X-Git-Url: http://www.privoxy.org/gitweb/?p=privoxy.git;a=blobdiff_plain;f=ssl.c;h=4f187c24070b94328802cfe4ef3d2b7e59883f65;hp=b239a29c3d4e084a9dd6aee2478e6b2243e76a3e;hb=31265b1b2d8f5b81cbde0fcada6271d800430c59;hpb=71d5283d85d0c4f28eba547326fd250b361ca715 diff --git a/ssl.c b/ssl.c index b239a29c..4f187c24 100644 --- a/ssl.c +++ b/ssl.c @@ -5,8 +5,8 @@ * Purpose : File with TLS/SSL extension. Contains methods for * creating, using and closing TLS/SSL connections. * - * Copyright : Written by and Copyright (c) 2017 Vaclav Svec. FIT CVUT. - * Copyright (C) 2018-2019 by Fabian Keil + * Copyright : Written by and Copyright (c) 2017-2020 Vaclav Svec. FIT CVUT. + * Copyright (C) 2018-2020 by Fabian Keil * * This program is free software; you can redistribute it * and/or modify it under the terms of the GNU General @@ -41,13 +41,17 @@ #include "mbedtls/pem.h" #include "mbedtls/base64.h" #include "mbedtls/error.h" +#include "mbedtls/oid.h" +#include "mbedtls/asn1write.h" +#include "config.h" #include "project.h" #include "miscutil.h" #include "errlog.h" #include "jcc.h" -#include "config.h" #include "ssl.h" +#include "ssl_common.h" +#include "encode.h" /* @@ -56,47 +60,19 @@ */ #define PEM_BEGIN_CRT "-----BEGIN CERTIFICATE-----\n" #define PEM_END_CRT "-----END CERTIFICATE-----\n" +#define VALID_DATETIME_FMT "%Y%m%d%H%M%S" +#define VALID_DATETIME_BUFLEN 15 /* * Macros for ssl.c */ -#define ERROR_BUF_SIZE 1024 /* Size of buffer for error messages */ #define CERTIFICATE_BUF_SIZE 16384 /* Size of buffer to save certificate. Value 4096 is mbedtls library buffer size for certificate in DER form */ #define PRIVATE_KEY_BUF_SIZE 16000 /* Size of buffer to save private key. Value 16000 is taken from mbed TLS library examples. */ -#define RSA_KEY_PUBLIC_EXPONENT 65537 /* Public exponent for RSA private key generating */ -#define RSA_KEYSIZE 2048 /* Size of generated RSA keys */ -#define GENERATED_CERT_VALID_FROM "20100101000000" /* Date and time, which will be set in generated certificates as parameter valid from */ -#define GENERATED_CERT_VALID_TO "20401231235959" /* Date and time, which will be set in generated certificates as parameter valid to */ #define CERT_SIGNATURE_ALGORITHM MBEDTLS_MD_SHA256 /* The MD algorithm to use for the signature */ -#define CERT_SERIAL_NUM_LENGTH 4 /* Bytes of hash to be used for creating serial number of certificate. Min=2 and max=16 */ -#define INVALID_CERT_INFO_BUF_SIZE 2048 /* Size of buffer for message with information about reason of certificate invalidity. Data after the end of buffer will not be saved */ -#define CERT_PARAM_COMMON_NAME "CN=" -#define CERT_PARAM_ORGANIZATION ",O=" -#define CERT_PARAM_ORG_UNIT ",OU=" -#define CERT_PARAM_COUNTRY ",C=CZ" -#define KEY_FILE_TYPE ".pem" -#define CERT_FILE_TYPE ".crt" -#define CERT_SUBJECT_PASSWORD "" -#define CERT_INFO_PREFIX "" - -/* - * Properties of cert for generating - */ -typedef struct { - char *issuer_crt; /* filename of the issuer certificate */ - char *subject_key; /* filename of the subject key file */ - char *issuer_key; /* filename of the issuer key file */ - const char *subject_pwd; /* password for the subject key file */ - const char *issuer_pwd; /* password for the issuer key file */ - char *output_file; /* where to store the constructed key file */ - const char *subject_name; /* subject name for certificate */ - char issuer_name[ISSUER_NAME_BUF_SIZE]; /* issuer name for certificate */ - const char *not_before; /* validity period not before */ - const char *not_after; /* validity period not after */ - const char *serial; /* serial number string */ - int is_ca; /* is a CA certificate */ - int max_pathlen; /* maximum CA path length */ -} cert_options; +#define CERT_PARAM_COMMON_NAME CERT_PARAM_COMMON_NAME_FCODE"=" +#define CERT_PARAM_ORGANIZATION ","CERT_PARAM_ORGANIZATION_FCODE"=" +#define CERT_PARAM_ORG_UNIT ","CERT_PARAM_ORG_UNIT_FCODE"=" +#define CERT_PARAM_COUNTRY ","CERT_PARAM_COUNTRY_FCODE"="CERT_PARAM_COUNTRY_CODE /* * Properties of key for generating @@ -107,73 +83,38 @@ typedef struct { char *key_file_path; /* filename of the key file */ } key_options; -extern int generate_webpage_certificate(struct client_state *csp); -static char *make_certs_path(const char *conf_dir, const char *file_name, const char *suffix); -static int file_exists(const char *path); +/* Variables for one common RNG for all SSL use */ +static mbedtls_ctr_drbg_context ctr_drbg; +static mbedtls_entropy_context entropy; +static int rng_seeded; + +static int generate_host_certificate(struct client_state *csp); static int host_to_hash(struct client_state *csp); static int ssl_verify_callback(void *data, mbedtls_x509_crt *crt, int depth, uint32_t *flags); -static void free_certificate_chain(struct client_state *csp); -static unsigned int get_certificate_mutex_id(struct client_state *csp); -static unsigned long get_certificate_serial(struct client_state *csp); static void free_client_ssl_structures(struct client_state *csp); static void free_server_ssl_structures(struct client_state *csp); static int seed_rng(struct client_state *csp); - -/********************************************************************* - * - * Function : client_use_ssl - * - * Description : Tests if client in current client state structure - * should use SSL connection or standard connection. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : If client should use TLS/SSL connection, 1 is returned. - * Otherwise 0 is returned. - * - *********************************************************************/ -extern int client_use_ssl(const struct client_state *csp) -{ - return csp->http->client_ssl; -} - - -/********************************************************************* - * - * Function : server_use_ssl - * - * Description : Tests if server in current client state structure - * should use SSL connection or standard connection. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : If server should use TLS/SSL connection, 1 is returned. - * Otherwise 0 is returned. - * - *********************************************************************/ -extern int server_use_ssl(const struct client_state *csp) -{ - return csp->http->server_ssl; -} - +static int *get_ciphersuites_from_string(const char *ciphersuites_string); /********************************************************************* * * Function : is_ssl_pending * - * Description : Tests if there are some waiting data on ssl connection + * Description : Tests if there are some waiting data on ssl connection. + * Only considers data that has actually been received + * locally and ignores data that is still on the fly + * or has not yet been sent by the remote end. * * Parameters : - * 1 : ssl = SSL context to test + * 1 : ssl_attr = SSL context to test * * Returns : 0 => No data are pending * >0 => Pending data length * *********************************************************************/ -extern size_t is_ssl_pending(mbedtls_ssl_context *ssl) +extern size_t is_ssl_pending(struct ssl_attr *ssl_attr) { + mbedtls_ssl_context *ssl = &ssl_attr->mbedtls_attr.ssl; if (ssl == NULL) { return 0; @@ -191,15 +132,16 @@ extern size_t is_ssl_pending(mbedtls_ssl_context *ssl) * connection context. * * Parameters : - * 1 : ssl = SSL context to send data to + * 1 : ssl_attr = SSL context to send data to * 2 : buf = Pointer to data to be sent * 3 : len = Length of data to be sent to the SSL context * * Returns : Length of sent data or negative value on error. * *********************************************************************/ -extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, size_t len) +extern int ssl_send_data(struct ssl_attr *ssl_attr, const unsigned char *buf, size_t len) { + mbedtls_ssl_context *ssl = &ssl_attr->mbedtls_attr.ssl; int ret = 0; size_t max_fragment_size = 0; /* Maximal length of data in one SSL fragment*/ int send_len = 0; /* length of one data part to send */ @@ -229,6 +171,9 @@ extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, siz send_len = (int)max_fragment_size; } + log_error(LOG_LEVEL_WRITING, "TLS on socket %d: %N", + ssl_attr->mbedtls_attr.socket_fd.fd, send_len, buf+pos); + /* * Sending one part of the buffer */ @@ -241,10 +186,10 @@ extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, siz { char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); mbedtls_strerror(ret, err_buf, sizeof(err_buf)); log_error(LOG_LEVEL_ERROR, - "Sending data over TLS/SSL failed: %s", err_buf); + "Sending data on socket %d over TLS/SSL failed: %s", + ssl_attr->mbedtls_attr.socket_fd.fd, err_buf); return -1; } } @@ -264,16 +209,17 @@ extern int ssl_send_data(mbedtls_ssl_context *ssl, const unsigned char *buf, siz * it into buffer. * * Parameters : - * 1 : ssl = SSL context to receive data from + * 1 : ssl_attr = SSL context to receive data from * 2 : buf = Pointer to buffer where data will be written * 3 : max_length = Maximum number of bytes to read * - * Returns : Number of bytes read, 0 for EOF, or negative - * value on error. + * Returns : Number of bytes read, 0 for EOF, or -1 + * on error. * *********************************************************************/ -extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t max_length) +extern int ssl_recv_data(struct ssl_attr *ssl_attr, unsigned char *buf, size_t max_length) { + mbedtls_ssl_context *ssl = &ssl_attr->mbedtls_attr.ssl; int ret = 0; memset(buf, 0, max_length); @@ -290,76 +236,25 @@ extern int ssl_recv_data(mbedtls_ssl_context *ssl, unsigned char *buf, size_t ma { char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); + if (ret == MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY) + { + log_error(LOG_LEVEL_CONNECT, "The peer notified us that " + "the connection on socket %d is going to be closed", + ssl_attr->mbedtls_attr.socket_fd.fd); + return 0; + } mbedtls_strerror(ret, err_buf, sizeof(err_buf)); log_error(LOG_LEVEL_ERROR, - "Receiving data over TLS/SSL failed: %s", err_buf); - } - - return ret; -} - - -/********************************************************************* - * - * Function : ssl_flush_socket - * - * Description : Send any pending "buffered" content with given - * SSL connection. Alternative to function flush_socket. - * - * Parameters : - * 1 : ssl = SSL context to send buffer to - * 2 : iob = The I/O buffer to flush, usually csp->iob. - * - * Returns : On success, the number of bytes send are returned (zero - * indicates nothing was sent). On error, -1 is returned. - * - *********************************************************************/ -extern long ssl_flush_socket(mbedtls_ssl_context *ssl, struct iob *iob) -{ - /* Computing length of buffer part to send */ - long len = iob->eod - iob->cur; + "Receiving data on socket %d over TLS/SSL failed: %s", + ssl_attr->mbedtls_attr.socket_fd.fd, err_buf); - if (len <= 0) - { - return(0); - } - - /* Sending data to given SSl context */ - if (ssl_send_data(ssl, (const unsigned char *)iob->cur, (size_t)len) < 0) - { return -1; } - iob->eod = iob->cur = iob->buf; - return(len); -} + log_error(LOG_LEVEL_RECEIVED, "TLS from socket %d: %N", + ssl_attr->mbedtls_attr.socket_fd.fd, ret, buf); -/********************************************************************* - * - * Function : ssl_debug_callback - * - * Description : Debug callback function for mbedtls library. - * Prints info into log file. - * - * Parameters : - * 1 : ctx = File to save log in - * 2 : level = Debug level - * 3 : file = File calling debug message - * 4 : line = Line calling debug message - * 5 : str = Debug message - * - * Returns : N/A - * - *********************************************************************/ -static void ssl_debug_callback(void *ctx, int level, const char *file, int line, const char *str) -{ - /* - ((void)level); - fprintf((FILE *)ctx, "%s:%04d: %s", file, line, str); - fflush((FILE *)ctx); - log_error(LOG_LEVEL_INFO, "SSL debug message: %s:%04d: %s", file, line, str); - */ + return ret; } @@ -378,6 +273,7 @@ static void ssl_debug_callback(void *ctx, int level, const char *file, int line, *********************************************************************/ extern int create_client_ssl_connection(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_client_attr; /* Paths to certificates file and key file */ char *key_file = NULL; char *ca_file = NULL; @@ -385,18 +281,16 @@ extern int create_client_ssl_connection(struct client_state *csp) int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); - /* * Initializing mbedtls structures for TLS/SSL connection */ - mbedtls_net_init(&(csp->mbedtls_client_attr.socket_fd)); - mbedtls_ssl_init(&(csp->mbedtls_client_attr.ssl)); - mbedtls_ssl_config_init(&(csp->mbedtls_client_attr.conf)); - mbedtls_x509_crt_init(&(csp->mbedtls_client_attr.server_cert)); - mbedtls_pk_init(&(csp->mbedtls_client_attr.prim_key)); + mbedtls_net_init(&(ssl_attr->mbedtls_attr.socket_fd)); + mbedtls_ssl_init(&(ssl_attr->mbedtls_attr.ssl)); + mbedtls_ssl_config_init(&(ssl_attr->mbedtls_attr.conf)); + mbedtls_x509_crt_init(&(ssl_attr->mbedtls_attr.server_cert)); + mbedtls_pk_init(&(ssl_attr->mbedtls_attr.prim_key)); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_init(&(csp->mbedtls_client_attr.cache)); + mbedtls_ssl_cache_init(&(ssl_attr->mbedtls_attr.cache)); #endif /* @@ -429,19 +323,18 @@ extern int create_client_ssl_connection(struct client_state *csp) * Generating certificate for requested host. Mutex to prevent * certificate and key inconsistence must be locked. */ - unsigned int cert_mutex_id = get_certificate_mutex_id(csp); - privoxy_mutex_lock(&(certificates_mutexes[cert_mutex_id])); + privoxy_mutex_lock(&certificate_mutex); - ret = generate_webpage_certificate(csp); + ret = generate_host_certificate(csp); if (ret < 0) { log_error(LOG_LEVEL_ERROR, - "Generate_webpage_certificate failed: %d", ret); - privoxy_mutex_unlock(&(certificates_mutexes[cert_mutex_id])); + "generate_host_certificate failed: %d", ret); + privoxy_mutex_unlock(&certificate_mutex); ret = -1; goto exit; } - privoxy_mutex_unlock(&(certificates_mutexes[cert_mutex_id])); + privoxy_mutex_unlock(&certificate_mutex); /* * Seed the RNG @@ -456,7 +349,7 @@ extern int create_client_ssl_connection(struct client_state *csp) /* * Loading CA file, webpage certificate and key files */ - ret = mbedtls_x509_crt_parse_file(&(csp->mbedtls_client_attr.server_cert), + ret = mbedtls_x509_crt_parse_file(&(ssl_attr->mbedtls_attr.server_cert), cert_file); if (ret != 0) { @@ -467,7 +360,7 @@ extern int create_client_ssl_connection(struct client_state *csp) goto exit; } - ret = mbedtls_x509_crt_parse_file(&(csp->mbedtls_client_attr.server_cert), + ret = mbedtls_x509_crt_parse_file(&(ssl_attr->mbedtls_attr.server_cert), ca_file); if (ret != 0) { @@ -478,7 +371,7 @@ extern int create_client_ssl_connection(struct client_state *csp) goto exit; } - ret = mbedtls_pk_parse_keyfile(&(csp->mbedtls_client_attr.prim_key), + ret = mbedtls_pk_parse_keyfile(&(ssl_attr->mbedtls_attr.prim_key), key_file, NULL); if (ret != 0) { @@ -493,7 +386,7 @@ extern int create_client_ssl_connection(struct client_state *csp) /* * Setting SSL parameters */ - ret = mbedtls_ssl_config_defaults(&(csp->mbedtls_client_attr.conf), + ret = mbedtls_ssl_config_defaults(&(ssl_attr->mbedtls_attr.conf), MBEDTLS_SSL_IS_SERVER, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); if (ret != 0) @@ -505,23 +398,21 @@ extern int create_client_ssl_connection(struct client_state *csp) goto exit; } - mbedtls_ssl_conf_rng(&(csp->mbedtls_client_attr.conf), + mbedtls_ssl_conf_rng(&(ssl_attr->mbedtls_attr.conf), mbedtls_ctr_drbg_random, &ctr_drbg); - mbedtls_ssl_conf_dbg(&(csp->mbedtls_client_attr.conf), - ssl_debug_callback, stdout); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_conf_session_cache(&(csp->mbedtls_client_attr.conf), - &(csp->mbedtls_client_attr.cache), mbedtls_ssl_cache_get, + mbedtls_ssl_conf_session_cache(&(ssl_attr->mbedtls_attr.conf), + &(ssl_attr->mbedtls_attr.cache), mbedtls_ssl_cache_get, mbedtls_ssl_cache_set); #endif /* * Setting certificates */ - ret = mbedtls_ssl_conf_own_cert(&(csp->mbedtls_client_attr.conf), - &(csp->mbedtls_client_attr.server_cert), - &(csp->mbedtls_client_attr.prim_key)); + ret = mbedtls_ssl_conf_own_cert(&(ssl_attr->mbedtls_attr.conf), + &(ssl_attr->mbedtls_attr.server_cert), + &(ssl_attr->mbedtls_attr.prim_key)); if (ret != 0) { mbedtls_strerror(ret, err_buf, sizeof(err_buf)); @@ -531,8 +422,24 @@ extern int create_client_ssl_connection(struct client_state *csp) goto exit; } - ret = mbedtls_ssl_setup(&(csp->mbedtls_client_attr.ssl), - &(csp->mbedtls_client_attr.conf)); + if (csp->config->cipher_list != NULL) + { + ssl_attr->mbedtls_attr.ciphersuites_list = + get_ciphersuites_from_string(csp->config->cipher_list); + if (ssl_attr->mbedtls_attr.ciphersuites_list == NULL) + { + log_error(LOG_LEVEL_ERROR, + "Setting the cipher list '%s' for the client connection failed", + csp->config->cipher_list); + ret = -1; + goto exit; + } + mbedtls_ssl_conf_ciphersuites(&(ssl_attr->mbedtls_attr.conf), + ssl_attr->mbedtls_attr.ciphersuites_list); + } + + ret = mbedtls_ssl_setup(&(ssl_attr->mbedtls_attr.ssl), + &(ssl_attr->mbedtls_attr.conf)); if (ret != 0) { mbedtls_strerror(ret, err_buf, sizeof(err_buf)); @@ -541,17 +448,17 @@ extern int create_client_ssl_connection(struct client_state *csp) goto exit; } - mbedtls_ssl_set_bio(&(csp->mbedtls_client_attr.ssl), - &(csp->mbedtls_client_attr.socket_fd), mbedtls_net_send, + mbedtls_ssl_set_bio(&(ssl_attr->mbedtls_attr.ssl), + &(ssl_attr->mbedtls_attr.socket_fd), mbedtls_net_send, mbedtls_net_recv, NULL); - mbedtls_ssl_session_reset(&(csp->mbedtls_client_attr.ssl)); + mbedtls_ssl_session_reset(&(ssl_attr->mbedtls_attr.ssl)); /* * Setting socket fd in mbedtls_net_context structure. This structure * can't be set by mbedtls functions, because we already have created * a TCP connection when this function is called. */ - csp->mbedtls_client_attr.socket_fd.fd = csp->cfd; + ssl_attr->mbedtls_attr.socket_fd.fd = csp->cfd; /* * Handshake with client @@ -559,7 +466,7 @@ extern int create_client_ssl_connection(struct client_state *csp) log_error(LOG_LEVEL_CONNECT, "Performing the TLS/SSL handshake with client. Hash of host: %s", csp->http->hash_of_host_hex); - while ((ret = mbedtls_ssl_handshake(&(csp->mbedtls_client_attr.ssl))) != 0) + while ((ret = mbedtls_ssl_handshake(&(ssl_attr->mbedtls_attr.ssl))) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) @@ -606,6 +513,7 @@ exit: *********************************************************************/ extern void close_client_ssl_connection(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_client_attr; int ret = 0; if (csp->ssl_with_client_is_opened == 0) @@ -617,7 +525,7 @@ extern void close_client_ssl_connection(struct client_state *csp) * Notifying the peer that the connection is being closed. */ do { - ret = mbedtls_ssl_close_notify(&(csp->mbedtls_client_attr.ssl)); + ret = mbedtls_ssl_close_notify(&(ssl_attr->mbedtls_attr.ssl)); } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); free_client_ssl_structures(csp); @@ -640,21 +548,23 @@ extern void close_client_ssl_connection(struct client_state *csp) *********************************************************************/ static void free_client_ssl_structures(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_client_attr; /* * We can't use function mbedtls_net_free, because this function - * inter alia close TCP connection on setted fd. Instead of this + * inter alia close TCP connection on set fd. Instead of this * function, we change fd to -1, which is the same what does * rest of mbedtls_net_free function. */ - csp->mbedtls_client_attr.socket_fd.fd = -1; + ssl_attr->mbedtls_attr.socket_fd.fd = -1; /* Freeing mbedtls structures */ - mbedtls_x509_crt_free(&(csp->mbedtls_client_attr.server_cert)); - mbedtls_pk_free(&(csp->mbedtls_client_attr.prim_key)); - mbedtls_ssl_free(&(csp->mbedtls_client_attr.ssl)); - mbedtls_ssl_config_free(&(csp->mbedtls_client_attr.conf)); + mbedtls_x509_crt_free(&(ssl_attr->mbedtls_attr.server_cert)); + mbedtls_pk_free(&(ssl_attr->mbedtls_attr.prim_key)); + mbedtls_ssl_free(&(ssl_attr->mbedtls_attr.ssl)); + freez(ssl_attr->mbedtls_attr.ciphersuites_list); + mbedtls_ssl_config_free(&(ssl_attr->mbedtls_attr.conf)); #if defined(MBEDTLS_SSL_CACHE_C) - mbedtls_ssl_cache_free(&(csp->mbedtls_client_attr.cache)); + mbedtls_ssl_cache_free(&(ssl_attr->mbedtls_attr.cache)); #endif } @@ -674,13 +584,12 @@ static void free_client_ssl_structures(struct client_state *csp) *********************************************************************/ extern int create_server_ssl_connection(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_server_attr; int ret = 0; char err_buf[ERROR_BUF_SIZE]; char *trusted_cas_file = NULL; int auth_mode = MBEDTLS_SSL_VERIFY_REQUIRED; - memset(err_buf, 0, sizeof(err_buf)); - csp->server_cert_verification_result = SSL_CERT_NOT_VERIFIED; csp->server_certs_chain.next = NULL; @@ -690,17 +599,17 @@ extern int create_server_ssl_connection(struct client_state *csp) /* * Initializing mbedtls structures for TLS/SSL connection */ - mbedtls_net_init(&(csp->mbedtls_server_attr.socket_fd)); - mbedtls_ssl_init(&(csp->mbedtls_server_attr.ssl)); - mbedtls_ssl_config_init(&(csp->mbedtls_server_attr.conf)); - mbedtls_x509_crt_init( &(csp->mbedtls_server_attr.ca_cert)); + mbedtls_net_init(&(ssl_attr->mbedtls_attr.socket_fd)); + mbedtls_ssl_init(&(ssl_attr->mbedtls_attr.ssl)); + mbedtls_ssl_config_init(&(ssl_attr->mbedtls_attr.conf)); + mbedtls_x509_crt_init(&(ssl_attr->mbedtls_attr.ca_cert)); /* * Setting socket fd in mbedtls_net_context structure. This structure * can't be set by mbedtls functions, because we already have created * TCP connection when calling this function. */ - csp->mbedtls_server_attr.socket_fd.fd = csp->server_connection.sfd; + ssl_attr->mbedtls_attr.socket_fd.fd = csp->server_connection.sfd; /* * Seed the RNG @@ -715,7 +624,7 @@ extern int create_server_ssl_connection(struct client_state *csp) /* * Loading file with trusted CAs */ - ret = mbedtls_x509_crt_parse_file(&(csp->mbedtls_server_attr.ca_cert), + ret = mbedtls_x509_crt_parse_file(&(ssl_attr->mbedtls_attr.ca_cert), trusted_cas_file); if (ret < 0) { @@ -729,7 +638,7 @@ extern int create_server_ssl_connection(struct client_state *csp) /* * Set TLS/SSL options */ - ret = mbedtls_ssl_config_defaults(&(csp->mbedtls_server_attr.conf), + ret = mbedtls_ssl_config_defaults(&(ssl_attr->mbedtls_attr.conf), MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT); @@ -751,21 +660,35 @@ extern int create_server_ssl_connection(struct client_state *csp) auth_mode = MBEDTLS_SSL_VERIFY_NONE; } - mbedtls_ssl_conf_authmode(&(csp->mbedtls_server_attr.conf), auth_mode); - mbedtls_ssl_conf_ca_chain(&(csp->mbedtls_server_attr.conf), - &(csp->mbedtls_server_attr.ca_cert), NULL); + mbedtls_ssl_conf_authmode(&(ssl_attr->mbedtls_attr.conf), auth_mode); + mbedtls_ssl_conf_ca_chain(&(ssl_attr->mbedtls_attr.conf), + &(ssl_attr->mbedtls_attr.ca_cert), NULL); /* Setting callback function for certificates verification */ - mbedtls_ssl_conf_verify(&(csp->mbedtls_server_attr.conf), + mbedtls_ssl_conf_verify(&(ssl_attr->mbedtls_attr.conf), ssl_verify_callback, (void *)csp); - mbedtls_ssl_conf_rng(&(csp->mbedtls_server_attr.conf), + mbedtls_ssl_conf_rng(&(ssl_attr->mbedtls_attr.conf), mbedtls_ctr_drbg_random, &ctr_drbg); - mbedtls_ssl_conf_dbg(&(csp->mbedtls_server_attr.conf), - ssl_debug_callback, stdout); - ret = mbedtls_ssl_setup(&(csp->mbedtls_server_attr.ssl), - &(csp->mbedtls_server_attr.conf)); + if (csp->config->cipher_list != NULL) + { + ssl_attr->mbedtls_attr.ciphersuites_list = + get_ciphersuites_from_string(csp->config->cipher_list); + if (ssl_attr->mbedtls_attr.ciphersuites_list == NULL) + { + log_error(LOG_LEVEL_ERROR, + "Setting the cipher list '%s' for the server connection failed", + csp->config->cipher_list); + ret = -1; + goto exit; + } + mbedtls_ssl_conf_ciphersuites(&(ssl_attr->mbedtls_attr.conf), + ssl_attr->mbedtls_attr.ciphersuites_list); + } + + ret = mbedtls_ssl_setup(&(ssl_attr->mbedtls_attr.ssl), + &(ssl_attr->mbedtls_attr.conf)); if (ret != 0) { mbedtls_strerror(ret, err_buf, sizeof(err_buf)); @@ -777,7 +700,7 @@ extern int create_server_ssl_connection(struct client_state *csp) /* * Set the hostname to check against the received server certificate */ - ret = mbedtls_ssl_set_hostname(&(csp->mbedtls_server_attr.ssl), + ret = mbedtls_ssl_set_hostname(&(ssl_attr->mbedtls_attr.ssl), csp->http->host); if (ret != 0) { @@ -788,17 +711,17 @@ extern int create_server_ssl_connection(struct client_state *csp) goto exit; } - mbedtls_ssl_set_bio(&(csp->mbedtls_server_attr.ssl), - &(csp->mbedtls_server_attr.socket_fd), mbedtls_net_send, + mbedtls_ssl_set_bio(&(ssl_attr->mbedtls_attr.ssl), + &(ssl_attr->mbedtls_attr.socket_fd), mbedtls_net_send, mbedtls_net_recv, NULL); /* * Handshake with server */ log_error(LOG_LEVEL_CONNECT, - "Performing the TLS/SSL handshake with server"); + "Performing the TLS/SSL handshake with the server"); - while ((ret = mbedtls_ssl_handshake(&(csp->mbedtls_server_attr.ssl))) != 0) + while ((ret = mbedtls_ssl_handshake(&(ssl_attr->mbedtls_attr.ssl))) != 0) { if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) @@ -807,17 +730,24 @@ extern int create_server_ssl_connection(struct client_state *csp) if (ret == MBEDTLS_ERR_X509_CERT_VERIFY_FAILED) { - log_error(LOG_LEVEL_ERROR, - "Server certificate verification failed: %s", err_buf); + char reason[INVALID_CERT_INFO_BUF_SIZE]; + csp->server_cert_verification_result = - mbedtls_ssl_get_verify_result(&(csp->mbedtls_server_attr.ssl)); + mbedtls_ssl_get_verify_result(&(ssl_attr->mbedtls_attr.ssl)); + mbedtls_x509_crt_verify_info(reason, sizeof(reason), "", + csp->server_cert_verification_result); + /* Log the reason without the trailing new line */ + log_error(LOG_LEVEL_ERROR, + "X509 certificate verification for %s failed: %N", + csp->http->hostport, strlen(reason)-1, reason); ret = -1; } else { log_error(LOG_LEVEL_ERROR, "mbedtls_ssl_handshake with server failed: %s", err_buf); + free_certificate_chain(csp); ret = -1; } goto exit; @@ -834,7 +764,7 @@ extern int create_server_ssl_connection(struct client_state *csp) csp->ssl_with_server_is_opened = 1; csp->server_cert_verification_result = - mbedtls_ssl_get_verify_result(&(csp->mbedtls_server_attr.ssl)); + mbedtls_ssl_get_verify_result(&(ssl_attr->mbedtls_attr.ssl)); exit: /* Freeing structures if connection wasn't created successfully */ @@ -860,8 +790,9 @@ exit: * Returns : N/A * *********************************************************************/ -static void close_server_ssl_connection(struct client_state *csp) +extern void close_server_ssl_connection(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_server_attr; int ret = 0; if (csp->ssl_with_server_is_opened == 0) @@ -873,7 +804,7 @@ static void close_server_ssl_connection(struct client_state *csp) * Notifying the peer that the connection is being closed. */ do { - ret = mbedtls_ssl_close_notify(&(csp->mbedtls_server_attr.ssl)); + ret = mbedtls_ssl_close_notify(&(ssl_attr->mbedtls_attr.ssl)); } while (ret == MBEDTLS_ERR_SSL_WANT_WRITE); free_server_ssl_structures(csp); @@ -895,45 +826,22 @@ static void close_server_ssl_connection(struct client_state *csp) *********************************************************************/ static void free_server_ssl_structures(struct client_state *csp) { + struct ssl_attr *ssl_attr = &csp->ssl_server_attr; /* * We can't use function mbedtls_net_free, because this function - * inter alia close TCP connection on setted fd. Instead of this + * inter alia close TCP connection on set fd. Instead of this * function, we change fd to -1, which is the same what does * rest of mbedtls_net_free function. */ - csp->mbedtls_client_attr.socket_fd.fd = -1; + ssl_attr->mbedtls_attr.socket_fd.fd = -1; - mbedtls_x509_crt_free(&(csp->mbedtls_server_attr.ca_cert)); - mbedtls_ssl_free(&(csp->mbedtls_server_attr.ssl)); - mbedtls_ssl_config_free(&(csp->mbedtls_server_attr.conf)); + mbedtls_x509_crt_free(&(ssl_attr->mbedtls_attr.ca_cert)); + mbedtls_ssl_free(&(ssl_attr->mbedtls_attr.ssl)); + freez(ssl_attr->mbedtls_attr.ciphersuites_list); + mbedtls_ssl_config_free(&(ssl_attr->mbedtls_attr.conf)); } -/********************************************************************* - * - * Function : close_client_and_server_ssl_connections - * - * Description : Checks if client or server should use secured - * connection over SSL and if so, closes all of them. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : N/A - * - *********************************************************************/ -extern void close_client_and_server_ssl_connections(struct client_state *csp) -{ - if (client_use_ssl(csp) == 1) - { - close_client_ssl_connection(csp); - } - if (server_use_ssl(csp) == 1) - { - close_server_ssl_connection(csp); - } -} - /*====================== Certificates ======================*/ /********************************************************************* @@ -961,7 +869,6 @@ static int write_certificate(mbedtls_x509write_cert *crt, const char *output_fil int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); memset(cert_buf, 0, sizeof(cert_buf)); /* @@ -1029,18 +936,8 @@ static int write_private_key(mbedtls_pk_context *key, unsigned char **ret_buf, int ret = 0; char err_buf[ERROR_BUF_SIZE]; - memset(err_buf, 0, sizeof(err_buf)); - /* Initializing buffer for key file content */ - *ret_buf = (unsigned char *)malloc(PRIVATE_KEY_BUF_SIZE + 1); - if (*ret_buf == NULL) - { - log_error(LOG_LEVEL_ERROR, - "Creating buffer for private key failed: malloc fail"); - ret = -1; - goto exit; - } - memset(*ret_buf, 0, PRIVATE_KEY_BUF_SIZE + 1); + *ret_buf = zalloc_or_die(PRIVATE_KEY_BUF_SIZE + 1); /* * Writing private key into PEM string @@ -1102,15 +999,15 @@ exit: * contain NULL and no private key is generated. * * Parameters : - * 1 : key_buf = buffer to save new generated key - * 2 : csp = Current client state (buffers, headers, etc...) + * 1 : csp = Current client state (buffers, headers, etc...) + * 2 : key_buf = buffer to save new generated key * * Returns : -1 => Error while generating private key * 0 => Key already exists * >0 => Length of generated private key * *********************************************************************/ -static int generate_key(unsigned char **key_buf, struct client_state *csp) +static int generate_key(struct client_state *csp, unsigned char **key_buf) { mbedtls_pk_context key; key_options key_opt; @@ -1118,7 +1015,6 @@ static int generate_key(unsigned char **key_buf, struct client_state *csp) char err_buf[ERROR_BUF_SIZE]; key_opt.key_file_path = NULL; - memset(err_buf, 0, sizeof(err_buf)); /* * Initializing structures for key generating @@ -1205,7 +1101,163 @@ exit: /********************************************************************* * - * Function : generate_webpage_certificate + * Function : ssl_certificate_is_invalid + * + * Description : Checks whether or not a certificate is valid. + * Currently only checks that the certificate can be + * parsed and that the "valid to" date is in the future. + * + * Parameters : + * 1 : cert_file = The certificate to check + * + * Returns : 0 => The certificate is valid. + * 1 => The certificate is invalid + * + *********************************************************************/ +static int ssl_certificate_is_invalid(const char *cert_file) +{ + mbedtls_x509_crt cert; + int ret; + + mbedtls_x509_crt_init(&cert); + + ret = mbedtls_x509_crt_parse_file(&cert, cert_file); + if (ret != 0) + { + char err_buf[ERROR_BUF_SIZE]; + + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "Loading certificate %s to check validity failed: %s", + cert_file, err_buf); + mbedtls_x509_crt_free(&cert); + + return 1; + } + if (mbedtls_x509_time_is_past(&cert.valid_to)) + { + mbedtls_x509_crt_free(&cert); + + return 1; + } + + mbedtls_x509_crt_free(&cert); + + return 0; + +} + + +/********************************************************************* + * + * Function : set_subject_alternative_name + * + * Description : Sets the Subject Alternative Name extension to a cert + * + * Parameters : + * 1 : cert = The certificate to modify + * 2 : hostname = The hostname to add + * + * Returns : <0 => Error while creating certificate. + * 0 => It worked + * + *********************************************************************/ +static int set_subject_alternative_name(mbedtls_x509write_cert *cert, const char *hostname) +{ + char err_buf[ERROR_BUF_SIZE]; + int ret; + char *subject_alternative_name; + size_t subject_alternative_name_len; +#define MBEDTLS_SUBJECT_ALTERNATIVE_NAME_MAX_LEN 255 + unsigned char san_buf[MBEDTLS_SUBJECT_ALTERNATIVE_NAME_MAX_LEN + 1]; + unsigned char *c; + int len; + + subject_alternative_name_len = strlen(hostname) + 1; + subject_alternative_name = zalloc_or_die(subject_alternative_name_len); + + strlcpy(subject_alternative_name, hostname, subject_alternative_name_len); + + memset(san_buf, 0, sizeof(san_buf)); + + c = san_buf + sizeof(san_buf); + len = 0; + + ret = mbedtls_asn1_write_raw_buffer(&c, san_buf, + (const unsigned char *)subject_alternative_name, + strlen(subject_alternative_name)); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_asn1_write_raw_buffer() failed: %s", err_buf); + goto exit; + } + len += ret; + + ret = mbedtls_asn1_write_len(&c, san_buf, strlen(subject_alternative_name)); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_asn1_write_len() failed: %s", err_buf); + goto exit; + } + len += ret; + + ret = mbedtls_asn1_write_tag(&c, san_buf, MBEDTLS_ASN1_CONTEXT_SPECIFIC | 2); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_asn1_write_tag() failed: %s", err_buf); + goto exit; + } + len += ret; + + ret = mbedtls_asn1_write_len(&c, san_buf, (size_t)len); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_asn1_write_len() failed: %s", err_buf); + goto exit; + } + len += ret; + + ret = mbedtls_asn1_write_tag(&c, san_buf, + MBEDTLS_ASN1_CONSTRUCTED | MBEDTLS_ASN1_SEQUENCE); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_asn1_write_tag() failed: %s", err_buf); + goto exit; + } + len += ret; + + ret = mbedtls_x509write_crt_set_extension(cert, + MBEDTLS_OID_SUBJECT_ALT_NAME, + MBEDTLS_OID_SIZE(MBEDTLS_OID_SUBJECT_ALT_NAME), + 0, san_buf + sizeof(san_buf) - len, (size_t)len); + if (ret < 0) + { + mbedtls_strerror(ret, err_buf, sizeof(err_buf)); + log_error(LOG_LEVEL_ERROR, + "mbedtls_x509write_crt_set_extension() failed: %s", err_buf); + } + +exit: + freez(subject_alternative_name); + + return ret; + +} + + +/********************************************************************* + * + * Function : generate_host_certificate * * Description : Creates certificate file in presetted directory. * If certificate already exists, no other certificate @@ -1217,11 +1269,11 @@ exit: * 1 : csp = Current client state (buffers, headers, etc...) * * Returns : -1 => Error while creating certificate. - * 0 => Certificate alreaday exist. + * 0 => Certificate already exists. * >0 => Length of created certificate. * *********************************************************************/ -extern int generate_webpage_certificate(struct client_state *csp) +static int generate_host_certificate(struct client_state *csp) { mbedtls_x509_crt issuer_cert; mbedtls_pk_context loaded_issuer_key, loaded_subject_key; @@ -1235,21 +1287,84 @@ extern int generate_webpage_certificate(struct client_state *csp) int ret = 0; char err_buf[ERROR_BUF_SIZE]; cert_options cert_opt; - - memset(err_buf, 0, sizeof(err_buf)); + char cert_valid_from[VALID_DATETIME_BUFLEN]; + char cert_valid_to[VALID_DATETIME_BUFLEN]; /* Paths to keys and certificates needed to create certificate */ cert_opt.issuer_key = NULL; cert_opt.subject_key = NULL; cert_opt.issuer_crt = NULL; - cert_opt.output_file = NULL; + + cert_opt.output_file = make_certs_path(csp->config->certificate_directory, + (const char *)csp->http->hash_of_host_hex, CERT_FILE_TYPE); + if (cert_opt.output_file == NULL) + { + return -1; + } + + cert_opt.subject_key = make_certs_path(csp->config->certificate_directory, + (const char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE); + if (cert_opt.subject_key == NULL) + { + freez(cert_opt.output_file); + return -1; + } + + if (enforce_sane_certificate_state(cert_opt.output_file, + cert_opt.subject_key)) + { + freez(cert_opt.output_file); + freez(cert_opt.subject_key); + + return -1; + } + + if (file_exists(cert_opt.output_file) == 1) + { + /* The file exists, but is it valid? */ + if (ssl_certificate_is_invalid(cert_opt.output_file)) + { + log_error(LOG_LEVEL_CONNECT, + "Certificate %s is no longer valid. Removing it.", + cert_opt.output_file); + if (unlink(cert_opt.output_file)) + { + log_error(LOG_LEVEL_ERROR, "Failed to unlink %s: %E", + cert_opt.output_file); + + freez(cert_opt.output_file); + freez(cert_opt.subject_key); + + return -1; + } + if (unlink(cert_opt.subject_key)) + { + log_error(LOG_LEVEL_ERROR, "Failed to unlink %s: %E", + cert_opt.subject_key); + + freez(cert_opt.output_file); + freez(cert_opt.subject_key); + + return -1; + } + } + else + { + freez(cert_opt.output_file); + freez(cert_opt.subject_key); + + return 0; + } + } /* * Create key for requested host */ - int subject_key_len = generate_key(&key_buf, csp); + int subject_key_len = generate_key(csp, &key_buf); if (subject_key_len < 0) { + freez(cert_opt.output_file); + freez(cert_opt.subject_key); log_error(LOG_LEVEL_ERROR, "Key generating failed"); return -1; } @@ -1258,7 +1373,7 @@ extern int generate_webpage_certificate(struct client_state *csp) * Initializing structures for certificate generating */ mbedtls_x509write_crt_init(&cert); - mbedtls_x509write_crt_set_md_alg( &cert, CERT_SIGNATURE_ALGORITHM); + mbedtls_x509write_crt_set_md_alg(&cert, CERT_SIGNATURE_ALGORITHM); mbedtls_pk_init(&loaded_issuer_key); mbedtls_pk_init(&loaded_subject_key); mbedtls_mpi_init(&serial); @@ -1280,14 +1395,17 @@ extern int generate_webpage_certificate(struct client_state *csp) * We must compute length of serial number in string + terminating null. */ unsigned long certificate_serial = get_certificate_serial(csp); - int serial_num_size = snprintf(NULL, 0, "%lu", certificate_serial) + 1; + unsigned long certificate_serial_time = (unsigned long)time(NULL); + int serial_num_size = snprintf(NULL, 0, "%lu%lu", + certificate_serial_time, certificate_serial) + 1; if (serial_num_size <= 0) { serial_num_size = 1; } char serial_num_text[serial_num_size]; /* Buffer for serial number */ - ret = snprintf(serial_num_text, (size_t)serial_num_size, "%lu", certificate_serial); + ret = snprintf(serial_num_text, (size_t)serial_num_size, "%lu%lu", + certificate_serial_time, certificate_serial); if (ret < 0 || ret >= serial_num_size) { log_error(LOG_LEVEL_ERROR, @@ -1309,13 +1427,11 @@ extern int generate_webpage_certificate(struct client_state *csp) cert_opt.issuer_crt = csp->config->ca_cert_file; cert_opt.issuer_key = csp->config->ca_key_file; - cert_opt.subject_key = make_certs_path(csp->config->certificate_directory, - (const char *)csp->http->hash_of_host_hex, KEY_FILE_TYPE); - cert_opt.output_file = make_certs_path(csp->config->certificate_directory, - (const char *)csp->http->hash_of_host_hex, CERT_FILE_TYPE); - if (cert_opt.subject_key == NULL || cert_opt.output_file == NULL) + if (get_certificate_valid_from_date(cert_valid_from, sizeof(cert_valid_from), VALID_DATETIME_FMT) + || get_certificate_valid_to_date(cert_valid_to, sizeof(cert_valid_to), VALID_DATETIME_FMT)) { + log_error(LOG_LEVEL_ERROR, "Generating one of the validity dates failed"); ret = -1; goto exit; } @@ -1323,17 +1439,19 @@ extern int generate_webpage_certificate(struct client_state *csp) cert_opt.subject_pwd = CERT_SUBJECT_PASSWORD; cert_opt.issuer_pwd = csp->config->ca_password; cert_opt.subject_name = cert_params; - cert_opt.not_before = GENERATED_CERT_VALID_FROM; - cert_opt.not_after = GENERATED_CERT_VALID_TO; + cert_opt.not_before = cert_valid_from; + cert_opt.not_after = cert_valid_to; cert_opt.serial = serial_num_text; cert_opt.is_ca = 0; cert_opt.max_pathlen = -1; /* - * Test if certificate exists and private key was already created + * Test if the private key was already created. + * XXX: Can this still happen? */ - if (file_exists(cert_opt.output_file) == 1 && subject_key_len == 0) + if (subject_key_len == 0) { + log_error(LOG_LEVEL_ERROR, "Subject key was already created"); ret = 0; goto exit; } @@ -1427,8 +1545,8 @@ extern int generate_webpage_certificate(struct client_state *csp) if (!mbedtls_pk_can_do(&issuer_cert.pk, MBEDTLS_PK_RSA) || mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa(issuer_cert.pk)->N, &mbedtls_pk_rsa(*issuer_key)->N) != 0 || - mbedtls_mpi_cmp_mpi( &mbedtls_pk_rsa(issuer_cert.pk)->E, - &mbedtls_pk_rsa(*issuer_key )->E) != 0) + mbedtls_mpi_cmp_mpi(&mbedtls_pk_rsa(issuer_cert.pk)->E, + &mbedtls_pk_rsa(*issuer_key)->E) != 0) { log_error(LOG_LEVEL_ERROR, "Issuer key doesn't match issuer certificate"); @@ -1521,6 +1639,14 @@ extern int generate_webpage_certificate(struct client_state *csp) } #endif /* MBEDTLS_SHA1_C */ + if (!host_is_ip_address(csp->http->host) && + set_subject_alternative_name(&cert, csp->http->host)) + { + /* Errors are already logged by set_subject_alternative_name() */ + ret = -1; + goto exit; + } + /* * Writing certificate into file */ @@ -1549,551 +1675,319 @@ exit: return ret; } - /********************************************************************* * - * Function : make_certs_path + * Function : ssl_verify_callback * - * Description : Creates path to file from three pieces. This fuction - * takes parameters and puts them in one new mallocated - * char * in correct order. Returned variable must be freed - * by caller. This function is mainly used for creating - * paths of certificates and keys files. + * Description : This is a callback function for certificate verification. + * It's called once for each certificate in the server's + * certificate trusted chain and prepares information about + * the certificate. The information can be used to inform + * the user about invalid certificates. * * Parameters : - * 1 : conf_dir = Name/path of directory where is the file. - * '.' can be used for current directory. - * 2 : file_name = Name of file in conf_dir without suffix. - * 3 : suffix = Suffix of given file_name. + * 1 : csp_void = Current client state (buffers, headers, etc...) + * 2 : crt = certificate from trusted chain + * 3 : depth = depth in trusted chain + * 4 : flags = certificate flags * - * Returns : path => Path was built up successfully - * NULL => Path can't be built up + * Returns : 0 on success and negative value on error * *********************************************************************/ -static char *make_certs_path(const char *conf_dir, const char *file_name, - const char *suffix) +static int ssl_verify_callback(void *csp_void, mbedtls_x509_crt *crt, + int depth, uint32_t *flags) { - /* Test if all given parameters are valid */ - if (conf_dir == NULL || *conf_dir == '\0' || file_name == NULL || - *file_name == '\0' || suffix == NULL || *suffix == '\0') - { - log_error(LOG_LEVEL_ERROR, - "make_certs_path failed: bad input parameters"); - return NULL; - } - - char *path = NULL; - size_t path_size = strlen(conf_dir) - + strlen(file_name) + strlen(suffix) + 2; - - /* Setting delimiter and editing path length */ -#if defined(_WIN32) || defined(__OS2__) - char delim[] = "\\"; - path_size += 1; -#else /* ifndef _WIN32 || __OS2__ */ - char delim[] = "/"; -#endif /* ifndef _WIN32 || __OS2__ */ + struct client_state *csp = (struct client_state *)csp_void; + struct certs_chain *last = &(csp->server_certs_chain); + size_t olen = 0; + int ret = 0; /* - * Building up path from many parts + * Searching for last item in certificates linked list */ -#if defined(unix) - if (*conf_dir != '/' && basedir && *basedir) - { - /* - * Replacing conf_dir with basedir. This new variable contains - * absolute path to cwd. - */ - path_size += strlen(basedir) + 2; - path = (char *)malloc(path_size); - if (path == NULL) - { - log_error(LOG_LEVEL_ERROR, "make_certs_path failed: malloc fail"); - return NULL; - } - memset(path, 0, path_size); - - strlcpy(path, basedir, path_size); - strlcat(path, delim, path_size); - strlcat(path, conf_dir, path_size); - strlcat(path, delim, path_size); - strlcat(path, file_name, path_size); - strlcat(path, suffix, path_size); - } - else -#endif /* defined unix */ - { - path = (char *)malloc(path_size); - if (path == NULL) - { - log_error(LOG_LEVEL_ERROR, "make_certs_path failed: malloc fail"); - return NULL; - } - memset(path, 0, path_size); - - strlcpy(path, conf_dir, path_size); - strlcat(path, delim, path_size); - strlcat(path, file_name, path_size); - strlcat(path, suffix, path_size); - } - - return path; -} - - -/********************************************************************* - * - * Function : get_certificate_mutex_id - * - * Description : Computes mutex id from host name hash. This hash must - * be already saved in csp structure - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : Mutex id for given host name - * - *********************************************************************/ -static unsigned int get_certificate_mutex_id(struct client_state *csp) { -#ifdef LIMIT_MUTEX_NUMBER - return (unsigned int)(csp->http->hash_of_host[0] % 32); -#else - return (unsigned int)(csp->http->hash_of_host[1] - + 256 * (int)csp->http->hash_of_host[0]); -#endif /* LIMIT_MUTEX_NUMBER */ -} - - -/********************************************************************* - * - * Function : get_certificate_serial - * - * Description : Computes serial number for new certificate from host - * name hash. This hash must be already saved in csp - * structure. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : Serial number for new certificate - * - *********************************************************************/ -static unsigned long get_certificate_serial(struct client_state *csp) { - unsigned long exp = 1; - unsigned long serial = 0; - - int i = CERT_SERIAL_NUM_LENGTH; - /* Length of hash is 16 bytes, we must avoid to read next chars */ - if (i > 16) - { - i = 16; - } - if (i < 2) - { - i = 2; - } - - for (; i >= 0; i--) + while (last->next != NULL) { - serial += exp * (unsigned)csp->http->hash_of_host[i]; - exp *= 256; + last = last->next; } - return serial; -} - - -/********************************************************************* - * - * Function : ssl_send_certificate_error - * - * Description : Sends info about invalid server certificate to client. - * Sent message is including all trusted chain certificates, - * that can be downloaded in web browser. - * - * Parameters : - * 1 : csp = Current client state (buffers, headers, etc...) - * - * Returns : N/A - * - *********************************************************************/ -extern void ssl_send_certificate_error(struct client_state *csp) -{ - size_t message_len = 0; - int ret = 0; - struct certs_chain *cert = NULL; - - /* Header of message with certificate informations */ - const char message_begin[] = - "HTTP/1.1 200 OK\r\n" - "Content-Type: text/html\r\n" - "Connection: close\r\n\r\n" - "

Invalid server certificate

Reason: "; - const char message_end[] = "\r\n\r\n"; - char reason[INVALID_CERT_INFO_BUF_SIZE]; - memset(reason, 0, sizeof(reason)); - - /* Get verification message from verification return code */ - mbedtls_x509_crt_verify_info(reason, sizeof(reason), " ", - csp->server_cert_verification_result); /* - * Computing total length of message with all certificates inside + * Preparing next item in linked list for next certificate */ - message_len = strlen(message_begin) + strlen(message_end) - + strlen(reason) + strlen("

") + 1; + last->next = malloc_or_die(sizeof(struct certs_chain)); + last->next->next = NULL; + memset(last->next->info_buf, 0, sizeof(last->next->info_buf)); + memset(last->next->file_buf, 0, sizeof(last->next->file_buf)); - cert = &(csp->server_certs_chain); - while (cert->next != NULL) + /* + * Saving certificate file into buffer + */ + if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT, + crt->raw.p, crt->raw.len, (unsigned char *)last->file_buf, + sizeof(last->file_buf)-1, &olen)) != 0) { - size_t base64_len = 4 * ((strlen(cert->file_buf) + 2) / 3) + 1; + char err_buf[ERROR_BUF_SIZE]; - message_len += strlen(cert->text_buf) + strlen("
\n")
-                     +  base64_len + strlen("Download certificate");
-      cert = cert->next;
+      mbedtls_strerror(ret, err_buf, sizeof(err_buf));
+      log_error(LOG_LEVEL_ERROR, "mbedtls_pem_write_buffer() failed: %s",
+         err_buf);
+
+      return(ret);
    }
 
    /*
-    * Joining all blocks in one long message
+    * Saving certificate information into buffer
     */
-   char message[message_len];
-   memset(message, 0, message_len);
-
-   strlcpy(message, message_begin, message_len);
-   strlcat(message, reason       , message_len);
-   strlcat(message, "
"       , message_len);
-
-   cert = &(csp->server_certs_chain);
-   while (cert->next != NULL)
-   {
-      size_t olen = 0;
-      size_t base64_len = 4 * ((strlen(cert->file_buf) + 2) / 3) + 1; /* +1 for terminating null*/
-      char base64_buf[base64_len];
-      memset(base64_buf, 0, base64_len);
-
-      /* Encoding certificate into base64 code */
-      ret = mbedtls_base64_encode((unsigned char*)base64_buf,
-               base64_len, &olen, (const unsigned char*)cert->file_buf,
-               strlen(cert->file_buf));
-      if (ret != 0)
-      {
-         log_error(LOG_LEVEL_ERROR,
-            "Encoding to base64 failed, buffer is to small");
-      }
-
-      strlcat(message, "
",        message_len);
-      strlcat(message, cert->text_buf, message_len);
-      strlcat(message, "
\n",     message_len);
+   {
+      char buf[CERT_INFO_BUF_SIZE];
+      char *encoded_text;
+#define CERT_INFO_PREFIX                 ""
 
-      if (ret == 0)
+      mbedtls_x509_crt_info(buf, sizeof(buf), CERT_INFO_PREFIX, crt);
+      encoded_text = html_encode(buf);
+      if (encoded_text == NULL)
       {
-         strlcat(message, "Download certificate", message_len);
+         log_error(LOG_LEVEL_ERROR,
+            "Failed to HTML-encode the certificate information");
+         return -1;
       }
-
-      cert = cert->next;
+      strlcpy(last->info_buf, encoded_text, sizeof(last->info_buf));
+      freez(encoded_text);
    }
-   strlcat(message, message_end, message_len);
 
-   /*
-    * Sending final message to client
-    */
-   ssl_send_data(&(csp->mbedtls_client_attr.ssl),
-      (const unsigned char *)message, strlen(message));
-   /*
-    * Waiting before closing connection. Some browsers don't show received
-    * message if there isn't this delay.
-    */
-   sleep(1);
-
-   free_certificate_chain(csp);
+   return 0;
 }
 
 
 /*********************************************************************
  *
- * Function    :  ssl_verify_callback
+ * Function    :  host_to_hash
  *
- * Description :  This is a callback function for certificate verification.
- *                It's called for all certificates in server certificate
- *                trusted chain and it's preparing information about this
- *                certificates. Prepared informations can be used to inform
- *                user about invalid certificates.
+ * Description :  Creates MD5 hash from host name. Host name is loaded
+ *                from structure csp and saved again into it.
  *
  * Parameters  :
- *          1  :  csp_void = Current client state (buffers, headers, etc...)
- *          2  :  crt   = certificate from trusted chain
- *          3  :  depth = depth in trusted chain
- *          4  :  flags = certificate flags
+ *          1  :  csp = Current client state (buffers, headers, etc...)
  *
- * Returns     :  0 on success and negative value on error
+ * Returns     : -1 => Error while creating hash
+ *                0 => Hash created successfully
  *
  *********************************************************************/
-static int ssl_verify_callback(void *csp_void, mbedtls_x509_crt *crt,
-   int depth, uint32_t *flags)
+static int host_to_hash(struct client_state *csp)
 {
-   struct client_state *csp  = (struct client_state *)csp_void;
-   struct certs_chain  *last = &(csp->server_certs_chain);
-   size_t olen = 0;
    int ret = 0;
 
-   /*
-    * Searching for last item in certificates linked list
-    */
-   while (last->next != NULL)
+#if !defined(MBEDTLS_MD5_C)
+#error mbedTLS needs to be compiled with md5 support
+#else
+   memset(csp->http->hash_of_host, 0, sizeof(csp->http->hash_of_host));
+   ret = mbedtls_md5_ret((unsigned char *)csp->http->host,
+      strlen(csp->http->host), csp->http->hash_of_host);
+   if (ret != 0)
    {
-      last = last->next;
+      log_error(LOG_LEVEL_ERROR,
+         "Failed to generate md5 hash of host %s: %d",
+         csp->http->host, ret);
+      return -1;
    }
 
-   /*
-    * Preparing next item in linked list for next certificate
-    * If malloc fails, we are continuing without this certificate
-    */
-   last->next = (struct certs_chain *)malloc(sizeof(struct certs_chain));
-   if (last->next != NULL)
+   /* Converting hash into string with hex */
+   size_t i = 0;
+   for (; i < 16; i++)
    {
-      last->next->next = NULL;
-      memset(last->next->text_buf, 0, sizeof(last->next->text_buf));
-      memset(last->next->file_buf, 0, sizeof(last->next->file_buf));
-
-      /*
-       * Saving certificate file into buffer
-       */
-      if ((ret = mbedtls_pem_write_buffer(PEM_BEGIN_CRT, PEM_END_CRT,
-         crt->raw.p, crt->raw.len, (unsigned char *)last->file_buf,
-         sizeof(last->file_buf)-1, &olen)) != 0)
+      if ((ret = sprintf((char *)csp->http->hash_of_host_hex + 2 * i, "%02x",
+         csp->http->hash_of_host[i])) < 0)
       {
-         return(ret);
+         log_error(LOG_LEVEL_ERROR, "Sprintf return value: %d", ret);
+         return -1;
       }
-
-      /*
-       * Saving certificate information into buffer
-       */
-      mbedtls_x509_crt_info(last->text_buf, sizeof(last->text_buf) - 1,
-         CERT_INFO_PREFIX, crt);
-   }
-   else
-   {
-      log_error(LOG_LEVEL_ERROR,
-         "Malloc memory for server certificate informations failed");
-      return -1;
    }
 
    return 0;
+#endif /* MBEDTLS_MD5_C */
 }
 
-
 /*********************************************************************
  *
- * Function    :  free_certificate_chain
+ * Function    :  seed_rng
  *
- * Description :  Frees certificates linked list. This linked list is
- *                used to save informations about certificates in
- *                trusted chain.
+ * Description :  Seeding the RNG for all SSL uses
  *
  * Parameters  :
  *          1  :  csp = Current client state (buffers, headers, etc...)
  *
- * Returns     :  N/A
+ * Returns     : -1 => RNG wasn't seed successfully
+ *                0 => RNG is seeded successfully
  *
  *********************************************************************/
-static void free_certificate_chain(struct client_state *csp)
+static int seed_rng(struct client_state *csp)
 {
-   struct certs_chain *cert = csp->server_certs_chain.next;
-
-   /* Cleaning buffers */
-   memset(csp->server_certs_chain.text_buf, 0,
-      sizeof(csp->server_certs_chain.text_buf));
-   memset(csp->server_certs_chain.text_buf, 0,
-      sizeof(csp->server_certs_chain.file_buf));
-   csp->server_certs_chain.next = NULL;
+   int ret = 0;
+   char err_buf[ERROR_BUF_SIZE];
 
-   /* Freeing memory in whole linked list */
-   if (cert != NULL)
+   if (rng_seeded == 0)
    {
-      do
+      privoxy_mutex_lock(&ssl_init_mutex);
+      if (rng_seeded == 0)
       {
-         struct certs_chain *cert_for_free = cert;
-         cert = cert->next;
-         freez(cert_for_free);
-      } while (cert != NULL);
+         mbedtls_ctr_drbg_init(&ctr_drbg);
+         mbedtls_entropy_init(&entropy);
+         ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
+            &entropy, NULL, 0);
+         if (ret != 0)
+         {
+            mbedtls_strerror(ret, err_buf, sizeof(err_buf));
+            log_error(LOG_LEVEL_ERROR,
+               "mbedtls_ctr_drbg_seed failed: %s", err_buf);
+            privoxy_mutex_unlock(&ssl_init_mutex);
+            return -1;
+         }
+         rng_seeded = 1;
+      }
+      privoxy_mutex_unlock(&ssl_init_mutex);
    }
+   return 0;
 }
 
 
 /*********************************************************************
  *
- * Function    :  file_exists
+ * Function    :  ssl_base64_encode
  *
- * Description :  Tests if file exists and is readable.
+ * Description :  Encode a buffer into base64 format.
  *
  * Parameters  :
- *          1  :  path = Path to tested file.
+ *          1  :  dst = Destination buffer
+ *          2  :  dlen = Destination buffer length
+ *          3  :  olen = Number of bytes written
+ *          4  :  src = Source buffer
+ *          5  :  slen = Amount of data to be encoded
  *
- * Returns     :  1 => File exists and is readable.
- *                0 => File doesn't exist or is not readable.
+ * Returns     :  0 on success, error code othervise
  *
  *********************************************************************/
-static int file_exists(const char *path)
+extern int ssl_base64_encode(unsigned char *dst, size_t dlen, size_t *olen,
+                             const unsigned char *src, size_t slen)
 {
-   FILE *f;
-   if ((f = fopen(path, "r")) != NULL)
-   {
-      fclose(f);
-      return 1;
-   }
-
-   return 0;
+   return mbedtls_base64_encode(dst, dlen, olen, src, slen);
 }
 
 
 /*********************************************************************
  *
- * Function    :  host_to_hash
+ * Function    :  ssl_crt_verify_info
  *
- * Description :  Creates MD5 hash from host name. Host name is loaded
- *                from structure csp and saved again into it.
+ * Description :  Returns an informational string about the verification
+ *                status of a certificate.
  *
  * Parameters  :
- *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          1  :  buf = Buffer to write to
+ *          2  :  size = Maximum size of buffer
+ *          3  :  csp = client state
  *
- * Returns     :  1 => Error while creating hash
- *                0 => Hash created successfully
+ * Returns     :  N/A
  *
  *********************************************************************/
-static int host_to_hash(struct client_state *csp)
+extern void ssl_crt_verify_info(char *buf, size_t size, struct client_state *csp)
 {
-   int ret = 0;
+   char *last_byte;
 
-#if !defined(MBEDTLS_MD5_C)
-   log_error(LOG_LEVEL_ERROR, "MBEDTLS_MD5_C is not defined. Can't create"
-      "MD5 hash for certificate and key name.");
-   return -1;
-#else
-   memset(csp->http->hash_of_host, 0, sizeof(csp->http->hash_of_host));
-   mbedtls_md5((unsigned char *)csp->http->host, strlen(csp->http->host),
-      csp->http->hash_of_host);
-
-   /* Converting hash into string with hex */
-   size_t i = 0;
-   for (; i < 16; i++)
+   mbedtls_x509_crt_verify_info(buf, size, "",
+      csp->server_cert_verification_result);
+   last_byte = buf + strlen(buf)-1;
+   if (*last_byte == '\n')
    {
-      if ((ret = sprintf((char *)csp->http->hash_of_host_hex + 2 * i, "%02x",
-         csp->http->hash_of_host[i])) < 0)
-      {
-         log_error(LOG_LEVEL_ERROR, "Sprintf return value: %d", ret);
-         return -1;
-      }
+      /* Overwrite trailing new line character */
+      *last_byte = '\0';
    }
-
-   return 0;
-#endif /* MBEDTLS_MD5_C */
 }
 
 
 /*********************************************************************
  *
- * Function    :  tunnel_established_successfully
+ * Function    :  ssl_release
  *
- * Description :  Check if parent proxy server response contains
- *                informations about successfully created connection with
- *                destination server. (HTTP/... 2xx ...)
+ * Description :  Release all SSL resources
  *
  * Parameters  :
- *          1  :  server_response = Buffer with parent proxy server response
- *          2  :  response_len = Length of server_response
  *
- * Returns     :  1 => Connection created successfully
- *                0 => Connection wasn't created successfully
+ * Returns     :  N/A
  *
  *********************************************************************/
-extern int tunnel_established_successfully(const char *server_response,
-   unsigned int response_len)
+extern void ssl_release(void)
 {
-   unsigned int pos = 0;
-
-   if (server_response == NULL)
-   {
-      return 0;
-   }
-
-   /* Tests if "HTTP/" string is at the begin of received response */
-   if (strncmp(server_response, "HTTP/", 5) != 0)
-   {
-      return 0;
-   }
-
-   for (pos = 0; pos < response_len; pos++)
+   if (rng_seeded == 1)
    {
-      if (server_response[pos] == ' ')
-      {
-         break;
-      }
+      mbedtls_ctr_drbg_free(&ctr_drbg);
+      mbedtls_entropy_free(&entropy);
    }
-
-   /*
-    * response_len -3 because of buffer end, response structure and 200 code.
-    * There must be at least 3 chars after space.
-    * End of buffer: ... 2xx'\0'
-    *             pos = |
-    */
-   if (pos >= (response_len - 3))
-   {
-      return 0;
-   }
-
-   /* Test HTTP status code */
-   if (server_response[pos + 1] != '2')
-   {
-      return 0;
-   }
-
-   return 1;
 }
 
 
 /*********************************************************************
  *
- * Function    :  seed_rng
+ * Function    :  get_ciphersuites_from_string
  *
- * Description :  Seeding the RNG for all SSL uses
+ * Description :  Converts a string of ciphersuite names to
+ *                an array of ciphersuite ids.
  *
  * Parameters  :
- *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          1  :  ciphersuites_string = String containing allowed
+ *                ciphersuites.
  *
- * Returns     : -1 => RNG wasn't seed successfully
- *                0 => RNG is seeded successfully
+ * Returns     :  Array of ciphersuite ids
  *
  *********************************************************************/
-static int seed_rng(struct client_state *csp)
+static int *get_ciphersuites_from_string(const char *parameter_string)
 {
-   int ret = 0;
-   char err_buf[ERROR_BUF_SIZE];
+   char *ciphersuites_index;
+   char *item_end;
+   char *ciphersuites_string;
+   int *ciphersuite_ids;
+   size_t count = 2;
+   int index = 0;
+   const char separator = ':';
+   size_t parameter_len = strlen(parameter_string);
+
+   ciphersuites_string = zalloc_or_die(parameter_len + 1);
+   strncpy(ciphersuites_string, parameter_string, parameter_len);
+   ciphersuites_index = ciphersuites_string;
+
+   while (*ciphersuites_index)
+   {
+      if (*ciphersuites_index++ == separator)
+      {
+         ++count;
+      }
+   }
 
-   memset(err_buf, 0, sizeof(err_buf));
+   ciphersuite_ids = zalloc_or_die(count * sizeof(int));
 
-   if (rng_seeded == 0)
+   ciphersuites_index = ciphersuites_string;
+   do
    {
-      privoxy_mutex_lock(&rng_mutex);
-      if (rng_seeded == 0)
+      item_end = strchr(ciphersuites_index, separator);
+      if (item_end != NULL)
       {
-         mbedtls_ctr_drbg_init(&ctr_drbg);
-         mbedtls_entropy_init(&entropy);
-         ret = mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func,
-            &entropy, NULL, 0);
-         if (ret != 0)
-         {
-            mbedtls_strerror(ret, err_buf, sizeof(err_buf));
-            log_error(LOG_LEVEL_ERROR,
-               "mbedtls_ctr_drbg_seed failed: %s", err_buf);
-            privoxy_mutex_unlock(&rng_mutex);
-            return -1;
-         }
-         rng_seeded = 1;
+         *item_end = '\0';
       }
-      privoxy_mutex_unlock(&rng_mutex);
-   }
-   return 0;
+
+      ciphersuite_ids[index] =
+         mbedtls_ssl_get_ciphersuite_id(ciphersuites_index);
+      if (ciphersuite_ids[index] == 0)
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Failed to get ciphersuite id for %s", ciphersuites_index);
+         freez(ciphersuite_ids);
+         freez(ciphersuites_string);
+         return NULL;
+      }
+      ciphersuites_index = item_end + 1;
+      index++;
+   } while (item_end != NULL);
+
+   ciphersuite_ids[index] = 0;
+   freez(ciphersuites_string);
+
+   return ciphersuite_ids;
+
 }