LCOV - code coverage report
Current view: top level - src - tls_openssl.c (source / functions) Coverage Total Hit
Test: coverage.info Lines: 23.0 % 540 124
Test Date: 2024-08-20 10:03:45 Functions: 34.2 % 38 13

            Line data    Source code
       1              : /* SPDX-License-Identifier: MIT OR GPL-3.0-only */
       2              : /* tls_openssl.c
       3              : ** strophe XMPP client library -- TLS abstraction openssl impl.
       4              : **
       5              : ** Copyright (C) 2005-008 Collecta, Inc.
       6              : **
       7              : **  This software is provided AS-IS with no warranty, either express
       8              : **  or implied.
       9              : **
      10              : **  This program is dual licensed under the MIT or GPLv3 licenses.
      11              : */
      12              : 
      13              : /** @file
      14              :  *  TLS implementation with OpenSSL.
      15              :  */
      16              : 
      17              : #include <errno.h> /* EINTR */
      18              : #include <string.h>
      19              : 
      20              : #ifndef _WIN32
      21              : #include <sys/select.h>
      22              : #else
      23              : #include <winsock2.h>
      24              : #endif
      25              : 
      26              : #include <openssl/ssl.h>
      27              : #include <openssl/err.h>
      28              : #include <openssl/opensslv.h>
      29              : #include <openssl/x509v3.h>
      30              : #include <openssl/pkcs12.h>
      31              : 
      32              : #include "common.h"
      33              : #include "tls.h"
      34              : #include "sock.h"
      35              : 
      36              : /*
      37              :  * Redefine OPENSSL_VERSION_NUMBER for LibreSSL.
      38              :  * LibreSSL and OpenSSL use different and incompatible version schemes. Solve
      39              :  * this issue in the way how nginx project did.
      40              :  */
      41              : #if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
      42              : #undef OPENSSL_VERSION_NUMBER
      43              : #if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
      44              : #define OPENSSL_VERSION_NUMBER 0x1010000fL
      45              : #elif (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
      46              : #define OPENSSL_VERSION_NUMBER 0x1000200fL
      47              : #else
      48              : #define OPENSSL_VERSION_NUMBER 0x1000107fL
      49              : #endif
      50              : #endif
      51              : 
      52              : #if OPENSSL_VERSION_NUMBER < 0x30000000L
      53              : #define STROPHE_ERR_func_error_string(e) ERR_func_error_string(e)
      54              : #else
      55              : #define STROPHE_ERR_func_error_string(e) ""
      56              : #endif
      57              : 
      58              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
      59              : static const unsigned char *ASN1_STRING_get0_data(ASN1_STRING *asn1)
      60              : {
      61              :     return ASN1_STRING_data(asn1);
      62              : }
      63              : #endif
      64              : 
      65              : #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
      66              : static int SSL_CTX_use_cert_and_key(SSL_CTX *ctx,
      67              :                                     X509 *x509,
      68              :                                     EVP_PKEY *privatekey,
      69              :                                     STACK_OF(X509) * chain,
      70              :                                     int override)
      71              : {
      72              :     UNUSED(override);
      73              :     if (!ctx)
      74              :         return 0;
      75              :     if (x509 && !SSL_CTX_use_certificate(ctx, x509))
      76              :         return 0;
      77              :     if (privatekey && !SSL_CTX_use_PrivateKey(ctx, privatekey))
      78              :         return 0;
      79              : #ifdef SSL_CTX_set1_chain
      80              :     if (chain && !SSL_CTX_set1_chain(ctx, chain))
      81              :         return 0;
      82              : #else
      83              :     UNUSED(chain);
      84              : #endif
      85              :     return 1;
      86              : }
      87              : #endif
      88              : 
      89              : #if OPENSSL_VERSION_NUMBER < 0x10000000L
      90              : static int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen,
      91              :                                        ASN1_OBJECT **poid,
      92              :                                        ASN1_TYPE **pvalue)
      93              : {
      94              :     if (gen->type != GEN_OTHERNAME)
      95              :         return 0;
      96              :     if (poid)
      97              :         *poid = gen->d.otherName->type_id;
      98              :     if (pvalue)
      99              :         *pvalue = gen->d.otherName->value;
     100              :     return 1;
     101              : }
     102              : #endif
     103              : 
     104              : struct _tls {
     105              :     xmpp_ctx_t *ctx;
     106              :     sock_t sock;
     107              :     SSL_CTX *ssl_ctx;
     108              :     SSL *ssl;
     109              :     X509 *client_cert;
     110              :     void *channel_binding_data;
     111              :     size_t channel_binding_size;
     112              :     int lasterror;
     113              : };
     114              : 
     115              : enum {
     116              :     TLS_SHUTDOWN_MAX_RETRIES = 10,
     117              :     TLS_TIMEOUT_SEC = 0,
     118              :     TLS_TIMEOUT_USEC = 100000,
     119              : };
     120              : 
     121              : static void _tls_sock_wait(tls_t *tls, int error);
     122              : static const char *_tls_error_str(int error, const char **tbl, size_t tbl_size);
     123              : static void _tls_set_error(tls_t *tls, int error);
     124              : static void _tls_log_error(xmpp_ctx_t *ctx);
     125              : static void _tls_dump_cert_info(tls_t *tls);
     126              : static X509 *_tls_cert_read(xmpp_conn_t *conn);
     127              : static X509 *
     128              : _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca);
     129              : static int _tls_xaddr_nid(void);
     130              : static int _tls_xmppaddr_to_string(GENERAL_NAME *name, char **res);
     131              : static int _tls_dnsname_to_string(GENERAL_NAME *name, char **res);
     132              : static GENERAL_NAMES *_tls_conn_get_names(xmpp_conn_t *conn);
     133              : static GENERAL_NAMES *_tls_cert_get_names(X509 *client_cert);
     134              : 
     135              : #define TLS_ERROR_STR(error, table) \
     136              :     _tls_error_str(error, table, ARRAY_SIZE(table))
     137              : 
     138              : #define TLS_ERROR_FIELD(x) [x] = #x
     139              : const char *tls_errors[] = {
     140              :     TLS_ERROR_FIELD(SSL_ERROR_NONE),
     141              :     TLS_ERROR_FIELD(SSL_ERROR_SSL),
     142              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_READ),
     143              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_WRITE),
     144              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_X509_LOOKUP),
     145              :     TLS_ERROR_FIELD(SSL_ERROR_SYSCALL),
     146              :     TLS_ERROR_FIELD(SSL_ERROR_ZERO_RETURN),
     147              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_CONNECT),
     148              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_ACCEPT),
     149              : #ifndef LIBRESSL_VERSION_NUMBER
     150              : #if OPENSSL_VERSION_NUMBER >= 0x10100000L
     151              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC),
     152              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC_JOB),
     153              : #endif
     154              : #if OPENSSL_VERSION_NUMBER >= 0x10101000L
     155              :     TLS_ERROR_FIELD(SSL_ERROR_WANT_CLIENT_HELLO_CB),
     156              : #endif
     157              : #endif /* !LIBRESSL_VERSION_NUMBER */
     158              : };
     159              : const char *cert_errors[] = {
     160              :     TLS_ERROR_FIELD(X509_V_OK),
     161              : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
     162              :     TLS_ERROR_FIELD(X509_V_ERR_UNSPECIFIED),
     163              : #endif
     164              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT),
     165              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_CRL),
     166              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE),
     167              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE),
     168              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY),
     169              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_SIGNATURE_FAILURE),
     170              :     TLS_ERROR_FIELD(X509_V_ERR_CRL_SIGNATURE_FAILURE),
     171              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_NOT_YET_VALID),
     172              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_HAS_EXPIRED),
     173              :     TLS_ERROR_FIELD(X509_V_ERR_CRL_NOT_YET_VALID),
     174              :     TLS_ERROR_FIELD(X509_V_ERR_CRL_HAS_EXPIRED),
     175              :     TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD),
     176              :     TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD),
     177              :     TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD),
     178              :     TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD),
     179              :     TLS_ERROR_FIELD(X509_V_ERR_OUT_OF_MEM),
     180              :     TLS_ERROR_FIELD(X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT),
     181              :     TLS_ERROR_FIELD(X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN),
     182              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY),
     183              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE),
     184              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_CHAIN_TOO_LONG),
     185              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_REVOKED),
     186              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_CA),
     187              :     TLS_ERROR_FIELD(X509_V_ERR_PATH_LENGTH_EXCEEDED),
     188              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_PURPOSE),
     189              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_UNTRUSTED),
     190              :     TLS_ERROR_FIELD(X509_V_ERR_CERT_REJECTED),
     191              :     TLS_ERROR_FIELD(X509_V_ERR_SUBJECT_ISSUER_MISMATCH),
     192              :     TLS_ERROR_FIELD(X509_V_ERR_AKID_SKID_MISMATCH),
     193              :     TLS_ERROR_FIELD(X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH),
     194              :     TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_CERTSIGN),
     195              :     TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER),
     196              :     TLS_ERROR_FIELD(X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION),
     197              :     TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_CRL_SIGN),
     198              :     TLS_ERROR_FIELD(X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION),
     199              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_NON_CA),
     200              :     TLS_ERROR_FIELD(X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED),
     201              :     TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE),
     202              :     TLS_ERROR_FIELD(X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED),
     203              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_EXTENSION),
     204              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_POLICY_EXTENSION),
     205              :     TLS_ERROR_FIELD(X509_V_ERR_NO_EXPLICIT_POLICY),
     206              :     TLS_ERROR_FIELD(X509_V_ERR_APPLICATION_VERIFICATION),
     207              : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
     208              :     TLS_ERROR_FIELD(X509_V_ERR_DIFFERENT_CRL_SCOPE),
     209              :     TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE),
     210              :     TLS_ERROR_FIELD(X509_V_ERR_UNNESTED_RESOURCE),
     211              :     TLS_ERROR_FIELD(X509_V_ERR_PERMITTED_VIOLATION),
     212              :     TLS_ERROR_FIELD(X509_V_ERR_EXCLUDED_VIOLATION),
     213              :     TLS_ERROR_FIELD(X509_V_ERR_SUBTREE_MINMAX),
     214              :     TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE),
     215              :     TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX),
     216              :     TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX),
     217              :     TLS_ERROR_FIELD(X509_V_ERR_CRL_PATH_VALIDATION_ERROR),
     218              : #ifndef LIBRESSL_VERSION_NUMBER
     219              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_VERSION),
     220              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_ALGORITHM),
     221              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_CURVE),
     222              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM),
     223              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED),
     224              :     TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256),
     225              : #endif /* !LIBRESSL_VERSION_NUMBER */
     226              :     TLS_ERROR_FIELD(X509_V_ERR_HOSTNAME_MISMATCH),
     227              :     TLS_ERROR_FIELD(X509_V_ERR_EMAIL_MISMATCH),
     228              :     TLS_ERROR_FIELD(X509_V_ERR_IP_ADDRESS_MISMATCH),
     229              : #endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */
     230              : #if OPENSSL_VERSION_NUMBER >= 0x10100000L
     231              :     TLS_ERROR_FIELD(X509_V_ERR_INVALID_CALL),
     232              :     TLS_ERROR_FIELD(X509_V_ERR_STORE_LOOKUP),
     233              : #ifndef LIBRESSL_VERSION_NUMBER
     234              :     TLS_ERROR_FIELD(X509_V_ERR_PATH_LOOP),
     235              :     TLS_ERROR_FIELD(X509_V_ERR_DANE_NO_MATCH),
     236              :     TLS_ERROR_FIELD(X509_V_ERR_EE_KEY_TOO_SMALL),
     237              :     TLS_ERROR_FIELD(X509_V_ERR_CA_KEY_TOO_SMALL),
     238              :     TLS_ERROR_FIELD(X509_V_ERR_CA_MD_TOO_WEAK),
     239              :     TLS_ERROR_FIELD(X509_V_ERR_NO_VALID_SCTS),
     240              :     TLS_ERROR_FIELD(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION),
     241              : #if OPENSSL_VERSION_NUMBER >= 0x10101000L
     242              :     TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_NEEDED),
     243              :     TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_FAILED),
     244              :     TLS_ERROR_FIELD(X509_V_ERR_OCSP_CERT_UNKNOWN),
     245              : #endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
     246              : #endif /* !LIBRESSL_VERSION_NUMBER */
     247              : #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
     248              : };
     249              : #undef TLS_ERROR_FIELD
     250              : 
     251            2 : void tls_initialize(void)
     252              : {
     253              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
     254              :     SSL_library_init();
     255              :     SSL_load_error_strings();
     256              : #else
     257            2 :     OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
     258              : #endif
     259              :     /* init xmppAddr OID */
     260            2 :     _tls_xaddr_nid();
     261            2 : }
     262              : 
     263            2 : void tls_shutdown(void)
     264              : {
     265              :     /*
     266              :      * FIXME: Don't free global tables, program or other libraries may use
     267              :      * openssl after libstrophe finalization. Maybe better leak some fixed
     268              :      * memory rather than cause random crashes of the main program.
     269              :      */
     270              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
     271              :     OBJ_cleanup();
     272              :     ERR_free_strings();
     273              :     EVP_cleanup();
     274              :     CRYPTO_cleanup_all_ex_data();
     275              : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
     276              :     SSL_COMP_free_compression_methods();
     277              : #endif
     278              : #if OPENSSL_VERSION_NUMBER < 0x10000000L
     279              :     ERR_remove_state(0);
     280              : #else
     281              :     ERR_remove_thread_state(NULL);
     282              : #endif
     283              : #endif
     284            2 : }
     285              : 
     286            0 : int tls_error(struct conn_interface *intf)
     287              : {
     288            0 :     return intf->conn->tls->lasterror;
     289              : }
     290              : 
     291              : /** Search through the SubjectAlternativeNames and return the next
     292              :  *  id-on-xmppAddr element starting from `n`.
     293              :  */
     294           24 : char *tls_id_on_xmppaddr(xmpp_conn_t *conn, unsigned int n)
     295              : {
     296           24 :     char *ret = NULL;
     297           24 :     int i, j;
     298           24 :     GENERAL_NAMES *names = _tls_conn_get_names(conn);
     299           24 :     if (!names) {
     300            0 :         _tls_log_error(conn->ctx);
     301            0 :         return NULL;
     302              :     }
     303           24 :     int num_names = sk_GENERAL_NAME_num(names);
     304          104 :     for (i = j = 0; i < num_names; ++i) {
     305           72 :         char *res;
     306           72 :         GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
     307           72 :         if (name == NULL)
     308              :             break;
     309           72 :         if (_tls_xmppaddr_to_string(name, &res))
     310           32 :             continue;
     311           40 :         if (j == (int)n) {
     312           16 :             strophe_debug(conn->ctx, "tls",
     313              :                           "extracted jid %s from id-on-xmppAddr", res);
     314           16 :             ret = strophe_strdup(conn->ctx, res);
     315           16 :             OPENSSL_free(res);
     316              :             break;
     317              :         }
     318           24 :         j++;
     319           24 :         OPENSSL_free(res);
     320              :     }
     321           24 :     GENERAL_NAMES_free(names);
     322           24 :     return ret;
     323              : }
     324              : 
     325            8 : unsigned int tls_id_on_xmppaddr_num(xmpp_conn_t *conn)
     326              : {
     327            8 :     unsigned int ret = 0;
     328            8 :     GENERAL_NAMES *names = _tls_conn_get_names(conn);
     329            8 :     if (!names) {
     330            0 :         _tls_log_error(conn->ctx);
     331            0 :         return 0;
     332              :     }
     333            8 :     int j, num_names = sk_GENERAL_NAME_num(names);
     334           48 :     for (j = 0; j < num_names; ++j) {
     335           32 :         GENERAL_NAME *name = sk_GENERAL_NAME_value(names, j);
     336           32 :         if (_tls_xmppaddr_to_string(name, NULL))
     337           16 :             continue;
     338           16 :         ret++;
     339              :     }
     340            8 :     GENERAL_NAMES_free(names);
     341            8 :     return ret;
     342              : }
     343              : 
     344            0 : static int _convert_ASN1TIME(ASN1_TIME *ansi_time, char *buf, size_t len)
     345              : {
     346            0 :     BIO *bio = BIO_new(BIO_s_mem());
     347            0 :     int rc = ASN1_TIME_print(bio, ansi_time);
     348            0 :     if (rc <= 0) {
     349            0 :         BIO_free(bio);
     350            0 :         return 0;
     351              :     }
     352            0 :     rc = BIO_gets(bio, buf, len);
     353            0 :     if (rc <= 0) {
     354            0 :         BIO_free(bio);
     355            0 :         return 0;
     356              :     }
     357            0 :     BIO_free(bio);
     358            0 :     return 1;
     359              : }
     360              : 
     361            0 : static char *_asn1_time_to_str(const xmpp_ctx_t *ctx, ASN1_TIME *t)
     362              : {
     363            0 :     char buf[128];
     364            0 :     int res = _convert_ASN1TIME(t, buf, sizeof(buf));
     365            0 :     if (res) {
     366            0 :         return strophe_strdup(ctx, buf);
     367              :     }
     368              :     return NULL;
     369              : }
     370              : 
     371              : static char *
     372            0 : _get_fingerprint(const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
     373              : {
     374            0 :     unsigned char buf[EVP_MAX_MD_SIZE];
     375            0 :     unsigned int len;
     376            0 :     const EVP_MD *digest;
     377            0 :     switch (el) {
     378            0 :     case XMPP_CERT_FINGERPRINT_SHA1:
     379            0 :         digest = EVP_sha1();
     380              :         break;
     381            0 :     case XMPP_CERT_FINGERPRINT_SHA256:
     382            0 :         digest = EVP_sha256();
     383              :         break;
     384              :     default:
     385            0 :         return NULL;
     386              :     }
     387            0 :     if (X509_digest(err_cert, digest, buf, &len) != 0) {
     388            0 :         char fingerprint[4 * EVP_MAX_MD_SIZE];
     389            0 :         hex_encode(fingerprint, buf, len);
     390            0 :         return strophe_strdup(ctx, fingerprint);
     391              :     }
     392              :     return NULL;
     393              : }
     394              : 
     395              : static char *
     396            0 : _get_alg(const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
     397              : {
     398            0 :     int alg_nid = NID_undef;
     399              : 
     400            0 :     switch (el) {
     401            0 :     case XMPP_CERT_KEYALG: {
     402              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
     403              :         alg_nid = OBJ_obj2nid(err_cert->cert_info->key->algor->algorithm);
     404              : #else
     405            0 :         X509_PUBKEY *pubkey = X509_get_X509_PUBKEY(err_cert);
     406            0 :         ASN1_OBJECT *ppkalg = NULL;
     407            0 :         if (X509_PUBKEY_get0_param(&ppkalg, NULL, NULL, NULL, pubkey)) {
     408            0 :             alg_nid = OBJ_obj2nid(ppkalg);
     409              :         }
     410              : #endif
     411            0 :     } break;
     412            0 :     case XMPP_CERT_SIGALG: {
     413              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
     414              :         alg_nid = OBJ_obj2nid(err_cert->sig_alg->algorithm);
     415              : #else
     416            0 :         const X509_ALGOR *palg;
     417            0 :         const ASN1_OBJECT *obj;
     418            0 :         X509_get0_signature(NULL, &palg, err_cert);
     419            0 :         X509_ALGOR_get0(&obj, NULL, NULL, palg);
     420            0 :         alg_nid = OBJ_obj2nid(obj);
     421              : #endif
     422            0 :     } break;
     423              :     default:
     424              :         break;
     425              :     }
     426            0 :     if (alg_nid != NID_undef) {
     427            0 :         const char *alg = OBJ_nid2ln(alg_nid);
     428            0 :         if (alg) {
     429            0 :             return strophe_strdup(ctx, alg);
     430              :         }
     431              :     }
     432              :     return NULL;
     433              : }
     434              : 
     435            0 : static xmpp_tlscert_t *_x509_to_tlscert(xmpp_ctx_t *ctx, X509 *cert)
     436              : {
     437            0 :     char *subject, *issuer, buf[32];
     438            0 :     xmpp_tlscert_t *tlscert = tlscert_new(ctx);
     439            0 :     if (!tlscert)
     440            0 :         return NULL;
     441              : 
     442            0 :     BIO *b = BIO_new(BIO_s_mem());
     443            0 :     if (!b)
     444            0 :         goto error_out;
     445            0 :     PEM_write_bio_X509(b, cert);
     446            0 :     BUF_MEM *bptr;
     447            0 :     BIO_get_mem_ptr(b, &bptr);
     448            0 :     tlscert->pem = strophe_alloc(ctx, bptr->length + 1);
     449            0 :     if (!tlscert->pem)
     450            0 :         goto error_out;
     451            0 :     memcpy(tlscert->pem, bptr->data, bptr->length);
     452            0 :     tlscert->pem[bptr->length] = '\0';
     453            0 :     BIO_free(b);
     454              : 
     455            0 :     subject = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
     456            0 :     if (!subject)
     457            0 :         goto error_out;
     458            0 :     tlscert->elements[XMPP_CERT_SUBJECT] = strophe_strdup(ctx, subject);
     459            0 :     OPENSSL_free(subject);
     460            0 :     issuer = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
     461            0 :     if (!issuer)
     462            0 :         goto error_out;
     463            0 :     tlscert->elements[XMPP_CERT_ISSUER] = strophe_strdup(ctx, issuer);
     464            0 :     OPENSSL_free(issuer);
     465              : 
     466            0 :     tlscert->elements[XMPP_CERT_NOTBEFORE] =
     467            0 :         _asn1_time_to_str(ctx, X509_get_notBefore(cert));
     468            0 :     tlscert->elements[XMPP_CERT_NOTAFTER] =
     469            0 :         _asn1_time_to_str(ctx, X509_get_notAfter(cert));
     470              : 
     471            0 :     tlscert->elements[XMPP_CERT_FINGERPRINT_SHA1] =
     472            0 :         _get_fingerprint(ctx, cert, XMPP_CERT_FINGERPRINT_SHA1);
     473            0 :     tlscert->elements[XMPP_CERT_FINGERPRINT_SHA256] =
     474            0 :         _get_fingerprint(ctx, cert, XMPP_CERT_FINGERPRINT_SHA256);
     475              : 
     476            0 :     strophe_snprintf(buf, sizeof(buf), "%ld", X509_get_version(cert) + 1);
     477            0 :     tlscert->elements[XMPP_CERT_VERSION] = strophe_strdup(ctx, buf);
     478              : 
     479            0 :     tlscert->elements[XMPP_CERT_KEYALG] = _get_alg(ctx, cert, XMPP_CERT_KEYALG);
     480            0 :     tlscert->elements[XMPP_CERT_SIGALG] = _get_alg(ctx, cert, XMPP_CERT_SIGALG);
     481              : 
     482            0 :     ASN1_INTEGER *serial = X509_get_serialNumber(cert);
     483            0 :     BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL);
     484            0 :     if (bn) {
     485            0 :         char *serialnumber = BN_bn2hex(bn);
     486            0 :         if (serialnumber) {
     487            0 :             tlscert->elements[XMPP_CERT_SERIALNUMBER] =
     488            0 :                 strophe_strdup(ctx, serialnumber);
     489            0 :             OPENSSL_free(serialnumber);
     490              :         }
     491            0 :         BN_free(bn);
     492              :     }
     493              : 
     494            0 :     GENERAL_NAMES *names = _tls_cert_get_names(cert);
     495            0 :     if (names) {
     496            0 :         int j, num_names = sk_GENERAL_NAME_num(names);
     497              :         size_t n = 0;
     498            0 :         for (j = 0; j < num_names; ++j) {
     499            0 :             char *res;
     500            0 :             GENERAL_NAME *name = sk_GENERAL_NAME_value(names, j);
     501            0 :             if (_tls_dnsname_to_string(name, &res))
     502            0 :                 continue;
     503            0 :             if (tlscert_add_dnsname(tlscert, res))
     504            0 :                 strophe_debug(ctx, "tls", "Can't store dnsName(%zu): %s", n,
     505              :                               res);
     506            0 :             n++;
     507            0 :             OPENSSL_free(res);
     508              :         }
     509            0 :         GENERAL_NAMES_free(names);
     510              :     }
     511              : 
     512              :     return tlscert;
     513            0 : error_out:
     514            0 :     xmpp_tlscert_free(tlscert);
     515              :     return NULL;
     516              : }
     517              : 
     518            0 : static int _tls_verify(int preverify_ok, X509_STORE_CTX *x509_ctx)
     519              : {
     520            0 :     if (preverify_ok == 1)
     521              :         return 1;
     522              : 
     523            0 :     SSL *ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
     524              :                                           SSL_get_ex_data_X509_STORE_CTX_idx());
     525            0 :     xmpp_conn_t *conn = SSL_get_app_data(ssl);
     526              : 
     527            0 :     if (!conn->certfail_handler) {
     528            0 :         strophe_error(conn->ctx, "tls",
     529              :                       "No certfail handler set, canceling connection attempt");
     530            0 :         return 0;
     531              :     }
     532              : 
     533            0 :     X509 *err_cert = X509_STORE_CTX_get_current_cert(x509_ctx);
     534              : 
     535            0 :     xmpp_tlscert_t *tlscert = _x509_to_tlscert(conn->ctx, err_cert);
     536              : 
     537            0 :     if (!tlscert)
     538              :         return 0;
     539              : 
     540            0 :     strophe_debug(conn->ctx, "tls", "preverify_ok:%d\nSubject: %s\nIssuer: %s",
     541              :                   preverify_ok, tlscert->elements[XMPP_CERT_SUBJECT],
     542              :                   tlscert->elements[XMPP_CERT_ISSUER]);
     543              : 
     544            0 :     int ret = conn->certfail_handler(
     545              :         tlscert,
     546            0 :         X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_ctx)));
     547              : 
     548            0 :     xmpp_tlscert_free(tlscert);
     549              : 
     550            0 :     return ret;
     551              : }
     552              : 
     553            8 : static int _tls_password_callback(char *buf, int size, int rwflag, void *u)
     554              : {
     555            8 :     UNUSED(rwflag);
     556            8 :     return tls_caching_password_callback(buf, size, u);
     557              : }
     558              : 
     559            0 : tls_t *tls_new(xmpp_conn_t *conn)
     560              : {
     561            0 :     tls_t *tls = strophe_alloc(conn->ctx, sizeof(*tls));
     562              : 
     563            0 :     if (tls) {
     564            0 :         int ret;
     565              : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
     566              :         /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */
     567            0 :         X509_VERIFY_PARAM *param;
     568              : #endif
     569            0 :         memset(tls, 0, sizeof(*tls));
     570              : 
     571            0 :         tls->ctx = conn->ctx;
     572            0 :         tls->sock = conn->sock;
     573              : #if OPENSSL_VERSION_NUMBER < 0x10100000L
     574              :         tls->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
     575              : #else
     576            0 :         tls->ssl_ctx = SSL_CTX_new(TLS_client_method());
     577              : #endif
     578            0 :         if (tls->ssl_ctx == NULL)
     579            0 :             goto err;
     580              : 
     581              :         /* Enable bug workarounds. */
     582            0 :         SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_ALL);
     583              : 
     584              :         /* Disable insecure SSL/TLS versions. */
     585            0 :         SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_SSLv2); /* DROWN */
     586            0 :         SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_SSLv3); /* POODLE */
     587            0 :         SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_TLSv1); /* BEAST */
     588              : 
     589            0 :         if (conn->password_callback) {
     590            0 :             SSL_CTX_set_default_passwd_cb(tls->ssl_ctx, _tls_password_callback);
     591            0 :             SSL_CTX_set_default_passwd_cb_userdata(tls->ssl_ctx, conn);
     592              :         }
     593              : 
     594            0 :         if (conn->tls_client_cert && conn->tls_client_key) {
     595            0 :             unsigned int retries = 0;
     596            0 :             tls->client_cert = _tls_cert_read(conn);
     597            0 :             if (!tls->client_cert) {
     598            0 :                 strophe_error(tls->ctx, "tls",
     599              :                               "could not read client certificate");
     600            0 :                 goto err_free_ctx;
     601              :             }
     602              : 
     603            0 :             SSL_CTX_use_certificate_file(tls->ssl_ctx, conn->tls_client_cert,
     604              :                                          SSL_FILETYPE_PEM);
     605            0 :             while (retries++ < conn->password_retries) {
     606            0 :                 if (SSL_CTX_use_PrivateKey_file(
     607            0 :                         tls->ssl_ctx, conn->tls_client_key, SSL_FILETYPE_PEM)) {
     608              :                     break;
     609              :                 }
     610            0 :                 tls_clear_password_cache(conn);
     611            0 :                 unsigned long err = ERR_peek_error();
     612            0 :                 if ((ERR_GET_LIB(err) == ERR_LIB_EVP &&
     613            0 :                      ERR_GET_REASON(err) == EVP_R_BAD_DECRYPT) ||
     614            0 :                     (ERR_GET_LIB(err) == ERR_LIB_PEM &&
     615            0 :                      ERR_GET_REASON(err) == PEM_R_BAD_DECRYPT)) {
     616            0 :                     strophe_debug(tls->ctx, "tls", "wrong password?");
     617            0 :                     continue;
     618              :                 }
     619            0 :                 strophe_error(tls->ctx, "tls",
     620              :                               "could not use private key %d %d",
     621              :                               ERR_GET_LIB(err), ERR_GET_REASON(err));
     622            0 :                 goto err_free_ctx;
     623              :             }
     624            0 :         } else if (conn->tls_client_cert) {
     625            0 :             EVP_PKEY *pkey = NULL;
     626            0 :             STACK_OF(X509) *ca = NULL;
     627            0 :             X509 *cert = _tls_cert_read_p12(conn, &pkey, &ca);
     628            0 :             if (!cert) {
     629            0 :                 goto err_free_ctx;
     630              :             }
     631              : 
     632            0 :             SSL_CTX_use_cert_and_key(tls->ssl_ctx, cert, pkey, ca, 1);
     633              : 
     634            0 :             if (pkey)
     635            0 :                 EVP_PKEY_free(pkey);
     636            0 :             if (ca)
     637            0 :                 sk_X509_pop_free(ca, X509_free);
     638            0 :             tls->client_cert = cert;
     639              :         } else {
     640              :             /* If the server asks for a client certificate, don't send one. */
     641            0 :             SSL_CTX_set_client_cert_cb(tls->ssl_ctx, NULL);
     642              :         }
     643              : 
     644            0 :         SSL_CTX_set_mode(tls->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
     645              : 
     646            0 :         ret = SSL_CTX_set_default_verify_paths(tls->ssl_ctx);
     647            0 :         if (ret == 0 && !conn->tls_trust) {
     648              :             /*
     649              :              * Returns 1 on success and 0 on failure. A missing default
     650              :              * location is still treated as a success.
     651              :              * Ignore errors when XMPP_CONN_FLAG_TRUST_TLS is set.
     652              :              */
     653            0 :             strophe_error(tls->ctx, "tls",
     654              :                           "SSL_CTX_set_default_verify_paths() failed");
     655            0 :             goto err_free_cert;
     656              :         }
     657              : 
     658            0 :         if (conn->tls_cafile || conn->tls_capath) {
     659            0 :             if (SSL_CTX_load_verify_locations(tls->ssl_ctx, conn->tls_cafile,
     660            0 :                                               conn->tls_capath) == 0) {
     661            0 :                 strophe_error(tls->ctx, "tls",
     662              :                               "SSL_CTX_load_verify_locations() failed");
     663            0 :                 goto err_free_cert;
     664              :             }
     665              :         }
     666              : 
     667            0 :         tls->ssl = SSL_new(tls->ssl_ctx);
     668            0 :         if (tls->ssl == NULL)
     669            0 :             goto err_free_cert;
     670              : 
     671              : #if OPENSSL_VERSION_NUMBER >= 0x0908060L && !defined(OPENSSL_NO_TLSEXT)
     672              :         /* Enable SNI. */
     673            0 :         SSL_set_tlsext_host_name(tls->ssl, conn->domain);
     674              : #endif
     675              : 
     676              :         /* Trust server's certificate when user sets the flag explicitly.
     677              :          * Otherwise call the verification callback */
     678            0 :         if (conn->tls_trust)
     679            0 :             SSL_set_verify(tls->ssl, SSL_VERIFY_NONE, NULL);
     680              :         else
     681            0 :             SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, _tls_verify);
     682            0 :         SSL_set_app_data(tls->ssl, conn);
     683              : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
     684              :         /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */
     685            0 :         param = SSL_get0_param(tls->ssl);
     686              : 
     687              :         /*
     688              :          * Allow only complete wildcards.  RFC 6125 discourages wildcard usage
     689              :          * completely, and lists internationalized domain names as a reason
     690              :          * against partial wildcards.
     691              :          * See https://tools.ietf.org/html/rfc6125#section-7.2 for more
     692              :          * information.
     693              :          */
     694            0 :         X509_VERIFY_PARAM_set_hostflags(param,
     695              :                                         X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
     696            0 :         X509_VERIFY_PARAM_set1_host(param, conn->domain, 0);
     697              : #endif
     698              : 
     699            0 :         ret = SSL_set_fd(tls->ssl, conn->sock);
     700            0 :         if (ret <= 0)
     701            0 :             goto err_free_ssl;
     702              :     }
     703              : 
     704              :     return tls;
     705              : 
     706            0 : err_free_ssl:
     707            0 :     SSL_free(tls->ssl);
     708            0 : err_free_cert:
     709            0 :     X509_free(tls->client_cert);
     710            0 : err_free_ctx:
     711            0 :     SSL_CTX_free(tls->ssl_ctx);
     712            0 : err:
     713            0 :     strophe_free(conn->ctx, tls);
     714            0 :     _tls_log_error(conn->ctx);
     715            0 :     return NULL;
     716              : }
     717              : 
     718            0 : void tls_free(tls_t *tls)
     719              : {
     720            0 :     strophe_free(tls->ctx, tls->channel_binding_data);
     721            0 :     SSL_free(tls->ssl);
     722            0 :     X509_free(tls->client_cert);
     723            0 :     SSL_CTX_free(tls->ssl_ctx);
     724            0 :     strophe_free(tls->ctx, tls);
     725            0 : }
     726              : 
     727            0 : xmpp_tlscert_t *tls_peer_cert(xmpp_conn_t *conn)
     728              : {
     729            0 :     if (conn && conn->tls && conn->tls->ssl) {
     730            0 :         X509 *cert = SSL_get_peer_certificate(conn->tls->ssl);
     731            0 :         if (cert) {
     732            0 :             xmpp_tlscert_t *tlscert = _x509_to_tlscert(conn->ctx, cert);
     733            0 :             X509_free(cert);
     734            0 :             return tlscert;
     735              :         }
     736              :     }
     737              :     return NULL;
     738              : }
     739              : 
     740            0 : int tls_set_credentials(tls_t *tls, const char *cafilename)
     741              : {
     742            0 :     UNUSED(tls);
     743            0 :     UNUSED(cafilename);
     744            0 :     return -1;
     745              : }
     746              : 
     747            0 : int tls_init_channel_binding(tls_t *tls,
     748              :                              const char **binding_prefix,
     749              :                              size_t *binding_prefix_len)
     750              : {
     751            0 :     const char *label = NULL;
     752            0 :     size_t labellen = 0;
     753              : 
     754            0 :     switch (SSL_version(tls->ssl)) {
     755            0 :     case SSL3_VERSION:
     756            0 :         *binding_prefix = "tls-unique";
     757            0 :         *binding_prefix_len = strlen("tls-unique");
     758            0 :         tls->channel_binding_size = 36;
     759            0 :         break;
     760            0 :     case TLS1_VERSION:
     761              :     case TLS1_1_VERSION:
     762              :     case TLS1_2_VERSION:
     763            0 :         *binding_prefix = "tls-unique";
     764            0 :         *binding_prefix_len = strlen("tls-unique");
     765            0 :         tls->channel_binding_size = 12;
     766            0 :         break;
     767              : #ifdef TLS1_3_VERSION
     768            0 :     case TLS1_3_VERSION:
     769            0 :         label = "EXPORTER-Channel-Binding";
     770            0 :         labellen = 24;
     771            0 :         *binding_prefix = "tls-exporter";
     772            0 :         *binding_prefix_len = strlen("tls-exporter");
     773            0 :         tls->channel_binding_size = 32;
     774            0 :         break;
     775              : #endif
     776            0 :     default:
     777            0 :         strophe_error(tls->ctx, "tls", "Unsupported TLS Version: %s",
     778            0 :                       SSL_get_version(tls->ssl));
     779            0 :         return -1;
     780              :     }
     781              : 
     782            0 :     strophe_free_and_null(tls->ctx, tls->channel_binding_data);
     783            0 :     tls->channel_binding_data =
     784            0 :         strophe_alloc(tls->ctx, tls->channel_binding_size);
     785            0 :     if (!tls->channel_binding_data)
     786              :         return -1;
     787              : 
     788            0 :     if (SSL_export_keying_material(tls->ssl, tls->channel_binding_data,
     789              :                                    tls->channel_binding_size, label, labellen,
     790              :                                    NULL, 0, 0) != 1) {
     791            0 :         strophe_error(tls->ctx, "tls", "Could not get channel binding data");
     792            0 :         return -1;
     793              :     }
     794              :     return 0;
     795              : }
     796              : 
     797            0 : const void *tls_get_channel_binding_data(tls_t *tls, size_t *size)
     798              : {
     799            0 :     if (!tls->channel_binding_data || !tls->channel_binding_size) {
     800            0 :         strophe_error(tls->ctx, "tls", "No channel binding data available");
     801              :     }
     802            0 :     *size = tls->channel_binding_size;
     803            0 :     return tls->channel_binding_data;
     804              : }
     805              : 
     806            0 : int tls_start(tls_t *tls)
     807              : {
     808            0 :     int error;
     809            0 :     int ret;
     810            0 :     long x509_res;
     811              : 
     812              :     /* Since we're non-blocking, loop the connect call until it
     813              :        succeeds or fails */
     814            0 :     while (1) {
     815            0 :         ret = SSL_connect(tls->ssl);
     816            0 :         error = ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0;
     817              : 
     818            0 :         if (ret == -1 && tls_is_recoverable(NULL, error)) {
     819              :             /* wait for something to happen on the sock before looping back */
     820            0 :             _tls_sock_wait(tls, error);
     821            0 :             continue;
     822              :         }
     823              : 
     824              :         /* success or fatal error */
     825            0 :         break;
     826              :     }
     827              : 
     828            0 :     x509_res = SSL_get_verify_result(tls->ssl);
     829            0 :     if (x509_res == X509_V_OK) {
     830            0 :         strophe_debug(tls->ctx, "tls", "Certificate verification passed");
     831              :     } else {
     832            0 :         strophe_debug(tls->ctx, "tls",
     833              :                       "Certificate verification FAILED, result=%s(%ld)",
     834              :                       TLS_ERROR_STR((int)x509_res, cert_errors), x509_res);
     835            0 :         if (ret > 0)
     836            0 :             strophe_debug(tls->ctx, "tls", "User decided to connect anyways");
     837              :     }
     838            0 :     _tls_dump_cert_info(tls);
     839              : 
     840            0 :     _tls_set_error(tls, error);
     841            0 :     return ret <= 0 ? 0 : 1;
     842              : }
     843              : 
     844            0 : int tls_stop(tls_t *tls)
     845              : {
     846            0 :     int retries = 0;
     847            0 :     int error;
     848            0 :     int ret;
     849              : 
     850              :     /* According to OpenSSL.org, we must not call SSL_shutdown(3)
     851              :        if a previous fatal error has occurred on a connection. */
     852            0 :     if (tls->lasterror == SSL_ERROR_SYSCALL || tls->lasterror == SSL_ERROR_SSL)
     853              :         return 1;
     854              : 
     855            0 :     while (1) {
     856            0 :         ++retries;
     857            0 :         ret = SSL_shutdown(tls->ssl);
     858            0 :         error = ret < 0 ? SSL_get_error(tls->ssl, ret) : 0;
     859            0 :         if (ret == 1 || !tls_is_recoverable(NULL, error) ||
     860              :             retries >= TLS_SHUTDOWN_MAX_RETRIES) {
     861              :             break;
     862              :         }
     863            0 :         _tls_sock_wait(tls, error);
     864              :     }
     865            0 :     if (error == SSL_ERROR_SYSCALL && errno == 0) {
     866              :         /*
     867              :          * Handle special case when peer closes connection instead of
     868              :          * proper shutdown.
     869              :          */
     870            0 :         error = 0;
     871            0 :         ret = 1;
     872              :     }
     873            0 :     _tls_set_error(tls, error);
     874              : 
     875            0 :     return ret <= 0 ? 0 : 1;
     876              : }
     877              : 
     878            0 : int tls_is_recoverable(struct conn_interface *intf, int error)
     879              : {
     880            0 :     UNUSED(intf);
     881            0 :     return (error == SSL_ERROR_NONE || error == SSL_ERROR_WANT_READ ||
     882            0 :             error == SSL_ERROR_WANT_WRITE || error == SSL_ERROR_WANT_CONNECT ||
     883              :             error == SSL_ERROR_WANT_ACCEPT);
     884              : }
     885              : 
     886            0 : int tls_pending(struct conn_interface *intf)
     887              : {
     888            0 :     return SSL_pending(intf->conn->tls->ssl);
     889              : }
     890              : 
     891            0 : int tls_read(struct conn_interface *intf, void *buff, size_t len)
     892              : {
     893            0 :     int ret;
     894            0 :     tls_t *tls = intf->conn->tls;
     895              : 
     896            0 :     ret = SSL_read(tls->ssl, buff, len);
     897            0 :     _tls_set_error(tls, ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0);
     898              : 
     899            0 :     return ret;
     900              : }
     901              : 
     902            0 : int tls_write(struct conn_interface *intf, const void *buff, size_t len)
     903              : {
     904            0 :     int ret;
     905            0 :     tls_t *tls = intf->conn->tls;
     906              : 
     907            0 :     ret = SSL_write(tls->ssl, buff, len);
     908            0 :     _tls_set_error(tls, ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0);
     909              : 
     910            0 :     return ret;
     911              : }
     912              : 
     913            0 : int tls_clear_pending_write(struct conn_interface *intf)
     914              : {
     915            0 :     UNUSED(intf);
     916            0 :     return 0;
     917              : }
     918              : 
     919            0 : static void _tls_sock_wait(tls_t *tls, int error)
     920              : {
     921            0 :     struct timeval tv;
     922            0 :     fd_set rfds;
     923            0 :     fd_set wfds;
     924            0 :     int nfds;
     925            0 :     int ret;
     926              : 
     927            0 :     if (error == SSL_ERROR_NONE)
     928            0 :         return;
     929              : 
     930            0 :     FD_ZERO(&rfds);
     931            0 :     FD_ZERO(&wfds);
     932            0 :     if (error == SSL_ERROR_WANT_READ)
     933            0 :         FD_SET(tls->sock, &rfds);
     934            0 :     if (error == SSL_ERROR_WANT_WRITE)
     935            0 :         FD_SET(tls->sock, &wfds);
     936            0 :     nfds = (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE)
     937            0 :                ? tls->sock + 1
     938            0 :                : 0;
     939            0 :     do {
     940            0 :         tv.tv_sec = TLS_TIMEOUT_SEC;
     941            0 :         tv.tv_usec = TLS_TIMEOUT_USEC;
     942            0 :         ret = select(nfds, &rfds, &wfds, NULL, &tv);
     943            0 :     } while (ret == -1 && errno == EINTR);
     944              : }
     945              : 
     946            0 : static const char *_tls_error_str(int error, const char **tbl, size_t tbl_size)
     947              : {
     948            0 :     return (error >= 0 && (size_t)error < tbl_size) ? tbl[error] : "UNKNOWN";
     949              : }
     950              : 
     951            0 : static void _tls_set_error(tls_t *tls, int error)
     952              : {
     953            0 :     if (error != 0 && !tls_is_recoverable(NULL, error)) {
     954            0 :         strophe_debug(tls->ctx, "tls", "error=%s(%d) errno=%d lasterror=%d",
     955            0 :                       TLS_ERROR_STR(error, tls_errors), error, errno,
     956              :                       tls->lasterror);
     957            0 :         _tls_log_error(tls->ctx);
     958            0 :     } else if (tls->lasterror && tls->lasterror != error) {
     959            0 :         strophe_debug_verbose(1, tls->ctx, "tls", "overwrite lasterror=%d",
     960              :                               tls->lasterror);
     961              :     }
     962            0 :     tls->lasterror = error;
     963            0 : }
     964              : 
     965            0 : static void _tls_log_error(xmpp_ctx_t *ctx)
     966              : {
     967            0 :     unsigned long e;
     968              : 
     969            0 :     do {
     970            0 :         e = ERR_get_error();
     971            0 :         if (e != 0) {
     972            0 :             strophe_debug(
     973              :                 ctx, "tls", "error:%08X:%s:%s:%s", e, ERR_lib_error_string(e),
     974              :                 STROPHE_ERR_func_error_string(e), ERR_reason_error_string(e));
     975              :         }
     976            0 :     } while (e != 0);
     977            0 : }
     978              : 
     979            0 : static void _tls_dump_cert_info(tls_t *tls)
     980              : {
     981            0 :     X509 *cert;
     982            0 :     char *name;
     983              : 
     984            0 :     cert = SSL_get_peer_certificate(tls->ssl);
     985            0 :     if (cert == NULL)
     986            0 :         strophe_debug(tls->ctx, "tls", "Certificate was not presented by peer");
     987              :     else {
     988            0 :         name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
     989            0 :         if (name != NULL) {
     990            0 :             strophe_debug(tls->ctx, "tls", "Subject=%s", name);
     991            0 :             OPENSSL_free(name);
     992              :         }
     993            0 :         name = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
     994            0 :         if (name != NULL) {
     995            0 :             strophe_debug(tls->ctx, "tls", "Issuer=%s", name);
     996            0 :             OPENSSL_free(name);
     997              :         }
     998            0 :         X509_free(cert);
     999              :     }
    1000            0 : }
    1001              : 
    1002            8 : static X509 *_tls_cert_read_x509(xmpp_conn_t *conn)
    1003              : {
    1004            8 :     if (conn->tls && conn->tls->client_cert)
    1005              :         return conn->tls->client_cert;
    1006            8 :     BIO *f = BIO_new_file(conn->tls_client_cert, "r");
    1007            8 :     if (!f) {
    1008            0 :         strophe_debug(conn->ctx, "tls", "f == NULL");
    1009            0 :         return NULL;
    1010              :     }
    1011            8 :     X509 *c = PEM_read_bio_X509(f, NULL, NULL, NULL);
    1012            8 :     BIO_free(f);
    1013            8 :     if (!c) {
    1014            0 :         _tls_log_error(conn->ctx);
    1015              :     }
    1016              :     return c;
    1017              : }
    1018              : 
    1019           32 : static int _tls_parse_p12(PKCS12 *p12,
    1020              :                           const char *pass,
    1021              :                           EVP_PKEY **pkey,
    1022              :                           X509 **cert,
    1023              :                           STACK_OF(X509) * *ca)
    1024              : {
    1025              :     /* For some reason `PKCS12_parse()` fails without a `EVP_PKEY`
    1026              :      * so if the user doesn't want it, use a local one and free it
    1027              :      * again directly after parsing.
    1028              :      */
    1029           32 :     EVP_PKEY *pkey_;
    1030           32 :     if (!pkey)
    1031           32 :         pkey = &pkey_;
    1032           32 :     int parse_ok = PKCS12_parse(p12, pass, pkey, cert, ca);
    1033           32 :     if (pkey == &pkey_ && pkey_)
    1034           24 :         EVP_PKEY_free(pkey_);
    1035           32 :     return parse_ok;
    1036              : }
    1037              : 
    1038              : static X509 *
    1039           24 : _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca)
    1040              : {
    1041           24 :     if (conn->tls && conn->tls->client_cert && !pkey && !ca)
    1042           24 :         return conn->tls->client_cert;
    1043           24 :     X509 *cert = NULL;
    1044           24 :     PKCS12 *p12 = NULL;
    1045           24 :     BIO *f = BIO_new_file(conn->tls_client_cert, "rb");
    1046           24 :     if (!f) {
    1047            0 :         strophe_debug(conn->ctx, "tls", "f == NULL");
    1048            0 :         goto error_out;
    1049              :     }
    1050           24 :     p12 = d2i_PKCS12_bio(f, NULL);
    1051           24 :     BIO_free(f);
    1052           24 :     if (!p12) {
    1053            0 :         strophe_debug(conn->ctx, "tls", "Could not read p12 file");
    1054            0 :         goto error_out;
    1055              :     }
    1056              : 
    1057              :     /* First try to open file w/o a pass */
    1058           24 :     if (_tls_parse_p12(p12, NULL, pkey, &cert, ca)) {
    1059           16 :         goto success;
    1060              :     }
    1061            8 :     cert = NULL;
    1062              : 
    1063            8 :     unsigned int retries = 0;
    1064              : 
    1065            8 :     pem_password_cb *cb = PEM_def_callback;
    1066            8 :     void *userdata = NULL;
    1067            8 :     if (conn->password_callback) {
    1068            8 :         cb = _tls_password_callback;
    1069            8 :         userdata = conn;
    1070              :     }
    1071              : 
    1072            8 :     while (retries++ < conn->password_retries) {
    1073            8 :         char pass[PEM_BUFSIZE + 1];
    1074            8 :         int passlen = cb(pass, PEM_BUFSIZE, 0, userdata);
    1075            8 :         if (passlen < 0 || passlen > PEM_BUFSIZE)
    1076            0 :             goto error_out;
    1077            8 :         int parse_ok = _tls_parse_p12(p12, pass, pkey, &cert, ca);
    1078            8 :         if (parse_ok) {
    1079            8 :             goto success;
    1080              :         }
    1081            0 :         cert = NULL;
    1082            0 :         tls_clear_password_cache(conn);
    1083            0 :         int err = ERR_peek_last_error();
    1084            0 :         if (ERR_GET_LIB(err) == ERR_LIB_PKCS12 &&
    1085            0 :             ERR_GET_REASON(err) == PKCS12_R_MAC_VERIFY_FAILURE) {
    1086            0 :             strophe_debug(conn->ctx, "tls",
    1087              :                           "Entered password is most likely wrong!");
    1088            0 :             continue;
    1089              :         }
    1090            0 :         strophe_debug(conn->ctx, "tls", "Could not parse PKCS#12");
    1091            0 :         goto error_out;
    1092              :     }
    1093            0 : error_out:
    1094            0 :     _tls_log_error(conn->ctx);
    1095           24 : success:
    1096           24 :     if (p12)
    1097           24 :         PKCS12_free(p12);
    1098           24 :     return cert;
    1099              : }
    1100              : 
    1101           32 : static X509 *_tls_cert_read(xmpp_conn_t *conn)
    1102              : {
    1103           32 :     if (conn->tls && conn->tls->client_cert)
    1104              :         return conn->tls->client_cert;
    1105           32 :     if (conn->tls_client_cert && !conn->tls_client_key) {
    1106           24 :         return _tls_cert_read_p12(conn, NULL, NULL);
    1107              :     }
    1108            8 :     return _tls_cert_read_x509(conn);
    1109              : }
    1110              : 
    1111           58 : static int _tls_xaddr_nid(void)
    1112              : {
    1113           58 :     static int xaddr_nid = NID_undef;
    1114           58 :     if (xaddr_nid == NID_undef) {
    1115            2 :         xaddr_nid = OBJ_sn2nid("id-on-xmppAddr");
    1116              :     }
    1117           58 :     if (xaddr_nid == NID_undef) {
    1118            0 :         xaddr_nid = OBJ_create("1.3.6.1.5.5.7.8.5", "id-on-xmppAddr",
    1119              :                                "XmppAddr Identifier");
    1120              :     }
    1121           58 :     return xaddr_nid;
    1122              : }
    1123              : 
    1124           32 : static GENERAL_NAMES *_tls_conn_get_names(xmpp_conn_t *conn)
    1125              : {
    1126           32 :     X509 *client_cert;
    1127           32 :     GENERAL_NAMES *names = NULL;
    1128           32 :     client_cert = _tls_cert_read(conn);
    1129           32 :     if (!client_cert)
    1130              :         return NULL;
    1131           32 :     names = _tls_cert_get_names(client_cert);
    1132           32 :     if (!conn->tls || !conn->tls->client_cert)
    1133           32 :         X509_free(client_cert);
    1134              :     return names;
    1135              : }
    1136              : 
    1137           32 : static GENERAL_NAMES *_tls_cert_get_names(X509 *client_cert)
    1138              : {
    1139           32 :     int san = X509_get_ext_by_NID(client_cert, NID_subject_alt_name, 0);
    1140           32 :     X509_EXTENSION *san_ext = X509_get_ext(client_cert, san);
    1141           32 :     if (!san_ext)
    1142           32 :         return NULL;
    1143           32 :     ASN1_OCTET_STRING *data = X509_EXTENSION_get_data(san_ext);
    1144           32 :     if (!data)
    1145              :         return NULL;
    1146           32 :     const unsigned char *d = ASN1_STRING_get0_data(data);
    1147           32 :     if (!d)
    1148              :         return NULL;
    1149           32 :     return d2i_GENERAL_NAMES(NULL, &d, ASN1_STRING_length(data));
    1150              : }
    1151              : 
    1152              : /** Convert GENERAL_NAME* to a string
    1153              :  *
    1154              :  *  This checks whether the GENERAL_NAME* that is given has the
    1155              :  *  correct id-on-xmppAddr set and then optionally converts this
    1156              :  *  form ASN.1 to a string/char*.
    1157              :  *
    1158              :  *  When `res` pointer is set to NULL this method doesn't allocate
    1159              :  *  the result but only checks whether it is in the correct format.
    1160              :  *
    1161              :  *  @param name Pointer to the GENERAL_NAME that shall be converted
    1162              :  *  @param res Result-pointer (optional, can be NULL)
    1163              :  *
    1164              :  *  @return classic Unix style - 0=success, 1=error
    1165              :  */
    1166          104 : static int _tls_xmppaddr_to_string(GENERAL_NAME *name, char **res)
    1167              : {
    1168          104 :     ASN1_OBJECT *oid;
    1169          104 :     ASN1_TYPE *val;
    1170          104 :     if (!name || name->type != GEN_OTHERNAME)
    1171          104 :         return 1;
    1172           56 :     if (GENERAL_NAME_get0_otherName(name, &oid, &val) == 0)
    1173              :         return 1;
    1174           56 :     if (OBJ_obj2nid(oid) != _tls_xaddr_nid() || !val)
    1175              :         return 1;
    1176           56 :     if (!res)
    1177              :         return 0;
    1178           40 :     if (ASN1_STRING_to_UTF8((unsigned char **)res, val->value.asn1_string) < 0)
    1179              :         return 1;
    1180              :     return 0;
    1181              : }
    1182              : 
    1183            0 : static int _tls_dnsname_to_string(GENERAL_NAME *name, char **res)
    1184              : {
    1185            0 :     ASN1_STRING *str;
    1186            0 :     if (!name || name->type != GEN_DNS)
    1187              :         return 1;
    1188            0 :     str = GENERAL_NAME_get0_value(name, NULL);
    1189            0 :     if (str == NULL)
    1190              :         return 1;
    1191            0 :     if (!res)
    1192              :         return 0;
    1193            0 :     if (ASN1_STRING_to_UTF8((unsigned char **)res, str) < 0)
    1194              :         return 1;
    1195              :     return 0;
    1196              : }
        

Generated by: LCOV version 2.0-1