Annotation of embedaddon/curl/lib/vtls/openssl.c, revision 1.1
1.1 ! misho 1: /***************************************************************************
! 2: * _ _ ____ _
! 3: * Project ___| | | | _ \| |
! 4: * / __| | | | |_) | |
! 5: * | (__| |_| | _ <| |___
! 6: * \___|\___/|_| \_\_____|
! 7: *
! 8: * Copyright (C) 1998 - 2020, Daniel Stenberg, <daniel@haxx.se>, et al.
! 9: *
! 10: * This software is licensed as described in the file COPYING, which
! 11: * you should have received as part of this distribution. The terms
! 12: * are also available at https://curl.haxx.se/docs/copyright.html.
! 13: *
! 14: * You may opt to use, copy, modify, merge, publish, distribute and/or sell
! 15: * copies of the Software, and permit persons to whom the Software is
! 16: * furnished to do so, under the terms of the COPYING file.
! 17: *
! 18: * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
! 19: * KIND, either express or implied.
! 20: *
! 21: ***************************************************************************/
! 22:
! 23: /*
! 24: * Source file for all OpenSSL-specific code for the TLS/SSL layer. No code
! 25: * but vtls.c should ever call or use these functions.
! 26: */
! 27:
! 28: #include "curl_setup.h"
! 29:
! 30: #ifdef USE_OPENSSL
! 31:
! 32: #include <limits.h>
! 33:
! 34: #include "urldata.h"
! 35: #include "sendf.h"
! 36: #include "formdata.h" /* for the boundary function */
! 37: #include "url.h" /* for the ssl config check function */
! 38: #include "inet_pton.h"
! 39: #include "openssl.h"
! 40: #include "connect.h"
! 41: #include "slist.h"
! 42: #include "select.h"
! 43: #include "vtls.h"
! 44: #include "strcase.h"
! 45: #include "hostcheck.h"
! 46: #include "multiif.h"
! 47: #include "strerror.h"
! 48: #include "curl_printf.h"
! 49: #include <openssl/ssl.h>
! 50: #include <openssl/rand.h>
! 51: #include <openssl/x509v3.h>
! 52: #ifndef OPENSSL_NO_DSA
! 53: #include <openssl/dsa.h>
! 54: #endif
! 55: #include <openssl/dh.h>
! 56: #include <openssl/err.h>
! 57: #include <openssl/md5.h>
! 58: #include <openssl/conf.h>
! 59: #include <openssl/bn.h>
! 60: #include <openssl/rsa.h>
! 61: #include <openssl/bio.h>
! 62: #include <openssl/buffer.h>
! 63: #include <openssl/pkcs12.h>
! 64:
! 65: #ifdef USE_AMISSL
! 66: #include "amigaos.h"
! 67: #endif
! 68:
! 69: #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_OCSP)
! 70: #include <openssl/ocsp.h>
! 71: #endif
! 72:
! 73: #if (OPENSSL_VERSION_NUMBER >= 0x0090700fL) && /* 0.9.7 or later */ \
! 74: !defined(OPENSSL_NO_ENGINE) && !defined(OPENSSL_NO_UI_CONSOLE)
! 75: #define USE_OPENSSL_ENGINE
! 76: #include <openssl/engine.h>
! 77: #endif
! 78:
! 79: #include "warnless.h"
! 80: #include "non-ascii.h" /* for Curl_convert_from_utf8 prototype */
! 81:
! 82: /* The last #include files should be: */
! 83: #include "curl_memory.h"
! 84: #include "memdebug.h"
! 85:
! 86: /* Uncomment the ALLOW_RENEG line to a real #define if you want to allow TLS
! 87: renegotiations when built with BoringSSL. Renegotiating is non-compliant
! 88: with HTTP/2 and "an extremely dangerous protocol feature". Beware.
! 89:
! 90: #define ALLOW_RENEG 1
! 91: */
! 92:
! 93: #ifndef OPENSSL_VERSION_NUMBER
! 94: #error "OPENSSL_VERSION_NUMBER not defined"
! 95: #endif
! 96:
! 97: #ifdef USE_OPENSSL_ENGINE
! 98: #include <openssl/ui.h>
! 99: #endif
! 100:
! 101: #if OPENSSL_VERSION_NUMBER >= 0x00909000L
! 102: #define SSL_METHOD_QUAL const
! 103: #else
! 104: #define SSL_METHOD_QUAL
! 105: #endif
! 106:
! 107: #if (OPENSSL_VERSION_NUMBER >= 0x10000000L)
! 108: #define HAVE_ERR_REMOVE_THREAD_STATE 1
! 109: #endif
! 110:
! 111: #if !defined(HAVE_SSLV2_CLIENT_METHOD) || \
! 112: OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0+ has no SSLv2 */
! 113: #undef OPENSSL_NO_SSL2 /* undef first to avoid compiler warnings */
! 114: #define OPENSSL_NO_SSL2
! 115: #endif
! 116:
! 117: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && /* OpenSSL 1.1.0+ */ \
! 118: !(defined(LIBRESSL_VERSION_NUMBER) && \
! 119: LIBRESSL_VERSION_NUMBER < 0x20700000L)
! 120: #define SSLEAY_VERSION_NUMBER OPENSSL_VERSION_NUMBER
! 121: #define HAVE_X509_GET0_EXTENSIONS 1 /* added in 1.1.0 -pre1 */
! 122: #define HAVE_OPAQUE_EVP_PKEY 1 /* since 1.1.0 -pre3 */
! 123: #define HAVE_OPAQUE_RSA_DSA_DH 1 /* since 1.1.0 -pre5 */
! 124: #define CONST_EXTS const
! 125: #define HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED 1
! 126:
! 127: /* funny typecast define due to difference in API */
! 128: #ifdef LIBRESSL_VERSION_NUMBER
! 129: #define ARG2_X509_signature_print (X509_ALGOR *)
! 130: #else
! 131: #define ARG2_X509_signature_print
! 132: #endif
! 133:
! 134: #else
! 135: /* For OpenSSL before 1.1.0 */
! 136: #define ASN1_STRING_get0_data(x) ASN1_STRING_data(x)
! 137: #define X509_get0_notBefore(x) X509_get_notBefore(x)
! 138: #define X509_get0_notAfter(x) X509_get_notAfter(x)
! 139: #define CONST_EXTS /* nope */
! 140: #ifndef LIBRESSL_VERSION_NUMBER
! 141: #define OpenSSL_version_num() SSLeay()
! 142: #endif
! 143: #endif
! 144:
! 145: #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) && /* 1.0.2 or later */ \
! 146: !(defined(LIBRESSL_VERSION_NUMBER) && \
! 147: LIBRESSL_VERSION_NUMBER < 0x20700000L)
! 148: #define HAVE_X509_GET0_SIGNATURE 1
! 149: #endif
! 150:
! 151: #if (OPENSSL_VERSION_NUMBER >= 0x1000200fL) /* 1.0.2 or later */
! 152: #define HAVE_SSL_GET_SHUTDOWN 1
! 153: #endif
! 154:
! 155: #if OPENSSL_VERSION_NUMBER >= 0x10002003L && \
! 156: OPENSSL_VERSION_NUMBER <= 0x10002FFFL && \
! 157: !defined(OPENSSL_NO_COMP)
! 158: #define HAVE_SSL_COMP_FREE_COMPRESSION_METHODS 1
! 159: #endif
! 160:
! 161: #if (OPENSSL_VERSION_NUMBER < 0x0090808fL)
! 162: /* not present in older OpenSSL */
! 163: #define OPENSSL_load_builtin_modules(x)
! 164: #endif
! 165:
! 166: /*
! 167: * Whether SSL_CTX_set_keylog_callback is available.
! 168: * OpenSSL: supported since 1.1.1 https://github.com/openssl/openssl/pull/2287
! 169: * BoringSSL: supported since d28f59c27bac (committed 2015-11-19)
! 170: * LibreSSL: unsupported in at least 2.7.2 (explicitly check for it since it
! 171: * lies and pretends to be OpenSSL 2.0.0).
! 172: */
! 173: #if (OPENSSL_VERSION_NUMBER >= 0x10101000L && \
! 174: !defined(LIBRESSL_VERSION_NUMBER)) || \
! 175: defined(OPENSSL_IS_BORINGSSL)
! 176: #define HAVE_KEYLOG_CALLBACK
! 177: #endif
! 178:
! 179: /* Whether SSL_CTX_set_ciphersuites is available.
! 180: * OpenSSL: supported since 1.1.1 (commit a53b5be6a05)
! 181: * BoringSSL: no
! 182: * LibreSSL: no
! 183: */
! 184: #if ((OPENSSL_VERSION_NUMBER >= 0x10101000L) && \
! 185: !defined(LIBRESSL_VERSION_NUMBER) && \
! 186: !defined(OPENSSL_IS_BORINGSSL))
! 187: #define HAVE_SSL_CTX_SET_CIPHERSUITES
! 188: #define HAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH
! 189: #endif
! 190:
! 191: #if defined(LIBRESSL_VERSION_NUMBER)
! 192: #define OSSL_PACKAGE "LibreSSL"
! 193: #elif defined(OPENSSL_IS_BORINGSSL)
! 194: #define OSSL_PACKAGE "BoringSSL"
! 195: #else
! 196: #define OSSL_PACKAGE "OpenSSL"
! 197: #endif
! 198:
! 199: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
! 200: /* up2date versions of OpenSSL maintain the default reasonably secure without
! 201: * breaking compatibility, so it is better not to override the default by curl
! 202: */
! 203: #define DEFAULT_CIPHER_SELECTION NULL
! 204: #else
! 205: /* ... but it is not the case with old versions of OpenSSL */
! 206: #define DEFAULT_CIPHER_SELECTION \
! 207: "ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH"
! 208: #endif
! 209:
! 210: #define ENABLE_SSLKEYLOGFILE
! 211:
! 212: #ifdef ENABLE_SSLKEYLOGFILE
! 213: typedef struct ssl_tap_state {
! 214: int master_key_length;
! 215: unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
! 216: unsigned char client_random[SSL3_RANDOM_SIZE];
! 217: } ssl_tap_state_t;
! 218: #endif /* ENABLE_SSLKEYLOGFILE */
! 219:
! 220: struct ssl_backend_data {
! 221: /* these ones requires specific SSL-types */
! 222: SSL_CTX* ctx;
! 223: SSL* handle;
! 224: X509* server_cert;
! 225: #ifdef ENABLE_SSLKEYLOGFILE
! 226: /* tap_state holds the last seen master key if we're logging them */
! 227: ssl_tap_state_t tap_state;
! 228: #endif
! 229: };
! 230:
! 231: /*
! 232: * Number of bytes to read from the random number seed file. This must be
! 233: * a finite value (because some entropy "files" like /dev/urandom have
! 234: * an infinite length), but must be large enough to provide enough
! 235: * entropy to properly seed OpenSSL's PRNG.
! 236: */
! 237: #define RAND_LOAD_LENGTH 1024
! 238:
! 239: #ifdef ENABLE_SSLKEYLOGFILE
! 240: /* The fp for the open SSLKEYLOGFILE, or NULL if not open */
! 241: static FILE *keylog_file_fp;
! 242:
! 243: #ifdef HAVE_KEYLOG_CALLBACK
! 244: static void ossl_keylog_callback(const SSL *ssl, const char *line)
! 245: {
! 246: (void)ssl;
! 247:
! 248: /* Using fputs here instead of fprintf since libcurl's fprintf replacement
! 249: may not be thread-safe. */
! 250: if(keylog_file_fp && line && *line) {
! 251: char stackbuf[256];
! 252: char *buf;
! 253: size_t linelen = strlen(line);
! 254:
! 255: if(linelen <= sizeof(stackbuf) - 2)
! 256: buf = stackbuf;
! 257: else {
! 258: buf = malloc(linelen + 2);
! 259: if(!buf)
! 260: return;
! 261: }
! 262: memcpy(buf, line, linelen);
! 263: buf[linelen] = '\n';
! 264: buf[linelen + 1] = '\0';
! 265:
! 266: fputs(buf, keylog_file_fp);
! 267: if(buf != stackbuf)
! 268: free(buf);
! 269: }
! 270: }
! 271: #else
! 272: #define KEYLOG_PREFIX "CLIENT_RANDOM "
! 273: #define KEYLOG_PREFIX_LEN (sizeof(KEYLOG_PREFIX) - 1)
! 274: /*
! 275: * tap_ssl_key is called by libcurl to make the CLIENT_RANDOMs if the OpenSSL
! 276: * being used doesn't have native support for doing that.
! 277: */
! 278: static void tap_ssl_key(const SSL *ssl, ssl_tap_state_t *state)
! 279: {
! 280: const char *hex = "0123456789ABCDEF";
! 281: int pos, i;
! 282: char line[KEYLOG_PREFIX_LEN + 2 * SSL3_RANDOM_SIZE + 1 +
! 283: 2 * SSL_MAX_MASTER_KEY_LENGTH + 1 + 1];
! 284: const SSL_SESSION *session = SSL_get_session(ssl);
! 285: unsigned char client_random[SSL3_RANDOM_SIZE];
! 286: unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
! 287: int master_key_length = 0;
! 288:
! 289: if(!session || !keylog_file_fp)
! 290: return;
! 291:
! 292: #if OPENSSL_VERSION_NUMBER >= 0x10100000L && \
! 293: !(defined(LIBRESSL_VERSION_NUMBER) && \
! 294: LIBRESSL_VERSION_NUMBER < 0x20700000L)
! 295: /* ssl->s3 is not checked in openssl 1.1.0-pre6, but let's assume that
! 296: * we have a valid SSL context if we have a non-NULL session. */
! 297: SSL_get_client_random(ssl, client_random, SSL3_RANDOM_SIZE);
! 298: master_key_length = (int)
! 299: SSL_SESSION_get_master_key(session, master_key, SSL_MAX_MASTER_KEY_LENGTH);
! 300: #else
! 301: if(ssl->s3 && session->master_key_length > 0) {
! 302: master_key_length = session->master_key_length;
! 303: memcpy(master_key, session->master_key, session->master_key_length);
! 304: memcpy(client_random, ssl->s3->client_random, SSL3_RANDOM_SIZE);
! 305: }
! 306: #endif
! 307:
! 308: if(master_key_length <= 0)
! 309: return;
! 310:
! 311: /* Skip writing keys if there is no key or it did not change. */
! 312: if(state->master_key_length == master_key_length &&
! 313: !memcmp(state->master_key, master_key, master_key_length) &&
! 314: !memcmp(state->client_random, client_random, SSL3_RANDOM_SIZE)) {
! 315: return;
! 316: }
! 317:
! 318: state->master_key_length = master_key_length;
! 319: memcpy(state->master_key, master_key, master_key_length);
! 320: memcpy(state->client_random, client_random, SSL3_RANDOM_SIZE);
! 321:
! 322: memcpy(line, KEYLOG_PREFIX, KEYLOG_PREFIX_LEN);
! 323: pos = KEYLOG_PREFIX_LEN;
! 324:
! 325: /* Client Random for SSLv3/TLS */
! 326: for(i = 0; i < SSL3_RANDOM_SIZE; i++) {
! 327: line[pos++] = hex[client_random[i] >> 4];
! 328: line[pos++] = hex[client_random[i] & 0xF];
! 329: }
! 330: line[pos++] = ' ';
! 331:
! 332: /* Master Secret (size is at most SSL_MAX_MASTER_KEY_LENGTH) */
! 333: for(i = 0; i < master_key_length; i++) {
! 334: line[pos++] = hex[master_key[i] >> 4];
! 335: line[pos++] = hex[master_key[i] & 0xF];
! 336: }
! 337: line[pos++] = '\n';
! 338: line[pos] = '\0';
! 339:
! 340: /* Using fputs here instead of fprintf since libcurl's fprintf replacement
! 341: may not be thread-safe. */
! 342: fputs(line, keylog_file_fp);
! 343: }
! 344: #endif /* !HAVE_KEYLOG_CALLBACK */
! 345: #endif /* ENABLE_SSLKEYLOGFILE */
! 346:
! 347: static const char *SSL_ERROR_to_str(int err)
! 348: {
! 349: switch(err) {
! 350: case SSL_ERROR_NONE:
! 351: return "SSL_ERROR_NONE";
! 352: case SSL_ERROR_SSL:
! 353: return "SSL_ERROR_SSL";
! 354: case SSL_ERROR_WANT_READ:
! 355: return "SSL_ERROR_WANT_READ";
! 356: case SSL_ERROR_WANT_WRITE:
! 357: return "SSL_ERROR_WANT_WRITE";
! 358: case SSL_ERROR_WANT_X509_LOOKUP:
! 359: return "SSL_ERROR_WANT_X509_LOOKUP";
! 360: case SSL_ERROR_SYSCALL:
! 361: return "SSL_ERROR_SYSCALL";
! 362: case SSL_ERROR_ZERO_RETURN:
! 363: return "SSL_ERROR_ZERO_RETURN";
! 364: case SSL_ERROR_WANT_CONNECT:
! 365: return "SSL_ERROR_WANT_CONNECT";
! 366: case SSL_ERROR_WANT_ACCEPT:
! 367: return "SSL_ERROR_WANT_ACCEPT";
! 368: #if defined(SSL_ERROR_WANT_ASYNC)
! 369: case SSL_ERROR_WANT_ASYNC:
! 370: return "SSL_ERROR_WANT_ASYNC";
! 371: #endif
! 372: #if defined(SSL_ERROR_WANT_ASYNC_JOB)
! 373: case SSL_ERROR_WANT_ASYNC_JOB:
! 374: return "SSL_ERROR_WANT_ASYNC_JOB";
! 375: #endif
! 376: #if defined(SSL_ERROR_WANT_EARLY)
! 377: case SSL_ERROR_WANT_EARLY:
! 378: return "SSL_ERROR_WANT_EARLY";
! 379: #endif
! 380: default:
! 381: return "SSL_ERROR unknown";
! 382: }
! 383: }
! 384:
! 385: /* Return error string for last OpenSSL error
! 386: */
! 387: static char *ossl_strerror(unsigned long error, char *buf, size_t size)
! 388: {
! 389: if(size)
! 390: *buf = '\0';
! 391:
! 392: #ifdef OPENSSL_IS_BORINGSSL
! 393: ERR_error_string_n((uint32_t)error, buf, size);
! 394: #else
! 395: ERR_error_string_n(error, buf, size);
! 396: #endif
! 397:
! 398: if(size > 1 && !*buf) {
! 399: strncpy(buf, (error ? "Unknown error" : "No error"), size);
! 400: buf[size - 1] = '\0';
! 401: }
! 402:
! 403: return buf;
! 404: }
! 405:
! 406: /* Return an extra data index for the connection data.
! 407: * This index can be used with SSL_get_ex_data() and SSL_set_ex_data().
! 408: */
! 409: static int ossl_get_ssl_conn_index(void)
! 410: {
! 411: static int ssl_ex_data_conn_index = -1;
! 412: if(ssl_ex_data_conn_index < 0) {
! 413: ssl_ex_data_conn_index = SSL_get_ex_new_index(0, NULL, NULL, NULL, NULL);
! 414: }
! 415: return ssl_ex_data_conn_index;
! 416: }
! 417:
! 418: /* Return an extra data index for the sockindex.
! 419: * This index can be used with SSL_get_ex_data() and SSL_set_ex_data().
! 420: */
! 421: static int ossl_get_ssl_sockindex_index(void)
! 422: {
! 423: static int ssl_ex_data_sockindex_index = -1;
! 424: if(ssl_ex_data_sockindex_index < 0) {
! 425: ssl_ex_data_sockindex_index = SSL_get_ex_new_index(0, NULL, NULL, NULL,
! 426: NULL);
! 427: }
! 428: return ssl_ex_data_sockindex_index;
! 429: }
! 430:
! 431: static int passwd_callback(char *buf, int num, int encrypting,
! 432: void *global_passwd)
! 433: {
! 434: DEBUGASSERT(0 == encrypting);
! 435:
! 436: if(!encrypting) {
! 437: int klen = curlx_uztosi(strlen((char *)global_passwd));
! 438: if(num > klen) {
! 439: memcpy(buf, global_passwd, klen + 1);
! 440: return klen;
! 441: }
! 442: }
! 443: return 0;
! 444: }
! 445:
! 446: /*
! 447: * rand_enough() returns TRUE if we have seeded the random engine properly.
! 448: */
! 449: static bool rand_enough(void)
! 450: {
! 451: return (0 != RAND_status()) ? TRUE : FALSE;
! 452: }
! 453:
! 454: static CURLcode Curl_ossl_seed(struct Curl_easy *data)
! 455: {
! 456: /* we have the "SSL is seeded" boolean static to prevent multiple
! 457: time-consuming seedings in vain */
! 458: static bool ssl_seeded = FALSE;
! 459: char fname[256];
! 460:
! 461: if(ssl_seeded)
! 462: return CURLE_OK;
! 463:
! 464: if(rand_enough()) {
! 465: /* OpenSSL 1.1.0+ will return here */
! 466: ssl_seeded = TRUE;
! 467: return CURLE_OK;
! 468: }
! 469:
! 470: #ifndef RANDOM_FILE
! 471: /* if RANDOM_FILE isn't defined, we only perform this if an option tells
! 472: us to! */
! 473: if(data->set.str[STRING_SSL_RANDOM_FILE])
! 474: #define RANDOM_FILE "" /* doesn't matter won't be used */
! 475: #endif
! 476: {
! 477: /* let the option override the define */
! 478: RAND_load_file((data->set.str[STRING_SSL_RANDOM_FILE]?
! 479: data->set.str[STRING_SSL_RANDOM_FILE]:
! 480: RANDOM_FILE),
! 481: RAND_LOAD_LENGTH);
! 482: if(rand_enough())
! 483: return CURLE_OK;
! 484: }
! 485:
! 486: #if defined(HAVE_RAND_EGD)
! 487: /* only available in OpenSSL 0.9.5 and later */
! 488: /* EGD_SOCKET is set at configure time or not at all */
! 489: #ifndef EGD_SOCKET
! 490: /* If we don't have the define set, we only do this if the egd-option
! 491: is set */
! 492: if(data->set.str[STRING_SSL_EGDSOCKET])
! 493: #define EGD_SOCKET "" /* doesn't matter won't be used */
! 494: #endif
! 495: {
! 496: /* If there's an option and a define, the option overrides the
! 497: define */
! 498: int ret = RAND_egd(data->set.str[STRING_SSL_EGDSOCKET]?
! 499: data->set.str[STRING_SSL_EGDSOCKET]:EGD_SOCKET);
! 500: if(-1 != ret) {
! 501: if(rand_enough())
! 502: return CURLE_OK;
! 503: }
! 504: }
! 505: #endif
! 506:
! 507: /* fallback to a custom seeding of the PRNG using a hash based on a current
! 508: time */
! 509: do {
! 510: unsigned char randb[64];
! 511: size_t len = sizeof(randb);
! 512: size_t i, i_max;
! 513: for(i = 0, i_max = len / sizeof(struct curltime); i < i_max; ++i) {
! 514: struct curltime tv = Curl_now();
! 515: Curl_wait_ms(1);
! 516: tv.tv_sec *= i + 1;
! 517: tv.tv_usec *= (unsigned int)i + 2;
! 518: tv.tv_sec ^= ((Curl_now().tv_sec + Curl_now().tv_usec) *
! 519: (i + 3)) << 8;
! 520: tv.tv_usec ^= (unsigned int) ((Curl_now().tv_sec +
! 521: Curl_now().tv_usec) *
! 522: (i + 4)) << 16;
! 523: memcpy(&randb[i * sizeof(struct curltime)], &tv,
! 524: sizeof(struct curltime));
! 525: }
! 526: RAND_add(randb, (int)len, (double)len/2);
! 527: } while(!rand_enough());
! 528:
! 529: /* generates a default path for the random seed file */
! 530: fname[0] = 0; /* blank it first */
! 531: RAND_file_name(fname, sizeof(fname));
! 532: if(fname[0]) {
! 533: /* we got a file name to try */
! 534: RAND_load_file(fname, RAND_LOAD_LENGTH);
! 535: if(rand_enough())
! 536: return CURLE_OK;
! 537: }
! 538:
! 539: infof(data, "libcurl is now using a weak random seed!\n");
! 540: return (rand_enough() ? CURLE_OK :
! 541: CURLE_SSL_CONNECT_ERROR /* confusing error code */);
! 542: }
! 543:
! 544: #ifndef SSL_FILETYPE_ENGINE
! 545: #define SSL_FILETYPE_ENGINE 42
! 546: #endif
! 547: #ifndef SSL_FILETYPE_PKCS12
! 548: #define SSL_FILETYPE_PKCS12 43
! 549: #endif
! 550: static int do_file_type(const char *type)
! 551: {
! 552: if(!type || !type[0])
! 553: return SSL_FILETYPE_PEM;
! 554: if(strcasecompare(type, "PEM"))
! 555: return SSL_FILETYPE_PEM;
! 556: if(strcasecompare(type, "DER"))
! 557: return SSL_FILETYPE_ASN1;
! 558: if(strcasecompare(type, "ENG"))
! 559: return SSL_FILETYPE_ENGINE;
! 560: if(strcasecompare(type, "P12"))
! 561: return SSL_FILETYPE_PKCS12;
! 562: return -1;
! 563: }
! 564:
! 565: #ifdef USE_OPENSSL_ENGINE
! 566: /*
! 567: * Supply default password to the engine user interface conversation.
! 568: * The password is passed by OpenSSL engine from ENGINE_load_private_key()
! 569: * last argument to the ui and can be obtained by UI_get0_user_data(ui) here.
! 570: */
! 571: static int ssl_ui_reader(UI *ui, UI_STRING *uis)
! 572: {
! 573: const char *password;
! 574: switch(UI_get_string_type(uis)) {
! 575: case UIT_PROMPT:
! 576: case UIT_VERIFY:
! 577: password = (const char *)UI_get0_user_data(ui);
! 578: if(password && (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD)) {
! 579: UI_set_result(ui, uis, password);
! 580: return 1;
! 581: }
! 582: default:
! 583: break;
! 584: }
! 585: return (UI_method_get_reader(UI_OpenSSL()))(ui, uis);
! 586: }
! 587:
! 588: /*
! 589: * Suppress interactive request for a default password if available.
! 590: */
! 591: static int ssl_ui_writer(UI *ui, UI_STRING *uis)
! 592: {
! 593: switch(UI_get_string_type(uis)) {
! 594: case UIT_PROMPT:
! 595: case UIT_VERIFY:
! 596: if(UI_get0_user_data(ui) &&
! 597: (UI_get_input_flags(uis) & UI_INPUT_FLAG_DEFAULT_PWD)) {
! 598: return 1;
! 599: }
! 600: default:
! 601: break;
! 602: }
! 603: return (UI_method_get_writer(UI_OpenSSL()))(ui, uis);
! 604: }
! 605:
! 606: /*
! 607: * Check if a given string is a PKCS#11 URI
! 608: */
! 609: static bool is_pkcs11_uri(const char *string)
! 610: {
! 611: return (string && strncasecompare(string, "pkcs11:", 7));
! 612: }
! 613:
! 614: #endif
! 615:
! 616: static CURLcode Curl_ossl_set_engine(struct Curl_easy *data,
! 617: const char *engine);
! 618:
! 619: static
! 620: int cert_stuff(struct connectdata *conn,
! 621: SSL_CTX* ctx,
! 622: char *cert_file,
! 623: const char *cert_type,
! 624: char *key_file,
! 625: const char *key_type,
! 626: char *key_passwd)
! 627: {
! 628: struct Curl_easy *data = conn->data;
! 629: char error_buffer[256];
! 630: bool check_privkey = TRUE;
! 631:
! 632: int file_type = do_file_type(cert_type);
! 633:
! 634: if(cert_file || (file_type == SSL_FILETYPE_ENGINE)) {
! 635: SSL *ssl;
! 636: X509 *x509;
! 637: int cert_done = 0;
! 638:
! 639: if(key_passwd) {
! 640: /* set the password in the callback userdata */
! 641: SSL_CTX_set_default_passwd_cb_userdata(ctx, key_passwd);
! 642: /* Set passwd callback: */
! 643: SSL_CTX_set_default_passwd_cb(ctx, passwd_callback);
! 644: }
! 645:
! 646:
! 647: switch(file_type) {
! 648: case SSL_FILETYPE_PEM:
! 649: /* SSL_CTX_use_certificate_chain_file() only works on PEM files */
! 650: if(SSL_CTX_use_certificate_chain_file(ctx,
! 651: cert_file) != 1) {
! 652: failf(data,
! 653: "could not load PEM client certificate, " OSSL_PACKAGE
! 654: " error %s, "
! 655: "(no key found, wrong pass phrase, or wrong file format?)",
! 656: ossl_strerror(ERR_get_error(), error_buffer,
! 657: sizeof(error_buffer)) );
! 658: return 0;
! 659: }
! 660: break;
! 661:
! 662: case SSL_FILETYPE_ASN1:
! 663: /* SSL_CTX_use_certificate_file() works with either PEM or ASN1, but
! 664: we use the case above for PEM so this can only be performed with
! 665: ASN1 files. */
! 666: if(SSL_CTX_use_certificate_file(ctx,
! 667: cert_file,
! 668: file_type) != 1) {
! 669: failf(data,
! 670: "could not load ASN1 client certificate, " OSSL_PACKAGE
! 671: " error %s, "
! 672: "(no key found, wrong pass phrase, or wrong file format?)",
! 673: ossl_strerror(ERR_get_error(), error_buffer,
! 674: sizeof(error_buffer)) );
! 675: return 0;
! 676: }
! 677: break;
! 678: case SSL_FILETYPE_ENGINE:
! 679: #if defined(USE_OPENSSL_ENGINE) && defined(ENGINE_CTRL_GET_CMD_FROM_NAME)
! 680: {
! 681: /* Implicitly use pkcs11 engine if none was provided and the
! 682: * cert_file is a PKCS#11 URI */
! 683: if(!data->state.engine) {
! 684: if(is_pkcs11_uri(cert_file)) {
! 685: if(Curl_ossl_set_engine(data, "pkcs11") != CURLE_OK) {
! 686: return 0;
! 687: }
! 688: }
! 689: }
! 690:
! 691: if(data->state.engine) {
! 692: const char *cmd_name = "LOAD_CERT_CTRL";
! 693: struct {
! 694: const char *cert_id;
! 695: X509 *cert;
! 696: } params;
! 697:
! 698: params.cert_id = cert_file;
! 699: params.cert = NULL;
! 700:
! 701: /* Does the engine supports LOAD_CERT_CTRL ? */
! 702: if(!ENGINE_ctrl(data->state.engine, ENGINE_CTRL_GET_CMD_FROM_NAME,
! 703: 0, (void *)cmd_name, NULL)) {
! 704: failf(data, "ssl engine does not support loading certificates");
! 705: return 0;
! 706: }
! 707:
! 708: /* Load the certificate from the engine */
! 709: if(!ENGINE_ctrl_cmd(data->state.engine, cmd_name,
! 710: 0, ¶ms, NULL, 1)) {
! 711: failf(data, "ssl engine cannot load client cert with id"
! 712: " '%s' [%s]", cert_file,
! 713: ossl_strerror(ERR_get_error(), error_buffer,
! 714: sizeof(error_buffer)));
! 715: return 0;
! 716: }
! 717:
! 718: if(!params.cert) {
! 719: failf(data, "ssl engine didn't initialized the certificate "
! 720: "properly.");
! 721: return 0;
! 722: }
! 723:
! 724: if(SSL_CTX_use_certificate(ctx, params.cert) != 1) {
! 725: failf(data, "unable to set client certificate");
! 726: X509_free(params.cert);
! 727: return 0;
! 728: }
! 729: X509_free(params.cert); /* we don't need the handle any more... */
! 730: }
! 731: else {
! 732: failf(data, "crypto engine not set, can't load certificate");
! 733: return 0;
! 734: }
! 735: }
! 736: break;
! 737: #else
! 738: failf(data, "file type ENG for certificate not implemented");
! 739: return 0;
! 740: #endif
! 741:
! 742: case SSL_FILETYPE_PKCS12:
! 743: {
! 744: BIO *fp = NULL;
! 745: PKCS12 *p12 = NULL;
! 746: EVP_PKEY *pri;
! 747: STACK_OF(X509) *ca = NULL;
! 748:
! 749: fp = BIO_new(BIO_s_file());
! 750: if(fp == NULL) {
! 751: failf(data,
! 752: "BIO_new return NULL, " OSSL_PACKAGE
! 753: " error %s",
! 754: ossl_strerror(ERR_get_error(), error_buffer,
! 755: sizeof(error_buffer)) );
! 756: return 0;
! 757: }
! 758:
! 759: if(BIO_read_filename(fp, cert_file) <= 0) {
! 760: failf(data, "could not open PKCS12 file '%s'", cert_file);
! 761: BIO_free(fp);
! 762: return 0;
! 763: }
! 764: p12 = d2i_PKCS12_bio(fp, NULL);
! 765: BIO_free(fp);
! 766:
! 767: if(!p12) {
! 768: failf(data, "error reading PKCS12 file '%s'", cert_file);
! 769: return 0;
! 770: }
! 771:
! 772: PKCS12_PBE_add();
! 773:
! 774: if(!PKCS12_parse(p12, key_passwd, &pri, &x509,
! 775: &ca)) {
! 776: failf(data,
! 777: "could not parse PKCS12 file, check password, " OSSL_PACKAGE
! 778: " error %s",
! 779: ossl_strerror(ERR_get_error(), error_buffer,
! 780: sizeof(error_buffer)) );
! 781: PKCS12_free(p12);
! 782: return 0;
! 783: }
! 784:
! 785: PKCS12_free(p12);
! 786:
! 787: if(SSL_CTX_use_certificate(ctx, x509) != 1) {
! 788: failf(data,
! 789: "could not load PKCS12 client certificate, " OSSL_PACKAGE
! 790: " error %s",
! 791: ossl_strerror(ERR_get_error(), error_buffer,
! 792: sizeof(error_buffer)) );
! 793: goto fail;
! 794: }
! 795:
! 796: if(SSL_CTX_use_PrivateKey(ctx, pri) != 1) {
! 797: failf(data, "unable to use private key from PKCS12 file '%s'",
! 798: cert_file);
! 799: goto fail;
! 800: }
! 801:
! 802: if(!SSL_CTX_check_private_key (ctx)) {
! 803: failf(data, "private key from PKCS12 file '%s' "
! 804: "does not match certificate in same file", cert_file);
! 805: goto fail;
! 806: }
! 807: /* Set Certificate Verification chain */
! 808: if(ca) {
! 809: while(sk_X509_num(ca)) {
! 810: /*
! 811: * Note that sk_X509_pop() is used below to make sure the cert is
! 812: * removed from the stack properly before getting passed to
! 813: * SSL_CTX_add_extra_chain_cert(), which takes ownership. Previously
! 814: * we used sk_X509_value() instead, but then we'd clean it in the
! 815: * subsequent sk_X509_pop_free() call.
! 816: */
! 817: X509 *x = sk_X509_pop(ca);
! 818: if(!SSL_CTX_add_client_CA(ctx, x)) {
! 819: X509_free(x);
! 820: failf(data, "cannot add certificate to client CA list");
! 821: goto fail;
! 822: }
! 823: if(!SSL_CTX_add_extra_chain_cert(ctx, x)) {
! 824: X509_free(x);
! 825: failf(data, "cannot add certificate to certificate chain");
! 826: goto fail;
! 827: }
! 828: }
! 829: }
! 830:
! 831: cert_done = 1;
! 832: fail:
! 833: EVP_PKEY_free(pri);
! 834: X509_free(x509);
! 835: #ifdef USE_AMISSL
! 836: sk_X509_pop_free(ca, Curl_amiga_X509_free);
! 837: #else
! 838: sk_X509_pop_free(ca, X509_free);
! 839: #endif
! 840: if(!cert_done)
! 841: return 0; /* failure! */
! 842: break;
! 843: }
! 844: default:
! 845: failf(data, "not supported file type '%s' for certificate", cert_type);
! 846: return 0;
! 847: }
! 848:
! 849: if(!key_file)
! 850: key_file = cert_file;
! 851: else
! 852: file_type = do_file_type(key_type);
! 853:
! 854: switch(file_type) {
! 855: case SSL_FILETYPE_PEM:
! 856: if(cert_done)
! 857: break;
! 858: /* FALLTHROUGH */
! 859: case SSL_FILETYPE_ASN1:
! 860: if(SSL_CTX_use_PrivateKey_file(ctx, key_file, file_type) != 1) {
! 861: failf(data, "unable to set private key file: '%s' type %s",
! 862: key_file, key_type?key_type:"PEM");
! 863: return 0;
! 864: }
! 865: break;
! 866: case SSL_FILETYPE_ENGINE:
! 867: #ifdef USE_OPENSSL_ENGINE
! 868: { /* XXXX still needs some work */
! 869: EVP_PKEY *priv_key = NULL;
! 870:
! 871: /* Implicitly use pkcs11 engine if none was provided and the
! 872: * key_file is a PKCS#11 URI */
! 873: if(!data->state.engine) {
! 874: if(is_pkcs11_uri(key_file)) {
! 875: if(Curl_ossl_set_engine(data, "pkcs11") != CURLE_OK) {
! 876: return 0;
! 877: }
! 878: }
! 879: }
! 880:
! 881: if(data->state.engine) {
! 882: UI_METHOD *ui_method =
! 883: UI_create_method((char *)"curl user interface");
! 884: if(!ui_method) {
! 885: failf(data, "unable do create " OSSL_PACKAGE
! 886: " user-interface method");
! 887: return 0;
! 888: }
! 889: UI_method_set_opener(ui_method, UI_method_get_opener(UI_OpenSSL()));
! 890: UI_method_set_closer(ui_method, UI_method_get_closer(UI_OpenSSL()));
! 891: UI_method_set_reader(ui_method, ssl_ui_reader);
! 892: UI_method_set_writer(ui_method, ssl_ui_writer);
! 893: /* the typecast below was added to please mingw32 */
! 894: priv_key = (EVP_PKEY *)
! 895: ENGINE_load_private_key(data->state.engine, key_file,
! 896: ui_method,
! 897: key_passwd);
! 898: UI_destroy_method(ui_method);
! 899: if(!priv_key) {
! 900: failf(data, "failed to load private key from crypto engine");
! 901: return 0;
! 902: }
! 903: if(SSL_CTX_use_PrivateKey(ctx, priv_key) != 1) {
! 904: failf(data, "unable to set private key");
! 905: EVP_PKEY_free(priv_key);
! 906: return 0;
! 907: }
! 908: EVP_PKEY_free(priv_key); /* we don't need the handle any more... */
! 909: }
! 910: else {
! 911: failf(data, "crypto engine not set, can't load private key");
! 912: return 0;
! 913: }
! 914: }
! 915: break;
! 916: #else
! 917: failf(data, "file type ENG for private key not supported");
! 918: return 0;
! 919: #endif
! 920: case SSL_FILETYPE_PKCS12:
! 921: if(!cert_done) {
! 922: failf(data, "file type P12 for private key not supported");
! 923: return 0;
! 924: }
! 925: break;
! 926: default:
! 927: failf(data, "not supported file type for private key");
! 928: return 0;
! 929: }
! 930:
! 931: ssl = SSL_new(ctx);
! 932: if(!ssl) {
! 933: failf(data, "unable to create an SSL structure");
! 934: return 0;
! 935: }
! 936:
! 937: x509 = SSL_get_certificate(ssl);
! 938:
! 939: /* This version was provided by Evan Jordan and is supposed to not
! 940: leak memory as the previous version: */
! 941: if(x509) {
! 942: EVP_PKEY *pktmp = X509_get_pubkey(x509);
! 943: EVP_PKEY_copy_parameters(pktmp, SSL_get_privatekey(ssl));
! 944: EVP_PKEY_free(pktmp);
! 945: }
! 946:
! 947: #if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_IS_BORINGSSL)
! 948: {
! 949: /* If RSA is used, don't check the private key if its flags indicate
! 950: * it doesn't support it. */
! 951: EVP_PKEY *priv_key = SSL_get_privatekey(ssl);
! 952: int pktype;
! 953: #ifdef HAVE_OPAQUE_EVP_PKEY
! 954: pktype = EVP_PKEY_id(priv_key);
! 955: #else
! 956: pktype = priv_key->type;
! 957: #endif
! 958: if(pktype == EVP_PKEY_RSA) {
! 959: RSA *rsa = EVP_PKEY_get1_RSA(priv_key);
! 960: if(RSA_flags(rsa) & RSA_METHOD_FLAG_NO_CHECK)
! 961: check_privkey = FALSE;
! 962: RSA_free(rsa); /* Decrement reference count */
! 963: }
! 964: }
! 965: #endif
! 966:
! 967: SSL_free(ssl);
! 968:
! 969: /* If we are using DSA, we can copy the parameters from
! 970: * the private key */
! 971:
! 972: if(check_privkey == TRUE) {
! 973: /* Now we know that a key and cert have been set against
! 974: * the SSL context */
! 975: if(!SSL_CTX_check_private_key(ctx)) {
! 976: failf(data, "Private key does not match the certificate public key");
! 977: return 0;
! 978: }
! 979: }
! 980: }
! 981: return 1;
! 982: }
! 983:
! 984: /* returns non-zero on failure */
! 985: static int x509_name_oneline(X509_NAME *a, char *buf, size_t size)
! 986: {
! 987: #if 0
! 988: return X509_NAME_oneline(a, buf, size);
! 989: #else
! 990: BIO *bio_out = BIO_new(BIO_s_mem());
! 991: BUF_MEM *biomem;
! 992: int rc;
! 993:
! 994: if(!bio_out)
! 995: return 1; /* alloc failed! */
! 996:
! 997: rc = X509_NAME_print_ex(bio_out, a, 0, XN_FLAG_SEP_SPLUS_SPC);
! 998: BIO_get_mem_ptr(bio_out, &biomem);
! 999:
! 1000: if((size_t)biomem->length < size)
! 1001: size = biomem->length;
! 1002: else
! 1003: size--; /* don't overwrite the buffer end */
! 1004:
! 1005: memcpy(buf, biomem->data, size);
! 1006: buf[size] = 0;
! 1007:
! 1008: BIO_free(bio_out);
! 1009:
! 1010: return !rc;
! 1011: #endif
! 1012: }
! 1013:
! 1014: /**
! 1015: * Global SSL init
! 1016: *
! 1017: * @retval 0 error initializing SSL
! 1018: * @retval 1 SSL initialized successfully
! 1019: */
! 1020: static int Curl_ossl_init(void)
! 1021: {
! 1022: #ifdef ENABLE_SSLKEYLOGFILE
! 1023: char *keylog_file_name;
! 1024: #endif
! 1025:
! 1026: OPENSSL_load_builtin_modules();
! 1027:
! 1028: #ifdef USE_OPENSSL_ENGINE
! 1029: ENGINE_load_builtin_engines();
! 1030: #endif
! 1031:
! 1032: /* CONF_MFLAGS_DEFAULT_SECTION was introduced some time between 0.9.8b and
! 1033: 0.9.8e */
! 1034: #ifndef CONF_MFLAGS_DEFAULT_SECTION
! 1035: #define CONF_MFLAGS_DEFAULT_SECTION 0x0
! 1036: #endif
! 1037:
! 1038: #ifndef CURL_DISABLE_OPENSSL_AUTO_LOAD_CONFIG
! 1039: CONF_modules_load_file(NULL, NULL,
! 1040: CONF_MFLAGS_DEFAULT_SECTION|
! 1041: CONF_MFLAGS_IGNORE_MISSING_FILE);
! 1042: #endif
! 1043:
! 1044: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
! 1045: !defined(LIBRESSL_VERSION_NUMBER)
! 1046: /* OpenSSL 1.1.0+ takes care of initialization itself */
! 1047: #else
! 1048: /* Lets get nice error messages */
! 1049: SSL_load_error_strings();
! 1050:
! 1051: /* Init the global ciphers and digests */
! 1052: if(!SSLeay_add_ssl_algorithms())
! 1053: return 0;
! 1054:
! 1055: OpenSSL_add_all_algorithms();
! 1056: #endif
! 1057:
! 1058: #ifdef ENABLE_SSLKEYLOGFILE
! 1059: if(!keylog_file_fp) {
! 1060: keylog_file_name = curl_getenv("SSLKEYLOGFILE");
! 1061: if(keylog_file_name) {
! 1062: keylog_file_fp = fopen(keylog_file_name, FOPEN_APPENDTEXT);
! 1063: if(keylog_file_fp) {
! 1064: #ifdef WIN32
! 1065: if(setvbuf(keylog_file_fp, NULL, _IONBF, 0))
! 1066: #else
! 1067: if(setvbuf(keylog_file_fp, NULL, _IOLBF, 4096))
! 1068: #endif
! 1069: {
! 1070: fclose(keylog_file_fp);
! 1071: keylog_file_fp = NULL;
! 1072: }
! 1073: }
! 1074: Curl_safefree(keylog_file_name);
! 1075: }
! 1076: }
! 1077: #endif
! 1078:
! 1079: /* Initialize the extra data indexes */
! 1080: if(ossl_get_ssl_conn_index() < 0 || ossl_get_ssl_sockindex_index() < 0)
! 1081: return 0;
! 1082:
! 1083: return 1;
! 1084: }
! 1085:
! 1086: /* Global cleanup */
! 1087: static void Curl_ossl_cleanup(void)
! 1088: {
! 1089: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && \
! 1090: !defined(LIBRESSL_VERSION_NUMBER)
! 1091: /* OpenSSL 1.1 deprecates all these cleanup functions and
! 1092: turns them into no-ops in OpenSSL 1.0 compatibility mode */
! 1093: #else
! 1094: /* Free ciphers and digests lists */
! 1095: EVP_cleanup();
! 1096:
! 1097: #ifdef USE_OPENSSL_ENGINE
! 1098: /* Free engine list */
! 1099: ENGINE_cleanup();
! 1100: #endif
! 1101:
! 1102: /* Free OpenSSL error strings */
! 1103: ERR_free_strings();
! 1104:
! 1105: /* Free thread local error state, destroying hash upon zero refcount */
! 1106: #ifdef HAVE_ERR_REMOVE_THREAD_STATE
! 1107: ERR_remove_thread_state(NULL);
! 1108: #else
! 1109: ERR_remove_state(0);
! 1110: #endif
! 1111:
! 1112: /* Free all memory allocated by all configuration modules */
! 1113: CONF_modules_free();
! 1114:
! 1115: #ifdef HAVE_SSL_COMP_FREE_COMPRESSION_METHODS
! 1116: SSL_COMP_free_compression_methods();
! 1117: #endif
! 1118: #endif
! 1119:
! 1120: #ifdef ENABLE_SSLKEYLOGFILE
! 1121: if(keylog_file_fp) {
! 1122: fclose(keylog_file_fp);
! 1123: keylog_file_fp = NULL;
! 1124: }
! 1125: #endif
! 1126: }
! 1127:
! 1128: /*
! 1129: * This function is used to determine connection status.
! 1130: *
! 1131: * Return codes:
! 1132: * 1 means the connection is still in place
! 1133: * 0 means the connection has been closed
! 1134: * -1 means the connection status is unknown
! 1135: */
! 1136: static int Curl_ossl_check_cxn(struct connectdata *conn)
! 1137: {
! 1138: /* SSL_peek takes data out of the raw recv buffer without peeking so we use
! 1139: recv MSG_PEEK instead. Bug #795 */
! 1140: #ifdef MSG_PEEK
! 1141: char buf;
! 1142: ssize_t nread;
! 1143: nread = recv((RECV_TYPE_ARG1)conn->sock[FIRSTSOCKET], (RECV_TYPE_ARG2)&buf,
! 1144: (RECV_TYPE_ARG3)1, (RECV_TYPE_ARG4)MSG_PEEK);
! 1145: if(nread == 0)
! 1146: return 0; /* connection has been closed */
! 1147: if(nread == 1)
! 1148: return 1; /* connection still in place */
! 1149: else if(nread == -1) {
! 1150: int err = SOCKERRNO;
! 1151: if(err == EINPROGRESS ||
! 1152: #if defined(EAGAIN) && (EAGAIN != EWOULDBLOCK)
! 1153: err == EAGAIN ||
! 1154: #endif
! 1155: err == EWOULDBLOCK)
! 1156: return 1; /* connection still in place */
! 1157: if(err == ECONNRESET ||
! 1158: #ifdef ECONNABORTED
! 1159: err == ECONNABORTED ||
! 1160: #endif
! 1161: #ifdef ENETDOWN
! 1162: err == ENETDOWN ||
! 1163: #endif
! 1164: #ifdef ENETRESET
! 1165: err == ENETRESET ||
! 1166: #endif
! 1167: #ifdef ESHUTDOWN
! 1168: err == ESHUTDOWN ||
! 1169: #endif
! 1170: #ifdef ETIMEDOUT
! 1171: err == ETIMEDOUT ||
! 1172: #endif
! 1173: err == ENOTCONN)
! 1174: return 0; /* connection has been closed */
! 1175: }
! 1176: #endif
! 1177: return -1; /* connection status unknown */
! 1178: }
! 1179:
! 1180: /* Selects an OpenSSL crypto engine
! 1181: */
! 1182: static CURLcode Curl_ossl_set_engine(struct Curl_easy *data,
! 1183: const char *engine)
! 1184: {
! 1185: #ifdef USE_OPENSSL_ENGINE
! 1186: ENGINE *e;
! 1187:
! 1188: #if OPENSSL_VERSION_NUMBER >= 0x00909000L
! 1189: e = ENGINE_by_id(engine);
! 1190: #else
! 1191: /* avoid memory leak */
! 1192: for(e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) {
! 1193: const char *e_id = ENGINE_get_id(e);
! 1194: if(!strcmp(engine, e_id))
! 1195: break;
! 1196: }
! 1197: #endif
! 1198:
! 1199: if(!e) {
! 1200: failf(data, "SSL Engine '%s' not found", engine);
! 1201: return CURLE_SSL_ENGINE_NOTFOUND;
! 1202: }
! 1203:
! 1204: if(data->state.engine) {
! 1205: ENGINE_finish(data->state.engine);
! 1206: ENGINE_free(data->state.engine);
! 1207: data->state.engine = NULL;
! 1208: }
! 1209: if(!ENGINE_init(e)) {
! 1210: char buf[256];
! 1211:
! 1212: ENGINE_free(e);
! 1213: failf(data, "Failed to initialise SSL Engine '%s':\n%s",
! 1214: engine, ossl_strerror(ERR_get_error(), buf, sizeof(buf)));
! 1215: return CURLE_SSL_ENGINE_INITFAILED;
! 1216: }
! 1217: data->state.engine = e;
! 1218: return CURLE_OK;
! 1219: #else
! 1220: (void)engine;
! 1221: failf(data, "SSL Engine not supported");
! 1222: return CURLE_SSL_ENGINE_NOTFOUND;
! 1223: #endif
! 1224: }
! 1225:
! 1226: /* Sets engine as default for all SSL operations
! 1227: */
! 1228: static CURLcode Curl_ossl_set_engine_default(struct Curl_easy *data)
! 1229: {
! 1230: #ifdef USE_OPENSSL_ENGINE
! 1231: if(data->state.engine) {
! 1232: if(ENGINE_set_default(data->state.engine, ENGINE_METHOD_ALL) > 0) {
! 1233: infof(data, "set default crypto engine '%s'\n",
! 1234: ENGINE_get_id(data->state.engine));
! 1235: }
! 1236: else {
! 1237: failf(data, "set default crypto engine '%s' failed",
! 1238: ENGINE_get_id(data->state.engine));
! 1239: return CURLE_SSL_ENGINE_SETFAILED;
! 1240: }
! 1241: }
! 1242: #else
! 1243: (void) data;
! 1244: #endif
! 1245: return CURLE_OK;
! 1246: }
! 1247:
! 1248: /* Return list of OpenSSL crypto engine names.
! 1249: */
! 1250: static struct curl_slist *Curl_ossl_engines_list(struct Curl_easy *data)
! 1251: {
! 1252: struct curl_slist *list = NULL;
! 1253: #ifdef USE_OPENSSL_ENGINE
! 1254: struct curl_slist *beg;
! 1255: ENGINE *e;
! 1256:
! 1257: for(e = ENGINE_get_first(); e; e = ENGINE_get_next(e)) {
! 1258: beg = curl_slist_append(list, ENGINE_get_id(e));
! 1259: if(!beg) {
! 1260: curl_slist_free_all(list);
! 1261: return NULL;
! 1262: }
! 1263: list = beg;
! 1264: }
! 1265: #endif
! 1266: (void) data;
! 1267: return list;
! 1268: }
! 1269:
! 1270: static void ossl_close(struct ssl_connect_data *connssl)
! 1271: {
! 1272: struct ssl_backend_data *backend = connssl->backend;
! 1273: if(backend->handle) {
! 1274: (void)SSL_shutdown(backend->handle);
! 1275: SSL_set_connect_state(backend->handle);
! 1276:
! 1277: SSL_free(backend->handle);
! 1278: backend->handle = NULL;
! 1279: }
! 1280: if(backend->ctx) {
! 1281: SSL_CTX_free(backend->ctx);
! 1282: backend->ctx = NULL;
! 1283: }
! 1284: }
! 1285:
! 1286: /*
! 1287: * This function is called when an SSL connection is closed.
! 1288: */
! 1289: static void Curl_ossl_close(struct connectdata *conn, int sockindex)
! 1290: {
! 1291: ossl_close(&conn->ssl[sockindex]);
! 1292: ossl_close(&conn->proxy_ssl[sockindex]);
! 1293: }
! 1294:
! 1295: /*
! 1296: * This function is called to shut down the SSL layer but keep the
! 1297: * socket open (CCC - Clear Command Channel)
! 1298: */
! 1299: static int Curl_ossl_shutdown(struct connectdata *conn, int sockindex)
! 1300: {
! 1301: int retval = 0;
! 1302: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 1303: struct Curl_easy *data = conn->data;
! 1304: char buf[256]; /* We will use this for the OpenSSL error buffer, so it has
! 1305: to be at least 256 bytes long. */
! 1306: unsigned long sslerror;
! 1307: ssize_t nread;
! 1308: int buffsize;
! 1309: int err;
! 1310: bool done = FALSE;
! 1311: struct ssl_backend_data *backend = connssl->backend;
! 1312:
! 1313: #ifndef CURL_DISABLE_FTP
! 1314: /* This has only been tested on the proftpd server, and the mod_tls code
! 1315: sends a close notify alert without waiting for a close notify alert in
! 1316: response. Thus we wait for a close notify alert from the server, but
! 1317: we do not send one. Let's hope other servers do the same... */
! 1318:
! 1319: if(data->set.ftp_ccc == CURLFTPSSL_CCC_ACTIVE)
! 1320: (void)SSL_shutdown(backend->handle);
! 1321: #endif
! 1322:
! 1323: if(backend->handle) {
! 1324: buffsize = (int)sizeof(buf);
! 1325: while(!done) {
! 1326: int what = SOCKET_READABLE(conn->sock[sockindex],
! 1327: SSL_SHUTDOWN_TIMEOUT);
! 1328: if(what > 0) {
! 1329: ERR_clear_error();
! 1330:
! 1331: /* Something to read, let's do it and hope that it is the close
! 1332: notify alert from the server */
! 1333: nread = (ssize_t)SSL_read(backend->handle, buf, buffsize);
! 1334: err = SSL_get_error(backend->handle, (int)nread);
! 1335:
! 1336: switch(err) {
! 1337: case SSL_ERROR_NONE: /* this is not an error */
! 1338: case SSL_ERROR_ZERO_RETURN: /* no more data */
! 1339: /* This is the expected response. There was no data but only
! 1340: the close notify alert */
! 1341: done = TRUE;
! 1342: break;
! 1343: case SSL_ERROR_WANT_READ:
! 1344: /* there's data pending, re-invoke SSL_read() */
! 1345: infof(data, "SSL_ERROR_WANT_READ\n");
! 1346: break;
! 1347: case SSL_ERROR_WANT_WRITE:
! 1348: /* SSL wants a write. Really odd. Let's bail out. */
! 1349: infof(data, "SSL_ERROR_WANT_WRITE\n");
! 1350: done = TRUE;
! 1351: break;
! 1352: default:
! 1353: /* openssl/ssl.h says "look at error stack/return value/errno" */
! 1354: sslerror = ERR_get_error();
! 1355: failf(conn->data, OSSL_PACKAGE " SSL_read on shutdown: %s, errno %d",
! 1356: (sslerror ?
! 1357: ossl_strerror(sslerror, buf, sizeof(buf)) :
! 1358: SSL_ERROR_to_str(err)),
! 1359: SOCKERRNO);
! 1360: done = TRUE;
! 1361: break;
! 1362: }
! 1363: }
! 1364: else if(0 == what) {
! 1365: /* timeout */
! 1366: failf(data, "SSL shutdown timeout");
! 1367: done = TRUE;
! 1368: }
! 1369: else {
! 1370: /* anything that gets here is fatally bad */
! 1371: failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
! 1372: retval = -1;
! 1373: done = TRUE;
! 1374: }
! 1375: } /* while()-loop for the select() */
! 1376:
! 1377: if(data->set.verbose) {
! 1378: #ifdef HAVE_SSL_GET_SHUTDOWN
! 1379: switch(SSL_get_shutdown(backend->handle)) {
! 1380: case SSL_SENT_SHUTDOWN:
! 1381: infof(data, "SSL_get_shutdown() returned SSL_SENT_SHUTDOWN\n");
! 1382: break;
! 1383: case SSL_RECEIVED_SHUTDOWN:
! 1384: infof(data, "SSL_get_shutdown() returned SSL_RECEIVED_SHUTDOWN\n");
! 1385: break;
! 1386: case SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN:
! 1387: infof(data, "SSL_get_shutdown() returned SSL_SENT_SHUTDOWN|"
! 1388: "SSL_RECEIVED__SHUTDOWN\n");
! 1389: break;
! 1390: }
! 1391: #endif
! 1392: }
! 1393:
! 1394: SSL_free(backend->handle);
! 1395: backend->handle = NULL;
! 1396: }
! 1397: return retval;
! 1398: }
! 1399:
! 1400: static void Curl_ossl_session_free(void *ptr)
! 1401: {
! 1402: /* free the ID */
! 1403: SSL_SESSION_free(ptr);
! 1404: }
! 1405:
! 1406: /*
! 1407: * This function is called when the 'data' struct is going away. Close
! 1408: * down everything and free all resources!
! 1409: */
! 1410: static void Curl_ossl_close_all(struct Curl_easy *data)
! 1411: {
! 1412: #ifdef USE_OPENSSL_ENGINE
! 1413: if(data->state.engine) {
! 1414: ENGINE_finish(data->state.engine);
! 1415: ENGINE_free(data->state.engine);
! 1416: data->state.engine = NULL;
! 1417: }
! 1418: #else
! 1419: (void)data;
! 1420: #endif
! 1421: #if !defined(HAVE_ERR_REMOVE_THREAD_STATE_DEPRECATED) && \
! 1422: defined(HAVE_ERR_REMOVE_THREAD_STATE)
! 1423: /* OpenSSL 1.0.1 and 1.0.2 build an error queue that is stored per-thread
! 1424: so we need to clean it here in case the thread will be killed. All OpenSSL
! 1425: code should extract the error in association with the error so clearing
! 1426: this queue here should be harmless at worst. */
! 1427: ERR_remove_thread_state(NULL);
! 1428: #endif
! 1429: }
! 1430:
! 1431: /* ====================================================== */
! 1432:
! 1433: /*
! 1434: * Match subjectAltName against the host name. This requires a conversion
! 1435: * in CURL_DOES_CONVERSIONS builds.
! 1436: */
! 1437: static bool subj_alt_hostcheck(struct Curl_easy *data,
! 1438: const char *match_pattern, const char *hostname,
! 1439: const char *dispname)
! 1440: #ifdef CURL_DOES_CONVERSIONS
! 1441: {
! 1442: bool res = FALSE;
! 1443:
! 1444: /* Curl_cert_hostcheck uses host encoding, but we get ASCII from
! 1445: OpenSSl.
! 1446: */
! 1447: char *match_pattern2 = strdup(match_pattern);
! 1448:
! 1449: if(match_pattern2) {
! 1450: if(Curl_convert_from_network(data, match_pattern2,
! 1451: strlen(match_pattern2)) == CURLE_OK) {
! 1452: if(Curl_cert_hostcheck(match_pattern2, hostname)) {
! 1453: res = TRUE;
! 1454: infof(data,
! 1455: " subjectAltName: host \"%s\" matched cert's \"%s\"\n",
! 1456: dispname, match_pattern2);
! 1457: }
! 1458: }
! 1459: free(match_pattern2);
! 1460: }
! 1461: else {
! 1462: failf(data,
! 1463: "SSL: out of memory when allocating temporary for subjectAltName");
! 1464: }
! 1465: return res;
! 1466: }
! 1467: #else
! 1468: {
! 1469: #ifdef CURL_DISABLE_VERBOSE_STRINGS
! 1470: (void)dispname;
! 1471: (void)data;
! 1472: #endif
! 1473: if(Curl_cert_hostcheck(match_pattern, hostname)) {
! 1474: infof(data, " subjectAltName: host \"%s\" matched cert's \"%s\"\n",
! 1475: dispname, match_pattern);
! 1476: return TRUE;
! 1477: }
! 1478: return FALSE;
! 1479: }
! 1480: #endif
! 1481:
! 1482:
! 1483: /* Quote from RFC2818 section 3.1 "Server Identity"
! 1484:
! 1485: If a subjectAltName extension of type dNSName is present, that MUST
! 1486: be used as the identity. Otherwise, the (most specific) Common Name
! 1487: field in the Subject field of the certificate MUST be used. Although
! 1488: the use of the Common Name is existing practice, it is deprecated and
! 1489: Certification Authorities are encouraged to use the dNSName instead.
! 1490:
! 1491: Matching is performed using the matching rules specified by
! 1492: [RFC2459]. If more than one identity of a given type is present in
! 1493: the certificate (e.g., more than one dNSName name, a match in any one
! 1494: of the set is considered acceptable.) Names may contain the wildcard
! 1495: character * which is considered to match any single domain name
! 1496: component or component fragment. E.g., *.a.com matches foo.a.com but
! 1497: not bar.foo.a.com. f*.com matches foo.com but not bar.com.
! 1498:
! 1499: In some cases, the URI is specified as an IP address rather than a
! 1500: hostname. In this case, the iPAddress subjectAltName must be present
! 1501: in the certificate and must exactly match the IP in the URI.
! 1502:
! 1503: */
! 1504: static CURLcode verifyhost(struct connectdata *conn, X509 *server_cert)
! 1505: {
! 1506: bool matched = FALSE;
! 1507: int target = GEN_DNS; /* target type, GEN_DNS or GEN_IPADD */
! 1508: size_t addrlen = 0;
! 1509: struct Curl_easy *data = conn->data;
! 1510: STACK_OF(GENERAL_NAME) *altnames;
! 1511: #ifdef ENABLE_IPV6
! 1512: struct in6_addr addr;
! 1513: #else
! 1514: struct in_addr addr;
! 1515: #endif
! 1516: CURLcode result = CURLE_OK;
! 1517: bool dNSName = FALSE; /* if a dNSName field exists in the cert */
! 1518: bool iPAddress = FALSE; /* if a iPAddress field exists in the cert */
! 1519: const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
! 1520: conn->host.name;
! 1521: const char * const dispname = SSL_IS_PROXY() ?
! 1522: conn->http_proxy.host.dispname : conn->host.dispname;
! 1523:
! 1524: #ifdef ENABLE_IPV6
! 1525: if(conn->bits.ipv6_ip &&
! 1526: Curl_inet_pton(AF_INET6, hostname, &addr)) {
! 1527: target = GEN_IPADD;
! 1528: addrlen = sizeof(struct in6_addr);
! 1529: }
! 1530: else
! 1531: #endif
! 1532: if(Curl_inet_pton(AF_INET, hostname, &addr)) {
! 1533: target = GEN_IPADD;
! 1534: addrlen = sizeof(struct in_addr);
! 1535: }
! 1536:
! 1537: /* get a "list" of alternative names */
! 1538: altnames = X509_get_ext_d2i(server_cert, NID_subject_alt_name, NULL, NULL);
! 1539:
! 1540: if(altnames) {
! 1541: #ifdef OPENSSL_IS_BORINGSSL
! 1542: size_t numalts;
! 1543: size_t i;
! 1544: #else
! 1545: int numalts;
! 1546: int i;
! 1547: #endif
! 1548: bool dnsmatched = FALSE;
! 1549: bool ipmatched = FALSE;
! 1550:
! 1551: /* get amount of alternatives, RFC2459 claims there MUST be at least
! 1552: one, but we don't depend on it... */
! 1553: numalts = sk_GENERAL_NAME_num(altnames);
! 1554:
! 1555: /* loop through all alternatives - until a dnsmatch */
! 1556: for(i = 0; (i < numalts) && !dnsmatched; i++) {
! 1557: /* get a handle to alternative name number i */
! 1558: const GENERAL_NAME *check = sk_GENERAL_NAME_value(altnames, i);
! 1559:
! 1560: if(check->type == GEN_DNS)
! 1561: dNSName = TRUE;
! 1562: else if(check->type == GEN_IPADD)
! 1563: iPAddress = TRUE;
! 1564:
! 1565: /* only check alternatives of the same type the target is */
! 1566: if(check->type == target) {
! 1567: /* get data and length */
! 1568: const char *altptr = (char *)ASN1_STRING_get0_data(check->d.ia5);
! 1569: size_t altlen = (size_t) ASN1_STRING_length(check->d.ia5);
! 1570:
! 1571: switch(target) {
! 1572: case GEN_DNS: /* name/pattern comparison */
! 1573: /* The OpenSSL man page explicitly says: "In general it cannot be
! 1574: assumed that the data returned by ASN1_STRING_data() is null
! 1575: terminated or does not contain embedded nulls." But also that
! 1576: "The actual format of the data will depend on the actual string
! 1577: type itself: for example for an IA5String the data will be ASCII"
! 1578:
! 1579: It has been however verified that in 0.9.6 and 0.9.7, IA5String
! 1580: is always zero-terminated.
! 1581: */
! 1582: if((altlen == strlen(altptr)) &&
! 1583: /* if this isn't true, there was an embedded zero in the name
! 1584: string and we cannot match it. */
! 1585: subj_alt_hostcheck(data, altptr, hostname, dispname)) {
! 1586: dnsmatched = TRUE;
! 1587: }
! 1588: break;
! 1589:
! 1590: case GEN_IPADD: /* IP address comparison */
! 1591: /* compare alternative IP address if the data chunk is the same size
! 1592: our server IP address is */
! 1593: if((altlen == addrlen) && !memcmp(altptr, &addr, altlen)) {
! 1594: ipmatched = TRUE;
! 1595: infof(data,
! 1596: " subjectAltName: host \"%s\" matched cert's IP address!\n",
! 1597: dispname);
! 1598: }
! 1599: break;
! 1600: }
! 1601: }
! 1602: }
! 1603: GENERAL_NAMES_free(altnames);
! 1604:
! 1605: if(dnsmatched || ipmatched)
! 1606: matched = TRUE;
! 1607: }
! 1608:
! 1609: if(matched)
! 1610: /* an alternative name matched */
! 1611: ;
! 1612: else if(dNSName || iPAddress) {
! 1613: infof(data, " subjectAltName does not match %s\n", dispname);
! 1614: failf(data, "SSL: no alternative certificate subject name matches "
! 1615: "target host name '%s'", dispname);
! 1616: result = CURLE_PEER_FAILED_VERIFICATION;
! 1617: }
! 1618: else {
! 1619: /* we have to look to the last occurrence of a commonName in the
! 1620: distinguished one to get the most significant one. */
! 1621: int j, i = -1;
! 1622:
! 1623: /* The following is done because of a bug in 0.9.6b */
! 1624:
! 1625: unsigned char *nulstr = (unsigned char *)"";
! 1626: unsigned char *peer_CN = nulstr;
! 1627:
! 1628: X509_NAME *name = X509_get_subject_name(server_cert);
! 1629: if(name)
! 1630: while((j = X509_NAME_get_index_by_NID(name, NID_commonName, i)) >= 0)
! 1631: i = j;
! 1632:
! 1633: /* we have the name entry and we will now convert this to a string
! 1634: that we can use for comparison. Doing this we support BMPstring,
! 1635: UTF8 etc. */
! 1636:
! 1637: if(i >= 0) {
! 1638: ASN1_STRING *tmp =
! 1639: X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, i));
! 1640:
! 1641: /* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input
! 1642: is already UTF-8 encoded. We check for this case and copy the raw
! 1643: string manually to avoid the problem. This code can be made
! 1644: conditional in the future when OpenSSL has been fixed. */
! 1645: if(tmp) {
! 1646: if(ASN1_STRING_type(tmp) == V_ASN1_UTF8STRING) {
! 1647: j = ASN1_STRING_length(tmp);
! 1648: if(j >= 0) {
! 1649: peer_CN = OPENSSL_malloc(j + 1);
! 1650: if(peer_CN) {
! 1651: memcpy(peer_CN, ASN1_STRING_get0_data(tmp), j);
! 1652: peer_CN[j] = '\0';
! 1653: }
! 1654: }
! 1655: }
! 1656: else /* not a UTF8 name */
! 1657: j = ASN1_STRING_to_UTF8(&peer_CN, tmp);
! 1658:
! 1659: if(peer_CN && (curlx_uztosi(strlen((char *)peer_CN)) != j)) {
! 1660: /* there was a terminating zero before the end of string, this
! 1661: cannot match and we return failure! */
! 1662: failf(data, "SSL: illegal cert name field");
! 1663: result = CURLE_PEER_FAILED_VERIFICATION;
! 1664: }
! 1665: }
! 1666: }
! 1667:
! 1668: if(peer_CN == nulstr)
! 1669: peer_CN = NULL;
! 1670: else {
! 1671: /* convert peer_CN from UTF8 */
! 1672: CURLcode rc = Curl_convert_from_utf8(data, (char *)peer_CN,
! 1673: strlen((char *)peer_CN));
! 1674: /* Curl_convert_from_utf8 calls failf if unsuccessful */
! 1675: if(rc) {
! 1676: OPENSSL_free(peer_CN);
! 1677: return rc;
! 1678: }
! 1679: }
! 1680:
! 1681: if(result)
! 1682: /* error already detected, pass through */
! 1683: ;
! 1684: else if(!peer_CN) {
! 1685: failf(data,
! 1686: "SSL: unable to obtain common name from peer certificate");
! 1687: result = CURLE_PEER_FAILED_VERIFICATION;
! 1688: }
! 1689: else if(!Curl_cert_hostcheck((const char *)peer_CN, hostname)) {
! 1690: failf(data, "SSL: certificate subject name '%s' does not match "
! 1691: "target host name '%s'", peer_CN, dispname);
! 1692: result = CURLE_PEER_FAILED_VERIFICATION;
! 1693: }
! 1694: else {
! 1695: infof(data, " common name: %s (matched)\n", peer_CN);
! 1696: }
! 1697: if(peer_CN)
! 1698: OPENSSL_free(peer_CN);
! 1699: }
! 1700:
! 1701: return result;
! 1702: }
! 1703:
! 1704: #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
! 1705: !defined(OPENSSL_NO_OCSP)
! 1706: static CURLcode verifystatus(struct connectdata *conn,
! 1707: struct ssl_connect_data *connssl)
! 1708: {
! 1709: int i, ocsp_status;
! 1710: unsigned char *status;
! 1711: const unsigned char *p;
! 1712: CURLcode result = CURLE_OK;
! 1713: struct Curl_easy *data = conn->data;
! 1714: OCSP_RESPONSE *rsp = NULL;
! 1715: OCSP_BASICRESP *br = NULL;
! 1716: X509_STORE *st = NULL;
! 1717: STACK_OF(X509) *ch = NULL;
! 1718: struct ssl_backend_data *backend = connssl->backend;
! 1719:
! 1720: long len = SSL_get_tlsext_status_ocsp_resp(backend->handle, &status);
! 1721:
! 1722: if(!status) {
! 1723: failf(data, "No OCSP response received");
! 1724: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1725: goto end;
! 1726: }
! 1727: p = status;
! 1728: rsp = d2i_OCSP_RESPONSE(NULL, &p, len);
! 1729: if(!rsp) {
! 1730: failf(data, "Invalid OCSP response");
! 1731: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1732: goto end;
! 1733: }
! 1734:
! 1735: ocsp_status = OCSP_response_status(rsp);
! 1736: if(ocsp_status != OCSP_RESPONSE_STATUS_SUCCESSFUL) {
! 1737: failf(data, "Invalid OCSP response status: %s (%d)",
! 1738: OCSP_response_status_str(ocsp_status), ocsp_status);
! 1739: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1740: goto end;
! 1741: }
! 1742:
! 1743: br = OCSP_response_get1_basic(rsp);
! 1744: if(!br) {
! 1745: failf(data, "Invalid OCSP response");
! 1746: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1747: goto end;
! 1748: }
! 1749:
! 1750: ch = SSL_get_peer_cert_chain(backend->handle);
! 1751: st = SSL_CTX_get_cert_store(backend->ctx);
! 1752:
! 1753: #if ((OPENSSL_VERSION_NUMBER <= 0x1000201fL) /* Fixed after 1.0.2a */ || \
! 1754: (defined(LIBRESSL_VERSION_NUMBER) && \
! 1755: LIBRESSL_VERSION_NUMBER <= 0x2040200fL))
! 1756: /* The authorized responder cert in the OCSP response MUST be signed by the
! 1757: peer cert's issuer (see RFC6960 section 4.2.2.2). If that's a root cert,
! 1758: no problem, but if it's an intermediate cert OpenSSL has a bug where it
! 1759: expects this issuer to be present in the chain embedded in the OCSP
! 1760: response. So we add it if necessary. */
! 1761:
! 1762: /* First make sure the peer cert chain includes both a peer and an issuer,
! 1763: and the OCSP response contains a responder cert. */
! 1764: if(sk_X509_num(ch) >= 2 && sk_X509_num(br->certs) >= 1) {
! 1765: X509 *responder = sk_X509_value(br->certs, sk_X509_num(br->certs) - 1);
! 1766:
! 1767: /* Find issuer of responder cert and add it to the OCSP response chain */
! 1768: for(i = 0; i < sk_X509_num(ch); i++) {
! 1769: X509 *issuer = sk_X509_value(ch, i);
! 1770: if(X509_check_issued(issuer, responder) == X509_V_OK) {
! 1771: if(!OCSP_basic_add1_cert(br, issuer)) {
! 1772: failf(data, "Could not add issuer cert to OCSP response");
! 1773: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1774: goto end;
! 1775: }
! 1776: }
! 1777: }
! 1778: }
! 1779: #endif
! 1780:
! 1781: if(OCSP_basic_verify(br, ch, st, 0) <= 0) {
! 1782: failf(data, "OCSP response verification failed");
! 1783: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1784: goto end;
! 1785: }
! 1786:
! 1787: for(i = 0; i < OCSP_resp_count(br); i++) {
! 1788: int cert_status, crl_reason;
! 1789: OCSP_SINGLERESP *single = NULL;
! 1790:
! 1791: ASN1_GENERALIZEDTIME *rev, *thisupd, *nextupd;
! 1792:
! 1793: single = OCSP_resp_get0(br, i);
! 1794: if(!single)
! 1795: continue;
! 1796:
! 1797: cert_status = OCSP_single_get0_status(single, &crl_reason, &rev,
! 1798: &thisupd, &nextupd);
! 1799:
! 1800: if(!OCSP_check_validity(thisupd, nextupd, 300L, -1L)) {
! 1801: failf(data, "OCSP response has expired");
! 1802: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1803: goto end;
! 1804: }
! 1805:
! 1806: infof(data, "SSL certificate status: %s (%d)\n",
! 1807: OCSP_cert_status_str(cert_status), cert_status);
! 1808:
! 1809: switch(cert_status) {
! 1810: case V_OCSP_CERTSTATUS_GOOD:
! 1811: break;
! 1812:
! 1813: case V_OCSP_CERTSTATUS_REVOKED:
! 1814: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1815:
! 1816: failf(data, "SSL certificate revocation reason: %s (%d)",
! 1817: OCSP_crl_reason_str(crl_reason), crl_reason);
! 1818: goto end;
! 1819:
! 1820: case V_OCSP_CERTSTATUS_UNKNOWN:
! 1821: result = CURLE_SSL_INVALIDCERTSTATUS;
! 1822: goto end;
! 1823: }
! 1824: }
! 1825:
! 1826: end:
! 1827: if(br)
! 1828: OCSP_BASICRESP_free(br);
! 1829: OCSP_RESPONSE_free(rsp);
! 1830:
! 1831: return result;
! 1832: }
! 1833: #endif
! 1834:
! 1835: #endif /* USE_OPENSSL */
! 1836:
! 1837: /* The SSL_CTRL_SET_MSG_CALLBACK doesn't exist in ancient OpenSSL versions
! 1838: and thus this cannot be done there. */
! 1839: #ifdef SSL_CTRL_SET_MSG_CALLBACK
! 1840:
! 1841: static const char *ssl_msg_type(int ssl_ver, int msg)
! 1842: {
! 1843: #ifdef SSL2_VERSION_MAJOR
! 1844: if(ssl_ver == SSL2_VERSION_MAJOR) {
! 1845: switch(msg) {
! 1846: case SSL2_MT_ERROR:
! 1847: return "Error";
! 1848: case SSL2_MT_CLIENT_HELLO:
! 1849: return "Client hello";
! 1850: case SSL2_MT_CLIENT_MASTER_KEY:
! 1851: return "Client key";
! 1852: case SSL2_MT_CLIENT_FINISHED:
! 1853: return "Client finished";
! 1854: case SSL2_MT_SERVER_HELLO:
! 1855: return "Server hello";
! 1856: case SSL2_MT_SERVER_VERIFY:
! 1857: return "Server verify";
! 1858: case SSL2_MT_SERVER_FINISHED:
! 1859: return "Server finished";
! 1860: case SSL2_MT_REQUEST_CERTIFICATE:
! 1861: return "Request CERT";
! 1862: case SSL2_MT_CLIENT_CERTIFICATE:
! 1863: return "Client CERT";
! 1864: }
! 1865: }
! 1866: else
! 1867: #endif
! 1868: if(ssl_ver == SSL3_VERSION_MAJOR) {
! 1869: switch(msg) {
! 1870: case SSL3_MT_HELLO_REQUEST:
! 1871: return "Hello request";
! 1872: case SSL3_MT_CLIENT_HELLO:
! 1873: return "Client hello";
! 1874: case SSL3_MT_SERVER_HELLO:
! 1875: return "Server hello";
! 1876: #ifdef SSL3_MT_NEWSESSION_TICKET
! 1877: case SSL3_MT_NEWSESSION_TICKET:
! 1878: return "Newsession Ticket";
! 1879: #endif
! 1880: case SSL3_MT_CERTIFICATE:
! 1881: return "Certificate";
! 1882: case SSL3_MT_SERVER_KEY_EXCHANGE:
! 1883: return "Server key exchange";
! 1884: case SSL3_MT_CLIENT_KEY_EXCHANGE:
! 1885: return "Client key exchange";
! 1886: case SSL3_MT_CERTIFICATE_REQUEST:
! 1887: return "Request CERT";
! 1888: case SSL3_MT_SERVER_DONE:
! 1889: return "Server finished";
! 1890: case SSL3_MT_CERTIFICATE_VERIFY:
! 1891: return "CERT verify";
! 1892: case SSL3_MT_FINISHED:
! 1893: return "Finished";
! 1894: #ifdef SSL3_MT_CERTIFICATE_STATUS
! 1895: case SSL3_MT_CERTIFICATE_STATUS:
! 1896: return "Certificate Status";
! 1897: #endif
! 1898: #ifdef SSL3_MT_ENCRYPTED_EXTENSIONS
! 1899: case SSL3_MT_ENCRYPTED_EXTENSIONS:
! 1900: return "Encrypted Extensions";
! 1901: #endif
! 1902: #ifdef SSL3_MT_END_OF_EARLY_DATA
! 1903: case SSL3_MT_END_OF_EARLY_DATA:
! 1904: return "End of early data";
! 1905: #endif
! 1906: #ifdef SSL3_MT_KEY_UPDATE
! 1907: case SSL3_MT_KEY_UPDATE:
! 1908: return "Key update";
! 1909: #endif
! 1910: #ifdef SSL3_MT_NEXT_PROTO
! 1911: case SSL3_MT_NEXT_PROTO:
! 1912: return "Next protocol";
! 1913: #endif
! 1914: #ifdef SSL3_MT_MESSAGE_HASH
! 1915: case SSL3_MT_MESSAGE_HASH:
! 1916: return "Message hash";
! 1917: #endif
! 1918: }
! 1919: }
! 1920: return "Unknown";
! 1921: }
! 1922:
! 1923: static const char *tls_rt_type(int type)
! 1924: {
! 1925: switch(type) {
! 1926: #ifdef SSL3_RT_HEADER
! 1927: case SSL3_RT_HEADER:
! 1928: return "TLS header";
! 1929: #endif
! 1930: case SSL3_RT_CHANGE_CIPHER_SPEC:
! 1931: return "TLS change cipher";
! 1932: case SSL3_RT_ALERT:
! 1933: return "TLS alert";
! 1934: case SSL3_RT_HANDSHAKE:
! 1935: return "TLS handshake";
! 1936: case SSL3_RT_APPLICATION_DATA:
! 1937: return "TLS app data";
! 1938: default:
! 1939: return "TLS Unknown";
! 1940: }
! 1941: }
! 1942:
! 1943:
! 1944: /*
! 1945: * Our callback from the SSL/TLS layers.
! 1946: */
! 1947: static void ssl_tls_trace(int direction, int ssl_ver, int content_type,
! 1948: const void *buf, size_t len, SSL *ssl,
! 1949: void *userp)
! 1950: {
! 1951: struct Curl_easy *data;
! 1952: char unknown[32];
! 1953: const char *verstr = NULL;
! 1954: struct connectdata *conn = userp;
! 1955:
! 1956: if(!conn || !conn->data || !conn->data->set.fdebug ||
! 1957: (direction != 0 && direction != 1))
! 1958: return;
! 1959:
! 1960: data = conn->data;
! 1961:
! 1962: switch(ssl_ver) {
! 1963: #ifdef SSL2_VERSION /* removed in recent versions */
! 1964: case SSL2_VERSION:
! 1965: verstr = "SSLv2";
! 1966: break;
! 1967: #endif
! 1968: #ifdef SSL3_VERSION
! 1969: case SSL3_VERSION:
! 1970: verstr = "SSLv3";
! 1971: break;
! 1972: #endif
! 1973: case TLS1_VERSION:
! 1974: verstr = "TLSv1.0";
! 1975: break;
! 1976: #ifdef TLS1_1_VERSION
! 1977: case TLS1_1_VERSION:
! 1978: verstr = "TLSv1.1";
! 1979: break;
! 1980: #endif
! 1981: #ifdef TLS1_2_VERSION
! 1982: case TLS1_2_VERSION:
! 1983: verstr = "TLSv1.2";
! 1984: break;
! 1985: #endif
! 1986: #ifdef TLS1_3_VERSION
! 1987: case TLS1_3_VERSION:
! 1988: verstr = "TLSv1.3";
! 1989: break;
! 1990: #endif
! 1991: case 0:
! 1992: break;
! 1993: default:
! 1994: msnprintf(unknown, sizeof(unknown), "(%x)", ssl_ver);
! 1995: verstr = unknown;
! 1996: break;
! 1997: }
! 1998:
! 1999: /* Log progress for interesting records only (like Handshake or Alert), skip
! 2000: * all raw record headers (content_type == SSL3_RT_HEADER or ssl_ver == 0).
! 2001: * For TLS 1.3, skip notification of the decrypted inner Content Type.
! 2002: */
! 2003: if(ssl_ver
! 2004: #ifdef SSL3_RT_INNER_CONTENT_TYPE
! 2005: && content_type != SSL3_RT_INNER_CONTENT_TYPE
! 2006: #endif
! 2007: ) {
! 2008: const char *msg_name, *tls_rt_name;
! 2009: char ssl_buf[1024];
! 2010: int msg_type, txt_len;
! 2011:
! 2012: /* the info given when the version is zero is not that useful for us */
! 2013:
! 2014: ssl_ver >>= 8; /* check the upper 8 bits only below */
! 2015:
! 2016: /* SSLv2 doesn't seem to have TLS record-type headers, so OpenSSL
! 2017: * always pass-up content-type as 0. But the interesting message-type
! 2018: * is at 'buf[0]'.
! 2019: */
! 2020: if(ssl_ver == SSL3_VERSION_MAJOR && content_type)
! 2021: tls_rt_name = tls_rt_type(content_type);
! 2022: else
! 2023: tls_rt_name = "";
! 2024:
! 2025: if(content_type == SSL3_RT_CHANGE_CIPHER_SPEC) {
! 2026: msg_type = *(char *)buf;
! 2027: msg_name = "Change cipher spec";
! 2028: }
! 2029: else if(content_type == SSL3_RT_ALERT) {
! 2030: msg_type = (((char *)buf)[0] << 8) + ((char *)buf)[1];
! 2031: msg_name = SSL_alert_desc_string_long(msg_type);
! 2032: }
! 2033: else {
! 2034: msg_type = *(char *)buf;
! 2035: msg_name = ssl_msg_type(ssl_ver, msg_type);
! 2036: }
! 2037:
! 2038: txt_len = msnprintf(ssl_buf, sizeof(ssl_buf), "%s (%s), %s, %s (%d):\n",
! 2039: verstr, direction?"OUT":"IN",
! 2040: tls_rt_name, msg_name, msg_type);
! 2041: if(0 <= txt_len && (unsigned)txt_len < sizeof(ssl_buf)) {
! 2042: Curl_debug(data, CURLINFO_TEXT, ssl_buf, (size_t)txt_len);
! 2043: }
! 2044: }
! 2045:
! 2046: Curl_debug(data, (direction == 1) ? CURLINFO_SSL_DATA_OUT :
! 2047: CURLINFO_SSL_DATA_IN, (char *)buf, len);
! 2048: (void) ssl;
! 2049: }
! 2050: #endif
! 2051:
! 2052: #ifdef USE_OPENSSL
! 2053: /* ====================================================== */
! 2054:
! 2055: #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
! 2056: # define use_sni(x) sni = (x)
! 2057: #else
! 2058: # define use_sni(x) Curl_nop_stmt
! 2059: #endif
! 2060:
! 2061: /* Check for OpenSSL 1.0.2 which has ALPN support. */
! 2062: #undef HAS_ALPN
! 2063: #if OPENSSL_VERSION_NUMBER >= 0x10002000L \
! 2064: && !defined(OPENSSL_NO_TLSEXT)
! 2065: # define HAS_ALPN 1
! 2066: #endif
! 2067:
! 2068: /* Check for OpenSSL 1.0.1 which has NPN support. */
! 2069: #undef HAS_NPN
! 2070: #if OPENSSL_VERSION_NUMBER >= 0x10001000L \
! 2071: && !defined(OPENSSL_NO_TLSEXT) \
! 2072: && !defined(OPENSSL_NO_NEXTPROTONEG)
! 2073: # define HAS_NPN 1
! 2074: #endif
! 2075:
! 2076: #ifdef HAS_NPN
! 2077:
! 2078: /*
! 2079: * in is a list of length prefixed strings. this function has to select
! 2080: * the protocol we want to use from the list and write its string into out.
! 2081: */
! 2082:
! 2083: static int
! 2084: select_next_protocol(unsigned char **out, unsigned char *outlen,
! 2085: const unsigned char *in, unsigned int inlen,
! 2086: const char *key, unsigned int keylen)
! 2087: {
! 2088: unsigned int i;
! 2089: for(i = 0; i + keylen <= inlen; i += in[i] + 1) {
! 2090: if(memcmp(&in[i + 1], key, keylen) == 0) {
! 2091: *out = (unsigned char *) &in[i + 1];
! 2092: *outlen = in[i];
! 2093: return 0;
! 2094: }
! 2095: }
! 2096: return -1;
! 2097: }
! 2098:
! 2099: static int
! 2100: select_next_proto_cb(SSL *ssl,
! 2101: unsigned char **out, unsigned char *outlen,
! 2102: const unsigned char *in, unsigned int inlen,
! 2103: void *arg)
! 2104: {
! 2105: struct connectdata *conn = (struct connectdata*) arg;
! 2106:
! 2107: (void)ssl;
! 2108:
! 2109: #ifdef USE_NGHTTP2
! 2110: if(conn->data->set.httpversion >= CURL_HTTP_VERSION_2 &&
! 2111: !select_next_protocol(out, outlen, in, inlen, NGHTTP2_PROTO_VERSION_ID,
! 2112: NGHTTP2_PROTO_VERSION_ID_LEN)) {
! 2113: infof(conn->data, "NPN, negotiated HTTP2 (%s)\n",
! 2114: NGHTTP2_PROTO_VERSION_ID);
! 2115: conn->negnpn = CURL_HTTP_VERSION_2;
! 2116: return SSL_TLSEXT_ERR_OK;
! 2117: }
! 2118: #endif
! 2119:
! 2120: if(!select_next_protocol(out, outlen, in, inlen, ALPN_HTTP_1_1,
! 2121: ALPN_HTTP_1_1_LENGTH)) {
! 2122: infof(conn->data, "NPN, negotiated HTTP1.1\n");
! 2123: conn->negnpn = CURL_HTTP_VERSION_1_1;
! 2124: return SSL_TLSEXT_ERR_OK;
! 2125: }
! 2126:
! 2127: infof(conn->data, "NPN, no overlap, use HTTP1.1\n");
! 2128: *out = (unsigned char *)ALPN_HTTP_1_1;
! 2129: *outlen = ALPN_HTTP_1_1_LENGTH;
! 2130: conn->negnpn = CURL_HTTP_VERSION_1_1;
! 2131:
! 2132: return SSL_TLSEXT_ERR_OK;
! 2133: }
! 2134: #endif /* HAS_NPN */
! 2135:
! 2136: #ifndef CURL_DISABLE_VERBOSE_STRINGS
! 2137: static const char *
! 2138: get_ssl_version_txt(SSL *ssl)
! 2139: {
! 2140: if(!ssl)
! 2141: return "";
! 2142:
! 2143: switch(SSL_version(ssl)) {
! 2144: #ifdef TLS1_3_VERSION
! 2145: case TLS1_3_VERSION:
! 2146: return "TLSv1.3";
! 2147: #endif
! 2148: #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2149: case TLS1_2_VERSION:
! 2150: return "TLSv1.2";
! 2151: case TLS1_1_VERSION:
! 2152: return "TLSv1.1";
! 2153: #endif
! 2154: case TLS1_VERSION:
! 2155: return "TLSv1.0";
! 2156: case SSL3_VERSION:
! 2157: return "SSLv3";
! 2158: case SSL2_VERSION:
! 2159: return "SSLv2";
! 2160: }
! 2161: return "unknown";
! 2162: }
! 2163: #endif
! 2164:
! 2165: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) /* 1.1.0 */
! 2166: static CURLcode
! 2167: set_ssl_version_min_max(SSL_CTX *ctx, struct connectdata *conn)
! 2168: {
! 2169: /* first, TLS min version... */
! 2170: long curl_ssl_version_min = SSL_CONN_CONFIG(version);
! 2171: long curl_ssl_version_max;
! 2172:
! 2173: /* convert cURL min SSL version option to OpenSSL constant */
! 2174: #if defined(OPENSSL_IS_BORINGSSL) || defined(LIBRESSL_VERSION_NUMBER)
! 2175: uint16_t ossl_ssl_version_min = 0;
! 2176: uint16_t ossl_ssl_version_max = 0;
! 2177: #else
! 2178: long ossl_ssl_version_min = 0;
! 2179: long ossl_ssl_version_max = 0;
! 2180: #endif
! 2181: switch(curl_ssl_version_min) {
! 2182: case CURL_SSLVERSION_TLSv1: /* TLS 1.x */
! 2183: case CURL_SSLVERSION_TLSv1_0:
! 2184: ossl_ssl_version_min = TLS1_VERSION;
! 2185: break;
! 2186: case CURL_SSLVERSION_TLSv1_1:
! 2187: ossl_ssl_version_min = TLS1_1_VERSION;
! 2188: break;
! 2189: case CURL_SSLVERSION_TLSv1_2:
! 2190: ossl_ssl_version_min = TLS1_2_VERSION;
! 2191: break;
! 2192: #ifdef TLS1_3_VERSION
! 2193: case CURL_SSLVERSION_TLSv1_3:
! 2194: ossl_ssl_version_min = TLS1_3_VERSION;
! 2195: break;
! 2196: #endif
! 2197: }
! 2198:
! 2199: /* CURL_SSLVERSION_DEFAULT means that no option was selected.
! 2200: We don't want to pass 0 to SSL_CTX_set_min_proto_version as
! 2201: it would enable all versions down to the lowest supported by
! 2202: the library.
! 2203: So we skip this, and stay with the OS default
! 2204: */
! 2205: if(curl_ssl_version_min != CURL_SSLVERSION_DEFAULT) {
! 2206: if(!SSL_CTX_set_min_proto_version(ctx, ossl_ssl_version_min)) {
! 2207: return CURLE_SSL_CONNECT_ERROR;
! 2208: }
! 2209: }
! 2210:
! 2211: /* ... then, TLS max version */
! 2212: curl_ssl_version_max = SSL_CONN_CONFIG(version_max);
! 2213:
! 2214: /* convert cURL max SSL version option to OpenSSL constant */
! 2215: switch(curl_ssl_version_max) {
! 2216: case CURL_SSLVERSION_MAX_TLSv1_0:
! 2217: ossl_ssl_version_max = TLS1_VERSION;
! 2218: break;
! 2219: case CURL_SSLVERSION_MAX_TLSv1_1:
! 2220: ossl_ssl_version_max = TLS1_1_VERSION;
! 2221: break;
! 2222: case CURL_SSLVERSION_MAX_TLSv1_2:
! 2223: ossl_ssl_version_max = TLS1_2_VERSION;
! 2224: break;
! 2225: #ifdef TLS1_3_VERSION
! 2226: case CURL_SSLVERSION_MAX_TLSv1_3:
! 2227: ossl_ssl_version_max = TLS1_3_VERSION;
! 2228: break;
! 2229: #endif
! 2230: case CURL_SSLVERSION_MAX_NONE: /* none selected */
! 2231: case CURL_SSLVERSION_MAX_DEFAULT: /* max selected */
! 2232: default:
! 2233: /* SSL_CTX_set_max_proto_version states that:
! 2234: setting the maximum to 0 will enable
! 2235: protocol versions up to the highest version
! 2236: supported by the library */
! 2237: ossl_ssl_version_max = 0;
! 2238: break;
! 2239: }
! 2240:
! 2241: if(!SSL_CTX_set_max_proto_version(ctx, ossl_ssl_version_max)) {
! 2242: return CURLE_SSL_CONNECT_ERROR;
! 2243: }
! 2244:
! 2245: return CURLE_OK;
! 2246: }
! 2247: #endif
! 2248:
! 2249: #ifdef OPENSSL_IS_BORINGSSL
! 2250: typedef uint32_t ctx_option_t;
! 2251: #else
! 2252: typedef long ctx_option_t;
! 2253: #endif
! 2254:
! 2255: #if (OPENSSL_VERSION_NUMBER < 0x10100000L) /* 1.1.0 */
! 2256: static CURLcode
! 2257: set_ssl_version_min_max_legacy(ctx_option_t *ctx_options,
! 2258: struct connectdata *conn, int sockindex)
! 2259: {
! 2260: #if (OPENSSL_VERSION_NUMBER < 0x1000100FL) || !defined(TLS1_3_VERSION)
! 2261: /* convoluted #if condition just to avoid compiler warnings on unused
! 2262: variable */
! 2263: struct Curl_easy *data = conn->data;
! 2264: #endif
! 2265: long ssl_version = SSL_CONN_CONFIG(version);
! 2266: long ssl_version_max = SSL_CONN_CONFIG(version_max);
! 2267:
! 2268: switch(ssl_version) {
! 2269: case CURL_SSLVERSION_TLSv1_3:
! 2270: #ifdef TLS1_3_VERSION
! 2271: {
! 2272: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 2273: SSL_CTX_set_max_proto_version(backend->ctx, TLS1_3_VERSION);
! 2274: *ctx_options |= SSL_OP_NO_TLSv1_2;
! 2275: }
! 2276: #else
! 2277: (void)sockindex;
! 2278: (void)ctx_options;
! 2279: failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
! 2280: return CURLE_NOT_BUILT_IN;
! 2281: #endif
! 2282: /* FALLTHROUGH */
! 2283: case CURL_SSLVERSION_TLSv1_2:
! 2284: #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2285: *ctx_options |= SSL_OP_NO_TLSv1_1;
! 2286: #else
! 2287: failf(data, OSSL_PACKAGE " was built without TLS 1.2 support");
! 2288: return CURLE_NOT_BUILT_IN;
! 2289: #endif
! 2290: /* FALLTHROUGH */
! 2291: case CURL_SSLVERSION_TLSv1_1:
! 2292: #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2293: *ctx_options |= SSL_OP_NO_TLSv1;
! 2294: #else
! 2295: failf(data, OSSL_PACKAGE " was built without TLS 1.1 support");
! 2296: return CURLE_NOT_BUILT_IN;
! 2297: #endif
! 2298: /* FALLTHROUGH */
! 2299: case CURL_SSLVERSION_TLSv1_0:
! 2300: case CURL_SSLVERSION_TLSv1:
! 2301: break;
! 2302: }
! 2303:
! 2304: switch(ssl_version_max) {
! 2305: case CURL_SSLVERSION_MAX_TLSv1_0:
! 2306: #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2307: *ctx_options |= SSL_OP_NO_TLSv1_1;
! 2308: #endif
! 2309: /* FALLTHROUGH */
! 2310: case CURL_SSLVERSION_MAX_TLSv1_1:
! 2311: #if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2312: *ctx_options |= SSL_OP_NO_TLSv1_2;
! 2313: #endif
! 2314: /* FALLTHROUGH */
! 2315: case CURL_SSLVERSION_MAX_TLSv1_2:
! 2316: #ifdef TLS1_3_VERSION
! 2317: *ctx_options |= SSL_OP_NO_TLSv1_3;
! 2318: #endif
! 2319: break;
! 2320: case CURL_SSLVERSION_MAX_TLSv1_3:
! 2321: #ifdef TLS1_3_VERSION
! 2322: break;
! 2323: #else
! 2324: failf(data, OSSL_PACKAGE " was built without TLS 1.3 support");
! 2325: return CURLE_NOT_BUILT_IN;
! 2326: #endif
! 2327: }
! 2328: return CURLE_OK;
! 2329: }
! 2330: #endif
! 2331:
! 2332: /* The "new session" callback must return zero if the session can be removed
! 2333: * or non-zero if the session has been put into the session cache.
! 2334: */
! 2335: static int ossl_new_session_cb(SSL *ssl, SSL_SESSION *ssl_sessionid)
! 2336: {
! 2337: int res = 0;
! 2338: struct connectdata *conn;
! 2339: struct Curl_easy *data;
! 2340: int sockindex;
! 2341: curl_socket_t *sockindex_ptr;
! 2342: int connectdata_idx = ossl_get_ssl_conn_index();
! 2343: int sockindex_idx = ossl_get_ssl_sockindex_index();
! 2344:
! 2345: if(connectdata_idx < 0 || sockindex_idx < 0)
! 2346: return 0;
! 2347:
! 2348: conn = (struct connectdata*) SSL_get_ex_data(ssl, connectdata_idx);
! 2349: if(!conn)
! 2350: return 0;
! 2351:
! 2352: data = conn->data;
! 2353:
! 2354: /* The sockindex has been stored as a pointer to an array element */
! 2355: sockindex_ptr = (curl_socket_t*) SSL_get_ex_data(ssl, sockindex_idx);
! 2356: sockindex = (int)(sockindex_ptr - conn->sock);
! 2357:
! 2358: if(SSL_SET_OPTION(primary.sessionid)) {
! 2359: bool incache;
! 2360: void *old_ssl_sessionid = NULL;
! 2361:
! 2362: Curl_ssl_sessionid_lock(conn);
! 2363: incache = !(Curl_ssl_getsessionid(conn, &old_ssl_sessionid, NULL,
! 2364: sockindex));
! 2365: if(incache) {
! 2366: if(old_ssl_sessionid != ssl_sessionid) {
! 2367: infof(data, "old SSL session ID is stale, removing\n");
! 2368: Curl_ssl_delsessionid(conn, old_ssl_sessionid);
! 2369: incache = FALSE;
! 2370: }
! 2371: }
! 2372:
! 2373: if(!incache) {
! 2374: if(!Curl_ssl_addsessionid(conn, ssl_sessionid,
! 2375: 0 /* unknown size */, sockindex)) {
! 2376: /* the session has been put into the session cache */
! 2377: res = 1;
! 2378: }
! 2379: else
! 2380: failf(data, "failed to store ssl session");
! 2381: }
! 2382: Curl_ssl_sessionid_unlock(conn);
! 2383: }
! 2384:
! 2385: return res;
! 2386: }
! 2387:
! 2388: static CURLcode ossl_connect_step1(struct connectdata *conn, int sockindex)
! 2389: {
! 2390: CURLcode result = CURLE_OK;
! 2391: char *ciphers;
! 2392: struct Curl_easy *data = conn->data;
! 2393: SSL_METHOD_QUAL SSL_METHOD *req_method = NULL;
! 2394: X509_LOOKUP *lookup = NULL;
! 2395: curl_socket_t sockfd = conn->sock[sockindex];
! 2396: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 2397: ctx_option_t ctx_options = 0;
! 2398:
! 2399: #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
! 2400: bool sni;
! 2401: const char * const hostname = SSL_IS_PROXY() ? conn->http_proxy.host.name :
! 2402: conn->host.name;
! 2403: #ifdef ENABLE_IPV6
! 2404: struct in6_addr addr;
! 2405: #else
! 2406: struct in_addr addr;
! 2407: #endif
! 2408: #endif
! 2409: long * const certverifyresult = SSL_IS_PROXY() ?
! 2410: &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
! 2411: const long int ssl_version = SSL_CONN_CONFIG(version);
! 2412: #ifdef USE_TLS_SRP
! 2413: const enum CURL_TLSAUTH ssl_authtype = SSL_SET_OPTION(authtype);
! 2414: #endif
! 2415: char * const ssl_cert = SSL_SET_OPTION(cert);
! 2416: const char * const ssl_cert_type = SSL_SET_OPTION(cert_type);
! 2417: const char * const ssl_cafile = SSL_CONN_CONFIG(CAfile);
! 2418: const char * const ssl_capath = SSL_CONN_CONFIG(CApath);
! 2419: const bool verifypeer = SSL_CONN_CONFIG(verifypeer);
! 2420: const char * const ssl_crlfile = SSL_SET_OPTION(CRLfile);
! 2421: char error_buffer[256];
! 2422: struct ssl_backend_data *backend = connssl->backend;
! 2423:
! 2424: DEBUGASSERT(ssl_connect_1 == connssl->connecting_state);
! 2425:
! 2426: /* Make funny stuff to get random input */
! 2427: result = Curl_ossl_seed(data);
! 2428: if(result)
! 2429: return result;
! 2430:
! 2431: *certverifyresult = !X509_V_OK;
! 2432:
! 2433: /* check to see if we've been told to use an explicit SSL/TLS version */
! 2434:
! 2435: switch(ssl_version) {
! 2436: case CURL_SSLVERSION_DEFAULT:
! 2437: case CURL_SSLVERSION_TLSv1:
! 2438: case CURL_SSLVERSION_TLSv1_0:
! 2439: case CURL_SSLVERSION_TLSv1_1:
! 2440: case CURL_SSLVERSION_TLSv1_2:
! 2441: case CURL_SSLVERSION_TLSv1_3:
! 2442: /* it will be handled later with the context options */
! 2443: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
! 2444: req_method = TLS_client_method();
! 2445: #else
! 2446: req_method = SSLv23_client_method();
! 2447: #endif
! 2448: use_sni(TRUE);
! 2449: break;
! 2450: case CURL_SSLVERSION_SSLv2:
! 2451: #ifdef OPENSSL_NO_SSL2
! 2452: failf(data, OSSL_PACKAGE " was built without SSLv2 support");
! 2453: return CURLE_NOT_BUILT_IN;
! 2454: #else
! 2455: #ifdef USE_TLS_SRP
! 2456: if(ssl_authtype == CURL_TLSAUTH_SRP)
! 2457: return CURLE_SSL_CONNECT_ERROR;
! 2458: #endif
! 2459: req_method = SSLv2_client_method();
! 2460: use_sni(FALSE);
! 2461: break;
! 2462: #endif
! 2463: case CURL_SSLVERSION_SSLv3:
! 2464: #ifdef OPENSSL_NO_SSL3_METHOD
! 2465: failf(data, OSSL_PACKAGE " was built without SSLv3 support");
! 2466: return CURLE_NOT_BUILT_IN;
! 2467: #else
! 2468: #ifdef USE_TLS_SRP
! 2469: if(ssl_authtype == CURL_TLSAUTH_SRP)
! 2470: return CURLE_SSL_CONNECT_ERROR;
! 2471: #endif
! 2472: req_method = SSLv3_client_method();
! 2473: use_sni(FALSE);
! 2474: break;
! 2475: #endif
! 2476: default:
! 2477: failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
! 2478: return CURLE_SSL_CONNECT_ERROR;
! 2479: }
! 2480:
! 2481: if(backend->ctx)
! 2482: SSL_CTX_free(backend->ctx);
! 2483: backend->ctx = SSL_CTX_new(req_method);
! 2484:
! 2485: if(!backend->ctx) {
! 2486: failf(data, "SSL: couldn't create a context: %s",
! 2487: ossl_strerror(ERR_peek_error(), error_buffer, sizeof(error_buffer)));
! 2488: return CURLE_OUT_OF_MEMORY;
! 2489: }
! 2490:
! 2491: #ifdef SSL_MODE_RELEASE_BUFFERS
! 2492: SSL_CTX_set_mode(backend->ctx, SSL_MODE_RELEASE_BUFFERS);
! 2493: #endif
! 2494:
! 2495: #ifdef SSL_CTRL_SET_MSG_CALLBACK
! 2496: if(data->set.fdebug && data->set.verbose) {
! 2497: /* the SSL trace callback is only used for verbose logging */
! 2498: SSL_CTX_set_msg_callback(backend->ctx, ssl_tls_trace);
! 2499: SSL_CTX_set_msg_callback_arg(backend->ctx, conn);
! 2500: }
! 2501: #endif
! 2502:
! 2503: /* OpenSSL contains code to work-around lots of bugs and flaws in various
! 2504: SSL-implementations. SSL_CTX_set_options() is used to enabled those
! 2505: work-arounds. The man page for this option states that SSL_OP_ALL enables
! 2506: all the work-arounds and that "It is usually safe to use SSL_OP_ALL to
! 2507: enable the bug workaround options if compatibility with somewhat broken
! 2508: implementations is desired."
! 2509:
! 2510: The "-no_ticket" option was introduced in Openssl0.9.8j. It's a flag to
! 2511: disable "rfc4507bis session ticket support". rfc4507bis was later turned
! 2512: into the proper RFC5077 it seems: https://tools.ietf.org/html/rfc5077
! 2513:
! 2514: The enabled extension concerns the session management. I wonder how often
! 2515: libcurl stops a connection and then resumes a TLS session. also, sending
! 2516: the session data is some overhead. .I suggest that you just use your
! 2517: proposed patch (which explicitly disables TICKET).
! 2518:
! 2519: If someone writes an application with libcurl and openssl who wants to
! 2520: enable the feature, one can do this in the SSL callback.
! 2521:
! 2522: SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG option enabling allowed proper
! 2523: interoperability with web server Netscape Enterprise Server 2.0.1 which
! 2524: was released back in 1996.
! 2525:
! 2526: Due to CVE-2010-4180, option SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG has
! 2527: become ineffective as of OpenSSL 0.9.8q and 1.0.0c. In order to mitigate
! 2528: CVE-2010-4180 when using previous OpenSSL versions we no longer enable
! 2529: this option regardless of OpenSSL version and SSL_OP_ALL definition.
! 2530:
! 2531: OpenSSL added a work-around for a SSL 3.0/TLS 1.0 CBC vulnerability
! 2532: (https://www.openssl.org/~bodo/tls-cbc.txt). In 0.9.6e they added a bit to
! 2533: SSL_OP_ALL that _disables_ that work-around despite the fact that
! 2534: SSL_OP_ALL is documented to do "rather harmless" workarounds. In order to
! 2535: keep the secure work-around, the SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS bit
! 2536: must not be set.
! 2537: */
! 2538:
! 2539: ctx_options = SSL_OP_ALL;
! 2540:
! 2541: #ifdef SSL_OP_NO_TICKET
! 2542: ctx_options |= SSL_OP_NO_TICKET;
! 2543: #endif
! 2544:
! 2545: #ifdef SSL_OP_NO_COMPRESSION
! 2546: ctx_options |= SSL_OP_NO_COMPRESSION;
! 2547: #endif
! 2548:
! 2549: #ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
! 2550: /* mitigate CVE-2010-4180 */
! 2551: ctx_options &= ~SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG;
! 2552: #endif
! 2553:
! 2554: #ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
! 2555: /* unless the user explicitly ask to allow the protocol vulnerability we
! 2556: use the work-around */
! 2557: if(!SSL_SET_OPTION(enable_beast))
! 2558: ctx_options &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
! 2559: #endif
! 2560:
! 2561: switch(ssl_version) {
! 2562: /* "--sslv2" option means SSLv2 only, disable all others */
! 2563: case CURL_SSLVERSION_SSLv2:
! 2564: #if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */
! 2565: SSL_CTX_set_min_proto_version(backend->ctx, SSL2_VERSION);
! 2566: SSL_CTX_set_max_proto_version(backend->ctx, SSL2_VERSION);
! 2567: #else
! 2568: ctx_options |= SSL_OP_NO_SSLv3;
! 2569: ctx_options |= SSL_OP_NO_TLSv1;
! 2570: # if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2571: ctx_options |= SSL_OP_NO_TLSv1_1;
! 2572: ctx_options |= SSL_OP_NO_TLSv1_2;
! 2573: # ifdef TLS1_3_VERSION
! 2574: ctx_options |= SSL_OP_NO_TLSv1_3;
! 2575: # endif
! 2576: # endif
! 2577: #endif
! 2578: break;
! 2579:
! 2580: /* "--sslv3" option means SSLv3 only, disable all others */
! 2581: case CURL_SSLVERSION_SSLv3:
! 2582: #if OPENSSL_VERSION_NUMBER >= 0x10100000L /* 1.1.0 */
! 2583: SSL_CTX_set_min_proto_version(backend->ctx, SSL3_VERSION);
! 2584: SSL_CTX_set_max_proto_version(backend->ctx, SSL3_VERSION);
! 2585: #else
! 2586: ctx_options |= SSL_OP_NO_SSLv2;
! 2587: ctx_options |= SSL_OP_NO_TLSv1;
! 2588: # if OPENSSL_VERSION_NUMBER >= 0x1000100FL
! 2589: ctx_options |= SSL_OP_NO_TLSv1_1;
! 2590: ctx_options |= SSL_OP_NO_TLSv1_2;
! 2591: # ifdef TLS1_3_VERSION
! 2592: ctx_options |= SSL_OP_NO_TLSv1_3;
! 2593: # endif
! 2594: # endif
! 2595: #endif
! 2596: break;
! 2597:
! 2598: /* "--tlsv<x.y>" options mean TLS >= version <x.y> */
! 2599: case CURL_SSLVERSION_DEFAULT:
! 2600: case CURL_SSLVERSION_TLSv1: /* TLS >= version 1.0 */
! 2601: case CURL_SSLVERSION_TLSv1_0: /* TLS >= version 1.0 */
! 2602: case CURL_SSLVERSION_TLSv1_1: /* TLS >= version 1.1 */
! 2603: case CURL_SSLVERSION_TLSv1_2: /* TLS >= version 1.2 */
! 2604: case CURL_SSLVERSION_TLSv1_3: /* TLS >= version 1.3 */
! 2605: /* asking for any TLS version as the minimum, means no SSL versions
! 2606: allowed */
! 2607: ctx_options |= SSL_OP_NO_SSLv2;
! 2608: ctx_options |= SSL_OP_NO_SSLv3;
! 2609:
! 2610: #if (OPENSSL_VERSION_NUMBER >= 0x10100000L) /* 1.1.0 */
! 2611: result = set_ssl_version_min_max(backend->ctx, conn);
! 2612: #else
! 2613: result = set_ssl_version_min_max_legacy(&ctx_options, conn, sockindex);
! 2614: #endif
! 2615: if(result != CURLE_OK)
! 2616: return result;
! 2617: break;
! 2618:
! 2619: default:
! 2620: failf(data, "Unrecognized parameter passed via CURLOPT_SSLVERSION");
! 2621: return CURLE_SSL_CONNECT_ERROR;
! 2622: }
! 2623:
! 2624: SSL_CTX_set_options(backend->ctx, ctx_options);
! 2625:
! 2626: #ifdef HAS_NPN
! 2627: if(conn->bits.tls_enable_npn)
! 2628: SSL_CTX_set_next_proto_select_cb(backend->ctx, select_next_proto_cb, conn);
! 2629: #endif
! 2630:
! 2631: #ifdef HAS_ALPN
! 2632: if(conn->bits.tls_enable_alpn) {
! 2633: int cur = 0;
! 2634: unsigned char protocols[128];
! 2635:
! 2636: #ifdef USE_NGHTTP2
! 2637: if(data->set.httpversion >= CURL_HTTP_VERSION_2 &&
! 2638: (!SSL_IS_PROXY() || !conn->bits.tunnel_proxy)) {
! 2639: protocols[cur++] = NGHTTP2_PROTO_VERSION_ID_LEN;
! 2640:
! 2641: memcpy(&protocols[cur], NGHTTP2_PROTO_VERSION_ID,
! 2642: NGHTTP2_PROTO_VERSION_ID_LEN);
! 2643: cur += NGHTTP2_PROTO_VERSION_ID_LEN;
! 2644: infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID);
! 2645: }
! 2646: #endif
! 2647:
! 2648: protocols[cur++] = ALPN_HTTP_1_1_LENGTH;
! 2649: memcpy(&protocols[cur], ALPN_HTTP_1_1, ALPN_HTTP_1_1_LENGTH);
! 2650: cur += ALPN_HTTP_1_1_LENGTH;
! 2651: infof(data, "ALPN, offering %s\n", ALPN_HTTP_1_1);
! 2652:
! 2653: /* expects length prefixed preference ordered list of protocols in wire
! 2654: * format
! 2655: */
! 2656: SSL_CTX_set_alpn_protos(backend->ctx, protocols, cur);
! 2657: }
! 2658: #endif
! 2659:
! 2660: if(ssl_cert || ssl_cert_type) {
! 2661: if(!cert_stuff(conn, backend->ctx, ssl_cert, ssl_cert_type,
! 2662: SSL_SET_OPTION(key), SSL_SET_OPTION(key_type),
! 2663: SSL_SET_OPTION(key_passwd))) {
! 2664: /* failf() is already done in cert_stuff() */
! 2665: return CURLE_SSL_CERTPROBLEM;
! 2666: }
! 2667: }
! 2668:
! 2669: ciphers = SSL_CONN_CONFIG(cipher_list);
! 2670: if(!ciphers)
! 2671: ciphers = (char *)DEFAULT_CIPHER_SELECTION;
! 2672: if(ciphers) {
! 2673: if(!SSL_CTX_set_cipher_list(backend->ctx, ciphers)) {
! 2674: failf(data, "failed setting cipher list: %s", ciphers);
! 2675: return CURLE_SSL_CIPHER;
! 2676: }
! 2677: infof(data, "Cipher selection: %s\n", ciphers);
! 2678: }
! 2679:
! 2680: #ifdef HAVE_SSL_CTX_SET_CIPHERSUITES
! 2681: {
! 2682: char *ciphers13 = SSL_CONN_CONFIG(cipher_list13);
! 2683: if(ciphers13) {
! 2684: if(!SSL_CTX_set_ciphersuites(backend->ctx, ciphers13)) {
! 2685: failf(data, "failed setting TLS 1.3 cipher suite: %s", ciphers13);
! 2686: return CURLE_SSL_CIPHER;
! 2687: }
! 2688: infof(data, "TLS 1.3 cipher selection: %s\n", ciphers13);
! 2689: }
! 2690: }
! 2691: #endif
! 2692:
! 2693: #ifdef HAVE_SSL_CTX_SET_POST_HANDSHAKE_AUTH
! 2694: /* OpenSSL 1.1.1 requires clients to opt-in for PHA */
! 2695: SSL_CTX_set_post_handshake_auth(backend->ctx, 1);
! 2696: #endif
! 2697:
! 2698: #ifdef USE_TLS_SRP
! 2699: if(ssl_authtype == CURL_TLSAUTH_SRP) {
! 2700: char * const ssl_username = SSL_SET_OPTION(username);
! 2701:
! 2702: infof(data, "Using TLS-SRP username: %s\n", ssl_username);
! 2703:
! 2704: if(!SSL_CTX_set_srp_username(backend->ctx, ssl_username)) {
! 2705: failf(data, "Unable to set SRP user name");
! 2706: return CURLE_BAD_FUNCTION_ARGUMENT;
! 2707: }
! 2708: if(!SSL_CTX_set_srp_password(backend->ctx, SSL_SET_OPTION(password))) {
! 2709: failf(data, "failed setting SRP password");
! 2710: return CURLE_BAD_FUNCTION_ARGUMENT;
! 2711: }
! 2712: if(!SSL_CONN_CONFIG(cipher_list)) {
! 2713: infof(data, "Setting cipher list SRP\n");
! 2714:
! 2715: if(!SSL_CTX_set_cipher_list(backend->ctx, "SRP")) {
! 2716: failf(data, "failed setting SRP cipher list");
! 2717: return CURLE_SSL_CIPHER;
! 2718: }
! 2719: }
! 2720: }
! 2721: #endif
! 2722:
! 2723: #if defined(OPENSSL_VERSION_MAJOR) && (OPENSSL_VERSION_MAJOR >= 3)
! 2724: /* OpenSSL 3.0.0 has deprecated SSL_CTX_load_verify_locations */
! 2725: if(ssl_cafile) {
! 2726: if(!SSL_CTX_load_verify_file(backend->ctx, ssl_cafile)) {
! 2727: if(verifypeer) {
! 2728: /* Fail if we insist on successfully verifying the server. */
! 2729: failf(data, "error setting certificate file: %s", ssl_cafile);
! 2730: return CURLE_SSL_CACERT_BADFILE;
! 2731: }
! 2732: /* Continue with a warning if no certificate verification is required. */
! 2733: infof(data, "error setting certificate file, continuing anyway\n");
! 2734: }
! 2735: infof(data, " CAfile: %s\n", ssl_cafile);
! 2736: }
! 2737: if(ssl_capath) {
! 2738: if(!SSL_CTX_load_verify_dir(backend->ctx, ssl_capath)) {
! 2739: if(verifypeer) {
! 2740: /* Fail if we insist on successfully verifying the server. */
! 2741: failf(data, "error setting certificate path: %s", ssl_capath);
! 2742: return CURLE_SSL_CACERT_BADFILE;
! 2743: }
! 2744: /* Continue with a warning if no certificate verification is required. */
! 2745: infof(data, "error setting certificate path, continuing anyway\n");
! 2746: }
! 2747: infof(data, " CApath: %s\n", ssl_capath);
! 2748: }
! 2749: #else
! 2750: if(ssl_cafile || ssl_capath) {
! 2751: /* tell SSL where to find CA certificates that are used to verify
! 2752: the servers certificate. */
! 2753: if(!SSL_CTX_load_verify_locations(backend->ctx, ssl_cafile, ssl_capath)) {
! 2754: if(verifypeer) {
! 2755: /* Fail if we insist on successfully verifying the server. */
! 2756: failf(data, "error setting certificate verify locations:\n"
! 2757: " CAfile: %s\n CApath: %s",
! 2758: ssl_cafile ? ssl_cafile : "none",
! 2759: ssl_capath ? ssl_capath : "none");
! 2760: return CURLE_SSL_CACERT_BADFILE;
! 2761: }
! 2762: /* Just continue with a warning if no strict certificate verification
! 2763: is required. */
! 2764: infof(data, "error setting certificate verify locations,"
! 2765: " continuing anyway:\n");
! 2766: }
! 2767: else {
! 2768: /* Everything is fine. */
! 2769: infof(data, "successfully set certificate verify locations:\n");
! 2770: }
! 2771: infof(data,
! 2772: " CAfile: %s\n"
! 2773: " CApath: %s\n",
! 2774: ssl_cafile ? ssl_cafile : "none",
! 2775: ssl_capath ? ssl_capath : "none");
! 2776: }
! 2777: #endif
! 2778:
! 2779: #ifdef CURL_CA_FALLBACK
! 2780: else if(verifypeer) {
! 2781: /* verifying the peer without any CA certificates won't
! 2782: work so use openssl's built in default as fallback */
! 2783: SSL_CTX_set_default_verify_paths(backend->ctx);
! 2784: }
! 2785: #endif
! 2786:
! 2787: if(ssl_crlfile) {
! 2788: /* tell SSL where to find CRL file that is used to check certificate
! 2789: * revocation */
! 2790: lookup = X509_STORE_add_lookup(SSL_CTX_get_cert_store(backend->ctx),
! 2791: X509_LOOKUP_file());
! 2792: if(!lookup ||
! 2793: (!X509_load_crl_file(lookup, ssl_crlfile, X509_FILETYPE_PEM)) ) {
! 2794: failf(data, "error loading CRL file: %s", ssl_crlfile);
! 2795: return CURLE_SSL_CRL_BADFILE;
! 2796: }
! 2797: /* Everything is fine. */
! 2798: infof(data, "successfully load CRL file:\n");
! 2799: X509_STORE_set_flags(SSL_CTX_get_cert_store(backend->ctx),
! 2800: X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
! 2801:
! 2802: infof(data, " CRLfile: %s\n", ssl_crlfile);
! 2803: }
! 2804:
! 2805: if(verifypeer) {
! 2806: /* Try building a chain using issuers in the trusted store first to avoid
! 2807: problems with server-sent legacy intermediates. Newer versions of
! 2808: OpenSSL do alternate chain checking by default which gives us the same
! 2809: fix without as much of a performance hit (slight), so we prefer that if
! 2810: available.
! 2811: https://rt.openssl.org/Ticket/Display.html?id=3621&user=guest&pass=guest
! 2812: */
! 2813: #if defined(X509_V_FLAG_TRUSTED_FIRST) && !defined(X509_V_FLAG_NO_ALT_CHAINS)
! 2814: X509_STORE_set_flags(SSL_CTX_get_cert_store(backend->ctx),
! 2815: X509_V_FLAG_TRUSTED_FIRST);
! 2816: #endif
! 2817: #ifdef X509_V_FLAG_PARTIAL_CHAIN
! 2818: if(!SSL_SET_OPTION(no_partialchain)) {
! 2819: /* Have intermediate certificates in the trust store be treated as
! 2820: trust-anchors, in the same way as self-signed root CA certificates
! 2821: are. This allows users to verify servers using the intermediate cert
! 2822: only, instead of needing the whole chain. */
! 2823: X509_STORE_set_flags(SSL_CTX_get_cert_store(backend->ctx),
! 2824: X509_V_FLAG_PARTIAL_CHAIN);
! 2825: }
! 2826: #endif
! 2827: }
! 2828:
! 2829: /* SSL always tries to verify the peer, this only says whether it should
! 2830: * fail to connect if the verification fails, or if it should continue
! 2831: * anyway. In the latter case the result of the verification is checked with
! 2832: * SSL_get_verify_result() below. */
! 2833: SSL_CTX_set_verify(backend->ctx,
! 2834: verifypeer ? SSL_VERIFY_PEER : SSL_VERIFY_NONE, NULL);
! 2835:
! 2836: /* Enable logging of secrets to the file specified in env SSLKEYLOGFILE. */
! 2837: #if defined(ENABLE_SSLKEYLOGFILE) && defined(HAVE_KEYLOG_CALLBACK)
! 2838: if(keylog_file_fp) {
! 2839: SSL_CTX_set_keylog_callback(backend->ctx, ossl_keylog_callback);
! 2840: }
! 2841: #endif
! 2842:
! 2843: /* Enable the session cache because it's a prerequisite for the "new session"
! 2844: * callback. Use the "external storage" mode to avoid that OpenSSL creates
! 2845: * an internal session cache.
! 2846: */
! 2847: SSL_CTX_set_session_cache_mode(backend->ctx,
! 2848: SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL);
! 2849: SSL_CTX_sess_set_new_cb(backend->ctx, ossl_new_session_cb);
! 2850:
! 2851: /* give application a chance to interfere with SSL set up. */
! 2852: if(data->set.ssl.fsslctx) {
! 2853: Curl_set_in_callback(data, true);
! 2854: result = (*data->set.ssl.fsslctx)(data, backend->ctx,
! 2855: data->set.ssl.fsslctxp);
! 2856: Curl_set_in_callback(data, false);
! 2857: if(result) {
! 2858: failf(data, "error signaled by ssl ctx callback");
! 2859: return result;
! 2860: }
! 2861: }
! 2862:
! 2863: /* Lets make an SSL structure */
! 2864: if(backend->handle)
! 2865: SSL_free(backend->handle);
! 2866: backend->handle = SSL_new(backend->ctx);
! 2867: if(!backend->handle) {
! 2868: failf(data, "SSL: couldn't create a context (handle)!");
! 2869: return CURLE_OUT_OF_MEMORY;
! 2870: }
! 2871:
! 2872: #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
! 2873: !defined(OPENSSL_NO_OCSP)
! 2874: if(SSL_CONN_CONFIG(verifystatus))
! 2875: SSL_set_tlsext_status_type(backend->handle, TLSEXT_STATUSTYPE_ocsp);
! 2876: #endif
! 2877:
! 2878: #if defined(OPENSSL_IS_BORINGSSL) && defined(ALLOW_RENEG)
! 2879: SSL_set_renegotiate_mode(backend->handle, ssl_renegotiate_freely);
! 2880: #endif
! 2881:
! 2882: SSL_set_connect_state(backend->handle);
! 2883:
! 2884: backend->server_cert = 0x0;
! 2885: #ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
! 2886: if((0 == Curl_inet_pton(AF_INET, hostname, &addr)) &&
! 2887: #ifdef ENABLE_IPV6
! 2888: (0 == Curl_inet_pton(AF_INET6, hostname, &addr)) &&
! 2889: #endif
! 2890: sni &&
! 2891: !SSL_set_tlsext_host_name(backend->handle, hostname))
! 2892: infof(data, "WARNING: failed to configure server name indication (SNI) "
! 2893: "TLS extension\n");
! 2894: #endif
! 2895:
! 2896: /* Check if there's a cached ID we can/should use here! */
! 2897: if(SSL_SET_OPTION(primary.sessionid)) {
! 2898: void *ssl_sessionid = NULL;
! 2899: int connectdata_idx = ossl_get_ssl_conn_index();
! 2900: int sockindex_idx = ossl_get_ssl_sockindex_index();
! 2901:
! 2902: if(connectdata_idx >= 0 && sockindex_idx >= 0) {
! 2903: /* Store the data needed for the "new session" callback.
! 2904: * The sockindex is stored as a pointer to an array element. */
! 2905: SSL_set_ex_data(backend->handle, connectdata_idx, conn);
! 2906: SSL_set_ex_data(backend->handle, sockindex_idx, conn->sock + sockindex);
! 2907: }
! 2908:
! 2909: Curl_ssl_sessionid_lock(conn);
! 2910: if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, NULL, sockindex)) {
! 2911: /* we got a session id, use it! */
! 2912: if(!SSL_set_session(backend->handle, ssl_sessionid)) {
! 2913: Curl_ssl_sessionid_unlock(conn);
! 2914: failf(data, "SSL: SSL_set_session failed: %s",
! 2915: ossl_strerror(ERR_get_error(), error_buffer,
! 2916: sizeof(error_buffer)));
! 2917: return CURLE_SSL_CONNECT_ERROR;
! 2918: }
! 2919: /* Informational message */
! 2920: infof(data, "SSL re-using session ID\n");
! 2921: }
! 2922: Curl_ssl_sessionid_unlock(conn);
! 2923: }
! 2924:
! 2925: if(conn->proxy_ssl[sockindex].use) {
! 2926: BIO *const bio = BIO_new(BIO_f_ssl());
! 2927: SSL *handle = conn->proxy_ssl[sockindex].backend->handle;
! 2928: DEBUGASSERT(ssl_connection_complete == conn->proxy_ssl[sockindex].state);
! 2929: DEBUGASSERT(handle != NULL);
! 2930: DEBUGASSERT(bio != NULL);
! 2931: BIO_set_ssl(bio, handle, FALSE);
! 2932: SSL_set_bio(backend->handle, bio, bio);
! 2933: }
! 2934: else if(!SSL_set_fd(backend->handle, (int)sockfd)) {
! 2935: /* pass the raw socket into the SSL layers */
! 2936: failf(data, "SSL: SSL_set_fd failed: %s",
! 2937: ossl_strerror(ERR_get_error(), error_buffer, sizeof(error_buffer)));
! 2938: return CURLE_SSL_CONNECT_ERROR;
! 2939: }
! 2940:
! 2941: connssl->connecting_state = ssl_connect_2;
! 2942:
! 2943: return CURLE_OK;
! 2944: }
! 2945:
! 2946: static CURLcode ossl_connect_step2(struct connectdata *conn, int sockindex)
! 2947: {
! 2948: struct Curl_easy *data = conn->data;
! 2949: int err;
! 2950: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 2951: long * const certverifyresult = SSL_IS_PROXY() ?
! 2952: &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
! 2953: struct ssl_backend_data *backend = connssl->backend;
! 2954: DEBUGASSERT(ssl_connect_2 == connssl->connecting_state
! 2955: || ssl_connect_2_reading == connssl->connecting_state
! 2956: || ssl_connect_2_writing == connssl->connecting_state);
! 2957:
! 2958: ERR_clear_error();
! 2959:
! 2960: err = SSL_connect(backend->handle);
! 2961: /* If keylogging is enabled but the keylog callback is not supported then log
! 2962: secrets here, immediately after SSL_connect by using tap_ssl_key. */
! 2963: #if defined(ENABLE_SSLKEYLOGFILE) && !defined(HAVE_KEYLOG_CALLBACK)
! 2964: tap_ssl_key(backend->handle, &backend->tap_state);
! 2965: #endif
! 2966:
! 2967: /* 1 is fine
! 2968: 0 is "not successful but was shut down controlled"
! 2969: <0 is "handshake was not successful, because a fatal error occurred" */
! 2970: if(1 != err) {
! 2971: int detail = SSL_get_error(backend->handle, err);
! 2972:
! 2973: if(SSL_ERROR_WANT_READ == detail) {
! 2974: connssl->connecting_state = ssl_connect_2_reading;
! 2975: return CURLE_OK;
! 2976: }
! 2977: if(SSL_ERROR_WANT_WRITE == detail) {
! 2978: connssl->connecting_state = ssl_connect_2_writing;
! 2979: return CURLE_OK;
! 2980: }
! 2981: #ifdef SSL_ERROR_WANT_ASYNC
! 2982: if(SSL_ERROR_WANT_ASYNC == detail) {
! 2983: connssl->connecting_state = ssl_connect_2;
! 2984: return CURLE_OK;
! 2985: }
! 2986: #endif
! 2987: else {
! 2988: /* untreated error */
! 2989: unsigned long errdetail;
! 2990: char error_buffer[256]="";
! 2991: CURLcode result;
! 2992: long lerr;
! 2993: int lib;
! 2994: int reason;
! 2995:
! 2996: /* the connection failed, we're not waiting for anything else. */
! 2997: connssl->connecting_state = ssl_connect_2;
! 2998:
! 2999: /* Get the earliest error code from the thread's error queue and removes
! 3000: the entry. */
! 3001: errdetail = ERR_get_error();
! 3002:
! 3003: /* Extract which lib and reason */
! 3004: lib = ERR_GET_LIB(errdetail);
! 3005: reason = ERR_GET_REASON(errdetail);
! 3006:
! 3007: if((lib == ERR_LIB_SSL) &&
! 3008: (reason == SSL_R_CERTIFICATE_VERIFY_FAILED)) {
! 3009: result = CURLE_PEER_FAILED_VERIFICATION;
! 3010:
! 3011: lerr = SSL_get_verify_result(backend->handle);
! 3012: if(lerr != X509_V_OK) {
! 3013: *certverifyresult = lerr;
! 3014: msnprintf(error_buffer, sizeof(error_buffer),
! 3015: "SSL certificate problem: %s",
! 3016: X509_verify_cert_error_string(lerr));
! 3017: }
! 3018: else
! 3019: /* strcpy() is fine here as long as the string fits within
! 3020: error_buffer */
! 3021: strcpy(error_buffer, "SSL certificate verification failed");
! 3022: }
! 3023: else {
! 3024: result = CURLE_SSL_CONNECT_ERROR;
! 3025: ossl_strerror(errdetail, error_buffer, sizeof(error_buffer));
! 3026: }
! 3027:
! 3028: /* detail is already set to the SSL error above */
! 3029:
! 3030: /* If we e.g. use SSLv2 request-method and the server doesn't like us
! 3031: * (RST connection etc.), OpenSSL gives no explanation whatsoever and
! 3032: * the SO_ERROR is also lost.
! 3033: */
! 3034: if(CURLE_SSL_CONNECT_ERROR == result && errdetail == 0) {
! 3035: const char * const hostname = SSL_IS_PROXY() ?
! 3036: conn->http_proxy.host.name : conn->host.name;
! 3037: const long int port = SSL_IS_PROXY() ? conn->port : conn->remote_port;
! 3038: char extramsg[80]="";
! 3039: int sockerr = SOCKERRNO;
! 3040: if(sockerr && detail == SSL_ERROR_SYSCALL)
! 3041: Curl_strerror(sockerr, extramsg, sizeof(extramsg));
! 3042: failf(data, OSSL_PACKAGE " SSL_connect: %s in connection to %s:%ld ",
! 3043: extramsg[0] ? extramsg : SSL_ERROR_to_str(detail),
! 3044: hostname, port);
! 3045: return result;
! 3046: }
! 3047:
! 3048: /* Could be a CERT problem */
! 3049: failf(data, "%s", error_buffer);
! 3050:
! 3051: return result;
! 3052: }
! 3053: }
! 3054: else {
! 3055: /* we have been connected fine, we're not waiting for anything else. */
! 3056: connssl->connecting_state = ssl_connect_3;
! 3057:
! 3058: /* Informational message */
! 3059: infof(data, "SSL connection using %s / %s\n",
! 3060: get_ssl_version_txt(backend->handle),
! 3061: SSL_get_cipher(backend->handle));
! 3062:
! 3063: #ifdef HAS_ALPN
! 3064: /* Sets data and len to negotiated protocol, len is 0 if no protocol was
! 3065: * negotiated
! 3066: */
! 3067: if(conn->bits.tls_enable_alpn) {
! 3068: const unsigned char *neg_protocol;
! 3069: unsigned int len;
! 3070: SSL_get0_alpn_selected(backend->handle, &neg_protocol, &len);
! 3071: if(len != 0) {
! 3072: infof(data, "ALPN, server accepted to use %.*s\n", len, neg_protocol);
! 3073:
! 3074: #ifdef USE_NGHTTP2
! 3075: if(len == NGHTTP2_PROTO_VERSION_ID_LEN &&
! 3076: !memcmp(NGHTTP2_PROTO_VERSION_ID, neg_protocol, len)) {
! 3077: conn->negnpn = CURL_HTTP_VERSION_2;
! 3078: }
! 3079: else
! 3080: #endif
! 3081: if(len == ALPN_HTTP_1_1_LENGTH &&
! 3082: !memcmp(ALPN_HTTP_1_1, neg_protocol, ALPN_HTTP_1_1_LENGTH)) {
! 3083: conn->negnpn = CURL_HTTP_VERSION_1_1;
! 3084: }
! 3085: }
! 3086: else
! 3087: infof(data, "ALPN, server did not agree to a protocol\n");
! 3088:
! 3089: Curl_multiuse_state(conn, conn->negnpn == CURL_HTTP_VERSION_2 ?
! 3090: BUNDLE_MULTIPLEX : BUNDLE_NO_MULTIUSE);
! 3091: }
! 3092: #endif
! 3093:
! 3094: return CURLE_OK;
! 3095: }
! 3096: }
! 3097:
! 3098: static int asn1_object_dump(ASN1_OBJECT *a, char *buf, size_t len)
! 3099: {
! 3100: int i, ilen;
! 3101:
! 3102: ilen = (int)len;
! 3103: if(ilen < 0)
! 3104: return 1; /* buffer too big */
! 3105:
! 3106: i = i2t_ASN1_OBJECT(buf, ilen, a);
! 3107:
! 3108: if(i >= ilen)
! 3109: return 1; /* buffer too small */
! 3110:
! 3111: return 0;
! 3112: }
! 3113:
! 3114: #define push_certinfo(_label, _num) \
! 3115: do { \
! 3116: long info_len = BIO_get_mem_data(mem, &ptr); \
! 3117: Curl_ssl_push_certinfo_len(data, _num, _label, ptr, info_len); \
! 3118: if(1 != BIO_reset(mem)) \
! 3119: break; \
! 3120: } while(0)
! 3121:
! 3122: static void pubkey_show(struct Curl_easy *data,
! 3123: BIO *mem,
! 3124: int num,
! 3125: const char *type,
! 3126: const char *name,
! 3127: #ifdef HAVE_OPAQUE_RSA_DSA_DH
! 3128: const
! 3129: #endif
! 3130: BIGNUM *bn)
! 3131: {
! 3132: char *ptr;
! 3133: char namebuf[32];
! 3134:
! 3135: msnprintf(namebuf, sizeof(namebuf), "%s(%s)", type, name);
! 3136:
! 3137: if(bn)
! 3138: BN_print(mem, bn);
! 3139: push_certinfo(namebuf, num);
! 3140: }
! 3141:
! 3142: #ifdef HAVE_OPAQUE_RSA_DSA_DH
! 3143: #define print_pubkey_BN(_type, _name, _num) \
! 3144: pubkey_show(data, mem, _num, #_type, #_name, _name)
! 3145:
! 3146: #else
! 3147: #define print_pubkey_BN(_type, _name, _num) \
! 3148: do { \
! 3149: if(_type->_name) { \
! 3150: pubkey_show(data, mem, _num, #_type, #_name, _type->_name); \
! 3151: } \
! 3152: } while(0)
! 3153: #endif
! 3154:
! 3155: static void X509V3_ext(struct Curl_easy *data,
! 3156: int certnum,
! 3157: CONST_EXTS STACK_OF(X509_EXTENSION) *exts)
! 3158: {
! 3159: int i;
! 3160:
! 3161: if((int)sk_X509_EXTENSION_num(exts) <= 0)
! 3162: /* no extensions, bail out */
! 3163: return;
! 3164:
! 3165: for(i = 0; i < (int)sk_X509_EXTENSION_num(exts); i++) {
! 3166: ASN1_OBJECT *obj;
! 3167: X509_EXTENSION *ext = sk_X509_EXTENSION_value(exts, i);
! 3168: BUF_MEM *biomem;
! 3169: char namebuf[128];
! 3170: BIO *bio_out = BIO_new(BIO_s_mem());
! 3171:
! 3172: if(!bio_out)
! 3173: return;
! 3174:
! 3175: obj = X509_EXTENSION_get_object(ext);
! 3176:
! 3177: asn1_object_dump(obj, namebuf, sizeof(namebuf));
! 3178:
! 3179: if(!X509V3_EXT_print(bio_out, ext, 0, 0))
! 3180: ASN1_STRING_print(bio_out, (ASN1_STRING *)X509_EXTENSION_get_data(ext));
! 3181:
! 3182: BIO_get_mem_ptr(bio_out, &biomem);
! 3183: Curl_ssl_push_certinfo_len(data, certnum, namebuf, biomem->data,
! 3184: biomem->length);
! 3185: BIO_free(bio_out);
! 3186: }
! 3187: }
! 3188:
! 3189: #ifdef OPENSSL_IS_BORINGSSL
! 3190: typedef size_t numcert_t;
! 3191: #else
! 3192: typedef int numcert_t;
! 3193: #endif
! 3194:
! 3195: static CURLcode get_cert_chain(struct connectdata *conn,
! 3196: struct ssl_connect_data *connssl)
! 3197:
! 3198: {
! 3199: CURLcode result;
! 3200: STACK_OF(X509) *sk;
! 3201: int i;
! 3202: struct Curl_easy *data = conn->data;
! 3203: numcert_t numcerts;
! 3204: BIO *mem;
! 3205: struct ssl_backend_data *backend = connssl->backend;
! 3206:
! 3207: sk = SSL_get_peer_cert_chain(backend->handle);
! 3208: if(!sk) {
! 3209: return CURLE_OUT_OF_MEMORY;
! 3210: }
! 3211:
! 3212: numcerts = sk_X509_num(sk);
! 3213:
! 3214: result = Curl_ssl_init_certinfo(data, (int)numcerts);
! 3215: if(result) {
! 3216: return result;
! 3217: }
! 3218:
! 3219: mem = BIO_new(BIO_s_mem());
! 3220:
! 3221: for(i = 0; i < (int)numcerts; i++) {
! 3222: ASN1_INTEGER *num;
! 3223: X509 *x = sk_X509_value(sk, i);
! 3224: EVP_PKEY *pubkey = NULL;
! 3225: int j;
! 3226: char *ptr;
! 3227: const ASN1_BIT_STRING *psig = NULL;
! 3228:
! 3229: X509_NAME_print_ex(mem, X509_get_subject_name(x), 0, XN_FLAG_ONELINE);
! 3230: push_certinfo("Subject", i);
! 3231:
! 3232: X509_NAME_print_ex(mem, X509_get_issuer_name(x), 0, XN_FLAG_ONELINE);
! 3233: push_certinfo("Issuer", i);
! 3234:
! 3235: BIO_printf(mem, "%lx", X509_get_version(x));
! 3236: push_certinfo("Version", i);
! 3237:
! 3238: num = X509_get_serialNumber(x);
! 3239: if(num->type == V_ASN1_NEG_INTEGER)
! 3240: BIO_puts(mem, "-");
! 3241: for(j = 0; j < num->length; j++)
! 3242: BIO_printf(mem, "%02x", num->data[j]);
! 3243: push_certinfo("Serial Number", i);
! 3244:
! 3245: #if defined(HAVE_X509_GET0_SIGNATURE) && defined(HAVE_X509_GET0_EXTENSIONS)
! 3246: {
! 3247: const X509_ALGOR *sigalg = NULL;
! 3248: X509_PUBKEY *xpubkey = NULL;
! 3249: ASN1_OBJECT *pubkeyoid = NULL;
! 3250:
! 3251: X509_get0_signature(&psig, &sigalg, x);
! 3252: if(sigalg) {
! 3253: i2a_ASN1_OBJECT(mem, sigalg->algorithm);
! 3254: push_certinfo("Signature Algorithm", i);
! 3255: }
! 3256:
! 3257: xpubkey = X509_get_X509_PUBKEY(x);
! 3258: if(xpubkey) {
! 3259: X509_PUBKEY_get0_param(&pubkeyoid, NULL, NULL, NULL, xpubkey);
! 3260: if(pubkeyoid) {
! 3261: i2a_ASN1_OBJECT(mem, pubkeyoid);
! 3262: push_certinfo("Public Key Algorithm", i);
! 3263: }
! 3264: }
! 3265:
! 3266: X509V3_ext(data, i, X509_get0_extensions(x));
! 3267: }
! 3268: #else
! 3269: {
! 3270: /* before OpenSSL 1.0.2 */
! 3271: X509_CINF *cinf = x->cert_info;
! 3272:
! 3273: i2a_ASN1_OBJECT(mem, cinf->signature->algorithm);
! 3274: push_certinfo("Signature Algorithm", i);
! 3275:
! 3276: i2a_ASN1_OBJECT(mem, cinf->key->algor->algorithm);
! 3277: push_certinfo("Public Key Algorithm", i);
! 3278:
! 3279: X509V3_ext(data, i, cinf->extensions);
! 3280:
! 3281: psig = x->signature;
! 3282: }
! 3283: #endif
! 3284:
! 3285: ASN1_TIME_print(mem, X509_get0_notBefore(x));
! 3286: push_certinfo("Start date", i);
! 3287:
! 3288: ASN1_TIME_print(mem, X509_get0_notAfter(x));
! 3289: push_certinfo("Expire date", i);
! 3290:
! 3291: pubkey = X509_get_pubkey(x);
! 3292: if(!pubkey)
! 3293: infof(data, " Unable to load public key\n");
! 3294: else {
! 3295: int pktype;
! 3296: #ifdef HAVE_OPAQUE_EVP_PKEY
! 3297: pktype = EVP_PKEY_id(pubkey);
! 3298: #else
! 3299: pktype = pubkey->type;
! 3300: #endif
! 3301: switch(pktype) {
! 3302: case EVP_PKEY_RSA:
! 3303: {
! 3304: RSA *rsa;
! 3305: #ifdef HAVE_OPAQUE_EVP_PKEY
! 3306: rsa = EVP_PKEY_get0_RSA(pubkey);
! 3307: #else
! 3308: rsa = pubkey->pkey.rsa;
! 3309: #endif
! 3310:
! 3311: #ifdef HAVE_OPAQUE_RSA_DSA_DH
! 3312: {
! 3313: const BIGNUM *n;
! 3314: const BIGNUM *e;
! 3315:
! 3316: RSA_get0_key(rsa, &n, &e, NULL);
! 3317: BIO_printf(mem, "%d", BN_num_bits(n));
! 3318: push_certinfo("RSA Public Key", i);
! 3319: print_pubkey_BN(rsa, n, i);
! 3320: print_pubkey_BN(rsa, e, i);
! 3321: }
! 3322: #else
! 3323: BIO_printf(mem, "%d", BN_num_bits(rsa->n));
! 3324: push_certinfo("RSA Public Key", i);
! 3325: print_pubkey_BN(rsa, n, i);
! 3326: print_pubkey_BN(rsa, e, i);
! 3327: #endif
! 3328:
! 3329: break;
! 3330: }
! 3331: case EVP_PKEY_DSA:
! 3332: {
! 3333: #ifndef OPENSSL_NO_DSA
! 3334: DSA *dsa;
! 3335: #ifdef HAVE_OPAQUE_EVP_PKEY
! 3336: dsa = EVP_PKEY_get0_DSA(pubkey);
! 3337: #else
! 3338: dsa = pubkey->pkey.dsa;
! 3339: #endif
! 3340: #ifdef HAVE_OPAQUE_RSA_DSA_DH
! 3341: {
! 3342: const BIGNUM *p;
! 3343: const BIGNUM *q;
! 3344: const BIGNUM *g;
! 3345: const BIGNUM *pub_key;
! 3346:
! 3347: DSA_get0_pqg(dsa, &p, &q, &g);
! 3348: DSA_get0_key(dsa, &pub_key, NULL);
! 3349:
! 3350: print_pubkey_BN(dsa, p, i);
! 3351: print_pubkey_BN(dsa, q, i);
! 3352: print_pubkey_BN(dsa, g, i);
! 3353: print_pubkey_BN(dsa, pub_key, i);
! 3354: }
! 3355: #else
! 3356: print_pubkey_BN(dsa, p, i);
! 3357: print_pubkey_BN(dsa, q, i);
! 3358: print_pubkey_BN(dsa, g, i);
! 3359: print_pubkey_BN(dsa, pub_key, i);
! 3360: #endif
! 3361: #endif /* !OPENSSL_NO_DSA */
! 3362: break;
! 3363: }
! 3364: case EVP_PKEY_DH:
! 3365: {
! 3366: DH *dh;
! 3367: #ifdef HAVE_OPAQUE_EVP_PKEY
! 3368: dh = EVP_PKEY_get0_DH(pubkey);
! 3369: #else
! 3370: dh = pubkey->pkey.dh;
! 3371: #endif
! 3372: #ifdef HAVE_OPAQUE_RSA_DSA_DH
! 3373: {
! 3374: const BIGNUM *p;
! 3375: const BIGNUM *q;
! 3376: const BIGNUM *g;
! 3377: const BIGNUM *pub_key;
! 3378: DH_get0_pqg(dh, &p, &q, &g);
! 3379: DH_get0_key(dh, &pub_key, NULL);
! 3380: print_pubkey_BN(dh, p, i);
! 3381: print_pubkey_BN(dh, q, i);
! 3382: print_pubkey_BN(dh, g, i);
! 3383: print_pubkey_BN(dh, pub_key, i);
! 3384: }
! 3385: #else
! 3386: print_pubkey_BN(dh, p, i);
! 3387: print_pubkey_BN(dh, g, i);
! 3388: print_pubkey_BN(dh, pub_key, i);
! 3389: #endif
! 3390: break;
! 3391: }
! 3392: }
! 3393: EVP_PKEY_free(pubkey);
! 3394: }
! 3395:
! 3396: if(psig) {
! 3397: for(j = 0; j < psig->length; j++)
! 3398: BIO_printf(mem, "%02x:", psig->data[j]);
! 3399: push_certinfo("Signature", i);
! 3400: }
! 3401:
! 3402: PEM_write_bio_X509(mem, x);
! 3403: push_certinfo("Cert", i);
! 3404: }
! 3405:
! 3406: BIO_free(mem);
! 3407:
! 3408: return CURLE_OK;
! 3409: }
! 3410:
! 3411: /*
! 3412: * Heavily modified from:
! 3413: * https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning#OpenSSL
! 3414: */
! 3415: static CURLcode pkp_pin_peer_pubkey(struct Curl_easy *data, X509* cert,
! 3416: const char *pinnedpubkey)
! 3417: {
! 3418: /* Scratch */
! 3419: int len1 = 0, len2 = 0;
! 3420: unsigned char *buff1 = NULL, *temp = NULL;
! 3421:
! 3422: /* Result is returned to caller */
! 3423: CURLcode result = CURLE_SSL_PINNEDPUBKEYNOTMATCH;
! 3424:
! 3425: /* if a path wasn't specified, don't pin */
! 3426: if(!pinnedpubkey)
! 3427: return CURLE_OK;
! 3428:
! 3429: if(!cert)
! 3430: return result;
! 3431:
! 3432: do {
! 3433: /* Begin Gyrations to get the subjectPublicKeyInfo */
! 3434: /* Thanks to Viktor Dukhovni on the OpenSSL mailing list */
! 3435:
! 3436: /* https://groups.google.com/group/mailing.openssl.users/browse_thread
! 3437: /thread/d61858dae102c6c7 */
! 3438: len1 = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), NULL);
! 3439: if(len1 < 1)
! 3440: break; /* failed */
! 3441:
! 3442: buff1 = temp = malloc(len1);
! 3443: if(!buff1)
! 3444: break; /* failed */
! 3445:
! 3446: /* https://www.openssl.org/docs/crypto/d2i_X509.html */
! 3447: len2 = i2d_X509_PUBKEY(X509_get_X509_PUBKEY(cert), &temp);
! 3448:
! 3449: /*
! 3450: * These checks are verifying we got back the same values as when we
! 3451: * sized the buffer. It's pretty weak since they should always be the
! 3452: * same. But it gives us something to test.
! 3453: */
! 3454: if((len1 != len2) || !temp || ((temp - buff1) != len1))
! 3455: break; /* failed */
! 3456:
! 3457: /* End Gyrations */
! 3458:
! 3459: /* The one good exit point */
! 3460: result = Curl_pin_peer_pubkey(data, pinnedpubkey, buff1, len1);
! 3461: } while(0);
! 3462:
! 3463: if(buff1)
! 3464: free(buff1);
! 3465:
! 3466: return result;
! 3467: }
! 3468:
! 3469: /*
! 3470: * Get the server cert, verify it and show it etc, only call failf() if the
! 3471: * 'strict' argument is TRUE as otherwise all this is for informational
! 3472: * purposes only!
! 3473: *
! 3474: * We check certificates to authenticate the server; otherwise we risk
! 3475: * man-in-the-middle attack.
! 3476: */
! 3477: static CURLcode servercert(struct connectdata *conn,
! 3478: struct ssl_connect_data *connssl,
! 3479: bool strict)
! 3480: {
! 3481: CURLcode result = CURLE_OK;
! 3482: int rc;
! 3483: long lerr;
! 3484: struct Curl_easy *data = conn->data;
! 3485: X509 *issuer;
! 3486: BIO *fp = NULL;
! 3487: char error_buffer[256]="";
! 3488: char buffer[2048];
! 3489: const char *ptr;
! 3490: long * const certverifyresult = SSL_IS_PROXY() ?
! 3491: &data->set.proxy_ssl.certverifyresult : &data->set.ssl.certverifyresult;
! 3492: BIO *mem = BIO_new(BIO_s_mem());
! 3493: struct ssl_backend_data *backend = connssl->backend;
! 3494:
! 3495: if(data->set.ssl.certinfo)
! 3496: /* we've been asked to gather certificate info! */
! 3497: (void)get_cert_chain(conn, connssl);
! 3498:
! 3499: backend->server_cert = SSL_get_peer_certificate(backend->handle);
! 3500: if(!backend->server_cert) {
! 3501: BIO_free(mem);
! 3502: if(!strict)
! 3503: return CURLE_OK;
! 3504:
! 3505: failf(data, "SSL: couldn't get peer certificate!");
! 3506: return CURLE_PEER_FAILED_VERIFICATION;
! 3507: }
! 3508:
! 3509: infof(data, "%s certificate:\n", SSL_IS_PROXY() ? "Proxy" : "Server");
! 3510:
! 3511: rc = x509_name_oneline(X509_get_subject_name(backend->server_cert),
! 3512: buffer, sizeof(buffer));
! 3513: infof(data, " subject: %s\n", rc?"[NONE]":buffer);
! 3514:
! 3515: #ifndef CURL_DISABLE_VERBOSE_STRINGS
! 3516: {
! 3517: long len;
! 3518: ASN1_TIME_print(mem, X509_get0_notBefore(backend->server_cert));
! 3519: len = BIO_get_mem_data(mem, (char **) &ptr);
! 3520: infof(data, " start date: %.*s\n", len, ptr);
! 3521: (void)BIO_reset(mem);
! 3522:
! 3523: ASN1_TIME_print(mem, X509_get0_notAfter(backend->server_cert));
! 3524: len = BIO_get_mem_data(mem, (char **) &ptr);
! 3525: infof(data, " expire date: %.*s\n", len, ptr);
! 3526: (void)BIO_reset(mem);
! 3527: }
! 3528: #endif
! 3529:
! 3530: BIO_free(mem);
! 3531:
! 3532: if(SSL_CONN_CONFIG(verifyhost)) {
! 3533: result = verifyhost(conn, backend->server_cert);
! 3534: if(result) {
! 3535: X509_free(backend->server_cert);
! 3536: backend->server_cert = NULL;
! 3537: return result;
! 3538: }
! 3539: }
! 3540:
! 3541: rc = x509_name_oneline(X509_get_issuer_name(backend->server_cert),
! 3542: buffer, sizeof(buffer));
! 3543: if(rc) {
! 3544: if(strict)
! 3545: failf(data, "SSL: couldn't get X509-issuer name!");
! 3546: result = CURLE_PEER_FAILED_VERIFICATION;
! 3547: }
! 3548: else {
! 3549: infof(data, " issuer: %s\n", buffer);
! 3550:
! 3551: /* We could do all sorts of certificate verification stuff here before
! 3552: deallocating the certificate. */
! 3553:
! 3554: /* e.g. match issuer name with provided issuer certificate */
! 3555: if(SSL_SET_OPTION(issuercert)) {
! 3556: fp = BIO_new(BIO_s_file());
! 3557: if(fp == NULL) {
! 3558: failf(data,
! 3559: "BIO_new return NULL, " OSSL_PACKAGE
! 3560: " error %s",
! 3561: ossl_strerror(ERR_get_error(), error_buffer,
! 3562: sizeof(error_buffer)) );
! 3563: X509_free(backend->server_cert);
! 3564: backend->server_cert = NULL;
! 3565: return CURLE_OUT_OF_MEMORY;
! 3566: }
! 3567:
! 3568: if(BIO_read_filename(fp, SSL_SET_OPTION(issuercert)) <= 0) {
! 3569: if(strict)
! 3570: failf(data, "SSL: Unable to open issuer cert (%s)",
! 3571: SSL_SET_OPTION(issuercert));
! 3572: BIO_free(fp);
! 3573: X509_free(backend->server_cert);
! 3574: backend->server_cert = NULL;
! 3575: return CURLE_SSL_ISSUER_ERROR;
! 3576: }
! 3577:
! 3578: issuer = PEM_read_bio_X509(fp, NULL, ZERO_NULL, NULL);
! 3579: if(!issuer) {
! 3580: if(strict)
! 3581: failf(data, "SSL: Unable to read issuer cert (%s)",
! 3582: SSL_SET_OPTION(issuercert));
! 3583: BIO_free(fp);
! 3584: X509_free(issuer);
! 3585: X509_free(backend->server_cert);
! 3586: backend->server_cert = NULL;
! 3587: return CURLE_SSL_ISSUER_ERROR;
! 3588: }
! 3589:
! 3590: if(X509_check_issued(issuer, backend->server_cert) != X509_V_OK) {
! 3591: if(strict)
! 3592: failf(data, "SSL: Certificate issuer check failed (%s)",
! 3593: SSL_SET_OPTION(issuercert));
! 3594: BIO_free(fp);
! 3595: X509_free(issuer);
! 3596: X509_free(backend->server_cert);
! 3597: backend->server_cert = NULL;
! 3598: return CURLE_SSL_ISSUER_ERROR;
! 3599: }
! 3600:
! 3601: infof(data, " SSL certificate issuer check ok (%s)\n",
! 3602: SSL_SET_OPTION(issuercert));
! 3603: BIO_free(fp);
! 3604: X509_free(issuer);
! 3605: }
! 3606:
! 3607: lerr = *certverifyresult = SSL_get_verify_result(backend->handle);
! 3608:
! 3609: if(*certverifyresult != X509_V_OK) {
! 3610: if(SSL_CONN_CONFIG(verifypeer)) {
! 3611: /* We probably never reach this, because SSL_connect() will fail
! 3612: and we return earlier if verifypeer is set? */
! 3613: if(strict)
! 3614: failf(data, "SSL certificate verify result: %s (%ld)",
! 3615: X509_verify_cert_error_string(lerr), lerr);
! 3616: result = CURLE_PEER_FAILED_VERIFICATION;
! 3617: }
! 3618: else
! 3619: infof(data, " SSL certificate verify result: %s (%ld),"
! 3620: " continuing anyway.\n",
! 3621: X509_verify_cert_error_string(lerr), lerr);
! 3622: }
! 3623: else
! 3624: infof(data, " SSL certificate verify ok.\n");
! 3625: }
! 3626:
! 3627: #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
! 3628: !defined(OPENSSL_NO_OCSP)
! 3629: if(SSL_CONN_CONFIG(verifystatus)) {
! 3630: result = verifystatus(conn, connssl);
! 3631: if(result) {
! 3632: X509_free(backend->server_cert);
! 3633: backend->server_cert = NULL;
! 3634: return result;
! 3635: }
! 3636: }
! 3637: #endif
! 3638:
! 3639: if(!strict)
! 3640: /* when not strict, we don't bother about the verify cert problems */
! 3641: result = CURLE_OK;
! 3642:
! 3643: ptr = SSL_IS_PROXY() ? data->set.str[STRING_SSL_PINNEDPUBLICKEY_PROXY] :
! 3644: data->set.str[STRING_SSL_PINNEDPUBLICKEY_ORIG];
! 3645: if(!result && ptr) {
! 3646: result = pkp_pin_peer_pubkey(data, backend->server_cert, ptr);
! 3647: if(result)
! 3648: failf(data, "SSL: public key does not match pinned public key!");
! 3649: }
! 3650:
! 3651: X509_free(backend->server_cert);
! 3652: backend->server_cert = NULL;
! 3653: connssl->connecting_state = ssl_connect_done;
! 3654:
! 3655: return result;
! 3656: }
! 3657:
! 3658: static CURLcode ossl_connect_step3(struct connectdata *conn, int sockindex)
! 3659: {
! 3660: CURLcode result = CURLE_OK;
! 3661: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 3662:
! 3663: DEBUGASSERT(ssl_connect_3 == connssl->connecting_state);
! 3664:
! 3665: /*
! 3666: * We check certificates to authenticate the server; otherwise we risk
! 3667: * man-in-the-middle attack; NEVERTHELESS, if we're told explicitly not to
! 3668: * verify the peer ignore faults and failures from the server cert
! 3669: * operations.
! 3670: */
! 3671:
! 3672: result = servercert(conn, connssl, (SSL_CONN_CONFIG(verifypeer) ||
! 3673: SSL_CONN_CONFIG(verifyhost)));
! 3674:
! 3675: if(!result)
! 3676: connssl->connecting_state = ssl_connect_done;
! 3677:
! 3678: return result;
! 3679: }
! 3680:
! 3681: static Curl_recv ossl_recv;
! 3682: static Curl_send ossl_send;
! 3683:
! 3684: static CURLcode ossl_connect_common(struct connectdata *conn,
! 3685: int sockindex,
! 3686: bool nonblocking,
! 3687: bool *done)
! 3688: {
! 3689: CURLcode result;
! 3690: struct Curl_easy *data = conn->data;
! 3691: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 3692: curl_socket_t sockfd = conn->sock[sockindex];
! 3693: timediff_t timeout_ms;
! 3694: int what;
! 3695:
! 3696: /* check if the connection has already been established */
! 3697: if(ssl_connection_complete == connssl->state) {
! 3698: *done = TRUE;
! 3699: return CURLE_OK;
! 3700: }
! 3701:
! 3702: if(ssl_connect_1 == connssl->connecting_state) {
! 3703: /* Find out how much more time we're allowed */
! 3704: timeout_ms = Curl_timeleft(data, NULL, TRUE);
! 3705:
! 3706: if(timeout_ms < 0) {
! 3707: /* no need to continue if time already is up */
! 3708: failf(data, "SSL connection timeout");
! 3709: return CURLE_OPERATION_TIMEDOUT;
! 3710: }
! 3711:
! 3712: result = ossl_connect_step1(conn, sockindex);
! 3713: if(result)
! 3714: return result;
! 3715: }
! 3716:
! 3717: while(ssl_connect_2 == connssl->connecting_state ||
! 3718: ssl_connect_2_reading == connssl->connecting_state ||
! 3719: ssl_connect_2_writing == connssl->connecting_state) {
! 3720:
! 3721: /* check allowed time left */
! 3722: timeout_ms = Curl_timeleft(data, NULL, TRUE);
! 3723:
! 3724: if(timeout_ms < 0) {
! 3725: /* no need to continue if time already is up */
! 3726: failf(data, "SSL connection timeout");
! 3727: return CURLE_OPERATION_TIMEDOUT;
! 3728: }
! 3729:
! 3730: /* if ssl is expecting something, check if it's available. */
! 3731: if(connssl->connecting_state == ssl_connect_2_reading ||
! 3732: connssl->connecting_state == ssl_connect_2_writing) {
! 3733:
! 3734: curl_socket_t writefd = ssl_connect_2_writing ==
! 3735: connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
! 3736: curl_socket_t readfd = ssl_connect_2_reading ==
! 3737: connssl->connecting_state?sockfd:CURL_SOCKET_BAD;
! 3738:
! 3739: what = Curl_socket_check(readfd, CURL_SOCKET_BAD, writefd,
! 3740: nonblocking?0:(time_t)timeout_ms);
! 3741: if(what < 0) {
! 3742: /* fatal error */
! 3743: failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO);
! 3744: return CURLE_SSL_CONNECT_ERROR;
! 3745: }
! 3746: if(0 == what) {
! 3747: if(nonblocking) {
! 3748: *done = FALSE;
! 3749: return CURLE_OK;
! 3750: }
! 3751: /* timeout */
! 3752: failf(data, "SSL connection timeout");
! 3753: return CURLE_OPERATION_TIMEDOUT;
! 3754: }
! 3755: /* socket is readable or writable */
! 3756: }
! 3757:
! 3758: /* Run transaction, and return to the caller if it failed or if this
! 3759: * connection is done nonblocking and this loop would execute again. This
! 3760: * permits the owner of a multi handle to abort a connection attempt
! 3761: * before step2 has completed while ensuring that a client using select()
! 3762: * or epoll() will always have a valid fdset to wait on.
! 3763: */
! 3764: result = ossl_connect_step2(conn, sockindex);
! 3765: if(result || (nonblocking &&
! 3766: (ssl_connect_2 == connssl->connecting_state ||
! 3767: ssl_connect_2_reading == connssl->connecting_state ||
! 3768: ssl_connect_2_writing == connssl->connecting_state)))
! 3769: return result;
! 3770:
! 3771: } /* repeat step2 until all transactions are done. */
! 3772:
! 3773: if(ssl_connect_3 == connssl->connecting_state) {
! 3774: result = ossl_connect_step3(conn, sockindex);
! 3775: if(result)
! 3776: return result;
! 3777: }
! 3778:
! 3779: if(ssl_connect_done == connssl->connecting_state) {
! 3780: connssl->state = ssl_connection_complete;
! 3781: conn->recv[sockindex] = ossl_recv;
! 3782: conn->send[sockindex] = ossl_send;
! 3783: *done = TRUE;
! 3784: }
! 3785: else
! 3786: *done = FALSE;
! 3787:
! 3788: /* Reset our connect state machine */
! 3789: connssl->connecting_state = ssl_connect_1;
! 3790:
! 3791: return CURLE_OK;
! 3792: }
! 3793:
! 3794: static CURLcode Curl_ossl_connect_nonblocking(struct connectdata *conn,
! 3795: int sockindex,
! 3796: bool *done)
! 3797: {
! 3798: return ossl_connect_common(conn, sockindex, TRUE, done);
! 3799: }
! 3800:
! 3801: static CURLcode Curl_ossl_connect(struct connectdata *conn, int sockindex)
! 3802: {
! 3803: CURLcode result;
! 3804: bool done = FALSE;
! 3805:
! 3806: result = ossl_connect_common(conn, sockindex, FALSE, &done);
! 3807: if(result)
! 3808: return result;
! 3809:
! 3810: DEBUGASSERT(done);
! 3811:
! 3812: return CURLE_OK;
! 3813: }
! 3814:
! 3815: static bool Curl_ossl_data_pending(const struct connectdata *conn,
! 3816: int connindex)
! 3817: {
! 3818: const struct ssl_connect_data *connssl = &conn->ssl[connindex];
! 3819: const struct ssl_connect_data *proxyssl = &conn->proxy_ssl[connindex];
! 3820:
! 3821: if(connssl->backend->handle && SSL_pending(connssl->backend->handle))
! 3822: return TRUE;
! 3823:
! 3824: if(proxyssl->backend->handle && SSL_pending(proxyssl->backend->handle))
! 3825: return TRUE;
! 3826:
! 3827: return FALSE;
! 3828: }
! 3829:
! 3830: static size_t Curl_ossl_version(char *buffer, size_t size);
! 3831:
! 3832: static ssize_t ossl_send(struct connectdata *conn,
! 3833: int sockindex,
! 3834: const void *mem,
! 3835: size_t len,
! 3836: CURLcode *curlcode)
! 3837: {
! 3838: /* SSL_write() is said to return 'int' while write() and send() returns
! 3839: 'size_t' */
! 3840: int err;
! 3841: char error_buffer[256];
! 3842: unsigned long sslerror;
! 3843: int memlen;
! 3844: int rc;
! 3845: struct ssl_connect_data *connssl = &conn->ssl[sockindex];
! 3846: struct ssl_backend_data *backend = connssl->backend;
! 3847:
! 3848: ERR_clear_error();
! 3849:
! 3850: memlen = (len > (size_t)INT_MAX) ? INT_MAX : (int)len;
! 3851: rc = SSL_write(backend->handle, mem, memlen);
! 3852:
! 3853: if(rc <= 0) {
! 3854: err = SSL_get_error(backend->handle, rc);
! 3855:
! 3856: switch(err) {
! 3857: case SSL_ERROR_WANT_READ:
! 3858: case SSL_ERROR_WANT_WRITE:
! 3859: /* The operation did not complete; the same TLS/SSL I/O function
! 3860: should be called again later. This is basically an EWOULDBLOCK
! 3861: equivalent. */
! 3862: *curlcode = CURLE_AGAIN;
! 3863: return -1;
! 3864: case SSL_ERROR_SYSCALL:
! 3865: {
! 3866: int sockerr = SOCKERRNO;
! 3867: sslerror = ERR_get_error();
! 3868: if(sslerror)
! 3869: ossl_strerror(sslerror, error_buffer, sizeof(error_buffer));
! 3870: else if(sockerr)
! 3871: Curl_strerror(sockerr, error_buffer, sizeof(error_buffer));
! 3872: else {
! 3873: strncpy(error_buffer, SSL_ERROR_to_str(err), sizeof(error_buffer));
! 3874: error_buffer[sizeof(error_buffer) - 1] = '\0';
! 3875: }
! 3876: failf(conn->data, OSSL_PACKAGE " SSL_write: %s, errno %d",
! 3877: error_buffer, sockerr);
! 3878: *curlcode = CURLE_SEND_ERROR;
! 3879: return -1;
! 3880: }
! 3881: case SSL_ERROR_SSL:
! 3882: /* A failure in the SSL library occurred, usually a protocol error.
! 3883: The OpenSSL error queue contains more information on the error. */
! 3884: sslerror = ERR_get_error();
! 3885: if(ERR_GET_LIB(sslerror) == ERR_LIB_SSL &&
! 3886: ERR_GET_REASON(sslerror) == SSL_R_BIO_NOT_SET &&
! 3887: conn->ssl[sockindex].state == ssl_connection_complete &&
! 3888: conn->proxy_ssl[sockindex].state == ssl_connection_complete) {
! 3889: char ver[120];
! 3890: Curl_ossl_version(ver, 120);
! 3891: failf(conn->data, "Error: %s does not support double SSL tunneling.",
! 3892: ver);
! 3893: }
! 3894: else
! 3895: failf(conn->data, "SSL_write() error: %s",
! 3896: ossl_strerror(sslerror, error_buffer, sizeof(error_buffer)));
! 3897: *curlcode = CURLE_SEND_ERROR;
! 3898: return -1;
! 3899: }
! 3900: /* a true error */
! 3901: failf(conn->data, OSSL_PACKAGE " SSL_write: %s, errno %d",
! 3902: SSL_ERROR_to_str(err), SOCKERRNO);
! 3903: *curlcode = CURLE_SEND_ERROR;
! 3904: return -1;
! 3905: }
! 3906: *curlcode = CURLE_OK;
! 3907: return (ssize_t)rc; /* number of bytes */
! 3908: }
! 3909:
! 3910: static ssize_t ossl_recv(struct connectdata *conn, /* connection data */
! 3911: int num, /* socketindex */
! 3912: char *buf, /* store read data here */
! 3913: size_t buffersize, /* max amount to read */
! 3914: CURLcode *curlcode)
! 3915: {
! 3916: char error_buffer[256];
! 3917: unsigned long sslerror;
! 3918: ssize_t nread;
! 3919: int buffsize;
! 3920: struct ssl_connect_data *connssl = &conn->ssl[num];
! 3921: struct ssl_backend_data *backend = connssl->backend;
! 3922:
! 3923: ERR_clear_error();
! 3924:
! 3925: buffsize = (buffersize > (size_t)INT_MAX) ? INT_MAX : (int)buffersize;
! 3926: nread = (ssize_t)SSL_read(backend->handle, buf, buffsize);
! 3927: if(nread <= 0) {
! 3928: /* failed SSL_read */
! 3929: int err = SSL_get_error(backend->handle, (int)nread);
! 3930:
! 3931: switch(err) {
! 3932: case SSL_ERROR_NONE: /* this is not an error */
! 3933: break;
! 3934: case SSL_ERROR_ZERO_RETURN: /* no more data */
! 3935: /* close_notify alert */
! 3936: if(num == FIRSTSOCKET)
! 3937: /* mark the connection for close if it is indeed the control
! 3938: connection */
! 3939: connclose(conn, "TLS close_notify");
! 3940: break;
! 3941: case SSL_ERROR_WANT_READ:
! 3942: case SSL_ERROR_WANT_WRITE:
! 3943: /* there's data pending, re-invoke SSL_read() */
! 3944: *curlcode = CURLE_AGAIN;
! 3945: return -1;
! 3946: default:
! 3947: /* openssl/ssl.h for SSL_ERROR_SYSCALL says "look at error stack/return
! 3948: value/errno" */
! 3949: /* https://www.openssl.org/docs/crypto/ERR_get_error.html */
! 3950: sslerror = ERR_get_error();
! 3951: if((nread < 0) || sslerror) {
! 3952: /* If the return code was negative or there actually is an error in the
! 3953: queue */
! 3954: int sockerr = SOCKERRNO;
! 3955: if(sslerror)
! 3956: ossl_strerror(sslerror, error_buffer, sizeof(error_buffer));
! 3957: else if(sockerr && err == SSL_ERROR_SYSCALL)
! 3958: Curl_strerror(sockerr, error_buffer, sizeof(error_buffer));
! 3959: else {
! 3960: strncpy(error_buffer, SSL_ERROR_to_str(err), sizeof(error_buffer));
! 3961: error_buffer[sizeof(error_buffer) - 1] = '\0';
! 3962: }
! 3963: failf(conn->data, OSSL_PACKAGE " SSL_read: %s, errno %d",
! 3964: error_buffer, sockerr);
! 3965: *curlcode = CURLE_RECV_ERROR;
! 3966: return -1;
! 3967: }
! 3968: /* For debug builds be a little stricter and error on any
! 3969: SSL_ERROR_SYSCALL. For example a server may have closed the connection
! 3970: abruptly without a close_notify alert. For compatibility with older
! 3971: peers we don't do this by default. #4624
! 3972:
! 3973: We can use this to gauge how many users may be affected, and
! 3974: if it goes ok eventually transition to allow in dev and release with
! 3975: the newest OpenSSL: #if (OPENSSL_VERSION_NUMBER >= 0x10101000L) */
! 3976: #ifdef DEBUGBUILD
! 3977: if(err == SSL_ERROR_SYSCALL) {
! 3978: int sockerr = SOCKERRNO;
! 3979: if(sockerr)
! 3980: Curl_strerror(sockerr, error_buffer, sizeof(error_buffer));
! 3981: else {
! 3982: msnprintf(error_buffer, sizeof(error_buffer),
! 3983: "Connection closed abruptly");
! 3984: }
! 3985: failf(conn->data, OSSL_PACKAGE " SSL_read: %s, errno %d"
! 3986: " (Fatal because this is a curl debug build)",
! 3987: error_buffer, sockerr);
! 3988: *curlcode = CURLE_RECV_ERROR;
! 3989: return -1;
! 3990: }
! 3991: #endif
! 3992: }
! 3993: }
! 3994: return nread;
! 3995: }
! 3996:
! 3997: static size_t Curl_ossl_version(char *buffer, size_t size)
! 3998: {
! 3999: #ifdef LIBRESSL_VERSION_NUMBER
! 4000: #if LIBRESSL_VERSION_NUMBER < 0x2070100fL
! 4001: return msnprintf(buffer, size, "%s/%lx.%lx.%lx",
! 4002: OSSL_PACKAGE,
! 4003: (LIBRESSL_VERSION_NUMBER>>28)&0xf,
! 4004: (LIBRESSL_VERSION_NUMBER>>20)&0xff,
! 4005: (LIBRESSL_VERSION_NUMBER>>12)&0xff);
! 4006: #else /* OpenSSL_version() first appeared in LibreSSL 2.7.1 */
! 4007: char *p;
! 4008: int count;
! 4009: const char *ver = OpenSSL_version(OPENSSL_VERSION);
! 4010: const char expected[] = OSSL_PACKAGE " "; /* ie "LibreSSL " */
! 4011: if(Curl_strncasecompare(ver, expected, sizeof(expected) - 1)) {
! 4012: ver += sizeof(expected) - 1;
! 4013: }
! 4014: count = msnprintf(buffer, size, "%s/%s", OSSL_PACKAGE, ver);
! 4015: for(p = buffer; *p; ++p) {
! 4016: if(ISSPACE(*p))
! 4017: *p = '_';
! 4018: }
! 4019: return count;
! 4020: #endif
! 4021: #elif defined(OPENSSL_IS_BORINGSSL)
! 4022: return msnprintf(buffer, size, OSSL_PACKAGE);
! 4023: #elif defined(HAVE_OPENSSL_VERSION) && defined(OPENSSL_VERSION_STRING)
! 4024: return msnprintf(buffer, size, "%s/%s",
! 4025: OSSL_PACKAGE, OpenSSL_version(OPENSSL_VERSION_STRING));
! 4026: #else
! 4027: /* not LibreSSL, BoringSSL and not using OpenSSL_version */
! 4028:
! 4029: char sub[3];
! 4030: unsigned long ssleay_value;
! 4031: sub[2]='\0';
! 4032: sub[1]='\0';
! 4033: ssleay_value = OpenSSL_version_num();
! 4034: if(ssleay_value < 0x906000) {
! 4035: ssleay_value = SSLEAY_VERSION_NUMBER;
! 4036: sub[0]='\0';
! 4037: }
! 4038: else {
! 4039: if(ssleay_value&0xff0) {
! 4040: int minor_ver = (ssleay_value >> 4) & 0xff;
! 4041: if(minor_ver > 26) {
! 4042: /* handle extended version introduced for 0.9.8za */
! 4043: sub[1] = (char) ((minor_ver - 1) % 26 + 'a' + 1);
! 4044: sub[0] = 'z';
! 4045: }
! 4046: else {
! 4047: sub[0] = (char) (minor_ver + 'a' - 1);
! 4048: }
! 4049: }
! 4050: else
! 4051: sub[0]='\0';
! 4052: }
! 4053:
! 4054: return msnprintf(buffer, size, "%s/%lx.%lx.%lx%s"
! 4055: #ifdef OPENSSL_FIPS
! 4056: "-fips"
! 4057: #endif
! 4058: ,
! 4059: OSSL_PACKAGE,
! 4060: (ssleay_value>>28)&0xf,
! 4061: (ssleay_value>>20)&0xff,
! 4062: (ssleay_value>>12)&0xff,
! 4063: sub);
! 4064: #endif /* OPENSSL_IS_BORINGSSL */
! 4065: }
! 4066:
! 4067: /* can be called with data == NULL */
! 4068: static CURLcode Curl_ossl_random(struct Curl_easy *data,
! 4069: unsigned char *entropy, size_t length)
! 4070: {
! 4071: int rc;
! 4072: if(data) {
! 4073: if(Curl_ossl_seed(data)) /* Initiate the seed if not already done */
! 4074: return CURLE_FAILED_INIT; /* couldn't seed for some reason */
! 4075: }
! 4076: else {
! 4077: if(!rand_enough())
! 4078: return CURLE_FAILED_INIT;
! 4079: }
! 4080: /* RAND_bytes() returns 1 on success, 0 otherwise. */
! 4081: rc = RAND_bytes(entropy, curlx_uztosi(length));
! 4082: return (rc == 1 ? CURLE_OK : CURLE_FAILED_INIT);
! 4083: }
! 4084:
! 4085: static CURLcode Curl_ossl_md5sum(unsigned char *tmp, /* input */
! 4086: size_t tmplen,
! 4087: unsigned char *md5sum /* output */,
! 4088: size_t unused)
! 4089: {
! 4090: EVP_MD_CTX *mdctx;
! 4091: unsigned int len = 0;
! 4092: (void) unused;
! 4093:
! 4094: mdctx = EVP_MD_CTX_create();
! 4095: EVP_DigestInit_ex(mdctx, EVP_md5(), NULL);
! 4096: EVP_DigestUpdate(mdctx, tmp, tmplen);
! 4097: EVP_DigestFinal_ex(mdctx, md5sum, &len);
! 4098: EVP_MD_CTX_destroy(mdctx);
! 4099: return CURLE_OK;
! 4100: }
! 4101:
! 4102: #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
! 4103: static CURLcode Curl_ossl_sha256sum(const unsigned char *tmp, /* input */
! 4104: size_t tmplen,
! 4105: unsigned char *sha256sum /* output */,
! 4106: size_t unused)
! 4107: {
! 4108: EVP_MD_CTX *mdctx;
! 4109: unsigned int len = 0;
! 4110: (void) unused;
! 4111:
! 4112: mdctx = EVP_MD_CTX_create();
! 4113: EVP_DigestInit_ex(mdctx, EVP_sha256(), NULL);
! 4114: EVP_DigestUpdate(mdctx, tmp, tmplen);
! 4115: EVP_DigestFinal_ex(mdctx, sha256sum, &len);
! 4116: EVP_MD_CTX_destroy(mdctx);
! 4117: return CURLE_OK;
! 4118: }
! 4119: #endif
! 4120:
! 4121: static bool Curl_ossl_cert_status_request(void)
! 4122: {
! 4123: #if (OPENSSL_VERSION_NUMBER >= 0x0090808fL) && !defined(OPENSSL_NO_TLSEXT) && \
! 4124: !defined(OPENSSL_NO_OCSP)
! 4125: return TRUE;
! 4126: #else
! 4127: return FALSE;
! 4128: #endif
! 4129: }
! 4130:
! 4131: static void *Curl_ossl_get_internals(struct ssl_connect_data *connssl,
! 4132: CURLINFO info)
! 4133: {
! 4134: /* Legacy: CURLINFO_TLS_SESSION must return an SSL_CTX pointer. */
! 4135: struct ssl_backend_data *backend = connssl->backend;
! 4136: return info == CURLINFO_TLS_SESSION ?
! 4137: (void *)backend->ctx : (void *)backend->handle;
! 4138: }
! 4139:
! 4140: const struct Curl_ssl Curl_ssl_openssl = {
! 4141: { CURLSSLBACKEND_OPENSSL, "openssl" }, /* info */
! 4142:
! 4143: SSLSUPP_CA_PATH |
! 4144: SSLSUPP_CERTINFO |
! 4145: SSLSUPP_PINNEDPUBKEY |
! 4146: SSLSUPP_SSL_CTX |
! 4147: #ifdef HAVE_SSL_CTX_SET_CIPHERSUITES
! 4148: SSLSUPP_TLS13_CIPHERSUITES |
! 4149: #endif
! 4150: SSLSUPP_HTTPS_PROXY,
! 4151:
! 4152: sizeof(struct ssl_backend_data),
! 4153:
! 4154: Curl_ossl_init, /* init */
! 4155: Curl_ossl_cleanup, /* cleanup */
! 4156: Curl_ossl_version, /* version */
! 4157: Curl_ossl_check_cxn, /* check_cxn */
! 4158: Curl_ossl_shutdown, /* shutdown */
! 4159: Curl_ossl_data_pending, /* data_pending */
! 4160: Curl_ossl_random, /* random */
! 4161: Curl_ossl_cert_status_request, /* cert_status_request */
! 4162: Curl_ossl_connect, /* connect */
! 4163: Curl_ossl_connect_nonblocking, /* connect_nonblocking */
! 4164: Curl_ossl_get_internals, /* get_internals */
! 4165: Curl_ossl_close, /* close_one */
! 4166: Curl_ossl_close_all, /* close_all */
! 4167: Curl_ossl_session_free, /* session_free */
! 4168: Curl_ossl_set_engine, /* set_engine */
! 4169: Curl_ossl_set_engine_default, /* set_engine_default */
! 4170: Curl_ossl_engines_list, /* engines_list */
! 4171: Curl_none_false_start, /* false_start */
! 4172: Curl_ossl_md5sum, /* md5sum */
! 4173: #if (OPENSSL_VERSION_NUMBER >= 0x0090800fL) && !defined(OPENSSL_NO_SHA256)
! 4174: Curl_ossl_sha256sum /* sha256sum */
! 4175: #else
! 4176: NULL /* sha256sum */
! 4177: #endif
! 4178: };
! 4179:
! 4180: #endif /* USE_OPENSSL */
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to openssl.c CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / lib / vtls