From: Guus Sliepen <guus@tinc-vpn.org>
Date: Sat, 6 Jun 2009 17:04:04 +0000 (+0200)
Subject: Handle truncated message authentication codes.
X-Git-Tag: release-1.1pre1~119
X-Git-Url: https://tinc-vpn.org/git/browse?p=tinc;a=commitdiff_plain;h=4124b9682f8f890acb25d0c92f2583eef670274a

Handle truncated message authentication codes.
---

diff --git a/src/net_packet.c b/src/net_packet.c
index 062e0be0..af71af90 100644
--- a/src/net_packet.c
+++ b/src/net_packet.c
@@ -163,7 +163,7 @@ static void receive_packet(node_t *n, vpn_packet_t *packet) {
 
 static bool try_mac(node_t *n, const vpn_packet_t *inpkt)
 {
-	if(!digest_active(&n->indigest) || !n->inmaclength || inpkt->len < sizeof inpkt->seqno + n->inmaclength)
+	if(!digest_active(&n->indigest) || inpkt->len < sizeof inpkt->seqno + digest_length(&n->indigest))
 		return false;
 
 	return digest_verify(&n->indigest, &inpkt->seqno, inpkt->len, &inpkt->seqno + inpkt->len);
diff --git a/src/net_setup.c b/src/net_setup.c
index 17eaec2b..224bdf61 100644
--- a/src/net_setup.c
+++ b/src/net_setup.c
@@ -314,21 +314,17 @@ bool setup_myself(void) {
 	if(!get_config_string(lookup_config(myself->connection->config_tree, "Digest"), &digest))
 		digest = xstrdup("sha1");
 
-	if(!digest_open_by_name(&myself->indigest, digest)) {
-		logger(LOG_ERR, _("Unrecognized digest type!"));
+	int maclength = 4;
+	get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &maclength);
+
+	if(maclength < 0) {
+		logger(LOG_ERR, _("Bogus MAC length!"));
 		return false;
 	}
 
-	if(!get_config_int(lookup_config(myself->connection->config_tree, "MACLength"), &myself->inmaclength))
-
-	if(digest_active(&myself->indigest)) {
-		if(myself->inmaclength > digest_length(&myself->indigest)) {
-			logger(LOG_ERR, _("MAC length exceeds size of digest!"));
-			return false;
-		} else if(myself->inmaclength < 0) {
-			logger(LOG_ERR, _("Bogus MAC length!"));
-			return false;
-		}
+	if(!digest_open_by_name(&myself->indigest, digest, maclength)) {
+		logger(LOG_ERR, _("Unrecognized digest type!"));
+		return false;
 	}
 
 	/* Compression */
diff --git a/src/node.c b/src/node.c
index 5df8b667..6df236a1 100644
--- a/src/node.c
+++ b/src/node.c
@@ -185,7 +185,7 @@ int dump_nodes(struct evbuffer *out) {
 		n = node->data;
 		if(evbuffer_add_printf(out, _(" %s at %s cipher %d digest %d maclength %d compression %d options %lx status %04x nexthop %s via %s distance %d pmtu %d (min %d max %d)\n"),
 			   n->name, n->hostname, cipher_get_nid(&n->outcipher),
-			   digest_get_nid(&n->outdigest), n->outmaclength, n->outcompression,
+			   digest_get_nid(&n->outdigest), digest_length(&n->outdigest), n->outcompression,
 			   n->options, *(uint32_t *)&n->status, n->nexthop ? n->nexthop->name : "-",
 			   n->via ? n->via->name : "-", n->distance, n->mtu, n->minmtu, n->maxmtu) == -1)
 			return errno;
diff --git a/src/node.h b/src/node.h
index 9b0d136f..82294a7f 100644
--- a/src/node.h
+++ b/src/node.h
@@ -56,11 +56,9 @@ typedef struct node_t {
 
 	cipher_t incipher;                        /* Cipher for UDP packets */
 	digest_t indigest;                        /* Digest for UDP packets */	
-	int inmaclength;				/* Portion of digest to use */
 
 	cipher_t outcipher;                        /* Cipher for UDP packets */
 	digest_t outdigest;                        /* Digest for UDP packets */	
-	int outmaclength;				/* Portion of digest to use */
 
 	int incompression;			/* Compressionlevel, 0 = no compression */
 	int outcompression;			/* Compressionlevel, 0 = no compression */
diff --git a/src/openssl/digest.c b/src/openssl/digest.c
index 1e2557d9..e1db9341 100644
--- a/src/openssl/digest.c
+++ b/src/openssl/digest.c
@@ -26,26 +26,43 @@
 #include "digest.h"
 #include "logger.h"
 
-bool digest_open_by_name(digest_t *digest, const char *name) {
+static void set_maclength(digest_t *digest, int maclength) {
+	int digestlen = EVP_MD_size(digest->digest);
+
+	if(maclength > digestlen || maclength < 0)
+		digest->maclength = digestlen;
+	else
+		digest->maclength = maclength;
+}
+
+bool digest_open_by_name(digest_t *digest, const char *name, int maclength) {
 	digest->digest = EVP_get_digestbyname(name);
-	if(digest->digest)
-		return true;
 
-	logger(LOG_DEBUG, _("Unknown digest name '%s'!"), name);
-	return false;
+	if(!digest->digest) {
+		logger(LOG_DEBUG, _("Unknown digest name '%s'!"), name);
+		return false;
+	}
+
+	set_maclength(digest, maclength);
+	return true;
 }
 
-bool digest_open_by_nid(digest_t *digest, int nid) {
+bool digest_open_by_nid(digest_t *digest, int nid, int maclength) {
 	digest->digest = EVP_get_digestbynid(nid);
-	if(digest->digest)
-		return true;
 
-	logger(LOG_DEBUG, _("Unknown digest nid %d!"), nid);
-	return false;
+	if(!digest->digest) {
+		logger(LOG_DEBUG, _("Unknown digest nid %d!"), nid);
+		return false;
+	}
+
+	set_maclength(digest, maclength);
+	return true;
 }
 
-bool digest_open_sha1(digest_t *digest) {
+bool digest_open_sha1(digest_t *digest, int maclength) {
 	digest->digest = EVP_sha1();
+
+	set_maclength(digest, maclength);
 	return true;
 }
 
@@ -53,22 +70,27 @@ void digest_close(digest_t *digest) {
 }
 
 bool digest_create(digest_t *digest, const void *indata, size_t inlen, void *outdata) {
+	size_t len = EVP_MD_size(digest->digest);
+	unsigned char tmpdata[len];
+
 	EVP_MD_CTX ctx;
 
-	if(EVP_DigestInit(&ctx, digest->digest)
-			&& EVP_DigestUpdate(&ctx, indata, inlen)
-			&& EVP_DigestFinal(&ctx, outdata, NULL))
-		return true;
-	
-	logger(LOG_DEBUG, _("Error creating digest: %s"), ERR_error_string(ERR_get_error(), NULL));
-	return false;
+	if(!EVP_DigestInit(&ctx, digest->digest)
+			|| !EVP_DigestUpdate(&ctx, indata, inlen)
+			|| !EVP_DigestFinal(&ctx, tmpdata, NULL)) {
+		logger(LOG_DEBUG, _("Error creating digest: %s"), ERR_error_string(ERR_get_error(), NULL));
+		return false;
+	}
+
+	memcpy(outdata, tmpdata, digest->maclength);
+	return true;
 }
 
 bool digest_verify(digest_t *digest, const void *indata, size_t inlen, const void *cmpdata) {
 	size_t len = EVP_MD_size(digest->digest);
-	char outdata[len];
+	unsigned char outdata[len];
 
-	return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, len);
+	return digest_create(digest, indata, inlen, outdata) && !memcmp(cmpdata, outdata, digest->maclength);
 }
 
 int digest_get_nid(const digest_t *digest) {
@@ -76,7 +98,7 @@ int digest_get_nid(const digest_t *digest) {
 }
 
 size_t digest_length(const digest_t *digest) {
-	return EVP_MD_size(digest->digest);
+	return digest->maclength;
 }
 
 bool digest_active(const digest_t *digest) {
diff --git a/src/openssl/digest.h b/src/openssl/digest.h
index deba7d3a..2b5a1715 100644
--- a/src/openssl/digest.h
+++ b/src/openssl/digest.h
@@ -28,11 +28,12 @@
 
 typedef struct digest {
 	const EVP_MD *digest;
+	int maclength;
 } digest_t;
 
-extern bool digest_open_by_name(struct digest *, const char *);
-extern bool digest_open_by_nid(struct digest *, int);
-extern bool digest_open_sha1(struct digest *);
+extern bool digest_open_by_name(struct digest *, const char *name, int maclength);
+extern bool digest_open_by_nid(struct digest *, int nid, int maclength);
+extern bool digest_open_sha1(struct digest *, int maclength);
 extern void digest_close(struct digest *);
 extern bool digest_create(struct digest *, const void *indata, size_t inlen, void *outdata);
 extern bool digest_verify(struct digest *, const void *indata, size_t inlen, const void *digestdata);
diff --git a/src/protocol_auth.c b/src/protocol_auth.c
index 93fe23ea..aa0fd36d 100644
--- a/src/protocol_auth.c
+++ b/src/protocol_auth.c
@@ -124,7 +124,7 @@ bool send_metakey(connection_t *c) {
 	if(!cipher_open_blowfish_ofb(&c->outcipher))
 		return false;
 	
-	if(!digest_open_sha1(&c->outdigest))
+	if(!digest_open_sha1(&c->outdigest, -1))
 		return false;
 
 	/* Create a random key */
@@ -224,7 +224,7 @@ bool metakey_h(connection_t *c, char *request) {
 		return false;
 	}
 
-	if(!digest_open_by_nid(&c->indigest, digest)) {
+	if(!digest_open_by_nid(&c->indigest, digest, -1)) {
 		logger(LOG_ERR, _("Error during initialisation of digest from %s (%s)"), c->name, c->hostname);
 		return false;
 	}
diff --git a/src/protocol_key.c b/src/protocol_key.c
index 06ce733d..2a0f2301 100644
--- a/src/protocol_key.c
+++ b/src/protocol_key.c
@@ -146,8 +146,7 @@ bool send_ans_key(node_t *to) {
 	cp();
 
 	cipher_open_by_nid(&to->incipher, cipher_get_nid(&myself->incipher));
-	digest_open_by_nid(&to->indigest, digest_get_nid(&myself->indigest));
-	to->inmaclength = myself->inmaclength;
+	digest_open_by_nid(&to->indigest, digest_get_nid(&myself->indigest), digest_length(&myself->indigest));
 	to->incompression = myself->incompression;
 
 	randomize(key, keylen);
@@ -164,7 +163,8 @@ bool send_ans_key(node_t *to) {
 	return send_request(to->nexthop->connection, "%d %s %s %s %d %d %d %d", ANS_KEY,
 						myself->name, to->name, key,
 						cipher_get_nid(&to->incipher),
-						digest_get_nid(&to->indigest), to->inmaclength,
+						digest_get_nid(&to->indigest),
+						digest_length(&to->indigest),
 						to->incompression);
 }
 
@@ -228,14 +228,12 @@ bool ans_key_h(connection_t *c, char *request) {
 		return false;
 	}
 
-	from->outmaclength = maclength;
-
-	if(!digest_open_by_nid(&from->outdigest, digest)) {
+	if(!digest_open_by_nid(&from->outdigest, digest, maclength)) {
 		logger(LOG_ERR, _("Node %s (%s) uses unknown digest!"), from->name, from->hostname);
 		return false;
 	}
 
-	if(from->outmaclength > digest_length(&from->outdigest) || from->outmaclength < 0) {
+	if(maclength != digest_length(&from->outdigest)) {
 		logger(LOG_ERR, _("Node %s (%s) uses bogus MAC length!"), from->name, from->hostname);
 		return false;
 	}