Line data Source code
1 : /* SPDX-License-Identifier: MIT OR GPL-3.0-only */
2 : /* tls_openssl.c
3 : ** strophe XMPP client library -- TLS abstraction openssl impl.
4 : **
5 : ** Copyright (C) 2005-008 Collecta, Inc.
6 : **
7 : ** This software is provided AS-IS with no warranty, either express
8 : ** or implied.
9 : **
10 : ** This program is dual licensed under the MIT or GPLv3 licenses.
11 : */
12 :
13 : /** @file
14 : * TLS implementation with OpenSSL.
15 : */
16 :
17 : #include <errno.h> /* EINTR */
18 : #include <string.h>
19 :
20 : #ifndef _WIN32
21 : #include <sys/select.h>
22 : #else
23 : #include <winsock2.h>
24 : #endif
25 :
26 : #include <openssl/ssl.h>
27 : #include <openssl/err.h>
28 : #include <openssl/opensslv.h>
29 : #include <openssl/x509v3.h>
30 : #include <openssl/pkcs12.h>
31 :
32 : #include "common.h"
33 : #include "tls.h"
34 : #include "sock.h"
35 :
36 : /*
37 : * Redefine OPENSSL_VERSION_NUMBER for LibreSSL.
38 : * LibreSSL and OpenSSL use different and incompatible version schemes. Solve
39 : * this issue in the way how nginx project did.
40 : */
41 : #if (defined LIBRESSL_VERSION_NUMBER && OPENSSL_VERSION_NUMBER == 0x20000000L)
42 : #undef OPENSSL_VERSION_NUMBER
43 : #if (LIBRESSL_VERSION_NUMBER >= 0x2080000fL)
44 : #define OPENSSL_VERSION_NUMBER 0x1010000fL
45 : #elif (LIBRESSL_VERSION_NUMBER >= 0x2070000fL)
46 : #define OPENSSL_VERSION_NUMBER 0x1000200fL
47 : #else
48 : #define OPENSSL_VERSION_NUMBER 0x1000107fL
49 : #endif
50 : #endif
51 :
52 : #if OPENSSL_VERSION_NUMBER < 0x30000000L
53 : #define STROPHE_ERR_func_error_string(e) ERR_func_error_string(e)
54 : #else
55 : #define STROPHE_ERR_func_error_string(e) ""
56 : #endif
57 :
58 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
59 : static const unsigned char *ASN1_STRING_get0_data(ASN1_STRING *asn1)
60 : {
61 : return ASN1_STRING_data(asn1);
62 : }
63 : #endif
64 :
65 : #if OPENSSL_VERSION_NUMBER < 0x10100000L || defined LIBRESSL_VERSION_NUMBER
66 : static int SSL_CTX_use_cert_and_key(SSL_CTX *ctx,
67 : X509 *x509,
68 : EVP_PKEY *privatekey,
69 : STACK_OF(X509) * chain,
70 : int override)
71 : {
72 : UNUSED(override);
73 : if (!ctx)
74 : return 0;
75 : if (x509 && !SSL_CTX_use_certificate(ctx, x509))
76 : return 0;
77 : if (privatekey && !SSL_CTX_use_PrivateKey(ctx, privatekey))
78 : return 0;
79 : #ifdef SSL_CTX_set1_chain
80 : if (chain && !SSL_CTX_set1_chain(ctx, chain))
81 : return 0;
82 : #else
83 : UNUSED(chain);
84 : #endif
85 : return 1;
86 : }
87 : #endif
88 :
89 : #if OPENSSL_VERSION_NUMBER < 0x10000000L
90 : static int GENERAL_NAME_get0_otherName(const GENERAL_NAME *gen,
91 : ASN1_OBJECT **poid,
92 : ASN1_TYPE **pvalue)
93 : {
94 : if (gen->type != GEN_OTHERNAME)
95 : return 0;
96 : if (poid)
97 : *poid = gen->d.otherName->type_id;
98 : if (pvalue)
99 : *pvalue = gen->d.otherName->value;
100 : return 1;
101 : }
102 : #endif
103 :
104 : struct _tls {
105 : xmpp_ctx_t *ctx;
106 : sock_t sock;
107 : SSL_CTX *ssl_ctx;
108 : SSL *ssl;
109 : X509 *client_cert;
110 : void *channel_binding_data;
111 : size_t channel_binding_size;
112 : int lasterror;
113 : };
114 :
115 : enum {
116 : TLS_SHUTDOWN_MAX_RETRIES = 10,
117 : TLS_TIMEOUT_SEC = 0,
118 : TLS_TIMEOUT_USEC = 100000,
119 : };
120 :
121 : static void _tls_sock_wait(tls_t *tls, int error);
122 : static const char *_tls_error_str(int error, const char **tbl, size_t tbl_size);
123 : static void _tls_set_error(tls_t *tls, int error);
124 : static void _tls_log_error(xmpp_ctx_t *ctx);
125 : static void _tls_dump_cert_info(tls_t *tls);
126 : static X509 *_tls_cert_read(xmpp_conn_t *conn);
127 : static X509 *
128 : _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca);
129 : static int _tls_xaddr_nid(void);
130 : static int _tls_xmppaddr_to_string(GENERAL_NAME *name, char **res);
131 : static int _tls_dnsname_to_string(GENERAL_NAME *name, char **res);
132 : static GENERAL_NAMES *_tls_conn_get_names(xmpp_conn_t *conn);
133 : static GENERAL_NAMES *_tls_cert_get_names(X509 *client_cert);
134 :
135 : #define TLS_ERROR_STR(error, table) \
136 : _tls_error_str(error, table, ARRAY_SIZE(table))
137 :
138 : #define TLS_ERROR_FIELD(x) [x] = #x
139 : const char *tls_errors[] = {
140 : TLS_ERROR_FIELD(SSL_ERROR_NONE),
141 : TLS_ERROR_FIELD(SSL_ERROR_SSL),
142 : TLS_ERROR_FIELD(SSL_ERROR_WANT_READ),
143 : TLS_ERROR_FIELD(SSL_ERROR_WANT_WRITE),
144 : TLS_ERROR_FIELD(SSL_ERROR_WANT_X509_LOOKUP),
145 : TLS_ERROR_FIELD(SSL_ERROR_SYSCALL),
146 : TLS_ERROR_FIELD(SSL_ERROR_ZERO_RETURN),
147 : TLS_ERROR_FIELD(SSL_ERROR_WANT_CONNECT),
148 : TLS_ERROR_FIELD(SSL_ERROR_WANT_ACCEPT),
149 : #ifndef LIBRESSL_VERSION_NUMBER
150 : #if OPENSSL_VERSION_NUMBER >= 0x10100000L
151 : TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC),
152 : TLS_ERROR_FIELD(SSL_ERROR_WANT_ASYNC_JOB),
153 : #endif
154 : #if OPENSSL_VERSION_NUMBER >= 0x10101000L
155 : TLS_ERROR_FIELD(SSL_ERROR_WANT_CLIENT_HELLO_CB),
156 : #endif
157 : #endif /* !LIBRESSL_VERSION_NUMBER */
158 : };
159 : const char *cert_errors[] = {
160 : TLS_ERROR_FIELD(X509_V_OK),
161 : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
162 : TLS_ERROR_FIELD(X509_V_ERR_UNSPECIFIED),
163 : #endif
164 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT),
165 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_CRL),
166 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE),
167 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE),
168 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY),
169 : TLS_ERROR_FIELD(X509_V_ERR_CERT_SIGNATURE_FAILURE),
170 : TLS_ERROR_FIELD(X509_V_ERR_CRL_SIGNATURE_FAILURE),
171 : TLS_ERROR_FIELD(X509_V_ERR_CERT_NOT_YET_VALID),
172 : TLS_ERROR_FIELD(X509_V_ERR_CERT_HAS_EXPIRED),
173 : TLS_ERROR_FIELD(X509_V_ERR_CRL_NOT_YET_VALID),
174 : TLS_ERROR_FIELD(X509_V_ERR_CRL_HAS_EXPIRED),
175 : TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD),
176 : TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD),
177 : TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD),
178 : TLS_ERROR_FIELD(X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD),
179 : TLS_ERROR_FIELD(X509_V_ERR_OUT_OF_MEM),
180 : TLS_ERROR_FIELD(X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT),
181 : TLS_ERROR_FIELD(X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN),
182 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY),
183 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE),
184 : TLS_ERROR_FIELD(X509_V_ERR_CERT_CHAIN_TOO_LONG),
185 : TLS_ERROR_FIELD(X509_V_ERR_CERT_REVOKED),
186 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_CA),
187 : TLS_ERROR_FIELD(X509_V_ERR_PATH_LENGTH_EXCEEDED),
188 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_PURPOSE),
189 : TLS_ERROR_FIELD(X509_V_ERR_CERT_UNTRUSTED),
190 : TLS_ERROR_FIELD(X509_V_ERR_CERT_REJECTED),
191 : TLS_ERROR_FIELD(X509_V_ERR_SUBJECT_ISSUER_MISMATCH),
192 : TLS_ERROR_FIELD(X509_V_ERR_AKID_SKID_MISMATCH),
193 : TLS_ERROR_FIELD(X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH),
194 : TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_CERTSIGN),
195 : TLS_ERROR_FIELD(X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER),
196 : TLS_ERROR_FIELD(X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION),
197 : TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_CRL_SIGN),
198 : TLS_ERROR_FIELD(X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION),
199 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_NON_CA),
200 : TLS_ERROR_FIELD(X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED),
201 : TLS_ERROR_FIELD(X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE),
202 : TLS_ERROR_FIELD(X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED),
203 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_EXTENSION),
204 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_POLICY_EXTENSION),
205 : TLS_ERROR_FIELD(X509_V_ERR_NO_EXPLICIT_POLICY),
206 : TLS_ERROR_FIELD(X509_V_ERR_APPLICATION_VERIFICATION),
207 : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
208 : TLS_ERROR_FIELD(X509_V_ERR_DIFFERENT_CRL_SCOPE),
209 : TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE),
210 : TLS_ERROR_FIELD(X509_V_ERR_UNNESTED_RESOURCE),
211 : TLS_ERROR_FIELD(X509_V_ERR_PERMITTED_VIOLATION),
212 : TLS_ERROR_FIELD(X509_V_ERR_EXCLUDED_VIOLATION),
213 : TLS_ERROR_FIELD(X509_V_ERR_SUBTREE_MINMAX),
214 : TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE),
215 : TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX),
216 : TLS_ERROR_FIELD(X509_V_ERR_UNSUPPORTED_NAME_SYNTAX),
217 : TLS_ERROR_FIELD(X509_V_ERR_CRL_PATH_VALIDATION_ERROR),
218 : #ifndef LIBRESSL_VERSION_NUMBER
219 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_VERSION),
220 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_ALGORITHM),
221 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_CURVE),
222 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_INVALID_SIGNATURE_ALGORITHM),
223 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_LOS_NOT_ALLOWED),
224 : TLS_ERROR_FIELD(X509_V_ERR_SUITE_B_CANNOT_SIGN_P_384_WITH_P_256),
225 : #endif /* !LIBRESSL_VERSION_NUMBER */
226 : TLS_ERROR_FIELD(X509_V_ERR_HOSTNAME_MISMATCH),
227 : TLS_ERROR_FIELD(X509_V_ERR_EMAIL_MISMATCH),
228 : TLS_ERROR_FIELD(X509_V_ERR_IP_ADDRESS_MISMATCH),
229 : #endif /* OPENSSL_VERSION_NUMBER >= 0x10002000L */
230 : #if OPENSSL_VERSION_NUMBER >= 0x10100000L
231 : TLS_ERROR_FIELD(X509_V_ERR_INVALID_CALL),
232 : TLS_ERROR_FIELD(X509_V_ERR_STORE_LOOKUP),
233 : #ifndef LIBRESSL_VERSION_NUMBER
234 : TLS_ERROR_FIELD(X509_V_ERR_PATH_LOOP),
235 : TLS_ERROR_FIELD(X509_V_ERR_DANE_NO_MATCH),
236 : TLS_ERROR_FIELD(X509_V_ERR_EE_KEY_TOO_SMALL),
237 : TLS_ERROR_FIELD(X509_V_ERR_CA_KEY_TOO_SMALL),
238 : TLS_ERROR_FIELD(X509_V_ERR_CA_MD_TOO_WEAK),
239 : TLS_ERROR_FIELD(X509_V_ERR_NO_VALID_SCTS),
240 : TLS_ERROR_FIELD(X509_V_ERR_PROXY_SUBJECT_NAME_VIOLATION),
241 : #if OPENSSL_VERSION_NUMBER >= 0x10101000L
242 : TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_NEEDED),
243 : TLS_ERROR_FIELD(X509_V_ERR_OCSP_VERIFY_FAILED),
244 : TLS_ERROR_FIELD(X509_V_ERR_OCSP_CERT_UNKNOWN),
245 : #endif /* OPENSSL_VERSION_NUMBER >= 0x10101000L */
246 : #endif /* !LIBRESSL_VERSION_NUMBER */
247 : #endif /* OPENSSL_VERSION_NUMBER >= 0x10100000L */
248 : };
249 : #undef TLS_ERROR_FIELD
250 :
251 2 : void tls_initialize(void)
252 : {
253 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
254 : SSL_library_init();
255 : SSL_load_error_strings();
256 : #else
257 2 : OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
258 : #endif
259 : /* init xmppAddr OID */
260 2 : _tls_xaddr_nid();
261 2 : }
262 :
263 2 : void tls_shutdown(void)
264 : {
265 : /*
266 : * FIXME: Don't free global tables, program or other libraries may use
267 : * openssl after libstrophe finalization. Maybe better leak some fixed
268 : * memory rather than cause random crashes of the main program.
269 : */
270 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
271 : OBJ_cleanup();
272 : ERR_free_strings();
273 : EVP_cleanup();
274 : CRYPTO_cleanup_all_ex_data();
275 : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
276 : SSL_COMP_free_compression_methods();
277 : #endif
278 : #if OPENSSL_VERSION_NUMBER < 0x10000000L
279 : ERR_remove_state(0);
280 : #else
281 : ERR_remove_thread_state(NULL);
282 : #endif
283 : #endif
284 2 : }
285 :
286 0 : int tls_error(struct conn_interface *intf)
287 : {
288 0 : return intf->conn->tls->lasterror;
289 : }
290 :
291 : /** Search through the SubjectAlternativeNames and return the next
292 : * id-on-xmppAddr element starting from `n`.
293 : */
294 24 : char *tls_id_on_xmppaddr(xmpp_conn_t *conn, unsigned int n)
295 : {
296 24 : char *ret = NULL;
297 24 : int i, j;
298 24 : GENERAL_NAMES *names = _tls_conn_get_names(conn);
299 24 : if (!names) {
300 0 : _tls_log_error(conn->ctx);
301 0 : return NULL;
302 : }
303 24 : int num_names = sk_GENERAL_NAME_num(names);
304 104 : for (i = j = 0; i < num_names; ++i) {
305 72 : char *res;
306 72 : GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
307 72 : if (name == NULL)
308 : break;
309 72 : if (_tls_xmppaddr_to_string(name, &res))
310 32 : continue;
311 40 : if (j == (int)n) {
312 16 : strophe_debug(conn->ctx, "tls",
313 : "extracted jid %s from id-on-xmppAddr", res);
314 16 : ret = strophe_strdup(conn->ctx, res);
315 16 : OPENSSL_free(res);
316 : break;
317 : }
318 24 : j++;
319 24 : OPENSSL_free(res);
320 : }
321 24 : GENERAL_NAMES_free(names);
322 24 : return ret;
323 : }
324 :
325 8 : unsigned int tls_id_on_xmppaddr_num(xmpp_conn_t *conn)
326 : {
327 8 : unsigned int ret = 0;
328 8 : GENERAL_NAMES *names = _tls_conn_get_names(conn);
329 8 : if (!names) {
330 0 : _tls_log_error(conn->ctx);
331 0 : return 0;
332 : }
333 8 : int j, num_names = sk_GENERAL_NAME_num(names);
334 48 : for (j = 0; j < num_names; ++j) {
335 32 : GENERAL_NAME *name = sk_GENERAL_NAME_value(names, j);
336 32 : if (_tls_xmppaddr_to_string(name, NULL))
337 16 : continue;
338 16 : ret++;
339 : }
340 8 : GENERAL_NAMES_free(names);
341 8 : return ret;
342 : }
343 :
344 0 : static int _convert_ASN1TIME(ASN1_TIME *ansi_time, char *buf, size_t len)
345 : {
346 0 : BIO *bio = BIO_new(BIO_s_mem());
347 0 : int rc = ASN1_TIME_print(bio, ansi_time);
348 0 : if (rc <= 0) {
349 0 : BIO_free(bio);
350 0 : return 0;
351 : }
352 0 : rc = BIO_gets(bio, buf, len);
353 0 : if (rc <= 0) {
354 0 : BIO_free(bio);
355 0 : return 0;
356 : }
357 0 : BIO_free(bio);
358 0 : return 1;
359 : }
360 :
361 0 : static char *_asn1_time_to_str(const xmpp_ctx_t *ctx, ASN1_TIME *t)
362 : {
363 0 : char buf[128];
364 0 : int res = _convert_ASN1TIME(t, buf, sizeof(buf));
365 0 : if (res) {
366 0 : return strophe_strdup(ctx, buf);
367 : }
368 : return NULL;
369 : }
370 :
371 : static char *
372 0 : _get_fingerprint(const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
373 : {
374 0 : unsigned char buf[EVP_MAX_MD_SIZE];
375 0 : unsigned int len;
376 0 : const EVP_MD *digest;
377 0 : switch (el) {
378 0 : case XMPP_CERT_FINGERPRINT_SHA1:
379 0 : digest = EVP_sha1();
380 : break;
381 0 : case XMPP_CERT_FINGERPRINT_SHA256:
382 0 : digest = EVP_sha256();
383 : break;
384 : default:
385 0 : return NULL;
386 : }
387 0 : if (X509_digest(err_cert, digest, buf, &len) != 0) {
388 0 : char fingerprint[4 * EVP_MAX_MD_SIZE];
389 0 : hex_encode(fingerprint, buf, len);
390 0 : return strophe_strdup(ctx, fingerprint);
391 : }
392 : return NULL;
393 : }
394 :
395 : static char *
396 0 : _get_alg(const xmpp_ctx_t *ctx, X509 *err_cert, xmpp_cert_element_t el)
397 : {
398 0 : int alg_nid = NID_undef;
399 :
400 0 : switch (el) {
401 0 : case XMPP_CERT_KEYALG: {
402 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
403 : alg_nid = OBJ_obj2nid(err_cert->cert_info->key->algor->algorithm);
404 : #else
405 0 : X509_PUBKEY *pubkey = X509_get_X509_PUBKEY(err_cert);
406 0 : ASN1_OBJECT *ppkalg = NULL;
407 0 : if (X509_PUBKEY_get0_param(&ppkalg, NULL, NULL, NULL, pubkey)) {
408 0 : alg_nid = OBJ_obj2nid(ppkalg);
409 : }
410 : #endif
411 0 : } break;
412 0 : case XMPP_CERT_SIGALG: {
413 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
414 : alg_nid = OBJ_obj2nid(err_cert->sig_alg->algorithm);
415 : #else
416 0 : const X509_ALGOR *palg;
417 0 : const ASN1_OBJECT *obj;
418 0 : X509_get0_signature(NULL, &palg, err_cert);
419 0 : X509_ALGOR_get0(&obj, NULL, NULL, palg);
420 0 : alg_nid = OBJ_obj2nid(obj);
421 : #endif
422 0 : } break;
423 : default:
424 : break;
425 : }
426 0 : if (alg_nid != NID_undef) {
427 0 : const char *alg = OBJ_nid2ln(alg_nid);
428 0 : if (alg) {
429 0 : return strophe_strdup(ctx, alg);
430 : }
431 : }
432 : return NULL;
433 : }
434 :
435 0 : static xmpp_tlscert_t *_x509_to_tlscert(xmpp_ctx_t *ctx, X509 *cert)
436 : {
437 0 : char *subject, *issuer, buf[32];
438 0 : xmpp_tlscert_t *tlscert = tlscert_new(ctx);
439 0 : if (!tlscert)
440 0 : return NULL;
441 :
442 0 : BIO *b = BIO_new(BIO_s_mem());
443 0 : if (!b)
444 0 : goto error_out;
445 0 : PEM_write_bio_X509(b, cert);
446 0 : BUF_MEM *bptr;
447 0 : BIO_get_mem_ptr(b, &bptr);
448 0 : tlscert->pem = strophe_alloc(ctx, bptr->length + 1);
449 0 : if (!tlscert->pem)
450 0 : goto error_out;
451 0 : memcpy(tlscert->pem, bptr->data, bptr->length);
452 0 : tlscert->pem[bptr->length] = '\0';
453 0 : BIO_free(b);
454 :
455 0 : subject = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
456 0 : if (!subject)
457 0 : goto error_out;
458 0 : tlscert->elements[XMPP_CERT_SUBJECT] = strophe_strdup(ctx, subject);
459 0 : OPENSSL_free(subject);
460 0 : issuer = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
461 0 : if (!issuer)
462 0 : goto error_out;
463 0 : tlscert->elements[XMPP_CERT_ISSUER] = strophe_strdup(ctx, issuer);
464 0 : OPENSSL_free(issuer);
465 :
466 0 : tlscert->elements[XMPP_CERT_NOTBEFORE] =
467 0 : _asn1_time_to_str(ctx, X509_get_notBefore(cert));
468 0 : tlscert->elements[XMPP_CERT_NOTAFTER] =
469 0 : _asn1_time_to_str(ctx, X509_get_notAfter(cert));
470 :
471 0 : tlscert->elements[XMPP_CERT_FINGERPRINT_SHA1] =
472 0 : _get_fingerprint(ctx, cert, XMPP_CERT_FINGERPRINT_SHA1);
473 0 : tlscert->elements[XMPP_CERT_FINGERPRINT_SHA256] =
474 0 : _get_fingerprint(ctx, cert, XMPP_CERT_FINGERPRINT_SHA256);
475 :
476 0 : strophe_snprintf(buf, sizeof(buf), "%ld", X509_get_version(cert) + 1);
477 0 : tlscert->elements[XMPP_CERT_VERSION] = strophe_strdup(ctx, buf);
478 :
479 0 : tlscert->elements[XMPP_CERT_KEYALG] = _get_alg(ctx, cert, XMPP_CERT_KEYALG);
480 0 : tlscert->elements[XMPP_CERT_SIGALG] = _get_alg(ctx, cert, XMPP_CERT_SIGALG);
481 :
482 0 : ASN1_INTEGER *serial = X509_get_serialNumber(cert);
483 0 : BIGNUM *bn = ASN1_INTEGER_to_BN(serial, NULL);
484 0 : if (bn) {
485 0 : char *serialnumber = BN_bn2hex(bn);
486 0 : if (serialnumber) {
487 0 : tlscert->elements[XMPP_CERT_SERIALNUMBER] =
488 0 : strophe_strdup(ctx, serialnumber);
489 0 : OPENSSL_free(serialnumber);
490 : }
491 0 : BN_free(bn);
492 : }
493 :
494 0 : GENERAL_NAMES *names = _tls_cert_get_names(cert);
495 0 : if (names) {
496 0 : int j, num_names = sk_GENERAL_NAME_num(names);
497 : size_t n = 0;
498 0 : for (j = 0; j < num_names; ++j) {
499 0 : char *res;
500 0 : GENERAL_NAME *name = sk_GENERAL_NAME_value(names, j);
501 0 : if (_tls_dnsname_to_string(name, &res))
502 0 : continue;
503 0 : if (tlscert_add_dnsname(tlscert, res))
504 0 : strophe_debug(ctx, "tls", "Can't store dnsName(%zu): %s", n,
505 : res);
506 0 : n++;
507 0 : OPENSSL_free(res);
508 : }
509 0 : GENERAL_NAMES_free(names);
510 : }
511 :
512 : return tlscert;
513 0 : error_out:
514 0 : xmpp_tlscert_free(tlscert);
515 : return NULL;
516 : }
517 :
518 0 : static int _tls_verify(int preverify_ok, X509_STORE_CTX *x509_ctx)
519 : {
520 0 : if (preverify_ok == 1)
521 : return 1;
522 :
523 0 : SSL *ssl = X509_STORE_CTX_get_ex_data(x509_ctx,
524 : SSL_get_ex_data_X509_STORE_CTX_idx());
525 0 : xmpp_conn_t *conn = SSL_get_app_data(ssl);
526 :
527 0 : if (!conn->certfail_handler) {
528 0 : strophe_error(conn->ctx, "tls",
529 : "No certfail handler set, canceling connection attempt");
530 0 : return 0;
531 : }
532 :
533 0 : X509 *err_cert = X509_STORE_CTX_get_current_cert(x509_ctx);
534 :
535 0 : xmpp_tlscert_t *tlscert = _x509_to_tlscert(conn->ctx, err_cert);
536 :
537 0 : if (!tlscert)
538 : return 0;
539 :
540 0 : strophe_debug(conn->ctx, "tls", "preverify_ok:%d\nSubject: %s\nIssuer: %s",
541 : preverify_ok, tlscert->elements[XMPP_CERT_SUBJECT],
542 : tlscert->elements[XMPP_CERT_ISSUER]);
543 :
544 0 : int ret = conn->certfail_handler(
545 : tlscert,
546 0 : X509_verify_cert_error_string(X509_STORE_CTX_get_error(x509_ctx)));
547 :
548 0 : xmpp_tlscert_free(tlscert);
549 :
550 0 : return ret;
551 : }
552 :
553 8 : static int _tls_password_callback(char *buf, int size, int rwflag, void *u)
554 : {
555 8 : UNUSED(rwflag);
556 8 : return tls_caching_password_callback(buf, size, u);
557 : }
558 :
559 0 : tls_t *tls_new(xmpp_conn_t *conn)
560 : {
561 0 : tls_t *tls = strophe_alloc(conn->ctx, sizeof(*tls));
562 :
563 0 : if (tls) {
564 0 : int ret;
565 : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
566 : /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */
567 0 : X509_VERIFY_PARAM *param;
568 : #endif
569 0 : memset(tls, 0, sizeof(*tls));
570 :
571 0 : tls->ctx = conn->ctx;
572 0 : tls->sock = conn->sock;
573 : #if OPENSSL_VERSION_NUMBER < 0x10100000L
574 : tls->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
575 : #else
576 0 : tls->ssl_ctx = SSL_CTX_new(TLS_client_method());
577 : #endif
578 0 : if (tls->ssl_ctx == NULL)
579 0 : goto err;
580 :
581 : /* Enable bug workarounds. */
582 0 : SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_ALL);
583 :
584 : /* Disable insecure SSL/TLS versions. */
585 0 : SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_SSLv2); /* DROWN */
586 0 : SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_SSLv3); /* POODLE */
587 0 : SSL_CTX_set_options(tls->ssl_ctx, SSL_OP_NO_TLSv1); /* BEAST */
588 :
589 0 : if (conn->password_callback) {
590 0 : SSL_CTX_set_default_passwd_cb(tls->ssl_ctx, _tls_password_callback);
591 0 : SSL_CTX_set_default_passwd_cb_userdata(tls->ssl_ctx, conn);
592 : }
593 :
594 0 : if (conn->tls_client_cert && conn->tls_client_key) {
595 0 : unsigned int retries = 0;
596 0 : tls->client_cert = _tls_cert_read(conn);
597 0 : if (!tls->client_cert) {
598 0 : strophe_error(tls->ctx, "tls",
599 : "could not read client certificate");
600 0 : goto err_free_ctx;
601 : }
602 :
603 0 : SSL_CTX_use_certificate_file(tls->ssl_ctx, conn->tls_client_cert,
604 : SSL_FILETYPE_PEM);
605 0 : while (retries++ < conn->password_retries) {
606 0 : if (SSL_CTX_use_PrivateKey_file(
607 0 : tls->ssl_ctx, conn->tls_client_key, SSL_FILETYPE_PEM)) {
608 : break;
609 : }
610 0 : tls_clear_password_cache(conn);
611 0 : unsigned long err = ERR_peek_error();
612 0 : if ((ERR_GET_LIB(err) == ERR_LIB_EVP &&
613 0 : ERR_GET_REASON(err) == EVP_R_BAD_DECRYPT) ||
614 0 : (ERR_GET_LIB(err) == ERR_LIB_PEM &&
615 0 : ERR_GET_REASON(err) == PEM_R_BAD_DECRYPT)) {
616 0 : strophe_debug(tls->ctx, "tls", "wrong password?");
617 0 : continue;
618 : }
619 0 : strophe_error(tls->ctx, "tls",
620 : "could not use private key %d %d",
621 : ERR_GET_LIB(err), ERR_GET_REASON(err));
622 0 : goto err_free_ctx;
623 : }
624 0 : } else if (conn->tls_client_cert) {
625 0 : EVP_PKEY *pkey = NULL;
626 0 : STACK_OF(X509) *ca = NULL;
627 0 : X509 *cert = _tls_cert_read_p12(conn, &pkey, &ca);
628 0 : if (!cert) {
629 0 : goto err_free_ctx;
630 : }
631 :
632 0 : SSL_CTX_use_cert_and_key(tls->ssl_ctx, cert, pkey, ca, 1);
633 :
634 0 : if (pkey)
635 0 : EVP_PKEY_free(pkey);
636 0 : if (ca)
637 0 : sk_X509_pop_free(ca, X509_free);
638 0 : tls->client_cert = cert;
639 : } else {
640 : /* If the server asks for a client certificate, don't send one. */
641 0 : SSL_CTX_set_client_cert_cb(tls->ssl_ctx, NULL);
642 : }
643 :
644 0 : SSL_CTX_set_mode(tls->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
645 :
646 0 : ret = SSL_CTX_set_default_verify_paths(tls->ssl_ctx);
647 0 : if (ret == 0 && !conn->tls_trust) {
648 : /*
649 : * Returns 1 on success and 0 on failure. A missing default
650 : * location is still treated as a success.
651 : * Ignore errors when XMPP_CONN_FLAG_TRUST_TLS is set.
652 : */
653 0 : strophe_error(tls->ctx, "tls",
654 : "SSL_CTX_set_default_verify_paths() failed");
655 0 : goto err_free_cert;
656 : }
657 :
658 0 : if (conn->tls_cafile || conn->tls_capath) {
659 0 : if (SSL_CTX_load_verify_locations(tls->ssl_ctx, conn->tls_cafile,
660 0 : conn->tls_capath) == 0) {
661 0 : strophe_error(tls->ctx, "tls",
662 : "SSL_CTX_load_verify_locations() failed");
663 0 : goto err_free_cert;
664 : }
665 : }
666 :
667 0 : tls->ssl = SSL_new(tls->ssl_ctx);
668 0 : if (tls->ssl == NULL)
669 0 : goto err_free_cert;
670 :
671 : #if OPENSSL_VERSION_NUMBER >= 0x0908060L && !defined(OPENSSL_NO_TLSEXT)
672 : /* Enable SNI. */
673 0 : SSL_set_tlsext_host_name(tls->ssl, conn->domain);
674 : #endif
675 :
676 : /* Trust server's certificate when user sets the flag explicitly.
677 : * Otherwise call the verification callback */
678 0 : if (conn->tls_trust)
679 0 : SSL_set_verify(tls->ssl, SSL_VERIFY_NONE, NULL);
680 : else
681 0 : SSL_set_verify(tls->ssl, SSL_VERIFY_PEER, _tls_verify);
682 0 : SSL_set_app_data(tls->ssl, conn);
683 : #if OPENSSL_VERSION_NUMBER >= 0x10002000L
684 : /* Hostname verification is supported in OpenSSL 1.0.2 and newer. */
685 0 : param = SSL_get0_param(tls->ssl);
686 :
687 : /*
688 : * Allow only complete wildcards. RFC 6125 discourages wildcard usage
689 : * completely, and lists internationalized domain names as a reason
690 : * against partial wildcards.
691 : * See https://tools.ietf.org/html/rfc6125#section-7.2 for more
692 : * information.
693 : */
694 0 : X509_VERIFY_PARAM_set_hostflags(param,
695 : X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
696 0 : X509_VERIFY_PARAM_set1_host(param, conn->domain, 0);
697 : #endif
698 :
699 0 : ret = SSL_set_fd(tls->ssl, conn->sock);
700 0 : if (ret <= 0)
701 0 : goto err_free_ssl;
702 : }
703 :
704 : return tls;
705 :
706 0 : err_free_ssl:
707 0 : SSL_free(tls->ssl);
708 0 : err_free_cert:
709 0 : X509_free(tls->client_cert);
710 0 : err_free_ctx:
711 0 : SSL_CTX_free(tls->ssl_ctx);
712 0 : err:
713 0 : strophe_free(conn->ctx, tls);
714 0 : _tls_log_error(conn->ctx);
715 0 : return NULL;
716 : }
717 :
718 0 : void tls_free(tls_t *tls)
719 : {
720 0 : strophe_free(tls->ctx, tls->channel_binding_data);
721 0 : SSL_free(tls->ssl);
722 0 : X509_free(tls->client_cert);
723 0 : SSL_CTX_free(tls->ssl_ctx);
724 0 : strophe_free(tls->ctx, tls);
725 0 : }
726 :
727 0 : xmpp_tlscert_t *tls_peer_cert(xmpp_conn_t *conn)
728 : {
729 0 : if (conn && conn->tls && conn->tls->ssl) {
730 0 : X509 *cert = SSL_get_peer_certificate(conn->tls->ssl);
731 0 : if (cert) {
732 0 : xmpp_tlscert_t *tlscert = _x509_to_tlscert(conn->ctx, cert);
733 0 : X509_free(cert);
734 0 : return tlscert;
735 : }
736 : }
737 : return NULL;
738 : }
739 :
740 0 : int tls_set_credentials(tls_t *tls, const char *cafilename)
741 : {
742 0 : UNUSED(tls);
743 0 : UNUSED(cafilename);
744 0 : return -1;
745 : }
746 :
747 0 : int tls_init_channel_binding(tls_t *tls,
748 : const char **binding_prefix,
749 : size_t *binding_prefix_len)
750 : {
751 0 : const char *label = NULL;
752 0 : size_t labellen = 0;
753 :
754 0 : switch (SSL_version(tls->ssl)) {
755 0 : case SSL3_VERSION:
756 0 : *binding_prefix = "tls-unique";
757 0 : *binding_prefix_len = strlen("tls-unique");
758 0 : tls->channel_binding_size = 36;
759 0 : break;
760 0 : case TLS1_VERSION:
761 : case TLS1_1_VERSION:
762 : case TLS1_2_VERSION:
763 0 : *binding_prefix = "tls-unique";
764 0 : *binding_prefix_len = strlen("tls-unique");
765 0 : tls->channel_binding_size = 12;
766 0 : break;
767 : #ifdef TLS1_3_VERSION
768 0 : case TLS1_3_VERSION:
769 0 : label = "EXPORTER-Channel-Binding";
770 0 : labellen = 24;
771 0 : *binding_prefix = "tls-exporter";
772 0 : *binding_prefix_len = strlen("tls-exporter");
773 0 : tls->channel_binding_size = 32;
774 0 : break;
775 : #endif
776 0 : default:
777 0 : strophe_error(tls->ctx, "tls", "Unsupported TLS Version: %s",
778 0 : SSL_get_version(tls->ssl));
779 0 : return -1;
780 : }
781 :
782 0 : strophe_free_and_null(tls->ctx, tls->channel_binding_data);
783 0 : tls->channel_binding_data =
784 0 : strophe_alloc(tls->ctx, tls->channel_binding_size);
785 0 : if (!tls->channel_binding_data)
786 : return -1;
787 :
788 0 : if (SSL_export_keying_material(tls->ssl, tls->channel_binding_data,
789 : tls->channel_binding_size, label, labellen,
790 : NULL, 0, 0) != 1) {
791 0 : strophe_error(tls->ctx, "tls", "Could not get channel binding data");
792 0 : return -1;
793 : }
794 : return 0;
795 : }
796 :
797 0 : const void *tls_get_channel_binding_data(tls_t *tls, size_t *size)
798 : {
799 0 : if (!tls->channel_binding_data || !tls->channel_binding_size) {
800 0 : strophe_error(tls->ctx, "tls", "No channel binding data available");
801 : }
802 0 : *size = tls->channel_binding_size;
803 0 : return tls->channel_binding_data;
804 : }
805 :
806 0 : int tls_start(tls_t *tls)
807 : {
808 0 : int error;
809 0 : int ret;
810 0 : long x509_res;
811 :
812 : /* Since we're non-blocking, loop the connect call until it
813 : succeeds or fails */
814 0 : while (1) {
815 0 : ret = SSL_connect(tls->ssl);
816 0 : error = ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0;
817 :
818 0 : if (ret == -1 && tls_is_recoverable(NULL, error)) {
819 : /* wait for something to happen on the sock before looping back */
820 0 : _tls_sock_wait(tls, error);
821 0 : continue;
822 : }
823 :
824 : /* success or fatal error */
825 0 : break;
826 : }
827 :
828 0 : x509_res = SSL_get_verify_result(tls->ssl);
829 0 : if (x509_res == X509_V_OK) {
830 0 : strophe_debug(tls->ctx, "tls", "Certificate verification passed");
831 : } else {
832 0 : strophe_debug(tls->ctx, "tls",
833 : "Certificate verification FAILED, result=%s(%ld)",
834 : TLS_ERROR_STR((int)x509_res, cert_errors), x509_res);
835 0 : if (ret > 0)
836 0 : strophe_debug(tls->ctx, "tls", "User decided to connect anyways");
837 : }
838 0 : _tls_dump_cert_info(tls);
839 :
840 0 : _tls_set_error(tls, error);
841 0 : return ret <= 0 ? 0 : 1;
842 : }
843 :
844 0 : int tls_stop(tls_t *tls)
845 : {
846 0 : int retries = 0;
847 0 : int error;
848 0 : int ret;
849 :
850 : /* According to OpenSSL.org, we must not call SSL_shutdown(3)
851 : if a previous fatal error has occurred on a connection. */
852 0 : if (tls->lasterror == SSL_ERROR_SYSCALL || tls->lasterror == SSL_ERROR_SSL)
853 : return 1;
854 :
855 0 : while (1) {
856 0 : ++retries;
857 0 : ret = SSL_shutdown(tls->ssl);
858 0 : error = ret < 0 ? SSL_get_error(tls->ssl, ret) : 0;
859 0 : if (ret == 1 || !tls_is_recoverable(NULL, error) ||
860 : retries >= TLS_SHUTDOWN_MAX_RETRIES) {
861 : break;
862 : }
863 0 : _tls_sock_wait(tls, error);
864 : }
865 0 : if (error == SSL_ERROR_SYSCALL && errno == 0) {
866 : /*
867 : * Handle special case when peer closes connection instead of
868 : * proper shutdown.
869 : */
870 0 : error = 0;
871 0 : ret = 1;
872 : }
873 0 : _tls_set_error(tls, error);
874 :
875 0 : return ret <= 0 ? 0 : 1;
876 : }
877 :
878 0 : int tls_is_recoverable(struct conn_interface *intf, int error)
879 : {
880 0 : UNUSED(intf);
881 0 : return (error == SSL_ERROR_NONE || error == SSL_ERROR_WANT_READ ||
882 0 : error == SSL_ERROR_WANT_WRITE || error == SSL_ERROR_WANT_CONNECT ||
883 : error == SSL_ERROR_WANT_ACCEPT);
884 : }
885 :
886 0 : int tls_pending(struct conn_interface *intf)
887 : {
888 0 : return SSL_pending(intf->conn->tls->ssl);
889 : }
890 :
891 0 : int tls_read(struct conn_interface *intf, void *buff, size_t len)
892 : {
893 0 : int ret;
894 0 : tls_t *tls = intf->conn->tls;
895 :
896 0 : ret = SSL_read(tls->ssl, buff, len);
897 0 : _tls_set_error(tls, ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0);
898 :
899 0 : return ret;
900 : }
901 :
902 0 : int tls_write(struct conn_interface *intf, const void *buff, size_t len)
903 : {
904 0 : int ret;
905 0 : tls_t *tls = intf->conn->tls;
906 :
907 0 : ret = SSL_write(tls->ssl, buff, len);
908 0 : _tls_set_error(tls, ret <= 0 ? SSL_get_error(tls->ssl, ret) : 0);
909 :
910 0 : return ret;
911 : }
912 :
913 0 : int tls_clear_pending_write(struct conn_interface *intf)
914 : {
915 0 : UNUSED(intf);
916 0 : return 0;
917 : }
918 :
919 0 : static void _tls_sock_wait(tls_t *tls, int error)
920 : {
921 0 : struct timeval tv;
922 0 : fd_set rfds;
923 0 : fd_set wfds;
924 0 : int nfds;
925 0 : int ret;
926 :
927 0 : if (error == SSL_ERROR_NONE)
928 0 : return;
929 :
930 0 : FD_ZERO(&rfds);
931 0 : FD_ZERO(&wfds);
932 0 : if (error == SSL_ERROR_WANT_READ)
933 0 : FD_SET(tls->sock, &rfds);
934 0 : if (error == SSL_ERROR_WANT_WRITE)
935 0 : FD_SET(tls->sock, &wfds);
936 0 : nfds = (error == SSL_ERROR_WANT_READ || error == SSL_ERROR_WANT_WRITE)
937 0 : ? tls->sock + 1
938 0 : : 0;
939 0 : do {
940 0 : tv.tv_sec = TLS_TIMEOUT_SEC;
941 0 : tv.tv_usec = TLS_TIMEOUT_USEC;
942 0 : ret = select(nfds, &rfds, &wfds, NULL, &tv);
943 0 : } while (ret == -1 && errno == EINTR);
944 : }
945 :
946 0 : static const char *_tls_error_str(int error, const char **tbl, size_t tbl_size)
947 : {
948 0 : return (error >= 0 && (size_t)error < tbl_size) ? tbl[error] : "UNKNOWN";
949 : }
950 :
951 0 : static void _tls_set_error(tls_t *tls, int error)
952 : {
953 0 : if (error != 0 && !tls_is_recoverable(NULL, error)) {
954 0 : strophe_debug(tls->ctx, "tls", "error=%s(%d) errno=%d lasterror=%d",
955 0 : TLS_ERROR_STR(error, tls_errors), error, errno,
956 : tls->lasterror);
957 0 : _tls_log_error(tls->ctx);
958 0 : } else if (tls->lasterror && tls->lasterror != error) {
959 0 : strophe_debug_verbose(1, tls->ctx, "tls", "overwrite lasterror=%d",
960 : tls->lasterror);
961 : }
962 0 : tls->lasterror = error;
963 0 : }
964 :
965 0 : static void _tls_log_error(xmpp_ctx_t *ctx)
966 : {
967 0 : unsigned long e;
968 :
969 0 : do {
970 0 : e = ERR_get_error();
971 0 : if (e != 0) {
972 0 : strophe_debug(
973 : ctx, "tls", "error:%08X:%s:%s:%s", e, ERR_lib_error_string(e),
974 : STROPHE_ERR_func_error_string(e), ERR_reason_error_string(e));
975 : }
976 0 : } while (e != 0);
977 0 : }
978 :
979 0 : static void _tls_dump_cert_info(tls_t *tls)
980 : {
981 0 : X509 *cert;
982 0 : char *name;
983 :
984 0 : cert = SSL_get_peer_certificate(tls->ssl);
985 0 : if (cert == NULL)
986 0 : strophe_debug(tls->ctx, "tls", "Certificate was not presented by peer");
987 : else {
988 0 : name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0);
989 0 : if (name != NULL) {
990 0 : strophe_debug(tls->ctx, "tls", "Subject=%s", name);
991 0 : OPENSSL_free(name);
992 : }
993 0 : name = X509_NAME_oneline(X509_get_issuer_name(cert), NULL, 0);
994 0 : if (name != NULL) {
995 0 : strophe_debug(tls->ctx, "tls", "Issuer=%s", name);
996 0 : OPENSSL_free(name);
997 : }
998 0 : X509_free(cert);
999 : }
1000 0 : }
1001 :
1002 8 : static X509 *_tls_cert_read_x509(xmpp_conn_t *conn)
1003 : {
1004 8 : if (conn->tls && conn->tls->client_cert)
1005 : return conn->tls->client_cert;
1006 8 : BIO *f = BIO_new_file(conn->tls_client_cert, "r");
1007 8 : if (!f) {
1008 0 : strophe_debug(conn->ctx, "tls", "f == NULL");
1009 0 : return NULL;
1010 : }
1011 8 : X509 *c = PEM_read_bio_X509(f, NULL, NULL, NULL);
1012 8 : BIO_free(f);
1013 8 : if (!c) {
1014 0 : _tls_log_error(conn->ctx);
1015 : }
1016 : return c;
1017 : }
1018 :
1019 32 : static int _tls_parse_p12(PKCS12 *p12,
1020 : const char *pass,
1021 : EVP_PKEY **pkey,
1022 : X509 **cert,
1023 : STACK_OF(X509) * *ca)
1024 : {
1025 : /* For some reason `PKCS12_parse()` fails without a `EVP_PKEY`
1026 : * so if the user doesn't want it, use a local one and free it
1027 : * again directly after parsing.
1028 : */
1029 32 : EVP_PKEY *pkey_;
1030 32 : if (!pkey)
1031 32 : pkey = &pkey_;
1032 32 : int parse_ok = PKCS12_parse(p12, pass, pkey, cert, ca);
1033 32 : if (pkey == &pkey_ && pkey_)
1034 24 : EVP_PKEY_free(pkey_);
1035 32 : return parse_ok;
1036 : }
1037 :
1038 : static X509 *
1039 24 : _tls_cert_read_p12(xmpp_conn_t *conn, EVP_PKEY **pkey, STACK_OF(X509) * *ca)
1040 : {
1041 24 : if (conn->tls && conn->tls->client_cert && !pkey && !ca)
1042 24 : return conn->tls->client_cert;
1043 24 : X509 *cert = NULL;
1044 24 : PKCS12 *p12 = NULL;
1045 24 : BIO *f = BIO_new_file(conn->tls_client_cert, "rb");
1046 24 : if (!f) {
1047 0 : strophe_debug(conn->ctx, "tls", "f == NULL");
1048 0 : goto error_out;
1049 : }
1050 24 : p12 = d2i_PKCS12_bio(f, NULL);
1051 24 : BIO_free(f);
1052 24 : if (!p12) {
1053 0 : strophe_debug(conn->ctx, "tls", "Could not read p12 file");
1054 0 : goto error_out;
1055 : }
1056 :
1057 : /* First try to open file w/o a pass */
1058 24 : if (_tls_parse_p12(p12, NULL, pkey, &cert, ca)) {
1059 16 : goto success;
1060 : }
1061 8 : cert = NULL;
1062 :
1063 8 : unsigned int retries = 0;
1064 :
1065 8 : pem_password_cb *cb = PEM_def_callback;
1066 8 : void *userdata = NULL;
1067 8 : if (conn->password_callback) {
1068 8 : cb = _tls_password_callback;
1069 8 : userdata = conn;
1070 : }
1071 :
1072 8 : while (retries++ < conn->password_retries) {
1073 8 : char pass[PEM_BUFSIZE + 1];
1074 8 : int passlen = cb(pass, PEM_BUFSIZE, 0, userdata);
1075 8 : if (passlen < 0 || passlen > PEM_BUFSIZE)
1076 0 : goto error_out;
1077 8 : int parse_ok = _tls_parse_p12(p12, pass, pkey, &cert, ca);
1078 8 : if (parse_ok) {
1079 8 : goto success;
1080 : }
1081 0 : cert = NULL;
1082 0 : tls_clear_password_cache(conn);
1083 0 : int err = ERR_peek_last_error();
1084 0 : if (ERR_GET_LIB(err) == ERR_LIB_PKCS12 &&
1085 0 : ERR_GET_REASON(err) == PKCS12_R_MAC_VERIFY_FAILURE) {
1086 0 : strophe_debug(conn->ctx, "tls",
1087 : "Entered password is most likely wrong!");
1088 0 : continue;
1089 : }
1090 0 : strophe_debug(conn->ctx, "tls", "Could not parse PKCS#12");
1091 0 : goto error_out;
1092 : }
1093 0 : error_out:
1094 0 : _tls_log_error(conn->ctx);
1095 24 : success:
1096 24 : if (p12)
1097 24 : PKCS12_free(p12);
1098 24 : return cert;
1099 : }
1100 :
1101 32 : static X509 *_tls_cert_read(xmpp_conn_t *conn)
1102 : {
1103 32 : if (conn->tls && conn->tls->client_cert)
1104 : return conn->tls->client_cert;
1105 32 : if (conn->tls_client_cert && !conn->tls_client_key) {
1106 24 : return _tls_cert_read_p12(conn, NULL, NULL);
1107 : }
1108 8 : return _tls_cert_read_x509(conn);
1109 : }
1110 :
1111 58 : static int _tls_xaddr_nid(void)
1112 : {
1113 58 : static int xaddr_nid = NID_undef;
1114 58 : if (xaddr_nid == NID_undef) {
1115 2 : xaddr_nid = OBJ_sn2nid("id-on-xmppAddr");
1116 : }
1117 58 : if (xaddr_nid == NID_undef) {
1118 0 : xaddr_nid = OBJ_create("1.3.6.1.5.5.7.8.5", "id-on-xmppAddr",
1119 : "XmppAddr Identifier");
1120 : }
1121 58 : return xaddr_nid;
1122 : }
1123 :
1124 32 : static GENERAL_NAMES *_tls_conn_get_names(xmpp_conn_t *conn)
1125 : {
1126 32 : X509 *client_cert;
1127 32 : GENERAL_NAMES *names = NULL;
1128 32 : client_cert = _tls_cert_read(conn);
1129 32 : if (!client_cert)
1130 : return NULL;
1131 32 : names = _tls_cert_get_names(client_cert);
1132 32 : if (!conn->tls || !conn->tls->client_cert)
1133 32 : X509_free(client_cert);
1134 : return names;
1135 : }
1136 :
1137 32 : static GENERAL_NAMES *_tls_cert_get_names(X509 *client_cert)
1138 : {
1139 32 : int san = X509_get_ext_by_NID(client_cert, NID_subject_alt_name, 0);
1140 32 : X509_EXTENSION *san_ext = X509_get_ext(client_cert, san);
1141 32 : if (!san_ext)
1142 32 : return NULL;
1143 32 : ASN1_OCTET_STRING *data = X509_EXTENSION_get_data(san_ext);
1144 32 : if (!data)
1145 : return NULL;
1146 32 : const unsigned char *d = ASN1_STRING_get0_data(data);
1147 32 : if (!d)
1148 : return NULL;
1149 32 : return d2i_GENERAL_NAMES(NULL, &d, ASN1_STRING_length(data));
1150 : }
1151 :
1152 : /** Convert GENERAL_NAME* to a string
1153 : *
1154 : * This checks whether the GENERAL_NAME* that is given has the
1155 : * correct id-on-xmppAddr set and then optionally converts this
1156 : * form ASN.1 to a string/char*.
1157 : *
1158 : * When `res` pointer is set to NULL this method doesn't allocate
1159 : * the result but only checks whether it is in the correct format.
1160 : *
1161 : * @param name Pointer to the GENERAL_NAME that shall be converted
1162 : * @param res Result-pointer (optional, can be NULL)
1163 : *
1164 : * @return classic Unix style - 0=success, 1=error
1165 : */
1166 104 : static int _tls_xmppaddr_to_string(GENERAL_NAME *name, char **res)
1167 : {
1168 104 : ASN1_OBJECT *oid;
1169 104 : ASN1_TYPE *val;
1170 104 : if (!name || name->type != GEN_OTHERNAME)
1171 104 : return 1;
1172 56 : if (GENERAL_NAME_get0_otherName(name, &oid, &val) == 0)
1173 : return 1;
1174 56 : if (OBJ_obj2nid(oid) != _tls_xaddr_nid() || !val)
1175 : return 1;
1176 56 : if (!res)
1177 : return 0;
1178 40 : if (ASN1_STRING_to_UTF8((unsigned char **)res, val->value.asn1_string) < 0)
1179 : return 1;
1180 : return 0;
1181 : }
1182 :
1183 0 : static int _tls_dnsname_to_string(GENERAL_NAME *name, char **res)
1184 : {
1185 0 : ASN1_STRING *str;
1186 0 : if (!name || name->type != GEN_DNS)
1187 : return 1;
1188 0 : str = GENERAL_NAME_get0_value(name, NULL);
1189 0 : if (str == NULL)
1190 : return 1;
1191 0 : if (!res)
1192 : return 0;
1193 0 : if (ASN1_STRING_to_UTF8((unsigned char **)res, str) < 0)
1194 : return 1;
1195 : return 0;
1196 : }
|