[Openvpn-devel] [S] Change in openvpn[master]: proxy.c: Clear sensitive data after use

Wed, 14 Aug 2024 20:21:04 -0700 

Attention is currently required from: flichtenheld, plaisthos.

Hello plaisthos, flichtenheld,

I'd like you to do a code review.
Please visit

    http://gerrit.openvpn.net/c/openvpn/+/727?usp=email

to review the following change.


Change subject: proxy.c: Clear sensitive data after use
......................................................................

proxy.c: Clear sensitive data after use

Usage of credentials  is a bit odd in this file.
Actually the copy of "struct user_pass" kept in p->up is not
required at all. It just defeats the purpose of auth-nocahe
as it never gets cleared.

Removing it is beyond the scope of this patch -- we just ensure
it's purged after use.

Change-Id: Ic6d63a319d272a56ac0e278f1356bc5241b56a34
---
M src/openvpn/proxy.c
1 file changed, 10 insertions(+), 1 deletion(-)



  git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/27/727/1

diff --git a/src/openvpn/proxy.c b/src/openvpn/proxy.c
index 5de0da4..eddacc9 100644
--- a/src/openvpn/proxy.c
+++ b/src/openvpn/proxy.c
@@ -247,7 +247,9 @@
     struct buffer out = alloc_buf_gc(strlen(p->up.username) + 
strlen(p->up.password) + 2, gc);
     ASSERT(strlen(p->up.username) > 0);
     buf_printf(&out, "%s:%s", p->up.username, p->up.password);
-    return (const char *)make_base64_string((const uint8_t *)BSTR(&out), gc);
+    char *ret = (char *)make_base64_string((const uint8_t *)BSTR(&out), gc);
+    secure_memzero(BSTR(&out), out.len);
+    return ret;
 }

 static void
@@ -736,6 +738,9 @@
                 ASSERT(0);
         }

+        /* clear any sensitive content in buf */
+        secure_memzero(buf, sizeof(buf));
+
         /* send empty CR, LF */
         if (!send_crlf(sd))
         {
@@ -983,6 +988,8 @@
                 {
                     goto error;
                 }
+                /* clear any sensitive content in buf */
+                secure_memzero(buf, sizeof(buf));

                 /* receive reply from proxy */
                 if (!recv_line(sd, buf, sizeof(buf), 
get_server_poll_remaining_time(server_poll_timeout), true, NULL, 
signal_received))
@@ -1086,10 +1093,12 @@
 #endif

 done:
+    purge_user_pass(&p->up, true);
     gc_free(&gc);
     return ret;

 error:
+    purge_user_pass(&p->up, true);
     register_signal(sig_info, SIGUSR1, "HTTP proxy error"); /* SOFT-SIGUSR1 -- 
HTTP proxy error */
     gc_free(&gc);
     return ret;

--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/727?usp=email
To unsubscribe, or for help writing mail filters, visit 
http://gerrit.openvpn.net/settings

Gerrit-Project: openvpn
Gerrit-Branch: master
Gerrit-Change-Id: Ic6d63a319d272a56ac0e278f1356bc5241b56a34
Gerrit-Change-Number: 727
Gerrit-PatchSet: 1
Gerrit-Owner: selvanair <selva.n...@gmail.com>
Gerrit-Reviewer: flichtenheld <fr...@lichtenheld.com>
Gerrit-Reviewer: plaisthos <arne-open...@rfc2549.org>
Gerrit-CC: openvpn-devel <openvpn-devel@lists.sourceforge.net>
Gerrit-Attention: plaisthos <arne-open...@rfc2549.org>
Gerrit-Attention: flichtenheld <fr...@lichtenheld.com>
Gerrit-MessageType: newchange

_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel






















					Reply via email to