SSL_CTX *
_SSL_context_init (void (*info_cb_func), int server)
{
SSL_CTX *ctx;
#ifdef WIN32
int i, r;
#endif
SSLeay_add_ssl_algorithms ();
SSL_load_error_strings ();
ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout (ctx, 300);
/* used in SSL_connect(), SSL_accept() */
SSL_CTX_set_info_callback (ctx, info_cb_func);
#ifdef WIN32
/* under win32, OpenSSL needs to be seeded with some randomness */
for (i = 0; i < 128; i++)
{
r = rand ();
RAND_seed ((unsigned char *)&r, sizeof (r));
}
#endif
return(ctx);
}
static void perform_ssl_connection (void)
{
struct evhttp_connection *con;
struct evhttp_request *req;
struct bufferevent *bev;
SSL_CTX *sctx;
SSL *ssl;
sctx = SSL_CTX_new (SSLv23_client_method ());
assert (sctx);
SSL_CTX_set_options (sctx, SSL_OP_NO_TLSv1_2);
//SSL_CTX_set_options (sctx, SSL_OP_ALL);
SSL_CTX_set_timeout (sctx, 3000);
SSL_CTX_set_verify (sctx, SSL_VERIFY_PEER, SSLX_CTX_verify_callback);
SSL_CTX_set_default_verify_paths (sctx);
SSL_CTX_set_cipher_list (sctx, "RC4-MD5");
ssl = SSL_new (sctx);
assert (ssl);
bev = bufferevent_openssl_socket_new (evbase, -1, ssl, BUFFEREVENT_SSL_CONNECTING , BEV_OPT_CLOSE_ON_FREE);
//bev = bufferevent_socket_new (evbase, -1, BEV_OPT_CLOSE_ON_FREE);
assert (bev);
con = evhttp_connection_base_bufferevent_new (evbase, dnsbase, bev, HOST, PORT);
evhttp_connection_set_closecb (con, on_connection_close, NULL);
evhttp_connection_set_timeout (con, 10);
req = evhttp_request_new (on_response_cb, NULL);
evhttp_add_header (req->output_headers, "Host", HOST);
// evhttp_add_header (req->output_headers, "Connection", "Keep-Alive");
evhttp_make_request (con, req, EVHTTP_REQ_GET, "/index.html");
}
static void setup_cache_internal(SSL_CTX **contexts, size_t num_contexts)
{
size_t i;
for (i = 0; i != num_contexts; ++i) {
SSL_CTX_set_session_cache_mode(contexts[i], SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_set_timeout(contexts[i], conf.lifetime);
}
spawn_cache_cleanup_thread(contexts, num_contexts);
}
static void tls_init_cache(void)
{
static const char *tls_ctx_id = "pure-ftpd";
SSL_CTX_set_session_cache_mode(tls_ctx, SSL_SESS_CACHE_SERVER);
SSL_CTX_set_session_id_context(tls_ctx, (unsigned char *) tls_ctx_id,
(unsigned int) strlen(tls_ctx_id));
SSL_CTX_sess_set_cache_size(tls_ctx, 10);
SSL_CTX_set_timeout(tls_ctx, 60 * 60L);
}
SSL_CTX *SSL_CTX_init (int server)
{
SSL_CTX *ctx;
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
ctx = SSL_CTX_new(server ? SSLv23_server_method() : SSLv23_client_method());
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout(ctx, 300);
return(ctx);
}
// Establish a connection using an SSL layer
void ssl_connect(mongo_link* link, SV *client) {
tcp_setup(link);
SV *ca_file_sv, *ca_path_sv;
char *ca_file, *ca_path;
if (link->master->socket){
// Register the error strings for libcrypto & libssl
SSL_load_error_strings();
// Register the available ciphers and digests
SSL_library_init();
// New context saying we are a client, and using SSL 2 or 3
link->ssl_context = SSL_CTX_new(SSLv23_client_method());
if(link->ssl_context == NULL){
ERR_print_errors_fp(stderr);
}
ca_file_sv = perl_mongo_call_method( client, "ssl_ca_file", 0, 0 );
ca_path_sv = perl_mongo_call_method( client, "ssl_ca_path", 0, 0 );
if ( SvPOK( ca_file_sv ) && SvPOK( ca_path_sv ) ) {
ca_file = SvPV_nolen( ca_file_sv );
ca_path = SvPV_nolen( ca_path_sv );
SSL_CTX_load_verify_locations( link->ssl_context, ca_file, ca_path );
}
// Create an SSL struct for the connection
link->ssl_handle = SSL_new(link->ssl_context);
if(link->ssl_handle == NULL){
ERR_print_errors_fp(stderr);
}
// Connect the SSL struct to our connection
if(!SSL_set_fd(link->ssl_handle, link->master->socket)){
ERR_print_errors_fp(stderr);
}
// Initiate SSL handshake
if(SSL_connect (link->ssl_handle) != 1){
ERR_print_errors_fp(stderr);
}
SSL_CTX_set_timeout(link->ssl_context, (long)link->timeout);
link->master->connected = 1;
}
}
static int openssl_ssl_ctx_timeout(lua_State*L)
{
SSL_CTX* ctx = CHECK_OBJECT(1, SSL_CTX, "openssl.ssl_ctx");
long t;
if (!lua_isnoneornil(L, 2))
{
t = SSL_CTX_set_timeout(ctx, luaL_checkint(L, 2));
lua_pushinteger(L, t);
return 1;
}
t = SSL_CTX_get_timeout(ctx);
lua_pushinteger(L, t);
return 1;
}
static void setup_cache_memcached(SSL_CTX **contexts, size_t num_contexts)
{
h2o_memcached_context_t *memc_ctx =
h2o_memcached_create_context(conf.memcached.host, conf.memcached.port, conf.memcached.text_protocol,
conf.cache.vars.memcached.num_threads, conf.cache.vars.memcached.prefix);
h2o_accept_setup_async_ssl_resumption(memc_ctx, conf.lifetime);
size_t i;
for (i = 0; i != num_contexts; ++i) {
SSL_CTX_set_session_cache_mode(contexts[i], SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_set_timeout(contexts[i], conf.lifetime);
h2o_socket_ssl_async_resumption_setup_ctx(contexts[i]);
}
spawn_cache_cleanup_thread(contexts, num_contexts);
}
SSL_CTX *
ssl_ctx_create(const char *pkiname, char *cert, off_t cert_len, const char *ciphers)
{
SSL_CTX *ctx;
size_t pkinamelen = 0;
ctx = SSL_CTX_new(SSLv23_method());
if (ctx == NULL) {
ssl_error("ssl_ctx_create");
fatal("ssl_ctx_create: could not create SSL context");
}
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
SSL_CTX_set_timeout(ctx, SSL_SESSION_TIMEOUT);
SSL_CTX_set_options(ctx,
SSL_OP_ALL | SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_TICKET);
SSL_CTX_set_options(ctx,
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION);
SSL_CTX_set_options(ctx, SSL_OP_NO_CLIENT_RENEGOTIATION);
SSL_CTX_set_options(ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
if (ciphers == NULL)
ciphers = SSL_CIPHERS;
if (!SSL_CTX_set_cipher_list(ctx, ciphers)) {
ssl_error("ssl_ctx_create");
fatal("ssl_ctx_create: could not set cipher list");
}
if (cert != NULL) {
if (pkiname != NULL)
pkinamelen = strlen(pkiname) + 1;
if (!SSL_CTX_use_certificate_chain_mem(ctx, cert, cert_len)) {
ssl_error("ssl_ctx_create");
fatal("ssl_ctx_create: invalid certificate chain");
} else if (!ssl_ctx_fake_private_key(ctx,
pkiname, pkinamelen, cert, cert_len, NULL, NULL)) {
ssl_error("ssl_ctx_create");
fatal("ssl_ctx_create: could not fake private key");
} else if (!SSL_CTX_check_private_key(ctx)) {
ssl_error("ssl_ctx_create");
fatal("ssl_ctx_create: invalid private key");
}
}
return (ctx);
}
SSL_CTX *
_SSL_context_init (void (*info_cb_func), int server)
{
SSL_CTX *ctx;
SSLeay_add_ssl_algorithms ();
SSL_load_error_strings ();
ctx =
SSL_CTX_new (server ? SSLv3_server_method () :
SSLv3_client_method ());
SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout (ctx, 300);
/* used in SSL_connect(), SSL_accept() */
SSL_CTX_set_info_callback (ctx, info_cb_func);
return (ctx);
}
/* Create an SSL_CTX and do initialization that is common to all init modes. */
static SSL_CTX *ssl_init_common() {
SSL_CTX *ctx;
SSL_load_error_strings();
SSL_library_init();
ctx = SSL_CTX_new(SSLv23_client_method());
if (!ctx) {
fatal("OpenSSL failed to create a new SSL_CTX: %s",
ERR_error_string(ERR_get_error(), NULL));
}
/* Our SSL* will always have the SSL_SESSION* inside it, so we neither need to
* use nor waste memory for the session cache. (Use '1' because '0' means
* 'infinite'.) */
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF|SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_sess_set_cache_size(ctx, 1);
SSL_CTX_set_timeout(ctx, 3600); /* pretty unnecessary */
return ctx;
}
SSL_CTX *
_SSL_context_init (void (*info_cb_func), int server)
{
SSL_CTX *ctx;
#ifdef WIN32
int i, r;
#endif
SSLeay_add_ssl_algorithms ();
SSL_load_error_strings ();
ctx = SSL_CTX_new (server ? SSLv23_server_method() : SSLv23_client_method ());
SSL_CTX_set_session_cache_mode (ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout (ctx, 300);
SSL_CTX_set_options (ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3
|SSL_OP_NO_COMPRESSION
|SSL_OP_SINGLE_DH_USE|SSL_OP_SINGLE_ECDH_USE
|SSL_OP_NO_TICKET
|SSL_OP_CIPHER_SERVER_PREFERENCE);
#if OPENSSL_VERSION_NUMBER >= 0x00908000L /* workaround for OpenSSL 0.9.8 */
sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
#endif
/* used in SSL_connect(), SSL_accept() */
SSL_CTX_set_info_callback (ctx, info_cb_func);
#ifdef WIN32
/* under win32, OpenSSL needs to be seeded with some randomness */
for (i = 0; i < 128; i++)
{
r = rand ();
RAND_seed ((unsigned char *)&r, sizeof (r));
}
#endif
return(ctx);
}
// Establish a connection using an SSL layer
void ssl_connect(mongo_link* link) {
tcp_setup(link);
if (link->master->socket){
// Register the error strings for libcrypto & libssl
SSL_load_error_strings();
// Register the available ciphers and digests
SSL_library_init();
// New context saying we are a client, and using SSL 2 or 3
link->ssl_context = SSL_CTX_new(SSLv23_client_method());
if(link->ssl_context == NULL){
ERR_print_errors_fp(stderr);
}
// Create an SSL struct for the connection
link->ssl_handle = SSL_new(link->ssl_context);
if(link->ssl_handle == NULL){
ERR_print_errors_fp(stderr);
}
// Connect the SSL struct to our connection
if(!SSL_set_fd(link->ssl_handle, link->master->socket)){
ERR_print_errors_fp(stderr);
}
// Initiate SSL handshake
if(SSL_connect (link->ssl_handle) != 1){
ERR_print_errors_fp(stderr);
}
SSL_CTX_set_timeout(link->ssl_context, (long)link->timeout);
link->master->connected = 1;
}
}
void
ssl_init(struct vsf_session* p_sess)
{
if (!ssl_inited)
{
SSL_CTX* p_ctx;
long options;
int verify_option = 0;
SSL_library_init();
p_ctx = SSL_CTX_new(SSLv23_method());
if (p_ctx == NULL)
{
die("SSL: could not allocate SSL context");
}
options = SSL_OP_ALL;
if (!tunable_sslv2)
{
options |= SSL_OP_NO_SSLv2;
}
if (!tunable_sslv3)
{
options |= SSL_OP_NO_SSLv3;
}
if (!tunable_tlsv1)
{
options |= SSL_OP_NO_TLSv1;
}
SSL_CTX_set_options(p_ctx, options);
if (tunable_rsa_cert_file)
{
const char* p_key = tunable_rsa_private_key_file;
if (!p_key)
{
p_key = tunable_rsa_cert_file;
}
if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_rsa_cert_file) != 1)
{
die("SSL: cannot load RSA certificate");
}
if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
{
die("SSL: cannot load RSA private key");
}
}
if (tunable_dsa_cert_file)
{
const char* p_key = tunable_dsa_private_key_file;
if (!p_key)
{
p_key = tunable_dsa_cert_file;
}
if (SSL_CTX_use_certificate_chain_file(p_ctx, tunable_dsa_cert_file) != 1)
{
die("SSL: cannot load DSA certificate");
}
if (SSL_CTX_use_PrivateKey_file(p_ctx, p_key, X509_FILETYPE_PEM) != 1)
{
die("SSL: cannot load DSA private key");
}
}
if (tunable_ssl_ciphers &&
SSL_CTX_set_cipher_list(p_ctx, tunable_ssl_ciphers) != 1)
{
die("SSL: could not set cipher list");
}
if (RAND_status() != 1)
{
die("SSL: RNG is not seeded");
}
if (tunable_ssl_request_cert)
{
verify_option |= SSL_VERIFY_PEER;
}
if (tunable_require_cert)
{
verify_option |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
if (verify_option)
{
SSL_CTX_set_verify(p_ctx, verify_option, ssl_verify_callback);
if (tunable_ca_certs_file)
{
STACK_OF(X509_NAME)* p_names;
if (!SSL_CTX_load_verify_locations(p_ctx, tunable_ca_certs_file, NULL))
{
die("SSL: could not load verify file");
}
p_names = SSL_load_client_CA_file(tunable_ca_certs_file);
if (!p_names)
{
die("SSL: could not load client certs file");
}
SSL_CTX_set_client_CA_list(p_ctx, p_names);
}
}
{
static const char* p_ctx_id = VSF_PROJECT;
SSL_CTX_set_session_id_context(p_ctx, (void*) p_ctx_id,
vsf_sysutil_strlen(p_ctx_id));
}
if (tunable_require_ssl_reuse)
{
/* Ensure cached session doesn't expire */
SSL_CTX_set_timeout(p_ctx, INT_MAX);
}
p_sess->p_ssl_ctx = p_ctx;
ssl_inited = 1;
}
}
/*
* Create Global context SSL and use it in every new session
*
* - Load the trusted CAs
* - Load the Private key & the certificate
* - Set the Context options & Verify options
*/
static SSL_CTX *init_tls_ctx(EAP_TLS_CONF *conf)
{
SSL_METHOD *meth;
SSL_CTX *ctx;
X509_STORE *certstore;
int verify_mode = SSL_VERIFY_NONE;
int ctx_options = 0;
int type;
/*
* Add all the default ciphers and message digests
* Create our context.
*/
SSL_library_init();
SSL_load_error_strings();
/*
* SHA256 is in all versions of OpenSSL, but isn't
* initialized by default. It's needed for WiMAX
* certificates.
*/
#ifdef HAVE_OPENSSL_EVP_SHA256
EVP_add_digest(EVP_sha256());
#endif
meth = TLSv1_method();
ctx = SSL_CTX_new(meth);
/*
* Identify the type of certificates that needs to be loaded
*/
if (conf->file_type) {
type = SSL_FILETYPE_PEM;
} else {
type = SSL_FILETYPE_ASN1;
}
/*
* Set the password to load private key
*/
if (conf->private_key_password) {
#ifdef __APPLE__
/*
* We don't want to put the private key password in eap.conf, so check
* for our special string which indicates we should get the password
* programmatically.
*/
const char* special_string = "Apple:UseCertAdmin";
if (strncmp(conf->private_key_password,
special_string,
strlen(special_string)) == 0)
{
char cmd[256];
const long max_password_len = 128;
snprintf(cmd, sizeof(cmd) - 1,
"/usr/sbin/certadmin --get-private-key-passphrase \"%s\"",
conf->private_key_file);
DEBUG2("rlm_eap: Getting private key passphrase using command \"%s\"", cmd);
FILE* cmd_pipe = popen(cmd, "r");
if (!cmd_pipe) {
radlog(L_ERR, "rlm_eap: %s command failed. Unable to get private_key_password", cmd);
radlog(L_ERR, "rlm_eap: Error reading private_key_file %s", conf->private_key_file);
return NULL;
}
free(conf->private_key_password);
conf->private_key_password = malloc(max_password_len * sizeof(char));
if (!conf->private_key_password) {
radlog(L_ERR, "rlm_eap: Can't malloc space for private_key_password");
radlog(L_ERR, "rlm_eap: Error reading private_key_file %s", conf->private_key_file);
pclose(cmd_pipe);
return NULL;
}
fgets(conf->private_key_password, max_password_len, cmd_pipe);
pclose(cmd_pipe);
/* Get rid of newline at end of password. */
conf->private_key_password[strlen(conf->private_key_password) - 1] = '\0';
DEBUG2("rlm_eap: Password from command = \"%s\"", conf->private_key_password);
}
#endif
SSL_CTX_set_default_passwd_cb_userdata(ctx, conf->private_key_password);
SSL_CTX_set_default_passwd_cb(ctx, cbtls_password);
}
/*
* Load our keys and certificates
*
* If certificates are of type PEM then we can make use
* of cert chain authentication using openssl api call
* SSL_CTX_use_certificate_chain_file. Please see how
* the cert chain needs to be given in PEM from
* openSSL.org
*/
if (type == SSL_FILETYPE_PEM) {
if (!(SSL_CTX_use_certificate_chain_file(ctx, conf->certificate_file))) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error reading certificate file %s", conf->certificate_file);
return NULL;
}
} else if (!(SSL_CTX_use_certificate_file(ctx, conf->certificate_file, type))) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error reading certificate file %s", conf->certificate_file);
return NULL;
}
/* Load the CAs we trust */
if (conf->ca_file || conf->ca_path) {
if (!SSL_CTX_load_verify_locations(ctx, conf->ca_file, conf->ca_path)) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error reading Trusted root CA list %s",conf->ca_file );
return NULL;
}
}
if (conf->ca_file && *conf->ca_file) SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(conf->ca_file));
if (!(SSL_CTX_use_PrivateKey_file(ctx, conf->private_key_file, type))) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error reading private key file %s", conf->private_key_file);
return NULL;
}
/*
* Check if the loaded private key is the right one
*/
if (!SSL_CTX_check_private_key(ctx)) {
radlog(L_ERR, "rlm_eap_tls: Private key does not match the certificate public key");
return NULL;
}
/*
* Set ctx_options
*/
ctx_options |= SSL_OP_NO_SSLv2;
ctx_options |= SSL_OP_NO_SSLv3;
#ifdef SSL_OP_NO_TICKET
ctx_options |= SSL_OP_NO_TICKET ;
#endif
/*
* SSL_OP_SINGLE_DH_USE must be used in order to prevent
* small subgroup attacks and forward secrecy. Always
* using
*
* SSL_OP_SINGLE_DH_USE has an impact on the computer
* time needed during negotiation, but it is not very
* large.
*/
ctx_options |= SSL_OP_SINGLE_DH_USE;
/*
* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS to work around issues
* in Windows Vista client.
* http://www.openssl.org/~bodo/tls-cbc.txt
* http://www.nabble.com/(RADIATOR)-Radiator-Version-3.16-released-t2600070.html
*/
ctx_options |= SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS;
SSL_CTX_set_options(ctx, ctx_options);
/*
* TODO: Set the RSA & DH
* SSL_CTX_set_tmp_rsa_callback(ctx, cbtls_rsa);
* SSL_CTX_set_tmp_dh_callback(ctx, cbtls_dh);
*/
/*
* set the message callback to identify the type of
* message. For every new session, there can be a
* different callback argument.
*
* SSL_CTX_set_msg_callback(ctx, cbtls_msg);
*/
/* Set Info callback */
SSL_CTX_set_info_callback(ctx, cbtls_info);
/*
* Callbacks, etc. for session resumption.
*/
if (conf->session_cache_enable) {
SSL_CTX_sess_set_new_cb(ctx, cbtls_new_session);
SSL_CTX_sess_set_get_cb(ctx, cbtls_get_session);
SSL_CTX_sess_set_remove_cb(ctx, cbtls_remove_session);
SSL_CTX_set_quiet_shutdown(ctx, 1);
}
/*
* Check the certificates for revocation.
*/
#ifdef X509_V_FLAG_CRL_CHECK
if (conf->check_crl) {
certstore = SSL_CTX_get_cert_store(ctx);
if (certstore == NULL) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error reading Certificate Store");
return NULL;
}
X509_STORE_set_flags(certstore, X509_V_FLAG_CRL_CHECK);
}
#endif
/*
* Set verify modes
* Always verify the peer certificate
*/
verify_mode |= SSL_VERIFY_PEER;
verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
verify_mode |= SSL_VERIFY_CLIENT_ONCE;
SSL_CTX_set_verify(ctx, verify_mode, cbtls_verify);
if (conf->verify_depth) {
SSL_CTX_set_verify_depth(ctx, conf->verify_depth);
}
/* Load randomness */
if (!(RAND_load_file(conf->random_file, 1024*1024))) {
radlog(L_ERR, "rlm_eap: SSL error %s", ERR_error_string(ERR_get_error(), NULL));
radlog(L_ERR, "rlm_eap_tls: Error loading randomness");
return NULL;
}
/*
* Set the cipher list if we were told to
*/
if (conf->cipher_list) {
if (!SSL_CTX_set_cipher_list(ctx, conf->cipher_list)) {
radlog(L_ERR, "rlm_eap_tls: Error setting cipher list");
return NULL;
}
}
/*
* Setup session caching
*/
if (conf->session_cache_enable) {
/*
* Create a unique context Id per EAP-TLS configuration.
*/
if (conf->session_id_name) {
snprintf(conf->session_context_id,
sizeof(conf->session_context_id),
"FreeRADIUS EAP-TLS %s",
conf->session_id_name);
} else {
snprintf(conf->session_context_id,
sizeof(conf->session_context_id),
"FreeRADIUS EAP-TLS %p", conf);
}
/*
* Cache it, and DON'T auto-clear it.
*/
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER | SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_set_session_id_context(ctx,
(unsigned char *) conf->session_context_id,
(unsigned int) strlen(conf->session_context_id));
/*
* Our timeout is in hours, this is in seconds.
*/
SSL_CTX_set_timeout(ctx, conf->session_timeout * 3600);
/*
* Set the maximum number of entries in the
* session cache.
*/
SSL_CTX_sess_set_cache_size(ctx, conf->session_cache_size);
} else {
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
}
/*
* Register the application indices. We can't use
* hard-coded "0" and "1" as before, because we need to
* set up a "free" handler for the cached session
* information.
*/
if (eaptls_handle_idx < 0) {
eaptls_handle_idx = SSL_get_ex_new_index(0, &eaptls_handle_idx,
NULL, NULL, NULL);
}
if (eaptls_conf_idx < 0) {
eaptls_conf_idx = SSL_get_ex_new_index(0, &eaptls_conf_idx,
NULL, NULL, NULL);
}
if (eaptls_store_idx < 0) {
eaptls_store_idx = SSL_get_ex_new_index(0, "eaptls_store_idx",
NULL, NULL, NULL);
}
if (eaptls_session_idx < 0) {
eaptls_session_idx = SSL_get_ex_new_index(0, &eaptls_session_idx,
NULL, NULL,
eaptls_session_free);
}
return ctx;
}
static
int tls_init_context(tls_t *tls, tls_issues_t const *ti)
{
int verify;
static int random_loaded;
ONCE_INIT(tls_init_once);
if (!random_loaded) {
random_loaded = 1;
if (ti->randFile &&
!RAND_load_file(ti->randFile, 1024 * 1024)) {
if (ti->configured > 1) {
SU_DEBUG_3(("%s: cannot open randFile %s\n",
"tls_init_context", ti->randFile));
tls_log_errors(3, "tls_init_context", 0);
}
/* errno = EIO; */
/* return -1; */
}
}
#if HAVE_SIGPIPE
/* Avoid possible SIGPIPE when sending close_notify */
signal(SIGPIPE, SIG_IGN);
#endif
if (tls->ctx == NULL)
if (!(tls->ctx = SSL_CTX_new((SSL_METHOD*)SSLv23_method()))) {
tls_log_errors(1, "SSL_CTX_new() failed", 0);
errno = EIO;
return -1;
}
if (!(ti->version & TPTLS_VERSION_SSLv2))
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_SSLv2);
if (!(ti->version & TPTLS_VERSION_SSLv3))
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_SSLv3);
if (!(ti->version & TPTLS_VERSION_TLSv1))
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_TLSv1);
if (!(ti->version & TPTLS_VERSION_TLSv1_1))
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_TLSv1_1);
if (!(ti->version & TPTLS_VERSION_TLSv1_2))
SSL_CTX_set_options(tls->ctx, SSL_OP_NO_TLSv1_2);
SSL_CTX_sess_set_remove_cb(tls->ctx, NULL);
SSL_CTX_set_timeout(tls->ctx, ti->timeout);
/* Set callback if we have a passphrase */
if (ti->passphrase != NULL) {
SSL_CTX_set_default_passwd_cb(tls->ctx, passwd_cb);
SSL_CTX_set_default_passwd_cb_userdata(tls->ctx, (void *)ti);
}
if (!SSL_CTX_use_certificate_file(tls->ctx,
ti->cert,
SSL_FILETYPE_PEM)) {
if (ti->configured > 0) {
SU_DEBUG_1(("%s: invalid local certificate: %s\n",
"tls_init_context", ti->cert));
tls_log_errors(3, "tls_init_context", 0);
#if require_client_certificate
errno = EIO;
return -1;
#endif
}
}
if (!SSL_CTX_use_PrivateKey_file(tls->ctx,
ti->key,
SSL_FILETYPE_PEM)) {
if (ti->configured > 0) {
SU_DEBUG_1(("%s: invalid private key: %s\n",
"tls_init_context", ti->key));
tls_log_errors(3, "tls_init_context(key)", 0);
#if require_client_certificate
errno = EIO;
return -1;
#endif
}
}
if (!SSL_CTX_check_private_key(tls->ctx)) {
if (ti->configured > 0) {
SU_DEBUG_1(("%s: private key does not match the certificate public key\n",
"tls_init_context"));
}
#if require_client_certificate
errno = EIO;
return -1;
#endif
}
if (!SSL_CTX_load_verify_locations(tls->ctx,
ti->CAfile,
ti->CApath)) {
SU_DEBUG_1(("%s: error loading CA list: %s\n",
"tls_init_context", ti->CAfile));
if (ti->configured > 0)
tls_log_errors(3, "tls_init_context(CA)", 0);
errno = EIO;
return -1;
}
/* corresponds to (enum tport_tls_verify_policy) */
tls->verify_incoming = (ti->policy & 0x1) ? 1 : 0;
tls->verify_outgoing = (ti->policy & 0x2) ? 1 : 0;
tls->verify_subj_in = (ti->policy & 0x4) ? tls->verify_incoming : 0;
tls->verify_subj_out = (ti->policy & 0x8) ? tls->verify_outgoing : 0;
tls->verify_date = (ti->verify_date) ? 1 : 0;
if (tls->verify_incoming)
verify = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
else
verify = SSL_VERIFY_NONE;
SSL_CTX_set_verify_depth(tls->ctx, ti->verify_depth);
SSL_CTX_set_verify(tls->ctx, verify, tls_verify_cb);
if (tls_init_ecdh_curve(tls) == 0) {
SU_DEBUG_3(("%s\n", "tls: initialized ECDH"));
} else {
SU_DEBUG_3(("%s\n", "tls: failed to initialize ECDH"));
}
if (!SSL_CTX_set_cipher_list(tls->ctx, ti->ciphers)) {
SU_DEBUG_1(("%s: error setting cipher list\n", "tls_init_context"));
tls_log_errors(3, "tls_init_context", 0);
errno = EIO;
return -1;
}
return 0;
}
bool TLS_SOCKET_CLASS::openSslInitialize()
// DESCRIPTION : Called to initialize the OpenSSL library for this session.
// PRECONDITIONS :
// POSTCONDITIONS :
// EXCEPTIONS :
// NOTES :
//<<===========================================================================
{
int verify_mode;
long ssl_options;
openSslM_ptr = OPENSSL_CLASS::getInstance();
if (openSslM_ptr == NULL)
{
if (loggerM_ptr)
{
loggerM_ptr->text(LOG_ERROR, 1, "OpenSSL library not initialized when initializing Secure Socket");
}
return false;
}
// setup the connection factory for this session
if (tlsVersionM == TLS_VERSION_TLSv1)
{
ctxM_ptr = SSL_CTX_new(TLSv1_method());
}
else if (tlsVersionM == TLS_VERSION_SSLv3)
{
ctxM_ptr = SSL_CTX_new(SSLv3_method());
}
else
{
ctxM_ptr = SSL_CTX_new(SSLv23_method());
}
if (ctxM_ptr == NULL)
{
openSslError("initializing connection factory");
return false;
}
SSL_CTX_set_default_passwd_cb(ctxM_ptr, OPENSSL_CLASS::openSslPasswordCallback);
char *password = new char[certificateFilePasswordM.length() + 1]; // create a buffer to store the password
// this is freed in the destructor
strcpy(password, certificateFilePasswordM.c_str());
SSL_CTX_set_default_passwd_cb_userdata(ctxM_ptr, (void *)password);
if (SSL_CTX_load_verify_locations(ctxM_ptr, certificateFilenameM.c_str(), NULL) != 1)
{
openSslError("loading trusted certificate file");
}
SSL_CTX_set_client_CA_list(ctxM_ptr, SSL_load_client_CA_file(certificateFilenameM.c_str()));
ERR_clear_error(); // the last call leaves an error in the stack
if (!readCredentials(ctxM_ptr))
{
openSslError("loading credentials");
}
if (checkRemoteCertificateM)
{
verify_mode = SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
}
else
{
verify_mode = SSL_VERIFY_NONE;
}
SSL_CTX_set_verify(ctxM_ptr, verify_mode, openSslVerifyCallback);
if ((loggerM_ptr != NULL) && ((loggerM_ptr->getLogMask() & LOG_DEBUG) != 0))
{
SSL_CTX_set_msg_callback(ctxM_ptr, openSslMsgCallback);
// the 'this' pointer needed by openSslMsgCallback and openSslVerfyCallback must be set by
// SSL_set_msg_callback_arg for each SSL created
}
ssl_options = SSL_OP_ALL | SSL_OP_SINGLE_DH_USE;
if (tlsVersionM.find(TLS_VERSION_SSLv2) == string::npos)
{
ssl_options |= SSL_OP_NO_SSLv2;
}
if (tlsVersionM.find(TLS_VERSION_SSLv3) == string::npos)
{
ssl_options |= SSL_OP_NO_SSLv3;
}
if (tlsVersionM.find(TLS_VERSION_TLSv1) == string::npos)
{
ssl_options |= SSL_OP_NO_TLSv1;
}
SSL_CTX_set_options(ctxM_ptr, ssl_options);
SSL_CTX_set_timeout(ctxM_ptr, tlsCacheTimeoutM);
SSL_CTX_set_session_id_context(ctxM_ptr, (const unsigned char *)"DVT", 3);
if (cacheTlsSessionsM)
{
SSL_CTX_set_session_cache_mode(ctxM_ptr, SSL_SESS_CACHE_BOTH);
}
else
{
SSL_CTX_set_session_cache_mode(ctxM_ptr, SSL_SESS_CACHE_OFF);
}
SSL_CTX_set_tmp_dh_callback(ctxM_ptr, OPENSSL_CLASS::tmpDhCallback);
if (SSL_CTX_set_cipher_list(ctxM_ptr, cipherListM.c_str()) != 1)
{
openSslError("initializing cipher list (no valid ciphers)");
}
return true;
}
/*
* call-seq:
* ctx.setup => Qtrue # first time
* ctx.setup => nil # thereafter
*
* This method is called automatically when a new SSLSocket is created.
* Normally you do not need to call this method (unless you are writing an extension in C).
*/
static VALUE
ossl_sslctx_setup(VALUE self)
{
SSL_CTX *ctx;
X509 *cert = NULL, *client_ca = NULL;
X509_STORE *store;
EVP_PKEY *key = NULL;
char *ca_path = NULL, *ca_file = NULL;
int i, verify_mode;
VALUE val;
if(OBJ_FROZEN(self)) return Qnil;
Data_Get_Struct(self, SSL_CTX, ctx);
#if !defined(OPENSSL_NO_DH)
if (RTEST(ossl_sslctx_get_tmp_dh_cb(self))){
SSL_CTX_set_tmp_dh_callback(ctx, ossl_tmp_dh_callback);
}
else{
SSL_CTX_set_tmp_dh_callback(ctx, ossl_default_tmp_dh_callback);
}
#endif
SSL_CTX_set_ex_data(ctx, ossl_ssl_ex_ptr_idx, (void*)self);
val = ossl_sslctx_get_cert_store(self);
if(!NIL_P(val)){
/*
* WORKAROUND:
* X509_STORE can count references, but
* X509_STORE_free() doesn't care it.
* So we won't increment it but mark it by ex_data.
*/
store = GetX509StorePtr(val); /* NO NEED TO DUP */
SSL_CTX_set_cert_store(ctx, store);
SSL_CTX_set_ex_data(ctx, ossl_ssl_ex_store_p, (void*)1);
}
val = ossl_sslctx_get_extra_cert(self);
if(!NIL_P(val)){
rb_block_call(val, rb_intern("each"), 0, 0, ossl_sslctx_add_extra_chain_cert_i, self);
}
/* private key may be bundled in certificate file. */
val = ossl_sslctx_get_cert(self);
cert = NIL_P(val) ? NULL : GetX509CertPtr(val); /* NO DUP NEEDED */
val = ossl_sslctx_get_key(self);
key = NIL_P(val) ? NULL : GetPKeyPtr(val); /* NO DUP NEEDED */
if (cert && key) {
if (!SSL_CTX_use_certificate(ctx, cert)) {
/* Adds a ref => Safe to FREE */
ossl_raise(eSSLError, "SSL_CTX_use_certificate:");
}
if (!SSL_CTX_use_PrivateKey(ctx, key)) {
/* Adds a ref => Safe to FREE */
ossl_raise(eSSLError, "SSL_CTX_use_PrivateKey:");
}
if (!SSL_CTX_check_private_key(ctx)) {
ossl_raise(eSSLError, "SSL_CTX_check_private_key:");
}
}
val = ossl_sslctx_get_client_ca(self);
if(!NIL_P(val)){
if(TYPE(val) == T_ARRAY){
for(i = 0; i < RARRAY_LEN(val); i++){
client_ca = GetX509CertPtr(RARRAY_PTR(val)[i]);
if (!SSL_CTX_add_client_CA(ctx, client_ca)){
/* Copies X509_NAME => FREE it. */
ossl_raise(eSSLError, "SSL_CTX_add_client_CA");
}
}
}
else{
client_ca = GetX509CertPtr(val); /* NO DUP NEEDED. */
if (!SSL_CTX_add_client_CA(ctx, client_ca)){
/* Copies X509_NAME => FREE it. */
ossl_raise(eSSLError, "SSL_CTX_add_client_CA");
}
}
}
val = ossl_sslctx_get_ca_file(self);
ca_file = NIL_P(val) ? NULL : StringValuePtr(val);
val = ossl_sslctx_get_ca_path(self);
ca_path = NIL_P(val) ? NULL : StringValuePtr(val);
if(ca_file || ca_path){
if (!SSL_CTX_load_verify_locations(ctx, ca_file, ca_path))
rb_warning("can't set verify locations");
}
val = ossl_sslctx_get_verify_mode(self);
verify_mode = NIL_P(val) ? SSL_VERIFY_NONE : NUM2INT(val);
SSL_CTX_set_verify(ctx, verify_mode, ossl_ssl_verify_callback);
if (RTEST(ossl_sslctx_get_client_cert_cb(self)))
SSL_CTX_set_client_cert_cb(ctx, ossl_client_cert_cb);
val = ossl_sslctx_get_timeout(self);
if(!NIL_P(val)) SSL_CTX_set_timeout(ctx, NUM2LONG(val));
val = ossl_sslctx_get_verify_dep(self);
if(!NIL_P(val)) SSL_CTX_set_verify_depth(ctx, NUM2LONG(val));
val = ossl_sslctx_get_options(self);
if(!NIL_P(val)) SSL_CTX_set_options(ctx, NUM2LONG(val));
rb_obj_freeze(self);
val = ossl_sslctx_get_sess_id_ctx(self);
if (!NIL_P(val)){
StringValue(val);
if (!SSL_CTX_set_session_id_context(ctx, (unsigned char *)RSTRING_PTR(val),
RSTRING_LEN(val))){
ossl_raise(eSSLError, "SSL_CTX_set_session_id_context:");
}
}
if (RTEST(rb_iv_get(self, "@session_get_cb"))) {
SSL_CTX_sess_set_get_cb(ctx, ossl_sslctx_session_get_cb);
OSSL_Debug("SSL SESSION get callback added");
}
if (RTEST(rb_iv_get(self, "@session_new_cb"))) {
SSL_CTX_sess_set_new_cb(ctx, ossl_sslctx_session_new_cb);
OSSL_Debug("SSL SESSION new callback added");
}
if (RTEST(rb_iv_get(self, "@session_remove_cb"))) {
SSL_CTX_sess_set_remove_cb(ctx, ossl_sslctx_session_remove_cb);
OSSL_Debug("SSL SESSION remove callback added");
}
#ifdef HAVE_SSL_SET_TLSEXT_HOST_NAME
val = rb_iv_get(self, "@servername_cb");
if (!NIL_P(val)) {
SSL_CTX_set_tlsext_servername_callback(ctx, ssl_servername_cb);
OSSL_Debug("SSL TLSEXT servername callback added");
}
#endif
return Qtrue;
}
void context_init(void) { /* init SSL */
int i;
#if SSLEAY_VERSION_NUMBER >= 0x00907000L
/* Load all bundled ENGINEs into memory and make them visible */
ENGINE_load_builtin_engines();
/* Register all of them for every algorithm they collectively implement */
ENGINE_register_all_complete();
#endif
if(!init_prng())
log(LOG_INFO, "PRNG seeded successfully");
SSLeay_add_ssl_algorithms();
SSL_load_error_strings();
if(options.option.client) {
ctx=SSL_CTX_new(SSLv3_client_method());
} else { /* Server mode */
ctx=SSL_CTX_new(SSLv23_server_method());
#ifndef NO_RSA
SSL_CTX_set_tmp_rsa_callback(ctx, tmp_rsa_cb);
#endif /* NO_RSA */
if(init_dh())
log(LOG_WARNING, "Diffie-Hellman initialization failed");
}
if(options.ssl_options) {
log(LOG_DEBUG, "Configuration SSL options: 0x%08lX",
options.ssl_options);
log(LOG_DEBUG, "SSL options set: 0x%08lX",
SSL_CTX_set_options(ctx, options.ssl_options));
}
#if SSLEAY_VERSION_NUMBER >= 0x00906000L
SSL_CTX_set_mode(ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif /* OpenSSL-0.9.6 */
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout(ctx, options.session_timeout);
if(options.option.cert) {
if(!SSL_CTX_use_certificate_chain_file(ctx, options.cert)) {
log(LOG_ERR, "Error reading certificate file: %s", options.cert);
sslerror("SSL_CTX_use_certificate_chain_file");
exit(1);
}
log(LOG_DEBUG, "Certificate: %s", options.cert);
log(LOG_DEBUG, "Key file: %s", options.key);
#ifdef USE_WIN32
SSL_CTX_set_default_passwd_cb(ctx, pem_passwd_cb);
#endif
for(i=0; i<3; i++) {
#ifdef NO_RSA
if(SSL_CTX_use_PrivateKey_file(ctx, options.key,
SSL_FILETYPE_PEM))
#else /* NO_RSA */
if(SSL_CTX_use_RSAPrivateKey_file(ctx, options.key,
SSL_FILETYPE_PEM))
#endif /* NO_RSA */
break;
if(i<2 && ERR_GET_REASON(ERR_peek_error())==EVP_R_BAD_DECRYPT) {
sslerror_stack(); /* dump the error stack */
log(LOG_ERR, "Wrong pass phrase: retrying");
continue;
}
#ifdef NO_RSA
sslerror("SSL_CTX_use_PrivateKey_file");
#else /* NO_RSA */
sslerror("SSL_CTX_use_RSAPrivateKey_file");
#endif /* NO_RSA */
exit(1);
}
if(!SSL_CTX_check_private_key(ctx)) {
sslerror("Private key does not match the certificate");
exit(1);
}
}
verify_init(); /* Initialize certificate verification */
SSL_CTX_set_info_callback(ctx, info_callback);
if(options.cipher_list) {
if (!SSL_CTX_set_cipher_list(ctx, options.cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
exit(1);
}
}
}
static int connect_to_peer(struct sockaddr_in *peeraddr, uint16_t bindport)
{
int s;
int yes = 1;
struct sockaddr_in self;
if(ssl == NULL) {
//OpenSSL
/* Set up the SSL context */
ctx = SSL_CTX_new(SSLv23_client_method());
/* Load the trust store */
if(! SSL_CTX_load_verify_locations(ctx, CERT_FILE, NULL))
{
fprintf(stderr, "Error loading trust store\n");
ERR_print_errors_fp(stderr);
SSL_CTX_free(ctx);
return 0;
}
//////////////
s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (s < 0)
return -1;
if (bindport) {
self.sin_family = AF_INET;
self.sin_addr.s_addr = htonl(INADDR_ANY);
self.sin_port = htons(bindport);
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes));
if (bind(s, (struct sockaddr *)&self, sizeof(self)) < 0) {
close(s);
return -1;
}
}
if (connect(s, (struct sockaddr *)peeraddr, sizeof(*peeraddr)) < 0) {
close(s);
return -1;
}
get_tcpr_state(&state1, tcpr_sock, &pulladdr1, port1);
//OpenSSL
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_timeout(ctx, 6000);
ssl = SSL_new(ctx);
sbio = BIO_new(BIO_s_socket());
BIO_set_fd(sbio, s, BIO_NOCLOSE);
SSL_set_bio(ssl, sbio, sbio);
BIO_set_callback(sbio,test);
//SSL_set_connect_state(ssl);
printf("SSL Connect: %d\n", SSL_connect(ssl));
/////////////
setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &yes, sizeof(yes));
} else {
//OpenSSL
/* Set up the SSL context */
ctx1 = SSL_CTX_new(SSLv23_client_method());
/* Load the trust store */
if(! SSL_CTX_load_verify_locations(ctx1, CERT_FILE, NULL))
{
fprintf(stderr, "Error loading trust store\n");
ERR_print_errors_fp(stderr);
SSL_CTX_free(ctx1);
return 0;
}
//////////////
s = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if (s < 0)
return -1;
if (bindport) {
self.sin_family = AF_INET;
self.sin_addr.s_addr = htonl(INADDR_ANY);
self.sin_port = htons(bindport);
setsockopt(s, SOL_SOCKET, SO_REUSEADDR, &yes, sizeof(yes));
if (bind(s, (struct sockaddr *)&self, sizeof(self)) < 0) {
close(s);
return -1;
}
}
if (connect(s, (struct sockaddr *)peeraddr, sizeof(*peeraddr)) < 0) {
close(s);
return -1;
}
get_tcpr_state(&state1, tcpr_sock, &pulladdr1, port1);
//OpenSSL
SSL_CTX_set_mode(ctx1, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_timeout(ctx1, 6000);
ssl1 = SSL_new(ctx1);
sbio1 = BIO_new(BIO_s_socket());
BIO_set_fd(sbio1, s, BIO_NOCLOSE);
SSL_set_bio(ssl1, sbio1, sbio1);
//BIO_set_callback(sbio1,test);
//SSL_set_connect_state(ssl1);
printf("SSL Connect: %d\n", SSL_connect(ssl1));
/////////////
setsockopt(s, IPPROTO_TCP, TCP_NODELAY, &yes, sizeof(yes));
}
return s;
}
/* デフォルトの証明書は 自分:/usr/local/ct/cert/tn.pem 認証局:/usr/local/ct/cert/root.pem */
int kTLSInitialize(int sessionMode,int initialmode,int timeout,char *passwd,char *rootPEM,char *myPEM,
char *dhPEM,int version,int nagle,int clientveri,int tmprsa,char *enc)
{
BIO *bio;
SSL_METHOD *meth;
RSA *rsa;
DH *dh=0;
struct stat tmp;
/* Nagleアルゴリズムの無効化フラグの保存 */
NagleFlag=nagle;
if(TLSctx){
/* 強制初期化モードがある場合 */
if(initialmode){
TLSClose(NULL,0);
kLogWrite(L_TLS, "%s: TLS ReInitialize", __FUNCTION__);
}
else
return RETURN_OK;
}
/* パラメータの取得 */
timeout = timeout<=0 ? SESSION_TIMEOUT : timeout;
TLSSessionMode = sessionMode;
kLogWrite(L_TLS,"%s: Session cache mode : %s Session timeout : %d(s)",__FUNCTION__,sessionMode?"Enable":"Disable",timeout);
rootPEM = (rootPEM && rootPEM[0]) ? rootPEM : ROOT_PEM;
myPEM = (myPEM && myPEM[0]) ? myPEM : MY_PEM;
dhPEM = (dhPEM && dhPEM[0]) ? dhPEM : DHFILE1024;
strcpy(TLSPasswd,(passwd && passwd[0]) ? passwd : PASSWORD);
if(lstat(rootPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,rootPEM);
return(RETURN_NG);
}
if(lstat(myPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,myPEM);
return(RETURN_NG);
}
if(lstat(dhPEM,&tmp)<0){
kLogWrite(L_ERROR, "%s: TLS Initialize file[%s] not exist", __FUNCTION__,dhPEM);
return(RETURN_NG);
}
/* SSLライブラリの初期化 */
if(!SSL_library_init()){
kLogWrite(L_ERROR, "%s: OpenSSL initialization failed!",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_library_init OK",__FUNCTION__);
/* エラーメッセージの視覚化 */
SSL_load_error_strings();
RAND_load_file("/dev/urandom", 1024);
kLogWrite(L_TLS,"%s: RAND_load_file OK",__FUNCTION__);
/* SSL_METHODオブジェクトの取得 */
if(version == 2)
meth=SSLv2_method();
else if(version == 3)
meth=SSLv3_method();
else if(version == 1)
meth=TLSv1_method();
else if(version == 23)
meth=SSLv23_method();
else
meth=TLSv1_method();
kLogWrite(L_TLS,"%s: SSL verion [%d] 2:SSLv2 23:SSLv23 3:SSLv3 1:TLSv1",__FUNCTION__,version);
/* SSL_CTXオブジェクトの取得 */
TLSctx=SSL_CTX_new(meth);
kLogWrite(L_TLS,"%s: SSL_CTX_new OK",__FUNCTION__);
/* SSL_CTXオブジェクトに証明書と秘密鍵を同時にロードする */
if(!(SSL_CTX_use_certificate_file(TLSctx,myPEM,SSL_FILETYPE_PEM))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read certificate file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_use_certificate_file[%s] OK",__FUNCTION__,myPEM);
/* パスフレーズのコールバック関数を登録する */
SSL_CTX_set_default_passwd_cb(TLSctx,password_cb);
if(!(SSL_CTX_use_PrivateKey_file(TLSctx,myPEM,SSL_FILETYPE_PEM))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read key file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_use_PrivateKey_file[%s] OK",__FUNCTION__,myPEM);
/* SSL_CTXオブジェクトに信頼できるCA証明書をロードする */
if(!(SSL_CTX_load_verify_locations(TLSctx,rootPEM,0))){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't read CA list",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_load_verify_locations[%s] OK",__FUNCTION__,rootPEM);
/* 認証コールバック関数の登録 */
/* Server Key Exchange オプションを付与する (クライアント認証を行う) */
kLogWrite(L_TLS,"%s: Server Key Exchange option : %s",__FUNCTION__,clientveri?"Enable":"Disable");
SSL_CTX_set_verify(TLSctx, clientveri?SSL_VERIFY_PEER:SSL_VERIFY_NONE,VerifyCallback);
kLogWrite(L_TLS,"%s: SSL_CTX_set_verify[%s] OK",__FUNCTION__,clientveri?"PEER":"NONE");
/* 信頼できる証明書に到達するまでのチェーンの回数を指定する */
/* SSL_CTX_set_verify_depth(TLSctx,1); */
/* SSLv2を選択不可にする */
if(version != 2 && version != 23){
SSL_CTX_set_options(TLSctx,SSL_OP_NO_SSLv2);
kLogWrite(L_TLS,"%s: SSL_CTX_set_options NO_SSLv2",__FUNCTION__);
}
/* Certificate Request オプションを付与する (一時的RSAを使う ) */
kLogWrite(L_TLS,"%s: Certificate Request option : %s",__FUNCTION__,tmprsa?"Enable":"Disable");
if(tmprsa){
/* BIOオブジェクトを使ってファイルをオープンする */
if ((bio=BIO_new_file(dhPEM,"r")) == NULL){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't open DH file",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: BIO_new_file[%s] OK",__FUNCTION__,dhPEM);
/* DHパラメータを読み込む */
dh=PEM_read_bio_DHparams(bio,NULL,NULL,NULL);
kLogWrite(L_TLS,"%s: PEM_read_bio_DHparams[%s] OK",__FUNCTION__,dhPEM);
/* ファイルをクローズする */
BIO_free(bio);
/* DHパラメータをCTXオブジェクトにロードする */
if(SSL_CTX_set_tmp_dh(TLSctx,dh)<0){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't set DH parameters",__FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_set_tmp_dh OK",__FUNCTION__);
}
/* 暗号スイートの選択 */
if(enc && enc[0]){
kLogWrite(L_TLS,"%s: Encrypt suit specified",__FUNCTION__);
if(SSL_CTX_set_cipher_list(TLSctx,enc))
kLogWrite(L_TLS,"%s: SSL_CTX_set_cipher_list[%s] OK",__FUNCTION__,enc);
else
kLogWrite(L_TLS,"%s: SSL_CTX_set_cipher_list[%s] invalid",__FUNCTION__,enc);
}
/* RSA鍵のペアを生成する */
rsa=RSA_generate_key(512,RSA_F4,NULL,NULL);
kLogWrite(L_TLS,"%s: RSA_generate_key OK",__FUNCTION__);
/* RSA鍵をCTXオブジェクトにロードする */
if (!SSL_CTX_set_tmp_rsa(TLSctx,rsa)){
TLSClose(NULL,0);
kLogWrite(L_ERROR, "%s: Couldn't set RSA key", __FUNCTION__);
return(RETURN_NG);
}
kLogWrite(L_TLS,"%s: SSL_CTX_set_tmp_rsa OK",__FUNCTION__);
RSA_free(rsa);
/* セッションキャッシュを有効モードに設定する */
SSL_CTX_set_session_id_context(TLSctx,(void*)&TLSServerSessionIdContext, sizeof(TLSServerSessionIdContext));
kLogWrite(L_TLS,"%s: SSL_CTX_set_session_id_context OK", __FUNCTION__);
/* セッション削除時のコールバック設定 */
SSL_CTX_sess_set_remove_cb(TLSctx,remove_session_cb);
SSL_CTX_set_timeout(TLSctx,timeout);
kLogWrite(L_TLS,"%s: Nagle algorithm : %s",__FUNCTION__,NagleFlag?"Enable":"Disable");
return(RETURN_OK);
}
TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *props)
{
SSL_CTX *server_ctx;
long off = 0;
int verify_flags = SSL_VERIFY_NONE;
int cachable;
int protomask;
TLS_APPL_STATE *app_ctx;
const EVP_MD *md_alg;
unsigned int md_len;
if (props->log_level >= 2)
msg_info("initializing the server-side TLS engine");
/*
* Load (mostly cipher related) TLS-library internal main.cf parameters.
*/
tls_param_init();
/*
* Detect mismatch between compile-time headers and run-time library.
*/
tls_check_version();
/*
* Initialize the OpenSSL library by the book! To start with, we must
* initialize the algorithms. We want cleartext error messages instead of
* just error codes, so we load the error_strings.
*/
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
/*
* First validate the protocols. If these are invalid, we can't continue.
*/
protomask = tls_protocol_mask(props->protocols);
if (protomask == TLS_PROTOCOL_INVALID) {
/* tls_protocol_mask() logs no warning. */
msg_warn("Invalid TLS protocol list \"%s\": disabling TLS support",
props->protocols);
return (0);
}
/*
* Create an application data index for SSL objects, so that we can
* attach TLScontext information; this information is needed inside
* tls_verify_certificate_callback().
*/
if (TLScontext_index < 0) {
if ((TLScontext_index = SSL_get_ex_new_index(0, 0, 0, 0, 0)) < 0) {
msg_warn("Cannot allocate SSL application data index: "
"disabling TLS support");
return (0);
}
}
/*
* Register SHA-2 digests, if implemented and not already registered.
* Improves interoperability with clients and servers that prematurely
* deploy SHA-2 certificates.
*/
#if defined(LN_sha256) && defined(NID_sha256) && !defined(OPENSSL_NO_SHA256)
if (!EVP_get_digestbyname(LN_sha224))
EVP_add_digest(EVP_sha224());
if (!EVP_get_digestbyname(LN_sha256))
EVP_add_digest(EVP_sha256());
#endif
#if defined(LN_sha512) && defined(NID_sha512) && !defined(OPENSSL_NO_SHA512)
if (!EVP_get_digestbyname(LN_sha384))
EVP_add_digest(EVP_sha384());
if (!EVP_get_digestbyname(LN_sha512))
EVP_add_digest(EVP_sha512());
#endif
/*
* If the administrator specifies an unsupported digest algorithm, fail
* now, rather than in the middle of a TLS handshake.
*/
if ((md_alg = EVP_get_digestbyname(props->fpt_dgst)) == 0) {
msg_warn("Digest algorithm \"%s\" not found: disabling TLS support",
props->fpt_dgst);
return (0);
}
/*
* Sanity check: Newer shared libraries may use larger digests.
*/
if ((md_len = EVP_MD_size(md_alg)) > EVP_MAX_MD_SIZE) {
msg_warn("Digest algorithm \"%s\" output size %u too large:"
" disabling TLS support", props->fpt_dgst, md_len);
return (0);
}
/*
* Initialize the PRNG (Pseudo Random Number Generator) with some seed
* from external and internal sources. Don't enable TLS without some real
* entropy.
*/
if (tls_ext_seed(var_tls_daemon_rand_bytes) < 0) {
msg_warn("no entropy for TLS key generation: disabling TLS support");
return (0);
}
tls_int_seed();
/*
* The SSL/TLS specifications require the client to send a message in the
* oldest specification it understands with the highest level it
* understands in the message. Netscape communicator can still
* communicate with SSLv2 servers, so it sends out a SSLv2 client hello.
* To deal with it, our server must be SSLv2 aware (even if we don't like
* SSLv2), so we need to have the SSLv23 server here. If we want to limit
* the protocol level, we can add an option to not use SSLv2/v3/TLSv1
* later.
*/
ERR_clear_error();
if ((server_ctx = SSL_CTX_new(SSLv23_server_method())) == 0) {
msg_warn("cannot allocate server SSL_CTX: disabling TLS support");
tls_print_errors();
return (0);
}
/*
* See the verify callback in tls_verify.c
*/
SSL_CTX_set_verify_depth(server_ctx, props->verifydepth + 1);
/*
* Protocol work-arounds, OpenSSL version dependent.
*/
#ifdef SSL_OP_NO_TICKET
off |= SSL_OP_NO_TICKET;
#endif
off |= tls_bug_bits();
SSL_CTX_set_options(server_ctx, off);
/*
* Global protocol selection.
*/
if (protomask != 0)
SSL_CTX_set_options(server_ctx,
((protomask & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L)
| ((protomask & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L)
| ((protomask & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L)
| ((protomask & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L)
| ((protomask & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L));
#if OPENSSL_VERSION_NUMBER >= 0x0090700fL
/*
* Some sites may want to give the client less rope. On the other hand,
* this could trigger inter-operability issues, the client should not
* offer ciphers it implements poorly, but this hasn't stopped some
* vendors from getting it wrong.
*
* XXX: Given OpenSSL's security history, nobody should still be using
* 0.9.7, let alone 0.9.6 or earlier. Warning added to TLS_README.html.
*/
if (var_tls_preempt_clist)
SSL_CTX_set_options(server_ctx, SSL_OP_CIPHER_SERVER_PREFERENCE);
#endif
/*
* Set the call-back routine to debug handshake progress.
*/
if (props->log_level >= 2)
SSL_CTX_set_info_callback(server_ctx, tls_info_callback);
/*
* Load the CA public key certificates for both the server cert and for
* the verification of client certificates. As provided by OpenSSL we
* support two types of CA certificate handling: One possibility is to
* add all CA certificates to one large CAfile, the other possibility is
* a directory pointed to by CApath, containing separate files for each
* CA with softlinks named after the hash values of the certificate. The
* first alternative has the advantage that the file is opened and read
* at startup time, so that you don't have the hassle to maintain another
* copy of the CApath directory for chroot-jail.
*/
if (tls_set_ca_certificate_info(server_ctx,
props->CAfile, props->CApath) < 0) {
/* tls_set_ca_certificate_info() already logs a warning. */
SSL_CTX_free(server_ctx); /* 200411 */
return (0);
}
/*
* Load the server public key certificate and private key from file and
* check whether the cert matches the key. We can use RSA certificates
* ("cert") DSA certificates ("dcert") or ECDSA certificates ("eccert").
* All three can be made available at the same time. The CA certificates
* for all three are handled in the same setup already finished. Which
* one is used depends on the cipher negotiated (that is: the first
* cipher listed by the client which does match the server). A client
* with RSA only (e.g. Netscape) will use the RSA certificate only. A
* client with openssl-library will use RSA first if not especially
* changed in the cipher setup.
*/
if (tls_set_my_certificate_key_info(server_ctx,
props->cert_file,
props->key_file,
props->dcert_file,
props->dkey_file,
props->eccert_file,
props->eckey_file) < 0) {
/* tls_set_my_certificate_key_info() already logs a warning. */
SSL_CTX_free(server_ctx); /* 200411 */
return (0);
}
/*
* According to the OpenSSL documentation, temporary RSA key is needed
* export ciphers are in use. We have to provide one, so well, we just do
* it.
*/
SSL_CTX_set_tmp_rsa_callback(server_ctx, tls_tmp_rsa_cb);
/*
* Diffie-Hellman key generation parameters can either be loaded from
* files (preferred) or taken from compiled in values. First, set the
* callback that will select the values when requested, then load the
* (possibly) available DH parameters from files. We are generous with
* the error handling, since we do have default values compiled in, so we
* will not abort but just log the error message.
*/
SSL_CTX_set_tmp_dh_callback(server_ctx, tls_tmp_dh_cb);
if (*props->dh1024_param_file != 0)
tls_set_dh_from_file(props->dh1024_param_file, 1024);
if (*props->dh512_param_file != 0)
tls_set_dh_from_file(props->dh512_param_file, 512);
/*
* Enable EECDH if available, errors are not fatal, we just keep going
* with any remaining key-exchange algorithms.
*/
(void) tls_set_eecdh_curve(server_ctx, props->eecdh_grade);
/*
* If we want to check client certificates, we have to indicate it in
* advance. By now we only allow to decide on a global basis. If we want
* to allow certificate based relaying, we must ask the client to provide
* one with SSL_VERIFY_PEER. The client now can decide, whether it
* provides one or not. We can enforce a failure of the negotiation with
* SSL_VERIFY_FAIL_IF_NO_PEER_CERT, if we do not allow a connection
* without one. In the "server hello" following the initialization by the
* "client hello" the server must provide a list of CAs it is willing to
* accept. Some clever clients will then select one from the list of
* available certificates matching these CAs. Netscape Communicator will
* present the list of certificates for selecting the one to be sent, or
* it will issue a warning, if there is no certificate matching the
* available CAs.
*
* With regard to the purpose of the certificate for relaying, we might like
* a later negotiation, maybe relaying would already be allowed for other
* reasons, but this would involve severe changes in the internal postfix
* logic, so we have to live with it the way it is.
*/
if (props->ask_ccert)
verify_flags = SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE;
SSL_CTX_set_verify(server_ctx, verify_flags,
tls_verify_certificate_callback);
if (*props->CAfile)
SSL_CTX_set_client_CA_list(server_ctx,
SSL_load_client_CA_file(props->CAfile));
/*
* Initialize our own TLS server handle, before diving into the details
* of TLS session cache management.
*/
app_ctx = tls_alloc_app_context(server_ctx);
/*
* The session cache is implemented by the tlsmgr(8) server.
*
* XXX 200502 Surprise: when OpenSSL purges an entry from the in-memory
* cache, it also attempts to purge the entry from the on-disk cache.
* This is undesirable, especially when we set the in-memory cache size
* to 1. For this reason we don't allow OpenSSL to purge on-disk cache
* entries, and leave it up to the tlsmgr process instead. Found by
* Victor Duchovni.
*/
if (tls_mgr_policy(props->cache_type, &cachable) != TLS_MGR_STAT_OK)
cachable = 0;
if (cachable || props->set_sessid) {
/*
* Initialize the session cache.
*
* With a large number of concurrent smtpd(8) processes, it is not a
* good idea to cache multiple large session objects in each process.
* We set the internal cache size to 1, and don't register a
* "remove_cb" so as to avoid deleting good sessions from the
* external cache prematurely (when the internal cache is full,
* OpenSSL removes sessions from the external cache also)!
*
* This makes SSL_CTX_remove_session() not useful for flushing broken
* sessions from the external cache, so we must delete them directly
* (not via a callback).
*
* Set a session id context to identify to what type of server process
* created a session. In our case, the context is simply the name of
* the mail system: "Postfix/TLS".
*/
SSL_CTX_sess_set_cache_size(server_ctx, 1);
SSL_CTX_set_session_id_context(server_ctx,
(void *) &server_session_id_context,
sizeof(server_session_id_context));
SSL_CTX_set_session_cache_mode(server_ctx,
SSL_SESS_CACHE_SERVER |
SSL_SESS_CACHE_NO_AUTO_CLEAR);
if (cachable) {
app_ctx->cache_type = mystrdup(props->cache_type);
SSL_CTX_sess_set_get_cb(server_ctx, get_server_session_cb);
SSL_CTX_sess_set_new_cb(server_ctx, new_server_session_cb);
}
/*
* OpenSSL ignores timed-out sessions. We need to set the internal
* cache timeout at least as high as the external cache timeout. This
* applies even if no internal cache is used.
*/
SSL_CTX_set_timeout(server_ctx, props->scache_timeout);
} else {
/*
* If we have no external cache, disable all caching. No use wasting
* server memory resources with sessions they are unlikely to be able
* to reuse.
*/
SSL_CTX_set_session_cache_mode(server_ctx, SSL_SESS_CACHE_OFF);
}
return (app_ctx);
}
void SSLContext::setSessionTimeout(long seconds)
{
assert(isForServerUse());
SSL_CTX_set_timeout(_sslContext, seconds);
}
int context_init(SERVICE_OPTIONS *section) { /* init SSL context */
/* create SSL context */
if(section->option.client)
section->ctx=SSL_CTX_new(section->client_method);
else /* server mode */
section->ctx=SSL_CTX_new(section->server_method);
if(!section->ctx) {
sslerror("SSL_CTX_new");
return 1; /* FAILED */
}
SSL_CTX_set_ex_data(section->ctx, index_opt, section); /* for callbacks */
/* load certificate and private key to be verified by the peer server */
#if !defined(OPENSSL_NO_ENGINE) && OPENSSL_VERSION_NUMBER>=0x0090809fL
/* SSL_CTX_set_client_cert_engine() was introduced in OpenSSL 0.9.8i */
if(section->option.client && section->engine) {
if(SSL_CTX_set_client_cert_engine(section->ctx, section->engine))
s_log(LOG_INFO, "Client certificate engine (%s) enabled",
ENGINE_get_id(section->engine));
else /* no client certificate functionality in this engine */
sslerror("SSL_CTX_set_client_cert_engine"); /* ignore error */
}
#endif
if(auth_init(section))
return 1; /* FAILED */
/* initialize verification of the peer server certificate */
if(verify_init(section))
return 1; /* FAILED */
/* initialize DH/ECDH server mode */
if(!section->option.client) {
#ifndef OPENSSL_NO_TLSEXT
SSL_CTX_set_tlsext_servername_arg(section->ctx, section);
SSL_CTX_set_tlsext_servername_callback(section->ctx, servername_cb);
#endif /* OPENSSL_NO_TLSEXT */
#ifndef OPENSSL_NO_DH
dh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
ecdh_init(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_ECDH */
}
/* setup session cache */
if(!section->option.client) {
unsigned servname_len=(unsigned)strlen(section->servname);
if(servname_len>SSL_MAX_SSL_SESSION_ID_LENGTH)
servname_len=SSL_MAX_SSL_SESSION_ID_LENGTH;
if(!SSL_CTX_set_session_id_context(section->ctx,
(unsigned char *)section->servname, servname_len)) {
sslerror("SSL_CTX_set_session_id_context");
return 1; /* FAILED */
}
}
#ifdef SSL_SESS_CACHE_NO_INTERNAL_STORE
/* the default cache mode is just SSL_SESS_CACHE_SERVER */
SSL_CTX_set_session_cache_mode(section->ctx,
SSL_SESS_CACHE_SERVER|SSL_SESS_CACHE_NO_INTERNAL_STORE);
#endif
SSL_CTX_sess_set_cache_size(section->ctx, section->session_size);
SSL_CTX_set_timeout(section->ctx, section->session_timeout);
SSL_CTX_sess_set_new_cb(section->ctx, sess_new_cb);
SSL_CTX_sess_set_get_cb(section->ctx, sess_get_cb);
SSL_CTX_sess_set_remove_cb(section->ctx, sess_remove_cb);
/* set info callback */
SSL_CTX_set_info_callback(section->ctx, info_callback);
/* ciphers, options, mode */
if(section->cipher_list)
if(!SSL_CTX_set_cipher_list(section->ctx, section->cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
return 1; /* FAILED */
}
SSL_CTX_set_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_set));
#if OPENSSL_VERSION_NUMBER>=0x009080dfL
SSL_CTX_clear_options(section->ctx,
(SSL_OPTIONS_TYPE)(section->ssl_options_clear));
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX, -0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set, section->ssl_options_clear);
#else /* OpenSSL older than 0.9.8m */
s_log(LOG_DEBUG, "SSL options: 0x%08lX (+0x%08lX)",
SSL_CTX_get_options(section->ctx),
section->ssl_options_set);
#endif /* OpenSSL 0.9.8m or later */
/* initialize OpenSSL CONF options */
if(conf_init(section))
return 1; /* FAILED */
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_RELEASE_BUFFERS);
#else
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif
return 0; /* OK */
}
BOOLEAN
SSL_initialize(CONN *C)
{
#ifdef HAVE_SSL
int i;
int serr;
C->ssl = NULL;
C->ctx = NULL;
C->method = NULL;
C->cert = NULL;
SSL_load_error_strings();
SSL_library_init();
if(!my.ssl_key && my.ssl_cert) {
my.ssl_key = my.ssl_cert;
}
if(!my.ssl_ciphers) {
my.ssl_ciphers = stralloc(SSL_DEFAULT_CIPHER_LIST);
}
C->method = SSLv23_client_method();
if(C->method==NULL){
SSL_error_stack();
return FALSE;
}
C->ctx = SSL_CTX_new(C->method);
if(C->ctx==NULL){
SSL_error_stack();
return FALSE;
}
SSL_CTX_set_mode(C->ctx, SSL_MODE_ENABLE_PARTIAL_WRITE|SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
SSL_CTX_set_session_cache_mode(C->ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_set_timeout(C->ctx, my.ssl_timeout);
if(my.ssl_ciphers){
if(!SSL_CTX_set_cipher_list(C->ctx, my.ssl_ciphers)){
joe_error("SSL_CTX_set_cipher_list");
return FALSE;
}
}
if(my.ssl_cert){
if(!SSL_CTX_use_certificate_chain_file(C->ctx, my.ssl_cert)){
SSL_error_stack(); /* dump the error stack */
joe_fatal("Error reading certificate file: %s", my.ssl_cert);
}
for(i=0; i<3; i++){
if(SSL_CTX_use_PrivateKey_file(C->ctx, my.ssl_key, SSL_FILETYPE_PEM))
break;
if(i<2 && ERR_GET_REASON(ERR_peek_error())==EVP_R_BAD_DECRYPT){
SSL_error_stack(); /* dump the error stack */
log_warning("Wrong pass phrase: retrying");
continue;
}
}
if(!SSL_CTX_check_private_key(C->ctx)){
joe_error("Private key does not match the certificate");
return FALSE;
}
}
C->ssl = SSL_new(C->ctx);
if(C->ssl==NULL){
SSL_error_stack();
return FALSE;
}
SSL_set_fd(C->ssl, C->sock);
serr = SSL_connect(C->ssl);
return TRUE;
#else
return FALSE;
#endif/*HAVE_SSL*/
}
void SSLContextManager::addSSLContextConfig(
const SSLContextConfig& ctxConfig,
const SSLCacheOptions& cacheOptions,
const TLSTicketKeySeeds* ticketSeeds,
const folly::SocketAddress& vipAddress,
const std::shared_ptr<SSLCacheProvider>& externalCache) {
unsigned numCerts = 0;
std::string commonName;
std::string lastCertPath;
std::unique_ptr<std::list<std::string>> subjectAltName;
auto sslCtx = std::make_shared<SSLContext>(ctxConfig.sslVersion);
for (const auto& cert : ctxConfig.certificates) {
try {
sslCtx->loadCertificate(cert.certPath.c_str());
} catch (const std::exception& ex) {
// The exception isn't very useful without the certificate path name,
// so throw a new exception that includes the path to the certificate.
string msg = folly::to<string>("error loading SSL certificate ",
cert.certPath, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
// Verify that the Common Name and (if present) Subject Alternative Names
// are the same for all the certs specified for the SSL context.
numCerts++;
X509* x509 = getX509(sslCtx->getSSLCtx());
auto guard = folly::makeGuard([x509] { X509_free(x509); });
auto cn = SSLUtil::getCommonName(x509);
if (!cn) {
throw std::runtime_error(folly::to<string>("Cannot get CN for X509 ",
cert.certPath));
}
auto altName = SSLUtil::getSubjectAltName(x509);
VLOG(2) << "cert " << cert.certPath << " CN: " << *cn;
if (altName) {
altName->sort();
VLOG(2) << "cert " << cert.certPath << " SAN: " << flattenList(*altName);
} else {
VLOG(2) << "cert " << cert.certPath << " SAN: " << "{none}";
}
if (numCerts == 1) {
commonName = *cn;
subjectAltName = std::move(altName);
} else {
if (commonName != *cn) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same CN as ",
lastCertPath));
}
if (altName == nullptr) {
if (subjectAltName != nullptr) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same SAN as ",
lastCertPath));
}
} else {
if ((subjectAltName == nullptr) || (*altName != *subjectAltName)) {
throw std::runtime_error(folly::to<string>("X509 ", cert.certPath,
" does not have same SAN as ",
lastCertPath));
}
}
}
lastCertPath = cert.certPath;
// TODO t4438250 - Add ECDSA support to the crypto_ssl offload server
// so we can avoid storing the ECDSA private key in the
// address space of the Internet-facing process. For
// now, if cert name includes "-EC" to denote elliptic
// curve, we load its private key even if the server as
// a whole has been configured for async crypto.
if (ctxConfig.isLocalPrivateKey ||
(cert.certPath.find("-EC") != std::string::npos)) {
// The private key lives in the same process
// This needs to be called before loadPrivateKey().
if (!cert.passwordPath.empty()) {
auto sslPassword = std::make_shared<PasswordInFile>(cert.passwordPath);
sslCtx->passwordCollector(sslPassword);
}
try {
sslCtx->loadPrivateKey(cert.keyPath.c_str());
} catch (const std::exception& ex) {
// Throw an error that includes the key path, so the user can tell
// which key had a problem.
string msg = folly::to<string>("error loading private SSL key ",
cert.keyPath, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
}
if (!ctxConfig.isLocalPrivateKey) {
enableAsyncCrypto(sslCtx);
}
// Let the server pick the highest performing cipher from among the client's
// choices.
//
// Let's use a unique private key for all DH key exchanges.
//
// Because some old implementations choke on empty fragments, most SSL
// applications disable them (it's part of SSL_OP_ALL). This
// will improve performance and decrease write buffer fragmentation.
sslCtx->setOptions(SSL_OP_CIPHER_SERVER_PREFERENCE |
SSL_OP_SINGLE_DH_USE |
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS);
// Configure SSL ciphers list
if (!ctxConfig.tls11Ciphers.empty()) {
// FIXME: create a dummy SSL_CTX for cipher testing purpose? It can
// remove the ordering dependency
// Test to see if the specified TLS1.1 ciphers are valid. Note that
// these will be overwritten by the ciphers() call below.
sslCtx->setCiphersOrThrow(ctxConfig.tls11Ciphers);
}
// Important that we do this *after* checking the TLS1.1 ciphers above,
// since we test their validity by actually setting them.
sslCtx->ciphers(ctxConfig.sslCiphers);
// Use a fix DH param
DH* dh = get_dh2048();
SSL_CTX_set_tmp_dh(sslCtx->getSSLCtx(), dh);
DH_free(dh);
const string& curve = ctxConfig.eccCurveName;
if (!curve.empty()) {
set_key_from_curve(sslCtx->getSSLCtx(), curve);
}
if (!ctxConfig.clientCAFile.empty()) {
try {
sslCtx->setVerificationOption(SSLContext::VERIFY_REQ_CLIENT_CERT);
sslCtx->loadTrustedCertificates(ctxConfig.clientCAFile.c_str());
sslCtx->loadClientCAList(ctxConfig.clientCAFile.c_str());
} catch (const std::exception& ex) {
string msg = folly::to<string>("error loading client CA",
ctxConfig.clientCAFile, ": ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
// - start - SSL session cache config
// the internal cache never does what we want (per-thread-per-vip).
// Disable it. SSLSessionCacheManager will set it appropriately.
SSL_CTX_set_session_cache_mode(sslCtx->getSSLCtx(), SSL_SESS_CACHE_OFF);
SSL_CTX_set_timeout(sslCtx->getSSLCtx(),
cacheOptions.sslCacheTimeout.count());
std::unique_ptr<SSLSessionCacheManager> sessionCacheManager;
if (ctxConfig.sessionCacheEnabled &&
cacheOptions.maxSSLCacheSize > 0 &&
cacheOptions.sslCacheFlushSize > 0) {
sessionCacheManager =
folly::make_unique<SSLSessionCacheManager>(
cacheOptions.maxSSLCacheSize,
cacheOptions.sslCacheFlushSize,
sslCtx.get(),
vipAddress,
commonName,
eventBase_,
stats_,
externalCache);
}
// - end - SSL session cache config
std::unique_ptr<TLSTicketKeyManager> ticketManager =
createTicketManagerHelper(sslCtx, ticketSeeds, ctxConfig, stats_);
// finalize sslCtx setup by the individual features supported by openssl
ctxSetupByOpensslFeature(sslCtx, ctxConfig);
try {
insert(sslCtx,
std::move(sessionCacheManager),
std::move(ticketManager),
ctxConfig.isDefault);
} catch (const std::exception& ex) {
string msg = folly::to<string>("Error adding certificate : ",
folly::exceptionStr(ex));
LOG(ERROR) << msg;
throw std::runtime_error(msg);
}
}
/* If called without arguments, listen for connections. Otherwise make a
* connection to the specified first argument.
*/
int main(int argc, char *argv[]) {
get_args(argc, argv);
SSL_load_error_strings();
ERR_load_BIO_strings();
ERR_load_SSL_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
int port = DFL_PORT;
if (prog_args.port != 0) {
if ((port = atoi(prog_args.port)) <= 0) {
fprintf(stderr, "%s: port must be positive integer\n",
prog_args.name);
exit(1);
}
}
/* Create and bind the socket.
*/
int s;
if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) {
perror("socket");
exit(1);
}
struct sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(port);
addr.sin_addr.s_addr = INADDR_ANY;
if (bind(s, (struct sockaddr *) &addr, sizeof(addr)) < 0) {
perror("bind");
exit(1);
}
printf("Attempting to create SSL context... ");
ctx = SSL_CTX_new(SSLv23_server_method());
if(ctx == NULL) {
printf("Failed. Aborting.\n");
return 0;
}
printf("\nLoading certificates...\n");
if(!SSL_CTX_use_certificate_file(ctx, CERT_FILE, SSL_FILETYPE_PEM)) {
ERR_print_errors_fp(stdout);
SSL_CTX_free(ctx);
return 0;
}
if(!SSL_CTX_use_PrivateKey_file(ctx, PRI_KEY, SSL_FILETYPE_PEM)) {
ERR_print_errors_fp(stdout);
SSL_CTX_free(ctx);
return 0;
}
SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY);
SSL_CTX_set_timeout(ctx, 6000);
ssl = SSL_new(ctx);
do_recv(s);
return 0;
}
SSL_CTX *uwsgi_ssl_new_server_context(char *name, char *crt, char *key, char *ciphers, char *client_ca) {
SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method());
if (!ctx) {
uwsgi_log("[uwsgi-ssl] unable to initialize context \"%s\"\n", name);
return NULL;
}
// this part is taken from nginx and stud, removing unneeded functionality
// stud (for me) has made the best choice on choosing DH approach
long ssloptions = SSL_OP_NO_SSLv2 | SSL_OP_ALL | SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION;
// disable compression (if possibile)
#ifdef SSL_OP_NO_COMPRESSION
ssloptions |= SSL_OP_NO_COMPRESSION;
#endif
// release/reuse buffers as soon as possibile
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(ctx, SSL_MODE_RELEASE_BUFFERS);
#endif
if (SSL_CTX_use_certificate_chain_file(ctx, crt) <= 0) {
uwsgi_log("[uwsgi-ssl] unable to assign certificate %s for context \"%s\"\n", crt, name);
SSL_CTX_free(ctx);
return NULL;
}
// this part is based from stud
BIO *bio = BIO_new_file(crt, "r");
if (bio) {
DH *dh = PEM_read_bio_DHparams(bio, NULL, NULL, NULL);
BIO_free(bio);
if (dh) {
SSL_CTX_set_tmp_dh(ctx, dh);
DH_free(dh);
#if OPENSSL_VERSION_NUMBER >= 0x0090800fL
#ifndef OPENSSL_NO_ECDH
#ifdef NID_X9_62_prime256v1
EC_KEY *ecdh = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1);
SSL_CTX_set_tmp_ecdh(ctx, ecdh);
EC_KEY_free(ecdh);
#endif
#endif
#endif
}
}
if (SSL_CTX_use_PrivateKey_file(ctx, key, SSL_FILETYPE_PEM) <= 0) {
uwsgi_log("[uwsgi-ssl] unable to assign key %s for context \"%s\"\n", key, name);
SSL_CTX_free(ctx);
return NULL;
}
// if ciphers are specified, prefer server ciphers
if (ciphers && strlen(ciphers) > 0) {
if (SSL_CTX_set_cipher_list(ctx, ciphers) == 0) {
uwsgi_log("[uwsgi-ssl] unable to set requested ciphers (%s) for context \"%s\"\n", ciphers, name);
SSL_CTX_free(ctx);
return NULL;
}
ssloptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;
}
// set session context (if possibile), this is required for client certificate authentication
if (name) {
SSL_CTX_set_session_id_context(ctx, (unsigned char *) name, strlen(name));
}
if (client_ca) {
if (client_ca[0] == '!') {
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, uwsgi_ssl_verify_callback);
client_ca++;
}
else {
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, uwsgi_ssl_verify_callback);
}
// in the future we should allow to set the verify depth
SSL_CTX_set_verify_depth(ctx, 1);
if (SSL_CTX_load_verify_locations(ctx, client_ca, NULL) == 0) {
uwsgi_log("[uwsgi-ssl] unable to set ssl verify locations (%s) for context \"%s\"\n", client_ca, name);
SSL_CTX_free(ctx);
return NULL;
}
STACK_OF(X509_NAME) * list = SSL_load_client_CA_file(client_ca);
if (!list) {
uwsgi_log("unable to load client CA certificate (%s) for context \"%s\"\n", client_ca, name);
SSL_CTX_free(ctx);
return NULL;
}
SSL_CTX_set_client_CA_list(ctx, list);
}
SSL_CTX_set_info_callback(ctx, uwsgi_ssl_info_cb);
#ifdef SSL_CTRL_SET_TLSEXT_HOSTNAME
SSL_CTX_set_tlsext_servername_callback(ctx, uwsgi_sni_cb);
#endif
// disable session caching by default
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
if (uwsgi.ssl_sessions_use_cache) {
// we need to early initialize locking and caching
uwsgi_setup_locking();
uwsgi_cache_create_all();
uwsgi.ssl_sessions_cache = uwsgi_cache_by_name(uwsgi.ssl_sessions_use_cache);
if (!uwsgi.ssl_sessions_cache) {
// check for default cache
if (!strcmp(uwsgi.ssl_sessions_use_cache, "true") && uwsgi.caches) {
uwsgi.ssl_sessions_cache = uwsgi.caches;
}
else {
uwsgi_log("unable to find cache \"%s\"\n", uwsgi.ssl_sessions_use_cache ? uwsgi.ssl_sessions_use_cache : "default");
exit(1);
}
}
if (!uwsgi.ssl_sessions_cache->max_items) {
uwsgi_log("you have to enable uWSGI cache to use it as SSL session store !!!\n");
exit(1);
}
if (uwsgi.ssl_sessions_cache->blocksize < 4096) {
uwsgi_log("cache blocksize for SSL session store must be at least 4096 bytes\n");
exit(1);
}
SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_SERVER|
SSL_SESS_CACHE_NO_INTERNAL|
SSL_SESS_CACHE_NO_AUTO_CLEAR);
#ifdef SSL_OP_NO_TICKET
ssloptions |= SSL_OP_NO_TICKET;
#endif
// just for fun
SSL_CTX_sess_set_cache_size(ctx, 0);
// set the callback for ssl sessions
SSL_CTX_sess_set_new_cb(ctx, uwsgi_ssl_session_new_cb);
SSL_CTX_sess_set_get_cb(ctx, uwsgi_ssl_session_get_cb);
SSL_CTX_sess_set_remove_cb(ctx, uwsgi_ssl_session_remove_cb);
}
SSL_CTX_set_timeout(ctx, uwsgi.ssl_sessions_timeout);
SSL_CTX_set_options(ctx, ssloptions);
return ctx;
}
TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *props)
{
long off = 0;
int cachable;
int scache_timeout;
SSL_CTX *client_ctx;
TLS_APPL_STATE *app_ctx;
int log_mask;
/*
* Convert user loglevel to internal logmask.
*/
log_mask = tls_log_mask(props->log_param, props->log_level);
if (log_mask & TLS_LOG_VERBOSE)
msg_info("initializing the client-side TLS engine");
/*
* Load (mostly cipher related) TLS-library internal main.cf parameters.
*/
tls_param_init();
/*
* Detect mismatch between compile-time headers and run-time library.
*/
tls_check_version();
/*
* Initialize the OpenSSL library by the book! To start with, we must
* initialize the algorithms. We want cleartext error messages instead of
* just error codes, so we load the error_strings.
*/
SSL_load_error_strings();
OpenSSL_add_ssl_algorithms();
/*
* Create an application data index for SSL objects, so that we can
* attach TLScontext information; this information is needed inside
* tls_verify_certificate_callback().
*/
if (TLScontext_index < 0) {
if ((TLScontext_index = SSL_get_ex_new_index(0, 0, 0, 0, 0)) < 0) {
msg_warn("Cannot allocate SSL application data index: "
"disabling TLS support");
return (0);
}
}
/*
* If the administrator specifies an unsupported digest algorithm, fail
* now, rather than in the middle of a TLS handshake.
*/
if (!tls_validate_digest(props->mdalg)) {
msg_warn("disabling TLS support");
return (0);
}
/*
* Initialize the PRNG (Pseudo Random Number Generator) with some seed
* from external and internal sources. Don't enable TLS without some real
* entropy.
*/
if (tls_ext_seed(var_tls_daemon_rand_bytes) < 0) {
msg_warn("no entropy for TLS key generation: disabling TLS support");
return (0);
}
tls_int_seed();
/*
* The SSL/TLS specifications require the client to send a message in the
* oldest specification it understands with the highest level it
* understands in the message. RFC2487 is only specified for TLSv1, but
* we want to be as compatible as possible, so we will start off with a
* SSLv2 greeting allowing the best we can offer: TLSv1. We can restrict
* this with the options setting later, anyhow.
*/
ERR_clear_error();
if ((client_ctx = SSL_CTX_new(SSLv23_client_method())) == 0) {
msg_warn("cannot allocate client SSL_CTX: disabling TLS support");
tls_print_errors();
return (0);
}
/*
* See the verify callback in tls_verify.c
*/
SSL_CTX_set_verify_depth(client_ctx, props->verifydepth + 1);
/*
* Protocol selection is destination dependent, so we delay the protocol
* selection options to the per-session SSL object.
*/
off |= tls_bug_bits();
SSL_CTX_set_options(client_ctx, off);
/*
* Set the call-back routine for verbose logging.
*/
if (log_mask & TLS_LOG_DEBUG)
SSL_CTX_set_info_callback(client_ctx, tls_info_callback);
/*
* Load the CA public key certificates for both the client cert and for
* the verification of server certificates. As provided by OpenSSL we
* support two types of CA certificate handling: One possibility is to
* add all CA certificates to one large CAfile, the other possibility is
* a directory pointed to by CApath, containing separate files for each
* CA with softlinks named after the hash values of the certificate. The
* first alternative has the advantage that the file is opened and read
* at startup time, so that you don't have the hassle to maintain another
* copy of the CApath directory for chroot-jail.
*/
if (tls_set_ca_certificate_info(client_ctx,
props->CAfile, props->CApath) < 0) {
/* tls_set_ca_certificate_info() already logs a warning. */
SSL_CTX_free(client_ctx); /* 200411 */
return (0);
}
/*
* We do not need a client certificate, so the certificates are only
* loaded (and checked) if supplied. A clever client would handle
* multiple client certificates and decide based on the list of
* acceptable CAs, sent by the server, which certificate to submit.
* OpenSSL does however not do this and also has no call-back hooks to
* easily implement it.
*
* Load the client public key certificate and private key from file and
* check whether the cert matches the key. We can use RSA certificates
* ("cert") DSA certificates ("dcert") or ECDSA certificates ("eccert").
* All three can be made available at the same time. The CA certificates
* for all three are handled in the same setup already finished. Which
* one is used depends on the cipher negotiated (that is: the first
* cipher listed by the client which does match the server). The client
* certificate is presented after the server chooses the session cipher,
* so we will just present the right cert for the chosen cipher (if it
* uses certificates).
*/
if (tls_set_my_certificate_key_info(client_ctx,
props->cert_file,
props->key_file,
props->dcert_file,
props->dkey_file,
props->eccert_file,
props->eckey_file) < 0) {
/* tls_set_my_certificate_key_info() already logs a warning. */
SSL_CTX_free(client_ctx); /* 200411 */
return (0);
}
/*
* According to the OpenSSL documentation, temporary RSA key is needed
* export ciphers are in use. We have to provide one, so well, we just do
* it.
*/
SSL_CTX_set_tmp_rsa_callback(client_ctx, tls_tmp_rsa_cb);
/*
* Finally, the setup for the server certificate checking, done "by the
* book".
*/
SSL_CTX_set_verify(client_ctx, SSL_VERIFY_NONE,
tls_verify_certificate_callback);
/*
* Initialize the session cache.
*
* Since the client does not search an internal cache, we simply disable it.
* It is only useful for expiring old sessions, but we do that in the
* tlsmgr(8).
*
* This makes SSL_CTX_remove_session() not useful for flushing broken
* sessions from the external cache, so we must delete them directly (not
* via a callback).
*/
if (tls_mgr_policy(props->cache_type, &cachable,
&scache_timeout) != TLS_MGR_STAT_OK)
scache_timeout = 0;
if (scache_timeout <= 0)
cachable = 0;
/*
* Allocate an application context, and populate with mandatory protocol
* and cipher data.
*/
app_ctx = tls_alloc_app_context(client_ctx, log_mask);
/*
* The external session cache is implemented by the tlsmgr(8) process.
*/
if (cachable) {
app_ctx->cache_type = mystrdup(props->cache_type);
/*
* OpenSSL does not use callbacks to load sessions from a client
* cache, so we must invoke that function directly. Apparently,
* OpenSSL does not provide a way to pass session names from here to
* call-back routines that do session lookup.
*
* OpenSSL can, however, automatically save newly created sessions for
* us by callback (we create the session name in the call-back
* function).
*
* XXX gcc 2.95 can't compile #ifdef .. #endif in the expansion of
* SSL_SESS_CACHE_CLIENT | SSL_SESS_CACHE_NO_INTERNAL_STORE |
* SSL_SESS_CACHE_NO_AUTO_CLEAR.
*/
#ifndef SSL_SESS_CACHE_NO_INTERNAL_STORE
#define SSL_SESS_CACHE_NO_INTERNAL_STORE 0
#endif
SSL_CTX_set_session_cache_mode(client_ctx,
SSL_SESS_CACHE_CLIENT |
SSL_SESS_CACHE_NO_INTERNAL_STORE |
SSL_SESS_CACHE_NO_AUTO_CLEAR);
SSL_CTX_sess_set_new_cb(client_ctx, new_client_session_cb);
/*
* OpenSSL ignores timed-out sessions. We need to set the internal
* cache timeout at least as high as the external cache timeout. This
* applies even if no internal cache is used. We set the session to
* twice the cache lifetime. This way a session always lasts longer
* than its lifetime in the cache.
*/
SSL_CTX_set_timeout(client_ctx, 2 * scache_timeout);
}
return (app_ctx);
}
int context_init(SERVICE_OPTIONS *section) { /* init SSL context */
/* create SSL context */
if(section->option.client)
section->ctx=SSL_CTX_new(section->client_method);
else /* server mode */
section->ctx=SSL_CTX_new(section->server_method);
if(!section->ctx) {
sslerror("SSL_CTX_new");
return 1; /* FAILED */
}
SSL_CTX_set_ex_data(section->ctx, opt_index, section); /* for callbacks */
/* load certificate and private key to be verified by the peer server */
#ifdef HAVE_OSSL_ENGINE_H
if(section->option.client && section->engine) {
if(SSL_CTX_set_client_cert_engine(section->ctx, section->engine))
s_log(LOG_INFO, "Client certificate engine (%s) enabled",
ENGINE_get_id(section->engine));
else /* no client certificate functionality in this engine */
sslerror("SSL_CTX_set_client_cert_engine"); /* ignore error */
}
#endif
if(load_cert(section))
return 1; /* FAILED */
/* initialize verification of the peer server certificate */
if(verify_init(section))
return 1; /* FAILED */
/* initialize DH/ECDH server mode */
if(!section->option.client) {
#ifndef OPENSSL_NO_TLSEXT
SSL_CTX_set_tlsext_servername_arg(section->ctx, section);
SSL_CTX_set_tlsext_servername_callback(section->ctx, servername_cb);
#endif /* OPENSSL_NO_TLSEXT */
#ifndef OPENSSL_NO_DH
init_dh(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_DH */
#ifndef OPENSSL_NO_ECDH
init_ecdh(section); /* ignore the result (errors are not critical) */
#endif /* OPENSSL_NO_ECDH */
}
/* setup session cache */
if(!section->option.client) {
unsigned int servname_len=strlen(section->servname);
if(servname_len>SSL_MAX_SSL_SESSION_ID_LENGTH)
servname_len=SSL_MAX_SSL_SESSION_ID_LENGTH;
if(!SSL_CTX_set_session_id_context(section->ctx,
(unsigned char *)section->servname, servname_len)) {
sslerror("SSL_CTX_set_session_id_context");
return 1; /* FAILED */
}
}
SSL_CTX_set_session_cache_mode(section->ctx, SSL_SESS_CACHE_BOTH);
SSL_CTX_sess_set_cache_size(section->ctx, section->session_size);
SSL_CTX_set_timeout(section->ctx, section->session_timeout);
if(section->option.sessiond) {
SSL_CTX_sess_set_new_cb(section->ctx, sess_new_cb);
SSL_CTX_sess_set_get_cb(section->ctx, sess_get_cb);
SSL_CTX_sess_set_remove_cb(section->ctx, sess_remove_cb);
}
/* set info callback */
SSL_CTX_set_info_callback(section->ctx, info_callback);
/* ciphers, options, mode */
if(section->cipher_list)
if(!SSL_CTX_set_cipher_list(section->ctx, section->cipher_list)) {
sslerror("SSL_CTX_set_cipher_list");
return 1; /* FAILED */
}
s_log(LOG_DEBUG, "SSL options set: 0x%08lX",
SSL_CTX_set_options(section->ctx, section->ssl_options));
#ifdef SSL_MODE_RELEASE_BUFFERS
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER |
SSL_MODE_RELEASE_BUFFERS);
#else
SSL_CTX_set_mode(section->ctx,
SSL_MODE_ENABLE_PARTIAL_WRITE |
SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
#endif
return 0; /* OK */
}
