long SSL_CTX_set_tmp_dh_shim(SSL_CTX *ctx, DH *dh) {
return SSL_CTX_set_tmp_dh(ctx, dh);
}
struct st_VioSSLConnectorFd *
new_VioSSLConnectorFd(const char* key_file,
const char* cert_file,
const char* ca_file,
const char* ca_path,
const char* cipher)
{
int verify = SSL_VERIFY_NONE;
struct st_VioSSLConnectorFd* ptr;
int result;
DH *dh;
DBUG_ENTER("new_VioSSLConnectorFd");
if (!(ptr=((struct st_VioSSLConnectorFd*)
my_malloc(sizeof(struct st_VioSSLConnectorFd),MYF(0)))))
DBUG_RETURN(0);
ptr->ssl_context= 0;
ptr->ssl_method= 0;
/* FIXME: constants! */
if (!ssl_algorithms_added)
{
DBUG_PRINT("info", ("todo: OpenSSL_add_all_algorithms()"));
ssl_algorithms_added = TRUE;
SSL_library_init();
OpenSSL_add_all_algorithms();
}
#ifdef __NETWARE__
netware_ssl_init();
#endif
if (!ssl_error_strings_loaded)
{
DBUG_PRINT("info", ("todo:SSL_load_error_strings()"));
ssl_error_strings_loaded = TRUE;
SSL_load_error_strings();
}
ptr->ssl_method = TLSv1_client_method();
ptr->ssl_context = SSL_CTX_new(ptr->ssl_method);
DBUG_PRINT("info", ("ssl_context: %p",ptr->ssl_context));
if (ptr->ssl_context == 0)
{
DBUG_PRINT("error", ("SSL_CTX_new failed"));
report_errors();
goto ctor_failure;
}
/*
SSL_CTX_set_options
SSL_CTX_set_info_callback
*/
if (cipher)
{
result=SSL_CTX_set_cipher_list(ptr->ssl_context, cipher);
DBUG_PRINT("info",("SSL_set_cipher_list() returned %d",result));
}
SSL_CTX_set_verify(ptr->ssl_context, verify, vio_verify_callback);
if (vio_set_cert_stuff(ptr->ssl_context, cert_file, key_file) == -1)
{
DBUG_PRINT("error", ("vio_set_cert_stuff failed"));
report_errors();
goto ctor_failure;
}
if (SSL_CTX_load_verify_locations( ptr->ssl_context, ca_file,ca_path) == 0)
{
DBUG_PRINT("warning", ("SSL_CTX_load_verify_locations failed"));
if (SSL_CTX_set_default_verify_paths(ptr->ssl_context) == 0)
{
DBUG_PRINT("error", ("SSL_CTX_set_default_verify_paths failed"));
report_errors();
goto ctor_failure;
}
}
/* DH stuff */
dh=get_dh512();
SSL_CTX_set_tmp_dh(ptr->ssl_context,dh);
DH_free(dh);
DBUG_RETURN(ptr);
ctor_failure:
DBUG_PRINT("exit", ("there was an error"));
my_free((gptr)ptr,MYF(0));
DBUG_RETURN(0);
}
int main()
{
SSL_library_init();
SSL_load_error_strings();
BIO * bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
/* Set up a SIGPIPE handler */
signal(SIGPIPE, SIG_IGN);
/* Create our context*/
SSL_CTX * ctx = SSL_CTX_new(SSLv23_method());
/* Load our keys and certificates*/
if(!(SSL_CTX_use_certificate_chain_file(ctx, "ftests/fixtures/rdpproxy-cert.pem")))
{
BIO_printf(bio_err, "Can't read certificate file\n");
ERR_print_errors(bio_err);
exit(0);
}
SSL_CTX_set_default_passwd_cb(ctx, password_cb0);
SSL_CTX_set_default_passwd_cb_userdata(ctx, const_cast<char *>("inquisition"));
if(!(SSL_CTX_use_PrivateKey_file(ctx, "ftests/fixtures/rdpproxy-key.pem", SSL_FILETYPE_PEM)))
{
BIO_printf(bio_err,"Can't read key file\n");
ERR_print_errors(bio_err);
exit(0);
}
DH *ret=nullptr;
BIO *bio;
if ((bio=BIO_new_file("ftests/fixtures/dh1024.pem","r")) == nullptr){
BIO_printf(bio_err,"Couldn't open DH file\n");
ERR_print_errors(bio_err);
exit(0);
}
ret=PEM_read_bio_DHparams(bio, nullptr, nullptr, nullptr);
BIO_free(bio);
if(SSL_CTX_set_tmp_dh(ctx, ret)<0)
{
BIO_printf(bio_err,"Couldn't set DH parameters\n");
ERR_print_errors(bio_err);
exit(0);
}
union
{
struct sockaddr s;
struct sockaddr_storage ss;
struct sockaddr_in s4;
struct sockaddr_in6 s6;
} ucs;
memset(&ucs, 0, sizeof(ucs));
int val=1;
int sock = socket(AF_INET, SOCK_STREAM,0);
if(sock < 0) {
fprintf(stderr, "Failed to make socket\n");
exit(0);
}
memset(&ucs.s4, 0, sizeof(ucs));
ucs.s4.sin_addr.s_addr = INADDR_ANY;
ucs.s4.sin_family = AF_INET;
ucs.s4.sin_port = htons(4433);
setsockopt(sock,SOL_SOCKET,SO_REUSEADDR, &val,sizeof(val));
int bind_res = bind(sock,&ucs.s, sizeof(ucs));
if(bind_res < 0){
fprintf(stderr, "Failed to bind\n");
exit(0);
}
listen(sock,5);
for (;;) {
int s = accept(sock,nullptr,nullptr);
if(s < 0){
fprintf(stderr,"Problem accepting\n");
break;
}
pid_t pid = fork();
if(pid){
close(s);
}
else {
rdp_serve(ctx, s, bio_err);
break;
}
}
SSL_CTX_free(ctx);
return 0;
}
int
main(int arc, char** argv) {
char* server_port = "5000";
char* server_ip = "127.0.0.1";
char* cert_file = "client.crt";
char* key_file = "client.key";
// Command Line generation of Diffie-Hellman parameters
// openssl dhparam -out dh_param_2048.pem 2048
char* dh_file = "dh_param_2048_client.pem";
DH *dh_2048 = NULL;
FILE *paramfile;
int err;
int sockfd;
struct addrinfo hints;
struct addrinfo *server;
const SSL_METHOD *ssl_meth;
SSL_CTX *ctx;
/* Load encryption & hashing algorithms for the SSL program */
SSL_library_init();
/* Load the error strings for SSL & CRYPTO APIs */
SSL_load_error_strings();
/* Use SSLv3 for the connection */
ssl_meth = SSLv23_client_method();
/* Create a new context--stores configuration for SSL */
ctx = SSL_CTX_new(ssl_meth);
if (!ctx)
error("Error creating SSL context.\n");
printf("Setting the local certificates and keys...\n");
/* Set the local certificates and keys */
err = SSL_CTX_use_certificate_file(ctx, cert_file, SSL_FILETYPE_PEM);
if (err <= 0) {
ERR_print_errors_fp(stderr);
fprintf(stderr, "Error setting the certificate file.\n");
goto out;
}
err = SSL_CTX_use_PrivateKey_file(ctx, key_file, SSL_FILETYPE_PEM);
if (err <= 0) {
ERR_print_errors_fp(stderr);
fprintf(stderr, "Error setting the private key file.\n");
goto out;
}
/* Verify private key and public crt combination. */
if (!SSL_CTX_check_private_key(ctx)) {
fprintf(stderr,
"Error, private key does not match public key.\n");
goto out;
}
/* Set up ephemeral DH parameters. */
paramfile = fopen(dh_file, "r");
if (!paramfile) {
fprintf(stderr, "Error opening Diffie-Hellman parameters.\n");
goto out;
}
dh_2048 = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
err = fclose(paramfile);
if (err) {
fprintf(stderr, "Error closing file stream.\n");
goto out;
}
if (!dh_2048) {
fprintf(stderr, "Error reading Diffie-Hellman parameters.\n");
goto out;
}
err = SSL_CTX_set_tmp_dh(ctx, dh_2048);
if (err != 1) {
fprintf(stderr,
"Error setting Diffie-Hellman into SSL context\n");
goto out;
}
/*--- Standard TCP server setup and connection ---*/
printf("Creating TCP/IP socket...\n");
{
SSL *ssl;
int bytes = 0;
char *msg = "Hello!";
char buf[256];
memset(&buf, 0, sizeof(buf));
/* The hints struct is used to specify what kind of server info
* we are looking for. */
memset(&hints, 0, sizeof hints);
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_STREAM; /* or SOCK_DGRAM */
/* getaddrinfo() gives us back a server address we can connect to.
It actually gives us a linked list of addresses, but we'll just
use the first. */
err = getaddrinfo(server_ip, server_port, &hints, &server);
if (err) {
fprintf(stderr, "Error getting address information.\n");
goto out;
}
/* Now we can create the socket and connect */
sockfd = socket(server->ai_family, server->ai_socktype, server->ai_protocol);
if (sockfd == -1) {
fprintf(stderr, "Error opening socket.\n");
freeaddrinfo(server);
goto out;
}
err = connect(sockfd, server->ai_addr, server->ai_addrlen);
if (err == -1) {
fprintf(stderr, "Error on connect.\n");
close(sockfd);
freeaddrinfo(server);
goto out;
}
ssl = SSL_new(ctx);
if (!ssl) {
fprintf(stderr,
"Error creating a new SSL structure.\n");
ERR_print_errors_fp(stderr);
close(sockfd);
freeaddrinfo(server);
goto out;
}
SSL_set_fd(ssl, sockfd); /* set connection to SSL state */
err = SSL_connect(ssl);
if (err < 1) {
err = SSL_get_error(ssl,err);
printf("SSL error #%d in accept.\n", err);
ERR_print_errors_fp(stderr);
SSL_free(ssl);
close(sockfd);
freeaddrinfo(server);
goto out;
}
/* Print out connection details */
printf("SSL connection on socket %x, Version: %s, Cipher: %s\
\n", sockfd, SSL_get_version(ssl), SSL_get_cipher(ssl));
err = SSL_write(ssl, msg, strlen(msg) + 1);
if (err < 0) {
printf("sslerror:%d\n", SSL_get_error(ssl, err));
ERR_print_errors_fp(stderr);
SSL_free(ssl);
close(sockfd);
freeaddrinfo(server);
goto out;
}
while(bytes <= 0)
bytes = SSL_read(ssl, buf, sizeof(buf) - 1);
printf("Received: %s\n", buf);
err = SSL_shutdown(ssl);
if (err < 0)
printf("Error in SSL shutdown\n");
else if (err == 1)
printf("Client exited gracefully\n");
/* close connection & clean up */
SSL_free(ssl);
close(sockfd);
freeaddrinfo(server);
}
out:
SSL_CTX_free(ctx);
return 0;
}
int
rb_setup_ssl_server(const char *cert, const char *keyfile, const char *dhfile)
{
DH *dh;
unsigned long err;
if(cert == NULL)
{
rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0;
}
if(!SSL_CTX_use_certificate_chain_file(ssl_server_ctx, cert) || !SSL_CTX_use_certificate_chain_file(ssl_client_ctx, cert))
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", cert,
get_ssl_error(err));
return 0;
}
if(keyfile == NULL)
{
rb_lib_log("rb_setup_ssl_server: No key file");
return 0;
}
if(!SSL_CTX_use_PrivateKey_file(ssl_server_ctx, keyfile, SSL_FILETYPE_PEM) || !SSL_CTX_use_PrivateKey_file(ssl_client_ctx, keyfile, SSL_FILETYPE_PEM))
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading keyfile [%s]: %s", keyfile,
get_ssl_error(err));
return 0;
}
if(dhfile != NULL)
{
/* DH parameters aren't necessary, but they are nice..if they didn't pass one..that is their problem */
BIO *bio = BIO_new_file(dhfile, "r");
if(bio != NULL)
{
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
if(dh == NULL)
{
err = ERR_get_error();
rb_lib_log
("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, get_ssl_error(err));
BIO_free(bio);
return 0;
}
BIO_free(bio);
SSL_CTX_set_tmp_dh(ssl_server_ctx, dh);
}
else
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, get_ssl_error(err));
}
}
return 1;
}
int ssl_server_init(char* ca_file, char *crt_file, char *key_file, char *dhp_file, char *ssl_cipher_list)
{
static const char *ssl_ctx_id = "httpd";
long ssl_options;
if (!crt_file || !f_exists(crt_file)) {
httpd_log("%s: Server certificate (%s) is not found!", SYSLOG_ID_SSL, crt_file);
httpd_log("Please manual build the certificate via \"%s\" script.", "https-cert.sh");
return -1;
}
if (!key_file || !f_exists(key_file)) {
httpd_log("%s: Server private key (%s) is not found!", SYSLOG_ID_SSL, key_file);
httpd_log("Please manual build the certificate via \"%s\" script.", "https-cert.sh");
return -1;
}
SSL_load_error_strings();
SSL_library_init();
ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if (!ssl_ctx) {
httpd_log("%s: Unable to create SSL context!", SYSLOG_ID_SSL);
return -1;
}
ssl_options = SSL_OP_ALL | SSL_OP_NO_COMPRESSION | SSL_OP_NO_SSLv2 |
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
SSL_CTX_set_options(ssl_ctx, ssl_options);
SSL_CTX_set_verify(ssl_ctx, SSL_VERIFY_NONE, NULL);
if (ssl_cipher_list && strlen(ssl_cipher_list) > 2) {
if (SSL_CTX_set_cipher_list(ssl_ctx, ssl_cipher_list) != 1) {
httpd_log("%s: Cannot set SSL cipher list (%s)!", SYSLOG_ID_SSL, ssl_cipher_list);
} else {
SSL_CTX_set_options(ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
}
}
if (ca_file && f_exists(ca_file)) {
if (SSL_CTX_load_verify_locations(ssl_ctx, ca_file, NULL) != 1) {
httpd_log("%s: Cannot load CA certificate (%s)!", SYSLOG_ID_SSL, ca_file);
}
}
if (SSL_CTX_use_certificate_file(ssl_ctx, crt_file, SSL_FILETYPE_PEM) != 1) {
httpd_log("%s: Cannot load server certificate (%s)!", SYSLOG_ID_SSL, crt_file);
ssl_server_uninit();
return 1;
}
if (SSL_CTX_use_PrivateKey_file(ssl_ctx, key_file, SSL_FILETYPE_PEM) != 1) {
httpd_log("%s: Cannot load server private key (%s)!", SYSLOG_ID_SSL, key_file);
ssl_server_uninit();
return 1;
}
if (SSL_CTX_check_private_key(ssl_ctx) != 1) {
httpd_log("%s: Private key does not match the certificate!", SYSLOG_ID_SSL);
ssl_server_uninit();
return 1;
}
if (dhp_file && f_exists(dhp_file)) {
/* DH parameters from file */
BIO *bio = BIO_new_file(dhp_file, "r");
if (bio) {
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (dh) {
SSL_CTX_set_tmp_dh(ssl_ctx, dh);
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_DH_USE);
DH_free(dh);
} else {
httpd_log("%s: Cannot load DH parameters (%s)!", SYSLOG_ID_SSL, dhp_file);
}
}
} else {
/* Default DH parameters from RFC5114 */
DH *dh = DH_new();
if (dh) {
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
dh->length = 160;
if (dh->p && dh->g) {
SSL_CTX_set_tmp_dh(ssl_ctx, dh);
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_DH_USE);
}
DH_free(dh);
}
}
SSL_CTX_set_default_read_ahead(ssl_ctx, 1);
SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_SERVER);
SSL_CTX_set_session_id_context(ssl_ctx, (unsigned char *)ssl_ctx_id, strlen(ssl_ctx_id));
SSL_CTX_sess_set_cache_size(ssl_ctx, 10);
SSL_CTX_set_info_callback(ssl_ctx, http_ssl_info_cb);
return 0;
}
static int __ssl_setup(struct ast_tls_config *cfg, int client)
{
#ifndef DO_SSL
cfg->enabled = 0;
return 0;
#else
int disable_ssl = 0;
if (!cfg->enabled) {
return 0;
}
/* Get rid of an old SSL_CTX since we're about to
* allocate a new one
*/
if (cfg->ssl_ctx) {
SSL_CTX_free(cfg->ssl_ctx);
cfg->ssl_ctx = NULL;
}
if (client) {
#ifndef OPENSSL_NO_SSL2
if (ast_test_flag(&cfg->flags, AST_SSL_SSLV2_CLIENT)) {
ast_log(LOG_WARNING, "Usage of SSLv2 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");
cfg->ssl_ctx = SSL_CTX_new(SSLv2_client_method());
} else
#endif
#ifndef OPENSSL_NO_SSL3_METHOD
if (ast_test_flag(&cfg->flags, AST_SSL_SSLV3_CLIENT)) {
ast_log(LOG_WARNING, "Usage of SSLv3 is discouraged due to known vulnerabilities. Please use 'tlsv1' or leave the TLS method unspecified!\n");
cfg->ssl_ctx = SSL_CTX_new(SSLv3_client_method());
} else
#endif
if (ast_test_flag(&cfg->flags, AST_SSL_TLSV1_CLIENT)) {
cfg->ssl_ctx = SSL_CTX_new(TLSv1_client_method());
} else {
disable_ssl = 1;
cfg->ssl_ctx = SSL_CTX_new(SSLv23_client_method());
}
} else {
disable_ssl = 1;
cfg->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
}
if (!cfg->ssl_ctx) {
ast_debug(1, "Sorry, SSL_CTX_new call returned null...\n");
cfg->enabled = 0;
return 0;
}
/* Due to the POODLE vulnerability, completely disable
* SSLv2 and SSLv3 if we are not explicitly told to use
* them. SSLv23_*_method supports TLSv1+.
*/
if (disable_ssl) {
long ssl_opts;
ssl_opts = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
SSL_CTX_set_options(cfg->ssl_ctx, ssl_opts);
}
SSL_CTX_set_verify(cfg->ssl_ctx,
ast_test_flag(&cfg->flags, AST_SSL_VERIFY_CLIENT) ? SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT : SSL_VERIFY_NONE,
NULL);
if (!ast_strlen_zero(cfg->certfile)) {
char *tmpprivate = ast_strlen_zero(cfg->pvtfile) ? cfg->certfile : cfg->pvtfile;
if (SSL_CTX_use_certificate_chain_file(cfg->ssl_ctx, cfg->certfile) == 0) {
if (!client) {
/* Clients don't need a certificate, but if its setup we can use it */
ast_log(LOG_ERROR, "TLS/SSL error loading cert file. <%s>\n", cfg->certfile);
cfg->enabled = 0;
SSL_CTX_free(cfg->ssl_ctx);
cfg->ssl_ctx = NULL;
return 0;
}
}
if ((SSL_CTX_use_PrivateKey_file(cfg->ssl_ctx, tmpprivate, SSL_FILETYPE_PEM) == 0) || (SSL_CTX_check_private_key(cfg->ssl_ctx) == 0 )) {
if (!client) {
/* Clients don't need a private key, but if its setup we can use it */
ast_log(LOG_ERROR, "TLS/SSL error loading private key file. <%s>\n", tmpprivate);
cfg->enabled = 0;
SSL_CTX_free(cfg->ssl_ctx);
cfg->ssl_ctx = NULL;
return 0;
}
}
}
if (!ast_strlen_zero(cfg->cipher)) {
if (SSL_CTX_set_cipher_list(cfg->ssl_ctx, cfg->cipher) == 0 ) {
if (!client) {
ast_log(LOG_ERROR, "TLS/SSL cipher error <%s>\n", cfg->cipher);
cfg->enabled = 0;
SSL_CTX_free(cfg->ssl_ctx);
cfg->ssl_ctx = NULL;
return 0;
}
}
}
if (!ast_strlen_zero(cfg->cafile) || !ast_strlen_zero(cfg->capath)) {
if (SSL_CTX_load_verify_locations(cfg->ssl_ctx, S_OR(cfg->cafile, NULL), S_OR(cfg->capath,NULL)) == 0) {
ast_log(LOG_ERROR, "TLS/SSL CA file(%s)/path(%s) error\n", cfg->cafile, cfg->capath);
}
}
#ifdef HAVE_OPENSSL_EC
if (!ast_strlen_zero(cfg->pvtfile)) {
BIO *bio = BIO_new_file(cfg->pvtfile, "r");
if (bio != NULL) {
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
if (dh != NULL) {
if (SSL_CTX_set_tmp_dh(cfg->ssl_ctx, dh)) {
long options = SSL_OP_CIPHER_SERVER_PREFERENCE | SSL_OP_SINGLE_DH_USE | SSL_OP_SINGLE_ECDH_USE;
options = SSL_CTX_set_options(cfg->ssl_ctx, options);
ast_verb(2, "TLS/SSL DH initialized, PFS cipher-suites enabled\n");
}
DH_free(dh);
}
BIO_free(bio);
}
}
#ifndef SSL_CTRL_SET_ECDH_AUTO
#define SSL_CTRL_SET_ECDH_AUTO 94
#endif
/* SSL_CTX_set_ecdh_auto(cfg->ssl_ctx, on); requires OpenSSL 1.0.2 which wraps: */
if (SSL_CTX_ctrl(cfg->ssl_ctx, SSL_CTRL_SET_ECDH_AUTO, 1, NULL)) {
ast_verb(2, "TLS/SSL ECDH initialized (automatic), faster PFS ciphers enabled\n");
} else {
/* enables AES-128 ciphers, to get AES-256 use NID_secp384r1 */
EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
if (ecdh != NULL) {
if (SSL_CTX_set_tmp_ecdh(cfg->ssl_ctx, ecdh)) {
ast_verb(2, "TLS/SSL ECDH initialized (secp256r1), faster PFS cipher-suites enabled\n");
}
EC_KEY_free(ecdh);
}
}
#endif /* #ifdef HAVE_OPENSSL_EC */
ast_verb(2, "TLS/SSL certificate ok\n"); /* We should log which one that is ok. This message doesn't really make sense in production use */
return 1;
#endif
}
pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode )
{
if (!ssl_initialized) {
ssl_initialized = 1;
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ssl_ex_data_index = SSL_get_ex_new_index( 0, (void *) "org.apache.qpid.proton.ssl",
NULL, NULL, NULL);
}
pn_ssl_domain_t *domain = (pn_ssl_domain_t *) calloc(1, sizeof(pn_ssl_domain_t));
if (!domain) return NULL;
domain->ref_count = 1;
domain->mode = mode;
// enable all supported protocol versions, then explicitly disable the
// known vulnerable ones. This should allow us to use the latest version
// of the TLS standard that the installed library supports.
switch(mode) {
case PN_SSL_MODE_CLIENT:
domain->ctx = SSL_CTX_new(SSLv23_client_method()); // and TLSv1+
if (!domain->ctx) {
ssl_log_error("Unable to initialize OpenSSL context.");
free(domain);
return NULL;
}
break;
case PN_SSL_MODE_SERVER:
domain->ctx = SSL_CTX_new(SSLv23_server_method()); // and TLSv1+
if (!domain->ctx) {
ssl_log_error("Unable to initialize OpenSSL context.");
free(domain);
return NULL;
}
break;
default:
pn_transport_logf(NULL, "Invalid value for pn_ssl_mode_t: %d", mode);
free(domain);
return NULL;
}
const long reject_insecure = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3;
SSL_CTX_set_options(domain->ctx, reject_insecure);
#ifdef SSL_OP_NO_COMPRESSION
// Mitigate the CRIME vulnerability
SSL_CTX_set_options(domain->ctx, SSL_OP_NO_COMPRESSION);
#endif
// by default, allow anonymous ciphers so certificates are not required 'out of the box'
if (!SSL_CTX_set_cipher_list( domain->ctx, CIPHERS_ANONYMOUS )) {
ssl_log_error("Failed to set cipher list to %s", CIPHERS_ANONYMOUS);
pn_ssl_domain_free(domain);
return NULL;
}
// ditto: by default do not authenticate the peer (can be done by SASL).
if (pn_ssl_domain_set_peer_authentication( domain, PN_SSL_ANONYMOUS_PEER, NULL )) {
pn_ssl_domain_free(domain);
return NULL;
}
DH *dh = get_dh2048();
if (dh) {
SSL_CTX_set_tmp_dh(domain->ctx, dh);
DH_free(dh);
SSL_CTX_set_options(domain->ctx, SSL_OP_SINGLE_DH_USE);
}
return domain;
}
LQ_EXTERN_C void* LQ_CALL LqConnSslCreate
(
const void* MethodSSL, /* Example SSLv23_method()*/
const char* CertFile, /* Example: "server.pem"*/
const char* KeyFile, /*Example: "server.key"*/
const char* CipherList,
int TypeCertFile, /*SSL_FILETYPE_ASN1 (The file is in abstract syntax notation 1 (ASN.1) format.) or SSL_FILETYPE_PEM (The file is in base64 privacy enhanced mail (PEM) format.)*/
const char* CAFile,
const char* DhpFile
) {
#ifdef HAVE_OPENSSL
static const unsigned char dh1024_p[] = {
0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,
0xAE,0x5D,0x54,0xEC,0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,
0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,0x60,0x73,0xE2,0x86,
0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,
0xD4,0x9B,0x83,0xBF,0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,
0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,0x4E,0xFF,0xD6,0xFA,
0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,
0x36,0x5C,0x1A,0x65,0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,
0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71,
};
static const unsigned char dh1024_g[] = {
0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,
0xEF,0xB9,0x99,0x05,0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,
0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,0x26,0x6F,0xEA,0x1E,
0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,
0x9E,0x27,0x49,0xF4,0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,
0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,0xA6,0xA2,0x4C,0x08,
0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,
0x18,0xD0,0x8B,0xC8,0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,
0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5,
};
SSL_CTX* NewCtx = NULL;
bool r = false;
static bool IsLoaded = false;
if(MethodSSL == NULL)
MethodSSL = SSLv23_server_method();
do {
if(!IsLoaded) {
IsLoaded = true;
SSL_library_init();
OpenSSL_add_all_algorithms();
SSL_load_error_strings();
}
if((NewCtx = SSL_CTX_new((const SSL_METHOD*)MethodSSL)) == NULL)
break;
SSL_CTX_set_read_ahead(NewCtx, 1);
SSL_CTX_set_verify(NewCtx, SSL_VERIFY_NONE, NULL);
if(CipherList != NULL) {
if(SSL_CTX_set_cipher_list(NewCtx, CipherList) == 1)
SSL_CTX_set_options(NewCtx, SSL_OP_CIPHER_SERVER_PREFERENCE);
}
if(CAFile != NULL) {
if(!SSL_CTX_load_verify_locations(NewCtx, CAFile, NULL)) {
SSL_CTX_free(NewCtx);
NewCtx = NULL;
break;
}
}
if((SSL_CTX_use_certificate_file(NewCtx, CertFile, TypeCertFile) <= 0) ||
(SSL_CTX_use_PrivateKey_file(NewCtx, KeyFile, TypeCertFile) <= 0)) {
SSL_CTX_free(NewCtx);
NewCtx = NULL;
break;
}
if(SSL_CTX_check_private_key(NewCtx) != 1) {
SSL_CTX_free(NewCtx);
NewCtx = NULL;
break;
}
if(DhpFile != NULL) {
BIO *bio = BIO_new_file(DhpFile, "r");
if(bio) {
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if(dh) {
SSL_CTX_set_tmp_dh(NewCtx, dh);
SSL_CTX_set_options(NewCtx, SSL_OP_SINGLE_DH_USE);
DH_free(dh);
}
}
} else {
DH *dh = DH_new();
if(dh) {
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), NULL);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), NULL);
dh->length = 160;
if(dh->p && dh->g) {
SSL_CTX_set_tmp_dh(NewCtx, dh);
SSL_CTX_set_options(NewCtx, SSL_OP_SINGLE_DH_USE);
}
DH_free(dh);
}
}
} while(false);
return NewCtx;
#else
lq_errno_set(ENOSYS);
return NULL;
#endif
}
void Context::initDH(const std::string& dhParamsFile)
{
#ifndef OPENSSL_NO_DH
// 1024-bit MODP Group with 160-bit prime order subgroup (RFC5114)
// -----BEGIN DH PARAMETERS-----
// MIIBDAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y
// mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4
// +qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV
// w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0
// sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR
// jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5QICAKA=
// -----END DH PARAMETERS-----
//
static const unsigned char dh1024_p[] =
{
0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,
0xAE,0x5D,0x54,0xEC,0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,
0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,0x60,0x73,0xE2,0x86,
0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,
0xD4,0x9B,0x83,0xBF,0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,
0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,0x4E,0xFF,0xD6,0xFA,
0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,
0x36,0x5C,0x1A,0x65,0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,
0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71,
};
static const unsigned char dh1024_g[] =
{
0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,
0xEF,0xB9,0x99,0x05,0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,
0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,0x26,0x6F,0xEA,0x1E,
0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,
0x9E,0x27,0x49,0xF4,0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,
0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,0xA6,0xA2,0x4C,0x08,
0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,
0x18,0xD0,0x8B,0xC8,0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,
0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5,
};
DH* dh = 0;
if (!dhParamsFile.empty())
{
BIO* bio = BIO_new_file(dhParamsFile.c_str(), "r");
if (!bio)
{
std::string msg = Utility::getLastError();
throw SSLContextException(std::string("Error opening Diffie-Hellman parameters file ") + dhParamsFile, msg);
}
dh = PEM_read_bio_DHparams(bio, 0, 0, 0);
BIO_free(bio);
if (!dh)
{
std::string msg = Utility::getLastError();
throw SSLContextException(std::string("Error reading Diffie-Hellman parameters from file ") + dhParamsFile, msg);
}
}
else
{
dh = DH_new();
if (!dh)
{
std::string msg = Utility::getLastError();
throw SSLContextException("Error creating Diffie-Hellman parameters", msg);
}
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
BIGNUM* p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
BIGNUM* g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
DH_set0_pqg(dh, p, 0, g);
DH_set_length(dh, 160);
if (!p || !g)
{
DH_free(dh);
throw SSLContextException("Error creating Diffie-Hellman parameters");
}
#else
dh->p = BN_bin2bn(dh1024_p, sizeof(dh1024_p), 0);
dh->g = BN_bin2bn(dh1024_g, sizeof(dh1024_g), 0);
dh->length = 160;
if ((!dh->p) || (!dh->g))
{
DH_free(dh);
throw SSLContextException("Error creating Diffie-Hellman parameters");
}
#endif
}
SSL_CTX_set_tmp_dh(_pSSLContext, dh);
SSL_CTX_set_options(_pSSLContext, SSL_OP_SINGLE_DH_USE);
DH_free(dh);
#else
if (!dhParamsFile.empty())
throw SSLContextException("OpenSSL does not support DH");
#endif
}
int main(int argc, char **argv){
int result=OK;
int x;
char buffer[MAX_INPUT_BUFFER];
#ifdef HAVE_SSL
DH *dh;
#endif
result=process_arguments(argc,argv);
if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE){
printf("\n");
printf("NRPE - Nagios Remote Plugin Executor\n");
printf("Copyright (c) 1999-2003 Ethan Galstad ([email protected])\n");
printf("Version: %s\n",PROGRAM_VERSION);
printf("Last Modified: %s\n",MODIFICATION_DATE);
printf("License: GPL with exemptions (-l for more info)\n");
#ifdef HAVE_SSL
printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
#endif
printf("\n");
#ifdef ENABLE_COMMAND_ARGUMENTS
printf("***************************************************************\n");
printf("** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **\n");
printf("** Read the NRPE SECURITY file for more information **\n");
printf("***************************************************************\n");
printf("\n");
#endif
}
if(show_license==TRUE)
display_license();
else if(result!=OK || show_help==TRUE){
printf("Usage: nrpe -c <config_file> <mode>\n");
printf("\n");
printf("Options:\n");
printf(" <config_file> = Name of config file to use\n");
printf(" <mode> = One of the following two operating modes:\n");
printf(" -i = Run as a service under inetd or xinetd\n");
printf(" -d = Run as a standalone daemon\n");
printf("\n");
printf("Notes:\n");
printf("This program is designed to process requests from the check_nrpe\n");
printf("plugin on the host(s) running Nagios. It can run as a service\n");
printf("under inetd or xinetd (read the docs for info on this), or as a\n");
printf("standalone daemon. Once a request is received from an authorized\n");
printf("host, NRPE will execute the command/plugin (as defined in the\n");
printf("config file) and return the plugin output and return code to the\n");
printf("check_nrpe plugin.\n");
printf("\n");
}
if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE)
exit(STATE_UNKNOWN);
/* open a connection to the syslog facility */
openlog("nrpe",LOG_PID,LOG_DAEMON);
/* read the config file */
result=read_config_file(config_file);
/* exit if there are errors... */
if(result==ERROR){
syslog(LOG_ERR,"Config file '%s' contained errors, bailing out...",config_file);
return STATE_CRITICAL;
}
/* initialize macros */
for(x=0;x<MAX_COMMAND_ARGUMENTS;x++)
macro_argv[x]=NULL;
/* generate the CRC 32 table */
generate_crc32_table();
#ifdef HAVE_SSL
/* initialize SSL */
if(use_ssl==TRUE){
SSL_library_init();
SSLeay_add_ssl_algorithms();
meth=SSLv23_server_method();
SSL_load_error_strings();
if((ctx=SSL_CTX_new(meth))==NULL){
syslog(LOG_ERR,"Error: could not create SSL context.\n");
exit(STATE_CRITICAL);
}
/*SSL_CTX_set_cipher_list(ctx,"ALL");*/
SSL_CTX_set_cipher_list(ctx,"ADH");
dh=get_dh512();
SSL_CTX_set_tmp_dh(ctx,dh);
DH_free(dh);
if(debug==TRUE)
syslog(LOG_INFO,"INFO: SSL/TLS initialized. All network traffic will be encrypted.");
}
else{
if(debug==TRUE)
syslog(LOG_INFO,"INFO: SSL/TLS NOT initialized. Network encryption DISABLED.");
}
#endif
/* wait for connections */
wait_for_connections();
#ifdef HAVE_SSL
if(use_ssl==TRUE)
SSL_CTX_free(ctx);
#endif
/* We are now running in daemon mode, or the connection handed over by inetd has
been completed, so the parent process exits */
return STATE_OK;
}
// .. c:function::
ch_error_t
ch_en_start(ch_encryption_t* enc)
// :noindex:
//
// see: :c:func:`ch_en_start`
//
// .. code-block:: cpp
//
{
ch_chirp_t* chirp = enc->chirp;
A(chirp->_init == CH_CHIRP_MAGIC, "Not a ch_chirp_t*");
ch_chirp_int_t* ichirp = chirp->_;
if(!_ch_en_manual_openssl) {
int tmp_err;
_ch_en_openssl_ref_count += 1;
L(
chirp,
"Initializing the OpenSSL library. ch_chirp_t:%p",
(void*) chirp
);
tmp_err = ch_en_openssl_init();
if(tmp_err != CH_SUCCESS) {
L(
chirp,
"Could not initialize the OpenSSL library. ch_chirp_t:%p",
(void*) chirp
);
return tmp_err;
}
}
const SSL_METHOD* method = TLSv1_2_method();
if(method == NULL) {
E(
chirp,
"Could not get the TLSv1_2_method. ch_chirp_t:%p",
(void*) chirp
);
return CH_TLS_ERROR;
}
enc->ssl_ctx = SSL_CTX_new(method);
if(enc->ssl_ctx == NULL) {
E(
chirp,
"Could create the SSL_CTX. ch_chirp_t:%p",
(void*) chirp
);
return CH_TLS_ERROR;
}
SSL_CTX_set_mode(
enc->ssl_ctx,
SSL_MODE_AUTO_RETRY |
SSL_MODE_ENABLE_PARTIAL_WRITE
);
SSL_CTX_set_options(enc->ssl_ctx, SSL_OP_NO_COMPRESSION);
SSL_CTX_set_verify(
enc->ssl_ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
NULL
);
SSL_CTX_set_verify_depth(enc->ssl_ctx, 5);
if(SSL_CTX_load_verify_locations(
enc->ssl_ctx,
ichirp->config.CERT_CHAIN_PEM,
NULL
) != 1) {
E(
chirp,
"Could not set the verification certificate "
"%s. ch_chirp_t:%p",
ichirp->config.CERT_CHAIN_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
if(SSL_CTX_use_certificate_chain_file(
enc->ssl_ctx,
ichirp->config.CERT_CHAIN_PEM
) != 1) {
E(
chirp,
"Could not set the certificate %s. ch_chirp_t:%p",
ichirp->config.CERT_CHAIN_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
if(SSL_CTX_use_PrivateKey_file(
enc->ssl_ctx,
ichirp->config.CERT_CHAIN_PEM,
SSL_FILETYPE_PEM
) != 1) {
E(
chirp,
"Could not set the private key %s. ch_chirp_t:%p",
ichirp->config.CERT_CHAIN_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
if(SSL_CTX_check_private_key(enc->ssl_ctx) != 1) {
E(
chirp,
"Private key is not valid %s. ch_chirp_t:%p",
ichirp->config.CERT_CHAIN_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
DH *dh = NULL;
FILE *paramfile;
paramfile = fopen(ichirp->config.DH_PARAMS_PEM, "r");
if(paramfile == NULL) {
E(
chirp,
"Could not open the dh-params %s. ch_chirp_t:%p",
ichirp->config.DH_PARAMS_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
dh = PEM_read_DHparams(paramfile, NULL, NULL, NULL);
fclose(paramfile);
if(dh == NULL) {
E(
chirp,
"Could not load the dh-params %s. ch_chirp_t:%p",
ichirp->config.DH_PARAMS_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
if(SSL_CTX_set_tmp_dh(enc->ssl_ctx, dh) != 1) {
E(
chirp,
"Could not set the dh-params %s. ch_chirp_t:%p",
ichirp->config.DH_PARAMS_PEM,
(void*) chirp
);
return CH_TLS_ERROR;
}
if(SSL_CTX_set_cipher_list(
enc->ssl_ctx,
"-ALL:"
"DHE-DSS-AES256-GCM-SHA384:"
"DHE-RSA-AES256-GCM-SHA384:"
"DHE-RSA-AES256-SHA256:"
"DHE-DSS-AES256-SHA256:"
) != 1) {
E(
chirp,
"Could not set the cipher list. ch_chirp_t:%p",
(void*) chirp
);
return CH_TLS_ERROR;
}
L(
chirp,
"Created SSL context for chirp. ch_chirp_t:%p",
(void*) chirp
);
return CH_SUCCESS;
}
int rehash_ssl(void)
{
DH *dh_tmp = NULL;
if(ircdssl_ctx)
{
SSL_CTX_free(ircdssl_ctx);
}
if(!(ircdssl_ctx = SSL_CTX_new(SSLv23_server_method())))
{
disable_ssl(1);
return 0;
}
/* Kill SSLv2 support */
SSL_CTX_set_options(ircdssl_ctx, SSL_OP_NO_SSLv2);
if (SSL_CTX_use_certificate_file(ircdssl_ctx,
IRCDSSL_CPATH, SSL_FILETYPE_PEM) <= 0)
{
disable_ssl(1);
return 0;
}
if (SSL_CTX_use_PrivateKey_file(ircdssl_ctx,
IRCDSSL_KPATH, SSL_FILETYPE_PEM) <= 0)
{
disable_ssl(1);
return 0;
}
if (!SSL_CTX_check_private_key(ircdssl_ctx))
{
sendto_realops("SSL ERROR: Server certificate does not match server key");
disable_ssl(0);
return 0;
}
if (!SSL_CTX_set_cipher_list(ircdssl_ctx, IRCD_CIPHER_LIST))
{
disable_ssl(1);
return 0;
}
if ((dh_tmp = get_dh1024()) == NULL)
{
disable_ssl(1);
return 0;
}
if (!SSL_CTX_set_tmp_dh(ircdssl_ctx, dh_tmp))
{
disable_ssl(1);
DH_free(dh_tmp);
return 0;
}
DH_free(dh_tmp);
return 1;
}
/** Create a new TLS context for use with Tor TLS handshakes.
* <b>identity</b> should be set to the identity key used to sign the
* certificate, and <b>nickname</b> set to the nickname to use.
*
* You can call this function multiple times. Each time you call it,
* it generates new certificates; all new connections will use
* the new SSL context.
*/
int
tor_tls_context_new(crypto_pk_env_t *identity, unsigned int key_lifetime)
{
crypto_pk_env_t *rsa = NULL;
EVP_PKEY *pkey = NULL;
tor_tls_context_t *result = NULL;
X509 *cert = NULL, *idcert = NULL;
char *nickname = NULL, *nn2 = NULL;
tor_tls_init();
nickname = crypto_random_hostname(8, 20, "www.", ".net");
nn2 = crypto_random_hostname(8, 20, "www.", ".net");
/* Generate short-term RSA key. */
if (!(rsa = crypto_new_pk_env()))
goto error;
if (crypto_pk_generate_key(rsa)<0)
goto error;
/* Create certificate signed by identity key. */
cert = tor_tls_create_certificate(rsa, identity, nickname, nn2,
key_lifetime);
/* Create self-signed certificate for identity key. */
idcert = tor_tls_create_certificate(identity, identity, nn2, nn2,
IDENTITY_CERT_LIFETIME);
if (!cert || !idcert) {
log(LOG_WARN, LD_CRYPTO, "Error creating certificate");
goto error;
}
result = tor_malloc_zero(sizeof(tor_tls_context_t));
result->refcnt = 1;
result->my_cert = X509_dup(cert);
result->my_id_cert = X509_dup(idcert);
result->key = crypto_pk_dup_key(rsa);
#ifdef EVERYONE_HAS_AES
/* Tell OpenSSL to only use TLS1 */
if (!(result->ctx = SSL_CTX_new(TLSv1_method())))
goto error;
#else
/* Tell OpenSSL to use SSL3 or TLS1 but not SSL2. */
if (!(result->ctx = SSL_CTX_new(SSLv23_method())))
goto error;
SSL_CTX_set_options(result->ctx, SSL_OP_NO_SSLv2);
#endif
SSL_CTX_set_options(result->ctx, SSL_OP_SINGLE_DH_USE);
#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
SSL_CTX_set_options(result->ctx,
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
#endif
/* Yes, we know what we are doing here. No, we do not treat a renegotiation
* as authenticating any earlier-received data.
*/
if (use_unsafe_renegotiation_op) {
SSL_CTX_set_options(result->ctx,
SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION);
}
/* Don't actually allow compression; it uses ram and time, but the data
* we transmit is all encrypted anyway. */
if (result->ctx->comp_methods)
result->ctx->comp_methods = NULL;
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(result->ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
if (cert && !SSL_CTX_use_certificate(result->ctx,cert))
goto error;
X509_free(cert); /* We just added a reference to cert. */
cert=NULL;
if (idcert) {
X509_STORE *s = SSL_CTX_get_cert_store(result->ctx);
tor_assert(s);
X509_STORE_add_cert(s, idcert);
X509_free(idcert); /* The context now owns the reference to idcert */
idcert = NULL;
}
SSL_CTX_set_session_cache_mode(result->ctx, SSL_SESS_CACHE_OFF);
tor_assert(rsa);
if (!(pkey = _crypto_pk_env_get_evp_pkey(rsa,1)))
goto error;
if (!SSL_CTX_use_PrivateKey(result->ctx, pkey))
goto error;
EVP_PKEY_free(pkey);
pkey = NULL;
if (!SSL_CTX_check_private_key(result->ctx))
goto error;
{
crypto_dh_env_t *dh = crypto_dh_new();
SSL_CTX_set_tmp_dh(result->ctx, _crypto_dh_env_get_dh(dh));
crypto_dh_free(dh);
}
SSL_CTX_set_verify(result->ctx, SSL_VERIFY_PEER,
always_accept_verify_cb);
/* let us realloc bufs that we're writing from */
SSL_CTX_set_mode(result->ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
/* Free the old context if one exists. */
if (global_tls_context) {
/* This is safe even if there are open connections: OpenSSL does
* reference counting with SSL and SSL_CTX objects. */
tor_tls_context_decref(global_tls_context);
}
global_tls_context = result;
if (rsa)
crypto_free_pk_env(rsa);
tor_free(nickname);
tor_free(nn2);
return 0;
error:
tls_log_errors(NULL, LOG_WARN, "creating TLS context");
tor_free(nickname);
tor_free(nn2);
if (pkey)
EVP_PKEY_free(pkey);
if (rsa)
crypto_free_pk_env(rsa);
if (result)
tor_tls_context_decref(result);
if (cert)
X509_free(cert);
if (idcert)
X509_free(idcert);
return -1;
}
/** Initialize the SSL context.
* \return pointer to SSL context object.
*/
SSL_CTX *
ssl_init(char *private_key_file, char *ca_file, int req_client_cert)
{
const SSL_METHOD *meth; /* If this const gives you a warning, you're
using an old version of OpenSSL. Walker, this means you! */
/* uint8_t context[128]; */
DH *dh;
unsigned int reps = 1;
if (!bio_err) {
if (!SSL_library_init())
return NULL;
SSL_load_error_strings();
/* Error write context */
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
}
lock_file(stderr);
fputs("Seeding OpenSSL random number pool.\n", stderr);
unlock_file(stderr);
while (!RAND_status()) {
/* At this point, a system with /dev/urandom or a EGD file in the usual
places will have enough entropy. Otherwise, be lazy and use random numbers
until it's satisfied. */
uint32_t gibberish[4];
int n;
/* sfmt_fill_array32 requires a much larger array. */
for (n = 0; n < 4; n++)
gibberish[n] = sfmt_genrand_uint32(&rand_state);
RAND_seed(gibberish, sizeof gibberish);
reps += 1;
}
lock_file(stderr);
fprintf(stderr, "Seeded after %u %s.\n", reps, reps > 1 ? "cycles" : "cycle");
unlock_file(stderr);
/* Set up SIGPIPE handler here? */
/* Create context */
meth = SSLv23_server_method();
ctx = SSL_CTX_new(meth);
/* Load keys/certs */
if (private_key_file && *private_key_file) {
if (!SSL_CTX_use_certificate_chain_file(ctx, private_key_file)) {
ssl_errordump
("Unable to load server certificate - only anonymous ciphers supported.");
}
if (!SSL_CTX_use_PrivateKey_file(ctx, private_key_file, SSL_FILETYPE_PEM)) {
ssl_errordump
("Unable to load private key - only anonymous ciphers supported.");
}
}
/* Load trusted CAs */
if (ca_file && *ca_file) {
if (!SSL_CTX_load_verify_locations(ctx, ca_file, NULL)) {
ssl_errordump("Unable to load CA certificates");
} else {
if (req_client_cert)
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
client_verify_callback);
else
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, client_verify_callback);
#if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
SSL_CTX_set_verify_depth(ctx, 1);
#endif
}
}
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE | SSL_OP_ALL);
SSL_CTX_set_mode(ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
/* Set up DH callback */
dh = get_dh1024();
SSL_CTX_set_tmp_dh(ctx, dh);
/* The above function makes a private copy of this */
DH_free(dh);
/* Set the cipher list to the usual default list, except that
* we'll allow anonymous diffie-hellman, too.
*/
SSL_CTX_set_cipher_list(ctx, "ALL:ADH:RC4+RSA:+SSLv2:@STRENGTH");
/* Set up session cache if we can */
/*
strncpy((char *) context, MUDNAME, 128);
SSL_CTX_set_session_id_context(ctx, context, strlen(context));
*/
return ctx;
}
int main(int argc, char **argv){
int result=OK;
int x;
char buffer[MAX_INPUT_BUFFER];
char *env_string=NULL;
#ifdef HAVE_SSL
DH *dh;
char seedfile[FILENAME_MAX];
int i,c;
#endif
/* set some environment variables */
asprintf(&env_string,"NRPE_MULTILINESUPPORT=1");
putenv(env_string);
asprintf(&env_string,"NRPE_PROGRAMVERSION=%s",PROGRAM_VERSION);
putenv(env_string);
/* process command-line args */
result=process_arguments(argc,argv);
if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE){
printf("\n");
printf("NRPE - Nagios Remote Plugin Executor\n");
printf("Copyright (c) 1999-2008 Ethan Galstad ([email protected])\n");
printf("Version: %s\n",PROGRAM_VERSION);
printf("Last Modified: %s\n",MODIFICATION_DATE);
printf("License: GPL v2 with exemptions (-l for more info)\n");
#ifdef HAVE_SSL
printf("SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required\n");
#endif
#ifdef HAVE_LIBWRAP
printf("TCP Wrappers Available\n");
#endif
printf("\n");
#ifdef ENABLE_COMMAND_ARGUMENTS
printf("***************************************************************\n");
printf("** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **\n");
printf("** Read the NRPE SECURITY file for more information **\n");
printf("***************************************************************\n");
printf("\n");
#endif
#ifndef HAVE_LIBWRAP
printf("***************************************************************\n");
printf("** POSSIBLE SECURITY RISK - TCP WRAPPERS ARE NOT AVAILABLE! **\n");
printf("** Read the NRPE SECURITY file for more information **\n");
printf("***************************************************************\n");
printf("\n");
#endif
}
if(show_license==TRUE)
display_license();
else if(result!=OK || show_help==TRUE){
printf("Usage: nrpe [-n] -c <config_file> <mode>\n");
printf("\n");
printf("Options:\n");
printf(" -n = Do not use SSL\n");
printf(" <config_file> = Name of config file to use\n");
printf(" <mode> = One of the following two operating modes:\n");
printf(" -i = Run as a service under inetd or xinetd\n");
printf(" -d = Run as a standalone daemon\n");
printf("\n");
printf("Notes:\n");
printf("This program is designed to process requests from the check_nrpe\n");
printf("plugin on the host(s) running Nagios. It can run as a service\n");
printf("under inetd or xinetd (read the docs for info on this), or as a\n");
printf("standalone daemon. Once a request is received from an authorized\n");
printf("host, NRPE will execute the command/plugin (as defined in the\n");
printf("config file) and return the plugin output and return code to the\n");
printf("check_nrpe plugin.\n");
printf("\n");
}
if(result!=OK || show_help==TRUE || show_license==TRUE || show_version==TRUE)
exit(STATE_UNKNOWN);
/* open a connection to the syslog facility */
/* facility name may be overridden later */
get_log_facility(NRPE_LOG_FACILITY);
openlog("nrpe",LOG_PID,log_facility);
/* make sure the config file uses an absolute path */
if(config_file[0]!='/'){
/* save the name of the config file */
strncpy(buffer,config_file,sizeof(buffer));
buffer[sizeof(buffer)-1]='\x0';
/* get absolute path of current working directory */
strcpy(config_file,"");
getcwd(config_file,sizeof(config_file));
/* append a forward slash */
strncat(config_file,"/",sizeof(config_file)-2);
config_file[sizeof(config_file)-1]='\x0';
/* append the config file to the path */
strncat(config_file,buffer,sizeof(config_file)-strlen(config_file)-1);
config_file[sizeof(config_file)-1]='\x0';
}
/* read the config file */
result=read_config_file(config_file);
/* exit if there are errors... */
if(result==ERROR){
syslog(LOG_ERR,"Config file '%s' contained errors, aborting...",config_file);
return STATE_CRITICAL;
}
/* generate the CRC 32 table */
generate_crc32_table();
/* initialize macros */
for(x=0;x<MAX_COMMAND_ARGUMENTS;x++)
macro_argv[x]=NULL;
#ifdef HAVE_SSL
/* initialize SSL */
if(use_ssl==TRUE){
SSL_library_init();
SSLeay_add_ssl_algorithms();
meth=SSLv23_server_method();
SSL_load_error_strings();
/* use week random seed if necessary */
if(allow_weak_random_seed && (RAND_status()==0)){
if(RAND_file_name(seedfile,sizeof(seedfile)-1))
if(RAND_load_file(seedfile,-1))
RAND_write_file(seedfile);
if(RAND_status()==0){
syslog(LOG_ERR,"Warning: SSL/TLS uses a weak random seed which is highly discouraged");
srand(time(NULL));
for(i=0;i<500 && RAND_status()==0;i++){
for(c=0;c<sizeof(seedfile);c+=sizeof(int)){
*((int *)(seedfile+c))=rand();
}
RAND_seed(seedfile,sizeof(seedfile));
}
}
}
if((ctx=SSL_CTX_new(meth))==NULL){
syslog(LOG_ERR,"Error: could not create SSL context.\n");
exit(STATE_CRITICAL);
}
/* ADDED 01/19/2004 */
/* use only TLSv1 protocol */
SSL_CTX_set_options(ctx,SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
/* use anonymous DH ciphers */
SSL_CTX_set_cipher_list(ctx,"ADH");
dh=get_dh512();
SSL_CTX_set_tmp_dh(ctx,dh);
DH_free(dh);
if(debug==TRUE)
syslog(LOG_INFO,"INFO: SSL/TLS initialized. All network traffic will be encrypted.");
}
else{
if(debug==TRUE)
syslog(LOG_INFO,"INFO: SSL/TLS NOT initialized. Network encryption DISABLED.");
}
#endif
/* if we're running under inetd... */
if(use_inetd==TRUE){
/* make sure we're not root */
check_privileges();
/* redirect STDERR to /dev/null */
close(2);
open("/dev/null",O_WRONLY);
/* handle the connection */
handle_connection(0);
}
/* else daemonize and start listening for requests... */
else if(fork()==0){
/* we're a daemon - set up a new process group */
setsid();
/* close standard file descriptors */
close(0);
close(1);
close(2);
/* redirect standard descriptors to /dev/null */
open("/dev/null",O_RDONLY);
open("/dev/null",O_WRONLY);
open("/dev/null",O_WRONLY);
chdir("/");
/*umask(0);*/
/* handle signals */
signal(SIGQUIT,sighandler);
signal(SIGTERM,sighandler);
signal(SIGHUP,sighandler);
/* log info to syslog facility */
syslog(LOG_NOTICE,"Starting up daemon");
/* write pid file */
if(write_pid_file()==ERROR)
return STATE_CRITICAL;
/* drop privileges */
drop_privileges(nrpe_user,nrpe_group);
/* make sure we're not root */
check_privileges();
do{
/* reset flags */
sigrestart=FALSE;
sigshutdown=FALSE;
/* wait for connections */
wait_for_connections();
/* free all memory we allocated */
free_memory();
if(sigrestart==TRUE){
/* read the config file */
result=read_config_file(config_file);
/* exit if there are errors... */
if(result==ERROR){
syslog(LOG_ERR,"Config file '%s' contained errors, bailing out...",config_file);
return STATE_CRITICAL;
}
}
}while(sigrestart==TRUE && sigshutdown==FALSE);
/* remove pid file */
remove_pid_file();
syslog(LOG_NOTICE,"Daemon shutdown\n");
}
#ifdef HAVE_SSL
if(use_ssl==TRUE)
SSL_CTX_free(ctx);
#endif
/* We are now running in daemon mode, or the connection handed over by inetd has
been completed, so the parent process exits */
return STATE_OK;
}
static Ecore_Con_Ssl_Error
_ecore_con_ssl_server_prepare_openssl(Ecore_Con_Server *svr,
int ssl_type)
{
long options;
int dh = 0;
if (ssl_type & ECORE_CON_USE_SSL2)
return ECORE_CON_SSL_ERROR_SSL2_NOT_SUPPORTED;
switch (ssl_type)
{
case ECORE_CON_USE_SSL3:
case ECORE_CON_USE_SSL3 | ECORE_CON_LOAD_CERT:
if (!svr->created)
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(SSLv3_client_method())));
else
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(SSLv3_server_method())));
break;
case ECORE_CON_USE_TLS:
case ECORE_CON_USE_TLS | ECORE_CON_LOAD_CERT:
if (!svr->created)
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(TLSv1_client_method())));
else
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(TLSv1_server_method())));
break;
case ECORE_CON_USE_MIXED:
case ECORE_CON_USE_MIXED | ECORE_CON_LOAD_CERT:
if (!svr->created)
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(SSLv23_client_method())));
else
SSL_ERROR_CHECK_GOTO_ERROR(!(svr->ssl_ctx = SSL_CTX_new(SSLv23_server_method())));
options = SSL_CTX_get_options(svr->ssl_ctx);
SSL_CTX_set_options(svr->ssl_ctx, options | SSL_OP_NO_SSLv2 | SSL_OP_SINGLE_DH_USE);
break;
default:
return ECORE_CON_SSL_ERROR_NONE;
}
if ((!svr->use_cert) && svr->created)
{
DH *dh_params;
INF("Generating DH params");
SSL_ERROR_CHECK_GOTO_ERROR(!(dh_params = DH_new()));
SSL_ERROR_CHECK_GOTO_ERROR(!DH_generate_parameters_ex(dh_params, 1024, DH_GENERATOR_5, NULL));
SSL_ERROR_CHECK_GOTO_ERROR(!DH_check(dh_params, &dh));
SSL_ERROR_CHECK_GOTO_ERROR((dh & DH_CHECK_P_NOT_PRIME) || (dh & DH_CHECK_P_NOT_SAFE_PRIME));
SSL_ERROR_CHECK_GOTO_ERROR(!DH_generate_key(dh_params));
SSL_ERROR_CHECK_GOTO_ERROR(!SSL_CTX_set_tmp_dh(svr->ssl_ctx, dh_params));
DH_free(dh_params);
INF("DH params successfully generated and applied!");
SSL_ERROR_CHECK_GOTO_ERROR(!SSL_CTX_set_cipher_list(svr->ssl_ctx, "aNULL:!eNULL:!LOW:!EXPORT:@STRENGTH"));
}
else if (!svr->use_cert)
SSL_ERROR_CHECK_GOTO_ERROR(!SSL_CTX_set_cipher_list(svr->ssl_ctx, "aNULL:!eNULL:!LOW:!EXPORT:!ECDH:RSA:AES:!PSK:@STRENGTH"));
return ECORE_CON_SSL_ERROR_NONE;
error:
if (dh)
{
if (dh & DH_CHECK_P_NOT_PRIME)
ERR("openssl error: dh_params could not generate a prime!");
else
ERR("openssl error: dh_params could not generate a safe prime!");
}
else
_openssl_print_errors();
_ecore_con_ssl_server_shutdown_openssl(svr);
return ECORE_CON_SSL_ERROR_SERVER_INIT_FAILED;
}
void SSLContextManager::addSSLContextConfig(
const SSLContextConfig& ctxConfig,
const SSLCacheOptions& cacheOptions,
const TLSTicketKeySeeds* ticketSeeds,
const folly::SocketAddress& vipAddress,
const std::shared_ptr<SSLCacheProvider>& externalCache) {
unsigned numCerts = 0;
std::string commonName;
std::string lastCertPath;
std::unique_ptr<std::list<std::string>> subjectAltName;
auto sslCtx = std::make_shared<SSLContext>(ctxConfig.sslVersion);
for (const auto& cert : ctxConfig.certificates) {
try {
sslCtx->loadCertificate(cert.certPath.c_str());
} catch (const std::exception& ex) {
// The exception isn't very useful without the certificate path name,
// so throw a new exception that includes the path to the certificate.
string msg = folly::to<string>("error loading SSL certificate ",
cert.certPath, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
// Verify that the Common Name and (if present) Subject Alternative Names
// are the same for all the certs specified for the SSL context.
numCerts++;
X509* x509 = getX509(sslCtx->getSSLCtx());
auto guard = folly::makeGuard([x509] { X509_free(x509); });
auto cn = SSLUtil::getCommonName(x509);
if (!cn) {
throw std::runtime_error(folly::to<string>("Cannot get CN for X509 ",
cert.certPath));
}
auto altName = SSLUtil::getSubjectAltName(x509);
VLOG(2) << "cert " << cert.certPath << " CN: " << *cn;
if (altName) {
altName->sort();
VLOG(2) << "cert " << cert.certPath << " SAN: " << flattenList(*altName);
} else {
VLOG(2) << "cert " << cert.certPath << " SAN: " << "{none}";
}
if (numCerts == 1) {
commonName = *cn;
subjectAltName = std::move(altName);
} else {
if (commonName != *cn) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same CN as ",
lastCertPath));
}
if (altName == nullptr) {
if (subjectAltName != nullptr) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same SAN as ",
lastCertPath));
}
} else {
if ((subjectAltName == nullptr) || (*altName != *subjectAltName)) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same SAN as ",
lastCertPath));
}
}
}
lastCertPath = cert.certPath;
// TODO t4438250 - Add ECDSA support to the crypto_ssl offload server
// so we can avoid storing the ECDSA private key in the
// address space of the Internet-facing process. For
// now, if cert name includes "-EC" to denote elliptic
// curve, we load its private key even if the server as
// a whole has been configured for async crypto.
if (ctxConfig.isLocalPrivateKey ||
(cert.certPath.find("-EC") != std::string::npos)) {
// The private key lives in the same process
// This needs to be called before loadPrivateKey().
if (!cert.passwordPath.empty()) {
auto sslPassword = std::make_shared<PasswordInFile>(cert.passwordPath);
sslCtx->passwordCollector(sslPassword);
}
try {
sslCtx->loadPrivateKey(cert.keyPath.c_str());
} catch (const std::exception& ex) {
// Throw an error that includes the key path, so the user can tell
// which key had a problem.
string msg = folly::to<string>("error loading private SSL key ",
cert.keyPath, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
}
if (!ctxConfig.isLocalPrivateKey) {
enableAsyncCrypto(sslCtx);
}
// Let the server pick the highest performing cipher from among the client's
// choices.
//
// Let's use a unique private key for all DH key exchanges.
//
// Because some old implementations choke on empty fragments, most SSL
// applications disable them (it's part of SSL_OP_ALL). This
// will improve performance and decrease write buffer fragmentation.
sslCtx->setOptions(SSL_OP_CIPHER_SERVER_PREFERENCE |
SSL_OP_SINGLE_DH_USE |
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
// Configure SSL ciphers list
if (!ctxConfig.tls11Ciphers.empty()) {
// FIXME: create a dummy SSL_CTX for cipher testing purpose? It can
// remove the ordering dependency
// Test to see if the specified TLS1.1 ciphers are valid. Note that
// these will be overwritten by the ciphers() call below.
sslCtx->setCiphersOrThrow(ctxConfig.tls11Ciphers);
}
// Important that we do this *after* checking the TLS1.1 ciphers above,
// since we test their validity by actually setting them.
sslCtx->ciphers(ctxConfig.sslCiphers);
// Use a fix DH param
DH* dh = get_dh2048();
SSL_CTX_set_tmp_dh(sslCtx->getSSLCtx(), dh);
DH_free(dh);
const string& curve = ctxConfig.eccCurveName;
if (!curve.empty()) {
set_key_from_curve(sslCtx->getSSLCtx(), curve);
}
if (!ctxConfig.clientCAFile.empty()) {
try {
sslCtx->setVerificationOption(SSLContext::VERIFY_REQ_CLIENT_CERT);
sslCtx->loadTrustedCertificates(ctxConfig.clientCAFile.c_str());
sslCtx->loadClientCAList(ctxConfig.clientCAFile.c_str());
} catch (const std::exception& ex) {
string msg = folly::to<string>("error loading client CA",
ctxConfig.clientCAFile, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
// - start - SSL session cache config
// the internal cache never does what we want (per-thread-per-vip).
// Disable it. SSLSessionCacheManager will set it appropriately.
SSL_CTX_set_session_cache_mode(sslCtx->getSSLCtx(), SSL_SESS_CACHE_OFF);
SSL_CTX_set_timeout(sslCtx->getSSLCtx(),
cacheOptions.sslCacheTimeout.count());
std::unique_ptr<SSLSessionCacheManager> sessionCacheManager;
if (ctxConfig.sessionCacheEnabled &&
cacheOptions.maxSSLCacheSize > 0 &&
cacheOptions.sslCacheFlushSize > 0) {
sessionCacheManager =
folly::make_unique<SSLSessionCacheManager>(
cacheOptions.maxSSLCacheSize,
cacheOptions.sslCacheFlushSize,
sslCtx.get(),
vipAddress,
commonName,
eventBase_,
stats_,
externalCache);
}
// - end - SSL session cache config
std::unique_ptr<TLSTicketKeyManager> ticketManager =
createTicketManagerHelper(sslCtx, ticketSeeds, ctxConfig, stats_);
// finalize sslCtx setup by the individual features supported by openssl
ctxSetupByOpensslFeature(sslCtx, ctxConfig);
try {
insert(sslCtx,
std::move(sessionCacheManager),
std::move(ticketManager),
ctxConfig.isDefault);
} catch (const std::exception& ex) {
string msg = folly::to<string>("Error adding certificate : ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
int network_init(server *srv) {
buffer *b;
size_t i, j;
network_backend_t backend;
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
EC_KEY *ecdh;
int nid;
#endif
#endif
#ifdef USE_OPENSSL
# ifndef OPENSSL_NO_DH
DH *dh;
# endif
BIO *bio;
/* 1024-bit MODP Group with 160-bit prime order subgroup (RFC5114)
* -----BEGIN DH PARAMETERS-----
* MIIBDAKBgQCxC4+WoIDgHd6S3l6uXVTsUsmfvPsGo8aaap3KUtI7YWBz4oZ1oj0Y
* mDjvHi7mUsAT7LSuqQYRIySXXDzUm4O/rMvdfZDEvXCYSI6cIZpzck7/1vrlZEc4
* +qMaT/VbzMChUa9fDci0vUW/N982XBpl5oz9p21NpwjfH7K8LkpDcQKBgQCk0cvV
* w/00EmdlpELvuZkF+BBN0lisUH/WQGz/FCZtMSZv6h5cQVZLd35pD1UE8hMWAhe0
* sBuIal6RVH+eJ0n01/vX07mpLuGQnQ0iY/gKdqaiTAh6CR9THb8KAWm2oorWYqTR
* jnOvoy13nVkY0IvIhY9Nzvl8KiSFXm7rIrOy5QICAKA=
* -----END DH PARAMETERS-----
*/
static const unsigned char dh1024_p[]={
0xB1,0x0B,0x8F,0x96,0xA0,0x80,0xE0,0x1D,0xDE,0x92,0xDE,0x5E,
0xAE,0x5D,0x54,0xEC,0x52,0xC9,0x9F,0xBC,0xFB,0x06,0xA3,0xC6,
0x9A,0x6A,0x9D,0xCA,0x52,0xD2,0x3B,0x61,0x60,0x73,0xE2,0x86,
0x75,0xA2,0x3D,0x18,0x98,0x38,0xEF,0x1E,0x2E,0xE6,0x52,0xC0,
0x13,0xEC,0xB4,0xAE,0xA9,0x06,0x11,0x23,0x24,0x97,0x5C,0x3C,
0xD4,0x9B,0x83,0xBF,0xAC,0xCB,0xDD,0x7D,0x90,0xC4,0xBD,0x70,
0x98,0x48,0x8E,0x9C,0x21,0x9A,0x73,0x72,0x4E,0xFF,0xD6,0xFA,
0xE5,0x64,0x47,0x38,0xFA,0xA3,0x1A,0x4F,0xF5,0x5B,0xCC,0xC0,
0xA1,0x51,0xAF,0x5F,0x0D,0xC8,0xB4,0xBD,0x45,0xBF,0x37,0xDF,
0x36,0x5C,0x1A,0x65,0xE6,0x8C,0xFD,0xA7,0x6D,0x4D,0xA7,0x08,
0xDF,0x1F,0xB2,0xBC,0x2E,0x4A,0x43,0x71,
};
static const unsigned char dh1024_g[]={
0xA4,0xD1,0xCB,0xD5,0xC3,0xFD,0x34,0x12,0x67,0x65,0xA4,0x42,
0xEF,0xB9,0x99,0x05,0xF8,0x10,0x4D,0xD2,0x58,0xAC,0x50,0x7F,
0xD6,0x40,0x6C,0xFF,0x14,0x26,0x6D,0x31,0x26,0x6F,0xEA,0x1E,
0x5C,0x41,0x56,0x4B,0x77,0x7E,0x69,0x0F,0x55,0x04,0xF2,0x13,
0x16,0x02,0x17,0xB4,0xB0,0x1B,0x88,0x6A,0x5E,0x91,0x54,0x7F,
0x9E,0x27,0x49,0xF4,0xD7,0xFB,0xD7,0xD3,0xB9,0xA9,0x2E,0xE1,
0x90,0x9D,0x0D,0x22,0x63,0xF8,0x0A,0x76,0xA6,0xA2,0x4C,0x08,
0x7A,0x09,0x1F,0x53,0x1D,0xBF,0x0A,0x01,0x69,0xB6,0xA2,0x8A,
0xD6,0x62,0xA4,0xD1,0x8E,0x73,0xAF,0xA3,0x2D,0x77,0x9D,0x59,
0x18,0xD0,0x8B,0xC8,0x85,0x8F,0x4D,0xCE,0xF9,0x7C,0x2A,0x24,
0x85,0x5E,0x6E,0xEB,0x22,0xB3,0xB2,0xE5,
};
#endif
struct nb_map {
network_backend_t nb;
const char *name;
} network_backends[] = {
/* lowest id wins */
#if defined USE_SENDFILE
{ NETWORK_BACKEND_SENDFILE, "sendfile" },
#endif
#if defined USE_LINUX_SENDFILE
{ NETWORK_BACKEND_SENDFILE, "linux-sendfile" },
#endif
#if defined USE_FREEBSD_SENDFILE
{ NETWORK_BACKEND_SENDFILE, "freebsd-sendfile" },
#endif
#if defined USE_SOLARIS_SENDFILEV
{ NETWORK_BACKEND_SENDFILE, "solaris-sendfilev" },
#endif
#if defined USE_WRITEV
{ NETWORK_BACKEND_WRITEV, "writev" },
#endif
{ NETWORK_BACKEND_WRITE, "write" },
{ NETWORK_BACKEND_UNSET, NULL }
};
#ifdef USE_OPENSSL
/* load SSL certificates */
for (i = 0; i < srv->config_context->used; i++) {
specific_config *s = srv->config_storage[i];
#ifndef SSL_OP_NO_COMPRESSION
# define SSL_OP_NO_COMPRESSION 0
#endif
long ssloptions =
SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | SSL_OP_NO_COMPRESSION;
if (buffer_string_is_empty(s->ssl_pemfile) && buffer_string_is_empty(s->ssl_ca_file)) continue;
if (srv->ssl_is_init == 0) {
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
srv->ssl_is_init = 1;
if (0 == RAND_status()) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
"not enough entropy in the pool");
return -1;
}
}
if (!buffer_string_is_empty(s->ssl_pemfile)) {
#ifdef OPENSSL_NO_TLSEXT
data_config *dc = (data_config *)srv->config_context->data[i];
if (COMP_HTTP_HOST == dc->comp) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
"can't use ssl.pemfile with $HTTP[\"host\"], openssl version does not support TLS extensions");
return -1;
}
#endif
if (network_openssl_load_pemfile(srv, i)) return -1;
}
if (!buffer_string_is_empty(s->ssl_ca_file)) {
s->ssl_ca_file_cert_names = SSL_load_client_CA_file(s->ssl_ca_file->ptr);
if (NULL == s->ssl_ca_file_cert_names) {
log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
ERR_error_string(ERR_get_error(), NULL), s->ssl_ca_file);
}
}
if (buffer_string_is_empty(s->ssl_pemfile) || !s->ssl_enabled) continue;
if (NULL == (s->ssl_ctx = SSL_CTX_new(SSLv23_server_method()))) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
ERR_error_string(ERR_get_error(), NULL));
return -1;
}
/* completely useless identifier; required for client cert verification to work with sessions */
if (0 == SSL_CTX_set_session_id_context(s->ssl_ctx, (const unsigned char*) CONST_STR_LEN("lighttpd"))) {
log_error_write(srv, __FILE__, __LINE__, "ss:s", "SSL:",
"failed to set session context",
ERR_error_string(ERR_get_error(), NULL));
return -1;
}
if (s->ssl_empty_fragments) {
#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS
ssloptions &= ~SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
#else
ssloptions &= ~0x00000800L; /* hardcode constant */
log_error_write(srv, __FILE__, __LINE__, "ss", "WARNING: SSL:",
"'insert empty fragments' not supported by the openssl version used to compile lighttpd with");
#endif
}
SSL_CTX_set_options(s->ssl_ctx, ssloptions);
SSL_CTX_set_info_callback(s->ssl_ctx, ssl_info_callback);
if (!s->ssl_use_sslv2) {
/* disable SSLv2 */
if ((SSL_OP_NO_SSLv2 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv2)) != SSL_OP_NO_SSLv2) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
ERR_error_string(ERR_get_error(), NULL));
return -1;
}
}
if (!s->ssl_use_sslv3) {
/* disable SSLv3 */
if ((SSL_OP_NO_SSLv3 & SSL_CTX_set_options(s->ssl_ctx, SSL_OP_NO_SSLv3)) != SSL_OP_NO_SSLv3) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
ERR_error_string(ERR_get_error(), NULL));
return -1;
}
}
if (!buffer_string_is_empty(s->ssl_cipher_list)) {
/* Disable support for low encryption ciphers */
if (SSL_CTX_set_cipher_list(s->ssl_ctx, s->ssl_cipher_list->ptr) != 1) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
ERR_error_string(ERR_get_error(), NULL));
return -1;
}
if (s->ssl_honor_cipher_order) {
SSL_CTX_set_options(s->ssl_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
}
}
#ifndef OPENSSL_NO_DH
/* Support for Diffie-Hellman key exchange */
if (!buffer_string_is_empty(s->ssl_dh_file)) {
/* DH parameters from file */
bio = BIO_new_file((char *) s->ssl_dh_file->ptr, "r");
if (bio == NULL) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL: Unable to open file", s->ssl_dh_file->ptr);
return -1;
}
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (dh == NULL) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL: PEM_read_bio_DHparams failed", s->ssl_dh_file->ptr);
return -1;
}
} else {
BIGNUM *dh_p, *dh_g;
/* Default DH parameters from RFC5114 */
dh = DH_new();
if (dh == NULL) {
log_error_write(srv, __FILE__, __LINE__, "s", "SSL: DH_new () failed");
return -1;
}
dh_p = BN_bin2bn(dh1024_p,sizeof(dh1024_p), NULL);
dh_g = BN_bin2bn(dh1024_g,sizeof(dh1024_g), NULL);
if ((dh_p == NULL) || (dh_g == NULL)) {
DH_free(dh);
log_error_write(srv, __FILE__, __LINE__, "s", "SSL: BN_bin2bn () failed");
return -1;
}
#if OPENSSL_VERSION_NUMBER < 0x10100000L \
|| defined(LIBRESSL_VERSION_NUMBER)
dh->p = dh_p;
dh->g = dh_g;
dh->length = 160;
#else
DH_set0_pqg(dh, dh_p, NULL, dh_g);
DH_set_length(dh, 160);
#endif
}
SSL_CTX_set_tmp_dh(s->ssl_ctx,dh);
SSL_CTX_set_options(s->ssl_ctx,SSL_OP_SINGLE_DH_USE);
DH_free(dh);
#else
if (!buffer_string_is_empty(s->ssl_dh_file)) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL: openssl compiled without DH support, can't load parameters from", s->ssl_dh_file->ptr);
}
#endif
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
/* Support for Elliptic-Curve Diffie-Hellman key exchange */
if (!buffer_string_is_empty(s->ssl_ec_curve)) {
/* OpenSSL only supports the "named curves" from RFC 4492, section 5.1.1. */
nid = OBJ_sn2nid((char *) s->ssl_ec_curve->ptr);
if (nid == 0) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL: Unknown curve name", s->ssl_ec_curve->ptr);
return -1;
}
} else {
/* Default curve */
nid = OBJ_sn2nid("prime256v1");
}
ecdh = EC_KEY_new_by_curve_name(nid);
if (ecdh == NULL) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL: Unable to create curve", s->ssl_ec_curve->ptr);
return -1;
}
SSL_CTX_set_tmp_ecdh(s->ssl_ctx,ecdh);
SSL_CTX_set_options(s->ssl_ctx,SSL_OP_SINGLE_ECDH_USE);
EC_KEY_free(ecdh);
#endif
#endif
/* load all ssl.ca-files specified in the config into each SSL_CTX to be prepared for SNI */
for (j = 0; j < srv->config_context->used; j++) {
specific_config *s1 = srv->config_storage[j];
if (!buffer_string_is_empty(s1->ssl_ca_file)) {
if (1 != SSL_CTX_load_verify_locations(s->ssl_ctx, s1->ssl_ca_file->ptr, NULL)) {
log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
ERR_error_string(ERR_get_error(), NULL), s1->ssl_ca_file);
return -1;
}
}
}
if (s->ssl_verifyclient) {
if (NULL == s->ssl_ca_file_cert_names) {
log_error_write(srv, __FILE__, __LINE__, "s",
"SSL: You specified ssl.verifyclient.activate but no ca_file"
);
return -1;
}
SSL_CTX_set_client_CA_list(s->ssl_ctx, SSL_dup_CA_list(s->ssl_ca_file_cert_names));
SSL_CTX_set_verify(
s->ssl_ctx,
SSL_VERIFY_PEER | (s->ssl_verifyclient_enforce ? SSL_VERIFY_FAIL_IF_NO_PEER_CERT : 0),
NULL
);
SSL_CTX_set_verify_depth(s->ssl_ctx, s->ssl_verifyclient_depth);
}
if (SSL_CTX_use_certificate(s->ssl_ctx, s->ssl_pemfile_x509) < 0) {
log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
return -1;
}
if (SSL_CTX_use_PrivateKey(s->ssl_ctx, s->ssl_pemfile_pkey) < 0) {
log_error_write(srv, __FILE__, __LINE__, "ssb", "SSL:",
ERR_error_string(ERR_get_error(), NULL), s->ssl_pemfile);
return -1;
}
if (SSL_CTX_check_private_key(s->ssl_ctx) != 1) {
log_error_write(srv, __FILE__, __LINE__, "sssb", "SSL:",
"Private key does not match the certificate public key, reason:",
ERR_error_string(ERR_get_error(), NULL),
s->ssl_pemfile);
return -1;
}
SSL_CTX_set_default_read_ahead(s->ssl_ctx, 1);
SSL_CTX_set_mode(s->ssl_ctx, SSL_CTX_get_mode(s->ssl_ctx) | SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
# ifndef OPENSSL_NO_TLSEXT
if (!SSL_CTX_set_tlsext_servername_callback(s->ssl_ctx, network_ssl_servername_callback) ||
!SSL_CTX_set_tlsext_servername_arg(s->ssl_ctx, srv)) {
log_error_write(srv, __FILE__, __LINE__, "ss", "SSL:",
"failed to initialize TLS servername callback, openssl library does not support TLS servername extension");
return -1;
}
# endif
}
#endif
b = buffer_init();
buffer_copy_buffer(b, srv->srvconf.bindhost);
buffer_append_string_len(b, CONST_STR_LEN(":"));
buffer_append_int(b, srv->srvconf.port);
if (0 != network_server_init(srv, b, srv->config_storage[0])) {
buffer_free(b);
return -1;
}
buffer_free(b);
#ifdef USE_OPENSSL
srv->network_ssl_backend_write = network_write_chunkqueue_openssl;
#endif
/* get a usefull default */
backend = network_backends[0].nb;
/* match name against known types */
if (!buffer_string_is_empty(srv->srvconf.network_backend)) {
for (i = 0; network_backends[i].name; i++) {
/**/
if (buffer_is_equal_string(srv->srvconf.network_backend, network_backends[i].name, strlen(network_backends[i].name))) {
backend = network_backends[i].nb;
break;
}
}
if (NULL == network_backends[i].name) {
/* we don't know it */
log_error_write(srv, __FILE__, __LINE__, "sb",
"server.network-backend has a unknown value:",
srv->srvconf.network_backend);
return -1;
}
}
switch(backend) {
case NETWORK_BACKEND_WRITE:
srv->network_backend_write = network_write_chunkqueue_write;
break;
#if defined(USE_WRITEV)
case NETWORK_BACKEND_WRITEV:
srv->network_backend_write = network_write_chunkqueue_writev;
break;
#endif
#if defined(USE_SENDFILE)
case NETWORK_BACKEND_SENDFILE:
srv->network_backend_write = network_write_chunkqueue_sendfile;
break;
#endif
default:
return -1;
}
/* check for $SERVER["socket"] */
for (i = 1; i < srv->config_context->used; i++) {
data_config *dc = (data_config *)srv->config_context->data[i];
specific_config *s = srv->config_storage[i];
/* not our stage */
if (COMP_SERVER_SOCKET != dc->comp) continue;
if (dc->cond != CONFIG_COND_EQ) continue;
/* check if we already know this socket,
* if yes, don't init it */
for (j = 0; j < srv->srv_sockets.used; j++) {
if (buffer_is_equal(srv->srv_sockets.ptr[j]->srv_token, dc->string)) {
break;
}
}
if (j == srv->srv_sockets.used) {
if (0 != network_server_init(srv, dc->string, s)) return -1;
}
}
return 0;
}
pn_ssl_domain_t *pn_ssl_domain( pn_ssl_mode_t mode )
{
if (!ssl_initialized) {
ssl_initialized = 1;
SSL_library_init();
SSL_load_error_strings();
OpenSSL_add_all_algorithms();
ssl_ex_data_index = SSL_get_ex_new_index( 0, (void *) "org.apache.qpid.proton.ssl",
NULL, NULL, NULL);
}
pn_ssl_domain_t *domain = (pn_ssl_domain_t *) calloc(1, sizeof(pn_ssl_domain_t));
if (!domain) return NULL;
domain->ref_count = 1;
domain->mode = mode;
switch(mode) {
case PN_SSL_MODE_CLIENT:
domain->ctx = SSL_CTX_new(TLSv1_client_method());
if (!domain->ctx) {
_log_ssl_error( "Unable to initialize OpenSSL context.\n");
free(domain);
return NULL;
}
break;
case PN_SSL_MODE_SERVER:
domain->ctx = SSL_CTX_new(SSLv23_server_method());
if (!domain->ctx) {
_log_ssl_error("Unable to initialize OpenSSL context.\n");
free(domain);
return NULL;
}
SSL_CTX_set_options(domain->ctx, SSL_OP_NO_SSLv2); // v2 is insecure
break;
default:
_log_error("Invalid valid for pn_ssl_mode_t: %d\n", mode);
free(domain);
return NULL;
}
// by default, allow anonymous ciphers so certificates are not required 'out of the box'
if (!SSL_CTX_set_cipher_list( domain->ctx, CIPHERS_ANONYMOUS )) {
_log_ssl_error("Failed to set cipher list to %s\n", CIPHERS_ANONYMOUS);
pn_ssl_domain_free(domain);
return NULL;
}
// ditto: by default do not authenticate the peer (can be done by SASL).
if (pn_ssl_domain_set_peer_authentication( domain, PN_SSL_ANONYMOUS_PEER, NULL )) {
pn_ssl_domain_free(domain);
return NULL;
}
DH *dh = get_dh2048();
if (dh) {
SSL_CTX_set_tmp_dh(domain->ctx, dh);
DH_free(dh);
SSL_CTX_set_options(domain->ctx, SSL_OP_SINGLE_DH_USE);
}
return domain;
}
//SSL_CTX* init_ssl_server_ctx(const SSL_METHOD* method, const char* server_cert, const char* server_priv_key, const char* dh_params, const char* ecdh_curve, const char* ecdsa_cert, const char* ecdsa_privkey, int check_client)
SSL_CTX* init_ssl_server_ctx(const SSL_METHOD* method, X509* server_cert, EVP_PKEY* server_priv_key, const char* dh_params, const char* ecdh_curve, X509* ecdsa_cert, EVP_PKEY* ecdsa_privkey, X509* root_cert)
{
SSL_CTX* ssl_ctx = 0;
DH* dh = 0;
EC_KEY* ecdh = 0;
FILE* param_file = 0;
X509_STORE* x509_store;
int nid;
//make ssl context
if (!(ssl_ctx = SSL_CTX_new(method)))
{
write_out(PRINT_ERROR, "Unable to initialize OpenSSL.");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
//disable renegotiation to ensure a fresh start
SSL_CTX_set_session_cache_mode(ssl_ctx, SSL_SESS_CACHE_OFF);
SSL_CTX_set_options(ssl_ctx, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION | SSL_OP_NO_TICKET);
if (server_cert && server_priv_key)
{
//load rsa certs
//if (SSL_CTX_use_certificate_file(ssl_ctx, server_cert, SSL_FILETYPE_PEM) != 1)
if (SSL_CTX_use_certificate(ssl_ctx, server_cert) != 1)
{
write_out(PRINT_ERROR, "Unable to load RSA certificate.");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
if (SSL_CTX_use_PrivateKey(ssl_ctx, server_priv_key) != 1)
{
write_out(PRINT_ERROR, "Unable to load RSA private key.");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
if (!SSL_CTX_check_private_key(ssl_ctx))
{
write_out(PRINT_ERROR, "RSA Certificate and private key do not match!");
goto error_die;
}
}
if (dh_params)
{
//load dh params
param_file = fopen(dh_params, "rb");
if (!param_file)
{
write_out(PRINT_ERROR, "DH Parameter file could not be read: %s", dh_params);
}
dh = PEM_read_DHparams(param_file, 0, 0, 0);
if (!dh)
{
write_out(PRINT_ERROR, "DH Parameters could not be loaded!");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
fclose(param_file);
param_file = 0;
if (SSL_CTX_set_tmp_dh(ssl_ctx, dh) != 1)
{
write_out(PRINT_ERROR, "DH Parameters could not be set!");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
DH_free(dh);
dh = 0;
}
if (ecdh_curve)
{
//load ecdh params
if ((nid = OBJ_sn2nid(ecdh_curve)) == NID_undef)
{
write_out(PRINT_ERROR, "Unable to find elliptic curve %s.", ecdh_curve);
goto error_die;
}
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0)
{
write_out(PRINT_ERROR, "Unable to create elliptic curve %s.", ecdh_curve);
goto error_die;
}
if (SSL_CTX_set_tmp_ecdh(ssl_ctx, ecdh) != 1)
{
write_out(PRINT_ERROR, "ECDH Parameters could not be set!");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
EC_KEY_free(ecdh);
ecdh = 0;
}
if (ecdsa_cert && ecdsa_privkey)
{
//load ecdsa certs
//if (SSL_CTX_use_certificate_file(ssl_ctx, ecdsa_cert, SSL_FILETYPE_PEM) != 1)
if (SSL_CTX_use_certificate(ssl_ctx, ecdsa_cert) != 1)
{
write_out(PRINT_ERROR, "Unable to load ECDSA certificate.");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
//if (SSL_CTX_use_PrivateKey_file(ssl_ctx, ecdsa_privkey, SSL_FILETYPE_PEM) != 1)
if (SSL_CTX_use_PrivateKey(ssl_ctx, ecdsa_privkey) != 1)
{
write_out(PRINT_ERROR, "Unable to load ECDSA private key.");
write_raise_level();
print_ssl_error_stack(PRINT_ERROR);
write_lower_level();
goto error_die;
}
if (!SSL_CTX_check_private_key(ssl_ctx))
{
write_out(PRINT_ERROR, "ECDSA Certificate and private key do not match!");
goto error_die;
}
}
//setup the root_cert for verification
if (root_cert)
{
x509_store = SSL_CTX_get_cert_store(ssl_ctx);
X509_STORE_add_cert(x509_store, root_cert);
}
return ssl_ctx;
error_die:
if (ssl_ctx)
SSL_CTX_free(ssl_ctx);
if (param_file)
fclose(param_file);
if (dh)
DH_free(dh);
if (ecdh)
EC_KEY_free(ecdh);
return 0;
}
/** Initialize the SSL context.
* \return pointer to SSL context object.
*/
SSL_CTX *
ssl_init(char *private_key_file, char *ca_file, char *ca_dir,
int req_client_cert)
{
const SSL_METHOD
*meth; /* If this const gives you a warning, you're
using an old version of OpenSSL. Walker, this means you! */
/* uint8_t context[128]; */
unsigned int reps = 1;
pcg32_random_t rand_state;
uint64_t seeds[2];
bool seeded = false;
if (!bio_err) {
if (!SSL_library_init())
return NULL;
SSL_load_error_strings();
/* Error write context */
bio_err = BIO_new_fp(stderr, BIO_NOCLOSE);
}
lock_file(stderr);
fputs("Seeding OpenSSL random number pool.\n", stderr);
unlock_file(stderr);
while (!RAND_status()) {
/* At this point, a system with /dev/urandom or a EGD file in the usual
places will have enough entropy. Otherwise, be lazy and use random
numbers until it's satisfied. */
uint32_t gibberish[8];
int n;
if (!seeded) {
generate_seed(seeds);
pcg32_srandom_r(&rand_state, seeds[0], seeds[1]);
seeded = 1;
}
for (n = 0; n < 8; n++)
gibberish[n] = pcg32_random_r(&rand_state);
RAND_seed(gibberish, sizeof gibberish);
reps += 1;
}
lock_file(stderr);
fprintf(stderr, "Seeded after %u %s.\n", reps, reps > 1 ? "cycles" : "cycle");
unlock_file(stderr);
/* Set up SIGPIPE handler here? */
/* Create context */
#if OPENSSL_VERSION_NUMBER >= 0x10100000L
meth = TLS_server_method();
#else
meth = SSLv23_server_method();
#endif
ctx = SSL_CTX_new(meth);
SSL_CTX_set_options(ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
/* Load keys/certs */
if (private_key_file && *private_key_file) {
if (!SSL_CTX_use_certificate_chain_file(ctx, private_key_file)) {
ssl_errordump("Unable to load server certificate - only anonymous "
"ciphers supported.");
}
if (!SSL_CTX_use_PrivateKey_file(ctx, private_key_file, SSL_FILETYPE_PEM)) {
ssl_errordump(
"Unable to load private key - only anonymous ciphers supported.");
}
}
/* Load trusted CAs */
if ((ca_file && *ca_file) || (ca_dir && *ca_dir)) {
if (!SSL_CTX_load_verify_locations(ctx,
(ca_file && *ca_file) ? ca_file : NULL,
(ca_dir && *ca_dir) ? ca_dir : NULL)) {
ssl_errordump("Unable to load CA certificates");
}
{
STACK_OF(X509_NAME) *certs = NULL;
if (ca_file && *ca_file)
certs = SSL_load_client_CA_file(ca_file);
if (certs)
SSL_CTX_set_client_CA_list(ctx, certs);
if (req_client_cert)
SSL_CTX_set_verify(ctx,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
client_verify_callback);
else
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, client_verify_callback);
#if (OPENSSL_VERSION_NUMBER < 0x0090600fL)
SSL_CTX_set_verify_depth(ctx, 1);
#endif
}
}
SSL_CTX_set_options(ctx, SSL_OP_SINGLE_DH_USE | SSL_OP_ALL);
SSL_CTX_set_mode(ctx, SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
/* Set up DH key */
{
DH *dh;
dh = get_dh2048();
SSL_CTX_set_tmp_dh(ctx, dh);
DH_free(dh);
}
#ifdef NID_X9_62_prime256v1
/* Set up ECDH key */
{
EC_KEY *ecdh = NULL;
ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
EC_KEY_free(ecdh);
}
#endif
/* Set the cipher list to the usual default list, except that
* we'll allow anonymous diffie-hellman, too.
*/
SSL_CTX_set_cipher_list(ctx, "ALL:ECDH:ADH:!LOW:!MEDIUM:@STRENGTH");
/* Set up session cache if we can */
/*
strncpy((char *) context, MUDNAME, 128);
SSL_CTX_set_session_id_context(ctx, context, strlen(context));
*/
return ctx;
}
static int openssl_ssl_ctx_set_tmp(lua_State *L)
{
SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx");
static const char* which[] =
{
"dh",
"rsa",
"ecdh",
NULL
};
int nwhich = luaL_checkoption(L, 2, NULL, which);
int ret = 0;
if (lua_isfunction(L, 3))
{
lua_pushvalue(L, 3);
ret = 1;
switch (nwhich)
{
case 0:
openssl_setvalue(L, ctx, "tmp_dh_callback");
SSL_CTX_set_tmp_dh_callback(ctx, tmp_dh_callback);
break;
case 1:
openssl_setvalue(L, ctx, "tmp_rsa_callback");
SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_callback);
break;
case 2:
{
luaL_argcheck(L, lua_isstring(L, 4), 4, "must supply curve name");
openssl_setvalue(L, ctx, "tmp_ecdh_callback");
SSL_CTX_set_tmp_ecdh_callback(ctx, tmp_ecdh_callback);
lua_pushvalue(L, 4);
openssl_setvalue(L, ctx, "curve");
}
break;
}
}
else if (lua_isstring(L, 3))
{
BIO* bio = load_bio_object(L, 3);
switch (nwhich)
{
case 0:
{
DH* dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
if (dh)
ret = SSL_CTX_set_tmp_dh(ctx, dh);
else
luaL_error(L, "generate new tmp dh fail");
}
break;
case 1:
{
RSA* rsa = PEM_read_bio_RSAPrivateKey(bio, NULL, NULL, NULL);
if (rsa)
ret = SSL_CTX_set_tmp_rsa(ctx, rsa);
else
luaL_error(L, "generate new tmp rsa fail");
}
break;
case 2:
{
int nid = NID_undef;
EC_KEY* ec = PEM_read_bio_ECPrivateKey(bio, NULL, NULL, NULL);
if (ec == NULL)
{
nid = OBJ_txt2nid(lua_tostring(L, 3));
if (nid != NID_undef)
ec = EC_KEY_new_by_curve_name(nid);
}
if (ec)
ret = SSL_CTX_set_tmp_ecdh(ctx, ec);
else
luaL_error(L, "generate new tmp ec_key fail");
}
break;
}
BIO_free(bio);
}
else if (lua_isuserdata(L, 3))
{
luaL_argerror(L, 3, "userdata arg NYI");
}
else
luaL_argerror(L, 3, "should be tmp key callback function or pem string or key object");
return openssl_pushresult(L, ret);
}
SSL_CTX *uwsgi_ssl_new_server_context(char *name, char *crt, char *key, char *ciphers, char *client_ca) {
SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
if (!ctx) {
uwsgi_log("[uwsgi-ssl] unable to initialize context \"%s\"\n", name);
return NULL;
}
// this part is taken from nginx and stud, removing unneeded functionality
// stud (for me) has made the best choice on choosing DH approach
long ssloptions = SSL_OP_NO_SSLv2 | SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
// disable compression (if possibile)
#ifdef SSL_OP_NO_COMPRESSION
ssloptions |= SSL_OP_NO_COMPRESSION;
#endif
// release/reuse buffers as soon as possibile
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
if (SSL_CTX_use_certificate_chain_file(ctx, crt) <= 0) {
uwsgi_log("[uwsgi-ssl] unable to assign certificate %s for context \"%s\"\n", crt, name);
SSL_CTX_free(ctx);
return NULL;
}
// this part is based from stud
BIO *bio = BIO_new_file(crt, "r");
if (bio) {
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (dh) {
SSL_CTX_set_tmp_dh(ctx, dh);
DH_free(dh);
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
#ifdef NID_X9_62_prime256v1
EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
EC_KEY_free(ecdh);
#endif
#endif
#endif
}
}
if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0) {
uwsgi_log("[uwsgi-ssl] unable to assign key %s for context \"%s\"\n", key, name);
SSL_CTX_free(ctx);
return NULL;
}
// if ciphers are specified, prefer server ciphers
if (ciphers && strlen(ciphers) > 0) {
if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) {
uwsgi_log("[uwsgi-ssl] unable to set requested ciphers (%s) for context \"%s\"\n", ciphers, name);
SSL_CTX_free(ctx);
return NULL;
}
ssloptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
}
// set session context (if possibile), this is required for client certificate authentication
if (name) {
SSL_CTX_set_session_id_context(ctx, (unsigned char *) name, strlen(name));
}
if (client_ca) {
if (client_ca[0] == '!') {
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, uwsgi_ssl_verify_callback);
client_ca++;
}
else {
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, uwsgi_ssl_verify_callback);
}
// in the future we should allow to set the verify depth
SSL_CTX_set_verify_depth(ctx, 1);
if (SSL_CTX_load_verify_locations(ctx, client_ca, NULL) == 0) {
uwsgi_log("[uwsgi-ssl] unable to set ssl verify locations (%s) for context \"%s\"\n", client_ca, name);
SSL_CTX_free(ctx);
return NULL;
}
STACK_OF(X509_NAME) * list = SSL_load_client_CA_file(client_ca);
if (!list) {
uwsgi_log("unable to load client CA certificate (%s) for context \"%s\"\n", client_ca, name);
SSL_CTX_free(ctx);
return NULL;
}
SSL_CTX_set_client_CA_list(ctx, list);
}
SSL_CTX_set_info_callback(ctx, uwsgi_ssl_info_cb);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
SSL_CTX_set_tlsext_servername_callback(ctx, uwsgi_sni_cb);
#endif
// disable session caching by default
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
if (uwsgi.ssl_sessions_use_cache) {
// we need to early initialize locking and caching
uwsgi_setup_locking();
uwsgi_cache_create_all();
uwsgi.ssl_sessions_cache = uwsgi_cache_by_name(uwsgi.ssl_sessions_use_cache);
if (!uwsgi.ssl_sessions_cache) {
// check for default cache
if (!strcmp(uwsgi.ssl_sessions_use_cache, "true") && uwsgi.caches) {
uwsgi.ssl_sessions_cache = uwsgi.caches;
}
else {
uwsgi_log("unable to find cache \"%s\"\n", uwsgi.ssl_sessions_use_cache ? uwsgi.ssl_sessions_use_cache : "default");
exit(1);
}
}
if (!uwsgi.ssl_sessions_cache->max_items) {
uwsgi_log("you have to enable uWSGI cache to use it as SSL session store !!!\n");
exit(1);
}
if (uwsgi.ssl_sessions_cache->blocksize < 4096) {
uwsgi_log("cache blocksize for SSL session store must be at least 4096 bytes\n");
exit(1);
}
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER|
SSL_SESS_CACHE_NO_INTERNAL|
SSL_SESS_CACHE_NO_AUTO_CLEAR);
#ifdef SSL_OP_NO_TICKET
ssloptions |= SSL_OP_NO_TICKET;
#endif
// just for fun
SSL_CTX_sess_set_cache_size(ctx, 0);
// set the callback for ssl sessions
SSL_CTX_sess_set_new_cb(ctx, uwsgi_ssl_session_new_cb);
SSL_CTX_sess_set_get_cb(ctx, uwsgi_ssl_session_get_cb);
SSL_CTX_sess_set_remove_cb(ctx, uwsgi_ssl_session_remove_cb);
}
SSL_CTX_set_timeout(ctx, uwsgi.ssl_sessions_timeout);
SSL_CTX_set_options(ctx, ssloptions);
return ctx;
}
/*
* Create a new TLS_CONTEXT instance.
*
* Returns: Pointer to TLS_CONTEXT instance on success
* NULL on failure;
*/
TLS_CONTEXT *new_tls_context(const char *ca_certfile,
const char *ca_certdir,
const char *crlfile,
const char *certfile,
const char *keyfile,
CRYPTO_PEM_PASSWD_CB *pem_callback,
const void *pem_userdata,
const char *dhfile,
bool verify_peer)
{
TLS_CONTEXT *ctx;
BIO *bio;
DH *dh;
ctx = (TLS_CONTEXT *)malloc(sizeof(TLS_CONTEXT));
/*
* Allocate our OpenSSL TLSv1 Context
*/
ctx->openssl = SSL_CTX_new(TLSv1_method());
if (!ctx->openssl) {
openssl_post_errors(M_FATAL, _("Error initializing SSL context"));
goto err;
}
/*
* Set up pem encryption callback
*/
if (pem_callback) {
ctx->pem_callback = pem_callback;
ctx->pem_userdata = pem_userdata;
} else {
ctx->pem_callback = crypto_default_pem_callback;
ctx->pem_userdata = NULL;
}
ctx->verify_peer = verify_peer;
SSL_CTX_set_default_passwd_cb(ctx->openssl, tls_pem_callback_dispatch);
SSL_CTX_set_default_passwd_cb_userdata(ctx->openssl, (void *) ctx);
/*
* Set certificate verification paths. This requires that at least one value be non-NULL
*/
if (ca_certfile || ca_certdir) {
if (!SSL_CTX_load_verify_locations(ctx->openssl, ca_certfile, ca_certdir)) {
openssl_post_errors(M_FATAL, _("Error loading certificate verification stores"));
goto err;
}
} else if (verify_peer) {
/* At least one CA is required for peer verification */
Jmsg0(NULL, M_ERROR, 0, _("Either a certificate file or a directory must be"
" specified as a verification store\n"));
goto err;
}
#if (OPENSSL_VERSION_NUMBER >= 0x00907000L)
/*
* Set certificate revocation list.
*/
if (crlfile) {
X509_STORE *store;
X509_LOOKUP *lookup;
store = SSL_CTX_get_cert_store(ctx->openssl);
if (!store) {
openssl_post_errors(M_FATAL, _("Error loading revocation list file"));
goto err;
}
lookup = X509_STORE_add_lookup(store, X509_LOOKUP_crl_reloader());
if (!lookup) {
openssl_post_errors(M_FATAL, _("Error loading revocation list file"));
goto err;
}
if (!load_new_crl_file(lookup, (char *)crlfile)) {
openssl_post_errors(M_FATAL, _("Error loading revocation list file"));
goto err;
}
X509_STORE_set_flags(store, X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL);
}
#endif
/*
* Load our certificate file, if available. This file may also contain a
* private key, though this usage is somewhat unusual.
*/
if (certfile) {
if (!SSL_CTX_use_certificate_chain_file(ctx->openssl, certfile)) {
openssl_post_errors(M_FATAL, _("Error loading certificate file"));
goto err;
}
}
/*
* Load our private key.
*/
if (keyfile) {
if (!SSL_CTX_use_PrivateKey_file(ctx->openssl, keyfile, SSL_FILETYPE_PEM)) {
openssl_post_errors(M_FATAL, _("Error loading private key"));
goto err;
}
}
/*
* Load Diffie-Hellman Parameters.
*/
if (dhfile) {
if (!(bio = BIO_new_file(dhfile, "r"))) {
openssl_post_errors(M_FATAL, _("Unable to open DH parameters file"));
goto err;
}
dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (!dh) {
openssl_post_errors(M_FATAL, _("Unable to load DH parameters from specified file"));
goto err;
}
if (!SSL_CTX_set_tmp_dh(ctx->openssl, dh)) {
openssl_post_errors(M_FATAL, _("Failed to set TLS Diffie-Hellman parameters"));
DH_free(dh);
goto err;
}
/*
* Enable Single-Use DH for Ephemeral Keying
*/
SSL_CTX_set_options(ctx->openssl, SSL_OP_SINGLE_DH_USE);
}
if (SSL_CTX_set_cipher_list(ctx->openssl, TLS_DEFAULT_CIPHERS) != 1) {
Jmsg0(NULL, M_ERROR, 0,
_("Error setting cipher list, no valid ciphers available\n"));
goto err;
}
/*
* Verify Peer Certificate
*/
if (verify_peer) {
/*
* SSL_VERIFY_FAIL_IF_NO_PEER_CERT has no effect in client mode
*/
SSL_CTX_set_verify(ctx->openssl,
SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
openssl_verify_peer);
} else {
SSL_CTX_set_verify(ctx->openssl,
SSL_VERIFY_NONE,
NULL);
}
return ctx;
err:
/*
* Clean up after ourselves
*/
if (ctx->openssl) {
SSL_CTX_free(ctx->openssl);
}
free(ctx);
return NULL;
}
/* デフォルトの証明書は 自分:/usr/local/ct/cert/tn.pem 認証局:/usr/local/ct/cert/root.pem */
int kTLSInitialize(int sessionMode,int initialmode,int timeout,char *passwd,char *rootPEM,char *myPEM,
char *dhPEM,int version,int nagle,int clientveri,int tmprsa,char *enc)
{
BIO *bio;
SSL_METHOD *meth;
RSA *rsa;
DH *dh=0;
struct stat tmp;
/* Nagleアルゴリズムの無効化フラグの保存 */
NagleFlag=nagle;
if(TLSctx){
/* 強制初期化モードがある場合 */
if(initialmode){
TLSClose(NULL,0);
kLogWrite(L_TLS, "%s: TLS ReInitialize", __FUNCTION__);
}
else
return RETURN_OK;
}
/* パラメータの取得 */
timeout = timeout<=0 ? SESSION_TIMEOUT : timeout;
TLSSessionMode = sessionMode;
kLogWrite(L_TLS,"%s: Session cache mode : %s Session timeout : %d(s)",__FUNCTION__,sessionMode?"Enable":"Disable",timeout);
rootPEM = (rootPEM && rootPEM[0]) ? rootPEM : ROOT_PEM;
myPEM = (myPEM && myPEM[0]) ? myPEM : MY_PEM;
dhPEM = (dhPEM && dhPEM[0]) ? dhPEM : DHFILE1024;
strcpy(TLSPasswd,(passwd && passwd[0]) ? passwd : PASSWORD);
if(lstat(rootPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,rootPEM);
return(RETURN_NG);
}
if(lstat(myPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,myPEM);
return(RETURN_NG);
}
if(lstat(dhPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,dhPEM);
return(RETURN_NG);
}
/* SSLライブラリの初期化 */
if(!SSL_library_init()){
kLogWrite(L_ERROR, "%s: OpenSSL initialization failed!",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_library_init OK",__FUNCTION__);
/* エラーメッセージの視覚化 */
SSL_load_error_strings();
RAND_load_file("/dev/urandom", 1024);
kLogWrite(L_TLS,"%s: RAND_load_file OK",__FUNCTION__);
/* SSL_METHODオブジェクトの取得 */
if(version == 2)
meth=SSLv2_method();
else if(version == 3)
meth=SSLv3_method();
else if(version == 1)
meth=TLSv1_method();
else if(version == 23)
meth=SSLv23_method();
else
meth=TLSv1_method();
kLogWrite(L_TLS,"%s: SSL verion [%d] 2:SSLv2 23:SSLv23 3:SSLv3 1:TLSv1",__FUNCTION__,version);
/* SSL_CTXオブジェクトの取得 */
TLSctx=SSL_CTX_new(meth);
kLogWrite(L_TLS,"%s: SSL_CTX_new OK",__FUNCTION__);
/* SSL_CTXオブジェクトに証明書と秘密鍵を同時にロードする */
if(!(SSL_CTX_use_certificate_file(TLSctx,myPEM,SSL_FILETYPE_PEM))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read certificate file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_use_certificate_file[%s] OK",__FUNCTION__,myPEM);
/* パスフレーズのコールバック関数を登録する */
SSL_CTX_set_default_passwd_cb(TLSctx,password_cb);
if(!(SSL_CTX_use_PrivateKey_file(TLSctx,myPEM,SSL_FILETYPE_PEM))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read key file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_use_PrivateKey_file[%s] OK",__FUNCTION__,myPEM);
/* SSL_CTXオブジェクトに信頼できるCA証明書をロードする */
if(!(SSL_CTX_load_verify_locations(TLSctx,rootPEM,0))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read CA list",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_load_verify_locations[%s] OK",__FUNCTION__,rootPEM);
/* 認証コールバック関数の登録 */
/* Server Key Exchange オプションを付与する (クライアント認証を行う) */
kLogWrite(L_TLS,"%s: Server Key Exchange option : %s",__FUNCTION__,clientveri?"Enable":"Disable");
SSL_CTX_set_verify(TLSctx, clientveri?SSL_VERIFY_PEER:SSL_VERIFY_NONE,VerifyCallback);
kLogWrite(L_TLS,"%s: SSL_CTX_set_verify[%s] OK",__FUNCTION__,clientveri?"PEER":"NONE");
/* 信頼できる証明書に到達するまでのチェーンの回数を指定する */
/* SSL_CTX_set_verify_depth(TLSctx,1); */
/* SSLv2を選択不可にする */
if(version != 2 && version != 23){
SSL_CTX_set_options(TLSctx,SSL_OP_NO_SSLv2);
kLogWrite(L_TLS,"%s: SSL_CTX_set_options NO_SSLv2",__FUNCTION__);
}
/* Certificate Request オプションを付与する (一時的RSAを使う ) */
kLogWrite(L_TLS,"%s: Certificate Request option : %s",__FUNCTION__,tmprsa?"Enable":"Disable");
if(tmprsa){
/* BIOオブジェクトを使ってファイルをオープンする */
if ((bio=BIO_new_file(dhPEM,"r")) == NULL){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't open DH file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: BIO_new_file[%s] OK",__FUNCTION__,dhPEM);
/* DHパラメータを読み込む */
dh=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
kLogWrite(L_TLS,"%s: PEM_read_bio_DHparams[%s] OK",__FUNCTION__,dhPEM);
/* ファイルをクローズする */
BIO_free(bio);
/* DHパラメータをCTXオブジェクトにロードする */
if(SSL_CTX_set_tmp_dh(TLSctx,dh)<0){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't set DH parameters",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_set_tmp_dh OK",__FUNCTION__);
}
/* 暗号スイートの選択 */
if(enc && enc[0]){
kLogWrite(L_TLS,"%s: Encrypt suit specified",__FUNCTION__);
if(SSL_CTX_set_cipher_list(TLSctx,enc))
kLogWrite(L_TLS,"%s: SSL_CTX_set_cipher_list[%s] OK",__FUNCTION__,enc);
else
kLogWrite(L_TLS,"%s: SSL_CTX_set_cipher_list[%s] invalid",__FUNCTION__,enc);
}
/* RSA鍵のペアを生成する */
rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
kLogWrite(L_TLS,"%s: RSA_generate_key OK",__FUNCTION__);
/* RSA鍵をCTXオブジェクトにロードする */
if (!SSL_CTX_set_tmp_rsa(TLSctx,rsa)){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't set RSA key", __FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_set_tmp_rsa OK",__FUNCTION__);
RSA_free(rsa);
/* セッションキャッシュを有効モードに設定する */
SSL_CTX_set_session_id_context(TLSctx,(void*)&TLSServerSessionIdContext, sizeof(TLSServerSessionIdContext));
kLogWrite(L_TLS,"%s: SSL_CTX_set_session_id_context OK", __FUNCTION__);
/* セッション削除時のコールバック設定 */
SSL_CTX_sess_set_remove_cb(TLSctx,remove_session_cb);
SSL_CTX_set_timeout(TLSctx,timeout);
kLogWrite(L_TLS,"%s: Nagle algorithm : %s",__FUNCTION__,NagleFlag?"Enable":"Disable");
return(RETURN_OK);
}
/*
TODO:
Add option --verify to mysqld to be able to change verification mode
*/
struct st_VioSSLAcceptorFd*
new_VioSSLAcceptorFd(const char *key_file,
const char *cert_file,
const char *ca_file,
const char *ca_path,
const char *cipher)
{
int verify = (SSL_VERIFY_PEER |
SSL_VERIFY_CLIENT_ONCE);
struct st_VioSSLAcceptorFd* ptr;
int result;
DH *dh;
DBUG_ENTER("new_VioSSLAcceptorFd");
ptr= ((struct st_VioSSLAcceptorFd*)
my_malloc(sizeof(struct st_VioSSLAcceptorFd),MYF(0)));
ptr->ssl_context=0;
ptr->ssl_method=0;
/* FIXME: constants! */
ptr->session_id_context= ptr;
if (!ssl_algorithms_added)
{
DBUG_PRINT("info", ("todo: OpenSSL_add_all_algorithms()"));
ssl_algorithms_added = TRUE;
SSL_library_init();
OpenSSL_add_all_algorithms();
}
#ifdef __NETWARE__
netware_ssl_init();
#endif
if (!ssl_error_strings_loaded)
{
DBUG_PRINT("info", ("todo: SSL_load_error_strings()"));
ssl_error_strings_loaded = TRUE;
SSL_load_error_strings();
}
ptr->ssl_method= TLSv1_server_method();
ptr->ssl_context= SSL_CTX_new(ptr->ssl_method);
if (ptr->ssl_context == 0)
{
DBUG_PRINT("error", ("SSL_CTX_new failed"));
report_errors();
goto ctor_failure;
}
if (cipher)
{
result=SSL_CTX_set_cipher_list(ptr->ssl_context, cipher);
DBUG_PRINT("info",("SSL_set_cipher_list() returned %d",result));
}
/* SSL_CTX_set_quiet_shutdown(ctx,1); */
SSL_CTX_sess_set_cache_size(ptr->ssl_context,128);
/* DH? */
SSL_CTX_set_verify(ptr->ssl_context, verify, vio_verify_callback);
SSL_CTX_set_session_id_context(ptr->ssl_context,
(const uchar*) &(ptr->session_id_context),
sizeof(ptr->session_id_context));
/*
SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(CAfile));
*/
if (vio_set_cert_stuff(ptr->ssl_context, cert_file, key_file) == -1)
{
DBUG_PRINT("error", ("vio_set_cert_stuff failed"));
report_errors();
goto ctor_failure;
}
if (SSL_CTX_load_verify_locations( ptr->ssl_context, ca_file, ca_path) == 0)
{
DBUG_PRINT("warning", ("SSL_CTX_load_verify_locations failed"));
if (SSL_CTX_set_default_verify_paths(ptr->ssl_context)==0)
{
DBUG_PRINT("error", ("SSL_CTX_set_default_verify_paths failed"));
report_errors();
goto ctor_failure;
}
}
/* DH stuff */
dh=get_dh512();
SSL_CTX_set_tmp_dh(ptr->ssl_context,dh);
DH_free(dh);
DBUG_RETURN(ptr);
ctor_failure:
DBUG_PRINT("exit", ("there was an error"));
my_free((gptr) ptr,MYF(0));
DBUG_RETURN(0);
}
SSL_CTX *
tls_server_setup( int authlevel, const char *caFile,
const char *caDir, const char *cert, const char *privatekey,
const char *ciphers )
{
SSL_CTX *ssl_ctx;
int ssl_mode = 0;
static unsigned char dh4096_p[ ] = {
0x91, 0x6B, 0xA1, 0x6D, 0xC7, 0xE7, 0x1C, 0x21, 0x69, 0xCE, 0x7C, 0x3D,
0x72, 0x28, 0x01, 0x56, 0xAE, 0x71, 0xFE, 0xEF, 0x29, 0x4B, 0xDC, 0xD1,
0x23, 0x37, 0x9E, 0xA5, 0x80, 0x45, 0xEF, 0x51, 0x7A, 0x65, 0x77, 0x41,
0x90, 0x5D, 0xEA, 0xAB, 0x52, 0x39, 0xF0, 0xE1, 0xA9, 0x77, 0xA1, 0xCD,
0x14, 0xB1, 0x8B, 0x07, 0x4F, 0xC5, 0x44, 0xD9, 0x2F, 0x7A, 0x74, 0xFD,
0xBB, 0xEA, 0x6C, 0x4A, 0x22, 0xD0, 0x78, 0xCA, 0xCF, 0x51, 0x04, 0x0E,
0x88, 0x44, 0x65, 0x41, 0xD9, 0x10, 0x6A, 0x11, 0x66, 0x21, 0x0E, 0xE7,
0x9B, 0x39, 0x36, 0xF6, 0x59, 0x15, 0x83, 0xFB, 0x57, 0x51, 0x02, 0xE2,
0x95, 0xBE, 0x85, 0xDA, 0x78, 0x40, 0xC1, 0x9A, 0x0A, 0xE6, 0x43, 0x95,
0xD8, 0x7A, 0x30, 0x50, 0x15, 0x9F, 0x37, 0x5E, 0xAA, 0x27, 0x50, 0xA4,
0x15, 0x1C, 0x6E, 0xFE, 0x3B, 0xA5, 0xD9, 0xF6, 0x0F, 0xE3, 0xA5, 0xFF,
0xE7, 0xDA, 0xD9, 0x68, 0x64, 0x40, 0xF3, 0x54, 0x32, 0x84, 0xF3, 0x12,
0xC4, 0xD3, 0x77, 0x25, 0x00, 0x60, 0x0D, 0x95, 0xEA, 0x16, 0xE0, 0x51,
0x91, 0x8F, 0xF4, 0x40, 0x1B, 0x8A, 0x2D, 0x84, 0x0E, 0xAC, 0x53, 0x58,
0x08, 0x4E, 0x52, 0xC8, 0xE4, 0x6E, 0xA1, 0xCB, 0xA6, 0xF8, 0x3B, 0xE0,
0x1F, 0x35, 0xA6, 0x37, 0x6A, 0x62, 0x61, 0xDE, 0x6D, 0x5A, 0x70, 0x70,
0x71, 0xC9, 0x24, 0x41, 0x70, 0x7C, 0xCD, 0x3F, 0xD9, 0x38, 0xDB, 0x7B,
0x26, 0xFA, 0xB5, 0x6B, 0xAC, 0xF0, 0x2D, 0x45, 0xD8, 0x55, 0x68, 0xCB,
0x89, 0x04, 0x1F, 0xA0, 0xAD, 0x6F, 0xCB, 0x05, 0x04, 0xB3, 0x26, 0xF4,
0x53, 0x02, 0x9E, 0xB8, 0x76, 0x8D, 0xC6, 0xE8, 0x12, 0x24, 0x38, 0x4E,
0x46, 0x27, 0x30, 0xAE, 0x55, 0x1A, 0xD0, 0xDB, 0xCE, 0x4C, 0x35, 0xFA,
0x7D, 0x9D, 0x40, 0x3E, 0x66, 0x7A, 0xBA, 0xEA, 0x78, 0x6C, 0x6E, 0x47,
0x81, 0xBD, 0xB0, 0x57, 0x5D, 0x1C, 0x94, 0xCC, 0x4F, 0x08, 0xF3, 0x5E,
0xB1, 0x6E, 0x0B, 0xD5, 0x55, 0x45, 0x3F, 0x8B, 0xFD, 0x01, 0x4E, 0x01,
0x21, 0x34, 0x20, 0xA8, 0x49, 0xB0, 0x75, 0x40, 0xB4, 0x55, 0x17, 0x3A,
0x55, 0x1E, 0xBA, 0xF2, 0x31, 0x1D, 0x89, 0x81, 0x7A, 0xB3, 0x87, 0xC9,
0xFB, 0xBB, 0x8A, 0x26, 0x66, 0x99, 0x19, 0x7E, 0x3C, 0xB1, 0x6A, 0x9A,
0x4A, 0xDC, 0xE9, 0x3C, 0xF0, 0x7C, 0x29, 0xC9, 0xA1, 0xE1, 0x78, 0x3A,
0x73, 0x8F, 0xEF, 0x2B, 0x33, 0xDF, 0x0C, 0x53, 0xCE, 0x98, 0x91, 0x7C,
0xE3, 0xC9, 0xE2, 0x26, 0xD8, 0x2F, 0x1A, 0x69, 0xCA, 0xB8, 0x64, 0x3B,
0x43, 0x38, 0xBB, 0xFA, 0x89, 0x59, 0xE0, 0x3C, 0xDA, 0xED, 0x93, 0x65,
0x8B, 0x12, 0xED, 0xDB, 0x6F, 0x8F, 0xC5, 0xFE, 0x9C, 0xEB, 0x88, 0xD2,
0xAB, 0x89, 0xAF, 0xAF, 0x60, 0xFF, 0xFC, 0x40, 0x69, 0x3C, 0xD0, 0x22,
0x02, 0xB8, 0x2C, 0x1D, 0x9A, 0x26, 0x19, 0x33, 0xCB, 0x5A, 0x9D, 0x91,
0xDD, 0x05, 0x39, 0x68, 0xBA, 0x15, 0x2B, 0x14, 0xFD, 0x5D, 0xB8, 0x87,
0x90, 0xAF, 0xAA, 0x5F, 0x54, 0xC7, 0x43, 0x04, 0xF4, 0xE1, 0x49, 0x91,
0x42, 0x27, 0x23, 0xCC, 0x5A, 0xFC, 0xF1, 0xA6, 0x2A, 0x39, 0x19, 0xC1,
0x31, 0xBF, 0xE5, 0x89, 0x8C, 0x48, 0xA7, 0xCE, 0x0E, 0x67, 0x18, 0xA1,
0x07, 0x8E, 0xBD, 0xFE, 0x2A, 0x9F, 0xF0, 0xA3, 0x19, 0xAA, 0xBC, 0xD7,
0x6D, 0x43, 0x1C, 0x3D, 0x31, 0xBA, 0x9B, 0xD4, 0xF7, 0xDF, 0x2C, 0x7F,
0x37, 0x7B, 0xD9, 0x7B, 0xDE, 0x62, 0x5C, 0xDE, 0x21, 0x38, 0x4D, 0xB7,
0x4A, 0x45, 0x04, 0x7D, 0x76, 0x4A, 0x93, 0xFE, 0x8E, 0x49, 0x04, 0xD0,
0xAD, 0x99, 0xCD, 0xF0, 0x86, 0x24, 0x5E, 0x73, };
static unsigned char dh4096_g[ ] = { 0x02, };
DH *dh = NULL;
/* OpenSSL 1.1.0 added auto-init */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
SSL_load_error_strings();
SSL_library_init();
#endif /* OpenSSL < 1.1.0 */
if (( ssl_ctx = SSL_CTX_new( SSLv23_server_method())) == NULL ) {
syslog( LOG_ERR, "Liberror: tls_server_setup SSL_CTX_new: %s",
ERR_error_string( ERR_get_error(), NULL ));
return( NULL );
}
if (( dh = DH_new( )) == NULL ) {
syslog( LOG_ERR, "Liberror: tls_server_setup DH_new: %s",
ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
#if OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER)
if ( DH_set0_pqg( dh,
BN_bin2bn( dh4096_p, sizeof( dh4096_p ), NULL ),
NULL,
BN_bin2bn( dh4096_g, sizeof( dh4096_g ), NULL )) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup DH_set0_pqg: %s",
ERR_error_string( ERR_get_error(), NULL ));
}
#else
dh->p = BN_bin2bn( dh4096_p, sizeof( dh4096_p ), NULL );
dh->g = BN_bin2bn( dh4096_g, sizeof( dh4096_g ), NULL );
if (( dh->p == NULL ) || ( dh->g == NULL )) {
syslog( LOG_ERR, "Liberror: tls_server_setup BN_bin2bn: %s",
ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
#endif /* OpenSSL 1.1.0 */
if ( SSL_CTX_set_tmp_dh( ssl_ctx, dh ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup SSL_CTX_set_tmp_dh: %s",
ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
/* Disable SSLv2 and SSLv3, prefer server cipher ordering */
SSL_CTX_set_options( ssl_ctx,
SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 |
SSL_OP_CIPHER_SERVER_PREFERENCE );
if ( ciphers == NULL ) {
SSL_CTX_set_cipher_list( ssl_ctx,
"EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:"
"RSA+AES256:DH+CHACHA20:DH+AES128:DH+AES256:!MD5" );
} else {
SSL_CTX_set_cipher_list( ssl_ctx, ciphers );
}
if ( SSL_CTX_use_PrivateKey_file( ssl_ctx, privatekey,
SSL_FILETYPE_PEM ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup "
"SSL_CTX_use_PrivateKey_file: %s: %s",
privatekey, ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
if ( SSL_CTX_use_certificate_chain_file( ssl_ctx, cert ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup "
"SSL_CTX_use_certificate_chain_file: %s: %s",
cert, ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
/* Verify that private key matches cert */
if ( SSL_CTX_check_private_key( ssl_ctx ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup "
"SSL_CTX_check_private_key: %s",
ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
/* Load CA */
if ( caFile != NULL ) {
if ( SSL_CTX_load_verify_locations( ssl_ctx, caFile, NULL ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup "
"SSL_CTX_load_verify_locations: %s: %s",
caFile, ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
}
if ( caDir != NULL ) {
if ( SSL_CTX_load_verify_locations( ssl_ctx, NULL, caDir ) != 1 ) {
syslog( LOG_ERR, "Liberror: tls_server_setup "
"SSL_CTX_load_verify_locations: %s: %s",
caDir, ERR_error_string( ERR_get_error(), NULL ));
goto error;
}
}
/* Set level of security expecations */
if ( authlevel <= 1 ) {
ssl_mode = SSL_VERIFY_NONE;
} else {
/* authlevel == 2 */
ssl_mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
SSL_CTX_set_verify( ssl_ctx, ssl_mode, NULL );
#ifndef OPENSSL_NO_ECDH
/* Do not reuse the same ECDH key pair */
SSL_CTX_set_options(ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
#if defined(OPENSSL_IS_BORINGSSL) || (OPENSSL_VERSION_NUMBER >= 0x10100000L && !defined(LIBRESSL_VERSION_NUMBER))
/* OpenSSL >= 1.1.0 automatically enables automatic handling of parameter
* selection and makes SSL_CTX_set_ecdh_auto a noop, so we don't want
* to do anything.
*/
#elif OPENSSL_VERSION_NUMBER >= 0x10002000L
/* OpenSSL >= 1.0.2 automatically handles parameter selection */
SSL_CTX_set_ecdh_auto(ssl_ctx, 1);
#elif OPENSSL_VERSION_NUMBER >= 0x10000000L
/* Manually select the curve. This selection is compliant with RFC 6460
* when AES-256 cipher suites are in use, but noncompliant when AES-128
* cipher suites are used. Oh, well. */
EC_KEY *ecdh;
if (( ecdh = EC_KEY_new_by_curve_name( NID_secp384r1 )) != NULL ) {
SSL_CTX_set_tmp_ecdh(ssl_ctx, ecdh);
EC_KEY_free(ecdh);
} else {
syslog( LOG_ERR, "Liberror: tls_server_setup EC_KEY_new failed: %s",
ERR_error_string( ERR_get_error(), NULL ));
}
#endif /* openssl 1.0 - 1.0.1 */
#endif /* OPENSSL_NO_ECDH */
return( ssl_ctx );
error:
SSL_CTX_free( ssl_ctx );
if ( dh != NULL ) {
DH_free( dh );
}
return( NULL );
}
rb_ssl_ctx *
rb_setup_ssl_server(const char *cacert, const char *cert, const char *keyfile, const char *dhfile,
const char *ssl_cipher_list, const char *named_curve, rb_tls_ver_t tls_min_ver)
{
const char *libratbox_data = "libratbox tls session";
const char *ciphers = "kEECDH+HIGH:kEDH+HIGH:HIGH:!RC4:!aNULL";
unsigned long err;
rb_ssl_ctx *sctx;
long tls_opts;
sctx = rb_malloc(sizeof(rb_ssl_ctx));
sctx->refcount = 1;
sctx->ssl_ctx = SSL_CTX_new(SSLv23_server_method());
if(sctx->ssl_ctx == NULL)
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
ERR_error_string(ERR_get_error(), NULL));
rb_free(sctx);
return NULL;
}
tls_opts = SSL_CTX_get_options(sctx->ssl_ctx);
/* Disable SSLv2, make the client use our settings */
tls_opts |= SSL_OP_NO_SSLv2 | SSL_OP_NO_COMPRESSION | SSL_OP_CIPHER_SERVER_PREFERENCE;
switch(tls_min_ver)
{
case RB_TLS_VER_SSL3: /* we default to SSLv3..sadly */
break;
case RB_TLS_VER_TLS1:
#ifdef SSL_OP_NO_SSLv3
tls_opts |= SSL_OP_NO_SSLv3;
#endif
break;
case RB_TLS_VER_TLS1_1:
#ifdef SSL_OP_NO_TLSv1
tls_opts |= SSL_OP_NO_TLSv1;
#endif
break;
case RB_TLS_VER_TLS1_2:
#ifdef SSL_OP_NO_TLSv1
tls_opts |= SSL_OP_NO_TLSv1;
#endif
#ifdef SSL_OP_NO_TLSv1_1
tls_opts |= SSL_OP_NO_TLSv1_1;
#endif
break;
case RB_TLS_VER_LAST:
break;
}
#ifdef SSL_OP_SINGLE_DH_USE
tls_opts |= SSL_OP_SINGLE_DH_USE;
#endif
#ifdef SSL_OP_SINGLE_ECDH_USE
tls_opts |= SSL_OP_SINGLE_ECDH_USE;
#endif
#ifdef SSL_OP_NO_TICKET
tls_opts |= SSL_OP_NO_TICKET;
#endif
SSL_CTX_set_options(sctx->ssl_ctx, tls_opts);
if(ssl_cipher_list != NULL)
ciphers = ssl_cipher_list;
if(!SSL_CTX_set_cipher_list(sctx->ssl_ctx, ciphers))
{
rb_lib_log("rb_setup_ssl_server: Error setting ssl_cipher_list=\"%s\": %s",
ciphers, ERR_error_string(ERR_get_error(), NULL));
goto cleanup;;
}
if(cert == NULL)
{
rb_lib_log("rb_setup_ssl_server: No certificate file");
goto cleanup;
}
if(!SSL_CTX_use_certificate_chain_file(sctx->ssl_ctx, cert))
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", cert,
ERR_error_string(err, NULL));
goto cleanup;
}
if(cacert != NULL)
{
if (!SSL_CTX_load_verify_locations(sctx->ssl_ctx, cacert, NULL))
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading CA file [%s]: %s", cacert, ERR_error_string(err, NULL));
goto cleanup;
}
}
if(keyfile == NULL)
{
rb_lib_log("rb_setup_ssl_server: No key file");
goto cleanup;
}
if(!SSL_CTX_use_PrivateKey_file(sctx->ssl_ctx, keyfile, SSL_FILETYPE_PEM))
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading keyfile [%s]: %s", keyfile,
ERR_error_string(err, NULL));
goto cleanup;;
}
if(dhfile != NULL)
{
/* DH parameters aren't necessary, but they are nice..if they didn't pass one..that is their problem */
BIO *bio = BIO_new_file(dhfile, "r");
if(bio != NULL)
{
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
if(dh == NULL)
{
err = ERR_get_error();
rb_lib_log
("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, ERR_error_string(err, NULL));
BIO_free(bio);
goto cleanup;
}
BIO_free(bio);
SSL_CTX_set_tmp_dh(sctx->ssl_ctx, dh);
DH_free(dh);
}
else
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, ERR_error_string(err, NULL));
goto cleanup;
}
}
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
if(named_curve != NULL)
{
int nid;
EC_KEY *ecdh;
nid = OBJ_sn2nid(named_curve);
if(nid == 0)
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Unknown curve named [%s]: %s", named_curve, ERR_error_string(err, NULL));
goto cleanup;
}
ecdh = EC_KEY_new_by_curve_name(nid);
if(ecdh == NULL)
{
err = ERR_get_error();
rb_lib_log("rb_setup_ssl_server: Curve creation failed for [%s]: %s", named_curve, ERR_error_string(err, NULL));
goto cleanup;
}
SSL_CTX_set_options(sctx->ssl_ctx, SSL_OP_SINGLE_ECDH_USE);
SSL_CTX_set_tmp_ecdh(sctx->ssl_ctx, ecdh);
EC_KEY_free(ecdh);
}
#endif
#endif
SSL_CTX_set_verify(sctx->ssl_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, verify_accept_all_cb);
SSL_CTX_set_session_id_context(sctx->ssl_ctx, (const unsigned char *)libratbox_data, strlen(libratbox_data));
return sctx;
cleanup:
SSL_CTX_free(sctx->ssl_ctx);
rb_free(sctx);
return NULL;
}
int
rb_setup_ssl_server(const char *certfile, const char *keyfile, const char *dhfile, const char *cipher_list)
{
const char librb_ciphers[] = "kEECDH+HIGH:kEDH+HIGH:HIGH:!aNULL";
#ifdef LRB_HAVE_TLS_SET_CURVES
const char librb_curves[] = "P-521:P-384:P-256";
#endif
if(certfile == NULL)
{
rb_lib_log("rb_setup_ssl_server: No certificate file");
return 0;
}
if(keyfile == NULL)
keyfile = certfile;
if(cipher_list == NULL)
cipher_list = librb_ciphers;
if (ssl_server_ctx)
SSL_CTX_free(ssl_server_ctx);
if (ssl_client_ctx)
SSL_CTX_free(ssl_client_ctx);
#ifdef LRB_HAVE_TLS_METHOD_API
ssl_server_ctx = SSL_CTX_new(TLS_server_method());
ssl_client_ctx = SSL_CTX_new(TLS_client_method());
#else
ssl_server_ctx = SSL_CTX_new(SSLv23_server_method());
ssl_client_ctx = SSL_CTX_new(SSLv23_client_method());
#endif
if(ssl_server_ctx == NULL)
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL server context: %s",
get_ssl_error(ERR_get_error()));
return 0;
}
if(ssl_client_ctx == NULL)
{
rb_lib_log("rb_init_openssl: Unable to initialize OpenSSL client context: %s",
get_ssl_error(ERR_get_error()));
return 0;
}
#ifndef LRB_HAVE_TLS_METHOD_API
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
SSL_CTX_set_options(ssl_client_ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3);
#endif
#ifdef SSL_OP_SINGLE_DH_USE
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_SINGLE_DH_USE);
#endif
#ifdef SSL_OP_SINGLE_ECDH_USE
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_SINGLE_ECDH_USE);
#endif
#ifdef SSL_OP_NO_TICKET
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_NO_TICKET);
SSL_CTX_set_options(ssl_client_ctx, SSL_OP_NO_TICKET);
#endif
#ifdef SSL_OP_CIPHER_SERVER_PREFERENCE
SSL_CTX_set_options(ssl_server_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
SSL_CTX_set_verify(ssl_server_ctx, SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE, verify_accept_all_cb);
SSL_CTX_set_session_cache_mode(ssl_server_ctx, SSL_SESS_CACHE_OFF);
#ifdef LRB_HAVE_TLS_SET_CURVES
SSL_CTX_set1_curves_list(ssl_server_ctx, librb_curves);
#endif
#ifdef LRB_HAVE_TLS_ECDH_AUTO
SSL_CTX_set_ecdh_auto(ssl_server_ctx, 1);
#endif
/*
* Set manual ECDHE curve on OpenSSL 1.0.0 & 1.0.1, but make sure it's actually available
*/
#if (OPENSSL_VERSION_NUMBER >= 0x10000000L) && (OPENSSL_VERSION_NUMBER < 0x10002000L) && !defined(OPENSSL_NO_ECDH)
EC_KEY *key = EC_KEY_new_by_curve_name(NID_secp384r1);
if (key) {
SSL_CTX_set_tmp_ecdh(ssl_server_ctx, key);
EC_KEY_free(key);
}
#endif
SSL_CTX_set_cipher_list(ssl_server_ctx, cipher_list);
SSL_CTX_set_cipher_list(ssl_client_ctx, cipher_list);
if(!SSL_CTX_use_certificate_chain_file(ssl_server_ctx, certfile) || !SSL_CTX_use_certificate_chain_file(ssl_client_ctx, certfile))
{
rb_lib_log("rb_setup_ssl_server: Error loading certificate file [%s]: %s", certfile,
get_ssl_error(ERR_get_error()));
return 0;
}
if(!SSL_CTX_use_PrivateKey_file(ssl_server_ctx, keyfile, SSL_FILETYPE_PEM) || !SSL_CTX_use_PrivateKey_file(ssl_client_ctx, keyfile, SSL_FILETYPE_PEM))
{
rb_lib_log("rb_setup_ssl_server: Error loading keyfile [%s]: %s", keyfile,
get_ssl_error(ERR_get_error()));
return 0;
}
if(dhfile != NULL)
{
/* DH parameters aren't necessary, but they are nice..if they didn't pass one..that is their problem */
FILE *fp = fopen(dhfile, "r");
DH *dh = NULL;
if(fp == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, strerror(errno));
}
else if(PEM_read_DHparams(fp, &dh, NULL, NULL) == NULL)
{
rb_lib_log("rb_setup_ssl_server: Error loading DH params file [%s]: %s",
dhfile, get_ssl_error(ERR_get_error()));
fclose(fp);
}
else
{
SSL_CTX_set_tmp_dh(ssl_server_ctx, dh);
DH_free(dh);
fclose(fp);
}
}
return 1;
}
