Commit Graph

1222 Commits

Author SHA1 Message Date
Thomas Haller
e90e1536c9 libnm/docs: clarify which interface to share with ipvx.method=shared 2018-09-07 12:45:38 +02:00
Thomas Haller
62d14e1884 platform/wireguard: rework parsing wireguard links in platform
- previously, parsing wireguard genl data resulted in memory corruption:

  - _wireguard_update_from_allowedips_nla() takes pointers to

      allowedip = &g_array_index (buf->allowedips, NMWireGuardAllowedIP, buf->allowedips->len - 1);

    but resizing the GArray will invalidate this pointer. This happens
    when there are multiple allowed-ips to parse.

  - there was some confusion who owned the allowedips pointers.
    _wireguard_peers_cpy() and _vt_cmd_obj_dispose_lnk_wireguard()
    assumed each peer owned their own chunk, but _wireguard_get_link_properties()
    would not duplicate the memory properly.

- rework memory handling for allowed_ips. Now, the NMPObjectLnkWireGuard
  keeps a pointer _allowed_ips_buf. This buffer contains the instances for
  all peers.
  The parsing of the netlink message is the complicated part, because
  we don't know upfront how many peers/allowed-ips we receive. During
  construction, the tracking of peers/allowed-ips is complicated,
  via a CList/GArray. At the end of that, we prettify the data
  representation and put everything into two buffers. That is more
  efficient and simpler for user afterwards. This moves complexity
  to the way how the object is created, vs. how it is used later.

- ensure that we nm_explicit_bzero() private-key and preshared-key. However,
  that only works to a certain point, because our netlink library does not
  ensure that no data is leaked.

- don't use a "struct sockaddr" union for the peer's endpoint. Instead,
  use a combintation of endpoint_family, endpoint_port, and
  endpoint_addr.

- a lot of refactoring.
2018-09-07 11:24:17 +02:00
Beniamino Galvani
44d77a7476 ifcfg-rh: add support for connection.llmnr 2018-09-06 09:07:41 +02:00
Beniamino Galvani
e83c31bbe0 libnm-core: add connection.llmnr property 2018-09-06 09:07:41 +02:00
Beniamino Galvani
8e6ad2853c libnm-core: fix documentation for connection.mdns
After an update of the connection.mdns property, a reactivation is
needed to apply the new value.

Also, the ifcfg-rh variable name was wrong.

Fixes: 2e2ff6f27a
2018-09-06 09:07:41 +02:00
Thomas Haller
986ca94a36 libnm: assert in nm_utils_is_uuid() for valid argument
nm_utils_is_uuid() is public API. Commonly we check input arguments for such
functions with g_return_*() assertions.
2018-09-06 07:41:22 +02:00
Andrew Zaborowski
977d298c5f libnm-core: 8021x: Allow a new eap value "external"
To allow connections that mirror IWD's configured WPA-Enterprise
networks to be seen as valid by NM, add a new value for the eap key in
802-1x settings.  802-1x.eap stores EAP method names.  In the IWD
connections we don't know what EAP method is configured and we don't
have any of the other 802-1x properties that would be required for the
settings to verify.

These connections can't be activated on devices managed by wpa_supplicant.
2018-09-05 15:24:04 +02:00
Thomas Haller
e3ac45c026 ifcfg-rh: don't use 802-1x certifcate setter functions
The certificate setter function like nm_setting_802_1x_set_ca_cert()
actually load the file from disk, and validate whether it is a valid
certificate. That is very wrong to do.

For one, the certificates are external files, which are not embedded
into the NMConnection. That means, strongly validating the files while
loading the ifcfg files, is wrong because:
 - if validation fails, loading the file fails in its entirety with
   a warning in the log. That is not helpful to the user, who now
   can no longer use nmcli to fix the path of the certificate (because
   the profile failed to load in the first place).
 - even if the certificate is valid at load-time, there is no guarantee
   that it is valid later on, when we actually try to use the file. What
   good does such a validation do? nm_setting_802_1x_set_ca_cert() might
   make sense during nmcli_connection_modify(). At the moment when we
   create or update the profile, we do want to validate the input and
   be helpful to the user. Validating the file later on, when reloading
   the profile from disk seems undesirable.
 - note how keyfile also does not perform such validations (for good
   reasons, I presume).

Also, there is so much wrong with how ifcfg reader handles EAP files.
There is a lot of duplication, and trying to be too smart. I find it
wrong how the "eap_readers" are nested. E.g. both eap_peap_reader() and
"tls" method call to eap_tls_reader(), making it look like that
NMSetting8021x can handle multiple EAP profiles separately. But it cannot. The
802-1x profile is a flat set of properties like ca-cert and others. All
EAP methods share these properties, so having this complex parsing
is not only complicated, but also wrong. The reader should simply parse
the shell variables, and let NMSetting8021x::verify() handle validation
of the settings. Anyway, the patch does not address that.

Also, the setting of the likes of NM_SETTING_802_1X_CLIENT_CERT_PASSWORD was
awkwardly only done when
     privkey_format != NM_SETTING_802_1X_CK_FORMAT_PKCS12
  && scheme == NM_SETTING_802_1X_CK_SCHEME_PKCS11
It is too smart. Just read it from file, if it contains invalid data, let
verify() reject it. That is only partly addressed.

Also note, how writer never actually writes the likes of
IEEE_8021X_CLIENT_CERT_PASSWORD. That is another bug and not fixed
either.
2018-09-04 07:38:30 +02:00
Thomas Haller
a9406ca4a7 libnm-core: expose _nm_utils_str2bin_full() as internal API
We only exposed wrappers around this function, but all of them have
different behavior, and none exposes all possible features. For example,
nm_utils_hexstr2bin() strips leading "0x", but it does not clear
the data on failure (nm_explicit_bzero()). Instead of adding more
wrappers, expose the underlying implementation, so that callers may
use the function the way they want it.
2018-09-04 07:38:30 +02:00
Thomas Haller
b8ea61d26e libnm/keyfile: clear memory when reading certificates from keyfile
Of course, there are countless places where we get it wrong to clear
the memory. In particular, glib's GKeyFile implementation does
not care about that.

Anyway, the keyfile do contain private sensitive data. Adjust
a few places to zero out such data from memory.
2018-09-04 07:38:30 +02:00
Thomas Haller
9e3ebfdebb libnm/802-1x: refactor getting private-key format
Move similar code to a helper function/macro.
2018-09-04 07:38:30 +02:00
Thomas Haller
068d316822 libnm/802-1x: refactor setting certificate from path
NMSetting8021x has various utility functions to set
the certificate:
  - nm_setting_802_1x_set_ca_cert()
  - nm_setting_802_1x_set_client_cert()
  - nm_setting_802_1x_set_private_key()
  - nm_setting_802_1x_set_phase2_ca_cert()
  - nm_setting_802_1x_set_phase2_client_cert()
  - nm_setting_802_1x_set_phase2_private_key()

They support:

 - accepting a plain PKCS11 URI, with scheme set to
   NM_SETTING_802_1X_CK_SCHEME_PKCS11.
 - accepting a filename, with scheme set to
   NM_SETTING_802_1X_CK_SCHEME_BLOB or
   NM_SETTING_802_1X_CK_SCHEME_PATH.

In the latter case, the function tries to load the file and verify it.
In case of the private-key setters, this also involves accepting a
password. Depending on whether the scheme is BLOB or PATH, the function
will either set the certificate to a PATH blob, or take the blob that
was read from file.

The functions seem misdesigned to me, because their behavior is
rather obscure. E.g. they behave fundamentally different, depending
on whether scheme is PKCS11 or BLOB/PATH.

Anyway, improve them:

- refactor the common code into a function _cert_impl_set(). Previously,
  their non-trivial implementations were copy+pasted several times,
  now they all use the same implementation.
- if the function is going to fail, don't touch the setting. Previously,
  the functions would first clear the certificate before trying to
  validate the input. It's more logical, that if a functions is going
  to fail to check for failure first and don't modify the settings.
- not every blob can be represented. For example, if we have a blob
  which starts with "file://", then there is no way to set it, simply
  because we don't support a prefix for blobs (like "data:;base64,").
  This means, if we try to set the certificate to a particular binary,
  we must check that the binary is interpreted with the expected scheme.
  Add this check.
2018-09-04 07:38:30 +02:00
Thomas Haller
f33dec3067 libnm/802-1x: cleanup NMSetting8021x:verify() 2018-09-04 07:38:30 +02:00
Thomas Haller
5ab6875d4e libnm/802-1x: don't verify certificates in GObject property setter
First of all, g_warning() is not a suitable error handling. In
particular, note how this code is reached when obtaining a setting
from D-Bus, that is, the user is not at fault.

The proper way to handle this, is allowing the setter to set the invalid
value. Only later, during verify() we will fail. This way,
NetworkManager can extend the format and older libnm clients don't
break. This is how forward-compatibility (with older libnm vs. newer
daemon) is supposed to work.
2018-09-04 07:38:30 +02:00
Thomas Haller
53ca365407 libnm/802-1x: refactor certificate handling in settings
- all this code duplication. Add functions and macros to simplify
  the implementation of certificate properties.

Overall, pretty trival. Replace code with a macro.
2018-09-04 07:38:30 +02:00
Thomas Haller
6d6016f83d libnm/802-1x: call g_bytes_unref() directly without checking for NULL
Since its inception, g_bytes_unref() is fine with NULL argument.
2018-09-04 07:38:30 +02:00
Thomas Haller
d0a26c6713 libnm/802-1x/trivial: reorder code 2018-09-04 07:38:30 +02:00
Thomas Haller
1cd1bf7d2f libnm/802-1x: refactor GObject properties of NMSetting8021x 2018-09-04 07:38:30 +02:00
Thomas Haller
fa4f27372c libnm/crypto: mark nm_crypto_make_des_aes_key() as test-only function 2018-09-04 07:38:30 +02:00
Thomas Haller
116ee7a4bf libnm/crypto: clean crypto implementations for gnutls/nss
- refactor to use cleanup attribute and return-early

- reorder some code
2018-09-04 07:38:30 +02:00
Thomas Haller
08c80dd2e3 libnm/crypto: rework endianness detection for crypto_verify_pkcs12()
At other places, we already use __BYTE_ORDER define to detect endianness.
We don't need multiple mechanisms.

Also note that meson did not do the correct thing as AC_C_BIGENDIAN,
so meson + nss + big-endian was possibly broken.
2018-09-04 07:38:30 +02:00
Thomas Haller
858d5c3e91 libnm/crypto: refactor to use enum for supported ciphers
We need to (and already did) define our own identifier for ciphers,
because the gnutls/nss identifiers must be abstracted.

Don't use a string for that. The number of supported ciphers
is not generic but fixed and known at compiler time. An enum
is better suited.
2018-09-04 07:38:30 +02:00
Thomas Haller
1f550790bb libnm/crypto: remove unused argument key_type for decrypt functions 2018-09-04 07:38:30 +02:00
Thomas Haller
10724b38a8 libnm/crypto: don't initialize buffer for nm_crypto_make_des_aes_key() with zero
@key is directly passed to nm_crypto_md5_hash(), which cannot (by API design)
fail. No need to initialize it.

Also, no need to allocate an additional trailing NUL byte. The key is
binary, every attempt to use it as a string will horribly fail.
2018-09-04 07:38:30 +02:00
Thomas Haller
2456298da0 libnm/crypto: adjust signature of crypto functions
- avoid "const gsize" as type for function arguments.

- consistently use "guint8 *" type for binary data, instead
  of "char *", which indicates a NUL terminated C string.
2018-09-04 07:38:30 +02:00
Thomas Haller
67f36f880e libnm/crypto: rename crypto functions used for testing only
- drop nm_crypto_encrypt(). It's not actually used outside of
  "nm-crypto.c".
- rename internal _nm_crypto_*() functions that are only used
  in tests. It's so much nicer to visually recognize functions
  that are used for testing only.
2018-09-04 07:38:30 +02:00
Thomas Haller
b91e60b1d6 libnm: cleanup conversion from NMCryptoFileFormat to NMSetting8021xCKFormat enum 2018-09-04 07:38:30 +02:00
Thomas Haller
44ceb16195 libnm: fix race in nm-setting-x802-1x's setting private key functions
Do not first load the file during nm_crypto_verify_private_key(),
and later re-load it, in case we are setting a blob. Instead,
ensure we only load the file once.

This fixes a race, and also the very wrong assertion:

    priv->phase2_private_key = nm_crypto_read_file (value, NULL);
    nm_assert (priv->phase2_private_key);

We should never assert that an IO operation succeeds.

Also, we encode blobs, paths, and pkcs11 URIs all inside a binary
field. Unfortunately, there is no defined prefix for blobs (TODO).
That means, if you have a blob that happens to start with "file://"
it cannot be expressed. At least, check that the binary field that
we are setting gets detected as correct scheme type.
2018-09-04 07:38:30 +02:00
Thomas Haller
b6377b8082 libnm: clear private-key passwords in NMSetting8021x
Yes, there are countless other places where we don't get this right
and leave sensitive data in memory. Anyway, fix these places.
2018-09-04 07:38:30 +02:00
Thomas Haller
0fdd42e24c libnm/keyfile: avoid GByteArray to construct path uri in nm_keyfile_detect_unqualified_path_scheme() 2018-09-04 07:38:30 +02:00
Thomas Haller
b0c3af6c84 libnm: avoid intermediate GByteArray in path_to_scheme_value()
It's not that to directly initialize the GBytes without an
intermediate GByteArray.
2018-09-04 07:38:30 +02:00
Thomas Haller
2be0bb8287 libnm/crypto: fix loading certificates from file securely
file_to_secure_bytes() tried to load the file from disk and ensure that
the data will be cleared. It did so poorely, because g_file_get_contents()
cannot be used for that.

Add a helper function nm_crypto_read_file() to get this right.
2018-09-04 07:38:30 +02:00
Thomas Haller
b5abc8a1d5 libnm/crypto: ensure not leaking sensitive information when loading files
g_file_get_contents() may use re-alloc to load the file. Each time
it re-allocated the buffer, it does not bother clearing the loaded
buffer from memory.

Alternatively, g_file_get_contents() may use stat() and only allocate
one buffer. But also in this mode, without realloc(), it does not
clear the buffer if reading the file fails with IO error later.

Use nm_utils_file_get_contents() which does that.

While at it, don't load files larger that 100 MB.
2018-09-04 07:38:30 +02:00
Thomas Haller
c0a1f09a26 libnm/crypto: refactor nmtst_crypto_rsa_key_encrypt() and clear memory
It's only used for testing, so this change is not very relevant.
Anyway, I think our crypto code should succeed in not leaving
key material in memory. Refactor the code to do that, though,
how the pem file gets composed is quite a hack (for tests good
enough though).
2018-09-04 07:38:30 +02:00
Thomas Haller
f961dcb806 libnm/crypto: move and mark nm_utils_rsa_key_encrypt() as test code
nm_utils_rsa_key_encrypt() is internal API which is only uesd for testing.
Move it to nm-crypto.h (where it fits better) and rename it to make the
testing-aspect obvious.
2018-09-04 07:38:30 +02:00
Thomas Haller
9153d9e2ea libnm-core/trivial: rename testing related functions in crypto code
In nm-crypto.c we have functions that are only called from tests.
Maybe these functions should move away from libnm-core to the
test.

Leave it, but at least rename them to make it clear that these
functions are not relevant for libnm's actual usage. For a
reviewer that makes a big difference as crypto functions in libnm
have a significantly higher requirement for quality.

There is nothing new here. We already have other *nmtst* functions
beside our regular code. The concention is, that functions that
are only for testing are named explicitly ("nmtst"), and that they
can only be called by test functions themselves.
2018-09-04 07:38:30 +02:00
Thomas Haller
639e6de6e3 libnm/crypto: refactor crypto test functions to return GBytes
Using GBytes consistently simplifies the code. Also use it
for the test related functions.
2018-09-04 07:38:30 +02:00
Thomas Haller
896a47da53 libnm/crypto: refactor nm_crypto_load_and_verify_certificate() and return GBytes
The GBytes has a suitable cleanup function, which zeros the certificate
from memory.

Also, all callers that require the certificate, actually later converted
it into a GBytes anyway. This way, they can re-used the same instance
(avoiding an additionaly copying of the data), and they will properly
clear the memory when freed.
2018-09-04 07:38:30 +02:00
Thomas Haller
4c996da5bc libnm/crypto: use nm_explicit_bzero() instead of plain memset() 2018-09-04 07:38:30 +02:00
Thomas Haller
105254a15b libnm/crypto: rework _nm_crypto_verify_cert() to return boolean
Rename _nm_crypto_verify_cert() to _nm_crypto_verify_x509().
Also, don't let it return a NMCryptoFileFormat result. This
function only checks for a particular format, hence it
should only return true/false.

Also, fix setting error output argument when the function fails.
2018-09-04 07:38:30 +02:00
Thomas Haller
e01f7f2c6d build: enable building both crypto backends for tests
If the library is available, let's at least compile both
crypto backends.

That is helpful when developing on crypto backends, so that
one does not have to configure the build twice.

With autotools, the build is only run during `make check`.
Not for meson, but that is generally the case with our meson
setup, that it also builds tests during the regular build step.
2018-09-04 07:38:30 +02:00
Thomas Haller
c172675c13 libnm/crypto: rename libnm crypto API to have consistent NM prefix
Follow our convention, that items in headers are all named with
an "NM" prefix.

Also, "nm-crypto-impl.h" contains internal functions that are to be implemented
by the corresponding crypto backends. Distinguish their names as well.
2018-09-04 07:38:30 +02:00
Thomas Haller
6435040881 libnm/crypto: add header "nm-crypto-impl.h" for crypto implementation
There are two aspects: the public crypto API that is provided by
"nm-crypto.h" header, and the internal header which crypto backends
need to implement. Split them.
2018-09-04 07:38:30 +02:00
Thomas Haller
4106f2968d libnm/crypto: rename libnm's crypto files
"crypto.h" did not follow our common NM style naming. Rename
the files.
2018-09-04 07:38:30 +02:00
Thomas Haller
3c157d186c libnm/crypto: refactor decrypt_key() to use NMSecretPtr 2018-09-04 07:38:30 +02:00
Thomas Haller
eef298108f libnm/crypto: refactor parse_pkcs8_key_file() to bzero loaded data 2018-09-04 07:38:30 +02:00
Thomas Haller
6550b36ed4 libnm/crypto: refactor parse_old_openssl_key_file() to bzero loaded data
Ensure that data processed by parse_old_openssl_key_file() is cleared
from memory.
2018-09-04 07:38:30 +02:00
Thomas Haller
09d43b3959 libnm/crypto: clear data loaded from files
Data that we load from crypto files should be cleared once it's
no longer used.

Just a small step. There are many other places where we copy the data
and leave it around.
2018-09-04 07:38:30 +02:00
Thomas Haller
fbc0f599bc libnm/crypto: rename crypto functions that are only used by tests
These functions are only used by tests, hence they are much less important.
Mark them as such, by naming them accordingly.
2018-09-04 07:38:30 +02:00
Thomas Haller
5ff12dc86d libnm/crypto: cleanup convert_iv() and handle more errors
crypto_make_des_aes_key() asserts that iv-lenght is at least
8 characters. Whatever the reason. That means, decrypt_key()
must check for that condition first, and gracefully fail.

Also, don't use strtol() to convert a pair of hex digits to
integer.

Also, don't keep the IV in memory. Yes, it's not very critical,
but this is crypto code, we should not leave data behind.
2018-09-04 07:38:30 +02:00