David Woodhouse [Tue, 15 Jan 2019 15:16:08 +0000 (17:16 +0200)]
Add 'attempt-reconnect' vpnc-script reason
In https://gitlab.com/openconnect/openconnect/issues/17 we think we need
to give the vpnc-script a chance to reinstate the host route to the VPN
server before we can reconnect.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Mike Miller [Sat, 12 Jan 2019 01:04:09 +0000 (17:04 -0800)]
Define IPV6_TCLASS when it isn't defined on Hurd
Per https://bugs.debian.org/738646, Hurd uses the *BSD definition for
the socket option IPV6_TCLASS, but it is not yet provided in any system
header files.
Daniel Lenski [Sun, 6 Jan 2019 10:07:51 +0000 (02:07 -0800)]
no need to send multiple probe packets as an ESP keepalive
Both Juniper and GlobalProtect ESP send special probe packets to initiate the ESP connection, and as keepalives.
Multiple packets are sent to initiate the connection, because a lack of response will cause a total fallback to TLS.
However, one probe packet (per keepalive interval) is enough for the keepalive packets. GlobalProtect ESP already
did this, but Juniper did not.
This patch is motivated by me having access to the highest-latency Juniper VPN server in the known universe.
David Woodhouse [Wed, 9 Jan 2019 16:27:10 +0000 (16:27 +0000)]
Clean up DTLS cipher selection for OpenSSL >= 1.1.0
Where we have SSL_get1_supported_ciphers(), use it to generate the list we
advertise to the server in the first place. This stops us from advertising
DES support when we're not really going to do it, for example.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Wed, 9 Jan 2019 12:02:57 +0000 (12:02 +0000)]
OpenSSL: Loop over DTLS ciphersuites looking for the one we asked for.
As of OpenSSL 1.1.1, the trick of using SSL_CTX_set_cipher_list() and then
expecting only the one ciphersuite to be present in what we get back from
SSL_get_ciphers(), is no longer working. It now always returns the TLSv1.3
ciphers, even though we don't have DTLSv1.3 yet.
Reported as https://github.com/openssl/openssl/issues/8004 but probably
not going to change; the most likely outcome there is that I'm told that
I'm Doing It Wrong™ and a different approach is suggested.
In the meantime, just loop over the results and pick the one that we
actually asked for.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David GEIGER [Sat, 5 Jan 2019 22:27:24 +0000 (22:27 +0000)]
Fix Mageia TSS2_ESYS build
On Mageia Cauldron latest openconnect 8.00 and 8.01 fais to build with
TSS2_ESYS support due to a missing header in gnutls_tpm2_esys.c file, so
adding #include <errno.h> in gnutls_tpm2_esys.c fixes build.
Signed-off-by: David Geiger (Mageia Linux Team Packager) <geiger.david68210@gmail.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Fri, 4 Jan 2019 23:51:47 +0000 (23:51 +0000)]
Explicitly reference python2 in shebang for tncc-wrapper.py
The RPM build complains:
BUILDSTDERR: *** ERROR: ambiguous python shebang in /usr/libexec/openconnect/tncc-wrapper.py: #!/usr/bin/python. Change it to python3 (or python2) explicitly.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Fri, 4 Jan 2019 14:37:14 +0000 (14:37 +0000)]
Clean up TNCC error handling
As suggested by Daniel Lenski, create the oc_text_buf for the request
only once the TNCC wrapper has been spawned, to make the error handling
a bit saner. And remember to close the socketpair if fork() fails, too.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Fri, 4 Jan 2019 12:44:33 +0000 (12:44 +0000)]
Use cancellable_gets() for TNCC communication
Just keep things simple. This avoids SOCK_SEQPACKET which doesn't work on
OSX, and stops assuming that TNCC will send the whole response in a single
send() call.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Thu, 3 Jan 2019 21:39:08 +0000 (21:39 +0000)]
Encrypt digests being signed with IBM TSS2.
The digest itself will end up on the wire. But the computed hash including
the secrets should probably be obsecured. For the TPM that's an input
parameter, which it must decrypt. Hence TPMA_SESSION_DECRYPT.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Fri, 21 Dec 2018 15:45:42 +0000 (15:45 +0000)]
Fix re-prompting for empty parent key password with TCG TSS2
It's odd, but persistent keys can be generated with empty password yet
still without the NODA flag.
It's OK to prompt the user for the (empty) password in that case, but
not to do it more than once, after already authenticating successfully
the first time.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
David Woodhouse [Fri, 21 Dec 2018 12:12:46 +0000 (12:12 +0000)]
Clear full buffer in buf_truncate() and buf_free()
This reduces the chances of passwords and other secrets lying around in
memory when we're done. Arguably if anyone can just read memory of the
VPN client while it's running, the game is already lost... but still,
this is easy enough to do, and it's been reported as CVE-2018-20319.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Daniel Lenski [Sun, 25 Nov 2018 15:53:37 +0000 (10:53 -0500)]
GlobalProtect: apparently, the parameter `clientos=Linux` value is not just allowed, but necessary, for some VPNs.
* Previously, I had received at least two reports of servers where
`clientos=Windows` was required for the VPN to work correctly.
* Per https://github.com/dlenski/openconnect/issues/126, there is at least
one report where *not* setting `clientos=Windows` was required for the VPN
to work.
* The truly maddening part is not only the pointless and inconsistent
behavior of the GlobalProtect servers, but also the fact that the servers
give such misleading and irrelevant error messages ("Incorrect username or
password" or "Unable to assign private IP address", etc.) rather than
something that makes sense like "Unknown clientos value."
This patch makes `clientos=Linux` the default behavior when
`vpninfo->platname` is `linux-64` or `android`, while still allowing it to
be overridden with `--os=win` etc.
Ralph Schmieder [Sat, 8 Sep 2018 12:57:29 +0000 (14:57 +0200)]
chg: add --version-string
I've included a patch that provides better compatibility with CSD on
ASA head ends. E.g. it allows to specify the version string that is
presented to the ASA. Previous to this patch, OC presents its own
version e.g. 0.7.8 but that could cause rejection on the head end if
it looks for a matching AC version string.
[dwmw2: All the library ABI support for the new function]
Signed-off-by: Ralph Schmieder <ralph.schmieder@gmail.com> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Nikos Mavrogiannopoulos [Sat, 6 Oct 2018 05:44:12 +0000 (07:44 +0200)]
Use the client hello session identifier to transmit the client identifier
Currently the openconnect (protocol) client uses a custom extension to provide
information to the server on which session it was previously associated with.
However, a private extension cannot be defined in IETF without going through
a tedious standardization process involving the TLS working group. To avoid
that process we should provide the client identifier on the DTLS session using
alternative methods.
In TLS 1.3 (and DTLS) the session ID field was made obsolete, and as such we can
use it to place the client identifier instead of an extension field. We can do it
safely because (1) there is no session resumption -in the dtls1.2 or earlier sense-
and (2) ocserv is already checking this field for that value due to the old protocol
format.
Resolves #5
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
projects / users / dwmw2 / openconnect.git / log