/* Seed the SSL PRNG, if necessary; returns non-zero on failure. */ static int seed_ssl_prng(void) { /* Check whether the PRNG has already been seeded. */ if (RAND_status() == 1) return 0; #if defined(EGD_PATH) NE_DEBUG(NE_DBG_SOCKET, "Seeding PRNG from " EGD_PATH "...\n"); if (RAND_egd(EGD_PATH) != -1) return 0; #elif defined(ENABLE_EGD) { static const char *paths[] = { "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy" }; size_t n; for (n = 0; n < sizeof(paths) / sizeof(char *); n++) { NE_DEBUG(NE_DBG_SOCKET, "Seeding PRNG from %s...\n", paths[n]); if (RAND_egd(paths[n]) != -1) return 0; } } #endif /* EGD_PATH */ NE_DEBUG(NE_DBG_SOCKET, "No entropy source found; could not seed PRNG.\n"); return -1; }
/* Initialize SSL library; returns non-zero on failure. */ static int init_ssl(void) { SSL_load_error_strings(); SSL_library_init(); PKCS12_PBE_add(); /* ### not sure why this is needed. */ /* Check whether the PRNG has already been seeded. */ if (RAND_status() == 1) return 0; #ifdef EGD_PATH NE_DEBUG(NE_DBG_SOCKET, "Seeding PRNG from " EGD_PATH "...\n"); if (RAND_egd(EGD_PATH) != -1) return 0; #elif defined(ENABLE_EGD) { static const char *paths[] = { "/var/run/egd-pool", "/dev/egd-pool", "/etc/egd-pool", "/etc/entropy" }; size_t n; for (n = 0; n < sizeof(paths) / sizeof(char *); n++) { NE_DEBUG(NE_DBG_SOCKET, "Seeding PRNG from %s...\n", paths[n]); if (RAND_egd(paths[n]) != -1) return 0; } } #endif /* EGD_PATH */ NE_DEBUG(NE_DBG_SOCKET, "No entropy source found; could not seed PRNG.\n"); return -1; }
static int add_entropy(const char *file) { struct stat st; int n = -1; if (!file) return 0; if (stat(file, &st) == -1) return errno == ENOENT ? 0 : -1; /* * check that the file permissions are secure */ if (st.st_uid != getuid() || ((st.st_mode & (S_IWGRP | S_IRGRP)) != 0) || ((st.st_mode & (S_IWOTH | S_IROTH)) != 0)) { LOG(SPOCP_ERR) traceLog(LOG_ERR,"TLS: %s has insecure permissions!", file); return -1; } #ifdef HAVE_RAND_EGD n = RAND_egd(file); #endif if (n <= 0) n = RAND_load_file(file, -1); return n; }
/*** load rand seed from file @function rand_load @tparam[opt=nil] string file path to laod seed, default openssl management @treturn boolean result */ static int openssl_random_load(lua_State*L) { const char *file = luaL_optstring(L, 1, NULL); char buffer[MAX_PATH]; int len; if (file == NULL) file = RAND_file_name(buffer, sizeof buffer); #ifndef OPENSSL_NO_EGD else if (RAND_egd(file) > 0) { /* we try if the given filename is an EGD socket. if it is, we don't write anything back to the file. */; lua_pushboolean(L, 1); return 1; } #endif len = luaL_optinteger(L, 2, 2048); if (file == NULL || !RAND_load_file(file, len)) { return openssl_pushresult(L, 0); } lua_pushboolean(L, RAND_status()); return 1; }
SSL *getSSL(void) { if (!context) { const SSL_METHOD *m; unsigned char f_randfile[PATH_MAX]; const unsigned char *f = (const unsigned char *)RAND_file_name(cast_char f_randfile, sizeof(f_randfile)); if (f && RAND_egd(cast_const_char f)<0) { /* Not an EGD, so read and write to it */ if (RAND_load_file(cast_const_char f_randfile, -1)) RAND_write_file(cast_const_char f_randfile); } SSLeay_add_ssl_algorithms(); m = SSLv23_client_method(); if (!m) return NULL; context = SSL_CTX_new((void *)m); if (!context) return NULL; SSL_CTX_set_options(context, SSL_OP_ALL); SSL_CTX_set_default_verify_paths(context); /* needed for systems without /dev/random, but obviously kills security. */ /*{ unsigned char pool[32768]; int i; int rs; struct timeval tv; EINTRLOOP(rs, gettimeofday(&tv, NULL)); for (i = 0; i < sizeof pool; i++) pool[i] = random() ^ tv.tv_sec ^ tv.tv_usec; RAND_add(pool, sizeof pool, sizeof pool); }*/ } return (SSL_new(context)); }
static void init_openssl(struct module *module) { unsigned char f_randfile[PATH_MAX]; /* In a nutshell, on OS's without a /dev/urandom, the OpenSSL library * cannot initialize the PRNG and so every attempt to use SSL fails. * It's actually an OpenSSL FAQ, and according to them, it's up to the * application coders to seed the RNG. -- William Yodlowsky */ RAND_file_name(f_randfile, sizeof(f_randfile)); #ifdef HAVE_RAND_EGD if (RAND_egd(f_randfile) < 0) { /* Not an EGD, so read and write to it */ #endif if (RAND_load_file(f_randfile, -1)) RAND_write_file(f_randfile); #ifdef HAVE_RAND_EGD } #endif SSLeay_add_ssl_algorithms(); context = SSL_CTX_new(SSLv23_client_method()); SSL_CTX_set_options(context, SSL_OP_ALL); SSL_CTX_set_default_verify_paths(context); socket_SSL_ex_data_idx = SSL_get_ex_new_index(0, NULL, NULL, socket_SSL_ex_data_dup, NULL); }
static int add_entropy (const char *file) { struct stat st; int n = -1; if (!file) return 0; if (stat (file, &st) == -1) return errno == ENOENT ? 0 : -1; mutt_message (_("Filling entropy pool: %s...\n"), file); /* check that the file permissions are secure */ if (st.st_uid != getuid () || ((st.st_mode & (S_IWGRP | S_IRGRP)) != 0) || ((st.st_mode & (S_IWOTH | S_IROTH)) != 0)) { mutt_error (_("%s has insecure permissions!"), file); mutt_sleep (2); return -1; } #ifdef HAVE_RAND_EGD n = RAND_egd (file); #endif if (n <= 0) n = RAND_load_file (file, -1); #ifndef HAVE_RAND_STATUS if (n > 0) entropy_byte_count += n; #endif return n; }
int sycRAND_egd(const char *path) { int result; Debug1("RAND_egd(\"%s\")", path); result = RAND_egd(path); Debug1("RAND_egd() -> %d", result); return result; }
int rb_init_prng(const char *path, prng_seed_t seed_type) { if(seed_type == RB_PRNG_DEFAULT) { #ifdef _WIN32 RAND_screen(); #endif return RAND_status(); } if(path == NULL) return RAND_status(); switch (seed_type) { case RB_PRNG_EGD: if(RAND_egd(path) == -1) return -1; break; case RB_PRNG_FILE: if(RAND_load_file(path, -1) == -1) return -1; break; #ifdef _WIN32 case RB_PRNGWIN32: RAND_screen(); break; #endif default: return -1; } return RAND_status(); }
static int prng_init(void) { int totbytes = 0; #if SSLEAY_VERSION_NUMBER >= 0x0090581fL #ifdef EGD_SOCKET int bytes = 0; if((bytes = RAND_egd(EGD_SOCKET)) == -1) { Debug((DEBUG_ERROR, "EGD Socket %s failed", EGD_SOCKET)); bytes = 0; } else { totbytes += bytes; Debug((DEBUG_DEBUG, "Got %d random bytes from EGD Socket %s", bytes, EGD_SOCKET)); return 0; } #endif /* EGD_SOCKET */ #endif /* OpenSSL-0.9.5a */ #ifdef RANDOM_FILE /* Try RANDOM_FILE if available */ totbytes += add_rand_file(RANDOM_FILE); if(prng_seeded(totbytes)) return 0; #endif Debug((DEBUG_NOTICE, "PRNG seeded with %d bytes total", totbytes)); Debug((DEBUG_ERROR, "PRNG may not have been seeded with enough random bytes")); return -1; /* FAILED but we will deal with it*/ }
long app_RAND_load_files(char *name) { char *p, *n; int last; long tot = 0; int egd; for (;;) { last = 0; for (p = name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++) ; if (*p == '\0') last = 1; *p = '\0'; n = name; name = p + 1; if (*n == '\0') break; egd = RAND_egd(n); if (egd > 0) tot += egd; else tot += RAND_load_file(n, -1); if (last) break; } if (tot > 512) app_RAND_allow_write_file(); return (tot); }
/* * call-seq: * egd(filename) -> true * */ static VALUE ossl_rand_egd(VALUE self, VALUE filename) { SafeStringValue(filename); if(!RAND_egd(RSTRING_PTR(filename))) { ossl_raise(eRandomError, NULL); } return Qtrue; }
int get_randomness(unsigned char *buf, int length) { /* Seed OpenSSL PRNG with EGD enthropy pool -kre */ if (ConfigFileEntry.use_egd && ConfigFileEntry.egdpool_path) if (RAND_egd(ConfigFileEntry.egdpool_path) == -1) return -1; if (RAND_status()) return RAND_bytes(buf, length); /* XXX - abort? */ return RAND_pseudo_bytes(buf, length); }
int app_RAND_load_file(const char *file, BIO *bio_e, int dont_warn) { int consider_randfile = (file == NULL); char buffer[200]; #ifdef OPENSSL_SYS_WINDOWS /* * allocate 2 to dont_warn not to use RAND_screen() via * -no_rand_screen option in s_client */ if (dont_warn != 2) { BIO_printf(bio_e, "Loading 'screen' into random state -"); BIO_flush(bio_e); RAND_screen(); BIO_printf(bio_e, " done\n"); } #endif if (file == NULL) file = RAND_file_name(buffer, sizeof buffer); else if (RAND_egd(file) > 0) { /* * we try if the given filename is an EGD socket. if it is, we don't * write anything back to the file. */ egdsocket = 1; return 1; } if (file == NULL || !RAND_load_file(file, -1)) { if (RAND_status() == 0) { if (!dont_warn) { BIO_printf(bio_e, "unable to load 'random state'\n"); BIO_printf(bio_e, "This means that the random number generator has not been seeded\n"); BIO_printf(bio_e, "with much random data.\n"); if (consider_randfile) { /* explanation does not apply when a * file is explicitly named */ BIO_printf(bio_e, "Consider setting the RANDFILE environment variable to point at a file that\n"); BIO_printf(bio_e, "'random' data can be kept in (the file will be overwritten).\n"); } } return 0; } } seeded = 1; return 1; }
static int tlso_seed_PRNG( const char *randfile ) { #ifndef URANDOM_DEVICE /* no /dev/urandom (or equiv) */ long total=0; char buffer[MAXPATHLEN]; if (randfile == NULL) { /* The seed file is $RANDFILE if defined, otherwise $HOME/.rnd. * If $HOME is not set or buffer too small to hold the pathname, * an error occurs. - From RAND_file_name() man page. * The fact is that when $HOME is NULL, .rnd is used. */ randfile = RAND_file_name( buffer, sizeof( buffer ) ); } else if (RAND_egd(randfile) > 0) { /* EGD socket */ return 0; } if (randfile == NULL) { Debug( LDAP_DEBUG_ANY, "TLS: Use configuration file or $RANDFILE to define seed PRNG\n", 0, 0, 0); return -1; } total = RAND_load_file(randfile, -1); if (RAND_status() == 0) { Debug( LDAP_DEBUG_ANY, "TLS: PRNG not been seeded with enough data\n", 0, 0, 0); return -1; } /* assume if there was enough bits to seed that it's okay * to write derived bits to the file */ RAND_write_file(randfile); #endif return 0; }
static void cipher_init (void) { #if USE_OPENSSL int r; #if 0 /* old openssl */ r = -1; #else r = RAND_egd(hxd_cfg.cipher.egd_path); #endif if (r == -1) { /*hxd_log("failed to get entropy from egd socket %s", hxd_cfg.cipher.egd_path);*/ } #else srand(getpid()*clock()); #endif }
static PyObject * PySSL_RAND_egd(PyObject *self, PyObject *arg) { int bytes; if (!PyUnicode_Check(arg)) return PyErr_Format(PyExc_TypeError, "RAND_egd() expected string, found %s", Py_TYPE(arg)->tp_name); bytes = RAND_egd(_PyUnicode_AsString(arg)); if (bytes == -1) { PyErr_SetString(PySSLErrorObject, "EGD connection failed or EGD did not return " "enough data to seed the PRNG"); return NULL; } return PyLong_FromLong(bytes); }
int SSLConnection::add_entropy (const char *file) { struct stat st; int n = -1; buffer_t msg; buffer_init(&msg); if (!file) return 0; if (stat (file, &st) == -1) return errno == ENOENT ? 0 : -1; buffer_add_str(&msg,_("Filling entropy pool: '"),-1); buffer_add_str(&msg,file,-1); buffer_add_str(&msg,_("'..."),-1); displayProgress.emit(&msg); /* check that the file permissions are secure */ if (st.st_uid != getuid () || ((st.st_mode & (S_IWGRP | S_IRGRP)) != 0) || ((st.st_mode & (S_IWOTH | S_IROTH)) != 0)) { buffer_shrink(&msg,0); buffer_add_str(&msg,_("Entropy file '"),-1); buffer_add_str(&msg,file,-1); buffer_add_str(&msg,_("' has insecure permissions."),-1); displayError.emit(&msg); buffer_free(&msg); return -1; } #ifdef HAVE_RAND_EGD n = RAND_egd (file); #endif if (n <= 0) n = RAND_load_file (file, -1); #ifndef HAVE_RAND_STATUS if (n > 0) entropy_byte_count += n; #endif buffer_free(&msg); return n; }
int rb_init_prng(const char *path, prng_seed_t seed_type) { /* We may not have EGD (old OpenSSL / LibreSSL), fall back to default */ #ifndef HAVE_SSL_RAND_EGD if (seed_type == RB_PRNG_EGD) { seed_type = RB_PRNG_DEFAULT; } #endif if(seed_type == RB_PRNG_DEFAULT) { #ifdef _WIN32 RAND_screen(); #endif return RAND_status(); } if(path == NULL) return RAND_status(); switch (seed_type) { #ifdef HAVE_SSL_RAND_EGD case RB_PRNG_EGD: if(RAND_egd(path) == -1) return -1; break; #endif case RB_PRNG_FILE: if(RAND_load_file(path, -1) == -1) return -1; break; #ifdef _WIN32 case RB_PRNGWIN32: RAND_screen(); break; #endif default: return -1; } return RAND_status(); }
int get_randomness(unsigned char *buf, int length) { /* Seed OpenSSL PRNG with EGD enthropy pool -kre */ if(ConfigFileEntry.use_egd && (ConfigFileEntry.egdpool_path != NULL)) { if(RAND_egd(ConfigFileEntry.egdpool_path) == -1) return 0; } if(RAND_status()) { if(RAND_bytes(buf, length) > 0) return 1; } else { if(RAND_pseudo_bytes(buf, length) >= 0) return 1; } return 0; }
int app_RAND_load_file(const char *file, int dont_warn) { int consider_randfile = (file == NULL); char buffer[200]; if (file == NULL) file = RAND_file_name(buffer, sizeof(buffer)); #ifndef OPENSSL_NO_EGD else if (RAND_egd(file) > 0) { /* * we try if the given filename is an EGD socket. if it is, we don't * write anything back to the file. */ egdsocket = 1; return 1; } #endif if (file == NULL || !RAND_load_file(file, -1)) { if (RAND_status() == 0) { if (!dont_warn) { BIO_printf(bio_err, "unable to load 'random state'\n"); BIO_printf(bio_err, "This means that the random number generator has not been seeded\n"); BIO_printf(bio_err, "with much random data.\n"); if (consider_randfile) { /* explanation does not apply when a * file is explicitly named */ BIO_printf(bio_err, "Consider setting the RANDFILE environment variable to point at a file that\n"); BIO_printf(bio_err, "'random' data can be kept in (the file will be overwritten).\n"); } } return 0; } } seeded = 1; return 1; }
SSL *getSSL(void) { if (!context) { const SSL_METHOD *m; unsigned char *os_pool; int os_pool_size; #if defined(HAVE_RAND_EGD) && defined(HAVE_RAND_FILE_NAME) && defined(HAVE_RAND_LOAD_FILE) && defined(HAVE_RAND_WRITE_FILE) { unsigned char f_randfile[PATH_MAX]; const unsigned char *f = (const unsigned char *)RAND_file_name(cast_char f_randfile, sizeof(f_randfile)); if (f && RAND_egd(cast_const_char f) < 0) { /* Not an EGD, so read and write to it */ if (RAND_load_file(cast_const_char f_randfile, -1)) RAND_write_file(cast_const_char f_randfile); } } #endif #if defined(HAVE_RAND_ADD) os_seed_random(&os_pool, &os_pool_size); if (os_pool_size) RAND_add(os_pool, os_pool_size, os_pool_size); mem_free(os_pool); #endif SSLeay_add_ssl_algorithms(); m = SSLv23_client_method(); if (!m) return NULL; context = SSL_CTX_new((void *)m); if (!context) return NULL; SSL_CTX_set_options(context, SSL_OP_ALL); if (ssl_set_private_paths()) SSL_CTX_set_default_verify_paths(context); SSL_CTX_set_default_passwd_cb(context, ssl_password_callback); } return SSL_new(context); }
static void init_prng (void) { char namebuf[256]; const char *random_file; if (RAND_status ()) /* The PRNG has been seeded; no further action is necessary. */ return; /* Seed from a file specified by the user. This will be the file specified with --random-file, $RANDFILE, if set, or ~/.rnd, if it exists. */ if (opt.random_file) random_file = opt.random_file; else { /* Get the random file name using RAND_file_name. */ namebuf[0] = '\0'; random_file = RAND_file_name (namebuf, sizeof (namebuf)); } if (random_file && *random_file) /* Seed at most 16k (apparently arbitrary value borrowed from curl) from random file. */ RAND_load_file (random_file, 16384); if (RAND_status ()) return; /* Get random data from EGD if opt.egd_file was used. */ if (opt.egd_file && *opt.egd_file) RAND_egd (opt.egd_file); if (RAND_status ()) return; #ifdef WINDOWS /* Under Windows, we can try to seed the PRNG using screen content. This may or may not work, depending on whether we'll calling Wget interactively. */ RAND_screen (); if (RAND_status ()) return; #endif #if 0 /* don't do this by default */ { int maxrand = 500; /* Still not random enough, presumably because neither /dev/random nor EGD were available. Try to seed OpenSSL's PRNG with libc PRNG. This is cryptographically weak and defeats the purpose of using OpenSSL, which is why it is highly discouraged. */ logprintf (LOG_NOTQUIET, _("WARNING: using a weak random seed.\n")); while (RAND_status () == 0 && maxrand-- > 0) { unsigned char rnd = random_number (256); RAND_seed (&rnd, sizeof (rnd)); } } #endif }
/* * initialize ssl engine, load certs and initialize openssl internals */ void init_ssl(void) { const SSL_METHOD *ssl_method; RSA *rsa=NULL; X509_REQ *req = NULL; X509 *cer = NULL; EVP_PKEY *pk = NULL; EVP_PKEY *req_pkey = NULL; X509_NAME *name = NULL; FILE *fp; char buf[SIZ]; int rv = 0; if (!access("/var/run/egd-pool", F_OK)) { RAND_egd("/var/run/egd-pool"); } if (!RAND_status()) { syslog(LOG_WARNING, "PRNG not adequately seeded, won't do SSL/TLS\n"); return; } SSLCritters = malloc(CRYPTO_num_locks() * sizeof(pthread_mutex_t *)); if (!SSLCritters) { syslog(LOG_ERR, "citserver: can't allocate memory!!\n"); /* Nothing's been initialized, just die */ ShutDownWebcit(); exit(WC_EXIT_SSL); } else { int a; for (a = 0; a < CRYPTO_num_locks(); a++) { SSLCritters[a] = malloc(sizeof(pthread_mutex_t)); if (!SSLCritters[a]) { syslog(LOG_EMERG, "citserver: can't allocate memory!!\n"); /** Nothing's been initialized, just die */ ShutDownWebcit(); exit(WC_EXIT_SSL); } pthread_mutex_init(SSLCritters[a], NULL); } } /* * Initialize SSL transport layer */ SSL_library_init(); SSL_load_error_strings(); ssl_method = SSLv23_server_method(); if (!(ssl_ctx = SSL_CTX_new(ssl_method))) { syslog(LOG_WARNING, "SSL_CTX_new failed: %s\n", ERR_reason_error_string(ERR_get_error())); return; } syslog(LOG_INFO, "Requesting cipher list: %s\n", ssl_cipher_list); if (!(SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher_list))) { syslog(LOG_WARNING, "SSL_CTX_set_cipher_list failed: %s\n", ERR_reason_error_string(ERR_get_error())); return; } CRYPTO_set_locking_callback(ssl_lock); CRYPTO_set_id_callback(id_callback); /* * Get our certificates in order. (FIXME: dirify. this is a setup job.) * First, create the key/cert directory if it's not there already... */ mkdir(CTDL_CRYPTO_DIR, 0700); /* * Before attempting to generate keys/certificates, first try * link to them from the Citadel server if it's on the same host. * We ignore any error return because it either meant that there * was nothing in Citadel to link from (in which case we just * generate new files) or the target files already exist (which * is not fatal either). */ if (!strcasecmp(ctdlhost, "uds")) { sprintf(buf, "%s/keys/citadel.key", ctdlport); rv = symlink(buf, CTDL_KEY_PATH); if (!rv) syslog(LOG_DEBUG, "%s\n", strerror(errno)); sprintf(buf, "%s/keys/citadel.csr", ctdlport); rv = symlink(buf, CTDL_CSR_PATH); if (!rv) syslog(LOG_DEBUG, "%s\n", strerror(errno)); sprintf(buf, "%s/keys/citadel.cer", ctdlport); rv = symlink(buf, CTDL_CER_PATH); if (!rv) syslog(LOG_DEBUG, "%s\n", strerror(errno)); } /* * If we still don't have a private key, generate one. */ if (access(CTDL_KEY_PATH, R_OK) != 0) { syslog(LOG_INFO, "Generating RSA key pair.\n"); rsa = RSA_generate_key(1024, /* modulus size */ 65537, /* exponent */ NULL, /* no callback */ NULL /* no callback */ ); if (rsa == NULL) { syslog(LOG_WARNING, "Key generation failed: %s\n", ERR_reason_error_string(ERR_get_error())); } if (rsa != NULL) { fp = fopen(CTDL_KEY_PATH, "w"); if (fp != NULL) { chmod(CTDL_KEY_PATH, 0600); if (PEM_write_RSAPrivateKey(fp, /* the file */ rsa, /* the key */ NULL, /* no enc */ NULL, /* no passphr */ 0, /* no passphr */ NULL, /* no callbk */ NULL /* no callbk */ ) != 1) { syslog(LOG_WARNING, "Cannot write key: %s\n", ERR_reason_error_string(ERR_get_error())); unlink(CTDL_KEY_PATH); } fclose(fp); } else { syslog(LOG_WARNING, "Cannot write key: %s\n", CTDL_KEY_PATH); ShutDownWebcit(); exit(0); } RSA_free(rsa); } } /* * If there is no certificate file on disk, we will be generating a self-signed certificate * in the next step. Therefore, if we have neither a CSR nor a certificate, generate * the CSR in this step so that the next step may commence. */ if ( (access(CTDL_CER_PATH, R_OK) != 0) && (access(CTDL_CSR_PATH, R_OK) != 0) ) { syslog(LOG_INFO, "Generating a certificate signing request.\n"); /* * Read our key from the file. No, we don't just keep this * in memory from the above key-generation function, because * there is the possibility that the key was already on disk * and we didn't just generate it now. */ fp = fopen(CTDL_KEY_PATH, "r"); if (fp) { rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); } if (rsa) { /** Create a public key from the private key */ if (pk=EVP_PKEY_new(), pk != NULL) { EVP_PKEY_assign_RSA(pk, rsa); if (req = X509_REQ_new(), req != NULL) { const char *env; /* Set the public key */ X509_REQ_set_pubkey(req, pk); X509_REQ_set_version(req, 0L); name = X509_REQ_get_subject_name(req); /* Tell it who we are */ /* * We used to add these fields to the subject, but * now we don't. Someone doing this for real isn't * going to use the webcit-generated CSR anyway. * X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, "US", -1, -1, 0); * X509_NAME_add_entry_by_txt(name, "ST", MBSTRING_ASC, "New York", -1, -1, 0); * X509_NAME_add_entry_by_txt(name, "L", MBSTRING_ASC, "Mount Kisco", -1, -1, 0); */ env = getenv("O"); if (env == NULL) env = "Organization name", X509_NAME_add_entry_by_txt( name, "O", MBSTRING_ASC, (unsigned char*)env, -1, -1, 0 ); env = getenv("OU"); if (env == NULL) env = "Citadel server"; X509_NAME_add_entry_by_txt( name, "OU", MBSTRING_ASC, (unsigned char*)env, -1, -1, 0 ); env = getenv("CN"); if (env == NULL) env = "*"; X509_NAME_add_entry_by_txt( name, "CN", MBSTRING_ASC, (unsigned char*)env, -1, -1, 0 ); X509_REQ_set_subject_name(req, name); /* Sign the CSR */ if (!X509_REQ_sign(req, pk, EVP_md5())) { syslog(LOG_WARNING, "X509_REQ_sign(): error\n"); } else { /* Write it to disk. */ fp = fopen(CTDL_CSR_PATH, "w"); if (fp != NULL) { chmod(CTDL_CSR_PATH, 0600); PEM_write_X509_REQ(fp, req); fclose(fp); } else { syslog(LOG_WARNING, "Cannot write key: %s\n", CTDL_CSR_PATH); ShutDownWebcit(); exit(0); } } X509_REQ_free(req); } } RSA_free(rsa); } else { syslog(LOG_WARNING, "Unable to read private key.\n"); } } /* * Generate a self-signed certificate if we don't have one. */ if (access(CTDL_CER_PATH, R_OK) != 0) { syslog(LOG_INFO, "Generating a self-signed certificate.\n"); /* Same deal as before: always read the key from disk because * it may or may not have just been generated. */ fp = fopen(CTDL_KEY_PATH, "r"); if (fp) { rsa = PEM_read_RSAPrivateKey(fp, NULL, NULL, NULL); fclose(fp); } /* This also holds true for the CSR. */ req = NULL; cer = NULL; pk = NULL; if (rsa) { if (pk=EVP_PKEY_new(), pk != NULL) { EVP_PKEY_assign_RSA(pk, rsa); } fp = fopen(CTDL_CSR_PATH, "r"); if (fp) { req = PEM_read_X509_REQ(fp, NULL, NULL, NULL); fclose(fp); } if (req) { if (cer = X509_new(), cer != NULL) { ASN1_INTEGER_set(X509_get_serialNumber(cer), 0); X509_set_issuer_name(cer, req->req_info->subject); X509_set_subject_name(cer, req->req_info->subject); X509_gmtime_adj(X509_get_notBefore(cer), 0); X509_gmtime_adj(X509_get_notAfter(cer),(long)60*60*24*SIGN_DAYS); req_pkey = X509_REQ_get_pubkey(req); X509_set_pubkey(cer, req_pkey); EVP_PKEY_free(req_pkey); /* Sign the cert */ if (!X509_sign(cer, pk, EVP_md5())) { syslog(LOG_WARNING, "X509_sign(): error\n"); } else { /* Write it to disk. */ fp = fopen(CTDL_CER_PATH, "w"); if (fp != NULL) { chmod(CTDL_CER_PATH, 0600); PEM_write_X509(fp, cer); fclose(fp); } else { syslog(LOG_WARNING, "Cannot write key: %s\n", CTDL_CER_PATH); ShutDownWebcit(); exit(0); } } X509_free(cer); } } RSA_free(rsa); } } /* * Now try to bind to the key and certificate. * Note that we use SSL_CTX_use_certificate_chain_file() which allows * the certificate file to contain intermediate certificates. */ SSL_CTX_use_certificate_chain_file(ssl_ctx, CTDL_CER_PATH); SSL_CTX_use_PrivateKey_file(ssl_ctx, CTDL_KEY_PATH, SSL_FILETYPE_PEM); if ( !SSL_CTX_check_private_key(ssl_ctx) ) { syslog(LOG_WARNING, "Cannot install certificate: %s\n", ERR_reason_error_string(ERR_get_error())); } }
static int init_prng(void) { int totbytes=0; char filename[STRLEN]; int bytes; bytes=0; /* avoid warning if #ifdef'd out for windows */ filename[0]='\0'; /* If they specify a rand file on the command line we assume that they really do want it, so try it first */ if(options.rand_file) { totbytes+=add_rand_file(options.rand_file); if(prng_seeded(totbytes)) return 0; } /* try the $RANDFILE or $HOME/.rnd files */ RAND_file_name(filename, STRLEN); if(filename[0]) { filename[STRLEN-1]='\0'; /* just in case */ totbytes+=add_rand_file(filename); if(prng_seeded(totbytes)) return 0; } #ifdef RANDOM_FILE totbytes += add_rand_file( RANDOM_FILE ); if(prng_seeded(totbytes)) return 0; #endif #ifdef USE_WIN32 RAND_screen(); if(prng_seeded(totbytes)) { log(LOG_DEBUG, "Seeded PRNG with RAND_screen"); return 0; } log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG"); #else #if SSLEAY_VERSION_NUMBER >= 0x0090581fL if(options.egd_sock) { if((bytes=RAND_egd(options.egd_sock))==-1) { log(LOG_WARNING, "EGD Socket %s failed", options.egd_sock); bytes=0; } else { totbytes += bytes; log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s", bytes, options.egd_sock); return 0; /* OpenSSL always gets what it needs or fails, so no need to check if seeded sufficiently */ } } #ifdef EGD_SOCKET if((bytes=RAND_egd(EGD_SOCKET))==-1) { log(LOG_WARNING, "EGD Socket %s failed", EGD_SOCKET); } else { totbytes += bytes; log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s", bytes, EGD_SOCKET); return 0; } #endif /* EGD_SOCKET */ #endif /* OpenSSL-0.9.5a */ #endif /* USE_WIN32 */ /* Try the good-old default /dev/urandom, if available */ totbytes+=add_rand_file( "/dev/urandom" ); if(prng_seeded(totbytes)) return 0; /* Random file specified during configure */ log(LOG_INFO, "PRNG seeded with %d bytes total", totbytes); log(LOG_WARNING, "PRNG may not have been seeded with enough random bytes"); return -1; /* FAILED */ }
NOEXPORT int compression_init(GLOBAL_OPTIONS *global) { STACK_OF(SSL_COMP) *methods; methods=SSL_COMP_get_compression_methods(); if(!methods) { if(global->compression==COMP_NONE) { s_log(LOG_NOTICE, "Failed to get compression methods"); return 0; /* ignore */ } else { s_log(LOG_ERR, "Failed to get compression methods"); return 1; } } if(global->compression==COMP_NONE || SSLeay()<0x00908051L /* 0.9.8e-beta1 */) { /* delete OpenSSL defaults (empty the SSL_COMP stack) */ /* cannot use sk_SSL_COMP_pop_free, * as it also destroys the stack itself */ /* only leave the standard RFC 1951 (DEFLATE) algorithm, * if any of the private algorithms is enabled */ /* only allow DEFLATE with OpenSSL 0.9.8 or later * with OpenSSL #1468 zlib memory leak fixed */ while(sk_SSL_COMP_num(methods)) #if OPENSSL_VERSION_NUMBER>=0x10100000L /* FIXME: remove when sk_SSL_COMP_pop() works again */ OPENSSL_free(sk_pop((void *)methods)); #else OPENSSL_free(sk_SSL_COMP_pop(methods)); #endif } if(global->compression==COMP_NONE) { s_log(LOG_DEBUG, "Compression disabled"); return 0; /* success */ } /* also insert the obsolete ZLIB algorithm */ if(global->compression==COMP_ZLIB) { /* 224 - within the private range (193 to 255) */ COMP_METHOD *meth=COMP_zlib(); #if OPENSSL_VERSION_NUMBER>=0x10100000L if(!meth || COMP_get_type(meth)==NID_undef) { #else if(!meth || meth->type==NID_undef) { #endif s_log(LOG_ERR, "ZLIB compression is not supported"); return 1; } SSL_COMP_add_compression_method(0xe0, meth); } s_log(LOG_INFO, "Compression enabled: %d method(s)", sk_SSL_COMP_num(methods)); return 0; /* success */ } #endif /* OPENSSL_NO_COMP */ NOEXPORT int prng_init(GLOBAL_OPTIONS *global) { int totbytes=0; char filename[256]; #ifndef USE_WIN32 int bytes; #endif filename[0]='\0'; /* if they specify a rand file on the command line we assume that they really do want it, so try it first */ if(global->rand_file) { totbytes+=add_rand_file(global, global->rand_file); if(RAND_status()) return 0; /* success */ } /* try the $RANDFILE or $HOME/.rnd files */ RAND_file_name(filename, 256); if(filename[0]) { totbytes+=add_rand_file(global, filename); if(RAND_status()) return 0; /* success */ } #ifdef RANDOM_FILE totbytes+=add_rand_file(global, RANDOM_FILE); if(RAND_status()) return 0; /* success */ #endif #ifdef USE_WIN32 RAND_screen(); if(RAND_status()) { s_log(LOG_DEBUG, "Seeded PRNG with RAND_screen"); return 0; /* success */ } s_log(LOG_DEBUG, "RAND_screen failed to sufficiently seed PRNG"); #else if(global->egd_sock) { if((bytes=RAND_egd(global->egd_sock))==-1) { s_log(LOG_WARNING, "EGD Socket %s failed", global->egd_sock); bytes=0; } else { totbytes+=bytes; s_log(LOG_DEBUG, "Snagged %d random bytes from EGD Socket %s", bytes, global->egd_sock); return 0; /* OpenSSL always gets what it needs or fails, so no need to check if seeded sufficiently */ } } /* try the good-old default /dev/urandom, if available */ totbytes+=add_rand_file(global, "/dev/urandom"); if(RAND_status()) return 0; /* success */ #endif /* USE_WIN32 */ /* random file specified during configure */ s_log(LOG_ERR, "PRNG seeded with %d bytes total", totbytes); s_log(LOG_ERR, "PRNG was not seeded with enough random bytes"); return 1; /* FAILED */ }
static void setup_ssl(tcptest_t *item) { static int ssl_init_complete = 0; struct servent *sp; char portinfo[100]; X509 *peercert; char *certcn, *certstart, *certend; int err; strbuffer_t *sslinfo; char msglin[2048]; item->sslrunning = 1; if (!ssl_init_complete) { /* Setup entropy */ if (RAND_status() != 1) { char path[PATH_MAX]; /* Path for the random file */ /* load entropy from files */ RAND_load_file(RAND_file_name(path, sizeof (path)), -1); /* load entropy from egd sockets */ RAND_egd("/var/run/egd-pool"); RAND_egd("/dev/egd-pool"); RAND_egd("/etc/egd-pool"); RAND_egd("/var/spool/prngd/pool"); /* shuffle $RANDFILE (or ~/.rnd if unset) */ RAND_write_file(RAND_file_name(path, sizeof (path))); if (RAND_status() != 1) { errprintf("Failed to find enough entropy on your system"); item->errcode = CONTEST_ESSL; return; } } SSL_load_error_strings(); SSL_library_init(); ssl_init_complete = 1; } if (item->sslctx == NULL) { switch (item->ssloptions->sslversion) { case SSLVERSION_V2: item->sslctx = SSL_CTX_new(SSLv2_client_method()); break; case SSLVERSION_V3: item->sslctx = SSL_CTX_new(SSLv3_client_method()); break; case SSLVERSION_TLS1: item->sslctx = SSL_CTX_new(TLSv1_client_method()); break; default: item->sslctx = SSL_CTX_new(SSLv23_client_method()); break; } if (!item->sslctx) { char sslerrmsg[256]; ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("Cannot create SSL context - IP %s, service %s: %s\n", inet_ntoa(item->addr.sin_addr), item->svcinfo->svcname, sslerrmsg); item->sslrunning = 0; item->errcode = CONTEST_ESSL; return; } /* Workaround SSL bugs */ SSL_CTX_set_options(item->sslctx, SSL_OP_ALL); SSL_CTX_set_quiet_shutdown(item->sslctx, 1); /* Limit set of ciphers, if user wants to */ if (item->ssloptions->cipherlist) SSL_CTX_set_cipher_list(item->sslctx, item->ssloptions->cipherlist); if (item->ssloptions->clientcert) { int status; char certfn[PATH_MAX]; SSL_CTX_set_default_passwd_cb(item->sslctx, cert_password_cb); SSL_CTX_set_default_passwd_cb_userdata(item->sslctx, item); sprintf(certfn, "%s/certs/%s", xgetenv("XYMONHOME"), item->ssloptions->clientcert); status = SSL_CTX_use_certificate_chain_file(item->sslctx, certfn); if (status == 1) { status = SSL_CTX_use_PrivateKey_file(item->sslctx, certfn, SSL_FILETYPE_PEM); } if (status != 1) { char sslerrmsg[256]; ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("Cannot load SSL client certificate/key %s: %s\n", item->ssloptions->clientcert, sslerrmsg); item->sslrunning = 0; item->errcode = CONTEST_ESSL; return; } } } if (item->ssldata == NULL) { item->ssldata = SSL_new(item->sslctx); if (!item->ssldata) { char sslerrmsg[256]; ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("SSL_new failed - IP %s, service %s: %s\n", inet_ntoa(item->addr.sin_addr), item->svcinfo->svcname, sslerrmsg); item->sslrunning = 0; SSL_CTX_free(item->sslctx); item->errcode = CONTEST_ESSL; return; } /* Verify that the client certificate is working */ if (item->ssloptions->clientcert) { X509 *x509; x509 = SSL_get_certificate(item->ssldata); if(x509 != NULL) { EVP_PKEY *pktmp = X509_get_pubkey(x509); EVP_PKEY_copy_parameters(pktmp,SSL_get_privatekey(item->ssldata)); EVP_PKEY_free(pktmp); } if (!SSL_CTX_check_private_key(item->sslctx)) { errprintf("Private/public key mismatch for certificate %s\n", item->ssloptions->clientcert); item->sslrunning = 0; item->errcode = CONTEST_ESSL; return; } } /* SSL setup is done. Now attach the socket FD to the SSL protocol handler */ if (SSL_set_fd(item->ssldata, item->fd) != 1) { char sslerrmsg[256]; ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("Could not initiate SSL on connection - IP %s, service %s: %s\n", inet_ntoa(item->addr.sin_addr), item->svcinfo->svcname, sslerrmsg); item->sslrunning = 0; SSL_free(item->ssldata); SSL_CTX_free(item->sslctx); item->errcode = CONTEST_ESSL; return; } } sp = getservbyport(item->addr.sin_port, "tcp"); if (sp) { sprintf(portinfo, "%s (%d/tcp)", sp->s_name, item->addr.sin_port); } else { sprintf(portinfo, "%d/tcp", item->addr.sin_port); } if ((err = SSL_connect(item->ssldata)) != 1) { char sslerrmsg[256]; switch (SSL_get_error (item->ssldata, err)) { case SSL_ERROR_WANT_READ: case SSL_ERROR_WANT_WRITE: item->sslrunning = SSLSETUP_PENDING; break; case SSL_ERROR_SYSCALL: ERR_error_string(ERR_get_error(), sslerrmsg); /* Filter out the bogus SSL error */ if (strstr(sslerrmsg, "error:00000000:") == NULL) { errprintf("IO error in SSL_connect to %s on host %s: %s\n", portinfo, inet_ntoa(item->addr.sin_addr), sslerrmsg); } item->errcode = CONTEST_ESSL; item->sslrunning = 0; SSL_free(item->ssldata); SSL_CTX_free(item->sslctx); break; case SSL_ERROR_SSL: ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("Unspecified SSL error in SSL_connect to %s on host %s: %s\n", portinfo, inet_ntoa(item->addr.sin_addr), sslerrmsg); item->errcode = CONTEST_ESSL; item->sslrunning = 0; SSL_free(item->ssldata); SSL_CTX_free(item->sslctx); break; default: ERR_error_string(ERR_get_error(), sslerrmsg); errprintf("Unknown error %d in SSL_connect to %s on host %s: %s\n", err, portinfo, inet_ntoa(item->addr.sin_addr), sslerrmsg); item->errcode = CONTEST_ESSL; item->sslrunning = 0; SSL_free(item->ssldata); SSL_CTX_free(item->sslctx); break; } return; } /* If we get this far, the SSL handshake has completed. So grab the certificate */ peercert = SSL_get_peer_certificate(item->ssldata); if (!peercert) { errprintf("Cannot get peer certificate for %s on host %s\n", portinfo, inet_ntoa(item->addr.sin_addr)); item->errcode = CONTEST_ESSL; item->sslrunning = 0; SSL_free(item->ssldata); SSL_CTX_free(item->sslctx); return; } sslinfo = newstrbuffer(0); certcn = X509_NAME_oneline(X509_get_subject_name(peercert), NULL, 0); certstart = strdup(xymon_ASN1_UTCTIME(X509_get_notBefore(peercert))); certend = strdup(xymon_ASN1_UTCTIME(X509_get_notAfter(peercert))); snprintf(msglin, sizeof(msglin), "Server certificate:\n\tsubject:%s\n\tstart date: %s\n\texpire date:%s\n", certcn, certstart, certend); addtobuffer(sslinfo, msglin); item->certsubject = strdup(certcn); item->certexpires = sslcert_expiretime(certend); xfree(certcn); xfree(certstart); xfree(certend); X509_free(peercert); /* We list the available ciphers in the SSL cert data */ { int i; STACK_OF(SSL_CIPHER) *sk; addtobuffer(sslinfo, "\nAvailable ciphers:\n"); sk = SSL_get_ciphers(item->ssldata); for (i=0; i<sk_SSL_CIPHER_num(sk); i++) { int b1, b2; char *cph; b1 = SSL_CIPHER_get_bits(sk_SSL_CIPHER_value(sk,i), &b2); cph = SSL_CIPHER_get_name(sk_SSL_CIPHER_value(sk,i)); snprintf(msglin, sizeof(msglin), "Cipher %d: %s (%d bits)\n", i, cph, b1); addtobuffer(sslinfo, msglin); if ((item->mincipherbits == 0) || (b1 < item->mincipherbits)) item->mincipherbits = b1; } } item->certinfo = grabstrbuffer(sslinfo); }
int main( int argc, char *argv[] ) { const char *fn = "main()"; char f_randfile[ PATH_MAX ]; int listensd; /* socket descriptor we'll bind to */ int clientsd; /* incoming socket descriptor */ int sockaddrlen; struct sockaddr_storage srvaddr; struct sockaddr_storage cliaddr; pthread_t ThreadId; /* thread id of each incoming conn */ pthread_t RecycleThread; /* used just for the recycle thread */ pthread_attr_t attr; /* generic thread attribute struct */ int rc, i, fd; unsigned int ui; struct linger lingerstruct; /* for the socket reuse stuff */ int flag; /* for the socket reuse stuff */ ICC_Struct *ICC_tptr; extern char *optarg; extern int optind; char ConfigFile[ MAXPATHLEN ]; /* path to our config file */ char PidFile[ MAXPATHLEN ]; /* path to our pidfile */ #ifdef HAVE_LIBWRAP struct request_info r; /* request struct for libwrap */ #endif struct addrinfo aihints, *ai; int gaierrnum; flag = 1; ConfigFile[0] = '\0'; strncpy( PidFile, DEFAULT_PID_FILE, sizeof PidFile -1 ); /* * Ignore signals we don't want to die from but we don't care enough * about to catch. */ signal( SIGPIPE, SIG_IGN ); signal( SIGHUP, SIG_IGN ); while (( i = getopt( argc, argv, "f:p:h" ) ) != EOF ) { switch( i ) { case 'f': /* user specified a config filename */ strncpy( ConfigFile, optarg, sizeof ConfigFile -1 ); ConfigFile[ sizeof ConfigFile - 1 ] = '\0'; syslog( LOG_INFO, "%s: Using configuration file '%s'", fn, ConfigFile ); break; case 'p': /* user specified a pidfile */ strncpy( PidFile, optarg, sizeof PidFile -1 ); PidFile[ sizeof PidFile - 1 ] = '\0'; syslog( LOG_INFO, "%s: Using pidfile '%s'", fn, PidFile ); break; case 'h': Usage(); exit( 0 ); case '?': Usage(); exit( 1 ); } } /* * Make sure we know which config file to use and then set our config * options. */ if ( ! ConfigFile[0] ) { strncpy( ConfigFile, DEFAULT_CONFIG_FILE, sizeof ConfigFile -1 ); ConfigFile[ sizeof ConfigFile - 1 ] = '\0'; syslog( LOG_INFO, "%s: Using default configuration file '%s'.", fn, ConfigFile ); } SetDefaultConfigValues(&PC_Struct); SetConfigOptions( ConfigFile ); SetLogOptions(); /* * Just for logging purposes, are we doing SELECT caching or not? */ if ( PC_Struct.enable_select_cache ) syslog( LOG_INFO, "%s: SELECT caching is enabled", fn ); else syslog( LOG_INFO, "%s: SELECT caching is disabled", fn ); /* * Just for logging purposes, are the admin commands enabled or not? */ if ( PC_Struct.enable_admin_commands ) syslog( LOG_INFO, "%s: Internal admin commands are enabled", fn ); else syslog( LOG_INFO, "%s: Internal admin commands are disabled", fn ); #ifdef HAVE_LIBWRAP /* * Set our tcpd service name */ if (service = strrchr(argv[0], '/')) service++; else service = argv[0]; #endif /* * Initialize some stuff. */ rc = pthread_mutex_init(&mp, NULL); if ( rc ) { syslog(LOG_ERR, "%s: pthread_mutex_init() returned error [%d] initializing main mutex. Exiting.", fn, rc ); exit( 1 ); } rc = pthread_mutex_init(&trace, NULL); if ( rc ) { syslog(LOG_ERR, "%s: pthread_mutex_init() returned error [%d] initializing trace mutex. Exiting.", fn, rc ); exit( 1 ); } TraceUser[0] = '\0'; syslog( LOG_INFO, "%s: Allocating %d IMAP connection structures.", fn, PC_Struct.cache_size ); ICC_free = (ICC_Struct *)malloc( ( sizeof ( ICC_Struct ) ) * PC_Struct.cache_size ); if ( ! ICC_free ) { syslog(LOG_ERR, "%s: malloc() failed to allocate [%d] IMAPConnectionContext structures: %s", fn, PC_Struct.cache_size, strerror( errno ) ); exit( 1 ); } memset( ICC_free, 0, sizeof ( ICC_Struct ) * PC_Struct.cache_size ); ICC_tptr = ICC_free; /* * Bug fixed by Gary Mills <*****@*****.**>. I was pre-incrementing * ICC_tptr and then assigning. I guess gcc evaluates the expression * incorrectly, since I never had a problem with this. Gary had the * problem with cc, so it's fixed here. */ for ( ui = 0; ui < PC_Struct.cache_size - 1; ui++ ) { ICC_tptr->next = ICC_tptr + 1; ICC_tptr++; } memset( ICC_HashTable, 0, sizeof ICC_HashTable ); #if HAVE_LIBSSL /* Initialize SSL_CTX */ syslog( LOG_INFO, "%s: Enabling openssl library.", fn ); SSL_library_init(); /* Set up OpenSSL thread protection */ ssl_thread_setup(fn); /* Need to seed PRNG, too! */ if ( RAND_egd( ( RAND_file_name( f_randfile, sizeof( f_randfile ) ) == f_randfile ) ? f_randfile : "/.rnd" ) ) { /* Not an EGD, so read and write it. */ if ( RAND_load_file( f_randfile, -1 ) ) RAND_write_file( f_randfile ); } SSL_load_error_strings(); tls_ctx = SSL_CTX_new( TLSv1_client_method() ); if ( tls_ctx == NULL ) { syslog(LOG_ERR, "%s: Failed to create new SSL_CTX. Exiting.", fn); exit( 1 ); } /* Work around all known bugs */ SSL_CTX_set_options( tls_ctx, SSL_OP_ALL ); if ( PC_Struct.tls_ca_file != NULL || PC_Struct.tls_ca_path != NULL ) { rc = SSL_CTX_load_verify_locations( tls_ctx, PC_Struct.tls_ca_file, PC_Struct.tls_ca_path ); } else { rc = SSL_CTX_set_default_verify_paths( tls_ctx ); } if ( rc == 0 ) { syslog(LOG_ERR, "%s: Failed to load CA data. Exiting.", fn); exit( 1 ); } if ( ! set_cert_stuff( tls_ctx, PC_Struct.tls_cert_file, PC_Struct.tls_key_file ) ) { syslog(LOG_ERR, "%s: Failed to load cert/key data. Exiting.", fn); exit( 1 ); } SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_NONE, verify_callback); #endif /* HAVE_LIBSSL */ ServerInit(); /* Daemonize() would go here */ SetBannerAndCapability(); /* * We don't need to check PC_Struct.support_starttls since we * probably have refetched the capability list after a STARTTLS * if we did one; it won't ever be supported at this point. * * It also makes no difference to check PC_Struct.force_tls now * because we've either done a STARTTLS or we haven't - all that * matters is if we got LOGINDISABLED or not. * * Note that all these things *ARE* tested when checking the * server capabilities (in fact, the following check is probably * a duplicate). */ if ( PC_Struct.login_disabled ) { /* We're screwed! We can't login */ syslog(LOG_ERR, "%s: IMAP server has LOGINDISABLED. Exiting.", fn); exit( 1 ); } memset( &aihints, 0, sizeof aihints ); aihints.ai_family = AF_UNSPEC; aihints.ai_socktype = SOCK_STREAM; aihints.ai_flags = AI_PASSIVE; if ( ( gaierrnum = getaddrinfo( PC_Struct.listen_addr, PC_Struct.listen_port, &aihints, &ai ) ) ) { syslog( LOG_ERR, "%s: bad bind address: '%s' specified in config file. Exiting.", fn, PC_Struct.listen_addr ); exit( 1 ); } syslog( LOG_INFO, "%s: Binding to tcp %s:%s", fn, PC_Struct.listen_addr ? PC_Struct.listen_addr : "*", PC_Struct.listen_port ); for ( ; ai != NULL; ai = ai->ai_next ) { listensd = socket( ai->ai_family, ai->ai_socktype, ai->ai_protocol ); if ( listensd == -1 ) { syslog(LOG_WARNING, "%s: socket() failed: %s", fn, strerror(errno)); continue; } setsockopt(listensd, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag)); lingerstruct.l_onoff = 1; lingerstruct.l_linger = 5; setsockopt(listensd, SOL_SOCKET, SO_LINGER, (void *)&lingerstruct, sizeof(lingerstruct)); if ( PC_Struct.send_tcp_keepalives ) { lingerstruct.l_onoff = 1; syslog( LOG_INFO, "%s: Enabling SO_KEEPALIVE.", fn ); setsockopt( listensd, SOL_SOCKET, SO_KEEPALIVE, (void *)&lingerstruct.l_onoff, sizeof lingerstruct.l_onoff ); } memcpy( &srvaddr, ai->ai_addr, ai->ai_addrlen ); if ( bind( listensd, (struct sockaddr *)&srvaddr, ai->ai_addrlen ) < 0 ) { syslog(LOG_WARNING, "%s: bind() failed: %s", fn, strerror(errno) ); continue; } else break; } if ( ai == NULL ) { syslog( LOG_ERR, "%s: no useable addresses to bind to", fn ); exit( EXIT_FAILURE); } /* * Create and mmap() our stat file while we're still root. Since it's * configurable, we want to make sure we do this as root so there's the * greatest possibility that we'll have permission to write where we * need to. */ syslog( LOG_INFO, "%s: Using global statistics file '%s'", fn, PC_Struct.stat_filename ); fd = open( PC_Struct.stat_filename, O_RDWR | O_CREAT, S_IREAD | S_IWRITE ); if ( fd == -1 ) { syslog(LOG_ERR, "%s: open() failed for '%s': %s -- Exiting.", fn, PC_Struct.stat_filename, strerror( errno ) ); exit( 1 ); } if ( ( ftruncate( fd, sizeof( IMAPCounter_Struct ) ) ) == -1 ) { syslog(LOG_ERR, "%s: ftruncate() failed: %s -- Exiting.", fn, strerror( errno ) ); exit( 1 ); } IMAPCount = ( IMAPCounter_Struct *)mmap( 0, sizeof( IMAPCounter_Struct ), PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0 ); if ( IMAPCount == MAP_FAILED ) { syslog(LOG_ERR, "%s: mmap() failed: %s -- Exiting.", fn, strerror( errno ) ); exit( 1 ); } memset( IMAPCount, 0, sizeof( IMAPCounter_Struct ) ); IMAPCount->StartTime = time( 0 ); IMAPCount->CountTime = time( 0 ); /* * Daemonize as late as possible, so that connection failures can be caught * and startup aborted before dettaching from parent */ Daemonize( PidFile ); if ( BecomeNonRoot() ) exit( 1 ); /* some misc thread setup */ rc = pthread_attr_init( &attr ); if ( rc ) { syslog(LOG_ERR, "%s: pthread_attr_init() failed: [%d]\n", fn, rc); exit( 1 ); } rc = pthread_attr_setdetachstate( &attr, PTHREAD_CREATE_DETACHED ); if ( rc ) { syslog(LOG_ERR, "%s: pthread_attr_setdetachstate() failed: [%d]\n", fn, rc); exit( 1 ); } /* launch a recycle thread before we loop */ pthread_create( &RecycleThread, &attr, (void *)ICC_Recycle_Loop, NULL ); syslog(LOG_INFO, "%s: Launched ICC recycle thread with id %d", fn, (int)RecycleThread ); /* * Now start listening and accepting connections. */ if ( listen(listensd, MAX_CONN_BACKLOG) < 0) { syslog( LOG_ERR, "%s: listen() failed: %s -- Exiting", fn, strerror(errno)); exit( 1 ); } syslog( LOG_INFO, "%s: squirrelmail-imap_proxy version %s normal server startup.", fn, IMAP_PROXY_VERSION ); /* * Main server loop */ for ( ;; ) { /* * Bug fixed by Gary Mills <*****@*****.**>. I forgot * to initialize sockaddrlen. */ sockaddrlen = sizeof cliaddr; clientsd = accept( listensd, (struct sockaddr *)&cliaddr, &sockaddrlen ); if ( clientsd == -1 ) { syslog(LOG_WARNING, "%s: accept() failed: %s -- retrying", fn, strerror(errno)); sleep( 1 ); continue; } #ifdef HAVE_LIBWRAP request_init(&r, RQ_DAEMON, service, 0); request_set(&r, RQ_FILE, clientsd, 0); sock_host(&r); if (!hosts_access(&r)) { shutdown(clientsd, SHUT_RDWR); close(clientsd); syslog(deny_severity, "refused connection from %s", eval_client(&r)); continue; } #endif IMAPCount->TotalClientConnectionsAccepted++; IMAPCount->CurrentClientConnections++; if ( IMAPCount->CurrentClientConnections > IMAPCount->PeakClientConnections ) IMAPCount->PeakClientConnections = IMAPCount->CurrentClientConnections; rc = pthread_create( &ThreadId, &attr, (void *)HandleRequest, (void *)clientsd ); if (rc != 0) { syslog(LOG_ERR, "%s: pthread_create() returned error [%d] for HandleRequest.", fn, rc ); close(clientsd); } } }
static int random_the_seed(struct SessionHandle *data) { char *buf = data->state.buffer; /* point to the big buffer */ int nread=0; /* Q: should we add support for a random file name as a libcurl option? A: Yes, it is here */ #ifndef RANDOM_FILE /* if RANDOM_FILE isn't defined, we only perform this if an option tells us to! */ if(data->set.ssl.random_file) #define RANDOM_FILE "" /* doesn't matter won't be used */ #endif { /* let the option override the define */ nread += RAND_load_file((data->set.ssl.random_file? data->set.ssl.random_file:RANDOM_FILE), 16384); if(seed_enough(nread)) return nread; } #if defined(HAVE_RAND_EGD) /* only available in OpenSSL 0.9.5 and later */ /* EGD_SOCKET is set at configure time or not at all */ #ifndef EGD_SOCKET /* If we don't have the define set, we only do this if the egd-option is set */ if(data->set.ssl.egdsocket) #define EGD_SOCKET "" /* doesn't matter won't be used */ #endif { /* If there's an option and a define, the option overrides the define */ int ret = RAND_egd(data->set.ssl.egdsocket? data->set.ssl.egdsocket:EGD_SOCKET); if(-1 != ret) { nread += ret; if(seed_enough(nread)) return nread; } } #endif /* If we get here, it means we need to seed the PRNG using a "silly" approach! */ #ifdef HAVE_RAND_SCREEN /* This one gets a random value by reading the currently shown screen */ RAND_screen(); nread = 100; /* just a value */ #else { int len; char *area; /* Changed call to RAND_seed to use the underlying RAND_add implementation * directly. Do this in a loop, with the amount of additional entropy * being dependent upon the algorithm used by Curl_FormBoundary(): N bytes * of a 7-bit ascii set. -- Richard Gorton, March 11 2003. */ do { area = Curl_FormBoundary(); if(!area) return 3; /* out of memory */ len = (int)strlen(area); RAND_add(area, len, (len >> 1)); free(area); /* now remove the random junk */ } while (!RAND_status()); } #endif /* generates a default path for the random seed file */ buf[0]=0; /* blank it first */ RAND_file_name(buf, BUFSIZE); if(buf[0]) { /* we got a file name to try */ nread += RAND_load_file(buf, 16384); if(seed_enough(nread)) return nread; } infof(data, "libcurl is now using a weak random seed!\n"); return nread; }
int main( int argc, char *argv[] ) { char *fn = "main()"; char f_randfile[ PATH_MAX ]; int listensd; /* socket descriptor we'll bind to */ int clientsd; /* incoming socket descriptor */ int addrlen; struct sockaddr_in srvaddr; struct sockaddr_in cliaddr; pthread_t ThreadId; /* thread id of each incoming conn */ pthread_t RecycleThread; /* used just for the recycle thread */ pthread_attr_t attr; /* generic thread attribute struct */ int rc, i, fd; unsigned int ui; pid_t pid; /* used just for a fork call */ struct linger lingerstruct; /* for the socket reuse stuff */ int flag; /* for the socket reuse stuff */ ICC_Struct *ICC_tptr; extern char *optarg; extern int optind; char ConfigFile[ MAXPATHLEN ]; /* path to our config file */ #ifdef HAVE_LIBWRAP struct request_info r; /* request struct for libwrap */ #endif flag = 1; ConfigFile[0] = '\0'; /* * Ignore signals we don't want to die from but we don't care enough * about to catch. */ signal( SIGPIPE, SIG_IGN ); signal( SIGHUP, SIG_IGN ); while (( i = getopt( argc, argv, "f:h" ) ) != EOF ) { switch( i ) { case 'f': /* user specified a config filename */ strncpy( ConfigFile, optarg, sizeof ConfigFile -1 ); ConfigFile[ sizeof ConfigFile - 1 ] = '\0'; syslog( LOG_INFO, "%s: Using configuration file '%s'", fn, ConfigFile ); break; case 'h': Usage(); exit( 0 ); case '?': Usage(); exit( 1 ); } } /* * Make sure we know which config file to use and then set our config * options. */ if ( ! ConfigFile[0] ) { strncpy( ConfigFile, DEFAULT_CONFIG_FILE, sizeof ConfigFile -1 ); ConfigFile[ sizeof ConfigFile - 1 ] = '\0'; syslog( LOG_INFO, "%s: Using default configuration file '%s'.", fn, ConfigFile ); } SetConfigOptions( ConfigFile ); SetLogOptions(); /* * Just for logging purposes, are we doing SELECT caching or not? */ if ( PC_Struct.enable_select_cache ) syslog( LOG_INFO, "%s: SELECT caching is enabled", fn ); else syslog( LOG_INFO, "%s: SELECT caching is disabled", fn ); #ifdef HAVE_LIBWRAP /* * Set our tcpd service name */ if (service = strrchr(argv[0], '/')) service++; else service = argv[0]; #endif /* * Initialize some stuff. */ rc = pthread_mutex_init(&mp, NULL); if ( rc ) { syslog(LOG_ERR, "%s: pthread_mutex_init() returned error [%d] initializing main mutex. Exiting.", fn, rc ); exit( 1 ); } rc = pthread_mutex_init(&trace, NULL); if ( rc ) { syslog(LOG_ERR, "%s: pthread_mutex_init() returned error [%d] initializing trace mutex. Exiting.", fn, rc ); exit( 1 ); } TraceUser[0] = '\0'; syslog( LOG_INFO, "%s: Allocating %d IMAP connection structures.", fn, PC_Struct.cache_size ); ICC_free = (ICC_Struct *)malloc( ( sizeof ( ICC_Struct ) ) * PC_Struct.cache_size ); if ( ! ICC_free ) { syslog(LOG_ERR, "%s: malloc() failed to allocate [%d] IMAPConnectionContext structures: %s", fn, PC_Struct.cache_size, strerror( errno ) ); exit( 1 ); } memset( ICC_free, 0, sizeof ( ICC_Struct ) * PC_Struct.cache_size ); ICC_tptr = ICC_free; /* * Bug fixed by Gary Mills <*****@*****.**>. I was pre-incrementing * ICC_tptr and then assigning. I guess gcc evaluates the expression * incorrectly, since I never had a problem with this. Gary had the * problem with cc, so it's fixed here. */ for ( ui = 0; ui < PC_Struct.cache_size - 1; ui++ ) { ICC_tptr->next = ICC_tptr + 1; ICC_tptr++; } memset( ICC_HashTable, 0, sizeof ICC_HashTable ); ServerInit(); /* detach from our parent if necessary */ if (! (getppid() == 1) && ( ! PC_Struct.foreground_mode ) ) { syslog( LOG_INFO, "%s: Configured to run in background mode.", fn ); if ( (pid = fork()) < 0) { syslog(LOG_ERR, "%s: initial call to fork() failed: %s", fn, strerror(errno)); exit( 1 ); } else if ( pid > 0) { exit( 0 ); } if (setsid() == -1) { syslog(LOG_WARNING, "%s: setsid() failed: %s", fn, strerror(errno)); } if ( (pid = fork()) < 0) { syslog(LOG_ERR, "%s: secondary call to fork() failed: %s", fn, strerror(errno)); exit( 1 ); } else if ( pid > 0) { exit( 0 ); } } else { syslog( LOG_INFO, "%s: Configured to run in foreground mode.", fn ); } SetBannerAndCapability(); if ( PC_Struct.login_disabled || PC_Struct.force_tls ) { syslog( LOG_INFO, "%s: Enabling STARTTLS.", fn ); #if HAVE_LIBSSL if ( PC_Struct.support_starttls ) { /* Initialize SSL_CTX */ SSL_library_init(); /* Need to seed PRNG, too! */ if ( RAND_egd( ( RAND_file_name( f_randfile, sizeof( f_randfile ) ) == f_randfile ) ? f_randfile : "/.rnd" ) ) { /* Not an EGD, so read and write it. */ if ( RAND_load_file( f_randfile, -1 ) ) RAND_write_file( f_randfile ); } SSL_load_error_strings(); tls_ctx = SSL_CTX_new( TLSv1_client_method() ); if ( tls_ctx == NULL ) { syslog(LOG_ERR, "%s: Failed to create new SSL_CTX. Exiting.", fn); exit( 1 ); } /* Work around all known bugs */ SSL_CTX_set_options( tls_ctx, SSL_OP_ALL ); if ( ! SSL_CTX_load_verify_locations( tls_ctx, PC_Struct.tls_ca_file, PC_Struct.tls_ca_path ) || ! SSL_CTX_set_default_verify_paths( tls_ctx ) ) { syslog(LOG_ERR, "%s: Failed to load CA data. Exiting.", fn); exit( 1 ); } if ( ! set_cert_stuff( tls_ctx, PC_Struct.tls_cert_file, PC_Struct.tls_key_file ) ) { syslog(LOG_ERR, "%s: Failed to load cert/key data. Exiting.", fn); exit( 1 ); } SSL_CTX_set_verify(tls_ctx, SSL_VERIFY_NONE, verify_callback); } else #endif /* HAVE_LIBSSL */ { /* We're screwed! We won't be able to login without SASL */ syslog(LOG_ERR, "%s: IMAP server has LOGINDISABLED and we can't do STARTTLS. Exiting.", fn); exit( 1 ); } } memset( (char *) &srvaddr, 0, sizeof srvaddr ); srvaddr.sin_family = PF_INET; if ( !PC_Struct.listen_addr ) { srvaddr.sin_addr.s_addr = htonl(INADDR_ANY); } else { srvaddr.sin_addr.s_addr = inet_addr( PC_Struct.listen_addr ); if ( srvaddr.sin_addr.s_addr == -1 ) { syslog( LOG_ERR, "%s: bad bind address: '%s' specified in config file. Exiting.", fn, PC_Struct.listen_addr ); exit( 1 ); } } syslog(LOG_INFO, "%s: Binding to tcp %s:%d", fn, PC_Struct.listen_addr ? PC_Struct.listen_addr : "*", PC_Struct.listen_port ); srvaddr.sin_port = htons(PC_Struct.listen_port); listensd = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP); if ( listensd == -1 ) { syslog(LOG_ERR, "%s: socket() failed: %s", fn, strerror(errno)); exit( 1 ); } setsockopt(listensd, SOL_SOCKET, SO_REUSEADDR, (void *)&flag, sizeof(flag)); lingerstruct.l_onoff = 1; lingerstruct.l_linger = 5; setsockopt(listensd, SOL_SOCKET, SO_LINGER, (void *)&lingerstruct, sizeof(lingerstruct)); if ( PC_Struct.send_tcp_keepalives ) { lingerstruct.l_onoff = 1; syslog( LOG_INFO, "%s: Enabling SO_KEEPALIVE.", fn ); setsockopt( listensd, SOL_SOCKET, SO_KEEPALIVE, (void *)&lingerstruct.l_onoff, sizeof lingerstruct.l_onoff ); } if ( bind(listensd, (struct sockaddr *)&srvaddr, sizeof( srvaddr ) ) < 0 ) { syslog(LOG_ERR, "%s: bind() failed: %s", fn, strerror(errno) ); exit( 1 ); } /* * Create and mmap() our stat file while we're still root. Since it's * configurable, we want to make sure we do this as root so there's the * greatest possibility that we'll have permission to write where we * need to. */ syslog( LOG_INFO, "%s: Using global statistics file '%s'", fn, PC_Struct.stat_filename ); fd = open( PC_Struct.stat_filename, O_RDWR | O_CREAT, S_IREAD | S_IWRITE ); if ( fd == -1 ) { syslog(LOG_ERR, "%s: open() failed for '%s': %s -- Exiting.", fn, PC_Struct.stat_filename, strerror( errno ) ); exit( 1 ); } if ( ( ftruncate( fd, sizeof( IMAPCounter_Struct ) ) ) == -1 ) { syslog(LOG_ERR, "%s: ftruncate() failed: %s -- Exiting.", fn, strerror( errno ) ); exit( 1 ); } IMAPCount = ( IMAPCounter_Struct *)mmap( 0, sizeof( IMAPCounter_Struct ), PROT_READ | PROT_WRITE, MAP_SHARED, fd, 0 ); if ( IMAPCount == MAP_FAILED ) { syslog(LOG_ERR, "%s: mmap() failed: %s -- Exiting.", fn, strerror( errno ) ); exit( 1 ); } memset( IMAPCount, 0, sizeof( IMAPCounter_Struct ) ); IMAPCount->StartTime = time( 0 ); IMAPCount->CountTime = time( 0 ); if ( BecomeNonRoot() ) exit( 1 ); /* some misc thread setup */ rc = pthread_attr_init( &attr ); if ( rc ) { syslog(LOG_ERR, "%s: pthread_attr_init() failed: [%d]\n", fn, rc); exit( 1 ); } rc = pthread_attr_setdetachstate( &attr, PTHREAD_CREATE_DETACHED ); if ( rc ) { syslog(LOG_ERR, "%s: pthread_attr_setdetachstate() failed: [%d]\n", fn, rc); exit( 1 ); } /* launch a recycle thread before we loop */ pthread_create( &RecycleThread, &attr, (void *)ICC_Recycle_Loop, NULL ); syslog(LOG_INFO, "%s: Launched ICC recycle thread with id %d", fn, RecycleThread ); /* * Now start listening and accepting connections. */ if ( listen(listensd, MAX_CONN_BACKLOG) < 0) { syslog( LOG_ERR, "%s: listen() failed: %s -- Exiting", fn, strerror(errno)); exit( 1 ); } syslog( LOG_INFO, "%s: Normal server startup.", fn ); /* * Main server loop */ for ( ;; ) { /* * Bug fixed by Gary Mills <*****@*****.**>. I forgot * to initialize addrlen. */ addrlen = sizeof cliaddr; clientsd = accept( listensd, (struct sockaddr *)&cliaddr, &addrlen ); if ( clientsd == -1 ) { syslog(LOG_WARNING, "%s: accept() failed: %s -- retrying", fn, strerror(errno)); sleep( 1 ); continue; } #ifdef HAVE_LIBWRAP request_init(&r, RQ_DAEMON, service, 0); request_set(&r, RQ_FILE, clientsd, 0); sock_host(&r); if (!hosts_access(&r)) { shutdown(clientsd, SHUT_RDWR); close(clientsd); syslog(deny_severity, "refused connection from %s", eval_client(&r)); continue; } #endif IMAPCount->TotalClientConnectionsAccepted++; IMAPCount->CurrentClientConnections++; if ( IMAPCount->CurrentClientConnections > IMAPCount->PeakClientConnections ) IMAPCount->PeakClientConnections = IMAPCount->CurrentClientConnections; pthread_create( &ThreadId, &attr, (void *)HandleRequest, (void *)clientsd ); } }