Ticket #911: 0002-Calculate-max-crypto-overhead-more-accurately.patch

src/openvpn/crypto.c

@@ -739 +739 @@
         __func__, (unsigned int) crypto_overhead);
 }
 
-size_t
-crypto_max_overhead(void)
-{
-    return packet_id_size(true) + OPENVPN_MAX_IV_LENGTH
-           + OPENVPN_MAX_CIPHER_BLOCK_SIZE
-           + max_int(OPENVPN_MAX_HMAC_SIZE, OPENVPN_AEAD_TAG_LENGTH);
-}
-
 /*
  * Build a struct key_type.
  */

src/openvpn/crypto.h

@@ -423 +423 @@
                                     bool packet_id,
                                     bool packet_id_long_form);
 
-/** Return the worst-case OpenVPN crypto overhead (in bytes) */
-size_t crypto_max_overhead(void);
-
 /* Minimum length of the nonce used by the PRNG */
 #define NONCE_SECRET_LEN_MIN 16
 

src/openvpn/init.c

@@ -2156 +2156 @@
         }
         /* Do not regenerate keys if server sends an extra push reply */
         if (!session->key[KS_PRIMARY].crypto_options.key_ctx_bi.initialized
-            && !tls_session_update_crypto_params(session, &c->options, &c->c2.frame))
+            && !tls_session_update_crypto_params(session, &c->options,
+                                                 &c->c2.frame,
+                                                 c->c2.pre_ncp_crypto_overhead))
         {
             msg(D_TLS_ERRORS, "OPTIONS ERROR: failed to import crypto options");
             return false;
@@ -2546 +2548 @@
     if (c->options.pull || c->options.mode == MODE_SERVER)
     {
         /* Account for worst-case crypto overhead before allocating buffers */
-        frame_add_to_extra_frame(&c->c2.frame, crypto_max_overhead());
+        c->c2.pre_ncp_crypto_overhead = tls_max_crypto_overhead(
+                        &c->options, c->c1.ks.key_type.cipher);
+        frame_add_to_extra_frame(&c->c2.frame, c->c2.pre_ncp_crypto_overhead);
     }
     else
     {

src/openvpn/multi.c

@@ -2093 +2093 @@
         struct key_state *ks = &session->key[KS_PRIMARY];
         if (!session->opt->ncp_enabled && ks->authenticated
             && !tls_session_update_crypto_params(session, &mi->context.options,
-                                                 &mi->context.c2.frame))
+                                                 &mi->context.c2.frame,
+                                                 mi->context.c2.pre_ncp_crypto_overhead))
         {
             msg(D_TLS_ERRORS, "TLS Error: server generate_key_expansion failed");
             cc_succeeded = false;

src/openvpn/openvpn.h

@@ -264 +264 @@
     /* MTU frame parameters */
     struct frame frame;                         /* Active frame parameters */
     struct frame frame_initial;                 /* Restored on new session */
+    size_t pre_ncp_crypto_overhead;             /* Needed to adjust for NCP */
 
 #ifdef ENABLE_FRAGMENT
     /* Object to handle advanced MTU negotiation and datagram fragmentation */

src/openvpn/options.c

@@ -3507 +3507 @@
         struct key_type fake_kt;
         init_key_type(&fake_kt, o->ciphername, o->authname, o->keysize, true,
                       false);
-        frame_add_to_extra_frame(&fake_frame, -(crypto_max_overhead()));
+        frame_add_to_extra_frame(&fake_frame,
+                                 -(tls_max_crypto_overhead(o, fake_kt.cipher)));
         crypto_adjust_frame_parameters(&fake_frame, &fake_kt, o->replay,
                                        cipher_kt_mode_ofb_cfb(fake_kt.cipher));
         frame_finalize(&fake_frame, o->ce.link_mtu_defined, o->ce.link_mtu,

src/openvpn/push.c

@@ -278 +278 @@
             /* Do not regenerate keys if client send a second push request */
             if (!session->key[KS_PRIMARY].crypto_options.key_ctx_bi.initialized
                 && !tls_session_update_crypto_params(session, &c->options,
-                                                     &c->c2.frame))
+                                                     &c->c2.frame,
+                                                     c->c2.pre_ncp_crypto_overhead))
             {
                 msg(D_TLS_ERRORS, "TLS Error: initializing data channel failed");
                 goto error;

src/openvpn/ssl.c

@@ -1943 +1943 @@
     return ctx.found;
 }
 
+static bool tls_cipher_overhead_max(const char *ciphername, void *vctx){
+    size_t *max = vctx;
+    const cipher_kt_t *kt = cipher_kt_get(ciphername);
+    if (kt)
+    {
+        size_t overhead = cipher_kt_iv_size(kt) + cipher_kt_block_size(kt);
+        *max = *max > overhead ? *max : overhead;
+    }
+    return false;
+}
+
+size_t
+tls_max_crypto_overhead(const struct options *options,
+                        const cipher_kt_t *kt)
+{
+    bool long_form = cipher_kt_mode_ofb_cfb(kt)
+                     || (!options->tls_server && !options->tls_client);
+
+    size_t max_ncp_overhead = 0;
+    tls_cipher_list_for_each(options->ncp_ciphers, tls_cipher_overhead_max,
+                             &max_ncp_overhead);
+
+    const md_kt_t *md = md_kt_get(options->authname);
+    size_t auth_overhead = md ? md_kt_size(md) : 0;
+    size_t cipher_overhead = kt
+                    ? cipher_kt_block_size(kt) + cipher_kt_iv_size(kt) : 0;
+
+    return packet_id_size(long_form) + MAX(max_ncp_overhead, cipher_overhead)
+           + MAX(auth_overhead, OPENVPN_AEAD_TAG_LENGTH);
+}
+
+
 void
 tls_poor_mans_ncp(struct options *o, const char *remote_ciphername)
 {
@@ -1994 +2026 @@
 
 bool
 tls_session_update_crypto_params(struct tls_session *session,
-                                 struct options *options, struct frame *frame)
+                                 struct options *options, struct frame *frame,
+                                 size_t pre_ncp_overhead)
 {
     if (!session->opt->server
         && 0 != strcmp(options->ciphername, session->opt->config_ciphername)
@@ -2030 +2063 @@
     }
 
     /* Update frame parameters: undo worst-case overhead, add actual overhead */
-    frame_add_to_extra_frame(frame, -(crypto_max_overhead()));
+    frame_add_to_extra_frame(frame, pre_ncp_overhead);
     crypto_adjust_frame_parameters(frame, &session->opt->key_type,
                                    options->replay, packet_id_long_form);
     frame_finalize(frame, options->ce.link_mtu_defined, options->ce.link_mtu,

src/openvpn/ssl.h

@@ -481 +481 @@
  * @return true if updating succeeded, false otherwise.
  */
 bool tls_session_update_crypto_params(struct tls_session *session,
-                                      struct options *options, struct frame *frame);
+                                      struct options *options,
+                                      struct frame *frame,
+                                      size_t pre_ncp_overhead);
 
 /**
  * "Poor man's NCP": Use peer cipher if it is an allowed (NCP) cipher.
@@ -521 +523 @@
  */
 bool tls_item_in_cipher_list(const char *item, const char *list);
 
+/** Return the worst-case OpenVPN crypto overhead for this config (in bytes) */
+size_t tls_max_crypto_overhead(const struct options *options,
+                               const cipher_kt_t *kt);
 
 /*
  * inline functions