ssl-bozo.c revision 1.18.2.1
1 1.18.2.1 martin /* $NetBSD: ssl-bozo.c,v 1.18.2.1 2016/04/10 10:33:11 martin Exp $ */ 2 1.2 tls 3 1.13 mrg /* $eterna: ssl-bozo.c,v 1.15 2011/11/18 09:21:15 mrg Exp $ */ 4 1.1 tls 5 1.1 tls /* 6 1.16 mrg * Copyright (c) 1997-2014 Matthew R. Green 7 1.1 tls * All rights reserved. 8 1.1 tls * 9 1.1 tls * Redistribution and use in source and binary forms, with or without 10 1.1 tls * modification, are permitted provided that the following conditions 11 1.1 tls * are met: 12 1.1 tls * 1. Redistributions of source code must retain the above copyright 13 1.1 tls * notice, this list of conditions and the following disclaimer. 14 1.1 tls * 2. Redistributions in binary form must reproduce the above copyright 15 1.1 tls * notice, this list of conditions and the following disclaimer and 16 1.1 tls * dedication in the documentation and/or other materials provided 17 1.1 tls * with the distribution. 18 1.1 tls * 19 1.1 tls * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 20 1.1 tls * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 21 1.1 tls * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 22 1.1 tls * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 23 1.1 tls * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, 24 1.1 tls * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 25 1.1 tls * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED 26 1.1 tls * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 27 1.1 tls * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 1.1 tls * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 1.1 tls * SUCH DAMAGE. 30 1.1 tls * 31 1.1 tls */ 32 1.1 tls 33 1.18 mrg /* this code implements SSL and backend IO for bozohttpd */ 34 1.1 tls 35 1.7 mrg #include <stdarg.h> 36 1.7 mrg #include <stdio.h> 37 1.8 mrg #include <syslog.h> 38 1.7 mrg #include <unistd.h> 39 1.7 mrg 40 1.7 mrg #include "bozohttpd.h" 41 1.7 mrg 42 1.1 tls #ifndef NO_SSL_SUPPORT 43 1.1 tls 44 1.1 tls #include <openssl/ssl.h> 45 1.1 tls #include <openssl/err.h> 46 1.1 tls 47 1.7 mrg #ifndef USE_ARG 48 1.7 mrg #define USE_ARG(x) /*LINTED*/(void)&(x) 49 1.7 mrg #endif 50 1.7 mrg 51 1.18.2.1 martin #ifndef BOZO_SSL_CIPHERS 52 1.18.2.1 martin #define BOZO_SSL_CIPHERS \ 53 1.18.2.1 martin "AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:" \ 54 1.18.2.1 martin "AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:" \ 55 1.18.2.1 martin "AES:" \ 56 1.18.2.1 martin "-SHA:" \ 57 1.18.2.1 martin "!aNULL:!eNULL:" \ 58 1.18.2.1 martin "!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:" \ 59 1.18.2.1 martin "!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:" \ 60 1.18.2.1 martin "!KRB5-DES-CBC3-SHA" 61 1.18.2.1 martin #endif 62 1.18.2.1 martin 63 1.18.2.1 martin #ifndef BOZO_SSL_OPTIONS 64 1.18.2.1 martin #define BOZO_SSL_OPTIONS \ 65 1.18.2.1 martin (SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TLSv1) 66 1.18.2.1 martin #endif 67 1.18.2.1 martin 68 1.18.2.1 martin /* this structure encapsulates the ssl info */ 69 1.18.2.1 martin 70 1.7 mrg /* this structure encapsulates the ssl info */ 71 1.7 mrg typedef struct sslinfo_t { 72 1.7 mrg SSL_CTX *ssl_context; 73 1.7 mrg const SSL_METHOD *ssl_method; 74 1.7 mrg SSL *bozossl; 75 1.7 mrg char *certificate_file; 76 1.7 mrg char *privatekey_file; 77 1.18.2.1 martin char *ciphers; 78 1.7 mrg } sslinfo_t; 79 1.7 mrg 80 1.8 mrg /* 81 1.18 mrg * bozo_clear_ssl_queue: print the contents of the SSL error queue 82 1.8 mrg */ 83 1.18 mrg static void 84 1.18 mrg bozo_clear_ssl_queue(bozohttpd_t *httpd) 85 1.8 mrg { 86 1.18 mrg unsigned long sslcode = ERR_get_error(); 87 1.8 mrg 88 1.8 mrg do { 89 1.11 hannken static const char sslfmt[] = "SSL Error: %s:%s:%s"; 90 1.8 mrg 91 1.8 mrg if (httpd->logstderr || isatty(STDERR_FILENO)) { 92 1.8 mrg fprintf(stderr, sslfmt, 93 1.8 mrg ERR_lib_error_string(sslcode), 94 1.8 mrg ERR_func_error_string(sslcode), 95 1.8 mrg ERR_reason_error_string(sslcode)); 96 1.8 mrg } else { 97 1.8 mrg syslog(LOG_ERR, sslfmt, 98 1.8 mrg ERR_lib_error_string(sslcode), 99 1.8 mrg ERR_func_error_string(sslcode), 100 1.8 mrg ERR_reason_error_string(sslcode)); 101 1.8 mrg } 102 1.8 mrg } while (0 != (sslcode = ERR_get_error())); 103 1.18 mrg } 104 1.18 mrg 105 1.18 mrg /* 106 1.18.2.1 martin * bozo_ssl_warn works just like bozowarn, plus the SSL error queue 107 1.18 mrg */ 108 1.18 mrg BOZO_PRINTFLIKE(2, 3) static void 109 1.18 mrg bozo_ssl_warn(bozohttpd_t *httpd, const char *fmt, ...) 110 1.18 mrg { 111 1.18 mrg va_list ap; 112 1.18 mrg 113 1.18 mrg va_start(ap, fmt); 114 1.18 mrg if (httpd->logstderr || isatty(STDERR_FILENO)) { 115 1.18 mrg vfprintf(stderr, fmt, ap); 116 1.18 mrg fputs("\n", stderr); 117 1.18 mrg } else 118 1.18 mrg vsyslog(LOG_ERR, fmt, ap); 119 1.18 mrg va_end(ap); 120 1.18 mrg 121 1.18 mrg bozo_clear_ssl_queue(httpd); 122 1.18 mrg } 123 1.18 mrg 124 1.18 mrg 125 1.18 mrg /* 126 1.18.2.1 martin * bozo_ssl_err works just like bozoerr, plus the SSL error queue 127 1.18 mrg */ 128 1.18 mrg BOZO_PRINTFLIKE(3, 4) BOZO_DEAD static void 129 1.18 mrg bozo_ssl_err(bozohttpd_t *httpd, int code, const char *fmt, ...) 130 1.18 mrg { 131 1.18 mrg va_list ap; 132 1.18 mrg 133 1.18 mrg va_start(ap, fmt); 134 1.18 mrg if (httpd->logstderr || isatty(STDERR_FILENO)) { 135 1.18 mrg vfprintf(stderr, fmt, ap); 136 1.18 mrg fputs("\n", stderr); 137 1.18 mrg } else 138 1.18 mrg vsyslog(LOG_ERR, fmt, ap); 139 1.18 mrg va_end(ap); 140 1.18 mrg 141 1.18 mrg bozo_clear_ssl_queue(httpd); 142 1.8 mrg exit(code); 143 1.8 mrg } 144 1.8 mrg 145 1.18 mrg /* 146 1.18 mrg * bozo_check_error_queue: print warnings if the error isn't expected 147 1.18 mrg */ 148 1.18 mrg static void 149 1.18 mrg bozo_check_error_queue(bozohttpd_t *httpd, const char *tag, int ret) 150 1.18 mrg { 151 1.18 mrg if (ret > 0) 152 1.18 mrg return; 153 1.18 mrg 154 1.18 mrg const sslinfo_t *sslinfo = httpd->sslinfo; 155 1.18 mrg const int sslerr = SSL_get_error(sslinfo->bozossl, ret); 156 1.18 mrg 157 1.18 mrg if (sslerr != SSL_ERROR_ZERO_RETURN && 158 1.18 mrg sslerr != SSL_ERROR_SYSCALL && 159 1.18 mrg sslerr != SSL_ERROR_NONE) 160 1.18 mrg bozo_ssl_warn(httpd, "%s: SSL_ERROR %d", tag, sslerr); 161 1.18 mrg } 162 1.18 mrg 163 1.15 joerg static BOZO_PRINTFLIKE(2, 0) int 164 1.8 mrg bozo_ssl_printf(bozohttpd_t *httpd, const char * fmt, va_list ap) 165 1.7 mrg { 166 1.18 mrg char *buf; 167 1.18 mrg int nbytes; 168 1.7 mrg 169 1.18 mrg if ((nbytes = vasprintf(&buf, fmt, ap)) != -1) { 170 1.18 mrg const sslinfo_t *sslinfo = httpd->sslinfo; 171 1.18 mrg int ret = SSL_write(sslinfo->bozossl, buf, nbytes); 172 1.18 mrg bozo_check_error_queue(httpd, "write", ret); 173 1.18 mrg } 174 1.7 mrg 175 1.7 mrg free(buf); 176 1.7 mrg 177 1.7 mrg return nbytes; 178 1.7 mrg } 179 1.7 mrg 180 1.7 mrg static ssize_t 181 1.7 mrg bozo_ssl_read(bozohttpd_t *httpd, int fd, void *buf, size_t nbytes) 182 1.7 mrg { 183 1.17 mrg const sslinfo_t *sslinfo = httpd->sslinfo; 184 1.18 mrg int ret; 185 1.7 mrg 186 1.7 mrg USE_ARG(fd); 187 1.18 mrg ret = SSL_read(sslinfo->bozossl, buf, (int)nbytes); 188 1.18 mrg bozo_check_error_queue(httpd, "read", ret); 189 1.7 mrg 190 1.18 mrg return (ssize_t)ret; 191 1.7 mrg } 192 1.7 mrg 193 1.7 mrg static ssize_t 194 1.7 mrg bozo_ssl_write(bozohttpd_t *httpd, int fd, const void *buf, size_t nbytes) 195 1.7 mrg { 196 1.17 mrg const sslinfo_t *sslinfo = httpd->sslinfo; 197 1.18 mrg int ret; 198 1.7 mrg 199 1.7 mrg USE_ARG(fd); 200 1.18 mrg ret = SSL_write(sslinfo->bozossl, buf, (int)nbytes); 201 1.18 mrg bozo_check_error_queue(httpd, "write", ret); 202 1.1 tls 203 1.18 mrg return (ssize_t)ret; 204 1.7 mrg } 205 1.1 tls 206 1.1 tls void 207 1.7 mrg bozo_ssl_init(bozohttpd_t *httpd) 208 1.1 tls { 209 1.17 mrg sslinfo_t *sslinfo = httpd->sslinfo; 210 1.18.2.1 martin long options; 211 1.7 mrg 212 1.7 mrg if (sslinfo == NULL || !sslinfo->certificate_file) 213 1.1 tls return; 214 1.1 tls SSL_library_init(); 215 1.1 tls SSL_load_error_strings(); 216 1.1 tls 217 1.7 mrg sslinfo->ssl_method = SSLv23_server_method(); 218 1.7 mrg sslinfo->ssl_context = SSL_CTX_new(sslinfo->ssl_method); 219 1.1 tls 220 1.8 mrg if (NULL == sslinfo->ssl_context) 221 1.8 mrg bozo_ssl_err(httpd, EXIT_FAILURE, 222 1.8 mrg "SSL context creation failed"); 223 1.8 mrg 224 1.18.2.1 martin options = SSL_CTX_set_options(sslinfo->ssl_context, 225 1.18.2.1 martin BOZO_SSL_OPTIONS); 226 1.18.2.1 martin if ((options & BOZO_SSL_OPTIONS) != BOZO_SSL_OPTIONS) 227 1.18.2.1 martin bozo_ssl_err(httpd, EXIT_FAILURE, 228 1.18.2.1 martin "Error setting ssl options requested %#lx, got %#lx", 229 1.18.2.1 martin BOZO_SSL_OPTIONS, options); 230 1.18.2.1 martin 231 1.18.2.1 martin if (!SSL_CTX_set_cipher_list(sslinfo->ssl_context, 232 1.18.2.1 martin sslinfo->ciphers ? sslinfo->ciphers : BOZO_SSL_CIPHERS)) 233 1.18.2.1 martin bozo_ssl_err(httpd, EXIT_FAILURE, 234 1.18.2.1 martin "Error setting cipher list '%s'", sslinfo->ciphers); 235 1.18.2.1 martin 236 1.14 elric if (1 != SSL_CTX_use_certificate_chain_file(sslinfo->ssl_context, 237 1.14 elric sslinfo->certificate_file)) 238 1.8 mrg bozo_ssl_err(httpd, EXIT_FAILURE, 239 1.8 mrg "Unable to use certificate file '%s'", 240 1.8 mrg sslinfo->certificate_file); 241 1.8 mrg 242 1.8 mrg if (1 != SSL_CTX_use_PrivateKey_file(sslinfo->ssl_context, 243 1.8 mrg sslinfo->privatekey_file, SSL_FILETYPE_PEM)) 244 1.8 mrg bozo_ssl_err(httpd, EXIT_FAILURE, 245 1.8 mrg "Unable to use private key file '%s'", 246 1.8 mrg sslinfo->privatekey_file); 247 1.1 tls 248 1.1 tls /* check consistency of key vs certificate */ 249 1.7 mrg if (!SSL_CTX_check_private_key(sslinfo->ssl_context)) 250 1.8 mrg bozo_ssl_err(httpd, EXIT_FAILURE, 251 1.8 mrg "Check private key failed"); 252 1.1 tls } 253 1.1 tls 254 1.18 mrg /* 255 1.18 mrg * returns non-zero for failure 256 1.18 mrg */ 257 1.18 mrg int 258 1.7 mrg bozo_ssl_accept(bozohttpd_t *httpd) 259 1.1 tls { 260 1.17 mrg sslinfo_t *sslinfo = httpd->sslinfo; 261 1.7 mrg 262 1.18 mrg if (sslinfo == NULL || !sslinfo->ssl_context) 263 1.18 mrg return 0; 264 1.18 mrg 265 1.18 mrg sslinfo->bozossl = SSL_new(sslinfo->ssl_context); 266 1.18 mrg if (sslinfo->bozossl == NULL) 267 1.18.2.1 martin bozoerr(httpd, 1, "SSL_new failed"); 268 1.18 mrg 269 1.18 mrg SSL_set_rfd(sslinfo->bozossl, 0); 270 1.18 mrg SSL_set_wfd(sslinfo->bozossl, 1); 271 1.18 mrg 272 1.18 mrg const int ret = SSL_accept(sslinfo->bozossl); 273 1.18 mrg bozo_check_error_queue(httpd, "accept", ret); 274 1.18 mrg 275 1.18 mrg return ret != 1; 276 1.1 tls } 277 1.1 tls 278 1.1 tls void 279 1.7 mrg bozo_ssl_destroy(bozohttpd_t *httpd) 280 1.1 tls { 281 1.17 mrg const sslinfo_t *sslinfo = httpd->sslinfo; 282 1.7 mrg 283 1.7 mrg if (sslinfo && sslinfo->bozossl) 284 1.7 mrg SSL_free(sslinfo->bozossl); 285 1.1 tls } 286 1.1 tls 287 1.18.2.1 martin static sslinfo_t * 288 1.18.2.1 martin bozo_get_sslinfo(bozohttpd_t *httpd) 289 1.18.2.1 martin { 290 1.18.2.1 martin sslinfo_t *sslinfo; 291 1.18.2.1 martin if (httpd->sslinfo) 292 1.18.2.1 martin return httpd->sslinfo; 293 1.18.2.1 martin sslinfo = bozomalloc(httpd, sizeof(*sslinfo)); 294 1.18.2.1 martin if (sslinfo == NULL) 295 1.18.2.1 martin bozoerr(httpd, 1, "sslinfo allocation failed"); 296 1.18.2.1 martin memset(sslinfo, 0, sizeof(*sslinfo)); 297 1.18.2.1 martin return httpd->sslinfo = sslinfo; 298 1.18.2.1 martin } 299 1.18.2.1 martin 300 1.1 tls void 301 1.7 mrg bozo_ssl_set_opts(bozohttpd_t *httpd, const char *cert, const char *priv) 302 1.1 tls { 303 1.18.2.1 martin sslinfo_t *sslinfo = bozo_get_sslinfo(httpd); 304 1.7 mrg 305 1.18.2.1 martin sslinfo->certificate_file = bozostrdup(httpd, NULL, cert); 306 1.18.2.1 martin sslinfo->privatekey_file = bozostrdup(httpd, NULL, priv); 307 1.7 mrg debug((httpd, DEBUG_NORMAL, "using cert/priv files: %s & %s", 308 1.18.2.1 martin sslinfo->certificate_file, 309 1.18.2.1 martin sslinfo->privatekey_file)); 310 1.17 mrg if (!httpd->bindport) 311 1.18.2.1 martin httpd->bindport = bozostrdup(httpd, NULL, "https"); 312 1.18.2.1 martin } 313 1.18.2.1 martin 314 1.18.2.1 martin void 315 1.18.2.1 martin bozo_ssl_set_ciphers(bozohttpd_t *httpd, const char *ciphers) 316 1.18.2.1 martin { 317 1.18.2.1 martin sslinfo_t *sslinfo = bozo_get_sslinfo(httpd); 318 1.18.2.1 martin 319 1.18.2.1 martin sslinfo->ciphers = bozostrdup(httpd, NULL, ciphers); 320 1.18.2.1 martin debug((httpd, DEBUG_NORMAL, "using ciphers: %s", sslinfo->ciphers)); 321 1.1 tls } 322 1.1 tls 323 1.7 mrg #endif /* NO_SSL_SUPPORT */ 324 1.7 mrg 325 1.7 mrg int 326 1.7 mrg bozo_printf(bozohttpd_t *httpd, const char *fmt, ...) 327 1.1 tls { 328 1.7 mrg va_list args; 329 1.7 mrg int cc; 330 1.1 tls 331 1.7 mrg va_start(args, fmt); 332 1.7 mrg #ifndef NO_SSL_SUPPORT 333 1.17 mrg if (httpd->sslinfo) 334 1.7 mrg cc = bozo_ssl_printf(httpd, fmt, args); 335 1.17 mrg else 336 1.7 mrg #endif 337 1.17 mrg cc = vprintf(fmt, args); 338 1.7 mrg va_end(args); 339 1.7 mrg return cc; 340 1.1 tls } 341 1.1 tls 342 1.7 mrg ssize_t 343 1.7 mrg bozo_read(bozohttpd_t *httpd, int fd, void *buf, size_t len) 344 1.1 tls { 345 1.7 mrg #ifndef NO_SSL_SUPPORT 346 1.17 mrg if (httpd->sslinfo) 347 1.7 mrg return bozo_ssl_read(httpd, fd, buf, len); 348 1.7 mrg #endif 349 1.7 mrg return read(fd, buf, len); 350 1.1 tls } 351 1.1 tls 352 1.7 mrg ssize_t 353 1.7 mrg bozo_write(bozohttpd_t *httpd, int fd, const void *buf, size_t len) 354 1.1 tls { 355 1.7 mrg #ifndef NO_SSL_SUPPORT 356 1.17 mrg if (httpd->sslinfo) 357 1.7 mrg return bozo_ssl_write(httpd, fd, buf, len); 358 1.7 mrg #endif 359 1.7 mrg return write(fd, buf, len); 360 1.1 tls } 361 1.1 tls 362 1.7 mrg int 363 1.7 mrg bozo_flush(bozohttpd_t *httpd, FILE *fp) 364 1.1 tls { 365 1.7 mrg #ifndef NO_SSL_SUPPORT 366 1.17 mrg if (httpd->sslinfo) 367 1.18 mrg return 0; 368 1.7 mrg #endif 369 1.7 mrg return fflush(fp); 370 1.1 tls } 371
Indexes created Thu Oct 02 14:10:14 GMT 2025