Long outage when changing private key

Long outage when changing private key

[Derrick Lyndon Pallas]

With two peers, A with persistent keepalive & B without, I am trying to 
change the private key on peer A. First I update the public key for A at 
B, then `wg set wg0 private-key XXXX` on A. It takes roughly the length 
of the persistent keepalive to reestablish pings from B to A.

If instead I update the public key for A at B, remove peer B at A, 
change A's private key, and then re-add peer B at A, I am able to 
reestablish pings almost immediately.

My guess was that there was a timer that needed to be reset when 
wg_set_device processes WGDEVICE_A_PRIVATE_KEY, but an attempt to reset 
timers was unsuccessful. I am new to this code and could use some 
pointers/advice on where to look next.

~Derrick


_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Long outage when changing private key

[Derrick Lyndon Pallas]

I believe I found a solution to this problem. Will submit a patch once 
I've done a bit more testing. ~Derrick

On 1/24/19 1:22 PM, Derrick Lyndon Pallas wrote:

> [snip]

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Long outage when changing private key

[Jason A. Donenfeld]

Hi Derrick,

The fix is probably this:

diff --git a/src/netlink.c b/src/netlink.c
index 3458c817..6b6a3f7a 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -539,6 +539,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info)
 					 peer_list) {
 			if (!wg_noise_precompute_static_static(peer))
 				wg_peer_remove(peer);
+			wg_noise_keypairs_clear(&peer->keypairs);
 		}
 		wg_cookie_checker_precompute_device_keys(&wg->cookie_checker);
 		up_write(&wg->static_identity.lock);

But the idea was originally that we wouldn't clear transport sessions
when the private key or peer preshared key changes, to allow for various
types of negotiated rotations with a grace period, in particular the
case of preshared keys for post quantum protocols. However, I can see
how the private key case causes problems for you, since changing the
public key on a peer is akin to removing and adding a different peer,
and so those transport sessions are lost in the process. In other words,
you might have a point.

Regards,
Jason
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Long outage when changing private key

[Jason A. Donenfeld]

On Fri, Jan 25, 2019 at 12:59 AM Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> @@ -539,6 +539,7 @@ static int wg_set_device(struct sk_buff *skb, struct genl_info *info)
>                                          peer_list) {
>                         if (!wg_noise_precompute_static_static(peer))
>                                 wg_peer_remove(peer);
else
> +                       wg_noise_keypairs_clear(&peer->keypairs);
>                 }
>                 wg_cookie_checker_precompute_device_keys(&wg->cookie_checker);
>                 up_write(&wg->static_identity.lock);
_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard

Re: Long outage when changing private key

[Derrick Lyndon Pallas]

Thanks for taking a look, I should have spent 30 more minutes 
investigating myself. Please see the patch set I just submitted. 
Resetting the handshake timer is also necessary or else it takes until 
the expiration of that timer to actually happen in my setup. It seemed 
worth putting into a utility function in peers.c, rather than all in 
netdev.c, so I did that. I checked the preshared key case and that seems 
to work fine still. ~Derrick

_______________________________________________
WireGuard mailing list
WireGuard@lists.zx2c4.com
https://lists.zx2c4.com/mailman/listinfo/wireguard