1/* 2 * Copyright 2012-2020 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10#include <stdio.h> 11#include "ssl_local.h" 12#include <openssl/conf.h> 13#include <openssl/objects.h> 14#include <openssl/dh.h> 15#include "internal/nelem.h" 16 17/* 18 * structure holding name tables. This is used for permitted elements in lists 19 * such as TLSv1. 20 */ 21 22typedef struct { 23 const char *name; 24 int namelen; 25 unsigned int name_flags; 26 unsigned long option_value; 27} ssl_flag_tbl; 28 29/* Switch table: use for single command line switches like no_tls2 */ 30typedef struct { 31 unsigned long option_value; 32 unsigned int name_flags; 33} ssl_switch_tbl; 34 35/* Sense of name is inverted e.g. "TLSv1" will clear SSL_OP_NO_TLSv1 */ 36#define SSL_TFLAG_INV 0x1 37/* Mask for type of flag referred to */ 38#define SSL_TFLAG_TYPE_MASK 0xf00 39/* Flag is for options */ 40#define SSL_TFLAG_OPTION 0x000 41/* Flag is for cert_flags */ 42#define SSL_TFLAG_CERT 0x100 43/* Flag is for verify mode */ 44#define SSL_TFLAG_VFY 0x200 45/* Option can only be used for clients */ 46#define SSL_TFLAG_CLIENT SSL_CONF_FLAG_CLIENT 47/* Option can only be used for servers */ 48#define SSL_TFLAG_SERVER SSL_CONF_FLAG_SERVER 49#define SSL_TFLAG_BOTH (SSL_TFLAG_CLIENT|SSL_TFLAG_SERVER) 50 51#define SSL_FLAG_TBL(str, flag) \ 52 {str, (int)(sizeof(str) - 1), SSL_TFLAG_BOTH, flag} 53#define SSL_FLAG_TBL_SRV(str, flag) \ 54 {str, (int)(sizeof(str) - 1), SSL_TFLAG_SERVER, flag} 55#define SSL_FLAG_TBL_CLI(str, flag) \ 56 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CLIENT, flag} 57#define SSL_FLAG_TBL_INV(str, flag) \ 58 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_BOTH, flag} 59#define SSL_FLAG_TBL_SRV_INV(str, flag) \ 60 {str, (int)(sizeof(str) - 1), SSL_TFLAG_INV|SSL_TFLAG_SERVER, flag} 61#define SSL_FLAG_TBL_CERT(str, flag) \ 62 {str, (int)(sizeof(str) - 1), SSL_TFLAG_CERT|SSL_TFLAG_BOTH, flag} 63 64#define SSL_FLAG_VFY_CLI(str, flag) \ 65 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_CLIENT, flag} 66#define SSL_FLAG_VFY_SRV(str, flag) \ 67 {str, (int)(sizeof(str) - 1), SSL_TFLAG_VFY | SSL_TFLAG_SERVER, flag} 68 69/* 70 * Opaque structure containing SSL configuration context. 71 */ 72 73struct ssl_conf_ctx_st { 74 /* 75 * Various flags indicating (among other things) which options we will 76 * recognise. 77 */ 78 unsigned int flags; 79 /* Prefix and length of commands */ 80 char *prefix; 81 size_t prefixlen; 82 /* SSL_CTX or SSL structure to perform operations on */ 83 SSL_CTX *ctx; 84 SSL *ssl; 85 /* Pointer to SSL or SSL_CTX options field or NULL if none */ 86 uint32_t *poptions; 87 /* Certificate filenames for each type */ 88 char *cert_filename[SSL_PKEY_NUM]; 89 /* Pointer to SSL or SSL_CTX cert_flags or NULL if none */ 90 uint32_t *pcert_flags; 91 /* Pointer to SSL or SSL_CTX verify_mode or NULL if none */ 92 uint32_t *pvfy_flags; 93 /* Pointer to SSL or SSL_CTX min_version field or NULL if none */ 94 int *min_version; 95 /* Pointer to SSL or SSL_CTX max_version field or NULL if none */ 96 int *max_version; 97 /* Current flag table being worked on */ 98 const ssl_flag_tbl *tbl; 99 /* Size of table */ 100 size_t ntbl; 101 /* Client CA names */ 102 STACK_OF(X509_NAME) *canames; 103}; 104 105static void ssl_set_option(SSL_CONF_CTX *cctx, unsigned int name_flags, 106 unsigned long option_value, int onoff) 107{ 108 uint32_t *pflags; 109 if (cctx->poptions == NULL) 110 return; 111 if (name_flags & SSL_TFLAG_INV) 112 onoff ^= 1; 113 switch (name_flags & SSL_TFLAG_TYPE_MASK) { 114 115 case SSL_TFLAG_CERT: 116 pflags = cctx->pcert_flags; 117 break; 118 119 case SSL_TFLAG_VFY: 120 pflags = cctx->pvfy_flags; 121 break; 122 123 case SSL_TFLAG_OPTION: 124 pflags = cctx->poptions; 125 break; 126 127 default: 128 return; 129 130 } 131 if (onoff) 132 *pflags |= option_value; 133 else 134 *pflags &= ~option_value; 135} 136 137static int ssl_match_option(SSL_CONF_CTX *cctx, const ssl_flag_tbl *tbl, 138 const char *name, int namelen, int onoff) 139{ 140 /* If name not relevant for context skip */ 141 if (!(cctx->flags & tbl->name_flags & SSL_TFLAG_BOTH)) 142 return 0; 143 if (namelen == -1) { 144 if (strcmp(tbl->name, name)) 145 return 0; 146 } else if (tbl->namelen != namelen || strncasecmp(tbl->name, name, namelen)) 147 return 0; 148 ssl_set_option(cctx, tbl->name_flags, tbl->option_value, onoff); 149 return 1; 150} 151 152static int ssl_set_option_list(const char *elem, int len, void *usr) 153{ 154 SSL_CONF_CTX *cctx = usr; 155 size_t i; 156 const ssl_flag_tbl *tbl; 157 int onoff = 1; 158 /* 159 * len == -1 indicates not being called in list context, just for single 160 * command line switches, so don't allow +, -. 161 */ 162 if (elem == NULL) 163 return 0; 164 if (len != -1) { 165 if (*elem == '+') { 166 elem++; 167 len--; 168 onoff = 1; 169 } else if (*elem == '-') { 170 elem++; 171 len--; 172 onoff = 0; 173 } 174 } 175 for (i = 0, tbl = cctx->tbl; i < cctx->ntbl; i++, tbl++) { 176 if (ssl_match_option(cctx, tbl, elem, len, onoff)) 177 return 1; 178 } 179 return 0; 180} 181 182/* Set supported signature algorithms */ 183static int cmd_SignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 184{ 185 int rv; 186 if (cctx->ssl) 187 rv = SSL_set1_sigalgs_list(cctx->ssl, value); 188 /* NB: ctx == NULL performs syntax checking only */ 189 else 190 rv = SSL_CTX_set1_sigalgs_list(cctx->ctx, value); 191 return rv > 0; 192} 193 194/* Set supported client signature algorithms */ 195static int cmd_ClientSignatureAlgorithms(SSL_CONF_CTX *cctx, const char *value) 196{ 197 int rv; 198 if (cctx->ssl) 199 rv = SSL_set1_client_sigalgs_list(cctx->ssl, value); 200 /* NB: ctx == NULL performs syntax checking only */ 201 else 202 rv = SSL_CTX_set1_client_sigalgs_list(cctx->ctx, value); 203 return rv > 0; 204} 205 206static int cmd_Groups(SSL_CONF_CTX *cctx, const char *value) 207{ 208 int rv; 209 if (cctx->ssl) 210 rv = SSL_set1_groups_list(cctx->ssl, value); 211 /* NB: ctx == NULL performs syntax checking only */ 212 else 213 rv = SSL_CTX_set1_groups_list(cctx->ctx, value); 214 return rv > 0; 215} 216 217/* This is the old name for cmd_Groups - retained for backwards compatibility */ 218static int cmd_Curves(SSL_CONF_CTX *cctx, const char *value) 219{ 220 return cmd_Groups(cctx, value); 221} 222 223#ifndef OPENSSL_NO_EC 224/* ECDH temporary parameters */ 225static int cmd_ECDHParameters(SSL_CONF_CTX *cctx, const char *value) 226{ 227 int rv = 1; 228 EC_KEY *ecdh; 229 int nid; 230 231 /* Ignore values supported by 1.0.2 for the automatic selection */ 232 if ((cctx->flags & SSL_CONF_FLAG_FILE) 233 && (strcasecmp(value, "+automatic") == 0 234 || strcasecmp(value, "automatic") == 0)) 235 return 1; 236 if ((cctx->flags & SSL_CONF_FLAG_CMDLINE) && 237 strcmp(value, "auto") == 0) 238 return 1; 239 240 nid = EC_curve_nist2nid(value); 241 if (nid == NID_undef) 242 nid = OBJ_sn2nid(value); 243 if (nid == 0) 244 return 0; 245 ecdh = EC_KEY_new_by_curve_name(nid); 246 if (!ecdh) 247 return 0; 248 if (cctx->ctx) 249 rv = SSL_CTX_set_tmp_ecdh(cctx->ctx, ecdh); 250 else if (cctx->ssl) 251 rv = SSL_set_tmp_ecdh(cctx->ssl, ecdh); 252 EC_KEY_free(ecdh); 253 254 return rv > 0; 255} 256#endif 257static int cmd_CipherString(SSL_CONF_CTX *cctx, const char *value) 258{ 259 int rv = 1; 260 261 if (cctx->ctx) 262 rv = SSL_CTX_set_cipher_list(cctx->ctx, value); 263 if (cctx->ssl) 264 rv = SSL_set_cipher_list(cctx->ssl, value); 265 return rv > 0; 266} 267 268static int cmd_Ciphersuites(SSL_CONF_CTX *cctx, const char *value) 269{ 270 int rv = 1; 271 272 if (cctx->ctx) 273 rv = SSL_CTX_set_ciphersuites(cctx->ctx, value); 274 if (cctx->ssl) 275 rv = SSL_set_ciphersuites(cctx->ssl, value); 276 return rv > 0; 277} 278 279static int cmd_Protocol(SSL_CONF_CTX *cctx, const char *value) 280{ 281 static const ssl_flag_tbl ssl_protocol_list[] = { 282 SSL_FLAG_TBL_INV("ALL", SSL_OP_NO_SSL_MASK), 283 SSL_FLAG_TBL_INV("SSLv2", SSL_OP_NO_SSLv2), 284 SSL_FLAG_TBL_INV("SSLv3", SSL_OP_NO_SSLv3), 285 SSL_FLAG_TBL_INV("TLSv1", SSL_OP_NO_TLSv1), 286 SSL_FLAG_TBL_INV("TLSv1.1", SSL_OP_NO_TLSv1_1), 287 SSL_FLAG_TBL_INV("TLSv1.2", SSL_OP_NO_TLSv1_2), 288 SSL_FLAG_TBL_INV("TLSv1.3", SSL_OP_NO_TLSv1_3), 289 SSL_FLAG_TBL_INV("DTLSv1", SSL_OP_NO_DTLSv1), 290 SSL_FLAG_TBL_INV("DTLSv1.2", SSL_OP_NO_DTLSv1_2) 291 }; 292 cctx->tbl = ssl_protocol_list; 293 cctx->ntbl = OSSL_NELEM(ssl_protocol_list); 294 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 295} 296 297/* 298 * protocol_from_string - converts a protocol version string to a number 299 * 300 * Returns -1 on failure or the version on success 301 */ 302static int protocol_from_string(const char *value) 303{ 304 struct protocol_versions { 305 const char *name; 306 int version; 307 }; 308 /* 309 * Note: To avoid breaking previously valid configurations, we must retain 310 * legacy entries in this table even if the underlying protocol is no 311 * longer supported. This also means that the constants SSL3_VERSION, ... 312 * need to be retained indefinitely. This table can only grow, never 313 * shrink. 314 */ 315 static const struct protocol_versions versions[] = { 316 {"None", 0}, 317 {"SSLv3", SSL3_VERSION}, 318 {"TLSv1", TLS1_VERSION}, 319 {"TLSv1.1", TLS1_1_VERSION}, 320 {"TLSv1.2", TLS1_2_VERSION}, 321 {"TLSv1.3", TLS1_3_VERSION}, 322 {"DTLSv1", DTLS1_VERSION}, 323 {"DTLSv1.2", DTLS1_2_VERSION} 324 }; 325 size_t i; 326 size_t n = OSSL_NELEM(versions); 327 328 for (i = 0; i < n; i++) 329 if (strcmp(versions[i].name, value) == 0) 330 return versions[i].version; 331 return -1; 332} 333 334static int min_max_proto(SSL_CONF_CTX *cctx, const char *value, int *bound) 335{ 336 int method_version; 337 int new_version; 338 339 if (cctx->ctx != NULL) 340 method_version = cctx->ctx->method->version; 341 else if (cctx->ssl != NULL) 342 method_version = cctx->ssl->ctx->method->version; 343 else 344 return 0; 345 if ((new_version = protocol_from_string(value)) < 0) 346 return 0; 347 return ssl_set_version_bound(method_version, new_version, bound); 348} 349 350/* 351 * cmd_MinProtocol - Set min protocol version 352 * @cctx: config structure to save settings in 353 * @value: The min protocol version in string form 354 * 355 * Returns 1 on success and 0 on failure. 356 */ 357static int cmd_MinProtocol(SSL_CONF_CTX *cctx, const char *value) 358{ 359 return min_max_proto(cctx, value, cctx->min_version); 360} 361 362/* 363 * cmd_MaxProtocol - Set max protocol version 364 * @cctx: config structure to save settings in 365 * @value: The max protocol version in string form 366 * 367 * Returns 1 on success and 0 on failure. 368 */ 369static int cmd_MaxProtocol(SSL_CONF_CTX *cctx, const char *value) 370{ 371 return min_max_proto(cctx, value, cctx->max_version); 372} 373 374static int cmd_Options(SSL_CONF_CTX *cctx, const char *value) 375{ 376 static const ssl_flag_tbl ssl_option_list[] = { 377 SSL_FLAG_TBL_INV("SessionTicket", SSL_OP_NO_TICKET), 378 SSL_FLAG_TBL_INV("EmptyFragments", 379 SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS), 380 SSL_FLAG_TBL("Bugs", SSL_OP_ALL), 381 SSL_FLAG_TBL_INV("Compression", SSL_OP_NO_COMPRESSION), 382 SSL_FLAG_TBL_SRV("ServerPreference", SSL_OP_CIPHER_SERVER_PREFERENCE), 383 SSL_FLAG_TBL_SRV("NoResumptionOnRenegotiation", 384 SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION), 385 SSL_FLAG_TBL_SRV("DHSingle", SSL_OP_SINGLE_DH_USE), 386 SSL_FLAG_TBL_SRV("ECDHSingle", SSL_OP_SINGLE_ECDH_USE), 387 SSL_FLAG_TBL("UnsafeLegacyRenegotiation", 388 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION), 389 SSL_FLAG_TBL_INV("EncryptThenMac", SSL_OP_NO_ENCRYPT_THEN_MAC), 390 SSL_FLAG_TBL("NoRenegotiation", SSL_OP_NO_RENEGOTIATION), 391 SSL_FLAG_TBL("AllowNoDHEKEX", SSL_OP_ALLOW_NO_DHE_KEX), 392 SSL_FLAG_TBL("PrioritizeChaCha", SSL_OP_PRIORITIZE_CHACHA), 393 SSL_FLAG_TBL("MiddleboxCompat", SSL_OP_ENABLE_MIDDLEBOX_COMPAT), 394 SSL_FLAG_TBL_INV("AntiReplay", SSL_OP_NO_ANTI_REPLAY) 395 }; 396 if (value == NULL) 397 return -3; 398 cctx->tbl = ssl_option_list; 399 cctx->ntbl = OSSL_NELEM(ssl_option_list); 400 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 401} 402 403static int cmd_VerifyMode(SSL_CONF_CTX *cctx, const char *value) 404{ 405 static const ssl_flag_tbl ssl_vfy_list[] = { 406 SSL_FLAG_VFY_CLI("Peer", SSL_VERIFY_PEER), 407 SSL_FLAG_VFY_SRV("Request", SSL_VERIFY_PEER), 408 SSL_FLAG_VFY_SRV("Require", 409 SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 410 SSL_FLAG_VFY_SRV("Once", SSL_VERIFY_PEER | SSL_VERIFY_CLIENT_ONCE), 411 SSL_FLAG_VFY_SRV("RequestPostHandshake", 412 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE), 413 SSL_FLAG_VFY_SRV("RequirePostHandshake", 414 SSL_VERIFY_PEER | SSL_VERIFY_POST_HANDSHAKE | 415 SSL_VERIFY_FAIL_IF_NO_PEER_CERT), 416 }; 417 if (value == NULL) 418 return -3; 419 cctx->tbl = ssl_vfy_list; 420 cctx->ntbl = OSSL_NELEM(ssl_vfy_list); 421 return CONF_parse_list(value, ',', 1, ssl_set_option_list, cctx); 422} 423 424static int cmd_Certificate(SSL_CONF_CTX *cctx, const char *value) 425{ 426 int rv = 1; 427 CERT *c = NULL; 428 if (cctx->ctx) { 429 rv = SSL_CTX_use_certificate_chain_file(cctx->ctx, value); 430 c = cctx->ctx->cert; 431 } 432 if (cctx->ssl) { 433 rv = SSL_use_certificate_chain_file(cctx->ssl, value); 434 c = cctx->ssl->cert; 435 } 436 if (rv > 0 && c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 437 char **pfilename = &cctx->cert_filename[c->key - c->pkeys]; 438 OPENSSL_free(*pfilename); 439 *pfilename = OPENSSL_strdup(value); 440 if (!*pfilename) 441 rv = 0; 442 } 443 444 return rv > 0; 445} 446 447static int cmd_PrivateKey(SSL_CONF_CTX *cctx, const char *value) 448{ 449 int rv = 1; 450 if (!(cctx->flags & SSL_CONF_FLAG_CERTIFICATE)) 451 return -2; 452 if (cctx->ctx) 453 rv = SSL_CTX_use_PrivateKey_file(cctx->ctx, value, SSL_FILETYPE_PEM); 454 if (cctx->ssl) 455 rv = SSL_use_PrivateKey_file(cctx->ssl, value, SSL_FILETYPE_PEM); 456 return rv > 0; 457} 458 459static int cmd_ServerInfoFile(SSL_CONF_CTX *cctx, const char *value) 460{ 461 int rv = 1; 462 if (cctx->ctx) 463 rv = SSL_CTX_use_serverinfo_file(cctx->ctx, value); 464 return rv > 0; 465} 466 467static int do_store(SSL_CONF_CTX *cctx, 468 const char *CAfile, const char *CApath, int verify_store) 469{ 470 CERT *cert; 471 X509_STORE **st; 472 if (cctx->ctx) 473 cert = cctx->ctx->cert; 474 else if (cctx->ssl) 475 cert = cctx->ssl->cert; 476 else 477 return 1; 478 st = verify_store ? &cert->verify_store : &cert->chain_store; 479 if (*st == NULL) { 480 *st = X509_STORE_new(); 481 if (*st == NULL) 482 return 0; 483 } 484 return X509_STORE_load_locations(*st, CAfile, CApath) > 0; 485} 486 487static int cmd_ChainCAPath(SSL_CONF_CTX *cctx, const char *value) 488{ 489 return do_store(cctx, NULL, value, 0); 490} 491 492static int cmd_ChainCAFile(SSL_CONF_CTX *cctx, const char *value) 493{ 494 return do_store(cctx, value, NULL, 0); 495} 496 497static int cmd_VerifyCAPath(SSL_CONF_CTX *cctx, const char *value) 498{ 499 return do_store(cctx, NULL, value, 1); 500} 501 502static int cmd_VerifyCAFile(SSL_CONF_CTX *cctx, const char *value) 503{ 504 return do_store(cctx, value, NULL, 1); 505} 506 507static int cmd_RequestCAFile(SSL_CONF_CTX *cctx, const char *value) 508{ 509 if (cctx->canames == NULL) 510 cctx->canames = sk_X509_NAME_new_null(); 511 if (cctx->canames == NULL) 512 return 0; 513 return SSL_add_file_cert_subjects_to_stack(cctx->canames, value); 514} 515 516static int cmd_ClientCAFile(SSL_CONF_CTX *cctx, const char *value) 517{ 518 return cmd_RequestCAFile(cctx, value); 519} 520 521static int cmd_RequestCAPath(SSL_CONF_CTX *cctx, const char *value) 522{ 523 if (cctx->canames == NULL) 524 cctx->canames = sk_X509_NAME_new_null(); 525 if (cctx->canames == NULL) 526 return 0; 527 return SSL_add_dir_cert_subjects_to_stack(cctx->canames, value); 528} 529 530static int cmd_ClientCAPath(SSL_CONF_CTX *cctx, const char *value) 531{ 532 return cmd_RequestCAPath(cctx, value); 533} 534 535#ifndef OPENSSL_NO_DH 536static int cmd_DHParameters(SSL_CONF_CTX *cctx, const char *value) 537{ 538 int rv = 0; 539 DH *dh = NULL; 540 BIO *in = NULL; 541 if (cctx->ctx || cctx->ssl) { 542 in = BIO_new(BIO_s_file()); 543 if (in == NULL) 544 goto end; 545 if (BIO_read_filename(in, value) <= 0) 546 goto end; 547 dh = PEM_read_bio_DHparams(in, NULL, NULL, NULL); 548 if (dh == NULL) 549 goto end; 550 } else 551 return 1; 552 if (cctx->ctx) 553 rv = SSL_CTX_set_tmp_dh(cctx->ctx, dh); 554 if (cctx->ssl) 555 rv = SSL_set_tmp_dh(cctx->ssl, dh); 556 end: 557 DH_free(dh); 558 BIO_free(in); 559 return rv > 0; 560} 561#endif 562 563static int cmd_RecordPadding(SSL_CONF_CTX *cctx, const char *value) 564{ 565 int rv = 0; 566 int block_size = atoi(value); 567 568 /* 569 * All we care about is a non-negative value, 570 * the setters check the range 571 */ 572 if (block_size >= 0) { 573 if (cctx->ctx) 574 rv = SSL_CTX_set_block_padding(cctx->ctx, block_size); 575 if (cctx->ssl) 576 rv = SSL_set_block_padding(cctx->ssl, block_size); 577 } 578 return rv; 579} 580 581 582static int cmd_NumTickets(SSL_CONF_CTX *cctx, const char *value) 583{ 584 int rv = 0; 585 int num_tickets = atoi(value); 586 587 if (num_tickets >= 0) { 588 if (cctx->ctx) 589 rv = SSL_CTX_set_num_tickets(cctx->ctx, num_tickets); 590 if (cctx->ssl) 591 rv = SSL_set_num_tickets(cctx->ssl, num_tickets); 592 } 593 return rv; 594} 595 596typedef struct { 597 int (*cmd) (SSL_CONF_CTX *cctx, const char *value); 598 const char *str_file; 599 const char *str_cmdline; 600 unsigned short flags; 601 unsigned short value_type; 602} ssl_conf_cmd_tbl; 603 604/* Table of supported parameters */ 605 606#define SSL_CONF_CMD(name, cmdopt, flags, type) \ 607 {cmd_##name, #name, cmdopt, flags, type} 608 609#define SSL_CONF_CMD_STRING(name, cmdopt, flags) \ 610 SSL_CONF_CMD(name, cmdopt, flags, SSL_CONF_TYPE_STRING) 611 612#define SSL_CONF_CMD_SWITCH(name, flags) \ 613 {0, NULL, name, flags, SSL_CONF_TYPE_NONE} 614 615/* See apps/apps.h if you change this table. */ 616static const ssl_conf_cmd_tbl ssl_conf_cmds[] = { 617 SSL_CONF_CMD_SWITCH("no_ssl3", 0), 618 SSL_CONF_CMD_SWITCH("no_tls1", 0), 619 SSL_CONF_CMD_SWITCH("no_tls1_1", 0), 620 SSL_CONF_CMD_SWITCH("no_tls1_2", 0), 621 SSL_CONF_CMD_SWITCH("no_tls1_3", 0), 622 SSL_CONF_CMD_SWITCH("bugs", 0), 623 SSL_CONF_CMD_SWITCH("no_comp", 0), 624 SSL_CONF_CMD_SWITCH("comp", 0), 625 SSL_CONF_CMD_SWITCH("ecdh_single", SSL_CONF_FLAG_SERVER), 626 SSL_CONF_CMD_SWITCH("no_ticket", 0), 627 SSL_CONF_CMD_SWITCH("serverpref", SSL_CONF_FLAG_SERVER), 628 SSL_CONF_CMD_SWITCH("legacy_renegotiation", 0), 629 SSL_CONF_CMD_SWITCH("legacy_server_connect", SSL_CONF_FLAG_SERVER), 630 SSL_CONF_CMD_SWITCH("no_renegotiation", 0), 631 SSL_CONF_CMD_SWITCH("no_resumption_on_reneg", SSL_CONF_FLAG_SERVER), 632 SSL_CONF_CMD_SWITCH("no_legacy_server_connect", SSL_CONF_FLAG_SERVER), 633 SSL_CONF_CMD_SWITCH("allow_no_dhe_kex", 0), 634 SSL_CONF_CMD_SWITCH("prioritize_chacha", SSL_CONF_FLAG_SERVER), 635 SSL_CONF_CMD_SWITCH("strict", 0), 636 SSL_CONF_CMD_SWITCH("no_middlebox", 0), 637 SSL_CONF_CMD_SWITCH("anti_replay", SSL_CONF_FLAG_SERVER), 638 SSL_CONF_CMD_SWITCH("no_anti_replay", SSL_CONF_FLAG_SERVER), 639 SSL_CONF_CMD_STRING(SignatureAlgorithms, "sigalgs", 0), 640 SSL_CONF_CMD_STRING(ClientSignatureAlgorithms, "client_sigalgs", 0), 641 SSL_CONF_CMD_STRING(Curves, "curves", 0), 642 SSL_CONF_CMD_STRING(Groups, "groups", 0), 643#ifndef OPENSSL_NO_EC 644 SSL_CONF_CMD_STRING(ECDHParameters, "named_curve", SSL_CONF_FLAG_SERVER), 645#endif 646 SSL_CONF_CMD_STRING(CipherString, "cipher", 0), 647 SSL_CONF_CMD_STRING(Ciphersuites, "ciphersuites", 0), 648 SSL_CONF_CMD_STRING(Protocol, NULL, 0), 649 SSL_CONF_CMD_STRING(MinProtocol, "min_protocol", 0), 650 SSL_CONF_CMD_STRING(MaxProtocol, "max_protocol", 0), 651 SSL_CONF_CMD_STRING(Options, NULL, 0), 652 SSL_CONF_CMD_STRING(VerifyMode, NULL, 0), 653 SSL_CONF_CMD(Certificate, "cert", SSL_CONF_FLAG_CERTIFICATE, 654 SSL_CONF_TYPE_FILE), 655 SSL_CONF_CMD(PrivateKey, "key", SSL_CONF_FLAG_CERTIFICATE, 656 SSL_CONF_TYPE_FILE), 657 SSL_CONF_CMD(ServerInfoFile, NULL, 658 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 659 SSL_CONF_TYPE_FILE), 660 SSL_CONF_CMD(ChainCAPath, "chainCApath", SSL_CONF_FLAG_CERTIFICATE, 661 SSL_CONF_TYPE_DIR), 662 SSL_CONF_CMD(ChainCAFile, "chainCAfile", SSL_CONF_FLAG_CERTIFICATE, 663 SSL_CONF_TYPE_FILE), 664 SSL_CONF_CMD(VerifyCAPath, "verifyCApath", SSL_CONF_FLAG_CERTIFICATE, 665 SSL_CONF_TYPE_DIR), 666 SSL_CONF_CMD(VerifyCAFile, "verifyCAfile", SSL_CONF_FLAG_CERTIFICATE, 667 SSL_CONF_TYPE_FILE), 668 SSL_CONF_CMD(RequestCAFile, "requestCAFile", SSL_CONF_FLAG_CERTIFICATE, 669 SSL_CONF_TYPE_FILE), 670 SSL_CONF_CMD(ClientCAFile, NULL, 671 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 672 SSL_CONF_TYPE_FILE), 673 SSL_CONF_CMD(RequestCAPath, NULL, SSL_CONF_FLAG_CERTIFICATE, 674 SSL_CONF_TYPE_DIR), 675 SSL_CONF_CMD(ClientCAPath, NULL, 676 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 677 SSL_CONF_TYPE_DIR), 678#ifndef OPENSSL_NO_DH 679 SSL_CONF_CMD(DHParameters, "dhparam", 680 SSL_CONF_FLAG_SERVER | SSL_CONF_FLAG_CERTIFICATE, 681 SSL_CONF_TYPE_FILE), 682#endif 683 SSL_CONF_CMD_STRING(RecordPadding, "record_padding", 0), 684 SSL_CONF_CMD_STRING(NumTickets, "num_tickets", SSL_CONF_FLAG_SERVER), 685}; 686 687/* Supported switches: must match order of switches in ssl_conf_cmds */ 688static const ssl_switch_tbl ssl_cmd_switches[] = { 689 {SSL_OP_NO_SSLv3, 0}, /* no_ssl3 */ 690 {SSL_OP_NO_TLSv1, 0}, /* no_tls1 */ 691 {SSL_OP_NO_TLSv1_1, 0}, /* no_tls1_1 */ 692 {SSL_OP_NO_TLSv1_2, 0}, /* no_tls1_2 */ 693 {SSL_OP_NO_TLSv1_3, 0}, /* no_tls1_3 */ 694 {SSL_OP_ALL, 0}, /* bugs */ 695 {SSL_OP_NO_COMPRESSION, 0}, /* no_comp */ 696 {SSL_OP_NO_COMPRESSION, SSL_TFLAG_INV}, /* comp */ 697 {SSL_OP_SINGLE_ECDH_USE, 0}, /* ecdh_single */ 698 {SSL_OP_NO_TICKET, 0}, /* no_ticket */ 699 {SSL_OP_CIPHER_SERVER_PREFERENCE, 0}, /* serverpref */ 700 /* legacy_renegotiation */ 701 {SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION, 0}, 702 /* legacy_server_connect */ 703 {SSL_OP_LEGACY_SERVER_CONNECT, 0}, 704 /* no_renegotiation */ 705 {SSL_OP_NO_RENEGOTIATION, 0}, 706 /* no_resumption_on_reneg */ 707 {SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION, 0}, 708 /* no_legacy_server_connect */ 709 {SSL_OP_LEGACY_SERVER_CONNECT, SSL_TFLAG_INV}, 710 /* allow_no_dhe_kex */ 711 {SSL_OP_ALLOW_NO_DHE_KEX, 0}, 712 /* chacha reprioritization */ 713 {SSL_OP_PRIORITIZE_CHACHA, 0}, 714 {SSL_CERT_FLAG_TLS_STRICT, SSL_TFLAG_CERT}, /* strict */ 715 /* no_middlebox */ 716 {SSL_OP_ENABLE_MIDDLEBOX_COMPAT, SSL_TFLAG_INV}, 717 /* anti_replay */ 718 {SSL_OP_NO_ANTI_REPLAY, SSL_TFLAG_INV}, 719 /* no_anti_replay */ 720 {SSL_OP_NO_ANTI_REPLAY, 0}, 721}; 722 723static int ssl_conf_cmd_skip_prefix(SSL_CONF_CTX *cctx, const char **pcmd) 724{ 725 if (!pcmd || !*pcmd) 726 return 0; 727 /* If a prefix is set, check and skip */ 728 if (cctx->prefix) { 729 if (strlen(*pcmd) <= cctx->prefixlen) 730 return 0; 731 if (cctx->flags & SSL_CONF_FLAG_CMDLINE && 732 strncmp(*pcmd, cctx->prefix, cctx->prefixlen)) 733 return 0; 734 if (cctx->flags & SSL_CONF_FLAG_FILE && 735 strncasecmp(*pcmd, cctx->prefix, cctx->prefixlen)) 736 return 0; 737 *pcmd += cctx->prefixlen; 738 } else if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 739 if (**pcmd != '-' || !(*pcmd)[1]) 740 return 0; 741 *pcmd += 1; 742 } 743 return 1; 744} 745 746/* Determine if a command is allowed according to cctx flags */ 747static int ssl_conf_cmd_allowed(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * t) 748{ 749 unsigned int tfl = t->flags; 750 unsigned int cfl = cctx->flags; 751 if ((tfl & SSL_CONF_FLAG_SERVER) && !(cfl & SSL_CONF_FLAG_SERVER)) 752 return 0; 753 if ((tfl & SSL_CONF_FLAG_CLIENT) && !(cfl & SSL_CONF_FLAG_CLIENT)) 754 return 0; 755 if ((tfl & SSL_CONF_FLAG_CERTIFICATE) 756 && !(cfl & SSL_CONF_FLAG_CERTIFICATE)) 757 return 0; 758 return 1; 759} 760 761static const ssl_conf_cmd_tbl *ssl_conf_cmd_lookup(SSL_CONF_CTX *cctx, 762 const char *cmd) 763{ 764 const ssl_conf_cmd_tbl *t; 765 size_t i; 766 if (cmd == NULL) 767 return NULL; 768 769 /* Look for matching parameter name in table */ 770 for (i = 0, t = ssl_conf_cmds; i < OSSL_NELEM(ssl_conf_cmds); i++, t++) { 771 if (ssl_conf_cmd_allowed(cctx, t)) { 772 if (cctx->flags & SSL_CONF_FLAG_CMDLINE) { 773 if (t->str_cmdline && strcmp(t->str_cmdline, cmd) == 0) 774 return t; 775 } 776 if (cctx->flags & SSL_CONF_FLAG_FILE) { 777 if (t->str_file && strcasecmp(t->str_file, cmd) == 0) 778 return t; 779 } 780 } 781 } 782 return NULL; 783} 784 785static int ctrl_switch_option(SSL_CONF_CTX *cctx, const ssl_conf_cmd_tbl * cmd) 786{ 787 /* Find index of command in table */ 788 size_t idx = cmd - ssl_conf_cmds; 789 const ssl_switch_tbl *scmd; 790 /* Sanity check index */ 791 if (idx >= OSSL_NELEM(ssl_cmd_switches)) 792 return 0; 793 /* Obtain switches entry with same index */ 794 scmd = ssl_cmd_switches + idx; 795 ssl_set_option(cctx, scmd->name_flags, scmd->option_value, 1); 796 return 1; 797} 798 799int SSL_CONF_cmd(SSL_CONF_CTX *cctx, const char *cmd, const char *value) 800{ 801 const ssl_conf_cmd_tbl *runcmd; 802 if (cmd == NULL) { 803 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_INVALID_NULL_CMD_NAME); 804 return 0; 805 } 806 807 if (!ssl_conf_cmd_skip_prefix(cctx, &cmd)) 808 return -2; 809 810 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 811 812 if (runcmd) { 813 int rv; 814 if (runcmd->value_type == SSL_CONF_TYPE_NONE) { 815 return ctrl_switch_option(cctx, runcmd); 816 } 817 if (value == NULL) 818 return -3; 819 rv = runcmd->cmd(cctx, value); 820 if (rv > 0) 821 return 2; 822 if (rv == -2) 823 return -2; 824 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { 825 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_BAD_VALUE); 826 ERR_add_error_data(4, "cmd=", cmd, ", value=", value); 827 } 828 return 0; 829 } 830 831 if (cctx->flags & SSL_CONF_FLAG_SHOW_ERRORS) { 832 SSLerr(SSL_F_SSL_CONF_CMD, SSL_R_UNKNOWN_CMD_NAME); 833 ERR_add_error_data(2, "cmd=", cmd); 834 } 835 836 return -2; 837} 838 839int SSL_CONF_cmd_argv(SSL_CONF_CTX *cctx, int *pargc, char ***pargv) 840{ 841 int rv; 842 const char *arg = NULL, *argn; 843 if (pargc && *pargc == 0) 844 return 0; 845 if (!pargc || *pargc > 0) 846 arg = **pargv; 847 if (arg == NULL) 848 return 0; 849 if (!pargc || *pargc > 1) 850 argn = (*pargv)[1]; 851 else 852 argn = NULL; 853 cctx->flags &= ~SSL_CONF_FLAG_FILE; 854 cctx->flags |= SSL_CONF_FLAG_CMDLINE; 855 rv = SSL_CONF_cmd(cctx, arg, argn); 856 if (rv > 0) { 857 /* Success: update pargc, pargv */ 858 (*pargv) += rv; 859 if (pargc) 860 (*pargc) -= rv; 861 return rv; 862 } 863 /* Unknown switch: indicate no arguments processed */ 864 if (rv == -2) 865 return 0; 866 /* Some error occurred processing command, return fatal error */ 867 if (rv == 0) 868 return -1; 869 return rv; 870} 871 872int SSL_CONF_cmd_value_type(SSL_CONF_CTX *cctx, const char *cmd) 873{ 874 if (ssl_conf_cmd_skip_prefix(cctx, &cmd)) { 875 const ssl_conf_cmd_tbl *runcmd; 876 runcmd = ssl_conf_cmd_lookup(cctx, cmd); 877 if (runcmd) 878 return runcmd->value_type; 879 } 880 return SSL_CONF_TYPE_UNKNOWN; 881} 882 883SSL_CONF_CTX *SSL_CONF_CTX_new(void) 884{ 885 SSL_CONF_CTX *ret = OPENSSL_zalloc(sizeof(*ret)); 886 887 return ret; 888} 889 890int SSL_CONF_CTX_finish(SSL_CONF_CTX *cctx) 891{ 892 /* See if any certificates are missing private keys */ 893 size_t i; 894 CERT *c = NULL; 895 if (cctx->ctx) 896 c = cctx->ctx->cert; 897 else if (cctx->ssl) 898 c = cctx->ssl->cert; 899 if (c && cctx->flags & SSL_CONF_FLAG_REQUIRE_PRIVATE) { 900 for (i = 0; i < SSL_PKEY_NUM; i++) { 901 const char *p = cctx->cert_filename[i]; 902 /* 903 * If missing private key try to load one from certificate file 904 */ 905 if (p && !c->pkeys[i].privatekey) { 906 if (!cmd_PrivateKey(cctx, p)) 907 return 0; 908 } 909 } 910 } 911 if (cctx->canames) { 912 if (cctx->ssl) 913 SSL_set0_CA_list(cctx->ssl, cctx->canames); 914 else if (cctx->ctx) 915 SSL_CTX_set0_CA_list(cctx->ctx, cctx->canames); 916 else 917 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 918 cctx->canames = NULL; 919 } 920 return 1; 921} 922 923void SSL_CONF_CTX_free(SSL_CONF_CTX *cctx) 924{ 925 if (cctx) { 926 size_t i; 927 for (i = 0; i < SSL_PKEY_NUM; i++) 928 OPENSSL_free(cctx->cert_filename[i]); 929 OPENSSL_free(cctx->prefix); 930 sk_X509_NAME_pop_free(cctx->canames, X509_NAME_free); 931 OPENSSL_free(cctx); 932 } 933} 934 935unsigned int SSL_CONF_CTX_set_flags(SSL_CONF_CTX *cctx, unsigned int flags) 936{ 937 cctx->flags |= flags; 938 return cctx->flags; 939} 940 941unsigned int SSL_CONF_CTX_clear_flags(SSL_CONF_CTX *cctx, unsigned int flags) 942{ 943 cctx->flags &= ~flags; 944 return cctx->flags; 945} 946 947int SSL_CONF_CTX_set1_prefix(SSL_CONF_CTX *cctx, const char *pre) 948{ 949 char *tmp = NULL; 950 if (pre) { 951 tmp = OPENSSL_strdup(pre); 952 if (tmp == NULL) 953 return 0; 954 } 955 OPENSSL_free(cctx->prefix); 956 cctx->prefix = tmp; 957 if (tmp) 958 cctx->prefixlen = strlen(tmp); 959 else 960 cctx->prefixlen = 0; 961 return 1; 962} 963 964void SSL_CONF_CTX_set_ssl(SSL_CONF_CTX *cctx, SSL *ssl) 965{ 966 cctx->ssl = ssl; 967 cctx->ctx = NULL; 968 if (ssl) { 969 cctx->poptions = &ssl->options; 970 cctx->min_version = &ssl->min_proto_version; 971 cctx->max_version = &ssl->max_proto_version; 972 cctx->pcert_flags = &ssl->cert->cert_flags; 973 cctx->pvfy_flags = &ssl->verify_mode; 974 } else { 975 cctx->poptions = NULL; 976 cctx->min_version = NULL; 977 cctx->max_version = NULL; 978 cctx->pcert_flags = NULL; 979 cctx->pvfy_flags = NULL; 980 } 981} 982 983void SSL_CONF_CTX_set_ssl_ctx(SSL_CONF_CTX *cctx, SSL_CTX *ctx) 984{ 985 cctx->ctx = ctx; 986 cctx->ssl = NULL; 987 if (ctx) { 988 cctx->poptions = &ctx->options; 989 cctx->min_version = &ctx->min_proto_version; 990 cctx->max_version = &ctx->max_proto_version; 991 cctx->pcert_flags = &ctx->cert->cert_flags; 992 cctx->pvfy_flags = &ctx->verify_mode; 993 } else { 994 cctx->poptions = NULL; 995 cctx->min_version = NULL; 996 cctx->max_version = NULL; 997 cctx->pcert_flags = NULL; 998 cctx->pvfy_flags = NULL; 999 } 1000} 1001