From: Guus Sliepen Date: Sat, 6 Jun 2009 17:04:04 +0000 (+0200) Subject: Handle truncated message authentication codes. X-Git-Tag: release-1.1pre1~119 X-Git-Url: https://tinc-vpn.org/git/browse?a=commitdiff_plain;h=4124b9682f8f890acb25d0c92f2583eef670274a;p=tinc Handle truncated message authentication codes. --- diff --git a/src/net_packet.c b/src/net_packet.c index 062e0be0..af71af90 100644 --- a/src/net_packet.c +++ b/src/net_packet.c @@ -163,7 +163,7 @@ static void receive_packet(node_t *n, vpn_packet_t *packet) { static bool try_mac(node_t *n, const vpn_packet_t *inpkt) { - if(!digest_active(&n->indigest) || !n->inmaclength || inpkt->len < sizeof inpkt->seqno + n->inmaclength) + if(!digest_active(&n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest)) return false; return digest_verify(&n->indigest, &inpkt->seqno, inpkt->len, &inpkt->seqno + inpkt->len); diff --git a/src/net_setup.c b/src/net_setup.c index 17eaec2b..224bdf61 100644 --- a/src/net_setup.c +++ b/src/net_setup.c @@ -314,21 +314,17 @@ bool setup_myself(void) { if(!get_config_string(lookup_config(myself->connection->config_tree, "Digest"), &digest)) digest = xstrdup("sha1"); - if(!digest_open_by_name(&myself->indigest, digest)) { - logger(LOG_ERR, _("Unrecognized digest type!")); + int maclength = 4; + get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &maclength); + + if(maclength < 0) { + logger(LOG_ERR, _("Bogus MAC length!")); return false; } - if(!get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength)) - - if(digest_active(&myself->indigest)) { - if(myself->inmaclength > digest_length(&myself->indigest)) { - logger(LOG_ERR, _("MAC length exceeds size of digest!")); - return false; - } else if(myself->inmaclength < 0) { - logger(LOG_ERR, _("Bogus MAC length!")); - return false; - } + if(!digest_open_by_name(&myself->indigest, digest, maclength)) { + logger(LOG_ERR, _("Unrecognized digest type!")); + return false; } /* Compression */ diff --git a/src/node.c b/src/node.c index 5df8b667..6df236a1 100644 --- a/src/node.c +++ b/src/node.c @@ -185,7 +185,7 @@ int dump_nodes(struct evbuffer *out) { n = node->data; if(evbuffer_add_printf(out, _(" %s at %s cipher %d digest %d maclength %d compression %d options %lx status %04x nexthop %s via %s distance %d pmtu %d (min %d max %d)\n"), n->name, n->hostname, cipher_get_nid(&n->outcipher), - digest_get_nid(&n->outdigest), n->outmaclength, n->outcompression, + digest_get_nid(&n->outdigest), digest_length(&n->outdigest), n->outcompression, n->options, *(uint32_t *)&n->status, n->nexthop ? n->nexthop->name : "-", n->via ? n->via->name : "-", n->distance, n->mtu, n->minmtu, n->maxmtu) == -1) return errno; diff --git a/src/node.h b/src/node.h index 9b0d136f..82294a7f 100644 --- a/src/node.h +++ b/src/node.h @@ -56,11 +56,9 @@ typedef struct node_t { cipher_t incipher; /* Cipher for UDP packets */ digest_t indigest; /* Digest for UDP packets */ - int inmaclength; /* Portion of digest to use */ cipher_t outcipher; /* Cipher for UDP packets */ digest_t outdigest; /* Digest for UDP packets */ - int outmaclength; /* Portion of digest to use */ int incompression; /* Compressionlevel, 0 = no compression */ int outcompression; /* Compressionlevel, 0 = no compression */ diff --git a/src/openssl/digest.c b/src/openssl/digest.c index 1e2557d9..e1db9341 100644 --- a/src/openssl/digest.c +++ b/src/openssl/digest.c @@ -26,26 +26,43 @@ #include "digest.h" #include "logger.h" -bool digest_open_by_name(digest_t *digest, const char *name) { +static void set_maclength(digest_t *digest, int maclength) { + int digestlen = EVP_MD_size(digest->digest); + + if(maclength > digestlen || maclength < 0) + digest->maclength = digestlen; + else + digest->maclength = maclength; +} + +bool digest_open_by_name(digest_t *digest, const char *name, int maclength) { digest->digest = EVP_get_digestbyname(name); - if(digest->digest) - return true; - logger(LOG_DEBUG, _("Unknown digest name '%s'!"), name); - return false; + if(!digest->digest) { + logger(LOG_DEBUG, _("Unknown digest name '%s'!"), name); + return false; + } + + set_maclength(digest, maclength); + return true; } -bool digest_open_by_nid(digest_t *digest, int nid) { +bool digest_open_by_nid(digest_t *digest, int nid, int maclength) { digest->digest = EVP_get_digestbynid(nid); - if(digest->digest) - return true; - logger(LOG_DEBUG, _("Unknown digest nid %d!"), nid); - return false; + if(!digest->digest) { + logger(LOG_DEBUG, _("Unknown digest nid %d!"), nid); + return false; + } + + set_maclength(digest, maclength); + return true; } -bool digest_open_sha1(digest_t *digest) { +bool digest_open_sha1(digest_t *digest, int maclength) { digest->digest = EVP_sha1(); + + set_maclength(digest, maclength); return true; } @@ -53,22 +70,27 @@ void digest_close(digest_t *digest) { } bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) { + size_t len = EVP_MD_size(digest->digest); + unsigned char tmpdata[len]; + EVP_MD_CTX ctx; - if(EVP_DigestInit(&ctx, digest->digest) - && EVP_DigestUpdate(&ctx, indata, inlen) - && EVP_DigestFinal(&ctx, outdata, NULL)) - return true; - - logger(LOG_DEBUG, _("Error creating digest: %s"), ERR_error_string(ERR_get_error(), NULL)); - return false; + if(!EVP_DigestInit(&ctx, digest->digest) + || !EVP_DigestUpdate(&ctx, indata, inlen) + || !EVP_DigestFinal(&ctx, tmpdata, NULL)) { + logger(LOG_DEBUG, _("Error creating digest: %s"), ERR_error_string(ERR_get_error(), NULL)); + return false; + } + + memcpy(outdata, tmpdata, digest->maclength); + return true; } bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *cmpdata) { size_t len = EVP_MD_size(digest->digest); - char outdata[len]; + unsigned char outdata[len]; - return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, len); + return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, digest->maclength); } int digest_get_nid(const digest_t *digest) { @@ -76,7 +98,7 @@ int digest_get_nid(const digest_t *digest) { } size_t digest_length(const digest_t *digest) { - return EVP_MD_size(digest->digest); + return digest->maclength; } bool digest_active(const digest_t *digest) { diff --git a/src/openssl/digest.h b/src/openssl/digest.h index deba7d3a..2b5a1715 100644 --- a/src/openssl/digest.h +++ b/src/openssl/digest.h @@ -28,11 +28,12 @@ typedef struct digest { const EVP_MD *digest; + int maclength; } digest_t; -extern bool digest_open_by_name(struct digest *, const char *); -extern bool digest_open_by_nid(struct digest *, int); -extern bool digest_open_sha1(struct digest *); +extern bool digest_open_by_name(struct digest *, const char *name, int maclength); +extern bool digest_open_by_nid(struct digest *, int nid, int maclength); +extern bool digest_open_sha1(struct digest *, int maclength); extern void digest_close(struct digest *); extern bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata); extern bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata); diff --git a/src/protocol_auth.c b/src/protocol_auth.c index 93fe23ea..aa0fd36d 100644 --- a/src/protocol_auth.c +++ b/src/protocol_auth.c @@ -124,7 +124,7 @@ bool send_metakey(connection_t *c) { if(!cipher_open_blowfish_ofb(&c->outcipher)) return false; - if(!digest_open_sha1(&c->outdigest)) + if(!digest_open_sha1(&c->outdigest, -1)) return false; /* Create a random key */ @@ -224,7 +224,7 @@ bool metakey_h(connection_t *c, char *request) { return false; } - if(!digest_open_by_nid(&c->indigest, digest)) { + if(!digest_open_by_nid(&c->indigest, digest, -1)) { logger(LOG_ERR, _("Error during initialisation of digest from %s (%s)"), c->name, c->hostname); return false; } diff --git a/src/protocol_key.c b/src/protocol_key.c index 06ce733d..2a0f2301 100644 --- a/src/protocol_key.c +++ b/src/protocol_key.c @@ -146,8 +146,7 @@ bool send_ans_key(node_t *to) { cp(); cipher_open_by_nid(&to->incipher, cipher_get_nid(&myself->incipher)); - digest_open_by_nid(&to->indigest, digest_get_nid(&myself->indigest)); - to->inmaclength = myself->inmaclength; + digest_open_by_nid(&to->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest)); to->incompression = myself->incompression; randomize(key, keylen); @@ -164,7 +163,8 @@ bool send_ans_key(node_t *to) { return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY, myself->name, to->name, key, cipher_get_nid(&to->incipher), - digest_get_nid(&to->indigest), to->inmaclength, + digest_get_nid(&to->indigest), + digest_length(&to->indigest), to->incompression); } @@ -228,14 +228,12 @@ bool ans_key_h(connection_t *c, char *request) { return false; } - from->outmaclength = maclength; - - if(!digest_open_by_nid(&from->outdigest, digest)) { + if(!digest_open_by_nid(&from->outdigest, digest, maclength)) { logger(LOG_ERR, _("Node %s (%s) uses unknown digest!"), from->name, from->hostname); return false; } - if(from->outmaclength > digest_length(&from->outdigest) || from->outmaclength < 0) { + if(maclength != digest_length(&from->outdigest)) { logger(LOG_ERR, _("Node %s (%s) uses bogus MAC length!"), from->name, from->hostname); return false; }