]>
Commit | Line | Data |
---|---|---|
86e4d161 MS |
1 | /* |
2 | * Copyright (c) 2008 The DragonFly Project. All rights reserved. | |
3 | * | |
4 | * This code is derived from software contributed to The DragonFly Project | |
5 | * by Matthias Schmidt <matthias@dragonflybsd.org>, University of Marburg, | |
6 | * Germany. | |
7 | * | |
8 | * Redistribution and use in source and binary forms, with or without | |
9 | * modification, are permitted provided that the following conditions | |
10 | * are met: | |
11 | * | |
12 | * 1. Redistributions of source code must retain the above copyright | |
13 | * notice, this list of conditions and the following disclaimer. | |
14 | * 2. Redistributions in binary form must reproduce the above copyright | |
15 | * notice, this list of conditions and the following disclaimer in | |
16 | * the documentation and/or other materials provided with the | |
17 | * distribution. | |
18 | * 3. Neither the name of The DragonFly Project nor the names of its | |
19 | * contributors may be used to endorse or promote products derived | |
20 | * from this software without specific, prior written permission. | |
21 | * | |
22 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS | |
23 | * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT | |
24 | * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS | |
25 | * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE | |
26 | * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, | |
27 | * INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING, | |
28 | * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; | |
29 | * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED | |
30 | * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, | |
31 | * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT | |
32 | * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
33 | * SUCH DAMAGE. | |
86e4d161 MS |
34 | */ |
35 | ||
86e4d161 | 36 | #include <openssl/x509.h> |
bf28fcc6 | 37 | #include <openssl/md5.h> |
86e4d161 MS |
38 | #include <openssl/ssl.h> |
39 | #include <openssl/err.h> | |
40 | #include <openssl/pem.h> | |
41 | #include <openssl/rand.h> | |
42 | ||
43 | #include <syslog.h> | |
44 | ||
45 | #include "dma.h" | |
46 | ||
86e4d161 | 47 | static int |
4d5af2b0 | 48 | init_cert_file(SSL_CTX *ctx, const char *path) |
86e4d161 MS |
49 | { |
50 | int error; | |
51 | ||
52 | /* Load certificate into ctx */ | |
53 | error = SSL_CTX_use_certificate_chain_file(ctx, path); | |
54 | if (error < 1) { | |
4d5af2b0 | 55 | syslog(LOG_ERR, "SSL: Cannot load certificate `%s': %s", path, ssl_errstr()); |
86e4d161 MS |
56 | return (-1); |
57 | } | |
58 | ||
59 | /* Add private key to ctx */ | |
60 | error = SSL_CTX_use_PrivateKey_file(ctx, path, SSL_FILETYPE_PEM); | |
61 | if (error < 1) { | |
4d5af2b0 | 62 | syslog(LOG_ERR, "SSL: Cannot load private key `%s': %s", path, ssl_errstr()); |
86e4d161 MS |
63 | return (-1); |
64 | } | |
65 | ||
66 | /* | |
67 | * Check the consistency of a private key with the corresponding | |
68 | * certificate | |
69 | */ | |
70 | error = SSL_CTX_check_private_key(ctx); | |
71 | if (error < 1) { | |
4d5af2b0 | 72 | syslog(LOG_ERR, "SSL: Cannot check private key: %s", ssl_errstr()); |
86e4d161 MS |
73 | return (-1); |
74 | } | |
75 | ||
76 | return (0); | |
77 | } | |
78 | ||
79 | int | |
4d5af2b0 | 80 | smtp_init_crypto(int fd, int feature) |
86e4d161 MS |
81 | { |
82 | SSL_CTX *ctx = NULL; | |
cd6b107b | 83 | #if (OPENSSL_VERSION_NUMBER >= 0x00909000L) |
cda8a0eb | 84 | const SSL_METHOD *meth = NULL; |
cd6b107b EM |
85 | #else |
86 | SSL_METHOD *meth = NULL; | |
87 | #endif | |
86e4d161 | 88 | X509 *cert; |
86e4d161 MS |
89 | int error; |
90 | ||
8aea09c9 | 91 | /* XXX clean up on error/close */ |
86e4d161 MS |
92 | /* Init SSL library */ |
93 | SSL_library_init(); | |
53885e5a | 94 | SSL_load_error_strings(); |
86e4d161 MS |
95 | |
96 | meth = TLSv1_client_method(); | |
97 | ||
98 | ctx = SSL_CTX_new(meth); | |
99 | if (ctx == NULL) { | |
4d5af2b0 | 100 | syslog(LOG_WARNING, "remote delivery deferred: SSL init failed: %s", ssl_errstr()); |
53885e5a | 101 | return (1); |
86e4d161 MS |
102 | } |
103 | ||
104 | /* User supplied a certificate */ | |
a0c4afa6 SS |
105 | if (config.certfile != NULL) { |
106 | error = init_cert_file(ctx, config.certfile); | |
53885e5a | 107 | if (error) { |
4d5af2b0 | 108 | syslog(LOG_WARNING, "remote delivery deferred"); |
53885e5a SS |
109 | return (1); |
110 | } | |
111 | } | |
86e4d161 MS |
112 | |
113 | /* | |
114 | * If the user wants STARTTLS, we have to send EHLO here | |
115 | */ | |
116 | if (((feature & SECURETRANS) != 0) && | |
117 | (feature & STARTTLS) != 0) { | |
118 | /* TLS init phase, disable SSL_write */ | |
a0c4afa6 | 119 | config.features |= NOSSL; |
86e4d161 MS |
120 | |
121 | send_remote_command(fd, "EHLO %s", hostname()); | |
bf28fcc6 | 122 | if (read_remote(fd, 0, NULL) == 2) { |
86e4d161 | 123 | send_remote_command(fd, "STARTTLS"); |
bf28fcc6 | 124 | if (read_remote(fd, 0, NULL) != 2) { |
4dea15f5 PP |
125 | if ((feature & TLS_OPP) == 0) { |
126 | syslog(LOG_ERR, "remote delivery deferred: STARTTLS not available: %s", neterr); | |
127 | return (1); | |
128 | } else { | |
129 | syslog(LOG_INFO, "in opportunistic TLS mode, STARTTLS not available: %s", neterr); | |
130 | return (0); | |
131 | } | |
86e4d161 MS |
132 | } |
133 | } | |
134 | /* End of TLS init phase, enable SSL_write/read */ | |
a0c4afa6 | 135 | config.features &= ~NOSSL; |
86e4d161 MS |
136 | } |
137 | ||
a0c4afa6 SS |
138 | config.ssl = SSL_new(ctx); |
139 | if (config.ssl == NULL) { | |
4d5af2b0 SS |
140 | syslog(LOG_NOTICE, "remote delivery deferred: SSL struct creation failed: %s", |
141 | ssl_errstr()); | |
53885e5a | 142 | return (1); |
86e4d161 MS |
143 | } |
144 | ||
145 | /* Set ssl to work in client mode */ | |
a0c4afa6 | 146 | SSL_set_connect_state(config.ssl); |
86e4d161 MS |
147 | |
148 | /* Set fd for SSL in/output */ | |
a0c4afa6 | 149 | error = SSL_set_fd(config.ssl, fd); |
86e4d161 | 150 | if (error == 0) { |
4d5af2b0 SS |
151 | syslog(LOG_NOTICE, "remote delivery deferred: SSL set fd failed: %s", |
152 | ssl_errstr()); | |
53885e5a | 153 | return (1); |
86e4d161 MS |
154 | } |
155 | ||
156 | /* Open SSL connection */ | |
a0c4afa6 | 157 | error = SSL_connect(config.ssl); |
86e4d161 | 158 | if (error < 0) { |
4d5af2b0 SS |
159 | syslog(LOG_ERR, "remote delivery deferred: SSL handshake failed fatally: %s", |
160 | ssl_errstr()); | |
53885e5a | 161 | return (1); |
86e4d161 MS |
162 | } |
163 | ||
164 | /* Get peer certificate */ | |
a0c4afa6 | 165 | cert = SSL_get_peer_certificate(config.ssl); |
86e4d161 | 166 | if (cert == NULL) { |
4d5af2b0 SS |
167 | syslog(LOG_WARNING, "remote delivery deferred: Peer did not provide certificate: %s", |
168 | ssl_errstr()); | |
86e4d161 MS |
169 | } |
170 | X509_free(cert); | |
171 | ||
172 | return (0); | |
173 | } | |
174 | ||
bf28fcc6 MS |
175 | /* |
176 | * hmac_md5() taken out of RFC 2104. This RFC was written by H. Krawczyk, | |
177 | * M. Bellare and R. Canetti. | |
c507d897 SW |
178 | * |
179 | * text pointer to data stream | |
180 | * text_len length of data stream | |
181 | * key pointer to authentication key | |
182 | * key_len length of authentication key | |
183 | * digest caller digest to be filled int | |
184 | */ | |
bf28fcc6 | 185 | void |
c507d897 | 186 | hmac_md5(unsigned char *text, int text_len, unsigned char *key, int key_len, |
9b921550 | 187 | unsigned char* digest) |
bf28fcc6 MS |
188 | { |
189 | MD5_CTX context; | |
190 | unsigned char k_ipad[65]; /* inner padding - | |
191 | * key XORd with ipad | |
192 | */ | |
193 | unsigned char k_opad[65]; /* outer padding - | |
194 | * key XORd with opad | |
195 | */ | |
196 | unsigned char tk[16]; | |
197 | int i; | |
198 | /* if key is longer than 64 bytes reset it to key=MD5(key) */ | |
199 | if (key_len > 64) { | |
200 | ||
201 | MD5_CTX tctx; | |
202 | ||
203 | MD5_Init(&tctx); | |
204 | MD5_Update(&tctx, key, key_len); | |
205 | MD5_Final(tk, &tctx); | |
206 | ||
207 | key = tk; | |
208 | key_len = 16; | |
209 | } | |
210 | ||
211 | /* | |
212 | * the HMAC_MD5 transform looks like: | |
213 | * | |
214 | * MD5(K XOR opad, MD5(K XOR ipad, text)) | |
215 | * | |
216 | * where K is an n byte key | |
217 | * ipad is the byte 0x36 repeated 64 times | |
218 | * | |
219 | * opad is the byte 0x5c repeated 64 times | |
220 | * and text is the data being protected | |
221 | */ | |
222 | ||
223 | /* start out by storing key in pads */ | |
224 | bzero( k_ipad, sizeof k_ipad); | |
225 | bzero( k_opad, sizeof k_opad); | |
226 | bcopy( key, k_ipad, key_len); | |
227 | bcopy( key, k_opad, key_len); | |
228 | ||
229 | /* XOR key with ipad and opad values */ | |
230 | for (i=0; i<64; i++) { | |
231 | k_ipad[i] ^= 0x36; | |
232 | k_opad[i] ^= 0x5c; | |
233 | } | |
234 | /* | |
235 | * perform inner MD5 | |
236 | */ | |
237 | MD5_Init(&context); /* init context for 1st | |
238 | * pass */ | |
239 | MD5_Update(&context, k_ipad, 64); /* start with inner pad */ | |
240 | MD5_Update(&context, text, text_len); /* then text of datagram */ | |
241 | MD5_Final(digest, &context); /* finish up 1st pass */ | |
242 | /* | |
243 | * perform outer MD5 | |
244 | */ | |
245 | MD5_Init(&context); /* init context for 2nd | |
246 | * pass */ | |
247 | MD5_Update(&context, k_opad, 64); /* start with outer pad */ | |
248 | MD5_Update(&context, digest, 16); /* then results of 1st | |
249 | * hash */ | |
250 | MD5_Final(digest, &context); /* finish up 2nd pass */ | |
251 | } | |
252 | ||
86e4d161 MS |
253 | /* |
254 | * CRAM-MD5 authentication | |
86e4d161 MS |
255 | */ |
256 | int | |
4d5af2b0 | 257 | smtp_auth_md5(int fd, char *login, char *password) |
86e4d161 | 258 | { |
9b921550 SS |
259 | unsigned char digest[BUF_SIZE]; |
260 | char buffer[BUF_SIZE], ascii_digest[33]; | |
bf28fcc6 MS |
261 | char *temp; |
262 | int len, i; | |
263 | static char hextab[] = "0123456789abcdef"; | |
264 | ||
265 | temp = calloc(BUF_SIZE, 1); | |
266 | memset(buffer, 0, sizeof(buffer)); | |
267 | memset(digest, 0, sizeof(digest)); | |
268 | memset(ascii_digest, 0, sizeof(ascii_digest)); | |
269 | ||
270 | /* Send AUTH command according to RFC 2554 */ | |
271 | send_remote_command(fd, "AUTH CRAM-MD5"); | |
272 | if (read_remote(fd, sizeof(buffer), buffer) != 3) { | |
904bbe47 | 273 | syslog(LOG_DEBUG, "smarthost authentication:" |
4d5af2b0 | 274 | " AUTH cram-md5 not available: %s", neterr); |
bf28fcc6 | 275 | /* if cram-md5 is not available */ |
f5c64bf6 | 276 | free(temp); |
bf28fcc6 MS |
277 | return (-1); |
278 | } | |
279 | ||
280 | /* skip 3 char status + 1 char space */ | |
281 | base64_decode(buffer + 4, temp); | |
9b921550 SS |
282 | hmac_md5((unsigned char *)temp, strlen(temp), |
283 | (unsigned char *)password, strlen(password), digest); | |
196b1b32 | 284 | free(temp); |
bf28fcc6 MS |
285 | |
286 | ascii_digest[32] = 0; | |
287 | for (i = 0; i < 16; i++) { | |
288 | ascii_digest[2*i] = hextab[digest[i] >> 4]; | |
289 | ascii_digest[2*i+1] = hextab[digest[i] & 15]; | |
290 | } | |
291 | ||
292 | /* prepare answer */ | |
293 | snprintf(buffer, BUF_SIZE, "%s %s", login, ascii_digest); | |
294 | ||
bf28fcc6 MS |
295 | /* encode answer */ |
296 | len = base64_encode(buffer, strlen(buffer), &temp); | |
196b1b32 | 297 | if (len < 0) { |
4d5af2b0 | 298 | syslog(LOG_ERR, "can not encode auth reply: %m"); |
bf28fcc6 | 299 | return (-1); |
196b1b32 | 300 | } |
bf28fcc6 MS |
301 | |
302 | /* send answer */ | |
303 | send_remote_command(fd, "%s", temp); | |
196b1b32 | 304 | free(temp); |
bf28fcc6 | 305 | if (read_remote(fd, 0, NULL) != 2) { |
4d5af2b0 SS |
306 | syslog(LOG_WARNING, "remote delivery deferred:" |
307 | " AUTH cram-md5 failed: %s", neterr); | |
bf28fcc6 MS |
308 | return (-2); |
309 | } | |
310 | ||
311 | return (0); | |
86e4d161 | 312 | } |