2 * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
9 /* DEBUG: section 83 SSL accelerator support */
13 /* MS Visual Studio Projects are monolithic, so we need the following
14 * #if to exclude the SSL code from compile process when not needed.
18 #include "acl/FilledChecklist.h"
19 #include "anyp/PortCfg.h"
24 #include "ipc/MemMap.h"
25 #include "SquidConfig.h"
26 #include "SquidTime.h"
28 #include "ssl/Config.h"
29 #include "ssl/ErrorDetail.h"
30 #include "ssl/gadgets.h"
31 #include "ssl/support.h"
36 static void setSessionCallbacks(SSL_CTX
*ctx
);
37 Ipc::MemMap
*SslSessionCache
= NULL
;
38 const char *SslSessionCacheName
= "ssl_session_cache";
40 const EVP_MD
*Ssl::DefaultSignHash
= NULL
;
42 const char *Ssl::BumpModeStr
[] = {
56 \defgroup ServerProtocolSSLInternal Server-Side SSL Internals
57 \ingroup ServerProtocolSSLAPI
60 /// \ingroup ServerProtocolSSLInternal
62 ssl_ask_password_cb(char *buf
, int size
, int rwflag
, void *userdata
)
68 snprintf(cmdline
, sizeof(cmdline
), "\"%s\" \"%s\"", Config
.Program
.ssl_password
, (const char *)userdata
);
69 in
= popen(cmdline
, "r");
71 if (fgets(buf
, size
, in
))
75 while (len
> 0 && (buf
[len
- 1] == '\n' || buf
[len
- 1] == '\r'))
85 /// \ingroup ServerProtocolSSLInternal
87 ssl_ask_password(SSL_CTX
* context
, const char * prompt
)
89 if (Config
.Program
.ssl_password
) {
90 SSL_CTX_set_default_passwd_cb(context
, ssl_ask_password_cb
);
91 SSL_CTX_set_default_passwd_cb_userdata(context
, (void *)prompt
);
95 /// \ingroup ServerProtocolSSLInternal
97 ssl_temp_rsa_cb(SSL
* ssl
, int anInt
, int keylen
)
99 static RSA
*rsa_512
= NULL
;
100 static RSA
*rsa_1024
= NULL
;
109 rsa_512
= RSA_generate_key(512, RSA_F4
, NULL
, NULL
);
119 rsa_1024
= RSA_generate_key(1024, RSA_F4
, NULL
, NULL
);
127 debugs(83, DBG_IMPORTANT
, "ssl_temp_rsa_cb: Unexpected key length " << keylen
);
132 debugs(83, DBG_IMPORTANT
, "ssl_temp_rsa_cb: Failed to generate key " << keylen
);
138 PEM_write_RSAPrivateKey(debug_log
, rsa
, NULL
, NULL
, 0, NULL
, NULL
);
140 debugs(83, DBG_IMPORTANT
, "Generated ephemeral RSA key of length " << keylen
);
146 int Ssl::asn1timeToString(ASN1_TIME
*tm
, char *buf
, int len
)
150 bio
= BIO_new(BIO_s_mem());
152 if (ASN1_TIME_print(bio
, tm
))
153 write
= BIO_read(bio
, buf
, len
-1);
160 int Ssl::matchX509CommonNames(X509
*peer_cert
, void *check_data
, int (*check_func
)(void *check_data
, ASN1_STRING
*cn_data
))
164 X509_NAME
*name
= X509_get_subject_name(peer_cert
);
166 for (int i
= X509_NAME_get_index_by_NID(name
, NID_commonName
, -1); i
>= 0; i
= X509_NAME_get_index_by_NID(name
, NID_commonName
, i
)) {
168 ASN1_STRING
*cn_data
= X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name
, i
));
170 if ( (*check_func
)(check_data
, cn_data
) == 0)
174 STACK_OF(GENERAL_NAME
) * altnames
;
175 altnames
= (STACK_OF(GENERAL_NAME
)*)X509_get_ext_d2i(peer_cert
, NID_subject_alt_name
, NULL
, NULL
);
178 int numalts
= sk_GENERAL_NAME_num(altnames
);
179 for (int i
= 0; i
< numalts
; ++i
) {
180 const GENERAL_NAME
*check
= sk_GENERAL_NAME_value(altnames
, i
);
181 if (check
->type
!= GEN_DNS
) {
184 ASN1_STRING
*cn_data
= check
->d
.dNSName
;
186 if ( (*check_func
)(check_data
, cn_data
) == 0) {
187 sk_GENERAL_NAME_pop_free(altnames
, GENERAL_NAME_free
);
191 sk_GENERAL_NAME_pop_free(altnames
, GENERAL_NAME_free
);
196 static int check_domain( void *check_data
, ASN1_STRING
*cn_data
)
199 const char *server
= (const char *)check_data
;
201 if (cn_data
->length
> (int)sizeof(cn
) - 1) {
202 return 1; //if does not fit our buffer just ignore
204 memcpy(cn
, cn_data
->data
, cn_data
->length
);
205 cn
[cn_data
->length
] = '\0';
206 debugs(83, 4, "Verifying server domain " << server
<< " to certificate name/subjectAltName " << cn
);
207 return matchDomainName(server
, cn
[0] == '*' ? cn
+ 1 : cn
);
210 bool Ssl::checkX509ServerValidity(X509
*cert
, const char *server
)
212 return matchX509CommonNames(cert
, (void *)server
, check_domain
);
215 /// \ingroup ServerProtocolSSLInternal
217 ssl_verify_cb(int ok
, X509_STORE_CTX
* ctx
)
219 // preserve original ctx->error before SSL_ calls can overwrite it
220 Ssl::ssl_error_t error_no
= ok
? SSL_ERROR_NONE
: ctx
->error
;
222 char buffer
[256] = "";
223 SSL
*ssl
= (SSL
*)X509_STORE_CTX_get_ex_data(ctx
, SSL_get_ex_data_X509_STORE_CTX_idx());
224 SSL_CTX
*sslctx
= SSL_get_SSL_CTX(ssl
);
225 const char *server
= (const char *)SSL_get_ex_data(ssl
, ssl_ex_index_server
);
226 void *dont_verify_domain
= SSL_CTX_get_ex_data(sslctx
, ssl_ctx_ex_index_dont_verify_domain
);
227 ACLChecklist
*check
= (ACLChecklist
*)SSL_get_ex_data(ssl
, ssl_ex_index_cert_error_check
);
228 X509
*peeked_cert
= (X509
*)SSL_get_ex_data(ssl
, ssl_ex_index_ssl_peeked_cert
);
229 X509
*peer_cert
= ctx
->cert
;
231 X509_NAME_oneline(X509_get_subject_name(peer_cert
), buffer
,
234 // detect infinite loops
235 uint32_t *validationCounter
= static_cast<uint32_t *>(SSL_get_ex_data(ssl
, ssl_ex_index_ssl_validation_counter
));
236 if (!validationCounter
) {
237 validationCounter
= new uint32_t(1);
238 SSL_set_ex_data(ssl
, ssl_ex_index_ssl_validation_counter
, validationCounter
);
240 // overflows allowed if SQUID_CERT_VALIDATION_ITERATION_MAX >= UINT32_MAX
241 (*validationCounter
)++;
244 if ((*validationCounter
) >= SQUID_CERT_VALIDATION_ITERATION_MAX
) {
245 ok
= 0; // or the validation loop will never stop
246 error_no
= SQUID_X509_V_ERR_INFINITE_VALIDATION
;
247 debugs(83, 2, "SQUID_X509_V_ERR_INFINITE_VALIDATION: " <<
248 *validationCounter
<< " iterations while checking " << buffer
);
252 debugs(83, 5, "SSL Certificate signature OK: " << buffer
);
254 // Check for domain mismatch only if the current certificate is the peer certificate.
255 if (!dont_verify_domain
&& server
&& peer_cert
== X509_STORE_CTX_get_current_cert(ctx
)) {
256 if (!Ssl::checkX509ServerValidity(peer_cert
, server
)) {
257 debugs(83, 2, "SQUID_X509_V_ERR_DOMAIN_MISMATCH: Certificate " << buffer
<< " does not match domainname " << server
);
259 error_no
= SQUID_X509_V_ERR_DOMAIN_MISMATCH
;
264 if (ok
&& peeked_cert
) {
265 // Check whether the already peeked certificate matches the new one.
266 if (X509_cmp(peer_cert
, peeked_cert
) != 0) {
267 debugs(83, 2, "SQUID_X509_V_ERR_CERT_CHANGE: Certificate " << buffer
<< " does not match peeked certificate");
269 error_no
= SQUID_X509_V_ERR_CERT_CHANGE
;
274 X509
*broken_cert
= X509_STORE_CTX_get_current_cert(ctx
);
276 broken_cert
= peer_cert
;
278 Ssl::CertErrors
*errs
= static_cast<Ssl::CertErrors
*>(SSL_get_ex_data(ssl
, ssl_ex_index_ssl_errors
));
280 errs
= new Ssl::CertErrors(Ssl::CertError(error_no
, broken_cert
));
281 if (!SSL_set_ex_data(ssl
, ssl_ex_index_ssl_errors
, (void *)errs
)) {
282 debugs(83, 2, "Failed to set ssl error_no in ssl_verify_cb: Certificate " << buffer
);
286 } else // remember another error number
287 errs
->push_back_unique(Ssl::CertError(error_no
, broken_cert
));
289 if (const char *err_descr
= Ssl::GetErrorDescr(error_no
))
290 debugs(83, 5, err_descr
<< ": " << buffer
);
292 debugs(83, DBG_IMPORTANT
, "SSL unknown certificate error " << error_no
<< " in " << buffer
);
294 // Check if the certificate error can be bypassed.
295 // Infinity validation loop errors can not bypassed.
296 if (error_no
!= SQUID_X509_V_ERR_INFINITE_VALIDATION
) {
298 ACLFilledChecklist
*filledCheck
= Filled(check
);
299 assert(!filledCheck
->sslErrors
);
300 filledCheck
->sslErrors
= new Ssl::CertErrors(Ssl::CertError(error_no
, broken_cert
));
301 filledCheck
->serverCert
.resetAndLock(peer_cert
);
302 if (check
->fastCheck() == ACCESS_ALLOWED
) {
303 debugs(83, 3, "bypassing SSL error " << error_no
<< " in " << buffer
);
306 debugs(83, 5, "confirming SSL error " << error_no
);
308 delete filledCheck
->sslErrors
;
309 filledCheck
->sslErrors
= NULL
;
310 filledCheck
->serverCert
.reset(NULL
);
312 // If the certificate validator is used then we need to allow all errors and
313 // pass them to certficate validator for more processing
314 else if (Ssl::TheConfig
.ssl_crt_validator
) {
320 if (Ssl::TheConfig
.ssl_crt_validator
) {
321 // Check if we have stored certificates chain. Store if not.
322 if (!SSL_get_ex_data(ssl
, ssl_ex_index_ssl_cert_chain
)) {
323 STACK_OF(X509
) *certStack
= X509_STORE_CTX_get1_chain(ctx
);
324 if (certStack
&& !SSL_set_ex_data(ssl
, ssl_ex_index_ssl_cert_chain
, certStack
))
325 sk_X509_pop_free(certStack
, X509_free
);
329 if (!ok
&& !SSL_get_ex_data(ssl
, ssl_ex_index_ssl_error_detail
) ) {
331 // Find the broken certificate. It may be intermediate.
332 X509
*broken_cert
= peer_cert
; // reasonable default if search fails
333 // Our SQUID_X509_V_ERR_DOMAIN_MISMATCH implies peer_cert is at fault.
334 if (error_no
!= SQUID_X509_V_ERR_DOMAIN_MISMATCH
) {
335 if (X509
*last_used_cert
= X509_STORE_CTX_get_current_cert(ctx
))
336 broken_cert
= last_used_cert
;
339 Ssl::ErrorDetail
*errDetail
=
340 new Ssl::ErrorDetail(error_no
, peer_cert
, broken_cert
);
342 if (!SSL_set_ex_data(ssl
, ssl_ex_index_ssl_error_detail
, errDetail
)) {
343 debugs(83, 2, "Failed to set Ssl::ErrorDetail in ssl_verify_cb: Certificate " << buffer
);
351 /// \ingroup ServerProtocolSSLInternal
352 static struct ssl_option
{
359 #if SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
361 "NETSCAPE_REUSE_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG
364 #if SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
366 "SSLREF2_REUSE_CERT_TYPE_BUG", SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG
369 #if SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
371 "MICROSOFT_BIG_SSLV3_BUFFER", SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER
374 #if SSL_OP_SSLEAY_080_CLIENT_DH_BUG
376 "SSLEAY_080_CLIENT_DH_BUG", SSL_OP_SSLEAY_080_CLIENT_DH_BUG
379 #if SSL_OP_TLS_D5_BUG
381 "TLS_D5_BUG", SSL_OP_TLS_D5_BUG
384 #if SSL_OP_TLS_BLOCK_PADDING_BUG
386 "TLS_BLOCK_PADDING_BUG", SSL_OP_TLS_BLOCK_PADDING_BUG
389 #if SSL_OP_TLS_ROLLBACK_BUG
391 "TLS_ROLLBACK_BUG", SSL_OP_TLS_ROLLBACK_BUG
396 "ALL", (long)SSL_OP_ALL
399 #if SSL_OP_SINGLE_DH_USE
401 "SINGLE_DH_USE", SSL_OP_SINGLE_DH_USE
404 #if SSL_OP_EPHEMERAL_RSA
406 "EPHEMERAL_RSA", SSL_OP_EPHEMERAL_RSA
409 #if SSL_OP_PKCS1_CHECK_1
411 "PKCS1_CHECK_1", SSL_OP_PKCS1_CHECK_1
414 #if SSL_OP_PKCS1_CHECK_2
416 "PKCS1_CHECK_2", SSL_OP_PKCS1_CHECK_2
419 #if SSL_OP_NETSCAPE_CA_DN_BUG
421 "NETSCAPE_CA_DN_BUG", SSL_OP_NETSCAPE_CA_DN_BUG
424 #if SSL_OP_NON_EXPORT_FIRST
426 "NON_EXPORT_FIRST", SSL_OP_NON_EXPORT_FIRST
429 #if SSL_OP_CIPHER_SERVER_PREFERENCE
431 "CIPHER_SERVER_PREFERENCE", SSL_OP_CIPHER_SERVER_PREFERENCE
434 #if SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
436 "NETSCAPE_DEMO_CIPHER_CHANGE_BUG", SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG
441 "NO_SSLv3", SSL_OP_NO_SSLv3
446 "NO_TLSv1", SSL_OP_NO_TLSv1
449 #if SSL_OP_NO_TLSv1_1
451 "NO_TLSv1_1", SSL_OP_NO_TLSv1_1
454 #if SSL_OP_NO_TLSv1_2
456 "NO_TLSv1_2", SSL_OP_NO_TLSv1_2
459 #if SSL_OP_NO_COMPRESSION
461 "No_Compression", SSL_OP_NO_COMPRESSION
466 "NO_TICKET", SSL_OP_NO_TICKET
477 /// \ingroup ServerProtocolSSLInternal
479 Ssl::parse_options(const char *options
)
488 tmp
= xstrdup(options
);
490 option
= strtok(tmp
, ":,");
494 struct ssl_option
*opt
= NULL
, *opttmp
;
497 MODE_ADD
, MODE_REMOVE
519 for (opttmp
= ssl_options
; opttmp
->name
; ++opttmp
) {
520 if (strcmp(opttmp
->name
, option
) == 0) {
528 else if (strncmp(option
, "0x", 2) == 0) {
529 /* Special case.. hex specification */
530 value
= strtol(option
+ 2, NULL
, 16);
532 fatalf("Unknown SSL option '%s'", option
);
533 value
= 0; /* Keep GCC happy */
547 option
= strtok(NULL
, ":,");
554 // compliance with RFC 6176: Prohibiting Secure Sockets Layer (SSL) Version 2.0
555 op
= op
| SSL_OP_NO_SSLv2
;
560 /// \ingroup ServerProtocolSSLInternal
561 #define SSL_FLAG_NO_DEFAULT_CA (1<<0)
562 /// \ingroup ServerProtocolSSLInternal
563 #define SSL_FLAG_DELAYED_AUTH (1<<1)
564 /// \ingroup ServerProtocolSSLInternal
565 #define SSL_FLAG_DONT_VERIFY_PEER (1<<2)
566 /// \ingroup ServerProtocolSSLInternal
567 #define SSL_FLAG_DONT_VERIFY_DOMAIN (1<<3)
568 /// \ingroup ServerProtocolSSLInternal
569 #define SSL_FLAG_NO_SESSION_REUSE (1<<4)
570 /// \ingroup ServerProtocolSSLInternal
571 #define SSL_FLAG_VERIFY_CRL (1<<5)
572 /// \ingroup ServerProtocolSSLInternal
573 #define SSL_FLAG_VERIFY_CRL_ALL (1<<6)
575 /// \ingroup ServerProtocolSSLInternal
577 Ssl::parse_flags(const char *flags
)
586 tmp
= xstrdup(flags
);
588 flag
= strtok(tmp
, ":,");
591 if (strcmp(flag
, "NO_DEFAULT_CA") == 0)
592 fl
|= SSL_FLAG_NO_DEFAULT_CA
;
593 else if (strcmp(flag
, "DELAYED_AUTH") == 0)
594 fl
|= SSL_FLAG_DELAYED_AUTH
;
595 else if (strcmp(flag
, "DONT_VERIFY_PEER") == 0)
596 fl
|= SSL_FLAG_DONT_VERIFY_PEER
;
597 else if (strcmp(flag
, "DONT_VERIFY_DOMAIN") == 0)
598 fl
|= SSL_FLAG_DONT_VERIFY_DOMAIN
;
599 else if (strcmp(flag
, "NO_SESSION_REUSE") == 0)
600 fl
|= SSL_FLAG_NO_SESSION_REUSE
;
602 #if X509_V_FLAG_CRL_CHECK
604 else if (strcmp(flag
, "VERIFY_CRL") == 0)
605 fl
|= SSL_FLAG_VERIFY_CRL
;
606 else if (strcmp(flag
, "VERIFY_CRL_ALL") == 0)
607 fl
|= SSL_FLAG_VERIFY_CRL_ALL
;
612 fatalf("Unknown ssl flag '%s'", flag
);
614 flag
= strtok(NULL
, ":,");
621 // "dup" function for SSL_get_ex_new_index("cert_err_check")
623 ssl_dupAclChecklist(CRYPTO_EX_DATA
*, CRYPTO_EX_DATA
*, void *,
626 // We do not support duplication of ACLCheckLists.
627 // If duplication is needed, we can count copies with cbdata.
632 // "free" function for SSL_get_ex_new_index("cert_err_check")
634 ssl_freeAclChecklist(void *, void *ptr
, CRYPTO_EX_DATA
*,
637 delete static_cast<ACLChecklist
*>(ptr
); // may be NULL
640 // "free" function for SSL_get_ex_new_index("ssl_error_detail")
642 ssl_free_ErrorDetail(void *, void *ptr
, CRYPTO_EX_DATA
*,
645 Ssl::ErrorDetail
*errDetail
= static_cast <Ssl::ErrorDetail
*>(ptr
);
650 ssl_free_SslErrors(void *, void *ptr
, CRYPTO_EX_DATA
*,
653 Ssl::CertErrors
*errs
= static_cast <Ssl::CertErrors
*>(ptr
);
657 // "free" function for SSL_get_ex_new_index("ssl_ex_index_ssl_validation_counter")
659 ssl_free_int(void *, void *ptr
, CRYPTO_EX_DATA
*,
662 uint32_t *counter
= static_cast <uint32_t *>(ptr
);
666 /// \ingroup ServerProtocolSSLInternal
667 /// Callback handler function to release STACK_OF(X509) "ex" data stored
668 /// in an SSL object.
670 ssl_free_CertChain(void *, void *ptr
, CRYPTO_EX_DATA
*,
673 STACK_OF(X509
) *certsChain
= static_cast <STACK_OF(X509
) *>(ptr
);
674 sk_X509_pop_free(certsChain
,X509_free
);
677 // "free" function for X509 certificates
679 ssl_free_X509(void *, void *ptr
, CRYPTO_EX_DATA
*,
682 X509
*cert
= static_cast <X509
*>(ptr
);
686 /// \ingroup ServerProtocolSSLInternal
690 static bool initialized
= false;
695 SSL_load_error_strings();
696 SSLeay_add_ssl_algorithms();
698 #if HAVE_OPENSSL_ENGINE_H
699 if (Config
.SSL
.ssl_engine
) {
701 if (!(e
= ENGINE_by_id(Config
.SSL
.ssl_engine
)))
702 fatalf("Unable to find SSL engine '%s'\n", Config
.SSL
.ssl_engine
);
704 if (!ENGINE_set_default(e
, ENGINE_METHOD_ALL
)) {
705 int ssl_error
= ERR_get_error();
706 fatalf("Failed to initialise SSL engine: %s\n", ERR_error_string(ssl_error
, NULL
));
710 if (Config
.SSL
.ssl_engine
)
711 fatalf("Your OpenSSL has no SSL engine support\n");
714 const char *defName
= Config
.SSL
.certSignHash
? Config
.SSL
.certSignHash
: SQUID_SSL_SIGN_HASH_IF_NONE
;
715 Ssl::DefaultSignHash
= EVP_get_digestbyname(defName
);
716 if (!Ssl::DefaultSignHash
)
717 fatalf("Sign hash '%s' is not supported\n", defName
);
719 ssl_ex_index_server
= SSL_get_ex_new_index(0, (void *) "server", NULL
, NULL
, NULL
);
720 ssl_ctx_ex_index_dont_verify_domain
= SSL_CTX_get_ex_new_index(0, (void *) "dont_verify_domain", NULL
, NULL
, NULL
);
721 ssl_ex_index_cert_error_check
= SSL_get_ex_new_index(0, (void *) "cert_error_check", NULL
, &ssl_dupAclChecklist
, &ssl_freeAclChecklist
);
722 ssl_ex_index_ssl_error_detail
= SSL_get_ex_new_index(0, (void *) "ssl_error_detail", NULL
, NULL
, &ssl_free_ErrorDetail
);
723 ssl_ex_index_ssl_peeked_cert
= SSL_get_ex_new_index(0, (void *) "ssl_peeked_cert", NULL
, NULL
, &ssl_free_X509
);
724 ssl_ex_index_ssl_errors
= SSL_get_ex_new_index(0, (void *) "ssl_errors", NULL
, NULL
, &ssl_free_SslErrors
);
725 ssl_ex_index_ssl_cert_chain
= SSL_get_ex_new_index(0, (void *) "ssl_cert_chain", NULL
, NULL
, &ssl_free_CertChain
);
726 ssl_ex_index_ssl_validation_counter
= SSL_get_ex_new_index(0, (void *) "ssl_validation_counter", NULL
, NULL
, &ssl_free_int
);
729 /// \ingroup ServerProtocolSSLInternal
731 ssl_load_crl(SSL_CTX
*sslContext
, const char *CRLfile
)
733 X509_STORE
*st
= SSL_CTX_get_cert_store(sslContext
);
735 BIO
*in
= BIO_new_file(CRLfile
, "r");
739 debugs(83, 2, "WARNING: Failed to open CRL file '" << CRLfile
<< "'");
743 while ((crl
= PEM_read_bio_X509_CRL(in
,NULL
,NULL
,NULL
))) {
744 if (!X509_STORE_add_crl(st
, crl
))
745 debugs(83, 2, "WARNING: Failed to add CRL from file '" << CRLfile
<< "'");
757 Ssl::loadCrl(const char *CRLFile
, long &flags
)
760 BIO
*in
= BIO_new_file(CRLFile
, "r");
762 debugs(83, 2, "WARNING: Failed to open CRL file '" << CRLFile
<< "'");
766 STACK_OF(X509_CRL
) *CRLs
= sk_X509_CRL_new_null();
768 debugs(83, 2, "WARNING: Failed to allocate X509_CRL stack to load file '" << CRLFile
<< "'");
773 while ((crl
= PEM_read_bio_X509_CRL(in
,NULL
,NULL
,NULL
))) {
774 if (!sk_X509_CRL_push(CRLs
, crl
))
775 debugs(83, 2, "WARNING: Failed to add CRL from file '" << CRLFile
<< "'");
782 flags
|= SSL_FLAG_VERIFY_CRL
;
788 Ssl::readDHParams(const char *dhfile
)
790 FILE *in
= fopen(dhfile
, "r");
795 dh
= PEM_read_DHparams(in
, NULL
, NULL
, NULL
);
800 debugs(83, DBG_IMPORTANT
, "WARNING: Failed to read DH parameters '" << dhfile
<< "'");
801 else if (dh
&& DH_check(dh
, &codes
) == 0) {
803 debugs(83, DBG_IMPORTANT
, "WARNING: Failed to verify DH parameters '" << dhfile
<< "' (" << std::hex
<< codes
<< ")");
812 configureSslContext(SSL_CTX
*sslContext
, AnyP::PortCfg
&port
)
815 SSL_CTX_set_options(sslContext
, port
.sslOptions
);
817 if (port
.sslContextSessionId
)
818 SSL_CTX_set_session_id_context(sslContext
, (const unsigned char *)port
.sslContextSessionId
, strlen(port
.sslContextSessionId
));
820 if (port
.sslContextFlags
& SSL_FLAG_NO_SESSION_REUSE
) {
821 SSL_CTX_set_session_cache_mode(sslContext
, SSL_SESS_CACHE_OFF
);
824 if (Config
.SSL
.unclean_shutdown
) {
825 debugs(83, 5, "Enabling quiet SSL shutdowns (RFC violation).");
827 SSL_CTX_set_quiet_shutdown(sslContext
, 1);
831 debugs(83, 5, "Using chiper suite " << port
.cipher
<< ".");
833 if (!SSL_CTX_set_cipher_list(sslContext
, port
.cipher
)) {
834 ssl_error
= ERR_get_error();
835 debugs(83, DBG_CRITICAL
, "ERROR: Failed to set SSL cipher suite '" << port
.cipher
<< "': " << ERR_error_string(ssl_error
, NULL
));
840 debugs(83, 9, "Setting RSA key generation callback.");
841 SSL_CTX_set_tmp_rsa_callback(sslContext
, ssl_temp_rsa_cb
);
843 debugs(83, 9, "Setting CA certificate locations.");
845 const char *cafile
= port
.cafile
? port
.cafile
: port
.clientca
;
846 if ((cafile
|| port
.capath
) && !SSL_CTX_load_verify_locations(sslContext
, cafile
, port
.capath
)) {
847 ssl_error
= ERR_get_error();
848 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error
, NULL
));
851 if (!(port
.sslContextFlags
& SSL_FLAG_NO_DEFAULT_CA
) &&
852 !SSL_CTX_set_default_verify_paths(sslContext
)) {
853 ssl_error
= ERR_get_error();
854 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting default CA certificate location: " << ERR_error_string(ssl_error
, NULL
));
857 if (port
.clientCA
.get()) {
859 SSL_CTX_set_client_CA_list(sslContext
, port
.clientCA
.get());
861 if (port
.sslContextFlags
& SSL_FLAG_DELAYED_AUTH
) {
862 debugs(83, 9, "Not requesting client certificates until acl processing requires one");
863 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
865 debugs(83, 9, "Requiring client certificates.");
866 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
, ssl_verify_cb
);
869 if (port
.clientVerifyCrls
.get()) {
870 X509_STORE
*st
= SSL_CTX_get_cert_store(sslContext
);
871 for (int i
= 0; i
< sk_X509_CRL_num(port
.clientVerifyCrls
.get()); ++i
) {
872 X509_CRL
*crl
= sk_X509_CRL_value(port
.clientVerifyCrls
.get(), i
);
873 if (!X509_STORE_add_crl(st
, crl
))
874 debugs(83, 2, "WARNING: Failed to add CRL");
878 #if X509_V_FLAG_CRL_CHECK
879 if (port
.sslContextFlags
& SSL_FLAG_VERIFY_CRL_ALL
)
880 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
|X509_V_FLAG_CRL_CHECK_ALL
);
881 else if (port
.sslContextFlags
& SSL_FLAG_VERIFY_CRL
)
882 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
);
886 debugs(83, 9, "Not requiring any client certificates");
887 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
890 if (port
.dhParams
.get()) {
891 SSL_CTX_set_tmp_dh(sslContext
, port
.dhParams
.get());
894 if (port
.sslContextFlags
& SSL_FLAG_DONT_VERIFY_DOMAIN
)
895 SSL_CTX_set_ex_data(sslContext
, ssl_ctx_ex_index_dont_verify_domain
, (void *) -1);
897 setSessionCallbacks(sslContext
);
903 sslCreateServerContext(AnyP::PortCfg
&port
)
907 const char *keyfile
, *certfile
;
908 certfile
= port
.cert
;
919 sslContext
= SSL_CTX_new(port
.contextMethod
);
921 if (sslContext
== NULL
) {
922 ssl_error
= ERR_get_error();
923 debugs(83, DBG_CRITICAL
, "ERROR: Failed to allocate SSL context: " << ERR_error_string(ssl_error
, NULL
));
927 if (!SSL_CTX_use_certificate(sslContext
, port
.signingCert
.get())) {
928 ssl_error
= ERR_get_error();
929 debugs(83, DBG_CRITICAL
, "ERROR: Failed to acquire SSL certificate '" << certfile
<< "': " << ERR_error_string(ssl_error
, NULL
));
930 SSL_CTX_free(sslContext
);
934 if (!SSL_CTX_use_PrivateKey(sslContext
, port
.signPkey
.get())) {
935 ssl_error
= ERR_get_error();
936 debugs(83, DBG_CRITICAL
, "ERROR: Failed to acquire SSL private key '" << keyfile
<< "': " << ERR_error_string(ssl_error
, NULL
));
937 SSL_CTX_free(sslContext
);
941 Ssl::addChainToSslContext(sslContext
, port
.certsToChain
.get());
944 debugs(83, DBG_IMPORTANT, "Using certificate in " << certfile);
946 if (!SSL_CTX_use_certificate_chain_file(sslContext, certfile)) {
947 ssl_error = ERR_get_error();
948 debugs(83, DBG_CRITICAL, "ERROR: Failed to acquire SSL certificate '" << certfile << "': " << ERR_error_string(ssl_error, NULL));
949 SSL_CTX_free(sslContext);
953 debugs(83, DBG_IMPORTANT, "Using private key in " << keyfile);
954 ssl_ask_password(sslContext, keyfile);
956 if (!SSL_CTX_use_PrivateKey_file(sslContext, keyfile, SSL_FILETYPE_PEM)) {
957 ssl_error = ERR_get_error();
958 debugs(83, DBG_CRITICAL, "ERROR: Failed to acquire SSL private key '" << keyfile << "': " << ERR_error_string(ssl_error, NULL));
959 SSL_CTX_free(sslContext);
963 debugs(83, 5, "Comparing private and public SSL keys.");
965 if (!SSL_CTX_check_private_key(sslContext)) {
966 ssl_error = ERR_get_error();
967 debugs(83, DBG_CRITICAL, "ERROR: SSL private key '" << certfile << "' does not match public key '" <<
968 keyfile << "': " << ERR_error_string(ssl_error, NULL));
969 SSL_CTX_free(sslContext);
974 if (!configureSslContext(sslContext
, port
)) {
975 debugs(83, DBG_CRITICAL
, "ERROR: Configuring static SSL context");
976 SSL_CTX_free(sslContext
);
983 int Ssl::OpenSSLtoSquidSSLVersion(int sslVersion
)
985 if (sslVersion
== SSL2_VERSION
)
987 else if (sslVersion
== SSL3_VERSION
)
989 else if (sslVersion
== TLS1_VERSION
)
991 #if OPENSSL_VERSION_NUMBER >= 0x10001000L
992 else if (sslVersion
== TLS1_1_VERSION
)
994 else if (sslVersion
== TLS1_2_VERSION
)
1001 #if OPENSSL_VERSION_NUMBER < 0x00909000L
1006 Ssl::method(int version
)
1011 debugs(83, DBG_IMPORTANT
, "SSLv2 is not available in this Proxy.");
1016 debugs(83, 5, "Using SSLv3.");
1017 return SSLv3_client_method();
1021 debugs(83, 5, "Using TLSv1.");
1022 return TLSv1_client_method();
1026 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1027 debugs(83, 5, "Using TLSv1.1.");
1028 return TLSv1_1_client_method();
1030 debugs(83, DBG_IMPORTANT
, "TLSv1.1 is not available in this Proxy.");
1036 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1037 debugs(83, 5, "Using TLSv1.2");
1038 return TLSv1_2_client_method();
1040 debugs(83, DBG_IMPORTANT
, "TLSv1.2 is not available in this Proxy.");
1048 debugs(83, 5, "Using SSLv2/SSLv3.");
1049 return SSLv23_client_method();
1058 Ssl::serverMethod(int version
)
1063 debugs(83, DBG_IMPORTANT
, "SSLv2 is not available in this Proxy.");
1068 debugs(83, 5, "Using SSLv3.");
1069 return SSLv3_server_method();
1073 debugs(83, 5, "Using TLSv1.");
1074 return TLSv1_server_method();
1078 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1079 debugs(83, 5, "Using TLSv1.1.");
1080 return TLSv1_1_server_method();
1082 debugs(83, DBG_IMPORTANT
, "TLSv1.1 is not available in this Proxy.");
1088 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1089 debugs(83, 5, "Using TLSv1.2");
1090 return TLSv1_2_server_method();
1092 debugs(83, DBG_IMPORTANT
, "TLSv1.2 is not available in this Proxy.");
1100 debugs(83, 5, "Using SSLv2/SSLv3.");
1101 return SSLv23_server_method();
1110 sslCreateClientContext(const char *certfile
, const char *keyfile
, int version
, const char *cipher
, const char *options
, const char *flags
, const char *CAfile
, const char *CApath
, const char *CRLfile
)
1113 Ssl::ContextMethod method
;
1114 SSL_CTX
* sslContext
;
1115 long fl
= Ssl::parse_flags(flags
);
1119 if (!(method
= Ssl::method(version
)))
1122 sslContext
= SSL_CTX_new(method
);
1124 if (sslContext
== NULL
) {
1125 ssl_error
= ERR_get_error();
1126 fatalf("Failed to allocate SSL context: %s\n",
1127 ERR_error_string(ssl_error
, NULL
));
1130 SSL_CTX_set_options(sslContext
, Ssl::parse_options(options
));
1133 debugs(83, 5, "Using chiper suite " << cipher
<< ".");
1135 if (!SSL_CTX_set_cipher_list(sslContext
, cipher
)) {
1136 ssl_error
= ERR_get_error();
1137 fatalf("Failed to set SSL cipher suite '%s': %s\n",
1138 cipher
, ERR_error_string(ssl_error
, NULL
));
1143 debugs(83, DBG_IMPORTANT
, "Using certificate in " << certfile
);
1145 if (!SSL_CTX_use_certificate_chain_file(sslContext
, certfile
)) {
1146 ssl_error
= ERR_get_error();
1147 fatalf("Failed to acquire SSL certificate '%s': %s\n",
1148 certfile
, ERR_error_string(ssl_error
, NULL
));
1151 debugs(83, DBG_IMPORTANT
, "Using private key in " << keyfile
);
1152 ssl_ask_password(sslContext
, keyfile
);
1154 if (!SSL_CTX_use_PrivateKey_file(sslContext
, keyfile
, SSL_FILETYPE_PEM
)) {
1155 ssl_error
= ERR_get_error();
1156 fatalf("Failed to acquire SSL private key '%s': %s\n",
1157 keyfile
, ERR_error_string(ssl_error
, NULL
));
1160 debugs(83, 5, "Comparing private and public SSL keys.");
1162 if (!SSL_CTX_check_private_key(sslContext
)) {
1163 ssl_error
= ERR_get_error();
1164 fatalf("SSL private key '%s' does not match public key '%s': %s\n",
1165 certfile
, keyfile
, ERR_error_string(ssl_error
, NULL
));
1169 debugs(83, 9, "Setting RSA key generation callback.");
1170 SSL_CTX_set_tmp_rsa_callback(sslContext
, ssl_temp_rsa_cb
);
1172 if (fl
& SSL_FLAG_DONT_VERIFY_PEER
) {
1173 debugs(83, 2, "NOTICE: Peer certificates are not verified for validity!");
1174 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_NONE
, NULL
);
1176 debugs(83, 9, "Setting certificate verification callback.");
1177 SSL_CTX_set_verify(sslContext
, SSL_VERIFY_PEER
| SSL_VERIFY_FAIL_IF_NO_PEER_CERT
, ssl_verify_cb
);
1180 debugs(83, 9, "Setting CA certificate locations.");
1182 if ((*CAfile
|| *CApath
) && !SSL_CTX_load_verify_locations(sslContext
, CAfile
, CApath
)) {
1183 ssl_error
= ERR_get_error();
1184 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting CA certificate locations: " << ERR_error_string(ssl_error
, NULL
));
1188 ssl_load_crl(sslContext
, CRLfile
);
1189 fl
|= SSL_FLAG_VERIFY_CRL
;
1192 #if X509_V_FLAG_CRL_CHECK
1193 if (fl
& SSL_FLAG_VERIFY_CRL_ALL
)
1194 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
|X509_V_FLAG_CRL_CHECK_ALL
);
1195 else if (fl
& SSL_FLAG_VERIFY_CRL
)
1196 X509_STORE_set_flags(SSL_CTX_get_cert_store(sslContext
), X509_V_FLAG_CRL_CHECK
);
1200 if (!(fl
& SSL_FLAG_NO_DEFAULT_CA
) &&
1201 !SSL_CTX_set_default_verify_paths(sslContext
)) {
1202 ssl_error
= ERR_get_error();
1203 debugs(83, DBG_IMPORTANT
, "WARNING: Ignoring error setting default CA certificate location: " << ERR_error_string(ssl_error
, NULL
));
1209 /// \ingroup ServerProtocolSSLInternal
1211 ssl_read_method(int fd
, char *buf
, int len
)
1213 SSL
*ssl
= fd_table
[fd
].ssl
;
1218 if (!SSL_is_init_finished(ssl
)) {
1225 i
= SSL_read(ssl
, buf
, len
);
1227 if (i
> 0 && SSL_pending(ssl
) > 0) {
1228 debugs(83, 2, "SSL FD " << fd
<< " is pending");
1229 fd_table
[fd
].flags
.read_pending
= true;
1231 fd_table
[fd
].flags
.read_pending
= false;
1236 /// \ingroup ServerProtocolSSLInternal
1238 ssl_write_method(int fd
, const char *buf
, int len
)
1240 SSL
*ssl
= fd_table
[fd
].ssl
;
1243 if (!SSL_is_init_finished(ssl
)) {
1248 i
= SSL_write(ssl
, buf
, len
);
1254 ssl_shutdown_method(SSL
*ssl
)
1259 /// \ingroup ServerProtocolSSLInternal
1261 ssl_get_attribute(X509_NAME
* name
, const char *attribute_name
)
1263 static char buffer
[1024];
1268 if (strcmp(attribute_name
, "DN") == 0) {
1269 X509_NAME_oneline(name
, buffer
, sizeof(buffer
));
1273 nid
= OBJ_txt2nid((char *) attribute_name
);
1276 debugs(83, DBG_IMPORTANT
, "WARNING: Unknown SSL attribute name '" << attribute_name
<< "'");
1280 X509_NAME_get_text_by_NID(name
, nid
, buffer
, sizeof(buffer
));
1283 return *buffer
? buffer
: NULL
;
1286 /// \ingroup ServerProtocolSSLInternal
1288 Ssl::GetX509UserAttribute(X509
* cert
, const char *attribute_name
)
1296 name
= X509_get_subject_name(cert
);
1298 ret
= ssl_get_attribute(name
, attribute_name
);
1304 Ssl::GetX509Fingerprint(X509
* cert
, const char *)
1306 static char buf
[1024];
1311 unsigned char md
[EVP_MAX_MD_SIZE
];
1312 if (!X509_digest(cert
, EVP_sha1(), md
, &n
))
1315 assert(3 * n
+ 1 < sizeof(buf
));
1318 for (unsigned int i
=0; i
< n
; ++i
, s
+= 3) {
1319 const char term
= (i
+ 1 < n
) ? ':' : '\0';
1320 snprintf(s
, 4, "%02X%c", md
[i
], term
);
1326 /// \ingroup ServerProtocolSSLInternal
1328 Ssl::GetX509CAAttribute(X509
* cert
, const char *attribute_name
)
1337 name
= X509_get_issuer_name(cert
);
1339 ret
= ssl_get_attribute(name
, attribute_name
);
1344 const char *sslGetUserAttribute(SSL
*ssl
, const char *attribute_name
)
1349 X509
*cert
= SSL_get_peer_certificate(ssl
);
1351 const char *attr
= Ssl::GetX509UserAttribute(cert
, attribute_name
);
1357 const char *sslGetCAAttribute(SSL
*ssl
, const char *attribute_name
)
1362 X509
*cert
= SSL_get_peer_certificate(ssl
);
1364 const char *attr
= Ssl::GetX509CAAttribute(cert
, attribute_name
);
1371 sslGetUserEmail(SSL
* ssl
)
1373 return sslGetUserAttribute(ssl
, "emailAddress");
1377 sslGetUserCertificatePEM(SSL
*ssl
)
1381 static char *str
= NULL
;
1390 cert
= SSL_get_peer_certificate(ssl
);
1395 mem
= BIO_new(BIO_s_mem());
1397 PEM_write_bio_X509(mem
, cert
);
1399 len
= BIO_get_mem_data(mem
, &ptr
);
1401 str
= (char *)xmalloc(len
+ 1);
1403 memcpy(str
, ptr
, len
);
1415 sslGetUserCertificateChainPEM(SSL
*ssl
)
1417 STACK_OF(X509
) *chain
;
1419 static char *str
= NULL
;
1429 chain
= SSL_get_peer_cert_chain(ssl
);
1432 return sslGetUserCertificatePEM(ssl
);
1434 mem
= BIO_new(BIO_s_mem());
1436 for (i
= 0; i
< sk_X509_num(chain
); ++i
) {
1437 X509
*cert
= sk_X509_value(chain
, i
);
1438 PEM_write_bio_X509(mem
, cert
);
1441 len
= BIO_get_mem_data(mem
, &ptr
);
1443 str
= (char *)xmalloc(len
+ 1);
1444 memcpy(str
, ptr
, len
);
1453 Ssl::contextMethod(int version
)
1455 Ssl::ContextMethod method
;
1460 debugs(83, DBG_IMPORTANT
, "SSLv2 is not available in this Proxy.");
1465 debugs(83, 5, "Using SSLv3.");
1466 method
= SSLv3_server_method();
1470 debugs(83, 5, "Using TLSv1.");
1471 method
= TLSv1_server_method();
1475 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1476 debugs(83, 5, "Using TLSv1.1.");
1477 method
= TLSv1_1_server_method();
1479 debugs(83, DBG_IMPORTANT
, "TLSv1.1 is not available in this Proxy.");
1485 #if OPENSSL_VERSION_NUMBER >= 0x10001000L // NP: not sure exactly which sub-version yet.
1486 debugs(83, 5, "Using TLSv1.2");
1487 method
= TLSv1_2_server_method();
1489 debugs(83, DBG_IMPORTANT
, "TLSv1.2 is not available in this Proxy.");
1497 debugs(83, 5, "Using SSLv2/SSLv3.");
1498 method
= SSLv23_server_method();
1504 /// \ingroup ServerProtocolSSLInternal
1505 /// Create SSL context and apply ssl certificate and private key to it.
1507 Ssl::createSSLContext(Ssl::X509_Pointer
& x509
, Ssl::EVP_PKEY_Pointer
& pkey
, AnyP::PortCfg
&port
)
1509 Ssl::SSL_CTX_Pointer
sslContext(SSL_CTX_new(port
.contextMethod
));
1511 if (!SSL_CTX_use_certificate(sslContext
.get(), x509
.get()))
1514 if (!SSL_CTX_use_PrivateKey(sslContext
.get(), pkey
.get()))
1517 if (!configureSslContext(sslContext
.get(), port
))
1520 return sslContext
.release();
1524 Ssl::generateSslContextUsingPkeyAndCertFromMemory(const char * data
, AnyP::PortCfg
&port
)
1526 Ssl::X509_Pointer cert
;
1527 Ssl::EVP_PKEY_Pointer pkey
;
1528 if (!readCertAndPrivateKeyFromMemory(cert
, pkey
, data
))
1534 return createSSLContext(cert
, pkey
, port
);
1538 Ssl::generateSslContext(CertificateProperties
const &properties
, AnyP::PortCfg
&port
)
1540 Ssl::X509_Pointer cert
;
1541 Ssl::EVP_PKEY_Pointer pkey
;
1542 if (!generateSslCertificate(cert
, pkey
, properties
))
1551 return createSSLContext(cert
, pkey
, port
);
1555 Ssl::configureSSL(SSL
*ssl
, CertificateProperties
const &properties
, AnyP::PortCfg
&port
)
1557 Ssl::X509_Pointer cert
;
1558 Ssl::EVP_PKEY_Pointer pkey
;
1559 if (!generateSslCertificate(cert
, pkey
, properties
))
1568 if (!SSL_use_certificate(ssl
, cert
.get()))
1571 if (!SSL_use_PrivateKey(ssl
, pkey
.get()))
1578 Ssl::configureSSLUsingPkeyAndCertFromMemory(SSL
*ssl
, const char *data
, AnyP::PortCfg
&port
)
1580 Ssl::X509_Pointer cert
;
1581 Ssl::EVP_PKEY_Pointer pkey
;
1582 if (!readCertAndPrivateKeyFromMemory(cert
, pkey
, data
))
1588 if (!SSL_use_certificate(ssl
, cert
.get()))
1591 if (!SSL_use_PrivateKey(ssl
, pkey
.get()))
1597 bool Ssl::verifySslCertificate(SSL_CTX
* sslContext
, CertificateProperties
const &properties
)
1599 // SSL_get_certificate is buggy in openssl versions 1.0.1d and 1.0.1e
1600 // Try to retrieve certificate directly from SSL_CTX object
1601 #if SQUID_USE_SSLGETCERTIFICATE_HACK
1602 X509
***pCert
= (X509
***)sslContext
->cert
;
1603 X509
* cert
= pCert
&& *pCert
? **pCert
: NULL
;
1604 #elif SQUID_SSLGETCERTIFICATE_BUGGY
1608 // Temporary ssl for getting X509 certificate from SSL_CTX.
1609 Ssl::SSL_Pointer
ssl(SSL_new(sslContext
));
1610 X509
* cert
= SSL_get_certificate(ssl
.get());
1614 ASN1_TIME
* time_notBefore
= X509_get_notBefore(cert
);
1615 ASN1_TIME
* time_notAfter
= X509_get_notAfter(cert
);
1616 bool ret
= (X509_cmp_current_time(time_notBefore
) < 0 && X509_cmp_current_time(time_notAfter
) > 0);
1620 return certificateMatchesProperties(cert
, properties
);
1624 Ssl::setClientSNI(SSL
*ssl
, const char *fqdn
)
1626 //The SSL_CTRL_SET_TLSEXT_HOSTNAME is a openssl macro which indicates
1627 // if the TLS servername extension (SNI) is enabled in openssl library.
1628 #if defined(SSL_CTRL_SET_TLSEXT_HOSTNAME)
1629 if (!SSL_set_tlsext_host_name(ssl
, fqdn
)) {
1630 const int ssl_error
= ERR_get_error();
1631 debugs(83, 3, "WARNING: unable to set TLS servername extension (SNI): " <<
1632 ERR_error_string(ssl_error
, NULL
) << "\n");
1637 debugs(83, 7, "no support for TLS servername extension (SNI)\n");
1642 void Ssl::addChainToSslContext(SSL_CTX
*sslContext
, STACK_OF(X509
) *chain
)
1647 for (int i
= 0; i
< sk_X509_num(chain
); ++i
) {
1648 X509
*cert
= sk_X509_value(chain
, i
);
1649 if (SSL_CTX_add_extra_chain_cert(sslContext
, cert
)) {
1650 // increase the certificate lock
1651 CRYPTO_add(&(cert
->references
),1,CRYPTO_LOCK_X509
);
1653 const int ssl_error
= ERR_get_error();
1654 debugs(83, DBG_IMPORTANT
, "WARNING: can not add certificate to SSL context chain: " << ERR_error_string(ssl_error
, NULL
));
1660 \ingroup ServerProtocolSSLInternal
1661 * Read certificate from file.
1662 * See also: static readSslX509Certificate function, gadgets.cc file
1664 static X509
* readSslX509CertificatesChain(char const * certFilename
, STACK_OF(X509
)* chain
)
1668 Ssl::BIO_Pointer
bio(BIO_new(BIO_s_file_internal()));
1671 if (!BIO_read_filename(bio
.get(), certFilename
))
1673 X509
*certificate
= PEM_read_bio_X509(bio
.get(), NULL
, NULL
, NULL
);
1675 if (certificate
&& chain
) {
1677 if (X509_check_issued(certificate
, certificate
) == X509_V_OK
)
1678 debugs(83, 5, "Certificate is self-signed, will not be chained");
1680 // and add to the chain any other certificate exist in the file
1681 while (X509
*ca
= PEM_read_bio_X509(bio
.get(), NULL
, NULL
, NULL
)) {
1682 if (!sk_X509_push(chain
, ca
))
1683 debugs(83, DBG_IMPORTANT
, "WARNING: unable to add CA certificate to cert chain");
1691 void Ssl::readCertChainAndPrivateKeyFromFiles(X509_Pointer
& cert
, EVP_PKEY_Pointer
& pkey
, X509_STACK_Pointer
& chain
, char const * certFilename
, char const * keyFilename
)
1693 if (keyFilename
== NULL
)
1694 keyFilename
= certFilename
;
1696 if (certFilename
== NULL
)
1697 certFilename
= keyFilename
;
1699 debugs(83, DBG_IMPORTANT
, "Using certificate in " << certFilename
);
1702 chain
.reset(sk_X509_new_null());
1704 debugs(83, DBG_IMPORTANT
, "WARNING: unable to allocate memory for cert chain");
1705 // XXX: ssl_ask_password_cb needs SSL_CTX_set_default_passwd_cb_userdata()
1706 // so this may not fully work iff Config.Program.ssl_password is set.
1707 pem_password_cb
*cb
= ::Config
.Program
.ssl_password
? &ssl_ask_password_cb
: NULL
;
1708 pkey
.reset(readSslPrivateKey(keyFilename
, cb
));
1709 cert
.reset(readSslX509CertificatesChain(certFilename
, chain
.get()));
1710 if (!pkey
|| !cert
|| !X509_check_private_key(cert
.get(), pkey
.get())) {
1716 bool Ssl::generateUntrustedCert(X509_Pointer
&untrustedCert
, EVP_PKEY_Pointer
&untrustedPkey
, X509_Pointer
const &cert
, EVP_PKEY_Pointer
const & pkey
)
1718 // Generate the self-signed certificate, using a hard-coded subject prefix
1719 Ssl::CertificateProperties certProperties
;
1720 if (const char *cn
= CommonHostName(cert
.get())) {
1721 certProperties
.commonName
= "Not trusted by \"";
1722 certProperties
.commonName
+= cn
;
1723 certProperties
.commonName
+= "\"";
1724 } else if (const char *org
= getOrganization(cert
.get())) {
1725 certProperties
.commonName
= "Not trusted by \"";
1726 certProperties
.commonName
+= org
;
1727 certProperties
.commonName
+= "\"";
1729 certProperties
.commonName
= "Not trusted";
1730 certProperties
.setCommonName
= true;
1731 // O, OU, and other CA subject fields will be mimicked
1732 // Expiration date and other common properties will be mimicked
1733 certProperties
.signAlgorithm
= Ssl::algSignSelf
;
1734 certProperties
.signWithPkey
.resetAndLock(pkey
.get());
1735 certProperties
.mimicCert
.resetAndLock(cert
.get());
1736 return Ssl::generateSslCertificate(untrustedCert
, untrustedPkey
, certProperties
);
1740 SslCreate(SSL_CTX
*sslContext
, const int fd
, Ssl::Bio::Type type
, const char *squidCtx
)
1742 const char *errAction
= NULL
;
1744 if (SSL
*ssl
= SSL_new(sslContext
)) {
1745 // without BIO, we would call SSL_set_fd(ssl, fd) instead
1746 if (BIO
*bio
= Ssl::Bio::Create(fd
, type
)) {
1747 Ssl::Bio::Link(ssl
, bio
); // cannot fail
1749 fd_table
[fd
].ssl
= ssl
;
1750 fd_table
[fd
].read_method
= &ssl_read_method
;
1751 fd_table
[fd
].write_method
= &ssl_write_method
;
1752 fd_note(fd
, squidCtx
);
1756 errCode
= ERR_get_error();
1757 errAction
= "failed to initialize I/O";
1760 errCode
= ERR_get_error();
1761 errAction
= "failed to allocate handle";
1764 debugs(83, DBG_IMPORTANT
, "ERROR: " << squidCtx
<< ' ' << errAction
<<
1765 ": " << ERR_error_string(errCode
, NULL
));
1770 Ssl::CreateClient(SSL_CTX
*sslContext
, const int fd
, const char *squidCtx
)
1772 return SslCreate(sslContext
, fd
, Ssl::Bio::BIO_TO_SERVER
, squidCtx
);
1776 Ssl::CreateServer(SSL_CTX
*sslContext
, const int fd
, const char *squidCtx
)
1778 return SslCreate(sslContext
, fd
, Ssl::Bio::BIO_TO_CLIENT
, squidCtx
);
1781 Ssl::CertError::CertError(ssl_error_t anErr
, X509
*aCert
): code(anErr
)
1783 cert
.resetAndLock(aCert
);
1786 Ssl::CertError::CertError(CertError
const &err
): code(err
.code
)
1788 cert
.resetAndLock(err
.cert
.get());
1792 Ssl::CertError::operator = (const CertError
&old
)
1795 cert
.resetAndLock(old
.cert
.get());
1800 Ssl::CertError::operator == (const CertError
&ce
) const
1802 return code
== ce
.code
&& cert
.get() == ce
.cert
.get();
1806 Ssl::CertError::operator != (const CertError
&ce
) const
1808 return code
!= ce
.code
|| cert
.get() != ce
.cert
.get();
1812 store_session_cb(SSL
*ssl
, SSL_SESSION
*session
)
1814 if (!SslSessionCache
)
1817 debugs(83, 5, "Request to store SSL Session ");
1819 SSL_SESSION_set_timeout(session
, Config
.SSL
.session_ttl
);
1821 unsigned char *id
= session
->session_id
;
1822 unsigned int idlen
= session
->session_id_length
;
1823 unsigned char key
[MEMMAP_SLOT_KEY_SIZE
];
1824 // Session ids are of size 32bytes. They should always fit to a
1825 // MemMap::Slot::key
1826 assert(idlen
<= MEMMAP_SLOT_KEY_SIZE
);
1827 memset(key
, 0, sizeof(key
));
1828 memcpy(key
, id
, idlen
);
1830 Ipc::MemMap::Slot
*slotW
= SslSessionCache
->openForWriting((const cache_key
*)key
, pos
);
1832 int lenRequired
= i2d_SSL_SESSION(session
, NULL
);
1833 if (lenRequired
< MEMMAP_SLOT_DATA_SIZE
) {
1834 unsigned char *p
= (unsigned char *)slotW
->p
;
1835 lenRequired
= i2d_SSL_SESSION(session
, &p
);
1836 slotW
->set(key
, NULL
, lenRequired
, squid_curtime
+ Config
.SSL
.session_ttl
);
1838 SslSessionCache
->closeForWriting(pos
);
1839 debugs(83, 5, "wrote an ssl session entry of size " << lenRequired
<< " at pos " << pos
);
1845 remove_session_cb(SSL_CTX
*, SSL_SESSION
*sessionID
)
1847 if (!SslSessionCache
)
1850 debugs(83, 5, "Request to remove corrupted or not valid SSL Session ");
1852 Ipc::MemMap::Slot
const *slot
= SslSessionCache
->openForReading((const cache_key
*)sessionID
, pos
);
1855 SslSessionCache
->closeForReading(pos
);
1857 // What if we are not able to remove the session?
1858 // Maybe schedule a job to remove it later?
1859 // For now we just have an invalid entry in cache until will be expired
1860 // The openSSL will reject it when we try to use it
1861 SslSessionCache
->free(pos
);
1864 static SSL_SESSION
*
1865 get_session_cb(SSL
*, unsigned char *sessionID
, int len
, int *copy
)
1867 if (!SslSessionCache
)
1870 SSL_SESSION
*session
= NULL
;
1871 const unsigned int *p
;
1872 p
= (unsigned int *)sessionID
;
1873 debugs(83, 5, "Request to search for SSL Session of len:" <<
1874 len
<< p
[0] << ":" << p
[1]);
1877 Ipc::MemMap::Slot
const *slot
= SslSessionCache
->openForReading((const cache_key
*)sessionID
, pos
);
1879 if (slot
->expire
> squid_curtime
) {
1880 const unsigned char *ptr
= slot
->p
;
1881 session
= d2i_SSL_SESSION(NULL
, &ptr
, slot
->pSize
);
1882 debugs(83, 5, "Session retrieved from cache at pos " << pos
);
1884 debugs(83, 5, "Session in cache expired");
1885 SslSessionCache
->closeForReading(pos
);
1889 debugs(83, 5, "Failed to retrieved from cache\n");
1891 // With the parameter copy the callback can require the SSL engine
1892 // to increment the reference count of the SSL_SESSION object, Normally
1893 // the reference count is not incremented and therefore the session must
1894 // not be explicitly freed with SSL_SESSION_free(3).
1900 setSessionCallbacks(SSL_CTX
*ctx
)
1902 if (SslSessionCache
) {
1903 SSL_CTX_set_session_cache_mode(ctx
, SSL_SESS_CACHE_SERVER
|SSL_SESS_CACHE_NO_INTERNAL
);
1904 SSL_CTX_sess_set_new_cb(ctx
, store_session_cb
);
1905 SSL_CTX_sess_set_remove_cb(ctx
, remove_session_cb
);
1906 SSL_CTX_sess_set_get_cb(ctx
, get_session_cb
);
1913 if (HttpsPortList
!= NULL
)
1916 for (AnyP::PortCfgPointer s
= HttpPortList
; s
!= NULL
; s
= s
->next
) {
1917 if (s
->flags
.tunnelSslBumping
)
1924 #define SSL_SESSION_ID_SIZE 32
1925 #define SSL_SESSION_MAX_SIZE 10*1024
1928 Ssl::initialize_session_cache()
1931 if (!isSslServer()) //no need to configure ssl session cache.
1934 // Check if the MemMap keys and data are enough big to hold
1935 // session ids and session data
1936 assert(SSL_SESSION_ID_SIZE
>= MEMMAP_SLOT_KEY_SIZE
);
1937 assert(SSL_SESSION_MAX_SIZE
>= MEMMAP_SLOT_DATA_SIZE
);
1939 int configuredItems
= ::Config
.SSL
.sessionCacheSize
/ sizeof(Ipc::MemMap::Slot
);
1940 if (IamWorkerProcess() && configuredItems
)
1941 SslSessionCache
= new Ipc::MemMap(SslSessionCacheName
);
1943 SslSessionCache
= NULL
;
1947 for (AnyP::PortCfgPointer s
= HttpsPortList
; s
!= NULL
; s
= s
->next
) {
1948 if (s
->staticSslContext
.get() != NULL
)
1949 setSessionCallbacks(s
->staticSslContext
.get());
1952 for (AnyP::PortCfgPointer s
= HttpPortList
; s
!= NULL
; s
= s
->next
) {
1953 if (s
->staticSslContext
.get() != NULL
)
1954 setSessionCallbacks(s
->staticSslContext
.get());
1959 destruct_session_cache()
1961 delete SslSessionCache
;
1964 /// initializes shared memory segments used by MemStore
1965 class SharedSessionCacheRr
: public Ipc::Mem::RegisteredRunner
1968 /* RegisteredRunner API */
1969 SharedSessionCacheRr(): owner(NULL
) {}
1970 virtual void useConfig();
1971 virtual ~SharedSessionCacheRr();
1974 virtual void create();
1977 Ipc::MemMap::Owner
*owner
;
1980 RunnerRegistrationEntry(SharedSessionCacheRr
);
1983 SharedSessionCacheRr::useConfig()
1985 Ipc::Mem::RegisteredRunner::useConfig();
1989 SharedSessionCacheRr::create()
1991 if (!isSslServer()) //no need to configure ssl session cache.
1995 items
= Config
.SSL
.sessionCacheSize
/ sizeof(Ipc::MemMap::Slot
);
1997 owner
= Ipc::MemMap::Init(SslSessionCacheName
, items
);
2000 SharedSessionCacheRr::~SharedSessionCacheRr()
2005 #endif /* USE_OPENSSL */