1/* $NetBSD: tls.h,v 1.5 2023/12/23 20:30:45 christos Exp $ */ 2 3#ifndef _TLS_H_INCLUDED_ 4#define _TLS_H_INCLUDED_ 5 6/*++ 7/* NAME 8/* tls 3h 9/* SUMMARY 10/* libtls internal interfaces 11/* SYNOPSIS 12/* #include <tls.h> 13/* DESCRIPTION 14/* .nf 15 16 /* 17 * Utility library. 18 */ 19#include <name_code.h> 20#include <argv.h> 21 22 /* 23 * TLS enforcement levels. Non-sentinel values may also be used to indicate 24 * the actual security level of a session. 25 * 26 * XXX TLS_LEV_NOTFOUND no longer belongs in this list. The SMTP client will 27 * have to use something else to report that policy table lookup failed. 28 * 29 * The order of levels matters, but we hide most of the details in macros. 30 * 31 * "dane" vs. "fingerprint", both must lie between "encrypt" and "verify". 32 * 33 * - With "may" and higher, TLS is enabled. 34 * 35 * - With "encrypt" and higher, TLS encryption must be applied. 36 * 37 * - Strictly above "encrypt", the peer certificate must match. 38 * 39 * - At "dane" and higher, the peer certificate must also be trusted. With 40 * "dane" the trust may be self-asserted, so we only log trust verification 41 * errors when TA associations are involved. 42 */ 43#define TLS_LEV_INVALID -2 /* sentinel */ 44#define TLS_LEV_NOTFOUND -1 /* XXX not in policy table */ 45#define TLS_LEV_NONE 0 /* plain-text only */ 46#define TLS_LEV_MAY 1 /* wildcard */ 47#define TLS_LEV_ENCRYPT 2 /* encrypted connection */ 48#define TLS_LEV_FPRINT 3 /* "peer" CA-less verification */ 49#define TLS_LEV_HALF_DANE 4 /* DANE TLSA MX host, insecure MX RR */ 50#define TLS_LEV_DANE 5 /* Opportunistic TLSA policy */ 51#define TLS_LEV_DANE_ONLY 6 /* Required TLSA policy */ 52#define TLS_LEV_VERIFY 7 /* certificate verified */ 53#define TLS_LEV_SECURE 8 /* "secure" verification */ 54 55#define TLS_REQUIRED(l) ((l) > TLS_LEV_MAY) 56#define TLS_MUST_MATCH(l) ((l) > TLS_LEV_ENCRYPT) 57#define TLS_MUST_PKIX(l) ((l) >= TLS_LEV_VERIFY) 58#define TLS_OPPORTUNISTIC(l) ((l) == TLS_LEV_MAY || (l) == TLS_LEV_DANE) 59#define TLS_DANE_BASED(l) \ 60 ((l) >= TLS_LEV_HALF_DANE && (l) <= TLS_LEV_DANE_ONLY) 61#define TLS_NEVER_SECURED(l) ((l) == TLS_LEV_HALF_DANE) 62 63extern int tls_level_lookup(const char *); 64extern const char *str_tls_level(int); 65 66#ifdef USE_TLS 67 68 /* 69 * OpenSSL library. 70 */ 71#include <openssl/lhash.h> 72#include <openssl/bn.h> 73#include <openssl/err.h> 74#include <openssl/pem.h> 75#include <openssl/x509.h> 76#include <openssl/x509v3.h> 77#include <openssl/rand.h> 78#include <openssl/crypto.h> /* Legacy SSLEAY_VERSION_NUMBER */ 79#include <openssl/evp.h> /* New OpenSSL 3.0 EVP_PKEY APIs */ 80#include <openssl/opensslv.h> /* OPENSSL_VERSION_NUMBER */ 81#include <openssl/ssl.h> 82#include <openssl/conf.h> 83 84 /* Appease indent(1) */ 85#define x509_stack_t STACK_OF(X509) 86#define general_name_stack_t STACK_OF(GENERAL_NAME) 87#define ssl_cipher_stack_t STACK_OF(SSL_CIPHER) 88#define ssl_comp_stack_t STACK_OF(SSL_COMP) 89 90/*- 91 * Official way to check minimum OpenSSL API version from 3.0 onward. 92 * We simply define it false for all prior versions, where we typically also 93 * need the patch level to determine API compatibility. 94 */ 95#ifndef OPENSSL_VERSION_PREREQ 96#define OPENSSL_VERSION_PREREQ(m,n) 0 97#endif 98 99#if (OPENSSL_VERSION_NUMBER < 0x1010100fUL) 100#error "OpenSSL releases prior to 1.1.1 are no longer supported" 101#endif 102 103 /*- 104 * Backwards compatibility with OpenSSL < 1.1.1a. 105 * 106 * In OpenSSL 1.1.1a the client-only interface SSL_get_server_tmp_key() was 107 * updated to work on both the client and the server, and was renamed to 108 * SSL_get_peer_tmp_key(), with the original name left behind as an alias. We 109 * use the new name when available. 110 */ 111#if OPENSSL_VERSION_NUMBER < 0x1010101fUL 112#undef SSL_get_signature_nid 113#define SSL_get_signature_nid(ssl, pnid) (NID_undef) 114#define tls_get_peer_dh_pubkey SSL_get_server_tmp_key 115#else 116#define tls_get_peer_dh_pubkey SSL_get_peer_tmp_key 117#endif 118 119#if OPENSSL_VERSION_PREREQ(3,0) 120#define TLS_PEEK_PEER_CERT(ssl) SSL_get0_peer_certificate(ssl) 121#define TLS_FREE_PEER_CERT(x) ((void) 0) 122#define tls_set_bio_callback BIO_set_callback_ex 123#else 124#define TLS_PEEK_PEER_CERT(ssl) SSL_get_peer_certificate(ssl) 125#define TLS_FREE_PEER_CERT(x) X509_free(x) 126#define tls_set_bio_callback BIO_set_callback 127#endif 128 129 /* 130 * Utility library. 131 */ 132#include <vstream.h> 133#include <name_mask.h> 134#include <name_code.h> 135 136 /* 137 * TLS library. 138 */ 139#include <dns.h> 140 141 /* 142 * TLS role, presently for logging. 143 */ 144typedef enum { 145 TLS_ROLE_CLIENT, TLS_ROLE_SERVER, 146} TLS_ROLE; 147 148typedef enum { 149 TLS_USAGE_NEW, TLS_USAGE_USED, 150} TLS_USAGE; 151 152 /* 153 * Names of valid tlsmgr(8) session caches. 154 */ 155#define TLS_MGR_SCACHE_SMTPD "smtpd" 156#define TLS_MGR_SCACHE_SMTP "smtp" 157#define TLS_MGR_SCACHE_LMTP "lmtp" 158 159 /* 160 * RFC 6698, 7671, 7672 DANE 161 */ 162#define TLS_DANE_TA 0 /* Match trust-anchor digests */ 163#define TLS_DANE_EE 1 /* Match end-entity digests */ 164 165#define TLS_DANE_CERT 0 /* Match the certificate digest */ 166#define TLS_DANE_PKEY 1 /* Match the public key digest */ 167 168#define TLS_DANE_FLAG_NORRS (1<<0) /* Nothing found in DNS */ 169#define TLS_DANE_FLAG_EMPTY (1<<1) /* Nothing usable found in DNS */ 170#define TLS_DANE_FLAG_ERROR (1<<2) /* TLSA record lookup error */ 171 172#define tls_dane_unusable(dane) ((dane)->flags & TLS_DANE_FLAG_EMPTY) 173#define tls_dane_notfound(dane) ((dane)->flags & TLS_DANE_FLAG_NORRS) 174 175#define TLS_DANE_CACHE_TTL_MIN 1 /* A lot can happen in ~2 seconds */ 176#define TLS_DANE_CACHE_TTL_MAX 100 /* Comparable to max_idle */ 177 178 /* 179 * Certificate and public key digests (typically from TLSA RRs), grouped by 180 * algorithm. 181 */ 182typedef struct TLS_TLSA { 183 uint8_t usage; /* DANE certificate usage */ 184 uint8_t selector; /* DANE selector */ 185 uint8_t mtype; /* Algorithm for this digest list */ 186 uint16_t length; /* Length of associated data */ 187 unsigned char *data; /* Associated data */ 188 struct TLS_TLSA *next; /* Chain to next algorithm */ 189} TLS_TLSA; 190 191typedef struct TLS_DANE { 192 TLS_TLSA *tlsa; /* TLSA records */ 193 char *base_domain; /* Base domain of TLSA RRset */ 194 int flags; /* Lookup status */ 195 time_t expires; /* Expiration time of this record */ 196 int refs; /* Reference count */ 197} TLS_DANE; 198 199 /* 200 * tls_dane.c 201 */ 202extern int tls_dane_avail(void); 203extern void tls_dane_loglevel(const char *, const char *); 204extern void tls_dane_flush(void); 205extern TLS_DANE *tls_dane_alloc(void); 206extern void tls_tlsa_free(TLS_TLSA *); 207extern void tls_dane_free(TLS_DANE *); 208extern void tls_dane_add_fpt_digests(TLS_DANE *, const char *, const char *, 209 int); 210extern TLS_DANE *tls_dane_resolve(unsigned, const char *, DNS_RR *, int); 211extern int tls_dane_load_trustfile(TLS_DANE *, const char *); 212 213 /* 214 * TLS session context, also used by the VSTREAM call-back routines for SMTP 215 * input/output, and by OpenSSL call-back routines for key verification. 216 * 217 * Only some members are (read-only) accessible by the public. 218 */ 219#define CCERT_BUFSIZ 256 220 221typedef struct { 222 /* Public, read-only. */ 223 char *peer_CN; /* Peer Common Name */ 224 char *issuer_CN; /* Issuer Common Name */ 225 char *peer_sni; /* SNI sent to or by the peer */ 226 char *peer_cert_fprint; /* ASCII certificate fingerprint */ 227 char *peer_pkey_fprint; /* ASCII public key fingerprint */ 228 int level; /* Effective security level */ 229 int peer_status; /* Certificate and match status */ 230 const char *protocol; 231 const char *cipher_name; 232 int cipher_usebits; 233 int cipher_algbits; 234 const char *kex_name; /* shared key-exchange algorithm */ 235 const char *kex_curve; /* shared key-exchange ECDHE curve */ 236 int kex_bits; /* shared FFDHE key exchange bits */ 237 const char *clnt_sig_name; /* client's signature key algorithm */ 238 const char *clnt_sig_curve; /* client's ECDSA curve name */ 239 int clnt_sig_bits; /* client's RSA signature key bits */ 240 const char *clnt_sig_dgst; /* client's signature digest */ 241 const char *srvr_sig_name; /* server's signature key algorithm */ 242 const char *srvr_sig_curve; /* server's ECDSA curve name */ 243 int srvr_sig_bits; /* server's RSA signature key bits */ 244 const char *srvr_sig_dgst; /* server's signature digest */ 245 /* Private. */ 246 SSL *con; 247 char *cache_type; /* tlsmgr(8) cache type if enabled */ 248 int ticketed; /* Session ticket issued */ 249 char *serverid; /* unique server identifier */ 250 char *namaddr; /* nam[addr] for logging */ 251 int log_mask; /* What to log */ 252 int session_reused; /* this session was reused */ 253 int am_server; /* Are we an SSL server or client? */ 254 const char *mdalg; /* default message digest algorithm */ 255 /* Built-in vs external SSL_accept/read/write/shutdown support. */ 256 VSTREAM *stream; /* Blocking-mode SMTP session */ 257 /* DANE TLSA trust input and verification state */ 258 const TLS_DANE *dane; /* DANE TLSA digests */ 259 X509 *errorcert; /* Error certificate closest to leaf */ 260 int errordepth; /* Chain depth of error cert */ 261 int errorcode; /* First error at error depth */ 262 int must_fail; /* Failed to load trust settings */ 263} TLS_SESS_STATE; 264 265 /* 266 * Peer status bits. TLS_CERT_FLAG_MATCHED implies TLS_CERT_FLAG_TRUSTED 267 * only in the case of a hostname match. 268 */ 269#define TLS_CERT_FLAG_PRESENT (1<<0) 270#define TLS_CERT_FLAG_ALTNAME (1<<1) 271#define TLS_CERT_FLAG_TRUSTED (1<<2) 272#define TLS_CERT_FLAG_MATCHED (1<<3) 273#define TLS_CERT_FLAG_SECURED (1<<4) 274 275#define TLS_CERT_IS_PRESENT(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_PRESENT)) 276#define TLS_CERT_IS_ALTNAME(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_ALTNAME)) 277#define TLS_CERT_IS_TRUSTED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_TRUSTED)) 278#define TLS_CERT_IS_MATCHED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_MATCHED)) 279#define TLS_CERT_IS_SECURED(c) ((c) && ((c)->peer_status&TLS_CERT_FLAG_SECURED)) 280 281 /* 282 * Opaque client context handle. 283 */ 284typedef struct TLS_APPL_STATE TLS_APPL_STATE; 285 286#ifdef TLS_INTERNAL 287 288 /* 289 * Log mask details are internal to the library. 290 */ 291extern int tls_log_mask(const char *, const char *); 292 293 /* 294 * What to log. 295 */ 296#define TLS_LOG_NONE (1<<0) 297#define TLS_LOG_SUMMARY (1<<1) 298#define TLS_LOG_UNTRUSTED (1<<2) 299#define TLS_LOG_PEERCERT (1<<3) 300#define TLS_LOG_CERTMATCH (1<<4) 301#define TLS_LOG_VERBOSE (1<<5) 302#define TLS_LOG_CACHE (1<<6) 303#define TLS_LOG_DEBUG (1<<7) 304#define TLS_LOG_TLSPKTS (1<<8) 305#define TLS_LOG_ALLPKTS (1<<9) 306#define TLS_LOG_DANE (1<<10) 307 308 /* 309 * Client and Server application contexts 310 */ 311struct TLS_APPL_STATE { 312 SSL_CTX *ssl_ctx; 313 SSL_CTX *sni_ctx; 314 int log_mask; 315 char *cache_type; 316}; 317 318 /* 319 * tls_misc.c Application-context update and disposal. 320 */ 321extern void tls_update_app_logmask(TLS_APPL_STATE *, int); 322extern void tls_free_app_context(TLS_APPL_STATE *); 323 324 /* 325 * tls_misc.c 326 */ 327extern void tls_param_init(void); 328extern int tls_library_init(void); 329 330 /* 331 * Protocol selection. 332 */ 333#define TLS_PROTOCOL_INVALID (~0) /* All protocol bits masked */ 334 335#ifdef SSL_TXT_SSLV2 336#define TLS_PROTOCOL_SSLv2 (1<<0) /* SSLv2 */ 337#else 338#define SSL_TXT_SSLV2 "SSLv2" 339#define TLS_PROTOCOL_SSLv2 0 /* Unknown */ 340#undef SSL_OP_NO_SSLv2 341#define SSL_OP_NO_SSLv2 0L /* Noop */ 342#endif 343 344#ifdef SSL_TXT_SSLV3 345#define TLS_PROTOCOL_SSLv3 (1<<1) /* SSLv3 */ 346#else 347#define SSL_TXT_SSLV3 "SSLv3" 348#define TLS_PROTOCOL_SSLv3 0 /* Unknown */ 349#undef SSL_OP_NO_SSLv3 350#define SSL_OP_NO_SSLv3 0L /* Noop */ 351#endif 352 353#ifdef SSL_TXT_TLSV1 354#define TLS_PROTOCOL_TLSv1 (1<<2) /* TLSv1 */ 355#else 356#define SSL_TXT_TLSV1 "TLSv1" 357#define TLS_PROTOCOL_TLSv1 0 /* Unknown */ 358#undef SSL_OP_NO_TLSv1 359#define SSL_OP_NO_TLSv1 0L /* Noop */ 360#endif 361 362#ifdef SSL_TXT_TLSV1_1 363#define TLS_PROTOCOL_TLSv1_1 (1<<3) /* TLSv1_1 */ 364#else 365#define SSL_TXT_TLSV1_1 "TLSv1.1" 366#define TLS_PROTOCOL_TLSv1_1 0 /* Unknown */ 367#undef SSL_OP_NO_TLSv1_1 368#define SSL_OP_NO_TLSv1_1 0L /* Noop */ 369#endif 370 371#ifdef SSL_TXT_TLSV1_2 372#define TLS_PROTOCOL_TLSv1_2 (1<<4) /* TLSv1_2 */ 373#else 374#define SSL_TXT_TLSV1_2 "TLSv1.2" 375#define TLS_PROTOCOL_TLSv1_2 0 /* Unknown */ 376#undef SSL_OP_NO_TLSv1_2 377#define SSL_OP_NO_TLSv1_2 0L /* Noop */ 378#endif 379 380 /* 381 * OpenSSL 1.1.1 does not define a TXT macro for TLS 1.3, so we roll our 382 * own. 383 */ 384#define TLS_PROTOCOL_TXT_TLSV1_3 "TLSv1.3" 385 386#if defined(TLS1_3_VERSION) && defined(SSL_OP_NO_TLSv1_3) 387#define TLS_PROTOCOL_TLSv1_3 (1<<5) /* TLSv1_3 */ 388#else 389#define TLS_PROTOCOL_TLSv1_3 0 /* Unknown */ 390#undef SSL_OP_NO_TLSv1_3 391#define SSL_OP_NO_TLSv1_3 0L /* Noop */ 392#endif 393 394/* 395 * Always used when defined, SMTP has no truncation attacks. 396 */ 397#ifndef SSL_OP_IGNORE_UNEXPECTED_EOF 398#define SSL_OP_IGNORE_UNEXPECTED_EOF 0L 399#endif 400 401#define TLS_KNOWN_PROTOCOLS \ 402 ( TLS_PROTOCOL_SSLv2 | TLS_PROTOCOL_SSLv3 | TLS_PROTOCOL_TLSv1 \ 403 | TLS_PROTOCOL_TLSv1_1 | TLS_PROTOCOL_TLSv1_2 | TLS_PROTOCOL_TLSv1_3 ) 404#define TLS_SSL_OP_PROTOMASK(m) \ 405 ((((m) & TLS_PROTOCOL_SSLv2) ? SSL_OP_NO_SSLv2 : 0L) \ 406 | (((m) & TLS_PROTOCOL_SSLv3) ? SSL_OP_NO_SSLv3 : 0L) \ 407 | (((m) & TLS_PROTOCOL_TLSv1) ? SSL_OP_NO_TLSv1 : 0L) \ 408 | (((m) & TLS_PROTOCOL_TLSv1_1) ? SSL_OP_NO_TLSv1_1 : 0L) \ 409 | (((m) & TLS_PROTOCOL_TLSv1_2) ? SSL_OP_NO_TLSv1_2 : 0L) \ 410 | (((m) & TLS_PROTOCOL_TLSv1_3) ? SSL_OP_NO_TLSv1_3 : 0L)) 411 412/* 413 * SSL options that are managed via dedicated Postfix features, rather than 414 * just exposed via hex codes or named elements of tls_ssl_options. 415 */ 416#define TLS_SSL_OP_MANAGED_BITS \ 417 (SSL_OP_CIPHER_SERVER_PREFERENCE | SSL_OP_IGNORE_UNEXPECTED_EOF | \ 418 TLS_SSL_OP_PROTOMASK(~0)) 419 420extern int tls_proto_mask_lims(const char *, int *, int *); 421 422 /* 423 * Cipher grade selection. 424 */ 425#define TLS_CIPHER_NONE 0 426#define TLS_CIPHER_NULL 1 427#define TLS_CIPHER_EXPORT 2 428#define TLS_CIPHER_LOW 3 429#define TLS_CIPHER_MEDIUM 4 430#define TLS_CIPHER_HIGH 5 431 432extern const NAME_CODE tls_cipher_grade_table[]; 433 434#define tls_cipher_grade(str) \ 435 name_code(tls_cipher_grade_table, NAME_CODE_FLAG_NONE, (str)) 436#define str_tls_cipher_grade(gr) \ 437 str_name_code(tls_cipher_grade_table, (gr)) 438 439 /* 440 * Cipher lists with exclusions. 441 */ 442extern const char *tls_set_ciphers(TLS_SESS_STATE *, const char *, 443 const char *); 444 445 /* 446 * Populate TLS context with TLS 1.3-related signature parameters. 447 */ 448extern void tls_get_signature_params(TLS_SESS_STATE *); 449 450#endif /* TLS_INTERNAL */ 451 452 /* 453 * tls_client.c 454 */ 455typedef struct { 456 const char *log_param; 457 const char *log_level; 458 int verifydepth; 459 const char *cache_type; 460 const char *chain_files; 461 const char *cert_file; 462 const char *key_file; 463 const char *dcert_file; 464 const char *dkey_file; 465 const char *eccert_file; 466 const char *eckey_file; 467 const char *CAfile; 468 const char *CApath; 469 const char *mdalg; /* default message digest algorithm */ 470} TLS_CLIENT_INIT_PROPS; 471 472typedef struct { 473 TLS_APPL_STATE *ctx; 474 VSTREAM *stream; 475 int fd; /* Event-driven file descriptor */ 476 int timeout; 477 int tls_level; /* Security level */ 478 const char *nexthop; /* destination domain */ 479 const char *host; /* MX hostname */ 480 const char *namaddr; /* nam[addr] for logging */ 481 const char *sni; /* optional SNI name when not DANE */ 482 const char *serverid; /* Session cache key */ 483 const char *helo; /* Server name from EHLO response */ 484 const char *protocols; /* Enabled protocols */ 485 const char *cipher_grade; /* Minimum cipher grade */ 486 const char *cipher_exclusions; /* Ciphers to exclude */ 487 const ARGV *matchargv; /* Cert match patterns */ 488 const char *mdalg; /* default message digest algorithm */ 489 const TLS_DANE *dane; /* DANE TLSA verification */ 490} TLS_CLIENT_START_PROPS; 491 492extern TLS_APPL_STATE *tls_client_init(const TLS_CLIENT_INIT_PROPS *); 493extern TLS_SESS_STATE *tls_client_start(const TLS_CLIENT_START_PROPS *); 494extern TLS_SESS_STATE *tls_client_post_connect(TLS_SESS_STATE *, 495 const TLS_CLIENT_START_PROPS *); 496 497#define tls_client_stop(ctx, stream, timeout, failure, TLScontext) \ 498 tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext)) 499 500#define TLS_CLIENT_INIT_ARGS(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \ 501 a10, a11, a12, a13, a14) \ 502 (((props)->a1), ((props)->a2), ((props)->a3), \ 503 ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \ 504 ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \ 505 ((props)->a12), ((props)->a13), ((props)->a14), (props)) 506 507#define TLS_CLIENT_INIT(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \ 508 a10, a11, a12, a13, a14) \ 509 tls_client_init(TLS_CLIENT_INIT_ARGS(props, a1, a2, a3, a4, a5, \ 510 a6, a7, a8, a9, a10, a11, a12, a13, a14)) 511 512#define TLS_CLIENT_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \ 513 a10, a11, a12, a13, a14, a15, a16, a17) \ 514 tls_client_start((((props)->a1), ((props)->a2), ((props)->a3), \ 515 ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \ 516 ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \ 517 ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15), \ 518 ((props)->a16), ((props)->a17), (props))) 519 520 /* 521 * tls_server.c 522 */ 523typedef struct { 524 const char *log_param; 525 const char *log_level; 526 int verifydepth; 527 const char *cache_type; 528 int set_sessid; 529 const char *chain_files; 530 const char *cert_file; 531 const char *key_file; 532 const char *dcert_file; 533 const char *dkey_file; 534 const char *eccert_file; 535 const char *eckey_file; 536 const char *CAfile; 537 const char *CApath; 538 const char *protocols; 539 const char *eecdh_grade; 540 const char *dh1024_param_file; 541 const char *dh512_param_file; 542 int ask_ccert; 543 const char *mdalg; /* default message digest algorithm */ 544} TLS_SERVER_INIT_PROPS; 545 546typedef struct { 547 TLS_APPL_STATE *ctx; /* TLS application context */ 548 VSTREAM *stream; /* Client stream */ 549 int fd; /* Event-driven file descriptor */ 550 int timeout; /* TLS handshake timeout */ 551 int requirecert; /* Insist on client cert? */ 552 const char *serverid; /* Server instance (salt cache key) */ 553 const char *namaddr; /* Client nam[addr] for logging */ 554 const char *cipher_grade; 555 const char *cipher_exclusions; 556 const char *mdalg; /* default message digest algorithm */ 557} TLS_SERVER_START_PROPS; 558 559extern TLS_APPL_STATE *tls_server_init(const TLS_SERVER_INIT_PROPS *); 560extern TLS_SESS_STATE *tls_server_start(const TLS_SERVER_START_PROPS *props); 561extern TLS_SESS_STATE *tls_server_post_accept(TLS_SESS_STATE *); 562 563#define tls_server_stop(ctx, stream, timeout, failure, TLScontext) \ 564 tls_session_stop(ctx, (stream), (timeout), (failure), (TLScontext)) 565 566#define TLS_SERVER_INIT(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, \ 567 a10, a11, a12, a13, a14, a15, a16, a17, a18, a19, a20) \ 568 tls_server_init((((props)->a1), ((props)->a2), ((props)->a3), \ 569 ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \ 570 ((props)->a8), ((props)->a9), ((props)->a10), ((props)->a11), \ 571 ((props)->a12), ((props)->a13), ((props)->a14), ((props)->a15), \ 572 ((props)->a16), ((props)->a17), ((props)->a18), ((props)->a19), \ 573 ((props)->a20), (props))) 574 575#define TLS_SERVER_START(props, a1, a2, a3, a4, a5, a6, a7, a8, a9, a10) \ 576 tls_server_start((((props)->a1), ((props)->a2), ((props)->a3), \ 577 ((props)->a4), ((props)->a5), ((props)->a6), ((props)->a7), \ 578 ((props)->a8), ((props)->a9), ((props)->a10), (props))) 579 580 /* 581 * tls_session.c 582 */ 583extern void tls_session_stop(TLS_APPL_STATE *, VSTREAM *, int, int, TLS_SESS_STATE *); 584 585 /* 586 * tls_misc.c 587 */ 588extern const char *tls_compile_version(void); 589extern const char *tls_run_version(void); 590extern const char **tls_pkey_algorithms(void); 591extern void tls_log_summary(TLS_ROLE, TLS_USAGE, TLS_SESS_STATE *); 592extern void tls_pre_jail_init(TLS_ROLE); 593 594#ifdef TLS_INTERNAL 595 596#include <vstring.h> 597 598extern VSTRING *tls_session_passivate(SSL_SESSION *); 599extern SSL_SESSION *tls_session_activate(const char *, int); 600 601 /* 602 * tls_stream.c. 603 */ 604extern void tls_stream_start(VSTREAM *, TLS_SESS_STATE *); 605extern void tls_stream_stop(VSTREAM *); 606 607 /* 608 * tls_bio_ops.c: a generic multi-personality driver that retries SSL 609 * operations until they are satisfied or until a hard error happens. 610 * Because of its ugly multi-personality user interface we invoke it via 611 * not-so-ugly single-personality wrappers. 612 */ 613extern int tls_bio(int, int, TLS_SESS_STATE *, 614 int (*) (SSL *), /* handshake */ 615 int (*) (SSL *, void *, int), /* read */ 616 int (*) (SSL *, const void *, int), /* write */ 617 void *, int); 618 619#define tls_bio_connect(fd, timeout, context) \ 620 tls_bio((fd), (timeout), (context), SSL_connect, \ 621 NULL, NULL, NULL, 0) 622#define tls_bio_accept(fd, timeout, context) \ 623 tls_bio((fd), (timeout), (context), SSL_accept, \ 624 NULL, NULL, NULL, 0) 625#define tls_bio_shutdown(fd, timeout, context) \ 626 tls_bio((fd), (timeout), (context), SSL_shutdown, \ 627 NULL, NULL, NULL, 0) 628#define tls_bio_read(fd, buf, len, timeout, context) \ 629 tls_bio((fd), (timeout), (context), NULL, \ 630 SSL_read, NULL, (buf), (len)) 631#define tls_bio_write(fd, buf, len, timeout, context) \ 632 tls_bio((fd), (timeout), (context), NULL, \ 633 NULL, SSL_write, (buf), (len)) 634 635 /* 636 * tls_dh.c 637 */ 638extern void tls_set_dh_from_file(const char *); 639extern void tls_tmp_dh(SSL_CTX *, int); 640extern void tls_auto_groups(SSL_CTX *, const char *, const char *); 641 642 /* 643 * tls_verify.c 644 */ 645extern char *tls_peer_CN(X509 *, const TLS_SESS_STATE *); 646extern char *tls_issuer_CN(X509 *, const TLS_SESS_STATE *); 647extern int tls_verify_certificate_callback(int, X509_STORE_CTX *); 648extern void tls_log_verify_error(TLS_SESS_STATE *); 649 650 /* 651 * tls_dane.c 652 */ 653extern void tls_dane_log(TLS_SESS_STATE *); 654extern void tls_dane_digest_init(SSL_CTX *, const EVP_MD *); 655extern int tls_dane_enable(TLS_SESS_STATE *); 656extern TLS_TLSA *tlsa_prepend(TLS_TLSA *, uint8_t, uint8_t, uint8_t, 657 const unsigned char *, uint16_t); 658 659 /* 660 * tls_fprint.c 661 */ 662extern const EVP_MD *tls_digest_byname(const char *, EVP_MD_CTX **); 663extern char *tls_digest_encode(const unsigned char *, int); 664extern char *tls_cert_fprint(X509 *, const char *); 665extern char *tls_pkey_fprint(X509 *, const char *); 666extern char *tls_serverid_digest(TLS_SESS_STATE *, 667 const TLS_CLIENT_START_PROPS *, const char *); 668 669 /* 670 * tls_certkey.c 671 */ 672extern int tls_set_ca_certificate_info(SSL_CTX *, const char *, const char *); 673extern int tls_load_pem_chain(SSL *, const char *, const char *); 674extern int tls_set_my_certificate_key_info(SSL_CTX *, /* All */ const char *, 675 /* RSA */ const char *, const char *, 676 /* DSA */ const char *, const char *, 677 /* ECDSA */ const char *, const char *); 678 679 /* 680 * tls_misc.c 681 */ 682extern int TLScontext_index; 683 684extern TLS_APPL_STATE *tls_alloc_app_context(SSL_CTX *, SSL_CTX *, int); 685extern TLS_SESS_STATE *tls_alloc_sess_context(int, const char *); 686extern void tls_free_context(TLS_SESS_STATE *); 687extern void tls_check_version(void); 688extern long tls_bug_bits(void); 689extern void tls_print_errors(void); 690extern void tls_info_callback(const SSL *, int, int); 691 692#if OPENSSL_VERSION_PREREQ(3,0) 693extern long tls_bio_dump_cb(BIO *, int, const char *, size_t, int, long, 694 int, size_t *); 695 696#else 697extern long tls_bio_dump_cb(BIO *, int, const char *, int, long, long); 698 699#endif 700extern const EVP_MD *tls_validate_digest(const char *); 701 702 /* 703 * tls_seed.c 704 */ 705extern void tls_int_seed(void); 706extern int tls_ext_seed(int); 707 708#endif /* TLS_INTERNAL */ 709 710/* LICENSE 711/* .ad 712/* .fi 713/* The Secure Mailer license must be distributed with this software. 714/* AUTHOR(S) 715/* Wietse Venema 716/* IBM T.J. Watson Research 717/* P.O. Box 704 718/* Yorktown Heights, NY 10598, USA 719/* 720/* Wietse Venema 721/* Google, Inc. 722/* 111 8th Avenue 723/* New York, NY 10011, USA 724/* 725/* Victor Duchovni 726/* Morgan Stanley 727/*--*/ 728 729#endif /* USE_TLS */ 730#endif /* _TLS_H_INCLUDED_ */ 731