summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authortobhe <tobhe@openbsd.org>2020-12-18 12:30:23 +0000
committertobhe <tobhe@openbsd.org>2020-12-18 12:30:23 +0000
commita99c96edb3d185ec56245dcf31241ade064543a8 (patch)
treee22c10e33bd850a06d98cec00dcecac4fbe9b6e9
parenttht(4): more tsleep(9) -> tsleep_nsec(9) (diff)
downloadwireguard-openbsd-a99c96edb3d185ec56245dcf31241ade064543a8.tar.xz
wireguard-openbsd-a99c96edb3d185ec56245dcf31241ade064543a8.zip
Make sure the first packet of an SA has sequence number 1 (as described in
RFC 4302 and RFC 4303). It seems this was changed by accident when support for 64 bit sequence numbers was added. ok bluhm@ patrick@
-rw-r--r--sys/netinet/ip_ah.c9
-rw-r--r--sys/netinet/ip_esp.c11
2 files changed, 11 insertions, 9 deletions
diff --git a/sys/netinet/ip_ah.c b/sys/netinet/ip_ah.c
index e94b9ead813..5d1a30cc90e 100644
--- a/sys/netinet/ip_ah.c
+++ b/sys/netinet/ip_ah.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_ah.c,v 1.144 2019/09/30 01:53:05 dlg Exp $ */
+/* $OpenBSD: ip_ah.c,v 1.145 2020/12/18 12:30:23 tobhe Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -890,6 +890,7 @@ ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
struct tdb_crypto *tc = NULL;
struct mbuf *mi;
struct cryptop *crp = NULL;
+ u_int64_t replay64;
u_int16_t iplen;
int error, rplen, roff;
u_int8_t prot;
@@ -1041,8 +1042,8 @@ ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
/* Zeroize authenticator. */
m_copyback(m, skip + rplen, ahx->authsize, ipseczeroes, M_NOWAIT);
- tdb->tdb_rpl++;
- ah->ah_rpl = htonl((u_int32_t)(tdb->tdb_rpl & 0xffffffff));
+ replay64 = tdb->tdb_rpl++;
+ ah->ah_rpl = htonl((u_int32_t)replay64);
#if NPFSYNC > 0
pfsync_update_tdb(tdb,1);
#endif
@@ -1071,7 +1072,7 @@ ah_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
if ((tdb->tdb_wnd > 0) && (tdb->tdb_flags & TDBF_ESN)) {
u_int32_t esn;
- esn = htonl((u_int32_t)(tdb->tdb_rpl >> 32));
+ esn = htonl((u_int32_t)(replay64 >> 32));
memcpy(crda->crd_esn, &esn, 4);
crda->crd_flags |= CRD_F_ESN;
}
diff --git a/sys/netinet/ip_esp.c b/sys/netinet/ip_esp.c
index 05105d0fe07..36b761273cd 100644
--- a/sys/netinet/ip_esp.c
+++ b/sys/netinet/ip_esp.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ip_esp.c,v 1.160 2020/12/16 19:28:59 tobhe Exp $ */
+/* $OpenBSD: ip_esp.c,v 1.161 2020/12/18 12:30:23 tobhe Exp $ */
/*
* The authors of this code are John Ioannidis (ji@tla.org),
* Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -737,6 +737,7 @@ esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
struct enc_xform *espx = (struct enc_xform *) tdb->tdb_encalgxform;
struct auth_hash *esph = (struct auth_hash *) tdb->tdb_authalgxform;
int ilen, hlen, rlen, padding, blks, alen, roff, error;
+ u_int64_t replay64;
u_int32_t replay;
struct mbuf *mi, *mo = (struct mbuf *) NULL;
struct tdb_crypto *tc = NULL;
@@ -881,8 +882,8 @@ esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
/* Initialize ESP header. */
memcpy(mtod(mo, caddr_t) + roff, (caddr_t) &tdb->tdb_spi,
sizeof(u_int32_t));
- tdb->tdb_rpl++;
- replay = htonl((u_int32_t)tdb->tdb_rpl);
+ replay64 = tdb->tdb_rpl++; /* used for both header and ESN */
+ replay = htonl((u_int32_t)replay64);
memcpy(mtod(mo, caddr_t) + roff + sizeof(u_int32_t), (caddr_t) &replay,
sizeof(u_int32_t));
@@ -951,7 +952,7 @@ esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
if (espx->type == CRYPTO_AES_CTR ||
espx->type == CRYPTO_AES_GCM_16 ||
espx->type == CRYPTO_CHACHA20_POLY1305)
- bcopy(&tdb->tdb_rpl, crde->crd_iv, sizeof(tdb->tdb_rpl));
+ bcopy(&replay64, crde->crd_iv, sizeof(replay64));
else
arc4random_buf(crde->crd_iv, espx->ivsize);
} else
@@ -992,7 +993,7 @@ esp_output(struct mbuf *m, struct tdb *tdb, struct mbuf **mp, int skip,
if ((tdb->tdb_wnd > 0) && (tdb->tdb_flags & TDBF_ESN)) {
u_int32_t esn;
- esn = htonl((u_int32_t)(tdb->tdb_rpl >> 32));
+ esn = htonl((u_int32_t)(replay64 >> 32));
memcpy(crda->crd_esn, &esn, 4);
crda->crd_flags |= CRD_F_ESN;
}