Update libressl README.DRAGONFLY for v2.4.4
[dragonfly.git] / crypto / libressl / tls / tls.c
CommitLineData
f5b1c8a1
JM
1/* $OpenBSD: tls.c,v 1.40 2016/07/06 16:16:36 jsing Exp $ */
2/*
3 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
4 *
5 * Permission to use, copy, modify, and distribute this software for any
6 * purpose with or without fee is hereby granted, provided that the above
7 * copyright notice and this permission notice appear in all copies.
8 *
9 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
10 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
11 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
12 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
13 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
14 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
15 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
16 */
17
18#include <sys/socket.h>
19
20#include <errno.h>
21#include <limits.h>
22#include <stdlib.h>
23#include <unistd.h>
24
25#include <openssl/bio.h>
26#include <openssl/err.h>
27#include <openssl/evp.h>
28#include <openssl/pem.h>
29#include <openssl/x509.h>
30
31#include <tls.h>
32#include "tls_internal.h"
33
34static struct tls_config *tls_config_default;
35
36int
37tls_init(void)
38{
39 static int tls_initialised = 0;
40
41 if (tls_initialised)
42 return (0);
43
44 SSL_load_error_strings();
45 SSL_library_init();
46
47 if (BIO_sock_init() != 1)
48 return (-1);
49
50 if ((tls_config_default = tls_config_new()) == NULL)
51 return (-1);
52
53 tls_initialised = 1;
54
55 return (0);
56}
57
58const char *
59tls_error(struct tls *ctx)
60{
61 return ctx->error.msg;
62}
63
64static int
65tls_error_vset(struct tls_error *error, int errnum, const char *fmt, va_list ap)
66{
67 char *errmsg = NULL;
68 int rv = -1;
69
70 free(error->msg);
71 error->msg = NULL;
72 error->num = errnum;
73
74 if (vasprintf(&errmsg, fmt, ap) == -1) {
75 errmsg = NULL;
76 goto err;
77 }
78
79 if (errnum == -1) {
80 error->msg = errmsg;
81 return (0);
82 }
83
84 if (asprintf(&error->msg, "%s: %s", errmsg, strerror(errnum)) == -1) {
85 error->msg = NULL;
86 goto err;
87 }
88 rv = 0;
89
90 err:
91 free(errmsg);
92
93 return (rv);
94}
95
96int
97tls_error_set(struct tls_error *error, const char *fmt, ...)
98{
99 va_list ap;
100 int errnum, rv;
101
102 errnum = errno;
103
104 va_start(ap, fmt);
105 rv = tls_error_vset(error, errnum, fmt, ap);
106 va_end(ap);
107
108 return (rv);
109}
110
111int
112tls_error_setx(struct tls_error *error, const char *fmt, ...)
113{
114 va_list ap;
115 int rv;
116
117 va_start(ap, fmt);
118 rv = tls_error_vset(error, -1, fmt, ap);
119 va_end(ap);
120
121 return (rv);
122}
123
124int
125tls_config_set_error(struct tls_config *config, const char *fmt, ...)
126{
127 va_list ap;
128 int errnum, rv;
129
130 errnum = errno;
131
132 va_start(ap, fmt);
133 rv = tls_error_vset(&config->error, errnum, fmt, ap);
134 va_end(ap);
135
136 return (rv);
137}
138
139int
140tls_config_set_errorx(struct tls_config *config, const char *fmt, ...)
141{
142 va_list ap;
143 int rv;
144
145 va_start(ap, fmt);
146 rv = tls_error_vset(&config->error, -1, fmt, ap);
147 va_end(ap);
148
149 return (rv);
150}
151
152int
153tls_set_error(struct tls *ctx, const char *fmt, ...)
154{
155 va_list ap;
156 int errnum, rv;
157
158 errnum = errno;
159
160 va_start(ap, fmt);
161 rv = tls_error_vset(&ctx->error, errnum, fmt, ap);
162 va_end(ap);
163
164 return (rv);
165}
166
167int
168tls_set_errorx(struct tls *ctx, const char *fmt, ...)
169{
170 va_list ap;
171 int rv;
172
173 va_start(ap, fmt);
174 rv = tls_error_vset(&ctx->error, -1, fmt, ap);
175 va_end(ap);
176
177 return (rv);
178}
179
180struct tls *
181tls_new(void)
182{
183 struct tls *ctx;
184
185 if ((ctx = calloc(1, sizeof(*ctx))) == NULL)
186 return (NULL);
187
188 ctx->config = tls_config_default;
189
190 tls_reset(ctx);
191
192 return (ctx);
193}
194
195int
196tls_configure(struct tls *ctx, struct tls_config *config)
197{
198 if (config == NULL)
199 config = tls_config_default;
200
201 ctx->config = config;
202
203 if ((ctx->flags & TLS_SERVER) != 0)
204 return (tls_configure_server(ctx));
205
206 return (0);
207}
208
209int
210tls_configure_keypair(struct tls *ctx, SSL_CTX *ssl_ctx,
211 struct tls_keypair *keypair, int required)
212{
213 EVP_PKEY *pkey = NULL;
214 X509 *cert = NULL;
215 BIO *bio = NULL;
216
217 if (!required &&
218 keypair->cert_mem == NULL &&
219 keypair->key_mem == NULL &&
220 keypair->cert_file == NULL &&
221 keypair->key_file == NULL)
222 return(0);
223
224 if (keypair->cert_mem != NULL) {
225 if (keypair->cert_len > INT_MAX) {
226 tls_set_errorx(ctx, "certificate too long");
227 goto err;
228 }
229
230 if (SSL_CTX_use_certificate_chain_mem(ssl_ctx,
231 keypair->cert_mem, keypair->cert_len) != 1) {
232 tls_set_errorx(ctx, "failed to load certificate");
233 goto err;
234 }
235 cert = NULL;
236 }
237 if (keypair->key_mem != NULL) {
238 if (keypair->key_len > INT_MAX) {
239 tls_set_errorx(ctx, "key too long");
240 goto err;
241 }
242
243 if ((bio = BIO_new_mem_buf(keypair->key_mem,
244 keypair->key_len)) == NULL) {
245 tls_set_errorx(ctx, "failed to create buffer");
246 goto err;
247 }
248 if ((pkey = PEM_read_bio_PrivateKey(bio, NULL, NULL,
249 NULL)) == NULL) {
250 tls_set_errorx(ctx, "failed to read private key");
251 goto err;
252 }
253 if (SSL_CTX_use_PrivateKey(ssl_ctx, pkey) != 1) {
254 tls_set_errorx(ctx, "failed to load private key");
255 goto err;
256 }
257 BIO_free(bio);
258 bio = NULL;
259 EVP_PKEY_free(pkey);
260 pkey = NULL;
261 }
262
263 if (keypair->cert_file != NULL) {
264 if (SSL_CTX_use_certificate_chain_file(ssl_ctx,
265 keypair->cert_file) != 1) {
266 tls_set_errorx(ctx, "failed to load certificate file");
267 goto err;
268 }
269 }
270 if (keypair->key_file != NULL) {
271 if (SSL_CTX_use_PrivateKey_file(ssl_ctx,
272 keypair->key_file, SSL_FILETYPE_PEM) != 1) {
273 tls_set_errorx(ctx, "failed to load private key file");
274 goto err;
275 }
276 }
277
278 if (SSL_CTX_check_private_key(ssl_ctx) != 1) {
279 tls_set_errorx(ctx, "private/public key mismatch");
280 goto err;
281 }
282
283 return (0);
284
285 err:
286 EVP_PKEY_free(pkey);
287 X509_free(cert);
288 BIO_free(bio);
289
290 return (1);
291}
292
293int
294tls_configure_ssl(struct tls *ctx)
295{
296 SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ENABLE_PARTIAL_WRITE);
297 SSL_CTX_set_mode(ctx->ssl_ctx, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
298
299 SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv2);
300 SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_SSLv3);
301
302 SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
303 SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
304 SSL_CTX_clear_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
305
306 if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_0) == 0)
307 SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1);
308 if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_1) == 0)
309 SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_1);
310 if ((ctx->config->protocols & TLS_PROTOCOL_TLSv1_2) == 0)
311 SSL_CTX_set_options(ctx->ssl_ctx, SSL_OP_NO_TLSv1_2);
312
313 if (ctx->config->ciphers != NULL) {
314 if (SSL_CTX_set_cipher_list(ctx->ssl_ctx,
315 ctx->config->ciphers) != 1) {
316 tls_set_errorx(ctx, "failed to set ciphers");
317 goto err;
318 }
319 }
320
321 if (ctx->config->verify_time == 0) {
322 X509_VERIFY_PARAM_set_flags(ctx->ssl_ctx->param,
323 X509_V_FLAG_NO_CHECK_TIME);
324 }
325
326 return (0);
327
328 err:
329 return (-1);
330}
331
332int
333tls_configure_ssl_verify(struct tls *ctx, int verify)
334{
335 SSL_CTX_set_verify(ctx->ssl_ctx, verify, NULL);
336
337 if (ctx->config->ca_mem != NULL) {
338 /* XXX do this in set. */
339 if (ctx->config->ca_len > INT_MAX) {
340 tls_set_errorx(ctx, "ca too long");
341 goto err;
342 }
343 if (SSL_CTX_load_verify_mem(ctx->ssl_ctx,
344 ctx->config->ca_mem, ctx->config->ca_len) != 1) {
345 tls_set_errorx(ctx, "ssl verify memory setup failure");
346 goto err;
347 }
348 } else if (SSL_CTX_load_verify_locations(ctx->ssl_ctx,
349 ctx->config->ca_file, ctx->config->ca_path) != 1) {
350 tls_set_errorx(ctx, "ssl verify setup failure");
351 goto err;
352 }
353 if (ctx->config->verify_depth >= 0)
354 SSL_CTX_set_verify_depth(ctx->ssl_ctx,
355 ctx->config->verify_depth);
356
357 return (0);
358
359 err:
360 return (-1);
361}
362
363void
364tls_free(struct tls *ctx)
365{
366 if (ctx == NULL)
367 return;
368 tls_reset(ctx);
369 free(ctx);
370}
371
372void
373tls_reset(struct tls *ctx)
374{
375 SSL_CTX_free(ctx->ssl_ctx);
376 SSL_free(ctx->ssl_conn);
377 X509_free(ctx->ssl_peer_cert);
378
379 ctx->ssl_conn = NULL;
380 ctx->ssl_ctx = NULL;
381 ctx->ssl_peer_cert = NULL;
382
383 ctx->socket = -1;
384 ctx->state = 0;
385
386 free(ctx->servername);
387 ctx->servername = NULL;
388
389 free(ctx->error.msg);
390 ctx->error.msg = NULL;
391 ctx->error.num = -1;
392
393 tls_free_conninfo(ctx->conninfo);
394 free(ctx->conninfo);
395 ctx->conninfo = NULL;
396}
397
398int
399tls_ssl_error(struct tls *ctx, SSL *ssl_conn, int ssl_ret, const char *prefix)
400{
401 const char *errstr = "unknown error";
402 unsigned long err;
403 int ssl_err;
404
405 ssl_err = SSL_get_error(ssl_conn, ssl_ret);
406 switch (ssl_err) {
407 case SSL_ERROR_NONE:
408 case SSL_ERROR_ZERO_RETURN:
409 return (0);
410
411 case SSL_ERROR_WANT_READ:
412 return (TLS_WANT_POLLIN);
413
414 case SSL_ERROR_WANT_WRITE:
415 return (TLS_WANT_POLLOUT);
416
417 case SSL_ERROR_SYSCALL:
418 if ((err = ERR_peek_error()) != 0) {
419 errstr = ERR_error_string(err, NULL);
420 } else if (ssl_ret == 0) {
421 if ((ctx->state & TLS_HANDSHAKE_COMPLETE) != 0) {
422 ctx->state |= TLS_EOF_NO_CLOSE_NOTIFY;
423 return (0);
424 }
425 errstr = "unexpected EOF";
426 } else if (ssl_ret == -1) {
427 errstr = strerror(errno);
428 }
429 tls_set_errorx(ctx, "%s failed: %s", prefix, errstr);
430 return (-1);
431
432 case SSL_ERROR_SSL:
433 if ((err = ERR_peek_error()) != 0) {
434 errstr = ERR_error_string(err, NULL);
435 }
436 tls_set_errorx(ctx, "%s failed: %s", prefix, errstr);
437 return (-1);
438
439 case SSL_ERROR_WANT_CONNECT:
440 case SSL_ERROR_WANT_ACCEPT:
441 case SSL_ERROR_WANT_X509_LOOKUP:
442 default:
443 tls_set_errorx(ctx, "%s failed (%i)", prefix, ssl_err);
444 return (-1);
445 }
446}
447
448int
449tls_handshake(struct tls *ctx)
450{
451 int rv = -1;
452
453 if ((ctx->flags & (TLS_CLIENT | TLS_SERVER_CONN)) == 0) {
454 tls_set_errorx(ctx, "invalid operation for context");
455 goto out;
456 }
457
458 if (ctx->conninfo == NULL &&
459 (ctx->conninfo = calloc(1, sizeof(*ctx->conninfo))) == NULL)
460 goto out;
461
462 if ((ctx->flags & TLS_CLIENT) != 0)
463 rv = tls_handshake_client(ctx);
464 else if ((ctx->flags & TLS_SERVER_CONN) != 0)
465 rv = tls_handshake_server(ctx);
466
467 if (rv == 0) {
468 ctx->ssl_peer_cert = SSL_get_peer_certificate(ctx->ssl_conn);
469 if (tls_get_conninfo(ctx) == -1)
470 rv = -1;
471 }
472 out:
473 /* Prevent callers from performing incorrect error handling */
474 errno = 0;
475 return (rv);
476}
477
478ssize_t
479tls_read(struct tls *ctx, void *buf, size_t buflen)
480{
481 ssize_t rv = -1;
482 int ssl_ret;
483
484 if ((ctx->state & TLS_HANDSHAKE_COMPLETE) == 0) {
485 if ((rv = tls_handshake(ctx)) != 0)
486 goto out;
487 }
488
489 if (buflen > INT_MAX) {
490 tls_set_errorx(ctx, "buflen too long");
491 goto out;
492 }
493
494 ERR_clear_error();
495 if ((ssl_ret = SSL_read(ctx->ssl_conn, buf, buflen)) > 0) {
496 rv = (ssize_t)ssl_ret;
497 goto out;
498 }
499 rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "read");
500
501 out:
502 /* Prevent callers from performing incorrect error handling */
503 errno = 0;
504 return (rv);
505}
506
507ssize_t
508tls_write(struct tls *ctx, const void *buf, size_t buflen)
509{
510 ssize_t rv = -1;
511 int ssl_ret;
512
513 if ((ctx->state & TLS_HANDSHAKE_COMPLETE) == 0) {
514 if ((rv = tls_handshake(ctx)) != 0)
515 goto out;
516 }
517
518 if (buflen > INT_MAX) {
519 tls_set_errorx(ctx, "buflen too long");
520 goto out;
521 }
522
523 ERR_clear_error();
524 if ((ssl_ret = SSL_write(ctx->ssl_conn, buf, buflen)) > 0) {
525 rv = (ssize_t)ssl_ret;
526 goto out;
527 }
528 rv = (ssize_t)tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "write");
529
530 out:
531 /* Prevent callers from performing incorrect error handling */
532 errno = 0;
533 return (rv);
534}
535
536int
537tls_close(struct tls *ctx)
538{
539 int ssl_ret;
540 int rv = 0;
541
542 if ((ctx->flags & (TLS_CLIENT | TLS_SERVER_CONN)) == 0) {
543 tls_set_errorx(ctx, "invalid operation for context");
544 rv = -1;
545 goto out;
546 }
547
548 if (ctx->ssl_conn != NULL) {
549 ERR_clear_error();
550 ssl_ret = SSL_shutdown(ctx->ssl_conn);
551 if (ssl_ret < 0) {
552 rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret,
553 "shutdown");
554 if (rv == TLS_WANT_POLLIN || rv == TLS_WANT_POLLOUT)
555 goto out;
556 }
557 }
558
559 if (ctx->socket != -1) {
560 if (shutdown(ctx->socket, SHUT_RDWR) != 0) {
561 if (rv == 0 &&
562 errno != ENOTCONN && errno != ECONNRESET) {
563 tls_set_error(ctx, "shutdown");
564 rv = -1;
565 }
566 }
567 if (close(ctx->socket) != 0) {
568 if (rv == 0) {
569 tls_set_error(ctx, "close");
570 rv = -1;
571 }
572 }
573 ctx->socket = -1;
574 }
575
576 if ((ctx->state & TLS_EOF_NO_CLOSE_NOTIFY) != 0) {
577 tls_set_errorx(ctx, "EOF without close notify");
578 rv = -1;
579 }
580
581 out:
582 /* Prevent callers from performing incorrect error handling */
583 errno = 0;
584 return (rv);
585}