From 8b1976c6e35833ec02ee15deba440454cc888283 Mon Sep 17 00:00:00 2001 From: Selva Nair Date: Thu, 22 Dec 2022 12:18:22 -0500 Subject: [PATCH] Increase max size of management password buffer As we now allow users to set a management password (for persistent connections), the max size of password should match what openvpn.exe can handle (128 or 4096 bytes depending on build options). Increase the buffer size to 4096 though such large passwords may not work in practice. 127 bytes + NUL, may be a safe upper limit. For the random password used for connections spawned by the GUI, the current size of 15 bytes + NUL is retained. Fixes: #567 Signed-off-by: Selva Nair --- openvpn.c | 22 ++++++++++++++-------- options.h | 2 +- 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/openvpn.c b/openvpn.c index 2591b62..c5823ca 100644 --- a/openvpn.c +++ b/openvpn.c @@ -2390,6 +2390,12 @@ LaunchOpenVPN(connection_t *c) HANDLE hNul = NULL; DWORD written; BOOL retval = FALSE; + DWORD passwd_len = 16; /* incuding NUL */ + + if (passwd_len > sizeof(c->manage.password)) + { + passwd_len = sizeof(c->manage.password); + } RunPreconnectScript(c); @@ -2403,7 +2409,7 @@ LaunchOpenVPN(connection_t *c) } /* Create a management interface password */ - GetRandomPassword(c->manage.password, sizeof(c->manage.password) - 1); + GetRandomPassword(c->manage.password, passwd_len - 1); find_free_tcp_port(&c->manage.skaddr); @@ -2434,7 +2440,7 @@ LaunchOpenVPN(connection_t *c) } else { - DWORD size = _tcslen(c->config_dir) + _tcslen(options) + sizeof(c->manage.password) + 3; + DWORD size = _tcslen(c->config_dir) + _tcslen(options) + passwd_len + 3; TCHAR startup_info[1024]; if (!AuthorizeConfig(c)) @@ -2445,15 +2451,15 @@ LaunchOpenVPN(connection_t *c) } c->hProcess = NULL; - c->manage.password[sizeof(c->manage.password) - 1] = '\n'; + c->manage.password[passwd_len - 1] = '\n'; /* Ignore pushed route-method when service is in use */ const wchar_t* extra_options = L" --pull-filter ignore route-method"; size += wcslen(extra_options); _sntprintf_0(startup_info, L"%ls%lc%ls%ls%lc%.*hs", c->config_dir, L'\0', - options, extra_options, L'\0', sizeof(c->manage.password), c->manage.password); - c->manage.password[sizeof(c->manage.password) - 1] = '\0'; + options, extra_options, L'\0', passwd_len, c->manage.password); + c->manage.password[passwd_len - 1] = '\0'; res = WritePipe(c->iserv.pipe, startup_info, size * sizeof(TCHAR)); } @@ -2553,9 +2559,9 @@ LaunchOpenVPN(connection_t *c) CloseHandleEx(&hNul); /* Pass management password to OpenVPN process */ - c->manage.password[sizeof(c->manage.password) - 1] = '\n'; - WriteFile(hStdInWrite, c->manage.password, sizeof(c->manage.password), &written, NULL); - c->manage.password[sizeof(c->manage.password) - 1] = '\0'; + c->manage.password[passwd_len - 1] = '\n'; + WriteFile(hStdInWrite, c->manage.password, passwd_len, &written, NULL); + c->manage.password[passwd_len - 1] = '\0'; c->hProcess = pi.hProcess; /* Will be closed in the event loop on exit */ CloseHandle(pi.hThread); diff --git a/options.h b/options.h index ac2dc54..2b1a383 100644 --- a/options.h +++ b/options.h @@ -146,7 +146,7 @@ struct connection { SOCKET sk; SOCKADDR_IN skaddr; time_t timeout; - char password[16]; + char password[4096]; /* match with largest possible passwd in openvpn.exe */ char *saved_data; size_t saved_size; mgmt_cmd_t *cmd_queue;