[thirdparty/squid.git] / src / security / PeerOptions.cc

/*
 * Copyright (C) 1996-2016 The Squid Software Foundation and contributors
 *
 * Squid software is distributed under GPLv2+ license and includes
 * contributions from numerous individuals and organizations.
 * Please see the COPYING and CONTRIBUTORS files for details.
 */

#include "squid.h"
#include "base/Packable.h"
#include "Debug.h"
#include "fatal.h"
#include "globals.h"
#include "parser/Tokenizer.h"
#include "Parsing.h"
#include "security/PeerOptions.h"

#if USE_OPENSSL
#include "ssl/support.h"
#endif

Security::PeerOptions Security::ProxyOutgoingConfig;

Security::PeerOptions::PeerOptions(const Security::PeerOptions &p) :
    sslOptions(p.sslOptions),
    caDir(p.caDir),
    crlFile(p.crlFile),
    sslCipher(p.sslCipher),
    sslFlags(p.sslFlags),
    sslDomain(p.sslDomain),
    parsedOptions(p.parsedOptions),
    parsedFlags(p.parsedFlags),
    certs(p.certs),
    caFiles(p.caFiles),
    parsedCrl(p.parsedCrl),
    sslVersion(p.sslVersion),
    encryptTransport(p.encryptTransport)
{
    memcpy(&flags, &p.flags, sizeof(flags));
}

void
Security::PeerOptions::parse(const char *token)
{
    if (!*token) {
        // config says just "ssl" or "tls" (or "tls-")
        encryptTransport = true;
        return;
    }

    if (strncmp(token, "disable", 7) == 0) {
        clear();
        return;
    }

    if (strncmp(token, "cert=", 5) == 0) {
        KeyData t;
        t.privateKeyFile = t.certFile = SBuf(token + 5);
        certs.emplace_back(t);
    } else if (strncmp(token, "key=", 4) == 0) {
        if (certs.empty() || certs.back().certFile.isEmpty()) {
            debugs(3, DBG_PARSE_NOTE(1), "ERROR: cert= option must be set before key= is used.");
            return;
        }
        KeyData &t = certs.back();
        t.privateKeyFile = SBuf(token + 4);
    } else if (strncmp(token, "version=", 8) == 0) {
        debugs(0, DBG_PARSE_NOTE(1), "UPGRADE WARNING: SSL version= is deprecated. Use options= to limit protocols instead.");
        sslVersion = xatoi(token + 8);
    } else if (strncmp(token, "min-version=", 12) == 0) {
        tlsMinVersion = SBuf(token + 12);
    } else if (strncmp(token, "options=", 8) == 0) {
        sslOptions = SBuf(token + 8);
        parsedOptions = parseOptions();
    } else if (strncmp(token, "cipher=", 7) == 0) {
        sslCipher = SBuf(token + 7);
    } else if (strncmp(token, "cafile=", 7) == 0) {
        caFiles.emplace_back(SBuf(token + 7));
    } else if (strncmp(token, "capath=", 7) == 0) {
        caDir = SBuf(token + 7);
#if !USE_OPENSSL
        debugs(3, DBG_PARSE_NOTE(1), "WARNING: capath= option requires --with-openssl.");
#endif
    } else if (strncmp(token, "crlfile=", 8) == 0) {
        crlFile = SBuf(token + 8);
        loadCrlFile();
    } else if (strncmp(token, "flags=", 6) == 0) {
        if (parsedFlags != 0) {
            debugs(3, DBG_PARSE_NOTE(1), "WARNING: Overwriting flags=" << sslFlags << " with " << SBuf(token + 6));
        }
        sslFlags = SBuf(token + 6);
        parsedFlags = parseFlags();
    } else if (strncmp(token, "default-ca=off", 14) == 0 || strncmp(token, "no-default-ca", 13) == 0) {
        if (flags.tlsDefaultCa.configured() && flags.tlsDefaultCa)
            fatalf("ERROR: previous default-ca settings conflict with %s", token);
        flags.tlsDefaultCa.configure(false);
    } else if (strncmp(token, "default-ca=on", 13) == 0 || strncmp(token, "default-ca", 10) == 0) {
        if (flags.tlsDefaultCa.configured() && !flags.tlsDefaultCa)
            fatalf("ERROR: previous default-ca settings conflict with %s", token);
        flags.tlsDefaultCa.configure(true);
    } else if (strncmp(token, "domain=", 7) == 0) {
        sslDomain = SBuf(token + 7);
    } else if (strncmp(token, "no-npn", 6) == 0) {
        flags.tlsNpn = false;
    } else {
        debugs(3, DBG_CRITICAL, "ERROR: Unknown TLS option '" << token << "'");
        return;
    }

    encryptTransport = true;
}

void
Security::PeerOptions::dumpCfg(Packable *p, const char *pfx) const
{
    if (!encryptTransport) {
        p->appendf(" %sdisable", pfx);
        return; // no other settings are relevant
    }

    for (auto &i : certs) {
        if (!i.certFile.isEmpty())
            p->appendf(" %scert=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i.certFile));

        if (!i.privateKeyFile.isEmpty() && i.privateKeyFile != i.certFile)
            p->appendf(" %skey=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i.privateKeyFile));
    }

    if (!sslOptions.isEmpty())
        p->appendf(" %soptions=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslOptions));

    if (!sslCipher.isEmpty())
        p->appendf(" %scipher=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslCipher));

    for (auto i : caFiles) {
        p->appendf(" %scafile=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i));
    }

    if (!caDir.isEmpty())
        p->appendf(" %scapath=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(caDir));

    if (!crlFile.isEmpty())
        p->appendf(" %scrlfile=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(crlFile));

    if (!sslFlags.isEmpty())
        p->appendf(" %sflags=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslFlags));

    if (flags.tlsDefaultCa.configured()) {
        // default ON for peers / upstream servers
        // default OFF for listening ports
        if (flags.tlsDefaultCa)
            p->appendf(" %sdefault-ca", pfx);
        else
            p->appendf(" %sdefault-ca=off", pfx);
    }

    if (!flags.tlsNpn)
        p->appendf(" %sno-npn", pfx);
}

void
Security::PeerOptions::updateTlsVersionLimits()
{
    if (!tlsMinVersion.isEmpty()) {
        ::Parser::Tokenizer tok(tlsMinVersion);
        int64_t v = 0;
        if (tok.skip('1') && tok.skip('.') && tok.int64(v, 10, false, 1) && v <= 3) {
            // only account for TLS here - SSL versions are handled by options= parameter
            // avoid affecting options= parameter in cachemgr config report
#if SSL_OP_NO_TLSv1
            if (v > 0)
                parsedOptions |= SSL_OP_NO_TLSv1;
#endif
#if SSL_OP_NO_TLSv1_1
            if (v > 1)
                parsedOptions |= SSL_OP_NO_TLSv1_1;
#endif
#if SSL_OP_NO_TLSv1_2
            if (v > 2)
                parsedOptions |= SSL_OP_NO_TLSv1_2;
#endif

        } else {
            debugs(0, DBG_PARSE_NOTE(1), "WARNING: Unknown TLS minimum version: " << tlsMinVersion);
        }

    } else if (sslVersion > 2) {
        // backward compatibility hack for sslversion= configuration
        // only use if tls-min-version=N.N is not present
        // values 0-2 for auto and SSLv2 are not supported any longer.
        // Do it this way so we DO cause changes to options= in cachemgr config report
        const char *add = NULL;
        switch (sslVersion) {
        case 3:
            add = "NO_TLSv1,NO_TLSv1_1,NO_TLSv1_2";
            break;
        case 4:
            add = "NO_SSLv3,NO_TLSv1_1,NO_TLSv1_2";
            break;
        case 5:
            add = "NO_SSLv3,NO_TLSv1,NO_TLSv1_2";
            break;
        case 6:
            add = "NO_SSLv3,NO_TLSv1,NO_TLSv1_1";
            break;
        default: // nothing
            break;
        }
        if (add) {
            if (!sslOptions.isEmpty())
                sslOptions.append(",",1);
            sslOptions.append(add, strlen(add));
        }
        sslVersion = 0; // prevent sslOptions being repeatedly appended
    }
}

Security::ContextPointer
Security::PeerOptions::createBlankContext() const
{
    Security::ContextPointer ctx;
#if USE_OPENSSL
    Ssl::Initialize();

#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
    SSL_CTX *t = SSL_CTX_new(TLS_client_method());
#else
    SSL_CTX *t = SSL_CTX_new(SSLv23_client_method());
#endif
    if (!t) {
        const auto x = ERR_error_string(ERR_get_error(), nullptr);
        fatalf("Failed to allocate TLS client context: %s\n", x);
    }
    ctx.resetWithoutLocking(t);

#elif USE_GNUTLS
    // Initialize for X.509 certificate exchange
    gnutls_certificate_credentials_t t;
    if (const int x = gnutls_certificate_allocate_credentials(&t)) {
        fatalf("Failed to allocate TLS client context: error=%d\n", x);
    }
    ctx.resetWithoutLocking(t);

#else
    debugs(83, 1, "WARNING: Failed to allocate TLS client context: No TLS library");

#endif

    return ctx;
}

Security::ContextPtr
Security::PeerOptions::createClientContext(bool setOptions)
{
    updateTlsVersionLimits();

    Security::ContextPointer t = createBlankContext();
    if (t) {
#if USE_OPENSSL
        // XXX: temporary performance regression. c_str() data copies and prevents this being a const method
        Ssl::InitClientContext(t, *this, (setOptions ? parsedOptions : 0), parsedFlags);
#endif
        updateContextNpn(t);
        updateContextCa(t.get());
        updateContextCrl(t.get());
    }

    return t.release();
}

/// set of options we can parse and what they map to
static struct ssl_option {
    const char *name;
    long value;

} ssl_options[] = {

#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
    {
        "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
    },
#endif
#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
    {
        "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
    },
#endif
#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
    {
        "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
    },
#endif
#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
    {
        "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
    },
#endif
#if SSL_OP_TLS_D5_BUG
    {
        "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
    },
#endif
#if SSL_OP_TLS_BLOCK_PADDING_BUG
    {
        "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
    },
#endif
#if SSL_OP_TLS_ROLLBACK_BUG
    {
        "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
    },
#endif
#if SSL_OP_ALL
    {
        "ALL", (long)SSL_OP_ALL
    },
#endif
#if SSL_OP_SINGLE_DH_USE
    {
        "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
    },
#endif
#if SSL_OP_EPHEMERAL_RSA
    {
        "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
    },
#endif
#if SSL_OP_PKCS1_CHECK_1
    {
        "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
    },
#endif
#if SSL_OP_PKCS1_CHECK_2
    {
        "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
    },
#endif
#if SSL_OP_NETSCAPE_CA_DN_BUG
    {
        "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
    },
#endif
#if SSL_OP_NON_EXPORT_FIRST
    {
        "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
    },
#endif
#if SSL_OP_CIPHER_SERVER_PREFERENCE
    {
        "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
    },
#endif
#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
    {
        "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
    },
#endif
#if SSL_OP_NO_SSLv3
    {
        "NO_SSLv3", SSL_OP_NO_SSLv3
    },
#endif
#if SSL_OP_NO_TLSv1
    {
        "NO_TLSv1", SSL_OP_NO_TLSv1
    },
#endif
#if SSL_OP_NO_TLSv1_1
    {
        "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
    },
#endif
#if SSL_OP_NO_TLSv1_2
    {
        "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
    },
#endif
#if SSL_OP_NO_COMPRESSION
    {
        "No_Compression", SSL_OP_NO_COMPRESSION
    },
#endif
#if SSL_OP_NO_TICKET
    {
        "NO_TICKET", SSL_OP_NO_TICKET
    },
#endif
#if SSL_OP_SINGLE_ECDH_USE
    {
        "SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
    },
#endif
    {
        "", 0
    },
    {
        NULL, 0
    }
};

/**
 * Pre-parse TLS options= parameter to be applied when the TLS objects created.
 * Options must not used in the case of peek or stare bump mode.
 */
long
Security::PeerOptions::parseOptions()
{
    long op = 0;
    ::Parser::Tokenizer tok(sslOptions);

    do {
        enum {
            MODE_ADD, MODE_REMOVE
        } mode;

        if (tok.skip('-') || tok.skip('!'))
            mode = MODE_REMOVE;
        else {
            (void)tok.skip('+'); // default action is add. ignore if missing operator
            mode = MODE_ADD;
        }

        static const CharacterSet optChars = CharacterSet("TLS-option", "_") + CharacterSet::ALPHA + CharacterSet::DIGIT;
        int64_t hex = 0;
        SBuf option;
        long value = 0;

        // Bug 4429: identify the full option name before determining text or numeric
        if (tok.prefix(option, optChars)) {

            // find the named option in our supported set
            for (struct ssl_option *opttmp = ssl_options; opttmp->name; ++opttmp) {
                if (option.cmp(opttmp->name) == 0) {
                    value = opttmp->value;
                    break;
                }
            }

            // Special case.. hex specification
            ::Parser::Tokenizer tmp(option);
            if (!value && tmp.int64(hex, 16, false) && tmp.atEnd()) {
                value = hex;
            }
        }

        if (value) {
            switch (mode) {
            case MODE_ADD:
                op |= value;
                break;
            case MODE_REMOVE:
                op &= ~value;
                break;
            }
        } else {
            debugs(83, DBG_PARSE_NOTE(1), "ERROR: Unknown TLS option " << option);
        }

        static const CharacterSet delims("TLS-option-delim",":,");
        if (!tok.skipAll(delims) && !tok.atEnd()) {
            fatalf("Unknown TLS option '" SQUIDSBUFPH "'", SQUIDSBUFPRINT(tok.remaining()));
        }

    } while (!tok.atEnd());

#if SSL_OP_NO_SSLv2
    // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
    op = op | SSL_OP_NO_SSLv2;
#endif
    return op;
}

/**
 * Parses the TLS flags squid.conf parameter
 */
long
Security::PeerOptions::parseFlags()
{
    if (sslFlags.isEmpty())
        return 0;

    static struct {
        SBuf label;
        long mask;
    } flagTokens[] = {
        { SBuf("NO_DEFAULT_CA"), SSL_FLAG_NO_DEFAULT_CA },
        { SBuf("DELAYED_AUTH"), SSL_FLAG_DELAYED_AUTH },
        { SBuf("DONT_VERIFY_PEER"), SSL_FLAG_DONT_VERIFY_PEER },
        { SBuf("DONT_VERIFY_DOMAIN"), SSL_FLAG_DONT_VERIFY_DOMAIN },
        { SBuf("NO_SESSION_REUSE"), SSL_FLAG_NO_SESSION_REUSE },
#if X509_V_FLAG_CRL_CHECK
        { SBuf("VERIFY_CRL"), SSL_FLAG_VERIFY_CRL },
        { SBuf("VERIFY_CRL_ALL"), SSL_FLAG_VERIFY_CRL_ALL },
#endif
        { SBuf(), 0 }
    };

    ::Parser::Tokenizer tok(sslFlags);
    static const CharacterSet delims("Flag-delimiter", ":,");

    long fl = 0;
    do {
        long found = 0;
        for (size_t i = 0; flagTokens[i].mask; ++i) {
            if (tok.skip(flagTokens[i].label)) {
                found = flagTokens[i].mask;
                break;
            }
        }
        if (!found)
            fatalf("Unknown TLS flag '" SQUIDSBUFPH "'", SQUIDSBUFPRINT(tok.remaining()));
        if (found == SSL_FLAG_NO_DEFAULT_CA) {
            if (flags.tlsDefaultCa.configured() && flags.tlsDefaultCa)
                fatal("ERROR: previous default-ca settings conflict with sslflags=NO_DEFAULT_CA");
            debugs(83, DBG_PARSE_NOTE(2), "WARNING: flags=NO_DEFAULT_CA is deprecated. Use tls-default-ca=off instead.");
            flags.tlsDefaultCa.configure(false);
        } else
            fl |= found;
    } while (tok.skipOne(delims));

    return fl;
}

/// Load a CRLs list stored in the file whose /path/name is in crlFile
/// replaces any CRL loaded previously
void
Security::PeerOptions::loadCrlFile()
{
    parsedCrl.clear();
    if (crlFile.isEmpty())
        return;

#if USE_OPENSSL
    BIO *in = BIO_new_file(crlFile.c_str(), "r");
    if (!in) {
        debugs(83, 2, "WARNING: Failed to open CRL file " << crlFile);
        return;
    }

    while (X509_CRL *crl = PEM_read_bio_X509_CRL(in,NULL,NULL,NULL)) {
        parsedCrl.emplace_back(Security::CrlPointer(crl));
    }
    BIO_free(in);
#endif
}

#if USE_OPENSSL && defined(TLSEXT_TYPE_next_proto_neg)
// Dummy next_proto_neg callback
static int
ssl_next_proto_cb(SSL *s, unsigned char **out, unsigned char *outlen, const unsigned char *in, unsigned int inlen, void *arg)
{
    static const unsigned char supported_protos[] = {8, 'h','t','t', 'p', '/', '1', '.', '1'};
    (void)SSL_select_next_proto(out, outlen, in, inlen, supported_protos, sizeof(supported_protos));
    return SSL_TLSEXT_ERR_OK;
}
#endif

void
Security::PeerOptions::updateContextNpn(Security::ContextPointer &ctx)
{
    if (!flags.tlsNpn)
        return;

#if USE_OPENSSL && defined(TLSEXT_TYPE_next_proto_neg)
    SSL_CTX_set_next_proto_select_cb(ctx.get(), &ssl_next_proto_cb, nullptr);
#endif

    // NOTE: GnuTLS does not support the obsolete NPN extension.
    //       it does support ALPN per-session, not per-context.
}

static const char *
loadSystemTrustedCa(Security::ContextPtr &ctx)
{
#if USE_OPENSSL
    if (SSL_CTX_set_default_verify_paths(ctx) == 0)
        return ERR_error_string(ERR_get_error(), nullptr);

#elif USE_GNUTLS
    auto x = gnutls_certificate_set_x509_system_trust(ctx);
    if (x < 0)
        return gnutls_strerror(x);

#endif
    return nullptr;
}

void
Security::PeerOptions::updateContextCa(Security::ContextPtr ctx)
{
    debugs(83, 8, "Setting CA certificate locations.");
#if USE_OPENSSL
    const char *path = caDir.isEmpty() ? nullptr : caDir.c_str();
#endif
    for (auto i : caFiles) {
#if USE_OPENSSL
        if (!SSL_CTX_load_verify_locations(ctx, i.c_str(), path)) {
            const int ssl_error = ERR_get_error();
            debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error, NULL));
        }
#elif USE_GNUTLS
        if (gnutls_certificate_set_x509_trust_file(ctx, i.c_str(), GNUTLS_X509_FMT_PEM) < 0) {
            debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting CA certificate location: " << i);
        }
#endif
    }

    if (!flags.tlsDefaultCa)
        return;

    if (const char *err = loadSystemTrustedCa(ctx)) {
        debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting default trusted CA : " << err);
    }
}

void
Security::PeerOptions::updateContextCrl(Security::ContextPtr ctx)
{
#if USE_OPENSSL
    bool verifyCrl = false;
    X509_STORE *st = SSL_CTX_get_cert_store(ctx);
    if (parsedCrl.size()) {
        for (auto &i : parsedCrl) {
            if (!X509_STORE_add_crl(st, i.get()))
                debugs(83, 2, "WARNING: Failed to add CRL");
            else
                verifyCrl = true;
        }
    }

#if X509_V_FLAG_CRL_CHECK
    if ((parsedFlags & SSL_FLAG_VERIFY_CRL_ALL))
        X509_STORE_set_flags(st, X509_V_FLAG_CRL_CHECK|X509_V_FLAG_CRL_CHECK_ALL);
    else if (verifyCrl || (parsedFlags & SSL_FLAG_VERIFY_CRL))
        X509_STORE_set_flags(st, X509_V_FLAG_CRL_CHECK);
#endif

#endif /* USE_OPENSSL */
}

void
parse_securePeerOptions(Security::PeerOptions *opt)
{
    while(const char *token = ConfigParser::NextToken())
        opt->parse(token);
}
Commit	Line	Data
9a2f63e7	1	/*
ef57eb7b	2	* Copyright (C) 1996-2016 The Squid Software Foundation and contributors
9a2f63e7 AJ	3	*
	4	* Squid software is distributed under GPLv2+ license and includes
	5	* contributions from numerous individuals and organizations.
	6	* Please see the COPYING and CONTRIBUTORS files for details.
	7	*/
	8
	9	#include "squid.h"
8250ca31	10	#include "base/Packable.h"
0b0e0864	11	#include "Debug.h"
6bd62757	12	#include "fatal.h"
0b0e0864	13	#include "globals.h"
1cc44095	14	#include "parser/Tokenizer.h"
7f2cd2e8	15	#include "Parsing.h"
9a2f63e7 AJ	16	#include "security/PeerOptions.h"
	17
	18	#if USE_OPENSSL
	19	#include "ssl/support.h"
	20	#endif
	21
7e62a74f	22	Security::PeerOptions Security::ProxyOutgoingConfig;
195f8adb	23
9a622f3e	24	Security::PeerOptions::PeerOptions(const Security::PeerOptions &p) :
9a622f3e	25	sslOptions(p.sslOptions),
9a622f3e AJ	26	caDir(p.caDir),
	27	crlFile(p.crlFile),
	28	sslCipher(p.sslCipher),
	29	sslFlags(p.sslFlags),
	30	sslDomain(p.sslDomain),
	31	parsedOptions(p.parsedOptions),
	32	parsedFlags(p.parsedFlags),
d1d72d43	33	certs(p.certs),
86a84cc0	34	caFiles(p.caFiles),
6b19d1f9	35	parsedCrl(p.parsedCrl),
9a622f3e AJ	36	sslVersion(p.sslVersion),
	37	encryptTransport(p.encryptTransport)
	38	{
8b253b83	39	memcpy(&flags, &p.flags, sizeof(flags));
9a622f3e AJ	40	}
9a622f3e AJ	41
0b0e0864 AJ	42	void
	43	Security::PeerOptions::parse(const char *token)
	44	{
d4ab7b63 AJ	45	if (!*token) {
	46	// config says just "ssl" or "tls" (or "tls-")
	47	encryptTransport = true;
	48	return;
	49	}
	50
41ee8990 AJ	51	if (strncmp(token, "disable", 7) == 0) {
41ee8990 AJ	52	clear();
d4ab7b63 AJ	53	return;
	54	}
	55
	56	if (strncmp(token, "cert=", 5) == 0) {
d1d72d43 AJ	57	KeyData t;
	58	t.privateKeyFile = t.certFile = SBuf(token + 5);
	59	certs.emplace_back(t);
0b0e0864	60	} else if (strncmp(token, "key=", 4) == 0) {
d1d72d43 AJ	61	if (certs.empty() \|\| certs.back().certFile.isEmpty()) {
	62	debugs(3, DBG_PARSE_NOTE(1), "ERROR: cert= option must be set before key= is used.");
	63	return;
0b0e0864	64	}
d1d72d43 AJ	65	KeyData &t = certs.back();
d1d72d43 AJ	66	t.privateKeyFile = SBuf(token + 4);
0b0e0864	67	} else if (strncmp(token, "version=", 8) == 0) {
1cc44095	68	debugs(0, DBG_PARSE_NOTE(1), "UPGRADE WARNING: SSL version= is deprecated. Use options= to limit protocols instead.");
0b0e0864	69	sslVersion = xatoi(token + 8);
1cc44095 AJ	70	} else if (strncmp(token, "min-version=", 12) == 0) {
1cc44095 AJ	71	tlsMinVersion = SBuf(token + 12);
0b0e0864 AJ	72	} else if (strncmp(token, "options=", 8) == 0) {
0b0e0864 AJ	73	sslOptions = SBuf(token + 8);
c62717bd	74	parsedOptions = parseOptions();
0b0e0864 AJ	75	} else if (strncmp(token, "cipher=", 7) == 0) {
	76	sslCipher = SBuf(token + 7);
	77	} else if (strncmp(token, "cafile=", 7) == 0) {
86a84cc0	78	caFiles.emplace_back(SBuf(token + 7));
0b0e0864 AJ	79	} else if (strncmp(token, "capath=", 7) == 0) {
0b0e0864 AJ	80	caDir = SBuf(token + 7);
86a84cc0 AJ	81	#if !USE_OPENSSL
	82	debugs(3, DBG_PARSE_NOTE(1), "WARNING: capath= option requires --with-openssl.");
	83	#endif
0b0e0864 AJ	84	} else if (strncmp(token, "crlfile=", 8) == 0) {
0b0e0864 AJ	85	crlFile = SBuf(token + 8);
6b19d1f9	86	loadCrlFile();
0b0e0864	87	} else if (strncmp(token, "flags=", 6) == 0) {
b24e9ae7	88	if (parsedFlags != 0) {
9a622f3e	89	debugs(3, DBG_PARSE_NOTE(1), "WARNING: Overwriting flags=" << sslFlags << " with " << SBuf(token + 6));
b24e9ae7	90	}
0b0e0864	91	sslFlags = SBuf(token + 6);
ec4defdb	92	parsedFlags = parseFlags();
435c72b0 AJ	93	} else if (strncmp(token, "default-ca=off", 14) == 0 \|\| strncmp(token, "no-default-ca", 13) == 0) {
	94	if (flags.tlsDefaultCa.configured() && flags.tlsDefaultCa)
	95	fatalf("ERROR: previous default-ca settings conflict with %s", token);
	96	flags.tlsDefaultCa.configure(false);
	97	} else if (strncmp(token, "default-ca=on", 13) == 0 \|\| strncmp(token, "default-ca", 10) == 0) {
	98	if (flags.tlsDefaultCa.configured() && !flags.tlsDefaultCa)
	99	fatalf("ERROR: previous default-ca settings conflict with %s", token);
	100	flags.tlsDefaultCa.configure(true);
0b0e0864 AJ	101	} else if (strncmp(token, "domain=", 7) == 0) {
0b0e0864 AJ	102	sslDomain = SBuf(token + 7);
b05d749d AJ	103	} else if (strncmp(token, "no-npn", 6) == 0) {
b05d749d AJ	104	flags.tlsNpn = false;
9a622f3e AJ	105	} else {
9a622f3e AJ	106	debugs(3, DBG_CRITICAL, "ERROR: Unknown TLS option '" << token << "'");
d4ab7b63	107	return;
0b0e0864	108	}
d4ab7b63 AJ	109
d4ab7b63 AJ	110	encryptTransport = true;
0b0e0864 AJ	111	}
0b0e0864 AJ	112
8250ca31 AJ	113	void
	114	Security::PeerOptions::dumpCfg(Packable p, const char pfx) const
	115	{
	116	if (!encryptTransport) {
	117	p->appendf(" %sdisable", pfx);
	118	return; // no other settings are relevant
	119	}
	120
d1d72d43 AJ	121	for (auto &i : certs) {
	122	if (!i.certFile.isEmpty())
	123	p->appendf(" %scert=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i.certFile));
8250ca31	124
d1d72d43 AJ	125	if (!i.privateKeyFile.isEmpty() && i.privateKeyFile != i.certFile)
	126	p->appendf(" %skey=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i.privateKeyFile));
	127	}
8250ca31 AJ	128
	129	if (!sslOptions.isEmpty())
	130	p->appendf(" %soptions=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslOptions));
	131
	132	if (!sslCipher.isEmpty())
	133	p->appendf(" %scipher=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslCipher));
	134
86a84cc0 AJ	135	for (auto i : caFiles) {
	136	p->appendf(" %scafile=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(i));
	137	}
8250ca31 AJ	138
	139	if (!caDir.isEmpty())
	140	p->appendf(" %scapath=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(caDir));
	141
	142	if (!crlFile.isEmpty())
	143	p->appendf(" %scrlfile=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(crlFile));
	144
	145	if (!sslFlags.isEmpty())
	146	p->appendf(" %sflags=" SQUIDSBUFPH, pfx, SQUIDSBUFPRINT(sslFlags));
0278bdcb	147
435c72b0 AJ	148	if (flags.tlsDefaultCa.configured()) {
	149	// default ON for peers / upstream servers
	150	// default OFF for listening ports
	151	if (flags.tlsDefaultCa)
	152	p->appendf(" %sdefault-ca", pfx);
	153	else
	154	p->appendf(" %sdefault-ca=off", pfx);
	155	}
b05d749d AJ	156
	157	if (!flags.tlsNpn)
	158	p->appendf(" %sno-npn", pfx);
8250ca31 AJ	159	}
8250ca31 AJ	160
585c27eb AJ	161	void
585c27eb AJ	162	Security::PeerOptions::updateTlsVersionLimits()
9a2f63e7	163	{
1cc44095 AJ	164	if (!tlsMinVersion.isEmpty()) {
	165	::Parser::Tokenizer tok(tlsMinVersion);
	166	int64_t v = 0;
bd71ba99	167	if (tok.skip('1') && tok.skip('.') && tok.int64(v, 10, false, 1) && v <= 3) {
1cc44095	168	// only account for TLS here - SSL versions are handled by options= parameter
bd71ba99	169	// avoid affecting options= parameter in cachemgr config report
8250ca31	170	#if SSL_OP_NO_TLSv1
1cc44095	171	if (v > 0)
8250ca31 AJ	172	parsedOptions \|= SSL_OP_NO_TLSv1;
	173	#endif
	174	#if SSL_OP_NO_TLSv1_1
1cc44095	175	if (v > 1)
8250ca31 AJ	176	parsedOptions \|= SSL_OP_NO_TLSv1_1;
	177	#endif
	178	#if SSL_OP_NO_TLSv1_2
1cc44095	179	if (v > 2)
8250ca31 AJ	180	parsedOptions \|= SSL_OP_NO_TLSv1_2;
8250ca31 AJ	181	#endif
1cc44095 AJ	182
	183	} else {
	184	debugs(0, DBG_PARSE_NOTE(1), "WARNING: Unknown TLS minimum version: " << tlsMinVersion);
	185	}
	186
	187	} else if (sslVersion > 2) {
	188	// backward compatibility hack for sslversion= configuration
	189	// only use if tls-min-version=N.N is not present
8250ca31 AJ	190	// values 0-2 for auto and SSLv2 are not supported any longer.
8250ca31 AJ	191	// Do it this way so we DO cause changes to options= in cachemgr config report
1cc44095 AJ	192	const char *add = NULL;
	193	switch (sslVersion) {
	194	case 3:
	195	add = "NO_TLSv1,NO_TLSv1_1,NO_TLSv1_2";
	196	break;
	197	case 4:
	198	add = "NO_SSLv3,NO_TLSv1_1,NO_TLSv1_2";
	199	break;
	200	case 5:
	201	add = "NO_SSLv3,NO_TLSv1,NO_TLSv1_2";
	202	break;
	203	case 6:
	204	add = "NO_SSLv3,NO_TLSv1,NO_TLSv1_1";
	205	break;
	206	default: // nothing
	207	break;
	208	}
	209	if (add) {
	210	if (!sslOptions.isEmpty())
	211	sslOptions.append(",",1);
	212	sslOptions.append(add, strlen(add));
	213	}
	214	sslVersion = 0; // prevent sslOptions being repeatedly appended
	215	}
585c27eb	216	}
1cc44095	217
64769c79	218	Security::ContextPointer
885f0ecf AJ	219	Security::PeerOptions::createBlankContext() const
885f0ecf AJ	220	{
64769c79	221	Security::ContextPointer ctx;
885f0ecf	222	#if USE_OPENSSL
0a28c16a AJ	223	Ssl::Initialize();
0a28c16a AJ	224
885f0ecf	225	#if (OPENSSL_VERSION_NUMBER >= 0x10100000L)
64769c79	226	SSL_CTX *t = SSL_CTX_new(TLS_client_method());
885f0ecf	227	#else
64769c79	228	SSL_CTX *t = SSL_CTX_new(SSLv23_client_method());
885f0ecf AJ	229	#endif
	230	if (!t) {
	231	const auto x = ERR_error_string(ERR_get_error(), nullptr);
	232	fatalf("Failed to allocate TLS client context: %s\n", x);
	233	}
64769c79	234	ctx.resetWithoutLocking(t);
885f0ecf AJ	235
	236	#elif USE_GNUTLS
	237	// Initialize for X.509 certificate exchange
64769c79	238	gnutls_certificate_credentials_t t;
885f0ecf AJ	239	if (const int x = gnutls_certificate_allocate_credentials(&t)) {
	240	fatalf("Failed to allocate TLS client context: error=%d\n", x);
	241	}
64769c79	242	ctx.resetWithoutLocking(t);
885f0ecf AJ	243
885f0ecf AJ	244	#else
c75aba02	245	debugs(83, 1, "WARNING: Failed to allocate TLS client context: No TLS library");
885f0ecf AJ	246
	247	#endif
	248
64769c79	249	return ctx;
885f0ecf AJ	250	}
885f0ecf AJ	251
96993ee0	252	Security::ContextPtr
a465e144	253	Security::PeerOptions::createClientContext(bool setOptions)
9a2f63e7	254	{
585c27eb	255	updateTlsVersionLimits();
86a84cc0	256
64769c79	257	Security::ContextPointer t = createBlankContext();
c75aba02	258	if (t) {
9a2f63e7	259	#if USE_OPENSSL
c75aba02 AJ	260	// XXX: temporary performance regression. c_str() data copies and prevents this being a const method
c75aba02 AJ	261	Ssl::InitClientContext(t, *this, (setOptions ? parsedOptions : 0), parsedFlags);
9a2f63e7	262	#endif
b05d749d	263	updateContextNpn(t);
64769c79 AJ	264	updateContextCa(t.get());
64769c79 AJ	265	updateContextCrl(t.get());
86a84cc0	266	}
6b19d1f9	267
64769c79	268	return t.release();
9a2f63e7	269	}
1f1f29e8	270
6bd62757 AJ	271	/// set of options we can parse and what they map to
	272	static struct ssl_option {
	273	const char *name;
	274	long value;
	275
	276	} ssl_options[] = {
	277
	278	#if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
	279	{
	280	"NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
	281	},
	282	#endif
	283	#if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
	284	{
	285	"SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
	286	},
	287	#endif
	288	#if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
	289	{
	290	"MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
	291	},
	292	#endif
	293	#if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
	294	{
	295	"SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
	296	},
	297	#endif
	298	#if SSL_OP_TLS_D5_BUG
	299	{
	300	"TLS_D5_BUG", SSL_OP_TLS_D5_BUG
	301	},
	302	#endif
	303	#if SSL_OP_TLS_BLOCK_PADDING_BUG
	304	{
	305	"TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
	306	},
	307	#endif
	308	#if SSL_OP_TLS_ROLLBACK_BUG
	309	{
	310	"TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
	311	},
	312	#endif
	313	#if SSL_OP_ALL
	314	{
	315	"ALL", (long)SSL_OP_ALL
	316	},
	317	#endif
	318	#if SSL_OP_SINGLE_DH_USE
	319	{
	320	"SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
	321	},
	322	#endif
	323	#if SSL_OP_EPHEMERAL_RSA
	324	{
	325	"EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
	326	},
	327	#endif
	328	#if SSL_OP_PKCS1_CHECK_1
	329	{
	330	"PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
	331	},
	332	#endif
	333	#if SSL_OP_PKCS1_CHECK_2
	334	{
335	"PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
336	},
337	#endif
338	#if SSL_OP_NETSCAPE_CA_DN_BUG
339	{
340	"NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
341	},
342	#endif
343	#if SSL_OP_NON_EXPORT_FIRST
344	{
345	"NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
346	},
347	#endif
348	#if SSL_OP_CIPHER_SERVER_PREFERENCE
349	{
350	"CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
351	},
352	#endif
353	#if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
354	{
355	"NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
356	},
357	#endif
358	#if SSL_OP_NO_SSLv3
359	{
360	"NO_SSLv3", SSL_OP_NO_SSLv3
361	},
362	#endif
363	#if SSL_OP_NO_TLSv1
364	{
365	"NO_TLSv1", SSL_OP_NO_TLSv1
366	},
367	#endif
368	#if SSL_OP_NO_TLSv1_1
369	{
370	"NO_TLSv1_1", SSL_OP_NO_TLSv1_1
371	},
372	#endif
373	#if SSL_OP_NO_TLSv1_2
374	{
375	"NO_TLSv1_2", SSL_OP_NO_TLSv1_2
376	},
377	#endif
378	#if SSL_OP_NO_COMPRESSION
379	{
380	"No_Compression", SSL_OP_NO_COMPRESSION
381	},
382	#endif
383	#if SSL_OP_NO_TICKET
384	{
385	"NO_TICKET", SSL_OP_NO_TICKET
386	},
585c27eb AJ	387	#endif
	388	#if SSL_OP_SINGLE_ECDH_USE
	389	{
	390	"SINGLE_ECDH_USE", SSL_OP_SINGLE_ECDH_USE
	391	},
6bd62757 AJ	392	#endif
	393	{
	394	"", 0
	395	},
	396	{
	397	NULL, 0
	398	}
	399	};
	400
c62717bd AJ	401	/**
	402	* Pre-parse TLS options= parameter to be applied when the TLS objects created.
	403	* Options must not used in the case of peek or stare bump mode.
	404	*/
6bd62757	405	long
c62717bd	406	Security::PeerOptions::parseOptions()
6bd62757 AJ	407	{
6bd62757 AJ	408	long op = 0;
c62717bd	409	::Parser::Tokenizer tok(sslOptions);
6bd62757	410
c62717bd	411	do {
6bd62757 AJ	412	enum {
	413	MODE_ADD, MODE_REMOVE
	414	} mode;
	415
c62717bd	416	if (tok.skip('-') \|\| tok.skip('!'))
6bd62757	417	mode = MODE_REMOVE;
c62717bd AJ	418	else {
c62717bd AJ	419	(void)tok.skip('+'); // default action is add. ignore if missing operator
6bd62757	420	mode = MODE_ADD;
c62717bd	421	}
6bd62757	422
c62717bd AJ	423	static const CharacterSet optChars = CharacterSet("TLS-option", "_") + CharacterSet::ALPHA + CharacterSet::DIGIT;
	424	int64_t hex = 0;
	425	SBuf option;
	426	long value = 0;
	427
144acb47 AJ	428	// Bug 4429: identify the full option name before determining text or numeric
144acb47 AJ	429	if (tok.prefix(option, optChars)) {
6bd62757	430
c62717bd AJ	431	// find the named option in our supported set
	432	for (struct ssl_option *opttmp = ssl_options; opttmp->name; ++opttmp) {
	433	if (option.cmp(opttmp->name) == 0) {
	434	value = opttmp->value;
	435	break;
	436	}
6bd62757	437	}
144acb47 AJ	438
	439	// Special case.. hex specification
	440	::Parser::Tokenizer tmp(option);
	441	if (!value && tmp.int64(hex, 16, false) && tmp.atEnd()) {
	442	value = hex;
	443	}
6bd62757 AJ	444	}
6bd62757 AJ	445
40bc593b AJ	446	if (value) {
	447	switch (mode) {
	448	case MODE_ADD:
	449	op \|= value;
	450	break;
daf640c8	451	case MODE_REMOVE:
40bc593b AJ	452	op &= ~value;
	453	break;
	454	}
	455	} else {
	456	debugs(83, DBG_PARSE_NOTE(1), "ERROR: Unknown TLS option " << option);
6bd62757 AJ	457	}
6bd62757 AJ	458
c62717bd AJ	459	static const CharacterSet delims("TLS-option-delim",":,");
	460	if (!tok.skipAll(delims) && !tok.atEnd()) {
	461	fatalf("Unknown TLS option '" SQUIDSBUFPH "'", SQUIDSBUFPRINT(tok.remaining()));
	462	}
6bd62757	463
c62717bd	464	} while (!tok.atEnd());
6bd62757 AJ	465
	466	#if SSL_OP_NO_SSLv2
	467	// compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
	468	op = op \| SSL_OP_NO_SSLv2;
	469	#endif
	470	return op;
	471	}
	472
ec4defdb AJ	473	/**
	474	* Parses the TLS flags squid.conf parameter
	475	*/
b24e9ae7	476	long
ec4defdb	477	Security::PeerOptions::parseFlags()
b24e9ae7	478	{
ec4defdb	479	if (sslFlags.isEmpty())
b24e9ae7 AJ	480	return 0;
	481
	482	static struct {
	483	SBuf label;
	484	long mask;
	485	} flagTokens[] = {
	486	{ SBuf("NO_DEFAULT_CA"), SSL_FLAG_NO_DEFAULT_CA },
	487	{ SBuf("DELAYED_AUTH"), SSL_FLAG_DELAYED_AUTH },
	488	{ SBuf("DONT_VERIFY_PEER"), SSL_FLAG_DONT_VERIFY_PEER },
	489	{ SBuf("DONT_VERIFY_DOMAIN"), SSL_FLAG_DONT_VERIFY_DOMAIN },
	490	{ SBuf("NO_SESSION_REUSE"), SSL_FLAG_NO_SESSION_REUSE },
	491	#if X509_V_FLAG_CRL_CHECK
	492	{ SBuf("VERIFY_CRL"), SSL_FLAG_VERIFY_CRL },
	493	{ SBuf("VERIFY_CRL_ALL"), SSL_FLAG_VERIFY_CRL_ALL },
	494	#endif
	495	{ SBuf(), 0 }
	496	};
	497
ec4defdb	498	::Parser::Tokenizer tok(sslFlags);
b24e9ae7 AJ	499	static const CharacterSet delims("Flag-delimiter", ":,");
	500
	501	long fl = 0;
	502	do {
	503	long found = 0;
	504	for (size_t i = 0; flagTokens[i].mask; ++i) {
3f6c1586	505	if (tok.skip(flagTokens[i].label)) {
b24e9ae7 AJ	506	found = flagTokens[i].mask;
	507	break;
	508	}
	509	}
	510	if (!found)
8250ca31	511	fatalf("Unknown TLS flag '" SQUIDSBUFPH "'", SQUIDSBUFPRINT(tok.remaining()));
8b253b83	512	if (found == SSL_FLAG_NO_DEFAULT_CA) {
435c72b0 AJ	513	if (flags.tlsDefaultCa.configured() && flags.tlsDefaultCa)
	514	fatal("ERROR: previous default-ca settings conflict with sslflags=NO_DEFAULT_CA");
	515	debugs(83, DBG_PARSE_NOTE(2), "WARNING: flags=NO_DEFAULT_CA is deprecated. Use tls-default-ca=off instead.");
	516	flags.tlsDefaultCa.configure(false);
8b253b83 AJ	517	} else
8b253b83 AJ	518	fl \|= found;
b24e9ae7 AJ	519	} while (tok.skipOne(delims));
	520
	521	return fl;
	522	}
	523
6b19d1f9 AJ	524	/// Load a CRLs list stored in the file whose /path/name is in crlFile
	525	/// replaces any CRL loaded previously
	526	void
	527	Security::PeerOptions::loadCrlFile()
	528	{
	529	parsedCrl.clear();
	530	if (crlFile.isEmpty())
	531	return;
	532
	533	#if USE_OPENSSL
	534	BIO *in = BIO_new_file(crlFile.c_str(), "r");
	535	if (!in) {
	536	debugs(83, 2, "WARNING: Failed to open CRL file " << crlFile);
	537	return;
	538	}
	539
	540	while (X509_CRL *crl = PEM_read_bio_X509_CRL(in,NULL,NULL,NULL)) {
	541	parsedCrl.emplace_back(Security::CrlPointer(crl));
	542	}
	543	BIO_free(in);
	544	#endif
	545	}
	546
b05d749d AJ	547	#if USE_OPENSSL && defined(TLSEXT_TYPE_next_proto_neg)
	548	// Dummy next_proto_neg callback
	549	static int
	550	ssl_next_proto_cb(SSL s, unsigned char out, unsigned char outlen, const unsigned char in, unsigned int inlen, void arg)
	551	{
	552	static const unsigned char supported_protos[] = {8, 'h','t','t', 'p', '/', '1', '.', '1'};
	553	(void)SSL_select_next_proto(out, outlen, in, inlen, supported_protos, sizeof(supported_protos));
	554	return SSL_TLSEXT_ERR_OK;
	555	}
	556	#endif
	557
	558	void
64769c79	559	Security::PeerOptions::updateContextNpn(Security::ContextPointer &ctx)
b05d749d AJ	560	{
	561	if (!flags.tlsNpn)
	562	return;
	563
	564	#if USE_OPENSSL && defined(TLSEXT_TYPE_next_proto_neg)
64769c79	565	SSL_CTX_set_next_proto_select_cb(ctx.get(), &ssl_next_proto_cb, nullptr);
b05d749d AJ	566	#endif
	567
	568	// NOTE: GnuTLS does not support the obsolete NPN extension.
	569	// it does support ALPN per-session, not per-context.
	570	}
	571
4f4d3a57 AJ	572	static const char *
	573	loadSystemTrustedCa(Security::ContextPtr &ctx)
	574	{
	575	#if USE_OPENSSL
	576	if (SSL_CTX_set_default_verify_paths(ctx) == 0)
03c428e9	577	return ERR_error_string(ERR_get_error(), nullptr);
4f4d3a57 AJ	578
	579	#elif USE_GNUTLS
	580	auto x = gnutls_certificate_set_x509_system_trust(ctx);
	581	if (x < 0)
	582	return gnutls_strerror(x);
	583
	584	#endif
	585	return nullptr;
	586	}
	587
86a84cc0	588	void
64769c79	589	Security::PeerOptions::updateContextCa(Security::ContextPtr ctx)
86a84cc0 AJ	590	{
86a84cc0 AJ	591	debugs(83, 8, "Setting CA certificate locations.");
123d5c2a AJ	592	#if USE_OPENSSL
	593	const char *path = caDir.isEmpty() ? nullptr : caDir.c_str();
	594	#endif
86a84cc0 AJ	595	for (auto i : caFiles) {
86a84cc0 AJ	596	#if USE_OPENSSL
123d5c2a	597	if (!SSL_CTX_load_verify_locations(ctx, i.c_str(), path)) {
86a84cc0 AJ	598	const int ssl_error = ERR_get_error();
	599	debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error, NULL));
	600	}
	601	#elif USE_GNUTLS
	602	if (gnutls_certificate_set_x509_trust_file(ctx, i.c_str(), GNUTLS_X509_FMT_PEM) < 0) {
	603	debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting CA certificate location: " << i);
	604	}
	605	#endif
	606	}
	607
b2cd014b	608	if (!flags.tlsDefaultCa)
86a84cc0 AJ	609	return;
86a84cc0 AJ	610
4f4d3a57 AJ	611	if (const char *err = loadSystemTrustedCa(ctx)) {
4f4d3a57 AJ	612	debugs(83, DBG_IMPORTANT, "WARNING: Ignoring error setting default trusted CA : " << err);
86a84cc0	613	}
86a84cc0 AJ	614	}
86a84cc0 AJ	615
6b19d1f9	616	void
64769c79	617	Security::PeerOptions::updateContextCrl(Security::ContextPtr ctx)
6b19d1f9 AJ	618	{
	619	#if USE_OPENSSL
	620	bool verifyCrl = false;
	621	X509_STORE *st = SSL_CTX_get_cert_store(ctx);
	622	if (parsedCrl.size()) {
	623	for (auto &i : parsedCrl) {
	624	if (!X509_STORE_add_crl(st, i.get()))
	625	debugs(83, 2, "WARNING: Failed to add CRL");
	626	else
	627	verifyCrl = true;
	628	}
	629	}
	630
	631	#if X509_V_FLAG_CRL_CHECK
	632	if ((parsedFlags & SSL_FLAG_VERIFY_CRL_ALL))
	633	X509_STORE_set_flags(st, X509_V_FLAG_CRL_CHECK\|X509_V_FLAG_CRL_CHECK_ALL);
	634	else if (verifyCrl \|\| (parsedFlags & SSL_FLAG_VERIFY_CRL))
	635	X509_STORE_set_flags(st, X509_V_FLAG_CRL_CHECK);
	636	#endif
	637
	638	#endif /* USE_OPENSSL */
	639	}
	640
1f1f29e8 AJ	641	void
	642	parse_securePeerOptions(Security::PeerOptions *opt)
	643	{
	644	while(const char *token = ConfigParser::NextToken())
	645	opt->parse(token);
	646	}
	647