1/* ==================================================================== 2 * Licensed to the Apache Software Foundation (ASF) under one 3 * or more contributor license agreements. See the NOTICE file 4 * distributed with this work for additional information 5 * regarding copyright ownership. The ASF licenses this file 6 * to you under the Apache License, Version 2.0 (the 7 * "License"); you may not use this file except in compliance 8 * with the License. You may obtain a copy of the License at 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, 13 * software distributed under the License is distributed on an 14 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 * KIND, either express or implied. See the License for the 16 * specific language governing permissions and limitations 17 * under the License. 18 * ==================================================================== 19 * 20 * ---- 21 * 22 * Originally developed by Aaron Bannert and Justin Erenkrantz, eBuilt. 23 */ 24 25#include <apr_pools.h> 26#include <apr_network_io.h> 27#include <apr_portable.h> 28#include <apr_strings.h> 29#include <apr_base64.h> 30#include <apr_version.h> 31#include <apr_atomic.h> 32 33#include "serf.h" 34#include "serf_private.h" 35#include "serf_bucket_util.h" 36 37#include <openssl/bio.h> 38#include <openssl/ssl.h> 39#include <openssl/err.h> 40#include <openssl/pkcs12.h> 41#include <openssl/x509v3.h> 42 43#ifndef APR_VERSION_AT_LEAST /* Introduced in APR 1.3.0 */ 44#define APR_VERSION_AT_LEAST(major,minor,patch) \ 45 (((major) < APR_MAJOR_VERSION) \ 46 || ((major) == APR_MAJOR_VERSION && (minor) < APR_MINOR_VERSION) \ 47 || ((major) == APR_MAJOR_VERSION && (minor) == APR_MINOR_VERSION && \ 48 (patch) <= APR_PATCH_VERSION)) 49#endif /* APR_VERSION_AT_LEAST */ 50 51#ifndef APR_ARRAY_PUSH 52#define APR_ARRAY_PUSH(ary,type) (*((type *)apr_array_push(ary))) 53#endif 54 55#if defined(OPENSSL_VERSION_NUMBER) && OPENSSL_VERSION_NUMBER >= 0x10100000L 56#define USE_OPENSSL_1_1_API 57#endif 58 59 60/* 61 * Here's an overview of the SSL bucket's relationship to OpenSSL and serf. 62 * 63 * HTTP request: SSLENCRYPT(REQUEST) 64 * [context.c reads from SSLENCRYPT and writes out to the socket] 65 * HTTP response: RESPONSE(SSLDECRYPT(SOCKET)) 66 * [handler function reads from RESPONSE which in turn reads from SSLDECRYPT] 67 * 68 * HTTP request read call path: 69 * 70 * write_to_connection 71 * |- serf_bucket_read on SSLENCRYPT 72 * |- serf_ssl_read 73 * |- serf_databuf_read 74 * |- common_databuf_prep 75 * |- ssl_encrypt 76 * |- 1. Try to read pending encrypted data; If available, return. 77 * |- 2. Try to read from ctx->stream [REQUEST bucket] 78 * |- 3. Call SSL_write with read data 79 * |- ... 80 * |- bio_bucket_read can be called 81 * |- bio_bucket_write with encrypted data 82 * |- store in sink 83 * |- 4. If successful, read pending encrypted data and return. 84 * |- 5. If fails, place read data back in ctx->stream 85 * 86 * HTTP response read call path: 87 * 88 * read_from_connection 89 * |- acceptor 90 * |- handler 91 * |- ... 92 * |- serf_bucket_read(SSLDECRYPT) 93 * |- serf_ssl_read 94 * |- serf_databuf_read 95 * |- ssl_decrypt 96 * |- 1. SSL_read() for pending decrypted data; if any, return. 97 * |- 2. Try to read from ctx->stream [SOCKET bucket] 98 * |- 3. Append data to ssl_ctx->source 99 * |- 4. Call SSL_read() 100 * |- ... 101 * |- bio_bucket_write can be called 102 * |- bio_bucket_read 103 * |- read data from ssl_ctx->source 104 * |- If data read, return it. 105 * |- If an error, set the STATUS value and return. 106 * 107 */ 108 109typedef struct bucket_list { 110 serf_bucket_t *bucket; 111 struct bucket_list *next; 112} bucket_list_t; 113 114typedef struct { 115 /* Helper to read data. Wraps stream. */ 116 serf_databuf_t databuf; 117 118 /* Our source for more data. */ 119 serf_bucket_t *stream; 120 121 /* The next set of buckets */ 122 bucket_list_t *stream_next; 123 124 /* The status of the last thing we read. */ 125 apr_status_t status; 126 apr_status_t exhausted; 127 int exhausted_reset; 128 129 /* Data we've read but not processed. */ 130 serf_bucket_t *pending; 131} serf_ssl_stream_t; 132 133struct serf_ssl_context_t { 134 /* How many open buckets refer to this context. */ 135 int refcount; 136 137 /* The pool that this context uses. */ 138 apr_pool_t *pool; 139 140 /* The allocator associated with the above pool. */ 141 serf_bucket_alloc_t *allocator; 142 143 /* Internal OpenSSL parameters */ 144 SSL_CTX *ctx; 145 SSL *ssl; 146 BIO *bio; 147 BIO_METHOD *biom; 148 149 serf_ssl_stream_t encrypt; 150 serf_ssl_stream_t decrypt; 151 152 /* Client cert callbacks */ 153 serf_ssl_need_client_cert_t cert_callback; 154 void *cert_userdata; 155 apr_pool_t *cert_cache_pool; 156 const char *cert_file_success; 157 158 /* Client cert PW callbacks */ 159 serf_ssl_need_cert_password_t cert_pw_callback; 160 void *cert_pw_userdata; 161 apr_pool_t *cert_pw_cache_pool; 162 const char *cert_pw_success; 163 164 /* Server cert callbacks */ 165 serf_ssl_need_server_cert_t server_cert_callback; 166 serf_ssl_server_cert_chain_cb_t server_cert_chain_callback; 167 void *server_cert_userdata; 168 169 const char *cert_path; 170 171 X509 *cached_cert; 172 EVP_PKEY *cached_cert_pw; 173 174 apr_status_t pending_err; 175 176 /* Status of a fatal error, returned on subsequent encrypt or decrypt 177 requests. */ 178 apr_status_t fatal_err; 179}; 180 181typedef struct { 182 /* The bucket-independent ssl context that this bucket is associated with */ 183 serf_ssl_context_t *ssl_ctx; 184 185 /* Pointer to the 'right' databuf. */ 186 serf_databuf_t *databuf; 187 188 /* Pointer to our stream, so we can find it later. */ 189 serf_bucket_t **our_stream; 190} ssl_context_t; 191 192struct serf_ssl_certificate_t { 193 X509 *ssl_cert; 194 int depth; 195}; 196 197static void disable_compression(serf_ssl_context_t *ssl_ctx); 198static char * 199 pstrdup_escape_nul_bytes(const char *buf, int len, apr_pool_t *pool); 200 201#if SSL_VERBOSE 202/* Log all ssl alerts that we receive from the server. */ 203static void 204apps_ssl_info_callback(const SSL *s, int where, int ret) 205{ 206 const char *str; 207 int w; 208 w = where & ~SSL_ST_MASK; 209 210 if (w & SSL_ST_CONNECT) 211 str = "SSL_connect"; 212 else if (w & SSL_ST_ACCEPT) 213 str = "SSL_accept"; 214 else 215 str = "undefined"; 216 217 if (where & SSL_CB_LOOP) { 218 serf__log(SSL_VERBOSE, __FILE__, "%s:%s\n", str, 219 SSL_state_string_long(s)); 220 } 221 else if (where & SSL_CB_ALERT) { 222 str = (where & SSL_CB_READ) ? "read" : "write"; 223 serf__log(SSL_VERBOSE, __FILE__, "SSL3 alert %s:%s:%s\n", 224 str, 225 SSL_alert_type_string_long(ret), 226 SSL_alert_desc_string_long(ret)); 227 } 228 else if (where & SSL_CB_EXIT) { 229 if (ret == 0) 230 serf__log(SSL_VERBOSE, __FILE__, "%s:failed in %s\n", str, 231 SSL_state_string_long(s)); 232 else if (ret < 0) { 233 serf__log(SSL_VERBOSE, __FILE__, "%s:error in %s\n", str, 234 SSL_state_string_long(s)); 235 } 236 } 237} 238#endif 239 240static void bio_set_data(BIO *bio, void *data) 241{ 242#ifdef USE_OPENSSL_1_1_API 243 BIO_set_data(bio, data); 244#else 245 bio->ptr = data; 246#endif 247} 248 249static void *bio_get_data(BIO *bio) 250{ 251#ifdef USE_OPENSSL_1_1_API 252 return BIO_get_data(bio); 253#else 254 return bio->ptr; 255#endif 256} 257 258/* Returns the amount read. */ 259static int bio_bucket_read(BIO *bio, char *in, int inlen) 260{ 261 serf_ssl_context_t *ctx = bio_get_data(bio); 262 const char *data; 263 apr_status_t status; 264 apr_size_t len; 265 266 serf__log(SSL_VERBOSE, __FILE__, "bio_bucket_read called for %d bytes\n", 267 inlen); 268 269 if (ctx->encrypt.status == SERF_ERROR_WAIT_CONN 270 && BIO_should_read(ctx->bio)) { 271 serf__log(SSL_VERBOSE, __FILE__, 272 "bio_bucket_read waiting: (%d %d %d)\n", 273 BIO_should_retry(ctx->bio), BIO_should_read(ctx->bio), 274 BIO_get_retry_flags(ctx->bio)); 275 /* Falling back... */ 276 ctx->encrypt.exhausted_reset = 1; 277 BIO_clear_retry_flags(bio); 278 } 279 280 status = serf_bucket_read(ctx->decrypt.pending, inlen, &data, &len); 281 282 ctx->decrypt.status = status; 283 284 serf__log(SSL_VERBOSE, __FILE__, "bio_bucket_read received %d bytes (%d)\n", 285 len, status); 286 287 if (!SERF_BUCKET_READ_ERROR(status)) { 288 /* Oh suck. */ 289 if (len) { 290 memcpy(in, data, len); 291 return len; 292 } 293 if (APR_STATUS_IS_EOF(status)) { 294 BIO_set_retry_read(bio); 295 return -1; 296 } 297 } 298 299 return -1; 300} 301 302/* Returns the amount written. */ 303static int bio_bucket_write(BIO *bio, const char *in, int inl) 304{ 305 serf_ssl_context_t *ctx = bio_get_data(bio); 306 serf_bucket_t *tmp; 307 308 serf__log(SSL_VERBOSE, __FILE__, "bio_bucket_write called for %d bytes\n", 309 inl); 310 311 if (ctx->encrypt.status == SERF_ERROR_WAIT_CONN 312 && !BIO_should_read(ctx->bio)) { 313 serf__log(SSL_VERBOSE, __FILE__, 314 "bio_bucket_write waiting: (%d %d %d)\n", 315 BIO_should_retry(ctx->bio), BIO_should_read(ctx->bio), 316 BIO_get_retry_flags(ctx->bio)); 317 /* Falling back... */ 318 ctx->encrypt.exhausted_reset = 1; 319 BIO_clear_retry_flags(bio); 320 } 321 322 tmp = serf_bucket_simple_copy_create(in, inl, 323 ctx->encrypt.pending->allocator); 324 325 serf_bucket_aggregate_append(ctx->encrypt.pending, tmp); 326 327 return inl; 328} 329 330/* Returns the amount read. */ 331static int bio_file_read(BIO *bio, char *in, int inlen) 332{ 333 apr_file_t *file = bio_get_data(bio); 334 apr_status_t status; 335 apr_size_t len; 336 337 len = inlen; 338 status = apr_file_read(file, in, &len); 339 340 if (!SERF_BUCKET_READ_ERROR(status)) { 341 /* Oh suck. */ 342 if (APR_STATUS_IS_EOF(status)) { 343 return -1; 344 } else { 345 return len; 346 } 347 } 348 349 return -1; 350} 351 352/* Returns the amount written. */ 353static int bio_file_write(BIO *bio, const char *in, int inl) 354{ 355 apr_file_t *file = bio_get_data(bio); 356 apr_size_t nbytes; 357 358 BIO_clear_retry_flags(bio); 359 360 nbytes = inl; 361 apr_file_write(file, in, &nbytes); 362 363 return nbytes; 364} 365 366static int bio_file_gets(BIO *bio, char *in, int inlen) 367{ 368 apr_file_t *file = bio_get_data(bio); 369 apr_status_t status; 370 371 status = apr_file_gets(in, inlen, file); 372 373 if (! status) { 374 return (int)strlen(in); 375 } else if (APR_STATUS_IS_EOF(status)) { 376 return 0; 377 } else { 378 return -1; /* Signal generic error */ 379 } 380} 381 382static int bio_bucket_create(BIO *bio) 383{ 384#ifdef USE_OPENSSL_1_1_API 385 BIO_set_shutdown(bio, 1); 386 BIO_set_init(bio, 1); 387 BIO_set_data(bio, NULL); 388#else 389 bio->shutdown = 1; 390 bio->init = 1; 391 bio->num = -1; 392 bio->ptr = NULL; 393#endif 394 395 return 1; 396} 397 398static int bio_bucket_destroy(BIO *bio) 399{ 400 /* Did we already free this? */ 401 if (bio == NULL) { 402 return 0; 403 } 404 405 return 1; 406} 407 408static long bio_bucket_ctrl(BIO *bio, int cmd, long num, void *ptr) 409{ 410 long ret = 1; 411 412 switch (cmd) { 413 default: 414 /* abort(); */ 415 break; 416 case BIO_CTRL_FLUSH: 417 /* At this point we can't force a flush. */ 418 break; 419 case BIO_CTRL_PUSH: 420 case BIO_CTRL_POP: 421 ret = 0; 422 break; 423 } 424 return ret; 425} 426 427#ifndef USE_OPENSSL_1_1_API 428static BIO_METHOD bio_bucket_method = { 429 BIO_TYPE_MEM, 430 "Serf SSL encryption and decryption buckets", 431 bio_bucket_write, 432 bio_bucket_read, 433 NULL, /* Is this called? */ 434 NULL, /* Is this called? */ 435 bio_bucket_ctrl, 436 bio_bucket_create, 437 bio_bucket_destroy, 438#ifdef OPENSSL_VERSION_NUMBER 439 NULL /* sslc does not have the callback_ctrl field */ 440#endif 441}; 442 443static BIO_METHOD bio_file_method = { 444 BIO_TYPE_FILE, 445 "Wrapper around APR file structures", 446 bio_file_write, 447 bio_file_read, 448 NULL, /* Is this called? */ 449 bio_file_gets, /* Is this called? */ 450 bio_bucket_ctrl, 451 bio_bucket_create, 452 bio_bucket_destroy, 453#ifdef OPENSSL_VERSION_NUMBER 454 NULL /* sslc does not have the callback_ctrl field */ 455#endif 456}; 457#endif 458 459static BIO_METHOD *bio_meth_bucket_new(void) 460{ 461 BIO_METHOD *biom = NULL; 462 463#ifdef USE_OPENSSL_1_1_API 464 biom = BIO_meth_new(BIO_TYPE_MEM, 465 "Serf SSL encryption and decryption buckets"); 466 if (biom) { 467 BIO_meth_set_write(biom, bio_bucket_write); 468 BIO_meth_set_read(biom, bio_bucket_read); 469 BIO_meth_set_ctrl(biom, bio_bucket_ctrl); 470 BIO_meth_set_create(biom, bio_bucket_create); 471 BIO_meth_set_destroy(biom, bio_bucket_destroy); 472 } 473#else 474 biom = &bio_bucket_method; 475#endif 476 477 return biom; 478} 479 480static BIO_METHOD *bio_meth_file_new(void) 481{ 482 BIO_METHOD *biom = NULL; 483 484#ifdef USE_OPENSSL_1_1_API 485 biom = BIO_meth_new(BIO_TYPE_FILE, 486 "Wrapper around APR file structures"); 487 BIO_meth_set_write(biom, bio_file_write); 488 BIO_meth_set_read(biom, bio_file_read); 489 BIO_meth_set_gets(biom, bio_file_gets); 490 BIO_meth_set_ctrl(biom, bio_bucket_ctrl); 491 BIO_meth_set_create(biom, bio_bucket_create); 492 BIO_meth_set_destroy(biom, bio_bucket_destroy); 493#else 494 biom = &bio_file_method; 495#endif 496 497 return biom; 498} 499 500static void bio_meth_free(BIO_METHOD *biom) 501{ 502#ifdef USE_OPENSSL_1_1_API 503 BIO_meth_free(biom); 504#endif 505} 506 507typedef enum san_copy_t { 508 EscapeNulAndCopy = 0, 509 ErrorOnNul = 1, 510} san_copy_t; 511 512 513static apr_status_t 514get_subject_alt_names(apr_array_header_t **san_arr, X509 *ssl_cert, 515 san_copy_t copy_action, apr_pool_t *pool) 516{ 517 STACK_OF(GENERAL_NAME) *names; 518 519 /* assert: copy_action == ErrorOnNul || (san_arr && pool) */ 520 521 if (san_arr) { 522 *san_arr = NULL; 523 } 524 525 /* Get subjectAltNames */ 526 names = X509_get_ext_d2i(ssl_cert, NID_subject_alt_name, NULL, NULL); 527 if (names) { 528 int names_count = sk_GENERAL_NAME_num(names); 529 int name_idx; 530 531 if (san_arr) 532 *san_arr = apr_array_make(pool, names_count, sizeof(char*)); 533 for (name_idx = 0; name_idx < names_count; name_idx++) { 534 char *p = NULL; 535 GENERAL_NAME *nm = sk_GENERAL_NAME_value(names, name_idx); 536 537 switch (nm->type) { 538 case GEN_DNS: 539 if (copy_action == ErrorOnNul && 540 strlen(nm->d.ia5->data) != nm->d.ia5->length) 541 return SERF_ERROR_SSL_CERT_FAILED; 542 if (san_arr && *san_arr) 543 p = pstrdup_escape_nul_bytes((const char *)nm->d.ia5->data, 544 nm->d.ia5->length, 545 pool); 546 break; 547 default: 548 /* Don't know what to do - skip. */ 549 break; 550 } 551 552 if (p) { 553 APR_ARRAY_PUSH(*san_arr, char*) = p; 554 } 555 } 556 sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free); 557 } 558 559 return APR_SUCCESS; 560} 561 562static apr_status_t validate_cert_hostname(X509 *server_cert, apr_pool_t *pool) 563{ 564 char buf[1024]; 565 int length; 566 apr_status_t ret; 567 568 ret = get_subject_alt_names(NULL, server_cert, ErrorOnNul, NULL); 569 if (ret) { 570 return ret; 571 } else { 572 /* Fail if the subject's CN field contains \0 characters. */ 573 X509_NAME *subject = X509_get_subject_name(server_cert); 574 if (!subject) 575 return SERF_ERROR_SSL_CERT_FAILED; 576 577 length = X509_NAME_get_text_by_NID(subject, NID_commonName, buf, 1024); 578 if (length != -1) 579 if (strlen(buf) != length) 580 return SERF_ERROR_SSL_CERT_FAILED; 581 } 582 583 return APR_SUCCESS; 584} 585 586static int 587validate_server_certificate(int cert_valid, X509_STORE_CTX *store_ctx) 588{ 589 SSL *ssl; 590 serf_ssl_context_t *ctx; 591 X509 *server_cert; 592 int err, depth; 593 int failures = 0; 594 apr_status_t status; 595 596 ssl = X509_STORE_CTX_get_ex_data(store_ctx, 597 SSL_get_ex_data_X509_STORE_CTX_idx()); 598 ctx = SSL_get_app_data(ssl); 599 600 server_cert = X509_STORE_CTX_get_current_cert(store_ctx); 601 depth = X509_STORE_CTX_get_error_depth(store_ctx); 602 603 /* If the certification was found invalid, get the error and convert it to 604 something our caller will understand. */ 605 if (! cert_valid) { 606 err = X509_STORE_CTX_get_error(store_ctx); 607 608 switch(err) { 609 case X509_V_ERR_CERT_NOT_YET_VALID: 610 failures |= SERF_SSL_CERT_NOTYETVALID; 611 break; 612 case X509_V_ERR_CERT_HAS_EXPIRED: 613 failures |= SERF_SSL_CERT_EXPIRED; 614 break; 615 case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: 616 case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: 617 failures |= SERF_SSL_CERT_SELF_SIGNED; 618 break; 619 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: 620 case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: 621 case X509_V_ERR_CERT_UNTRUSTED: 622 case X509_V_ERR_INVALID_CA: 623 case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE: 624 failures |= SERF_SSL_CERT_UNKNOWNCA; 625 break; 626 case X509_V_ERR_CERT_REVOKED: 627 failures |= SERF_SSL_CERT_REVOKED; 628 break; 629 default: 630 failures |= SERF_SSL_CERT_UNKNOWN_FAILURE; 631 break; 632 } 633 } 634 635 /* Validate hostname */ 636 status = validate_cert_hostname(server_cert, ctx->pool); 637 if (status) 638 failures |= SERF_SSL_CERT_UNKNOWN_FAILURE; 639 640 /* Check certificate expiry dates. */ 641 if (X509_cmp_current_time(X509_get_notBefore(server_cert)) >= 0) { 642 failures |= SERF_SSL_CERT_NOTYETVALID; 643 } 644 else if (X509_cmp_current_time(X509_get_notAfter(server_cert)) <= 0) { 645 failures |= SERF_SSL_CERT_EXPIRED; 646 } 647 648 if (ctx->server_cert_callback && 649 (depth == 0 || failures)) { 650 serf_ssl_certificate_t *cert; 651 apr_pool_t *subpool; 652 653 apr_pool_create(&subpool, ctx->pool); 654 655 cert = apr_palloc(subpool, sizeof(serf_ssl_certificate_t)); 656 cert->ssl_cert = server_cert; 657 cert->depth = depth; 658 659 /* Callback for further verification. */ 660 status = ctx->server_cert_callback(ctx->server_cert_userdata, 661 failures, cert); 662 if (status == APR_SUCCESS) 663 cert_valid = 1; 664 else { 665 /* Even if openssl found the certificate valid, the application 666 told us to reject it. */ 667 cert_valid = 0; 668 /* Pass the error back to the caller through the context-run. */ 669 ctx->pending_err = status; 670 } 671 apr_pool_destroy(subpool); 672 } 673 674 if (ctx->server_cert_chain_callback 675 && (depth == 0 || failures)) { 676 STACK_OF(X509) *chain; 677 const serf_ssl_certificate_t **certs; 678 int certs_len; 679 apr_pool_t *subpool; 680 681 apr_pool_create(&subpool, ctx->pool); 682 683 /* Borrow the chain to pass to the callback. */ 684 chain = X509_STORE_CTX_get_chain(store_ctx); 685 686 /* If the chain can't be retrieved, just pass the current 687 certificate. */ 688 /* ### can this actually happen with _get_chain() ? */ 689 if (!chain) { 690 serf_ssl_certificate_t *cert = apr_palloc(subpool, sizeof(*cert)); 691 692 cert->ssl_cert = server_cert; 693 cert->depth = depth; 694 695 /* Room for the server_cert and a trailing NULL. */ 696 certs = apr_palloc(subpool, sizeof(*certs) * 2); 697 certs[0] = cert; 698 699 certs_len = 1; 700 } else { 701 int i; 702 703 certs_len = sk_X509_num(chain); 704 705 /* Room for all the certs and a trailing NULL. */ 706 certs = apr_palloc(subpool, sizeof(*certs) * (certs_len + 1)); 707 for (i = 0; i < certs_len; ++i) { 708 serf_ssl_certificate_t *cert; 709 710 cert = apr_palloc(subpool, sizeof(*cert)); 711 cert->ssl_cert = sk_X509_value(chain, i); 712 cert->depth = i; 713 714 certs[i] = cert; 715 } 716 } 717 certs[certs_len] = NULL; 718 719 /* Callback for further verification. */ 720 status = ctx->server_cert_chain_callback(ctx->server_cert_userdata, 721 failures, depth, 722 certs, certs_len); 723 if (status == APR_SUCCESS) { 724 cert_valid = 1; 725 } else { 726 /* Even if openssl found the certificate valid, the application 727 told us to reject it. */ 728 cert_valid = 0; 729 /* Pass the error back to the caller through the context-run. */ 730 ctx->pending_err = status; 731 } 732 733 apr_pool_destroy(subpool); 734 } 735 736 /* Return a specific error if the server certificate is not accepted by 737 OpenSSL and the application has not set callbacks to override this. */ 738 if (!cert_valid && 739 !ctx->server_cert_chain_callback && 740 !ctx->server_cert_callback) 741 { 742 ctx->pending_err = SERF_ERROR_SSL_CERT_FAILED; 743 } 744 745 return cert_valid; 746} 747 748/* This function reads an encrypted stream and returns the decrypted stream. */ 749static apr_status_t ssl_decrypt(void *baton, apr_size_t bufsize, 750 char *buf, apr_size_t *len) 751{ 752 serf_ssl_context_t *ctx = baton; 753 apr_size_t priv_len; 754 apr_status_t status; 755 const char *data; 756 int ssl_len; 757 758 if (ctx->fatal_err) 759 return ctx->fatal_err; 760 761 serf__log(SSL_VERBOSE, __FILE__, "ssl_decrypt: begin %d\n", bufsize); 762 763 /* Is there some data waiting to be read? */ 764 ssl_len = SSL_read(ctx->ssl, buf, bufsize); 765 if (ssl_len > 0) { 766 serf__log(SSL_VERBOSE, __FILE__, 767 "ssl_decrypt: %d bytes (%d); status: %d; flags: %d\n", 768 ssl_len, bufsize, ctx->decrypt.status, 769 BIO_get_retry_flags(ctx->bio)); 770 *len = ssl_len; 771 return APR_SUCCESS; 772 } 773 774 status = serf_bucket_read(ctx->decrypt.stream, bufsize, &data, &priv_len); 775 776 if (!SERF_BUCKET_READ_ERROR(status) && priv_len) { 777 serf_bucket_t *tmp; 778 779 serf__log(SSL_VERBOSE, __FILE__, 780 "ssl_decrypt: read %d bytes (%d); status: %d\n", 781 priv_len, bufsize, status); 782 783 tmp = serf_bucket_simple_copy_create(data, priv_len, 784 ctx->decrypt.pending->allocator); 785 786 serf_bucket_aggregate_append(ctx->decrypt.pending, tmp); 787 788 ssl_len = SSL_read(ctx->ssl, buf, bufsize); 789 if (ssl_len < 0) { 790 int ssl_err; 791 792 ssl_err = SSL_get_error(ctx->ssl, ssl_len); 793 switch (ssl_err) { 794 case SSL_ERROR_SYSCALL: 795 *len = 0; 796 /* Return the underlying network error that caused OpenSSL 797 to fail. ### This can be a crypt error! */ 798 status = ctx->decrypt.status; 799 break; 800 case SSL_ERROR_WANT_READ: 801 case SSL_ERROR_WANT_WRITE: 802 *len = 0; 803 status = APR_EAGAIN; 804 break; 805 case SSL_ERROR_SSL: 806 *len = 0; 807 if (ctx->pending_err) { 808 status = ctx->pending_err; 809 ctx->pending_err = 0; 810 } else { 811 ctx->fatal_err = status = SERF_ERROR_SSL_COMM_FAILED; 812 } 813 break; 814 default: 815 *len = 0; 816 ctx->fatal_err = status = SERF_ERROR_SSL_COMM_FAILED; 817 break; 818 } 819 } else if (ssl_len == 0) { 820 /* The server shut down the connection. */ 821 int ssl_err, shutdown; 822 *len = 0; 823 824 /* Check for SSL_RECEIVED_SHUTDOWN */ 825 shutdown = SSL_get_shutdown(ctx->ssl); 826 /* Check for SSL_ERROR_ZERO_RETURN */ 827 ssl_err = SSL_get_error(ctx->ssl, ssl_len); 828 829 if (shutdown == SSL_RECEIVED_SHUTDOWN && 830 ssl_err == SSL_ERROR_ZERO_RETURN) { 831 /* The server closed the SSL session. While this doesn't 832 necessary mean the connection is closed, let's close 833 it here anyway. 834 We can optimize this later. */ 835 serf__log(SSL_VERBOSE, __FILE__, 836 "ssl_decrypt: SSL read error: server" 837 " shut down connection!\n"); 838 status = APR_EOF; 839 } else { 840 /* A fatal error occurred. */ 841 ctx->fatal_err = status = SERF_ERROR_SSL_COMM_FAILED; 842 } 843 } else { 844 *len = ssl_len; 845 serf__log(SSL_MSG_VERBOSE, __FILE__, 846 "---\n%.*s\n-(%d)-\n", *len, buf, *len); 847 } 848 } 849 else { 850 *len = 0; 851 } 852 serf__log(SSL_VERBOSE, __FILE__, 853 "ssl_decrypt: %d %d %d\n", status, *len, 854 BIO_get_retry_flags(ctx->bio)); 855 856 return status; 857} 858 859/* This function reads a decrypted stream and returns an encrypted stream. */ 860static apr_status_t ssl_encrypt(void *baton, apr_size_t bufsize, 861 char *buf, apr_size_t *len) 862{ 863 const char *data; 864 apr_size_t interim_bufsize; 865 serf_ssl_context_t *ctx = baton; 866 apr_status_t status; 867 868 if (ctx->fatal_err) 869 return ctx->fatal_err; 870 871 serf__log(SSL_VERBOSE, __FILE__, "ssl_encrypt: begin %d\n", bufsize); 872 873 /* Try to read already encrypted but unread data first. */ 874 status = serf_bucket_read(ctx->encrypt.pending, bufsize, &data, len); 875 if (SERF_BUCKET_READ_ERROR(status)) { 876 return status; 877 } 878 879 /* Aha, we read something. Return that now. */ 880 if (*len) { 881 memcpy(buf, data, *len); 882 if (APR_STATUS_IS_EOF(status)) { 883 status = APR_SUCCESS; 884 } 885 886 serf__log(SSL_VERBOSE, __FILE__, "ssl_encrypt: %d %d %d (quick read)\n", 887 status, *len, BIO_get_retry_flags(ctx->bio)); 888 889 return status; 890 } 891 892 if (BIO_should_retry(ctx->bio) && BIO_should_write(ctx->bio)) { 893 serf__log(SSL_VERBOSE, __FILE__, 894 "ssl_encrypt: %d %d %d (should write exit)\n", 895 status, *len, BIO_get_retry_flags(ctx->bio)); 896 897 return APR_EAGAIN; 898 } 899 900 /* If we were previously blocked, unblock ourselves now. */ 901 if (BIO_should_read(ctx->bio)) { 902 serf__log(SSL_VERBOSE, __FILE__, "ssl_encrypt: reset %d %d (%d %d %d)\n", 903 status, ctx->encrypt.status, 904 BIO_should_retry(ctx->bio), BIO_should_read(ctx->bio), 905 BIO_get_retry_flags(ctx->bio)); 906 907 ctx->encrypt.status = APR_SUCCESS; 908 ctx->encrypt.exhausted_reset = 0; 909 } 910 911 /* Oh well, read from our stream now. */ 912 interim_bufsize = bufsize; 913 do { 914 apr_size_t interim_len; 915 916 if (!ctx->encrypt.status) { 917 struct iovec vecs[64]; 918 int vecs_read; 919 920 status = serf_bucket_read_iovec(ctx->encrypt.stream, 921 interim_bufsize, 64, vecs, 922 &vecs_read); 923 924 if (!SERF_BUCKET_READ_ERROR(status) && vecs_read) { 925 char *vecs_data; 926 int i, cur, vecs_data_len; 927 int ssl_len; 928 929 /* Combine the buffers of the iovec into one buffer, as 930 that is with SSL_write requires. */ 931 vecs_data_len = 0; 932 for (i = 0; i < vecs_read; i++) { 933 vecs_data_len += vecs[i].iov_len; 934 } 935 936 vecs_data = serf_bucket_mem_alloc(ctx->allocator, 937 vecs_data_len); 938 939 cur = 0; 940 for (i = 0; i < vecs_read; i++) { 941 memcpy(vecs_data + cur, vecs[i].iov_base, vecs[i].iov_len); 942 cur += vecs[i].iov_len; 943 } 944 945 interim_bufsize -= vecs_data_len; 946 interim_len = vecs_data_len; 947 948 serf__log(SSL_VERBOSE, __FILE__, 949 "ssl_encrypt: bucket read %d bytes; "\ 950 "status %d\n", interim_len, status); 951 serf__log(SSL_MSG_VERBOSE, __FILE__, "---\n%.*s\n-(%d)-\n", 952 interim_len, vecs_data, interim_len); 953 954 /* Stash our status away. */ 955 ctx->encrypt.status = status; 956 957 ssl_len = SSL_write(ctx->ssl, vecs_data, interim_len); 958 959 serf__log(SSL_VERBOSE, __FILE__, 960 "ssl_encrypt: SSL write: %d\n", ssl_len); 961 962 /* If we failed to write... */ 963 if (ssl_len < 0) { 964 int ssl_err; 965 966 /* Ah, bugger. We need to put that data back. 967 Note: use the copy here, we do not own the original iovec 968 data buffer so it will be freed on next read. */ 969 serf_bucket_t *vecs_copy = 970 serf_bucket_simple_own_create(vecs_data, 971 vecs_data_len, 972 ctx->allocator); 973 serf_bucket_aggregate_prepend(ctx->encrypt.stream, 974 vecs_copy); 975 976 ssl_err = SSL_get_error(ctx->ssl, ssl_len); 977 978 serf__log(SSL_VERBOSE, __FILE__, 979 "ssl_encrypt: SSL write error: %d\n", ssl_err); 980 981 if (ssl_err == SSL_ERROR_SYSCALL) { 982 /* Return the underlying network error that caused OpenSSL 983 to fail. ### This can be a decrypt error! */ 984 status = ctx->encrypt.status; 985 if (SERF_BUCKET_READ_ERROR(status)) { 986 return status; 987 } 988 } 989 else { 990 /* Oh, no. */ 991 if (ssl_err == SSL_ERROR_WANT_READ) { 992 status = SERF_ERROR_WAIT_CONN; 993 } 994 else { 995 ctx->fatal_err = status = 996 SERF_ERROR_SSL_COMM_FAILED; 997 } 998 } 999 1000 serf__log(SSL_VERBOSE, __FILE__, 1001 "ssl_encrypt: SSL write error: %d %d\n", 1002 status, *len); 1003 } else { 1004 /* We're done with this data. */ 1005 serf_bucket_mem_free(ctx->allocator, vecs_data); 1006 } 1007 } 1008 } 1009 else { 1010 interim_len = 0; 1011 *len = 0; 1012 status = ctx->encrypt.status; 1013 } 1014 1015 } while (!status && interim_bufsize); 1016 1017 /* Okay, we exhausted our underlying stream. */ 1018 if (!SERF_BUCKET_READ_ERROR(status)) { 1019 apr_status_t agg_status; 1020 struct iovec vecs[64]; 1021 int vecs_read, i; 1022 1023 /* We read something! */ 1024 agg_status = serf_bucket_read_iovec(ctx->encrypt.pending, bufsize, 1025 64, vecs, &vecs_read); 1026 *len = 0; 1027 for (i = 0; i < vecs_read; i++) { 1028 memcpy(buf + *len, vecs[i].iov_base, vecs[i].iov_len); 1029 *len += vecs[i].iov_len; 1030 } 1031 1032 serf__log(SSL_VERBOSE, __FILE__, 1033 "ssl_encrypt read agg: %d %d %d %d\n", status, agg_status, 1034 ctx->encrypt.status, *len); 1035 1036 if (!agg_status) { 1037 status = agg_status; 1038 } 1039 } 1040 1041 if (status == SERF_ERROR_WAIT_CONN 1042 && BIO_should_retry(ctx->bio) && BIO_should_read(ctx->bio)) { 1043 ctx->encrypt.exhausted = ctx->encrypt.status; 1044 ctx->encrypt.status = SERF_ERROR_WAIT_CONN; 1045 } 1046 1047 serf__log(SSL_VERBOSE, __FILE__, 1048 "ssl_encrypt finished: %d %d (%d %d %d)\n", status, *len, 1049 BIO_should_retry(ctx->bio), BIO_should_read(ctx->bio), 1050 BIO_get_retry_flags(ctx->bio)); 1051 1052 return status; 1053} 1054 1055#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API) 1056static apr_pool_t *ssl_pool; 1057static apr_thread_mutex_t **ssl_locks; 1058 1059typedef struct CRYPTO_dynlock_value { 1060 apr_thread_mutex_t *lock; 1061} CRYPTO_dynlock_value; 1062 1063static CRYPTO_dynlock_value *ssl_dyn_create(const char* file, int line) 1064{ 1065 CRYPTO_dynlock_value *l; 1066 apr_status_t rv; 1067 1068 l = apr_palloc(ssl_pool, sizeof(CRYPTO_dynlock_value)); 1069 rv = apr_thread_mutex_create(&l->lock, APR_THREAD_MUTEX_DEFAULT, ssl_pool); 1070 if (rv != APR_SUCCESS) { 1071 /* FIXME: return error here */ 1072 } 1073 return l; 1074} 1075 1076static void ssl_dyn_lock(int mode, CRYPTO_dynlock_value *l, const char *file, 1077 int line) 1078{ 1079 if (mode & CRYPTO_LOCK) { 1080 apr_thread_mutex_lock(l->lock); 1081 } 1082 else if (mode & CRYPTO_UNLOCK) { 1083 apr_thread_mutex_unlock(l->lock); 1084 } 1085} 1086 1087static void ssl_dyn_destroy(CRYPTO_dynlock_value *l, const char *file, 1088 int line) 1089{ 1090 apr_thread_mutex_destroy(l->lock); 1091} 1092 1093static void ssl_lock(int mode, int n, const char *file, int line) 1094{ 1095 if (mode & CRYPTO_LOCK) { 1096 apr_thread_mutex_lock(ssl_locks[n]); 1097 } 1098 else if (mode & CRYPTO_UNLOCK) { 1099 apr_thread_mutex_unlock(ssl_locks[n]); 1100 } 1101} 1102 1103static unsigned long ssl_id(void) 1104{ 1105 /* FIXME: This is lame and not portable. -aaron */ 1106 return (unsigned long) apr_os_thread_current(); 1107} 1108 1109static apr_status_t cleanup_ssl(void *data) 1110{ 1111 CRYPTO_set_locking_callback(NULL); 1112 CRYPTO_set_id_callback(NULL); 1113 CRYPTO_set_dynlock_create_callback(NULL); 1114 CRYPTO_set_dynlock_lock_callback(NULL); 1115 CRYPTO_set_dynlock_destroy_callback(NULL); 1116 1117 return APR_SUCCESS; 1118} 1119 1120#endif 1121 1122#if !APR_VERSION_AT_LEAST(1,0,0) 1123#define apr_atomic_cas32(mem, with, cmp) apr_atomic_cas(mem, with, cmp) 1124#endif 1125 1126enum ssl_init_e 1127{ 1128 INIT_UNINITIALIZED = 0, 1129 INIT_BUSY = 1, 1130 INIT_DONE = 2 1131}; 1132 1133static volatile apr_uint32_t have_init_ssl = INIT_UNINITIALIZED; 1134 1135static void init_ssl_libraries(void) 1136{ 1137 apr_uint32_t val; 1138 1139 val = apr_atomic_cas32(&have_init_ssl, INIT_BUSY, INIT_UNINITIALIZED); 1140 1141 if (!val) { 1142#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API) 1143 int i, numlocks; 1144#endif 1145 1146#ifdef SSL_VERBOSE 1147 /* Warn when compile-time and run-time version of OpenSSL differ in 1148 major/minor version number. */ 1149 long libver = SSLeay(); 1150 1151 if ((libver ^ OPENSSL_VERSION_NUMBER) & 0xFFF00000) { 1152 serf__log(SSL_VERBOSE, __FILE__, 1153 "Warning: OpenSSL library version mismatch, compile-time " 1154 "was %lx, runtime is %lx.\n", 1155 OPENSSL_VERSION_NUMBER, libver); 1156 } 1157#endif 1158 1159#ifdef USE_OPENSSL_1_1_API 1160 OPENSSL_malloc_init(); 1161#else 1162 CRYPTO_malloc_init(); 1163#endif 1164 ERR_load_crypto_strings(); 1165 SSL_load_error_strings(); 1166 SSL_library_init(); 1167 OpenSSL_add_all_algorithms(); 1168 1169#if APR_HAS_THREADS && !defined(USE_OPENSSL_1_1_API) 1170 numlocks = CRYPTO_num_locks(); 1171 apr_pool_create(&ssl_pool, NULL); 1172 ssl_locks = apr_palloc(ssl_pool, sizeof(apr_thread_mutex_t*)*numlocks); 1173 for (i = 0; i < numlocks; i++) { 1174 apr_status_t rv; 1175 1176 /* Intraprocess locks don't /need/ a filename... */ 1177 rv = apr_thread_mutex_create(&ssl_locks[i], 1178 APR_THREAD_MUTEX_DEFAULT, ssl_pool); 1179 if (rv != APR_SUCCESS) { 1180 /* FIXME: error out here */ 1181 } 1182 } 1183 CRYPTO_set_locking_callback(ssl_lock); 1184 CRYPTO_set_id_callback(ssl_id); 1185 CRYPTO_set_dynlock_create_callback(ssl_dyn_create); 1186 CRYPTO_set_dynlock_lock_callback(ssl_dyn_lock); 1187 CRYPTO_set_dynlock_destroy_callback(ssl_dyn_destroy); 1188 1189 apr_pool_cleanup_register(ssl_pool, NULL, cleanup_ssl, cleanup_ssl); 1190#endif 1191 apr_atomic_cas32(&have_init_ssl, INIT_DONE, INIT_BUSY); 1192 } 1193 else 1194 { 1195 /* Make sure we don't continue before the initialization in another 1196 thread has completed */ 1197 while (val != INIT_DONE) { 1198 apr_sleep(APR_USEC_PER_SEC / 1000); 1199 1200 val = apr_atomic_cas32(&have_init_ssl, 1201 INIT_UNINITIALIZED, 1202 INIT_UNINITIALIZED); 1203 } 1204 } 1205} 1206 1207static int ssl_need_client_cert(SSL *ssl, X509 **cert, EVP_PKEY **pkey) 1208{ 1209 serf_ssl_context_t *ctx = SSL_get_app_data(ssl); 1210 apr_status_t status; 1211 1212 if (ctx->cached_cert) { 1213 *cert = ctx->cached_cert; 1214 *pkey = ctx->cached_cert_pw; 1215 return 1; 1216 } 1217 1218 while (ctx->cert_callback) { 1219 const char *cert_path; 1220 apr_file_t *cert_file; 1221 BIO *bio; 1222 BIO_METHOD *biom; 1223 PKCS12 *p12; 1224 int i; 1225 int retrying_success = 0; 1226 1227 if (ctx->cert_file_success) { 1228 status = APR_SUCCESS; 1229 cert_path = ctx->cert_file_success; 1230 ctx->cert_file_success = NULL; 1231 retrying_success = 1; 1232 } else { 1233 status = ctx->cert_callback(ctx->cert_userdata, &cert_path); 1234 } 1235 1236 if (status || !cert_path) { 1237 break; 1238 } 1239 1240 /* Load the x.509 cert file stored in PKCS12 */ 1241 status = apr_file_open(&cert_file, cert_path, APR_READ, APR_OS_DEFAULT, 1242 ctx->pool); 1243 1244 if (status) { 1245 continue; 1246 } 1247 1248 biom = bio_meth_file_new(); 1249 bio = BIO_new(biom); 1250 bio_set_data(bio, cert_file); 1251 1252 ctx->cert_path = cert_path; 1253 p12 = d2i_PKCS12_bio(bio, NULL); 1254 apr_file_close(cert_file); 1255 1256 i = PKCS12_parse(p12, NULL, pkey, cert, NULL); 1257 1258 if (i == 1) { 1259 PKCS12_free(p12); 1260 bio_meth_free(biom); 1261 ctx->cached_cert = *cert; 1262 ctx->cached_cert_pw = *pkey; 1263 if (!retrying_success && ctx->cert_cache_pool) { 1264 const char *c; 1265 1266 c = apr_pstrdup(ctx->cert_cache_pool, ctx->cert_path); 1267 1268 apr_pool_userdata_setn(c, "serf:ssl:cert", 1269 apr_pool_cleanup_null, 1270 ctx->cert_cache_pool); 1271 } 1272 return 1; 1273 } 1274 else { 1275 int err = ERR_get_error(); 1276 ERR_clear_error(); 1277 if (ERR_GET_LIB(err) == ERR_LIB_PKCS12 && 1278 ERR_GET_REASON(err) == PKCS12_R_MAC_VERIFY_FAILURE) { 1279 if (ctx->cert_pw_callback) { 1280 const char *password; 1281 1282 if (ctx->cert_pw_success) { 1283 status = APR_SUCCESS; 1284 password = ctx->cert_pw_success; 1285 ctx->cert_pw_success = NULL; 1286 } else { 1287 status = ctx->cert_pw_callback(ctx->cert_pw_userdata, 1288 ctx->cert_path, 1289 &password); 1290 } 1291 1292 if (!status && password) { 1293 i = PKCS12_parse(p12, password, pkey, cert, NULL); 1294 if (i == 1) { 1295 PKCS12_free(p12); 1296 bio_meth_free(biom); 1297 ctx->cached_cert = *cert; 1298 ctx->cached_cert_pw = *pkey; 1299 if (!retrying_success && ctx->cert_cache_pool) { 1300 const char *c; 1301 1302 c = apr_pstrdup(ctx->cert_cache_pool, 1303 ctx->cert_path); 1304 1305 apr_pool_userdata_setn(c, "serf:ssl:cert", 1306 apr_pool_cleanup_null, 1307 ctx->cert_cache_pool); 1308 } 1309 if (!retrying_success && ctx->cert_pw_cache_pool) { 1310 const char *c; 1311 1312 c = apr_pstrdup(ctx->cert_pw_cache_pool, 1313 password); 1314 1315 apr_pool_userdata_setn(c, "serf:ssl:certpw", 1316 apr_pool_cleanup_null, 1317 ctx->cert_pw_cache_pool); 1318 } 1319 return 1; 1320 } 1321 } 1322 } 1323 PKCS12_free(p12); 1324 bio_meth_free(biom); 1325 return 0; 1326 } 1327 else { 1328 printf("OpenSSL cert error: %d %d %d\n", ERR_GET_LIB(err), 1329 ERR_GET_FUNC(err), 1330 ERR_GET_REASON(err)); 1331 PKCS12_free(p12); 1332 bio_meth_free(biom); 1333 } 1334 } 1335 } 1336 1337 return 0; 1338} 1339 1340 1341void serf_ssl_client_cert_provider_set( 1342 serf_ssl_context_t *context, 1343 serf_ssl_need_client_cert_t callback, 1344 void *data, 1345 void *cache_pool) 1346{ 1347 context->cert_callback = callback; 1348 context->cert_userdata = data; 1349 context->cert_cache_pool = cache_pool; 1350 if (context->cert_cache_pool) { 1351 apr_pool_userdata_get((void**)&context->cert_file_success, 1352 "serf:ssl:cert", cache_pool); 1353 } 1354} 1355 1356 1357void serf_ssl_client_cert_password_set( 1358 serf_ssl_context_t *context, 1359 serf_ssl_need_cert_password_t callback, 1360 void *data, 1361 void *cache_pool) 1362{ 1363 context->cert_pw_callback = callback; 1364 context->cert_pw_userdata = data; 1365 context->cert_pw_cache_pool = cache_pool; 1366 if (context->cert_pw_cache_pool) { 1367 apr_pool_userdata_get((void**)&context->cert_pw_success, 1368 "serf:ssl:certpw", cache_pool); 1369 } 1370} 1371 1372 1373void serf_ssl_server_cert_callback_set( 1374 serf_ssl_context_t *context, 1375 serf_ssl_need_server_cert_t callback, 1376 void *data) 1377{ 1378 context->server_cert_callback = callback; 1379 context->server_cert_userdata = data; 1380} 1381 1382void serf_ssl_server_cert_chain_callback_set( 1383 serf_ssl_context_t *context, 1384 serf_ssl_need_server_cert_t cert_callback, 1385 serf_ssl_server_cert_chain_cb_t cert_chain_callback, 1386 void *data) 1387{ 1388 context->server_cert_callback = cert_callback; 1389 context->server_cert_chain_callback = cert_chain_callback; 1390 context->server_cert_userdata = data; 1391} 1392 1393static serf_ssl_context_t *ssl_init_context(serf_bucket_alloc_t *allocator) 1394{ 1395 serf_ssl_context_t *ssl_ctx; 1396 1397 init_ssl_libraries(); 1398 1399 ssl_ctx = serf_bucket_mem_alloc(allocator, sizeof(*ssl_ctx)); 1400 1401 ssl_ctx->refcount = 0; 1402 ssl_ctx->pool = serf_bucket_allocator_get_pool(allocator); 1403 ssl_ctx->allocator = allocator; 1404 1405 /* Use the best possible protocol version, but disable the broken SSLv2/3 */ 1406 ssl_ctx->ctx = SSL_CTX_new(SSLv23_client_method()); 1407 SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3); 1408 1409 SSL_CTX_set_client_cert_cb(ssl_ctx->ctx, ssl_need_client_cert); 1410 ssl_ctx->cached_cert = 0; 1411 ssl_ctx->cached_cert_pw = 0; 1412 ssl_ctx->pending_err = APR_SUCCESS; 1413 ssl_ctx->fatal_err = APR_SUCCESS; 1414 1415 ssl_ctx->cert_callback = NULL; 1416 ssl_ctx->cert_pw_callback = NULL; 1417 ssl_ctx->server_cert_callback = NULL; 1418 ssl_ctx->server_cert_chain_callback = NULL; 1419 1420 SSL_CTX_set_verify(ssl_ctx->ctx, SSL_VERIFY_PEER, 1421 validate_server_certificate); 1422 SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_ALL); 1423 /* Disable SSL compression by default. */ 1424 disable_compression(ssl_ctx); 1425 1426 ssl_ctx->ssl = SSL_new(ssl_ctx->ctx); 1427 ssl_ctx->biom = bio_meth_bucket_new(); 1428 ssl_ctx->bio = BIO_new(ssl_ctx->biom); 1429 bio_set_data(ssl_ctx->bio, ssl_ctx); 1430 1431 SSL_set_bio(ssl_ctx->ssl, ssl_ctx->bio, ssl_ctx->bio); 1432 1433 SSL_set_connect_state(ssl_ctx->ssl); 1434 1435 SSL_set_app_data(ssl_ctx->ssl, ssl_ctx); 1436 1437#if SSL_VERBOSE 1438 SSL_CTX_set_info_callback(ssl_ctx->ctx, apps_ssl_info_callback); 1439#endif 1440 1441 ssl_ctx->encrypt.stream = NULL; 1442 ssl_ctx->encrypt.stream_next = NULL; 1443 ssl_ctx->encrypt.pending = serf_bucket_aggregate_create(allocator); 1444 ssl_ctx->encrypt.status = APR_SUCCESS; 1445 serf_databuf_init(&ssl_ctx->encrypt.databuf); 1446 ssl_ctx->encrypt.databuf.read = ssl_encrypt; 1447 ssl_ctx->encrypt.databuf.read_baton = ssl_ctx; 1448 1449 ssl_ctx->decrypt.stream = NULL; 1450 ssl_ctx->decrypt.pending = serf_bucket_aggregate_create(allocator); 1451 ssl_ctx->decrypt.status = APR_SUCCESS; 1452 serf_databuf_init(&ssl_ctx->decrypt.databuf); 1453 ssl_ctx->decrypt.databuf.read = ssl_decrypt; 1454 ssl_ctx->decrypt.databuf.read_baton = ssl_ctx; 1455 1456 return ssl_ctx; 1457} 1458 1459static apr_status_t ssl_free_context( 1460 serf_ssl_context_t *ssl_ctx) 1461{ 1462 /* If never had the pending buckets, don't try to free them. */ 1463 if (ssl_ctx->decrypt.pending != NULL) { 1464 serf_bucket_destroy(ssl_ctx->decrypt.pending); 1465 } 1466 if (ssl_ctx->encrypt.pending != NULL) { 1467 serf_bucket_destroy(ssl_ctx->encrypt.pending); 1468 } 1469 1470 /* SSL_free implicitly frees the underlying BIO. */ 1471 SSL_free(ssl_ctx->ssl); 1472 bio_meth_free(ssl_ctx->biom); 1473 SSL_CTX_free(ssl_ctx->ctx); 1474 1475 serf_bucket_mem_free(ssl_ctx->allocator, ssl_ctx); 1476 1477 return APR_SUCCESS; 1478} 1479 1480static serf_bucket_t * serf_bucket_ssl_create( 1481 serf_ssl_context_t *ssl_ctx, 1482 serf_bucket_alloc_t *allocator, 1483 const serf_bucket_type_t *type) 1484{ 1485 ssl_context_t *ctx; 1486 1487 ctx = serf_bucket_mem_alloc(allocator, sizeof(*ctx)); 1488 if (!ssl_ctx) { 1489 ctx->ssl_ctx = ssl_init_context(allocator); 1490 } 1491 else { 1492 ctx->ssl_ctx = ssl_ctx; 1493 } 1494 ctx->ssl_ctx->refcount++; 1495 1496 return serf_bucket_create(type, allocator, ctx); 1497} 1498 1499apr_status_t serf_ssl_set_hostname(serf_ssl_context_t *context, 1500 const char * hostname) 1501{ 1502#ifdef SSL_set_tlsext_host_name 1503 if (SSL_set_tlsext_host_name(context->ssl, hostname) != 1) { 1504 ERR_clear_error(); 1505 } 1506#endif 1507 return APR_SUCCESS; 1508} 1509 1510apr_status_t serf_ssl_use_default_certificates(serf_ssl_context_t *ssl_ctx) 1511{ 1512 X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx->ctx); 1513 1514 int result = X509_STORE_set_default_paths(store); 1515 1516 return result ? APR_SUCCESS : SERF_ERROR_SSL_CERT_FAILED; 1517} 1518 1519apr_status_t serf_ssl_load_cert_file( 1520 serf_ssl_certificate_t **cert, 1521 const char *file_path, 1522 apr_pool_t *pool) 1523{ 1524 FILE *fp = fopen(file_path, "r"); 1525 1526 if (fp) { 1527 X509 *ssl_cert = PEM_read_X509(fp, NULL, NULL, NULL); 1528 fclose(fp); 1529 1530 if (ssl_cert) { 1531 *cert = apr_palloc(pool, sizeof(serf_ssl_certificate_t)); 1532 (*cert)->ssl_cert = ssl_cert; 1533 1534 return APR_SUCCESS; 1535 } 1536 } 1537 1538 return SERF_ERROR_SSL_CERT_FAILED; 1539} 1540 1541 1542apr_status_t serf_ssl_trust_cert( 1543 serf_ssl_context_t *ssl_ctx, 1544 serf_ssl_certificate_t *cert) 1545{ 1546 X509_STORE *store = SSL_CTX_get_cert_store(ssl_ctx->ctx); 1547 1548 int result = X509_STORE_add_cert(store, cert->ssl_cert); 1549 1550 return result ? APR_SUCCESS : SERF_ERROR_SSL_CERT_FAILED; 1551} 1552 1553 1554serf_bucket_t *serf_bucket_ssl_decrypt_create( 1555 serf_bucket_t *stream, 1556 serf_ssl_context_t *ssl_ctx, 1557 serf_bucket_alloc_t *allocator) 1558{ 1559 serf_bucket_t *bkt; 1560 ssl_context_t *ctx; 1561 1562 bkt = serf_bucket_ssl_create(ssl_ctx, allocator, 1563 &serf_bucket_type_ssl_decrypt); 1564 1565 ctx = bkt->data; 1566 1567 ctx->databuf = &ctx->ssl_ctx->decrypt.databuf; 1568 if (ctx->ssl_ctx->decrypt.stream != NULL) { 1569 return NULL; 1570 } 1571 ctx->ssl_ctx->decrypt.stream = stream; 1572 ctx->our_stream = &ctx->ssl_ctx->decrypt.stream; 1573 1574 return bkt; 1575} 1576 1577 1578serf_ssl_context_t *serf_bucket_ssl_decrypt_context_get( 1579 serf_bucket_t *bucket) 1580{ 1581 ssl_context_t *ctx = bucket->data; 1582 return ctx->ssl_ctx; 1583} 1584 1585 1586serf_bucket_t *serf_bucket_ssl_encrypt_create( 1587 serf_bucket_t *stream, 1588 serf_ssl_context_t *ssl_ctx, 1589 serf_bucket_alloc_t *allocator) 1590{ 1591 serf_bucket_t *bkt; 1592 ssl_context_t *ctx; 1593 1594 bkt = serf_bucket_ssl_create(ssl_ctx, allocator, 1595 &serf_bucket_type_ssl_encrypt); 1596 1597 ctx = bkt->data; 1598 1599 ctx->databuf = &ctx->ssl_ctx->encrypt.databuf; 1600 ctx->our_stream = &ctx->ssl_ctx->encrypt.stream; 1601 if (ctx->ssl_ctx->encrypt.stream == NULL) { 1602 serf_bucket_t *tmp = serf_bucket_aggregate_create(stream->allocator); 1603 serf_bucket_aggregate_append(tmp, stream); 1604 ctx->ssl_ctx->encrypt.stream = tmp; 1605 } 1606 else { 1607 bucket_list_t *new_list; 1608 1609 new_list = serf_bucket_mem_alloc(ctx->ssl_ctx->allocator, 1610 sizeof(*new_list)); 1611 new_list->bucket = stream; 1612 new_list->next = NULL; 1613 if (ctx->ssl_ctx->encrypt.stream_next == NULL) { 1614 ctx->ssl_ctx->encrypt.stream_next = new_list; 1615 } 1616 else { 1617 bucket_list_t *scan = ctx->ssl_ctx->encrypt.stream_next; 1618 1619 while (scan->next != NULL) 1620 scan = scan->next; 1621 scan->next = new_list; 1622 } 1623 } 1624 1625 return bkt; 1626} 1627 1628 1629serf_ssl_context_t *serf_bucket_ssl_encrypt_context_get( 1630 serf_bucket_t *bucket) 1631{ 1632 ssl_context_t *ctx = bucket->data; 1633 return ctx->ssl_ctx; 1634} 1635 1636/* Functions to read a serf_ssl_certificate structure. */ 1637 1638/* Takes a counted length string and escapes any NUL bytes so that 1639 * it can be used as a C string. NUL bytes are escaped as 3 characters 1640 * "\00" (that's a literal backslash). 1641 * The returned string is allocated in POOL. 1642 */ 1643static char * 1644pstrdup_escape_nul_bytes(const char *buf, int len, apr_pool_t *pool) 1645{ 1646 int i, nul_count = 0; 1647 char *ret; 1648 1649 /* First determine if there are any nul bytes in the string. */ 1650 for (i = 0; i < len; i++) { 1651 if (buf[i] == '\0') 1652 nul_count++; 1653 } 1654 1655 if (nul_count == 0) { 1656 /* There aren't so easy case to just copy the string */ 1657 ret = apr_pstrdup(pool, buf); 1658 } else { 1659 /* There are so we have to replace nul bytes with escape codes 1660 * Proper length is the length of the original string, plus 1661 * 2 times the number of nulls (for two digit hex code for 1662 * the value) + the trailing null. */ 1663 char *pos; 1664 ret = pos = apr_palloc(pool, len + 2 * nul_count + 1); 1665 for (i = 0; i < len; i++) { 1666 if (buf[i] != '\0') { 1667 *(pos++) = buf[i]; 1668 } else { 1669 *(pos++) = '\\'; 1670 *(pos++) = '0'; 1671 *(pos++) = '0'; 1672 } 1673 } 1674 *pos = '\0'; 1675 } 1676 1677 return ret; 1678} 1679 1680/* Creates a hash_table with keys (E, CN, OU, O, L, ST and C). Any NUL bytes in 1681 these fields in the certificate will be escaped as \00. */ 1682static apr_hash_t * 1683convert_X509_NAME_to_table(X509_NAME *org, apr_pool_t *pool) 1684{ 1685 char buf[1024]; 1686 int ret; 1687 1688 apr_hash_t *tgt = apr_hash_make(pool); 1689 1690 ret = X509_NAME_get_text_by_NID(org, 1691 NID_commonName, 1692 buf, 1024); 1693 if (ret != -1) 1694 apr_hash_set(tgt, "CN", APR_HASH_KEY_STRING, 1695 pstrdup_escape_nul_bytes(buf, ret, pool)); 1696 ret = X509_NAME_get_text_by_NID(org, 1697 NID_pkcs9_emailAddress, 1698 buf, 1024); 1699 if (ret != -1) 1700 apr_hash_set(tgt, "E", APR_HASH_KEY_STRING, 1701 pstrdup_escape_nul_bytes(buf, ret, pool)); 1702 ret = X509_NAME_get_text_by_NID(org, 1703 NID_organizationalUnitName, 1704 buf, 1024); 1705 if (ret != -1) 1706 apr_hash_set(tgt, "OU", APR_HASH_KEY_STRING, 1707 pstrdup_escape_nul_bytes(buf, ret, pool)); 1708 ret = X509_NAME_get_text_by_NID(org, 1709 NID_organizationName, 1710 buf, 1024); 1711 if (ret != -1) 1712 apr_hash_set(tgt, "O", APR_HASH_KEY_STRING, 1713 pstrdup_escape_nul_bytes(buf, ret, pool)); 1714 ret = X509_NAME_get_text_by_NID(org, 1715 NID_localityName, 1716 buf, 1024); 1717 if (ret != -1) 1718 apr_hash_set(tgt, "L", APR_HASH_KEY_STRING, 1719 pstrdup_escape_nul_bytes(buf, ret, pool)); 1720 ret = X509_NAME_get_text_by_NID(org, 1721 NID_stateOrProvinceName, 1722 buf, 1024); 1723 if (ret != -1) 1724 apr_hash_set(tgt, "ST", APR_HASH_KEY_STRING, 1725 pstrdup_escape_nul_bytes(buf, ret, pool)); 1726 ret = X509_NAME_get_text_by_NID(org, 1727 NID_countryName, 1728 buf, 1024); 1729 if (ret != -1) 1730 apr_hash_set(tgt, "C", APR_HASH_KEY_STRING, 1731 pstrdup_escape_nul_bytes(buf, ret, pool)); 1732 1733 return tgt; 1734} 1735 1736 1737int serf_ssl_cert_depth(const serf_ssl_certificate_t *cert) 1738{ 1739 return cert->depth; 1740} 1741 1742 1743apr_hash_t *serf_ssl_cert_issuer( 1744 const serf_ssl_certificate_t *cert, 1745 apr_pool_t *pool) 1746{ 1747 X509_NAME *issuer = X509_get_issuer_name(cert->ssl_cert); 1748 1749 if (!issuer) 1750 return NULL; 1751 1752 return convert_X509_NAME_to_table(issuer, pool); 1753} 1754 1755 1756apr_hash_t *serf_ssl_cert_subject( 1757 const serf_ssl_certificate_t *cert, 1758 apr_pool_t *pool) 1759{ 1760 X509_NAME *subject = X509_get_subject_name(cert->ssl_cert); 1761 1762 if (!subject) 1763 return NULL; 1764 1765 return convert_X509_NAME_to_table(subject, pool); 1766} 1767 1768 1769apr_hash_t *serf_ssl_cert_certificate( 1770 const serf_ssl_certificate_t *cert, 1771 apr_pool_t *pool) 1772{ 1773 apr_hash_t *tgt = apr_hash_make(pool); 1774 unsigned int md_size, i; 1775 unsigned char md[EVP_MAX_MD_SIZE]; 1776 BIO *bio; 1777 apr_array_header_t *san_arr; 1778 1779 /* sha1 fingerprint */ 1780 if (X509_digest(cert->ssl_cert, EVP_sha1(), md, &md_size)) { 1781 const char hex[] = "0123456789ABCDEF"; 1782 char fingerprint[EVP_MAX_MD_SIZE * 3]; 1783 1784 for (i=0; i<md_size; i++) { 1785 fingerprint[3*i] = hex[(md[i] & 0xf0) >> 4]; 1786 fingerprint[(3*i)+1] = hex[(md[i] & 0x0f)]; 1787 fingerprint[(3*i)+2] = ':'; 1788 } 1789 if (md_size > 0) 1790 fingerprint[(3*(md_size-1))+2] = '\0'; 1791 else 1792 fingerprint[0] = '\0'; 1793 1794 apr_hash_set(tgt, "sha1", APR_HASH_KEY_STRING, 1795 apr_pstrdup(pool, fingerprint)); 1796 } 1797 1798 /* set expiry dates */ 1799 bio = BIO_new(BIO_s_mem()); 1800 if (bio) { 1801 ASN1_TIME *notBefore, *notAfter; 1802 char buf[256]; 1803 1804 memset (buf, 0, sizeof (buf)); 1805 notBefore = X509_get_notBefore(cert->ssl_cert); 1806 if (ASN1_TIME_print(bio, notBefore)) { 1807 BIO_read(bio, buf, 255); 1808 apr_hash_set(tgt, "notBefore", APR_HASH_KEY_STRING, 1809 apr_pstrdup(pool, buf)); 1810 } 1811 memset (buf, 0, sizeof (buf)); 1812 notAfter = X509_get_notAfter(cert->ssl_cert); 1813 if (ASN1_TIME_print(bio, notAfter)) { 1814 BIO_read(bio, buf, 255); 1815 apr_hash_set(tgt, "notAfter", APR_HASH_KEY_STRING, 1816 apr_pstrdup(pool, buf)); 1817 } 1818 } 1819 BIO_free(bio); 1820 1821 /* Get subjectAltNames */ 1822 if (!get_subject_alt_names(&san_arr, cert->ssl_cert, EscapeNulAndCopy, pool)) 1823 apr_hash_set(tgt, "subjectAltName", APR_HASH_KEY_STRING, san_arr); 1824 1825 return tgt; 1826} 1827 1828 1829const char *serf_ssl_cert_export( 1830 const serf_ssl_certificate_t *cert, 1831 apr_pool_t *pool) 1832{ 1833 char *binary_cert; 1834 char *encoded_cert; 1835 int len; 1836 unsigned char *unused; 1837 1838 /* find the length of the DER encoding. */ 1839 len = i2d_X509(cert->ssl_cert, NULL); 1840 if (len < 0) { 1841 return NULL; 1842 } 1843 1844 binary_cert = apr_palloc(pool, len); 1845 unused = (unsigned char *)binary_cert; 1846 len = i2d_X509(cert->ssl_cert, &unused); /* unused is incremented */ 1847 if (len < 0) { 1848 return NULL; 1849 } 1850 1851 encoded_cert = apr_palloc(pool, apr_base64_encode_len(len)); 1852 apr_base64_encode(encoded_cert, binary_cert, len); 1853 1854 return encoded_cert; 1855} 1856 1857/* Disables compression for all SSL sessions. */ 1858static void disable_compression(serf_ssl_context_t *ssl_ctx) 1859{ 1860#ifdef SSL_OP_NO_COMPRESSION 1861 SSL_CTX_set_options(ssl_ctx->ctx, SSL_OP_NO_COMPRESSION); 1862#endif 1863} 1864 1865apr_status_t serf_ssl_use_compression(serf_ssl_context_t *ssl_ctx, int enabled) 1866{ 1867 if (enabled) { 1868#ifdef SSL_OP_NO_COMPRESSION 1869 SSL_clear_options(ssl_ctx->ssl, SSL_OP_NO_COMPRESSION); 1870 return APR_SUCCESS; 1871#endif 1872 } else { 1873#ifdef SSL_OP_NO_COMPRESSION 1874 SSL_set_options(ssl_ctx->ssl, SSL_OP_NO_COMPRESSION); 1875 return APR_SUCCESS; 1876#endif 1877 } 1878 1879 return APR_EGENERAL; 1880} 1881 1882static void serf_ssl_destroy_and_data(serf_bucket_t *bucket) 1883{ 1884 ssl_context_t *ctx = bucket->data; 1885 1886 if (!--ctx->ssl_ctx->refcount) { 1887 ssl_free_context(ctx->ssl_ctx); 1888 } 1889 1890 serf_default_destroy_and_data(bucket); 1891} 1892 1893static void serf_ssl_decrypt_destroy_and_data(serf_bucket_t *bucket) 1894{ 1895 ssl_context_t *ctx = bucket->data; 1896 1897 serf_bucket_destroy(*ctx->our_stream); 1898 1899 serf_ssl_destroy_and_data(bucket); 1900} 1901 1902static void serf_ssl_encrypt_destroy_and_data(serf_bucket_t *bucket) 1903{ 1904 ssl_context_t *ctx = bucket->data; 1905 serf_ssl_context_t *ssl_ctx = ctx->ssl_ctx; 1906 1907 if (ssl_ctx->encrypt.stream == *ctx->our_stream) { 1908 serf_bucket_destroy(*ctx->our_stream); 1909 serf_bucket_destroy(ssl_ctx->encrypt.pending); 1910 1911 /* Reset our encrypted status and databuf. */ 1912 ssl_ctx->encrypt.status = APR_SUCCESS; 1913 ssl_ctx->encrypt.databuf.status = APR_SUCCESS; 1914 1915 /* Advance to the next stream - if we have one. */ 1916 if (ssl_ctx->encrypt.stream_next == NULL) { 1917 ssl_ctx->encrypt.stream = NULL; 1918 ssl_ctx->encrypt.pending = NULL; 1919 } 1920 else { 1921 bucket_list_t *cur; 1922 1923 cur = ssl_ctx->encrypt.stream_next; 1924 ssl_ctx->encrypt.stream = cur->bucket; 1925 ssl_ctx->encrypt.pending = 1926 serf_bucket_aggregate_create(cur->bucket->allocator); 1927 ssl_ctx->encrypt.stream_next = cur->next; 1928 serf_bucket_mem_free(ssl_ctx->allocator, cur); 1929 } 1930 } 1931 else { 1932 /* Ah, darn. We haven't sent this one along yet. */ 1933 return; 1934 } 1935 serf_ssl_destroy_and_data(bucket); 1936} 1937 1938static apr_status_t serf_ssl_read(serf_bucket_t *bucket, 1939 apr_size_t requested, 1940 const char **data, apr_size_t *len) 1941{ 1942 ssl_context_t *ctx = bucket->data; 1943 1944 return serf_databuf_read(ctx->databuf, requested, data, len); 1945} 1946 1947static apr_status_t serf_ssl_readline(serf_bucket_t *bucket, 1948 int acceptable, int *found, 1949 const char **data, 1950 apr_size_t *len) 1951{ 1952 ssl_context_t *ctx = bucket->data; 1953 1954 return serf_databuf_readline(ctx->databuf, acceptable, found, data, len); 1955} 1956 1957static apr_status_t serf_ssl_peek(serf_bucket_t *bucket, 1958 const char **data, 1959 apr_size_t *len) 1960{ 1961 ssl_context_t *ctx = bucket->data; 1962 1963 return serf_databuf_peek(ctx->databuf, data, len); 1964} 1965 1966 1967const serf_bucket_type_t serf_bucket_type_ssl_encrypt = { 1968 "SSLENCRYPT", 1969 serf_ssl_read, 1970 serf_ssl_readline, 1971 serf_default_read_iovec, 1972 serf_default_read_for_sendfile, 1973 serf_default_read_bucket, 1974 serf_ssl_peek, 1975 serf_ssl_encrypt_destroy_and_data, 1976}; 1977 1978const serf_bucket_type_t serf_bucket_type_ssl_decrypt = { 1979 "SSLDECRYPT", 1980 serf_ssl_read, 1981 serf_ssl_readline, 1982 serf_default_read_iovec, 1983 serf_default_read_for_sendfile, 1984 serf_default_read_bucket, 1985 serf_ssl_peek, 1986 serf_ssl_decrypt_destroy_and_data, 1987}; 1988