1/*************************************************************************** 2 * _ _ ____ _ 3 * Project ___| | | | _ \| | 4 * / __| | | | |_) | | 5 * | (__| |_| | _ <| |___ 6 * \___|\___/|_| \_\_____| 7 * 8 * Copyright (C) 2012 - 2014, Nick Zitzmann, <nickzman@gmail.com>. 9 * Copyright (C) 2012 - 2014, Daniel Stenberg, <daniel@haxx.se>, et al. 10 * 11 * This software is licensed as described in the file COPYING, which 12 * you should have received as part of this distribution. The terms 13 * are also available at http://curl.haxx.se/docs/copyright.html. 14 * 15 * You may opt to use, copy, modify, merge, publish, distribute and/or sell 16 * copies of the Software, and permit persons to whom the Software is 17 * furnished to do so, under the terms of the COPYING file. 18 * 19 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY 20 * KIND, either express or implied. 21 * 22 ***************************************************************************/ 23 24/* 25 * Source file for all iOS and Mac OS X SecureTransport-specific code for the 26 * TLS/SSL layer. No code but vtls.c should ever call or use these functions. 27 */ 28 29#include "curl_setup.h" 30 31#include "urldata.h" /* for the SessionHandle definition */ 32#include "curl_base64.h" 33 34#ifdef USE_DARWINSSL 35 36#ifdef HAVE_LIMITS_H 37#include <limits.h> 38#endif 39 40#include <Security/Security.h> 41#include <Security/SecureTransport.h> 42#include <CoreFoundation/CoreFoundation.h> 43#include <CommonCrypto/CommonDigest.h> 44 45/* The Security framework has changed greatly between iOS and different OS X 46 versions, and we will try to support as many of them as we can (back to 47 Leopard and iOS 5) by using macros and weak-linking. 48 49 IMPORTANT: If TLS 1.1 and 1.2 support are important for you on OS X, then 50 you must build this project against the 10.8 SDK or later. */ 51#if (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) 52 53#if MAC_OS_X_VERSION_MAX_ALLOWED < 1050 54#error "The darwinssl back-end requires Leopard or later." 55#endif /* MAC_OS_X_VERSION_MAX_ALLOWED < 1050 */ 56 57#define CURL_BUILD_IOS 0 58#define CURL_BUILD_IOS_7 0 59#define CURL_BUILD_MAC 1 60/* This is the maximum API level we are allowed to use when building: */ 61#define CURL_BUILD_MAC_10_5 MAC_OS_X_VERSION_MAX_ALLOWED >= 1050 62#define CURL_BUILD_MAC_10_6 MAC_OS_X_VERSION_MAX_ALLOWED >= 1060 63#define CURL_BUILD_MAC_10_7 MAC_OS_X_VERSION_MAX_ALLOWED >= 1070 64#define CURL_BUILD_MAC_10_8 MAC_OS_X_VERSION_MAX_ALLOWED >= 1080 65#define CURL_BUILD_MAC_10_9 MAC_OS_X_VERSION_MAX_ALLOWED >= 1090 66/* These macros mean "the following code is present to allow runtime backward 67 compatibility with at least this cat or earlier": 68 (You set this at build-time by setting the MACOSX_DEPLOYMENT_TARGET 69 environmental variable.) */ 70#define CURL_SUPPORT_MAC_10_5 MAC_OS_X_VERSION_MIN_REQUIRED <= 1050 71#define CURL_SUPPORT_MAC_10_6 MAC_OS_X_VERSION_MIN_REQUIRED <= 1060 72#define CURL_SUPPORT_MAC_10_7 MAC_OS_X_VERSION_MIN_REQUIRED <= 1070 73#define CURL_SUPPORT_MAC_10_8 MAC_OS_X_VERSION_MIN_REQUIRED <= 1080 74#define CURL_SUPPORT_MAC_10_9 MAC_OS_X_VERSION_MIN_REQUIRED <= 1090 75 76#elif TARGET_OS_EMBEDDED || TARGET_OS_IPHONE 77#define CURL_BUILD_IOS 1 78#define CURL_BUILD_IOS_7 __IPHONE_OS_VERSION_MAX_ALLOWED >= 70000 79#define CURL_BUILD_MAC 0 80#define CURL_BUILD_MAC_10_5 0 81#define CURL_BUILD_MAC_10_6 0 82#define CURL_BUILD_MAC_10_7 0 83#define CURL_BUILD_MAC_10_8 0 84#define CURL_SUPPORT_MAC_10_5 0 85#define CURL_SUPPORT_MAC_10_6 0 86#define CURL_SUPPORT_MAC_10_7 0 87#define CURL_SUPPORT_MAC_10_8 0 88 89#else 90#error "The darwinssl back-end requires iOS or OS X." 91#endif /* (TARGET_OS_MAC && !(TARGET_OS_EMBEDDED || TARGET_OS_IPHONE)) */ 92 93#if CURL_BUILD_MAC 94#include <sys/sysctl.h> 95#endif /* CURL_BUILD_MAC */ 96 97#include "urldata.h" 98#include "sendf.h" 99#include "inet_pton.h" 100#include "connect.h" 101#include "select.h" 102#include "vtls.h" 103#include "curl_darwinssl.h" 104 105#define _MPRINTF_REPLACE /* use our functions only */ 106#include <curl/mprintf.h> 107 108#include "curl_memory.h" 109/* The last #include file should be: */ 110#include "memdebug.h" 111 112/* From MacTypes.h (which we can't include because it isn't present in iOS: */ 113#define ioErr -36 114#define paramErr -50 115 116/* The following two functions were ripped from Apple sample code, 117 * with some modifications: */ 118static OSStatus SocketRead(SSLConnectionRef connection, 119 void *data, /* owned by 120 * caller, data 121 * RETURNED */ 122 size_t *dataLength) /* IN/OUT */ 123{ 124 size_t bytesToGo = *dataLength; 125 size_t initLen = bytesToGo; 126 UInt8 *currData = (UInt8 *)data; 127 /*int sock = *(int *)connection;*/ 128 struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection; 129 int sock = connssl->ssl_sockfd; 130 OSStatus rtn = noErr; 131 size_t bytesRead; 132 ssize_t rrtn; 133 int theErr; 134 135 *dataLength = 0; 136 137 for(;;) { 138 bytesRead = 0; 139 rrtn = read(sock, currData, bytesToGo); 140 if(rrtn <= 0) { 141 /* this is guesswork... */ 142 theErr = errno; 143 if(rrtn == 0) { /* EOF = server hung up */ 144 /* the framework will turn this into errSSLClosedNoNotify */ 145 rtn = errSSLClosedGraceful; 146 } 147 else /* do the switch */ 148 switch(theErr) { 149 case ENOENT: 150 /* connection closed */ 151 rtn = errSSLClosedGraceful; 152 break; 153 case ECONNRESET: 154 rtn = errSSLClosedAbort; 155 break; 156 case EAGAIN: 157 rtn = errSSLWouldBlock; 158 connssl->ssl_direction = false; 159 break; 160 default: 161 rtn = ioErr; 162 break; 163 } 164 break; 165 } 166 else { 167 bytesRead = rrtn; 168 } 169 bytesToGo -= bytesRead; 170 currData += bytesRead; 171 172 if(bytesToGo == 0) { 173 /* filled buffer with incoming data, done */ 174 break; 175 } 176 } 177 *dataLength = initLen - bytesToGo; 178 179 return rtn; 180} 181 182static OSStatus SocketWrite(SSLConnectionRef connection, 183 const void *data, 184 size_t *dataLength) /* IN/OUT */ 185{ 186 size_t bytesSent = 0; 187 /*int sock = *(int *)connection;*/ 188 struct ssl_connect_data *connssl = (struct ssl_connect_data *)connection; 189 int sock = connssl->ssl_sockfd; 190 ssize_t length; 191 size_t dataLen = *dataLength; 192 const UInt8 *dataPtr = (UInt8 *)data; 193 OSStatus ortn; 194 int theErr; 195 196 *dataLength = 0; 197 198 do { 199 length = write(sock, 200 (char*)dataPtr + bytesSent, 201 dataLen - bytesSent); 202 } while((length > 0) && 203 ( (bytesSent += length) < dataLen) ); 204 205 if(length <= 0) { 206 theErr = errno; 207 if(theErr == EAGAIN) { 208 ortn = errSSLWouldBlock; 209 connssl->ssl_direction = true; 210 } 211 else { 212 ortn = ioErr; 213 } 214 } 215 else { 216 ortn = noErr; 217 } 218 *dataLength = bytesSent; 219 return ortn; 220} 221 222CF_INLINE const char *SSLCipherNameForNumber(SSLCipherSuite cipher) { 223 switch (cipher) { 224 /* SSL version 3.0 */ 225 case SSL_RSA_WITH_NULL_MD5: 226 return "SSL_RSA_WITH_NULL_MD5"; 227 break; 228 case SSL_RSA_WITH_NULL_SHA: 229 return "SSL_RSA_WITH_NULL_SHA"; 230 break; 231 case SSL_RSA_EXPORT_WITH_RC4_40_MD5: 232 return "SSL_RSA_EXPORT_WITH_RC4_40_MD5"; 233 break; 234 case SSL_RSA_WITH_RC4_128_MD5: 235 return "SSL_RSA_WITH_RC4_128_MD5"; 236 break; 237 case SSL_RSA_WITH_RC4_128_SHA: 238 return "SSL_RSA_WITH_RC4_128_SHA"; 239 break; 240 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: 241 return "SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5"; 242 break; 243 case SSL_RSA_WITH_IDEA_CBC_SHA: 244 return "SSL_RSA_WITH_IDEA_CBC_SHA"; 245 break; 246 case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: 247 return "SSL_RSA_EXPORT_WITH_DES40_CBC_SHA"; 248 break; 249 case SSL_RSA_WITH_DES_CBC_SHA: 250 return "SSL_RSA_WITH_DES_CBC_SHA"; 251 break; 252 case SSL_RSA_WITH_3DES_EDE_CBC_SHA: 253 return "SSL_RSA_WITH_3DES_EDE_CBC_SHA"; 254 break; 255 case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: 256 return "SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA"; 257 break; 258 case SSL_DH_DSS_WITH_DES_CBC_SHA: 259 return "SSL_DH_DSS_WITH_DES_CBC_SHA"; 260 break; 261 case SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA: 262 return "SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA"; 263 break; 264 case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: 265 return "SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA"; 266 break; 267 case SSL_DH_RSA_WITH_DES_CBC_SHA: 268 return "SSL_DH_RSA_WITH_DES_CBC_SHA"; 269 break; 270 case SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA: 271 return "SSL_DH_RSA_WITH_3DES_EDE_CBC_SHA"; 272 break; 273 case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: 274 return "SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA"; 275 break; 276 case SSL_DHE_DSS_WITH_DES_CBC_SHA: 277 return "SSL_DHE_DSS_WITH_DES_CBC_SHA"; 278 break; 279 case SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA: 280 return "SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA"; 281 break; 282 case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: 283 return "SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA"; 284 break; 285 case SSL_DHE_RSA_WITH_DES_CBC_SHA: 286 return "SSL_DHE_RSA_WITH_DES_CBC_SHA"; 287 break; 288 case SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 289 return "SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA"; 290 break; 291 case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: 292 return "SSL_DH_anon_EXPORT_WITH_RC4_40_MD5"; 293 break; 294 case SSL_DH_anon_WITH_RC4_128_MD5: 295 return "SSL_DH_anon_WITH_RC4_128_MD5"; 296 break; 297 case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: 298 return "SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA"; 299 break; 300 case SSL_DH_anon_WITH_DES_CBC_SHA: 301 return "SSL_DH_anon_WITH_DES_CBC_SHA"; 302 break; 303 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: 304 return "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA"; 305 break; 306 case SSL_FORTEZZA_DMS_WITH_NULL_SHA: 307 return "SSL_FORTEZZA_DMS_WITH_NULL_SHA"; 308 break; 309 case SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA: 310 return "SSL_FORTEZZA_DMS_WITH_FORTEZZA_CBC_SHA"; 311 break; 312 /* TLS 1.0 with AES (RFC 3268) 313 (Apparently these are used in SSLv3 implementations as well.) */ 314 case TLS_RSA_WITH_AES_128_CBC_SHA: 315 return "TLS_RSA_WITH_AES_128_CBC_SHA"; 316 break; 317 case TLS_DH_DSS_WITH_AES_128_CBC_SHA: 318 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA"; 319 break; 320 case TLS_DH_RSA_WITH_AES_128_CBC_SHA: 321 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA"; 322 break; 323 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 324 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"; 325 break; 326 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 327 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; 328 break; 329 case TLS_DH_anon_WITH_AES_128_CBC_SHA: 330 return "TLS_DH_anon_WITH_AES_128_CBC_SHA"; 331 break; 332 case TLS_RSA_WITH_AES_256_CBC_SHA: 333 return "TLS_RSA_WITH_AES_256_CBC_SHA"; 334 break; 335 case TLS_DH_DSS_WITH_AES_256_CBC_SHA: 336 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA"; 337 break; 338 case TLS_DH_RSA_WITH_AES_256_CBC_SHA: 339 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA"; 340 break; 341 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 342 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"; 343 break; 344 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 345 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"; 346 break; 347 case TLS_DH_anon_WITH_AES_256_CBC_SHA: 348 return "TLS_DH_anon_WITH_AES_256_CBC_SHA"; 349 break; 350 /* SSL version 2.0 */ 351 case SSL_RSA_WITH_RC2_CBC_MD5: 352 return "SSL_RSA_WITH_RC2_CBC_MD5"; 353 break; 354 case SSL_RSA_WITH_IDEA_CBC_MD5: 355 return "SSL_RSA_WITH_IDEA_CBC_MD5"; 356 break; 357 case SSL_RSA_WITH_DES_CBC_MD5: 358 return "SSL_RSA_WITH_DES_CBC_MD5"; 359 break; 360 case SSL_RSA_WITH_3DES_EDE_CBC_MD5: 361 return "SSL_RSA_WITH_3DES_EDE_CBC_MD5"; 362 break; 363 } 364 return "SSL_NULL_WITH_NULL_NULL"; 365} 366 367CF_INLINE const char *TLSCipherNameForNumber(SSLCipherSuite cipher) { 368 switch(cipher) { 369 /* TLS 1.0 with AES (RFC 3268) */ 370 case TLS_RSA_WITH_AES_128_CBC_SHA: 371 return "TLS_RSA_WITH_AES_128_CBC_SHA"; 372 break; 373 case TLS_DH_DSS_WITH_AES_128_CBC_SHA: 374 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA"; 375 break; 376 case TLS_DH_RSA_WITH_AES_128_CBC_SHA: 377 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA"; 378 break; 379 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 380 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA"; 381 break; 382 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 383 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; 384 break; 385 case TLS_DH_anon_WITH_AES_128_CBC_SHA: 386 return "TLS_DH_anon_WITH_AES_128_CBC_SHA"; 387 break; 388 case TLS_RSA_WITH_AES_256_CBC_SHA: 389 return "TLS_RSA_WITH_AES_256_CBC_SHA"; 390 break; 391 case TLS_DH_DSS_WITH_AES_256_CBC_SHA: 392 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA"; 393 break; 394 case TLS_DH_RSA_WITH_AES_256_CBC_SHA: 395 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA"; 396 break; 397 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 398 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA"; 399 break; 400 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 401 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"; 402 break; 403 case TLS_DH_anon_WITH_AES_256_CBC_SHA: 404 return "TLS_DH_anon_WITH_AES_256_CBC_SHA"; 405 break; 406#if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS 407 /* TLS 1.0 with ECDSA (RFC 4492) */ 408 case TLS_ECDH_ECDSA_WITH_NULL_SHA: 409 return "TLS_ECDH_ECDSA_WITH_NULL_SHA"; 410 break; 411 case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: 412 return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"; 413 break; 414 case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: 415 return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"; 416 break; 417 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: 418 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"; 419 break; 420 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: 421 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"; 422 break; 423 case TLS_ECDHE_ECDSA_WITH_NULL_SHA: 424 return "TLS_ECDHE_ECDSA_WITH_NULL_SHA"; 425 break; 426 case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: 427 return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"; 428 break; 429 case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: 430 return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"; 431 break; 432 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 433 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; 434 break; 435 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 436 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"; 437 break; 438 case TLS_ECDH_RSA_WITH_NULL_SHA: 439 return "TLS_ECDH_RSA_WITH_NULL_SHA"; 440 break; 441 case TLS_ECDH_RSA_WITH_RC4_128_SHA: 442 return "TLS_ECDH_RSA_WITH_RC4_128_SHA"; 443 break; 444 case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: 445 return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"; 446 break; 447 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: 448 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"; 449 break; 450 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: 451 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"; 452 break; 453 case TLS_ECDHE_RSA_WITH_NULL_SHA: 454 return "TLS_ECDHE_RSA_WITH_NULL_SHA"; 455 break; 456 case TLS_ECDHE_RSA_WITH_RC4_128_SHA: 457 return "TLS_ECDHE_RSA_WITH_RC4_128_SHA"; 458 break; 459 case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: 460 return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"; 461 break; 462 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 463 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"; 464 break; 465 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 466 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"; 467 break; 468 case TLS_ECDH_anon_WITH_NULL_SHA: 469 return "TLS_ECDH_anon_WITH_NULL_SHA"; 470 break; 471 case TLS_ECDH_anon_WITH_RC4_128_SHA: 472 return "TLS_ECDH_anon_WITH_RC4_128_SHA"; 473 break; 474 case TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA: 475 return "TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA"; 476 break; 477 case TLS_ECDH_anon_WITH_AES_128_CBC_SHA: 478 return "TLS_ECDH_anon_WITH_AES_128_CBC_SHA"; 479 break; 480 case TLS_ECDH_anon_WITH_AES_256_CBC_SHA: 481 return "TLS_ECDH_anon_WITH_AES_256_CBC_SHA"; 482 break; 483#endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */ 484#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS 485 /* TLS 1.2 (RFC 5246) */ 486 case TLS_RSA_WITH_NULL_MD5: 487 return "TLS_RSA_WITH_NULL_MD5"; 488 break; 489 case TLS_RSA_WITH_NULL_SHA: 490 return "TLS_RSA_WITH_NULL_SHA"; 491 break; 492 case TLS_RSA_WITH_RC4_128_MD5: 493 return "TLS_RSA_WITH_RC4_128_MD5"; 494 break; 495 case TLS_RSA_WITH_RC4_128_SHA: 496 return "TLS_RSA_WITH_RC4_128_SHA"; 497 break; 498 case TLS_RSA_WITH_3DES_EDE_CBC_SHA: 499 return "TLS_RSA_WITH_3DES_EDE_CBC_SHA"; 500 break; 501 case TLS_RSA_WITH_NULL_SHA256: 502 return "TLS_RSA_WITH_NULL_SHA256"; 503 break; 504 case TLS_RSA_WITH_AES_128_CBC_SHA256: 505 return "TLS_RSA_WITH_AES_128_CBC_SHA256"; 506 break; 507 case TLS_RSA_WITH_AES_256_CBC_SHA256: 508 return "TLS_RSA_WITH_AES_256_CBC_SHA256"; 509 break; 510 case TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA: 511 return "TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA"; 512 break; 513 case TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA: 514 return "TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA"; 515 break; 516 case TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA: 517 return "TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA"; 518 break; 519 case TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA: 520 return "TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA"; 521 break; 522 case TLS_DH_DSS_WITH_AES_128_CBC_SHA256: 523 return "TLS_DH_DSS_WITH_AES_128_CBC_SHA256"; 524 break; 525 case TLS_DH_RSA_WITH_AES_128_CBC_SHA256: 526 return "TLS_DH_RSA_WITH_AES_128_CBC_SHA256"; 527 break; 528 case TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 529 return "TLS_DHE_DSS_WITH_AES_128_CBC_SHA256"; 530 break; 531 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 532 return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"; 533 break; 534 case TLS_DH_DSS_WITH_AES_256_CBC_SHA256: 535 return "TLS_DH_DSS_WITH_AES_256_CBC_SHA256"; 536 break; 537 case TLS_DH_RSA_WITH_AES_256_CBC_SHA256: 538 return "TLS_DH_RSA_WITH_AES_256_CBC_SHA256"; 539 break; 540 case TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 541 return "TLS_DHE_DSS_WITH_AES_256_CBC_SHA256"; 542 break; 543 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 544 return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"; 545 break; 546 case TLS_DH_anon_WITH_RC4_128_MD5: 547 return "TLS_DH_anon_WITH_RC4_128_MD5"; 548 break; 549 case TLS_DH_anon_WITH_3DES_EDE_CBC_SHA: 550 return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"; 551 break; 552 case TLS_DH_anon_WITH_AES_128_CBC_SHA256: 553 return "TLS_DH_anon_WITH_AES_128_CBC_SHA256"; 554 break; 555 case TLS_DH_anon_WITH_AES_256_CBC_SHA256: 556 return "TLS_DH_anon_WITH_AES_256_CBC_SHA256"; 557 break; 558 /* TLS 1.2 with AES GCM (RFC 5288) */ 559 case TLS_RSA_WITH_AES_128_GCM_SHA256: 560 return "TLS_RSA_WITH_AES_128_GCM_SHA256"; 561 break; 562 case TLS_RSA_WITH_AES_256_GCM_SHA384: 563 return "TLS_RSA_WITH_AES_256_GCM_SHA384"; 564 break; 565 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 566 return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"; 567 break; 568 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 569 return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"; 570 break; 571 case TLS_DH_RSA_WITH_AES_128_GCM_SHA256: 572 return "TLS_DH_RSA_WITH_AES_128_GCM_SHA256"; 573 break; 574 case TLS_DH_RSA_WITH_AES_256_GCM_SHA384: 575 return "TLS_DH_RSA_WITH_AES_256_GCM_SHA384"; 576 break; 577 case TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 578 return "TLS_DHE_DSS_WITH_AES_128_GCM_SHA256"; 579 break; 580 case TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 581 return "TLS_DHE_DSS_WITH_AES_256_GCM_SHA384"; 582 break; 583 case TLS_DH_DSS_WITH_AES_128_GCM_SHA256: 584 return "TLS_DH_DSS_WITH_AES_128_GCM_SHA256"; 585 break; 586 case TLS_DH_DSS_WITH_AES_256_GCM_SHA384: 587 return "TLS_DH_DSS_WITH_AES_256_GCM_SHA384"; 588 break; 589 case TLS_DH_anon_WITH_AES_128_GCM_SHA256: 590 return "TLS_DH_anon_WITH_AES_128_GCM_SHA256"; 591 break; 592 case TLS_DH_anon_WITH_AES_256_GCM_SHA384: 593 return "TLS_DH_anon_WITH_AES_256_GCM_SHA384"; 594 break; 595 /* TLS 1.2 with elliptic curve ciphers (RFC 5289) */ 596 case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 597 return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"; 598 break; 599 case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 600 return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"; 601 break; 602 case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: 603 return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"; 604 break; 605 case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: 606 return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"; 607 break; 608 case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 609 return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"; 610 break; 611 case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 612 return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"; 613 break; 614 case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: 615 return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"; 616 break; 617 case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: 618 return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"; 619 break; 620 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 621 return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"; 622 break; 623 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 624 return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"; 625 break; 626 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: 627 return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"; 628 break; 629 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: 630 return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"; 631 break; 632 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 633 return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"; 634 break; 635 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 636 return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"; 637 break; 638 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: 639 return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"; 640 break; 641 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: 642 return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"; 643 break; 644 case TLS_EMPTY_RENEGOTIATION_INFO_SCSV: 645 return "TLS_EMPTY_RENEGOTIATION_INFO_SCSV"; 646 break; 647#else 648 case SSL_RSA_WITH_NULL_MD5: 649 return "TLS_RSA_WITH_NULL_MD5"; 650 break; 651 case SSL_RSA_WITH_NULL_SHA: 652 return "TLS_RSA_WITH_NULL_SHA"; 653 break; 654 case SSL_RSA_WITH_RC4_128_MD5: 655 return "TLS_RSA_WITH_RC4_128_MD5"; 656 break; 657 case SSL_RSA_WITH_RC4_128_SHA: 658 return "TLS_RSA_WITH_RC4_128_SHA"; 659 break; 660 case SSL_RSA_WITH_3DES_EDE_CBC_SHA: 661 return "TLS_RSA_WITH_3DES_EDE_CBC_SHA"; 662 break; 663 case SSL_DH_anon_WITH_RC4_128_MD5: 664 return "TLS_DH_anon_WITH_RC4_128_MD5"; 665 break; 666 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: 667 return "TLS_DH_anon_WITH_3DES_EDE_CBC_SHA"; 668 break; 669#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */ 670#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 671 /* TLS PSK (RFC 4279): */ 672 case TLS_PSK_WITH_RC4_128_SHA: 673 return "TLS_PSK_WITH_RC4_128_SHA"; 674 break; 675 case TLS_PSK_WITH_3DES_EDE_CBC_SHA: 676 return "TLS_PSK_WITH_3DES_EDE_CBC_SHA"; 677 break; 678 case TLS_PSK_WITH_AES_128_CBC_SHA: 679 return "TLS_PSK_WITH_AES_128_CBC_SHA"; 680 break; 681 case TLS_PSK_WITH_AES_256_CBC_SHA: 682 return "TLS_PSK_WITH_AES_256_CBC_SHA"; 683 break; 684 case TLS_DHE_PSK_WITH_RC4_128_SHA: 685 return "TLS_DHE_PSK_WITH_RC4_128_SHA"; 686 break; 687 case TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA: 688 return "TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA"; 689 break; 690 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA: 691 return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA"; 692 break; 693 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA: 694 return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA"; 695 break; 696 case TLS_RSA_PSK_WITH_RC4_128_SHA: 697 return "TLS_RSA_PSK_WITH_RC4_128_SHA"; 698 break; 699 case TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA: 700 return "TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA"; 701 break; 702 case TLS_RSA_PSK_WITH_AES_128_CBC_SHA: 703 return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA"; 704 break; 705 case TLS_RSA_PSK_WITH_AES_256_CBC_SHA: 706 return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA"; 707 break; 708 /* More TLS PSK (RFC 4785): */ 709 case TLS_PSK_WITH_NULL_SHA: 710 return "TLS_PSK_WITH_NULL_SHA"; 711 break; 712 case TLS_DHE_PSK_WITH_NULL_SHA: 713 return "TLS_DHE_PSK_WITH_NULL_SHA"; 714 break; 715 case TLS_RSA_PSK_WITH_NULL_SHA: 716 return "TLS_RSA_PSK_WITH_NULL_SHA"; 717 break; 718 /* Even more TLS PSK (RFC 5487): */ 719 case TLS_PSK_WITH_AES_128_GCM_SHA256: 720 return "TLS_PSK_WITH_AES_128_GCM_SHA256"; 721 break; 722 case TLS_PSK_WITH_AES_256_GCM_SHA384: 723 return "TLS_PSK_WITH_AES_256_GCM_SHA384"; 724 break; 725 case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256: 726 return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"; 727 break; 728 case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384: 729 return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"; 730 break; 731 case TLS_RSA_PSK_WITH_AES_128_GCM_SHA256: 732 return "TLS_RSA_PSK_WITH_AES_128_GCM_SHA256"; 733 break; 734 case TLS_RSA_PSK_WITH_AES_256_GCM_SHA384: 735 return "TLS_PSK_WITH_AES_256_GCM_SHA384"; 736 break; 737 case TLS_PSK_WITH_AES_128_CBC_SHA256: 738 return "TLS_PSK_WITH_AES_128_CBC_SHA256"; 739 break; 740 case TLS_PSK_WITH_AES_256_CBC_SHA384: 741 return "TLS_PSK_WITH_AES_256_CBC_SHA384"; 742 break; 743 case TLS_PSK_WITH_NULL_SHA256: 744 return "TLS_PSK_WITH_NULL_SHA256"; 745 break; 746 case TLS_PSK_WITH_NULL_SHA384: 747 return "TLS_PSK_WITH_NULL_SHA384"; 748 break; 749 case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256: 750 return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"; 751 break; 752 case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384: 753 return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"; 754 break; 755 case TLS_DHE_PSK_WITH_NULL_SHA256: 756 return "TLS_DHE_PSK_WITH_NULL_SHA256"; 757 break; 758 case TLS_DHE_PSK_WITH_NULL_SHA384: 759 return "TLS_RSA_PSK_WITH_NULL_SHA384"; 760 break; 761 case TLS_RSA_PSK_WITH_AES_128_CBC_SHA256: 762 return "TLS_RSA_PSK_WITH_AES_128_CBC_SHA256"; 763 break; 764 case TLS_RSA_PSK_WITH_AES_256_CBC_SHA384: 765 return "TLS_RSA_PSK_WITH_AES_256_CBC_SHA384"; 766 break; 767 case TLS_RSA_PSK_WITH_NULL_SHA256: 768 return "TLS_RSA_PSK_WITH_NULL_SHA256"; 769 break; 770 case TLS_RSA_PSK_WITH_NULL_SHA384: 771 return "TLS_RSA_PSK_WITH_NULL_SHA384"; 772 break; 773#endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */ 774 } 775 return "TLS_NULL_WITH_NULL_NULL"; 776} 777 778#if CURL_BUILD_MAC 779CF_INLINE void GetDarwinVersionNumber(int *major, int *minor) 780{ 781 int mib[2]; 782 char *os_version; 783 size_t os_version_len; 784 char *os_version_major, *os_version_minor/*, *os_version_point*/; 785 786 /* Get the Darwin kernel version from the kernel using sysctl(): */ 787 mib[0] = CTL_KERN; 788 mib[1] = KERN_OSRELEASE; 789 if(sysctl(mib, 2, NULL, &os_version_len, NULL, 0) == -1) 790 return; 791 os_version = malloc(os_version_len*sizeof(char)); 792 if(!os_version) 793 return; 794 if(sysctl(mib, 2, os_version, &os_version_len, NULL, 0) == -1) { 795 free(os_version); 796 return; 797 } 798 799 /* Parse the version: */ 800 os_version_major = strtok(os_version, "."); 801 os_version_minor = strtok(NULL, "."); 802 /*os_version_point = strtok(NULL, ".");*/ 803 *major = atoi(os_version_major); 804 *minor = atoi(os_version_minor); 805 free(os_version); 806} 807#endif /* CURL_BUILD_MAC */ 808 809/* Apple provides a myriad of ways of getting information about a certificate 810 into a string. Some aren't available under iOS or newer cats. So here's 811 a unified function for getting a string describing the certificate that 812 ought to work in all cats starting with Leopard. */ 813CF_INLINE CFStringRef CopyCertSubject(SecCertificateRef cert) 814{ 815 CFStringRef server_cert_summary = CFSTR("(null)"); 816 817#if CURL_BUILD_IOS 818 /* iOS: There's only one way to do this. */ 819 server_cert_summary = SecCertificateCopySubjectSummary(cert); 820#else 821#if CURL_BUILD_MAC_10_7 822 /* Lion & later: Get the long description if we can. */ 823 if(SecCertificateCopyLongDescription != NULL) 824 server_cert_summary = 825 SecCertificateCopyLongDescription(NULL, cert, NULL); 826 else 827#endif /* CURL_BUILD_MAC_10_7 */ 828#if CURL_BUILD_MAC_10_6 829 /* Snow Leopard: Get the certificate summary. */ 830 if(SecCertificateCopySubjectSummary != NULL) 831 server_cert_summary = SecCertificateCopySubjectSummary(cert); 832 else 833#endif /* CURL_BUILD_MAC_10_6 */ 834 /* Leopard is as far back as we go... */ 835 (void)SecCertificateCopyCommonName(cert, &server_cert_summary); 836#endif /* CURL_BUILD_IOS */ 837 return server_cert_summary; 838} 839 840#if CURL_SUPPORT_MAC_10_6 841/* The SecKeychainSearch API was deprecated in Lion, and using it will raise 842 deprecation warnings, so let's not compile this unless it's necessary: */ 843static OSStatus CopyIdentityWithLabelOldSchool(char *label, 844 SecIdentityRef *out_c_a_k) 845{ 846 OSStatus status = errSecItemNotFound; 847 SecKeychainAttributeList attr_list; 848 SecKeychainAttribute attr; 849 SecKeychainSearchRef search = NULL; 850 SecCertificateRef cert = NULL; 851 852 /* Set up the attribute list: */ 853 attr_list.count = 1L; 854 attr_list.attr = &attr; 855 856 /* Set up our lone search criterion: */ 857 attr.tag = kSecLabelItemAttr; 858 attr.data = label; 859 attr.length = (UInt32)strlen(label); 860 861 /* Start searching: */ 862 status = SecKeychainSearchCreateFromAttributes(NULL, 863 kSecCertificateItemClass, 864 &attr_list, 865 &search); 866 if(status == noErr) { 867 status = SecKeychainSearchCopyNext(search, 868 (SecKeychainItemRef *)&cert); 869 if(status == noErr && cert) { 870 /* If we found a certificate, does it have a private key? */ 871 status = SecIdentityCreateWithCertificate(NULL, cert, out_c_a_k); 872 CFRelease(cert); 873 } 874 } 875 876 if(search) 877 CFRelease(search); 878 return status; 879} 880#endif /* CURL_SUPPORT_MAC_10_6 */ 881 882static OSStatus CopyIdentityWithLabel(char *label, 883 SecIdentityRef *out_cert_and_key) 884{ 885 OSStatus status = errSecItemNotFound; 886 887#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS 888 /* SecItemCopyMatching() was introduced in iOS and Snow Leopard. 889 kSecClassIdentity was introduced in Lion. If both exist, let's use them 890 to find the certificate. */ 891 if(SecItemCopyMatching != NULL && kSecClassIdentity != NULL) { 892 CFTypeRef keys[4]; 893 CFTypeRef values[4]; 894 CFDictionaryRef query_dict; 895 CFStringRef label_cf = CFStringCreateWithCString(NULL, label, 896 kCFStringEncodingUTF8); 897 898 /* Set up our search criteria and expected results: */ 899 values[0] = kSecClassIdentity; /* we want a certificate and a key */ 900 keys[0] = kSecClass; 901 values[1] = kCFBooleanTrue; /* we want a reference */ 902 keys[1] = kSecReturnRef; 903 values[2] = kSecMatchLimitOne; /* one is enough, thanks */ 904 keys[2] = kSecMatchLimit; 905 /* identity searches need a SecPolicyRef in order to work */ 906 values[3] = SecPolicyCreateSSL(false, label_cf); 907 keys[3] = kSecMatchPolicy; 908 query_dict = CFDictionaryCreate(NULL, (const void **)keys, 909 (const void **)values, 4L, 910 &kCFCopyStringDictionaryKeyCallBacks, 911 &kCFTypeDictionaryValueCallBacks); 912 CFRelease(values[3]); 913 CFRelease(label_cf); 914 915 /* Do we have a match? */ 916 status = SecItemCopyMatching(query_dict, (CFTypeRef *)out_cert_and_key); 917 CFRelease(query_dict); 918 } 919 else { 920#if CURL_SUPPORT_MAC_10_6 921 /* On Leopard and Snow Leopard, fall back to SecKeychainSearch. */ 922 status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key); 923#endif /* CURL_SUPPORT_MAC_10_7 */ 924 } 925#elif CURL_SUPPORT_MAC_10_6 926 /* For developers building on older cats, we have no choice but to fall back 927 to SecKeychainSearch. */ 928 status = CopyIdentityWithLabelOldSchool(label, out_cert_and_key); 929#endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */ 930 return status; 931} 932 933static OSStatus CopyIdentityFromPKCS12File(const char *cPath, 934 const char *cPassword, 935 SecIdentityRef *out_cert_and_key) 936{ 937 OSStatus status = errSecItemNotFound; 938 CFURLRef pkcs_url = CFURLCreateFromFileSystemRepresentation(NULL, 939 (const UInt8 *)cPath, strlen(cPath), false); 940 CFStringRef password = cPassword ? CFStringCreateWithCString(NULL, 941 cPassword, kCFStringEncodingUTF8) : NULL; 942 CFDataRef pkcs_data = NULL; 943 944 /* We can import P12 files on iOS or OS X 10.7 or later: */ 945 /* These constants are documented as having first appeared in 10.6 but they 946 raise linker errors when used on that cat for some reason. */ 947#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS 948 if(CFURLCreateDataAndPropertiesFromResource(NULL, pkcs_url, &pkcs_data, 949 NULL, NULL, &status)) { 950 const void *cKeys[] = {kSecImportExportPassphrase}; 951 const void *cValues[] = {password}; 952 CFDictionaryRef options = CFDictionaryCreate(NULL, cKeys, cValues, 953 password ? 1L : 0L, NULL, NULL); 954 CFArrayRef items = NULL; 955 956 /* Here we go: */ 957 status = SecPKCS12Import(pkcs_data, options, &items); 958 if(status == noErr && items && CFArrayGetCount(items)) { 959 CFDictionaryRef identity_and_trust = CFArrayGetValueAtIndex(items, 0L); 960 const void *temp_identity = CFDictionaryGetValue(identity_and_trust, 961 kSecImportItemIdentity); 962 963 /* Retain the identity; we don't care about any other data... */ 964 CFRetain(temp_identity); 965 *out_cert_and_key = (SecIdentityRef)temp_identity; 966 } 967 968 if(items) 969 CFRelease(items); 970 CFRelease(options); 971 CFRelease(pkcs_data); 972 } 973#endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */ 974 if(password) 975 CFRelease(password); 976 CFRelease(pkcs_url); 977 return status; 978} 979 980/* This code was borrowed from nss.c, with some modifications: 981 * Determine whether the nickname passed in is a filename that needs to 982 * be loaded as a PEM or a regular NSS nickname. 983 * 984 * returns 1 for a file 985 * returns 0 for not a file 986 */ 987CF_INLINE bool is_file(const char *filename) 988{ 989 struct_stat st; 990 991 if(filename == NULL) 992 return false; 993 994 if(stat(filename, &st) == 0) 995 return S_ISREG(st.st_mode); 996 return false; 997} 998 999static CURLcode darwinssl_connect_step1(struct connectdata *conn, 1000 int sockindex) 1001{ 1002 struct SessionHandle *data = conn->data; 1003 curl_socket_t sockfd = conn->sock[sockindex]; 1004 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 1005#ifdef ENABLE_IPV6 1006 struct in6_addr addr; 1007#else 1008 struct in_addr addr; 1009#endif /* ENABLE_IPV6 */ 1010 size_t all_ciphers_count = 0UL, allowed_ciphers_count = 0UL, i; 1011 SSLCipherSuite *all_ciphers = NULL, *allowed_ciphers = NULL; 1012 char *ssl_sessionid; 1013 size_t ssl_sessionid_len; 1014 OSStatus err = noErr; 1015#if CURL_BUILD_MAC 1016 int darwinver_maj = 0, darwinver_min = 0; 1017 1018 GetDarwinVersionNumber(&darwinver_maj, &darwinver_min); 1019#endif /* CURL_BUILD_MAC */ 1020 1021#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS 1022 if(SSLCreateContext != NULL) { /* use the newer API if avaialble */ 1023 if(connssl->ssl_ctx) 1024 CFRelease(connssl->ssl_ctx); 1025 connssl->ssl_ctx = SSLCreateContext(NULL, kSSLClientSide, kSSLStreamType); 1026 if(!connssl->ssl_ctx) { 1027 failf(data, "SSL: couldn't create a context!"); 1028 return CURLE_OUT_OF_MEMORY; 1029 } 1030 } 1031 else { 1032 /* The old ST API does not exist under iOS, so don't compile it: */ 1033#if CURL_SUPPORT_MAC_10_8 1034 if(connssl->ssl_ctx) 1035 (void)SSLDisposeContext(connssl->ssl_ctx); 1036 err = SSLNewContext(false, &(connssl->ssl_ctx)); 1037 if(err != noErr) { 1038 failf(data, "SSL: couldn't create a context: OSStatus %d", err); 1039 return CURLE_OUT_OF_MEMORY; 1040 } 1041#endif /* CURL_SUPPORT_MAC_10_8 */ 1042 } 1043#else 1044 if(connssl->ssl_ctx) 1045 (void)SSLDisposeContext(connssl->ssl_ctx); 1046 err = SSLNewContext(false, &(connssl->ssl_ctx)); 1047 if(err != noErr) { 1048 failf(data, "SSL: couldn't create a context: OSStatus %d", err); 1049 return CURLE_OUT_OF_MEMORY; 1050 } 1051#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */ 1052 connssl->ssl_write_buffered_length = 0UL; /* reset buffered write length */ 1053 1054 /* check to see if we've been told to use an explicit SSL/TLS version */ 1055#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS 1056 if(SSLSetProtocolVersionMax != NULL) { 1057 switch(data->set.ssl.version) { 1058 case CURL_SSLVERSION_DEFAULT: default: 1059 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3); 1060 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12); 1061 break; 1062 case CURL_SSLVERSION_TLSv1: 1063 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1); 1064 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12); 1065 break; 1066 case CURL_SSLVERSION_TLSv1_0: 1067 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol1); 1068 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol1); 1069 break; 1070 case CURL_SSLVERSION_TLSv1_1: 1071 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol11); 1072 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol11); 1073 break; 1074 case CURL_SSLVERSION_TLSv1_2: 1075 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kTLSProtocol12); 1076 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kTLSProtocol12); 1077 break; 1078 case CURL_SSLVERSION_SSLv3: 1079 (void)SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol3); 1080 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol3); 1081 break; 1082 case CURL_SSLVERSION_SSLv2: 1083 err = SSLSetProtocolVersionMin(connssl->ssl_ctx, kSSLProtocol2); 1084 if(err != noErr) { 1085 failf(data, "Your version of the OS does not support SSLv2"); 1086 return CURLE_SSL_CONNECT_ERROR; 1087 } 1088 (void)SSLSetProtocolVersionMax(connssl->ssl_ctx, kSSLProtocol2); 1089 } 1090 } 1091 else { 1092#if CURL_SUPPORT_MAC_10_8 1093 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1094 kSSLProtocolAll, 1095 false); 1096 switch (data->set.ssl.version) { 1097 case CURL_SSLVERSION_DEFAULT: default: 1098 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1099 kSSLProtocol3, 1100 true); 1101 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1102 kTLSProtocol1, 1103 true); 1104 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1105 kTLSProtocol11, 1106 true); 1107 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1108 kTLSProtocol12, 1109 true); 1110 break; 1111 case CURL_SSLVERSION_TLSv1: 1112 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1113 kTLSProtocol1, 1114 true); 1115 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1116 kTLSProtocol11, 1117 true); 1118 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1119 kTLSProtocol12, 1120 true); 1121 break; 1122 case CURL_SSLVERSION_TLSv1_0: 1123 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1124 kTLSProtocol1, 1125 true); 1126 break; 1127 case CURL_SSLVERSION_TLSv1_1: 1128 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1129 kTLSProtocol11, 1130 true); 1131 break; 1132 case CURL_SSLVERSION_TLSv1_2: 1133 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1134 kTLSProtocol12, 1135 true); 1136 break; 1137 case CURL_SSLVERSION_SSLv3: 1138 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1139 kSSLProtocol3, 1140 true); 1141 break; 1142 case CURL_SSLVERSION_SSLv2: 1143 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1144 kSSLProtocol2, 1145 true); 1146 if(err != noErr) { 1147 failf(data, "Your version of the OS does not support SSLv2"); 1148 return CURLE_SSL_CONNECT_ERROR; 1149 } 1150 break; 1151 } 1152#endif /* CURL_SUPPORT_MAC_10_8 */ 1153 } 1154#else 1155 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, kSSLProtocolAll, false); 1156 switch(data->set.ssl.version) { 1157 default: 1158 case CURL_SSLVERSION_DEFAULT: 1159 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1160 kSSLProtocol3, 1161 true); 1162 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1163 kTLSProtocol1, 1164 true); 1165 break; 1166 case CURL_SSLVERSION_TLSv1: 1167 case CURL_SSLVERSION_TLSv1_0: 1168 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1169 kTLSProtocol1, 1170 true); 1171 break; 1172 case CURL_SSLVERSION_TLSv1_1: 1173 failf(data, "Your version of the OS does not support TLSv1.1"); 1174 return CURLE_SSL_CONNECT_ERROR; 1175 case CURL_SSLVERSION_TLSv1_2: 1176 failf(data, "Your version of the OS does not support TLSv1.2"); 1177 return CURLE_SSL_CONNECT_ERROR; 1178 case CURL_SSLVERSION_SSLv2: 1179 err = SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1180 kSSLProtocol2, 1181 true); 1182 if(err != noErr) { 1183 failf(data, "Your version of the OS does not support SSLv2"); 1184 return CURLE_SSL_CONNECT_ERROR; 1185 } 1186 break; 1187 case CURL_SSLVERSION_SSLv3: 1188 (void)SSLSetProtocolVersionEnabled(connssl->ssl_ctx, 1189 kSSLProtocol3, 1190 true); 1191 break; 1192 } 1193#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */ 1194 1195 if(data->set.str[STRING_KEY]) { 1196 infof(data, "WARNING: SSL: CURLOPT_SSLKEY is ignored by Secure " 1197 "Transport. The private key must be in the Keychain.\n"); 1198 } 1199 1200 if(data->set.str[STRING_CERT]) { 1201 SecIdentityRef cert_and_key = NULL; 1202 bool is_cert_file = is_file(data->set.str[STRING_CERT]); 1203 1204 /* User wants to authenticate with a client cert. Look for it: 1205 If we detect that this is a file on disk, then let's load it. 1206 Otherwise, assume that the user wants to use an identity loaded 1207 from the Keychain. */ 1208 if(is_cert_file) { 1209 if(!data->set.str[STRING_CERT_TYPE]) 1210 infof(data, "WARNING: SSL: Certificate type not set, assuming " 1211 "PKCS#12 format.\n"); 1212 else if(strncmp(data->set.str[STRING_CERT_TYPE], "P12", 1213 strlen(data->set.str[STRING_CERT_TYPE])) != 0) 1214 infof(data, "WARNING: SSL: The Security framework only supports " 1215 "loading identities that are in PKCS#12 format.\n"); 1216 1217 err = CopyIdentityFromPKCS12File(data->set.str[STRING_CERT], 1218 data->set.str[STRING_KEY_PASSWD], &cert_and_key); 1219 } 1220 else 1221 err = CopyIdentityWithLabel(data->set.str[STRING_CERT], &cert_and_key); 1222 1223 if(err == noErr) { 1224 SecCertificateRef cert = NULL; 1225 CFTypeRef certs_c[1]; 1226 CFArrayRef certs; 1227 1228 /* If we found one, print it out: */ 1229 err = SecIdentityCopyCertificate(cert_and_key, &cert); 1230 if(err == noErr) { 1231 CFStringRef cert_summary = CopyCertSubject(cert); 1232 char cert_summary_c[128]; 1233 1234 if(cert_summary) { 1235 memset(cert_summary_c, 0, 128); 1236 if(CFStringGetCString(cert_summary, 1237 cert_summary_c, 1238 128, 1239 kCFStringEncodingUTF8)) { 1240 infof(data, "Client certificate: %s\n", cert_summary_c); 1241 } 1242 CFRelease(cert_summary); 1243 CFRelease(cert); 1244 } 1245 } 1246 certs_c[0] = cert_and_key; 1247 certs = CFArrayCreate(NULL, (const void **)certs_c, 1L, 1248 &kCFTypeArrayCallBacks); 1249 err = SSLSetCertificate(connssl->ssl_ctx, certs); 1250 if(certs) 1251 CFRelease(certs); 1252 if(err != noErr) { 1253 failf(data, "SSL: SSLSetCertificate() failed: OSStatus %d", err); 1254 return CURLE_SSL_CERTPROBLEM; 1255 } 1256 CFRelease(cert_and_key); 1257 } 1258 else { 1259 switch(err) { 1260 case errSecAuthFailed: case -25264: /* errSecPkcs12VerifyFailure */ 1261 failf(data, "SSL: Incorrect password for the certificate \"%s\" " 1262 "and its private key.", data->set.str[STRING_CERT]); 1263 break; 1264 case -26275: /* errSecDecode */ case -25257: /* errSecUnknownFormat */ 1265 failf(data, "SSL: Couldn't make sense of the data in the " 1266 "certificate \"%s\" and its private key.", 1267 data->set.str[STRING_CERT]); 1268 break; 1269 case -25260: /* errSecPassphraseRequired */ 1270 failf(data, "SSL The certificate \"%s\" requires a password.", 1271 data->set.str[STRING_CERT]); 1272 break; 1273 case errSecItemNotFound: 1274 failf(data, "SSL: Can't find the certificate \"%s\" and its private " 1275 "key in the Keychain.", data->set.str[STRING_CERT]); 1276 break; 1277 default: 1278 failf(data, "SSL: Can't load the certificate \"%s\" and its private " 1279 "key: OSStatus %d", data->set.str[STRING_CERT], err); 1280 break; 1281 } 1282 return CURLE_SSL_CERTPROBLEM; 1283 } 1284 } 1285 1286 /* SSL always tries to verify the peer, this only says whether it should 1287 * fail to connect if the verification fails, or if it should continue 1288 * anyway. In the latter case the result of the verification is checked with 1289 * SSL_get_verify_result() below. */ 1290#if CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS 1291 /* Snow Leopard introduced the SSLSetSessionOption() function, but due to 1292 a library bug with the way the kSSLSessionOptionBreakOnServerAuth flag 1293 works, it doesn't work as expected under Snow Leopard or Lion. 1294 So we need to call SSLSetEnableCertVerify() on those older cats in order 1295 to disable certificate validation if the user turned that off. 1296 (SecureTransport will always validate the certificate chain by 1297 default.) */ 1298 /* (Note: Darwin 12.x.x is Mountain Lion.) */ 1299#if CURL_BUILD_MAC 1300 if(SSLSetSessionOption != NULL && darwinver_maj >= 12) { 1301#else 1302 if(SSLSetSessionOption != NULL) { 1303#endif /* CURL_BUILD_MAC */ 1304 bool break_on_auth = !data->set.ssl.verifypeer || 1305 data->set.str[STRING_SSL_CAFILE]; 1306 err = SSLSetSessionOption(connssl->ssl_ctx, 1307 kSSLSessionOptionBreakOnServerAuth, 1308 break_on_auth); 1309 if(err != noErr) { 1310 failf(data, "SSL: SSLSetSessionOption() failed: OSStatus %d", err); 1311 return CURLE_SSL_CONNECT_ERROR; 1312 } 1313 } 1314 else { 1315#if CURL_SUPPORT_MAC_10_8 1316 err = SSLSetEnableCertVerify(connssl->ssl_ctx, 1317 data->set.ssl.verifypeer?true:false); 1318 if(err != noErr) { 1319 failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err); 1320 return CURLE_SSL_CONNECT_ERROR; 1321 } 1322#endif /* CURL_SUPPORT_MAC_10_8 */ 1323 } 1324#else 1325 err = SSLSetEnableCertVerify(connssl->ssl_ctx, 1326 data->set.ssl.verifypeer?true:false); 1327 if(err != noErr) { 1328 failf(data, "SSL: SSLSetEnableCertVerify() failed: OSStatus %d", err); 1329 return CURLE_SSL_CONNECT_ERROR; 1330 } 1331#endif /* CURL_BUILD_MAC_10_6 || CURL_BUILD_IOS */ 1332 1333 if(data->set.str[STRING_SSL_CAFILE]) { 1334 bool is_cert_file = is_file(data->set.str[STRING_SSL_CAFILE]); 1335 1336 if(!is_cert_file) { 1337 failf(data, "SSL: can't load CA certificate file %s", 1338 data->set.str[STRING_SSL_CAFILE]); 1339 return CURLE_SSL_CACERT_BADFILE; 1340 } 1341 if(!data->set.ssl.verifypeer) { 1342 failf(data, "SSL: CA certificate set, but certificate verification " 1343 "is disabled"); 1344 return CURLE_SSL_CONNECT_ERROR; 1345 } 1346 } 1347 1348 /* Configure hostname check. SNI is used if available. 1349 * Both hostname check and SNI require SSLSetPeerDomainName(). 1350 * Also: the verifyhost setting influences SNI usage */ 1351 if(data->set.ssl.verifyhost) { 1352 err = SSLSetPeerDomainName(connssl->ssl_ctx, conn->host.name, 1353 strlen(conn->host.name)); 1354 1355 if(err != noErr) { 1356 infof(data, "WARNING: SSL: SSLSetPeerDomainName() failed: OSStatus %d\n", 1357 err); 1358 } 1359 1360 if((Curl_inet_pton(AF_INET, conn->host.name, &addr)) 1361 #ifdef ENABLE_IPV6 1362 || (Curl_inet_pton(AF_INET6, conn->host.name, &addr)) 1363 #endif 1364 ) { 1365 infof(data, "WARNING: using IP address, SNI is being disabled by " 1366 "the OS.\n"); 1367 } 1368 } 1369 1370 /* Disable cipher suites that ST supports but are not safe. These ciphers 1371 are unlikely to be used in any case since ST gives other ciphers a much 1372 higher priority, but it's probably better that we not connect at all than 1373 to give the user a false sense of security if the server only supports 1374 insecure ciphers. (Note: We don't care about SSLv2-only ciphers.) */ 1375 (void)SSLGetNumberSupportedCiphers(connssl->ssl_ctx, &all_ciphers_count); 1376 all_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite)); 1377 allowed_ciphers = malloc(all_ciphers_count*sizeof(SSLCipherSuite)); 1378 if(all_ciphers && allowed_ciphers && 1379 SSLGetSupportedCiphers(connssl->ssl_ctx, all_ciphers, 1380 &all_ciphers_count) == noErr) { 1381 for(i = 0UL ; i < all_ciphers_count ; i++) { 1382#if CURL_BUILD_MAC 1383 /* There's a known bug in early versions of Mountain Lion where ST's ECC 1384 ciphers (cipher suite 0xC001 through 0xC032) simply do not work. 1385 Work around the problem here by disabling those ciphers if we are 1386 running in an affected version of OS X. */ 1387 if(darwinver_maj == 12 && darwinver_min <= 3 && 1388 all_ciphers[i] >= 0xC001 && all_ciphers[i] <= 0xC032) { 1389 continue; 1390 } 1391#endif /* CURL_BUILD_MAC */ 1392 switch(all_ciphers[i]) { 1393 /* Disable NULL ciphersuites: */ 1394 case SSL_NULL_WITH_NULL_NULL: 1395 case SSL_RSA_WITH_NULL_MD5: 1396 case SSL_RSA_WITH_NULL_SHA: 1397 case 0x003B: /* TLS_RSA_WITH_NULL_SHA256 */ 1398 case SSL_FORTEZZA_DMS_WITH_NULL_SHA: 1399 case 0xC001: /* TLS_ECDH_ECDSA_WITH_NULL_SHA */ 1400 case 0xC006: /* TLS_ECDHE_ECDSA_WITH_NULL_SHA */ 1401 case 0xC00B: /* TLS_ECDH_RSA_WITH_NULL_SHA */ 1402 case 0xC010: /* TLS_ECDHE_RSA_WITH_NULL_SHA */ 1403 case 0x002C: /* TLS_PSK_WITH_NULL_SHA */ 1404 case 0x002D: /* TLS_DHE_PSK_WITH_NULL_SHA */ 1405 case 0x002E: /* TLS_RSA_PSK_WITH_NULL_SHA */ 1406 case 0x00B0: /* TLS_PSK_WITH_NULL_SHA256 */ 1407 case 0x00B1: /* TLS_PSK_WITH_NULL_SHA384 */ 1408 case 0x00B4: /* TLS_DHE_PSK_WITH_NULL_SHA256 */ 1409 case 0x00B5: /* TLS_DHE_PSK_WITH_NULL_SHA384 */ 1410 case 0x00B8: /* TLS_RSA_PSK_WITH_NULL_SHA256 */ 1411 case 0x00B9: /* TLS_RSA_PSK_WITH_NULL_SHA384 */ 1412 /* Disable anonymous ciphersuites: */ 1413 case SSL_DH_anon_EXPORT_WITH_RC4_40_MD5: 1414 case SSL_DH_anon_WITH_RC4_128_MD5: 1415 case SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA: 1416 case SSL_DH_anon_WITH_DES_CBC_SHA: 1417 case SSL_DH_anon_WITH_3DES_EDE_CBC_SHA: 1418 case TLS_DH_anon_WITH_AES_128_CBC_SHA: 1419 case TLS_DH_anon_WITH_AES_256_CBC_SHA: 1420 case 0xC015: /* TLS_ECDH_anon_WITH_NULL_SHA */ 1421 case 0xC016: /* TLS_ECDH_anon_WITH_RC4_128_SHA */ 1422 case 0xC017: /* TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA */ 1423 case 0xC018: /* TLS_ECDH_anon_WITH_AES_128_CBC_SHA */ 1424 case 0xC019: /* TLS_ECDH_anon_WITH_AES_256_CBC_SHA */ 1425 case 0x006C: /* TLS_DH_anon_WITH_AES_128_CBC_SHA256 */ 1426 case 0x006D: /* TLS_DH_anon_WITH_AES_256_CBC_SHA256 */ 1427 case 0x00A6: /* TLS_DH_anon_WITH_AES_128_GCM_SHA256 */ 1428 case 0x00A7: /* TLS_DH_anon_WITH_AES_256_GCM_SHA384 */ 1429 /* Disable weak key ciphersuites: */ 1430 case SSL_RSA_EXPORT_WITH_RC4_40_MD5: 1431 case SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5: 1432 case SSL_RSA_EXPORT_WITH_DES40_CBC_SHA: 1433 case SSL_DH_DSS_EXPORT_WITH_DES40_CBC_SHA: 1434 case SSL_DH_RSA_EXPORT_WITH_DES40_CBC_SHA: 1435 case SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA: 1436 case SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA: 1437 case SSL_RSA_WITH_DES_CBC_SHA: 1438 case SSL_DH_DSS_WITH_DES_CBC_SHA: 1439 case SSL_DH_RSA_WITH_DES_CBC_SHA: 1440 case SSL_DHE_DSS_WITH_DES_CBC_SHA: 1441 case SSL_DHE_RSA_WITH_DES_CBC_SHA: 1442 /* Disable IDEA: */ 1443 case SSL_RSA_WITH_IDEA_CBC_SHA: 1444 case SSL_RSA_WITH_IDEA_CBC_MD5: 1445 break; 1446 default: /* enable everything else */ 1447 allowed_ciphers[allowed_ciphers_count++] = all_ciphers[i]; 1448 break; 1449 } 1450 } 1451 err = SSLSetEnabledCiphers(connssl->ssl_ctx, allowed_ciphers, 1452 allowed_ciphers_count); 1453 if(err != noErr) { 1454 failf(data, "SSL: SSLSetEnabledCiphers() failed: OSStatus %d", err); 1455 return CURLE_SSL_CONNECT_ERROR; 1456 } 1457 } 1458 else { 1459 Curl_safefree(all_ciphers); 1460 Curl_safefree(allowed_ciphers); 1461 failf(data, "SSL: Failed to allocate memory for allowed ciphers"); 1462 return CURLE_OUT_OF_MEMORY; 1463 } 1464 Curl_safefree(all_ciphers); 1465 Curl_safefree(allowed_ciphers); 1466 1467#if CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 1468 /* We want to enable 1/n-1 when using a CBC cipher unless the user 1469 specifically doesn't want us doing that: */ 1470 if(SSLSetSessionOption != NULL) 1471 SSLSetSessionOption(connssl->ssl_ctx, kSSLSessionOptionSendOneByteRecord, 1472 !data->set.ssl_enable_beast); 1473#endif /* CURL_BUILD_MAC_10_9 || CURL_BUILD_IOS_7 */ 1474 1475 /* Check if there's a cached ID we can/should use here! */ 1476 if(!Curl_ssl_getsessionid(conn, (void **)&ssl_sessionid, 1477 &ssl_sessionid_len)) { 1478 /* we got a session id, use it! */ 1479 err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); 1480 if(err != noErr) { 1481 failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); 1482 return CURLE_SSL_CONNECT_ERROR; 1483 } 1484 /* Informational message */ 1485 infof(data, "SSL re-using session ID\n"); 1486 } 1487 /* If there isn't one, then let's make one up! This has to be done prior 1488 to starting the handshake. */ 1489 else { 1490 CURLcode retcode; 1491 1492 ssl_sessionid = malloc(256*sizeof(char)); 1493 ssl_sessionid_len = snprintf(ssl_sessionid, 256, "curl:%s:%hu", 1494 conn->host.name, conn->remote_port); 1495 err = SSLSetPeerID(connssl->ssl_ctx, ssl_sessionid, ssl_sessionid_len); 1496 if(err != noErr) { 1497 failf(data, "SSL: SSLSetPeerID() failed: OSStatus %d", err); 1498 return CURLE_SSL_CONNECT_ERROR; 1499 } 1500 retcode = Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_sessionid_len); 1501 if(retcode!= CURLE_OK) { 1502 failf(data, "failed to store ssl session"); 1503 return retcode; 1504 } 1505 } 1506 1507 err = SSLSetIOFuncs(connssl->ssl_ctx, SocketRead, SocketWrite); 1508 if(err != noErr) { 1509 failf(data, "SSL: SSLSetIOFuncs() failed: OSStatus %d", err); 1510 return CURLE_SSL_CONNECT_ERROR; 1511 } 1512 1513 /* pass the raw socket into the SSL layers */ 1514 /* We need to store the FD in a constant memory address, because 1515 * SSLSetConnection() will not copy that address. I've found that 1516 * conn->sock[sockindex] may change on its own. */ 1517 connssl->ssl_sockfd = sockfd; 1518 err = SSLSetConnection(connssl->ssl_ctx, connssl); 1519 if(err != noErr) { 1520 failf(data, "SSL: SSLSetConnection() failed: %d", err); 1521 return CURLE_SSL_CONNECT_ERROR; 1522 } 1523 1524 connssl->connecting_state = ssl_connect_2; 1525 return CURLE_OK; 1526} 1527 1528static long pem_to_der(const char *in, unsigned char **out, size_t *outlen) 1529{ 1530 char *sep_start, *sep_end, *cert_start, *cert_end; 1531 size_t i, j, err; 1532 size_t len; 1533 unsigned char *b64; 1534 1535 /* Jump through the separators at the beginning of the certificate. */ 1536 sep_start = strstr(in, "-----"); 1537 if(sep_start == NULL) 1538 return 0; 1539 cert_start = strstr(sep_start + 1, "-----"); 1540 if(cert_start == NULL) 1541 return -1; 1542 1543 cert_start += 5; 1544 1545 /* Find separator after the end of the certificate. */ 1546 cert_end = strstr(cert_start, "-----"); 1547 if(cert_end == NULL) 1548 return -1; 1549 1550 sep_end = strstr(cert_end + 1, "-----"); 1551 if(sep_end == NULL) 1552 return -1; 1553 sep_end += 5; 1554 1555 len = cert_end - cert_start; 1556 b64 = malloc(len + 1); 1557 if(!b64) 1558 return -1; 1559 1560 /* Create base64 string without linefeeds. */ 1561 for(i = 0, j = 0; i < len; i++) { 1562 if(cert_start[i] != '\r' && cert_start[i] != '\n') 1563 b64[j++] = cert_start[i]; 1564 } 1565 b64[j] = '\0'; 1566 1567 err = Curl_base64_decode((const char *)b64, out, outlen); 1568 free(b64); 1569 if(err) { 1570 free(*out); 1571 return -1; 1572 } 1573 1574 return sep_end - in; 1575} 1576 1577static int read_cert(const char *file, unsigned char **out, size_t *outlen) 1578{ 1579 int fd; 1580 ssize_t n, len = 0, cap = 512; 1581 unsigned char buf[cap], *data; 1582 1583 fd = open(file, 0); 1584 if(fd < 0) 1585 return -1; 1586 1587 data = malloc(cap); 1588 if(!data) { 1589 close(fd); 1590 return -1; 1591 } 1592 1593 for(;;) { 1594 n = read(fd, buf, sizeof(buf)); 1595 if(n < 0) { 1596 close(fd); 1597 free(data); 1598 return -1; 1599 } 1600 else if(n == 0) { 1601 close(fd); 1602 break; 1603 } 1604 1605 if(len + n >= cap) { 1606 cap *= 2; 1607 data = realloc(data, cap); 1608 if(!data) { 1609 close(fd); 1610 return -1; 1611 } 1612 } 1613 1614 memcpy(data + len, buf, n); 1615 len += n; 1616 } 1617 data[len] = '\0'; 1618 1619 *out = data; 1620 *outlen = len; 1621 1622 return 0; 1623} 1624 1625static int sslerr_to_curlerr(struct SessionHandle *data, int err) 1626{ 1627 switch(err) { 1628 case errSSLXCertChainInvalid: 1629 failf(data, "SSL certificate problem: Invalid certificate chain"); 1630 return CURLE_SSL_CACERT; 1631 case errSSLUnknownRootCert: 1632 failf(data, "SSL certificate problem: Untrusted root certificate"); 1633 return CURLE_SSL_CACERT; 1634 case errSSLNoRootCert: 1635 failf(data, "SSL certificate problem: No root certificate"); 1636 return CURLE_SSL_CACERT; 1637 case errSSLCertExpired: 1638 failf(data, "SSL certificate problem: Certificate chain had an " 1639 "expired certificate"); 1640 return CURLE_SSL_CACERT; 1641 case errSSLBadCert: 1642 failf(data, "SSL certificate problem: Couldn't understand the server " 1643 "certificate format"); 1644 return CURLE_SSL_CONNECT_ERROR; 1645 case errSSLHostNameMismatch: 1646 failf(data, "SSL certificate peer hostname mismatch"); 1647 return CURLE_PEER_FAILED_VERIFICATION; 1648 default: 1649 failf(data, "SSL unexpected certificate error %d", err); 1650 return CURLE_SSL_CACERT; 1651 } 1652} 1653 1654static int append_cert_to_array(struct SessionHandle *data, 1655 unsigned char *buf, size_t buflen, 1656 CFMutableArrayRef array) 1657{ 1658 CFDataRef certdata = CFDataCreate(kCFAllocatorDefault, buf, buflen); 1659 if(!certdata) { 1660 failf(data, "SSL: failed to allocate array for CA certificate"); 1661 return CURLE_OUT_OF_MEMORY; 1662 } 1663 1664 SecCertificateRef cacert = 1665 SecCertificateCreateWithData(kCFAllocatorDefault, certdata); 1666 CFRelease(certdata); 1667 if(!cacert) { 1668 failf(data, "SSL: failed to create SecCertificate from CA certificate"); 1669 return CURLE_SSL_CACERT; 1670 } 1671 1672#if !TARGET_OS_EMBEDDED 1673 /* Check if cacert is valid. */ 1674 SecKeyRef key; 1675 OSStatus ret = SecCertificateCopyPublicKey(cacert, &key); 1676 if(ret != noErr) { 1677 CFRelease(cacert); 1678 failf(data, "SSL: invalid CA certificate"); 1679 return CURLE_SSL_CACERT; 1680 } 1681 CFRelease(key); 1682#endif /* !TARGET_OS_EMBEDDED */ 1683 1684 CFArrayAppendValue(array, cacert); 1685 CFRelease(cacert); 1686 1687 return CURLE_OK; 1688} 1689 1690static int verify_cert(const char *cafile, struct SessionHandle *data, 1691 SSLContextRef ctx) 1692{ 1693 int n = 0, rc; 1694 long res; 1695 unsigned char *certbuf, *der; 1696 size_t buflen, derlen, offset = 0; 1697 1698 if(read_cert(cafile, &certbuf, &buflen) < 0) { 1699 failf(data, "SSL: failed to read or invalid CA certificate"); 1700 return CURLE_SSL_CACERT; 1701 } 1702 1703 /* 1704 * Certbuf now contains the contents of the certificate file, which can be 1705 * - a single DER certificate, 1706 * - a single PEM certificate or 1707 * - a bunch of PEM certificates (certificate bundle). 1708 * 1709 * Go through certbuf, and convert any PEM certificate in it into DER 1710 * format. 1711 */ 1712 CFMutableArrayRef array = CFArrayCreateMutable(kCFAllocatorDefault, 0, 1713 &kCFTypeArrayCallBacks); 1714 if(array == NULL) { 1715 free(certbuf); 1716 failf(data, "SSL: out of memory creating CA certificate array"); 1717 return CURLE_OUT_OF_MEMORY; 1718 } 1719 1720 while(offset < buflen) { 1721 n++; 1722 1723 /* 1724 * Check if the certificate is in PEM format, and convert it to DER. If 1725 * this fails, we assume the certificate is in DER format. 1726 */ 1727 res = pem_to_der((const char *)certbuf + offset, &der, &derlen); 1728 if(res < 0) { 1729 free(certbuf); 1730 CFRelease(array); 1731 failf(data, "SSL: invalid CA certificate #%d (offset %d) in bundle", 1732 n, offset); 1733 return CURLE_SSL_CACERT; 1734 } 1735 offset += res; 1736 1737 if(res == 0 && offset == 0) { 1738 /* This is not a PEM file, probably a certificate in DER format. */ 1739 rc = append_cert_to_array(data, certbuf, buflen, array); 1740 free(certbuf); 1741 if(rc != CURLE_OK) { 1742 CFRelease(array); 1743 return rc; 1744 } 1745 break; 1746 } 1747 else if(res == 0) { 1748 /* No more certificates in the bundle. */ 1749 free(certbuf); 1750 break; 1751 } 1752 1753 rc = append_cert_to_array(data, der, derlen, array); 1754 free(der); 1755 if(rc != CURLE_OK) { 1756 free(certbuf); 1757 CFRelease(array); 1758 return rc; 1759 } 1760 } 1761 1762 SecTrustRef trust; 1763 OSStatus ret = SSLCopyPeerTrust(ctx, &trust); 1764 if(trust == NULL) { 1765 failf(data, "SSL: error getting certificate chain"); 1766 CFRelease(array); 1767 return CURLE_OUT_OF_MEMORY; 1768 } 1769 else if(ret != noErr) { 1770 CFRelease(array); 1771 return sslerr_to_curlerr(data, ret); 1772 } 1773 1774 ret = SecTrustSetAnchorCertificates(trust, array); 1775 if(ret != noErr) { 1776 CFRelease(trust); 1777 return sslerr_to_curlerr(data, ret); 1778 } 1779 ret = SecTrustSetAnchorCertificatesOnly(trust, true); 1780 if(ret != noErr) { 1781 CFRelease(trust); 1782 return sslerr_to_curlerr(data, ret); 1783 } 1784 1785 SecTrustResultType trust_eval = 0; 1786 ret = SecTrustEvaluate(trust, &trust_eval); 1787 CFRelease(array); 1788 CFRelease(trust); 1789 if(ret != noErr) { 1790 return sslerr_to_curlerr(data, ret); 1791 } 1792 1793 switch (trust_eval) { 1794 case kSecTrustResultUnspecified: 1795 case kSecTrustResultProceed: 1796 return CURLE_OK; 1797 1798 case kSecTrustResultRecoverableTrustFailure: 1799 case kSecTrustResultDeny: 1800 default: 1801 failf(data, "SSL: certificate verification failed (result: %d)", 1802 trust_eval); 1803 return CURLE_PEER_FAILED_VERIFICATION; 1804 } 1805} 1806 1807static CURLcode 1808darwinssl_connect_step2(struct connectdata *conn, int sockindex) 1809{ 1810 struct SessionHandle *data = conn->data; 1811 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 1812 OSStatus err; 1813 SSLCipherSuite cipher; 1814 SSLProtocol protocol = 0; 1815 1816 DEBUGASSERT(ssl_connect_2 == connssl->connecting_state 1817 || ssl_connect_2_reading == connssl->connecting_state 1818 || ssl_connect_2_writing == connssl->connecting_state); 1819 1820 /* Here goes nothing: */ 1821 err = SSLHandshake(connssl->ssl_ctx); 1822 1823 if(err != noErr) { 1824 switch (err) { 1825 case errSSLWouldBlock: /* they're not done with us yet */ 1826 connssl->connecting_state = connssl->ssl_direction ? 1827 ssl_connect_2_writing : ssl_connect_2_reading; 1828 return CURLE_OK; 1829 1830 /* The below is errSSLServerAuthCompleted; it's not defined in 1831 Leopard's headers */ 1832 case -9841: 1833 if(data->set.str[STRING_SSL_CAFILE]) { 1834 int res = verify_cert(data->set.str[STRING_SSL_CAFILE], data, 1835 connssl->ssl_ctx); 1836 if(res != CURLE_OK) 1837 return res; 1838 } 1839 /* the documentation says we need to call SSLHandshake() again */ 1840 return darwinssl_connect_step2(conn, sockindex); 1841 1842 /* These are all certificate problems with the server: */ 1843 case errSSLXCertChainInvalid: 1844 failf(data, "SSL certificate problem: Invalid certificate chain"); 1845 return CURLE_SSL_CACERT; 1846 case errSSLUnknownRootCert: 1847 failf(data, "SSL certificate problem: Untrusted root certificate"); 1848 return CURLE_SSL_CACERT; 1849 case errSSLNoRootCert: 1850 failf(data, "SSL certificate problem: No root certificate"); 1851 return CURLE_SSL_CACERT; 1852 case errSSLCertExpired: 1853 failf(data, "SSL certificate problem: Certificate chain had an " 1854 "expired certificate"); 1855 return CURLE_SSL_CACERT; 1856 case errSSLBadCert: 1857 failf(data, "SSL certificate problem: Couldn't understand the server " 1858 "certificate format"); 1859 return CURLE_SSL_CONNECT_ERROR; 1860 1861 /* These are all certificate problems with the client: */ 1862 case errSecAuthFailed: 1863 failf(data, "SSL authentication failed"); 1864 return CURLE_SSL_CONNECT_ERROR; 1865 case errSSLPeerHandshakeFail: 1866 failf(data, "SSL peer handshake failed, the server most likely " 1867 "requires a client certificate to connect"); 1868 return CURLE_SSL_CONNECT_ERROR; 1869 case errSSLPeerUnknownCA: 1870 failf(data, "SSL server rejected the client certificate due to " 1871 "the certificate being signed by an unknown certificate " 1872 "authority"); 1873 return CURLE_SSL_CONNECT_ERROR; 1874 1875 /* This error is raised if the server's cert didn't match the server's 1876 host name: */ 1877 case errSSLHostNameMismatch: 1878 failf(data, "SSL certificate peer verification failed, the " 1879 "certificate did not match \"%s\"\n", conn->host.dispname); 1880 return CURLE_PEER_FAILED_VERIFICATION; 1881 1882 /* Generic handshake errors: */ 1883 case errSSLConnectionRefused: 1884 failf(data, "Server dropped the connection during the SSL handshake"); 1885 return CURLE_SSL_CONNECT_ERROR; 1886 case errSSLClosedAbort: 1887 failf(data, "Server aborted the SSL handshake"); 1888 return CURLE_SSL_CONNECT_ERROR; 1889 case errSSLNegotiation: 1890 failf(data, "Could not negotiate an SSL cipher suite with the server"); 1891 return CURLE_SSL_CONNECT_ERROR; 1892 /* Sometimes paramErr happens with buggy ciphers: */ 1893 case paramErr: case errSSLInternal: 1894 failf(data, "Internal SSL engine error encountered during the " 1895 "SSL handshake"); 1896 return CURLE_SSL_CONNECT_ERROR; 1897 case errSSLFatalAlert: 1898 failf(data, "Fatal SSL engine error encountered during the SSL " 1899 "handshake"); 1900 return CURLE_SSL_CONNECT_ERROR; 1901 default: 1902 failf(data, "Unknown SSL protocol error in connection to %s:%d", 1903 conn->host.name, err); 1904 return CURLE_SSL_CONNECT_ERROR; 1905 } 1906 } 1907 else { 1908 /* we have been connected fine, we're not waiting for anything else. */ 1909 connssl->connecting_state = ssl_connect_3; 1910 1911 /* Informational message */ 1912 (void)SSLGetNegotiatedCipher(connssl->ssl_ctx, &cipher); 1913 (void)SSLGetNegotiatedProtocolVersion(connssl->ssl_ctx, &protocol); 1914 switch (protocol) { 1915 case kSSLProtocol2: 1916 infof(data, "SSL 2.0 connection using %s\n", 1917 SSLCipherNameForNumber(cipher)); 1918 break; 1919 case kSSLProtocol3: 1920 infof(data, "SSL 3.0 connection using %s\n", 1921 SSLCipherNameForNumber(cipher)); 1922 break; 1923 case kTLSProtocol1: 1924 infof(data, "TLS 1.0 connection using %s\n", 1925 TLSCipherNameForNumber(cipher)); 1926 break; 1927#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS 1928 case kTLSProtocol11: 1929 infof(data, "TLS 1.1 connection using %s\n", 1930 TLSCipherNameForNumber(cipher)); 1931 break; 1932 case kTLSProtocol12: 1933 infof(data, "TLS 1.2 connection using %s\n", 1934 TLSCipherNameForNumber(cipher)); 1935 break; 1936#endif 1937 default: 1938 infof(data, "Unknown protocol connection\n"); 1939 break; 1940 } 1941 1942 return CURLE_OK; 1943 } 1944} 1945 1946static CURLcode 1947darwinssl_connect_step3(struct connectdata *conn, 1948 int sockindex) 1949{ 1950 struct SessionHandle *data = conn->data; 1951 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 1952 CFStringRef server_cert_summary; 1953 char server_cert_summary_c[128]; 1954 CFArrayRef server_certs = NULL; 1955 SecCertificateRef server_cert; 1956 OSStatus err; 1957 CFIndex i, count; 1958 SecTrustRef trust = NULL; 1959 1960 /* There is no step 3! 1961 * Well, okay, if verbose mode is on, let's print the details of the 1962 * server certificates. */ 1963#if CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS 1964#if CURL_BUILD_IOS 1965#pragma unused(server_certs) 1966 err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust); 1967 /* For some reason, SSLCopyPeerTrust() can return noErr and yet return 1968 a null trust, so be on guard for that: */ 1969 if(err == noErr && trust) { 1970 count = SecTrustGetCertificateCount(trust); 1971 for(i = 0L ; i < count ; i++) { 1972 server_cert = SecTrustGetCertificateAtIndex(trust, i); 1973 server_cert_summary = CopyCertSubject(server_cert); 1974 memset(server_cert_summary_c, 0, 128); 1975 if(CFStringGetCString(server_cert_summary, 1976 server_cert_summary_c, 1977 128, 1978 kCFStringEncodingUTF8)) { 1979 infof(data, "Server certificate: %s\n", server_cert_summary_c); 1980 } 1981 CFRelease(server_cert_summary); 1982 } 1983 CFRelease(trust); 1984 } 1985#else 1986 /* SSLCopyPeerCertificates() is deprecated as of Mountain Lion. 1987 The function SecTrustGetCertificateAtIndex() is officially present 1988 in Lion, but it is unfortunately also present in Snow Leopard as 1989 private API and doesn't work as expected. So we have to look for 1990 a different symbol to make sure this code is only executed under 1991 Lion or later. */ 1992 if(SecTrustEvaluateAsync != NULL) { 1993#pragma unused(server_certs) 1994 err = SSLCopyPeerTrust(connssl->ssl_ctx, &trust); 1995 /* For some reason, SSLCopyPeerTrust() can return noErr and yet return 1996 a null trust, so be on guard for that: */ 1997 if(err == noErr && trust) { 1998 count = SecTrustGetCertificateCount(trust); 1999 for(i = 0L ; i < count ; i++) { 2000 server_cert = SecTrustGetCertificateAtIndex(trust, i); 2001 server_cert_summary = CopyCertSubject(server_cert); 2002 memset(server_cert_summary_c, 0, 128); 2003 if(CFStringGetCString(server_cert_summary, 2004 server_cert_summary_c, 2005 128, 2006 kCFStringEncodingUTF8)) { 2007 infof(data, "Server certificate: %s\n", server_cert_summary_c); 2008 } 2009 CFRelease(server_cert_summary); 2010 } 2011 CFRelease(trust); 2012 } 2013 } 2014 else { 2015#if CURL_SUPPORT_MAC_10_8 2016 err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs); 2017 /* Just in case SSLCopyPeerCertificates() returns null too... */ 2018 if(err == noErr && server_certs) { 2019 count = CFArrayGetCount(server_certs); 2020 for(i = 0L ; i < count ; i++) { 2021 server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs, 2022 i); 2023 2024 server_cert_summary = CopyCertSubject(server_cert); 2025 memset(server_cert_summary_c, 0, 128); 2026 if(CFStringGetCString(server_cert_summary, 2027 server_cert_summary_c, 2028 128, 2029 kCFStringEncodingUTF8)) { 2030 infof(data, "Server certificate: %s\n", server_cert_summary_c); 2031 } 2032 CFRelease(server_cert_summary); 2033 } 2034 CFRelease(server_certs); 2035 } 2036#endif /* CURL_SUPPORT_MAC_10_8 */ 2037 } 2038#endif /* CURL_BUILD_IOS */ 2039#else 2040#pragma unused(trust) 2041 err = SSLCopyPeerCertificates(connssl->ssl_ctx, &server_certs); 2042 if(err == noErr) { 2043 count = CFArrayGetCount(server_certs); 2044 for(i = 0L ; i < count ; i++) { 2045 server_cert = (SecCertificateRef)CFArrayGetValueAtIndex(server_certs, i); 2046 server_cert_summary = CopyCertSubject(server_cert); 2047 memset(server_cert_summary_c, 0, 128); 2048 if(CFStringGetCString(server_cert_summary, 2049 server_cert_summary_c, 2050 128, 2051 kCFStringEncodingUTF8)) { 2052 infof(data, "Server certificate: %s\n", server_cert_summary_c); 2053 } 2054 CFRelease(server_cert_summary); 2055 } 2056 CFRelease(server_certs); 2057 } 2058#endif /* CURL_BUILD_MAC_10_7 || CURL_BUILD_IOS */ 2059 2060 connssl->connecting_state = ssl_connect_done; 2061 return CURLE_OK; 2062} 2063 2064static Curl_recv darwinssl_recv; 2065static Curl_send darwinssl_send; 2066 2067static CURLcode 2068darwinssl_connect_common(struct connectdata *conn, 2069 int sockindex, 2070 bool nonblocking, 2071 bool *done) 2072{ 2073 CURLcode retcode; 2074 struct SessionHandle *data = conn->data; 2075 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 2076 curl_socket_t sockfd = conn->sock[sockindex]; 2077 long timeout_ms; 2078 int what; 2079 2080 /* check if the connection has already been established */ 2081 if(ssl_connection_complete == connssl->state) { 2082 *done = TRUE; 2083 return CURLE_OK; 2084 } 2085 2086 if(ssl_connect_1==connssl->connecting_state) { 2087 /* Find out how much more time we're allowed */ 2088 timeout_ms = Curl_timeleft(data, NULL, TRUE); 2089 2090 if(timeout_ms < 0) { 2091 /* no need to continue if time already is up */ 2092 failf(data, "SSL connection timeout"); 2093 return CURLE_OPERATION_TIMEDOUT; 2094 } 2095 retcode = darwinssl_connect_step1(conn, sockindex); 2096 if(retcode) 2097 return retcode; 2098 } 2099 2100 while(ssl_connect_2 == connssl->connecting_state || 2101 ssl_connect_2_reading == connssl->connecting_state || 2102 ssl_connect_2_writing == connssl->connecting_state) { 2103 2104 /* check allowed time left */ 2105 timeout_ms = Curl_timeleft(data, NULL, TRUE); 2106 2107 if(timeout_ms < 0) { 2108 /* no need to continue if time already is up */ 2109 failf(data, "SSL connection timeout"); 2110 return CURLE_OPERATION_TIMEDOUT; 2111 } 2112 2113 /* if ssl is expecting something, check if it's available. */ 2114 if(connssl->connecting_state == ssl_connect_2_reading 2115 || connssl->connecting_state == ssl_connect_2_writing) { 2116 2117 curl_socket_t writefd = ssl_connect_2_writing == 2118 connssl->connecting_state?sockfd:CURL_SOCKET_BAD; 2119 curl_socket_t readfd = ssl_connect_2_reading == 2120 connssl->connecting_state?sockfd:CURL_SOCKET_BAD; 2121 2122 what = Curl_socket_ready(readfd, writefd, nonblocking?0:timeout_ms); 2123 if(what < 0) { 2124 /* fatal error */ 2125 failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO); 2126 return CURLE_SSL_CONNECT_ERROR; 2127 } 2128 else if(0 == what) { 2129 if(nonblocking) { 2130 *done = FALSE; 2131 return CURLE_OK; 2132 } 2133 else { 2134 /* timeout */ 2135 failf(data, "SSL connection timeout"); 2136 return CURLE_OPERATION_TIMEDOUT; 2137 } 2138 } 2139 /* socket is readable or writable */ 2140 } 2141 2142 /* Run transaction, and return to the caller if it failed or if this 2143 * connection is done nonblocking and this loop would execute again. This 2144 * permits the owner of a multi handle to abort a connection attempt 2145 * before step2 has completed while ensuring that a client using select() 2146 * or epoll() will always have a valid fdset to wait on. 2147 */ 2148 retcode = darwinssl_connect_step2(conn, sockindex); 2149 if(retcode || (nonblocking && 2150 (ssl_connect_2 == connssl->connecting_state || 2151 ssl_connect_2_reading == connssl->connecting_state || 2152 ssl_connect_2_writing == connssl->connecting_state))) 2153 return retcode; 2154 2155 } /* repeat step2 until all transactions are done. */ 2156 2157 2158 if(ssl_connect_3==connssl->connecting_state) { 2159 retcode = darwinssl_connect_step3(conn, sockindex); 2160 if(retcode) 2161 return retcode; 2162 } 2163 2164 if(ssl_connect_done==connssl->connecting_state) { 2165 connssl->state = ssl_connection_complete; 2166 conn->recv[sockindex] = darwinssl_recv; 2167 conn->send[sockindex] = darwinssl_send; 2168 *done = TRUE; 2169 } 2170 else 2171 *done = FALSE; 2172 2173 /* Reset our connect state machine */ 2174 connssl->connecting_state = ssl_connect_1; 2175 2176 return CURLE_OK; 2177} 2178 2179CURLcode 2180Curl_darwinssl_connect_nonblocking(struct connectdata *conn, 2181 int sockindex, 2182 bool *done) 2183{ 2184 return darwinssl_connect_common(conn, sockindex, TRUE, done); 2185} 2186 2187CURLcode 2188Curl_darwinssl_connect(struct connectdata *conn, 2189 int sockindex) 2190{ 2191 CURLcode retcode; 2192 bool done = FALSE; 2193 2194 retcode = darwinssl_connect_common(conn, sockindex, FALSE, &done); 2195 2196 if(retcode) 2197 return retcode; 2198 2199 DEBUGASSERT(done); 2200 2201 return CURLE_OK; 2202} 2203 2204void Curl_darwinssl_close(struct connectdata *conn, int sockindex) 2205{ 2206 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 2207 2208 if(connssl->ssl_ctx) { 2209 (void)SSLClose(connssl->ssl_ctx); 2210#if CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS 2211 if(SSLCreateContext != NULL) 2212 CFRelease(connssl->ssl_ctx); 2213#if CURL_SUPPORT_MAC_10_8 2214 else 2215 (void)SSLDisposeContext(connssl->ssl_ctx); 2216#endif /* CURL_SUPPORT_MAC_10_8 */ 2217#else 2218 (void)SSLDisposeContext(connssl->ssl_ctx); 2219#endif /* CURL_BUILD_MAC_10_8 || CURL_BUILD_IOS */ 2220 connssl->ssl_ctx = NULL; 2221 } 2222 connssl->ssl_sockfd = 0; 2223} 2224 2225void Curl_darwinssl_close_all(struct SessionHandle *data) 2226{ 2227 /* SecureTransport doesn't separate sessions from contexts, so... */ 2228 (void)data; 2229} 2230 2231int Curl_darwinssl_shutdown(struct connectdata *conn, int sockindex) 2232{ 2233 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 2234 struct SessionHandle *data = conn->data; 2235 ssize_t nread; 2236 int what; 2237 int rc; 2238 char buf[120]; 2239 2240 if(!connssl->ssl_ctx) 2241 return 0; 2242 2243 if(data->set.ftp_ccc != CURLFTPSSL_CCC_ACTIVE) 2244 return 0; 2245 2246 Curl_darwinssl_close(conn, sockindex); 2247 2248 rc = 0; 2249 2250 what = Curl_socket_ready(conn->sock[sockindex], 2251 CURL_SOCKET_BAD, SSL_SHUTDOWN_TIMEOUT); 2252 2253 for(;;) { 2254 if(what < 0) { 2255 /* anything that gets here is fatally bad */ 2256 failf(data, "select/poll on SSL socket, errno: %d", SOCKERRNO); 2257 rc = -1; 2258 break; 2259 } 2260 2261 if(!what) { /* timeout */ 2262 failf(data, "SSL shutdown timeout"); 2263 break; 2264 } 2265 2266 /* Something to read, let's do it and hope that it is the close 2267 notify alert from the server. No way to SSL_Read now, so use read(). */ 2268 2269 nread = read(conn->sock[sockindex], buf, sizeof(buf)); 2270 2271 if(nread < 0) { 2272 failf(data, "read: %s", strerror(errno)); 2273 rc = -1; 2274 } 2275 2276 if(nread <= 0) 2277 break; 2278 2279 what = Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, 0); 2280 } 2281 2282 return rc; 2283} 2284 2285void Curl_darwinssl_session_free(void *ptr) 2286{ 2287 /* ST, as of iOS 5 and Mountain Lion, has no public method of deleting a 2288 cached session ID inside the Security framework. There is a private 2289 function that does this, but I don't want to have to explain to you why I 2290 got your application rejected from the App Store due to the use of a 2291 private API, so the best we can do is free up our own char array that we 2292 created way back in darwinssl_connect_step1... */ 2293 Curl_safefree(ptr); 2294} 2295 2296size_t Curl_darwinssl_version(char *buffer, size_t size) 2297{ 2298 return snprintf(buffer, size, "SecureTransport"); 2299} 2300 2301/* 2302 * This function uses SSLGetSessionState to determine connection status. 2303 * 2304 * Return codes: 2305 * 1 means the connection is still in place 2306 * 0 means the connection has been closed 2307 * -1 means the connection status is unknown 2308 */ 2309int Curl_darwinssl_check_cxn(struct connectdata *conn) 2310{ 2311 struct ssl_connect_data *connssl = &conn->ssl[FIRSTSOCKET]; 2312 OSStatus err; 2313 SSLSessionState state; 2314 2315 if(connssl->ssl_ctx) { 2316 err = SSLGetSessionState(connssl->ssl_ctx, &state); 2317 if(err == noErr) 2318 return state == kSSLConnected || state == kSSLHandshake; 2319 return -1; 2320 } 2321 return 0; 2322} 2323 2324bool Curl_darwinssl_data_pending(const struct connectdata *conn, 2325 int connindex) 2326{ 2327 const struct ssl_connect_data *connssl = &conn->ssl[connindex]; 2328 OSStatus err; 2329 size_t buffer; 2330 2331 if(connssl->ssl_ctx) { /* SSL is in use */ 2332 err = SSLGetBufferedReadSize(connssl->ssl_ctx, &buffer); 2333 if(err == noErr) 2334 return buffer > 0UL; 2335 return false; 2336 } 2337 else 2338 return false; 2339} 2340 2341void Curl_darwinssl_random(struct SessionHandle *data, 2342 unsigned char *entropy, 2343 size_t length) 2344{ 2345 /* arc4random_buf() isn't available on cats older than Lion, so let's 2346 do this manually for the benefit of the older cats. */ 2347 size_t i; 2348 u_int32_t random_number = 0; 2349 2350 for(i = 0 ; i < length ; i++) { 2351 if(i % sizeof(u_int32_t) == 0) 2352 random_number = arc4random(); 2353 entropy[i] = random_number & 0xFF; 2354 random_number >>= 8; 2355 } 2356 i = random_number = 0; 2357 (void)data; 2358} 2359 2360void Curl_darwinssl_md5sum(unsigned char *tmp, /* input */ 2361 size_t tmplen, 2362 unsigned char *md5sum, /* output */ 2363 size_t md5len) 2364{ 2365 (void)md5len; 2366 (void)CC_MD5(tmp, (CC_LONG)tmplen, md5sum); 2367} 2368 2369static ssize_t darwinssl_send(struct connectdata *conn, 2370 int sockindex, 2371 const void *mem, 2372 size_t len, 2373 CURLcode *curlcode) 2374{ 2375 /*struct SessionHandle *data = conn->data;*/ 2376 struct ssl_connect_data *connssl = &conn->ssl[sockindex]; 2377 size_t processed = 0UL; 2378 OSStatus err; 2379 2380 /* The SSLWrite() function works a little differently than expected. The 2381 fourth argument (processed) is currently documented in Apple's 2382 documentation as: "On return, the length, in bytes, of the data actually 2383 written." 2384 2385 Now, one could interpret that as "written to the socket," but actually, 2386 it returns the amount of data that was written to a buffer internal to 2387 the SSLContextRef instead. So it's possible for SSLWrite() to return 2388 errSSLWouldBlock and a number of bytes "written" because those bytes were 2389 encrypted and written to a buffer, not to the socket. 2390 2391 So if this happens, then we need to keep calling SSLWrite() over and 2392 over again with no new data until it quits returning errSSLWouldBlock. */ 2393 2394 /* Do we have buffered data to write from the last time we were called? */ 2395 if(connssl->ssl_write_buffered_length) { 2396 /* Write the buffered data: */ 2397 err = SSLWrite(connssl->ssl_ctx, NULL, 0UL, &processed); 2398 switch (err) { 2399 case noErr: 2400 /* processed is always going to be 0 because we didn't write to 2401 the buffer, so return how much was written to the socket */ 2402 processed = connssl->ssl_write_buffered_length; 2403 connssl->ssl_write_buffered_length = 0UL; 2404 break; 2405 case errSSLWouldBlock: /* argh, try again */ 2406 *curlcode = CURLE_AGAIN; 2407 return -1L; 2408 default: 2409 failf(conn->data, "SSLWrite() returned error %d", err); 2410 *curlcode = CURLE_SEND_ERROR; 2411 return -1L; 2412 } 2413 } 2414 else { 2415 /* We've got new data to write: */ 2416 err = SSLWrite(connssl->ssl_ctx, mem, len, &processed); 2417 if(err != noErr) { 2418 switch (err) { 2419 case errSSLWouldBlock: 2420 /* Data was buffered but not sent, we have to tell the caller 2421 to try sending again, and remember how much was buffered */ 2422 connssl->ssl_write_buffered_length = len; 2423 *curlcode = CURLE_AGAIN; 2424 return -1L; 2425 default: 2426 failf(conn->data, "SSLWrite() returned error %d", err); 2427 *curlcode = CURLE_SEND_ERROR; 2428 return -1L; 2429 } 2430 } 2431 } 2432 return (ssize_t)processed; 2433} 2434 2435static ssize_t darwinssl_recv(struct connectdata *conn, 2436 int num, 2437 char *buf, 2438 size_t buffersize, 2439 CURLcode *curlcode) 2440{ 2441 /*struct SessionHandle *data = conn->data;*/ 2442 struct ssl_connect_data *connssl = &conn->ssl[num]; 2443 size_t processed = 0UL; 2444 OSStatus err = SSLRead(connssl->ssl_ctx, buf, buffersize, &processed); 2445 2446 if(err != noErr) { 2447 switch (err) { 2448 case errSSLWouldBlock: /* return how much we read (if anything) */ 2449 if(processed) 2450 return (ssize_t)processed; 2451 *curlcode = CURLE_AGAIN; 2452 return -1L; 2453 break; 2454 2455 /* errSSLClosedGraceful - server gracefully shut down the SSL session 2456 errSSLClosedNoNotify - server hung up on us instead of sending a 2457 closure alert notice, read() is returning 0 2458 Either way, inform the caller that the server disconnected. */ 2459 case errSSLClosedGraceful: 2460 case errSSLClosedNoNotify: 2461 *curlcode = CURLE_OK; 2462 return -1L; 2463 break; 2464 2465 default: 2466 failf(conn->data, "SSLRead() return error %d", err); 2467 *curlcode = CURLE_RECV_ERROR; 2468 return -1L; 2469 break; 2470 } 2471 } 2472 return (ssize_t)processed; 2473} 2474 2475#endif /* USE_DARWINSSL */ 2476