Introduce S_GENERATED_KEYS state and generate keys only when authenticated

Since generating data channel keys does not happen when we have reached
the S_ACTIVE/S_GOT_KEY state anymore like it used to be before NCP, the
state that data channel keys have been created deserves its own state in
the TLS session state machine.

The changes done by this commit are rather intrusive since they
move the key generation to a completely different place and also
rely on the state machine to decide if keys should be
generated rather than on the complicated conditions that were
implemented in the key_method_2_write/read methods.

A (intended) side effect of this change is that sessions that
are still in deferred state (ks->authenticated == KS_DEFERRED)
will not have data channel keys generated. This avoids corner
cases where a not fully authenticated sessions might leak data.

Signed-off-by: Arne Schwabe <arne@rfc2549.org>

Patch v2: rebased

Patch v3: fix crash in non TLS mode

Signed-off-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Antonio Quartulli <antonio@openvpn.net>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <20210705133414.3102815-1-arne@rfc2549.org>
URL: https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg22617.html
Signed-off-by: Gert Doering <gert@greenie.muc.de>

1 files changed, 1 insertions, 1 deletions

diff --git a/src/openvpn/forward.h b/src/openvpn/forward.h
index c9d9de7..2fb67e0 100644
--- a/src/openvpn/forward.h
+++ b/src/openvpn/forward.h
@@ -416,7 +416,7 @@ connection_established(struct context *c)
 {
     if (c->c2.tls_multi)
     {
-        return c->c2.tls_multi->multi_state >= CAS_CONNECT_DONE;
+        return c->c2.tls_multi->multi_state >= CAS_WAITING_OPTIONS_IMPORT;
     }
     else
     {