1 |
|
|
/* $OpenBSD: tls_client.c,v 1.43 2017/08/10 18:18:30 jsing Exp $ */ |
2 |
|
|
/* |
3 |
|
|
* Copyright (c) 2014 Joel Sing <jsing@openbsd.org> |
4 |
|
|
* |
5 |
|
|
* Permission to use, copy, modify, and distribute this software for any |
6 |
|
|
* purpose with or without fee is hereby granted, provided that the above |
7 |
|
|
* copyright notice and this permission notice appear in all copies. |
8 |
|
|
* |
9 |
|
|
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES |
10 |
|
|
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF |
11 |
|
|
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR |
12 |
|
|
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES |
13 |
|
|
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN |
14 |
|
|
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF |
15 |
|
|
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. |
16 |
|
|
*/ |
17 |
|
|
|
18 |
|
|
#include <sys/types.h> |
19 |
|
|
#include <sys/socket.h> |
20 |
|
|
|
21 |
|
|
#include <arpa/inet.h> |
22 |
|
|
#include <netinet/in.h> |
23 |
|
|
|
24 |
|
|
#include <netdb.h> |
25 |
|
|
#include <stdlib.h> |
26 |
|
|
#include <unistd.h> |
27 |
|
|
|
28 |
|
|
#include <openssl/err.h> |
29 |
|
|
#include <openssl/x509.h> |
30 |
|
|
|
31 |
|
|
#include <tls.h> |
32 |
|
|
#include "tls_internal.h" |
33 |
|
|
|
34 |
|
|
struct tls * |
35 |
|
|
tls_client(void) |
36 |
|
|
{ |
37 |
|
|
struct tls *ctx; |
38 |
|
|
|
39 |
✗✓ |
180 |
if ((ctx = tls_new()) == NULL) |
40 |
|
|
return (NULL); |
41 |
|
|
|
42 |
|
90 |
ctx->flags |= TLS_CLIENT; |
43 |
|
|
|
44 |
|
90 |
return (ctx); |
45 |
|
90 |
} |
46 |
|
|
|
47 |
|
|
int |
48 |
|
|
tls_connect(struct tls *ctx, const char *host, const char *port) |
49 |
|
|
{ |
50 |
|
|
return tls_connect_servername(ctx, host, port, NULL); |
51 |
|
|
} |
52 |
|
|
|
53 |
|
|
int |
54 |
|
|
tls_connect_servername(struct tls *ctx, const char *host, const char *port, |
55 |
|
|
const char *servername) |
56 |
|
|
{ |
57 |
|
|
struct addrinfo hints, *res, *res0; |
58 |
|
|
const char *h = NULL, *p = NULL; |
59 |
|
|
char *hs = NULL, *ps = NULL; |
60 |
|
|
int rv = -1, s = -1, ret; |
61 |
|
|
|
62 |
|
|
if ((ctx->flags & TLS_CLIENT) == 0) { |
63 |
|
|
tls_set_errorx(ctx, "not a client context"); |
64 |
|
|
goto err; |
65 |
|
|
} |
66 |
|
|
|
67 |
|
|
if (host == NULL) { |
68 |
|
|
tls_set_errorx(ctx, "host not specified"); |
69 |
|
|
goto err; |
70 |
|
|
} |
71 |
|
|
|
72 |
|
|
/* |
73 |
|
|
* If port is NULL try to extract a port from the specified host, |
74 |
|
|
* otherwise use the default. |
75 |
|
|
*/ |
76 |
|
|
if ((p = (char *)port) == NULL) { |
77 |
|
|
ret = tls_host_port(host, &hs, &ps); |
78 |
|
|
if (ret == -1) { |
79 |
|
|
tls_set_errorx(ctx, "memory allocation failure"); |
80 |
|
|
goto err; |
81 |
|
|
} |
82 |
|
|
if (ret != 0) { |
83 |
|
|
tls_set_errorx(ctx, "no port provided"); |
84 |
|
|
goto err; |
85 |
|
|
} |
86 |
|
|
} |
87 |
|
|
|
88 |
|
|
h = (hs != NULL) ? hs : host; |
89 |
|
|
p = (ps != NULL) ? ps : port; |
90 |
|
|
|
91 |
|
|
/* |
92 |
|
|
* First check if the host is specified as a numeric IP address, |
93 |
|
|
* either IPv4 or IPv6, before trying to resolve the host. |
94 |
|
|
* The AI_ADDRCONFIG resolver option will not return IPv4 or IPv6 |
95 |
|
|
* records if it is not configured on an interface; not considering |
96 |
|
|
* loopback addresses. Checking the numeric addresses first makes |
97 |
|
|
* sure that connection attempts to numeric addresses and especially |
98 |
|
|
* 127.0.0.1 or ::1 loopback addresses are always possible. |
99 |
|
|
*/ |
100 |
|
|
memset(&hints, 0, sizeof(hints)); |
101 |
|
|
hints.ai_socktype = SOCK_STREAM; |
102 |
|
|
|
103 |
|
|
/* try as an IPv4 literal */ |
104 |
|
|
hints.ai_family = AF_INET; |
105 |
|
|
hints.ai_flags = AI_NUMERICHOST; |
106 |
|
|
if (getaddrinfo(h, p, &hints, &res0) != 0) { |
107 |
|
|
/* try again as an IPv6 literal */ |
108 |
|
|
hints.ai_family = AF_INET6; |
109 |
|
|
if (getaddrinfo(h, p, &hints, &res0) != 0) { |
110 |
|
|
/* last try, with name resolution and save the error */ |
111 |
|
|
hints.ai_family = AF_UNSPEC; |
112 |
|
|
hints.ai_flags = AI_ADDRCONFIG; |
113 |
|
|
if ((s = getaddrinfo(h, p, &hints, &res0)) != 0) { |
114 |
|
|
tls_set_error(ctx, "%s", gai_strerror(s)); |
115 |
|
|
goto err; |
116 |
|
|
} |
117 |
|
|
} |
118 |
|
|
} |
119 |
|
|
|
120 |
|
|
/* It was resolved somehow; now try connecting to what we got */ |
121 |
|
|
s = -1; |
122 |
|
|
for (res = res0; res; res = res->ai_next) { |
123 |
|
|
s = socket(res->ai_family, res->ai_socktype, res->ai_protocol); |
124 |
|
|
if (s == -1) { |
125 |
|
|
tls_set_error(ctx, "socket"); |
126 |
|
|
continue; |
127 |
|
|
} |
128 |
|
|
if (connect(s, res->ai_addr, res->ai_addrlen) == -1) { |
129 |
|
|
tls_set_error(ctx, "connect"); |
130 |
|
|
close(s); |
131 |
|
|
s = -1; |
132 |
|
|
continue; |
133 |
|
|
} |
134 |
|
|
|
135 |
|
|
break; /* Connected. */ |
136 |
|
|
} |
137 |
|
|
freeaddrinfo(res0); |
138 |
|
|
|
139 |
|
|
if (s == -1) |
140 |
|
|
goto err; |
141 |
|
|
|
142 |
|
|
if (servername == NULL) |
143 |
|
|
servername = h; |
144 |
|
|
|
145 |
|
|
if (tls_connect_socket(ctx, s, servername) != 0) { |
146 |
|
|
close(s); |
147 |
|
|
goto err; |
148 |
|
|
} |
149 |
|
|
|
150 |
|
|
ctx->socket = s; |
151 |
|
|
|
152 |
|
|
rv = 0; |
153 |
|
|
|
154 |
|
|
err: |
155 |
|
|
free(hs); |
156 |
|
|
free(ps); |
157 |
|
|
|
158 |
|
|
return (rv); |
159 |
|
|
} |
160 |
|
|
|
161 |
|
|
static int |
162 |
|
|
tls_connect_common(struct tls *ctx, const char *servername) |
163 |
|
|
{ |
164 |
|
24 |
union tls_addr addrbuf; |
165 |
|
|
int rv = -1; |
166 |
|
|
|
167 |
✗✓ |
12 |
if ((ctx->flags & TLS_CLIENT) == 0) { |
168 |
|
|
tls_set_errorx(ctx, "not a client context"); |
169 |
|
|
goto err; |
170 |
|
|
} |
171 |
|
|
|
172 |
✓✗ |
12 |
if (servername != NULL) { |
173 |
✗✓ |
12 |
if ((ctx->servername = strdup(servername)) == NULL) { |
174 |
|
|
tls_set_errorx(ctx, "out of memory"); |
175 |
|
|
goto err; |
176 |
|
|
} |
177 |
|
|
} |
178 |
|
|
|
179 |
✗✓ |
12 |
if ((ctx->ssl_ctx = SSL_CTX_new(SSLv23_client_method())) == NULL) { |
180 |
|
|
tls_set_errorx(ctx, "ssl context failure"); |
181 |
|
|
goto err; |
182 |
|
|
} |
183 |
|
|
|
184 |
✓✗ |
12 |
if (tls_configure_ssl(ctx, ctx->ssl_ctx) != 0) |
185 |
|
|
goto err; |
186 |
|
|
|
187 |
✓✗ |
36 |
if (tls_configure_ssl_keypair(ctx, ctx->ssl_ctx, |
188 |
|
24 |
ctx->config->keypair, 0) != 0) |
189 |
|
|
goto err; |
190 |
|
|
|
191 |
✗✓ |
24 |
if (ctx->config->verify_name) { |
192 |
|
12 |
if (servername == NULL) { |
193 |
|
|
tls_set_errorx(ctx, "server name not specified"); |
194 |
|
|
goto err; |
195 |
|
|
} |
196 |
|
|
} |
197 |
|
|
|
198 |
✓✗ |
12 |
if (tls_configure_ssl_verify(ctx, ctx->ssl_ctx, SSL_VERIFY_PEER) == -1) |
199 |
|
|
goto err; |
200 |
|
|
|
201 |
✓✗ |
12 |
if (ctx->config->ecdhecurves != NULL) { |
202 |
✗✓ |
36 |
if (SSL_CTX_set1_groups(ctx->ssl_ctx, ctx->config->ecdhecurves, |
203 |
|
24 |
ctx->config->ecdhecurves_len) != 1) { |
204 |
|
|
tls_set_errorx(ctx, "failed to set ecdhe curves"); |
205 |
|
|
goto err; |
206 |
|
|
} |
207 |
|
|
} |
208 |
|
|
|
209 |
✗✓ |
12 |
if (SSL_CTX_set_tlsext_status_cb(ctx->ssl_ctx, tls_ocsp_verify_cb) != 1) { |
210 |
|
|
tls_set_errorx(ctx, "ssl OCSP verification setup failure"); |
211 |
|
|
goto err; |
212 |
|
|
} |
213 |
|
|
|
214 |
✗✓ |
12 |
if ((ctx->ssl_conn = SSL_new(ctx->ssl_ctx)) == NULL) { |
215 |
|
|
tls_set_errorx(ctx, "ssl connection failure"); |
216 |
|
|
goto err; |
217 |
|
|
} |
218 |
|
|
|
219 |
✗✓ |
12 |
if (SSL_set_app_data(ctx->ssl_conn, ctx) != 1) { |
220 |
|
|
tls_set_errorx(ctx, "ssl application data failure"); |
221 |
|
|
goto err; |
222 |
|
|
} |
223 |
|
|
|
224 |
✗✓ |
12 |
if (SSL_set_tlsext_status_type(ctx->ssl_conn, TLSEXT_STATUSTYPE_ocsp) != 1) { |
225 |
|
|
tls_set_errorx(ctx, "ssl OCSP extension setup failure"); |
226 |
|
|
goto err; |
227 |
|
|
} |
228 |
|
|
|
229 |
|
|
/* |
230 |
|
|
* RFC4366 (SNI): Literal IPv4 and IPv6 addresses are not |
231 |
|
|
* permitted in "HostName". |
232 |
|
|
*/ |
233 |
✓✗✓✗
|
24 |
if (servername != NULL && |
234 |
✓✗ |
12 |
inet_pton(AF_INET, servername, &addrbuf) != 1 && |
235 |
|
12 |
inet_pton(AF_INET6, servername, &addrbuf) != 1) { |
236 |
✗✓ |
12 |
if (SSL_set_tlsext_host_name(ctx->ssl_conn, servername) == 0) { |
237 |
|
|
tls_set_errorx(ctx, "server name indication failure"); |
238 |
|
|
goto err; |
239 |
|
|
} |
240 |
|
|
} |
241 |
|
|
|
242 |
|
12 |
ctx->state |= TLS_CONNECTED; |
243 |
|
12 |
rv = 0; |
244 |
|
|
|
245 |
|
|
err: |
246 |
|
12 |
return (rv); |
247 |
|
12 |
} |
248 |
|
|
|
249 |
|
|
int |
250 |
|
|
tls_connect_socket(struct tls *ctx, int s, const char *servername) |
251 |
|
|
{ |
252 |
|
6 |
return tls_connect_fds(ctx, s, s, servername); |
253 |
|
|
} |
254 |
|
|
|
255 |
|
|
int |
256 |
|
|
tls_connect_fds(struct tls *ctx, int fd_read, int fd_write, |
257 |
|
|
const char *servername) |
258 |
|
|
{ |
259 |
|
|
int rv = -1; |
260 |
|
|
|
261 |
✗✓ |
12 |
if (fd_read < 0 || fd_write < 0) { |
262 |
|
|
tls_set_errorx(ctx, "invalid file descriptors"); |
263 |
|
|
goto err; |
264 |
|
|
} |
265 |
|
|
|
266 |
✓✗ |
6 |
if (tls_connect_common(ctx, servername) != 0) |
267 |
|
|
goto err; |
268 |
|
|
|
269 |
✓✗✗✓
|
12 |
if (SSL_set_rfd(ctx->ssl_conn, fd_read) != 1 || |
270 |
|
6 |
SSL_set_wfd(ctx->ssl_conn, fd_write) != 1) { |
271 |
|
|
tls_set_errorx(ctx, "ssl file descriptor failure"); |
272 |
|
|
goto err; |
273 |
|
|
} |
274 |
|
|
|
275 |
|
6 |
rv = 0; |
276 |
|
|
err: |
277 |
|
6 |
return (rv); |
278 |
|
|
} |
279 |
|
|
|
280 |
|
|
int |
281 |
|
|
tls_connect_cbs(struct tls *ctx, tls_read_cb read_cb, |
282 |
|
|
tls_write_cb write_cb, void *cb_arg, const char *servername) |
283 |
|
|
{ |
284 |
|
|
int rv = -1; |
285 |
|
|
|
286 |
✓✗ |
12 |
if (tls_connect_common(ctx, servername) != 0) |
287 |
|
|
goto err; |
288 |
|
|
|
289 |
✓✗ |
6 |
if (tls_set_cbs(ctx, read_cb, write_cb, cb_arg) != 0) |
290 |
|
|
goto err; |
291 |
|
|
|
292 |
|
6 |
rv = 0; |
293 |
|
|
|
294 |
|
|
err: |
295 |
|
6 |
return (rv); |
296 |
|
|
} |
297 |
|
|
|
298 |
|
|
int |
299 |
|
|
tls_handshake_client(struct tls *ctx) |
300 |
|
|
{ |
301 |
|
|
X509 *cert = NULL; |
302 |
|
102 |
int match, ssl_ret; |
303 |
|
|
int rv = -1; |
304 |
|
|
|
305 |
✗✓ |
51 |
if ((ctx->flags & TLS_CLIENT) == 0) { |
306 |
|
|
tls_set_errorx(ctx, "not a client context"); |
307 |
|
|
goto err; |
308 |
|
|
} |
309 |
|
|
|
310 |
✓✓ |
51 |
if ((ctx->state & TLS_CONNECTED) == 0) { |
311 |
|
3 |
tls_set_errorx(ctx, "context not connected"); |
312 |
|
3 |
goto err; |
313 |
|
|
} |
314 |
|
|
|
315 |
|
48 |
ctx->state |= TLS_SSL_NEEDS_SHUTDOWN; |
316 |
|
|
|
317 |
|
48 |
ERR_clear_error(); |
318 |
✓✓ |
48 |
if ((ssl_ret = SSL_connect(ctx->ssl_conn)) != 1) { |
319 |
|
36 |
rv = tls_ssl_error(ctx, ctx->ssl_conn, ssl_ret, "handshake"); |
320 |
|
36 |
goto err; |
321 |
|
|
} |
322 |
|
|
|
323 |
✗✓ |
12 |
if (ctx->config->verify_name) { |
324 |
|
|
cert = SSL_get_peer_certificate(ctx->ssl_conn); |
325 |
|
|
if (cert == NULL) { |
326 |
|
|
tls_set_errorx(ctx, "no server certificate"); |
327 |
|
|
goto err; |
328 |
|
|
} |
329 |
|
|
if (tls_check_name(ctx, cert, ctx->servername, &match) == -1) |
330 |
|
|
goto err; |
331 |
|
|
if (!match) { |
332 |
|
|
tls_set_errorx(ctx, "name `%s' not present in" |
333 |
|
|
" server certificate", ctx->servername); |
334 |
|
|
goto err; |
335 |
|
|
} |
336 |
|
|
} |
337 |
|
|
|
338 |
|
12 |
ctx->state |= TLS_HANDSHAKE_COMPLETE; |
339 |
|
12 |
rv = 0; |
340 |
|
|
|
341 |
|
|
err: |
342 |
|
51 |
X509_free(cert); |
343 |
|
|
|
344 |
|
51 |
return (rv); |
345 |
|
51 |
} |