static int vnc_set_gnutls_priority(gnutls_session_t s, int x509)
{
static const int cert_types[] = { GNUTLS_CRT_X509, 0 };
static const int protocols[] = {
GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0
};
static const int kx_anon[] = { GNUTLS_KX_ANON_DH, 0 };
static const int kx_x509[] = {
GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA,
GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0
};
int rc;
rc = gnutls_kx_set_priority(s, x509 ? kx_x509 : kx_anon);
if (rc != GNUTLS_E_SUCCESS) {
return -1;
}
rc = gnutls_certificate_type_set_priority(s, cert_types);
if (rc != GNUTLS_E_SUCCESS) {
return -1;
}
rc = gnutls_protocol_set_priority(s, protocols);
if (rc != GNUTLS_E_SUCCESS) {
return -1;
}
return 0;
}
struct tls_connection * tls_connection_init(void *ssl_ctx)
{
struct tls_connection *conn;
const int cert_types[2] = { GNUTLS_CRT_X509, 0 };
const int protos[2] = { GNUTLS_TLS1, 0 };
conn = malloc(sizeof(*conn));
if (conn == NULL)
return NULL;
memset(conn, 0, sizeof(*conn));
if (gnutls_init(&conn->session, GNUTLS_CLIENT) < 0) {
wpa_printf(MSG_INFO, "TLS: Failed to initialize new TLS "
"connection");
free(conn);
return NULL;
}
gnutls_set_default_priority(conn->session);
gnutls_certificate_type_set_priority(conn->session, cert_types);
gnutls_protocol_set_priority(conn->session, protos);
gnutls_transport_set_pull_function(conn->session, tls_pull_func);
gnutls_transport_set_push_function(conn->session, tls_push_func);
gnutls_transport_set_ptr(conn->session, (gnutls_transport_ptr) conn);
gnutls_certificate_allocate_credentials(&conn->xcred);
return conn;
}
bool CTlsSocket::Init()
{
// This function initializes GnuTLS
int res = gnutls_global_init();
if (res)
{
LogError(res);
return false;
}
m_initialized = true;
res = gnutls_certificate_allocate_credentials(&m_certCredentials);
if (res < 0)
{
LogError(res);
Uninit();
return false;
}
res = gnutls_init(&m_session, GNUTLS_CLIENT);
if (res)
{
LogError(res);
Uninit();
return false;
}
res = gnutls_set_default_priority(m_session);
if (res)
{
LogError(res);
Uninit();
return false;
}
// Set which type of certificates we accept
const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
gnutls_certificate_type_set_priority(m_session, cert_type_priority);
if (res)
{
LogError(res);
Uninit();
return false;
}
gnutls_credentials_set(m_session, GNUTLS_CRD_CERTIFICATE, m_certCredentials);
// Setup transport functions
gnutls_transport_set_push_function(m_session, PushFunction);
gnutls_transport_set_pull_function(m_session, PullFunction);
gnutls_transport_set_ptr(m_session, (gnutls_transport_ptr_t)this);
gnutls_transport_set_lowat(m_session, 0);
m_shutdown_requested = false;
// At this point, we can start shaking hands.
return true;
}
static void
ADD_CERTTYPE (gnutls_session session, int ctype)
{
static int _ct_priority[] = { 0, 0 };
_ct_priority[0] = ctype;
gnutls_certificate_type_set_priority (session, _ct_priority);
}
bool
ssl_connect_wget (int fd)
{
static const int cert_type_priority[] = {
GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP, 0
};
struct wgnutls_transport_context *ctx;
gnutls_session session;
int err;
int allowed_protocols[4] = {0, 0, 0, 0};
gnutls_init (&session, GNUTLS_CLIENT);
gnutls_set_default_priority (session);
gnutls_certificate_type_set_priority (session, cert_type_priority);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, credentials);
#ifndef FD_TO_SOCKET
# define FD_TO_SOCKET(X) (X)
#endif
gnutls_transport_set_ptr (session, (gnutls_transport_ptr) FD_TO_SOCKET (fd));
err = 0;
switch (opt.secure_protocol)
{
case secure_protocol_auto:
break;
case secure_protocol_sslv2:
case secure_protocol_sslv3:
allowed_protocols[0] = GNUTLS_SSL3;
err = gnutls_protocol_set_priority (session, allowed_protocols);
break;
case secure_protocol_tlsv1:
allowed_protocols[0] = GNUTLS_TLS1_0;
allowed_protocols[1] = GNUTLS_TLS1_1;
allowed_protocols[2] = GNUTLS_TLS1_2;
err = gnutls_protocol_set_priority (session, allowed_protocols);
break;
default:
abort ();
}
if (err < 0)
{
logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
gnutls_deinit (session);
return false;
}
err = gnutls_handshake (session);
if (err < 0)
{
logprintf (LOG_NOTQUIET, "GnuTLS: %s\n", gnutls_strerror (err));
gnutls_deinit (session);
return false;
}
ctx = xnew0 (struct wgnutls_transport_context);
ctx->session = session;
fd_register_transport (fd, &wgnutls_transport, ctx);
return true;
}
static void
ssl_gnutls_connect(PurpleSslConnection *gsc)
{
PurpleSslGnutlsData *gnutls_data;
static const int cert_type_priority[2] = { GNUTLS_CRT_X509, 0 };
gnutls_data = g_new0(PurpleSslGnutlsData, 1);
gsc->private_data = gnutls_data;
gnutls_init(&gnutls_data->session, GNUTLS_CLIENT);
#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
{
const char *prio_str = NULL;
gboolean set = FALSE;
/* Let's see if someone has specified a specific priority */
if (gsc->host && host_priorities)
prio_str = g_hash_table_lookup(host_priorities, gsc->host);
if (prio_str)
set = (GNUTLS_E_SUCCESS ==
gnutls_priority_set_direct(gnutls_data->session, prio_str,
NULL));
if (!set)
gnutls_priority_set(gnutls_data->session, default_priority);
}
#else
gnutls_set_default_priority(gnutls_data->session);
#endif
gnutls_certificate_type_set_priority(gnutls_data->session,
cert_type_priority);
gnutls_credentials_set(gnutls_data->session, GNUTLS_CRD_CERTIFICATE,
xcred);
gnutls_transport_set_ptr(gnutls_data->session, GINT_TO_POINTER(gsc->fd));
gnutls_data->handshake_handler = purple_input_add(gsc->fd,
PURPLE_INPUT_READ, ssl_gnutls_handshake_cb, gsc);
/* Orborde asks: Why are we configuring a callback, then
(almost) immediately calling it?
Answer: gnutls_handshake (up in handshake_cb) needs to be called
once in order to get the ball rolling on the SSL connection.
Once it has done so, only then will the server reply, triggering
the callback.
Since the logic driving gnutls_handshake is the same with the first
and subsequent calls, we'll just fire the callback immediately to
accomplish this.
*/
gnutls_data->handshake_timer = purple_timeout_add(0, start_handshake_cb,
gsc);
}
static int tls_gnutls_init_session(struct tls_global *global,
struct tls_connection *conn)
{
#if LIBGNUTLS_VERSION_NUMBER >= 0x020200
const char *err;
#else /* LIBGNUTLS_VERSION_NUMBER >= 0x020200 */
const int cert_types[2] = { GNUTLS_CRT_X509, 0 };
const int protos[2] = { GNUTLS_TLS1, 0 };
#endif /* LIBGNUTLS_VERSION_NUMBER < 0x020200 */
int ret;
ret = gnutls_init(&conn->session,
global->server ? GNUTLS_SERVER : GNUTLS_CLIENT);
if (ret < 0) {
wpa_printf(MSG_INFO, "TLS: Failed to initialize new TLS "
"connection: %s", gnutls_strerror(ret));
return -1;
}
ret = gnutls_set_default_priority(conn->session);
if (ret < 0)
goto fail;
#if LIBGNUTLS_VERSION_NUMBER >= 0x020200
ret = gnutls_priority_set_direct(conn->session, "NORMAL:-VERS-SSL3.0",
&err);
if (ret < 0) {
wpa_printf(MSG_ERROR, "GnuTLS: Priority string failure at "
"'%s'", err);
goto fail;
}
#else /* LIBGNUTLS_VERSION_NUMBER >= 0x020200 */
ret = gnutls_certificate_type_set_priority(conn->session, cert_types);
if (ret < 0)
goto fail;
ret = gnutls_protocol_set_priority(conn->session, protos);
if (ret < 0)
goto fail;
#endif /* LIBGNUTLS_VERSION_NUMBER < 0x020200 */
gnutls_transport_set_pull_function(conn->session, tls_pull_func);
gnutls_transport_set_push_function(conn->session, tls_push_func);
gnutls_transport_set_ptr(conn->session, (gnutls_transport_ptr) conn);
return 0;
fail:
wpa_printf(MSG_INFO, "TLS: Failed to setup new TLS connection: %s",
gnutls_strerror(ret));
gnutls_deinit(conn->session);
return -1;
}
/* initializes a gnutls_session with some defaults.
*/
static gnutls_session
init_tls_session (const char *hostname)
{
gnutls_session session;
gnutls_init (&session, GNUTLS_CLIENT);
/* allow the use of private ciphersuites.
*/
if (disable_extensions == 0)
{
gnutls_handshake_set_private_extensions (session, 1);
gnutls_server_name_set (session, GNUTLS_NAME_DNS, hostname,
strlen (hostname));
gnutls_certificate_type_set_priority (session, cert_type_priority);
}
gnutls_cipher_set_priority (session, cipher_priority);
gnutls_compression_set_priority (session, comp_priority);
gnutls_kx_set_priority (session, kx_priority);
gnutls_protocol_set_priority (session, protocol_priority);
gnutls_mac_set_priority (session, mac_priority);
gnutls_dh_set_prime_bits (session, 512);
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred);
gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred);
gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
gnutls_certificate_client_set_retrieve_function (xcred, cert_callback);
/* send the fingerprint */
if (fingerprint != 0)
gnutls_openpgp_send_key (session, GNUTLS_OPENPGP_KEY_FINGERPRINT);
/* use the max record size extension */
if (record_max_size > 0 && disable_extensions == 0)
{
if (gnutls_record_set_max_size (session, record_max_size) < 0)
{
fprintf (stderr,
"Cannot set the maximum record size to %d.\n",
record_max_size);
fprintf (stderr, "Possible values: 512, 1024, 2048, 4096.\n");
exit (1);
}
}
return session;
}
gtlsClientData::gtlsClientData(std::string const& _caFile,
std::string const& _certFile,
std::string const& _keyFile)
{
int ret = 0;
gnutls_global_set_log_level(loglevel);
gnutls_global_set_log_function(gtlsGeneric::logCallback);
gnutls_certificate_allocate_credentials(&cred_);
// GNUTLS_NOTICE("Allocted credentials");
// Add the certificate authority used.
// GNUTLS_NOTICE("Setting CA, file='" << _caFile << "'");
ret = gnutls_certificate_set_x509_trust_file(cred_, _caFile.c_str(), GNUTLS_X509_FMT_PEM);
// printerror("gnutls_certificate_set_x509_trust_file", ret);
// GNUTLS_NOTICE("Processed " << ret << " certificates.");
// Set the cert and private key.
// Set the certificate and priate key pair.
// GNUTLS_NOTICE("Setting certificate, file='" << _certFile << "'");
// GNUTLS_NOTICE("Setting private key, file='" << _keyFile << "'");
ret = gnutls_certificate_set_x509_key_file(cred_,
_certFile.c_str(),
_keyFile.c_str(),
GNUTLS_X509_FMT_PEM);
// printerror("gnutls_certificate_set_x509_key_file", ret);
// GNUTLS_NOTICE("Processed " << ret << " certificate/key pair(s).");
ret = gnutls_init(&session_, GNUTLS_CLIENT);
// printerror("gnutls_init", ret);
ret = gnutls_set_default_priority(session_);
// printerror("gnutls_set_default_priority", ret);
gnutls_dh_set_prime_bits(session_, gtlsGeneric::GNUTLSIF_DH_BITS);
const int cert_type_priority[2] = { GNUTLS_CRT_X509, 0 };
ret = gnutls_certificate_type_set_priority(session_,
cert_type_priority);
// printerror("gnutls_certificate_type_set_priority", ret);
ret = gnutls_credentials_set(session_,
GNUTLS_CRD_CERTIFICATE,
cred_);
// printerror("gnutls_credentials_set", ret);
}
static gnutls_session initialize_state(void)
{
gnutls_session session;
gnutls_init(&session, GNUTLS_SERVER);
gnutls_protocol_set_priority(session, protocol_priority);
gnutls_cipher_set_priority(session, cipher_priority);
gnutls_compression_set_priority(session, comp_priority);
gnutls_kx_set_priority(session, kx_priority);
gnutls_mac_set_priority(session, mac_priority);
gnutls_certificate_type_set_priority(session, cert_type_priority);
gnutls_cred_set(session, GNUTLS_CRD_CERTIFICATE, x509_cred);
return session;
}
gboolean
_lm_ssl_begin (LmSSL *ssl, gint fd, const gchar *server, GError **error)
{
int ret;
gboolean auth_ok = TRUE;
const int cert_type_priority[2] =
{ GNUTLS_CRT_X509, GNUTLS_CRT_OPENPGP };
gnutls_init (&ssl->gnutls_session, GNUTLS_CLIENT);
gnutls_set_default_priority (ssl->gnutls_session);
gnutls_certificate_type_set_priority (ssl->gnutls_session,
cert_type_priority);
gnutls_credentials_set (ssl->gnutls_session,
GNUTLS_CRD_CERTIFICATE,
ssl->gnutls_xcred);
gnutls_transport_set_ptr (ssl->gnutls_session,
(gnutls_transport_ptr) fd);
ret = gnutls_handshake (ssl->gnutls_session);
if (ret >= 0) {
auth_ok = ssl_verify_certificate (ssl, server);
}
if (ret < 0 || !auth_ok) {
char *errmsg;
gnutls_perror (ret);
if (!auth_ok) {
errmsg = "*** GNUTLS authentication error";
} else {
errmsg = "*** GNUTLS handshake failed";
}
g_set_error (error,
LM_ERROR, LM_ERROR_CONNECTION_OPEN,
errmsg);
return FALSE;
}
return TRUE;
}
static void
ssl_gnutls_connect(PurpleSslConnection *gsc)
{
PurpleSslGnutlsData *gnutls_data;
static const int cert_type_priority[2] = { GNUTLS_CRT_X509, 0 };
gnutls_data = g_new0(PurpleSslGnutlsData, 1);
gsc->private_data = gnutls_data;
gnutls_init(&gnutls_data->session, GNUTLS_CLIENT);
#ifdef HAVE_GNUTLS_PRIORITY_FUNCS
if (gnutls_priority_set_direct(gnutls_data->session,
"NORMAL:%SSL3_RECORD_VERSION", NULL))
gnutls_priority_set_direct(gnutls_data->session, "NORMAL", NULL);
#else
gnutls_set_default_priority(gnutls_data->session);
#endif
gnutls_certificate_type_set_priority(gnutls_data->session,
cert_type_priority);
gnutls_credentials_set(gnutls_data->session, GNUTLS_CRD_CERTIFICATE,
xcred);
gnutls_transport_set_ptr(gnutls_data->session, GINT_TO_POINTER(gsc->fd));
gnutls_data->handshake_handler = purple_input_add(gsc->fd,
PURPLE_INPUT_READ, ssl_gnutls_handshake_cb, gsc);
purple_debug_info("gnutls", "Starting handshake with %s\n", gsc->host);
/* Orborde asks: Why are we configuring a callback, then
immediately calling it?
Answer: gnutls_handshake (up in handshake_cb) needs to be called
once in order to get the ball rolling on the SSL connection.
Once it has done so, only then will the server reply, triggering
the callback.
Since the logic driving gnutls_handshake is the same with the first
and subsequent calls, we'll just fire the callback immediately to
accomplish this.
*/
ssl_gnutls_handshake_cb(gsc, gsc->fd, PURPLE_INPUT_READ);
}
static int tls_gnutls_init_session(struct tls_global *global,
struct tls_connection *conn)
{
const int cert_types[2] = { GNUTLS_CRT_X509, 0 };
const int protos[2] = { GNUTLS_TLS1, 0 };
int ret;
ret = gnutls_init(&conn->session,
global->server ? GNUTLS_SERVER : GNUTLS_CLIENT);
if (ret < 0) {
wpa_printf(MSG_INFO, "TLS: Failed to initialize new TLS "
"connection: %s", gnutls_strerror(ret));
return -1;
}
ret = gnutls_set_default_priority(conn->session);
if (ret < 0)
goto fail;
ret = gnutls_certificate_type_set_priority(conn->session, cert_types);
if (ret < 0)
goto fail;
ret = gnutls_protocol_set_priority(conn->session, protos);
if (ret < 0)
goto fail;
gnutls_transport_set_pull_function(conn->session, tls_pull_func);
gnutls_transport_set_push_function(conn->session, tls_push_func);
gnutls_transport_set_ptr(conn->session, (gnutls_transport_ptr) conn);
return 0;
fail:
wpa_printf(MSG_INFO, "TLS: Failed to setup new TLS connection: %s",
gnutls_strerror(ret));
gnutls_deinit(conn->session);
return -1;
}
tls_t *tls_new(xmpp_ctx_t *ctx, sock_t sock)
{
tls_t *tls = xmpp_alloc(ctx, sizeof(tls_t));
const int cert_type_priority[3] = { GNUTLS_CRT_X509,
GNUTLS_CRT_OPENPGP, 0 };
if (tls) {
tls->ctx = ctx;
tls->sock = sock;
gnutls_init(&tls->session, GNUTLS_CLIENT);
gnutls_certificate_allocate_credentials(&tls->cred);
gnutls_set_default_priority(tls->session);
gnutls_certificate_type_set_priority(tls->session, cert_type_priority);
/* fixme: this may require setting a callback on win32? */
gnutls_transport_set_ptr(tls->session,
(gnutls_transport_ptr_t)sock);
}
return tls;
}
gnutls_session
initialize_tls_session (int sd)
{
int ret;
gnutls_session session;
const int cert_type_priority[2] = { GNUTLS_CRT_X509,0};
gnutls_init (&session, GNUTLS_CLIENT);
gnutls_set_default_priority (session);
gnutls_certificate_type_set_priority (session, cert_type_priority);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
gnutls_transport_set_ptr (session, (gnutls_transport_ptr) GINT_TO_POINTER(sd));
ret = gnutls_handshake (session);
if (ret < 0)
{
close (sd);
gnutls_deinit (session);
fprintf (stderr, "*** Handshake failed\n");
gnutls_perror (ret);
return NULL;
}
verify_certificate(session);
return session;
}
static CURLcode
gtls_connect_step1(struct connectdata *conn,
int sockindex)
{
#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
#endif
struct SessionHandle *data = conn->data;
gnutls_session session;
int rc;
void *ssl_sessionid;
size_t ssl_idsize;
bool sni = TRUE; /* default is SNI enabled */
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
struct in_addr addr;
#endif
if(conn->ssl[sockindex].state == ssl_connection_complete)
/* to make us tolerant against being called more than once for the
same connection */
return CURLE_OK;
if(!gtls_inited)
Curl_gtls_init();
/* GnuTLS only supports SSLv3 and TLSv1 */
if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
sni = FALSE; /* SSLv3 has no SNI */
/* allocate a cred struct */
rc = gnutls_certificate_allocate_credentials(&conn->ssl[sockindex].cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_cert_all_cred() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
#ifdef USE_TLS_SRP
if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
rc = gnutls_srp_allocate_client_credentials(
&conn->ssl[sockindex].srp_client_cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
gnutls_strerror(rc));
return CURLE_OUT_OF_MEMORY;
}
rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].
srp_client_cred,
data->set.ssl.username,
data->set.ssl.password);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_srp_set_client_cred() failed: %s",
gnutls_strerror(rc));
return CURLE_BAD_FUNCTION_ARGUMENT;
}
}
#endif
if(data->set.ssl.CAfile) {
/* set the trusted CA cert bundle file */
gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
data->set.ssl.CAfile,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
data->set.ssl.CAfile, gnutls_strerror(rc));
if(data->set.ssl.verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
else
infof(data, "found %d certificates in %s\n",
rc, data->set.ssl.CAfile);
}
if(data->set.ssl.CRLfile) {
/* set the CRL list file */
rc = gnutls_certificate_set_x509_crl_file(conn->ssl[sockindex].cred,
data->set.ssl.CRLfile,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
failf(data, "error reading crl file %s (%s)",
data->set.ssl.CRLfile, gnutls_strerror(rc));
return CURLE_SSL_CRL_BADFILE;
}
else
infof(data, "found %d CRL in %s\n",
rc, data->set.ssl.CRLfile);
}
/* Initialize TLS session as a client */
rc = gnutls_init(&conn->ssl[sockindex].session, GNUTLS_CLIENT);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_init() failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
}
/* convenient assign */
session = conn->ssl[sockindex].session;
if((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
#ifdef ENABLE_IPV6
(0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
#endif
sni &&
(gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
strlen(conn->host.name)) < 0))
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
/* Use default priorities */
rc = gnutls_set_default_priority(session);
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) {
#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
static const int protocol_priority[] = { GNUTLS_SSL3, 0 };
rc = gnutls_protocol_set_priority(session, protocol_priority);
#else
const char *err;
/* the combination of the cipher ARCFOUR with SSL 3.0 and TLS 1.0 is not
vulnerable to attacks such as the BEAST, why this code now explicitly
asks for that
*/
rc = gnutls_priority_set_direct(session,
"NORMAL:-VERS-TLS-ALL:+VERS-SSL3.0:"
"-CIPHER-ALL:+ARCFOUR-128",
&err);
#endif
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
}
#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
/* Sets the priority on the certificate types supported by gnutls. Priority
is higher for types specified before others. After specifying the types
you want, you must append a 0. */
rc = gnutls_certificate_type_set_priority(session, cert_type_priority);
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
#endif
if(data->set.str[STRING_CERT]) {
if(gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
do_file_type(data->set.str[STRING_CERT_TYPE]) ) !=
GNUTLS_E_SUCCESS) {
failf(data, "error reading X.509 key or certificate file");
return CURLE_SSL_CONNECT_ERROR;
}
}
#ifdef USE_TLS_SRP
/* put the credentials to the current session */
if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
conn->ssl[sockindex].srp_client_cred);
if(rc != GNUTLS_E_SUCCESS)
failf(data, "gnutls_credentials_set() failed: %s", gnutls_strerror(rc));
}
else
#endif
rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
conn->ssl[sockindex].cred);
/* set the connection handle (file descriptor for the socket) */
gnutls_transport_set_ptr(session,
GNUTLS_INT_TO_POINTER_CAST(conn->sock[sockindex]));
/* register callback functions to send and receive data. */
gnutls_transport_set_push_function(session, Curl_gtls_push);
gnutls_transport_set_pull_function(session, Curl_gtls_pull);
/* lowat must be set to zero when using custom push and pull functions. */
gnutls_transport_set_lowat(session, 0);
/* This might be a reconnect, so we check for a session ID in the cache
to speed up things */
if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) {
/* we got a session id, use it! */
gnutls_session_set_data(session, ssl_sessionid, ssl_idsize);
/* Informational message */
infof (data, "SSL re-using session ID\n");
}
return CURLE_OK;
}
/* initializes a gnutls_session_t with some defaults.
*/
static gnutls_session_t
init_tls_session (const char *hostname)
{
const char *err;
gnutls_session_t session;
gnutls_init (&session, GNUTLS_CLIENT);
if (gnutls_priority_set_direct (session, info.priorities, &err) < 0)
{
fprintf (stderr, "Syntax error at: %s\n", err);
exit (1);
}
/* allow the use of private ciphersuites.
*/
if (disable_extensions == 0)
{
gnutls_handshake_set_private_extensions (session, 1);
gnutls_server_name_set (session, GNUTLS_NAME_DNS, hostname,
strlen (hostname));
if (cert_type_priority[0])
gnutls_certificate_type_set_priority (session, cert_type_priority);
}
if (cipher_priority[0])
gnutls_cipher_set_priority (session, cipher_priority);
if (comp_priority[0])
gnutls_compression_set_priority (session, comp_priority);
if (kx_priority[0])
gnutls_kx_set_priority (session, kx_priority);
if (protocol_priority[0])
gnutls_protocol_set_priority (session, protocol_priority);
if (mac_priority[0])
gnutls_mac_set_priority (session, mac_priority);
gnutls_dh_set_prime_bits (session, 512);
gnutls_credentials_set (session, GNUTLS_CRD_ANON, anon_cred);
if (srp_cred)
gnutls_credentials_set (session, GNUTLS_CRD_SRP, srp_cred);
if (psk_cred)
gnutls_credentials_set (session, GNUTLS_CRD_PSK, psk_cred);
gnutls_credentials_set (session, GNUTLS_CRD_CERTIFICATE, xcred);
gnutls_certificate_client_set_retrieve_function (xcred, cert_callback);
gnutls_certificate_set_verify_function (xcred, cert_verify_callback);
gnutls_certificate_set_verify_flags (xcred, 0);
/* send the fingerprint */
#ifdef ENABLE_OPENPGP
if (fingerprint != 0)
gnutls_openpgp_send_cert (session, GNUTLS_OPENPGP_CERT_FINGERPRINT);
#endif
/* use the max record size extension */
if (record_max_size > 0 && disable_extensions == 0)
{
if (gnutls_record_set_max_size (session, record_max_size) < 0)
{
fprintf (stderr,
"Cannot set the maximum record size to %d.\n",
record_max_size);
fprintf (stderr, "Possible values: 512, 1024, 2048, 4096.\n");
exit (1);
}
}
#ifdef ENABLE_OPRFI
if (info.opaque_prf_input)
gnutls_oprfi_enable_client (session, strlen (info.opaque_prf_input),
info.opaque_prf_input);
#endif
#ifdef ENABLE_SESSION_TICKET
if (!info.noticket)
gnutls_session_ticket_enable_client (session);
#endif
return session;
}
static CURLcode
gtls_connect_step1(struct connectdata *conn,
int sockindex)
{
struct SessionHandle *data = conn->data;
gnutls_session_t session;
int rc;
void *ssl_sessionid;
size_t ssl_idsize;
bool sni = TRUE; /* default is SNI enabled */
#ifdef ENABLE_IPV6
struct in6_addr addr;
#else
struct in_addr addr;
#endif
#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
static const int cipher_priority[] = {
/* These two ciphers were added to GnuTLS as late as ver. 3.0.1,
but this code path is only ever used for ver. < 2.12.0.
GNUTLS_CIPHER_AES_128_GCM,
GNUTLS_CIPHER_AES_256_GCM,
*/
GNUTLS_CIPHER_AES_128_CBC,
GNUTLS_CIPHER_AES_256_CBC,
GNUTLS_CIPHER_CAMELLIA_128_CBC,
GNUTLS_CIPHER_CAMELLIA_256_CBC,
GNUTLS_CIPHER_3DES_CBC,
};
static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
static int protocol_priority[] = { 0, 0, 0, 0 };
#else
#define GNUTLS_CIPHERS "NORMAL:-ARCFOUR-128:-CTYPE-ALL:+CTYPE-X509"
/* If GnuTLS was compiled without support for SRP it will error out if SRP is
requested in the priority string, so treat it specially
*/
#define GNUTLS_SRP "+SRP"
const char* prioritylist;
const char *err = NULL;
#endif
if(conn->ssl[sockindex].state == ssl_connection_complete)
/* to make us tolerant against being called more than once for the
same connection */
return CURLE_OK;
if(!gtls_inited)
Curl_gtls_init();
/* GnuTLS only supports SSLv3 and TLSv1 */
if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3)
sni = FALSE; /* SSLv3 has no SNI */
/* allocate a cred struct */
rc = gnutls_certificate_allocate_credentials(&conn->ssl[sockindex].cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_cert_all_cred() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
#ifdef USE_TLS_SRP
if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
infof(data, "Using TLS-SRP username: %s\n", data->set.ssl.username);
rc = gnutls_srp_allocate_client_credentials(
&conn->ssl[sockindex].srp_client_cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_srp_allocate_client_cred() failed: %s",
gnutls_strerror(rc));
return CURLE_OUT_OF_MEMORY;
}
rc = gnutls_srp_set_client_credentials(conn->ssl[sockindex].
srp_client_cred,
data->set.ssl.username,
data->set.ssl.password);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_srp_set_client_cred() failed: %s",
gnutls_strerror(rc));
return CURLE_BAD_FUNCTION_ARGUMENT;
}
}
#endif
if(data->set.ssl.CAfile) {
/* set the trusted CA cert bundle file */
gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
data->set.ssl.CAfile,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
data->set.ssl.CAfile, gnutls_strerror(rc));
if(data->set.ssl.verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
else
infof(data, "found %d certificates in %s\n",
rc, data->set.ssl.CAfile);
}
#ifdef HAS_CAPATH
if(data->set.ssl.CApath) {
/* set the trusted CA cert directory */
rc = gnutls_certificate_set_x509_trust_dir(conn->ssl[sockindex].cred,
data->set.ssl.CApath,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
data->set.ssl.CAfile, gnutls_strerror(rc));
if(data->set.ssl.verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
else
infof(data, "found %d certificates in %s\n",
rc, data->set.ssl.CApath);
}
#endif
#ifdef CURL_CA_FALLBACK
/* use system ca certificate store as fallback */
if(data->set.ssl.verifypeer &&
!(data->set.ssl.CAfile || data->set.ssl.CApath)) {
gnutls_certificate_set_x509_system_trust(conn->ssl[sockindex].cred);
}
#endif
if(data->set.ssl.CRLfile) {
/* set the CRL list file */
rc = gnutls_certificate_set_x509_crl_file(conn->ssl[sockindex].cred,
data->set.ssl.CRLfile,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
failf(data, "error reading crl file %s (%s)",
data->set.ssl.CRLfile, gnutls_strerror(rc));
return CURLE_SSL_CRL_BADFILE;
}
else
infof(data, "found %d CRL in %s\n",
rc, data->set.ssl.CRLfile);
}
/* Initialize TLS session as a client */
rc = gnutls_init(&conn->ssl[sockindex].session, GNUTLS_CLIENT);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_init() failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
}
/* convenient assign */
session = conn->ssl[sockindex].session;
if((0 == Curl_inet_pton(AF_INET, conn->host.name, &addr)) &&
#ifdef ENABLE_IPV6
(0 == Curl_inet_pton(AF_INET6, conn->host.name, &addr)) &&
#endif
sni &&
(gnutls_server_name_set(session, GNUTLS_NAME_DNS, conn->host.name,
strlen(conn->host.name)) < 0))
infof(data, "WARNING: failed to configure server name indication (SNI) "
"TLS extension\n");
/* Use default priorities */
rc = gnutls_set_default_priority(session);
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
#ifndef USE_GNUTLS_PRIORITY_SET_DIRECT
rc = gnutls_cipher_set_priority(session, cipher_priority);
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
/* Sets the priority on the certificate types supported by gnutls. Priority
is higher for types specified before others. After specifying the types
you want, you must append a 0. */
rc = gnutls_certificate_type_set_priority(session, cert_type_priority);
if(rc != GNUTLS_E_SUCCESS)
return CURLE_SSL_CONNECT_ERROR;
if(data->set.ssl.cipher_list != NULL) {
failf(data, "can't pass a custom cipher list to older GnuTLS"
" versions");
return CURLE_SSL_CONNECT_ERROR;
}
switch (data->set.ssl.version) {
case CURL_SSLVERSION_SSLv3:
protocol_priority[0] = GNUTLS_SSL3;
break;
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
protocol_priority[0] = GNUTLS_TLS1_0;
protocol_priority[1] = GNUTLS_TLS1_1;
protocol_priority[2] = GNUTLS_TLS1_2;
break;
case CURL_SSLVERSION_TLSv1_0:
protocol_priority[0] = GNUTLS_TLS1_0;
break;
case CURL_SSLVERSION_TLSv1_1:
protocol_priority[0] = GNUTLS_TLS1_1;
break;
case CURL_SSLVERSION_TLSv1_2:
protocol_priority[0] = GNUTLS_TLS1_2;
break;
case CURL_SSLVERSION_SSLv2:
default:
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
break;
}
rc = gnutls_protocol_set_priority(session, protocol_priority);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "Did you pass a valid GnuTLS cipher list?");
return CURLE_SSL_CONNECT_ERROR;
}
#else
/* Ensure +SRP comes at the *end* of all relevant strings so that it can be
* removed if a run-time error indicates that SRP is not supported by this
* GnuTLS version */
switch (data->set.ssl.version) {
case CURL_SSLVERSION_SSLv3:
prioritylist = GNUTLS_CIPHERS ":-VERS-TLS-ALL:+VERS-SSL3.0";
sni = false;
break;
case CURL_SSLVERSION_DEFAULT:
case CURL_SSLVERSION_TLSv1:
prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:" GNUTLS_SRP;
break;
case CURL_SSLVERSION_TLSv1_0:
prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
"+VERS-TLS1.0:" GNUTLS_SRP;
break;
case CURL_SSLVERSION_TLSv1_1:
prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
"+VERS-TLS1.1:" GNUTLS_SRP;
break;
case CURL_SSLVERSION_TLSv1_2:
prioritylist = GNUTLS_CIPHERS ":-VERS-SSL3.0:-VERS-TLS-ALL:"
"+VERS-TLS1.2:" GNUTLS_SRP;
break;
case CURL_SSLVERSION_SSLv2:
default:
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
break;
}
rc = gnutls_priority_set_direct(session, prioritylist, &err);
if((rc == GNUTLS_E_INVALID_REQUEST) && err) {
if(!strcmp(err, GNUTLS_SRP)) {
/* This GnuTLS was probably compiled without support for SRP.
* Note that fact and try again without it. */
int validprioritylen = curlx_uztosi(err - prioritylist);
char *prioritycopy = strdup(prioritylist);
if(!prioritycopy)
return CURLE_OUT_OF_MEMORY;
infof(data, "This GnuTLS does not support SRP\n");
if(validprioritylen)
/* Remove the :+SRP */
prioritycopy[validprioritylen - 1] = 0;
rc = gnutls_priority_set_direct(session, prioritycopy, &err);
free(prioritycopy);
}
}
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "Error %d setting GnuTLS cipher list starting with %s",
rc, err);
return CURLE_SSL_CONNECT_ERROR;
}
#endif
#ifdef HAS_ALPN
if(data->set.ssl_enable_alpn) {
int cur = 0;
gnutls_datum_t protocols[2];
#ifdef USE_NGHTTP2
if(data->set.httpversion >= CURL_HTTP_VERSION_2) {
protocols[cur].data = (unsigned char *)NGHTTP2_PROTO_VERSION_ID;
protocols[cur].size = NGHTTP2_PROTO_VERSION_ID_LEN;
cur++;
infof(data, "ALPN, offering %s\n", NGHTTP2_PROTO_VERSION_ID);
}
#endif
protocols[cur].data = (unsigned char *)ALPN_HTTP_1_1;
protocols[cur].size = ALPN_HTTP_1_1_LENGTH;
cur++;
infof(data, "ALPN, offering %s\n", ALPN_HTTP_1_1);
gnutls_alpn_set_protocols(session, protocols, cur, 0);
}
#endif
if(data->set.str[STRING_CERT]) {
if(data->set.str[STRING_KEY_PASSWD]) {
#if HAVE_GNUTLS_CERTIFICATE_SET_X509_KEY_FILE2
const unsigned int supported_key_encryption_algorithms =
GNUTLS_PKCS_USE_PKCS12_3DES | GNUTLS_PKCS_USE_PKCS12_ARCFOUR |
GNUTLS_PKCS_USE_PKCS12_RC2_40 | GNUTLS_PKCS_USE_PBES2_3DES |
GNUTLS_PKCS_USE_PBES2_AES_128 | GNUTLS_PKCS_USE_PBES2_AES_192 |
GNUTLS_PKCS_USE_PBES2_AES_256;
rc = gnutls_certificate_set_x509_key_file2(
conn->ssl[sockindex].cred,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
do_file_type(data->set.str[STRING_CERT_TYPE]),
data->set.str[STRING_KEY_PASSWD],
supported_key_encryption_algorithms);
if(rc != GNUTLS_E_SUCCESS) {
failf(data,
"error reading X.509 potentially-encrypted key file: %s",
gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
#else
failf(data, "gnutls lacks support for encrypted key files");
return CURLE_SSL_CONNECT_ERROR;
#endif
}
else {
rc = gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred,
data->set.str[STRING_CERT],
data->set.str[STRING_KEY] ?
data->set.str[STRING_KEY] : data->set.str[STRING_CERT],
do_file_type(data->set.str[STRING_CERT_TYPE]) );
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "error reading X.509 key or certificate file: %s",
gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
}
}
#ifdef USE_TLS_SRP
/* put the credentials to the current session */
if(data->set.ssl.authtype == CURL_TLSAUTH_SRP) {
rc = gnutls_credentials_set(session, GNUTLS_CRD_SRP,
conn->ssl[sockindex].srp_client_cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_credentials_set() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
}
else
#endif
{
rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
conn->ssl[sockindex].cred);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_credentials_set() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
}
/* set the connection handle (file descriptor for the socket) */
gnutls_transport_set_ptr(session,
GNUTLS_INT_TO_POINTER_CAST(conn->sock[sockindex]));
/* register callback functions to send and receive data. */
gnutls_transport_set_push_function(session, Curl_gtls_push);
gnutls_transport_set_pull_function(session, Curl_gtls_pull);
/* lowat must be set to zero when using custom push and pull functions. */
gnutls_transport_set_lowat(session, 0);
#ifdef HAS_OCSP
if(data->set.ssl.verifystatus) {
rc = gnutls_ocsp_status_request_enable_client(session, NULL, 0, NULL);
if(rc != GNUTLS_E_SUCCESS) {
failf(data, "gnutls_ocsp_status_request_enable_client() failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
}
}
#endif
/* This might be a reconnect, so we check for a session ID in the cache
to speed up things */
if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) {
/* we got a session id, use it! */
gnutls_session_set_data(session, ssl_sessionid, ssl_idsize);
/* Informational message */
infof (data, "SSL re-using session ID\n");
}
return CURLE_OK;
}
int vnc_tls_client_setup(struct VncState *vs,
int needX509Creds) {
static const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
static const int protocol_priority[]= { GNUTLS_TLS1_1, GNUTLS_TLS1_0, GNUTLS_SSL3, 0 };
static const int kx_anon[] = {GNUTLS_KX_ANON_DH, 0};
static const int kx_x509[] = {GNUTLS_KX_DHE_DSS, GNUTLS_KX_RSA, GNUTLS_KX_DHE_RSA, GNUTLS_KX_SRP, 0};
VNC_DEBUG("Do TLS setup\n");
if (vnc_tls_initialize() < 0) {
VNC_DEBUG("Failed to init TLS\n");
vnc_client_error(vs);
return -1;
}
if (vs->tls.session == NULL) {
if (gnutls_init(&vs->tls.session, GNUTLS_SERVER) < 0) {
vnc_client_error(vs);
return -1;
}
if (gnutls_set_default_priority(vs->tls.session) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (gnutls_kx_set_priority(vs->tls.session, needX509Creds ? kx_x509 : kx_anon) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (gnutls_certificate_type_set_priority(vs->tls.session, cert_type_priority) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (gnutls_protocol_set_priority(vs->tls.session, protocol_priority) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (needX509Creds) {
gnutls_certificate_server_credentials x509_cred = vnc_tls_initialize_x509_cred(vs->vd);
if (!x509_cred) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (gnutls_credentials_set(vs->tls.session, GNUTLS_CRD_CERTIFICATE, x509_cred) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
gnutls_certificate_free_credentials(x509_cred);
vnc_client_error(vs);
return -1;
}
if (vs->vd->tls.x509verify) {
VNC_DEBUG("Requesting a client certificate\n");
gnutls_certificate_server_set_request (vs->tls.session, GNUTLS_CERT_REQUEST);
}
} else {
gnutls_anon_server_credentials anon_cred = vnc_tls_initialize_anon_cred();
if (!anon_cred) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
vnc_client_error(vs);
return -1;
}
if (gnutls_credentials_set(vs->tls.session, GNUTLS_CRD_ANON, anon_cred) < 0) {
gnutls_deinit(vs->tls.session);
vs->tls.session = NULL;
gnutls_anon_free_server_credentials(anon_cred);
vnc_client_error(vs);
return -1;
}
}
gnutls_transport_set_ptr(vs->tls.session, (gnutls_transport_ptr_t)vs);
gnutls_transport_set_push_function(vs->tls.session, vnc_tls_push);
gnutls_transport_set_pull_function(vs->tls.session, vnc_tls_pull);
}
return 0;
}
/*
* This function is called after the TCP connect has completed. Setup the TLS
* layer and do all necessary magic.
*/
CURLcode
Curl_gtls_connect(struct connectdata *conn,
int sockindex)
{
const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
struct SessionHandle *data = conn->data;
gnutls_session session;
int rc;
unsigned int cert_list_size;
const gnutls_datum *chainp;
unsigned int verify_status;
gnutls_x509_crt x509_cert;
char certbuf[256]; /* big enough? */
size_t size;
unsigned int algo;
unsigned int bits;
time_t clock;
const char *ptr;
void *ssl_sessionid;
size_t ssl_idsize;
/* GnuTLS only supports TLSv1 (and SSLv3?) */
if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) {
failf(data, "GnuTLS does not support SSLv2");
return CURLE_SSL_CONNECT_ERROR;
}
/* allocate a cred struct */
rc = gnutls_certificate_allocate_credentials(&conn->ssl[sockindex].cred);
if(rc < 0) {
failf(data, "gnutls_cert_all_cred() failed: %s", gnutls_strerror(rc));
return CURLE_SSL_CONNECT_ERROR;
}
if(data->set.ssl.CAfile) {
/* set the trusted CA cert bundle file */
gnutls_certificate_set_verify_flags(conn->ssl[sockindex].cred,
GNUTLS_VERIFY_ALLOW_X509_V1_CA_CRT);
rc = gnutls_certificate_set_x509_trust_file(conn->ssl[sockindex].cred,
data->set.ssl.CAfile,
GNUTLS_X509_FMT_PEM);
if(rc < 0) {
infof(data, "error reading ca cert file %s (%s)\n",
data->set.ssl.CAfile, gnutls_strerror(rc));
if (data->set.ssl.verifypeer)
return CURLE_SSL_CACERT_BADFILE;
}
else
infof(data, "found %d certificates in %s\n",
rc, data->set.ssl.CAfile);
}
/* Initialize TLS session as a client */
rc = gnutls_init(&conn->ssl[sockindex].session, GNUTLS_CLIENT);
if(rc) {
failf(data, "gnutls_init() failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
}
/* convenient assign */
session = conn->ssl[sockindex].session;
/* Use default priorities */
rc = gnutls_set_default_priority(session);
if(rc < 0)
return CURLE_SSL_CONNECT_ERROR;
/* Sets the priority on the certificate types supported by gnutls. Priority
is higher for types specified before others. After specifying the types
you want, you must append a 0. */
rc = gnutls_certificate_type_set_priority(session, cert_type_priority);
if(rc < 0)
return CURLE_SSL_CONNECT_ERROR;
if(data->set.cert) {
if( gnutls_certificate_set_x509_key_file(
conn->ssl[sockindex].cred, data->set.cert,
data->set.key != 0 ? data->set.key : data->set.cert,
do_file_type(data->set.cert_type) ) ) {
failf(data, "error reading X.509 key or certificate file");
return CURLE_SSL_CONNECT_ERROR;
}
}
/* put the credentials to the current session */
rc = gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE,
conn->ssl[sockindex].cred);
/* set the connection handle (file descriptor for the socket) */
gnutls_transport_set_ptr(session,
(gnutls_transport_ptr)conn->sock[sockindex]);
/* register callback functions to send and receive data. */
gnutls_transport_set_push_function(session, Curl_gtls_push);
gnutls_transport_set_pull_function(session, Curl_gtls_pull);
/* lowat must be set to zero when using custom push and pull functions. */
gnutls_transport_set_lowat(session, 0);
/* This might be a reconnect, so we check for a session ID in the cache
to speed up things */
if(!Curl_ssl_getsessionid(conn, &ssl_sessionid, &ssl_idsize)) {
/* we got a session id, use it! */
gnutls_session_set_data(session, ssl_sessionid, ssl_idsize);
/* Informational message */
infof (data, "SSL re-using session ID\n");
}
rc = handshake(conn, session, sockindex, TRUE);
if(rc)
/* handshake() sets its own error message with failf() */
return rc;
/* This function will return the peer's raw certificate (chain) as sent by
the peer. These certificates are in raw format (DER encoded for
X.509). In case of a X.509 then a certificate list may be present. The
first certificate in the list is the peer's certificate, following the
issuer's certificate, then the issuer's issuer etc. */
chainp = gnutls_certificate_get_peers(session, &cert_list_size);
if(!chainp) {
if(data->set.ssl.verifyhost) {
failf(data, "failed to get server cert");
return CURLE_SSL_PEER_CERTIFICATE;
}
infof(data, "\t common name: WARNING couldn't obtain\n");
}
/* This function will try to verify the peer's certificate and return its
status (trusted, invalid etc.). The value of status should be one or more
of the gnutls_certificate_status_t enumerated elements bitwise or'd. To
avoid denial of service attacks some default upper limits regarding the
certificate key size and chain size are set. To override them use
gnutls_certificate_set_verify_limits(). */
rc = gnutls_certificate_verify_peers2(session, &verify_status);
if (rc < 0) {
failf(data, "server cert verify failed: %d", rc);
return CURLE_SSL_CONNECT_ERROR;
}
/* verify_status is a bitmask of gnutls_certificate_status bits */
if(verify_status & GNUTLS_CERT_INVALID) {
if (data->set.ssl.verifypeer) {
failf(data, "server certificate verification failed. CAfile: %s",
data->set.ssl.CAfile?data->set.ssl.CAfile:"none");
return CURLE_SSL_CACERT;
}
else
infof(data, "\t server certificate verification FAILED\n");
}
else
infof(data, "\t server certificate verification OK\n");
/* initialize an X.509 certificate structure. */
gnutls_x509_crt_init(&x509_cert);
/* convert the given DER or PEM encoded Certificate to the native
gnutls_x509_crt_t format */
gnutls_x509_crt_import(x509_cert, chainp, GNUTLS_X509_FMT_DER);
size=sizeof(certbuf);
rc = gnutls_x509_crt_get_dn_by_oid(x509_cert, GNUTLS_OID_X520_COMMON_NAME,
0, /* the first and only one */
FALSE,
certbuf,
&size);
if(rc) {
infof(data, "error fetching CN from cert:%s\n",
gnutls_strerror(rc));
}
/* This function will check if the given certificate's subject matches the
given hostname. This is a basic implementation of the matching described
in RFC2818 (HTTPS), which takes into account wildcards, and the subject
alternative name PKIX extension. Returns non zero on success, and zero on
failure. */
rc = gnutls_x509_crt_check_hostname(x509_cert, conn->host.name);
if(!rc) {
if (data->set.ssl.verifyhost > 1) {
failf(data, "SSL: certificate subject name (%s) does not match "
"target host name '%s'", certbuf, conn->host.dispname);
gnutls_x509_crt_deinit(x509_cert);
return CURLE_SSL_PEER_CERTIFICATE;
}
else
infof(data, "\t common name: %s (does not match '%s')\n",
certbuf, conn->host.dispname);
}
else
infof(data, "\t common name: %s (matched)\n", certbuf);
/* Show:
- ciphers used
- subject
- start date
- expire date
- common name
- issuer
*/
/* public key algorithm's parameters */
algo = gnutls_x509_crt_get_pk_algorithm(x509_cert, &bits);
infof(data, "\t certificate public key: %s\n",
gnutls_pk_algorithm_get_name(algo));
/* version of the X.509 certificate. */
infof(data, "\t certificate version: #%d\n",
gnutls_x509_crt_get_version(x509_cert));
size = sizeof(certbuf);
gnutls_x509_crt_get_dn(x509_cert, certbuf, &size);
infof(data, "\t subject: %s\n", certbuf);
clock = gnutls_x509_crt_get_activation_time(x509_cert);
showtime(data, "start date", clock);
clock = gnutls_x509_crt_get_expiration_time(x509_cert);
showtime(data, "expire date", clock);
size = sizeof(certbuf);
gnutls_x509_crt_get_issuer_dn(x509_cert, certbuf, &size);
infof(data, "\t issuer: %s\n", certbuf);
gnutls_x509_crt_deinit(x509_cert);
/* compression algorithm (if any) */
ptr = gnutls_compression_get_name(gnutls_compression_get(session));
/* the *_get_name() says "NULL" if GNUTLS_COMP_NULL is returned */
infof(data, "\t compression: %s\n", ptr);
/* the name of the cipher used. ie 3DES. */
ptr = gnutls_cipher_get_name(gnutls_cipher_get(session));
infof(data, "\t cipher: %s\n", ptr);
/* the MAC algorithms name. ie SHA1 */
ptr = gnutls_mac_get_name(gnutls_mac_get(session));
infof(data, "\t MAC: %s\n", ptr);
if(!ssl_sessionid) {
/* this session was not previously in the cache, add it now */
/* get the session ID data size */
gnutls_session_get_data(session, NULL, &ssl_idsize);
ssl_sessionid = malloc(ssl_idsize); /* get a buffer for it */
if(ssl_sessionid) {
/* extract session ID to the allocated buffer */
gnutls_session_get_data(session, ssl_sessionid, &ssl_idsize);
/* store this session id */
return Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_idsize);
}
}
return CURLE_OK;
}
int main(void)
{
int ret, sd, ii;
gnutls_session_t session;
char buffer[MAX_BUF + 1];
gnutls_certificate_credentials_t xcred;
// Allow connections to servers that have X509
const int cert_type_priority[] = { GNUTLS_CRT_X509, 0 };
gnutls_global_init();
gnutls_global_set_log_function(tls_log_func);
gnutls_global_set_log_level(2);
// X509 stuff
gnutls_certificate_allocate_credentials(&xcred);
// sets the trusted cas file
// gnutls_certificate_set_x509_trust_file(xcred, CAFILE,
// GNUTLS_X509_FMT_PEM);
// Initialize TLS session
gnutls_init(&session, GNUTLS_CLIENT);
// Use default priorities
gnutls_set_default_priority(session);
gnutls_certificate_type_set_priority(session, cert_type_priority);
// put the x509 credentials to the current session
gnutls_credentials_set(session, GNUTLS_CRD_CERTIFICATE, xcred);
// connect to the peer
sd = tcp_connect();
// pass the socket descriptor in non blocking
tcp_nonblock(sd);
// set all the custom read/write function
gnutls_transport_set_ptr(session, (gnutls_transport_ptr_t) sd);
gnutls_transport_set_pull_function(session, tcp_read);
gnutls_transport_set_push_function(session, tcp_write);
// Perform the TLS handshake - until completed or error
do {
ret = gnutls_handshake(session);
if(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
usleep(1000 * 10);
}
while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if(ret < 0) {
fprintf(stderr, "*** Handshake failed\n");
goto end;
} else {
printf("- Handshake was completed\n");
}
// log to debug
print_info(session);
ssize_t written_len;
written_len = gnutls_record_send(session, MSG, strlen(MSG));
printf("written_len=%d\n", written_len);
do{
ret = gnutls_record_recv(session, buffer, MAX_BUF);
if(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED)
usleep(1000 * 10);
}while(ret == GNUTLS_E_AGAIN || ret == GNUTLS_E_INTERRUPTED);
if(ret == 0) {
printf("- Peer has closed the TLS connection\n");
goto end;
} else if(ret < 0) {
fprintf(stderr, "*** Error: %s\n", gnutls_strerror(ret));
goto end;
}
printf("- Received %d bytes: ", ret);
for(ii = 0; ii < ret; ii++) {
fputc(buffer[ii], stdout);
}
fputs("\n", stdout);
gnutls_bye(session, GNUTLS_SHUT_RDWR);
end:
tcp_close(sd);
gnutls_deinit(session);
gnutls_certificate_free_credentials(xcred);
gnutls_global_deinit();
return 0;
}
TLSSession_GnuTLS::TLSSession_GnuTLS(shared_ptr <security::cert::certificateVerifier> cv, shared_ptr <TLSProperties> props)
: m_certVerifier(cv), m_props(props)
{
int res;
m_gnutlsSession = new gnutls_session;
if (gnutls_init(m_gnutlsSession, GNUTLS_CLIENT) != 0)
throw std::bad_alloc();
// Sets some default priority on the ciphers, key exchange methods,
// macs and compression methods.
#ifdef VMIME_HAVE_GNUTLS_PRIORITY_FUNCS
gnutls_dh_set_prime_bits(*m_gnutlsSession, 128);
if ((res = gnutls_priority_set_direct
(*m_gnutlsSession, m_props->getCipherSuite().c_str(), NULL)) != 0)
{
throwTLSException("gnutls_priority_set_direct", res);
}
#else // !VMIME_HAVE_GNUTLS_PRIORITY_FUNCS
gnutls_set_default_priority(*m_gnutlsSession);
// Sets the priority on the certificate types supported by gnutls.
// Priority is higher for types specified before others. After
// specifying the types you want, you must append a 0.
const int certTypePriority[] = { GNUTLS_CRT_X509, 0 };
res = gnutls_certificate_type_set_priority
(*m_gnutlsSession, certTypePriority);
if (res < 0)
{
throwTLSException
("gnutls_certificate_type_set_priority", res);
}
// Sets the priority on the protocol types
const int protoPriority[] = { GNUTLS_TLS1, GNUTLS_SSL3, 0 };
res = gnutls_protocol_set_priority(*m_gnutlsSession, protoPriority);
if (res < 0)
{
throwTLSException
("gnutls_certificate_type_set_priority", res);
}
// Priority on the ciphers
const int cipherPriority[] =
{
GNUTLS_CIPHER_ARCFOUR_128,
GNUTLS_CIPHER_3DES_CBC,
GNUTLS_CIPHER_AES_128_CBC,
GNUTLS_CIPHER_AES_256_CBC,
GNUTLS_CIPHER_ARCFOUR_40,
GNUTLS_CIPHER_RC2_40_CBC,
GNUTLS_CIPHER_DES_CBC,
0
};
gnutls_cipher_set_priority(*m_gnutlsSession, cipherPriority);
// Priority on MACs
const int macPriority[] = { GNUTLS_MAC_SHA, GNUTLS_MAC_MD5, 0};
gnutls_mac_set_priority(*m_gnutlsSession, macPriority);
// Priority on key exchange methods
const int kxPriority[] =
{
GNUTLS_KX_RSA,
GNUTLS_KX_DHE_DSS,
GNUTLS_KX_DHE_RSA,
GNUTLS_KX_ANON_DH,
GNUTLS_KX_SRP,
GNUTLS_KX_RSA_EXPORT,
GNUTLS_KX_SRP_RSA,
GNUTLS_KX_SRP_DSS,
0
};
gnutls_kx_set_priority(*m_gnutlsSession, kxPriority);
// Priority on compression methods
const int compressionPriority[] =
{
GNUTLS_COMP_ZLIB,
//GNUTLS_COMP_LZO,
GNUTLS_COMP_NULL,
0
};
gnutls_compression_set_priority(*m_gnutlsSession, compressionPriority);
#endif // !VMIME_HAVE_GNUTLS_PRIORITY_FUNCS
// Initialize credentials
gnutls_credentials_set(*m_gnutlsSession,
GNUTLS_CRD_ANON, g_gnutlsGlobal.anonCred);
gnutls_credentials_set(*m_gnutlsSession,
GNUTLS_CRD_CERTIFICATE, g_gnutlsGlobal.certCred);
}
