int global_init(void)
{
if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN
| OPENSSL_INIT_LOAD_CONFIG, NULL))
return 0;
return 1;
}
SSL_SESSION *SSL_SESSION_new(void)
{
SSL_SESSION *ss;
if (!OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL))
return NULL;
ss = OPENSSL_zalloc(sizeof(*ss));
if (ss == NULL) {
SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
return NULL;
}
ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
ss->references = 1;
ss->timeout = 60 * 5 + 4; /* 5 minute timeout by default */
ss->time = (unsigned long)time(NULL);
ss->lock = CRYPTO_THREAD_lock_new();
if (ss->lock == NULL) {
SSLerr(SSL_F_SSL_SESSION_NEW, ERR_R_MALLOC_FAILURE);
OPENSSL_free(ss);
return NULL;
}
if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->ex_data)) {
CRYPTO_THREAD_lock_free(ss->lock);
OPENSSL_free(ss);
return NULL;
}
return ss;
}
CSSLInitializer::CSSLInitializer()
{
#if OPENSSL_VERSION_NUMBER < OPENSSL_VERSION_1_1_0
sm_iLockNum = CRYPTO_num_locks();
if(sm_iLockNum > 0)
sm_pcsLocks = new CSimpleRWLock[sm_iLockNum];
/*
#ifdef _DEBUG
CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
#endif
*/
CRYPTO_set_locking_callback (&ssl_lock_callback);
CRYPTO_set_dynlock_create_callback (&ssl_lock_dyn_create_callback);
CRYPTO_set_dynlock_destroy_callback (&ssl_lock_dyn_destroy_callback);
CRYPTO_set_dynlock_lock_callback (&ssl_lock_dyn_callback);
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
#else
OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, nullptr);
#endif
}
/*
* Initialize TLS subsystem. Should be called only once.
*/
static int
tlso_init( void )
{
struct ldapoptions *lo = LDAP_INT_GLOBAL_OPT();
#ifdef HAVE_EBCDIC
{
char *file = LDAP_STRDUP( lo->ldo_tls_randfile );
if ( file ) __atoe( file );
(void) tlso_seed_PRNG( file );
LDAP_FREE( file );
}
#else
(void) tlso_seed_PRNG( lo->ldo_tls_randfile );
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_digests();
#else
OPENSSL_init_ssl(0, NULL);
#endif
/* FIXME: mod_ssl does this */
X509V3_add_standard_extensions();
return 0;
}
gboolean irssi_ssl_init(void)
{
int success;
#if (OPENSSL_VERSION_NUMBER >= 0x10100000L) && !defined(LIBRESSL_VERSION_NUMBER)
if (!OPENSSL_init_ssl(OPENSSL_INIT_SSL_DEFAULT, NULL)) {
g_error("Could not initialize OpenSSL");
return FALSE;
}
#else
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
#endif
store = X509_STORE_new();
if (store == NULL) {
g_error("Could not initialize OpenSSL: X509_STORE_new() failed");
return FALSE;
}
success = X509_STORE_set_default_paths(store);
if (success == 0) {
g_warning("Could not load default certificates");
X509_STORE_free(store);
store = NULL;
/* Don't return an error; the user might have their own cafile/capath. */
}
ssl_inited = TRUE;
return TRUE;
}
static BOOL CALLBACK _winpr_openssl_initialize(PINIT_ONCE once, PVOID param, PVOID* context)
{
DWORD flags = param ? *(PDWORD)param : WINPR_SSL_INIT_DEFAULT;
if (flags & WINPR_SSL_INIT_ALREADY_INITIALIZED)
{
return TRUE;
}
#ifdef WINPR_OPENSSL_LOCKING_REQUIRED
if (flags & WINPR_SSL_INIT_ENABLE_LOCKING)
{
if (!_winpr_openssl_initialize_locking())
{
return FALSE;
}
}
#endif
/* SSL_load_error_strings() is void */
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
SSL_load_error_strings();
/* SSL_library_init() always returns "1" */
SSL_library_init();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
#else
if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL) != 1)
return FALSE;
#endif
g_winpr_openssl_initialized_by_winpr = TRUE;
if (flags & WINPR_SSL_INIT_ENABLE_FIPS)
{
#if (OPENSSL_VERSION_NUMBER < 0x10001000L)
WLog_ERR(TAG, "Openssl fips mode ENable not available on openssl versions less than 1.0.1!");
#else
WLog_DBG(TAG, "Ensuring openssl fips mode is ENabled");
if (FIPS_mode() != 1)
{
if (FIPS_mode_set(1))
WLog_INFO(TAG, "Openssl fips mode ENabled!");
else
WLog_ERR(TAG, "Openssl fips mode ENable failed!");
}
#endif
}
return TRUE;
}
int git_openssl_stream_global_init(void)
{
#ifdef GIT_OPENSSL
long ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
const char *ciphers = git_libgit2__ssl_ciphers();
/* Older OpenSSL and MacOS OpenSSL doesn't have this */
#ifdef SSL_OP_NO_COMPRESSION
ssl_opts |= SSL_OP_NO_COMPRESSION;
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
(defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x20700000L)
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
#else
OPENSSL_init_ssl(0, NULL);
#endif
/*
* Load SSLv{2,3} and TLSv1 so that we can talk with servers
* which use the SSL hellos, which are often used for
* compatibility. We then disable SSL so we only allow OpenSSL
* to speak TLSv1 to perform the encryption itself.
*/
git__ssl_ctx = SSL_CTX_new(SSLv23_method());
SSL_CTX_set_options(git__ssl_ctx, ssl_opts);
SSL_CTX_set_mode(git__ssl_ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_verify(git__ssl_ctx, SSL_VERIFY_NONE, NULL);
if (!SSL_CTX_set_default_verify_paths(git__ssl_ctx)) {
SSL_CTX_free(git__ssl_ctx);
git__ssl_ctx = NULL;
return -1;
}
if (!ciphers) {
ciphers = GIT_SSL_DEFAULT_CIPHERS;
}
if(!SSL_CTX_set_cipher_list(git__ssl_ctx, ciphers)) {
SSL_CTX_free(git__ssl_ctx);
git__ssl_ctx = NULL;
return -1;
}
if (init_bio_method() < 0) {
SSL_CTX_free(git__ssl_ctx);
git__ssl_ctx = NULL;
return -1;
}
#endif
git__on_shutdown(shutdown_ssl);
return 0;
}
void tls_initialize(void)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
SSL_load_error_strings();
#else
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
#endif
}
/*
Initializes SSL and allocate global
context SSL_context
SYNOPSIS
my_ssl_start
mysql connection handle
RETURN VALUES
0 success
1 error
*/
int ma_tls_start(char *errmsg, size_t errmsg_len)
{
int rc= 1;
if (ma_tls_initialized)
return 0;
/* lock mutex to prevent multiple initialization */
pthread_mutex_init(&LOCK_openssl_config,MY_MUTEX_INIT_FAST);
pthread_mutex_lock(&LOCK_openssl_config);
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
if (ssl_thread_init())
{
strncpy(errmsg, "Not enough memory", errmsg_len);
goto end;
}
SSL_library_init();
#if SSLEAY_VERSION_NUMBER >= 0x00907000L
OPENSSL_config(NULL);
#endif
#endif
/* load errors */
SSL_load_error_strings();
/* digests and ciphers */
OpenSSL_add_all_algorithms();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (!(SSL_context= SSL_CTX_new(TLS_client_method())))
#else
if (!(SSL_context= SSL_CTX_new(SSLv23_client_method())))
#endif
{
ma_tls_get_error(errmsg, errmsg_len);
goto end;
}
#ifdef HAVE_TLS_SESSION_CACHE
SSL_CTX_set_session_cache_mode(SSL_context, SSL_SESS_CACHE_CLIENT);
ma_tls_sessions= (MA_SSL_SESSION *)calloc(1, sizeof(struct st_ma_tls_session) * ma_tls_session_cache_size);
SSL_CTX_sess_set_new_cb(SSL_context, ma_tls_session_cb);
SSL_CTX_sess_set_remove_cb(SSL_context, ma_tls_remove_session_cb);
#endif
disable_sigpipe();
#if OPENSSL_USE_BIOMETHOD
memcpy(&ma_BIO_method, BIO_s_socket(), sizeof(BIO_METHOD));
ma_BIO_method.bread= ma_bio_read;
ma_BIO_method.bwrite= ma_bio_write;
#endif
rc= 0;
ma_tls_initialized= TRUE;
end:
pthread_mutex_unlock(&LOCK_openssl_config);
return rc;
}
//--------------------------------------------------------------------------------------------------
le_result_t secSocket_Init
(
secSocket_Ctx_t** ctxPtr ///< [INOUT] Secure socket context pointer
)
{
// Check input parameter
if (!ctxPtr)
{
LE_ERROR("Null pointer provided");
return LE_BAD_PARAMETER;
}
// Initialize the socket context pool
if (!SocketCtxPoolRef)
{
SocketCtxPoolRef = le_mem_InitStaticPool(SocketCtxPool,
MAX_SOCKET_NB,
sizeof(OpensslCtx_t));
}
// Check if the socket is already initialized
OpensslCtx_t* contextPtr = GetContext(*ctxPtr);
if ((contextPtr) && (contextPtr->isInit))
{
LE_ERROR("Socket context already initialized");
return LE_FAULT;
}
// Alloc memory from pool
contextPtr = le_mem_TryAlloc(SocketCtxPoolRef);
if (NULL == contextPtr)
{
LE_ERROR("Unable to allocate a socket context from pool");
return LE_FAULT;
}
// Set the magic number
contextPtr->magicNb = OPENSSL_MAGIC_NUMBER;
// Initialize OpenSSL library and setup SSL pointers
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
contextPtr->sslCtxPtr = SSL_CTX_new(TLSv1_client_method());
#else
OPENSSL_init_ssl(0, NULL);
contextPtr->sslCtxPtr = SSL_CTX_new(TLS_client_method());
#endif
contextPtr->isInit = true;
*ctxPtr = (secSocket_Ctx_t*)contextPtr;
return LE_OK;
}
static int apps_startup(void)
{
#ifdef SIGPIPE
signal(SIGPIPE, SIG_IGN);
#endif
/* Set non-default library initialisation settings */
if (!OPENSSL_init_ssl(OPENSSL_INIT_ENGINE_ALL_BUILTIN
| OPENSSL_INIT_LOAD_CONFIG, NULL))
return 0;
setup_ui_method();
return 1;
}
int FuzzerInitialize(int *argc, char ***argv)
{
STACK_OF(SSL_COMP) *comp_methods;
OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CRYPTO_STRINGS | OPENSSL_INIT_ASYNC, NULL);
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
ERR_get_state();
CRYPTO_free_ex_index(0, -1);
idx = SSL_get_ex_data_X509_STORE_CTX_idx();
FuzzerSetRand();
comp_methods = SSL_COMP_get_compression_methods();
if (comp_methods != NULL)
sk_SSL_COMP_sort(comp_methods);
return 1;
}
int errstr_main(int argc, char **argv)
{
OPTION_CHOICE o;
char buf[256], *prog;
int ret = 1;
unsigned long l;
prog = opt_init(argc, argv, errstr_options);
while ((o = opt_next()) != OPT_EOF) {
switch (o) {
case OPT_EOF:
case OPT_ERR:
BIO_printf(bio_err, "%s: Use -help for summary.\n", prog);
goto end;
case OPT_HELP:
opt_help(errstr_options);
ret = 0;
goto end;
case OPT_STATS:
lh_ERR_STRING_DATA_node_stats_bio(ERR_get_string_table(),
bio_out);
lh_ERR_STRING_DATA_stats_bio(ERR_get_string_table(), bio_out);
lh_ERR_STRING_DATA_node_usage_stats_bio(ERR_get_string_table(),
bio_out);
ret = 0;
goto end;
}
}
ret = 0;
for (argv = opt_rest(); *argv; argv++) {
if (sscanf(*argv, "%lx", &l) == 0)
ret++;
else {
/* We're not really an SSL application so this won't auto-init, but
* we're still interested in SSL error strings
*/
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
ERR_error_string_n(l, buf, sizeof buf);
BIO_printf(bio_out, "%s\n", buf);
}
}
end:
return (ret);
}
int
lws_context_init_ssl_library(const struct lws_context_creation_info *info)
{
#ifdef USE_WOLFSSL
#ifdef USE_OLD_CYASSL
lwsl_info(" Compiled with CyaSSL support\n");
#else
lwsl_info(" Compiled with wolfSSL support\n");
#endif
#else
#if defined(LWS_WITH_BORINGSSL)
lwsl_info(" Compiled with BoringSSL support\n");
#else
lwsl_info(" Compiled with OpenSSL support\n");
#endif
#endif
if (!lws_check_opt(info->options, LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT)) {
lwsl_info(" SSL disabled: no "
"LWS_SERVER_OPTION_DO_SSL_GLOBAL_INIT\n");
return 0;
}
/* basic openssl init */
lwsl_info("Doing SSL library init\n");
#if OPENSSL_VERSION_NUMBER < 0x10100000L
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
#else
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
#endif
#if defined(LWS_WITH_NETWORK)
openssl_websocket_private_data_index =
SSL_get_ex_new_index(0, "lws", NULL, NULL, NULL);
openssl_SSL_CTX_private_data_index = SSL_CTX_get_ex_new_index(0,
NULL, NULL, NULL, NULL);
#endif
return 0;
}
/*
Initializes SSL and allocate global
context SSL_context
SYNOPSIS
my_ssl_start
mysql connection handle
RETURN VALUES
0 success
1 error
*/
int my_ssl_start(MYSQL *mysql)
{
int rc= 0;
DBUG_ENTER("my_ssl_start");
/* lock mutex to prevent multiple initialization */
pthread_mutex_lock(&LOCK_ssl_config);
if (!my_ssl_initialized)
{
#if OPENSSL_VERSION_NUMBER < 0x10100000
if (ssl_crypto_init())
goto end;
#endif
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
SSL_library_init();
#if SSLEAY_VERSION_NUMBER >= 0x00907000L
OPENSSL_config(NULL);
#endif
#endif
/* load errors */
SSL_load_error_strings();
/* digests and ciphers */
OpenSSL_add_all_algorithms();
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
if (!(SSL_context= SSL_CTX_new(TLS_client_method())))
#else
if (!(SSL_context= SSL_CTX_new(TLSv1_client_method())))
#endif
{
my_SSL_error(mysql);
rc= 1;
goto end;
}
my_ssl_initialized= TRUE;
}
end:
pthread_mutex_unlock(&LOCK_ssl_config);
DBUG_RETURN(rc);
}
static BOOL CALLBACK _winpr_openssl_initialize(PINIT_ONCE once, PVOID param, PVOID* context)
{
DWORD flags = param ? *(PDWORD)param : WINPR_SSL_INIT_DEFAULT;
if (flags & WINPR_SSL_INIT_ALREADY_INITIALIZED)
{
return TRUE;
}
#ifdef WINPR_OPENSSL_LOCKING_REQUIRED
if (flags & WINPR_SSL_INIT_ENABLE_LOCKING)
{
if (!_winpr_openssl_initialize_locking())
{
return FALSE;
}
}
#endif
/* SSL_load_error_strings() is void */
#if (OPENSSL_VERSION_NUMBER < 0x10100000L) || defined(LIBRESSL_VERSION_NUMBER)
SSL_load_error_strings();
/* SSL_library_init() always returns "1" */
SSL_library_init();
OpenSSL_add_all_digests();
OpenSSL_add_all_ciphers();
#else
if (OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_ENGINE_ALL_BUILTIN, NULL) != 1)
return FALSE;
#endif
g_winpr_openssl_initialized_by_winpr = TRUE;
return winpr_enable_fips(flags);
}
SSL_SESSION *
SSL_SESSION_new(void)
{
SSL_SESSION *ss;
if (!OPENSSL_init_ssl(0, NULL)) {
SSLerrorx(SSL_R_LIBRARY_BUG);
return(NULL);
}
if ((ss = calloc(1, sizeof(*ss))) == NULL) {
SSLerrorx(ERR_R_MALLOC_FAILURE);
return (NULL);
}
if ((ss->internal = calloc(1, sizeof(*ss->internal))) == NULL) {
free(ss);
SSLerrorx(ERR_R_MALLOC_FAILURE);
return (NULL);
}
ss->verify_result = 1; /* avoid 0 (= X509_V_OK) just in case */
ss->references = 1;
ss->timeout=60*5+4; /* 5 minute timeout by default */
ss->time = time(NULL);
ss->internal->prev = NULL;
ss->internal->next = NULL;
ss->tlsext_hostname = NULL;
ss->internal->tlsext_ecpointformatlist_length = 0;
ss->internal->tlsext_ecpointformatlist = NULL;
ss->internal->tlsext_supportedgroups_length = 0;
ss->internal->tlsext_supportedgroups = NULL;
CRYPTO_new_ex_data(CRYPTO_EX_INDEX_SSL_SESSION, ss, &ss->internal->ex_data);
return (ss);
}
int tls_init_library(void)
{
tls_cnx = NULL;
tls_data_cnx = NULL;
tls_ctx = NULL;
# if (OPENSSL_VERSION_NUMBER < 0x10100000L) || !defined(OPENSSL_INIT_LOAD_SSL_STRINGS)
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
# else
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS |
OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG, NULL);
# endif
tls_init_rnd();
tls_create_new_context(cert_file, key_file);
tls_cnx_handshook = 0;
tls_data_cnx_handshook = 0;
return 0;
}
/*
* OpenSSL provides SSL, TLS and general purpose cryptography. It wraps the
* OpenSSL[https://www.openssl.org/] library.
*
* = Examples
*
* All examples assume you have loaded OpenSSL with:
*
* require 'openssl'
*
* These examples build atop each other. For example the key created in the
* next is used in throughout these examples.
*
* == Keys
*
* === Creating a Key
*
* This example creates a 2048 bit RSA keypair and writes it to the current
* directory.
*
* key = OpenSSL::PKey::RSA.new 2048
*
* open 'private_key.pem', 'w' do |io| io.write key.to_pem end
* open 'public_key.pem', 'w' do |io| io.write key.public_key.to_pem end
*
* === Exporting a Key
*
* Keys saved to disk without encryption are not secure as anyone who gets
* ahold of the key may use it unless it is encrypted. In order to securely
* export a key you may export it with a pass phrase.
*
* cipher = OpenSSL::Cipher.new 'AES-128-CBC'
* pass_phrase = 'my secure pass phrase goes here'
*
* key_secure = key.export cipher, pass_phrase
*
* open 'private.secure.pem', 'w' do |io|
* io.write key_secure
* end
*
* OpenSSL::Cipher.ciphers returns a list of available ciphers.
*
* === Loading a Key
*
* A key can also be loaded from a file.
*
* key2 = OpenSSL::PKey::RSA.new File.read 'private_key.pem'
* key2.public? # => true
* key2.private? # => true
*
* or
*
* key3 = OpenSSL::PKey::RSA.new File.read 'public_key.pem'
* key3.public? # => true
* key3.private? # => false
*
* === Loading an Encrypted Key
*
* OpenSSL will prompt you for your pass phrase when loading an encrypted key.
* If you will not be able to type in the pass phrase you may provide it when
* loading the key:
*
* key4_pem = File.read 'private.secure.pem'
* pass_phrase = 'my secure pass phrase goes here'
* key4 = OpenSSL::PKey::RSA.new key4_pem, pass_phrase
*
* == RSA Encryption
*
* RSA provides encryption and decryption using the public and private keys.
* You can use a variety of padding methods depending upon the intended use of
* encrypted data.
*
* === Encryption & Decryption
*
* Asymmetric public/private key encryption is slow and victim to attack in
* cases where it is used without padding or directly to encrypt larger chunks
* of data. Typical use cases for RSA encryption involve "wrapping" a symmetric
* key with the public key of the recipient who would "unwrap" that symmetric
* key again using their private key.
* The following illustrates a simplified example of such a key transport
* scheme. It shouldn't be used in practice, though, standardized protocols
* should always be preferred.
*
* wrapped_key = key.public_encrypt key
*
* A symmetric key encrypted with the public key can only be decrypted with
* the corresponding private key of the recipient.
*
* original_key = key.private_decrypt wrapped_key
*
* By default PKCS#1 padding will be used, but it is also possible to use
* other forms of padding, see PKey::RSA for further details.
*
* === Signatures
*
* Using "private_encrypt" to encrypt some data with the private key is
* equivalent to applying a digital signature to the data. A verifying
* party may validate the signature by comparing the result of decrypting
* the signature with "public_decrypt" to the original data. However,
* OpenSSL::PKey already has methods "sign" and "verify" that handle
* digital signatures in a standardized way - "private_encrypt" and
* "public_decrypt" shouldn't be used in practice.
*
* To sign a document, a cryptographically secure hash of the document is
* computed first, which is then signed using the private key.
*
* digest = OpenSSL::Digest::SHA256.new
* signature = key.sign digest, document
*
* To validate the signature, again a hash of the document is computed and
* the signature is decrypted using the public key. The result is then
* compared to the hash just computed, if they are equal the signature was
* valid.
*
* digest = OpenSSL::Digest::SHA256.new
* if key.verify digest, signature, document
* puts 'Valid'
* else
* puts 'Invalid'
* end
*
* == PBKDF2 Password-based Encryption
*
* If supported by the underlying OpenSSL version used, Password-based
* Encryption should use the features of PKCS5. If not supported or if
* required by legacy applications, the older, less secure methods specified
* in RFC 2898 are also supported (see below).
*
* PKCS5 supports PBKDF2 as it was specified in PKCS#5
* v2.0[http://www.rsa.com/rsalabs/node.asp?id=2127]. It still uses a
* password, a salt, and additionally a number of iterations that will
* slow the key derivation process down. The slower this is, the more work
* it requires being able to brute-force the resulting key.
*
* === Encryption
*
* The strategy is to first instantiate a Cipher for encryption, and
* then to generate a random IV plus a key derived from the password
* using PBKDF2. PKCS #5 v2.0 recommends at least 8 bytes for the salt,
* the number of iterations largely depends on the hardware being used.
*
* cipher = OpenSSL::Cipher.new 'AES-128-CBC'
* cipher.encrypt
* iv = cipher.random_iv
*
* pwd = 'some hopefully not to easily guessable password'
* salt = OpenSSL::Random.random_bytes 16
* iter = 20000
* key_len = cipher.key_len
* digest = OpenSSL::Digest::SHA256.new
*
* key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
* cipher.key = key
*
* Now encrypt the data:
*
* encrypted = cipher.update document
* encrypted << cipher.final
*
* === Decryption
*
* Use the same steps as before to derive the symmetric AES key, this time
* setting the Cipher up for decryption.
*
* cipher = OpenSSL::Cipher.new 'AES-128-CBC'
* cipher.decrypt
* cipher.iv = iv # the one generated with #random_iv
*
* pwd = 'some hopefully not to easily guessable password'
* salt = ... # the one generated above
* iter = 20000
* key_len = cipher.key_len
* digest = OpenSSL::Digest::SHA256.new
*
* key = OpenSSL::PKCS5.pbkdf2_hmac(pwd, salt, iter, key_len, digest)
* cipher.key = key
*
* Now decrypt the data:
*
* decrypted = cipher.update encrypted
* decrypted << cipher.final
*
* == PKCS #5 Password-based Encryption
*
* PKCS #5 is a password-based encryption standard documented at
* RFC2898[http://www.ietf.org/rfc/rfc2898.txt]. It allows a short password or
* passphrase to be used to create a secure encryption key. If possible, PBKDF2
* as described above should be used if the circumstances allow it.
*
* PKCS #5 uses a Cipher, a pass phrase and a salt to generate an encryption
* key.
*
* pass_phrase = 'my secure pass phrase goes here'
* salt = '8 octets'
*
* === Encryption
*
* First set up the cipher for encryption
*
* encryptor = OpenSSL::Cipher.new 'AES-128-CBC'
* encryptor.encrypt
* encryptor.pkcs5_keyivgen pass_phrase, salt
*
* Then pass the data you want to encrypt through
*
* encrypted = encryptor.update 'top secret document'
* encrypted << encryptor.final
*
* === Decryption
*
* Use a new Cipher instance set up for decryption
*
* decryptor = OpenSSL::Cipher.new 'AES-128-CBC'
* decryptor.decrypt
* decryptor.pkcs5_keyivgen pass_phrase, salt
*
* Then pass the data you want to decrypt through
*
* plain = decryptor.update encrypted
* plain << decryptor.final
*
* == X509 Certificates
*
* === Creating a Certificate
*
* This example creates a self-signed certificate using an RSA key and a SHA1
* signature.
*
* key = OpenSSL::PKey::RSA.new 2048
* name = OpenSSL::X509::Name.parse 'CN=nobody/DC=example'
*
* cert = OpenSSL::X509::Certificate.new
* cert.version = 2
* cert.serial = 0
* cert.not_before = Time.now
* cert.not_after = Time.now + 3600
*
* cert.public_key = key.public_key
* cert.subject = name
*
* === Certificate Extensions
*
* You can add extensions to the certificate with
* OpenSSL::SSL::ExtensionFactory to indicate the purpose of the certificate.
*
* extension_factory = OpenSSL::X509::ExtensionFactory.new nil, cert
*
* cert.add_extension \
* extension_factory.create_extension('basicConstraints', 'CA:FALSE', true)
*
* cert.add_extension \
* extension_factory.create_extension(
* 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
*
* cert.add_extension \
* extension_factory.create_extension('subjectKeyIdentifier', 'hash')
*
* The list of supported extensions (and in some cases their possible values)
* can be derived from the "objects.h" file in the OpenSSL source code.
*
* === Signing a Certificate
*
* To sign a certificate set the issuer and use OpenSSL::X509::Certificate#sign
* with a digest algorithm. This creates a self-signed cert because we're using
* the same name and key to sign the certificate as was used to create the
* certificate.
*
* cert.issuer = name
* cert.sign key, OpenSSL::Digest::SHA1.new
*
* open 'certificate.pem', 'w' do |io| io.write cert.to_pem end
*
* === Loading a Certificate
*
* Like a key, a cert can also be loaded from a file.
*
* cert2 = OpenSSL::X509::Certificate.new File.read 'certificate.pem'
*
* === Verifying a Certificate
*
* Certificate#verify will return true when a certificate was signed with the
* given public key.
*
* raise 'certificate can not be verified' unless cert2.verify key
*
* == Certificate Authority
*
* A certificate authority (CA) is a trusted third party that allows you to
* verify the ownership of unknown certificates. The CA issues key signatures
* that indicate it trusts the user of that key. A user encountering the key
* can verify the signature by using the CA's public key.
*
* === CA Key
*
* CA keys are valuable, so we encrypt and save it to disk and make sure it is
* not readable by other users.
*
* ca_key = OpenSSL::PKey::RSA.new 2048
* pass_phrase = 'my secure pass phrase goes here'
*
* cipher = OpenSSL::Cipher.new 'AES-128-CBC'
*
* open 'ca_key.pem', 'w', 0400 do |io|
* io.write ca_key.export(cipher, pass_phrase)
* end
*
* === CA Certificate
*
* A CA certificate is created the same way we created a certificate above, but
* with different extensions.
*
* ca_name = OpenSSL::X509::Name.parse 'CN=ca/DC=example'
*
* ca_cert = OpenSSL::X509::Certificate.new
* ca_cert.serial = 0
* ca_cert.version = 2
* ca_cert.not_before = Time.now
* ca_cert.not_after = Time.now + 86400
*
* ca_cert.public_key = ca_key.public_key
* ca_cert.subject = ca_name
* ca_cert.issuer = ca_name
*
* extension_factory = OpenSSL::X509::ExtensionFactory.new
* extension_factory.subject_certificate = ca_cert
* extension_factory.issuer_certificate = ca_cert
*
* ca_cert.add_extension \
* extension_factory.create_extension('subjectKeyIdentifier', 'hash')
*
* This extension indicates the CA's key may be used as a CA.
*
* ca_cert.add_extension \
* extension_factory.create_extension('basicConstraints', 'CA:TRUE', true)
*
* This extension indicates the CA's key may be used to verify signatures on
* both certificates and certificate revocations.
*
* ca_cert.add_extension \
* extension_factory.create_extension(
* 'keyUsage', 'cRLSign,keyCertSign', true)
*
* Root CA certificates are self-signed.
*
* ca_cert.sign ca_key, OpenSSL::Digest::SHA1.new
*
* The CA certificate is saved to disk so it may be distributed to all the
* users of the keys this CA will sign.
*
* open 'ca_cert.pem', 'w' do |io|
* io.write ca_cert.to_pem
* end
*
* === Certificate Signing Request
*
* The CA signs keys through a Certificate Signing Request (CSR). The CSR
* contains the information necessary to identify the key.
*
* csr = OpenSSL::X509::Request.new
* csr.version = 0
* csr.subject = name
* csr.public_key = key.public_key
* csr.sign key, OpenSSL::Digest::SHA1.new
*
* A CSR is saved to disk and sent to the CA for signing.
*
* open 'csr.pem', 'w' do |io|
* io.write csr.to_pem
* end
*
* === Creating a Certificate from a CSR
*
* Upon receiving a CSR the CA will verify it before signing it. A minimal
* verification would be to check the CSR's signature.
*
* csr = OpenSSL::X509::Request.new File.read 'csr.pem'
*
* raise 'CSR can not be verified' unless csr.verify csr.public_key
*
* After verification a certificate is created, marked for various usages,
* signed with the CA key and returned to the requester.
*
* csr_cert = OpenSSL::X509::Certificate.new
* csr_cert.serial = 0
* csr_cert.version = 2
* csr_cert.not_before = Time.now
* csr_cert.not_after = Time.now + 600
*
* csr_cert.subject = csr.subject
* csr_cert.public_key = csr.public_key
* csr_cert.issuer = ca_cert.subject
*
* extension_factory = OpenSSL::X509::ExtensionFactory.new
* extension_factory.subject_certificate = csr_cert
* extension_factory.issuer_certificate = ca_cert
*
* csr_cert.add_extension \
* extension_factory.create_extension('basicConstraints', 'CA:FALSE')
*
* csr_cert.add_extension \
* extension_factory.create_extension(
* 'keyUsage', 'keyEncipherment,dataEncipherment,digitalSignature')
*
* csr_cert.add_extension \
* extension_factory.create_extension('subjectKeyIdentifier', 'hash')
*
* csr_cert.sign ca_key, OpenSSL::Digest::SHA1.new
*
* open 'csr_cert.pem', 'w' do |io|
* io.write csr_cert.to_pem
* end
*
* == SSL and TLS Connections
*
* Using our created key and certificate we can create an SSL or TLS connection.
* An SSLContext is used to set up an SSL session.
*
* context = OpenSSL::SSL::SSLContext.new
*
* === SSL Server
*
* An SSL server requires the certificate and private key to communicate
* securely with its clients:
*
* context.cert = cert
* context.key = key
*
* Then create an SSLServer with a TCP server socket and the context. Use the
* SSLServer like an ordinary TCP server.
*
* require 'socket'
*
* tcp_server = TCPServer.new 5000
* ssl_server = OpenSSL::SSL::SSLServer.new tcp_server, context
*
* loop do
* ssl_connection = ssl_server.accept
*
* data = connection.gets
*
* response = "I got #{data.dump}"
* puts response
*
* connection.puts "I got #{data.dump}"
* connection.close
* end
*
* === SSL client
*
* An SSL client is created with a TCP socket and the context.
* SSLSocket#connect must be called to initiate the SSL handshake and start
* encryption. A key and certificate are not required for the client socket.
*
* Note that SSLSocket#close doesn't close the underlying socket by default. Set
* SSLSocket#sync_close to true if you want.
*
* require 'socket'
*
* tcp_socket = TCPSocket.new 'localhost', 5000
* ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
* ssl_client.sync_close = true
* ssl_client.connect
*
* ssl_client.puts "hello server!"
* puts ssl_client.gets
*
* ssl_client.close # shutdown the TLS connection and close tcp_socket
*
* === Peer Verification
*
* An unverified SSL connection does not provide much security. For enhanced
* security the client or server can verify the certificate of its peer.
*
* The client can be modified to verify the server's certificate against the
* certificate authority's certificate:
*
* context.ca_file = 'ca_cert.pem'
* context.verify_mode = OpenSSL::SSL::VERIFY_PEER
*
* require 'socket'
*
* tcp_socket = TCPSocket.new 'localhost', 5000
* ssl_client = OpenSSL::SSL::SSLSocket.new tcp_socket, context
* ssl_client.connect
*
* ssl_client.puts "hello server!"
* puts ssl_client.gets
*
* If the server certificate is invalid or <tt>context.ca_file</tt> is not set
* when verifying peers an OpenSSL::SSL::SSLError will be raised.
*
*/
void
Init_openssl(void)
{
/*
* Init timezone info
*/
#if 0
tzset();
#endif
/*
* Init all digests, ciphers
*/
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
if (!OPENSSL_init_ssl(0, NULL))
rb_raise(rb_eRuntimeError, "OPENSSL_init_ssl");
#else
OpenSSL_add_ssl_algorithms();
OpenSSL_add_all_algorithms();
ERR_load_crypto_strings();
SSL_load_error_strings();
#endif
/*
* Init main module
*/
mOSSL = rb_define_module("OpenSSL");
rb_global_variable(&mOSSL);
/*
* OpenSSL ruby extension version
*/
rb_define_const(mOSSL, "VERSION", rb_str_new2(OSSL_VERSION));
/*
* Version of OpenSSL the ruby OpenSSL extension was built with
*/
rb_define_const(mOSSL, "OPENSSL_VERSION", rb_str_new2(OPENSSL_VERSION_TEXT));
/*
* Version of OpenSSL the ruby OpenSSL extension is running with
*/
#if !defined(LIBRESSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000
rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(OpenSSL_version(OPENSSL_VERSION)));
#else
rb_define_const(mOSSL, "OPENSSL_LIBRARY_VERSION", rb_str_new2(SSLeay_version(SSLEAY_VERSION)));
#endif
/*
* Version number of OpenSSL the ruby OpenSSL extension was built with
* (base 16)
*/
rb_define_const(mOSSL, "OPENSSL_VERSION_NUMBER", INT2NUM(OPENSSL_VERSION_NUMBER));
/*
* Boolean indicating whether OpenSSL is FIPS-capable or not
*/
rb_define_const(mOSSL, "OPENSSL_FIPS",
#ifdef OPENSSL_FIPS
Qtrue
#else
Qfalse
#endif
);
rb_define_module_function(mOSSL, "fips_mode", ossl_fips_mode_get, 0);
rb_define_module_function(mOSSL, "fips_mode=", ossl_fips_mode_set, 1);
/*
* Generic error,
* common for all classes under OpenSSL module
*/
eOSSLError = rb_define_class_under(mOSSL,"OpenSSLError",rb_eStandardError);
rb_global_variable(&eOSSLError);
/*
* Init debug core
*/
dOSSL = Qfalse;
rb_global_variable(&dOSSL);
rb_define_module_function(mOSSL, "debug", ossl_debug_get, 0);
rb_define_module_function(mOSSL, "debug=", ossl_debug_set, 1);
rb_define_module_function(mOSSL, "errors", ossl_get_errors, 0);
/*
* Get ID of to_der
*/
ossl_s_to_der = rb_intern("to_der");
#if !defined(HAVE_OPENSSL_110_THREADING_API)
Init_ossl_locks();
#endif
/*
* Init components
*/
Init_ossl_bn();
Init_ossl_cipher();
Init_ossl_config();
Init_ossl_digest();
Init_ossl_hmac();
Init_ossl_ns_spki();
Init_ossl_pkcs12();
Init_ossl_pkcs7();
Init_ossl_pkey();
Init_ossl_rand();
Init_ossl_ssl();
Init_ossl_x509();
Init_ossl_ocsp();
Init_ossl_engine();
Init_ossl_asn1();
Init_ossl_kdf();
#if defined(OSSL_DEBUG)
/*
* For debugging Ruby/OpenSSL. Enable only when built with --enable-debug
*/
#if !defined(LIBRESSL_VERSION_NUMBER) && \
(OPENSSL_VERSION_NUMBER >= 0x10100000 && !defined(OPENSSL_NO_CRYPTO_MDEBUG) || \
defined(CRYPTO_malloc_debug_init))
rb_define_module_function(mOSSL, "mem_check_start", mem_check_start, 0);
rb_define_module_function(mOSSL, "print_mem_leaks", print_mem_leaks, 0);
#if defined(CRYPTO_malloc_debug_init) /* <= 1.0.2 */
CRYPTO_malloc_debug_init();
#endif
#if defined(V_CRYPTO_MDEBUG_ALL) /* <= 1.0.2 */
CRYPTO_set_mem_debug_options(V_CRYPTO_MDEBUG_ALL);
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 /* <= 1.0.2 */
{
int i;
/*
* See crypto/ex_data.c; call def_get_class() immediately to avoid
* allocations. 15 is the maximum number that is used as the class index
* in OpenSSL 1.0.2.
*/
for (i = 0; i <= 15; i++) {
if (CRYPTO_get_ex_new_index(i, 0, (void *)"ossl-mdebug-dummy", 0, 0, 0) < 0)
rb_raise(rb_eRuntimeError, "CRYPTO_get_ex_new_index for "
"class index %d failed", i);
}
}
#endif
#endif
#endif
}
/** Main routine for unbound-control */
int main(int argc, char* argv[])
{
int c, ret;
int quiet = 0;
const char* cfgfile = CONFIGFILE;
char* svr = NULL;
#ifdef USE_WINSOCK
int r;
WSADATA wsa_data;
#endif
#ifdef USE_THREAD_DEBUG
/* stop the file output from unbound-control, overwrites the servers */
extern int check_locking_order;
check_locking_order = 0;
#endif /* USE_THREAD_DEBUG */
log_ident_set("unbound-control");
log_init(NULL, 0, NULL);
checklock_start();
#ifdef USE_WINSOCK
/* use registry config file in preference to compiletime location */
if(!(cfgfile=w_lookup_reg_str("Software\\Unbound", "ConfigFile")))
cfgfile = CONFIGFILE;
#endif
/* parse the options */
while( (c=getopt(argc, argv, "c:s:qh")) != -1) {
switch(c) {
case 'c':
cfgfile = optarg;
break;
case 's':
svr = optarg;
break;
case 'q':
quiet = 1;
break;
case '?':
case 'h':
default:
usage();
}
}
argc -= optind;
argv += optind;
if(argc == 0)
usage();
if(argc >= 1 && strcmp(argv[0], "start")==0) {
if(execlp("unbound", "unbound", "-c", cfgfile,
(char*)NULL) < 0) {
fatal_exit("could not exec unbound: %s",
strerror(errno));
}
}
if(argc >= 1 && strcmp(argv[0], "stats_shm")==0) {
print_stats_shm(cfgfile);
return 0;
}
#ifdef USE_WINSOCK
if((r = WSAStartup(MAKEWORD(2,2), &wsa_data)) != 0)
fatal_exit("WSAStartup failed: %s", wsa_strerror(r));
#endif
#ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS
ERR_load_crypto_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
ERR_load_SSL_strings();
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
OpenSSL_add_all_algorithms();
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
(void)SSL_library_init();
#else
(void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
#endif
if(!RAND_status()) {
/* try to seed it */
unsigned char buf[256];
unsigned int seed=(unsigned)time(NULL) ^ (unsigned)getpid();
unsigned int v = seed;
size_t i;
for(i=0; i<256/sizeof(v); i++) {
memmove(buf+i*sizeof(v), &v, sizeof(v));
v = v*seed + (unsigned int)i;
}
RAND_seed(buf, 256);
log_warn("no entropy, seeding openssl PRNG with time\n");
}
ret = go(cfgfile, svr, quiet, argc, argv);
#ifdef USE_WINSOCK
WSACleanup();
#endif
checklock_stop();
return ret;
}
Result<SslFd> SslFd::init(SocketFd fd, CSlice host, CSlice cert_file, VerifyPeer verify_peer) {
#if TD_WINDOWS
return Status::Error("TODO");
#else
static bool init_openssl = [] {
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
return OPENSSL_init_ssl(0, nullptr) != 0;
#else
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
return OpenSSL_add_ssl_algorithms() != 0;
#endif
}();
CHECK(init_openssl);
openssl_clear_errors("Before SslFd::init");
CHECK(!fd.empty());
auto ssl_method =
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
TLS_client_method();
#else
SSLv23_client_method();
#endif
if (ssl_method == nullptr) {
return create_openssl_error(-6, "Failed to create an SSL client method");
}
auto ssl_ctx = SSL_CTX_new(ssl_method);
if (ssl_ctx == nullptr) {
return create_openssl_error(-7, "Failed to create an SSL context");
}
auto ssl_ctx_guard = ScopeExit() + [&]() { SSL_CTX_free(ssl_ctx); };
long options = 0;
#ifdef SSL_OP_NO_SSLv2
options |= SSL_OP_NO_SSLv2;
#endif
#ifdef SSL_OP_NO_SSLv3
options |= SSL_OP_NO_SSLv3;
#endif
SSL_CTX_set_options(ssl_ctx, options);
SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER | SSL_MODE_ENABLE_PARTIAL_WRITE);
if (cert_file.empty()) {
SSL_CTX_set_default_verify_paths(ssl_ctx);
} else {
if (SSL_CTX_load_verify_locations(ssl_ctx, cert_file.c_str(), nullptr) == 0) {
return create_openssl_error(-8, "Failed to set custom cert file");
}
}
if (VERIFY_PEER && verify_peer == VerifyPeer::On) {
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_PEER, verify_callback);
if (VERIFY_DEPTH != -1) {
SSL_CTX_set_verify_depth(ssl_ctx, VERIFY_DEPTH);
}
} else {
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, nullptr);
}
// TODO(now): cipher list
string cipher_list;
if (SSL_CTX_set_cipher_list(ssl_ctx, cipher_list.empty() ? "DEFAULT" : cipher_list.c_str()) == 0) {
return create_openssl_error(-9, PSLICE("Failed to set cipher list \"%s\"", cipher_list.c_str()));
}
auto ssl_handle = SSL_new(ssl_ctx);
if (ssl_handle == nullptr) {
return create_openssl_error(-13, "Failed to create an SSL handle");
}
auto ssl_handle_guard = ScopeExit() + [&]() {
do_ssl_shutdown(ssl_handle);
SSL_free(ssl_handle);
};
#if OPENSSL_VERSION_NUMBER >= 0x10002000L
X509_VERIFY_PARAM *param = SSL_get0_param(ssl_handle);
/* Enable automatic hostname checks */
// TODO: X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS
X509_VERIFY_PARAM_set_hostflags(param, 0);
X509_VERIFY_PARAM_set1_host(param, host.c_str(), 0);
#else
#warning DANGEROUS! HTTPS HOST WILL NOT BE CHECKED. INSTALL OPENSSL >= 1.0.2 OR IMPLEMENT HTTPS HOST CHECK MANUALLY
#endif
if (!SSL_set_fd(ssl_handle, fd.get_fd().get_native_fd())) {
return create_openssl_error(-14, "Failed to set fd");
}
#if OPENSSL_VERSION_NUMBER >= 0x0090806fL && !defined(OPENSSL_NO_TLSEXT)
auto host_str = host.str();
SSL_set_tlsext_host_name(ssl_handle, MutableCSlice(host_str).begin());
#endif
SSL_set_connect_state(ssl_handle);
ssl_ctx_guard.dismiss();
ssl_handle_guard.dismiss();
return SslFd(std::move(fd), ssl_handle, ssl_ctx);
#endif
}
int
be_tls_init(bool isServerStart)
{
STACK_OF(X509_NAME) *root_cert_list = NULL;
SSL_CTX *context;
/* This stuff need be done only once. */
if (!SSL_initialized)
{
#ifdef HAVE_OPENSSL_INIT_SSL
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
OPENSSL_config(NULL);
SSL_library_init();
SSL_load_error_strings();
#endif
SSL_initialized = true;
}
/*
* We use SSLv23_method() because it can negotiate use of the highest
* mutually supported protocol version, while alternatives like
* TLSv1_2_method() permit only one specific version. Note that we don't
* actually allow SSL v2 or v3, only TLS protocols (see below).
*/
context = SSL_CTX_new(SSLv23_method());
if (!context)
{
ereport(isServerStart ? FATAL : LOG,
(errmsg("could not create SSL context: %s",
SSLerrmessage(ERR_get_error()))));
goto error;
}
/*
* Disable OpenSSL's moving-write-buffer sanity check, because it causes
* unnecessary failures in nonblocking send cases.
*/
SSL_CTX_set_mode(context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
/*
* Set password callback
*/
if (isServerStart)
{
if (ssl_passphrase_command[0])
SSL_CTX_set_default_passwd_cb(context, ssl_external_passwd_cb);
}
else
{
if (ssl_passphrase_command[0] && ssl_passphrase_command_supports_reload)
SSL_CTX_set_default_passwd_cb(context, ssl_external_passwd_cb);
else
/*
* If reloading and no external command is configured, override
* OpenSSL's default handling of passphrase-protected files,
* because we don't want to prompt for a passphrase in an
* already-running server.
*/
SSL_CTX_set_default_passwd_cb(context, dummy_ssl_passwd_cb);
}
/* used by the callback */
ssl_is_server_start = isServerStart;
/*
* Load and verify server's certificate and private key
*/
if (SSL_CTX_use_certificate_chain_file(context, ssl_cert_file) != 1)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not load server certificate file \"%s\": %s",
ssl_cert_file, SSLerrmessage(ERR_get_error()))));
goto error;
}
if (!check_ssl_key_file_permissions(ssl_key_file, isServerStart))
goto error;
/*
* OK, try to load the private key file.
*/
dummy_ssl_passwd_cb_called = false;
if (SSL_CTX_use_PrivateKey_file(context,
ssl_key_file,
SSL_FILETYPE_PEM) != 1)
{
if (dummy_ssl_passwd_cb_called)
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("private key file \"%s\" cannot be reloaded because it requires a passphrase",
ssl_key_file)));
else
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not load private key file \"%s\": %s",
ssl_key_file, SSLerrmessage(ERR_get_error()))));
goto error;
}
if (SSL_CTX_check_private_key(context) != 1)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("check of private key failed: %s",
SSLerrmessage(ERR_get_error()))));
goto error;
}
if (ssl_min_protocol_version)
SSL_CTX_set_min_proto_version(context,
ssl_protocol_version_to_openssl(ssl_min_protocol_version,
"ssl_min_protocol_version"));
if (ssl_max_protocol_version)
SSL_CTX_set_max_proto_version(context,
ssl_protocol_version_to_openssl(ssl_max_protocol_version,
"ssl_max_protocol_version"));
/* disallow SSL session tickets */
#ifdef SSL_OP_NO_TICKET /* added in OpenSSL 0.9.8f */
SSL_CTX_set_options(context, SSL_OP_NO_TICKET);
#endif
/* disallow SSL session caching, too */
SSL_CTX_set_session_cache_mode(context, SSL_SESS_CACHE_OFF);
/* set up ephemeral DH and ECDH keys */
if (!initialize_dh(context, isServerStart))
goto error;
if (!initialize_ecdh(context, isServerStart))
goto error;
/* set up the allowed cipher list */
if (SSL_CTX_set_cipher_list(context, SSLCipherSuites) != 1)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not set the cipher list (no valid ciphers available)")));
goto error;
}
/* Let server choose order */
if (SSLPreferServerCiphers)
SSL_CTX_set_options(context, SSL_OP_CIPHER_SERVER_PREFERENCE);
/*
* Load CA store, so we can verify client certificates if needed.
*/
if (ssl_ca_file[0])
{
if (SSL_CTX_load_verify_locations(context, ssl_ca_file, NULL) != 1 ||
(root_cert_list = SSL_load_client_CA_file(ssl_ca_file)) == NULL)
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not load root certificate file \"%s\": %s",
ssl_ca_file, SSLerrmessage(ERR_get_error()))));
goto error;
}
}
/*----------
* Load the Certificate Revocation List (CRL).
* http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci803160,00.html
*----------
*/
if (ssl_crl_file[0])
{
X509_STORE *cvstore = SSL_CTX_get_cert_store(context);
if (cvstore)
{
/* Set the flags to check against the complete CRL chain */
if (X509_STORE_load_locations(cvstore, ssl_crl_file, NULL) == 1)
{
/* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */
#ifdef X509_V_FLAG_CRL_CHECK
X509_STORE_set_flags(cvstore,
X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
#else
ereport(LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("SSL certificate revocation list file \"%s\" ignored",
ssl_crl_file),
errdetail("SSL library does not support certificate revocation lists.")));
#endif
}
else
{
ereport(isServerStart ? FATAL : LOG,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not load SSL certificate revocation list file \"%s\": %s",
ssl_crl_file, SSLerrmessage(ERR_get_error()))));
goto error;
}
}
}
if (ssl_ca_file[0])
{
/*
* Always ask for SSL client cert, but don't fail if it's not
* presented. We might fail such connections later, depending on what
* we find in pg_hba.conf.
*/
SSL_CTX_set_verify(context,
(SSL_VERIFY_PEER |
SSL_VERIFY_CLIENT_ONCE),
verify_cb);
/*
* Tell OpenSSL to send the list of root certs we trust to clients in
* CertificateRequests. This lets a client with a keystore select the
* appropriate client certificate to send to us.
*/
SSL_CTX_set_client_CA_list(context, root_cert_list);
}
/*
* Success! Replace any existing SSL_context.
*/
if (SSL_context)
SSL_CTX_free(SSL_context);
SSL_context = context;
/*
* Set flag to remember whether CA store has been loaded into SSL_context.
*/
if (ssl_ca_file[0])
ssl_loaded_verify_locations = true;
else
ssl_loaded_verify_locations = false;
return 0;
error:
if (context)
SSL_CTX_free(context);
return -1;
}
struct daemon*
daemon_init(void)
{
struct daemon* daemon = (struct daemon*)calloc(1,
sizeof(struct daemon));
#ifdef USE_WINSOCK
int r;
WSADATA wsa_data;
#endif
if(!daemon)
return NULL;
#ifdef USE_WINSOCK
r = WSAStartup(MAKEWORD(2,2), &wsa_data);
if(r != 0) {
fatal_exit("could not init winsock. WSAStartup: %s",
wsa_strerror(r));
}
#endif /* USE_WINSOCK */
signal_handling_record();
checklock_start();
#ifdef HAVE_SSL
# ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS
ERR_load_crypto_strings();
# endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
ERR_load_SSL_strings();
#endif
# ifdef USE_GOST
(void)sldns_key_EVP_load_gost_id();
# endif
# if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
OpenSSL_add_all_algorithms();
# else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
# endif
# if HAVE_DECL_SSL_COMP_GET_COMPRESSION_METHODS
/* grab the COMP method ptr because openssl leaks it */
comp_meth = (void*)SSL_COMP_get_compression_methods();
# endif
# if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
(void)SSL_library_init();
# else
(void)OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS, NULL);
# endif
# if defined(HAVE_SSL) && defined(OPENSSL_THREADS) && !defined(THREADS_DISABLED)
if(!ub_openssl_lock_init())
fatal_exit("could not init openssl locks");
# endif
#elif defined(HAVE_NSS)
if(NSS_NoDB_Init(NULL) != SECSuccess)
fatal_exit("could not init NSS");
#endif /* HAVE_SSL or HAVE_NSS */
#ifdef HAVE_TZSET
/* init timezone info while we are not chrooted yet */
tzset();
#endif
/* open /dev/random if needed */
ub_systemseed((unsigned)time(NULL)^(unsigned)getpid()^0xe67);
daemon->need_to_exit = 0;
modstack_init(&daemon->mods);
if(!(daemon->env = (struct module_env*)calloc(1,
sizeof(*daemon->env)))) {
free(daemon);
return NULL;
}
/* init edns_known_options */
if(!edns_known_options_init(daemon->env)) {
free(daemon->env);
free(daemon);
return NULL;
}
alloc_init(&daemon->superalloc, NULL, 0);
daemon->acl = acl_list_create();
if(!daemon->acl) {
edns_known_options_delete(daemon->env);
free(daemon->env);
free(daemon);
return NULL;
}
if(gettimeofday(&daemon->time_boot, NULL) < 0)
log_err("gettimeofday: %s", strerror(errno));
daemon->time_last_stat = daemon->time_boot;
if((daemon->env->auth_zones = auth_zones_create()) == 0) {
acl_list_delete(daemon->acl);
edns_known_options_delete(daemon->env);
free(daemon->env);
free(daemon);
return NULL;
}
return daemon;
}
/*
* Initialize global SSL context.
*/
void
be_tls_init(void)
{
struct stat buf;
STACK_OF(X509_NAME) *root_cert_list = NULL;
if (!SSL_context)
{
#ifdef HAVE_OPENSSL_INIT_SSL
OPENSSL_init_ssl(OPENSSL_INIT_LOAD_CONFIG, NULL);
#else
#if OPENSSL_VERSION_NUMBER >= 0x0907000L
OPENSSL_config(NULL);
#endif
SSL_library_init();
SSL_load_error_strings();
#endif
/*
* We use SSLv23_method() because it can negotiate use of the highest
* mutually supported protocol version, while alternatives like
* TLSv1_2_method() permit only one specific version. Note that we
* don't actually allow SSL v2 or v3, only TLS protocols (see below).
*/
SSL_context = SSL_CTX_new(SSLv23_method());
if (!SSL_context)
ereport(FATAL,
(errmsg("could not create SSL context: %s",
SSLerrmessage(ERR_get_error()))));
/*
* Disable OpenSSL's moving-write-buffer sanity check, because it
* causes unnecessary failures in nonblocking send cases.
*/
SSL_CTX_set_mode(SSL_context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
/*
* Load and verify server's certificate and private key
*/
if (SSL_CTX_use_certificate_chain_file(SSL_context,
ssl_cert_file) != 1)
ereport(FATAL,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("could not load server certificate file \"%s\": %s",
ssl_cert_file, SSLerrmessage(ERR_get_error()))));
if (stat(ssl_key_file, &buf) != 0)
ereport(FATAL,
(errcode_for_file_access(),
errmsg("could not access private key file \"%s\": %m",
ssl_key_file)));
if (!S_ISREG(buf.st_mode))
ereport(FATAL,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("private key file \"%s\" is not a regular file",
ssl_key_file)));
/*
* Refuse to load files owned by users other than us or root.
*
* XXX surely we can check this on Windows somehow, too.
*/
#if !defined(WIN32) && !defined(__CYGWIN__)
if (buf.st_uid != geteuid() && buf.st_uid != 0)
ereport(FATAL,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("private key file \"%s\" must be owned by the database user or root",
ssl_key_file)));
#endif
/*
* Require no public access to key file. If the file is owned by us,
* require mode 0600 or less. If owned by root, require 0640 or less
* to allow read access through our gid, or a supplementary gid that
* allows to read system-wide certificates.
*
* XXX temporarily suppress check when on Windows, because there may
* not be proper support for Unix-y file permissions. Need to think
* of a reasonable check to apply on Windows. (See also the data
* directory permission check in postmaster.c)
*/
#if !defined(WIN32) && !defined(__CYGWIN__)
if ((buf.st_uid == geteuid() && buf.st_mode & (S_IRWXG | S_IRWXO)) ||
(buf.st_uid == 0 && buf.st_mode & (S_IWGRP | S_IXGRP | S_IRWXO)))
ereport(FATAL,
(errcode(ERRCODE_CONFIG_FILE_ERROR),
errmsg("private key file \"%s\" has group or world access",
ssl_key_file),
errdetail("File must have permissions u=rw (0600) or less if owned by the database user, or permissions u=rw,g=r (0640) or less if owned by root.")));
#endif
if (SSL_CTX_use_PrivateKey_file(SSL_context,
ssl_key_file,
SSL_FILETYPE_PEM) != 1)
ereport(FATAL,
(errmsg("could not load private key file \"%s\": %s",
ssl_key_file, SSLerrmessage(ERR_get_error()))));
if (SSL_CTX_check_private_key(SSL_context) != 1)
ereport(FATAL,
(errmsg("check of private key failed: %s",
SSLerrmessage(ERR_get_error()))));
}
/* set up ephemeral DH keys, and disallow SSL v2/v3 while at it */
SSL_CTX_set_tmp_dh_callback(SSL_context, tmp_dh_cb);
SSL_CTX_set_options(SSL_context,
SSL_OP_SINGLE_DH_USE |
SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
/* set up ephemeral ECDH keys */
initialize_ecdh();
/* set up the allowed cipher list */
if (SSL_CTX_set_cipher_list(SSL_context, SSLCipherSuites) != 1)
elog(FATAL, "could not set the cipher list (no valid ciphers available)");
/* Let server choose order */
if (SSLPreferServerCiphers)
SSL_CTX_set_options(SSL_context, SSL_OP_CIPHER_SERVER_PREFERENCE);
/*
* Load CA store, so we can verify client certificates if needed.
*/
if (ssl_ca_file[0])
{
if (SSL_CTX_load_verify_locations(SSL_context, ssl_ca_file, NULL) != 1 ||
(root_cert_list = SSL_load_client_CA_file(ssl_ca_file)) == NULL)
ereport(FATAL,
(errmsg("could not load root certificate file \"%s\": %s",
ssl_ca_file, SSLerrmessage(ERR_get_error()))));
}
/*----------
* Load the Certificate Revocation List (CRL).
* http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci803160,00.html
*----------
*/
if (ssl_crl_file[0])
{
X509_STORE *cvstore = SSL_CTX_get_cert_store(SSL_context);
if (cvstore)
{
/* Set the flags to check against the complete CRL chain */
if (X509_STORE_load_locations(cvstore, ssl_crl_file, NULL) == 1)
{
/* OpenSSL 0.96 does not support X509_V_FLAG_CRL_CHECK */
#ifdef X509_V_FLAG_CRL_CHECK
X509_STORE_set_flags(cvstore,
X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
#else
ereport(LOG,
(errmsg("SSL certificate revocation list file \"%s\" ignored",
ssl_crl_file),
errdetail("SSL library does not support certificate revocation lists.")));
#endif
}
else
ereport(FATAL,
(errmsg("could not load SSL certificate revocation list file \"%s\": %s",
ssl_crl_file, SSLerrmessage(ERR_get_error()))));
}
}
if (ssl_ca_file[0])
{
/*
* Always ask for SSL client cert, but don't fail if it's not
* presented. We might fail such connections later, depending on what
* we find in pg_hba.conf.
*/
SSL_CTX_set_verify(SSL_context,
(SSL_VERIFY_PEER |
SSL_VERIFY_CLIENT_ONCE),
verify_cb);
/* Set flag to remember CA store is successfully loaded */
ssl_loaded_verify_locations = true;
/*
* Tell OpenSSL to send the list of root certs we trust to clients in
* CertificateRequests. This lets a client with a keystore select the
* appropriate client certificate to send to us.
*/
SSL_CTX_set_client_CA_list(SSL_context, root_cert_list);
}
}
/** Main routine for petal */
int main(int argc, char* argv[])
{
int c;
int port = 443;
char* addr = "127.0.0.1", *key = "petal.key", *cert = "petal.pem";
#ifdef USE_WINSOCK
WSADATA wsa_data;
if((c=WSAStartup(MAKEWORD(2,2), &wsa_data)) != 0)
{ printf("WSAStartup failed\n"); exit(1); }
atexit((void (*)(void))WSACleanup);
#endif
/* parse the options */
while( (c=getopt(argc, argv, "a:c:k:hp:v")) != -1) {
switch(c) {
case 'a':
addr = optarg;
break;
case 'c':
cert = optarg;
break;
case 'k':
key = optarg;
break;
case 'p':
port = atoi(optarg);
break;
case 'v':
verb++;
break;
case '?':
case 'h':
default:
usage();
}
}
argc -= optind;
argv += optind;
if(argc != 0)
usage();
#ifdef SIGPIPE
(void)signal(SIGPIPE, SIG_IGN);
#endif
#ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS
ERR_load_crypto_strings();
#endif
ERR_load_SSL_strings();
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
OpenSSL_add_all_algorithms();
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
(void)SSL_library_init();
#else
(void)OPENSSL_init_ssl(0, NULL);
#endif
do_service(addr, port, key, cert);
#ifdef HAVE_CRYPTO_CLEANUP_ALL_EX_DATA
CRYPTO_cleanup_all_ex_data();
#endif
#ifdef HAVE_ERR_FREE_STRINGS
ERR_free_strings();
#endif
return 0;
}
/** Main routine for nsd-control */
int main(int argc, char* argv[])
{
int c;
const char* cfgfile = CONFIGFILE;
char* svr = NULL;
#ifdef USE_WINSOCK
int r;
WSADATA wsa_data;
#endif
log_init("nsd-control");
#ifdef HAVE_ERR_LOAD_CRYPTO_STRINGS
ERR_load_crypto_strings();
#endif
ERR_load_SSL_strings();
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_CRYPTO)
OpenSSL_add_all_algorithms();
#else
OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS
| OPENSSL_INIT_ADD_ALL_DIGESTS
| OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
#endif
#if OPENSSL_VERSION_NUMBER < 0x10100000 || !defined(HAVE_OPENSSL_INIT_SSL)
(void)SSL_library_init();
#else
OPENSSL_init_ssl(0, NULL);
#endif
if(!RAND_status()) {
/* try to seed it */
unsigned char buf[256];
unsigned int v, seed=(unsigned)time(NULL) ^ (unsigned)getpid();
size_t i;
v = seed;
for(i=0; i<256/sizeof(v); i++) {
memmove(buf+i*sizeof(v), &v, sizeof(v));
v = v*seed + (unsigned int)i;
}
RAND_seed(buf, 256);
fprintf(stderr, "warning: no entropy, seeding openssl PRNG with time\n");
}
/* parse the options */
while( (c=getopt(argc, argv, "c:s:h")) != -1) {
switch(c) {
case 'c':
cfgfile = optarg;
break;
case 's':
svr = optarg;
break;
case '?':
case 'h':
default:
usage();
}
}
argc -= optind;
argv += optind;
if(argc == 0)
usage();
if(argc >= 1 && strcmp(argv[0], "start")==0) {
if(execl(NSD_START_PATH, "nsd", "-c", cfgfile,
(char*)NULL) < 0) {
fprintf(stderr, "could not exec %s: %s\n",
NSD_START_PATH, strerror(errno));
exit(1);
}
}
return go(cfgfile, svr, argc, argv);
}
