As reported by tincantech on the openvpn-devel IRC channel, a tls-crypt-v2
client could be caused to trigger an assert in tls_crypt_wrap() because the
client key might not be correctly initialized after a reconnect attempt.
This was caused by code that was written before the connection-block
tls-auth/tls-crypt logic was integrated (57d6f103), rebased on that change,
but not sufficiently changed to be compatible with the new logic.
This commit fixes that bug.
Note that I also moved the violating hunk of code to the same function
where the tls-auth and tls-crypt (v1) keys are initialized. Once moved
there, it is immediately clear that v2 didn't follow the same (new) logic.
Signed-off-by: Steffan Karger <steffan.karger@fox-it.com>
Tested-by: Richard Bonhomme <tincanteksup@gmail.com>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Message-Id: <1540991236-4016-1-git-send-email-steffan.karger@fox-it.com>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg17866.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>
... | ... |
@@ -2594,6 +2594,26 @@ do_init_tls_wrap_key(struct context *c) |
2594 | 2594 |
options->ce.tls_crypt_file, |
2595 | 2595 |
options->ce.tls_crypt_inline, options->tls_server); |
2596 | 2596 |
} |
2597 |
+ |
|
2598 |
+ /* tls-crypt with client-specific keys (--tls-crypt-v2) */ |
|
2599 |
+ if (options->ce.tls_crypt_v2_file) |
|
2600 |
+ { |
|
2601 |
+ if (options->tls_server) |
|
2602 |
+ { |
|
2603 |
+ tls_crypt_v2_init_server_key(&c->c1.ks.tls_crypt_v2_server_key, |
|
2604 |
+ true, options->ce.tls_crypt_v2_file, |
|
2605 |
+ options->ce.tls_crypt_v2_inline); |
|
2606 |
+ } |
|
2607 |
+ else |
|
2608 |
+ { |
|
2609 |
+ tls_crypt_v2_init_client_key(&c->c1.ks.tls_wrap_key, |
|
2610 |
+ &c->c1.ks.tls_crypt_v2_wkc, |
|
2611 |
+ options->ce.tls_crypt_v2_file, |
|
2612 |
+ options->ce.tls_crypt_v2_inline); |
|
2613 |
+ } |
|
2614 |
+ } |
|
2615 |
+ |
|
2616 |
+ |
|
2597 | 2617 |
} |
2598 | 2618 |
|
2599 | 2619 |
/* |
... | ... |
@@ -2645,27 +2665,9 @@ do_init_crypto_tls_c1(struct context *c) |
2645 | 2645 |
/* Initialize PRNG with config-specified digest */ |
2646 | 2646 |
prng_init(options->prng_hash, options->prng_nonce_secret_len); |
2647 | 2647 |
|
2648 |
- /* initialize tls-auth/crypt key */ |
|
2648 |
+ /* initialize tls-auth/crypt/crypt-v2 key */ |
|
2649 | 2649 |
do_init_tls_wrap_key(c); |
2650 | 2650 |
|
2651 |
- /* tls-crypt with client-specific keys (--tls-crypt-v2) */ |
|
2652 |
- if (options->tls_crypt_v2_file) |
|
2653 |
- { |
|
2654 |
- if (options->tls_server) |
|
2655 |
- { |
|
2656 |
- tls_crypt_v2_init_server_key(&c->c1.ks.tls_crypt_v2_server_key, |
|
2657 |
- true, options->tls_crypt_v2_file, |
|
2658 |
- options->tls_crypt_v2_inline); |
|
2659 |
- } |
|
2660 |
- else |
|
2661 |
- { |
|
2662 |
- tls_crypt_v2_init_client_key(&c->c1.ks.tls_wrap_key, |
|
2663 |
- &c->c1.ks.tls_crypt_v2_wkc, |
|
2664 |
- options->tls_crypt_v2_file, |
|
2665 |
- options->tls_crypt_v2_inline); |
|
2666 |
- } |
|
2667 |
- } |
|
2668 |
- |
|
2669 | 2651 |
#if 0 /* was: #if ENABLE_INLINE_FILES -- Note that enabling this code will break restarts */ |
2670 | 2652 |
if (options->priv_key_file_inline) |
2671 | 2653 |
{ |
... | ... |
@@ -2891,13 +2893,13 @@ do_init_crypto_tls(struct context *c, const unsigned int flags) |
2891 | 2891 |
to.tls_wrap.opt.flags |= CO_PACKET_ID_LONG_FORM; |
2892 | 2892 |
tls_crypt_adjust_frame_parameters(&to.frame); |
2893 | 2893 |
|
2894 |
- if (options->tls_crypt_v2_file) |
|
2894 |
+ if (options->ce.tls_crypt_v2_file) |
|
2895 | 2895 |
{ |
2896 | 2896 |
to.tls_wrap.tls_crypt_v2_wkc = &c->c1.ks.tls_crypt_v2_wkc; |
2897 | 2897 |
} |
2898 | 2898 |
} |
2899 | 2899 |
|
2900 |
- if (options->tls_crypt_v2_file) |
|
2900 |
+ if (options->ce.tls_crypt_v2_file) |
|
2901 | 2901 |
{ |
2902 | 2902 |
to.tls_crypt_v2 = true; |
2903 | 2903 |
if (options->tls_server) |