File: | src/lib/libtls/tls.c |
Warning: | line 260, column 2 Access to field 'refcount' results in a dereference of a null pointer (loaded from variable 'config') |
Press '?' to see keyboard shortcuts
Keyboard shortcuts:
1 | /* $OpenBSD: tls.c,v 1.92 2021/10/21 14:31:21 tb Exp $ */ | |||
2 | /* | |||
3 | * Copyright (c) 2014 Joel Sing <jsing@openbsd.org> | |||
4 | * | |||
5 | * Permission to use, copy, modify, and distribute this software for any | |||
6 | * purpose with or without fee is hereby granted, provided that the above | |||
7 | * copyright notice and this permission notice appear in all copies. | |||
8 | * | |||
9 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | |||
10 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | |||
11 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | |||
12 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | |||
13 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | |||
14 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | |||
15 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | |||
16 | */ | |||
17 | ||||
18 | #include <sys/socket.h> | |||
19 | ||||
20 | #include <errno(*__errno()).h> | |||
21 | #include <limits.h> | |||
22 | #include <pthread.h> | |||
23 | #include <stdlib.h> | |||
24 | #include <unistd.h> | |||
25 | ||||
26 | #include <openssl/bio.h> | |||
27 | #include <openssl/err.h> | |||
28 | #include <openssl/evp.h> | |||
29 | #include <openssl/pem.h> | |||
30 | #include <openssl/safestack.h> | |||
31 | #include <openssl/ssl.h> | |||
32 | #include <openssl/x509.h> | |||
33 | ||||
34 | #include <tls.h> | |||
35 | #include "tls_internal.h" | |||
36 | ||||
37 | static struct tls_config *tls_config_default; | |||
38 | ||||
39 | static int tls_init_rv = -1; | |||
40 | ||||
41 | static void | |||
42 | tls_do_init(void) | |||
43 | { | |||
44 | OPENSSL_init_ssl(OPENSSL_INIT_NO_LOAD_CONFIG0x00000001L, NULL((void*)0)); | |||
45 | ||||
46 | if (BIO_sock_init() != 1) | |||
47 | return; | |||
48 | ||||
49 | if ((tls_config_default = tls_config_new_internal()) == NULL((void*)0)) | |||
50 | return; | |||
51 | ||||
52 | tls_config_default->refcount++; | |||
53 | ||||
54 | tls_init_rv = 0; | |||
55 | } | |||
56 | ||||
57 | int | |||
58 | tls_init(void) | |||
59 | { | |||
60 | static pthread_once_t once = PTHREAD_ONCE_INIT{ 0, ((void*)0) }; | |||
61 | ||||
62 | if (pthread_once(&once, tls_do_init) != 0) | |||
63 | return -1; | |||
64 | ||||
65 | return tls_init_rv; | |||
66 | } | |||
67 | ||||
68 | const char * | |||
69 | tls_error(struct tls *ctx) | |||
70 | { | |||
71 | return ctx->error.msg; | |||
72 | } | |||
73 | ||||
74 | void | |||
75 | tls_error_clear(struct tls_error *error) | |||
76 | { | |||
77 | free(error->msg); | |||
78 | error->msg = NULL((void*)0); | |||
79 | error->num = 0; | |||
80 | error->tls = 0; | |||
81 | } | |||
82 | ||||
83 | static int | |||
84 | tls_error_vset(struct tls_error *error, int errnum, const char *fmt, va_list ap) | |||
85 | { | |||
86 | char *errmsg = NULL((void*)0); | |||
87 | int rv = -1; | |||
88 | ||||
89 | tls_error_clear(error); | |||
90 | ||||
91 | error->num = errnum; | |||
92 | error->tls = 1; | |||
93 | ||||
94 | if (vasprintf(&errmsg, fmt, ap) == -1) { | |||
95 | errmsg = NULL((void*)0); | |||
96 | goto err; | |||
97 | } | |||
98 | ||||
99 | if (errnum == -1) { | |||
100 | error->msg = errmsg; | |||
101 | return (0); | |||
102 | } | |||
103 | ||||
104 | if (asprintf(&error->msg, "%s: %s", errmsg, strerror(errnum)) == -1) { | |||
105 | error->msg = NULL((void*)0); | |||
106 | goto err; | |||
107 | } | |||
108 | rv = 0; | |||
109 | ||||
110 | err: | |||
111 | free(errmsg); | |||
112 | ||||
113 | return (rv); | |||
114 | } | |||
115 | ||||
116 | int | |||
117 | tls_error_set(struct tls_error *error, const char *fmt, ...) | |||
118 | { | |||
119 | va_list ap; | |||
120 | int errnum, rv; | |||
121 | ||||
122 | errnum = errno(*__errno()); | |||
123 | ||||
124 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
125 | rv = tls_error_vset(error, errnum, fmt, ap); | |||
126 | va_end(ap)__builtin_va_end(ap); | |||
127 | ||||
128 | return (rv); | |||
129 | } | |||
130 | ||||
131 | int | |||
132 | tls_error_setx(struct tls_error *error, const char *fmt, ...) | |||
133 | { | |||
134 | va_list ap; | |||
135 | int rv; | |||
136 | ||||
137 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
138 | rv = tls_error_vset(error, -1, fmt, ap); | |||
139 | va_end(ap)__builtin_va_end(ap); | |||
140 | ||||
141 | return (rv); | |||
142 | } | |||
143 | ||||
144 | int | |||
145 | tls_config_set_error(struct tls_config *config, const char *fmt, ...) | |||
146 | { | |||
147 | va_list ap; | |||
148 | int errnum, rv; | |||
149 | ||||
150 | errnum = errno(*__errno()); | |||
151 | ||||
152 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
153 | rv = tls_error_vset(&config->error, errnum, fmt, ap); | |||
154 | va_end(ap)__builtin_va_end(ap); | |||
155 | ||||
156 | return (rv); | |||
157 | } | |||
158 | ||||
159 | int | |||
160 | tls_config_set_errorx(struct tls_config *config, const char *fmt, ...) | |||
161 | { | |||
162 | va_list ap; | |||
163 | int rv; | |||
164 | ||||
165 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
166 | rv = tls_error_vset(&config->error, -1, fmt, ap); | |||
167 | va_end(ap)__builtin_va_end(ap); | |||
168 | ||||
169 | return (rv); | |||
170 | } | |||
171 | ||||
172 | int | |||
173 | tls_set_error(struct tls *ctx, const char *fmt, ...) | |||
174 | { | |||
175 | va_list ap; | |||
176 | int errnum, rv; | |||
177 | ||||
178 | errnum = errno(*__errno()); | |||
179 | ||||
180 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
181 | rv = tls_error_vset(&ctx->error, errnum, fmt, ap); | |||
182 | va_end(ap)__builtin_va_end(ap); | |||
183 | ||||
184 | return (rv); | |||
185 | } | |||
186 | ||||
187 | int | |||
188 | tls_set_errorx(struct tls *ctx, const char *fmt, ...) | |||
189 | { | |||
190 | va_list ap; | |||
191 | int rv; | |||
192 | ||||
193 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
194 | rv = tls_error_vset(&ctx->error, -1, fmt, ap); | |||
195 | va_end(ap)__builtin_va_end(ap); | |||
196 | ||||
197 | return (rv); | |||
198 | } | |||
199 | ||||
200 | int | |||
201 | tls_set_ssl_errorx(struct tls *ctx, const char *fmt, ...) | |||
202 | { | |||
203 | va_list ap; | |||
204 | int rv; | |||
205 | ||||
206 | /* Only set an error if a more specific one does not already exist. */ | |||
207 | if (ctx->error.tls != 0) | |||
208 | return (0); | |||
209 | ||||
210 | va_start(ap, fmt)__builtin_va_start(ap, fmt); | |||
211 | rv = tls_error_vset(&ctx->error, -1, fmt, ap); | |||
212 | va_end(ap)__builtin_va_end(ap); | |||
213 | ||||
214 | return (rv); | |||
215 | } | |||
216 | ||||
217 | struct tls_sni_ctx * | |||
218 | tls_sni_ctx_new(void) | |||
219 | { | |||
220 | return (calloc(1, sizeof(struct tls_sni_ctx))); | |||
221 | } | |||
222 | ||||
223 | void | |||
224 | tls_sni_ctx_free(struct tls_sni_ctx *sni_ctx) | |||
225 | { | |||
226 | if (sni_ctx == NULL((void*)0)) | |||
227 | return; | |||
228 | ||||
229 | SSL_CTX_free(sni_ctx->ssl_ctx); | |||
230 | X509_free(sni_ctx->ssl_cert); | |||
231 | ||||
232 | free(sni_ctx); | |||
233 | } | |||
234 | ||||
235 | struct tls * | |||
236 | tls_new(void) | |||
237 | { | |||
238 | struct tls *ctx; | |||
239 | ||||
240 | if ((ctx = calloc(1, sizeof(*ctx))) == NULL((void*)0)) | |||
| ||||
241 | return (NULL((void*)0)); | |||
242 | ||||
243 | tls_reset(ctx); | |||
244 | ||||
245 | if (tls_configure(ctx, tls_config_default) == -1) { | |||
246 | free(ctx); | |||
247 | return NULL((void*)0); | |||
248 | } | |||
249 | ||||
250 | return (ctx); | |||
251 | } | |||
252 | ||||
253 | int | |||
254 | tls_configure(struct tls *ctx, struct tls_config *config) | |||
255 | { | |||
256 | if (config == NULL((void*)0)) | |||
257 | config = tls_config_default; | |||
258 | ||||
259 | pthread_mutex_lock(&config->mutex); | |||
260 | config->refcount++; | |||
| ||||
261 | pthread_mutex_unlock(&config->mutex); | |||
262 | ||||
263 | tls_config_free(ctx->config); | |||
264 | ||||
265 | ctx->config = config; | |||
266 | ctx->keypair = config->keypair; | |||
267 | ||||
268 | if ((ctx->flags & TLS_SERVER(1 << 1)) != 0) | |||
269 | return (tls_configure_server(ctx)); | |||
270 | ||||
271 | return (0); | |||
272 | } | |||
273 | ||||
274 | int | |||
275 | tls_cert_hash(X509 *cert, char **hash) | |||
276 | { | |||
277 | char d[EVP_MAX_MD_SIZE64], *dhex = NULL((void*)0); | |||
278 | int dlen, rv = -1; | |||
279 | ||||
280 | free(*hash); | |||
281 | *hash = NULL((void*)0); | |||
282 | ||||
283 | if (X509_digest(cert, EVP_sha256(), d, &dlen) != 1) | |||
284 | goto err; | |||
285 | ||||
286 | if (tls_hex_string(d, dlen, &dhex, NULL((void*)0)) != 0) | |||
287 | goto err; | |||
288 | ||||
289 | if (asprintf(hash, "SHA256:%s", dhex) == -1) { | |||
290 | *hash = NULL((void*)0); | |||
291 | goto err; | |||
292 | } | |||
293 | ||||
294 | rv = 0; | |||
295 | err: | |||
296 | free(dhex); | |||
297 | ||||
298 | return (rv); | |||
299 | } | |||
300 | ||||
301 | int | |||
302 | tls_cert_pubkey_hash(X509 *cert, char **hash) | |||
303 | { | |||
304 | char d[EVP_MAX_MD_SIZE64], *dhex = NULL((void*)0); | |||
305 | int dlen, rv = -1; | |||
306 | ||||
307 | free(*hash); | |||
308 | *hash = NULL((void*)0); | |||
309 | ||||
310 | if (X509_pubkey_digest(cert, EVP_sha256(), d, &dlen) != 1) | |||
311 | goto err; | |||
312 | ||||
313 | if (tls_hex_string(d, dlen, &dhex, NULL((void*)0)) != 0) | |||
314 | goto err; | |||
315 | ||||
316 | if (asprintf(hash, "SHA256:%s", dhex) == -1) { | |||
317 | *hash = NULL((void*)0); | |||
318 | goto err; | |||
319 | } | |||
320 | ||||
321 | rv = 0; | |||
322 | ||||
323 | err: | |||
324 | free(dhex); | |||
325 | ||||
326 | return (rv); | |||
327 | } | |||
328 | ||||
329 | static int | |||
330 | tls_keypair_to_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY **pkey) | |||
331 | { | |||
332 | BIO *bio = NULL((void*)0); | |||
333 | X509 *x509 = NULL((void*)0); | |||
334 | char *mem; | |||
335 | size_t len; | |||
336 | int ret = -1; | |||
337 | ||||
338 | *pkey = NULL((void*)0); | |||
339 | ||||
340 | if (ctx->config->use_fake_private_key) { | |||
341 | mem = keypair->cert_mem; | |||
342 | len = keypair->cert_len; | |||
343 | } else { | |||
344 | mem = keypair->key_mem; | |||
345 | len = keypair->key_len; | |||
346 | } | |||
347 | ||||
348 | if (mem == NULL((void*)0)) | |||
349 | return (0); | |||
350 | ||||
351 | if (len > INT_MAX2147483647) { | |||
352 | tls_set_errorx(ctx, ctx->config->use_fake_private_key ? | |||
353 | "cert too long" : "key too long"); | |||
354 | goto err; | |||
355 | } | |||
356 | ||||
357 | if ((bio = BIO_new_mem_buf(mem, len)) == NULL((void*)0)) { | |||
358 | tls_set_errorx(ctx, "failed to create buffer"); | |||
359 | goto err; | |||
360 | } | |||
361 | ||||
362 | if (ctx->config->use_fake_private_key) { | |||
363 | if ((x509 = PEM_read_bio_X509(bio, NULL((void*)0), tls_password_cb, | |||
364 | NULL((void*)0))) == NULL((void*)0)) { | |||
365 | tls_set_errorx(ctx, "failed to read X509 certificate"); | |||
366 | goto err; | |||
367 | } | |||
368 | if ((*pkey = X509_get_pubkey(x509)) == NULL((void*)0)) { | |||
369 | tls_set_errorx(ctx, "failed to retrieve pubkey"); | |||
370 | goto err; | |||
371 | } | |||
372 | } else { | |||
373 | if ((*pkey = PEM_read_bio_PrivateKey(bio, NULL((void*)0), tls_password_cb, | |||
374 | NULL((void*)0))) == NULL((void*)0)) { | |||
375 | tls_set_errorx(ctx, "failed to read private key"); | |||
376 | goto err; | |||
377 | } | |||
378 | } | |||
379 | ||||
380 | ret = 0; | |||
381 | err: | |||
382 | BIO_free(bio); | |||
383 | X509_free(x509); | |||
384 | return (ret); | |||
385 | } | |||
386 | ||||
387 | static int | |||
388 | tls_keypair_setup_pkey(struct tls *ctx, struct tls_keypair *keypair, EVP_PKEY *pkey) | |||
389 | { | |||
390 | RSA *rsa = NULL((void*)0); | |||
391 | EC_KEY *eckey = NULL((void*)0); | |||
392 | int ret = -1; | |||
393 | ||||
394 | /* Only install the pubkey hash if fake private keys are used. */ | |||
395 | if (!ctx->config->skip_private_key_check) | |||
396 | return (0); | |||
397 | ||||
398 | if (keypair->pubkey_hash == NULL((void*)0)) { | |||
399 | tls_set_errorx(ctx, "public key hash not set"); | |||
400 | goto err; | |||
401 | } | |||
402 | ||||
403 | switch (EVP_PKEY_id(pkey)) { | |||
404 | case EVP_PKEY_RSA6: | |||
405 | if ((rsa = EVP_PKEY_get1_RSA(pkey)) == NULL((void*)0) || | |||
406 | RSA_set_ex_data(rsa, 0, keypair->pubkey_hash) == 0) { | |||
407 | tls_set_errorx(ctx, "RSA key setup failure"); | |||
408 | goto err; | |||
409 | } | |||
410 | break; | |||
411 | case EVP_PKEY_EC408: | |||
412 | if ((eckey = EVP_PKEY_get1_EC_KEY(pkey)) == NULL((void*)0) || | |||
413 | ECDSA_set_ex_data(eckey, 0, keypair->pubkey_hash) == 0) { | |||
414 | tls_set_errorx(ctx, "EC key setup failure"); | |||
415 | goto err; | |||
416 | } | |||
417 | break; | |||
418 | default: | |||
419 | tls_set_errorx(ctx, "incorrect key type"); | |||
420 | goto err; | |||
421 | } | |||
422 | ||||
423 | ret = 0; | |||
424 | ||||
425 | err: | |||
426 | RSA_free(rsa); | |||
427 | EC_KEY_free(eckey); | |||
428 | return (ret); | |||
429 | } | |||
430 | ||||
431 | int | |||
432 | tls_configure_ssl_keypair(struct tls *ctx, SSL_CTX *ssl_ctx, | |||
433 | struct tls_keypair *keypair, int required) | |||
434 | { | |||
435 | EVP_PKEY *pkey = NULL((void*)0); | |||
436 | ||||
437 | if (!required && | |||
438 | keypair->cert_mem == NULL((void*)0) && | |||
439 | keypair->key_mem == NULL((void*)0)) | |||
440 | return(0); | |||
441 | ||||
442 | if (keypair->cert_mem != NULL((void*)0)) { | |||
443 | if (keypair->cert_len > INT_MAX2147483647) { | |||
444 | tls_set_errorx(ctx, "certificate too long"); | |||
445 | goto err; | |||
446 | } | |||
447 | ||||
448 | if (SSL_CTX_use_certificate_chain_mem(ssl_ctx, | |||
449 | keypair->cert_mem, keypair->cert_len) != 1) { | |||
450 | tls_set_errorx(ctx, "failed to load certificate"); | |||
451 | goto err; | |||
452 | } | |||
453 | } | |||
454 | ||||
455 | if (tls_keypair_to_pkey(ctx, keypair, &pkey) == -1) | |||
456 | goto err; | |||
457 | if (pkey != NULL((void*)0)) { | |||
458 | if (tls_keypair_setup_pkey(ctx, keypair, pkey) == -1) | |||
459 | goto err; | |||
460 | if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) { | |||
461 | tls_set_errorx(ctx, "failed to load private key"); | |||
462 | goto err; | |||
463 | } | |||
464 | EVP_PKEY_free(pkey); | |||
465 | pkey = NULL((void*)0); | |||
466 | } | |||
467 | ||||
468 | if (!ctx->config->skip_private_key_check && | |||
469 | SSL_CTX_check_private_key(ssl_ctx) != 1) { | |||
470 | tls_set_errorx(ctx, "private/public key mismatch"); | |||
471 | goto err; | |||
472 | } | |||
473 | ||||
474 | return (0); | |||
475 | ||||
476 | err: | |||
477 | EVP_PKEY_free(pkey); | |||
478 | ||||
479 | return (-1); | |||
480 | } | |||
481 | ||||
482 | int | |||
483 | tls_configure_ssl(struct tls *ctx, SSL_CTX *ssl_ctx) | |||
484 | { | |||
485 | SSL_CTX_clear_mode(ssl_ctx, SSL_MODE_AUTO_RETRY)SSL_CTX_ctrl((ssl_ctx),78,(0x00000004L),((void*)0)); | |||
486 | ||||
487 | SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE)SSL_CTX_ctrl((ssl_ctx),33,(0x00000001L),((void*)0)); | |||
488 | SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER)SSL_CTX_ctrl((ssl_ctx),33,(0x00000002L),((void*)0)); | |||
489 | ||||
490 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv2)SSL_CTX_ctrl((ssl_ctx),32,(0x0),((void*)0)); | |||
491 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SSLv3)SSL_CTX_ctrl((ssl_ctx),32,(0x0),((void*)0)); | |||
492 | ||||
493 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1)SSL_CTX_ctrl((ssl_ctx),77,(0x04000000L),((void*)0)); | |||
494 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_1)SSL_CTX_ctrl((ssl_ctx),77,(0x10000000L),((void*)0)); | |||
495 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_2)SSL_CTX_ctrl((ssl_ctx),77,(0x08000000L),((void*)0)); | |||
496 | SSL_CTX_clear_options(ssl_ctx, SSL_OP_NO_TLSv1_3)SSL_CTX_ctrl((ssl_ctx),77,(0x20000000L),((void*)0)); | |||
497 | ||||
498 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0(1 << 1)) == 0) | |||
499 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1)SSL_CTX_ctrl((ssl_ctx),32,(0x04000000L),((void*)0)); | |||
500 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1(1 << 2)) == 0) | |||
501 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_1)SSL_CTX_ctrl((ssl_ctx),32,(0x10000000L),((void*)0)); | |||
502 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2(1 << 3)) == 0) | |||
503 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_2)SSL_CTX_ctrl((ssl_ctx),32,(0x08000000L),((void*)0)); | |||
504 | if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_3(1 << 4)) == 0) | |||
505 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TLSv1_3)SSL_CTX_ctrl((ssl_ctx),32,(0x20000000L),((void*)0)); | |||
506 | ||||
507 | if (ctx->config->alpn != NULL((void*)0)) { | |||
508 | if (SSL_CTX_set_alpn_protos(ssl_ctx, ctx->config->alpn, | |||
509 | ctx->config->alpn_len) != 0) { | |||
510 | tls_set_errorx(ctx, "failed to set alpn"); | |||
511 | goto err; | |||
512 | } | |||
513 | } | |||
514 | ||||
515 | if (ctx->config->ciphers != NULL((void*)0)) { | |||
516 | if (SSL_CTX_set_cipher_list(ssl_ctx, | |||
517 | ctx->config->ciphers) != 1) { | |||
518 | tls_set_errorx(ctx, "failed to set ciphers"); | |||
519 | goto err; | |||
520 | } | |||
521 | } | |||
522 | ||||
523 | if (ctx->config->verify_time == 0) { | |||
524 | X509_VERIFY_PARAM_set_flags(SSL_CTX_get0_param(ssl_ctx), | |||
525 | X509_V_FLAG_NO_CHECK_TIME0x200000); | |||
526 | } | |||
527 | ||||
528 | /* Disable any form of session caching by default */ | |||
529 | SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF)SSL_CTX_ctrl(ssl_ctx,44,0x0000,((void*)0)); | |||
530 | SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_TICKET)SSL_CTX_ctrl((ssl_ctx),32,(0x00004000L),((void*)0)); | |||
531 | ||||
532 | return (0); | |||
533 | ||||
534 | err: | |||
535 | return (-1); | |||
536 | } | |||
537 | ||||
538 | static int | |||
539 | tls_ssl_cert_verify_cb(X509_STORE_CTX *x509_ctx, void *arg) | |||
540 | { | |||
541 | struct tls *ctx = arg; | |||
542 | int x509_err; | |||
543 | ||||
544 | if (ctx->config->verify_cert == 0) | |||
545 | return (1); | |||
546 | ||||
547 | if ((X509_verify_cert(x509_ctx)) < 0) { | |||
548 | tls_set_errorx(ctx, "X509 verify cert failed"); | |||
549 | return (0); | |||
550 | } | |||
551 | ||||
552 | x509_err = X509_STORE_CTX_get_error(x509_ctx); | |||
553 | if (x509_err == X509_V_OK0) | |||
554 | return (1); | |||
555 | ||||
556 | tls_set_errorx(ctx, "certificate verification failed: %s", | |||
557 | X509_verify_cert_error_string(x509_err)); | |||
558 | ||||
559 | return (0); | |||
560 | } | |||
561 | ||||
562 | int | |||
563 | tls_configure_ssl_verify(struct tls *ctx, SSL_CTX *ssl_ctx, int verify) | |||
564 | { | |||
565 | size_t ca_len = ctx->config->ca_len; | |||
566 | char *ca_mem = ctx->config->ca_mem; | |||
567 | char *crl_mem = ctx->config->crl_mem; | |||
568 | size_t crl_len = ctx->config->crl_len; | |||
569 | char *ca_free = NULL((void*)0); | |||
570 | STACK_OF(X509_INFO)struct stack_st_X509_INFO *xis = NULL((void*)0); | |||
571 | X509_STORE *store; | |||
572 | X509_INFO *xi; | |||
573 | BIO *bio = NULL((void*)0); | |||
574 | int rv = -1; | |||
575 | int i; | |||
576 | ||||
577 | SSL_CTX_set_verify(ssl_ctx, verify, NULL((void*)0)); | |||
578 | SSL_CTX_set_cert_verify_callback(ssl_ctx, tls_ssl_cert_verify_cb, ctx); | |||
579 | ||||
580 | if (ctx->config->verify_depth >= 0) | |||
581 | SSL_CTX_set_verify_depth(ssl_ctx, ctx->config->verify_depth); | |||
582 | ||||
583 | if (ctx->config->verify_cert == 0) | |||
584 | goto done; | |||
585 | ||||
586 | /* If no CA has been specified, attempt to load the default. */ | |||
587 | if (ctx->config->ca_mem == NULL((void*)0) && ctx->config->ca_path == NULL((void*)0)) { | |||
588 | if (tls_config_load_file(&ctx->error, "CA", tls_default_ca_cert_file(), | |||
589 | &ca_mem, &ca_len) != 0) | |||
590 | goto err; | |||
591 | ca_free = ca_mem; | |||
592 | } | |||
593 | ||||
594 | if (ca_mem != NULL((void*)0)) { | |||
595 | if (ca_len > INT_MAX2147483647) { | |||
596 | tls_set_errorx(ctx, "ca too long"); | |||
597 | goto err; | |||
598 | } | |||
599 | if (SSL_CTX_load_verify_mem(ssl_ctx, ca_mem, ca_len) != 1) { | |||
600 | tls_set_errorx(ctx, "ssl verify memory setup failure"); | |||
601 | goto err; | |||
602 | } | |||
603 | } else if (SSL_CTX_load_verify_locations(ssl_ctx, NULL((void*)0), | |||
604 | ctx->config->ca_path) != 1) { | |||
605 | tls_set_errorx(ctx, "ssl verify locations failure"); | |||
606 | goto err; | |||
607 | } | |||
608 | ||||
609 | if (crl_mem != NULL((void*)0)) { | |||
610 | if (crl_len > INT_MAX2147483647) { | |||
611 | tls_set_errorx(ctx, "crl too long"); | |||
612 | goto err; | |||
613 | } | |||
614 | if ((bio = BIO_new_mem_buf(crl_mem, crl_len)) == NULL((void*)0)) { | |||
615 | tls_set_errorx(ctx, "failed to create buffer"); | |||
616 | goto err; | |||
617 | } | |||
618 | if ((xis = PEM_X509_INFO_read_bio(bio, NULL((void*)0), tls_password_cb, | |||
619 | NULL((void*)0))) == NULL((void*)0)) { | |||
620 | tls_set_errorx(ctx, "failed to parse crl"); | |||
621 | goto err; | |||
622 | } | |||
623 | store = SSL_CTX_get_cert_store(ssl_ctx); | |||
624 | for (i = 0; i < sk_X509_INFO_num(xis)sk_num(((_STACK*) (1 ? (xis) : (struct stack_st_X509_INFO*)0) )); i++) { | |||
625 | xi = sk_X509_INFO_value(xis, i)((X509_INFO *)sk_value(((_STACK*) (1 ? (xis) : (struct stack_st_X509_INFO *)0)), (i))); | |||
626 | if (xi->crl == NULL((void*)0)) | |||
627 | continue; | |||
628 | if (!X509_STORE_add_crl(store, xi->crl)) { | |||
629 | tls_set_error(ctx, "failed to add crl"); | |||
630 | goto err; | |||
631 | } | |||
632 | xi->crl = NULL((void*)0); | |||
633 | } | |||
634 | X509_STORE_set_flags(store, | |||
635 | X509_V_FLAG_CRL_CHECK0x4 | X509_V_FLAG_CRL_CHECK_ALL0x8); | |||
636 | } | |||
637 | ||||
638 | done: | |||
639 | rv = 0; | |||
640 | ||||
641 | err: | |||
642 | sk_X509_INFO_pop_free(xis, X509_INFO_free)sk_pop_free(((_STACK*) (1 ? (xis) : (struct stack_st_X509_INFO *)0)), ((void (*)(void *)) ((1 ? (X509_INFO_free) : (void (*) (X509_INFO *))0)))); | |||
643 | BIO_free(bio); | |||
644 | free(ca_free); | |||
645 | ||||
646 | return (rv); | |||
647 | } | |||
648 | ||||
649 | void | |||
650 | tls_free(struct tls *ctx) | |||
651 | { | |||
652 | if (ctx == NULL((void*)0)) | |||
653 | return; | |||
654 | ||||
655 | tls_reset(ctx); | |||
656 | ||||
657 | free(ctx); | |||
658 | } | |||
659 | ||||
660 | void | |||
661 | tls_reset(struct tls *ctx) | |||
662 | { | |||
663 | struct tls_sni_ctx *sni, *nsni; | |||
664 | ||||
665 | tls_config_free(ctx->config); | |||
666 | ctx->config = NULL((void*)0); | |||
667 | ||||
668 | SSL_CTX_free(ctx->ssl_ctx); | |||
669 | SSL_free(ctx->ssl_conn); | |||
670 | X509_free(ctx->ssl_peer_cert); | |||
671 | ||||
672 | ctx->ssl_conn = NULL((void*)0); | |||
673 | ctx->ssl_ctx = NULL((void*)0); | |||
674 | ctx->ssl_peer_cert = NULL((void*)0); | |||
675 | /* X509 objects in chain are freed with the SSL */ | |||
676 | ctx->ssl_peer_chain = NULL((void*)0); | |||
677 | ||||
678 | ctx->socket = -1; | |||
679 | ctx->state = 0; | |||
680 | ||||
681 | free(ctx->servername); | |||
682 | ctx->servername = NULL((void*)0); | |||
683 | ||||
684 | free(ctx->error.msg); | |||
685 | ctx->error.msg = NULL((void*)0); | |||
686 | ctx->error.num = -1; | |||
687 | ||||
688 | tls_conninfo_free(ctx->conninfo); | |||
689 | ctx->conninfo = NULL((void*)0); | |||
690 | ||||
691 | tls_ocsp_free(ctx->ocsp); | |||
692 | ctx->ocsp = NULL((void*)0); | |||
693 | ||||
694 | for (sni = ctx->sni_ctx; sni != NULL((void*)0); sni = nsni) { | |||
695 | nsni = sni->next; | |||
696 | tls_sni_ctx_free(sni); | |||
697 | } | |||
698 | ctx->sni_ctx = NULL((void*)0); | |||
699 | ||||
700 | ctx->read_cb = NULL((void*)0); | |||
701 | ctx->write_cb = NULL((void*)0); | |||
702 | ctx->cb_arg = NULL((void*)0); | |||
703 | } | |||
704 | ||||
705 | int | |||
706 | tls_ssl_error(struct tls *ctx, SSL *ssl_conn, int ssl_ret, const char *prefix) | |||
707 | { | |||
708 | const char *errstr = "unknown error"; | |||
709 | unsigned long err; | |||
710 | int ssl_err; | |||
711 | ||||
712 | ssl_err = SSL_get_error(ssl_conn, ssl_ret); | |||
713 | switch (ssl_err) { | |||
714 | case SSL_ERROR_NONE0: | |||
715 | case SSL_ERROR_ZERO_RETURN6: | |||
716 | return (0); | |||
717 | ||||
718 | case SSL_ERROR_WANT_READ2: | |||
719 | return (TLS_WANT_POLLIN-2); | |||
720 | ||||
721 | case SSL_ERROR_WANT_WRITE3: | |||
722 | return (TLS_WANT_POLLOUT-3); | |||
723 | ||||
724 | case SSL_ERROR_SYSCALL5: | |||
725 | if ((err = ERR_peek_error()) != 0) { | |||
726 | errstr = ERR_error_string(err, NULL((void*)0)); | |||
727 | } else if (ssl_ret == 0) { | |||
728 | if ((ctx->state & TLS_HANDSHAKE_COMPLETE(1 << 2)) != 0) { | |||
729 | ctx->state |= TLS_EOF_NO_CLOSE_NOTIFY(1 << 0); | |||
730 | return (0); | |||
731 | } | |||
732 | errstr = "unexpected EOF"; | |||
733 | } else if (ssl_ret == -1) { | |||
734 | errstr = strerror(errno(*__errno())); | |||
735 | } | |||
736 | tls_set_ssl_errorx(ctx, "%s failed: %s", prefix, errstr); | |||
737 | return (-1); | |||
738 | ||||
739 | case SSL_ERROR_SSL1: | |||
740 | if ((err = ERR_peek_error()) != 0) { | |||
741 | errstr = ERR_error_string(err, NULL((void*)0)); | |||
742 | } | |||
743 | tls_set_ssl_errorx(ctx, "%s failed: %s", prefix, errstr); | |||
744 | return (-1); | |||
745 | ||||
746 | case SSL_ERROR_WANT_CONNECT7: | |||
747 | case SSL_ERROR_WANT_ACCEPT8: | |||
748 | case SSL_ERROR_WANT_X509_LOOKUP4: | |||
749 | default: | |||
750 | tls_set_ssl_errorx(ctx, "%s failed (%d)", prefix, ssl_err); | |||
751 | return (-1); | |||
752 | } | |||
753 | } | |||
754 | ||||
755 | int | |||
756 | tls_handshake(struct tls *ctx) | |||
757 | { | |||
758 | int rv = -1; | |||
759 | ||||
760 | tls_error_clear(&ctx->error); | |||
761 | ||||
762 | if ((ctx->flags & (TLS_CLIENT(1 << 0) | TLS_SERVER_CONN(1 << 2))) == 0) { | |||
763 | tls_set_errorx(ctx, "invalid operation for context"); | |||
764 | goto out; | |||
765 | } | |||
766 | ||||
767 | if ((ctx->state & TLS_HANDSHAKE_COMPLETE(1 << 2)) != 0) { | |||
768 | tls_set_errorx(ctx, "handshake already completed"); | |||
769 | goto out; | |||
770 | } | |||
771 | ||||
772 | if ((ctx->flags & TLS_CLIENT(1 << 0)) != 0) | |||
773 | rv = tls_handshake_client(ctx); | |||
774 | else if ((ctx->flags & TLS_SERVER_CONN(1 << 2)) != 0) | |||
775 | rv = tls_handshake_server(ctx); | |||
776 | ||||
777 | if (rv == 0) { | |||
778 | ctx->ssl_peer_cert = SSL_get_peer_certificate(ctx->ssl_conn); | |||
779 | ctx->ssl_peer_chain = SSL_get_peer_cert_chain(ctx->ssl_conn); | |||
780 | if (tls_conninfo_populate(ctx) == -1) | |||
781 | rv = -1; | |||
782 | if (ctx->ocsp == NULL((void*)0)) | |||
783 | ctx->ocsp = tls_ocsp_setup_from_peer(ctx); | |||
784 | } | |||
785 | out: | |||
786 | /* Prevent callers from performing incorrect error handling */ | |||
787 | errno(*__errno()) = 0; | |||
788 | return (rv); | |||
789 | } | |||
790 | ||||
791 | ssize_t | |||
792 | tls_read(struct tls *ctx, void *buf, size_t buflen) | |||
793 | { | |||
794 | ssize_t rv = -1; | |||
795 | int ssl_ret; | |||
796 | ||||
797 | tls_error_clear(&ctx->error); | |||
798 | ||||
799 | if ((ctx->state & TLS_HANDSHAKE_COMPLETE(1 << 2)) == 0) { | |||
800 | if ((rv = tls_handshake(ctx)) != 0) | |||
801 | goto out; | |||
802 | } | |||
803 | ||||
804 | if (buflen > INT_MAX2147483647) { | |||
805 | tls_set_errorx(ctx, "buflen too long"); | |||
806 | goto out; | |||
807 | } | |||
808 | ||||
809 | ERR_clear_error(); | |||
810 | if ((ssl_ret = SSL_read(ctx->ssl_conn, buf, buflen)) > 0) { | |||
811 | rv = (ssize_t)ssl_ret; | |||
812 | goto out; | |||
813 | } | |||
814 | rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "read"); | |||
815 | ||||
816 | out: | |||
817 | /* Prevent callers from performing incorrect error handling */ | |||
818 | errno(*__errno()) = 0; | |||
819 | return (rv); | |||
820 | } | |||
821 | ||||
822 | ssize_t | |||
823 | tls_write(struct tls *ctx, const void *buf, size_t buflen) | |||
824 | { | |||
825 | ssize_t rv = -1; | |||
826 | int ssl_ret; | |||
827 | ||||
828 | tls_error_clear(&ctx->error); | |||
829 | ||||
830 | if ((ctx->state & TLS_HANDSHAKE_COMPLETE(1 << 2)) == 0) { | |||
831 | if ((rv = tls_handshake(ctx)) != 0) | |||
832 | goto out; | |||
833 | } | |||
834 | ||||
835 | if (buflen > INT_MAX2147483647) { | |||
836 | tls_set_errorx(ctx, "buflen too long"); | |||
837 | goto out; | |||
838 | } | |||
839 | ||||
840 | ERR_clear_error(); | |||
841 | if ((ssl_ret = SSL_write(ctx->ssl_conn, buf, buflen)) > 0) { | |||
842 | rv = (ssize_t)ssl_ret; | |||
843 | goto out; | |||
844 | } | |||
845 | rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "write"); | |||
846 | ||||
847 | out: | |||
848 | /* Prevent callers from performing incorrect error handling */ | |||
849 | errno(*__errno()) = 0; | |||
850 | return (rv); | |||
851 | } | |||
852 | ||||
853 | int | |||
854 | tls_close(struct tls *ctx) | |||
855 | { | |||
856 | int ssl_ret; | |||
857 | int rv = 0; | |||
858 | ||||
859 | tls_error_clear(&ctx->error); | |||
860 | ||||
861 | if ((ctx->flags & (TLS_CLIENT(1 << 0) | TLS_SERVER_CONN(1 << 2))) == 0) { | |||
862 | tls_set_errorx(ctx, "invalid operation for context"); | |||
863 | rv = -1; | |||
864 | goto out; | |||
865 | } | |||
866 | ||||
867 | if (ctx->state & TLS_SSL_NEEDS_SHUTDOWN(1 << 3)) { | |||
868 | ERR_clear_error(); | |||
869 | ssl_ret = SSL_shutdown(ctx->ssl_conn); | |||
870 | if (ssl_ret < 0) { | |||
871 | rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, | |||
872 | "shutdown"); | |||
873 | if (rv == TLS_WANT_POLLIN-2 || rv == TLS_WANT_POLLOUT-3) | |||
874 | goto out; | |||
875 | } | |||
876 | ctx->state &= ~TLS_SSL_NEEDS_SHUTDOWN(1 << 3); | |||
877 | } | |||
878 | ||||
879 | if (ctx->socket != -1) { | |||
880 | if (shutdown(ctx->socket, SHUT_RDWR2) != 0) { | |||
881 | if (rv == 0 && | |||
882 | errno(*__errno()) != ENOTCONN57 && errno(*__errno()) != ECONNRESET54) { | |||
883 | tls_set_error(ctx, "shutdown"); | |||
884 | rv = -1; | |||
885 | } | |||
886 | } | |||
887 | if (close(ctx->socket) != 0) { | |||
888 | if (rv == 0) { | |||
889 | tls_set_error(ctx, "close"); | |||
890 | rv = -1; | |||
891 | } | |||
892 | } | |||
893 | ctx->socket = -1; | |||
894 | } | |||
895 | ||||
896 | if ((ctx->state & TLS_EOF_NO_CLOSE_NOTIFY(1 << 0)) != 0) { | |||
897 | tls_set_errorx(ctx, "EOF without close notify"); | |||
898 | rv = -1; | |||
899 | } | |||
900 | ||||
901 | out: | |||
902 | /* Prevent callers from performing incorrect error handling */ | |||
903 | errno(*__errno()) = 0; | |||
904 | return (rv); | |||
905 | } |