/**
* @param len is the number of bytes to send, or 0 if buffer is a
* '\0'-terminated string so strlen(buffer) can used.
*/
int SendTransaction(const ConnectionInfo *conn_info,
const char *buffer, int len, char status)
{
assert(status == CF_MORE || status == CF_DONE);
char work[CF_BUFSIZE] = { 0 };
int ret;
if (len == 0)
{
len = strlen(buffer);
}
if (len > CF_BUFSIZE - CF_INBAND_OFFSET)
{
Log(LOG_LEVEL_ERR, "SendTransaction: len (%d) > %d - %d",
len, CF_BUFSIZE, CF_INBAND_OFFSET);
return -1;
}
snprintf(work, CF_INBAND_OFFSET, "%c %d", status, len);
memcpy(work + CF_INBAND_OFFSET, buffer, len);
Log(LOG_LEVEL_DEBUG, "SendTransaction header: %s", work);
LogRaw(LOG_LEVEL_DEBUG, "SendTransaction data: ",
work + CF_INBAND_OFFSET, len);
switch(ConnectionInfoProtocolVersion(conn_info))
{
case CF_PROTOCOL_CLASSIC:
ret = SendSocketStream(ConnectionInfoSocket(conn_info), work,
len + CF_INBAND_OFFSET);
break;
case CF_PROTOCOL_TLS:
ret = TLSSend(ConnectionInfoSSL(conn_info), work, len + CF_INBAND_OFFSET);
break;
default:
UnexpectedError("SendTransaction: ProtocolVersion %d!",
ConnectionInfoProtocolVersion(conn_info));
ret = -1;
}
if (ret == -1)
return -1;
else
return 0;
}
/**
* We directly initiate a TLS handshake with the server. If the server is old
* version (does not speak TLS) the connection will be denied.
* @note the socket file descriptor in #conn_info must be connected and *not*
* non-blocking
* @return -1 in case of error
*/
int TLSTry(ConnectionInfo *conn_info)
{
/* SSL Context might not be initialised up to now due to lack of keys, as
* they might be generated as part of the policy (e.g. failsafe.cf). */
if (!TLSClientInitialize())
{
return -1;
}
assert(SSLCLIENTCONTEXT != NULL && PRIVKEY != NULL && PUBKEY != NULL);
ConnectionInfoSetSSL(conn_info, SSL_new(SSLCLIENTCONTEXT));
SSL *ssl = ConnectionInfoSSL(conn_info);
if (ssl == NULL)
{
Log(LOG_LEVEL_ERR, "SSL_new: %s",
ERR_reason_error_string(ERR_get_error()));
return -1;
}
/* Pass conn_info inside the ssl struct for TLSVerifyCallback(). */
SSL_set_ex_data(ssl, CONNECTIONINFO_SSL_IDX, conn_info);
/* Initiate the TLS handshake over the already open TCP socket. */
SSL_set_fd(ssl, ConnectionInfoSocket(conn_info));
int ret = SSL_connect(ssl);
if (ret <= 0)
{
TLSLogError(ssl, LOG_LEVEL_ERR,
"Failed to establish TLS connection", ret);
return -1;
}
Log(LOG_LEVEL_VERBOSE, "TLS cipher negotiated: %s, %s",
SSL_get_cipher_name(ssl),
SSL_get_cipher_version(ssl));
Log(LOG_LEVEL_VERBOSE, "TLS session established, checking trust...");
return 0;
}
/**
* @brief Accept a TLS connection and authenticate and identify.
* @note Various fields in #conn are set, like username and keyhash.
*/
int ServerTLSSessionEstablish(ServerConnectionState *conn)
{
int ret;
if (ConnectionInfoConnectionStatus(conn->conn_info) != CF_CONNECTION_ESTABLISHED)
{
assert(ConnectionInfoSSL(conn->conn_info) == NULL);
SSL *ssl = SSL_new(SSLSERVERCONTEXT);
if (ssl == NULL)
{
Log(LOG_LEVEL_ERR, "SSL_new: %s",
TLSErrorString(ERR_get_error()));
return -1;
}
ConnectionInfoSetSSL(conn->conn_info, ssl);
/* Pass conn_info inside the ssl struct for TLSVerifyCallback(). */
SSL_set_ex_data(ssl, CONNECTIONINFO_SSL_IDX, conn->conn_info);
/* Now we are letting OpenSSL take over the open socket. */
SSL_set_fd(ssl, ConnectionInfoSocket(conn->conn_info));
ret = SSL_accept(ssl);
if (ret <= 0)
{
TLSLogError(ssl, LOG_LEVEL_ERR,
"Failed to accept TLS connection", ret);
return -1;
}
Log(LOG_LEVEL_VERBOSE, "TLS cipher negotiated: %s, %s",
SSL_get_cipher_name(ssl),
SSL_get_cipher_version(ssl));
Log(LOG_LEVEL_VERBOSE, "TLS session established, checking trust...");
/* Send/Receive "CFE_v%d" version string, agree on version, receive
identity (username) of peer. */
char username[sizeof(conn->username)] = "";
bool b = ServerIdentificationDialog(conn->conn_info,
username, sizeof(username));
if (b != true)
{
return -1;
}
/* We *now* (maybe a bit late) verify the key that the client sent us in
* the TLS handshake, since we need the username to do so. TODO in the
* future store keys irrelevant of username, so that we can match them
* before IDENTIFY. */
ret = TLSVerifyPeer(conn->conn_info, conn->ipaddr, username);
if (ret == -1) /* error */
{
return -1;
}
if (ret == 1) /* trusted key */
{
Log(LOG_LEVEL_VERBOSE,
"%s: Client is TRUSTED, public key MATCHES stored one.",
KeyPrintableHash(ConnectionInfoKey(conn->conn_info)));
}
if (ret == 0) /* untrusted key */
{
if ((SV.trustkeylist != NULL) &&
(IsMatchItemIn(SV.trustkeylist, conn->ipaddr)))
{
Log(LOG_LEVEL_VERBOSE,
"Peer was found in \"trustkeysfrom\" list");
Log(LOG_LEVEL_NOTICE, "Trusting new key: %s",
KeyPrintableHash(ConnectionInfoKey(conn->conn_info)));
SavePublicKey(username, KeyPrintableHash(conn->conn_info->remote_key),
KeyRSA(ConnectionInfoKey(conn->conn_info)));
}
else
{
Log(LOG_LEVEL_NOTICE,
"TRUST FAILED, peer presented an untrusted key, dropping connection!");
Log(LOG_LEVEL_VERBOSE,
"Add peer to \"trustkeysfrom\" if you really want to start trusting this new key.");
return -1;
}
}
/* All checks succeeded, set conn->uid (conn->sid for Windows)
* according to the received USERNAME identity. */
SetConnIdentity(conn, username);
/* No CAUTH, SAUTH in non-classic protocol. */
conn->user_data_set = 1;
conn->rsa_auth = 1;
LastSaw1(conn->ipaddr, KeyPrintableHash(ConnectionInfoKey(conn->conn_info)),
LAST_SEEN_ROLE_ACCEPT);
ServerSendWelcome(conn);
}
return 1;
}
/**
* @return 0 in case of socket closed, -1 in case of other error, or
* >0 the number of bytes read.
*/
int ReceiveTransaction(const ConnectionInfo *conn_info, char *buffer, int *more)
{
char proto[CF_INBAND_OFFSET + 1] = { 0 };
char status = 'x';
unsigned int len = 0;
int ret;
/* Get control channel. */
switch(ConnectionInfoProtocolVersion(conn_info))
{
case CF_PROTOCOL_CLASSIC:
ret = RecvSocketStream(ConnectionInfoSocket(conn_info), proto, CF_INBAND_OFFSET);
break;
case CF_PROTOCOL_TLS:
ret = TLSRecv(ConnectionInfoSSL(conn_info), proto, CF_INBAND_OFFSET);
break;
default:
UnexpectedError("ReceiveTransaction: ProtocolVersion %d!",
ConnectionInfoProtocolVersion(conn_info));
ret = -1;
}
if (ret == -1 || ret == 0)
return ret;
LogRaw(LOG_LEVEL_DEBUG, "ReceiveTransaction header: ", proto, ret);
ret = sscanf(proto, "%c %u", &status, &len);
if (ret != 2)
{
Log(LOG_LEVEL_ERR,
"ReceiveTransaction: Bad packet -- bogus header: %s", proto);
return -1;
}
if (len > CF_BUFSIZE - CF_INBAND_OFFSET)
{
Log(LOG_LEVEL_ERR,
"ReceiveTransaction: Bad packet -- too long (len=%d)", len);
return -1;
}
if (status != CF_MORE && status != CF_DONE)
{
Log(LOG_LEVEL_ERR,
"ReceiveTransaction: Bad packet -- bogus header (more='%c')",
status);
return -1;
}
if (more != NULL)
{
switch (status)
{
case CF_MORE:
*more = true;
break;
case CF_DONE:
*more = false;
break;
default:
ProgrammingError("Unreachable, "
"bogus headers have already been checked!");
}
}
/* Get data. */
switch(ConnectionInfoProtocolVersion(conn_info))
{
case CF_PROTOCOL_CLASSIC:
ret = RecvSocketStream(ConnectionInfoSocket(conn_info), buffer, len);
break;
case CF_PROTOCOL_TLS:
ret = TLSRecv(ConnectionInfoSSL(conn_info), buffer, len);
break;
default:
UnexpectedError("ReceiveTransaction: ProtocolVersion %d!",
ConnectionInfoProtocolVersion(conn_info));
ret = -1;
}
LogRaw(LOG_LEVEL_DEBUG, "ReceiveTransaction data: ", buffer, ret);
return ret;
}
