The provides plug-ins with a safe and secure way to santize sensitive
information such as passwords, by re-using the secure_memzero()
implementation in OpenVPN.
Signed-off-by: David Sommerseth <davids@openvpn.net>
Acked-by: Selva Nair <selva.nair@gmail.com>
Message-Id: <20170505184622.24520-1-davids@openvpn.net>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg14546.html
Signed-off-by: David Sommerseth <davids@openvpn.net>
... | ... |
@@ -199,7 +199,8 @@ struct openvpn_plugin_string_list |
199 | 199 |
|
200 | 200 |
/* openvpn_plugin_{open,func}_v3() related structs */ |
201 | 201 |
|
202 |
-/* Defines version of the v3 plugin argument structs |
|
202 |
+/** |
|
203 |
+ * Defines version of the v3 plugin argument structs |
|
203 | 204 |
* |
204 | 205 |
* Whenever one or more of these structs are modified, this constant |
205 | 206 |
* must be updated. A changelog should be appended in this comment |
... | ... |
@@ -218,8 +219,10 @@ struct openvpn_plugin_string_list |
218 | 218 |
* 3 Added ovpn_version, ovpn_version_major, ovpn_version_minor |
219 | 219 |
* and ovpn_version_patch to provide the runtime version of |
220 | 220 |
* OpenVPN to plug-ins. |
221 |
+ * |
|
222 |
+ * 4 Exported secure_memzero() as plugin_secure_memzero() |
|
221 | 223 |
*/ |
222 |
-#define OPENVPN_PLUGINv3_STRUCTVER 3 |
|
224 |
+#define OPENVPN_PLUGINv3_STRUCTVER 4 |
|
223 | 225 |
|
224 | 226 |
/** |
225 | 227 |
* Definitions needed for the plug-in callback functions. |
... | ... |
@@ -255,10 +258,19 @@ typedef void (*plugin_vlog_t)(openvpn_plugin_log_flags_t flags, |
255 | 255 |
const char *plugin_name, |
256 | 256 |
const char *format, |
257 | 257 |
va_list arglist) _ovpn_chk_fmt (3, 0); |
258 |
- |
|
259 | 258 |
#undef _ovpn_chk_fmt |
260 | 259 |
|
261 | 260 |
/** |
261 |
+ * Export of secure_memzero() to be used inside plug-ins |
|
262 |
+ * |
|
263 |
+ * @param data Pointer to data to zeroise |
|
264 |
+ * @param len Length of data, in bytes |
|
265 |
+ * |
|
266 |
+ */ |
|
267 |
+typedef void (*plugin_secure_memzero_t)(void *data, size_t len); |
|
268 |
+ |
|
269 |
+ |
|
270 |
+/** |
|
262 | 271 |
* Used by the openvpn_plugin_open_v3() function to pass callback |
263 | 272 |
* function pointers to the plug-in. |
264 | 273 |
* |
... | ... |
@@ -267,11 +279,18 @@ typedef void (*plugin_vlog_t)(openvpn_plugin_log_flags_t flags, |
267 | 267 |
* Messages will only be displayed if the plugin_name parameter |
268 | 268 |
* is set. PLOG_DEBUG messages will only be displayed with plug-in |
269 | 269 |
* debug log verbosity (at the time of writing that's verb >= 7). |
270 |
+ * |
|
271 |
+ * plugin_secure_memzero |
|
272 |
+ * : Use this function to securely wipe sensitive information from |
|
273 |
+ * memory. This function is declared in a way that the compiler |
|
274 |
+ * will not remove these function calls during the compiler |
|
275 |
+ * optimization phase. |
|
270 | 276 |
*/ |
271 | 277 |
struct openvpn_plugin_callbacks |
272 | 278 |
{ |
273 | 279 |
plugin_log_t plugin_log; |
274 | 280 |
plugin_vlog_t plugin_vlog; |
281 |
+ plugin_secure_memzero_t plugin_secure_memzero; |
|
275 | 282 |
}; |
276 | 283 |
|
277 | 284 |
/** |
... | ... |
@@ -410,7 +410,8 @@ plugin_log(openvpn_plugin_log_flags_t flags, const char *name, const char *forma |
410 | 410 |
|
411 | 411 |
static struct openvpn_plugin_callbacks callbacks = { |
412 | 412 |
plugin_log, |
413 |
- plugin_vlog |
|
413 |
+ plugin_vlog, |
|
414 |
+ secure_memzero /* plugin_secure_memzero */ |
|
414 | 415 |
}; |
415 | 416 |
|
416 | 417 |
|