From a50d8910bab55b4e02adfafd143bfa935e051ef6 Mon Sep 17 00:00:00 2001 From: Siddharth Date: Mon, 20 May 2024 19:48:23 -0400 Subject: [PATCH 1/8] Add PQ Groups and the provider for them --- src/Mayaqua/Encrypt.c | 8 ++++++++ src/Mayaqua/Network.c | 5 ++++- src/Mayaqua/Network.h | 2 ++ 3 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/Mayaqua/Encrypt.c b/src/Mayaqua/Encrypt.c index fed18bdb..fab64387 100644 --- a/src/Mayaqua/Encrypt.c +++ b/src/Mayaqua/Encrypt.c @@ -88,6 +88,7 @@ int ssl_clientcert_index = 0; #if OPENSSL_VERSION_NUMBER >= 0x30000000L static OSSL_PROVIDER *ossl_provider_legacy = NULL; static OSSL_PROVIDER *ossl_provider_default = NULL; +static OSSL_PROVIDER *ossl_provider_oqsprovider = NULL; #endif LOCK **ssl_lock_obj = NULL; @@ -3974,6 +3975,12 @@ void FreeCryptLibrary() OSSL_PROVIDER_unload(ossl_provider_legacy); ossl_provider_legacy = NULL; } + + if (ossl_provider_oqsprovider != NULL) + { + OSSL_PROVIDER_unload(ossl_provider_oqsprovider); + ossl_provider_oqsprovider = NULL; + } #endif } @@ -3996,6 +4003,7 @@ void InitCryptLibrary() #if OPENSSL_VERSION_NUMBER >= 0x30000000L ossl_provider_default = OSSL_PROVIDER_load(NULL, "legacy"); ossl_provider_legacy = OSSL_PROVIDER_load(NULL, "default"); + ossl_provider_oqsprovider = OSSL_PROVIDER_load(NULL, "oqsprovider"); #endif ssl_clientcert_index = SSL_get_ex_new_index(0, "struct SslClientCertInfo *", NULL, NULL, NULL); diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index c9ea7595..0aede291 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -25,6 +25,7 @@ #include #include +#include #ifdef OS_UNIX #include @@ -11905,6 +11906,8 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char Unlock(openssl_lock); } + SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST); + if (sock->ServerMode) { // Lock(ssl_connect_lock); @@ -11984,7 +11987,7 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char // Unlock(ssl_connect_lock); } else - { + { prev_timeout = GetTimeout(sock); SetTimeout(sock, ssl_timeout); // Client mode diff --git a/src/Mayaqua/Network.h b/src/Mayaqua/Network.h index 39e3f5fc..d6a0f29f 100644 --- a/src/Mayaqua/Network.h +++ b/src/Mayaqua/Network.h @@ -59,6 +59,8 @@ struct DYN_VALUE #define DEFAULT_CIPHER_LIST "ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES" +#define PQ_GROUP_LIST "?p521_kyber1024:?x25519_kyber768:P-512:X25519:P-256" + // SSL logging function //#define ENABLE_SSL_LOGGING #define SSL_LOGGING_DIRNAME "@ssl_log" From 2fe4ca0f8cc944e764692d72c8b01562d5af6d62 Mon Sep 17 00:00:00 2001 From: Siddharth Date: Mon, 20 May 2024 21:46:57 -0400 Subject: [PATCH 2/8] Fix incorrect PQ_GROUP_LIST string --- src/Mayaqua/Network.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Mayaqua/Network.h b/src/Mayaqua/Network.h index d6a0f29f..720a0770 100644 --- a/src/Mayaqua/Network.h +++ b/src/Mayaqua/Network.h @@ -59,7 +59,7 @@ struct DYN_VALUE #define DEFAULT_CIPHER_LIST "ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES" -#define PQ_GROUP_LIST "?p521_kyber1024:?x25519_kyber768:P-512:X25519:P-256" +#define PQ_GROUP_LIST "p521_kyber1024:x25519_kyber768:P-521:X25519:P-256" // SSL logging function //#define ENABLE_SSL_LOGGING From b2ec1bd5dd5421801a771231073776818894e8fb Mon Sep 17 00:00:00 2001 From: hiura Date: Sat, 8 Jun 2024 02:28:28 +0900 Subject: [PATCH 3/8] Change ssl error handler: Having to read all of the errors using ERR_get_error --- src/Mayaqua/Network.c | 31 ++++++++++++++++++++++++------- 1 file changed, 24 insertions(+), 7 deletions(-) diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index 52da1246..1ca4b708 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -12285,6 +12285,7 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size) Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__); return 0; } + ERR_clear_error(); ret = SSL_peek(ssl, &c, sizeof(c)); } Unlock(sock->ssl_lock); @@ -12316,9 +12317,11 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size) #endif ) { - UINT ssl_err_no = ERR_get_error(); + UINT ssl_err_no; + while (ssl_err_no = ERR_get_error()){ + Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL)); + }; - Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL)); Disconnect(sock); return 0; } @@ -12350,6 +12353,7 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size) ttparam = NewSocketTimeout(sock); #endif // UNIX_SOLARIS + ERR_clear_error(); ret = SSL_read(ssl, data, size); // Stop the timeout thread @@ -12420,9 +12424,11 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size) #endif ) { - UINT ssl_err_no = ERR_get_error(); + UINT ssl_err_no; + while (ssl_err_no = ERR_get_error()) { + Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL)); + }; - Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL)); Disconnect(sock); return 0; } @@ -12431,8 +12437,8 @@ UINT SecureRecv(SOCK *sock, void *data, UINT size) return SOCK_LATER; } } + Debug("%s %u e=%u SecureRecv() Disconnect\n", __FILE__, __LINE__, e); Disconnect(sock); - Debug("%s %u SecureRecv() Disconnect\n", __FILE__, __LINE__); return 0; } @@ -12459,6 +12465,7 @@ UINT SecureSend(SOCK *sock, void *data, UINT size) return 0; } + ERR_clear_error(); ret = SSL_write(ssl, data, size); #if OPENSSL_VERSION_NUMBER < 0x30000000L if (ret < 0) // OpenSSL version < 3.0.0 @@ -12502,12 +12509,22 @@ UINT SecureSend(SOCK *sock, void *data, UINT size) // Confirmation of the error value if (e == SSL_ERROR_WANT_READ || e == SSL_ERROR_WANT_WRITE || e == SSL_ERROR_SSL) { + if (e == SSL_ERROR_SSL) + { + UINT ssl_err_no; + while (ssl_err_no = ERR_get_error()) { + Debug("%s %u SSL_ERROR_SSL on ASYNC socket !!! ssl_err_no = %u: '%s'\n", __FILE__, __LINE__, ssl_err_no, ERR_error_string(ssl_err_no, NULL)); + }; + + Disconnect(sock); + return 0; + } + sock->WriteBlocked = true; return SOCK_LATER; } - Debug("%s %u e=%u\n", __FILE__, __LINE__, e); } - //Debug("%s %u SecureSend() Disconnect\n", __FILE__, __LINE__); + Debug("%s %u e=%u SecureSend() Disconnect\n", __FILE__, __LINE__, e); Disconnect(sock); return 0; } From dae352104ce41debb530a6d4d91e428a3746fbba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 16 Jun 2024 09:58:05 +0000 Subject: [PATCH 4/8] Bump braces Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../package-lock.json | 28 ++++++++++--------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/package-lock.json b/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/package-lock.json index dbfcbe5d..b854915a 100644 --- a/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/package-lock.json +++ b/developer_tools/vpnserver-jsonrpc-clients/vpnserver-jsonrpc-client-nodejs-package/package-lock.json @@ -65,12 +65,23 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" + }, + "dependencies": { + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + } } }, "builtin-modules": { @@ -151,15 +162,6 @@ "integrity": "sha1-Cr9PHKpbyx96nYrMbepPqqBLrJs=", "dev": true }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, "fs.realpath": { "version": "1.0.0", "resolved": "https://registry.npmjs.org/fs.realpath/-/fs.realpath-1.0.0.tgz", From 6825234e0a6e1ff45118467caab6d7d676a48fe1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Jun 2024 15:36:07 +0000 Subject: [PATCH 5/8] Bump braces in /src/bin/hamcore/wwwroot/admin/default Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- .../wwwroot/admin/default/package-lock.json | 28 ++++++++++--------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/src/bin/hamcore/wwwroot/admin/default/package-lock.json b/src/bin/hamcore/wwwroot/admin/default/package-lock.json index 65ae50a8..b15268b9 100644 --- a/src/bin/hamcore/wwwroot/admin/default/package-lock.json +++ b/src/bin/hamcore/wwwroot/admin/default/package-lock.json @@ -373,12 +373,23 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" + }, + "dependencies": { + "fill-range": { + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", + "dev": true, + "requires": { + "to-regex-range": "^5.0.1" + } + } } }, "browserslist": { @@ -603,15 +614,6 @@ "integrity": "sha512-eRnCtTTtGZFpQCwhJiUOuxPQWRXVKYDn0b2PeHfXL6/Zi53SLAzAHfVhVWK2AryC/WH05kGfxhFIPvTF0SXQzg==", "dev": true }, - "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", - "dev": true, - "requires": { - "to-regex-range": "^5.0.1" - } - }, "find-up": { "version": "4.1.0", "resolved": "https://registry.npmjs.org/find-up/-/find-up-4.1.0.tgz", From b06486b37d9e7228bcb4629b2120b5b41f1ba26a Mon Sep 17 00:00:00 2001 From: Siddharth Date: Tue, 18 Jun 2024 00:01:58 -0400 Subject: [PATCH 6/8] Remove unecessary provider include --- src/Mayaqua/Network.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index 0aede291..ce5421b8 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -25,7 +25,6 @@ #include #include -#include #ifdef OS_UNIX #include From 68964ab0d795835e4d36e707baf8a1cad23bc481 Mon Sep 17 00:00:00 2001 From: Siddharth Date: Tue, 18 Jun 2024 16:09:10 -0400 Subject: [PATCH 7/8] Guard variables with OpenSSL version --- src/Mayaqua/Network.c | 6 ++++-- src/Mayaqua/Network.h | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/src/Mayaqua/Network.c b/src/Mayaqua/Network.c index ee25308c..6b53ecfb 100644 --- a/src/Mayaqua/Network.c +++ b/src/Mayaqua/Network.c @@ -11905,8 +11905,10 @@ bool StartSSLEx3(SOCK *sock, X *x, K *priv, LIST *chain, UINT ssl_timeout, char Unlock(openssl_lock); } - SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST); - + #if OPENSSL_VERSION_NUMBER >= 0x30000000L + SSL_set1_groups_list(sock->ssl, PQ_GROUP_LIST); + #endif + if (sock->ServerMode) { // Lock(ssl_connect_lock); diff --git a/src/Mayaqua/Network.h b/src/Mayaqua/Network.h index 720a0770..94a50c2b 100644 --- a/src/Mayaqua/Network.h +++ b/src/Mayaqua/Network.h @@ -59,7 +59,9 @@ struct DYN_VALUE #define DEFAULT_CIPHER_LIST "ECDHE+AESGCM:ECDHE+CHACHA20:DHE+AESGCM:DHE+CHACHA20:ECDHE+AES256:DHE+AES256:RSA+AES" +#if OPENSSL_VERSION_NUMBER >= 0x30000000L #define PQ_GROUP_LIST "p521_kyber1024:x25519_kyber768:P-521:X25519:P-256" +#endif // SSL logging function //#define ENABLE_SSL_LOGGING From 6f57449164af95ef7846cc54fb60c9268dfe317b Mon Sep 17 00:00:00 2001 From: Ilia Shipitsin Date: Sat, 22 Jun 2024 18:53:35 +0200 Subject: [PATCH 8/8] src/Cedar/Proto_IKE.c: ignore packets with no IPSec SA many thanks to Jonathan Phillibert from Amazon Web Services for investigating and reporting that responding to such packets might lead to traffic amplification --- src/Cedar/Proto_IKE.c | 34 ++++------------------------------ 1 file changed, 4 insertions(+), 30 deletions(-) diff --git a/src/Cedar/Proto_IKE.c b/src/Cedar/Proto_IKE.c index beaf09ab..5d407494 100644 --- a/src/Cedar/Proto_IKE.c +++ b/src/Cedar/Proto_IKE.c @@ -463,39 +463,13 @@ void ProcIPsecEspPacketRecv(IKE_SERVER *ike, UDPPACKET *p) seq = READ_UINT(src + sizeof(UINT)); // Search and retrieve the IPsec SA from SPI + + // thank to @phillibert report, responding to bad SA might lead to amplification + // according to RFC4303 we should drop such packets + ipsec_sa = SearchClientToServerIPsecSaBySpi(ike, spi); if (ipsec_sa == NULL) { - // Invalid SPI - UINT64 init_cookie = Rand64(); - UINT64 resp_cookie = 0; - IKE_CLIENT *c = NULL; - IKE_CLIENT t; - - - Copy(&t.ClientIP, &p->SrcIP, sizeof(IP)); - t.ClientPort = p->SrcPort; - Copy(&t.ServerIP, &p->DstIP, sizeof(IP)); - t.ServerPort = p->DestPort; - t.CurrentIkeSa = NULL; - - if (p->DestPort == IPSEC_PORT_IPSEC_ESP_RAW) - { - t.ClientPort = t.ServerPort = IPSEC_PORT_IPSEC_ISAKMP; - } - - c = Search(ike->ClientList, &t); - - if (c != NULL && c->CurrentIkeSa != NULL) - { - init_cookie = c->CurrentIkeSa->InitiatorCookie; - resp_cookie = c->CurrentIkeSa->ResponderCookie; - } - - SendInformationalExchangePacketEx(ike, (c == NULL ? &t : c), IkeNewNoticeErrorInvalidSpiPayload(spi), false, - init_cookie, resp_cookie); - - SendDeleteIPsecSaPacket(ike, (c == NULL ? &t : c), spi); return; }