVPN_PLUGIN_FUNC_DEFERRED
  1231. #endif
  1232. ) && s2
  1233. #ifdef MANAGEMENT_DEF_AUTH
  1234. && man_def_auth != KMDA_ERROR
  1235. #endif
  1236. && tls_lock_username(multi, up->username))
  1237. {
  1238. ks->authenticated = true;
  1239. #ifdef PLUGIN_DEF_AUTH
  1240. if (s1 == OPENVPN_PLUGIN_FUNC_DEFERRED)
  1241. {
  1242. ks->auth_deferred = true;
  1243. }
  1244. #endif
  1245. #ifdef MANAGEMENT_DEF_AUTH
  1246. if (man_def_auth != KMDA_UNDEF)
  1247. {
  1248. ks->auth_deferred = true;
  1249. }
  1250. #endif
  1251. if ((session->opt->auth_token_generate) && (NULL == multi->auth_token))
  1252. {
  1253. /* Server is configured with --auth-gen-token but no token has yet
  1254. * been generated for this client. Generate one and save it.
  1255. */
  1256. uint8_t tok[AUTH_TOKEN_SIZE];
  1257. if (!rand_bytes(tok, AUTH_TOKEN_SIZE))
  1258. {
  1259. msg( M_FATAL, "Failed to get enough randomness for "
  1260. "authentication token");
  1261. }
  1262. /* The token should be longer than the input when
  1263. * being base64 encoded
  1264. */
  1265. ASSERT(openvpn_base64_encode(tok, AUTH_TOKEN_SIZE,
  1266. &multi->auth_token) > AUTH_TOKEN_SIZE);
  1267. multi->auth_token_tstamp = now;
  1268. dmsg(D_SHOW_KEYS, "Generated token for client: %s",
  1269. multi->auth_token);
  1270. }
  1271. if ((session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME))
  1272. {
  1273. set_common_name(session, up->username);
  1274. }
  1275. #ifdef ENABLE_DEF_AUTH
  1276. msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
  1277. ks->auth_deferred ? "deferred" : "succeeded",
  1278. up->username,
  1279. (session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
  1280. #else
  1281. msg(D_HANDSHAKE, "TLS: Username/Password authentication %s for username '%s' %s",
  1282. "succeeded",
  1283. up->username,
  1284. (session->opt->ssl_flags & SSLF_USERNAME_AS_COMMON_NAME) ? "[CN SET]" : "");
  1285. #endif
  1286. }
  1287. else
  1288. {
  1289. msg(D_TLS_ERRORS, "TLS Auth Error: Auth Username/Password verification failed for peer");
  1290. }
  1291. done:
  1292. gc_free(&gc);
  1293. }
  1294. void
  1295. verify_final_auth_checks(struct tls_multi *multi, struct tls_session *session)
  1296. {
  1297. struct key_state *ks = &session->key[KS_PRIMARY]; /* primary key */
  1298. /* While it shouldn't really happen, don't allow the common name to be NULL */
  1299. if (!session->common_name)
  1300. {
  1301. set_common_name(session, "");
  1302. }
  1303. /* Don't allow the CN to change once it's been locked */
  1304. if (ks->authenticated && multi->locked_cn)
  1305. {
  1306. const char *cn = session->common_name;
  1307. if (cn && strcmp(cn, multi->locked_cn))
  1308. {
  1309. msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN attempted to change from '%s' to '%s' -- tunnel disabled",
  1310. multi->locked_cn,
  1311. cn);
  1312. /* change the common name back to its original value and disable the tunnel */
  1313. set_common_name(session, multi->locked_cn);
  1314. tls_deauthenticate(multi);
  1315. }
  1316. }
  1317. /* Don't allow the cert hashes to change once they have been locked */
  1318. if (ks->authenticated && multi->locked_cert_hash_set)
  1319. {
  1320. const struct cert_hash_set *chs = session->cert_hash_set;
  1321. if (chs && !cert_hash_compare(chs, multi->locked_cert_hash_set))
  1322. {
  1323. msg(D_TLS_ERRORS, "TLS Auth Error: TLS object CN=%s client-provided SSL certs unexpectedly changed during mid-session reauth",
  1324. session->common_name);
  1325. /* disable the tunnel */
  1326. tls_deauthenticate(multi);
  1327. }
  1328. }
  1329. /* verify --client-config-dir based authentication */
  1330. if (ks->authenticated && session->opt->client_config_dir_exclusive)
  1331. {
  1332. struct gc_arena gc = gc_new();
  1333. const char *cn = session->common_name;
  1334. const char *path = gen_path(session->opt->client_config_dir_exclusive, cn, &gc);
  1335. if (!cn || !strcmp(cn, CCD_DEFAULT) || !test_file(path))
  1336. {
  1337. ks->authenticated = false;
  1338. wipe_auth_token(multi);
  1339. msg(D_TLS_ERRORS, "TLS Auth Error: --client-config-dir authentication failed for common name '%s' file='%s'",
  1340. session->common_name,
  1341. path ? path : "UNDEF");
  1342. }
  1343. gc_free(&gc);
  1344. }
  1345. }
  1346. void
  1347. tls_x509_clear_env(struct env_set *es)
  1348. {
  1349. struct env_item *item = es->list;
  1350. while (item)
  1351. {
  1352. struct env_item *next = item->next;
  1353. if (item->string
  1354. && 0 == strncmp("X509_", item->string, strlen("X509_")))
  1355. {
  1356. env_set_del(es, item->string);
  1357. }
  1358. item = next;
  1359. }
  1360. }
  1361. #endif /* ENABLE_CRYPTO */