diff options
Diffstat (limited to 'app/openvpn/src/openvpn/ssl_openssl.c')
-rw-r--r-- | app/openvpn/src/openvpn/ssl_openssl.c | 1175 |
1 files changed, 0 insertions, 1175 deletions
diff --git a/app/openvpn/src/openvpn/ssl_openssl.c b/app/openvpn/src/openvpn/ssl_openssl.c deleted file mode 100644 index a727b605..00000000 --- a/app/openvpn/src/openvpn/ssl_openssl.c +++ /dev/null @@ -1,1175 +0,0 @@ -/* - * OpenVPN -- An application to securely tunnel IP networks - * over a single TCP/UDP port, with support for SSL/TLS-based - * session authentication and key exchange, - * packet encryption, packet authentication, and - * packet compression. - * - * Copyright (C) 2002-2010 OpenVPN Technologies, Inc. <sales@openvpn.net> - * Copyright (C) 2010 Fox Crypto B.V. <openvpn@fox-it.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License version 2 - * as published by the Free Software Foundation. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program (see the file COPYING included with this - * distribution); if not, write to the Free Software Foundation, Inc., - * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/** - * @file Control Channel OpenSSL Backend - */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#elif defined(_MSC_VER) -#include "config-msvc.h" -#endif - -#include "syshead.h" - -#if defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_OPENSSL) - -#include "errlevel.h" -#include "buffer.h" -#include "misc.h" -#include "manage.h" -#include "memdbg.h" -#include "ssl_backend.h" -#include "ssl_common.h" -#include "base64.h" - -#ifdef ENABLE_CRYPTOAPI -#include "cryptoapi.h" -#endif - -#include "ssl_verify_openssl.h" - -#include <openssl/err.h> -#include <openssl/pkcs12.h> -#include <openssl/x509.h> -#include <openssl/crypto.h> - -/* - * Allocate space in SSL objects in which to store a struct tls_session - * pointer back to parent. - * - */ - -int mydata_index; /* GLOBAL */ - -void -tls_init_lib() -{ - SSL_library_init(); -#ifndef ENABLE_SMALL - SSL_load_error_strings(); -#endif - OpenSSL_add_all_algorithms (); - - mydata_index = SSL_get_ex_new_index(0, "struct session *", NULL, NULL, NULL); - ASSERT (mydata_index >= 0); -} - -void -tls_free_lib() -{ - EVP_cleanup(); -#ifndef ENABLE_SMALL - ERR_free_strings(); -#endif -} - -void -tls_clear_error() -{ - ERR_clear_error (); -} - -/* - * OpenSSL callback to get a temporary RSA key, mostly - * used for export ciphers. - */ -static RSA * -tmp_rsa_cb (SSL * s, int is_export, int keylength) -{ - static RSA *rsa_tmp = NULL; - if (rsa_tmp == NULL) - { - msg (D_HANDSHAKE, "Generating temp (%d bit) RSA key", keylength); - rsa_tmp = RSA_generate_key (keylength, RSA_F4, NULL, NULL); - } - return (rsa_tmp); -} - -void -tls_ctx_server_new(struct tls_root_ctx *ctx) -{ - ASSERT(NULL != ctx); - - ctx->ctx = SSL_CTX_new (TLSv1_server_method ()); - - if (ctx->ctx == NULL) - msg (M_SSLERR, "SSL_CTX_new TLSv1_server_method"); - - SSL_CTX_set_tmp_rsa_callback (ctx->ctx, tmp_rsa_cb); -} - -void -tls_ctx_client_new(struct tls_root_ctx *ctx) -{ - ASSERT(NULL != ctx); - - ctx->ctx = SSL_CTX_new (TLSv1_client_method ()); - - if (ctx->ctx == NULL) - msg (M_SSLERR, "SSL_CTX_new TLSv1_client_method"); -} - -void -tls_ctx_free(struct tls_root_ctx *ctx) -{ - ASSERT(NULL != ctx); - if (NULL != ctx->ctx) - SSL_CTX_free (ctx->ctx); - ctx->ctx = NULL; -} - -bool tls_ctx_initialised(struct tls_root_ctx *ctx) -{ - ASSERT(NULL != ctx); - return NULL != ctx->ctx; -} - -/* - * Print debugging information on SSL/TLS session negotiation. - */ - -#ifndef INFO_CALLBACK_SSL_CONST -#define INFO_CALLBACK_SSL_CONST const -#endif -static void -info_callback (INFO_CALLBACK_SSL_CONST SSL * s, int where, int ret) -{ - if (where & SSL_CB_LOOP) - { - dmsg (D_HANDSHAKE_VERBOSE, "SSL state (%s): %s", - where & SSL_ST_CONNECT ? "connect" : - where & SSL_ST_ACCEPT ? "accept" : - "undefined", SSL_state_string_long (s)); - } - else if (where & SSL_CB_ALERT) - { - dmsg (D_HANDSHAKE_VERBOSE, "SSL alert (%s): %s: %s", - where & SSL_CB_READ ? "read" : "write", - SSL_alert_type_string_long (ret), - SSL_alert_desc_string_long (ret)); - } -} - -void -tls_ctx_set_options (struct tls_root_ctx *ctx, unsigned int ssl_flags) -{ - ASSERT(NULL != ctx); - - SSL_CTX_set_session_cache_mode (ctx->ctx, SSL_SESS_CACHE_OFF); - SSL_CTX_set_options (ctx->ctx, SSL_OP_SINGLE_DH_USE); - SSL_CTX_set_default_passwd_cb (ctx->ctx, pem_password_callback); - - /* Require peer certificate verification */ -#if P2MP_SERVER - if (ssl_flags & SSLF_CLIENT_CERT_NOT_REQUIRED) - { - msg (M_WARN, "WARNING: POTENTIALLY DANGEROUS OPTION " - "--client-cert-not-required may accept clients which do not present " - "a certificate"); - } - else -#endif - SSL_CTX_set_verify (ctx->ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, - verify_callback); - - SSL_CTX_set_info_callback (ctx->ctx, info_callback); -} - -void -tls_ctx_restrict_ciphers(struct tls_root_ctx *ctx, const char *ciphers) -{ - ASSERT(NULL != ctx); - - if(!SSL_CTX_set_cipher_list(ctx->ctx, ciphers)) - msg(M_SSLERR, "Failed to set restricted TLS cipher list: %s", ciphers); -} - -void -tls_ctx_load_dh_params (struct tls_root_ctx *ctx, const char *dh_file, - const char *dh_file_inline - ) -{ - DH *dh; - BIO *bio; - - ASSERT(NULL != ctx); - - if (!strcmp (dh_file, INLINE_FILE_TAG) && dh_file_inline) - { - if (!(bio = BIO_new_mem_buf ((char *)dh_file_inline, -1))) - msg (M_SSLERR, "Cannot open memory BIO for inline DH parameters"); - } - else - { - /* Get Diffie Hellman Parameters */ - if (!(bio = BIO_new_file (dh_file, "r"))) - msg (M_SSLERR, "Cannot open %s for DH parameters", dh_file); - } - - dh = PEM_read_bio_DHparams (bio, NULL, NULL, NULL); - BIO_free (bio); - - if (!dh) - msg (M_SSLERR, "Cannot load DH parameters from %s", dh_file); - if (!SSL_CTX_set_tmp_dh (ctx->ctx, dh)) - msg (M_SSLERR, "SSL_CTX_set_tmp_dh"); - - msg (D_TLS_DEBUG_LOW, "Diffie-Hellman initialized with %d bit key", - 8 * DH_size (dh)); - - DH_free (dh); -} - -int -tls_ctx_load_pkcs12(struct tls_root_ctx *ctx, const char *pkcs12_file, - const char *pkcs12_file_inline, - bool load_ca_file - ) -{ - FILE *fp; - EVP_PKEY *pkey; - X509 *cert; - STACK_OF(X509) *ca = NULL; - PKCS12 *p12; - int i; - char password[256]; - - ASSERT(NULL != ctx); - - if (!strcmp (pkcs12_file, INLINE_FILE_TAG) && pkcs12_file_inline) - { - BIO *b64 = BIO_new(BIO_f_base64()); - BIO *bio = BIO_new_mem_buf((void *) pkcs12_file_inline, - (int) strlen(pkcs12_file_inline)); - ASSERT(b64 && bio); - BIO_push(b64, bio); - p12 = d2i_PKCS12_bio(b64, NULL); - if (!p12) - msg(M_SSLERR, "Error reading inline PKCS#12 file"); - BIO_free(b64); - BIO_free(bio); - } - else - { - /* Load the PKCS #12 file */ - if (!(fp = platform_fopen(pkcs12_file, "rb"))) - msg(M_SSLERR, "Error opening file %s", pkcs12_file); - p12 = d2i_PKCS12_fp(fp, NULL); - fclose(fp); - if (!p12) - msg(M_SSLERR, "Error reading PKCS#12 file %s", pkcs12_file); - } - - /* Parse the PKCS #12 file */ - if (!PKCS12_parse(p12, "", &pkey, &cert, &ca)) - { - pem_password_callback (password, sizeof(password) - 1, 0, NULL); - /* Reparse the PKCS #12 file with password */ - ca = NULL; - if (!PKCS12_parse(p12, password, &pkey, &cert, &ca)) - { -#ifdef ENABLE_MANAGEMENT - if (management && (ERR_GET_REASON (ERR_peek_error()) == PKCS12_R_MAC_VERIFY_FAILURE)) - management_auth_failure (management, UP_TYPE_PRIVATE_KEY, NULL); -#endif - PKCS12_free(p12); - return 1; - } - } - PKCS12_free(p12); - - /* Load Certificate */ - if (!SSL_CTX_use_certificate (ctx->ctx, cert)) - msg (M_SSLERR, "Cannot use certificate"); - - /* Load Private Key */ - if (!SSL_CTX_use_PrivateKey (ctx->ctx, pkey)) - msg (M_SSLERR, "Cannot use private key"); - warn_if_group_others_accessible (pkcs12_file); - - /* Check Private Key */ - if (!SSL_CTX_check_private_key (ctx->ctx)) - msg (M_SSLERR, "Private key does not match the certificate"); - - /* Set Certificate Verification chain */ - if (load_ca_file) - { - if (ca && sk_X509_num(ca)) - { - for (i = 0; i < sk_X509_num(ca); i++) - { - if (!X509_STORE_add_cert(ctx->ctx->cert_store,sk_X509_value(ca, i))) - msg (M_SSLERR, "Cannot add certificate to certificate chain (X509_STORE_add_cert)"); - if (!SSL_CTX_add_client_CA(ctx->ctx, sk_X509_value(ca, i))) - msg (M_SSLERR, "Cannot add certificate to client CA list (SSL_CTX_add_client_CA)"); - } - } - } - return 0; -} - -#ifdef ENABLE_CRYPTOAPI -void -tls_ctx_load_cryptoapi(struct tls_root_ctx *ctx, const char *cryptoapi_cert) -{ - ASSERT(NULL != ctx); - - /* Load Certificate and Private Key */ - if (!SSL_CTX_use_CryptoAPI_certificate (ctx->ctx, cryptoapi_cert)) - msg (M_SSLERR, "Cannot load certificate \"%s\" from Microsoft Certificate Store", - cryptoapi_cert); -} -#endif /* WIN32 */ - -static void -tls_ctx_add_extra_certs (struct tls_root_ctx *ctx, BIO *bio) -{ - X509 *cert; - for (;;) - { - cert = NULL; - if (!PEM_read_bio_X509 (bio, &cert, 0, NULL)) /* takes ownership of cert */ - break; - if (!cert) - msg (M_SSLERR, "Error reading extra certificate"); - if (SSL_CTX_add_extra_chain_cert(ctx->ctx, cert) != 1) - msg (M_SSLERR, "Error adding extra certificate"); - } -} - -void -tls_ctx_load_cert_file (struct tls_root_ctx *ctx, const char *cert_file, - const char *cert_file_inline, X509 **x509 - ) -{ - BIO *in = NULL; - X509 *x = NULL; - int ret = 0; - bool inline_file = false; - - ASSERT (NULL != ctx); - if (NULL != x509) - ASSERT (NULL == *x509); - - inline_file = (strcmp (cert_file, INLINE_FILE_TAG) == 0); - - if (inline_file && cert_file_inline) - in = BIO_new_mem_buf ((char *)cert_file_inline, -1); - else - in = BIO_new_file (cert_file, "r"); - - if (in == NULL) - { - SSLerr (SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_SYS_LIB); - goto end; - } - - x = PEM_read_bio_X509 (in, NULL, ctx->ctx->default_passwd_callback, - ctx->ctx->default_passwd_callback_userdata); - if (x == NULL) - { - SSLerr (SSL_F_SSL_CTX_USE_CERTIFICATE_FILE, ERR_R_PEM_LIB); - goto end; - } - - ret = SSL_CTX_use_certificate (ctx->ctx, x); - if (ret) - tls_ctx_add_extra_certs (ctx, in); - -end: - if (!ret) - { - if (inline_file) - msg (M_SSLERR, "Cannot load inline certificate file"); - else - msg (M_SSLERR, "Cannot load certificate file %s", cert_file); - } - - if (in != NULL) - BIO_free(in); - if (x509) - *x509 = x; - else if (x) - X509_free (x); -} - -void -tls_ctx_free_cert_file (X509 *x509) -{ - X509_free(x509); -} - -int -tls_ctx_load_priv_file (struct tls_root_ctx *ctx, const char *priv_key_file, - const char *priv_key_file_inline - ) -{ - int status; - SSL_CTX *ssl_ctx = NULL; - BIO *in = NULL; - EVP_PKEY *pkey = NULL; - int ret = 1; - - ASSERT(NULL != ctx); - - ssl_ctx = ctx->ctx; - - if (!strcmp (priv_key_file, INLINE_FILE_TAG) && priv_key_file_inline) - in = BIO_new_mem_buf ((char *)priv_key_file_inline, -1); - else - in = BIO_new_file (priv_key_file, "r"); - - if (!in) - goto end; - - pkey = PEM_read_bio_PrivateKey (in, NULL, - ssl_ctx->default_passwd_callback, - ssl_ctx->default_passwd_callback_userdata); - if (!pkey) - goto end; - - if (!SSL_CTX_use_PrivateKey (ssl_ctx, pkey)) - { -#ifdef ENABLE_MANAGEMENT - if (management && (ERR_GET_REASON (ERR_peek_error()) == EVP_R_BAD_DECRYPT)) - management_auth_failure (management, UP_TYPE_PRIVATE_KEY, NULL); -#endif - msg (M_WARN|M_SSL, "Cannot load private key file %s", priv_key_file); - goto end; - } - warn_if_group_others_accessible (priv_key_file); - - /* Check Private Key */ - if (!SSL_CTX_check_private_key (ssl_ctx)) - msg (M_SSLERR, "Private key does not match the certificate"); - ret = 0; - -end: - if (pkey) - EVP_PKEY_free (pkey); - if (in) - BIO_free (in); - return ret; -} - -#ifdef MANAGMENT_EXTERNAL_KEY - -/* encrypt */ -static int -rsa_pub_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - ASSERT(0); - return -1; -} - -/* verify arbitrary data */ -static int -rsa_pub_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - ASSERT(0); - return -1; -} - -/* decrypt */ -static int -rsa_priv_dec(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - ASSERT(0); - return -1; -} - -/* called at RSA_free */ -static int -rsa_finish(RSA *rsa) -{ - free ((void*)rsa->meth); - rsa->meth = NULL; - return 1; -} - -/* sign arbitrary data */ -static int -rsa_priv_enc(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) -{ - /* optional app data in rsa->meth->app_data; */ - char *in_b64 = NULL; - char *out_b64 = NULL; - int ret = -1; - int len; - - if (padding != RSA_PKCS1_PADDING) - { - RSAerr (RSA_F_RSA_EAY_PRIVATE_ENCRYPT, RSA_R_UNKNOWN_PADDING_TYPE); - goto done; - } - - /* convert 'from' to base64 */ - if (openvpn_base64_encode (from, flen, &in_b64) <= 0) - goto done; - - /* call MI for signature */ - if (management) - out_b64 = management_query_rsa_sig (management, in_b64); - if (!out_b64) - goto done; - - /* decode base64 signature to binary */ - len = RSA_size(rsa); - ret = openvpn_base64_decode (out_b64, to, len); - - /* verify length */ - if (ret != len) - ret = -1; - - done: - if (in_b64) - free (in_b64); - if (out_b64) - free (out_b64); - return ret; -} - -int -tls_ctx_use_external_private_key (struct tls_root_ctx *ctx, X509 *cert) -{ - RSA *rsa = NULL; - RSA *pub_rsa; - RSA_METHOD *rsa_meth; - - ASSERT (NULL != ctx); - ASSERT (NULL != cert); - - /* allocate custom RSA method object */ - ALLOC_OBJ_CLEAR (rsa_meth, RSA_METHOD); - rsa_meth->name = "OpenVPN external private key RSA Method"; - rsa_meth->rsa_pub_enc = rsa_pub_enc; - rsa_meth->rsa_pub_dec = rsa_pub_dec; - rsa_meth->rsa_priv_enc = rsa_priv_enc; - rsa_meth->rsa_priv_dec = rsa_priv_dec; - rsa_meth->init = NULL; - rsa_meth->finish = rsa_finish; - rsa_meth->flags = RSA_METHOD_FLAG_NO_CHECK; - rsa_meth->app_data = NULL; - - /* allocate RSA object */ - rsa = RSA_new(); - if (rsa == NULL) - { - SSLerr(SSL_F_SSL_USE_PRIVATEKEY, ERR_R_MALLOC_FAILURE); - goto err; - } - - /* get the public key */ - ASSERT(cert->cert_info->key->pkey); /* NULL before SSL_CTX_use_certificate() is called */ - pub_rsa = cert->cert_info->key->pkey->pkey.rsa; - - /* initialize RSA object */ - rsa->n = BN_dup(pub_rsa->n); - rsa->flags |= RSA_FLAG_EXT_PKEY; - if (!RSA_set_method(rsa, rsa_meth)) - goto err; - - /* bind our custom RSA object to ssl_ctx */ - if (!SSL_CTX_use_RSAPrivateKey(ctx->ctx, rsa)) - goto err; - - RSA_free(rsa); /* doesn't necessarily free, just decrements refcount */ - return 1; - - err: - if (rsa) - RSA_free(rsa); - else - { - if (rsa_meth) - free(rsa_meth); - } - msg (M_SSLERR, "Cannot enable SSL external private key capability"); - return 0; -} - -#endif - -static int -sk_x509_name_cmp(const X509_NAME * const *a, const X509_NAME * const *b) -{ - return X509_NAME_cmp (*a, *b); -} - -void -tls_ctx_load_ca (struct tls_root_ctx *ctx, const char *ca_file, - const char *ca_file_inline, - const char *ca_path, bool tls_server - ) -{ - STACK_OF(X509_INFO) *info_stack = NULL; - STACK_OF(X509_NAME) *cert_names = NULL; - X509_LOOKUP *lookup = NULL; - X509_STORE *store = NULL; - X509_NAME *xn = NULL; - BIO *in = NULL; - int i, added = 0; - - ASSERT(NULL != ctx); - - store = SSL_CTX_get_cert_store(ctx->ctx); - if (!store) - msg(M_SSLERR, "Cannot get certificate store (SSL_CTX_get_cert_store)"); - - /* Try to add certificates and CRLs from ca_file */ - if (ca_file) - { - if (!strcmp (ca_file, INLINE_FILE_TAG) && ca_file_inline) - in = BIO_new_mem_buf ((char *)ca_file_inline, -1); - else - in = BIO_new_file (ca_file, "r"); - - if (in) - info_stack = PEM_X509_INFO_read_bio (in, NULL, NULL, NULL); - - if (info_stack) - { - for (i = 0; i < sk_X509_INFO_num (info_stack); i++) - { - X509_INFO *info = sk_X509_INFO_value (info_stack, i); - if (info->crl) - X509_STORE_add_crl (store, info->crl); - - if (info->x509) - { - X509_STORE_add_cert (store, info->x509); - added++; - - if (!tls_server) - continue; - - /* Use names of CAs as a client CA list */ - if (cert_names == NULL) - { - cert_names = sk_X509_NAME_new (sk_x509_name_cmp); - if (!cert_names) - continue; - } - - xn = X509_get_subject_name (info->x509); - if (!xn) - continue; - - /* Don't add duplicate CA names */ - if (sk_X509_NAME_find (cert_names, xn) == -1) - { - xn = X509_NAME_dup (xn); - if (!xn) - continue; - sk_X509_NAME_push (cert_names, xn); - } - } - } - sk_X509_INFO_pop_free (info_stack, X509_INFO_free); - } - - if (tls_server) - SSL_CTX_set_client_CA_list (ctx->ctx, cert_names); - - if (!added || (tls_server && sk_X509_NAME_num (cert_names) != added)) - msg (M_SSLERR, "Cannot load CA certificate file %s", np(ca_file)); - if (in) - BIO_free (in); - } - - /* Set a store for certs (CA & CRL) with a lookup on the "capath" hash directory */ - if (ca_path) - { - lookup = X509_STORE_add_lookup (store, X509_LOOKUP_hash_dir ()); - if (lookup && X509_LOOKUP_add_dir (lookup, ca_path, X509_FILETYPE_PEM)) - msg(M_WARN, "WARNING: experimental option --capath %s", ca_path); - else - msg(M_SSLERR, "Cannot add lookup at --capath %s", ca_path); -#if OPENSSL_VERSION_NUMBER >= 0x00907000L - X509_STORE_set_flags (store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL); -#else - msg(M_WARN, "WARNING: this version of OpenSSL cannot handle CRL files in capath"); -#endif - } -} - -void -tls_ctx_load_extra_certs (struct tls_root_ctx *ctx, const char *extra_certs_file, - const char *extra_certs_file_inline - ) -{ - BIO *in; - if (!strcmp (extra_certs_file, INLINE_FILE_TAG) && extra_certs_file_inline) - in = BIO_new_mem_buf ((char *)extra_certs_file_inline, -1); - else - in = BIO_new_file (extra_certs_file, "r"); - - if (in == NULL) - msg (M_SSLERR, "Cannot load extra-certs file: %s", extra_certs_file); - else - tls_ctx_add_extra_certs (ctx, in); - - BIO_free (in); -} - -/* ************************************** - * - * Key-state specific functions - * - ***************************************/ -/* - * - * BIO functions - * - */ - -#ifdef BIO_DEBUG - -#warning BIO_DEBUG defined - -static FILE *biofp; /* GLOBAL */ -static bool biofp_toggle; /* GLOBAL */ -static time_t biofp_last_open; /* GLOBAL */ -static const int biofp_reopen_interval = 600; /* GLOBAL */ - -static void -close_biofp() -{ - if (biofp) - { - ASSERT (!fclose (biofp)); - biofp = NULL; - } -} - -static void -open_biofp() -{ - const time_t current = time (NULL); - const pid_t pid = getpid (); - - if (biofp_last_open + biofp_reopen_interval < current) - close_biofp(); - if (!biofp) - { - char fn[256]; - openvpn_snprintf(fn, sizeof(fn), "bio/%d-%d.log", pid, biofp_toggle); - biofp = fopen (fn, "w"); - ASSERT (biofp); - biofp_last_open = time (NULL); - biofp_toggle ^= 1; - } -} - -static void -bio_debug_data (const char *mode, BIO *bio, const uint8_t *buf, int len, const char *desc) -{ - struct gc_arena gc = gc_new (); - if (len > 0) - { - open_biofp(); - fprintf(biofp, "BIO_%s %s time=" time_format " bio=" ptr_format " len=%d data=%s\n", - mode, desc, time (NULL), (ptr_type)bio, len, format_hex (buf, len, 0, &gc)); - fflush (biofp); - } - gc_free (&gc); -} - -static void -bio_debug_oc (const char *mode, BIO *bio) -{ - open_biofp(); - fprintf(biofp, "BIO %s time=" time_format " bio=" ptr_format "\n", - mode, time (NULL), (ptr_type)bio); - fflush (biofp); -} - -#endif - -/* - * OpenVPN's interface to SSL/TLS authentication, - * encryption, and decryption is exclusively - * through "memory BIOs". - */ -static BIO * -getbio (BIO_METHOD * type, const char *desc) -{ - BIO *ret; - ret = BIO_new (type); - if (!ret) - msg (M_SSLERR, "Error creating %s BIO", desc); - return ret; -} - -/* - * Write to an OpenSSL BIO in non-blocking mode. - */ -static int -bio_write (BIO *bio, const uint8_t *data, int size, const char *desc) -{ - int i; - int ret = 0; - ASSERT (size >= 0); - if (size) - { - /* - * Free the L_TLS lock prior to calling BIO routines - * so that foreground thread can still call - * tls_pre_decrypt or tls_pre_encrypt, - * allowing tunnel packet forwarding to continue. - */ -#ifdef BIO_DEBUG - bio_debug_data ("write", bio, data, size, desc); -#endif - i = BIO_write (bio, data, size); - - if (i < 0) - { - if (BIO_should_retry (bio)) - { - ; - } - else - { - msg (D_TLS_ERRORS | M_SSL, "TLS ERROR: BIO write %s error", - desc); - ret = -1; - ERR_clear_error (); - } - } - else if (i != size) - { - msg (D_TLS_ERRORS | M_SSL, - "TLS ERROR: BIO write %s incomplete %d/%d", desc, i, size); - ret = -1; - ERR_clear_error (); - } - else - { /* successful write */ - dmsg (D_HANDSHAKE_VERBOSE, "BIO write %s %d bytes", desc, i); - ret = 1; - } - } - return ret; -} - -/* - * Inline functions for reading from and writing - * to BIOs. - */ - -static void -bio_write_post (const int status, struct buffer *buf) -{ - if (status == 1) /* success status return from bio_write? */ - { - memset (BPTR (buf), 0, BLEN (buf)); /* erase data just written */ - buf->len = 0; - } -} - -/* - * Read from an OpenSSL BIO in non-blocking mode. - */ -static int -bio_read (BIO *bio, struct buffer *buf, int maxlen, const char *desc) -{ - int i; - int ret = 0; - ASSERT (buf->len >= 0); - if (buf->len) - { - ; - } - else - { - int len = buf_forward_capacity (buf); - if (maxlen < len) - len = maxlen; - - /* - * BIO_read brackets most of the serious RSA - * key negotiation number crunching. - */ - i = BIO_read (bio, BPTR (buf), len); - - VALGRIND_MAKE_READABLE ((void *) &i, sizeof (i)); - -#ifdef BIO_DEBUG - bio_debug_data ("read", bio, BPTR (buf), i, desc); -#endif - if (i < 0) - { - if (BIO_should_retry (bio)) - { - ; - } - else - { - msg (D_TLS_ERRORS | M_SSL, "TLS_ERROR: BIO read %s error", - desc); - buf->len = 0; - ret = -1; - ERR_clear_error (); - } - } - else if (!i) - { - buf->len = 0; - } - else - { /* successful read */ - dmsg (D_HANDSHAKE_VERBOSE, "BIO read %s %d bytes", desc, i); - buf->len = i; - ret = 1; - VALGRIND_MAKE_READABLE ((void *) BPTR (buf), BLEN (buf)); - } - } - return ret; -} - -void -key_state_ssl_init(struct key_state_ssl *ks_ssl, const struct tls_root_ctx *ssl_ctx, bool is_server, void *session) -{ - ASSERT(NULL != ssl_ctx); - ASSERT(ks_ssl); - CLEAR (*ks_ssl); - - ks_ssl->ssl = SSL_new (ssl_ctx->ctx); - if (!ks_ssl->ssl) - msg (M_SSLERR, "SSL_new failed"); - - /* put session * in ssl object so we can access it - from verify callback*/ - SSL_set_ex_data (ks_ssl->ssl, mydata_index, session); - - ks_ssl->ssl_bio = getbio (BIO_f_ssl (), "ssl_bio"); - ks_ssl->ct_in = getbio (BIO_s_mem (), "ct_in"); - ks_ssl->ct_out = getbio (BIO_s_mem (), "ct_out"); - -#ifdef BIO_DEBUG - bio_debug_oc ("open ssl_bio", ks_ssl->ssl_bio); - bio_debug_oc ("open ct_in", ks_ssl->ct_in); - bio_debug_oc ("open ct_out", ks_ssl->ct_out); -#endif - - if (is_server) - SSL_set_accept_state (ks_ssl->ssl); - else - SSL_set_connect_state (ks_ssl->ssl); - - SSL_set_bio (ks_ssl->ssl, ks_ssl->ct_in, ks_ssl->ct_out); - BIO_set_ssl (ks_ssl->ssl_bio, ks_ssl->ssl, BIO_NOCLOSE); -} - -void key_state_ssl_free(struct key_state_ssl *ks_ssl) -{ - if (ks_ssl->ssl) { -#ifdef BIO_DEBUG - bio_debug_oc ("close ssl_bio", ks_ssl->ssl_bio); - bio_debug_oc ("close ct_in", ks_ssl->ct_in); - bio_debug_oc ("close ct_out", ks_ssl->ct_out); -#endif - BIO_free_all(ks_ssl->ssl_bio); - SSL_free (ks_ssl->ssl); - } -} - -int -key_state_write_plaintext (struct key_state_ssl *ks_ssl, struct buffer *buf) -{ - int ret = 0; - perf_push (PERF_BIO_WRITE_PLAINTEXT); - -#ifdef ENABLE_CRYPTO_OPENSSL - ASSERT (NULL != ks_ssl); - - ret = bio_write (ks_ssl->ssl_bio, BPTR(buf), BLEN(buf), - "tls_write_plaintext"); - bio_write_post (ret, buf); -#endif /* ENABLE_CRYPTO_OPENSSL */ - - perf_pop (); - return ret; -} - -int -key_state_write_plaintext_const (struct key_state_ssl *ks_ssl, const uint8_t *data, int len) -{ - int ret = 0; - perf_push (PERF_BIO_WRITE_PLAINTEXT); - - ASSERT (NULL != ks_ssl); - - ret = bio_write (ks_ssl->ssl_bio, data, len, "tls_write_plaintext_const"); - - perf_pop (); - return ret; -} - -int -key_state_read_ciphertext (struct key_state_ssl *ks_ssl, struct buffer *buf, - int maxlen) -{ - int ret = 0; - perf_push (PERF_BIO_READ_CIPHERTEXT); - - ASSERT (NULL != ks_ssl); - - ret = bio_read (ks_ssl->ct_out, buf, maxlen, "tls_read_ciphertext"); - - perf_pop (); - return ret; -} - -int -key_state_write_ciphertext (struct key_state_ssl *ks_ssl, struct buffer *buf) -{ - int ret = 0; - perf_push (PERF_BIO_WRITE_CIPHERTEXT); - - ASSERT (NULL != ks_ssl); - - ret = bio_write (ks_ssl->ct_in, BPTR(buf), BLEN(buf), "tls_write_ciphertext"); - bio_write_post (ret, buf); - - perf_pop (); - return ret; -} - -int -key_state_read_plaintext (struct key_state_ssl *ks_ssl, struct buffer *buf, - int maxlen) -{ - int ret = 0; - perf_push (PERF_BIO_READ_PLAINTEXT); - - ASSERT (NULL != ks_ssl); - - ret = bio_read (ks_ssl->ssl_bio, buf, maxlen, "tls_read_plaintext"); - - perf_pop (); - return ret; -} - -/* ************************************** - * - * Information functions - * - * Print information for the end user. - * - ***************************************/ -void -print_details (struct key_state_ssl * ks_ssl, const char *prefix) -{ - const SSL_CIPHER *ciph; - X509 *cert; - char s1[256]; - char s2[256]; - - s1[0] = s2[0] = 0; - ciph = SSL_get_current_cipher (ks_ssl->ssl); - openvpn_snprintf (s1, sizeof (s1), "%s %s, cipher %s %s", - prefix, - SSL_get_version (ks_ssl->ssl), - SSL_CIPHER_get_version (ciph), - SSL_CIPHER_get_name (ciph)); - cert = SSL_get_peer_certificate (ks_ssl->ssl); - if (cert != NULL) - { - EVP_PKEY *pkey = X509_get_pubkey (cert); - if (pkey != NULL) - { - if (pkey->type == EVP_PKEY_RSA && pkey->pkey.rsa != NULL - && pkey->pkey.rsa->n != NULL) - { - openvpn_snprintf (s2, sizeof (s2), ", %d bit RSA", - BN_num_bits (pkey->pkey.rsa->n)); - } - else if (pkey->type == EVP_PKEY_DSA && pkey->pkey.dsa != NULL - && pkey->pkey.dsa->p != NULL) - { - openvpn_snprintf (s2, sizeof (s2), ", %d bit DSA", - BN_num_bits (pkey->pkey.dsa->p)); - } - EVP_PKEY_free (pkey); - } - X509_free (cert); - } - /* The SSL API does not allow us to look at temporary RSA/DH keys, - * otherwise we should print their lengths too */ - msg (D_HANDSHAKE, "%s%s", s1, s2); -} - -void -show_available_tls_ciphers () -{ - SSL_CTX *ctx; - SSL *ssl; - const char *cipher_name; - int priority = 0; - - ctx = SSL_CTX_new (TLSv1_method ()); - if (!ctx) - msg (M_SSLERR, "Cannot create SSL_CTX object"); - - ssl = SSL_new (ctx); - if (!ssl) - msg (M_SSLERR, "Cannot create SSL object"); - - printf ("Available TLS Ciphers,\n"); - printf ("listed in order of preference:\n\n"); - while ((cipher_name = SSL_get_cipher_list (ssl, priority++))) - printf ("%s\n", cipher_name); - printf ("\n"); - - SSL_free (ssl); - SSL_CTX_free (ctx); -} - -void -get_highest_preference_tls_cipher (char *buf, int size) -{ - SSL_CTX *ctx; - SSL *ssl; - const char *cipher_name; - - ctx = SSL_CTX_new (TLSv1_method ()); - if (!ctx) - msg (M_SSLERR, "Cannot create SSL_CTX object"); - ssl = SSL_new (ctx); - if (!ssl) - msg (M_SSLERR, "Cannot create SSL object"); - - cipher_name = SSL_get_cipher_list (ssl, 0); - strncpynt (buf, cipher_name, size); - - SSL_free (ssl); - SSL_CTX_free (ctx); -} - -#endif /* defined(ENABLE_SSL) && defined(ENABLE_CRYPTO_OPENSSL) */ |