6 * DEBUG: section 83 SSL accelerator support
8 * SQUID Internet Object Cache http://squid.nlanr.net/Squid/
9 * ----------------------------------------------------------
11 * Squid is the result of efforts by numerous individuals from the
12 * Internet community. Development is led by Duane Wessels of the
13 * National Laboratory for Applied Network Research and funded by the
14 * National Science Foundation. Squid is Copyrighted (C) 1998 by
15 * Duane Wessels and the University of California San Diego. Please
16 * see the COPYRIGHT file for full details. Squid incorporates
17 * software developed and/or copyrighted by other sources. Please see
18 * the CREDITS file for full details.
20 * This program is free software; you can redistribute it and/or modify
21 * it under the terms of the GNU General Public License as published by
22 * the Free Software Foundation; either version 2 of the License, or
23 * (at your option) any later version.
25 * This program is distributed in the hope that it will be useful,
26 * but WITHOUT ANY WARRANTY; without even the implied warranty of
27 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
28 * GNU General Public License for more details.
30 * You should have received a copy of the GNU General Public License
31 * along with this program; if not, write to the Free Software
32 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
36 #include "squid-old.h"
38 /* MS Visual Studio Projects are monolithic, so we need the following
39 * #if to exclude the SSL code from compile process when not needed.
44 #include "acl/FilledChecklist.h"
45 #include "ssl/ErrorDetail.h"
46 #include "ssl/support.h"
47 #include "ssl/gadgets.h"
49 const char *Ssl::BumpModeStr
[] = {
57 \defgroup ServerProtocolSSLInternal Server-Side SSL Internals
58 \ingroup ServerProtocolSSLAPI
61 /// \ingroup ServerProtocolSSLInternal
63 ssl_ask_password_cb(char *buf
, int size
, int rwflag
, void *userdata
)
69 snprintf(cmdline
, sizeof(cmdline
), "\"%s\" \"%s\"", Config
.Program
.ssl_password
, (const char *)userdata
);
70 in
= popen(cmdline
, "r");
72 if (fgets(buf
, size
, in
))
76 while (len
> 0 && (buf
[len
- 1] == '\n' || buf
[len
- 1] == '\r'))
87 /// \ingroup ServerProtocolSSLInternal
89 ssl_ask_password(SSL_CTX
* context
, const char * prompt
)
91 if (Config
.Program
.ssl_password
) {
92 SSL_CTX_set_default_passwd_cb(context
, ssl_ask_password_cb
);
93 SSL_CTX_set_default_passwd_cb_userdata(context
, (void *)prompt
);
97 /// \ingroup ServerProtocolSSLInternal
99 ssl_temp_rsa_cb(SSL
* ssl
, int anInt
, int keylen
)
101 static RSA
*rsa_512
= NULL
;
102 static RSA
*rsa_1024
= NULL
;
111 rsa_512
= RSA_generate_key(512, RSA_F4
, NULL
, NULL
);
121 rsa_1024
= RSA_generate_key(1024, RSA_F4
, NULL
, NULL
);
129 debugs(83, 1, "ssl_temp_rsa_cb: Unexpected key length " << keylen
);
134 debugs(83, 1, "ssl_temp_rsa_cb: Failed to generate key " << keylen
);
140 PEM_write_RSAPrivateKey(debug_log
, rsa
, NULL
, NULL
, 0, NULL
, NULL
);
142 debugs(83, 1, "Generated ephemeral RSA key of length " << keylen
);
148 int Ssl::asn1timeToString(ASN1_TIME
*tm
, char *buf
, int len
)
152 bio
= BIO_new(BIO_s_mem());
154 if (ASN1_TIME_print(bio
, tm
))
155 write
= BIO_read(bio
, buf
, len
-1);
162 int Ssl::matchX509CommonNames(X509
*peer_cert
, void *check_data
, int (*check_func
)(void *check_data
, ASN1_STRING
*cn_data
))
166 X509_NAME
*name
= X509_get_subject_name(peer_cert
);
168 for (int i
= X509_NAME_get_index_by_NID(name
, NID_commonName
, -1); i
>= 0; i
= X509_NAME_get_index_by_NID(name
, NID_commonName
, i
)) {
170 ASN1_STRING
*cn_data
= X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name
, i
));
172 if ( (*check_func
)(check_data
, cn_data
) == 0)
176 STACK_OF(GENERAL_NAME
) * altnames
;
177 altnames
= (STACK_OF(GENERAL_NAME
)*)X509_get_ext_d2i(peer_cert
, NID_subject_alt_name
, NULL
, NULL
);
180 int numalts
= sk_GENERAL_NAME_num(altnames
);
181 for (int i
= 0; i
< numalts
; i
++) {
182 const GENERAL_NAME
*check
= sk_GENERAL_NAME_value(altnames
, i
);
183 if (check
->type
!= GEN_DNS
) {
186 ASN1_STRING
*cn_data
= check
->d
.dNSName
;
188 if ( (*check_func
)(check_data
, cn_data
) == 0)
191 sk_GENERAL_NAME_pop_free(altnames
, GENERAL_NAME_free
);
196 static int check_domain( void *check_data
, ASN1_STRING
*cn_data
)
199 const char *server
= (const char *)check_data
;
201 if (cn_data
->length
> (int)sizeof(cn
) - 1) {
202 return 1; //if does not fit our buffer just ignore
204 memcpy(cn
, cn_data
->data
, cn_data
->length
);
205 cn
[cn_data
->length
] = '\0';
206 debugs(83, 4, "Verifying server domain " << server
<< " to certificate name/subjectAltName " << cn
);
207 return matchDomainName(server
, cn
[0] == '*' ? cn
+ 1 : cn
);
210 bool Ssl::checkX509ServerValidity(X509
*cert
, const char *server
)
212 return matchX509CommonNames(cert
, (void *)server
, check_domain
);
215 /// \ingroup ServerProtocolSSLInternal
217 ssl_verify_cb(int ok
, X509_STORE_CTX
* ctx
)
219 // preserve original ctx->error before SSL_ calls can overwrite it
220 Ssl::ssl_error_t error_no
= ok
? SSL_ERROR_NONE
: ctx
->error
;
222 char buffer
[256] = "";
223 SSL
*ssl
= (SSL
*)X509_STORE_CTX_get_ex_data(ctx
, SSL_get_ex_data_X509_STORE_CTX_idx());
224 SSL_CTX
*sslctx
= SSL_get_SSL_CTX(ssl
);
225 const char *server
= (const char *)SSL_get_ex_data(ssl
, ssl_ex_index_server
);
226 void *dont_verify_domain
= SSL_CTX_get_ex_data(sslctx
, ssl_ctx_ex_index_dont_verify_domain
);
227 ACLChecklist
*check
= (ACLChecklist
*)SSL_get_ex_data(ssl
, ssl_ex_index_cert_error_check
);
228 X509
*peeked_cert
= (X509
*)SSL_get_ex_data(ssl
, ssl_ex_index_ssl_peeked_cert
);
229 X509
*peer_cert
= ctx
->cert
;
231 X509_NAME_oneline(X509_get_subject_name(peer_cert
), buffer
,
235 debugs(83, 5, "SSL Certificate signature OK: " << buffer
);
238 if (!Ssl::checkX509ServerValidity(peer_cert
, server
)) {
239 debugs(83, 2, "SQUID_X509_V_ERR_DOMAIN_MISMATCH: Certificate " << buffer
<< " does not match domainname " << server
);
241 error_no
= SQUID_X509_V_ERR_DOMAIN_MISMATCH
;
246 if (ok
&& peeked_cert
) {
247 // Check whether the already peeked certificate matches the new one.
248 if (X509_cmp(peer_cert
, peeked_cert
) != 0) {
249 debugs(83, 2, "SQUID_X509_V_ERR_CERT_CHANGE: Certificate " << buffer
<< " does not match peeked certificate");
251 error_no
= SQUID_X509_V_ERR_CERT_CHANGE
;
256 Ssl::Errors
*errs
= static_cast<Ssl::Errors
*>(SSL_get_ex_data(ssl
, ssl_ex_index_ssl_errors
));
258 errs
= new Ssl::Errors(error_no
);
259 if (!SSL_set_ex_data(ssl
, ssl_ex_index_ssl_errors
, (void *)errs
)) {
260 debugs(83, 2, "Failed to set ssl error_no in ssl_verify_cb: Certificate " << buffer
);
264 } else // remember another error number
265 errs
->push_back_unique(error_no
);
267 if (const char *err_descr
= Ssl::GetErrorDescr(error_no
))
268 debugs(83, 5, err_descr
<< ": " << buffer
);
270 debugs(83, DBG_IMPORTANT
, "SSL unknown certificate error " << error_no
<< " in " << buffer
);
273 ACLFilledChecklist
*filledCheck
= Filled(check
);
274 assert(!filledCheck
->sslErrors
);
275 filledCheck
->sslErrors
= new Ssl::Errors(error_no
);
276 if (check
->fastCheck() == ACCESS_ALLOWED
) {
277 debugs(83, 3, "bypassing SSL error " << error_no
<< " in " << buffer
);
280 debugs(83, 5, "confirming SSL error " << error_no
);
282 delete filledCheck
->sslErrors
;
283 filledCheck
->sslErrors
= NULL
;
287 if (!dont_verify_domain
&& server
) {}
289 if (!ok
&& !SSL_get_ex_data(ssl
, ssl_ex_index_ssl_error_detail
) ) {
291 // Find the broken certificate. It may be intermediate.
292 X509
*broken_cert
= peer_cert
; // reasonable default if search fails
293 // Our SQUID_X509_V_ERR_DOMAIN_MISMATCH implies peer_cert is at fault.
294 if (error_no
!= SQUID_X509_V_ERR_DOMAIN_MISMATCH
) {
295 if (X509
*last_used_cert
= X509_STORE_CTX_get_current_cert(ctx
))
296 broken_cert
= last_used_cert
;
299 Ssl::ErrorDetail
*errDetail
=
300 new Ssl::ErrorDetail(error_no
, peer_cert
, broken_cert
);
302 if (!SSL_set_ex_data(ssl
, ssl_ex_index_ssl_error_detail
, errDetail
)) {
303 debugs(83, 2, "Failed to set Ssl::ErrorDetail in ssl_verify_cb: Certificate " << buffer
);
311 /// \ingroup ServerProtocolSSLInternal
312 static struct ssl_option
{
319 #if SSL_OP_MICROSOFT_SESS_ID_BUG
321 "MICROSOFT_SESS_ID_BUG", SSL_OP_MICROSOFT_SESS_ID_BUG
324 #if SSL_OP_NETSCAPE_CHALLENGE_BUG
326 "NETSCAPE_CHALLENGE_BUG", SSL_OP_NETSCAPE_CHALLENGE_BUG
329 #if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
331 "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
334 #if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
336 "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
339 #if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
341 "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
344 #if SSL_OP_MSIE_SSLV2_RSA_PADDING
346 "MSIE_SSLV2_RSA_PADDING", SSL_OP_MSIE_SSLV2_RSA_PADDING
349 #if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
351 "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
354 #if SSL_OP_TLS_D5_BUG
356 "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
359 #if SSL_OP_TLS_BLOCK_PADDING_BUG
361 "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
364 #if SSL_OP_TLS_ROLLBACK_BUG
366 "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
371 "ALL", (long)SSL_OP_ALL
374 #if SSL_OP_SINGLE_DH_USE
376 "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
379 #if SSL_OP_EPHEMERAL_RSA
381 "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
384 #if SSL_OP_PKCS1_CHECK_1
386 "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
389 #if SSL_OP_PKCS1_CHECK_2
391 "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
394 #if SSL_OP_NETSCAPE_CA_DN_BUG
396 "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
399 #if SSL_OP_NON_EXPORT_FIRST
401 "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
404 #if SSL_OP_CIPHER_SERVER_PREFERENCE
406 "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
409 #if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
411 "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
416 "NO_SSLv2", SSL_OP_NO_SSLv2
421 "NO_SSLv3", SSL_OP_NO_SSLv3
426 "NO_TLSv1", SSL_OP_NO_TLSv1
429 #if SSL_OP_NO_TLSv1_1
431 "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
434 #if SSL_OP_NO_TLSv1_2
436 "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
447 /// \ingroup ServerProtocolSSLInternal
449 ssl_parse_options(const char *options
)
458 tmp
= xstrdup(options
);
460 option
= strtok(tmp
, ":,");
464 struct ssl_option
*opt
= NULL
, *opttmp
;
467 MODE_ADD
, MODE_REMOVE
489 for (opttmp
= ssl_options
; opttmp
->name
; opttmp
++) {
490 if (strcmp(opttmp
->name
, option
) == 0) {
498 else if (strncmp(option
, "0x", 2) == 0) {
499 /* Special case.. hex specification */
500 value
= strtol(option
+ 2, NULL
, 16);
502 fatalf("Unknown SSL option '%s'", option
);
503 value
= 0; /* Keep GCC happy */
517 option
= strtok(NULL
, ":,");
526 /// \ingroup ServerProtocolSSLInternal
527 #define SSL_FLAG_NO_DEFAULT_CA (1<<0)
528 /// \ingroup ServerProtocolSSLInternal
529 #define SSL_FLAG_DELAYED_AUTH (1<<1)
530 /// \ingroup ServerProtocolSSLInternal
531 #define SSL_FLAG_DONT_VERIFY_PEER (1<<2)
532 /// \ingroup ServerProtocolSSLInternal
533 #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3)
534 /// \ingroup ServerProtocolSSLInternal
535 #define SSL_FLAG_NO_SESSION_REUSE (1<<4)
536 /// \ingroup ServerProtocolSSLInternal
537 #define SSL_FLAG_VERIFY_CRL (1<<5)
538 /// \ingroup ServerProtocolSSLInternal
539 #define SSL_FLAG_VERIFY_CRL_ALL (1<<6)
541 /// \ingroup ServerProtocolSSLInternal
543 ssl_parse_flags(const char *flags
)
552 tmp
= xstrdup(flags
);
554 flag
= strtok(tmp
, ":,");
557 if (strcmp(flag
, "NO_DEFAULT_CA") == 0)
558 fl
|= SSL_FLAG_NO_DEFAULT_CA
;
559 else if (strcmp(flag
, "DELAYED_AUTH") == 0)
560 fl
|= SSL_FLAG_DELAYED_AUTH
;
561 else if (strcmp(flag
, "DONT_VERIFY_PEER") == 0)
562 fl
|= SSL_FLAG_DONT_VERIFY_PEER
;
563 else if (strcmp(flag
, "DONT_VERIFY_DOMAIN") == 0)
564 fl
|= SSL_FLAG_DONT_VERIFY_DOMAIN
;
565 else if (strcmp(flag
, "NO_SESSION_REUSE") == 0)
566 fl
|= SSL_FLAG_NO_SESSION_REUSE
;
568 #if X509_V_FLAG_CRL_CHECK
570 else if (strcmp(flag
, "VERIFY_CRL") == 0)
571 fl
|= SSL_FLAG_VERIFY_CRL
;
572 else if (strcmp(flag
, "VERIFY_CRL_ALL") == 0)
573 fl
|= SSL_FLAG_VERIFY_CRL_ALL
;
578 fatalf("Unknown ssl flag '%s'", flag
);
580 flag
= strtok(NULL
, ":,");
587 // "dup" function for SSL_get_ex_new_index("cert_err_check")
589 ssl_dupAclChecklist(CRYPTO_EX_DATA
*, CRYPTO_EX_DATA
*, void *,
592 // We do not support duplication of ACLCheckLists.
593 // If duplication is needed, we can count copies with cbdata.
598 // "free" function for SSL_get_ex_new_index("cert_err_check")
600 ssl_freeAclChecklist(void *, void *ptr
, CRYPTO_EX_DATA
*,
603 delete static_cast<ACLChecklist
*>(ptr
); // may be NULL
606 // "free" function for SSL_get_ex_new_index("ssl_error_detail")
608 ssl_free_ErrorDetail(void *, void *ptr
, CRYPTO_EX_DATA
*,
611 Ssl::ErrorDetail
*errDetail
= static_cast <Ssl::ErrorDetail
*>(ptr
);
616 ssl_free_SslErrors(void *, void *ptr
, CRYPTO_EX_DATA
*,
619 Ssl::Errors
*errs
= static_cast <Ssl::Errors
*>(ptr
);
623 // "free" function for X509 certificates
625 ssl_free_X509(void *, void *ptr
, CRYPTO_EX_DATA
*,
628 X509
*cert
= static_cast <X509
*>(ptr
);
632 /// \ingroup ServerProtocolSSLInternal
636 static int ssl_initialized
= 0;
638 if (!ssl_initialized
) {
640 SSL_load_error_strings();
641 SSLeay_add_ssl_algorithms();
642 #if HAVE_OPENSSL_ENGINE_H
644 if (Config
.SSL
.ssl_engine
) {
647 if (!(e
= ENGINE_by_id(Config
.SSL
.ssl_engine
))) {
648 fatalf("Unable to find SSL engine '%s'\n", Config
.SSL
.ssl_engine
);
651 if (!ENGINE_set_default(e
, ENGINE_METHOD_ALL
)) {
652 int ssl_error
= ERR_get_error();
653 fatalf("Failed to initialise SSL engine: %s\n",
654 ERR_error_string(ssl_error
, NULL
));
659 if (Config
.SSL
.ssl_engine
) {
660 fatalf("Your OpenSSL has no SSL engine support\n");
667 ssl_ex_index_server
= SSL_get_ex_new_index(0, (void *) "server", NULL
, NULL
, NULL
);
668 ssl_ctx_ex_index_dont_verify_domain
= SSL_CTX_get_ex_new_index(0, (void *) "dont_verify_domain", NULL
, NULL
, NULL
);
669 ssl_ex_index_cert_error_check
= SSL_get_ex_new_index(0, (void *) "cert_error_check", NULL
, &ssl_dupAclChecklist
, &ssl_freeAclChecklist
);
670 ssl_ex_index_ssl_error_detail
= SSL_get_ex_new_index(0, (void *) "ssl_error_detail", NULL
, NULL
, &ssl_free_ErrorDetail
);
671 ssl_ex_index_ssl_peeked_cert
= SSL_get_ex_new_index(0, (void *) "ssl_peeked_cert", NULL
, NULL
, &ssl_free_X509
);
672 ssl_ex_index_ssl_errors
= SSL_get_ex_new_index(0, (void *) "ssl_errors", NULL
, NULL
, &ssl_free_SslErrors
);
675 /// \ingroup ServerProtocolSSLInternal
677 ssl_load_crl(SSL_CTX
*sslContext
, const char *CRLfile
)
679 X509_STORE
*st
= SSL_CTX_get_cert_store(sslContext
);
681 BIO
*in
= BIO_new_file(CRLfile
, "r");
685 debugs(83, 2, "WARNING: Failed to open CRL file '" << CRLfile
<< "'");
689 while ((crl
= PEM_read_bio_X509_CRL(in
,NULL
,NULL
,NULL
))) {
690 if (!X509_STORE_add_crl(st
, crl
))
691 debugs(83, 2, "WARNING: Failed to add CRL from file '" << CRLfile
<< "'");
703 sslCreateServerContext(const char *certfile
, const char *keyfile
, int version
, const char *cipher
, const char *options
, const char *flags
, const char *clientCA
, const char *CAfile
, const char *CApath
, const char *CRLfile
, const char *dhfile
, const char *context
)
706 #if OPENSSL_VERSION_NUMBER < 0x00909000L
709 const SSL_METHOD
*method
;
712 long fl
= ssl_parse_flags(flags
);
726 debugs(83, DBG_CRITICAL
, "ERROR: No certificate file");
733 #ifndef OPENSSL_NO_SSL2
734 debugs(83, 5, "Using SSLv2.");
735 method
= SSLv2_server_method();
737 debugs(83, DBG_IMPORTANT
, "SSLv2 is not available in this Proxy.");
743 debugs(83, 5, "Using SSLv3.");
744 method
= SSLv3_server_method();
748 debugs(83, 5, "Using TLSv1.");
749 method
= TLSv1_server_method();
753 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
754 debugs(83, 5, "Using TLSv1.1.");
755 method
= TLSv1_1_server_method();
757 debugs(83, DBG_IMPORTANT
, "TLSv1.1 is not available in this Proxy.");
763 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
764 debugs(83, 5, "Using TLSv1.2");
765 method
= TLSv1_2_server_method();
767 debugs(83, DBG_IMPORTANT
, "TLSv1.2 is not available in this Proxy.");
775 debugs(83, 5, "Using SSLv2/SSLv3.");
776 method
= SSLv23_server_method();
780 sslContext
= SSL_CTX_new(method
);
782 if (sslContext
== NULL
) {
783 ssl_error
= ERR_get_error();
784 debugs(83, DBG_CRITICAL
, "ERROR: Failed to allocate SSL context: " << ERR_error_string(ssl_error
, NULL
));
788 SSL_CTX_set_options(sslContext
, ssl_parse_options(options
));
790 if (context
&& *context
) {
791 SSL_CTX_set_session_id_context(sslContext
, (const unsigned char *)context
, strlen(context
));
794 if (fl
& SSL_FLAG_NO_SESSION_REUSE
) {
795 SSL_CTX_set_session_cache_mode(sslContext
, SSL_SESS_CACHE_OFF
);
798 if (Config
.SSL
.unclean_shutdown
) {
799 debugs(83, 5, "Enabling quiet SSL shutdowns (RFC violation).");
801 SSL_CTX_set_quiet_shutdown(sslContext
, 1);
805 debugs(83, 5, "Using chiper suite " << cipher
<< ".");
807 if (!SSL_CTX_set_cipher_list(sslContext
, cipher
)) {
808 ssl_error
= ERR_get_error();
809 debugs(83, DBG_CRITICAL
, "ERROR: Failed to set SSL cipher suite '" << cipher
<< "': " << ERR_error_string(ssl_error
, NULL
));
810 SSL_CTX_free(sslContext
);
815 debugs(83, DBG_IMPORTANT
, "Using certificate in " << certfile
);
817 if (!SSL_CTX_use_certificate_chain_file(sslContext
, certfile
)) {
818 ssl_error
= ERR_get_error();
819 debugs(83, DBG_CRITICAL
, "ERROR: Failed to acquire SSL certificate '" << certfile
<< "': " << ERR_error_string(ssl_error
, NULL
));
820 SSL_CTX_free(sslContext
);
824 debugs(83, DBG_IMPORTANT
, "Using private key in " << keyfile
);
825 ssl_ask_password(sslContext
, keyfile
);
827 if (!SSL_CTX_use_PrivateKey_file(sslContext
, keyfile
, SSL_FILETYPE_PEM
)) {
828 ssl_error
= ERR_get_error();
829 debugs(83, DBG_CRITICAL
, "ERROR: Failed to acquire SSL private key '" << keyfile
<< "': " << ERR_error_string(ssl_error
, NULL
));
830 SSL_CTX_free(sslContext
);
834 debugs(83, 5, "Comparing private and public SSL keys.");
836 if (!SSL_CTX_check_private_key(sslContext
)) {
837 ssl_error
= ERR_get_error();
838 debugs(83, DBG_CRITICAL
, "ERROR: SSL private key '" << certfile
<< "' does not match public key '" <<
839 keyfile
<< "': " << ERR_error_string(ssl_error
, NULL
));
840 SSL_CTX_free(sslContext
);
844 debugs(83, 9, "Setting RSA key generation callback.");
845 SSL_CTX_set_tmp_rsa_callback(sslContext
, ssl_temp_rsa_cb
);
847 debugs(83, 9, "Setting CA certificate locations.");
849 if ((CAfile
|| CApath
) && !SSL_CTX_load_verify_locations(sslContext
, CAfile
, CApath
)) {
850 ssl_error
= ERR_get_error();
851 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error
, NULL
));
854 if (!(fl
& SSL_FLAG_NO_DEFAULT_CA
) &&
855 !SSL_CTX_set_default_verify_paths(sslContext
)) {
856 ssl_error
= ERR_get_error();
857 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting default CA certificate location: " << ERR_error_string(ssl_error
, NULL
));
861 STACK_OF(X509_NAME
) *cert_names
;
862 debugs(83, 9, "Set client certifying authority list.");
863 cert_names
= SSL_load_client_CA_file(clientCA
);
865 if (cert_names
== NULL
) {
866 debugs(83, DBG_IMPORTANT
, "ERROR: loading the client CA certificates from '" << clientCA
<< "\': " << ERR_error_string(ERR_get_error(),NULL
));
867 SSL_CTX_free(sslContext
);
872 SSL_CTX_set_client_CA_list(sslContext
, cert_names
);
874 if (fl
& SSL_FLAG_DELAYED_AUTH
) {
875 debugs(83, 9, "Not requesting client certificates until acl processing requires one");
876 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
878 debugs(83, 9, "Requiring client certificates.");
879 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
, ssl_verify_cb
);
883 ssl_load_crl(sslContext
, CRLfile
);
884 fl
|= SSL_FLAG_VERIFY_CRL
;
887 #if X509_V_FLAG_CRL_CHECK
888 if (fl
& SSL_FLAG_VERIFY_CRL_ALL
)
889 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
|X509_V_FLAG_CRL_CHECK_ALL
);
890 else if (fl
& SSL_FLAG_VERIFY_CRL
)
891 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
);
896 debugs(83, 9, "Not requiring any client certificates");
897 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
901 FILE *in
= fopen(dhfile
, "r");
906 dh
= PEM_read_DHparams(in
, NULL
, NULL
, NULL
);
911 debugs(83, DBG_IMPORTANT
, "WARNING: Failed to read DH parameters '" << dhfile
<< "'");
912 else if (dh
&& DH_check(dh
, &codes
) == 0) {
914 debugs(83, DBG_IMPORTANT
, "WARNING: Failed to verify DH parameters '" << dhfile
<< "' (" << std::hex
<< codes
<< ")");
921 SSL_CTX_set_tmp_dh(sslContext
, dh
);
924 if (fl
& SSL_FLAG_DONT_VERIFY_DOMAIN
)
925 SSL_CTX_set_ex_data(sslContext
, ssl_ctx_ex_index_dont_verify_domain
, (void *) -1);
931 sslCreateClientContext(const char *certfile
, const char *keyfile
, int version
, const char *cipher
, const char *options
, const char *flags
, const char *CAfile
, const char *CApath
, const char *CRLfile
)
934 #if OPENSSL_VERSION_NUMBER < 0x00909000L
937 const SSL_METHOD
*method
;
940 long fl
= ssl_parse_flags(flags
);
953 #ifndef OPENSSL_NO_SSL2
954 debugs(83, 5, "Using SSLv2.");
955 method
= SSLv2_client_method();
957 debugs(83, DBG_IMPORTANT
, "SSLv2 is not available in this Proxy.");
963 debugs(83, 5, "Using SSLv3.");
964 method
= SSLv3_client_method();
968 debugs(83, 5, "Using TLSv1.");
969 method
= TLSv1_client_method();
973 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
974 debugs(83, 5, "Using TLSv1.1.");
975 method
= TLSv1_1_client_method();
977 debugs(83, DBG_IMPORTANT
, "TLSv1.1 is not available in this Proxy.");
983 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
984 debugs(83, 5, "Using TLSv1.2");
985 method
= TLSv1_2_client_method();
987 debugs(83, DBG_IMPORTANT
, "TLSv1.2 is not available in this Proxy.");
995 debugs(83, 5, "Using SSLv2/SSLv3.");
996 method
= SSLv23_client_method();
1000 sslContext
= SSL_CTX_new(method
);
1002 if (sslContext
== NULL
) {
1003 ssl_error
= ERR_get_error();
1004 fatalf("Failed to allocate SSL context: %s\n",
1005 ERR_error_string(ssl_error
, NULL
));
1008 SSL_CTX_set_options(sslContext
, ssl_parse_options(options
));
1011 debugs(83, 5, "Using chiper suite " << cipher
<< ".");
1013 if (!SSL_CTX_set_cipher_list(sslContext
, cipher
)) {
1014 ssl_error
= ERR_get_error();
1015 fatalf("Failed to set SSL cipher suite '%s': %s\n",
1016 cipher
, ERR_error_string(ssl_error
, NULL
));
1021 debugs(83, 1, "Using certificate in " << certfile
);
1023 if (!SSL_CTX_use_certificate_chain_file(sslContext
, certfile
)) {
1024 ssl_error
= ERR_get_error();
1025 fatalf("Failed to acquire SSL certificate '%s': %s\n",
1026 certfile
, ERR_error_string(ssl_error
, NULL
));
1029 debugs(83, 1, "Using private key in " << keyfile
);
1030 ssl_ask_password(sslContext
, keyfile
);
1032 if (!SSL_CTX_use_PrivateKey_file(sslContext
, keyfile
, SSL_FILETYPE_PEM
)) {
1033 ssl_error
= ERR_get_error();
1034 fatalf("Failed to acquire SSL private key '%s': %s\n",
1035 keyfile
, ERR_error_string(ssl_error
, NULL
));
1038 debugs(83, 5, "Comparing private and public SSL keys.");
1040 if (!SSL_CTX_check_private_key(sslContext
)) {
1041 ssl_error
= ERR_get_error();
1042 fatalf("SSL private key '%s' does not match public key '%s': %s\n",
1043 certfile
, keyfile
, ERR_error_string(ssl_error
, NULL
));
1047 debugs(83, 9, "Setting RSA key generation callback.");
1048 SSL_CTX_set_tmp_rsa_callback(sslContext
, ssl_temp_rsa_cb
);
1050 if (fl
& SSL_FLAG_DONT_VERIFY_PEER
) {
1051 debugs(83, 2, "NOTICE: Peer certificates are not verified for validity!");
1052 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
1054 debugs(83, 9, "Setting certificate verification callback.");
1055 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
, ssl_verify_cb
);
1058 debugs(83, 9, "Setting CA certificate locations.");
1060 if ((CAfile
|| CApath
) && !SSL_CTX_load_verify_locations(sslContext
, CAfile
, CApath
)) {
1061 ssl_error
= ERR_get_error();
1062 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error
, NULL
));
1066 ssl_load_crl(sslContext
, CRLfile
);
1067 fl
|= SSL_FLAG_VERIFY_CRL
;
1070 #if X509_V_FLAG_CRL_CHECK
1071 if (fl
& SSL_FLAG_VERIFY_CRL_ALL
)
1072 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
|X509_V_FLAG_CRL_CHECK_ALL
);
1073 else if (fl
& SSL_FLAG_VERIFY_CRL
)
1074 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
);
1078 if (!(fl
& SSL_FLAG_NO_DEFAULT_CA
) &&
1079 !SSL_CTX_set_default_verify_paths(sslContext
)) {
1080 ssl_error
= ERR_get_error();
1081 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting default CA certificate location: " << ERR_error_string(ssl_error
, NULL
));
1087 /// \ingroup ServerProtocolSSLInternal
1089 ssl_read_method(int fd
, char *buf
, int len
)
1091 SSL
*ssl
= fd_table
[fd
].ssl
;
1096 if (!SSL_is_init_finished(ssl
)) {
1103 i
= SSL_read(ssl
, buf
, len
);
1105 if (i
> 0 && SSL_pending(ssl
) > 0) {
1106 debugs(83, 2, "SSL FD " << fd
<< " is pending");
1107 fd_table
[fd
].flags
.read_pending
= 1;
1109 fd_table
[fd
].flags
.read_pending
= 0;
1114 /// \ingroup ServerProtocolSSLInternal
1116 ssl_write_method(int fd
, const char *buf
, int len
)
1118 SSL
*ssl
= fd_table
[fd
].ssl
;
1121 if (!SSL_is_init_finished(ssl
)) {
1126 i
= SSL_write(ssl
, buf
, len
);
1132 ssl_shutdown_method(SSL
*ssl
)
1137 /// \ingroup ServerProtocolSSLInternal
1139 ssl_get_attribute(X509_NAME
* name
, const char *attribute_name
)
1141 static char buffer
[1024];
1146 if (strcmp(attribute_name
, "DN") == 0) {
1147 X509_NAME_oneline(name
, buffer
, sizeof(buffer
));
1151 nid
= OBJ_txt2nid((char *) attribute_name
);
1154 debugs(83, 1, "WARNING: Unknown SSL attribute name '" << attribute_name
<< "'");
1158 X509_NAME_get_text_by_NID(name
, nid
, buffer
, sizeof(buffer
));
1161 return *buffer
? buffer
: NULL
;
1164 /// \ingroup ServerProtocolSSLInternal
1166 sslGetUserAttribute(SSL
* ssl
, const char *attribute_name
)
1175 cert
= SSL_get_peer_certificate(ssl
);
1180 name
= X509_get_subject_name(cert
);
1182 ret
= ssl_get_attribute(name
, attribute_name
);
1189 /// \ingroup ServerProtocolSSLInternal
1191 sslGetCAAttribute(SSL
* ssl
, const char *attribute_name
)
1200 cert
= SSL_get_peer_certificate(ssl
);
1205 name
= X509_get_issuer_name(cert
);
1207 ret
= ssl_get_attribute(name
, attribute_name
);
1215 sslGetUserEmail(SSL
* ssl
)
1217 return sslGetUserAttribute(ssl
, "emailAddress");
1221 sslGetUserCertificatePEM(SSL
*ssl
)
1225 static char *str
= NULL
;
1234 cert
= SSL_get_peer_certificate(ssl
);
1239 mem
= BIO_new(BIO_s_mem());
1241 PEM_write_bio_X509(mem
, cert
);
1244 len
= BIO_get_mem_data(mem
, &ptr
);
1246 str
= (char *)xmalloc(len
+ 1);
1248 memcpy(str
, ptr
, len
);
1260 sslGetUserCertificateChainPEM(SSL
*ssl
)
1262 STACK_OF(X509
) *chain
;
1264 static char *str
= NULL
;
1274 chain
= SSL_get_peer_cert_chain(ssl
);
1277 return sslGetUserCertificatePEM(ssl
);
1279 mem
= BIO_new(BIO_s_mem());
1281 for (i
= 0; i
< sk_X509_num(chain
); i
++) {
1282 X509
*cert
= sk_X509_value(chain
, i
);
1283 PEM_write_bio_X509(mem
, cert
);
1286 len
= BIO_get_mem_data(mem
, &ptr
);
1288 str
= (char *)xmalloc(len
+ 1);
1289 memcpy(str
, ptr
, len
);
1297 /// \ingroup ServerProtocolSSLInternal
1298 /// Create SSL context and apply ssl certificate and private key to it.
1299 static SSL_CTX
* createSSLContext(Ssl::X509_Pointer
& x509
, Ssl::EVP_PKEY_Pointer
& pkey
)
1301 Ssl::SSL_CTX_Pointer
sslContext(SSL_CTX_new(SSLv23_server_method()));
1303 if (!SSL_CTX_use_certificate(sslContext
.get(), x509
.get()))
1306 if (!SSL_CTX_use_PrivateKey(sslContext
.get(), pkey
.get()))
1308 return sslContext
.release();
1311 SSL_CTX
* Ssl::generateSslContextUsingPkeyAndCertFromMemory(const char * data
)
1313 Ssl::X509_Pointer cert
;
1314 Ssl::EVP_PKEY_Pointer pkey
;
1315 if (!readCertAndPrivateKeyFromMemory(cert
, pkey
, data
))
1321 return createSSLContext(cert
, pkey
);
1324 SSL_CTX
* Ssl::generateSslContext(CertificateProperties
const &properties
)
1326 Ssl::X509_Pointer cert
;
1327 Ssl::EVP_PKEY_Pointer pkey
;
1328 if (!generateSslCertificate(cert
, pkey
, properties
))
1337 return createSSLContext(cert
, pkey
);
1340 bool Ssl::verifySslCertificate(SSL_CTX
* sslContext
, CertificateProperties
const &properties
)
1342 // Temporary ssl for getting X509 certificate from SSL_CTX.
1343 Ssl::SSL_Pointer
ssl(SSL_new(sslContext
));
1344 X509
* cert
= SSL_get_certificate(ssl
.get());
1345 ASN1_TIME
* time_notBefore
= X509_get_notBefore(cert
);
1346 ASN1_TIME
* time_notAfter
= X509_get_notAfter(cert
);
1347 bool ret
= (X509_cmp_current_time(time_notBefore
) < 0 && X509_cmp_current_time(time_notAfter
) > 0);
1351 return certificateMatchesProperties(cert
, properties
);
1355 Ssl::setClientSNI(SSL
*ssl
, const char *fqdn
)
1357 //The SSL_CTRL_SET_TLSEXT_HOSTNAME is a openssl macro which indicates
1358 // if the TLS servername extension (SNI) is enabled in openssl library.
1359 #if defined(SSL_CTRL_SET_TLSEXT_HOSTNAME)
1360 if (!SSL_set_tlsext_host_name(ssl
, fqdn
)) {
1361 const int ssl_error
= ERR_get_error();
1362 debugs(83, 3, "WARNING: unable to set TLS servername extension (SNI): " <<
1363 ERR_error_string(ssl_error
, NULL
) << "\n");
1368 debugs(83, 7, "no support for TLS servername extension (SNI)\n");
1373 void Ssl::addChainToSslContext(SSL_CTX
*sslContext
, STACK_OF(X509
) *chain
)
1378 for (int i
= 0; i
< sk_X509_num(chain
); i
++) {
1379 X509
*cert
= sk_X509_value(chain
, i
);
1380 if (SSL_CTX_add_extra_chain_cert(sslContext
, cert
)) {
1381 // increase the certificate lock
1382 CRYPTO_add(&(cert
->references
),1,CRYPTO_LOCK_X509
);
1384 const int ssl_error
= ERR_get_error();
1385 debugs(83, DBG_IMPORTANT
, "WARNING: can not add certificate to SSL context chain: " << ERR_error_string(ssl_error
, NULL
));
1391 \ingroup ServerProtocolSSLInternal
1392 * Read certificate from file.
1393 * See also: static readSslX509Certificate function, gadgets.cc file
1395 static X509
* readSslX509CertificatesChain(char const * certFilename
, STACK_OF(X509
)* chain
)
1399 Ssl::BIO_Pointer
bio(BIO_new(BIO_s_file_internal()));
1402 if (!BIO_read_filename(bio
.get(), certFilename
))
1404 X509
*certificate
= PEM_read_bio_X509(bio
.get(), NULL
, NULL
, NULL
);
1406 if (certificate
&& chain
) {
1408 if (X509_check_issued(certificate
, certificate
) == X509_V_OK
)
1409 debugs(83, 5, "Certificate is self-signed, will not be chained");
1411 if (sk_X509_push(chain
, certificate
))
1412 CRYPTO_add(&(certificate
->references
), 1, CRYPTO_LOCK_X509
);
1414 debugs(83, DBG_IMPORTANT
, "WARNING: unable to add signing certificate to cert chain");
1415 // and add to the chain any certificate loaded from the file
1416 while (X509
*ca
= PEM_read_bio_X509(bio
.get(), NULL
, NULL
, NULL
)) {
1417 if (!sk_X509_push(chain
, ca
))
1418 debugs(83, DBG_IMPORTANT
, "WARNING: unable to add CA certificate to cert chain");
1426 void Ssl::readCertChainAndPrivateKeyFromFiles(X509_Pointer
& cert
, EVP_PKEY_Pointer
& pkey
, X509_STACK_Pointer
& chain
, char const * certFilename
, char const * keyFilename
)
1428 if (keyFilename
== NULL
)
1429 keyFilename
= certFilename
;
1431 chain
.reset(sk_X509_new_null());
1433 debugs(83, DBG_IMPORTANT
, "WARNING: unable to allocate memory for cert chain");
1434 pkey
.reset(readSslPrivateKey(keyFilename
, ssl_ask_password_cb
));
1435 cert
.reset(readSslX509CertificatesChain(certFilename
, chain
.get()));
1436 if (!pkey
|| !cert
|| !X509_check_private_key(cert
.get(), pkey
.get())) {
1442 bool Ssl::generateUntrustedCert(X509_Pointer
&untrustedCert
, EVP_PKEY_Pointer
&untrustedPkey
, X509_Pointer
const &cert
, EVP_PKEY_Pointer
const & pkey
)
1444 // Generate the self-signed certificate, using a hard-coded subject prefix
1445 Ssl::CertificateProperties certProperties
;
1446 if (const char *cn
= CommonHostName(cert
.get())) {
1447 certProperties
.commonName
= "Not trusted by \"";
1448 certProperties
.commonName
+= cn
;
1449 certProperties
.commonName
+= "\"";
1450 } else if (const char *org
= getOrganization(cert
.get())) {
1451 certProperties
.commonName
= "Not trusted by \"";
1452 certProperties
.commonName
+= org
;
1453 certProperties
.commonName
+= "\"";
1455 certProperties
.commonName
= "Not trusted";
1456 certProperties
.setCommonName
= true;
1457 // O, OU, and other CA subject fields will be mimicked
1458 // Expiration date and other common properties will be mimicked
1459 certProperties
.signAlgorithm
= Ssl::algSignSelf
;
1460 certProperties
.signWithPkey
.resetAndLock(pkey
.get());
1461 certProperties
.mimicCert
.resetAndLock(cert
.get());
1462 return Ssl::generateSslCertificate(untrustedCert
, untrustedPkey
, certProperties
);
1465 #endif /* USE_SSL */