Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add obsolete-server-crypto and pfs tests
These are designed to ensure that we don't inadvertently break compatibility with legacy/obsolete server crypto, and also that we don't *inadvertently connect* to less-secure crypto than requested. Current checks: - connect to a server whose only ciphers are 3DES and/or RC4 [if and only if] `--allow-insecure-crypto` is specified - connect to a server whose only KX is RSA KX [if and only if] `--pfs` is [not specified] Tricky parts: - Override GnuTLS system crypto policy in obsolete-server-crypto test config, because this may be needed for newer versions of GnuTLS to obey it. (per nmav: https://gitlab.com/openconnect/openconnect/-/issues/145#note_346497960) - OpenSSL 1.1.0+ removes 3DES and RC4 from the default build (https://www.openssl.org/blog/blog/2016/08/24/sweet32), so there is no way to re-enable without rebuilding from source. Therefore, obsolete-server-crypto test is marked as XFAIL on all CI builds using it. - Recent GnuTLS versions which support TLS1.3 implicitly allow non-RSA KX (due to VERS-TLS1.3 ciphersuites) even when -KX-ALL:+RSA is in the priority string; in order to actually test RSA-only KX, we need to ensure that TLS1.3 is disabled. See #149. Signed-off-by: Daniel Lenski <dlenski@gmail.com>
- Loading branch information
Showing
8 changed files
with
321 additions
and
9 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,184 @@ | ||
# User authentication method. Could be set multiple times and in that case | ||
# all should succeed. | ||
# Options: certificate, pam. | ||
#auth = "certificate" | ||
auth = "plain[@abs_top_srcdir@/tests/configs/test1.passwd]" | ||
#auth = "pam" | ||
|
||
# A banner to be displayed on clients | ||
#banner = "Welcome" | ||
|
||
# Use listen-host to limit to specific IPs or to the IPs of a provided hostname. | ||
#listen-host = [IP|HOSTNAME] | ||
|
||
use-dbus = no | ||
|
||
# Limit the number of clients. Unset or set to zero for unlimited. | ||
#max-clients = 1024 | ||
max-clients = 16 | ||
|
||
# Limit the number of client connections to one every X milliseconds | ||
# (X is the provided value). Set to zero for no limit. | ||
rate-limit-ms = 0 | ||
|
||
# Don't ban failing clients because cert-fingerprint does that on purpose | ||
max-ban-score = 0 | ||
|
||
# Limit the number of identical clients (i.e., users connecting multiple times) | ||
# Unset or set to zero for unlimited. | ||
max-same-clients = 2 | ||
|
||
# TCP and UDP port number | ||
tcp-port = @PORT@ | ||
udp-port = @PORT@ | ||
|
||
# Keepalive in seconds | ||
keepalive = 32400 | ||
|
||
# Dead peer detection in seconds | ||
dpd = 440 | ||
|
||
# MTU discovery (DPD must be enabled) | ||
try-mtu-discovery = false | ||
|
||
# The key and the certificates of the server | ||
# The key may be a file, or any URL supported by GnuTLS (e.g., | ||
# tpmkey:uuid=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx;storage=user | ||
# or pkcs11:object=my-vpn-key;object-type=private) | ||
# | ||
# There may be multiple certificate and key pairs and each key | ||
# should correspond to the preceding certificate. | ||
server-cert = @abs_top_srcdir@/tests/certs/server-cert.pem | ||
server-key = @abs_top_srcdir@/tests/certs/server-key.pem | ||
|
||
# Diffie-Hellman parameters. Only needed if you require support | ||
# for the DHE ciphersuites (by default this server supports ECDHE). | ||
# Can be generated using: | ||
# certtool --generate-dh-params --outfile /path/to/dh.pem | ||
#dh-params = /path/to/dh.pem | ||
|
||
# If you have a certificate from a CA that provides an OCSP | ||
# service you may provide a fresh OCSP status response within | ||
# the TLS handshake. That will prevent the client from connecting | ||
# independently on the OCSP server. | ||
# You can update this response periodically using: | ||
# ocsptool --ask --load-cert=your_cert --load-issuer=your_ca --outfile response | ||
# Make sure that you replace the following file in an atomic way. | ||
#ocsp-response = /path/to/ocsp.der | ||
|
||
# In case PKCS #11 or TPM keys are used the PINs should be available | ||
# in files. The srk-pin-file is applicable to TPM keys only (It's the storage | ||
# root key). | ||
#pin-file = /path/to/pin.txt | ||
#srk-pin-file = /path/to/srkpin.txt | ||
|
||
# The Certificate Authority that will be used | ||
# to verify clients if certificate authentication | ||
# is set. | ||
ca-cert = @abs_top_srcdir@/tests/certs/ca.pem | ||
|
||
# The object identifier that will be used to read the user ID in the client certificate. | ||
# The object identifier should be part of the certificate's DN | ||
# Useful OIDs are: | ||
# CN = 2.5.4.3, UID = 0.9.2342.19200300.100.1.1 | ||
cert-user-oid = 0.9.2342.19200300.100.1.1 | ||
|
||
# The object identifier that will be used to read the user group in the client | ||
# certificate. The object identifier should be part of the certificate's DN | ||
# Useful OIDs are: | ||
# OU (organizational unit) = 2.5.4.11 | ||
#cert-group-oid = 2.5.4.11 | ||
|
||
# A revocation list of ca-cert is set | ||
#crl = /path/to/crl.pem | ||
|
||
# GnuTLS priority string | ||
tls-priorities = "@TLS_PRIORITIES@" | ||
|
||
# The time (in seconds) that a client is allowed to stay connected prior | ||
# to authentication | ||
auth-timeout = 40 | ||
|
||
# The time (in seconds) that a client is not allowed to reconnect after | ||
# a failed authentication attempt. | ||
#min-reauth-time = 2 | ||
|
||
# Cookie validity time (in seconds) | ||
# Once a client is authenticated he's provided a cookie with | ||
# which he can reconnect. This option sets the maximum lifetime | ||
# of that cookie. | ||
cookie-validity = 172800 | ||
|
||
# Script to call when a client connects and obtains an IP | ||
# Parameters are passed on the environment. | ||
# REASON, USERNAME, GROUPNAME, HOSTNAME (the hostname selected by client), | ||
# DEVICE, IP_REAL (the real IP of the client), IP_LOCAL (the local IP | ||
# in the P-t-P connection), IP_REMOTE (the VPN IP of the client). REASON | ||
# may be "connect" or "disconnect". | ||
#connect-script = /usr/bin/myscript | ||
#disconnect-script = /usr/bin/myscript | ||
|
||
# UTMP | ||
use-utmp = true | ||
|
||
# PID file | ||
pid-file = ./ocserv.pid | ||
|
||
# The default server directory. Does not require any devices present. | ||
#chroot-dir = /path/to/chroot | ||
|
||
# socket file used for IPC, will be appended with .PID | ||
# It must be accessible within the chroot environment (if any) | ||
socket-file = ./ocserv-socket | ||
|
||
# The user the worker processes will be run as. It should be | ||
# unique (no other services run as this user). | ||
run-as-user = @OCSERV_USER@ | ||
run-as-group = @OCSERV_GROUP@ | ||
|
||
# Network settings | ||
|
||
device = vpns | ||
|
||
# The default domain to be advertised | ||
default-domain = example.com | ||
|
||
ipv4-network = 192.168.1.0 | ||
ipv4-netmask = 255.255.255.0 | ||
# Use the keywork local to advertize the local P-t-P address as DNS server | ||
ipv4-dns = 192.168.1.1 | ||
|
||
# The NBNS server (if any) | ||
#ipv4-nbns = 192.168.2.3 | ||
|
||
#ipv6-address = | ||
#ipv6-mask = | ||
#ipv6-dns = | ||
|
||
# Prior to leasing any IP from the pool ping it to verify that | ||
# it is not in use by another (unrelated to this server) host. | ||
ping-leases = false | ||
|
||
# Leave empty to assign the default MTU of the device | ||
# mtu = | ||
|
||
route = 192.168.1.0/255.255.255.0 | ||
#route = 192.168.5.0/255.255.255.0 | ||
|
||
# | ||
# The following options are for (experimental) AnyConnect client | ||
# compatibility. They are only available if the server is built | ||
# with --enable-anyconnect | ||
# | ||
|
||
# Client profile xml. A sample file exists in doc/profile.xml. | ||
# This file must be accessible from inside the worker's chroot. | ||
# The profile is ignored by the openconnect client. | ||
#user-profile = profile.xml | ||
|
||
# Unless set to false it is required for clients to present their | ||
# certificate even if they are authenticating via a previously granted | ||
# cookie. Legacy CISCO clients do not do that, and thus this option | ||
# should be set for them. | ||
cisco-client-compat = true | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,62 @@ | ||
#!/bin/sh | ||
# | ||
# Copyright (C) 2020 Daniel Lenski | ||
# | ||
# This file is part of openconnect. | ||
# | ||
# This is free software; you can redistribute it and/or | ||
# modify it under the terms of the GNU Lesser General Public License | ||
# as published by the Free Software Foundation; either version 2.1 of | ||
# the License, or (at your option) any later version. | ||
# | ||
# This library is distributed in the hope that it will be useful, but | ||
# WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
# Lesser General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU Lesser General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/> | ||
|
||
SERV="${SERV:-../src/ocserv}" | ||
srcdir=${srcdir:-.} | ||
top_builddir=${top_builddir:-..} | ||
|
||
. `dirname $0`/common.sh | ||
|
||
######################################## | ||
# Need to override mandatory system-wide crypto policy on Fedora 31+, | ||
# for both ocserv and openconnect. | ||
######################################## | ||
|
||
export GNUTLS_SYSTEM_PRIORITY_FILE=/dev/null | ||
|
||
######################################## | ||
# Verify that we cannot connect to a server offering only obsolete, insecure | ||
# crypto UNLESS --allow-insecure-crypto is specified. | ||
######################################## | ||
|
||
echo "Testing against server with insecure crypto (3DES and RC4 only)... " | ||
|
||
# Run servers | ||
PORT=4568 | ||
TLS_PRIORITIES="LEGACY:%SERVER_PRECEDENCE:%COMPAT:-VERS-TLS-ALL:+VERS-TLS1.0:-CIPHER-ALL:+3DES-CBC:+ARCFOUR-128:+MD5:+SHA1" | ||
update_config test-obsolete-server-crypto.config | ||
launch_simple_sr_server -d 1 -f -c $CONFIG | ||
PID=$! | ||
wait_server $PID | ||
|
||
echo -n "Connecting without --allow-insecure-crypto... " | ||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1) && | ||
fail $PID "Connected successfully when we shouldn't" | ||
|
||
echo ok | ||
|
||
echo -n "Connecting with --allow-insecure-crypto... " | ||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --allow-insecure-crypto --cookieonly >/dev/null 2>&1) || | ||
fail $PID "Could not connect and obtain cookie with --allow-insecure-crypto" | ||
|
||
echo ok | ||
|
||
cleanup | ||
|
||
exit 0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,57 @@ | ||
#!/bin/sh | ||
# | ||
# Copyright (C) 2020 Daniel Lenski | ||
# | ||
# This file is part of openconnect. | ||
# | ||
# This is free software; you can redistribute it and/or | ||
# modify it under the terms of the GNU Lesser General Public License | ||
# as published by the Free Software Foundation; either version 2.1 of | ||
# the License, or (at your option) any later version. | ||
# | ||
# This library is distributed in the hope that it will be useful, but | ||
# WITHOUT ANY WARRANTY; without even the implied warranty of | ||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | ||
# Lesser General Public License for more details. | ||
# | ||
# You should have received a copy of the GNU Lesser General Public License | ||
# along with this program. If not, see <http://www.gnu.org/licenses/> | ||
|
||
SERV="${SERV:-../src/ocserv}" | ||
srcdir=${srcdir:-.} | ||
top_builddir=${top_builddir:-..} | ||
|
||
. `dirname $0`/common.sh | ||
|
||
######################################## | ||
# Verify that we cannot connect to a server offering only RSA key exchange | ||
# IF --pfs is specified to require perfect forward secrecy, but that we | ||
# CAN connect if it is not specified. | ||
######################################## | ||
|
||
echo "Testing against server without PFS... " | ||
|
||
# Need to disable TLS 1.3 here because GnuTLS v3.6.13 is allowing non-RSA KX with TLS 1.3, even with -KX-ALL | ||
# But can't use -VERS-TLS1.3 here, because it's not known to earlier versions of GnuTLS. | ||
PORT=4569 | ||
TLS_PRIORITIES="LEGACY:%SERVER_PRECEDENCE:%COMPAT:-VERS-TLS-ALL:+VERS-TLS1.0:+VERS-TLS1.1:+VERS-TLS1.2:-KX-ALL:+RSA" | ||
update_config test-obsolete-server-crypto.config | ||
launch_simple_sr_server -d 1 -f -c $CONFIG | ||
PID=$! | ||
wait_server $PID | ||
|
||
echo -n "Connecting with --pfs... " | ||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --pfs --cookieonly >/dev/null 2>&1) && | ||
fail $PID "Connected successfully when we shouldn't" | ||
|
||
echo ok | ||
|
||
echo -n "Connecting without --pfs... " | ||
( echo "test" | LD_PRELOAD=libsocket_wrapper.so $OPENCONNECT -q $ADDRESS:$PORT -u test --servercert=d66b507ae074d03b02eafca40d35f87dd81049d3 --cookieonly >/dev/null 2>&1) || | ||
fail $PID "Could not connect and obtain cookie without --pfs" | ||
|
||
echo ok | ||
|
||
cleanup | ||
|
||
exit 0 |
Oops, something went wrong.