From 82455be966027a087a2ac23e3464594c81d7b111 Mon Sep 17 00:00:00 2001 From: Guus Sliepen Date: Sun, 25 Feb 2001 19:09:45 +0000 Subject: [PATCH] Implemented new authentication scheme from doc/SECURITY2. --- src/net.c | 4 +- src/protocol.c | 103 ++++++++++++------------------------------------- src/protocol.h | 7 ++-- 3 files changed, 30 insertions(+), 84 deletions(-) diff --git a/src/net.c b/src/net.c index 7ebe37b..de1ac58 100644 --- a/src/net.c +++ b/src/net.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: net.c,v 1.35.4.96 2001/02/25 16:34:17 guus Exp $ + $Id: net.c,v 1.35.4.97 2001/02/25 19:09:41 guus Exp $ */ #include "config.h" @@ -1297,6 +1297,8 @@ cp } connection_add(ncn); + + send_id(ncn); cp return 0; } diff --git a/src/protocol.c b/src/protocol.c index 31d2206..a61e87b 100644 --- a/src/protocol.c +++ b/src/protocol.c @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.c,v 1.28.4.80 2001/02/25 16:34:19 guus Exp $ + $Id: protocol.c,v 1.28.4.81 2001/02/25 19:09:43 guus Exp $ */ #include "config.h" @@ -187,8 +187,6 @@ cp int send_id(connection_t *cl) { -cp - cl->allow_request = CHALLENGE; cp return send_request(cl, "%d %s %d %lx %hd", ID, myself->name, myself->protocol_version, myself->options, myself->port); } @@ -263,13 +261,14 @@ cp cl->port = port; avl_insert_node(connection_tree, node); - /* Read in the public key, so that we can send a challenge */ + /* Read in the public key, so that we can send a metakey */ if(read_rsa_public_key(cl)) return -1; + cl->allow_request = METAKEY; cp - return send_challenge(cl); + return send_metakey(cl); } int send_challenge(connection_t *cl) @@ -277,6 +276,8 @@ int send_challenge(connection_t *cl) char *buffer; int len, x; cp + /* CHECKME: what is most reasonable value for len? */ + len = RSA_size(cl->rsa_key); /* Allocate buffers for the challenge */ @@ -292,32 +293,15 @@ cp RAND_bytes(cl->hischallenge, len); - cl->hischallenge[0] &= 0x7F; /* Somehow if the first byte is more than 0xD0 or something like that, decryption fails... */ -cp - if(debug_lvl >= DEBUG_SCARY_THINGS) - { - bin2hex(cl->hischallenge, buffer, len); - buffer[len*2] = '\0'; - syslog(LOG_DEBUG, _("Generated random challenge (unencrypted): %s"), buffer); - } - - /* Encrypt the random data */ - - if(RSA_public_encrypt(len, cl->hischallenge, buffer, cl->rsa_key, RSA_NO_PADDING) != len) /* NO_PADDING because the message size equals the RSA key size and it is totally random */ - { - syslog(LOG_ERR, _("Error during encryption of challenge for %s (%s)"), cl->name, cl->hostname); - free(buffer); - return -1; - } cp - /* Convert the encrypted random data to a hexadecimal formatted string */ + /* Convert to hex */ - bin2hex(buffer, buffer, len); + bin2hex(cl->hischallenge, buffer, len); buffer[len*2] = '\0'; + cp /* Send the challenge */ - cl->allow_request = CHAL_REPLY; x = send_request(cl, "%d %s", CHALLENGE, buffer); free(buffer); cp @@ -352,22 +336,9 @@ cp /* Convert the challenge from hexadecimal back to binary */ - hex2bin(buffer,buffer,len); + hex2bin(buffer,cl->mychallenge,len); - /* Decrypt the challenge */ - - if(RSA_private_decrypt(len, buffer, cl->mychallenge, myself->rsa_key, RSA_NO_PADDING) != len) /* See challenge() */ - { - syslog(LOG_ERR, _("Error during encryption of challenge for %s (%s)"), cl->name, cl->hostname); - return -1; - } - - if(debug_lvl >= DEBUG_SCARY_THINGS) - { - bin2hex(cl->mychallenge, buffer, len); - buffer[len*2] = '\0'; - syslog(LOG_DEBUG, _("Received random challenge (unencrypted): %s"), buffer); - } + cl->allow_request = CHAL_REPLY; /* Rest is done by send_chal_reply() */ cp @@ -395,11 +366,6 @@ cp /* Send the reply */ - if(cl->status.outgoing) - cl->allow_request = ID; - else - cl->allow_request = METAKEY; - cp return send_request(cl, "%d %s", CHAL_REPLY, hash); } @@ -445,16 +411,11 @@ cp return -1; } - /* Identity has now been positively verified. - If we are accepting this new connection, then send our identity, - if we are making this connecting, acknowledge. + ack_h() handles the rest from now on. */ cp - if(cl->status.outgoing) - return send_metakey(cl); - else - return send_id(cl); + return ack_h(cl); } int send_metakey(connection_t *cl) @@ -503,15 +464,14 @@ cp /* Send the meta key */ - if(cl->status.outgoing) - cl->allow_request = METAKEY; - else - cl->allow_request = ACK; - x = send_request(cl, "%d %s", METAKEY, buffer); free(buffer); + /* Further outgoing requests are encrypted with the key we just generated */ + EVP_EncryptInit(cl->cipher_outctx, EVP_bf_cfb(), cl->cipher_outkey, cl->cipher_outkey + EVP_bf_cfb()->key_len); + + cl->status.encryptout = 1; cp return x; } @@ -564,26 +524,15 @@ cp syslog(LOG_DEBUG, _("Received random meta key (unencrypted): %s"), buffer); } + /* All incoming requests will now be encrypted. */ + EVP_DecryptInit(cl->cipher_inctx, EVP_bf_cfb(), cl->cipher_inkey, cl->cipher_inkey + EVP_bf_cfb()->key_len); -cp - if(cl->status.outgoing) - return send_ack(cl); - else - return send_metakey(cl); -} - -int send_ack(connection_t *cl) -{ - int x; -cp - if(cl->status.outgoing) - cl->allow_request = ACK; + cl->status.decryptin = 1; - x = send_request(cl, "%d", ACK); - cl->status.encryptout = 1; + cl->allow_request = CHALLENGE; cp - return x; + return send_challenge(cl); } int ack_h(connection_t *cl) @@ -611,7 +560,6 @@ cp cl->allow_request = ALL; cl->status.active = 1; - cl->status.decryptin = 1; cl->nexthop = cl; cl->cipher_pkttype = EVP_bf_cbc(); cl->cipher_pktkeylength = cl->cipher_pkttype->key_len + cl->cipher_pkttype->iv_len; @@ -620,9 +568,6 @@ cp syslog(LOG_NOTICE, _("Connection with %s (%s) activated"), cl->name, cl->hostname); cp - if(!cl->status.outgoing) - send_ack(cl); - /* Check some options */ if((cfg = get_config_val(cl->config, config_indirectdata))) @@ -1349,7 +1294,7 @@ int tcppacket_h(connection_t *cl) /* Jumptable for the request handlers */ int (*request_handlers[])(connection_t*) = { - id_h, challenge_h, chal_reply_h, metakey_h, ack_h, + id_h, metakey_h, challenge_h, chal_reply_h, status_h, error_h, termreq_h, ping_h, pong_h, add_host_h, del_host_h, @@ -1361,7 +1306,7 @@ int (*request_handlers[])(connection_t*) = { /* Request names */ char (*request_name[]) = { - "ID", "CHALLENGE", "CHAL_REPLY", "METAKEY", "ACK", + "ID", "METAKEY", "CHALLENGE", "CHAL_REPLY", "STATUS", "ERROR", "TERMREQ", "PING", "PONG", "ADD_HOST", "DEL_HOST", diff --git a/src/protocol.h b/src/protocol.h index 16248c0..54cf67e 100644 --- a/src/protocol.h +++ b/src/protocol.h @@ -17,7 +17,7 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. - $Id: protocol.h,v 1.5.4.19 2001/01/07 20:19:35 guus Exp $ + $Id: protocol.h,v 1.5.4.20 2001/02/25 19:09:45 guus Exp $ */ #ifndef __TINC_PROTOCOL_H__ @@ -30,13 +30,13 @@ incompatible version have different protocols. */ -#define PROT_CURRENT 8 +#define PROT_CURRENT 9 /* Request numbers */ enum { ALL = -1, /* Guardian for allow_request */ - ID = 0, CHALLENGE, CHAL_REPLY, METAKEY, ACK, + ID = 0, METAKEY, CHALLENGE, CHAL_REPLY, STATUS, ERROR, TERMREQ, PING, PONG, ADD_HOST, DEL_HOST, @@ -57,7 +57,6 @@ extern int send_id(connection_t*); extern int send_challenge(connection_t*); extern int send_chal_reply(connection_t*); extern int send_metakey(connection_t*); -extern int send_ack(connection_t*); extern int send_status(connection_t*, int, char*); extern int send_error(connection_t*, int, char*); extern int send_termreq(connection_t*); -- 2.25.1