1: /***************************************************************************
2: * _ _ ____ _
3: * Project ___| | | | _ \| |
4: * / __| | | | |_) | |
5: * | (__| |_| | _ <| |___
6: * \___|\___/|_| \_\_____|
7: *
8: * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
9: *
10: * This software is licensed as described in the file COPYING, which
11: * you should have received as part of this distribution. The terms
12: * are also available at https://curl.haxx.se/docs/copyright.html.
13: *
14: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
15: * copies of the Software, and permit persons to whom the Software is
16: * furnished to do so, under the terms of the COPYING file.
17: *
18: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
19: * KIND, either express or implied.
20: *
21: ***************************************************************************/
22:
23: /*
24: * Source file for all NSS-specific code for the TLS/SSL layer. No code
25: * but vtls.c should ever call or use these functions.
26: */
27:
28: #include "curl_setup.h"
29:
30: #ifdef USE_NSS
31:
32: #include "urldata.h"
33: #include "sendf.h"
34: #include "formdata.h" /* for the boundary function */
35: #include "url.h" /* for the ssl config check function */
36: #include "connect.h"
37: #include "strcase.h"
38: #include "select.h"
39: #include "vtls.h"
40: #include "llist.h"
41: #include "multiif.h"
42: #include "curl_printf.h"
43: #include "nssg.h"
44: #include <nspr.h>
45: #include <nss.h>
46: #include <ssl.h>
47: #include <sslerr.h>
48: #include <secerr.h>
49: #include <secmod.h>
50: #include <sslproto.h>
51: #include <prtypes.h>
52: #include <pk11pub.h>
53: #include <prio.h>
54: #include <secitem.h>
55: #include <secport.h>
56: #include <certdb.h>
57: #include <base64.h>
58: #include <cert.h>
59: #include <prerror.h>
60: #include <keyhi.h> /* for SECKEY_DestroyPublicKey() */
61: #include <private/pprio.h> /* for PR_ImportTCPSocket */
62:
63: #define NSSVERNUM ((NSS_VMAJOR<<16)|(NSS_VMINOR<<8)|NSS_VPATCH)
64:
65: #if NSSVERNUM >= 0x030f00 /* 3.15.0 */
66: #include <ocsp.h>
67: #endif
68:
69: #include "strcase.h"
70: #include "warnless.h"
71: #include "x509asn1.h"
72:
73: /* The last #include files should be: */
74: #include "curl_memory.h"
75: #include "memdebug.h"
76:
77: #define SSL_DIR "/etc/pki/nssdb"
78:
79: /* enough to fit the string "PEM Token #[0|1]" */
80: #define SLOTSIZE 13
81:
82: struct ssl_backend_data {
83: PRFileDesc *handle;
84: char *client_nickname;
85: struct Curl_easy *data;
86: struct curl_llist obj_list;
87: PK11GenericObject *obj_clicert;
88: };
89:
90: static PRLock *nss_initlock = NULL;
91: static PRLock *nss_crllock = NULL;
92: static PRLock *nss_findslot_lock = NULL;
93: static PRLock *nss_trustload_lock = NULL;
94: static struct curl_llist nss_crl_list;
95: static NSSInitContext *nss_context = NULL;
96: static volatile int initialized = 0;
97:
98: /* type used to wrap pointers as list nodes */
99: struct ptr_list_wrap {
100: void *ptr;
101: struct curl_llist_element node;
102: };
103:
104: typedef struct {
105: const char *name;
106: int num;
107: } cipher_s;
108:
109: #define PK11_SETATTRS(_attr, _idx, _type, _val, _len) do { \
110: CK_ATTRIBUTE *ptr = (_attr) + ((_idx)++); \
111: ptr->type = (_type); \
112: ptr->pValue = (_val); \
113: ptr->ulValueLen = (_len); \
114: } while(0)
115:
116: #define CERT_NewTempCertificate __CERT_NewTempCertificate
117:
118: #define NUM_OF_CIPHERS sizeof(cipherlist)/sizeof(cipherlist[0])
119: static const cipher_s cipherlist[] = {
120: /* SSL2 cipher suites */
121: {"rc4", SSL_EN_RC4_128_WITH_MD5},
122: {"rc4-md5", SSL_EN_RC4_128_WITH_MD5},
123: {"rc4export", SSL_EN_RC4_128_EXPORT40_WITH_MD5},
124: {"rc2", SSL_EN_RC2_128_CBC_WITH_MD5},
125: {"rc2export", SSL_EN_RC2_128_CBC_EXPORT40_WITH_MD5},
126: {"des", SSL_EN_DES_64_CBC_WITH_MD5},
127: {"desede3", SSL_EN_DES_192_EDE3_CBC_WITH_MD5},
128: /* SSL3/TLS cipher suites */
129: {"rsa_rc4_128_md5", SSL_RSA_WITH_RC4_128_MD5},
130: {"rsa_rc4_128_sha", SSL_RSA_WITH_RC4_128_SHA},
131: {"rsa_3des_sha", SSL_RSA_WITH_3DES_EDE_CBC_SHA},
132: {"rsa_des_sha", SSL_RSA_WITH_DES_CBC_SHA},
133: {"rsa_rc4_40_md5", SSL_RSA_EXPORT_WITH_RC4_40_MD5},
134: {"rsa_rc2_40_md5", SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5},
135: {"rsa_null_md5", SSL_RSA_WITH_NULL_MD5},
136: {"rsa_null_sha", SSL_RSA_WITH_NULL_SHA},
137: {"fips_3des_sha", SSL_RSA_FIPS_WITH_3DES_EDE_CBC_SHA},
138: {"fips_des_sha", SSL_RSA_FIPS_WITH_DES_CBC_SHA},
139: {"fortezza", SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA},
140: {"fortezza_rc4_128_sha", SSL_FORTEZZA_DMS_WITH_RC4_128_SHA},
141: {"fortezza_null", SSL_FORTEZZA_DMS_WITH_NULL_SHA},
142: /* TLS 1.0: Exportable 56-bit Cipher Suites. */
143: {"rsa_des_56_sha", TLS_RSA_EXPORT1024_WITH_DES_CBC_SHA},
144: {"rsa_rc4_56_sha", TLS_RSA_EXPORT1024_WITH_RC4_56_SHA},
145: /* AES ciphers. */
146: {"dhe_dss_aes_128_cbc_sha", TLS_DHE_DSS_WITH_AES_128_CBC_SHA},
147: {"dhe_dss_aes_256_cbc_sha", TLS_DHE_DSS_WITH_AES_256_CBC_SHA},
148: {"dhe_rsa_aes_128_cbc_sha", TLS_DHE_RSA_WITH_AES_128_CBC_SHA},
149: {"dhe_rsa_aes_256_cbc_sha", TLS_DHE_RSA_WITH_AES_256_CBC_SHA},
150: {"rsa_aes_128_sha", TLS_RSA_WITH_AES_128_CBC_SHA},
151: {"rsa_aes_256_sha", TLS_RSA_WITH_AES_256_CBC_SHA},
152: /* ECC ciphers. */
153: {"ecdh_ecdsa_null_sha", TLS_ECDH_ECDSA_WITH_NULL_SHA},
154: {"ecdh_ecdsa_rc4_128_sha", TLS_ECDH_ECDSA_WITH_RC4_128_SHA},
155: {"ecdh_ecdsa_3des_sha", TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA},
156: {"ecdh_ecdsa_aes_128_sha", TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA},
157: {"ecdh_ecdsa_aes_256_sha", TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA},
158: {"ecdhe_ecdsa_null_sha", TLS_ECDHE_ECDSA_WITH_NULL_SHA},
159: {"ecdhe_ecdsa_rc4_128_sha", TLS_ECDHE_ECDSA_WITH_RC4_128_SHA},
160: {"ecdhe_ecdsa_3des_sha", TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA},
161: {"ecdhe_ecdsa_aes_128_sha", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA},
162: {"ecdhe_ecdsa_aes_256_sha", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA},
163: {"ecdh_rsa_null_sha", TLS_ECDH_RSA_WITH_NULL_SHA},
164: {"ecdh_rsa_128_sha", TLS_ECDH_RSA_WITH_RC4_128_SHA},
165: {"ecdh_rsa_3des_sha", TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA},
166: {"ecdh_rsa_aes_128_sha", TLS_ECDH_RSA_WITH_AES_128_CBC_SHA},
167: {"ecdh_rsa_aes_256_sha", TLS_ECDH_RSA_WITH_AES_256_CBC_SHA},
168: {"ecdhe_rsa_null", TLS_ECDHE_RSA_WITH_NULL_SHA},
169: {"ecdhe_rsa_rc4_128_sha", TLS_ECDHE_RSA_WITH_RC4_128_SHA},
170: {"ecdhe_rsa_3des_sha", TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA},
171: {"ecdhe_rsa_aes_128_sha", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA},
172: {"ecdhe_rsa_aes_256_sha", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA},
173: {"ecdh_anon_null_sha", TLS_ECDH_anon_WITH_NULL_SHA},
174: {"ecdh_anon_rc4_128sha", TLS_ECDH_anon_WITH_RC4_128_SHA},
175: {"ecdh_anon_3des_sha", TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA},
176: {"ecdh_anon_aes_128_sha", TLS_ECDH_anon_WITH_AES_128_CBC_SHA},
177: {"ecdh_anon_aes_256_sha", TLS_ECDH_anon_WITH_AES_256_CBC_SHA},
178: #ifdef TLS_RSA_WITH_NULL_SHA256
179: /* new HMAC-SHA256 cipher suites specified in RFC */
180: {"rsa_null_sha_256", TLS_RSA_WITH_NULL_SHA256},
181: {"rsa_aes_128_cbc_sha_256", TLS_RSA_WITH_AES_128_CBC_SHA256},
182: {"rsa_aes_256_cbc_sha_256", TLS_RSA_WITH_AES_256_CBC_SHA256},
183: {"dhe_rsa_aes_128_cbc_sha_256", TLS_DHE_RSA_WITH_AES_128_CBC_SHA256},
184: {"dhe_rsa_aes_256_cbc_sha_256", TLS_DHE_RSA_WITH_AES_256_CBC_SHA256},
185: {"ecdhe_ecdsa_aes_128_cbc_sha_256", TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256},
186: {"ecdhe_rsa_aes_128_cbc_sha_256", TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256},
187: #endif
188: #ifdef TLS_RSA_WITH_AES_128_GCM_SHA256
189: /* AES GCM cipher suites in RFC 5288 and RFC 5289 */
190: {"rsa_aes_128_gcm_sha_256", TLS_RSA_WITH_AES_128_GCM_SHA256},
191: {"dhe_rsa_aes_128_gcm_sha_256", TLS_DHE_RSA_WITH_AES_128_GCM_SHA256},
192: {"dhe_dss_aes_128_gcm_sha_256", TLS_DHE_DSS_WITH_AES_128_GCM_SHA256},
193: {"ecdhe_ecdsa_aes_128_gcm_sha_256", TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256},
194: {"ecdh_ecdsa_aes_128_gcm_sha_256", TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256},
195: {"ecdhe_rsa_aes_128_gcm_sha_256", TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
196: {"ecdh_rsa_aes_128_gcm_sha_256", TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256},
197: #endif
198: #ifdef TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
199: /* cipher suites using SHA384 */
200: {"rsa_aes_256_gcm_sha_384", TLS_RSA_WITH_AES_256_GCM_SHA384},
201: {"dhe_rsa_aes_256_gcm_sha_384", TLS_DHE_RSA_WITH_AES_256_GCM_SHA384},
202: {"dhe_dss_aes_256_gcm_sha_384", TLS_DHE_DSS_WITH_AES_256_GCM_SHA384},
203: {"ecdhe_ecdsa_aes_256_sha_384", TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384},
204: {"ecdhe_rsa_aes_256_sha_384", TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384},
205: {"ecdhe_ecdsa_aes_256_gcm_sha_384", TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384},
206: {"ecdhe_rsa_aes_256_gcm_sha_384", TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
207: #endif
208: #ifdef TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
209: /* chacha20-poly1305 cipher suites */
210: {"ecdhe_rsa_chacha20_poly1305_sha_256",
211: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
212: {"ecdhe_ecdsa_chacha20_poly1305_sha_256",
213: TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256},
214: {"dhe_rsa_chacha20_poly1305_sha_256",
215: TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256},
216: #endif
217: #ifdef TLS_AES_256_GCM_SHA384
218: {"aes_128_gcm_sha_256", TLS_AES_128_GCM_SHA256},
219: {"aes_256_gcm_sha_384", TLS_AES_256_GCM_SHA384},
220: {"chacha20_poly1305_sha_256", TLS_CHACHA20_POLY1305_SHA256},
221: #endif
222: };
223:
224: #if defined(WIN32)
225: static const char *pem_library = "nsspem.dll";
226: static const char *trust_library = "nssckbi.dll";
227: #elif defined(__APPLE__)
228: static const char *pem_library = "libnsspem.dylib";
229: static const char *trust_library = "libnssckbi.dylib";
230: #else
231: static const char *pem_library = "libnsspem.so";
232: static const char *trust_library = "libnssckbi.so";
233: #endif
234:
235: static SECMODModule *pem_module = NULL;
236: static SECMODModule *trust_module = NULL;
237:
238: /* NSPR I/O layer we use to detect blocking direction during SSL handshake */
239: static PRDescIdentity nspr_io_identity = PR_INVALID_IO_LAYER;
240: static PRIOMethods nspr_io_methods;
241:
242: static const char *nss_error_to_name(PRErrorCode code)
243: {
244: const char *name = PR_ErrorToName(code);
245: if(name)
246: return name;
247:
248: return "unknown error";
249: }
250:
251: static void nss_print_error_message(struct Curl_easy *data, PRUint32 err)
252: {
253: failf(data, "%s", PR_ErrorToString(err, PR_LANGUAGE_I_DEFAULT));
254: }
255:
256: static char *nss_sslver_to_name(PRUint16 nssver)
257: {
258: switch(nssver) {
259: case SSL_LIBRARY_VERSION_2:
260: return strdup("SSLv2");
261: case SSL_LIBRARY_VERSION_3_0:
262: return strdup("SSLv3");
263: case SSL_LIBRARY_VERSION_TLS_1_0:
264: return strdup("TLSv1.0");
265: #ifdef SSL_LIBRARY_VERSION_TLS_1_1
266: case SSL_LIBRARY_VERSION_TLS_1_1:
267: return strdup("TLSv1.1");
268: #endif
269: #ifdef SSL_LIBRARY_VERSION_TLS_1_2
270: case SSL_LIBRARY_VERSION_TLS_1_2:
271: return strdup("TLSv1.2");
272: #endif
273: #ifdef SSL_LIBRARY_VERSION_TLS_1_3
274: case SSL_LIBRARY_VERSION_TLS_1_3:
275: return strdup("TLSv1.3");
276: #endif
277: default:
278: return curl_maprintf("0x%04x", nssver);
279: }
280: }
281:
282: static SECStatus set_ciphers(struct Curl_easy *data, PRFileDesc * model,
283: char *cipher_list)
284: {
285: unsigned int i;
286: PRBool cipher_state[NUM_OF_CIPHERS];
287: PRBool found;
288: char *cipher;
289:
290: /* use accessors to avoid dynamic linking issues after an update of NSS */
291: const PRUint16 num_implemented_ciphers = SSL_GetNumImplementedCiphers();
292: const PRUint16 *implemented_ciphers = SSL_GetImplementedCiphers();
293: if(!implemented_ciphers)
294: return SECFailure;
295:
296: /* First disable all ciphers. This uses a different max value in case
297: * NSS adds more ciphers later we don't want them available by
298: * accident
299: */
300: for(i = 0; i < num_implemented_ciphers; i++) {
301: SSL_CipherPrefSet(model, implemented_ciphers[i], PR_FALSE);
302: }
303:
304: /* Set every entry in our list to false */
305: for(i = 0; i < NUM_OF_CIPHERS; i++) {
306: cipher_state[i] = PR_FALSE;
307: }
308:
309: cipher = cipher_list;
310:
311: while(cipher_list && (cipher_list[0])) {
312: while((*cipher) && (ISSPACE(*cipher)))
313: ++cipher;
314:
315: cipher_list = strchr(cipher, ',');
316: if(cipher_list) {
317: *cipher_list++ = '\0';
318: }
319:
320: found = PR_FALSE;
321:
322: for(i = 0; i<NUM_OF_CIPHERS; i++) {
323: if(strcasecompare(cipher, cipherlist[i].name)) {
324: cipher_state[i] = PR_TRUE;
325: found = PR_TRUE;
326: break;
327: }
328: }
329:
330: if(found == PR_FALSE) {
331: failf(data, "Unknown cipher in list: %s", cipher);
332: return SECFailure;
333: }
334:
335: if(cipher_list) {
336: cipher = cipher_list;
337: }
338: }
339:
340: /* Finally actually enable the selected ciphers */
341: for(i = 0; i<NUM_OF_CIPHERS; i++) {
342: if(!cipher_state[i])
343: continue;
344:
345: if(SSL_CipherPrefSet(model, cipherlist[i].num, PR_TRUE) != SECSuccess) {
346: failf(data, "cipher-suite not supported by NSS: %s", cipherlist[i].name);
347: return SECFailure;
348: }
349: }
350:
351: return SECSuccess;
352: }
353:
354: /*
355: * Return true if at least one cipher-suite is enabled. Used to determine
356: * if we need to call NSS_SetDomesticPolicy() to enable the default ciphers.
357: */
358: static bool any_cipher_enabled(void)
359: {
360: unsigned int i;
361:
362: for(i = 0; i<NUM_OF_CIPHERS; i++) {
363: PRInt32 policy = 0;
364: SSL_CipherPolicyGet(cipherlist[i].num, &policy);
365: if(policy)
366: return TRUE;
367: }
368:
369: return FALSE;
370: }
371:
372: /*
373: * Determine whether the nickname passed in is a filename that needs to
374: * be loaded as a PEM or a regular NSS nickname.
375: *
376: * returns 1 for a file
377: * returns 0 for not a file (NSS nickname)
378: */
379: static int is_file(const char *filename)
380: {
381: struct_stat st;
382:
383: if(filename == NULL)
384: return 0;
385:
386: if(stat(filename, &st) == 0)
387: if(S_ISREG(st.st_mode) || S_ISFIFO(st.st_mode) || S_ISCHR(st.st_mode))
388: return 1;
389:
390: return 0;
391: }
392:
393: /* Check if the given string is filename or nickname of a certificate. If the
394: * given string is recognized as filename, return NULL. If the given string is
395: * recognized as nickname, return a duplicated string. The returned string
396: * should be later deallocated using free(). If the OOM failure occurs, we
397: * return NULL, too.
398: */
399: static char *dup_nickname(struct Curl_easy *data, const char *str)
400: {
401: const char *n;
402:
403: if(!is_file(str))
404: /* no such file exists, use the string as nickname */
405: return strdup(str);
406:
407: /* search the first slash; we require at least one slash in a file name */
408: n = strchr(str, '/');
409: if(!n) {
410: infof(data, "warning: certificate file name \"%s\" handled as nickname; "
411: "please use \"./%s\" to force file name\n", str, str);
412: return strdup(str);
413: }
414:
415: /* we'll use the PEM reader to read the certificate from file */
416: return NULL;
417: }
418:
419: /* Lock/unlock wrapper for PK11_FindSlotByName() to work around race condition
420: * in nssSlot_IsTokenPresent() causing spurious SEC_ERROR_NO_TOKEN. For more
421: * details, go to <https://bugzilla.mozilla.org/1297397>.
422: */
423: static PK11SlotInfo* nss_find_slot_by_name(const char *slot_name)
424: {
425: PK11SlotInfo *slot;
426: PR_Lock(nss_findslot_lock);
427: slot = PK11_FindSlotByName(slot_name);
428: PR_Unlock(nss_findslot_lock);
429: return slot;
430: }
431:
432: /* wrap 'ptr' as list node and tail-insert into 'list' */
433: static CURLcode insert_wrapped_ptr(struct curl_llist *list, void *ptr)
434: {
435: struct ptr_list_wrap *wrap = malloc(sizeof(*wrap));
436: if(!wrap)
437: return CURLE_OUT_OF_MEMORY;
438:
439: wrap->ptr = ptr;
440: Curl_llist_insert_next(list, list->tail, wrap, &wrap->node);
441: return CURLE_OK;
442: }
443:
444: /* Call PK11_CreateGenericObject() with the given obj_class and filename. If
445: * the call succeeds, append the object handle to the list of objects so that
446: * the object can be destroyed in Curl_nss_close(). */
447: static CURLcode nss_create_object(struct ssl_connect_data *connssl,
448: CK_OBJECT_CLASS obj_class,
449: const char *filename, bool cacert)
450: {
451: PK11SlotInfo *slot;
452: PK11GenericObject *obj;
453: CK_BBOOL cktrue = CK_TRUE;
454: CK_BBOOL ckfalse = CK_FALSE;
455: CK_ATTRIBUTE attrs[/* max count of attributes */ 4];
456: int attr_cnt = 0;
457: CURLcode result = (cacert)
458: ? CURLE_SSL_CACERT_BADFILE
459: : CURLE_SSL_CERTPROBLEM;
460:
461: const int slot_id = (cacert) ? 0 : 1;
462: char *slot_name = aprintf("PEM Token #%d", slot_id);
463: struct ssl_backend_data *backend = connssl->backend;
464: if(!slot_name)
465: return CURLE_OUT_OF_MEMORY;
466:
467: slot = nss_find_slot_by_name(slot_name);
468: free(slot_name);
469: if(!slot)
470: return result;
471:
472: PK11_SETATTRS(attrs, attr_cnt, CKA_CLASS, &obj_class, sizeof(obj_class));
473: PK11_SETATTRS(attrs, attr_cnt, CKA_TOKEN, &cktrue, sizeof(CK_BBOOL));
474: PK11_SETATTRS(attrs, attr_cnt, CKA_LABEL, (unsigned char *)filename,
475: (CK_ULONG)strlen(filename) + 1);
476:
477: if(CKO_CERTIFICATE == obj_class) {
478: CK_BBOOL *pval = (cacert) ? (&cktrue) : (&ckfalse);
479: PK11_SETATTRS(attrs, attr_cnt, CKA_TRUST, pval, sizeof(*pval));
480: }
481:
482: /* PK11_CreateManagedGenericObject() was introduced in NSS 3.34 because
483: * PK11_DestroyGenericObject() does not release resources allocated by
484: * PK11_CreateGenericObject() early enough. */
485: obj =
486: #ifdef HAVE_PK11_CREATEMANAGEDGENERICOBJECT
487: PK11_CreateManagedGenericObject
488: #else
489: PK11_CreateGenericObject
490: #endif
491: (slot, attrs, attr_cnt, PR_FALSE);
492:
493: PK11_FreeSlot(slot);
494: if(!obj)
495: return result;
496:
497: if(insert_wrapped_ptr(&backend->obj_list, obj) != CURLE_OK) {
498: PK11_DestroyGenericObject(obj);
499: return CURLE_OUT_OF_MEMORY;
500: }
501:
502: if(!cacert && CKO_CERTIFICATE == obj_class)
503: /* store reference to a client certificate */
504: backend->obj_clicert = obj;
505:
506: return CURLE_OK;
507: }
508:
509: /* Destroy the NSS object whose handle is given by ptr. This function is
510: * a callback of Curl_llist_alloc() used by Curl_llist_destroy() to destroy
511: * NSS objects in Curl_nss_close() */
512: static void nss_destroy_object(void *user, void *ptr)
513: {
514: struct ptr_list_wrap *wrap = (struct ptr_list_wrap *) ptr;
515: PK11GenericObject *obj = (PK11GenericObject *) wrap->ptr;
516: (void) user;
517: PK11_DestroyGenericObject(obj);
518: free(wrap);
519: }
520:
521: /* same as nss_destroy_object() but for CRL items */
522: static void nss_destroy_crl_item(void *user, void *ptr)
523: {
524: struct ptr_list_wrap *wrap = (struct ptr_list_wrap *) ptr;
525: SECItem *crl_der = (SECItem *) wrap->ptr;
526: (void) user;
527: SECITEM_FreeItem(crl_der, PR_TRUE);
528: free(wrap);
529: }
530:
531: static CURLcode nss_load_cert(struct ssl_connect_data *ssl,
532: const char *filename, PRBool cacert)
533: {
534: CURLcode result = (cacert)
535: ? CURLE_SSL_CACERT_BADFILE
536: : CURLE_SSL_CERTPROBLEM;
537:
538: /* libnsspem.so leaks memory if the requested file does not exist. For more
539: * details, go to <https://bugzilla.redhat.com/734760>. */
540: if(is_file(filename))
541: result = nss_create_object(ssl, CKO_CERTIFICATE, filename, cacert);
542:
543: if(!result && !cacert) {
544: /* we have successfully loaded a client certificate */
545: CERTCertificate *cert;
546: char *nickname = NULL;
547: char *n = strrchr(filename, '/');
548: if(n)
549: n++;
550:
551: /* The following undocumented magic helps to avoid a SIGSEGV on call
552: * of PK11_ReadRawAttribute() from SelectClientCert() when using an
553: * immature version of libnsspem.so. For more details, go to
554: * <https://bugzilla.redhat.com/733685>. */
555: nickname = aprintf("PEM Token #1:%s", n);
556: if(nickname) {
557: cert = PK11_FindCertFromNickname(nickname, NULL);
558: if(cert)
559: CERT_DestroyCertificate(cert);
560:
561: free(nickname);
562: }
563: }
564:
565: return result;
566: }
567:
568: /* add given CRL to cache if it is not already there */
569: static CURLcode nss_cache_crl(SECItem *crl_der)
570: {
571: CERTCertDBHandle *db = CERT_GetDefaultCertDB();
572: CERTSignedCrl *crl = SEC_FindCrlByDERCert(db, crl_der, 0);
573: if(crl) {
574: /* CRL already cached */
575: SEC_DestroyCrl(crl);
576: SECITEM_FreeItem(crl_der, PR_TRUE);
577: return CURLE_OK;
578: }
579:
580: /* acquire lock before call of CERT_CacheCRL() and accessing nss_crl_list */
581: PR_Lock(nss_crllock);
582:
583: if(SECSuccess != CERT_CacheCRL(db, crl_der)) {
584: /* unable to cache CRL */
585: SECITEM_FreeItem(crl_der, PR_TRUE);
586: PR_Unlock(nss_crllock);
587: return CURLE_SSL_CRL_BADFILE;
588: }
589:
590: /* store the CRL item so that we can free it in Curl_nss_cleanup() */
591: if(insert_wrapped_ptr(&nss_crl_list, crl_der) != CURLE_OK) {
592: if(SECSuccess == CERT_UncacheCRL(db, crl_der))
593: SECITEM_FreeItem(crl_der, PR_TRUE);
594: PR_Unlock(nss_crllock);
595: return CURLE_OUT_OF_MEMORY;
596: }
597:
598: /* we need to clear session cache, so that the CRL could take effect */
599: SSL_ClearSessionCache();
600: PR_Unlock(nss_crllock);
601: return CURLE_OK;
602: }
603:
604: static CURLcode nss_load_crl(const char *crlfilename)
605: {
606: PRFileDesc *infile;
607: PRFileInfo info;
608: SECItem filedata = { 0, NULL, 0 };
609: SECItem *crl_der = NULL;
610: char *body;
611:
612: infile = PR_Open(crlfilename, PR_RDONLY, 0);
613: if(!infile)
614: return CURLE_SSL_CRL_BADFILE;
615:
616: if(PR_SUCCESS != PR_GetOpenFileInfo(infile, &info))
617: goto fail;
618:
619: if(!SECITEM_AllocItem(NULL, &filedata, info.size + /* zero ended */ 1))
620: goto fail;
621:
622: if(info.size != PR_Read(infile, filedata.data, info.size))
623: goto fail;
624:
625: crl_der = SECITEM_AllocItem(NULL, NULL, 0U);
626: if(!crl_der)
627: goto fail;
628:
629: /* place a trailing zero right after the visible data */
630: body = (char *)filedata.data;
631: body[--filedata.len] = '\0';
632:
633: body = strstr(body, "-----BEGIN");
634: if(body) {
635: /* assume ASCII */
636: char *trailer;
637: char *begin = PORT_Strchr(body, '\n');
638: if(!begin)
639: begin = PORT_Strchr(body, '\r');
640: if(!begin)
641: goto fail;
642:
643: trailer = strstr(++begin, "-----END");
644: if(!trailer)
645: goto fail;
646:
647: /* retrieve DER from ASCII */
648: *trailer = '\0';
649: if(ATOB_ConvertAsciiToItem(crl_der, begin))
650: goto fail;
651:
652: SECITEM_FreeItem(&filedata, PR_FALSE);
653: }
654: else
655: /* assume DER */
656: *crl_der = filedata;
657:
658: PR_Close(infile);
659: return nss_cache_crl(crl_der);
660:
661: fail:
662: PR_Close(infile);
663: SECITEM_FreeItem(crl_der, PR_TRUE);
664: SECITEM_FreeItem(&filedata, PR_FALSE);
665: return CURLE_SSL_CRL_BADFILE;
666: }
667:
668: static CURLcode nss_load_key(struct connectdata *conn, int sockindex,
669: char *key_file)
670: {
671: PK11SlotInfo *slot, *tmp;
672: SECStatus status;
673: CURLcode result;
674: struct ssl_connect_data *ssl = conn->ssl;
675: struct Curl_easy *data = conn->data;
676:
677: (void)sockindex; /* unused */
678:
679: result = nss_create_object(ssl, CKO_PRIVATE_KEY, key_file, FALSE);
680: if(result) {
681: PR_SetError(SEC_ERROR_BAD_KEY, 0);
682: return result;
683: }
684:
685: slot = nss_find_slot_by_name("PEM Token #1");
686: if(!slot)
687: return CURLE_SSL_CERTPROBLEM;
688:
689: /* This will force the token to be seen as re-inserted */
690: tmp = SECMOD_WaitForAnyTokenEvent(pem_module, 0, 0);
691: if(tmp)
692: PK11_FreeSlot(tmp);
693: if(!PK11_IsPresent(slot)) {
694: PK11_FreeSlot(slot);
695: return CURLE_SSL_CERTPROBLEM;
696: }
697:
698: status = PK11_Authenticate(slot, PR_TRUE, SSL_SET_OPTION(key_passwd));
699: PK11_FreeSlot(slot);
700:
701: return (SECSuccess == status) ? CURLE_OK : CURLE_SSL_CERTPROBLEM;
702: }
703:
704: static int display_error(struct connectdata *conn, PRInt32 err,
705: const char *filename)
706: {
707: switch(err) {
708: case SEC_ERROR_BAD_PASSWORD:
709: failf(conn->data, "Unable to load client key: Incorrect password");
710: return 1;
711: case SEC_ERROR_UNKNOWN_CERT:
712: failf(conn->data, "Unable to load certificate %s", filename);
713: return 1;
714: default:
715: break;
716: }
717: return 0; /* The caller will print a generic error */
718: }
719:
720: static CURLcode cert_stuff(struct connectdata *conn, int sockindex,
721: char *cert_file, char *key_file)
722: {
723: struct Curl_easy *data = conn->data;
724: CURLcode result;
725:
726: if(cert_file) {
727: result = nss_load_cert(&conn->ssl[sockindex], cert_file, PR_FALSE);
728: if(result) {
729: const PRErrorCode err = PR_GetError();
730: if(!display_error(conn, err, cert_file)) {
731: const char *err_name = nss_error_to_name(err);
732: failf(data, "unable to load client cert: %d (%s)", err, err_name);
733: }
734:
735: return result;
736: }
737: }
738:
739: if(key_file || (is_file(cert_file))) {
740: if(key_file)
741: result = nss_load_key(conn, sockindex, key_file);
742: else
743: /* In case the cert file also has the key */
744: result = nss_load_key(conn, sockindex, cert_file);
745: if(result) {
746: const PRErrorCode err = PR_GetError();
747: if(!display_error(conn, err, key_file)) {
748: const char *err_name = nss_error_to_name(err);
749: failf(data, "unable to load client key: %d (%s)", err, err_name);
750: }
751:
752: return result;
753: }
754: }
755:
756: return CURLE_OK;
757: }
758:
759: static char *nss_get_password(PK11SlotInfo *slot, PRBool retry, void *arg)
760: {
761: (void)slot; /* unused */
762:
763: if(retry || NULL == arg)
764: return NULL;
765: else
766: return (char *)PORT_Strdup((char *)arg);
767: }
768:
769: /* bypass the default SSL_AuthCertificate() hook in case we do not want to
770: * verify peer */
771: static SECStatus nss_auth_cert_hook(void *arg, PRFileDesc *fd, PRBool checksig,
772: PRBool isServer)
773: {
774: struct connectdata *conn = (struct connectdata *)arg;
775:
776: #ifdef SSL_ENABLE_OCSP_STAPLING
777: if(SSL_CONN_CONFIG(verifystatus)) {
778: SECStatus cacheResult;
779:
780: const SECItemArray *csa = SSL_PeerStapledOCSPResponses(fd);
781: if(!csa) {
782: failf(conn->data, "Invalid OCSP response");
783: return SECFailure;
784: }
785:
786: if(csa->len == 0) {
787: failf(conn->data, "No OCSP response received");
788: return SECFailure;
789: }
790:
791: cacheResult = CERT_CacheOCSPResponseFromSideChannel(
792: CERT_GetDefaultCertDB(), SSL_PeerCertificate(fd),
793: PR_Now(), &csa->items[0], arg
794: );
795:
796: if(cacheResult != SECSuccess) {
797: failf(conn->data, "Invalid OCSP response");
798: return cacheResult;
799: }
800: }
801: #endif
802:
803: if(!SSL_CONN_CONFIG(verifypeer)) {
804: infof(conn->data, "skipping SSL peer certificate verification\n");
805: return SECSuccess;
806: }
807:
808: return SSL_AuthCertificate(CERT_GetDefaultCertDB(), fd, checksig, isServer);
809: }
810:
811: /**
812: * Inform the application that the handshake is complete.
813: */
814: static void HandshakeCallback(PRFileDesc *sock, void *arg)
815: {
816: struct connectdata *conn = (struct connectdata*) arg;
817: unsigned int buflenmax = 50;
818: unsigned char buf[50];
819: unsigned int buflen;
820: SSLNextProtoState state;
821:
822: if(!conn->bits.tls_enable_npn && !conn->bits.tls_enable_alpn) {
823: return;
824: }
825:
826: if(SSL_GetNextProto(sock, &state, buf, &buflen, buflenmax) == SECSuccess) {
827:
828: switch(state) {
829: #if NSSVERNUM >= 0x031a00 /* 3.26.0 */
830: /* used by NSS internally to implement 0-RTT */
831: case SSL_NEXT_PROTO_EARLY_VALUE:
832: /* fall through! */
833: #endif
834: case SSL_NEXT_PROTO_NO_SUPPORT:
835: case SSL_NEXT_PROTO_NO_OVERLAP:
836: infof(conn->data, "ALPN/NPN, server did not agree to a protocol\n");
837: return;
838: #ifdef SSL_ENABLE_ALPN
839: case SSL_NEXT_PROTO_SELECTED:
840: infof(conn->data, "ALPN, server accepted to use %.*s\n", buflen, buf);
841: break;
842: #endif
843: case SSL_NEXT_PROTO_NEGOTIATED:
844: infof(conn->data, "NPN, server accepted to use %.*s\n", buflen, buf);
845: break;
846: }
847:
848: #ifdef USE_NGHTTP2
849: if(buflen == NGHTTP2_PROTO_VERSION_ID_LEN &&
850: !memcmp(NGHTTP2_PROTO_VERSION_ID, buf, NGHTTP2_PROTO_VERSION_ID_LEN)) {
851: conn->negnpn = CURL_HTTP_VERSION_2;
852: }
853: else
854: #endif
855: if(buflen == ALPN_HTTP_1_1_LENGTH &&
856: !memcmp(ALPN_HTTP_1_1, buf, ALPN_HTTP_1_1_LENGTH)) {
857: conn->negnpn = CURL_HTTP_VERSION_1_1;
858: }
859: Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ?
860: BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
861: }
862: }
863:
864: #if NSSVERNUM >= 0x030f04 /* 3.15.4 */
865: static SECStatus CanFalseStartCallback(PRFileDesc *sock, void *client_data,
866: PRBool *canFalseStart)
867: {
868: struct connectdata *conn = client_data;
869: struct Curl_easy *data = conn->data;
870:
871: SSLChannelInfo channelInfo;
872: SSLCipherSuiteInfo cipherInfo;
873:
874: SECStatus rv;
875: PRBool negotiatedExtension;
876:
877: *canFalseStart = PR_FALSE;
878:
879: if(SSL_GetChannelInfo(sock, &channelInfo, sizeof(channelInfo)) != SECSuccess)
880: return SECFailure;
881:
882: if(SSL_GetCipherSuiteInfo(channelInfo.cipherSuite, &cipherInfo,
883: sizeof(cipherInfo)) != SECSuccess)
884: return SECFailure;
885:
886: /* Prevent version downgrade attacks from TLS 1.2, and avoid False Start for
887: * TLS 1.3 and later. See https://bugzilla.mozilla.org/show_bug.cgi?id=861310
888: */
889: if(channelInfo.protocolVersion != SSL_LIBRARY_VERSION_TLS_1_2)
890: goto end;
891:
892: /* Only allow ECDHE key exchange algorithm.
893: * See https://bugzilla.mozilla.org/show_bug.cgi?id=952863 */
894: if(cipherInfo.keaType != ssl_kea_ecdh)
895: goto end;
896:
897: /* Prevent downgrade attacks on the symmetric cipher. We do not allow CBC
898: * mode due to BEAST, POODLE, and other attacks on the MAC-then-Encrypt
899: * design. See https://bugzilla.mozilla.org/show_bug.cgi?id=1109766 */
900: if(cipherInfo.symCipher != ssl_calg_aes_gcm)
901: goto end;
902:
903: /* Enforce ALPN or NPN to do False Start, as an indicator of server
904: * compatibility. */
905: rv = SSL_HandshakeNegotiatedExtension(sock, ssl_app_layer_protocol_xtn,
906: &negotiatedExtension);
907: if(rv != SECSuccess || !negotiatedExtension) {
908: rv = SSL_HandshakeNegotiatedExtension(sock, ssl_next_proto_nego_xtn,
909: &negotiatedExtension);
910: }
911:
912: if(rv != SECSuccess || !negotiatedExtension)
913: goto end;
914:
915: *canFalseStart = PR_TRUE;
916:
917: infof(data, "Trying TLS False Start\n");
918:
919: end:
920: return SECSuccess;
921: }
922: #endif
923:
924: static void display_cert_info(struct Curl_easy *data,
925: CERTCertificate *cert)
926: {
927: char *subject, *issuer, *common_name;
928: PRExplodedTime printableTime;
929: char timeString[256];
930: PRTime notBefore, notAfter;
931:
932: subject = CERT_NameToAscii(&cert->subject);
933: issuer = CERT_NameToAscii(&cert->issuer);
934: common_name = CERT_GetCommonName(&cert->subject);
935: infof(data, "\tsubject: %s\n", subject);
936:
937: CERT_GetCertTimes(cert, ¬Before, ¬After);
938: PR_ExplodeTime(notBefore, PR_GMTParameters, &printableTime);
939: PR_FormatTime(timeString, 256, "%b %d %H:%M:%S %Y GMT", &printableTime);
940: infof(data, "\tstart date: %s\n", timeString);
941: PR_ExplodeTime(notAfter, PR_GMTParameters, &printableTime);
942: PR_FormatTime(timeString, 256, "%b %d %H:%M:%S %Y GMT", &printableTime);
943: infof(data, "\texpire date: %s\n", timeString);
944: infof(data, "\tcommon name: %s\n", common_name);
945: infof(data, "\tissuer: %s\n", issuer);
946:
947: PR_Free(subject);
948: PR_Free(issuer);
949: PR_Free(common_name);
950: }
951:
952: static CURLcode display_conn_info(struct connectdata *conn, PRFileDesc *sock)
953: {
954: CURLcode result = CURLE_OK;
955: SSLChannelInfo channel;
956: SSLCipherSuiteInfo suite;
957: CERTCertificate *cert;
958: CERTCertificate *cert2;
959: CERTCertificate *cert3;
960: PRTime now;
961: int i;
962:
963: if(SSL_GetChannelInfo(sock, &channel, sizeof(channel)) ==
964: SECSuccess && channel.length == sizeof(channel) &&
965: channel.cipherSuite) {
966: if(SSL_GetCipherSuiteInfo(channel.cipherSuite,
967: &suite, sizeof(suite)) == SECSuccess) {
968: infof(conn->data, "SSL connection using %s\n", suite.cipherSuiteName);
969: }
970: }
971:
972: cert = SSL_PeerCertificate(sock);
973: if(cert) {
974: infof(conn->data, "Server certificate:\n");
975:
976: if(!conn->data->set.ssl.certinfo) {
977: display_cert_info(conn->data, cert);
978: CERT_DestroyCertificate(cert);
979: }
980: else {
981: /* Count certificates in chain. */
982: now = PR_Now();
983: i = 1;
984: if(!cert->isRoot) {
985: cert2 = CERT_FindCertIssuer(cert, now, certUsageSSLCA);
986: while(cert2) {
987: i++;
988: if(cert2->isRoot) {
989: CERT_DestroyCertificate(cert2);
990: break;
991: }
992: cert3 = CERT_FindCertIssuer(cert2, now, certUsageSSLCA);
993: CERT_DestroyCertificate(cert2);
994: cert2 = cert3;
995: }
996: }
997:
998: result = Curl_ssl_init_certinfo(conn->data, i);
999: if(!result) {
1000: for(i = 0; cert; cert = cert2) {
1001: result = Curl_extract_certinfo(conn, i++, (char *)cert->derCert.data,
1002: (char *)cert->derCert.data +
1003: cert->derCert.len);
1004: if(result)
1005: break;
1006:
1007: if(cert->isRoot) {
1008: CERT_DestroyCertificate(cert);
1009: break;
1010: }
1011:
1012: cert2 = CERT_FindCertIssuer(cert, now, certUsageSSLCA);
1013: CERT_DestroyCertificate(cert);
1014: }
1015: }
1016: }
1017: }
1018:
1019: return result;
1020: }
1021:
1022: static SECStatus BadCertHandler(void *arg, PRFileDesc *sock)
1023: {
1024: struct connectdata *conn = (struct connectdata *)arg;
1025: struct Curl_easy *data = conn->data;
1026: PRErrorCode err = PR_GetError();
1027: CERTCertificate *cert;
1028:
1029: /* remember the cert verification result */
1030: if(SSL_IS_PROXY())
1031: data->set.proxy_ssl.certverifyresult = err;
1032: else
1033: data->set.ssl.certverifyresult = err;
1034:
1035: if(err == SSL_ERROR_BAD_CERT_DOMAIN && !SSL_CONN_CONFIG(verifyhost))
1036: /* we are asked not to verify the host name */
1037: return SECSuccess;
1038:
1039: /* print only info about the cert, the error is printed off the callback */
1040: cert = SSL_PeerCertificate(sock);
1041: if(cert) {
1042: infof(data, "Server certificate:\n");
1043: display_cert_info(data, cert);
1044: CERT_DestroyCertificate(cert);
1045: }
1046:
1047: return SECFailure;
1048: }
1049:
1050: /**
1051: *
1052: * Check that the Peer certificate's issuer certificate matches the one found
1053: * by issuer_nickname. This is not exactly the way OpenSSL and GNU TLS do the
1054: * issuer check, so we provide comments that mimic the OpenSSL
1055: * X509_check_issued function (in x509v3/v3_purp.c)
1056: */
1057: static SECStatus check_issuer_cert(PRFileDesc *sock,
1058: char *issuer_nickname)
1059: {
1060: CERTCertificate *cert, *cert_issuer, *issuer;
1061: SECStatus res = SECSuccess;
1062: void *proto_win = NULL;
1063:
1064: cert = SSL_PeerCertificate(sock);
1065: cert_issuer = CERT_FindCertIssuer(cert, PR_Now(), certUsageObjectSigner);
1066:
1067: proto_win = SSL_RevealPinArg(sock);
1068: issuer = PK11_FindCertFromNickname(issuer_nickname, proto_win);
1069:
1070: if((!cert_issuer) || (!issuer))
1071: res = SECFailure;
1072: else if(SECITEM_CompareItem(&cert_issuer->derCert,
1073: &issuer->derCert) != SECEqual)
1074: res = SECFailure;
1075:
1076: CERT_DestroyCertificate(cert);
1077: CERT_DestroyCertificate(issuer);
1078: CERT_DestroyCertificate(cert_issuer);
1079: return res;
1080: }
1081:
1082: static CURLcode cmp_peer_pubkey(struct ssl_connect_data *connssl,
1083: const char *pinnedpubkey)
1084: {
1085: CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
1086: struct ssl_backend_data *backend = connssl->backend;
1087: struct Curl_easy *data = backend->data;
1088: CERTCertificate *cert;
1089:
1090: if(!pinnedpubkey)
1091: /* no pinned public key specified */
1092: return CURLE_OK;
1093:
1094: /* get peer certificate */
1095: cert = SSL_PeerCertificate(backend->handle);
1096: if(cert) {
1097: /* extract public key from peer certificate */
1098: SECKEYPublicKey *pubkey = CERT_ExtractPublicKey(cert);
1099: if(pubkey) {
1100: /* encode the public key as DER */
1101: SECItem *cert_der = PK11_DEREncodePublicKey(pubkey);
1102: if(cert_der) {
1103: /* compare the public key with the pinned public key */
1104: result = Curl_pin_peer_pubkey(data, pinnedpubkey, cert_der->data,
1105: cert_der->len);
1106: SECITEM_FreeItem(cert_der, PR_TRUE);
1107: }
1108: SECKEY_DestroyPublicKey(pubkey);
1109: }
1110: CERT_DestroyCertificate(cert);
1111: }
1112:
1113: /* report the resulting status */
1114: switch(result) {
1115: case CURLE_OK:
1116: infof(data, "pinned public key verified successfully!\n");
1117: break;
1118: case CURLE_SSL_PINNEDPUBKEYNOTMATCH:
1119: failf(data, "failed to verify pinned public key");
1120: break;
1121: default:
1122: /* OOM, etc. */
1123: break;
1124: }
1125:
1126: return result;
1127: }
1128:
1129: /**
1130: *
1131: * Callback to pick the SSL client certificate.
1132: */
1133: static SECStatus SelectClientCert(void *arg, PRFileDesc *sock,
1134: struct CERTDistNamesStr *caNames,
1135: struct CERTCertificateStr **pRetCert,
1136: struct SECKEYPrivateKeyStr **pRetKey)
1137: {
1138: struct ssl_connect_data *connssl = (struct ssl_connect_data *)arg;
1139: struct ssl_backend_data *backend = connssl->backend;
1140: struct Curl_easy *data = backend->data;
1141: const char *nickname = backend->client_nickname;
1142: static const char pem_slotname[] = "PEM Token #1";
1143:
1144: if(backend->obj_clicert) {
1145: /* use the cert/key provided by PEM reader */
1146: SECItem cert_der = { 0, NULL, 0 };
1147: void *proto_win = SSL_RevealPinArg(sock);
1148: struct CERTCertificateStr *cert;
1149: struct SECKEYPrivateKeyStr *key;
1150:
1151: PK11SlotInfo *slot = nss_find_slot_by_name(pem_slotname);
1152: if(NULL == slot) {
1153: failf(data, "NSS: PK11 slot not found: %s", pem_slotname);
1154: return SECFailure;
1155: }
1156:
1157: if(PK11_ReadRawAttribute(PK11_TypeGeneric, backend->obj_clicert, CKA_VALUE,
1158: &cert_der) != SECSuccess) {
1159: failf(data, "NSS: CKA_VALUE not found in PK11 generic object");
1160: PK11_FreeSlot(slot);
1161: return SECFailure;
1162: }
1163:
1164: cert = PK11_FindCertFromDERCertItem(slot, &cert_der, proto_win);
1165: SECITEM_FreeItem(&cert_der, PR_FALSE);
1166: if(NULL == cert) {
1167: failf(data, "NSS: client certificate from file not found");
1168: PK11_FreeSlot(slot);
1169: return SECFailure;
1170: }
1171:
1172: key = PK11_FindPrivateKeyFromCert(slot, cert, NULL);
1173: PK11_FreeSlot(slot);
1174: if(NULL == key) {
1175: failf(data, "NSS: private key from file not found");
1176: CERT_DestroyCertificate(cert);
1177: return SECFailure;
1178: }
1179:
1180: infof(data, "NSS: client certificate from file\n");
1181: display_cert_info(data, cert);
1182:
1183: *pRetCert = cert;
1184: *pRetKey = key;
1185: return SECSuccess;
1186: }
1187:
1188: /* use the default NSS hook */
1189: if(SECSuccess != NSS_GetClientAuthData((void *)nickname, sock, caNames,
1190: pRetCert, pRetKey)
1191: || NULL == *pRetCert) {
1192:
1193: if(NULL == nickname)
1194: failf(data, "NSS: client certificate not found (nickname not "
1195: "specified)");
1196: else
1197: failf(data, "NSS: client certificate not found: %s", nickname);
1198:
1199: return SECFailure;
1200: }
1201:
1202: /* get certificate nickname if any */
1203: nickname = (*pRetCert)->nickname;
1204: if(NULL == nickname)
1205: nickname = "[unknown]";
1206:
1207: if(!strncmp(nickname, pem_slotname, sizeof(pem_slotname) - 1U)) {
1208: failf(data, "NSS: refusing previously loaded certificate from file: %s",
1209: nickname);
1210: return SECFailure;
1211: }
1212:
1213: if(NULL == *pRetKey) {
1214: failf(data, "NSS: private key not found for certificate: %s", nickname);
1215: return SECFailure;
1216: }
1217:
1218: infof(data, "NSS: using client certificate: %s\n", nickname);
1219: display_cert_info(data, *pRetCert);
1220: return SECSuccess;
1221: }
1222:
1223: /* update blocking direction in case of PR_WOULD_BLOCK_ERROR */
1224: static void nss_update_connecting_state(ssl_connect_state state, void *secret)
1225: {
1226: struct ssl_connect_data *connssl = (struct ssl_connect_data *)secret;
1227: if(PR_GetError() != PR_WOULD_BLOCK_ERROR)
1228: /* an unrelated error is passing by */
1229: return;
1230:
1231: switch(connssl->connecting_state) {
1232: case ssl_connect_2:
1233: case ssl_connect_2_reading:
1234: case ssl_connect_2_writing:
1235: break;
1236: default:
1237: /* we are not called from an SSL handshake */
1238: return;
1239: }
1240:
1241: /* update the state accordingly */
1242: connssl->connecting_state = state;
1243: }
1244:
1245: /* recv() wrapper we use to detect blocking direction during SSL handshake */
1246: static PRInt32 nspr_io_recv(PRFileDesc *fd, void *buf, PRInt32 amount,
1247: PRIntn flags, PRIntervalTime timeout)
1248: {
1249: const PRRecvFN recv_fn = fd->lower->methods->recv;
1250: const PRInt32 rv = recv_fn(fd->lower, buf, amount, flags, timeout);
1251: if(rv < 0)
1252: /* check for PR_WOULD_BLOCK_ERROR and update blocking direction */
1253: nss_update_connecting_state(ssl_connect_2_reading, fd->secret);
1254: return rv;
1255: }
1256:
1257: /* send() wrapper we use to detect blocking direction during SSL handshake */
1258: static PRInt32 nspr_io_send(PRFileDesc *fd, const void *buf, PRInt32 amount,
1259: PRIntn flags, PRIntervalTime timeout)
1260: {
1261: const PRSendFN send_fn = fd->lower->methods->send;
1262: const PRInt32 rv = send_fn(fd->lower, buf, amount, flags, timeout);
1263: if(rv < 0)
1264: /* check for PR_WOULD_BLOCK_ERROR and update blocking direction */
1265: nss_update_connecting_state(ssl_connect_2_writing, fd->secret);
1266: return rv;
1267: }
1268:
1269: /* close() wrapper to avoid assertion failure due to fd->secret != NULL */
1270: static PRStatus nspr_io_close(PRFileDesc *fd)
1271: {
1272: const PRCloseFN close_fn = PR_GetDefaultIOMethods()->close;
1273: fd->secret = NULL;
1274: return close_fn(fd);
1275: }
1276:
1277: /* load a PKCS #11 module */
1278: static CURLcode nss_load_module(SECMODModule **pmod, const char *library,
1279: const char *name)
1280: {
1281: char *config_string;
1282: SECMODModule *module = *pmod;
1283: if(module)
1284: /* already loaded */
1285: return CURLE_OK;
1286:
1287: config_string = aprintf("library=%s name=%s", library, name);
1288: if(!config_string)
1289: return CURLE_OUT_OF_MEMORY;
1290:
1291: module = SECMOD_LoadUserModule(config_string, NULL, PR_FALSE);
1292: free(config_string);
1293:
1294: if(module && module->loaded) {
1295: /* loaded successfully */
1296: *pmod = module;
1297: return CURLE_OK;
1298: }
1299:
1300: if(module)
1301: SECMOD_DestroyModule(module);
1302: return CURLE_FAILED_INIT;
1303: }
1304:
1305: /* unload a PKCS #11 module */
1306: static void nss_unload_module(SECMODModule **pmod)
1307: {
1308: SECMODModule *module = *pmod;
1309: if(!module)
1310: /* not loaded */
1311: return;
1312:
1313: if(SECMOD_UnloadUserModule(module) != SECSuccess)
1314: /* unload failed */
1315: return;
1316:
1317: SECMOD_DestroyModule(module);
1318: *pmod = NULL;
1319: }
1320:
1321: /* data might be NULL */
1322: static CURLcode nss_init_core(struct Curl_easy *data, const char *cert_dir)
1323: {
1324: NSSInitParameters initparams;
1325: PRErrorCode err;
1326: const char *err_name;
1327:
1328: if(nss_context != NULL)
1329: return CURLE_OK;
1330:
1331: memset((void *) &initparams, '\0', sizeof(initparams));
1332: initparams.length = sizeof(initparams);
1333:
1334: if(cert_dir) {
1335: char *certpath = aprintf("sql:%s", cert_dir);
1336: if(!certpath)
1337: return CURLE_OUT_OF_MEMORY;
1338:
1339: infof(data, "Initializing NSS with certpath: %s\n", certpath);
1340: nss_context = NSS_InitContext(certpath, "", "", "", &initparams,
1341: NSS_INIT_READONLY | NSS_INIT_PK11RELOAD);
1342: free(certpath);
1343:
1344: if(nss_context != NULL)
1345: return CURLE_OK;
1346:
1347: err = PR_GetError();
1348: err_name = nss_error_to_name(err);
1349: infof(data, "Unable to initialize NSS database: %d (%s)\n", err, err_name);
1350: }
1351:
1352: infof(data, "Initializing NSS with certpath: none\n");
1353: nss_context = NSS_InitContext("", "", "", "", &initparams, NSS_INIT_READONLY
1354: | NSS_INIT_NOCERTDB | NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN
1355: | NSS_INIT_NOROOTINIT | NSS_INIT_OPTIMIZESPACE | NSS_INIT_PK11RELOAD);
1356: if(nss_context != NULL)
1357: return CURLE_OK;
1358:
1359: err = PR_GetError();
1360: err_name = nss_error_to_name(err);
1361: failf(data, "Unable to initialize NSS: %d (%s)", err, err_name);
1362: return CURLE_SSL_CACERT_BADFILE;
1363: }
1364:
1365: /* data might be NULL */
1366: static CURLcode nss_init(struct Curl_easy *data)
1367: {
1368: char *cert_dir;
1369: struct_stat st;
1370: CURLcode result;
1371:
1372: if(initialized)
1373: return CURLE_OK;
1374:
1375: /* list of all CRL items we need to destroy in Curl_nss_cleanup() */
1376: Curl_llist_init(&nss_crl_list, nss_destroy_crl_item);
1377:
1378: /* First we check if $SSL_DIR points to a valid dir */
1379: cert_dir = getenv("SSL_DIR");
1380: if(cert_dir) {
1381: if((stat(cert_dir, &st) != 0) ||
1382: (!S_ISDIR(st.st_mode))) {
1383: cert_dir = NULL;
1384: }
1385: }
1386:
1387: /* Now we check if the default location is a valid dir */
1388: if(!cert_dir) {
1389: if((stat(SSL_DIR, &st) == 0) &&
1390: (S_ISDIR(st.st_mode))) {
1391: cert_dir = (char *)SSL_DIR;
1392: }
1393: }
1394:
1395: if(nspr_io_identity == PR_INVALID_IO_LAYER) {
1396: /* allocate an identity for our own NSPR I/O layer */
1397: nspr_io_identity = PR_GetUniqueIdentity("libcurl");
1398: if(nspr_io_identity == PR_INVALID_IO_LAYER)
1399: return CURLE_OUT_OF_MEMORY;
1400:
1401: /* the default methods just call down to the lower I/O layer */
1402: memcpy(&nspr_io_methods, PR_GetDefaultIOMethods(),
1403: sizeof(nspr_io_methods));
1404:
1405: /* override certain methods in the table by our wrappers */
1406: nspr_io_methods.recv = nspr_io_recv;
1407: nspr_io_methods.send = nspr_io_send;
1408: nspr_io_methods.close = nspr_io_close;
1409: }
1410:
1411: result = nss_init_core(data, cert_dir);
1412: if(result)
1413: return result;
1414:
1415: if(!any_cipher_enabled())
1416: NSS_SetDomesticPolicy();
1417:
1418: initialized = 1;
1419:
1420: return CURLE_OK;
1421: }
1422:
1423: /**
1424: * Global SSL init
1425: *
1426: * @retval 0 error initializing SSL
1427: * @retval 1 SSL initialized successfully
1428: */
1429: static int Curl_nss_init(void)
1430: {
1431: /* curl_global_init() is not thread-safe so this test is ok */
1432: if(nss_initlock == NULL) {
1433: PR_Init(PR_USER_THREAD, PR_PRIORITY_NORMAL, 0);
1434: nss_initlock = PR_NewLock();
1435: nss_crllock = PR_NewLock();
1436: nss_findslot_lock = PR_NewLock();
1437: nss_trustload_lock = PR_NewLock();
1438: }
1439:
1440: /* We will actually initialize NSS later */
1441:
1442: return 1;
1443: }
1444:
1445: /* data might be NULL */
1446: CURLcode Curl_nss_force_init(struct Curl_easy *data)
1447: {
1448: CURLcode result;
1449: if(!nss_initlock) {
1450: if(data)
1451: failf(data, "unable to initialize NSS, curl_global_init() should have "
1452: "been called with CURL_GLOBAL_SSL or CURL_GLOBAL_ALL");
1453: return CURLE_FAILED_INIT;
1454: }
1455:
1456: PR_Lock(nss_initlock);
1457: result = nss_init(data);
1458: PR_Unlock(nss_initlock);
1459:
1460: return result;
1461: }
1462:
1463: /* Global cleanup */
1464: static void Curl_nss_cleanup(void)
1465: {
1466: /* This function isn't required to be threadsafe and this is only done
1467: * as a safety feature.
1468: */
1469: PR_Lock(nss_initlock);
1470: if(initialized) {
1471: /* Free references to client certificates held in the SSL session cache.
1472: * Omitting this hampers destruction of the security module owning
1473: * the certificates. */
1474: SSL_ClearSessionCache();
1475:
1476: nss_unload_module(&pem_module);
1477: nss_unload_module(&trust_module);
1478: NSS_ShutdownContext(nss_context);
1479: nss_context = NULL;
1480: }
1481:
1482: /* destroy all CRL items */
1483: Curl_llist_destroy(&nss_crl_list, NULL);
1484:
1485: PR_Unlock(nss_initlock);
1486:
1487: PR_DestroyLock(nss_initlock);
1488: PR_DestroyLock(nss_crllock);
1489: PR_DestroyLock(nss_findslot_lock);
1490: PR_DestroyLock(nss_trustload_lock);
1491: nss_initlock = NULL;
1492:
1493: initialized = 0;
1494: }
1495:
1496: /*
1497: * This function uses SSL_peek to determine connection status.
1498: *
1499: * Return codes:
1500: * 1 means the connection is still in place
1501: * 0 means the connection has been closed
1502: * -1 means the connection status is unknown
1503: */
1504: static int Curl_nss_check_cxn(struct connectdata *conn)
1505: {
1506: struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET];
1507: struct ssl_backend_data *backend = connssl->backend;
1508: int rc;
1509: char buf;
1510:
1511: rc =
1512: PR_Recv(backend->handle, (void *)&buf, 1, PR_MSG_PEEK,
1513: PR_SecondsToInterval(1));
1514: if(rc > 0)
1515: return 1; /* connection still in place */
1516:
1517: if(rc == 0)
1518: return 0; /* connection has been closed */
1519:
1520: return -1; /* connection status unknown */
1521: }
1522:
1523: static void nss_close(struct ssl_connect_data *connssl)
1524: {
1525: /* before the cleanup, check whether we are using a client certificate */
1526: struct ssl_backend_data *backend = connssl->backend;
1527: const bool client_cert = (backend->client_nickname != NULL)
1528: || (backend->obj_clicert != NULL);
1529:
1530: free(backend->client_nickname);
1531: backend->client_nickname = NULL;
1532:
1533: /* destroy all NSS objects in order to avoid failure of NSS shutdown */
1534: Curl_llist_destroy(&backend->obj_list, NULL);
1535: backend->obj_clicert = NULL;
1536:
1537: if(backend->handle) {
1538: if(client_cert)
1539: /* A server might require different authentication based on the
1540: * particular path being requested by the client. To support this
1541: * scenario, we must ensure that a connection will never reuse the
1542: * authentication data from a previous connection. */
1543: SSL_InvalidateSession(backend->handle);
1544:
1545: PR_Close(backend->handle);
1546: backend->handle = NULL;
1547: }
1548: }
1549:
1550: /*
1551: * This function is called when an SSL connection is closed.
1552: */
1553: static void Curl_nss_close(struct connectdata *conn, int sockindex)
1554: {
1555: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1556: struct ssl_connect_data *connssl_proxy = &conn->proxy_ssl[sockindex];
1557: struct ssl_backend_data *backend = connssl->backend;
1558:
1559: if(backend->handle || connssl_proxy->backend->handle) {
1560: /* NSS closes the socket we previously handed to it, so we must mark it
1561: as closed to avoid double close */
1562: fake_sclose(conn->sock[sockindex]);
1563: conn->sock[sockindex] = CURL_SOCKET_BAD;
1564: }
1565:
1566: if(backend->handle)
1567: /* nss_close(connssl) will transitively close also
1568: connssl_proxy->backend->handle if both are used. Clear it to avoid
1569: a double close leading to crash. */
1570: connssl_proxy->backend->handle = NULL;
1571:
1572: nss_close(connssl);
1573: nss_close(connssl_proxy);
1574: }
1575:
1576: /* return true if NSS can provide error code (and possibly msg) for the
1577: error */
1578: static bool is_nss_error(CURLcode err)
1579: {
1580: switch(err) {
1581: case CURLE_PEER_FAILED_VERIFICATION:
1582: case CURLE_SSL_CERTPROBLEM:
1583: case CURLE_SSL_CONNECT_ERROR:
1584: case CURLE_SSL_ISSUER_ERROR:
1585: return true;
1586:
1587: default:
1588: return false;
1589: }
1590: }
1591:
1592: /* return true if the given error code is related to a client certificate */
1593: static bool is_cc_error(PRInt32 err)
1594: {
1595: switch(err) {
1596: case SSL_ERROR_BAD_CERT_ALERT:
1597: case SSL_ERROR_EXPIRED_CERT_ALERT:
1598: case SSL_ERROR_REVOKED_CERT_ALERT:
1599: return true;
1600:
1601: default:
1602: return false;
1603: }
1604: }
1605:
1606: static Curl_recv nss_recv;
1607: static Curl_send nss_send;
1608:
1609: static CURLcode nss_load_ca_certificates(struct connectdata *conn,
1610: int sockindex)
1611: {
1612: struct Curl_easy *data = conn->data;
1613: const char *cafile = SSL_CONN_CONFIG(CAfile);
1614: const char *capath = SSL_CONN_CONFIG(CApath);
1615: bool use_trust_module;
1616: CURLcode result = CURLE_OK;
1617:
1618: /* treat empty string as unset */
1619: if(cafile && !cafile[0])
1620: cafile = NULL;
1621: if(capath && !capath[0])
1622: capath = NULL;
1623:
1624: infof(data, " CAfile: %s\n CApath: %s\n",
1625: cafile ? cafile : "none",
1626: capath ? capath : "none");
1627:
1628: /* load libnssckbi.so if no other trust roots were specified */
1629: use_trust_module = !cafile && !capath;
1630:
1631: PR_Lock(nss_trustload_lock);
1632: if(use_trust_module && !trust_module) {
1633: /* libnssckbi.so needed but not yet loaded --> load it! */
1634: result = nss_load_module(&trust_module, trust_library, "trust");
1635: infof(data, "%s %s\n", (result) ? "failed to load" : "loaded",
1636: trust_library);
1637: if(result == CURLE_FAILED_INIT)
1638: /* If libnssckbi.so is not available (or fails to load), one can still
1639: use CA certificates stored in NSS database. Ignore the failure. */
1640: result = CURLE_OK;
1641: }
1642: else if(!use_trust_module && trust_module) {
1643: /* libnssckbi.so not needed but already loaded --> unload it! */
1644: infof(data, "unloading %s\n", trust_library);
1645: nss_unload_module(&trust_module);
1646: }
1647: PR_Unlock(nss_trustload_lock);
1648:
1649: if(cafile)
1650: result = nss_load_cert(&conn->ssl[sockindex], cafile, PR_TRUE);
1651:
1652: if(result)
1653: return result;
1654:
1655: if(capath) {
1656: struct_stat st;
1657: if(stat(capath, &st) == -1)
1658: return CURLE_SSL_CACERT_BADFILE;
1659:
1660: if(S_ISDIR(st.st_mode)) {
1661: PRDirEntry *entry;
1662: PRDir *dir = PR_OpenDir(capath);
1663: if(!dir)
1664: return CURLE_SSL_CACERT_BADFILE;
1665:
1666: while((entry = PR_ReadDir(dir, PR_SKIP_BOTH | PR_SKIP_HIDDEN))) {
1667: char *fullpath = aprintf("%s/%s", capath, entry->name);
1668: if(!fullpath) {
1669: PR_CloseDir(dir);
1670: return CURLE_OUT_OF_MEMORY;
1671: }
1672:
1673: if(CURLE_OK != nss_load_cert(&conn->ssl[sockindex], fullpath, PR_TRUE))
1674: /* This is purposefully tolerant of errors so non-PEM files can
1675: * be in the same directory */
1676: infof(data, "failed to load '%s' from CURLOPT_CAPATH\n", fullpath);
1677:
1678: free(fullpath);
1679: }
1680:
1681: PR_CloseDir(dir);
1682: }
1683: else
1684: infof(data, "warning: CURLOPT_CAPATH not a directory (%s)\n", capath);
1685: }
1686:
1687: return CURLE_OK;
1688: }
1689:
1690: static CURLcode nss_sslver_from_curl(PRUint16 *nssver, long version)
1691: {
1692: switch(version) {
1693: case CURL_SSLVERSION_SSLv2:
1694: *nssver = SSL_LIBRARY_VERSION_2;
1695: return CURLE_OK;
1696:
1697: case CURL_SSLVERSION_SSLv3:
1698: *nssver = SSL_LIBRARY_VERSION_3_0;
1699: return CURLE_OK;
1700:
1701: case CURL_SSLVERSION_TLSv1_0:
1702: *nssver = SSL_LIBRARY_VERSION_TLS_1_0;
1703: return CURLE_OK;
1704:
1705: case CURL_SSLVERSION_TLSv1_1:
1706: #ifdef SSL_LIBRARY_VERSION_TLS_1_1
1707: *nssver = SSL_LIBRARY_VERSION_TLS_1_1;
1708: return CURLE_OK;
1709: #else
1710: return CURLE_SSL_CONNECT_ERROR;
1711: #endif
1712:
1713: case CURL_SSLVERSION_TLSv1_2:
1714: #ifdef SSL_LIBRARY_VERSION_TLS_1_2
1715: *nssver = SSL_LIBRARY_VERSION_TLS_1_2;
1716: return CURLE_OK;
1717: #else
1718: return CURLE_SSL_CONNECT_ERROR;
1719: #endif
1720:
1721: case CURL_SSLVERSION_TLSv1_3:
1722: #ifdef SSL_LIBRARY_VERSION_TLS_1_3
1723: *nssver = SSL_LIBRARY_VERSION_TLS_1_3;
1724: return CURLE_OK;
1725: #else
1726: return CURLE_SSL_CONNECT_ERROR;
1727: #endif
1728:
1729: default:
1730: return CURLE_SSL_CONNECT_ERROR;
1731: }
1732: }
1733:
1734: static CURLcode nss_init_sslver(SSLVersionRange *sslver,
1735: struct Curl_easy *data,
1736: struct connectdata *conn)
1737: {
1738: CURLcode result;
1739: const long min = SSL_CONN_CONFIG(version);
1740: const long max = SSL_CONN_CONFIG(version_max);
1741: SSLVersionRange vrange;
1742:
1743: switch(min) {
1744: case CURL_SSLVERSION_TLSv1:
1745: case CURL_SSLVERSION_DEFAULT:
1746: /* Bump our minimum TLS version if NSS has stricter requirements. */
1747: if(SSL_VersionRangeGetDefault(ssl_variant_stream, &vrange) != SECSuccess)
1748: return CURLE_SSL_CONNECT_ERROR;
1749: if(sslver->min < vrange.min)
1750: sslver->min = vrange.min;
1751: break;
1752: default:
1753: result = nss_sslver_from_curl(&sslver->min, min);
1754: if(result) {
1755: failf(data, "unsupported min version passed via CURLOPT_SSLVERSION");
1756: return result;
1757: }
1758: }
1759:
1760: switch(max) {
1761: case CURL_SSLVERSION_MAX_NONE:
1762: case CURL_SSLVERSION_MAX_DEFAULT:
1763: break;
1764: default:
1765: result = nss_sslver_from_curl(&sslver->max, max >> 16);
1766: if(result) {
1767: failf(data, "unsupported max version passed via CURLOPT_SSLVERSION");
1768: return result;
1769: }
1770: }
1771:
1772: return CURLE_OK;
1773: }
1774:
1775: static CURLcode nss_fail_connect(struct ssl_connect_data *connssl,
1776: struct Curl_easy *data,
1777: CURLcode curlerr)
1778: {
1779: PRErrorCode err = 0;
1780: struct ssl_backend_data *backend = connssl->backend;
1781:
1782: if(is_nss_error(curlerr)) {
1783: /* read NSPR error code */
1784: err = PR_GetError();
1785: if(is_cc_error(err))
1786: curlerr = CURLE_SSL_CERTPROBLEM;
1787:
1788: /* print the error number and error string */
1789: infof(data, "NSS error %d (%s)\n", err, nss_error_to_name(err));
1790:
1791: /* print a human-readable message describing the error if available */
1792: nss_print_error_message(data, err);
1793: }
1794:
1795: /* cleanup on connection failure */
1796: Curl_llist_destroy(&backend->obj_list, NULL);
1797:
1798: return curlerr;
1799: }
1800:
1801: /* Switch the SSL socket into blocking or non-blocking mode. */
1802: static CURLcode nss_set_blocking(struct ssl_connect_data *connssl,
1803: struct Curl_easy *data,
1804: bool blocking)
1805: {
1806: static PRSocketOptionData sock_opt;
1807: struct ssl_backend_data *backend = connssl->backend;
1808: sock_opt.option = PR_SockOpt_Nonblocking;
1809: sock_opt.value.non_blocking = !blocking;
1810:
1811: if(PR_SetSocketOption(backend->handle, &sock_opt) != PR_SUCCESS)
1812: return nss_fail_connect(connssl, data, CURLE_SSL_CONNECT_ERROR);
1813:
1814: return CURLE_OK;
1815: }
1816:
1817: static CURLcode nss_setup_connect(struct connectdata *conn, int sockindex)
1818: {
1819: PRFileDesc *model = NULL;
1820: PRFileDesc *nspr_io = NULL;
1821: PRFileDesc *nspr_io_stub = NULL;
1822: PRBool ssl_no_cache;
1823: PRBool ssl_cbc_random_iv;
1824: struct Curl_easy *data = conn->data;
1825: curl_socket_t sockfd = conn->sock[sockindex];
1826: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
1827: struct ssl_backend_data *backend = connssl->backend;
1828: CURLcode result;
1829: bool second_layer = FALSE;
1830: SSLVersionRange sslver_supported;
1831:
1832: SSLVersionRange sslver = {
1833: SSL_LIBRARY_VERSION_TLS_1_0, /* min */
1834: #ifdef SSL_LIBRARY_VERSION_TLS_1_3
1835: SSL_LIBRARY_VERSION_TLS_1_3 /* max */
1836: #elif defined SSL_LIBRARY_VERSION_TLS_1_2
1837: SSL_LIBRARY_VERSION_TLS_1_2
1838: #elif defined SSL_LIBRARY_VERSION_TLS_1_1
1839: SSL_LIBRARY_VERSION_TLS_1_1
1840: #else
1841: SSL_LIBRARY_VERSION_TLS_1_0
1842: #endif
1843: };
1844:
1845: backend->data = data;
1846:
1847: /* list of all NSS objects we need to destroy in Curl_nss_close() */
1848: Curl_llist_init(&backend->obj_list, nss_destroy_object);
1849:
1850: PR_Lock(nss_initlock);
1851: result = nss_init(conn->data);
1852: if(result) {
1853: PR_Unlock(nss_initlock);
1854: goto error;
1855: }
1856:
1857: PK11_SetPasswordFunc(nss_get_password);
1858:
1859: result = nss_load_module(&pem_module, pem_library, "PEM");
1860: PR_Unlock(nss_initlock);
1861: if(result == CURLE_FAILED_INIT)
1862: infof(data, "WARNING: failed to load NSS PEM library %s. Using "
1863: "OpenSSL PEM certificates will not work.\n", pem_library);
1864: else if(result)
1865: goto error;
1866:
1867: result = CURLE_SSL_CONNECT_ERROR;
1868:
1869: model = PR_NewTCPSocket();
1870: if(!model)
1871: goto error;
1872: model = SSL_ImportFD(NULL, model);
1873:
1874: if(SSL_OptionSet(model, SSL_SECURITY, PR_TRUE) != SECSuccess)
1875: goto error;
1876: if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_SERVER, PR_FALSE) != SECSuccess)
1877: goto error;
1878: if(SSL_OptionSet(model, SSL_HANDSHAKE_AS_CLIENT, PR_TRUE) != SECSuccess)
1879: goto error;
1880:
1881: /* do not use SSL cache if disabled or we are not going to verify peer */
1882: ssl_no_cache = (SSL_SET_OPTION(primary.sessionid)
1883: && SSL_CONN_CONFIG(verifypeer)) ? PR_FALSE : PR_TRUE;
1884: if(SSL_OptionSet(model, SSL_NO_CACHE, ssl_no_cache) != SECSuccess)
1885: goto error;
1886:
1887: /* enable/disable the requested SSL version(s) */
1888: if(nss_init_sslver(&sslver, data, conn) != CURLE_OK)
1889: goto error;
1890: if(SSL_VersionRangeGetSupported(ssl_variant_stream,
1891: &sslver_supported) != SECSuccess)
1892: goto error;
1893: if(sslver_supported.max < sslver.max && sslver_supported.max >= sslver.min) {
1894: char *sslver_req_str, *sslver_supp_str;
1895: sslver_req_str = nss_sslver_to_name(sslver.max);
1896: sslver_supp_str = nss_sslver_to_name(sslver_supported.max);
1897: if(sslver_req_str && sslver_supp_str)
1898: infof(data, "Falling back from %s to max supported SSL version (%s)\n",
1899: sslver_req_str, sslver_supp_str);
1900: free(sslver_req_str);
1901: free(sslver_supp_str);
1902: sslver.max = sslver_supported.max;
1903: }
1904: if(SSL_VersionRangeSet(model, &sslver) != SECSuccess)
1905: goto error;
1906:
1907: ssl_cbc_random_iv = !SSL_SET_OPTION(enable_beast);
1908: #ifdef SSL_CBC_RANDOM_IV
1909: /* unless the user explicitly asks to allow the protocol vulnerability, we
1910: use the work-around */
1911: if(SSL_OptionSet(model, SSL_CBC_RANDOM_IV, ssl_cbc_random_iv) != SECSuccess)
1912: infof(data, "warning: failed to set SSL_CBC_RANDOM_IV = %d\n",
1913: ssl_cbc_random_iv);
1914: #else
1915: if(ssl_cbc_random_iv)
1916: infof(data, "warning: support for SSL_CBC_RANDOM_IV not compiled in\n");
1917: #endif
1918:
1919: if(SSL_CONN_CONFIG(cipher_list)) {
1920: if(set_ciphers(data, model, SSL_CONN_CONFIG(cipher_list)) != SECSuccess) {
1921: result = CURLE_SSL_CIPHER;
1922: goto error;
1923: }
1924: }
1925:
1926: if(!SSL_CONN_CONFIG(verifypeer) && SSL_CONN_CONFIG(verifyhost))
1927: infof(data, "warning: ignoring value of ssl.verifyhost\n");
1928:
1929: /* bypass the default SSL_AuthCertificate() hook in case we do not want to
1930: * verify peer */
1931: if(SSL_AuthCertificateHook(model, nss_auth_cert_hook, conn) != SECSuccess)
1932: goto error;
1933:
1934: /* not checked yet */
1935: if(SSL_IS_PROXY())
1936: data->set.proxy_ssl.certverifyresult = 0;
1937: else
1938: data->set.ssl.certverifyresult = 0;
1939:
1940: if(SSL_BadCertHook(model, BadCertHandler, conn) != SECSuccess)
1941: goto error;
1942:
1943: if(SSL_HandshakeCallback(model, HandshakeCallback, conn) != SECSuccess)
1944: goto error;
1945:
1946: {
1947: const CURLcode rv = nss_load_ca_certificates(conn, sockindex);
1948: if((rv == CURLE_SSL_CACERT_BADFILE) && !SSL_CONN_CONFIG(verifypeer))
1949: /* not a fatal error because we are not going to verify the peer */
1950: infof(data, "warning: CA certificates failed to load\n");
1951: else if(rv) {
1952: result = rv;
1953: goto error;
1954: }
1955: }
1956:
1957: if(SSL_SET_OPTION(CRLfile)) {
1958: const CURLcode rv = nss_load_crl(SSL_SET_OPTION(CRLfile));
1959: if(rv) {
1960: result = rv;
1961: goto error;
1962: }
1963: infof(data, " CRLfile: %s\n", SSL_SET_OPTION(CRLfile));
1964: }
1965:
1966: if(SSL_SET_OPTION(cert)) {
1967: char *nickname = dup_nickname(data, SSL_SET_OPTION(cert));
1968: if(nickname) {
1969: /* we are not going to use libnsspem.so to read the client cert */
1970: backend->obj_clicert = NULL;
1971: }
1972: else {
1973: CURLcode rv = cert_stuff(conn, sockindex, SSL_SET_OPTION(cert),
1974: SSL_SET_OPTION(key));
1975: if(rv) {
1976: /* failf() is already done in cert_stuff() */
1977: result = rv;
1978: goto error;
1979: }
1980: }
1981:
1982: /* store the nickname for SelectClientCert() called during handshake */
1983: backend->client_nickname = nickname;
1984: }
1985: else
1986: backend->client_nickname = NULL;
1987:
1988: if(SSL_GetClientAuthDataHook(model, SelectClientCert,
1989: (void *)connssl) != SECSuccess) {
1990: result = CURLE_SSL_CERTPROBLEM;
1991: goto error;
1992: }
1993:
1994: if(conn->proxy_ssl[sockindex].use) {
1995: DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state);
1996: DEBUGASSERT(conn->proxy_ssl[sockindex].backend->handle != NULL);
1997: nspr_io = conn->proxy_ssl[sockindex].backend->handle;
1998: second_layer = TRUE;
1999: }
2000: else {
2001: /* wrap OS file descriptor by NSPR's file descriptor abstraction */
2002: nspr_io = PR_ImportTCPSocket(sockfd);
2003: if(!nspr_io)
2004: goto error;
2005: }
2006:
2007: /* create our own NSPR I/O layer */
2008: nspr_io_stub = PR_CreateIOLayerStub(nspr_io_identity, &nspr_io_methods);
2009: if(!nspr_io_stub) {
2010: if(!second_layer)
2011: PR_Close(nspr_io);
2012: goto error;
2013: }
2014:
2015: /* make the per-connection data accessible from NSPR I/O callbacks */
2016: nspr_io_stub->secret = (void *)connssl;
2017:
2018: /* push our new layer to the NSPR I/O stack */
2019: if(PR_PushIOLayer(nspr_io, PR_TOP_IO_LAYER, nspr_io_stub) != PR_SUCCESS) {
2020: if(!second_layer)
2021: PR_Close(nspr_io);
2022: PR_Close(nspr_io_stub);
2023: goto error;
2024: }
2025:
2026: /* import our model socket onto the current I/O stack */
2027: backend->handle = SSL_ImportFD(model, nspr_io);
2028: if(!backend->handle) {
2029: if(!second_layer)
2030: PR_Close(nspr_io);
2031: goto error;
2032: }
2033:
2034: PR_Close(model); /* We don't need this any more */
2035: model = NULL;
2036:
2037: /* This is the password associated with the cert that we're using */
2038: if(SSL_SET_OPTION(key_passwd)) {
2039: SSL_SetPKCS11PinArg(backend->handle, SSL_SET_OPTION(key_passwd));
2040: }
2041:
2042: #ifdef SSL_ENABLE_OCSP_STAPLING
2043: if(SSL_CONN_CONFIG(verifystatus)) {
2044: if(SSL_OptionSet(backend->handle, SSL_ENABLE_OCSP_STAPLING, PR_TRUE)
2045: != SECSuccess)
2046: goto error;
2047: }
2048: #endif
2049:
2050: #ifdef SSL_ENABLE_NPN
2051: if(SSL_OptionSet(backend->handle, SSL_ENABLE_NPN, conn->bits.tls_enable_npn
2052: ? PR_TRUE : PR_FALSE) != SECSuccess)
2053: goto error;
2054: #endif
2055:
2056: #ifdef SSL_ENABLE_ALPN
2057: if(SSL_OptionSet(backend->handle, SSL_ENABLE_ALPN, conn->bits.tls_enable_alpn
2058: ? PR_TRUE : PR_FALSE) != SECSuccess)
2059: goto error;
2060: #endif
2061:
2062: #if NSSVERNUM >= 0x030f04 /* 3.15.4 */
2063: if(data->set.ssl.falsestart) {
2064: if(SSL_OptionSet(backend->handle, SSL_ENABLE_FALSE_START, PR_TRUE)
2065: != SECSuccess)
2066: goto error;
2067:
2068: if(SSL_SetCanFalseStartCallback(backend->handle, CanFalseStartCallback,
2069: conn) != SECSuccess)
2070: goto error;
2071: }
2072: #endif
2073:
2074: #if defined(SSL_ENABLE_NPN) || defined(SSL_ENABLE_ALPN)
2075: if(conn->bits.tls_enable_npn || conn->bits.tls_enable_alpn) {
2076: int cur = 0;
2077: unsigned char protocols[128];
2078:
2079: #ifdef USE_NGHTTP2
2080: if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
2081: (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
2082: protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
2083: memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
2084: NGHTTP2_PROTO_VERSION_ID_LEN);
2085: cur += NGHTTP2_PROTO_VERSION_ID_LEN;
2086: }
2087: #endif
2088: protocols[cur++] = ALPN_HTTP_1_1_LENGTH;
2089: memcpy(&protocols[cur], ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH);
2090: cur += ALPN_HTTP_1_1_LENGTH;
2091:
2092: if(SSL_SetNextProtoNego(backend->handle, protocols, cur) != SECSuccess)
2093: goto error;
2094: }
2095: #endif
2096:
2097:
2098: /* Force handshake on next I/O */
2099: if(SSL_ResetHandshake(backend->handle, /* asServer */ PR_FALSE)
2100: != SECSuccess)
2101: goto error;
2102:
2103: /* propagate hostname to the TLS layer */
2104: if(SSL_SetURL(backend->handle, SSL_IS_PROXY() ? conn->http_proxy.host.name :
2105: conn->host.name) != SECSuccess)
2106: goto error;
2107:
2108: /* prevent NSS from re-using the session for a different hostname */
2109: if(SSL_SetSockPeerID(backend->handle, SSL_IS_PROXY() ?
2110: conn->http_proxy.host.name : conn->host.name)
2111: != SECSuccess)
2112: goto error;
2113:
2114: return CURLE_OK;
2115:
2116: error:
2117: if(model)
2118: PR_Close(model);
2119:
2120: return nss_fail_connect(connssl, data, result);
2121: }
2122:
2123: static CURLcode nss_do_connect(struct connectdata *conn, int sockindex)
2124: {
2125: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2126: struct ssl_backend_data *backend = connssl->backend;
2127: struct Curl_easy *data = conn->data;
2128: CURLcode result = CURLE_SSL_CONNECT_ERROR;
2129: PRUint32 timeout;
2130: long * const certverifyresult = SSL_IS_PROXY() ?
2131: &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
2132: const char * const pinnedpubkey = SSL_IS_PROXY() ?
2133: data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
2134: data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
2135:
2136:
2137: /* check timeout situation */
2138: const timediff_t time_left = Curl_timeleft(data, NULL, TRUE);
2139: if(time_left < 0) {
2140: failf(data, "timed out before SSL handshake");
2141: result = CURLE_OPERATION_TIMEDOUT;
2142: goto error;
2143: }
2144:
2145: /* Force the handshake now */
2146: timeout = PR_MillisecondsToInterval((PRUint32) time_left);
2147: if(SSL_ForceHandshakeWithTimeout(backend->handle, timeout) != SECSuccess) {
2148: if(PR_GetError() == PR_WOULD_BLOCK_ERROR)
2149: /* blocking direction is updated by nss_update_connecting_state() */
2150: return CURLE_AGAIN;
2151: else if(*certverifyresult == SSL_ERROR_BAD_CERT_DOMAIN)
2152: result = CURLE_PEER_FAILED_VERIFICATION;
2153: else if(*certverifyresult != 0)
2154: result = CURLE_PEER_FAILED_VERIFICATION;
2155: goto error;
2156: }
2157:
2158: result = display_conn_info(conn, backend->handle);
2159: if(result)
2160: goto error;
2161:
2162: if(SSL_SET_OPTION(issuercert)) {
2163: SECStatus ret = SECFailure;
2164: char *nickname = dup_nickname(data, SSL_SET_OPTION(issuercert));
2165: if(nickname) {
2166: /* we support only nicknames in case of issuercert for now */
2167: ret = check_issuer_cert(backend->handle, nickname);
2168: free(nickname);
2169: }
2170:
2171: if(SECFailure == ret) {
2172: infof(data, "SSL certificate issuer check failed\n");
2173: result = CURLE_SSL_ISSUER_ERROR;
2174: goto error;
2175: }
2176: else {
2177: infof(data, "SSL certificate issuer check ok\n");
2178: }
2179: }
2180:
2181: result = cmp_peer_pubkey(connssl, pinnedpubkey);
2182: if(result)
2183: /* status already printed */
2184: goto error;
2185:
2186: return CURLE_OK;
2187:
2188: error:
2189: return nss_fail_connect(connssl, data, result);
2190: }
2191:
2192: static CURLcode nss_connect_common(struct connectdata *conn, int sockindex,
2193: bool *done)
2194: {
2195: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2196: struct Curl_easy *data = conn->data;
2197: const bool blocking = (done == NULL);
2198: CURLcode result;
2199:
2200: if(connssl->state == ssl_connection_complete) {
2201: if(!blocking)
2202: *done = TRUE;
2203: return CURLE_OK;
2204: }
2205:
2206: if(connssl->connecting_state == ssl_connect_1) {
2207: result = nss_setup_connect(conn, sockindex);
2208: if(result)
2209: /* we do not expect CURLE_AGAIN from nss_setup_connect() */
2210: return result;
2211:
2212: connssl->connecting_state = ssl_connect_2;
2213: }
2214:
2215: /* enable/disable blocking mode before handshake */
2216: result = nss_set_blocking(connssl, data, blocking);
2217: if(result)
2218: return result;
2219:
2220: result = nss_do_connect(conn, sockindex);
2221: switch(result) {
2222: case CURLE_OK:
2223: break;
2224: case CURLE_AGAIN:
2225: if(!blocking)
2226: /* CURLE_AGAIN in non-blocking mode is not an error */
2227: return CURLE_OK;
2228: /* FALLTHROUGH */
2229: default:
2230: return result;
2231: }
2232:
2233: if(blocking) {
2234: /* in blocking mode, set NSS non-blocking mode _after_ SSL handshake */
2235: result = nss_set_blocking(connssl, data, /* blocking */ FALSE);
2236: if(result)
2237: return result;
2238: }
2239: else
2240: /* signal completed SSL handshake */
2241: *done = TRUE;
2242:
2243: connssl->state = ssl_connection_complete;
2244: conn->recv[sockindex] = nss_recv;
2245: conn->send[sockindex] = nss_send;
2246:
2247: /* ssl_connect_done is never used outside, go back to the initial state */
2248: connssl->connecting_state = ssl_connect_1;
2249:
2250: return CURLE_OK;
2251: }
2252:
2253: static CURLcode Curl_nss_connect(struct connectdata *conn, int sockindex)
2254: {
2255: return nss_connect_common(conn, sockindex, /* blocking */ NULL);
2256: }
2257:
2258: static CURLcode Curl_nss_connect_nonblocking(struct connectdata *conn,
2259: int sockindex, bool *done)
2260: {
2261: return nss_connect_common(conn, sockindex, done);
2262: }
2263:
2264: static ssize_t nss_send(struct connectdata *conn, /* connection data */
2265: int sockindex, /* socketindex */
2266: const void *mem, /* send this data */
2267: size_t len, /* amount to write */
2268: CURLcode *curlcode)
2269: {
2270: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2271: struct ssl_backend_data *backend = connssl->backend;
2272: ssize_t rc;
2273:
2274: /* The SelectClientCert() hook uses this for infof() and failf() but the
2275: handle stored in nss_setup_connect() could have already been freed. */
2276: backend->data = conn->data;
2277:
2278: rc = PR_Send(backend->handle, mem, (int)len, 0, PR_INTERVAL_NO_WAIT);
2279: if(rc < 0) {
2280: PRInt32 err = PR_GetError();
2281: if(err == PR_WOULD_BLOCK_ERROR)
2282: *curlcode = CURLE_AGAIN;
2283: else {
2284: /* print the error number and error string */
2285: const char *err_name = nss_error_to_name(err);
2286: infof(conn->data, "SSL write: error %d (%s)\n", err, err_name);
2287:
2288: /* print a human-readable message describing the error if available */
2289: nss_print_error_message(conn->data, err);
2290:
2291: *curlcode = (is_cc_error(err))
2292: ? CURLE_SSL_CERTPROBLEM
2293: : CURLE_SEND_ERROR;
2294: }
2295:
2296: return -1;
2297: }
2298:
2299: return rc; /* number of bytes */
2300: }
2301:
2302: static ssize_t nss_recv(struct connectdata *conn, /* connection data */
2303: int sockindex, /* socketindex */
2304: char *buf, /* store read data here */
2305: size_t buffersize, /* max amount to read */
2306: CURLcode *curlcode)
2307: {
2308: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
2309: struct ssl_backend_data *backend = connssl->backend;
2310: ssize_t nread;
2311:
2312: /* The SelectClientCert() hook uses this for infof() and failf() but the
2313: handle stored in nss_setup_connect() could have already been freed. */
2314: backend->data = conn->data;
2315:
2316: nread = PR_Recv(backend->handle, buf, (int)buffersize, 0,
2317: PR_INTERVAL_NO_WAIT);
2318: if(nread < 0) {
2319: /* failed SSL read */
2320: PRInt32 err = PR_GetError();
2321:
2322: if(err == PR_WOULD_BLOCK_ERROR)
2323: *curlcode = CURLE_AGAIN;
2324: else {
2325: /* print the error number and error string */
2326: const char *err_name = nss_error_to_name(err);
2327: infof(conn->data, "SSL read: errno %d (%s)\n", err, err_name);
2328:
2329: /* print a human-readable message describing the error if available */
2330: nss_print_error_message(conn->data, err);
2331:
2332: *curlcode = (is_cc_error(err))
2333: ? CURLE_SSL_CERTPROBLEM
2334: : CURLE_RECV_ERROR;
2335: }
2336:
2337: return -1;
2338: }
2339:
2340: return nread;
2341: }
2342:
2343: static size_t Curl_nss_version(char *buffer, size_t size)
2344: {
2345: return msnprintf(buffer, size, "NSS/%s", NSS_VERSION);
2346: }
2347:
2348: /* data might be NULL */
2349: static int Curl_nss_seed(struct Curl_easy *data)
2350: {
2351: /* make sure that NSS is initialized */
2352: return !!Curl_nss_force_init(data);
2353: }
2354:
2355: /* data might be NULL */
2356: static CURLcode Curl_nss_random(struct Curl_easy *data,
2357: unsigned char *entropy,
2358: size_t length)
2359: {
2360: Curl_nss_seed(data); /* Initiate the seed if not already done */
2361:
2362: if(SECSuccess != PK11_GenerateRandom(entropy, curlx_uztosi(length)))
2363: /* signal a failure */
2364: return CURLE_FAILED_INIT;
2365:
2366: return CURLE_OK;
2367: }
2368:
2369: static CURLcode Curl_nss_md5sum(unsigned char *tmp, /* input */
2370: size_t tmplen,
2371: unsigned char *md5sum, /* output */
2372: size_t md5len)
2373: {
2374: PK11Context *MD5pw = PK11_CreateDigestContext(SEC_OID_MD5);
2375: unsigned int MD5out;
2376:
2377: if(!MD5pw)
2378: return CURLE_NOT_BUILT_IN;
2379:
2380: PK11_DigestOp(MD5pw, tmp, curlx_uztoui(tmplen));
2381: PK11_DigestFinal(MD5pw, md5sum, &MD5out, curlx_uztoui(md5len));
2382: PK11_DestroyContext(MD5pw, PR_TRUE);
2383:
2384: return CURLE_OK;
2385: }
2386:
2387: static CURLcode Curl_nss_sha256sum(const unsigned char *tmp, /* input */
2388: size_t tmplen,
2389: unsigned char *sha256sum, /* output */
2390: size_t sha256len)
2391: {
2392: PK11Context *SHA256pw = PK11_CreateDigestContext(SEC_OID_SHA256);
2393: unsigned int SHA256out;
2394:
2395: if(!SHA256pw)
2396: return CURLE_NOT_BUILT_IN;
2397:
2398: PK11_DigestOp(SHA256pw, tmp, curlx_uztoui(tmplen));
2399: PK11_DigestFinal(SHA256pw, sha256sum, &SHA256out, curlx_uztoui(sha256len));
2400: PK11_DestroyContext(SHA256pw, PR_TRUE);
2401:
2402: return CURLE_OK;
2403: }
2404:
2405: static bool Curl_nss_cert_status_request(void)
2406: {
2407: #ifdef SSL_ENABLE_OCSP_STAPLING
2408: return TRUE;
2409: #else
2410: return FALSE;
2411: #endif
2412: }
2413:
2414: static bool Curl_nss_false_start(void)
2415: {
2416: #if NSSVERNUM >= 0x030f04 /* 3.15.4 */
2417: return TRUE;
2418: #else
2419: return FALSE;
2420: #endif
2421: }
2422:
2423: static void *Curl_nss_get_internals(struct ssl_connect_data *connssl,
2424: CURLINFO info UNUSED_PARAM)
2425: {
2426: struct ssl_backend_data *backend = connssl->backend;
2427: (void)info;
2428: return backend->handle;
2429: }
2430:
2431: const struct Curl_ssl Curl_ssl_nss = {
2432: { CURLSSLBACKEND_NSS, "nss" }, /* info */
2433:
2434: SSLSUPP_CA_PATH |
2435: SSLSUPP_CERTINFO |
2436: SSLSUPP_PINNEDPUBKEY |
2437: SSLSUPP_HTTPS_PROXY,
2438:
2439: sizeof(struct ssl_backend_data),
2440:
2441: Curl_nss_init, /* init */
2442: Curl_nss_cleanup, /* cleanup */
2443: Curl_nss_version, /* version */
2444: Curl_nss_check_cxn, /* check_cxn */
2445: /* NSS has no shutdown function provided and thus always fail */
2446: Curl_none_shutdown, /* shutdown */
2447: Curl_none_data_pending, /* data_pending */
2448: Curl_nss_random, /* random */
2449: Curl_nss_cert_status_request, /* cert_status_request */
2450: Curl_nss_connect, /* connect */
2451: Curl_nss_connect_nonblocking, /* connect_nonblocking */
2452: Curl_nss_get_internals, /* get_internals */
2453: Curl_nss_close, /* close_one */
2454: Curl_none_close_all, /* close_all */
2455: /* NSS has its own session ID cache */
2456: Curl_none_session_free, /* session_free */
2457: Curl_none_set_engine, /* set_engine */
2458: Curl_none_set_engine_default, /* set_engine_default */
2459: Curl_none_engines_list, /* engines_list */
2460: Curl_nss_false_start, /* false_start */
2461: Curl_nss_md5sum, /* md5sum */
2462: Curl_nss_sha256sum /* sha256sum */
2463: };
2464:
2465: #endif /* USE_NSS */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to nss.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib / vtls