gboolean
z_proxy_ssl_host_iface_check_name_method(ZProxyHostIface *s,
const gchar *host_name,
gchar *reason_buf, gsize reason_len)
{
ZProxySslHostIface *self = Z_CAST(s, ZProxySslHostIface);
gint ext_ndx;
gboolean found = FALSE, result = FALSE;
gchar pattern_buf[256];
if (self->hostname_checked)
return self->hostname_check_result;
pattern_buf[0] = 0;
ext_ndx = X509_get_ext_by_NID(self->server_cert, NID_subject_alt_name, -1);
if (ext_ndx >= 0)
{
/* ok, there's a subjectAltName extension, check that */
X509_EXTENSION *ext;
STACK_OF(GENERAL_NAME) *alt_names;
GENERAL_NAME *gen_name;
ext = X509_get_ext(self->server_cert, ext_ndx);
alt_names = X509V3_EXT_d2i(ext);
if (alt_names)
{
gint num, i;
num = sk_GENERAL_NAME_num(alt_names);
for (i = 0; i < num; i++)
{
gen_name = sk_GENERAL_NAME_value(alt_names, i);
if (gen_name->type == GEN_DNS)
{
guchar *dnsname = ASN1_STRING_data(gen_name->d.dNSName);
guint dnsname_len = ASN1_STRING_length(gen_name->d.dNSName);
if (dnsname_len > sizeof(pattern_buf) - 1)
{
found = TRUE;
result = FALSE;
break;
}
memcpy(pattern_buf, dnsname, dnsname_len);
pattern_buf[dnsname_len] = 0;
/* we have found a DNS name as alternative subject name */
found = TRUE;
result = z_proxy_ssl_host_iface_check_wildcard(s->owner, host_name, pattern_buf);
break;
}
else if (gen_name->type == GEN_IPADD)
{
z_inet_ntoa(pattern_buf, sizeof(pattern_buf), *(struct in_addr *) gen_name->d.iPAddress->data);
found = TRUE;
result = strcmp(host_name, pattern_buf) == 0;
break;
}
}
sk_GENERAL_NAME_free(alt_names);
}
}
if (!found)
{
/* hmm. there was no subjectAltName (this is deprecated, but still
* widely used), look up the Subject, most specific CN */
X509_NAME *name;
name = X509_get_subject_name(self->server_cert);
if (X509_NAME_get_text_by_NID(name, NID_commonName, pattern_buf, sizeof(pattern_buf)) != -1)
{
result = z_proxy_ssl_host_iface_check_wildcard(s->owner, host_name, pattern_buf);
}
}
if (!result && reason_buf)
{
g_snprintf(reason_buf, reason_len, "Certificate does not belong to target host (certificate: %s, host %s)",
pattern_buf, host_name);
}
self->hostname_checked = TRUE;
self->hostname_check_result = result;
return result;
}
static int get_subjectAltName(X509 *s_ctx)
{
int error_code = 0;
GENERAL_NAMES *gens = NULL;
GENERAL_NAME *gen = NULL;
char *altname;
unsigned char p[5], *ip;
gens = X509_get_ext_d2i(s_ctx, NID_subject_alt_name, NULL, NULL);
if(NULL == gens)
{
error_code = 0;
goto end;
}
int gen_num = sk_GENERAL_NAME_num(gens);
int i=0;
for(i=0; i <= gen_num; ++i)
{
gen = sk_GENERAL_NAME_value(gens, i);
if(NULL == gen)
{
continue;
}
if (gen->type == GEN_DNS
||gen->type == GEN_EMAIL
||gen->type == GEN_URI )
{
// make sure if the data is terminated by '\0'.
if (gen->d.ia5->data[gen->d.ia5->length] != '\0')
{
continue;
}
altname = (char *)malloc(gen->d.ia5->length + 1);
strncpy(altname, (char *) gen->d.ia5->data, (gen->d.ia5->length + 1));
switch (gen->type) {
case GEN_EMAIL:
printf("email:%s\n", altname);
break;
case GEN_DNS:
printf("DNS:%s\n", altname);
break;
case GEN_URI:
default:
printf("URI:%s\n", altname);
break;
}
}
else if (gen->type == GEN_IPADD)
{
if (gen->d.ip->length != 4) {
continue;
}
ip = p;
ip = gen->d.ip->data;
printf("IP:%u.%u.%u.%u\n", ip[0], ip[1], ip[2], ip[3]);
}
if(altname)
{
free(altname);
altname = NULL;
}
}
end:
if(gens)
{
// GENERAL_NAMES_free(gens);
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
}
return error_code;
}
static void CheckSAN(X509 *x509, CertType type)
{
int idx = -1;
bool bSanFound = false;
bool bSanName = false;
bool bSanRequired = false;
bool bCommonNameFound = false;
ASN1_STRING *commonName = NULL;
enum { SAN_TYPE_NOT_ALLOWED, SAN_TYPE_ALLOWED, SAN_TYPE_WARN } name_type_allowed[GEN_RID+1];
for (int i = 0; i < GEN_RID+1; i++)
{
name_type_allowed[i] = SAN_TYPE_NOT_ALLOWED;
}
if (GetBit(cert_info, CERT_INFO_SERV_AUTH) || GetBit(cert_info, CERT_INFO_ANY_EKU) || GetBit(cert_info, CERT_INFO_NO_EKU))
{
name_type_allowed[GEN_DNS] = SAN_TYPE_ALLOWED;
name_type_allowed[GEN_IPADD] = SAN_TYPE_ALLOWED;
bSanRequired = true;
}
if (GetBit(cert_info, CERT_INFO_EMAIL) || GetBit(cert_info, CERT_INFO_ANY_EKU) || GetBit(cert_info, CERT_INFO_NO_EKU))
{
name_type_allowed[GEN_EMAIL] = SAN_TYPE_ALLOWED;
bSanRequired = true;
}
if (GetBit(cert_info, CERT_INFO_CLIENT_AUTH))
{
/*
* DNS and IP address doesn't make sense for a TLS client that
* doesn't also do server authentication.
*/
if (name_type_allowed[GEN_DNS] == SAN_TYPE_NOT_ALLOWED)
{
name_type_allowed[GEN_DNS] = SAN_TYPE_WARN;
name_type_allowed[GEN_IPADD] = SAN_TYPE_WARN;
}
name_type_allowed[GEN_EMAIL] = SAN_TYPE_ALLOWED;
}
if (GetBit(warnings, WARN_UNKNOWN_EKU) && !GetBit(cert_info, CERT_INFO_SERV_AUTH) && !GetBit(cert_info, CERT_INFO_ANY_EKU))
{
/*
* If it's a certificate with an unknown EKU that isn't
* also valid for server auth, allow the other types
*/
name_type_allowed[GEN_OTHERNAME] = SAN_TYPE_ALLOWED;
name_type_allowed[GEN_X400] = SAN_TYPE_ALLOWED;
name_type_allowed[GEN_EDIPARTY] = SAN_TYPE_ALLOWED;
name_type_allowed[GEN_URI] = SAN_TYPE_ALLOWED;
}
X509_NAME *subject = X509_get_subject_name(x509);
for (int i = 0; i < X509_NAME_entry_count(subject); i++)
{
X509_NAME_ENTRY *ne = X509_NAME_get_entry(subject, i);
ASN1_OBJECT *obj = X509_NAME_ENTRY_get_object(ne);
if (OBJ_cmp(obj_commonName, obj) == 0)
{
commonName = X509_NAME_ENTRY_get_data(ne);
break;
}
}
do
{
int critical = -1;
GENERAL_NAMES *names = X509_get_ext_d2i(x509, NID_subject_alt_name, &critical, &idx);
if (names == NULL)
{
if (critical >= 0)
{
/* Found but fails to parse */
SetError(ERR_INVALID);
bSanFound = true;
continue;
}
/* Not found */
break;
}
for (int i = 0; i < sk_GENERAL_NAME_num(names); i++)
{
GENERAL_NAME *name = sk_GENERAL_NAME_value(names, i);
int type;
ASN1_STRING *name_s = GENERAL_NAME_get0_value(name, &type);
if (type > GEN_RID || type < 0)
{
SetError(ERR_INVALID);
}
else if (name_type_allowed[type] == SAN_TYPE_NOT_ALLOWED)
{
SetError(ERR_SAN_TYPE);
}
else if (name_type_allowed[type] == SAN_TYPE_WARN)
{
SetWarning(WARN_TLS_CLIENT_DNS);
}
if (type == GEN_DNS)
{
for (int j = i+1; j < sk_GENERAL_NAME_num(names); j++)
{
GENERAL_NAME *name2 = sk_GENERAL_NAME_value(names, j);
int type2;
ASN1_STRING *name2_s = GENERAL_NAME_get0_value(name2, &type2);
if (type == type2 && ASN1_STRING_cmpcase(name_s, name2_s) == 0)
{
SetWarning(WARN_DUPLICATE_SAN);
}
}
char *s = malloc(name_s->length + 1);
strncpy(s, (char *)name_s->data, name_s->length);
s[name_s->length] = '\0';
unsigned char buf[sizeof(struct in6_addr)];
if (inet_pton(AF_INET, s, buf) == 1 || inet_pton(AF_INET6, s, buf) == 1)
{
SetError(ERR_IP_IN_DNSNAME);
}
free(s);
}
if ((type == GEN_DNS || type == GEN_EMAIL) && commonName != NULL)
{
if (ASN1_STRING_cmpcase(name_s, commonName) == 0)
{
bCommonNameFound = true;
}
}
if (type == GEN_IPADD)
{
int af = AF_UNSPEC;
if (name_s->length == 4)
{
af = AF_INET;
}
else if (name_s->length == 16)
{
af = AF_INET6;
}
else
{
SetError(ERR_IP_FAMILY);
}
if (af != AF_UNSPEC && commonName != NULL)
{
unsigned char buf[sizeof(struct in6_addr)];
char *s = malloc(commonName->length + 1);
strncpy(s, (char *)commonName->data, commonName->length);
s[commonName->length] = '\0';
inet_pton(af, s, buf);
/* We want to compare them binary, the string version is not standard. */
if (memcmp(buf, name_s->data, name_s->length) == 0)
{
bCommonNameFound = true;
}
free(s);
}
}
CheckGeneralNameType(name);
bSanName = true;
}
sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
bSanFound = true;
}
while (1);
if (!bSanFound && bSanRequired)
{
/* Required by CAB base 7.1.4.2.1 */
if (type == SubscriberCertificate)
{
SetError(ERR_NO_SUBJECT_ALT_NAME);
}
}
if (bSanFound && !bSanName)
{
SetError(ERR_SAN_WITHOUT_NAME);
}
if (commonName != NULL && bSanFound && !bCommonNameFound)
{
// SetError(ERR_CN_NOT_IN_SAN);
}
}
static PyObject *
_get_peer_alt_names (X509 *certificate) {
/* this code follows the procedure outlined in
OpenSSL's crypto/x509v3/v3_prn.c:X509v3_EXT_print()
function to extract the STACK_OF(GENERAL_NAME),
then iterates through the stack to add the
names. */
int i, j;
PyObject *peer_alt_names = Py_None;
PyObject *v, *t;
X509_EXTENSION *ext = NULL;
GENERAL_NAMES *names = NULL;
GENERAL_NAME *name;
X509V3_EXT_METHOD *method;
BIO *biobuf = NULL;
char buf[2048];
char *vptr;
int len;
const unsigned char *p;
if (certificate == NULL)
return peer_alt_names;
/* get a memory buffer */
biobuf = BIO_new(BIO_s_mem());
i = 0;
while ((i = X509_get_ext_by_NID(
certificate, NID_subject_alt_name, i)) >= 0) {
if (peer_alt_names == Py_None) {
peer_alt_names = PyList_New(0);
if (peer_alt_names == NULL)
goto fail;
}
/* now decode the altName */
ext = X509_get_ext(certificate, i);
if(!(method = X509V3_EXT_get(ext))) {
PyErr_SetString
(PySSLErrorObject,
ERRSTR("No method for internalizing subjectAltName!"));
goto fail;
}
p = ext->value->data;
if (method->it)
names = (GENERAL_NAMES*)
(ASN1_item_d2i(NULL,
&p,
ext->value->length,
ASN1_ITEM_ptr(method->it)));
else
names = (GENERAL_NAMES*)
(method->d2i(NULL,
&p,
ext->value->length));
for(j = 0; j < sk_GENERAL_NAME_num(names); j++) {
/* get a rendering of each name in the set of names */
name = sk_GENERAL_NAME_value(names, j);
if (name->type == GEN_DIRNAME) {
/* we special-case DirName as a tuple of
tuples of attributes */
t = PyTuple_New(2);
if (t == NULL) {
goto fail;
}
v = PyUnicode_FromString("DirName");
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 0, v);
v = _create_tuple_for_X509_NAME (name->d.dirn);
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
} else {
/* for everything else, we use the OpenSSL print form */
(void) BIO_reset(biobuf);
GENERAL_NAME_print(biobuf, name);
len = BIO_gets(biobuf, buf, sizeof(buf)-1);
if (len < 0) {
_setSSLError(NULL, 0, __FILE__, __LINE__);
goto fail;
}
vptr = strchr(buf, ':');
if (vptr == NULL)
goto fail;
t = PyTuple_New(2);
if (t == NULL)
goto fail;
v = PyUnicode_FromStringAndSize(buf, (vptr - buf));
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 0, v);
v = PyUnicode_FromStringAndSize((vptr + 1),
(len - (vptr - buf + 1)));
if (v == NULL) {
Py_DECREF(t);
goto fail;
}
PyTuple_SET_ITEM(t, 1, v);
}
/* and add that rendering to the list */
if (PyList_Append(peer_alt_names, t) < 0) {
Py_DECREF(t);
goto fail;
}
Py_DECREF(t);
}
}
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
v = PyList_AsTuple(peer_alt_names);
Py_DECREF(peer_alt_names);
return v;
} else {
return peer_alt_names;
}
fail:
if (biobuf != NULL)
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
Py_XDECREF(peer_alt_names);
}
return NULL;
}
/*! \brief
* creates a FILE * from the fd passed by the accept thread.
* This operation is potentially expensive (certificate verification),
* so we do it in the child thread context.
*
* \note must decrement ref count before returning NULL on error
*/
static void *handle_tcptls_connection(void *data)
{
struct ast_tcptls_session_instance *tcptls_session = data;
#ifdef DO_SSL
int (*ssl_setup)(SSL *) = (tcptls_session->client) ? SSL_connect : SSL_accept;
int ret;
char err[256];
#endif
/* TCP/TLS connections are associated with external protocols, and
* should not be allowed to execute 'dangerous' functions. This may
* need to be pushed down into the individual protocol handlers, but
* this seems like a good general policy.
*/
if (ast_thread_inhibit_escalations()) {
ast_log(LOG_ERROR, "Failed to inhibit privilege escalations; killing connection\n");
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
tcptls_session->stream_cookie = tcptls_stream_alloc();
if (!tcptls_session->stream_cookie) {
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
/*
* open a FILE * as appropriate.
*/
if (!tcptls_session->parent->tls_cfg) {
tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie, NULL,
tcptls_session->fd, -1);
if (tcptls_session->f) {
if (setvbuf(tcptls_session->f, NULL, _IONBF, 0)) {
ast_tcptls_close_session_file(tcptls_session);
}
}
}
#ifdef DO_SSL
else if ( (tcptls_session->ssl = SSL_new(tcptls_session->parent->tls_cfg->ssl_ctx)) ) {
SSL_set_fd(tcptls_session->ssl, tcptls_session->fd);
if ((ret = ssl_setup(tcptls_session->ssl)) <= 0) {
ast_log(LOG_ERROR, "Problem setting up ssl connection: %s\n", ERR_error_string(ERR_get_error(), err));
} else if ((tcptls_session->f = tcptls_stream_fopen(tcptls_session->stream_cookie,
tcptls_session->ssl, tcptls_session->fd, -1))) {
if ((tcptls_session->client && !ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_DONT_VERIFY_SERVER))
|| (!tcptls_session->client && ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_VERIFY_CLIENT))) {
X509 *peer;
long res;
peer = SSL_get_peer_certificate(tcptls_session->ssl);
if (!peer) {
ast_log(LOG_ERROR, "No peer SSL certificate to verify\n");
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
res = SSL_get_verify_result(tcptls_session->ssl);
if (res != X509_V_OK) {
ast_log(LOG_ERROR, "Certificate did not verify: %s\n", X509_verify_cert_error_string(res));
X509_free(peer);
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
if (!ast_test_flag(&tcptls_session->parent->tls_cfg->flags, AST_SSL_IGNORE_COMMON_NAME)) {
ASN1_STRING *str;
X509_NAME *name = X509_get_subject_name(peer);
STACK_OF(GENERAL_NAME) *alt_names;
int pos = -1;
int found = 0;
for (;;) {
/* Walk the certificate to check all available "Common Name" */
/* XXX Probably should do a gethostbyname on the hostname and compare that as well */
pos = X509_NAME_get_index_by_NID(name, NID_commonName, pos);
if (pos < 0) {
break;
}
str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name, pos));
if (!check_tcptls_cert_name(str, tcptls_session->parent->hostname, "common name")) {
found = 1;
break;
}
}
if (!found) {
alt_names = X509_get_ext_d2i(peer, NID_subject_alt_name, NULL, NULL);
if (alt_names != NULL) {
int alt_names_count = sk_GENERAL_NAME_num(alt_names);
for (pos = 0; pos < alt_names_count; pos++) {
const GENERAL_NAME *alt_name = sk_GENERAL_NAME_value(alt_names, pos);
if (alt_name->type != GEN_DNS) {
continue;
}
if (!check_tcptls_cert_name(alt_name->d.dNSName, tcptls_session->parent->hostname, "alt name")) {
found = 1;
break;
}
}
sk_GENERAL_NAME_pop_free(alt_names, GENERAL_NAME_free);
}
}
if (!found) {
ast_log(LOG_ERROR, "Certificate common name did not match (%s)\n", tcptls_session->parent->hostname);
X509_free(peer);
ast_tcptls_close_session_file(tcptls_session);
ao2_ref(tcptls_session, -1);
return NULL;
}
}
X509_free(peer);
}
}
if (!tcptls_session->f) { /* no success opening descriptor stacking */
SSL_free(tcptls_session->ssl);
}
}
#endif /* DO_SSL */
if (!tcptls_session->f) {
ast_tcptls_close_session_file(tcptls_session);
ast_log(LOG_WARNING, "FILE * open failed!\n");
#ifndef DO_SSL
if (tcptls_session->parent->tls_cfg) {
ast_log(LOG_ERROR, "Attempted a TLS connection without OpenSSL support. This will not work!\n");
}
#endif
ao2_ref(tcptls_session, -1);
return NULL;
}
if (tcptls_session->parent->worker_fn) {
return tcptls_session->parent->worker_fn(tcptls_session);
} else {
return tcptls_session;
}
}
/*
Function:
CheckX509Hostname
Used by System.Net.Security's Unix CertModule to identify if the certificate presented by
the server is applicable to the hostname requested.
Return values:
1 if the hostname is a match
0 if the hostname is not a match
Any negative number indicates an error in the arguments.
*/
extern int32_t CryptoNative_CheckX509Hostname(X509* x509, const char* hostname, int32_t cchHostname)
{
if (!x509)
return -2;
if (cchHostname > 0 && !hostname)
return -3;
if (cchHostname < 0)
return -4;
int subjectNid = NID_commonName;
int sanGenType = GEN_DNS;
GENERAL_NAMES* san = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
char readSubject = 1;
int success = 0;
// RFC2818 says that if ANY dNSName alternative name field is present then
// we should ignore the subject common name.
if (san)
{
int i;
int count = sk_GENERAL_NAME_num(san);
for (i = 0; i < count; ++i)
{
GENERAL_NAME* sanEntry = sk_GENERAL_NAME_value(san, i);
if (sanEntry->type != sanGenType)
{
continue;
}
readSubject = 0;
if (CheckX509HostnameMatch(sanEntry->d.dNSName, hostname, cchHostname, 1))
{
success = 1;
break;
}
}
GENERAL_NAMES_free(san);
}
if (readSubject && !success)
{
// This is a shared/interor pointer, do not free!
X509_NAME* subject = X509_get_subject_name(x509);
if (subject)
{
int i = -1;
while ((i = X509_NAME_get_index_by_NID(subject, subjectNid, i)) >= 0)
{
// Shared/interior pointers, do not free!
X509_NAME_ENTRY* nameEnt = X509_NAME_get_entry(subject, i);
ASN1_STRING* cn = X509_NAME_ENTRY_get_data(nameEnt);
if (CheckX509HostnameMatch(cn, hostname, cchHostname, 0))
{
success = 1;
break;
}
}
}
}
return success;
}
/* This code is based heavily on the example provided in "Secure Programming
* Cookbook for C and C++".
*/
int _mosquitto_verify_certificate_hostname(X509 *cert, const char *hostname)
{
int i;
char name[256];
X509_NAME *subj;
bool have_san_dns = false;
STACK_OF(GENERAL_NAME) *san;
const GENERAL_NAME *nval;
const unsigned char *data;
unsigned char ipv6_addr[16];
unsigned char ipv4_addr[4];
int ipv6_ok;
int ipv4_ok;
#ifdef WIN32
ipv6_ok = InetPton(AF_INET6, hostname, &ipv6_addr);
ipv4_ok = InetPton(AF_INET, hostname, &ipv4_addr);
#else
ipv6_ok = inet_pton(AF_INET6, hostname, &ipv6_addr);
ipv4_ok = inet_pton(AF_INET, hostname, &ipv4_addr);
#endif
san = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (san) {
for (i = 0; i < sk_GENERAL_NAME_num(san); i++) {
nval = sk_GENERAL_NAME_value(san, i);
if (nval->type == GEN_DNS) {
data = ASN1_STRING_data(nval->d.dNSName);
if (data && !mosquitto__cmp_hostname_wildcard((char *)data, hostname)) {
sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
have_san_dns = true;
} else if (nval->type == GEN_IPADD) {
data = ASN1_STRING_data(nval->d.iPAddress);
if (nval->d.iPAddress->length == 4 && ipv4_ok) {
if (!memcmp(ipv4_addr, data, 4)) {
sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
} else if (nval->d.iPAddress->length == 16 && ipv6_ok) {
if (!memcmp(ipv6_addr, data, 16)) {
sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
return 1;
}
}
}
}
sk_GENERAL_NAME_pop_free(san, GENERAL_NAME_free);
if (have_san_dns) {
/* Only check CN if subjectAltName DNS entry does not exist. */
return 0;
}
}
subj = X509_get_subject_name(cert);
if (X509_NAME_get_text_by_NID(subj, NID_commonName, name, sizeof(name)) > 0) {
name[sizeof(name) - 1] = '\0';
if (!mosquitto__cmp_hostname_wildcard(name, hostname)) {
return 1;
}
}
return 0;
}
int32_t local_X509_check_host(X509* x509, const char* name, size_t namelen, unsigned int flags, char** peername)
{
assert(peername == NULL);
assert(flags == X509_CHECK_FLAG_NO_PARTIAL_WILDCARDS);
(void)flags;
(void)peername;
GENERAL_NAMES* san = (GENERAL_NAMES*)(X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL));
int readSubject = 1;
int success = 0;
// RFC2818 says that if ANY dNSName alternative name field is present then
// we should ignore the subject common name.
if (san != NULL)
{
int count = sk_GENERAL_NAME_num(san);
for (int i = 0; i < count; ++i)
{
GENERAL_NAME* sanEntry = sk_GENERAL_NAME_value(san, i);
if (sanEntry->type != GEN_DNS)
{
continue;
}
readSubject = 0;
// A GEN_DNS name is supposed to be a V_ASN1_IA5STRING.
// If it isn't, we don't know how to read it.
if (CheckX509HostnameMatch(sanEntry->d.dNSName, name, (int)namelen, V_ASN1_IA5STRING))
{
success = 1;
break;
}
}
GENERAL_NAMES_free(san);
}
if (readSubject)
{
assert(success == 0);
// This is a shared/interor pointer, do not free!
X509_NAME* subject = X509_get_subject_name(x509);
if (subject != NULL)
{
int i = -1;
while ((i = X509_NAME_get_index_by_NID(subject, NID_commonName, i)) >= 0)
{
// Shared/interior pointers, do not free!
X509_NAME_ENTRY* nameEnt = X509_NAME_get_entry(subject, i);
ASN1_STRING* cn = X509_NAME_ENTRY_get_data(nameEnt);
// For compatibility with previous .NET Core builds, allow any type of
// string for CN, provided it ended up with a single-byte encoding (otherwise
// strncasecmp simply won't match).
if (CheckX509HostnameMatch(cn, name, (int)namelen, cn->type))
{
success = 1;
break;
}
}
}
}
return success;
}
int tlsops_alt(struct sip_msg *msg, pv_param_t *param,
pv_value_t *res)
{
static char buf[1024];
int type = GEN_URI, my = 0, n, found = 0, ind_local;
STACK_OF(GENERAL_NAME)* names = 0;
GENERAL_NAME* nm;
X509* cert;
struct tcp_connection* c;
str text;
struct ip_addr ip;
ind_local = param->pvn.u.isname.name.n;
if (ind_local & CERT_PEER) {
my = 0;
ind_local = ind_local ^ CERT_PEER;
} else if (ind_local & CERT_LOCAL) {
my = 1;
ind_local = ind_local ^ CERT_LOCAL;
} else {
LM_CRIT("could not determine certificate\n");
return pv_get_null(msg, param, res);
}
switch(ind_local) {
case COMP_E: type = GEN_EMAIL; break;
case COMP_HOST: type = GEN_DNS; break;
case COMP_URI: type = GEN_URI; break;
case COMP_IP: type = GEN_IPADD; break;
default:
LM_CRIT("ind_local=%d\n", ind_local);
return pv_get_null(msg, param, res);
}
if (get_cert(&cert, &c, msg, my) < 0) return -1;
names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (!names) {
LM_ERR("cannot get certificate alternative subject\n");
goto err;
}
for (n = 0; n < sk_GENERAL_NAME_num(names); n++) {
nm = sk_GENERAL_NAME_value(names, n);
if (nm->type != type) continue;
switch(type) {
case GEN_EMAIL:
case GEN_DNS:
case GEN_URI:
text.s = (char*)nm->d.ia5->data;
text.len = nm->d.ia5->length;
if (text.len >= 1024) {
LM_ERR("alternative subject text too long\n");
goto err;
}
memcpy(buf, text.s, text.len);
res->rs.s = buf;
res->rs.len = text.len;
res->flags = PV_VAL_STR;
found = 1;
break;
case GEN_IPADD:
ip.len = nm->d.iPAddress->length;
ip.af = (ip.len == 16) ? AF_INET6 : AF_INET;
memcpy(ip.u.addr, nm->d.iPAddress->data, ip.len);
text.s = ip_addr2a(&ip);
text.len = strlen(text.s);
memcpy(buf, text.s, text.len);
res->rs.s = buf;
res->rs.len = text.len;
res->flags = PV_VAL_STR;
found = 1;
break;
}
break;
}
if (!found) goto err;
if (names) sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
if (!my) X509_free(cert);
tcpconn_put(c);
return 0;
err:
if (names) sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
if (!my) X509_free(cert);
tcpconn_put(c);
return pv_get_null(msg, param, res);
}
/**
* Retrieve the extensions from the certificate.
*/
int meth_extensions(lua_State* L)
{
int j;
int i = -1;
int n_general_names;
OTHERNAME *otherName;
X509_EXTENSION *extension;
GENERAL_NAME *general_name;
STACK_OF(GENERAL_NAME) *values;
X509 *peer = lsec_checkx509(L, 1);
/* Return (ret) */
lua_newtable(L);
while ((i = X509_get_ext_by_NID(peer, NID_subject_alt_name, i)) != -1) {
extension = X509_get_ext(peer, i);
if (extension == NULL)
break;
values = X509V3_EXT_d2i(extension);
if (values == NULL)
break;
/* Push ret[oid] */
push_asn1_objname(L, extension->object, 1);
push_subtable(L, -2);
/* Set ret[oid].name = name */
push_asn1_objname(L, extension->object, 0);
lua_setfield(L, -2, "name");
n_general_names = sk_GENERAL_NAME_num(values);
for (j = 0; j < n_general_names; j++) {
general_name = sk_GENERAL_NAME_value(values, j);
switch (general_name->type) {
case GEN_OTHERNAME:
otherName = general_name->d.otherName;
push_asn1_objname(L, otherName->type_id, 1);
if (push_subtable(L, -2)) {
push_asn1_objname(L, otherName->type_id, 0);
lua_setfield(L, -2, "name");
}
push_asn1_string(L, otherName->value->value.asn1_string);
lua_rawseti(L, -2, lua_rawlen(L, -2) + 1);
lua_pop(L, 1);
break;
case GEN_DNS:
lua_pushstring(L, "dNSName");
push_subtable(L, -2);
push_asn1_string(L, general_name->d.dNSName);
lua_rawseti(L, -2, lua_rawlen(L, -2) + 1);
lua_pop(L, 1);
break;
case GEN_EMAIL:
lua_pushstring(L, "rfc822Name");
push_subtable(L, -2);
push_asn1_string(L, general_name->d.rfc822Name);
lua_rawseti(L, -2, lua_rawlen(L, -2) + 1);
lua_pop(L, 1);
break;
case GEN_URI:
lua_pushstring(L, "uniformResourceIdentifier");
push_subtable(L, -2);
push_asn1_string(L, general_name->d.uniformResourceIdentifier);
lua_rawseti(L, -2, lua_rawlen(L, -2)+1);
lua_pop(L, 1);
break;
case GEN_IPADD:
lua_pushstring(L, "iPAddress");
push_subtable(L, -2);
push_asn1_string(L, general_name->d.iPAddress);
lua_rawseti(L, -2, lua_rawlen(L, -2)+1);
lua_pop(L, 1);
break;
case GEN_X400:
/* x400Address */
/* not supported */
break;
case GEN_DIRNAME:
/* directoryName */
/* not supported */
break;
case GEN_EDIPARTY:
/* ediPartyName */
/* not supported */
break;
case GEN_RID:
/* registeredID */
/* not supported */
break;
}
}
lua_pop(L, 1); /* ret[oid] */
i++; /* Next extension */
}
return 1;
}
bool
ssl_check_certificate (int fd, const char *host)
{
X509 *cert;
GENERAL_NAMES *subjectAltNames;
char common_name[256];
long vresult;
bool success = true;
bool alt_name_checked = false;
/* If the user has specified --no-check-cert, we still want to warn
him about problems with the server's certificate. */
const char *severity = opt.check_cert ? _("ERROR") : _("WARNING");
struct openssl_transport_context *ctx = fd_transport_context (fd);
SSL *conn = ctx->conn;
assert (conn != NULL);
cert = SSL_get_peer_certificate (conn);
if (!cert)
{
logprintf (LOG_NOTQUIET, _("%s: No certificate presented by %s.\n"),
severity, quotearg_style (escape_quoting_style, host));
success = false;
goto no_cert; /* must bail out since CERT is NULL */
}
IF_DEBUG
{
char *subject = _get_rfc2253_formatted (X509_get_subject_name (cert));
char *issuer = _get_rfc2253_formatted (X509_get_issuer_name (cert));
DEBUGP (("certificate:\n subject: %s\n issuer: %s\n",
quotearg_n_style (0, escape_quoting_style, subject),
quotearg_n_style (1, escape_quoting_style, issuer)));
xfree (subject);
xfree (issuer);
}
vresult = SSL_get_verify_result (conn);
if (vresult != X509_V_OK)
{
char *issuer = _get_rfc2253_formatted (X509_get_issuer_name (cert));
logprintf (LOG_NOTQUIET,
_("%s: cannot verify %s's certificate, issued by %s:\n"),
severity, quotearg_n_style (0, escape_quoting_style, host),
quote_n (1, issuer));
xfree(issuer);
/* Try to print more user-friendly (and translated) messages for
the frequent verification errors. */
switch (vresult)
{
case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
logprintf (LOG_NOTQUIET,
_(" Unable to locally verify the issuer's authority.\n"));
break;
case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
logprintf (LOG_NOTQUIET,
_(" Self-signed certificate encountered.\n"));
break;
case X509_V_ERR_CERT_NOT_YET_VALID:
logprintf (LOG_NOTQUIET, _(" Issued certificate not yet valid.\n"));
break;
case X509_V_ERR_CERT_HAS_EXPIRED:
logprintf (LOG_NOTQUIET, _(" Issued certificate has expired.\n"));
break;
default:
/* For the less frequent error strings, simply provide the
OpenSSL error message. */
logprintf (LOG_NOTQUIET, " %s\n",
X509_verify_cert_error_string (vresult));
}
success = false;
/* Fall through, so that the user is warned about *all* issues
with the cert (important with --no-check-certificate.) */
}
/* Check that HOST matches the common name in the certificate.
#### The following remains to be done:
- When matching against common names, it should loop over all
common names and choose the most specific one, i.e. the last
one, not the first one, which the current code picks.
- Ensure that ASN1 strings from the certificate are encoded as
UTF-8 which can be meaningfully compared to HOST. */
subjectAltNames = X509_get_ext_d2i (cert, NID_subject_alt_name, NULL, NULL);
if (subjectAltNames)
{
/* Test subject alternative names */
/* Do we want to check for dNSNAmes or ipAddresses (see RFC 2818)?
* Signal it by host_in_octet_string. */
ASN1_OCTET_STRING *host_in_octet_string = a2i_IPADDRESS (host);
int numaltnames = sk_GENERAL_NAME_num (subjectAltNames);
int i;
for (i=0; i < numaltnames; i++)
{
const GENERAL_NAME *name =
sk_GENERAL_NAME_value (subjectAltNames, i);
if (name)
{
if (host_in_octet_string)
{
if (name->type == GEN_IPADD)
{
/* Check for ipAddress */
/* TODO: Should we convert between IPv4-mapped IPv6
* addresses and IPv4 addresses? */
alt_name_checked = true;
if (!ASN1_STRING_cmp (host_in_octet_string,
name->d.iPAddress))
break;
}
}
else if (name->type == GEN_DNS)
{
/* dNSName should be IA5String (i.e. ASCII), however who
* does trust CA? Convert it into UTF-8 for sure. */
unsigned char *name_in_utf8 = NULL;
/* Check for dNSName */
alt_name_checked = true;
if (0 <= ASN1_STRING_to_UTF8 (&name_in_utf8, name->d.dNSName))
{
/* Compare and check for NULL attack in ASN1_STRING */
if (pattern_match ((char *)name_in_utf8, host) &&
(strlen ((char *)name_in_utf8) ==
(size_t) ASN1_STRING_length (name->d.dNSName)))
{
OPENSSL_free (name_in_utf8);
break;
}
OPENSSL_free (name_in_utf8);
}
}
}
}
sk_GENERAL_NAME_pop_free(subjectAltNames, GENERAL_NAME_free);
if (host_in_octet_string)
ASN1_OCTET_STRING_free(host_in_octet_string);
if (alt_name_checked == true && i >= numaltnames)
{
logprintf (LOG_NOTQUIET,
_("%s: no certificate subject alternative name matches\n"
"\trequested host name %s.\n"),
severity, quote_n (1, host));
success = false;
}
}
if (alt_name_checked == false)
{
/* Test commomName */
X509_NAME *xname = X509_get_subject_name(cert);
common_name[0] = '\0';
X509_NAME_get_text_by_NID (xname, NID_commonName, common_name,
sizeof (common_name));
if (!pattern_match (common_name, host))
{
logprintf (LOG_NOTQUIET, _("\
%s: certificate common name %s doesn't match requested host name %s.\n"),
severity, quote_n (0, common_name), quote_n (1, host));
success = false;
}
static int
_SSL_check_subject_altname (X509 *cert, const char *host)
{
STACK_OF(GENERAL_NAME) *altname_stack = NULL;
GInetAddress *addr;
GSocketFamily family;
int type = GEN_DNS;
int count, i;
int rv = -1;
altname_stack = X509_get_ext_d2i (cert, NID_subject_alt_name, NULL, NULL);
if (altname_stack == NULL)
return -1;
addr = g_inet_address_new_from_string (host);
if (addr != NULL)
{
family = g_inet_address_get_family (addr);
if (family == G_SOCKET_FAMILY_IPV4 || family == G_SOCKET_FAMILY_IPV6)
type = GEN_IPADD;
}
count = sk_GENERAL_NAME_num(altname_stack);
for (i = 0; i < count; i++)
{
GENERAL_NAME *altname;
altname = sk_GENERAL_NAME_value (altname_stack, i);
if (altname->type != type)
continue;
if (type == GEN_DNS)
{
unsigned char *data;
int format;
format = ASN1_STRING_type (altname->d.dNSName);
if (format == V_ASN1_IA5STRING)
{
data = ASN1_STRING_data (altname->d.dNSName);
if (ASN1_STRING_length (altname->d.dNSName) != (int)strlen(data))
{
g_warning("NUL byte in subjectAltName, probably a malicious certificate.\n");
rv = -2;
break;
}
if (_SSL_match_hostname (data, host) == 0)
{
rv = 0;
break;
}
}
else
g_warning ("unhandled subjectAltName dNSName encoding (%d)\n", format);
}
else if (type == GEN_IPADD)
{
unsigned char *data;
const guint8 *addr_bytes;
int datalen, addr_len;
datalen = ASN1_STRING_length (altname->d.iPAddress);
data = ASN1_STRING_data (altname->d.iPAddress);
addr_bytes = g_inet_address_to_bytes (addr);
addr_len = (int)g_inet_address_get_native_size (addr);
if (datalen == addr_len && memcmp (data, addr_bytes, addr_len) == 0)
{
rv = 0;
break;
}
}
}
if (addr != NULL)
g_object_unref (addr);
sk_GENERAL_NAME_free (altname_stack);
return rv;
}
/* this is called after the connection on the client side by us to check
other aspects about the connection */
int
netsnmp_tlsbase_verify_server_cert(SSL *ssl, _netsnmpTLSBaseData *tlsdata) {
/* XXX */
X509 *remote_cert;
char *check_name;
int ret;
netsnmp_assert_or_return(ssl != NULL, SNMPERR_GENERR);
netsnmp_assert_or_return(tlsdata != NULL, SNMPERR_GENERR);
if (NULL == (remote_cert = SSL_get_peer_certificate(ssl))) {
/* no peer cert */
DEBUGMSGTL(("tls_x509:verify",
"remote connection provided no certificate (yet)\n"));
return SNMPERR_TLS_NO_CERTIFICATE;
}
/* make sure that the fingerprint matches */
ret = _netsnmp_tlsbase_verify_remote_fingerprint(remote_cert, tlsdata, 1);
switch(ret) {
case VERIFIED_FINGERPRINT:
return SNMPERR_SUCCESS;
case FAILED_FINGERPRINT_VERIFY:
return SNMPERR_GENERR;
case NO_FINGERPRINT_AVAILABLE:
if (tlsdata->their_hostname && tlsdata->their_hostname[0] != '\0') {
GENERAL_NAMES *onames;
const GENERAL_NAME *oname = NULL;
int i, j;
int count;
char buf[SPRINT_MAX_LEN];
int is_wildcarded = 0;
char *compare_to;
/* see if the requested hostname has a wildcard prefix */
if (strncmp(tlsdata->their_hostname, "*.", 2) == 0) {
is_wildcarded = 1;
compare_to = tlsdata->their_hostname + 2;
} else {
compare_to = tlsdata->their_hostname;
}
/* if the hostname we were expecting to talk to matches
the cert, then we can accept this connection. */
/* check against the DNS subjectAltName */
onames = (GENERAL_NAMES *)X509_get_ext_d2i(remote_cert,
NID_subject_alt_name,
NULL, NULL );
if (NULL != onames) {
count = sk_GENERAL_NAME_num(onames);
for (i=0 ; i <count; ++i) {
oname = sk_GENERAL_NAME_value(onames, i);
if (GEN_DNS == oname->type) {
/* get the value */
ASN1_STRING_to_UTF8((unsigned char**)&check_name,
oname->d.ia5);
/* convert to lowercase for comparisons */
for (j = 0 ;
*check_name && j < sizeof(buf)-1;
++check_name, ++j ) {
if (isascii(*check_name))
buf[j] = tolower(0xFF & *check_name);
}
if (j < sizeof(buf))
buf[j] = '\0';
check_name = buf;
if (is_wildcarded) {
/* we *only* allow passing till the first '.' */
/* ie *.example.com can't match a.b.example.com */
check_name = strchr(check_name, '.') + 1;
}
DEBUGMSGTL(("tls_x509:verify", "checking subjectAltname of dns:%s\n", check_name));
if (strcmp(compare_to, check_name) == 0) {
DEBUGMSGTL(("tls_x509:verify", "Successful match on a subjectAltname of dns:%s\n", check_name));
return SNMPERR_SUCCESS;
}
}
}
}
/* check the common name for a match */
check_name =
netsnmp_openssl_cert_get_commonName(remote_cert, NULL, NULL);
if (is_wildcarded) {
/* we *only* allow passing till the first '.' */
/* ie *.example.com can't match a.b.example.com */
check_name = strchr(check_name, '.') + 1;
}
if (strcmp(compare_to, check_name) == 0) {
DEBUGMSGTL(("tls_x509:verify", "Successful match on a common name of %s\n", check_name));
return SNMPERR_SUCCESS;
}
snmp_log(LOG_ERR, "No matching names in the certificate to match the expected %s\n", tlsdata->their_hostname);
return SNMPERR_GENERR;
}
/* XXX: check for hostname match instead */
snmp_log(LOG_ERR, "Can not verify a remote server identity without configuration\n");
return SNMPERR_GENERR;
}
DEBUGMSGTL(("tls_x509:verify", "shouldn't get here\n"));
return SNMPERR_GENERR;
}
/** check if a provided cert matches a passed hostname
*/
bool
_mongoc_ssl_check_cert (SSL *ssl,
const char *host,
bool weak_cert_validation)
{
X509 *peer;
X509_NAME *subject_name;
X509_NAME_ENTRY *entry;
ASN1_STRING *entry_data;
char *check;
int length;
int idx;
int r = 0;
long verify_status;
size_t addrlen = 0;
struct in_addr addr;
int i;
int n_sans = -1;
int target = GEN_DNS;
STACK_OF (GENERAL_NAME) * sans = NULL;
BSON_ASSERT (ssl);
BSON_ASSERT (host);
if (weak_cert_validation) {
return true;
}
/** if the host looks like an IP address, match that, otherwise we assume we
* have a DNS name */
if (inet_pton (AF_INET, host, &addr)) {
target = GEN_IPADD;
addrlen = sizeof (struct in_addr);
}
peer = SSL_get_peer_certificate (ssl);
if (!peer) {
return false;
}
verify_status = SSL_get_verify_result (ssl);
/** TODO: should we return this somehow? */
if (verify_status == X509_V_OK) {
/* get's a stack of alt names that we can iterate through */
sans = X509_get_ext_d2i ((X509 *)peer, NID_subject_alt_name, NULL, NULL);
if (sans) {
n_sans = sk_GENERAL_NAME_num (sans);
/* loop through the stack, or until we find a match */
for (i = 0; i < n_sans && !r; i++) {
const GENERAL_NAME *name = sk_GENERAL_NAME_value (sans, i);
/* skip entries that can't apply, I.e. IP entries if we've got a
* DNS host */
if (name->type == target) {
check = (char *)ASN1_STRING_data (name->d.ia5);
length = ASN1_STRING_length (name->d.ia5);
switch (target) {
case GEN_DNS:
/* check that we don't have an embedded null byte */
if ((length == bson_strnlen (check, length)) &&
_mongoc_ssl_hostcheck (check, host)) {
r = 1;
}
break;
case GEN_IPADD:
if ((length == addrlen) && !memcmp (check, &addr, length)) {
r = 1;
}
break;
default:
assert (0);
break;
}
}
}
GENERAL_NAMES_free (sans);
} else {
subject_name = X509_get_subject_name (peer);
if (subject_name) {
idx = -1;
i = -1;
/* skip to the last common name */
while ((idx =
X509_NAME_get_index_by_NID (subject_name, NID_commonName, i)) >= 0) {
i = idx;
}
if (i >= 0) {
entry = X509_NAME_get_entry (subject_name, i);
entry_data = X509_NAME_ENTRY_get_data (entry);
if (entry_data) {
/* TODO: I've heard tell that old versions of SSL crap out
* when calling ASN1_STRING_to_UTF8 on already utf8 data.
* Check up on that */
length = ASN1_STRING_to_UTF8 ((unsigned char **)&check,
entry_data);
if (length >= 0) {
/* check for embedded nulls */
if ((length == bson_strnlen (check, length)) &&
_mongoc_ssl_hostcheck (check, host)) {
r = 1;
}
OPENSSL_free (check);
}
}
}
}
}
}
X509_free (peer);
return r;
}
/* Check certificate identity. Returns zero if identity matches; 1 if
* identity does not match, or <0 if the certificate had no identity.
* If 'identity' is non-NULL, store the malloc-allocated identity in
* *identity. Logic specified by RFC 2818 and RFC 3280. */
static int check_identity(const ne_uri *server, X509 *cert, char **identity)
{
STACK_OF(GENERAL_NAME) *names;
int match = 0, found = 0;
const char *hostname;
hostname = server ? server->host : "";
names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (names) {
int n;
/* subjectAltName contains a sequence of GeneralNames */
for (n = 0; n < sk_GENERAL_NAME_num(names) && !match; n++) {
GENERAL_NAME *nm = sk_GENERAL_NAME_value(names, n);
/* handle dNSName and iPAddress name extensions only. */
if (nm->type == GEN_DNS) {
char *name = dup_ia5string(nm->d.ia5);
if (identity && !found) *identity = ne_strdup(name);
match = ne__ssl_match_hostname(name, strlen(name), hostname);
free(name);
found = 1;
}
else if (nm->type == GEN_IPADD) {
/* compare IP address with server IP address. */
ne_inet_addr *ia;
if (nm->d.ip->length == 4)
ia = ne_iaddr_make(ne_iaddr_ipv4, nm->d.ip->data);
else if (nm->d.ip->length == 16)
ia = ne_iaddr_make(ne_iaddr_ipv6, nm->d.ip->data);
else
ia = NULL;
/* ne_iaddr_make returns NULL if address type is unsupported */
if (ia != NULL) { /* address type was supported. */
char buf[128];
match = strcmp(hostname,
ne_iaddr_print(ia, buf, sizeof buf)) == 0;
found = 1;
ne_iaddr_free(ia);
} else {
NE_DEBUG(NE_DBG_SSL, "iPAddress name with unsupported "
"address type (length %d), skipped.\n",
nm->d.ip->length);
}
}
else if (nm->type == GEN_URI) {
char *name = dup_ia5string(nm->d.ia5);
ne_uri uri;
if (ne_uri_parse(name, &uri) == 0 && uri.host && uri.scheme) {
ne_uri tmp;
if (identity && !found) *identity = ne_strdup(name);
found = 1;
if (server) {
/* For comparison purposes, all that matters is
* host, scheme and port; ignore the rest. */
memset(&tmp, 0, sizeof tmp);
tmp.host = uri.host;
tmp.scheme = uri.scheme;
tmp.port = uri.port;
match = ne_uri_cmp(server, &tmp) == 0;
}
}
ne_uri_free(&uri);
free(name);
}
}
/* free the whole stack. */
sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
}
/* Check against the commonName if no DNS alt. names were found,
* as per RFC3280. */
if (!found) {
X509_NAME *subj = X509_get_subject_name(cert);
X509_NAME_ENTRY *entry;
ne_buffer *cname = ne_buffer_ncreate(30);
int idx = -1, lastidx;
/* find the most specific commonName attribute. */
do {
lastidx = idx;
idx = X509_NAME_get_index_by_NID(subj, NID_commonName, lastidx);
} while (idx >= 0);
if (lastidx < 0) {
/* no commonName attributes at all. */
ne_buffer_destroy(cname);
return -1;
}
/* extract the string from the entry */
entry = X509_NAME_get_entry(subj, lastidx);
if (append_dirstring(cname, X509_NAME_ENTRY_get_data(entry))) {
ne_buffer_destroy(cname);
return -1;
}
if (identity) *identity = ne_strdup(cname->data);
match = ne__ssl_match_hostname(cname->data, cname->used - 1, hostname);
ne_buffer_destroy(cname);
}
NE_DEBUG(NE_DBG_SSL, "Identity match for '%s': %s\n", hostname,
match ? "good" : "bad");
return match ? 0 : 1;
}
static int
tlso_session_chkhost( LDAP *ld, tls_session *sess, const char *name_in )
{
tlso_session *s = (tlso_session *)sess;
int i, ret = LDAP_LOCAL_ERROR;
X509 *x;
const char *name;
char *ptr;
int ntype = IS_DNS, nlen;
#ifdef LDAP_PF_INET6
struct in6_addr addr;
#else
struct in_addr addr;
#endif
if( ldap_int_hostname &&
( !name_in || !strcasecmp( name_in, "localhost" ) ) )
{
name = ldap_int_hostname;
} else {
name = name_in;
}
nlen = strlen(name);
x = tlso_get_cert(s);
if (!x) {
Debug( LDAP_DEBUG_ANY,
"TLS: unable to get peer certificate.\n",
0, 0, 0 );
/* If this was a fatal condition, things would have
* aborted long before now.
*/
return LDAP_SUCCESS;
}
#ifdef LDAP_PF_INET6
if (inet_pton(AF_INET6, name, &addr)) {
ntype = IS_IP6;
} else
#endif
if ((ptr = strrchr(name, '.')) && isdigit((unsigned char)ptr[1])) {
if (inet_aton(name, (struct in_addr *)&addr)) ntype = IS_IP4;
}
i = X509_get_ext_by_NID(x, NID_subject_alt_name, -1);
if (i >= 0) {
X509_EXTENSION *ex;
STACK_OF(GENERAL_NAME) *alt;
ex = X509_get_ext(x, i);
alt = X509V3_EXT_d2i(ex);
if (alt) {
int n, len2 = 0;
char *domain = NULL;
GENERAL_NAME *gn;
if (ntype == IS_DNS) {
domain = strchr(name, '.');
if (domain) {
len2 = nlen - (domain-name);
}
}
n = sk_GENERAL_NAME_num(alt);
for (i=0; i<n; i++) {
char *sn;
int sl;
gn = sk_GENERAL_NAME_value(alt, i);
if (gn->type == GEN_DNS) {
if (ntype != IS_DNS) continue;
sn = (char *) ASN1_STRING_data(gn->d.ia5);
sl = ASN1_STRING_length(gn->d.ia5);
/* ignore empty */
if (sl == 0) continue;
/* Is this an exact match? */
if ((nlen == sl) && !strncasecmp(name, sn, nlen)) {
break;
}
/* Is this a wildcard match? */
if (domain && (sn[0] == '*') && (sn[1] == '.') &&
(len2 == sl-1) && !strncasecmp(domain, &sn[1], len2))
{
break;
}
} else if (gn->type == GEN_IPADD) {
if (ntype == IS_DNS) continue;
sn = (char *) ASN1_STRING_data(gn->d.ia5);
sl = ASN1_STRING_length(gn->d.ia5);
#ifdef LDAP_PF_INET6
if (ntype == IS_IP6 && sl != sizeof(struct in6_addr)) {
continue;
} else
#endif
if (ntype == IS_IP4 && sl != sizeof(struct in_addr)) {
continue;
}
if (!memcmp(sn, &addr, sl)) {
break;
}
}
}
GENERAL_NAMES_free(alt);
if (i < n) { /* Found a match */
ret = LDAP_SUCCESS;
}
}
}
if (ret != LDAP_SUCCESS) {
X509_NAME *xn;
X509_NAME_ENTRY *ne;
ASN1_OBJECT *obj;
ASN1_STRING *cn = NULL;
int navas;
/* find the last CN */
obj = OBJ_nid2obj( NID_commonName );
if ( !obj ) goto no_cn; /* should never happen */
xn = X509_get_subject_name(x);
navas = X509_NAME_entry_count( xn );
for ( i=navas-1; i>=0; i-- ) {
ne = X509_NAME_get_entry( xn, i );
if ( !OBJ_cmp( X509_NAME_ENTRY_get_object(ne), obj )) {
cn = X509_NAME_ENTRY_get_data( ne );
break;
}
}
if( !cn )
{
no_cn:
Debug( LDAP_DEBUG_ANY,
"TLS: unable to get common name from peer certificate.\n",
0, 0, 0 );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
ld->ld_error = LDAP_STRDUP(
_("TLS: unable to get CN from peer certificate"));
} else if ( cn->length == nlen &&
strncasecmp( name, (char *) cn->data, nlen ) == 0 ) {
ret = LDAP_SUCCESS;
} else if (( cn->data[0] == '*' ) && ( cn->data[1] == '.' )) {
char *domain = strchr(name, '.');
if( domain ) {
int dlen;
dlen = nlen - (domain-name);
/* Is this a wildcard match? */
if ((dlen == cn->length-1) &&
!strncasecmp(domain, (char *) &cn->data[1], dlen)) {
ret = LDAP_SUCCESS;
}
}
}
if( ret == LDAP_LOCAL_ERROR ) {
Debug( LDAP_DEBUG_ANY, "TLS: hostname (%s) does not match "
"common name in certificate (%.*s).\n",
name, cn->length, cn->data );
ret = LDAP_CONNECT_ERROR;
if ( ld->ld_error ) {
LDAP_FREE( ld->ld_error );
}
ld->ld_error = LDAP_STRDUP(
_("TLS: hostname does not match CN in peer certificate"));
}
}
X509_free(x);
return ret;
}
/*
Function:
GetX509NameInfo
Used by System.Security.Cryptography.X509Certificates' OpenSslX509CertificateReader as the entire
implementation of X509Certificate2.GetNameInfo.
Return values:
NULL if the certificate is invalid or no name information could be found, otherwise a pointer to a
memory-backed BIO structure which contains the answer to the GetNameInfo query
*/
extern BIO* CryptoNative_GetX509NameInfo(X509* x509, int32_t nameType, int32_t forIssuer)
{
static const char szOidUpn[] = "1.3.6.1.4.1.311.20.2.3";
if (!x509 || !x509->cert_info || nameType < NAME_TYPE_SIMPLE || nameType > NAME_TYPE_URL)
{
return NULL;
}
// Algorithm behaviors (pseudocode). When forIssuer is true, replace "Subject" with "Issuer" and
// SAN (Subject Alternative Names) with IAN (Issuer Alternative Names).
//
// SimpleName: Subject[CN] ?? Subject[OU] ?? Subject[O] ?? Subject[E] ?? Subject.Rdns.FirstOrDefault() ??
// SAN.Entries.FirstOrDefault(type == GEN_EMAIL);
// EmailName: SAN.Entries.FirstOrDefault(type == GEN_EMAIL) ?? Subject[E];
// UpnName: SAN.Entries.FirsOrDefaultt(type == GEN_OTHER && entry.AsOther().OID == szOidUpn).AsOther().Value;
// DnsName: SAN.Entries.FirstOrDefault(type == GEN_DNS) ?? Subject[CN];
// DnsFromAlternativeName: SAN.Entries.FirstOrDefault(type == GEN_DNS);
// UrlName: SAN.Entries.FirstOrDefault(type == GEN_URI);
if (nameType == NAME_TYPE_SIMPLE)
{
X509_NAME* name = forIssuer ? x509->cert_info->issuer : x509->cert_info->subject;
if (name)
{
ASN1_STRING* cn = NULL;
ASN1_STRING* ou = NULL;
ASN1_STRING* o = NULL;
ASN1_STRING* e = NULL;
ASN1_STRING* firstRdn = NULL;
// Walk the list backwards because it is stored in stack order
for (int i = X509_NAME_entry_count(name) - 1; i >= 0; --i)
{
X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i);
if (!entry)
{
continue;
}
ASN1_OBJECT* oid = X509_NAME_ENTRY_get_object(entry);
ASN1_STRING* str = X509_NAME_ENTRY_get_data(entry);
if (!oid || !str)
{
continue;
}
int nid = OBJ_obj2nid(oid);
if (nid == NID_commonName)
{
// CN wins, so no need to keep looking.
cn = str;
break;
}
else if (nid == NID_organizationalUnitName)
{
ou = str;
}
else if (nid == NID_organizationName)
{
o = str;
}
else if (nid == NID_pkcs9_emailAddress)
{
e = str;
}
else if (!firstRdn)
{
firstRdn = str;
}
}
ASN1_STRING* answer = cn;
// If there was no CN, but there was something, then perform fallbacks.
if (!answer && firstRdn)
{
answer = ou;
if (!answer)
{
answer = o;
}
if (!answer)
{
answer = e;
}
if (!answer)
{
answer = firstRdn;
}
}
if (answer)
{
BIO* b = BIO_new(BIO_s_mem());
ASN1_STRING_print_ex(b, answer, 0);
return b;
}
}
}
if (nameType == NAME_TYPE_SIMPLE || nameType == NAME_TYPE_DNS || nameType == NAME_TYPE_DNSALT ||
nameType == NAME_TYPE_EMAIL || nameType == NAME_TYPE_UPN || nameType == NAME_TYPE_URL)
{
int expectedType = -1;
switch (nameType)
{
case NAME_TYPE_DNS:
case NAME_TYPE_DNSALT:
expectedType = GEN_DNS;
break;
case NAME_TYPE_SIMPLE:
case NAME_TYPE_EMAIL:
expectedType = GEN_EMAIL;
break;
case NAME_TYPE_UPN:
expectedType = GEN_OTHERNAME;
break;
case NAME_TYPE_URL:
expectedType = GEN_URI;
break;
}
STACK_OF(GENERAL_NAME)* altNames =
X509_get_ext_d2i(x509, forIssuer ? NID_issuer_alt_name : NID_subject_alt_name, NULL, NULL);
if (altNames)
{
int i;
for (i = 0; i < sk_GENERAL_NAME_num(altNames); ++i)
{
GENERAL_NAME* altName = sk_GENERAL_NAME_value(altNames, i);
if (altName && altName->type == expectedType)
{
ASN1_STRING* str = NULL;
switch (nameType)
{
case NAME_TYPE_DNS:
case NAME_TYPE_DNSALT:
str = altName->d.dNSName;
break;
case NAME_TYPE_SIMPLE:
case NAME_TYPE_EMAIL:
str = altName->d.rfc822Name;
break;
case NAME_TYPE_URL:
str = altName->d.uniformResourceIdentifier;
break;
case NAME_TYPE_UPN:
{
OTHERNAME* value = altName->d.otherName;
if (value)
{
// Enough more padding than szOidUpn that a \0 won't accidentally align
char localOid[sizeof(szOidUpn) + 3];
int cchLocalOid = 1 + OBJ_obj2txt(localOid, sizeof(localOid), value->type_id, 1);
if (sizeof(szOidUpn) == cchLocalOid &&
0 == strncmp(localOid, szOidUpn, sizeof(szOidUpn)))
{
// OTHERNAME->ASN1_TYPE->union.field
str = value->value->value.asn1_string;
}
}
break;
}
}
if (str)
{
BIO* b = BIO_new(BIO_s_mem());
ASN1_STRING_print_ex(b, str, 0);
sk_GENERAL_NAME_free(altNames);
return b;
}
}
}
sk_GENERAL_NAME_free(altNames);
}
}
if (nameType == NAME_TYPE_EMAIL || nameType == NAME_TYPE_DNS)
{
X509_NAME* name = forIssuer ? x509->cert_info->issuer : x509->cert_info->subject;
int expectedNid = NID_undef;
switch (nameType)
{
case NAME_TYPE_EMAIL:
expectedNid = NID_pkcs9_emailAddress;
break;
case NAME_TYPE_DNS:
expectedNid = NID_commonName;
break;
}
if (name)
{
// Walk the list backwards because it is stored in stack order
for (int i = X509_NAME_entry_count(name) - 1; i >= 0; --i)
{
X509_NAME_ENTRY* entry = X509_NAME_get_entry(name, i);
if (!entry)
{
continue;
}
ASN1_OBJECT* oid = X509_NAME_ENTRY_get_object(entry);
ASN1_STRING* str = X509_NAME_ENTRY_get_data(entry);
if (!oid || !str)
{
continue;
}
int nid = OBJ_obj2nid(oid);
if (nid == expectedNid)
{
BIO* b = BIO_new(BIO_s_mem());
ASN1_STRING_print_ex(b, str, 0);
return b;
}
}
}
}
return NULL;
}
static int get_alt(str* res, int local, int type, sip_msg_t* msg)
{
static char buf[1024];
int n, found = 0;
STACK_OF(GENERAL_NAME)* names = 0;
GENERAL_NAME* nm;
X509* cert;
struct tcp_connection* c;
str text;
struct ip_addr ip;
if (get_cert(&cert, &c, msg, local) < 0) return -1;
names = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (!names) {
DBG("Cannot get certificate alternative subject\n");
goto err;
}
for (n = 0; n < sk_GENERAL_NAME_num(names); n++) {
nm = sk_GENERAL_NAME_value(names, n);
if (nm->type != type) continue;
switch(type) {
case GEN_EMAIL:
case GEN_DNS:
case GEN_URI:
text.s = (char*)nm->d.ia5->data;
text.len = nm->d.ia5->length;
if (text.len >= 1024) {
ERR("Alternative subject text too long\n");
goto err;
}
memcpy(buf, text.s, text.len);
res->s = buf;
res->len = text.len;
found = 1;
break;
case GEN_IPADD:
ip.len = nm->d.iPAddress->length;
ip.af = (ip.len == 16) ? AF_INET6 : AF_INET;
memcpy(ip.u.addr, nm->d.iPAddress->data, ip.len);
text.s = ip_addr2a(&ip);
text.len = strlen(text.s);
memcpy(buf, text.s, text.len);
res->s = buf;
res->len = text.len;
found = 1;
break;
}
break;
}
if (!found) goto err;
if (names) sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
if (!local) X509_free(cert);
tcpconn_put(c);
return 0;
err:
if (names) sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
if (!local) X509_free(cert);
tcpconn_put(c);
return -1;
}
/*
Function:
CheckX509IpAddress
Used by System.Net.Security's Unix CertModule to identify if the certificate presented by
the server is applicable to the hostname (an IP address) requested.
Return values:
1 if the hostname is a match
0 if the hostname is not a match
Any negative number indicates an error in the arguments.
*/
extern int32_t CryptoNative_CheckX509IpAddress(
X509* x509, const uint8_t* addressBytes, int32_t addressBytesLen, const char* hostname, int32_t cchHostname)
{
if (!x509)
return -2;
if (cchHostname > 0 && !hostname)
return -3;
if (cchHostname < 0)
return -4;
if (addressBytesLen < 0)
return -5;
if (!addressBytes)
return -6;
int subjectNid = NID_commonName;
int sanGenType = GEN_IPADD;
GENERAL_NAMES* san = X509_get_ext_d2i(x509, NID_subject_alt_name, NULL, NULL);
int success = 0;
if (san)
{
int i;
int count = sk_GENERAL_NAME_num(san);
for (i = 0; i < count; ++i)
{
GENERAL_NAME* sanEntry = sk_GENERAL_NAME_value(san, i);
ASN1_OCTET_STRING* ipAddr;
if (sanEntry->type != sanGenType)
{
continue;
}
ipAddr = sanEntry->d.iPAddress;
if (!ipAddr || !ipAddr->data || ipAddr->length != addressBytesLen)
{
continue;
}
if (!memcmp(addressBytes, ipAddr->data, (size_t)addressBytesLen))
{
success = 1;
break;
}
}
GENERAL_NAMES_free(san);
}
if (!success)
{
// This is a shared/interor pointer, do not free!
X509_NAME* subject = X509_get_subject_name(x509);
if (subject)
{
int i = -1;
while ((i = X509_NAME_get_index_by_NID(subject, subjectNid, i)) >= 0)
{
// Shared/interior pointers, do not free!
X509_NAME_ENTRY* nameEnt = X509_NAME_get_entry(subject, i);
ASN1_STRING* cn = X509_NAME_ENTRY_get_data(nameEnt);
if (CheckX509HostnameMatch(cn, hostname, cchHostname, 0))
{
success = 1;
break;
}
}
}
}
return success;
}
CURLcode sxi_verifyhost(sxc_client_t *sx, const char *hostname, X509 *server_cert)
{
int matched = -1; /* -1 is no alternative match yet, 1 means match and 0
means mismatch */
STACK_OF(GENERAL_NAME) *altnames;
CURLcode res = CURLE_OK;
/* get a "list" of alternative names */
altnames = X509_get_ext_d2i(server_cert, NID_subject_alt_name, NULL, NULL);
if(altnames) {
int numalts;
int i;
/* get amount of alternatives, RFC2459 claims there MUST be at least
one, but we don't depend on it... */
numalts = sk_GENERAL_NAME_num(altnames);
/* loop through all alternatives while none has matched */
for(i=0; (i<numalts) && (matched != 1); i++) {
/* get a handle to alternative name number i */
const GENERAL_NAME *check = sk_GENERAL_NAME_value(altnames, i);
/* only check alternatives of the same type the target is */
if(check->type == GEN_DNS) {
/* get data and length */
const char *altptr = (char *)ASN1_STRING_data(check->d.ia5);
size_t altlen = (size_t) ASN1_STRING_length(check->d.ia5);
/* name/pattern comparison */
/* The OpenSSL man page explicitly says: "In general it cannot be
assumed that the data returned by ASN1_STRING_data() is null
terminated or does not contain embedded nulls." But also that
"The actual format of the data will depend on the actual string
type itself: for example for and IA5String the data will be ASCII"
Curl uses strlen(altptr) == altlen here to check for embedded \0s.
We use memchr() to be safer from a possible non-null terminated string.
*/
if(!memchr(altptr, 0, altlen) &&
/* if this isn't true, there was an embedded zero in the name
string and we cannot match it. */
Curl_cert_hostcheck(altptr, hostname))
matched = 1;
else
matched = 0;
}
}
GENERAL_NAMES_free(altnames);
}
if(matched == 1)
/* an alternative name matched the server hostname */
SXDEBUG("\t subjectAltName: %s matched\n", hostname);
else if(matched == 0) {
/* an alternative name field existed, but didn't match and then
we MUST fail */
sxi_seterr(sx, SXE_ECOMM, "subjectAltName does not match %s\n", hostname);
res = CURLE_PEER_FAILED_VERIFICATION;
}
else {
/* we have to look to the last occurrence of a commonName in the
distinguished one to get the most significant one. */
int j,i=-1 ;
/* The following is done because of a bug in 0.9.6b */
unsigned char *nulstr = (unsigned char *)"";
unsigned char *peer_CN = nulstr;
X509_NAME *name = X509_get_subject_name(server_cert) ;
if(name)
while((j = X509_NAME_get_index_by_NID(name, NID_commonName, i))>=0)
i=j;
/* we have the name entry and we will now convert this to a string
that we can use for comparison. Doing this we support BMPstring,
UTF8 etc. */
if(i>=0) {
ASN1_STRING *tmp = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
/* In OpenSSL 0.9.7d and earlier, ASN1_STRING_to_UTF8 fails if the input
is already UTF-8 encoded. We check for this case and copy the raw
string manually to avoid the problem. This code can be made
conditional in the future when OpenSSL has been fixed. Work-around
brought by Alexis S. L. Carvalho. */
if(tmp) {
if(ASN1_STRING_type(tmp) == V_ASN1_UTF8STRING) {
j = ASN1_STRING_length(tmp);
if(j >= 0) {
peer_CN = OPENSSL_malloc(j+1);
if(peer_CN) {
memcpy(peer_CN, ASN1_STRING_data(tmp), j);
peer_CN[j] = '\0';
}
}
}
else /* not a UTF8 name */
j = ASN1_STRING_to_UTF8(&peer_CN, tmp);
if(peer_CN && memchr(peer_CN, 0, j)) {
/* there was a terminating zero before the end of string, this
cannot match and we return failure! */
sxi_seterr(sx, SXE_ECOMM, "SSL: illegal cert name field");
res = CURLE_PEER_FAILED_VERIFICATION;
}
}
}
if(peer_CN == nulstr)
peer_CN = NULL;
/* curl would convert from UTF8 to host encoding if built with HAVE_ICONV (not default) */
if(res)
/* error already detected, pass through */
;
else if(!peer_CN) {
SXDEBUG("SSL: unable to obtain common name from peer certificate");
res = CURLE_PEER_FAILED_VERIFICATION;
}
else if(!Curl_cert_hostcheck((const char *)peer_CN, hostname)) {
sxi_seterr(sx, SXE_ECOMM, "SSL: certificate subject name '%s' does not match "
"target host name '%s'", peer_CN, hostname);
res = CURLE_PEER_FAILED_VERIFICATION;
}
else {
SXDEBUG("\t common name: %s (matched)\n", peer_CN);
}
if(peer_CN)
OPENSSL_free(peer_CN);
}
return res;
}
gboolean
tls_verify_certificate_name(X509 *cert, const gchar *host_name)
{
gchar pattern_buf[256];
gint ext_ndx;
gboolean found = FALSE, result = FALSE;
ext_ndx = X509_get_ext_by_NID(cert, NID_subject_alt_name, -1);
if (ext_ndx >= 0)
{
/* ok, there's a subjectAltName extension, check that */
X509_EXTENSION *ext;
STACK_OF(GENERAL_NAME) *alt_names;
GENERAL_NAME *gen_name;
ext = X509_get_ext(cert, ext_ndx);
alt_names = X509V3_EXT_d2i(ext);
if (alt_names)
{
gint num, i;
num = sk_GENERAL_NAME_num(alt_names);
for (i = 0; !result && i < num; i++)
{
gen_name = sk_GENERAL_NAME_value(alt_names, i);
if (gen_name->type == GEN_DNS)
{
guchar *dnsname = ASN1_STRING_data(gen_name->d.dNSName);
guint dnsname_len = ASN1_STRING_length(gen_name->d.dNSName);
if (dnsname_len > sizeof(pattern_buf) - 1)
{
found = TRUE;
result = FALSE;
break;
}
memcpy(pattern_buf, dnsname, dnsname_len);
pattern_buf[dnsname_len] = 0;
/* we have found a DNS name as alternative subject name */
found = TRUE;
result = tls_wildcard_match(host_name, pattern_buf);
}
else if (gen_name->type == GEN_IPADD)
{
char *dotted_ip = inet_ntoa(*(struct in_addr *) gen_name->d.iPAddress->data);
g_strlcpy(pattern_buf, dotted_ip, sizeof(pattern_buf));
found = TRUE;
result = strcasecmp(host_name, pattern_buf) == 0;
}
}
sk_GENERAL_NAME_free(alt_names);
}
}
if (!found)
{
/* hmm. there was no subjectAltName (this is deprecated, but still
* widely used), look up the Subject, most specific CN */
X509_NAME *name;
name = X509_get_subject_name(cert);
if (X509_NAME_get_text_by_NID(name, NID_commonName, pattern_buf, sizeof(pattern_buf)) != -1)
{
result = tls_wildcard_match(host_name, pattern_buf);
}
}
if (!result)
{
msg_error("Certificate subject does not match configured hostname",
evt_tag_str("hostname", host_name),
evt_tag_str("certificate", pattern_buf),
NULL);
}
else
{
msg_verbose("Certificate subject matches configured hostname",
evt_tag_str("hostname", host_name),
evt_tag_str("certificate", pattern_buf),
NULL);
}
return result;
}
int
tls_client_start( SNET *sn, char *host, int authlevel )
{
X509 *peer;
char buf[ 1024 ];
struct timeval tv;
char *line;
int ntype;
struct in_addr addr;
int alt_ext;
if ( inet_aton( host, &addr )) {
ntype = IS_IP4;
} else {
/* Assume the host argument is a DNS name */
ntype = IS_DNS;
}
if( snet_writef( sn, "STARTTLS\r\n" ) < 0 ) {
perror( "snet_writef" );
return( -1 );
}
if ( verbose ) printf( ">>> STARTTLS\n" );
/* Check to see if command succeeded */
tv = timeout;
if (( line = snet_getline_multi( sn, logger, &tv )) == NULL ) {
perror( "snet_getline_multi" );
return( -1 );
}
if ( *line != '2' ) {
fprintf( stderr, "%s\n", line );
return( -1 );
}
/*
* Begin TLS
*/
/* This is where the TLS start */
/* At this point the server is also staring TLS */
if ( snet_starttls( sn, ctx, 0 ) != 1 ) {
fprintf( stderr, "snet_starttls: %s\n",
ERR_error_string( ERR_get_error(), NULL ) );
return( -1 );
}
if (( peer = SSL_get_peer_certificate( sn->sn_ssl ))
== NULL ) {
fprintf( stderr, "no certificate\n" );
return( -1 );
}
/* This code gratiously borrowed from openldap-2.2.17,
* it allows the use of aliases in the certificate.
*/
alt_ext = X509_get_ext_by_NID( peer, NID_subject_alt_name, -1 );
if ( alt_ext >= 0 ) {
X509_EXTENSION *ex;
STACK_OF( GENERAL_NAME ) *alt;
ex = X509_get_ext( peer, alt_ext );
alt = X509V3_EXT_d2i( ex );
if ( alt ) {
int i, n, len1 = 0, len2 = 0;
char *domain = NULL;
GENERAL_NAME *gn;
if ( ntype == IS_DNS ) {
len1 = strlen( host );
domain = strchr( host, '.' );
if ( domain ) {
len2 = len1 - ( domain-host );
}
}
n = sk_GENERAL_NAME_num( alt );
for ( i = 0; i < n; i++ ) {
char *sn;
int sl;
gn = sk_GENERAL_NAME_value( alt, i );
if ( gn->type == GEN_DNS ) {
if ( ntype != IS_DNS ) {
continue;
};
sn = (char *) ASN1_STRING_data( gn->d.ia5 );
sl = ASN1_STRING_length( gn->d.ia5 );
/* ignore empty */
if ( sl == 0 ) {
continue;
}
/* Is this an exact match? */
if (( len1 == sl ) && !strncasecmp( host, sn, len1 )) {
/* Found! */
if ( verbose ) {
printf( ">>> Certificate accepted: "
"subjectAltName exact match %s\n", sn );
}
break;
}
/* Is this a wildcard match? */
if ( domain && ( sn[0] == '*' ) && ( sn[1] == '.' ) &&
( len2 == sl-1 ) &&
strncasecmp( domain, &sn[1], len2 )) {
/* Found! */
if ( verbose ) {
printf( ">>> Certificate accepted: subjectAltName "
"wildcard %s host %s\n", sn, host );
}
break;
}
} else if ( gn->type == GEN_IPADD ) {
if ( ntype == IS_DNS ) {
continue;
}
sn = (char *) ASN1_STRING_data( gn->d.ia5 );
sl = ASN1_STRING_length( gn->d.ia5 );
if ( ntype == IS_IP4 && sl != sizeof( struct in_addr )) {
continue;
}
if ( !memcmp( sn, &addr, sl )) {
/* Found! */
if ( verbose ) {
printf( ">>> Certificate accepted: subjectAltName "
"address %s\n", host );
}
break;
}
}
}
GENERAL_NAMES_free( alt );
if ( i < n ) {
/* Found a match */
X509_free( peer );
return 0;
}
}
}
X509_NAME_get_text_by_NID( X509_get_subject_name( peer ),
NID_commonName, buf, sizeof( buf ));
X509_free( peer );
if ( strcmp( buf, host )) {
fprintf( stderr, "Server's name doesn't match supplied hostname\n"
"%s != %s\n", buf, host );
return( -1 );
}
return( 0 );
}
static int
imap_check_server_identity(SSL *ssl, const char *host,
ImapUserCb user_cb, void *user_arg)
{
long vfy_result;
X509 *cert;
X509_NAME *subj;
int ok, host_len;
gchar *colon;
int has_extension_with_dns_name = 0;
STACK_OF(GENERAL_NAME) *altnames;
if(!host)
return 0;
/* Check whether the certificate matches the server. */
cert = SSL_get_peer_certificate(ssl);
if(!cert)
return 0;
colon = strchr(host, ':');
host_len = colon ? colon - host : (int)strlen(host);
ok = 0;
altnames = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (altnames) {
int i;
for (i=0; i< sk_GENERAL_NAME_num(altnames); i++) {
const GENERAL_NAME *name = sk_GENERAL_NAME_value(altnames, i);
/* We handle only GEN_DNS. GEN_IP (certificates for IP numbers)
are too weird to be real in IMAP case. */
if (name->type == GEN_DNS) {
const ASN1_IA5STRING *ia5 = name->d.ia5;
const char *name = (const char*)ia5->data;
has_extension_with_dns_name = 1;
if (strlen(name) == (size_t)ia5->length &&
host_matches_domain(host, name, host_len)) {
/* printf("verified name using extension\n"); */
ok = 1;
break;
}
}
}
sk_GENERAL_NAME_pop_free(altnames, GENERAL_NAME_free);
}
if (!has_extension_with_dns_name) {
char data[256];
size_t name_len;
if( (subj = X509_get_subject_name(cert)) &&
(name_len =
X509_NAME_get_text_by_NID(subj, NID_commonName,
data, sizeof(data)))){
data[sizeof(data)-1] = 0;
/* Remember to check whether there was no truncation or NUL
characters embedded in the text. */
if(name_len == strlen(data) &&
host_matches_domain(host, data, host_len)) {
ok =1;
/* printf("verified name using common name\n"); */
}
}
}
X509_free(cert);
if(ok)
vfy_result = SSL_get_verify_result(ssl);
else
vfy_result = X509_V_ERR_APPLICATION_VERIFICATION;
if(vfy_result == X509_V_OK)
return 1;
/* There was a problem with the verification, one has to leave it up
* to the application what to do with this.
*/
ok = 0;
if(user_cb)
user_cb(IME_TLS_VERIFY_ERROR, user_arg, &ok,
vfy_result, ssl);
return ok;
}
/** Verify one certificate in the server certificate chain.
* This callback is documented in SSL_set_verify(3). */
static int
verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{
X509 *cert;
SSL *ssl;
struct socket *socket;
struct connection *conn;
unsigned char *host_in_uri;
GENERAL_NAMES *alts;
int saw_dns_name = 0;
int matched = 0;
/* If OpenSSL already found a problem, keep that. */
if (!preverify_ok)
return 0;
/* Examine only the server certificate, not CA certificates. */
if (X509_STORE_CTX_get_error_depth(ctx) != 0)
return preverify_ok;
cert = X509_STORE_CTX_get_current_cert(ctx);
ssl = (SSL *)X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
socket = (struct socket *)SSL_get_ex_data(ssl, socket_SSL_ex_data_idx);
conn = (struct connection *)socket->conn;
host_in_uri = get_uri_string(conn->uri, URI_HOST | URI_IDN);
if (!host_in_uri)
return 0;
/* RFC 5280 section 4.2.1.6 describes the subjectAltName extension.
* RFC 2818 section 3.1 says Common Name must not be used
* if dNSName is present. */
alts = (GENERAL_NAMES *)X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (alts != NULL) {
int alt_count;
int alt_pos;
GENERAL_NAME *alt;
alt_count = sk_GENERAL_NAME_num(alts);
for (alt_pos = 0; !matched && alt_pos < alt_count; ++alt_pos) {
alt = sk_GENERAL_NAME_value(alts, alt_pos);
if (alt->type == GEN_DNS) {
saw_dns_name = 1;
matched = match_uri_host_name(host_in_uri,
alt->d.dNSName);
} else if (alt->type == GEN_IPADD) {
matched = match_uri_host_ip(host_in_uri,
alt->d.iPAddress);
}
}
/* Free the GENERAL_NAMES list and each element. */
sk_GENERAL_NAME_pop_free(alts, GENERAL_NAME_free);
}
if (!matched && !saw_dns_name) {
X509_NAME *name;
int cn_index;
X509_NAME_ENTRY *entry = NULL;
name = X509_get_subject_name(cert);
cn_index = X509_NAME_get_index_by_NID(name, NID_commonName, -1);
if (cn_index >= 0)
entry = X509_NAME_get_entry(name, cn_index);
if (entry != NULL)
matched = match_uri_host_name(host_in_uri,
X509_NAME_ENTRY_get_data(entry));
}
mem_free(host_in_uri);
return matched;
}
// Certificate chain verification callback: return 1 if verified,
// 0 if remote cannot be verified (fail handshake).
//
static int verify_callback(int preverify_ok, X509_STORE_CTX *ctx)
{
if (!preverify_ok || X509_STORE_CTX_get_error_depth(ctx) != 0)
// already failed, or not at peer cert in chain
return preverify_ok;
X509 *cert = X509_STORE_CTX_get_current_cert(ctx);
SSL *ssn = (SSL *) X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx());
if (!ssn) {
pn_transport_logf(NULL, "Error: unexpected error - SSL session info not available for peer verify!");
return 0; // fail connection
}
pn_transport_t *transport = (pn_transport_t *)SSL_get_ex_data(ssn, ssl_ex_data_index);
if (!transport) {
pn_transport_logf(NULL, "Error: unexpected error - SSL context info not available for peer verify!");
return 0; // fail connection
}
pni_ssl_t *ssl = transport->ssl;
if (ssl->domain->verify_mode != PN_SSL_VERIFY_PEER_NAME) return preverify_ok;
if (!ssl->peer_hostname) {
pn_transport_logf(transport, "Error: configuration error: PN_SSL_VERIFY_PEER_NAME configured, but no peer hostname set!");
return 0; // fail connection
}
ssl_log(transport, "Checking identifying name in peer cert against '%s'", ssl->peer_hostname);
bool matched = false;
/* first check any SubjectAltName entries, as per RFC2818 */
GENERAL_NAMES *sans = (GENERAL_NAMES *) X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (sans) {
int name_ct = sk_GENERAL_NAME_num( sans );
int i;
for (i = 0; !matched && i < name_ct; ++i) {
GENERAL_NAME *name = sk_GENERAL_NAME_value( sans, i );
if (name->type == GEN_DNS) {
ASN1_STRING *asn1 = name->d.dNSName;
if (asn1 && asn1->data && asn1->length) {
unsigned char *str;
int len = ASN1_STRING_to_UTF8( &str, asn1 );
if (len >= 0) {
ssl_log(transport, "SubjectAltName (dns) from peer cert = '%.*s'", len, str );
matched = match_dns_pattern( ssl->peer_hostname, (const char *)str, len );
OPENSSL_free( str );
}
}
}
}
GENERAL_NAMES_free( sans );
}
/* if no general names match, try the CommonName from the subject */
X509_NAME *name = X509_get_subject_name(cert);
int i = -1;
while (!matched && (i = X509_NAME_get_index_by_NID(name, NID_commonName, i)) >= 0) {
X509_NAME_ENTRY *ne = X509_NAME_get_entry(name, i);
ASN1_STRING *name_asn1 = X509_NAME_ENTRY_get_data(ne);
if (name_asn1) {
unsigned char *str;
int len = ASN1_STRING_to_UTF8( &str, name_asn1);
if (len >= 0) {
ssl_log(transport, "commonName from peer cert = '%.*s'", len, str);
matched = match_dns_pattern( ssl->peer_hostname, (const char *)str, len );
OPENSSL_free(str);
}
}
}
if (!matched) {
ssl_log(transport, "Error: no name matching %s found in peer cert - rejecting handshake.",
ssl->peer_hostname);
preverify_ok = 0;
#ifdef X509_V_ERR_APPLICATION_VERIFICATION
X509_STORE_CTX_set_error( ctx, X509_V_ERR_APPLICATION_VERIFICATION );
#endif
} else {
ssl_log(transport, "Name from peer cert matched - peer is valid.");
}
return preverify_ok;
}
/* port to mutt from msmtp's tls.c */
static int check_host (X509 *x509cert, const char *hostname, char *err, size_t errlen)
{
int i, rc = 0;
/* hostname in ASCII format: */
char *hostname_ascii = NULL;
/* needed to get the common name: */
X509_NAME *x509_subject;
char *buf = NULL;
int bufsize;
/* needed to get the DNS subjectAltNames: */
STACK_OF(GENERAL_NAME) *subj_alt_names;
int subj_alt_names_count;
GENERAL_NAME *subj_alt_name;
/* did we find a name matching hostname? */
int match_found;
/* Check if 'hostname' matches the one of the subjectAltName extensions of
* type DNS or the Common Name (CN). */
#ifdef HAVE_LIBIDN
if (idna_to_ascii_lz(hostname, &hostname_ascii, 0) != IDNA_SUCCESS)
{
hostname_ascii = safe_strdup(hostname);
}
#else
hostname_ascii = safe_strdup(hostname);
#endif
/* Try the DNS subjectAltNames. */
match_found = 0;
if ((subj_alt_names = X509_get_ext_d2i(x509cert, NID_subject_alt_name,
NULL, NULL)))
{
subj_alt_names_count = sk_GENERAL_NAME_num(subj_alt_names);
for (i = 0; i < subj_alt_names_count; i++)
{
subj_alt_name = sk_GENERAL_NAME_value(subj_alt_names, i);
if (subj_alt_name->type == GEN_DNS)
{
if (subj_alt_name->d.ia5->length >= 0 &&
mutt_strlen((char *)subj_alt_name->d.ia5->data) == (size_t)subj_alt_name->d.ia5->length &&
(match_found = hostname_match(hostname_ascii,
(char *)(subj_alt_name->d.ia5->data))))
{
break;
}
}
}
}
if (!match_found)
{
/* Try the common name */
if (!(x509_subject = X509_get_subject_name(x509cert)))
{
if (err && errlen)
strfcpy (err, _("cannot get certificate subject"), errlen);
goto out;
}
/* first get the space requirements */
bufsize = X509_NAME_get_text_by_NID(x509_subject, NID_commonName,
NULL, 0);
if (bufsize == -1)
{
if (err && errlen)
strfcpy (err, _("cannot get certificate common name"), errlen);
goto out;
}
bufsize++; /* space for the terminal nul char */
buf = safe_malloc((size_t)bufsize);
if (X509_NAME_get_text_by_NID(x509_subject, NID_commonName,
buf, bufsize) == -1)
{
if (err && errlen)
strfcpy (err, _("cannot get certificate common name"), errlen);
goto out;
}
/* cast is safe since bufsize is incremented above, so bufsize-1 is always
* zero or greater.
*/
if (mutt_strlen(buf) == (size_t)bufsize - 1) {
match_found = hostname_match(hostname_ascii, buf);
}
}
if (!match_found)
{
if (err && errlen)
snprintf (err, errlen, _("certificate owner does not match hostname %s"),
hostname);
goto out;
}
rc = 1;
out:
FREE(&buf);
FREE(&hostname_ascii);
return rc;
}
static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
const TLS_CLIENT_START_PROPS *props)
{
int i;
int r;
int matched = 0;
int dnsname_match;
int verify_peername = 0;
int log_certmatch;
int verbose;
const char *dnsname;
const GENERAL_NAME *gn;
general_name_stack_t *gens;
/*
* On exit both peer_CN and issuer_CN should be set.
*/
TLScontext->issuer_CN = tls_issuer_CN(peercert, TLScontext);
/*
* Is the certificate trust chain valid and trusted?
*/
if (SSL_get_verify_result(TLScontext->con) == X509_V_OK)
TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
/*
* With fingerprint or dane we may already be done. Otherwise, verify the
* peername if using traditional PKI or DANE with trust-anchors.
*/
if (!TLS_CERT_IS_MATCHED(TLScontext)
&& TLS_CERT_IS_TRUSTED(TLScontext)
&& TLS_MUST_TRUST(props->tls_level))
verify_peername = 1;
/* Force cert processing so we can log the data? */
log_certmatch = TLScontext->log_mask & TLS_LOG_CERTMATCH;
/* Log cert details when processing? */
verbose = log_certmatch || (TLScontext->log_mask & TLS_LOG_VERBOSE);
if (verify_peername || log_certmatch) {
/*
* Verify the dNSName(s) in the peer certificate against the nexthop
* and hostname.
*
* If DNS names are present, we use the first matching (or else simply
* the first) DNS name as the subject CN. The CommonName in the
* issuer DN is obsolete when SubjectAltName is available. This
* yields much less surprising logs, because we log the name we
* verified or a name we checked and failed to match.
*
* XXX: The nexthop and host name may both be the same network address
* rather than a DNS name. In this case we really should be looking
* for GEN_IPADD entries, not GEN_DNS entries.
*
* XXX: In ideal world the caller who used the address to build the
* connection would tell us that the nexthop is the connection
* address, but if that is not practical, we can parse the nexthop
* again here.
*/
gens = X509_get_ext_d2i(peercert, NID_subject_alt_name, 0, 0);
if (gens) {
r = sk_GENERAL_NAME_num(gens);
for (i = 0; i < r; ++i) {
gn = sk_GENERAL_NAME_value(gens, i);
if (gn->type != GEN_DNS)
continue;
/*
* Even if we have an invalid DNS name, we still ultimately
* ignore the CommonName, because subjectAltName:DNS is
* present (though malformed). Replace any previous peer_CN
* if empty or we get a match.
*
* We always set at least an empty peer_CN if the ALTNAME cert
* flag is set. If not, we set peer_CN from the cert
* CommonName below, so peer_CN is always non-null on return.
*/
TLScontext->peer_status |= TLS_CERT_FLAG_ALTNAME;
dnsname = tls_dns_name(gn, TLScontext);
if (dnsname && *dnsname) {
if ((dnsname_match = match_servername(dnsname, props)) != 0)
matched++;
/* Keep the first matched name. */
if (TLScontext->peer_CN
&& ((dnsname_match && matched == 1)
|| *TLScontext->peer_CN == 0)) {
myfree(TLScontext->peer_CN);
TLScontext->peer_CN = 0;
}
if (verbose)
msg_info("%s: %ssubjectAltName: %s", props->namaddr,
dnsname_match ? "Matched " : "", dnsname);
}
if (TLScontext->peer_CN == 0)
TLScontext->peer_CN = mystrdup(dnsname ? dnsname : "");
if (matched && !log_certmatch)
break;
}
if (verify_peername && matched)
TLScontext->peer_status |= TLS_CERT_FLAG_MATCHED;
/*
* (Sam Rushing, Ironport) Free stack *and* member GENERAL_NAME
* objects
*/
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
}
/*
* No subjectAltNames, peer_CN is taken from CommonName.
*/
if (TLScontext->peer_CN == 0) {
TLScontext->peer_CN = tls_peer_CN(peercert, TLScontext);
if (*TLScontext->peer_CN)
matched = match_servername(TLScontext->peer_CN, props);
if (verify_peername && matched)
TLScontext->peer_status |= TLS_CERT_FLAG_MATCHED;
if (verbose)
msg_info("%s %sCommonName %s", props->namaddr,
matched ? "Matched " : "", TLScontext->peer_CN);
} else if (verbose) {
char *tmpcn = tls_peer_CN(peercert, TLScontext);
/*
* Though the CommonName was superceded by a subjectAltName, log
* it when certificate match debugging was requested.
*/
msg_info("%s CommonName %s", TLScontext->namaddr, tmpcn);
myfree(tmpcn);
}
} else
TLScontext->peer_CN = tls_peer_CN(peercert, TLScontext);
/*
* Give them a clue. Problems with trust chain verification are logged
* when the session is first negotiated, before the session is stored
* into the cache. We don't want mystery failures, so log the fact the
* real problem is to be found in the past.
*/
if (!TLS_CERT_IS_TRUSTED(TLScontext)
&& (TLScontext->log_mask & TLS_LOG_UNTRUSTED)) {
if (TLScontext->session_reused == 0)
tls_log_verify_error(TLScontext);
else
msg_info("%s: re-using session with untrusted certificate, "
"look for details earlier in the log", props->namaddr);
}
}
static int verify_server_cert(SSL *ssl, const char *host)
{
X509 *cert;
X509_NAME *peer_name;
ASN1_STRING *str;
unsigned char *peer_cn = NULL;
int matched = -1, type = GEN_DNS;
GENERAL_NAMES *alts;
struct in6_addr addr6;
struct in_addr addr4;
void *addr;
int i = -1,j;
if (SSL_get_verify_result(ssl) != X509_V_OK) {
giterr_set(GITERR_SSL, "the SSL certificate is invalid");
return GIT_ECERTIFICATE;
}
/* Try to parse the host as an IP address to see if it is */
if (p_inet_pton(AF_INET, host, &addr4)) {
type = GEN_IPADD;
addr = &addr4;
} else {
if(p_inet_pton(AF_INET6, host, &addr6)) {
type = GEN_IPADD;
addr = &addr6;
}
}
cert = SSL_get_peer_certificate(ssl);
if (!cert) {
giterr_set(GITERR_SSL, "the server did not provide a certificate");
return -1;
}
/* Check the alternative names */
alts = X509_get_ext_d2i(cert, NID_subject_alt_name, NULL, NULL);
if (alts) {
int num;
num = sk_GENERAL_NAME_num(alts);
for (i = 0; i < num && matched != 1; i++) {
const GENERAL_NAME *gn = sk_GENERAL_NAME_value(alts, i);
const char *name = (char *) ASN1_STRING_get0_data(gn->d.ia5);
size_t namelen = (size_t) ASN1_STRING_length(gn->d.ia5);
/* Skip any names of a type we're not looking for */
if (gn->type != type)
continue;
if (type == GEN_DNS) {
/* If it contains embedded NULs, don't even try */
if (memchr(name, '\0', namelen))
continue;
if (check_host_name(name, host) < 0)
matched = 0;
else
matched = 1;
} else if (type == GEN_IPADD) {
/* Here name isn't so much a name but a binary representation of the IP */
matched = !!memcmp(name, addr, namelen);
}
}
}
GENERAL_NAMES_free(alts);
if (matched == 0)
goto cert_fail_name;
if (matched == 1)
return 0;
/* If no alternative names are available, check the common name */
peer_name = X509_get_subject_name(cert);
if (peer_name == NULL)
goto on_error;
if (peer_name) {
/* Get the index of the last CN entry */
while ((j = X509_NAME_get_index_by_NID(peer_name, NID_commonName, i)) >= 0)
i = j;
}
if (i < 0)
goto on_error;
str = X509_NAME_ENTRY_get_data(X509_NAME_get_entry(peer_name, i));
if (str == NULL)
goto on_error;
/* Work around a bug in OpenSSL whereby ASN1_STRING_to_UTF8 fails if it's already in utf-8 */
if (ASN1_STRING_type(str) == V_ASN1_UTF8STRING) {
int size = ASN1_STRING_length(str);
if (size > 0) {
peer_cn = OPENSSL_malloc(size + 1);
GITERR_CHECK_ALLOC(peer_cn);
memcpy(peer_cn, ASN1_STRING_get0_data(str), size);
peer_cn[size] = '\0';
} else {
goto cert_fail_name;
}
} else {
int size = ASN1_STRING_to_UTF8(&peer_cn, str);
GITERR_CHECK_ALLOC(peer_cn);
if (memchr(peer_cn, '\0', size))
goto cert_fail_name;
}
if (check_host_name((char *)peer_cn, host) < 0)
goto cert_fail_name;
OPENSSL_free(peer_cn);
return 0;
on_error:
OPENSSL_free(peer_cn);
return ssl_set_error(ssl, 0);
cert_fail_name:
OPENSSL_free(peer_cn);
giterr_set(GITERR_SSL, "hostname does not match certificate");
return GIT_ECERTIFICATE;
}
static void verify_extract_name(TLS_SESS_STATE *TLScontext, X509 *peercert,
const TLS_CLIENT_START_PROPS *props)
{
int i;
int r;
int matched = 0;
const char *dnsname;
const GENERAL_NAME *gn;
STACK_OF(GENERAL_NAME) * gens;
/*
* On exit both peer_CN and issuer_CN should be set.
*/
TLScontext->issuer_CN = tls_issuer_CN(peercert, TLScontext);
/*
* Is the certificate trust chain valid and trusted?
*/
if (SSL_get_verify_result(TLScontext->con) == X509_V_OK)
TLScontext->peer_status |= TLS_CERT_FLAG_TRUSTED;
if (TLS_CERT_IS_TRUSTED(TLScontext) && props->tls_level >= TLS_LEV_VERIFY) {
/*
* Verify the dNSName(s) in the peer certificate against the nexthop
* and hostname.
*
* If DNS names are present, we use the first matching (or else simply
* the first) DNS name as the subject CN. The CommonName in the
* issuer DN is obsolete when SubjectAltName is available. This
* yields much less surprising logs, because we log the name we
* verified or a name we checked and failed to match.
*
* XXX: The nexthop and host name may both be the same network address
* rather than a DNS name. In this case we really should be looking
* for GEN_IPADD entries, not GEN_DNS entries.
*
* XXX: In ideal world the caller who used the address to build the
* connection would tell us that the nexthop is the connection
* address, but if that is not practical, we can parse the nexthop
* again here.
*/
gens = X509_get_ext_d2i(peercert, NID_subject_alt_name, 0, 0);
if (gens) {
r = sk_GENERAL_NAME_num(gens);
for (i = 0; i < r && !matched; ++i) {
gn = sk_GENERAL_NAME_value(gens, i);
if (gn->type != GEN_DNS)
continue;
/*
* Even if we have an invalid DNS name, we still ultimately
* ignore the CommonName, because subjectAltName:DNS is
* present (though malformed). Replace any previous peer_CN
* if empty or we get a match.
*
* We always set at least an empty peer_CN if the ALTNAME cert
* flag is set. If not, we set peer_CN from the cert
* CommonName below, so peer_CN is always non-null on return.
*/
TLScontext->peer_status |= TLS_CERT_FLAG_ALTNAME;
dnsname = tls_dns_name(gn, TLScontext);
if (dnsname && *dnsname) {
matched = match_hostname(dnsname, props);
if (TLScontext->peer_CN
&& (matched || *TLScontext->peer_CN == 0)) {
acl_myfree(TLScontext->peer_CN);
TLScontext->peer_CN = 0;
}
}
if (TLScontext->peer_CN == 0)
TLScontext->peer_CN = acl_mystrdup(dnsname ? dnsname : "");
}
/*
* (Sam Rushing, Ironport) Free stack *and* member GENERAL_NAME
* objects
*/
sk_GENERAL_NAME_pop_free(gens, GENERAL_NAME_free);
}
/*
* No subjectAltNames, peer_CN is taken from CommonName.
*/
if (TLScontext->peer_CN == 0) {
TLScontext->peer_CN = tls_peer_CN(peercert, TLScontext);
if (*TLScontext->peer_CN)
matched = match_hostname(TLScontext->peer_CN, props);
}
if (matched)
TLScontext->peer_status |= TLS_CERT_FLAG_MATCHED;
/*
* - Matched: Trusted and peername matches - Trusted: Signed by
* trusted CA(s), but peername not matched - Untrusted: Can't verify
* the trust chain, reason already logged.
*/
if (TLScontext->log_level >= 2)
acl_msg_info("%s: %s subject_CN=%s, issuer_CN=%s", props->namaddr,
TLS_CERT_IS_MATCHED(TLScontext) ? "Matched" :
TLS_CERT_IS_TRUSTED(TLScontext) ? "Trusted" : "Untrusted",
TLScontext->peer_CN, TLScontext->issuer_CN);
} else
TLScontext->peer_CN = tls_peer_CN(peercert, TLScontext);
/*
* Give them a clue. Problems with trust chain verification were logged
* when the session was first negotiated, before the session was stored
* into the cache. We don't want mystery failures, so log the fact the
* real problem is to be found in the past.
*/
if (TLScontext->session_reused
&& !TLS_CERT_IS_TRUSTED(TLScontext)
&& TLScontext->log_level >= 1)
acl_msg_info("%s: re-using session with untrusted certificate, "
"look for details earlier in the log", props->namaddr);
}
static Str
ssl_check_cert_ident(X509 * x, char *hostname)
{
int i;
Str ret = NULL;
bool match_ident = false;
/*
* All we need to do here is check that the CN matches.
*
* From RFC2818 3.1 Server Identity:
* If a subjectAltName extension of type dNSName is present, that MUST
* be used as the identity. Otherwise, the (most specific) Common Name
* field in the Subject field of the certificate MUST be used. Although
* the use of the Common Name is existing practice, it is deprecated and
* Certification Authorities are encouraged to use the dNSName instead.
*/
i = X509_get_ext_by_NID(x, NID_subject_alt_name, -1);
if (i >= 0) {
X509_EXTENSION *ex;
STACK_OF(GENERAL_NAME) * alt;
ex = X509_get_ext(x, i);
alt = X509V3_EXT_d2i(ex);
if (alt) {
int n;
GENERAL_NAME *gn;
X509V3_EXT_METHOD *method;
Str seen_dnsname = NULL;
n = sk_GENERAL_NAME_num(alt);
for (i = 0; i < n; i++) {
gn = sk_GENERAL_NAME_value(alt, i);
if (gn->type == GEN_DNS) {
char *sn = ASN1_STRING_data(gn->d.ia5);
int sl = ASN1_STRING_length(gn->d.ia5);
if (!seen_dnsname)
seen_dnsname = Strnew();
/* replace \0 to make full string visible to user */
if (sl != strlen(sn)) {
int i;
for (i = 0; i < sl; ++i) {
if (!sn[i])
sn[i] = '!';
}
}
Strcat_m_charp(seen_dnsname, sn, " ", NULL);
if (sl == strlen(sn) /* catch \0 in SAN */
&& ssl_match_cert_ident(sn, sl, hostname))
break;
}
}
method = X509V3_EXT_get(ex);
sk_GENERAL_NAME_free(alt);
if (i < n) /* Found a match */
match_ident = true;
else if (seen_dnsname)
/* FIXME: gettextize? */
ret = Sprintf("Bad cert ident from %s: dNSName=%s", hostname,
seen_dnsname->ptr);
}
}
if (match_ident == false && ret == NULL) {
X509_NAME *xn;
char buf[2048];
int slen;
xn = X509_get_subject_name(x);
slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
if ( slen == -1)
/* FIXME: gettextize? */
ret = Strnew_charp("Unable to get common name from peer cert");
else if (slen != strlen(buf)
|| !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
/* replace \0 to make full string visible to user */
if (slen != strlen(buf)) {
int i;
for (i = 0; i < slen; ++i) {
if (!buf[i])
buf[i] = '!';
}
}
/* FIXME: gettextize? */
ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
}
}
return ret;
}
