mirror of
https://github.com/OpenVPN/openvpn.git
synced 2024-09-20 03:52:28 +02:00
452e016cba
If we ship something that we consider a form of documentation "this is how to write an OpenVPN plugin" it should meet our standards for secure and modern code. This plugin did neither. - get rid of system() calls, especially those that enabled a remote-root exploit if this code was used "as is" - change logging from printf() to OpenVPN's plugin_log() - this requires changing to openvpn_plugin_open_v3() to get to the function pointers - change wacky "background and sleep in the shell call" to the double-fork/waitpid model we use in plugins/auth-pam (copy-paste code reuse) - OpenVPN 2.5 and later react badly to OPENVPN_PLUGIN_FUNC_ERROR returns to OPENVPN_PLUGIN_ENABLE_PF calls (SIGSEGV crash), so always return SUCCESS. Only hook ENABLE_PF if that functionality is actually requested ("setenv test_packet_filter NN"). - change deeply-nested functions auth_user_pass_verify() and tls_final() to use early-return style - actually make defered PF setup *work* with recent OpenVPNs (pre-creating temp files broke this, so unlink() the pre-created file in the ENABLE_PF hook, and re-create asyncronously later) - add lots of comments explaining why we do things this way Security issue reported by "oxr463" on HackerOne. Signed-off-by: Gert Doering <gert@greenie.muc.de> Acked-by: Arne Schwabe <arne@rfc2549.org> Message-Id: <20210121172536.32500-1-gert@greenie.muc.de> URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg21466.html Signed-off-by: Gert Doering <gert@greenie.muc.de> |
||
---|---|---|
.. | ||
client-connect | ||
defer | ||
keying-material-exporter-demo | ||
log | ||
simple | ||
Makefile.am | ||
Makefile.plugins | ||
README |
OpenVPN plug-in examples. Examples provided: * authentication and logging simple/simple.c -- using the --auth-user-pass-verify callback, verify that the username/password is "foo"/"bar". defer/simple.c -- using the --auth-user-pass-verify callback, test deferred authentication. log/log.c -- Extended variant of simple/simple.c which adds more logging of what is happening inside the plug-in log/log_v3.c -- A variant of log/log.c, which makes use of the OpenVPN plug-in v3 API. This will also log even more information related to certificates in use. * client-connect (and logging) client-connect/sample-client-connect -- demonstrate how to use the CLIENT_CONNECT and CLIENT_CONNECT_V2 hooks to achieve "per client configuration / logging / ..." actions, both in synchronous and async/deferred mode * cryptography related simple/base64.c -- Example using the OpenVPN exported base64 encode/decode functions keying-material-exporter-demo/keyingmaterialexporter.c -- Example based on TLS Keying Material Exporters over HTTP [RFC-5705] (openvpn/doc/keying-material-exporter.txt). For more details, see keying-material-exporter-demo/README To build on *BSD/Linux platforms (requires GNU Make): gmake (builds a default set of plug-ins) gmake simple/simple.so To build on Windows platform (MinGW): cd simple; ./winbuild simple.so To use in OpenVPN, add to config file: plugin simple.so (Linux/BSD/etc.) plugin simple.dll