NOEXPORT int load_cert(SERVICE_OPTIONS *section) {
/* load the certificate */
if(section->cert) {
s_log(LOG_INFO, "Loading certificate from file: %s", section->cert);
if(!SSL_CTX_use_certificate_chain_file(section->ctx, section->cert)) {
sslerror("SSL_CTX_use_certificate_chain_file");
return 1; /* FAILED */
}
}
/* load the private key */
if(!section->key) {
s_log(LOG_DEBUG, "No private key specified");
return 0; /* OK */
}
#ifndef OPENSSL_NO_ENGINE
if(section->engine) {
if(load_key_engine(section))
return 1; /* FAILED */
} else
#endif
{
if(load_key_file(section))
return 1; /* FAILED */
}
/* validate the private key */
if(!SSL_CTX_check_private_key(section->ctx)) {
sslerror("Private key does not match the certificate");
return 1; /* FAILED */
}
s_log(LOG_DEBUG, "Private key check succeeded");
return 0; /* OK */
}
static OCSP_RESPONSE *ocsp_get_response(CLI *c, OCSP_REQUEST *req) {
BIO *bio=NULL;
OCSP_REQ_CTX *req_ctx=NULL;
OCSP_RESPONSE *resp=NULL;
int err;
/* connect specified OCSP server (responder) */
c->fd=s_socket(c->opt->ocsp_addr.sa.sa_family, SOCK_STREAM, 0,
1, "OCSP: socket (auth_user)");
if(c->fd<0)
goto cleanup;
if(connect_blocking(c, &c->opt->ocsp_addr, addr_len(&c->opt->ocsp_addr)))
goto cleanup;
bio=BIO_new_fd(c->fd, BIO_NOCLOSE);
if(!bio)
goto cleanup;
s_log(LOG_DEBUG, "OCSP: server connected");
/* OCSP protocol communication loop */
req_ctx=OCSP_sendreq_new(bio, c->opt->ocsp_path, req, -1);
if(!req_ctx) {
sslerror("OCSP: OCSP_sendreq_new");
goto cleanup;
}
while(OCSP_sendreq_nbio(&resp, req_ctx)==-1) {
s_poll_init(c->fds);
s_poll_add(c->fds, c->fd, BIO_should_read(bio), BIO_should_write(bio));
err=s_poll_wait(c->fds, c->opt->timeout_busy, 0);
if(err==-1)
sockerror("OCSP: s_poll_wait");
if(err==0)
s_log(LOG_INFO, "OCSP: s_poll_wait: TIMEOUTbusy exceeded");
if(err<=0)
goto cleanup;
}
/* s_log(LOG_DEBUG, "OCSP: context state: 0x%x", *(int *)req_ctx); */
/* http://www.mail-archive.com/[email protected]/msg61691.html */
if(!resp) {
if(ERR_peek_error())
sslerror("OCSP: OCSP_sendreq_nbio");
else /* OpenSSL error: OCSP_sendreq_nbio does not use OCSPerr */
s_log(LOG_ERR, "OCSP: OCSP_sendreq_nbio: OpenSSL internal error");
}
cleanup:
if(req_ctx)
OCSP_REQ_CTX_free(req_ctx);
if(bio)
BIO_free_all(bio);
if(c->fd>=0) {
closesocket(c->fd);
c->fd=-1; /* avoid double close on cleanup */
}
return resp;
}
static int add_dir_lookup(X509_STORE *store, char *name) {
X509_LOOKUP *lookup;
lookup=X509_STORE_add_lookup(store, X509_LOOKUP_hash_dir());
if(!lookup) {
sslerror("X509_STORE_add_lookup");
return 0;
}
if(!X509_LOOKUP_add_dir(lookup, name, X509_FILETYPE_PEM)) {
s_log(LOG_ERR, "Failed to add %s revocation lookup directory", name);
sslerror("X509_LOOKUP_add_dir");
return 0;
}
s_log(LOG_DEBUG, "Added %s revocation lookup directory", name);
return 1; /* OK */
}
static int load_file_lookup(X509_STORE *store, char *name) {
X509_LOOKUP *lookup;
lookup=X509_STORE_add_lookup(store, X509_LOOKUP_file());
if(!lookup) {
sslerror("X509_STORE_add_lookup");
return 0;
}
if(!X509_LOOKUP_load_file(lookup, name, X509_FILETYPE_PEM)) {
s_log(LOG_ERR, "Failed to load %s revocation lookup file", name);
sslerror("X509_LOOKUP_load_file");
return 0;
}
s_log(LOG_DEBUG, "Loaded %s revocation lookup file", name);
return 1; /* OK */
}
NOEXPORT int load_key_file(SERVICE_OPTIONS *section) {
int i, reason;
UI_DATA ui_data;
s_log(LOG_INFO, "Loading private key from file: %s", section->key);
if(file_permissions(section->key))
return 1; /* FAILED */
ui_data.section=section; /* setup current section for callbacks */
SSL_CTX_set_default_passwd_cb(section->ctx, password_cb);
for(i=0; i<=3; i++) {
if(!i && !cache_initialized)
continue; /* there is no cached value */
SSL_CTX_set_default_passwd_cb_userdata(section->ctx,
i ? &ui_data : NULL); /* try the cached password first */
if(SSL_CTX_use_PrivateKey_file(section->ctx, section->key,
SSL_FILETYPE_PEM))
break;
reason=ERR_GET_REASON(ERR_peek_error());
if(i<=2 && reason==EVP_R_BAD_DECRYPT) {
sslerror_queue(); /* dump the error queue */
s_log(LOG_ERR, "Wrong pass phrase: retrying");
continue;
}
sslerror("SSL_CTX_use_PrivateKey_file");
return 1; /* FAILED */
}
s_log(LOG_INFO, "Private key loaded from file: %s", section->key);
return 0; /* OK */
}
NOEXPORT int load_cert_file(SERVICE_OPTIONS *section) {
s_log(LOG_INFO, "Loading certificate from file: %s", section->cert);
if(!SSL_CTX_use_certificate_chain_file(section->ctx, section->cert)) {
sslerror("SSL_CTX_use_certificate_chain_file");
return 1; /* FAILED */
}
s_log(LOG_INFO, "Certificate loaded from file: %s", section->cert);
return 0; /* OK */
}
NOEXPORT int load_key_engine(SERVICE_OPTIONS *section) {
int i, reason;
UI_DATA ui_data;
EVP_PKEY *pkey;
UI_METHOD *ui_method;
s_log(LOG_INFO, "Loading key from engine: %s", section->key);
ui_data.section=section; /* setup current section for callbacks */
#if defined(USE_WIN32) || OPENSSL_VERSION_NUMBER>=0x0090700fL
SSL_CTX_set_default_passwd_cb(section->ctx, password_cb);
#endif
#ifdef USE_WIN32
ui_method=UI_create_method("stunnel WIN32 UI");
UI_method_set_reader(ui_method, pin_cb);
#else /* USE_WIN32 */
ui_method=UI_OpenSSL();
/* workaround for broken engines */
/* ui_data.section=NULL; */
#endif /* USE_WIN32 */
for(i=1; i<=3; i++) {
pkey=ENGINE_load_private_key(section->engine, section->key,
ui_method, &ui_data);
if(!pkey) {
reason=ERR_GET_REASON(ERR_peek_error());
if(i<=2 && (reason==7 || reason==160)) { /* wrong PIN */
sslerror_queue(); /* dump the error queue */
s_log(LOG_ERR, "Wrong PIN: retrying");
continue;
}
sslerror("ENGINE_load_private_key");
return 1; /* FAILED */
}
if(SSL_CTX_use_PrivateKey(section->ctx, pkey))
break; /* success */
sslerror("SSL_CTX_use_PrivateKey");
return 1; /* FAILED */
}
return 0; /* OK */
}
NOEXPORT int load_cert_engine(SERVICE_OPTIONS *section) {
struct {
const char *id;
X509 *cert;
} parms;
s_log(LOG_INFO, "Loading certificate from engine ID: %s", section->cert);
parms.id=section->cert;
parms.cert=NULL;
ENGINE_ctrl_cmd(section->engine, "LOAD_CERT_CTRL", 0, &parms, NULL, 1);
if(!parms.cert) {
sslerror("ENGINE_ctrl_cmd");
return 1; /* FAILED */
}
if(!SSL_CTX_use_certificate(section->ctx, parms.cert)) {
sslerror("SSL_CTX_use_certificate");
return 1; /* FAILED */
}
s_log(LOG_INFO, "Certificate loaded from engine ID: %s", section->cert);
return 0; /* OK */
}
NOEXPORT void cron_dh_param(void) {
SERVICE_OPTIONS *opt;
DH *dh;
if(!dh_needed)
return;
s_log(LOG_NOTICE, "Updating DH parameters");
#if OPENSSL_VERSION_NUMBER>=0x0090800fL
/* generate 2048-bit DH parameters */
dh=DH_new();
if(!dh) {
sslerror("DH_new");
return;
}
if(!DH_generate_parameters_ex(dh, 2048, 2, NULL)) {
DH_free(dh);
sslerror("DH_generate_parameters_ex");
return;
}
#else /* OpenSSL older than 0.9.8 */
dh=DH_generate_parameters(2048, 2, NULL, NULL);
if(!dh) {
sslerror("DH_generate_parameters");
return;
}
#endif
/* update global dh_params for future configuration reloads */
enter_critical_section(CRIT_DH); /* it only needs an rwlock here */
DH_free(dh_params);
dh_params=dh;
leave_critical_section(CRIT_DH);
/* set for all sections that require it */
for(opt=service_options.next; opt; opt=opt->next)
if(opt->option.dh_needed)
SSL_CTX_set_tmp_dh(opt->ctx, dh);
s_log(LOG_NOTICE, "DH parameters updated");
}
UI_METHOD *UI_stunnel() {
static UI_METHOD *ui_method=NULL;
if(ui_method) /* already initialized */
return ui_method;
ui_method=UI_create_method("stunnel WIN32 UI");
if(!ui_method) {
sslerror("UI_create_method");
return NULL;
}
UI_method_set_reader(ui_method, pin_cb);
return ui_method;
}
NOEXPORT int init_ecdh(SERVICE_OPTIONS *section) {
EC_KEY *ecdh;
s_log(LOG_DEBUG, "ECDH initialization");
ecdh=EC_KEY_new_by_curve_name(section->curve);
if(!ecdh) {
sslerror("EC_KEY_new_by_curve_name");
s_log(LOG_ERR, "Cannot create curve %s",
OBJ_nid2ln(section->curve));
return 1; /* FAILED */
}
SSL_CTX_set_tmp_ecdh(section->ctx, ecdh);
EC_KEY_free(ecdh);
s_log(LOG_DEBUG, "ECDH initialized with curve %s",
OBJ_nid2ln(section->curve));
return 0; /* OK */
}
NOEXPORT int load_key_file(SERVICE_OPTIONS *section) {
int i, reason;
UI_DATA ui_data;
#if !defined(USE_WIN32) && !defined(USE_OS2)
struct stat st; /* buffer for stat */
#endif
s_log(LOG_INFO, "Loading key from file: %s", section->key);
#if !defined(USE_WIN32) && !defined(USE_OS2)
/* check permissions of the private key file */
if(stat(section->key, &st)) {
ioerror("Private key file not found");
return 1; /* FAILED */
}
if(st.st_mode & 7)
s_log(LOG_WARNING, "Insecure file permissions on %s",
section->key);
#endif
ui_data.section=section; /* setup current section for callbacks */
#if defined(USE_WIN32) || OPENSSL_VERSION_NUMBER>=0x0090700fL
SSL_CTX_set_default_passwd_cb(section->ctx, password_cb);
#endif
for(i=0; i<=3; i++) {
if(!i && !cache_initialized)
continue; /* there is no cached value */
SSL_CTX_set_default_passwd_cb_userdata(section->ctx,
i ? &ui_data : NULL); /* try the cached password first */
if(SSL_CTX_use_PrivateKey_file(section->ctx, section->key,
SSL_FILETYPE_PEM))
break;
reason=ERR_GET_REASON(ERR_peek_error());
if(i<=2 && reason==EVP_R_BAD_DECRYPT) {
sslerror_queue(); /* dump the error queue */
s_log(LOG_ERR, "Wrong pass phrase: retrying");
continue;
}
sslerror("SSL_CTX_use_PrivateKey_file");
return 1; /* FAILED */
}
return 0; /* OK */
}
int ssl_configure(GLOBAL_OPTIONS *global) { /* configure global SSL settings */
#ifdef USE_FIPS
if(FIPS_mode()!=global->option.fips) {
RAND_set_rand_method(NULL); /* reset RAND methods */
if(!FIPS_mode_set(global->option.fips)) {
ERR_load_crypto_strings();
sslerror("FIPS_mode_set");
return 1;
}
}
s_log(LOG_NOTICE, "FIPS mode %s",
global->option.fips ? "enabled" : "disabled");
#endif /* USE_FIPS */
#ifndef OPENSSL_NO_COMP
if(compression_init(global))
return 1;
#endif /* OPENSSL_NO_COMP */
if(prng_init(global))
return 1;
s_log(LOG_DEBUG, "PRNG seeded successfully");
return 0; /* SUCCESS */
}
NOEXPORT int ecdh_init(SERVICE_OPTIONS *section) {
#ifdef WITH_WOLFSSL
/* wolfSSL automatically detects ecdh parameters from ECC key file.
* No need to load explicitly */
(void)section;
return 0;
#else
EC_KEY *ecdh;
s_log(LOG_DEBUG, "ECDH initialization");
ecdh=EC_KEY_new_by_curve_name(section->curve);
if(!ecdh) {
sslerror("EC_KEY_new_by_curve_name");
s_log(LOG_ERR, "Cannot create curve %s",
OBJ_nid2ln(section->curve));
return 1; /* FAILED */
}
SSL_CTX_set_tmp_ecdh(section->ctx, ecdh);
EC_KEY_free(ecdh);
s_log(LOG_DEBUG, "ECDH initialized with curve %s",
OBJ_nid2ln(section->curve));
return 0; /* OK */
#endif /* WITH_WOLFSSL */
}
NOEXPORT DH *dh_read(char *cert) {
DH *dh;
BIO *bio;
if(!cert) {
s_log(LOG_DEBUG, "No certificate available to load DH parameters");
return NULL; /* FAILED */
}
bio=BIO_new_file(cert, "r");
if(!bio) {
sslerror("BIO_new_file");
return NULL; /* FAILED */
}
dh=PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if(!dh) {
while(ERR_get_error())
; /* OpenSSL error queue cleanup */
s_log(LOG_DEBUG, "Could not load DH parameters from %s", cert);
return NULL; /* FAILED */
}
s_log(LOG_DEBUG, "Using DH parameters from %s", cert);
return dh;
}
NOEXPORT int auth_init(SERVICE_OPTIONS *section) {
int cert_needed=1, key_needed=1;
#ifndef OPENSSL_NO_PSK
if(section->psk_keys) {
if(section->option.client)
SSL_CTX_set_psk_client_callback(section->ctx, psk_client_callback);
else
SSL_CTX_set_psk_server_callback(section->ctx, psk_server_callback);
}
#endif /* !defined(OPENSSL_NO_PSK) */
/* load the certificate and private key */
if(!section->cert || !section->key) {
s_log(LOG_DEBUG, "No certificate or private key specified");
return 0; /* OK */
}
#ifndef OPENSSL_NO_ENGINE
if(section->engine) { /* try to use the engine first */
cert_needed=load_cert_engine(section);
key_needed=load_key_engine(section);
}
#endif
if(cert_needed && load_cert_file(section))
return 1; /* FAILED */
if(key_needed && load_key_file(section))
return 1; /* FAILED */
/* validate the private key against the certificate */
if(!SSL_CTX_check_private_key(section->ctx)) {
sslerror("Private key does not match the certificate");
return 1; /* FAILED */
}
s_log(LOG_DEBUG, "Private key check succeeded");
return 0; /* OK */
}
NOEXPORT int conf_init(SERVICE_OPTIONS *section) {
#if OPENSSL_VERSION_NUMBER>=0x10002000L
SSL_CONF_CTX *cctx;
NAME_LIST *curr;
char *cmd, *param;
if(!section->config)
return 0; /* OK */
cctx=SSL_CONF_CTX_new();
if(!cctx) {
sslerror("SSL_CONF_CTX_new");
return 1; /* FAILED */
}
SSL_CONF_CTX_set_ssl_ctx(cctx, section->ctx);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_FILE);
SSL_CONF_CTX_set_flags(cctx, section->option.client ?
SSL_CONF_FLAG_CLIENT : SSL_CONF_FLAG_SERVER);
SSL_CONF_CTX_set_flags(cctx, SSL_CONF_FLAG_CERTIFICATE);
for(curr=section->config; curr; curr=curr->next) {
cmd=str_dup(curr->name);
param=strchr(cmd, ':');
if(param)
*param++='\0';
switch(SSL_CONF_cmd(cctx, cmd, param)) {
case 2:
s_log(LOG_DEBUG, "OpenSSL config \"%s\" set to \"%s\"", cmd, param);
break;
case 1:
s_log(LOG_DEBUG, "OpenSSL config command \"%s\" executed", cmd);
break;
case -2:
s_log(LOG_ERR,
"OpenSSL config command \"%s\" was not recognised", cmd);
str_free(cmd);
SSL_CONF_CTX_free(cctx);
return 1; /* FAILED */
case -3:
s_log(LOG_ERR,
"OpenSSL config command \"%s\" requires a parameter", cmd);
str_free(cmd);
SSL_CONF_CTX_free(cctx);
return 1; /* FAILED */
default:
sslerror("SSL_CONF_cmd");
str_free(cmd);
SSL_CONF_CTX_free(cctx);
return 1; /* FAILED */
}
str_free(cmd);
}
if(!SSL_CONF_CTX_finish(cctx)) {
sslerror("SSL_CONF_CTX_finish");
SSL_CONF_CTX_free(cctx);
return 1; /* FAILED */
}
SSL_CONF_CTX_free(cctx);
#else /* OpenSSL earlier than 1.0.2 */
(void)section; /* squash the unused parameter warning */
#endif /* OpenSSL 1.0.2 or later */
return 0; /* OK */
}
int context_init(SERVICE_OPTIONS *section) { /* init SSL context */
/* create SSL context */
if(section->option.client)
section->ctx=SSL_CTX_new(section->client_method);
else /* server mode */
section->ctx=SSL_CTX_new(section->server_method);
if(!section->ctx) {
sslerror("SSL_CTX_new");
return 1; /* FAILED */
}
SSL_CTX_set_ex_data(section->ctx, index_opt, section); /* for callbacks */
/* load certificate and private key to be verified by the peer server */
#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER>=0x0090809fL
/* SSL_CTX_set_client_cert_engine() was introduced in OpenSSL 0.9.8i */
if(section->option.client && section->engine) {
if(SSL_CTX_set_client_cert_engine(section->ctx, section->engine))
s_log(LOG_INFO, "Client certificate engine (%s) enabled",
ENGINE_get_id(section->engine));
else /* no client certificate functionality in this engine */
sslerror("SSL_CTX_set_client_cert_engine"); /* ignore error */
}
#endif
if(auth_init(section))
return 1; /* FAILED */
/* initialize verification of the peer server certificate */
if(verify_init(section))
return 1; /* FAILED */
/* initialize DH/ECDH server mode */
if(!section->option.client) {
#ifndef OPENSSL_NO_TLSEXT
SSL_CTX_set_tlsext_servername_arg(section->ctx, section);
SSL_CTX_set_tlsext_servername_callback(section->ctx, servername_cb);
#endif /* OPENSSL_NO_TLSEXT */
#ifndef OPENSSL_NO_DH
dh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
ecdh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_ECDH */
}
/* setup session cache */
if(!section->option.client) {
unsigned servname_len=(unsigned)strlen(section->servname);
if(servname_len>SSL_MAX_SSL_SESSION_ID_LENGTH)
servname_len=SSL_MAX_SSL_SESSION_ID_LENGTH;
if(!SSL_CTX_set_session_id_context(section->ctx,
(unsigned char *)section->servname, servname_len)) {
sslerror("SSL_CTX_set_session_id_context");
return 1; /* FAILED */
}
}
#ifdef SSL_SESS_CACHE_NO_INTERNAL_STORE
/* the default cache mode is just SSL_SESS_CACHE_SERVER */
SSL_CTX_set_session_cache_mode(section->ctx,
SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
SSL_CTX_sess_set_cache_size(section->ctx, section->session_size);
SSL_CTX_set_timeout(section->ctx, section->session_timeout);
SSL_CTX_sess_set_new_cb(section->ctx, sess_new_cb);
SSL_CTX_sess_set_get_cb(section->ctx, sess_get_cb);
SSL_CTX_sess_set_remove_cb(section->ctx, sess_remove_cb);
/* set info callback */
SSL_CTX_set_info_callback(section->ctx, info_callback);
/* ciphers, options, mode */
if(section->cipher_list)
if(!SSL_CTX_set_cipher_list(section->ctx, section->cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
return 1; /* FAILED */
}
SSL_CTX_set_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_set));
#if OPENSSL_VERSION_NUMBER>=0x009080dfL
SSL_CTX_clear_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_clear));
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX, -0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set, section->ssl_options_clear);
#else /* OpenSSL older than 0.9.8m */
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set);
#endif /* OpenSSL 0.9.8m or later */
/* initialize OpenSSL CONF options */
if(conf_init(section))
return 1; /* FAILED */
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_RELEASE_BUFFERS);
#else
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif
return 0; /* OK */
}
SSL *
makessl(struct server *srv, int fd, int verify, int timeout, char **cause)
{
SSL_CTX *ctx;
SSL *ssl;
int n, mode;
ctx = SSL_CTX_new(SSLv23_client_method());
if (srv->tls1)
SSL_CTX_set_options(ctx, SSL_OP_ALL);
else
SSL_CTX_set_options(ctx, SSL_OP_ALL | SSL_OP_NO_TLSv1);
SSL_CTX_set_default_verify_paths(ctx);
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
ssl = SSL_new(ctx);
if (ssl == NULL) {
*cause = sslerror("SSL_new");
goto error;
}
if (SSL_set_fd(ssl, fd) != 1) {
*cause = sslerror("SSL_set_fd");
goto error;
}
/*
* Switch the socket to blocking mode to be sure we have received the
* certificate.
*/
if ((mode = fcntl(fd, F_GETFL)) == -1)
fatal("fcntl failed");
if (fcntl(fd, F_SETFL, mode & ~O_NONBLOCK) == -1)
fatal("fcntl failed");
/* Set the timeout. */
timer_set(timeout / 1000);
/* Connect with SSL. */
SSL_set_connect_state(ssl);
if ((n = SSL_connect(ssl)) < 1) {
timer_cancel();
if (timer_expired()) {
xasprintf(
cause, "SSL_connect: %s", strerror(ETIMEDOUT));
goto error;
}
*cause = sslerror2(SSL_get_error(ssl, n), "SSL_connect");
goto error;
}
/* Reset non-blocking mode. */
if (fcntl(fd, F_SETFL, mode|O_NONBLOCK) == -1)
fatal("fcntl failed");
/* Clear the timeout. */
timer_cancel();
/* Verify certificate. */
if (verify && sslverify(srv, ssl, cause) != 0)
goto error;
return (ssl);
error:
SSL_CTX_free(ctx);
if (ssl != NULL)
SSL_free(ssl);
return (NULL);
}
static void init_local(CLI *c) {
SOCKADDR_UNION addr;
socklen_t addrlen;
addrlen=sizeof addr;
if(getpeername(c->local_rfd.fd, &addr.sa, &addrlen)<0) {
strcpy(c->accepted_address, "NOT A SOCKET");
c->local_rfd.is_socket=0;
c->local_wfd.is_socket=0; /* TODO: It's not always true */
#ifdef USE_WIN32
if(get_last_socket_error()!=ENOTSOCK) {
#else
if(c->opt->option.transparent_src || get_last_socket_error()!=ENOTSOCK) {
#endif
sockerror("getpeerbyname");
longjmp(c->err, 1);
}
/* ignore ENOTSOCK error so 'local' doesn't have to be a socket */
} else { /* success */
/* copy addr to c->peer_addr */
memcpy(&c->peer_addr.addr[0], &addr, sizeof addr);
c->peer_addr.num=1;
s_ntop(c->accepted_address, &c->peer_addr.addr[0]);
c->local_rfd.is_socket=1;
c->local_wfd.is_socket=1; /* TODO: It's not always true */
/* it's a socket: lets setup options */
if(set_socket_options(c->local_rfd.fd, 1)<0)
longjmp(c->err, 1);
#ifdef USE_LIBWRAP
libwrap_auth(c);
#endif /* USE_LIBWRAP */
auth_user(c);
s_log(LOG_NOTICE, "Service %s accepted connection from %s",
c->opt->servname, c->accepted_address);
}
}
static void init_remote(CLI *c) {
/* create connection to host/service */
if(c->opt->source_addr.num)
memcpy(&c->bind_addr, &c->opt->source_addr, sizeof(SOCKADDR_LIST));
#ifndef USE_WIN32
else if(c->opt->option.transparent_src)
memcpy(&c->bind_addr, &c->peer_addr, sizeof(SOCKADDR_LIST));
#endif
else {
c->bind_addr.num=0; /* don't bind connecting socket */
}
/* setup c->remote_fd, now */
if(c->opt->option.remote)
c->remote_fd.fd=connect_remote(c);
#ifdef SO_ORIGINAL_DST
else if(c->opt->option.transparent_dst)
c->remote_fd.fd=connect_transparent(c);
#endif /* SO_ORIGINAL_DST */
else /* NOT in remote mode */
c->remote_fd.fd=connect_local(c);
c->remote_fd.is_socket=1; /* always! */
s_log(LOG_DEBUG, "Remote FD=%d initialized", c->remote_fd.fd);
if(set_socket_options(c->remote_fd.fd, 2)<0)
longjmp(c->err, 1);
}
static void init_ssl(CLI *c) {
int i, err;
SSL_SESSION *old_session;
if(!(c->ssl=SSL_new(c->opt->ctx))) {
sslerror("SSL_new");
longjmp(c->err, 1);
}
SSL_set_ex_data(c->ssl, cli_index, c); /* for callbacks */
SSL_set_session_id_context(c->ssl, (unsigned char *)sid_ctx,
strlen(sid_ctx));
if(c->opt->option.client) {
#ifndef OPENSSL_NO_TLSEXT
if(c->opt->host_name) {
s_log(LOG_DEBUG, "SNI: host name: %s", c->opt->host_name);
if(!SSL_set_tlsext_host_name(c->ssl, c->opt->host_name)) {
sslerror("SSL_set_tlsext_host_name");
longjmp(c->err, 1);
}
}
#endif
if(c->opt->session) {
enter_critical_section(CRIT_SESSION);
SSL_set_session(c->ssl, c->opt->session);
leave_critical_section(CRIT_SESSION);
}
SSL_set_fd(c->ssl, c->remote_fd.fd);
SSL_set_connect_state(c->ssl);
} else {
if(c->local_rfd.fd==c->local_wfd.fd)
SSL_set_fd(c->ssl, c->local_rfd.fd);
else {
/* does it make sence to have SSL on STDIN/STDOUT? */
SSL_set_rfd(c->ssl, c->local_rfd.fd);
SSL_set_wfd(c->ssl, c->local_wfd.fd);
}
SSL_set_accept_state(c->ssl);
}
/* setup some values for transfer() function */
if(c->opt->option.client) {
c->sock_rfd=&(c->local_rfd);
c->sock_wfd=&(c->local_wfd);
c->ssl_rfd=c->ssl_wfd=&(c->remote_fd);
} else {
c->sock_rfd=c->sock_wfd=&(c->remote_fd);
c->ssl_rfd=&(c->local_rfd);
c->ssl_wfd=&(c->local_wfd);
}
while(1) {
#if OPENSSL_VERSION_NUMBER<0x1000002f
/* this critical section is a crude workaround for CVE-2010-3864 *
* see http://www.securityfocus.com/bid/44884 for details *
* NOTE: this critical section also covers callbacks (e.g. OCSP) */
enter_critical_section(CRIT_SSL);
#endif /* OpenSSL version < 1.0.0b */
if(c->opt->option.client)
i=SSL_connect(c->ssl);
else
i=SSL_accept(c->ssl);
#if OPENSSL_VERSION_NUMBER<0x1000002f
leave_critical_section(CRIT_SSL);
#endif /* OpenSSL version < 1.0.0b */
err=SSL_get_error(c->ssl, i);
if(err==SSL_ERROR_NONE)
break; /* ok -> done */
if(err==SSL_ERROR_WANT_READ || err==SSL_ERROR_WANT_WRITE) {
s_poll_init(&c->fds);
s_poll_add(&c->fds, c->ssl_rfd->fd,
err==SSL_ERROR_WANT_READ,
err==SSL_ERROR_WANT_WRITE);
switch(s_poll_wait(&c->fds, c->opt->timeout_busy, 0)) {
case -1:
sockerror("init_ssl: s_poll_wait");
longjmp(c->err, 1);
case 0:
s_log(LOG_INFO, "init_ssl: s_poll_wait:"
" TIMEOUTbusy exceeded: sending reset");
longjmp(c->err, 1);
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "init_ssl: s_poll_wait: unknown result");
longjmp(c->err, 1);
}
continue; /* ok -> retry */
}
if(err==SSL_ERROR_SYSCALL) {
switch(get_last_socket_error()) {
case EINTR:
case EAGAIN:
continue;
}
}
if(c->opt->option.client)
sslerror("SSL_connect");
else
sslerror("SSL_accept");
longjmp(c->err, 1);
}
if(SSL_session_reused(c->ssl)) {
s_log(LOG_INFO, "SSL %s: previous session reused",
c->opt->option.client ? "connected" : "accepted");
} else { /* a new session was negotiated */
if(c->opt->option.client) {
s_log(LOG_INFO, "SSL connected: new session negotiated");
enter_critical_section(CRIT_SESSION);
old_session=c->opt->session;
c->opt->session=SSL_get1_session(c->ssl); /* store it */
if(old_session)
SSL_SESSION_free(old_session); /* release the old one */
leave_critical_section(CRIT_SESSION);
} else
s_log(LOG_INFO, "SSL accepted: new session negotiated");
print_cipher(c);
}
}
static int ocsp_check(CLI *c, X509_STORE_CTX *callback_ctx) {
int error, retval=0;
X509 *cert;
X509 *issuer=NULL;
OCSP_CERTID *certID;
OCSP_REQUEST *request=NULL;
OCSP_RESPONSE *response=NULL;
OCSP_BASICRESP *basicResponse=NULL;
ASN1_GENERALIZEDTIME *revoked_at=NULL,
*this_update=NULL, *next_update=NULL;
int status, reason;
/* get current certificate ID */
cert=X509_STORE_CTX_get_current_cert(callback_ctx); /* get current cert */
if(X509_STORE_CTX_get1_issuer(&issuer, callback_ctx, cert)!=1) {
sslerror("OCSP: X509_STORE_CTX_get1_issuer");
goto cleanup;
}
certID=OCSP_cert_to_id(0, cert, issuer);
if(!certID) {
sslerror("OCSP: OCSP_cert_to_id");
goto cleanup;
}
/* build request */
request=OCSP_REQUEST_new();
if(!request) {
sslerror("OCSP: OCSP_REQUEST_new");
goto cleanup;
}
if(!OCSP_request_add0_id(request, certID)) {
sslerror("OCSP: OCSP_request_add0_id");
goto cleanup;
}
OCSP_request_add1_nonce(request, 0, -1);
/* send the request and get a response */
response=ocsp_get_response(c, request);
if(!response)
goto cleanup;
error=OCSP_response_status(response);
if(error!=OCSP_RESPONSE_STATUS_SUCCESSFUL) {
s_log(LOG_WARNING, "OCSP: Responder error: %d: %s",
error, OCSP_response_status_str(error));
goto cleanup;
}
s_log(LOG_DEBUG, "OCSP: Response received");
/* verify the response */
basicResponse=OCSP_response_get1_basic(response);
if(!basicResponse) {
sslerror("OCSP: OCSP_response_get1_basic");
goto cleanup;
}
if(OCSP_check_nonce(request, basicResponse)<=0) {
sslerror("OCSP: OCSP_check_nonce");
goto cleanup;
}
if(OCSP_basic_verify(basicResponse, NULL,
c->opt->revocation_store, c->opt->ocsp_flags)<=0) {
sslerror("OCSP: OCSP_basic_verify");
goto cleanup;
}
if(!OCSP_resp_find_status(basicResponse, certID, &status, &reason,
&revoked_at, &this_update, &next_update)) {
sslerror("OCSP: OCSP_resp_find_status");
goto cleanup;
}
s_log(LOG_NOTICE, "OCSP: Status: %d: %s",
status, OCSP_cert_status_str(status));
log_time(LOG_INFO, "OCSP: This update", this_update);
log_time(LOG_INFO, "OCSP: Next update", next_update);
/* check if the response is valid for at least one minute */
if(!OCSP_check_validity(this_update, next_update, 60, -1)) {
sslerror("OCSP: OCSP_check_validity");
goto cleanup;
}
if(status==V_OCSP_CERTSTATUS_REVOKED) {
if(reason==-1)
s_log(LOG_WARNING, "OCSP: Certificate revoked");
else
s_log(LOG_WARNING, "OCSP: Certificate revoked: %d: %s",
reason, OCSP_crl_reason_str(reason));
log_time(LOG_NOTICE, "OCSP: Revoked at", revoked_at);
goto cleanup;
}
retval=1; /* accept connection */
cleanup:
if(issuer)
X509_free(issuer);
if(request)
OCSP_REQUEST_free(request);
if(response)
OCSP_RESPONSE_free(response);
if(basicResponse)
OCSP_BASICRESP_free(basicResponse);
return retval;
}
void context_init(void) { /* init SSL */
int i;
#if SSLEAY_VERSION_NUMBER >= 0x00907000L
/* Load all bundled ENGINEs into memory and make them visible */
ENGINE_load_builtin_engines();
/* Register all of them for every algorithm they collectively implement */
ENGINE_register_all_complete();
#endif
if(!init_prng())
log(LOG_INFO, "PRNG seeded successfully");
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
if(options.option.client) {
ctx=SSL_CTX_new(SSLv3_client_method());
} else { /* Server mode */
ctx=SSL_CTX_new(SSLv23_server_method());
#ifndef NO_RSA
SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
#endif /* NO_RSA */
if(init_dh())
log(LOG_WARNING, "Diffie-Hellman initialization failed");
}
if(options.ssl_options) {
log(LOG_DEBUG, "Configuration SSL options: 0x%08lX",
options.ssl_options);
log(LOG_DEBUG, "SSL options set: 0x%08lX",
SSL_CTX_set_options(ctx, options.ssl_options));
}
#if SSLEAY_VERSION_NUMBER >= 0x00906000L
SSL_CTX_set_mode(ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif /* OpenSSL-0.9.6 */
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout(ctx, options.session_timeout);
if(options.option.cert) {
if(!SSL_CTX_use_certificate_chain_file(ctx, options.cert)) {
log(LOG_ERR, "Error reading certificate file: %s", options.cert);
sslerror("SSL_CTX_use_certificate_chain_file");
exit(1);
}
log(LOG_DEBUG, "Certificate: %s", options.cert);
log(LOG_DEBUG, "Key file: %s", options.key);
#ifdef USE_WIN32
SSL_CTX_set_default_passwd_cb(ctx, pem_passwd_cb);
#endif
for(i=0; i<3; i++) {
#ifdef NO_RSA
if(SSL_CTX_use_PrivateKey_file(ctx, options.key,
SSL_FILETYPE_PEM))
#else /* NO_RSA */
if(SSL_CTX_use_RSAPrivateKey_file(ctx, options.key,
SSL_FILETYPE_PEM))
#endif /* NO_RSA */
break;
if(i<2 && ERR_GET_REASON(ERR_peek_error())==EVP_R_BAD_DECRYPT) {
sslerror_stack(); /* dump the error stack */
log(LOG_ERR, "Wrong pass phrase: retrying");
continue;
}
#ifdef NO_RSA
sslerror("SSL_CTX_use_PrivateKey_file");
#else /* NO_RSA */
sslerror("SSL_CTX_use_RSAPrivateKey_file");
#endif /* NO_RSA */
exit(1);
}
if(!SSL_CTX_check_private_key(ctx)) {
sslerror("Private key does not match the certificate");
exit(1);
}
}
verify_init(); /* Initialize certificate verification */
SSL_CTX_set_info_callback(ctx, info_callback);
if(options.cipher_list) {
if (!SSL_CTX_set_cipher_list(ctx, options.cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
exit(1);
}
}
}
int context_init(SERVICE_OPTIONS *section) { /* init SSL context */
/* create SSL context */
if(section->option.client)
section->ctx=SSL_CTX_new(section->client_method);
else /* server mode */
section->ctx=SSL_CTX_new(section->server_method);
if(!section->ctx) {
sslerror("SSL_CTX_new");
return 1; /* FAILED */
}
SSL_CTX_set_ex_data(section->ctx, opt_index, section); /* for callbacks */
/* load certificate and private key to be verified by the peer server */
#ifdef HAVE_OSSL_ENGINE_H
if(section->option.client && section->engine) {
if(SSL_CTX_set_client_cert_engine(section->ctx, section->engine))
s_log(LOG_INFO, "Client certificate engine (%s) enabled",
ENGINE_get_id(section->engine));
else /* no client certificate functionality in this engine */
sslerror("SSL_CTX_set_client_cert_engine"); /* ignore error */
}
#endif
if(load_cert(section))
return 1; /* FAILED */
/* initialize verification of the peer server certificate */
if(verify_init(section))
return 1; /* FAILED */
/* initialize DH/ECDH server mode */
if(!section->option.client) {
#ifndef OPENSSL_NO_TLSEXT
SSL_CTX_set_tlsext_servername_arg(section->ctx, section);
SSL_CTX_set_tlsext_servername_callback(section->ctx, servername_cb);
#endif /* OPENSSL_NO_TLSEXT */
#ifndef OPENSSL_NO_DH
init_dh(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
init_ecdh(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_ECDH */
}
/* setup session cache */
if(!section->option.client) {
unsigned int servname_len=strlen(section->servname);
if(servname_len>SSL_MAX_SSL_SESSION_ID_LENGTH)
servname_len=SSL_MAX_SSL_SESSION_ID_LENGTH;
if(!SSL_CTX_set_session_id_context(section->ctx,
(unsigned char *)section->servname, servname_len)) {
sslerror("SSL_CTX_set_session_id_context");
return 1; /* FAILED */
}
}
SSL_CTX_set_session_cache_mode(section->ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_sess_set_cache_size(section->ctx, section->session_size);
SSL_CTX_set_timeout(section->ctx, section->session_timeout);
if(section->option.sessiond) {
SSL_CTX_sess_set_new_cb(section->ctx, sess_new_cb);
SSL_CTX_sess_set_get_cb(section->ctx, sess_get_cb);
SSL_CTX_sess_set_remove_cb(section->ctx, sess_remove_cb);
}
/* set info callback */
SSL_CTX_set_info_callback(section->ctx, info_callback);
/* ciphers, options, mode */
if(section->cipher_list)
if(!SSL_CTX_set_cipher_list(section->ctx, section->cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
return 1; /* FAILED */
}
s_log(LOG_DEBUG, "SSL options set: 0x%08lX",
SSL_CTX_set_options(section->ctx, section->ssl_options));
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_RELEASE_BUFFERS);
#else
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif
return 0; /* OK */
}
static int ocsp_check(CLI *c, X509_STORE_CTX *callback_ctx) {
int error, retval=0;
SOCKADDR_UNION addr;
X509 *cert;
X509 *issuer=NULL;
OCSP_CERTID *certID;
BIO *bio=NULL;
OCSP_REQUEST *request=NULL;
OCSP_RESPONSE *response=NULL;
OCSP_BASICRESP *basicResponse=NULL;
ASN1_GENERALIZEDTIME *revoked_at=NULL,
*this_update=NULL, *next_update=NULL;
int status, reason;
/* connect specified OCSP server (responder) */
c->fd=s_socket(c->opt->ocsp_addr.addr[0].sa.sa_family, SOCK_STREAM, 0,
0, "OCSP: socket (auth_user)");
if(c->fd<0)
return 0; /* reject connection */
memcpy(&addr, &c->opt->ocsp_addr.addr[0], sizeof addr);
if(connect_blocking(c, &addr, addr_len(addr)))
goto cleanup;
s_log(LOG_DEBUG, "OCSP: server connected");
/* get current certificate ID */
cert=X509_STORE_CTX_get_current_cert(callback_ctx); /* get current cert */
if(X509_STORE_CTX_get1_issuer(&issuer, callback_ctx, cert)!=1) {
sslerror("OCSP: X509_STORE_CTX_get1_issuer");
goto cleanup;
}
certID=OCSP_cert_to_id(0, cert, issuer);
if(!certID) {
sslerror("OCSP: OCSP_cert_to_id");
goto cleanup;
}
/* build request */
request=OCSP_REQUEST_new();
if(!request) {
sslerror("OCSP: OCSP_REQUEST_new");
goto cleanup;
}
if(!OCSP_request_add0_id(request, certID)) {
sslerror("OCSP: OCSP_request_add0_id");
goto cleanup;
}
OCSP_request_add1_nonce(request, 0, -1);
/* send the request and get a response */
/* FIXME: this code won't work with ucontext threading */
/* (blocking sockets are used) */
bio=BIO_new_fd(c->fd, BIO_NOCLOSE);
response=OCSP_sendreq_bio(bio, c->opt->ocsp_path, request);
if(!response) {
sslerror("OCSP: OCSP_sendreq_bio");
goto cleanup;
}
error=OCSP_response_status(response);
if(error!=OCSP_RESPONSE_STATUS_SUCCESSFUL) {
s_log(LOG_WARNING, "OCSP: Responder error: %d: %s",
error, OCSP_response_status_str(error));
goto cleanup;
}
s_log(LOG_DEBUG, "OCSP: Response received");
/* verify the response */
basicResponse=OCSP_response_get1_basic(response);
if(!basicResponse) {
sslerror("OCSP: OCSP_response_get1_basic");
goto cleanup;
}
if(OCSP_check_nonce(request, basicResponse)<=0) {
sslerror("OCSP: OCSP_check_nonce");
goto cleanup;
}
if(OCSP_basic_verify(basicResponse, NULL,
c->opt->revocation_store, c->opt->ocsp_flags)<=0) {
sslerror("OCSP: OCSP_basic_verify");
goto cleanup;
}
if(!OCSP_resp_find_status(basicResponse, certID, &status, &reason,
&revoked_at, &this_update, &next_update)) {
sslerror("OCSP: OCSP_resp_find_status");
goto cleanup;
}
s_log(LOG_NOTICE, "OCSP: Status: %d: %s",
status, OCSP_cert_status_str(status));
log_time(LOG_INFO, "OCSP: This update", this_update);
log_time(LOG_INFO, "OCSP: Next update", next_update);
/* check if the response is valid for at least one minute */
if(!OCSP_check_validity(this_update, next_update, 60, -1)) {
sslerror("OCSP: OCSP_check_validity");
goto cleanup;
}
if(status==V_OCSP_CERTSTATUS_REVOKED) {
if(reason==-1)
s_log(LOG_WARNING, "OCSP: Certificate revoked");
else
s_log(LOG_WARNING, "OCSP: Certificate revoked: %d: %s",
reason, OCSP_crl_reason_str(reason));
log_time(LOG_NOTICE, "OCSP: Revoked at", revoked_at);
goto cleanup;
}
retval=1; /* accept connection */
cleanup:
if(bio)
BIO_free_all(bio);
if(issuer)
X509_free(issuer);
if(request)
OCSP_REQUEST_free(request);
if(response)
OCSP_RESPONSE_free(response);
if(basicResponse)
OCSP_BASICRESP_free(basicResponse);
closesocket(c->fd);
c->fd=-1; /* avoid double close on cleanup */
return retval;
}
static int transfer(CLI *c) { /* transfer data */
fd_set rd_set, wr_set;
int num, err, fdno;
int check_SSL_pending;
int ssl_closing;
/* 0=not closing SSL, 1=initiate SSL_shutdown,
* 2=retry SSL_shutdown, 3=SSL_shutdown done */
int ready;
struct timeval tv;
/* fdno=max(c->sock_rfd->fd, c->sock_wfd->fd,
* fdno=c->ssl_rfd->fd, fdno=c->ssl_wfd->fd)+1 */
fdno=c->sock_rfd->fd;
if(c->sock_wfd->fd>fdno) fdno=c->sock_wfd->fd;
if(c->ssl_rfd->fd>fdno) fdno=c->ssl_rfd->fd;
if(c->ssl_wfd->fd>fdno) fdno=c->ssl_wfd->fd;
fdno+=1;
c->sock_ptr=c->ssl_ptr=0;
sock_rd=sock_wr=ssl_rd=ssl_wr=1;
c->sock_bytes=c->ssl_bytes=0;
ssl_closing=0;
while(((sock_rd||c->sock_ptr)&&ssl_wr)||((ssl_rd||c->ssl_ptr)&&sock_wr)) {
FD_ZERO(&rd_set); /* Setup rd_set */
if(sock_rd && c->sock_ptr<BUFFSIZE) /* socket input buffer not full*/
FD_SET(c->sock_rfd->fd, &rd_set);
if(ssl_rd && (
c->ssl_ptr<BUFFSIZE || /* SSL input buffer not full */
((c->sock_ptr||ssl_closing) && SSL_want_read(c->ssl))
/* I want to SSL_write or SSL_shutdown but read from the
* underlying socket needed for the SSL protocol */
)) {
FD_SET(c->ssl_rfd->fd, &rd_set);
}
FD_ZERO(&wr_set); /* Setup wr_set */
if(sock_wr && c->ssl_ptr) /* SSL input buffer not empty */
FD_SET(c->sock_wfd->fd, &wr_set);
if (ssl_wr && (
c->sock_ptr || /* socket input buffer not empty */
ssl_closing==1 || /* initiate SSL_shutdown */
((c->ssl_ptr<BUFFSIZE || ssl_closing==2) &&
SSL_want_write(c->ssl))
/* I want to SSL_read or SSL_shutdown but write to the
* underlying socket needed for the SSL protocol */
)) {
FD_SET(c->ssl_wfd->fd, &wr_set);
}
tv.tv_sec=sock_rd ||
(ssl_wr&&c->sock_ptr) || (sock_wr&&c->ssl_ptr) ?
c->opt->timeout_idle : c->opt->timeout_close;
tv.tv_usec=0;
ready=sselect(fdno, &rd_set, &wr_set, NULL, &tv);
if(ready<0) { /* Break the connection for others */
sockerror("select");
return -1;
}
if(!ready) { /* Timeout */
if(sock_rd) { /* No traffic for a long time */
log(LOG_DEBUG, "select timeout: connection reset");
return -1;
} else { /* Timeout waiting for SSL close_notify */
log(LOG_DEBUG, "select timeout waiting for SSL close_notify");
break; /* Leave the while() loop */
}
}
if(ssl_closing==1 /* initiate SSL_shutdown */ || (ssl_closing==2 && (
(SSL_want_read(c->ssl) && FD_ISSET(c->ssl_rfd->fd, &rd_set)) ||
(SSL_want_write(c->ssl) && FD_ISSET(c->ssl_wfd->fd, &wr_set))
))) {
switch(SSL_shutdown(c->ssl)) { /* Send close_notify */
case 1: /* the shutdown was successfully completed */
log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
ssl_wr=0; /* SSL write closed */
/* TODO: It's not really closed. We need to distinguish
* closed SSL and closed underlying file descriptor */
ssl_closing=3; /* done! */
break;
case 0: /* the shutdown is not yet finished */
log(LOG_DEBUG, "SSL_shutdown retrying");
ssl_closing=2; /* next time just retry SSL_shutdown */
break;
case -1: /* a fatal error occurred */
sslerror("SSL_shutdown");
return -1;
}
}
/* Set flag to try and read any buffered SSL data if we made */
/* room in the buffer by writing to the socket */
check_SSL_pending = 0;
if(sock_wr && FD_ISSET(c->sock_wfd->fd, &wr_set)) {
switch(num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr)) {
case -1: /* error */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"writesocket interrupted by a signal: retrying");
break;
case EWOULDBLOCK:
log(LOG_NOTICE, "writesocket would block: retrying");
break;
default:
sockerror("writesocket");
return -1;
}
break;
case 0:
log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
if(c->ssl_ptr==BUFFSIZE)
check_SSL_pending=1;
c->ssl_ptr-=num;
c->sock_bytes+=num;
if(!ssl_rd && !c->ssl_ptr) {
shutdown(c->sock_wfd->fd, SHUT_WR);
log(LOG_DEBUG,
"Socket write shutdown (no more data to send)");
sock_wr=0;
}
}
}
if(ssl_wr && ( /* SSL sockets are still open */
(c->sock_ptr && FD_ISSET(c->ssl_wfd->fd, &wr_set)) ||
/* See if application data can be written */
(SSL_want_read(c->ssl) && FD_ISSET(c->ssl_rfd->fd, &rd_set))
/* I want to SSL_write but read from the underlying */
/* socket needed for the SSL protocol */
)) {
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
err=SSL_get_error(c->ssl, num);
switch(err) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
if(!ssl_closing && !sock_rd && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (no more data to send)");
ssl_closing=1;
}
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_X509_LOOKUP:
log(LOG_DEBUG, "SSL_write returned WANT_: retrying");
break;
case SSL_ERROR_SYSCALL:
if(num<0) { /* really an error */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"SSL_write interrupted by a signal: retrying");
break;
case EAGAIN:
log(LOG_DEBUG,
"SSL_write returned EAGAIN: retrying");
break;
default:
sockerror("SSL_write (ERROR_SYSCALL)");
return -1;
}
}
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_rd=ssl_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
return -1;
default:
log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
return -1;
}
}
if(sock_rd && FD_ISSET(c->sock_rfd->fd, &rd_set)) {
switch(num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr)) {
case -1:
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"readsocket interrupted by a signal: retrying");
break;
case EWOULDBLOCK:
log(LOG_NOTICE, "readsocket would block: retrying");
break;
default:
sockerror("readsocket");
return -1;
}
break;
case 0: /* close */
log(LOG_DEBUG, "Socket closed on read");
sock_rd=0;
if(!ssl_closing && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (output buffer empty)");
ssl_closing=1;
}
break;
default:
c->sock_ptr+=num;
}
}
if(ssl_rd && ( /* SSL sockets are still open */
(c->ssl_ptr<BUFFSIZE && FD_ISSET(c->ssl_rfd->fd, &rd_set)) ||
/* See if there's any application data coming in */
(SSL_want_write(c->ssl) && FD_ISSET(c->ssl_wfd->fd, &wr_set)) ||
/* I want to SSL_read but write to the underlying */
/* socket needed for the SSL protocol */
(check_SSL_pending && SSL_pending(c->ssl))
/* Write made space from full buffer */
)) {
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
err=SSL_get_error(c->ssl, num);
switch(err) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
break;
case SSL_ERROR_WANT_WRITE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_X509_LOOKUP:
log(LOG_DEBUG, "SSL_read returned WANT_: retrying");
break;
case SSL_ERROR_SYSCALL:
if(num<0) { /* not EOF */
switch(get_last_socket_error()) {
case EINTR:
log(LOG_DEBUG,
"SSL_read interrupted by a signal: retrying");
break;
case EAGAIN:
log(LOG_DEBUG,
"SSL_read returned EAGAIN: retrying");
break;
default:
sockerror("SSL_read (ERROR_SYSCALL)");
return -1;
}
} else { /* EOF */
log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_rd=ssl_wr=0;
}
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_rd=0;
if(!ssl_closing && !c->sock_ptr && ssl_wr) {
log(LOG_DEBUG,
"SSL write shutdown (output buffer empty)");
ssl_closing=1;
}
if(!c->ssl_ptr && sock_wr) {
shutdown(c->sock_wfd->fd, SHUT_WR);
log(LOG_DEBUG,
"Socket write shutdown (output buffer empty)");
sock_wr=0;
}
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
return -1;
default:
log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
return -1;
}
}
}
return 0; /* OK */
}
/****************************** transfer data */
static void transfer(CLI *c) {
int watchdog=0; /* a counter to detect an infinite loop */
int num, err;
/* logical channels (not file descriptors!) open for read or write */
int sock_open_rd=1, sock_open_wr=1, ssl_open_rd=1, ssl_open_wr=1;
/* awaited conditions on SSL file descriptors */
int shutdown_wants_read=0, shutdown_wants_write=0;
int read_wants_read, read_wants_write=0;
int write_wants_read=0, write_wants_write;
/* actual conditions on file descriptors */
int sock_can_rd, sock_can_wr, ssl_can_rd, ssl_can_wr;
c->sock_ptr=c->ssl_ptr=0;
do { /* main loop of client data transfer */
/****************************** initialize *_wants_* */
read_wants_read=
ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write=
ssl_open_wr && c->sock_ptr && !write_wants_read;
/****************************** setup c->fds structure */
s_poll_init(&c->fds); /* initialize the structure */
/* for plain socket open data strem = open file descriptor */
/* make sure to add each open socket to receive exceptions! */
if(sock_open_rd)
s_poll_add(&c->fds, c->sock_rfd->fd, c->sock_ptr<BUFFSIZE, 0);
if(sock_open_wr)
s_poll_add(&c->fds, c->sock_wfd->fd, 0, c->ssl_ptr);
/* for SSL assume that sockets are open if there any pending requests */
if(read_wants_read || write_wants_read || shutdown_wants_read)
s_poll_add(&c->fds, c->ssl_rfd->fd, 1, 0);
if(read_wants_write || write_wants_write || shutdown_wants_write)
s_poll_add(&c->fds, c->ssl_wfd->fd, 0, 1);
/****************************** wait for an event */
err=s_poll_wait(&c->fds,
(sock_open_rd && ssl_open_rd) /* both peers open */ ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close, 0);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
longjmp(c->err, 1);
case 0: /* timeout */
if((sock_open_rd && ssl_open_rd) || c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "transfer: s_poll_wait:"
" TIMEOUTidle exceeded: sending reset");
longjmp(c->err, 1);
} else { /* already closing connection */
s_log(LOG_ERR, "transfer: s_poll_wait:"
" TIMEOUTclose exceeded: closing");
return; /* OK */
}
}
/****************************** check for errors on sockets */
err=s_poll_error(&c->fds, c->sock_rfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on socket (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->sock_wfd->fd != c->sock_rfd->fd) { /* performance optimization */
err=s_poll_error(&c->fds, c->sock_wfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on socket write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
err=s_poll_error(&c->fds, c->ssl_rfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on SSL (read) file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->ssl_wfd->fd != c->ssl_rfd->fd) { /* performance optimization */
err=s_poll_error(&c->fds, c->ssl_wfd->fd);
if(err) {
s_log(LOG_NOTICE,
"Error detected on SSL write file descriptor: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
}
/****************************** retrieve results from c->fds */
sock_can_rd=s_poll_canread(&c->fds, c->sock_rfd->fd);
sock_can_wr=s_poll_canwrite(&c->fds, c->sock_wfd->fd);
ssl_can_rd=s_poll_canread(&c->fds, c->ssl_rfd->fd);
ssl_can_wr=s_poll_canwrite(&c->fds, c->ssl_wfd->fd);
/****************************** checks for internal failures */
/* please report any internal errors to stunnel-users mailing list */
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
longjmp(c->err, 1);
}
/* these checks should no longer be needed */
/* I'm going to remove them soon */
if(!sock_open_rd && sock_can_rd) {
err=get_socket_error(c->sock_rfd->fd);
if(err) { /* really an error? */
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: %s (%d)",
s_strerror(err), err);
longjmp(c->err, 1);
}
if(c->ssl_ptr) { /* anything left to write */
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: sending reset");
longjmp(c->err, 1);
}
s_log(LOG_ERR, "INTERNAL ERROR: "
"Closed socket ready to read: write close");
sock_open_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
/****************************** send SSL close_notify message */
if(shutdown_wants_read || shutdown_wants_write) {
shutdown_wants_read=shutdown_wants_write=0;
num=SSL_shutdown(c->ssl); /* send close_notify */
if(num<0) /* -1 - not completed */
err=SSL_get_error(c->ssl, num);
else /* 0 or 1 - success */
err=SSL_ERROR_NONE;
switch(err) {
case SSL_ERROR_NONE: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_WRITE: retrying");
shutdown_wants_write=1;
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_shutdown returned WANT_READ: retrying");
shutdown_wants_read=1;
break;
case SSL_ERROR_SYSCALL: /* socket error */
parse_socket_error(c, "SSL_shutdown");
break;
case SSL_ERROR_SSL: /* SSL error */
sslerror("SSL_shutdown");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_shutdown/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** read from socket */
if(sock_open_rd && sock_can_rd) {
num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
switch(num) {
case -1:
parse_socket_error(c, "readsocket");
break;
case 0: /* close */
s_log(LOG_DEBUG, "Socket closed on read");
sock_open_rd=0;
break;
default:
c->sock_ptr+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** write to socket */
if(sock_open_wr && sock_can_wr) {
num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr);
switch(num) {
case -1: /* error */
parse_socket_error(c, "writesocket");
break;
case 0:
s_log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
c->ssl_ptr-=num;
c->sock_bytes+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** update *_wants_* based on new *_ptr */
/* this update is also required for SSL_pending() to be used */
read_wants_read=
ssl_open_rd && c->ssl_ptr<BUFFSIZE && !read_wants_write;
write_wants_write=
ssl_open_wr && c->sock_ptr && !write_wants_read;
/****************************** read from SSL */
if((read_wants_read && (ssl_can_rd || SSL_pending(c->ssl))) ||
/* it may be possible to read some pending data after
* writesocket() above made some room in c->ssl_buff */
(read_wants_write && ssl_can_wr)) {
read_wants_write=0;
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_read returned WANT_WRITE: retrying");
read_wants_write=1;
break;
case SSL_ERROR_WANT_READ: /* nothing unexpected */
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_read "
"with %d byte(s) in buffer",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_open_rd=ssl_open_wr=0; /* buggy peer: no close_notify */
} else
parse_socket_error(c, "SSL_read");
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_open_rd=0;
if(!strcmp(SSL_get_version(c->ssl), "SSLv2"))
ssl_open_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** write to SSL */
if((write_wants_read && ssl_can_rd) ||
(write_wants_write && ssl_can_wr)) {
write_wants_read=0;
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE: /* nothing unexpected */
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_write returned WANT_READ: retrying");
write_wants_read=1;
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL: /* socket error */
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed on SSL_write "
"with %d byte(s) in buffer",
c->sock_ptr);
longjmp(c->err, 1); /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_write");
ssl_open_rd=ssl_open_wr=0; /* buggy peer: no close_notify */
} else
parse_socket_error(c, "SSL_write");
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_open_rd=0;
if(!strcmp(SSL_get_version(c->ssl), "SSLv2"))
ssl_open_wr=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
longjmp(c->err, 1);
default:
s_log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
longjmp(c->err, 1);
}
}
/****************************** check write shutdown conditions */
if(sock_open_wr && !ssl_open_rd && !c->ssl_ptr) {
s_log(LOG_DEBUG, "Sending socket write shutdown");
sock_open_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
if(ssl_open_wr && !sock_open_rd && !c->sock_ptr) {
s_log(LOG_DEBUG, "Sending SSL write shutdown");
ssl_open_wr=0; /* no further write allowed */
if(strcmp(SSL_get_version(c->ssl), "SSLv2")) { /* SSLv3, TLSv1 */
shutdown_wants_write=1; /* initiate close_notify */
} else { /* no alerts in SSLv2 including close_notify alert */
shutdown(c->sock_rfd->fd, SHUT_RD); /* notify the kernel */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
SSL_set_shutdown(c->ssl, /* notify the OpenSSL library */
SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
ssl_open_rd=0; /* no further read allowed */
}
}
/****************************** check watchdog */
if(++watchdog>100) { /* loop executes without transferring any data */
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
s_log(LOG_ERR,
"please report the problem to [email protected]");
stunnel_info(LOG_ERR);
s_log(LOG_ERR, "protocol=%s, SSL_pending=%d",
SSL_get_version(c->ssl), SSL_pending(c->ssl));
s_log(LOG_ERR, "sock_open_rd=%s, sock_open_wr=%s, "
"ssl_open_rd=%s, ssl_open_wr=%s",
sock_open_rd ? "Y" : "n", sock_open_wr ? "Y" : "n",
ssl_open_rd ? "Y" : "n", ssl_open_wr ? "Y" : "n");
s_log(LOG_ERR, "sock_can_rd=%s, sock_can_wr=%s, "
"ssl_can_rd=%s, ssl_can_wr=%s",
sock_can_rd ? "Y" : "n", sock_can_wr ? "Y" : "n",
ssl_can_rd ? "Y" : "n", ssl_can_wr ? "Y" : "n");
s_log(LOG_ERR, "read_wants_read=%s, read_wants_write=%s",
read_wants_read ? "Y" : "n",
read_wants_write ? "Y" : "n");
s_log(LOG_ERR, "write_wants_read=%s, write_wants_write=%s",
write_wants_read ? "Y" : "n",
write_wants_write ? "Y" : "n");
s_log(LOG_ERR, "shutdown_wants_read=%s, shutdown_wants_write=%s",
shutdown_wants_read ? "Y" : "n",
shutdown_wants_write ? "Y" : "n");
s_log(LOG_ERR, "socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr, c->ssl_ptr);
longjmp(c->err, 1);
}
} while(sock_open_wr || ssl_open_wr ||
shutdown_wants_read || shutdown_wants_write);
}
static void init_ssl(CLI *c) {
int i, err;
SSL_SESSION *old_session;
int unsafe_openssl;
c->ssl=SSL_new(c->opt->ctx);
if(!c->ssl) {
sslerror("SSL_new");
longjmp(c->err, 1);
}
SSL_set_ex_data(c->ssl, cli_index, c); /* for callbacks */
if(c->opt->option.client) {
#ifndef OPENSSL_NO_TLSEXT
if(c->opt->sni) {
s_log(LOG_DEBUG, "SNI: host name: %s", c->opt->sni);
if(!SSL_set_tlsext_host_name(c->ssl, c->opt->sni)) {
sslerror("SSL_set_tlsext_host_name");
longjmp(c->err, 1);
}
}
#endif
if(c->opt->session) {
enter_critical_section(CRIT_SESSION);
SSL_set_session(c->ssl, c->opt->session);
leave_critical_section(CRIT_SESSION);
}
SSL_set_fd(c->ssl, c->remote_fd.fd);
SSL_set_connect_state(c->ssl);
} else {
if(c->local_rfd.fd==c->local_wfd.fd)
SSL_set_fd(c->ssl, c->local_rfd.fd);
else {
/* does it make sense to have SSL on STDIN/STDOUT? */
SSL_set_rfd(c->ssl, c->local_rfd.fd);
SSL_set_wfd(c->ssl, c->local_wfd.fd);
}
SSL_set_accept_state(c->ssl);
}
/* setup some values for transfer() function */
if(c->opt->option.client) {
c->sock_rfd=&(c->local_rfd);
c->sock_wfd=&(c->local_wfd);
c->ssl_rfd=c->ssl_wfd=&(c->remote_fd);
} else {
c->sock_rfd=c->sock_wfd=&(c->remote_fd);
c->ssl_rfd=&(c->local_rfd);
c->ssl_wfd=&(c->local_wfd);
}
unsafe_openssl=SSLeay()<0x0090810fL ||
(SSLeay()>=0x10000000L && SSLeay()<0x1000002fL);
while(1) {
/* critical section for OpenSSL version < 0.9.8p or 1.x.x < 1.0.0b *
* this critical section is a crude workaround for CVE-2010-3864 *
* see http://www.securityfocus.com/bid/44884 for details *
* alternative solution is to disable internal session caching *
* NOTE: this critical section also covers callbacks (e.g. OCSP) */
if(unsafe_openssl)
enter_critical_section(CRIT_SSL);
if(c->opt->option.client)
i=SSL_connect(c->ssl);
else
i=SSL_accept(c->ssl);
if(unsafe_openssl)
leave_critical_section(CRIT_SSL);
err=SSL_get_error(c->ssl, i);
if(err==SSL_ERROR_NONE)
break; /* ok -> done */
if(err==SSL_ERROR_WANT_READ || err==SSL_ERROR_WANT_WRITE) {
s_poll_init(c->fds);
s_poll_add(c->fds, c->ssl_rfd->fd,
err==SSL_ERROR_WANT_READ,
err==SSL_ERROR_WANT_WRITE);
switch(s_poll_wait(c->fds, c->opt->timeout_busy, 0)) {
case -1:
sockerror("init_ssl: s_poll_wait");
longjmp(c->err, 1);
case 0:
s_log(LOG_INFO, "init_ssl: s_poll_wait:"
" TIMEOUTbusy exceeded: sending reset");
longjmp(c->err, 1);
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "init_ssl: s_poll_wait: unknown result");
longjmp(c->err, 1);
}
continue; /* ok -> retry */
}
if(err==SSL_ERROR_SYSCALL) {
switch(get_last_socket_error()) {
case S_EINTR:
case S_EWOULDBLOCK:
#if S_EAGAIN!=S_EWOULDBLOCK
case S_EAGAIN:
#endif
continue;
}
}
if(c->opt->option.client)
sslerror("SSL_connect");
else
sslerror("SSL_accept");
longjmp(c->err, 1);
}
if(SSL_session_reused(c->ssl)) {
s_log(LOG_INFO, "SSL %s: previous session reused",
c->opt->option.client ? "connected" : "accepted");
} else { /* a new session was negotiated */
#ifdef USE_WIN32
win_new_chain(c);
#endif
if(c->opt->option.client) {
s_log(LOG_INFO, "SSL connected: new session negotiated");
enter_critical_section(CRIT_SESSION);
old_session=c->opt->session;
c->opt->session=SSL_get1_session(c->ssl); /* store it */
if(old_session)
SSL_SESSION_free(old_session); /* release the old one */
leave_critical_section(CRIT_SESSION);
} else
s_log(LOG_INFO, "SSL accepted: new session negotiated");
print_cipher(c);
}
}
static int init_ssl(CLI *c) {
int i, err;
SSL_SESSION *old_session;
if(!(c->ssl=SSL_new(ctx))) {
sslerror("SSL_new");
return -1;
}
#if SSLEAY_VERSION_NUMBER >= 0x0922
SSL_set_session_id_context(c->ssl, sid_ctx, strlen(sid_ctx));
#endif
if(options.option.client) {
if(c->opt->session) {
enter_critical_section(CRIT_SESSION);
SSL_set_session(c->ssl, c->opt->session);
leave_critical_section(CRIT_SESSION);
}
SSL_set_fd(c->ssl, c->remote_fd.fd);
SSL_set_connect_state(c->ssl);
} else {
if(c->local_rfd.fd==c->local_wfd.fd)
SSL_set_fd(c->ssl, c->local_rfd.fd);
else {
/* Does it make sence to have SSL on STDIN/STDOUT? */
SSL_set_rfd(c->ssl, c->local_rfd.fd);
SSL_set_wfd(c->ssl, c->local_wfd.fd);
}
SSL_set_accept_state(c->ssl);
}
/* Setup some values for transfer() function */
if(options.option.client) {
c->sock_rfd=&(c->local_rfd);
c->sock_wfd=&(c->local_wfd);
c->ssl_rfd=c->ssl_wfd=&(c->remote_fd);
} else {
c->sock_rfd=c->sock_wfd=&(c->remote_fd);
c->ssl_rfd=&(c->local_rfd);
c->ssl_wfd=&(c->local_wfd);
}
while(1) {
if(options.option.client)
i=SSL_connect(c->ssl);
else
i=SSL_accept(c->ssl);
err=SSL_get_error(c->ssl, i);
if(err==SSL_ERROR_NONE)
break; /* ok -> done */
if(err==SSL_ERROR_WANT_READ || err==SSL_ERROR_WANT_WRITE) {
s_poll_zero(&c->fds);
s_poll_add(&c->fds, c->ssl_rfd->fd,
err==SSL_ERROR_WANT_READ,
err==SSL_ERROR_WANT_WRITE);
switch(s_poll_wait(&c->fds, c->opt->timeout_busy)) {
case -1:
sockerror("init_ssl: s_poll_wait");
return -1; /* error */
case 0:
s_log(LOG_INFO, "init_ssl: s_poll_wait timeout");
return -1; /* timeout */
case 1:
break; /* OK */
default:
s_log(LOG_ERR, "init_ssl: s_poll_wait unknown result");
return -1; /* error */
}
continue; /* ok -> retry */
}
if(err==SSL_ERROR_SYSCALL) {
switch(get_last_socket_error()) {
case EINTR:
case EAGAIN:
continue;
}
}
if(options.option.client)
sslerror("SSL_connect");
else
sslerror("SSL_accept");
return -1;
}
if(SSL_session_reused(c->ssl)) {
s_log(LOG_INFO, "SSL %s: previous session reused",
options.option.client ? "connected" : "accepted");
} else { /* a new session was negotiated */
if(options.option.client) {
s_log(LOG_INFO, "SSL connected: new session negotiated");
enter_critical_section(CRIT_SESSION);
old_session=c->opt->session;
c->opt->session=SSL_get1_session(c->ssl); /* store it */
if(old_session)
SSL_SESSION_free(old_session); /* release the old one */
leave_critical_section(CRIT_SESSION);
} else
s_log(LOG_INFO, "SSL accepted: new session negotiated");
print_cipher(c);
}
return 0; /* OK */
}
/****************************** transfer data */
static int transfer(CLI *c) {
int num, err;
int check_SSL_pending;
enum {CL_OPEN, CL_INIT, CL_RETRY, CL_CLOSED} ssl_closing=CL_OPEN;
int watchdog=0; /* a counter to detect an infinite loop */
c->sock_ptr=c->ssl_ptr=0;
sock_rd=sock_wr=ssl_rd=ssl_wr=1;
c->sock_bytes=c->ssl_bytes=0;
do { /* main loop */
/* set flag to try and read any buffered SSL data
* if we made room in the buffer by writing to the socket */
check_SSL_pending=0;
/****************************** setup c->fds structure */
s_poll_zero(&c->fds); /* Initialize the structure */
if(sock_rd && c->sock_ptr<BUFFSIZE) /* socket input buffer not full*/
s_poll_add(&c->fds, c->sock_rfd->fd, 1, 0);
if((ssl_rd && c->ssl_ptr<BUFFSIZE) || /* SSL input buffer not full */
((c->sock_ptr || ssl_closing==CL_RETRY) && want_rd))
/* want to SSL_write or SSL_shutdown but read from the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_rfd->fd, 1, 0);
if(c->ssl_ptr) /* SSL input buffer not empty */
s_poll_add(&c->fds, c->sock_wfd->fd, 0, 1);
if(c->sock_ptr || /* socket input buffer not empty */
ssl_closing==CL_INIT /* need to send close_notify */ ||
((c->ssl_ptr<BUFFSIZE || ssl_closing==CL_RETRY) && want_wr))
/* want to SSL_read or SSL_shutdown but write to the
* underlying socket needed for the SSL protocol */
s_poll_add(&c->fds, c->ssl_wfd->fd, 0, 1);
/****************************** wait for an event */
err=s_poll_wait(&c->fds, (sock_rd && ssl_rd) /* both peers open */ ||
c->ssl_ptr /* data buffered to write to socket */ ||
c->sock_ptr /* data buffered to write to SSL */ ?
c->opt->timeout_idle : c->opt->timeout_close);
switch(err) {
case -1:
sockerror("transfer: s_poll_wait");
return -1;
case 0: /* timeout */
if((sock_rd && ssl_rd) || c->ssl_ptr || c->sock_ptr) {
s_log(LOG_INFO, "s_poll_wait timeout: connection reset");
return -1;
} else { /* already closing connection */
s_log(LOG_INFO, "s_poll_wait timeout: connection close");
return 0; /* OK */
}
}
if(!(sock_can_rd || sock_can_wr || ssl_can_rd || ssl_can_wr)) {
s_log(LOG_ERR, "INTERNAL ERROR: "
"s_poll_wait returned %d, but no descriptor is ready", err);
return -1;
}
/****************************** send SSL close_notify message */
if(ssl_closing==CL_INIT || (ssl_closing==CL_RETRY &&
((want_rd && ssl_can_rd) || (want_wr && ssl_can_wr)))) {
switch(SSL_shutdown(c->ssl)) { /* Send close_notify */
case 1: /* the shutdown was successfully completed */
s_log(LOG_INFO, "SSL_shutdown successfully sent close_notify");
ssl_closing=CL_CLOSED; /* done! */
break;
case 0: /* the shutdown is not yet finished */
s_log(LOG_DEBUG, "SSL_shutdown retrying");
ssl_closing=CL_RETRY; /* retry next time */
break;
case -1: /* a fatal error occurred */
sslerror("SSL_shutdown");
return -1;
}
}
/****************************** write to socket */
if(sock_wr && sock_can_wr) {
/* for stunnel to tell web server the remote ip address */
add_remote_ip_to_header(c);
num=writesocket(c->sock_wfd->fd, c->ssl_buff, c->ssl_ptr);
switch(num) {
case -1: /* error */
if(parse_socket_error("writesocket"))
return -1;
break;
case 0:
s_log(LOG_DEBUG, "No data written to the socket: retrying");
break;
default:
memmove(c->ssl_buff, c->ssl_buff+num, c->ssl_ptr-num);
if(c->ssl_ptr==BUFFSIZE) /* buffer was previously full */
check_SSL_pending=1; /* check for data buffered by SSL */
c->ssl_ptr-=num;
c->sock_bytes+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** write to SSL */
if(ssl_wr && c->sock_ptr && ( /* output buffer not empty */
ssl_can_wr || (want_rd && ssl_can_rd)
/* SSL_write wants to read from the underlying descriptor */
)) {
num=SSL_write(c->ssl, c->sock_buff, c->sock_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
memmove(c->sock_buff, c->sock_buff+num, c->sock_ptr-num);
c->sock_ptr-=num;
c->ssl_bytes+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_write returned WANT_WRITE: retrying");
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_write returned WANT_READ: retrying");
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_write returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL: /* really an error */
if(num && parse_socket_error("SSL_write"))
return -1;
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_write");
ssl_rd=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_write");
return -1;
default:
s_log(LOG_ERR, "SSL_write/SSL_get_error returned %d", err);
return -1;
}
}
/****************************** read from socket */
if(sock_rd && sock_can_rd) {
num=readsocket(c->sock_rfd->fd,
c->sock_buff+c->sock_ptr, BUFFSIZE-c->sock_ptr);
switch(num) {
case -1:
if(parse_socket_error("readsocket"))
return -1;
break;
case 0: /* close */
s_log(LOG_DEBUG, "Socket closed on read");
sock_rd=0;
break;
default:
c->sock_ptr+=num;
watchdog=0; /* reset watchdog */
}
}
/****************************** read from SSL */
if(ssl_rd && c->ssl_ptr<BUFFSIZE && ( /* input buffer not full */
ssl_can_rd || (want_wr && ssl_can_wr) ||
/* SSL_read wants to write to the underlying descriptor */
(check_SSL_pending && SSL_pending(c->ssl))
/* write made space from full buffer */
)) {
num=SSL_read(c->ssl, c->ssl_buff+c->ssl_ptr, BUFFSIZE-c->ssl_ptr);
switch(err=SSL_get_error(c->ssl, num)) {
case SSL_ERROR_NONE:
c->ssl_ptr+=num;
watchdog=0; /* reset watchdog */
break;
case SSL_ERROR_WANT_WRITE:
s_log(LOG_DEBUG, "SSL_read returned WANT_WRITE: retrying");
break;
case SSL_ERROR_WANT_READ:
s_log(LOG_DEBUG, "SSL_read returned WANT_READ: retrying");
break;
case SSL_ERROR_WANT_X509_LOOKUP:
s_log(LOG_DEBUG,
"SSL_read returned WANT_X509_LOOKUP: retrying");
break;
case SSL_ERROR_SYSCALL:
if(!num) { /* EOF */
if(c->sock_ptr) {
s_log(LOG_ERR,
"SSL socket closed with %d byte(s) in buffer",
c->sock_ptr);
return -1; /* reset the socket */
}
s_log(LOG_DEBUG, "SSL socket closed on SSL_read");
ssl_rd=ssl_wr=0; /* buggy or SSLv2 peer: no close_notify */
ssl_closing=CL_CLOSED; /* don't try to send it back */
} else if(parse_socket_error("SSL_read"))
return -1;
break;
case SSL_ERROR_ZERO_RETURN: /* close_notify received */
s_log(LOG_DEBUG, "SSL closed on SSL_read");
ssl_rd=0;
break;
case SSL_ERROR_SSL:
sslerror("SSL_read");
return -1;
default:
s_log(LOG_ERR, "SSL_read/SSL_get_error returned %d", err);
return -1;
}
}
/****************************** check write shutdown conditions */
if(sock_wr && !ssl_rd && !c->ssl_ptr) {
s_log(LOG_DEBUG, "Socket write shutdown");
sock_wr=0; /* no further write allowed */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
}
if(ssl_wr && (!sock_rd || SSL_get_shutdown(c->ssl)) && !c->sock_ptr) {
s_log(LOG_DEBUG, "SSL write shutdown");
ssl_wr=0; /* no further write allowed */
if(strcmp(SSL_get_version(c->ssl), "SSLv2")) { /* SSLv3, TLSv1 */
ssl_closing=CL_INIT; /* initiate close_notify */
} else { /* no alerts in SSLv2 including close_notify alert */
shutdown(c->sock_rfd->fd, SHUT_RD); /* notify the kernel */
shutdown(c->sock_wfd->fd, SHUT_WR); /* send TCP FIN */
SSL_set_shutdown(c->ssl, /* notify the OpenSSL library */
SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
ssl_rd=0; /* no further read allowed */
ssl_closing=CL_CLOSED; /* closed */
}
}
if(ssl_closing==CL_RETRY) { /* SSL shutdown */
if(!want_rd && !want_wr) { /* close_notify alert was received */
s_log(LOG_DEBUG, "SSL doesn't need to read or write");
ssl_closing=CL_CLOSED;
}
if(watchdog>5) {
s_log(LOG_NOTICE, "Too many retries on SSL shutdown");
ssl_closing=CL_CLOSED;
}
}
/****************************** check watchdog */
if(++watchdog>100) { /* loop executes without transferring any data */
s_log(LOG_ERR,
"transfer() loop executes not transferring any data");
s_log(LOG_ERR,
"please report the problem to [email protected]");
s_log(LOG_ERR, "socket open: rd=%s wr=%s, ssl open: rd=%s wr=%s",
sock_rd ? "yes" : "no", sock_wr ? "yes" : "no",
ssl_rd ? "yes" : "no", ssl_wr ? "yes" : "no");
s_log(LOG_ERR, "socket ready: rd=%s wr=%s, ssl ready: rd=%s wr=%s",
sock_can_rd ? "yes" : "no", sock_can_wr ? "yes" : "no",
ssl_can_rd ? "yes" : "no", ssl_can_wr ? "yes" : "no");
s_log(LOG_ERR, "ssl want: rd=%s wr=%s",
want_rd ? "yes" : "no", want_wr ? "yes" : "no");
s_log(LOG_ERR, "socket input buffer: %d byte(s), "
"ssl input buffer: %d byte(s)", c->sock_ptr, c->ssl_ptr);
s_log(LOG_ERR, "check_SSL_pending=%d, ssl_closing=%d",
check_SSL_pending, ssl_closing);
return -1;
}
} while(sock_wr || ssl_closing!=CL_CLOSED);
return 0; /* OK */
}
int verify_init(SERVICE_OPTIONS *section) {
if(section->verify_level<0)
return 1; /* no certificate verification */
if(section->verify_level>1 && !section->ca_file && !section->ca_dir) {
s_log(LOG_ERR,
"Either CApath or CAfile has to be used for authentication");
return 0;
}
section->revocation_store=X509_STORE_new();
if(!section->revocation_store) {
sslerror("X509_STORE_new");
return 0;
}
if(section->ca_file) {
if(!SSL_CTX_load_verify_locations(section->ctx,
section->ca_file, NULL)) {
s_log(LOG_ERR, "Error loading verify certificates from %s",
section->ca_file);
sslerror("SSL_CTX_load_verify_locations");
return 0;
}
/* list of trusted CAs for the client to choose the right cert */
SSL_CTX_set_client_CA_list(section->ctx,
SSL_load_client_CA_file(section->ca_file));
s_log(LOG_DEBUG, "Loaded verify certificates from %s",
section->ca_file);
if(!load_file_lookup(section->revocation_store, section->ca_file))
return 0;
}
if(section->ca_dir) {
if(!SSL_CTX_load_verify_locations(section->ctx,
NULL, section->ca_dir)) {
s_log(LOG_ERR, "Error setting verify directory to %s",
section->ca_dir);
sslerror("SSL_CTX_load_verify_locations");
return 0;
}
s_log(LOG_DEBUG, "Verify directory set to %s", section->ca_dir);
add_dir_lookup(section->revocation_store, section->ca_dir);
}
if(section->crl_file)
if(!load_file_lookup(section->revocation_store, section->crl_file))
return 0;
if(section->crl_dir) {
section->revocation_store->cache=0; /* don't cache CRLs */
add_dir_lookup(section->revocation_store, section->crl_dir);
}
SSL_CTX_set_verify(section->ctx, section->verify_level==SSL_VERIFY_NONE ?
SSL_VERIFY_PEER : section->verify_level, verify_callback);
if(section->ca_dir && section->verify_use_only_my)
s_log(LOG_NOTICE, "Peer certificate location %s", section->ca_dir);
return 1; /* OK */
}
