Small error in openconnect.8

openconnect.8 discusses 'basemtu' as option. Unfortunately this option is not
recognized. A quick glance in the source learned that 'base-mtu' should be
used.

Signed-off-by: Björn Ketelaars <bjorn.ketelaars@hydroxide.nl>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update translations from GNOME

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update changelog

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Increase oNCP configuration buffer size

We've seen 'KMP message 301 from server too large (10596 bytes)'
in the wild. Bump it up for now, but this really wants to be
dynamically handled.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add TUNIDX for Windows vpnc-script

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Better attempt at handling TAP-Windows tun setup

Just set the network and mask to all zeros. It means it'll do proxy ARP
for *everything* and we can configure them all as on-link routes.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add GNUTLS_NO_EXTENSIONS to DTLS setup

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remember the X-CSTP-Base-MTU: value that the server sends back

We'll want this, for calculating DTLS MTU with PSK-NEGOTIATE.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Limit netmask on Windows TAP setup to 255.255.255.254

This makes a start on the problems with point-to-point configurations,
discussed in https://github.com/openconnect/openconnect-gui/issues/132

Some work is required in vpnc-script-win.js to make the routing do
anything useful, but at least it's not now *impossible* to persuade
it to pass any traffic.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Attempt to re-open CONIN$ if stdin has been redirected on Windows

This should hopefully fix the problem with --passwd-on-stdin, described
in https://github.com/openconnect/openconnect-gui/issues/101

It doesn't actually work for me in wine, as I get 'Access Denied' when
trying to use ReadConsoleW() on the resulting handle. But wine is strange,
and this at least shouldn't make things any *worse*.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add session resume check for GnuTLS too

It's actually doing nothing here; no existing version of GnuTLS would
have let the session get established since we do not install any
credentials which would permit any key exchange. But it wasn't
*explicitly* prevented. And now it is.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Explicitly disallow non-resumed sessions for legacy DTLS establishment

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update translations from GNOME

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add DTLS files back to translation

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix 'make install' from clean too.

Recursive Make still Considered Harmful.

cf. https://github.com/Homebrew/homebrew-core/pull/5029

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update changelog

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add Content-Length header to mimic official pulse client

The official pulse client sends in a fixed "Content-Length: 256" header
with these two HTTP requests. Some versions of the VPN server will
reject requests with an HTTP 400 error if they do not have this header.

Signed-off-by: Jon DeVree <nuxi@vault24.org>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix IPv6 setup on Solaris

Commit a5dd38ec8 ("Assign Address-IP6 field to netmask instead of address")
caused us to sometimes neglect to plumb the tun interface for IPv6.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Enable DTLS protocol negotiation

The new negotiation is as follows: If the client's X-DTLS-CipherSuite
contains the "PSK-NEGOTIATE" keyword, the server will reply with
"X-DTLS-CipherSuite: PSK-NEGOTIATE" and will enable DTLS-PSK negotiation on the
DTLS channel.

That change utilizes the value provided by sever's X-DTLS-App-ID header
and sets that value to a TLS extension on client hello. The
extension used is defined on (draft-mavrogiannopoulos-app-id).

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Enable DSA-SHA1 in ocserv config

Now the DSA test works again for OpenSSL even with TLSv1.2

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update CONFIG_STATUS_DEPENDENCIES

We want to rebuild when config files change

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Change DSA test key to 1024 bits

Support for larger keys is undefined in TLS.

Of course, this doesn't actually work *either*, as ocserv still refuses
to accept them, but at least it's not the client's fault now.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update test suite

Disable DSA tests for OpenSSL too. It seems that ocserv stops accepting DSA
certs when you use TLSv1.2.

Stop expecting CentOS7/GnuTLS to fail the auth-pkcs11 test. It doesn't seem
to.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

DTLS MTU detection fixes

Most importantly, in some circumstances it was setting the "detected"
MTU to the value of the first *failing* packet size, not the last
working one. But also fix up various other issues too, and optimise it
for the common case where the negotiated MTU *is* actually working.

There are still issues with the way we choose the next candidate address,
and it might never reach the actual best MTU. But it's better than it was.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Support --key-password for GnuTLS PKCS#11 PIN

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Single pipeline for creating openconnect.8.inc

There were race conditiona here with the temporary files, which were fairly
gratuitous — we can just write directly to $@.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update translations from GNOME

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update changelog

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Set SSL_OP_TLSEXT_PADDING to work around F5 firewall bugs

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Allow OpenSSL to use TLSv1.2

We've been allowing GnuTLS to negotiate higher protocols than TLSv1.0 for
a while; make OpenSSL do the same.

The Cisco ASA is still stuck at TLSv1.0 but ocserv isn't. Not sure about
Juniper, offhand.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Report actual DTLS cipher for OpenSSL

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix serverhash build with local OpenSSL

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix Windows build of serverhash

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add openconnect_init_ssl() in serverhash.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix build from clean

We now need libopenconnect to be built before we recurse into tests/ even
for building.

Recursive Make Considered Harmful.

If the directory handling in tests/ wasn't already so baroque, I might
take a look at fixing that. But a task for another day, methinks...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Kill DTLS_FREE macro

This can move to the library-specific *-dtls.c files too.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add serverhash test tool

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Reinstate 'make check' warning for OpenSSL builds

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Split crypto library parts out from dtls.c to {gnutls,openssl}-dtls.c

There are still some #ifdefs but it's a lot nicer now.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove bad-random test stuff

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Simplify DTLS conditionals

These can look like ESP now too

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Simplify ESP conditionals

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Revamp GnuTLS/OpenSSL detection

Clean this up somewhat, and remove the support for building with both at
once. There's no point in that any more — GnuTLS has had DTLS support for
ages, and we've have PKCS#11 support with OpenSSL for ages. So just pick
one and use it; don't mix and match.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Extended MTU discovery to work even when compiled with openssl

Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

CI cleanups

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix Windows inet_pton() build warning

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Enable CentOS CI builds

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Allow explicit disabling of DSA tests

On CentOS7, ocserv doesn't work even when the client does.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix configure reporting of Yubikey support

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove unused variable from bad_dtls_test.c

Not entirely sure why only the MinGW build told me about this.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Escape 'PKCS#11 support' in configure summary

Otherwise, autoconf 2.63 on CentOS6 complains:

/usr/bin/m4:configure.ac:1088: ERROR: end of file in argument list
autom4te: /usr/bin/m4 failed with exit status: 1
aclocal: autom4te failed with exit status: 1

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix 'Got no issuer from PKCS#11' message

Make it a PRG_TRACE message, and translate it.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update translations from GNOME

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Call SSL_CTX_check_private_key() to validate cert+key match

OpenSSL does this for you... *only* if the key types match. But load a
cert for an EC key, and a non-matching RSA or DSA key to go with it,
and it won't tell you. It'll just silently fail to do any authentication
on the wire.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Kill --no-cert-check

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Suggest using --servercert when certificate validation fails

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix OpenSSL 1.1 build of EC workaround

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Work around OpenSSL crash with EC keys lacking public key

https://github.com/openssl/openssl/issues/1532

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix PKCS#11 error reporting

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Check for errors from SSL_CTX_use_PrivateKey()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add PKCS#11 test with CKA_PRIVATE on certs

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use --no-mark-private for all objects in token=openconnect-test1

The test with the private objects comes next...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add pubkey-less PKCS#11 tests

Disabled for OpenSSL because it triggers a SEGV in EC_POINT_cmp() when
called from X509_check_private_key():
  https://github.com/openssl/openssl/issues/1532

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Put test sockdir in build dir

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Create ocserv config files from configure script

When creating them from the scripts, they were overwriting each other
in parallel builds. Obviously we could just unique filenames for each
test, but this is nicer.

It does mean that the username/group is hard-coded at configure time,
but I don't think many people will ever notice or care about that.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Don't discard output from ocserv in tests

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use shared runners

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix format warning in openconnect_win32__strerror()

DWORD needs to be printed with %lx not %x.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix compiler warning in verify_packet_seqno()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update comment

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Reorder ESP sequence checks

Make it slightly cleaner... maybe.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix ESP replay problem

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Change tar format to allow softhsm objects to fit

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add missing distfiles

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Update changelog

Only run test-pkcs11 if we have cwrap

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix uninitialised cert pointer in load_pkcs11_certificate()

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Disable DSA tests for GnuTLS too

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Re-import SoftHSM token

Apparently renaming the directory isn't a good idea. It seems to work but
later fails.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Import keys for SoftHSM with softhsm2-util

It creates public key objects too, and less goes wrong.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Support pin-value= for PKCS#11 URI with OpenSSL

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix softhsm check

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

FFS, eventually I'll get the condition right

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

PKCS#11 test shouldn't be unconditional

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Enable EC PKCS#11 test

It makes libp11 crash here, but I'll deal with that shortly...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Missing auth-pkcs11

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add softhsm2.conf

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add PKCS#11 tests

Looks like we *only* accept PIN with ;pin-value= for GnuTLS, and we
*only* accept it with --key-password= for OpenSSL. Must fix...

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Use --key-password for OpenSSL PKCS#11 PIN

We still don't support ;pin-value= though

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add missing user-cert.prm

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

More LibreSSL build fixes

Let bad_dtls_test build, although it'll fail. And cope with --with-openssl=
pointing to a LibreSSL build tree, since that's how I'm testing.

People still shouldn't be *using* this though.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix build with LibreSSL.

Signed-off-by: Piotr Kubaj <pkubaj@anongoth.pl>
Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix main.o dependency harder

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix main.o dependency on version.c

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Make MAX definition conditional to make FreeBSD happy

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Remove stray key files

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add DSA and EC keys to torture tests

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Fix crash in init_esp_ciphers with OpenSSL < 1.1

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

Add support for EC PKCS#1 certs

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>

We don't need cwrap for bad_dtls_test any more

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>