Attention is currently required from: plaisthos.
Hello plaisthos,
I'd like you to do a code review.
Please visit
http://gerrit.openvpn.net/c/openvpn/+/1401?usp=email
to review the following change.
Change subject: Harden interactive service pipe
......................................................................
Harden interactive service pipe
- Append a version 4 uuid to ovpn_pipe_name to make it less
predictable
- Do not allow remote access to the pipe
This greatly reduces the possibility of a rogue process racing to
open the pipe before CreateFile() is called in the worker thread.
Reported-by: Marc Heuse <[email protected]>
Change-Id: Ie66a142751354e421d48b273784fc79bcb9f7208
Signed-off-by: Selva Nair <[email protected]>
---
M src/openvpnserv/interactive.c
1 file changed, 21 insertions(+), 2 deletions(-)
git pull ssh://gerrit.openvpn.net:29418/openvpn refs/changes/01/1401/1
diff --git a/src/openvpnserv/interactive.c b/src/openvpnserv/interactive.c
index c717e99..2dc865e 100644
--- a/src/openvpnserv/interactive.c
+++ b/src/openvpnserv/interactive.c
@@ -1955,11 +1955,30 @@
goto out;
}
+ UUID pipe_uuid;
+ RPC_STATUS rpc_stat = UuidCreate(&pipe_uuid);
+ if (rpc_stat != RPC_S_OK)
+ {
+ ReturnError(pipe, rpc_stat, L"UuidCreate", 1, &exit_event);
+ goto out;
+ }
+
+ RPC_WSTR pipe_uuid_str = NULL;
+ rpc_stat = UuidToStringW(&pipe_uuid, &pipe_uuid_str);
+ if (rpc_stat != RPC_S_OK)
+ {
+ ReturnError(pipe, rpc_stat, L"UuidToString", 1, &exit_event);
+ goto out;
+ }
openvpn_swprintf(ovpn_pipe_name, _countof(ovpn_pipe_name),
- TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu"),
service_instance, GetCurrentThreadId());
+ TEXT("\\\\.\\pipe\\" PACKAGE "%ls\\service_%lu_%ls"),
service_instance,
+ GetCurrentThreadId(), pipe_uuid_str);
+ RpcStringFree(&pipe_uuid_str);
+
ovpn_pipe = CreateNamedPipe(ovpn_pipe_name,
PIPE_ACCESS_DUPLEX |
FILE_FLAG_FIRST_PIPE_INSTANCE | FILE_FLAG_OVERLAPPED,
- PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE |
PIPE_WAIT, 1, 128, 128, 0, NULL);
+ PIPE_TYPE_MESSAGE | PIPE_READMODE_MESSAGE |
PIPE_WAIT | PIPE_REJECT_REMOTE_CLIENTS,
+ 1, 128, 128, 0, NULL);
if (ovpn_pipe == INVALID_HANDLE_VALUE)
{
ReturnLastError(pipe, L"CreateNamedPipe");
--
To view, visit http://gerrit.openvpn.net/c/openvpn/+/1401?usp=email
To unsubscribe, or for help writing mail filters, visit
http://gerrit.openvpn.net/settings?usp=email
Gerrit-MessageType: newchange
Gerrit-Project: openvpn
Gerrit-Branch: release/2.6
Gerrit-Change-Id: Ie66a142751354e421d48b273784fc79bcb9f7208
Gerrit-Change-Number: 1401
Gerrit-PatchSet: 1
Gerrit-Owner: selvanair <[email protected]>
Gerrit-Reviewer: plaisthos <[email protected]>
Gerrit-CC: openvpn-devel <[email protected]>
Gerrit-Attention: plaisthos <[email protected]>
_______________________________________________
Openvpn-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
